last executing test programs:

7m50.421033189s ago: executing program 4 (id=794):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
r0 = fsopen(&(0x7f0000000500)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000001c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000140), 0x200800, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1/file0'}}]}) (fail_nth: 3)

7m48.396281482s ago: executing program 4 (id=805):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000009c0)=ANY=[@ANYBLOB="120100003a982a08cd0ca310a223010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac2(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
readlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', &(0x7f0000001300)=""/4096, 0x1000)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
ptrace$setregset(0x4205, 0x0, 0x1, &(0x7f00000001c0)={0x0})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x4008054)
syz_usb_control_io$printer(r0, &(0x7f00000001c0)={0x14, &(0x7f0000000080)={0x40, 0x3, 0xec, {0xec, 0x4, "cb5222ca3769ead3dddaebdeb799c2d351888cc6401f4b9e792fbec666588de18152325c60de8ce5ae7c1e09902354a2ea750674b78f650828c923f3ab43fe11f2f9db822c5f1a1e62bcddb4b156af046e59fe986c1c1271cd481b3e3f3a12d31b21e5c46180454dba67933e9458e96f3ad621f535f189b5ba2f3a2e64ba0c9b118dda7f9eb062ad709e5489f8bebc380fd13bdee2f00ea0f83bf629c9dc582f1ca783b60da43877575a1afd49c226aab4b822cce523ce2d506342b057b7e0de6933e179e20cff0f922f1ad8204776c5710c052ed7a944e14b24cb34f017ecf76e9afb7cd77d75173981"}}, &(0x7f0000000180)={0x0, 0x3, 0x1c, @string={0x1c, 0x3, "3ea186e26370c11ec8d5bcd08a51b5b457c7d2ce92aadc264c36"}}}, &(0x7f0000000580)={0x34, &(0x7f00000002c0)={0xd01f82ed50446126, 0x6, 0x90, "3a522fd168bbf5721ec49a7f7112de32d9206a4ee18198a2bd688e36900297e157038a53dcffc17ca06406712ef36a42961521833acd6cc21b2f31f4def47bb722e21f0b68a1c1e58343ea6dc6ebde24774d245228ff1f3f5cdc3ff81a242d5343def23b66932d2a5872226b310c9c733fe4d93b29e7067bc791e6ae1ce5ca517f8fb7d71d8247328b362c768e4026de"}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0xf}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0xd}, &(0x7f0000000400)={0x20, 0x0, 0x6, {0x4, "575efe94"}}, &(0x7f0000000440)={0x20, 0x1, 0x1}, &(0x7f0000000480)={0x20, 0x0, 0x1, 0x5}})

7m45.246373109s ago: executing program 4 (id=836):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2c2e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x50, 0x0, "", [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x4, 0x0, {0x9, 0x21, 0x20, 0x0, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x8, 0xc5}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x32)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0)
r2 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0x600000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f0000000140)={0x100, r3}, 0x0)
landlock_restrict_self(r2, 0x4)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x108, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r4, 0x2)
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0/file0\x00', 0x81c0, 0x0)

7m41.262816802s ago: executing program 4 (id=855):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0xd32, 0x27f37f13a9b062bd)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000180)={0x0, 0x3, 0x6, 0x1, 0x8})
r1 = socket$kcm(0x23, 0x5, 0x0)
sendmsg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x80)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x304}, "55706e44cacc494f", "24ff0573669961d742cbfb62b94f9592", 'U~\'T', "d5c0017c6ee203ad"}, 0x28)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_BITWISE_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x20008000)
sendfile(r2, r3, 0x0, 0xffffffff004)
bind$alg(r3, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x40042, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000000)=0x8)
ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000080)=0xfffffffe)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01837700000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000078000000060a010400000000000000000100000008000b40000000000900010073797a30000000005000048020000180070001007274000014000280080001400000001508000240000000012c0001800900010068617368000000001c00028008000440fffff3e008000240000000170800074000000001"], 0x100}}, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000240)={0xf, 0x7, 0xe, 0x4}, 0x8)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x18e101a, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

7m37.575591296s ago: executing program 4 (id=867):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xff, 0x7fff0000}]})
r1 = socket$tipc(0x1e, 0x1, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x2}}, 0x10)
listen(r1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x9001}, 0x4)
r3 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_RECVERR(r3, 0x114, 0x3f, &(0x7f0000000040)=0xfffffffd, 0x4)
r4 = socket$tipc(0x1e, 0x5, 0x0)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040e06060e0808"], 0x9)
sendmsg$tipc(r4, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4050040}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

7m32.285260155s ago: executing program 4 (id=882):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = socket$tipc(0x1e, 0x1, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r1, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4050040}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

7m30.355066142s ago: executing program 32 (id=882):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = socket$tipc(0x1e, 0x1, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r1, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4050040}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

6m8.002023813s ago: executing program 1 (id=1227):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)=ANY=[@ANYBLOB="1800002212140100000000000000000008004b001300000082225c227f0830295ae7f59dd75726d1968d9057d51c83481643ee513ccbc9881db5963add7560f4c56c14daac9ac80a6ac8589920c553fba38c2a6fb0090669aeaeab0c4131a890593da3c50b1a816892d252930f462d24ee4846e5056524712aba69623bc43b3f69010000001728e2bfbec4c00ec7cf13c99497840f385b7a207639cfa750ac6d447ed6a84fc8255607d068310220d5e73eed8e1722b092026d1a3de52a15e6b3553dee0faa7e6f4840a4d02044f130c3fc8b6256659d1b"], 0x18}}, 0x0) (async)
sendmsg$inet(r0, &(0x7f0000000900)={&(0x7f00000006c0)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="97452a307eb495fe223600000000000000", 0x11}, {&(0x7f0000000940)="93f365e09d07b6b3d24cb18227ab1a47ba963f435e0839c3c8ff2ab3c0b520994d2ec84943c07ff629aee0796d9d880a35ce3d8fab3336afc412ea6a1df887b73a40fc1c886b452c29078237789a130d1a62b5f03ec0ac0152e9f4842164e7cdf7207a083d536e1824140acc52ece16ef9351f08edccbdb5b7e8438a364c798b4341df0c5f5c9e591622e683e7c7b8982a7656b34257325dd484e894b0ab1f3c66a4c2c9c68e1d69cdfc6559163b2677842212d91bcc5d723d974d4d0788923cc0e1b992ab1c28672d0f3ff5c2b26d651358077cdde4e2fa53739b8b887325af7c7e9424fb1c387a5723e0c27ea040eef3ead0ad840555145d3bb634b5731c4b085464cdd0f9df4a9f1370", 0x10b}], 0x2, &(0x7f0000000600)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x44}, @private=0xa010102}}}], 0x20}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a30000000000800"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001) (async)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)=<r3=>0x0)
r4 = syz_open_procfs(r3, &(0x7f0000000140)='net/netlink\x00')
sendmsg$NFT_MSG_GETOBJ_RESET(r4, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x5134432}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="a4000000150a01040000000000000000070000002f00080031f72308000000000000001f376df0f0b12777f097216ae9df04e983d87a4f32d477ec9e7f6bc1f526ec67004500080054d38f0f6c018f78f627b199f7ca9a839141717051074c07233cdf7bf9374f1600763d8ccde7f378aad213293eac98b210168daf37ec6ae721c20bf810e4f92a5a0000000900010073797a31000000000900010073797a3100000000"], 0xa4}, 0x1, 0x0, 0x0, 0x40080}, 0x800)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$binfmt_misc(r5, &(0x7f0000000040), 0xe09) (async)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}}) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="280000002e000100000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="040002fb800c0001"], 0x28}], 0x1}, 0xcc000)
close_range(r6, r6, 0x2)

6m7.556825115s ago: executing program 1 (id=1233):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x32)
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0)
r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0x600000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, 0x0, 0x0)
landlock_restrict_self(r1, 0x4)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x108, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r2, 0x2)
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0/file0\x00', 0x81c0, 0x0)

6m7.308890421s ago: executing program 1 (id=1237):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mtu(0xffffffffffffffff, 0x29, 0x50, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
sendto$unix(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x40c00, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r4, 0x3e8, 0xe80, 0x0, &(0x7f0000000000)="c1df07000000d30a298ee68886dd87", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000020bfa30000000000000703000002feffff720af0fff8ffffff71a4f0ff000000006a030000000000001d400500000000004704000001ed00007203feff000003f81d44000000000000730a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000080))

6m5.274001934s ago: executing program 1 (id=1241):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0xd32, 0x27f37f13a9b062bd)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000180)={0x0, 0x3, 0x6, 0x1, 0x8})
r1 = socket$kcm(0x23, 0x5, 0x0)
sendmsg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x80)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x304}, "55706e44cacc494f", "24ff0573669961d742cbfb62b94f9592", 'U~\'T', "d5c0017c6ee203ad"}, 0x28)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_BITWISE_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x20008000)
sendfile(r2, r3, 0x0, 0xffffffff004)
bind$alg(r3, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x40042, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000000)=0x8)
ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000080)=0xfffffffe)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01837700000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000078000000060a010400000000000000000100000008000b40000000000900010073797a30000000005000048020000180070001007274000014000280080001400000001508000240000000012c0001800900010068617368000000001c00028008000440fffff3e008000240000000170800074000000001"], 0x100}}, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000240)={0xf, 0x7, 0xe, 0x4}, 0x8)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x18e101a, 0x0)

6m2.824537648s ago: executing program 1 (id=1244):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f00000000c0)=""/24, &(0x7f00000005c0)=0x18)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

6m0.668781098s ago: executing program 1 (id=1260):
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x40, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004000}, 0x4005000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000183b9220b113420016580102030109021b00010000000009040000012e459e00090504c80a09731fdd861165f0d28522db113143d50ce50bf04123388b5eef639676a4d230f0deadbb02bd3a74f6bf"], 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x8890}, 0x20004450)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="38000000070a010100000006000000000a0040010900010073797a3100"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x44054)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

6m0.035703828s ago: executing program 33 (id=1260):
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x40, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004000}, 0x4005000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000183b9220b113420016580102030109021b00010000000009040000012e459e00090504c80a09731fdd861165f0d28522db113143d50ce50bf04123388b5eef639676a4d230f0deadbb02bd3a74f6bf"], 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x8890}, 0x20004450)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="38000000070a010100000006000000000a0040010900010073797a3100"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x44054)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

4m33.067205375s ago: executing program 3 (id=1970):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
r1 = socket(0x10, 0x803, 0x4)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040)=0xb, 0x4)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
preadv(r2, &(0x7f0000000340)=[{&(0x7f0000003200)=""/4096, 0x1000}], 0x1, 0x80002c2, 0xca)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'\x00', 0x2})
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000001c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./file1\x00', 0x0, 0x200800, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}]})
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000780), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r4)

4m32.39952902s ago: executing program 3 (id=1976):
r0 = socket(0x80000000000000a, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f00000014c0)='/dev/comedi2\x00', 0x80, 0x0)
preadv(r2, &(0x7f0000002540)=[{&(0x7f0000001500)=""/53, 0x35}], 0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480))
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
epoll_create1(0x80000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xfffffffffffffee6}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24040045)
r3 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xce})
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@filter={'filter\x00', 0xe, 0x4, 0x300, 0xffffffff, 0x0, 0x268, 0xc8, 0xffffffff, 0xffffffff, 0x268, 0x268, 0x268, 0xffffffff, 0x4, &(0x7f0000000100), {[{{@ip={@private=0xa010101, @local, 0xff000000, 0xffffff00, 'vcan0\x00', 'ip6erspan0\x00', {0xff}, {0xff}, 0x88, 0x1, 0x2c}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}, {0x0, 0x8, 0x1, 0x1}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@rand_addr=0x64010100, @empty, 0xff, 0xffffffff, 'rose0\x00', 'ip6erspan0\x00', {0xff}, {}, 0x11, 0x5}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x4, [0x0, 0x0, 0x0, 0x2, 0x2, 0x6], 0x5}, {0x4, [0x5, 0x6, 0x5, 0x3], 0x4, 0x1}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0xff000000, 0xff0000ff, 'erspan0\x00', 'veth0\x00', {}, {0xff}, 0x29, 0x3, 0x3}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x6, 0x4, 0x6], 0x2, 0x3}, {0x0, [0x1, 0x5, 0x4, 0x1, 0x5, 0x7], 0x0, 0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x360)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)}, {0x0}], 0x2)
io_uring_enter(r3, 0x2219, 0xcf74, 0x16, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000000), 0x80000)

4m30.948092357s ago: executing program 3 (id=1986):
socket$inet(0x2, 0x4000000000000001, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r2 = memfd_create(&(0x7f00000004c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g&\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05N\xb9\x1dOr\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x3)
ftruncate(r2, 0xffff)
close(0x3)
fcntl$addseals(r2, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000001c0)={r2, 0x1, 0x0, 0x8000})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

4m29.546203999s ago: executing program 3 (id=1990):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0xd32, 0x27f37f13a9b062bd)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000180)={0x0, 0x3, 0x6, 0x1, 0x8})
r1 = socket$kcm(0x23, 0x5, 0x0)
sendmsg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x80)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x304}, "55706e44cacc494f", "24ff0573669961d742cbfb62b94f9592", 'U~\'T', "d5c0017c6ee203ad"}, 0x28)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_BITWISE_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x20008000)
sendfile(r2, r3, 0x0, 0xffffffff004)
bind$alg(r3, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x58)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x40042, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000000)=0x8)
ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000080)=0xfffffffe)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01837700000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000078000000060a010400000000000000000100000008000b40000000000900010073797a30000000005000048020000180070001007274000014000280080001400000001508000240000000012c0001800900010068617368000000001c00028008000440fffff3e008000240000000170800074000000001"], 0x100}}, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x18e101a, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

4m27.227476086s ago: executing program 3 (id=2004):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
r1 = socket(0x10, 0x803, 0x4)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040)=0xb, 0x4)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
preadv(r2, &(0x7f0000000340)=[{&(0x7f0000003200)=""/4096, 0x1000}], 0x1, 0x80002c2, 0xca)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'\x00', 0x2})
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./file1\x00', &(0x7f0000000140), 0x200800, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}]})
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000780), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r4)

4m25.827052282s ago: executing program 3 (id=2021):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x20})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)="0200", 0x2)
writev(r2, &(0x7f0000000800)=[{&(0x7f0000000100), 0x86}, {&(0x7f0000000840)="a0ed8eef900ddf90aaca63a7211b05508484a38734dcdf3162dfd940f44599ba898a768fb380634580bd69b8a9e5bb94222fefa921d4b4c36a72db0f9297aac607d3891a455a5b62e6e988db9dacf920a000f49bab3dda6141ff43d3c5af45e80997347d29090fa745ec6cbfce63106a24d79c12f3aacf8c593ad3d3d928cb5f0c3d4ed702525c8b739edfecf5c489effa425b415bc151f7651bb59a110b1bcebe7d1edcdfb69ccbfe2ec57e9a16bb75a90651b3e348df603642a9b5a05bb8e356d6f2"}, {&(0x7f0000000780)="aca6d790908aabe646c9a16e8cc50f9e5b1214af8fa87e96f66283a7bcf0d450174215493752690ca8f347a44c315f57b3cfa350856e403fb19802719d4776f04bbcd207ad5d563cde7aace468b1"}], 0x1)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=@newqdisc={0x78, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfd, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0xf, 0x9}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xffffffff, 0x50, 0x1, 0x9, 0x3}, 0x8, 0x1, 0x8, 0x920, 0xd, 0x1b, 0x1a, 0x14, 0x2, 0xfc, {0x9, 0x7f, 0x7fff, 0x80000000, 0x5, 0xfffffff7}}}}]}, 0x78}}, 0x2000020)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000040)={<r6=>0x0}, &(0x7f0000000080)=0xc)
prlimit64(r6, 0x2, &(0x7f00000000c0)={0x7, 0xfffffffffffffffb}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={0xa4, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_NAT_DST={0x10, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}]}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
r7 = fanotify_init(0x28, 0x109800)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000180)="3f768e69b9b43bb7", 0x8}], 0x1)

4m25.232647107s ago: executing program 34 (id=2021):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x20})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)="0200", 0x2)
writev(r2, &(0x7f0000000800)=[{&(0x7f0000000100), 0x86}, {&(0x7f0000000840)="a0ed8eef900ddf90aaca63a7211b05508484a38734dcdf3162dfd940f44599ba898a768fb380634580bd69b8a9e5bb94222fefa921d4b4c36a72db0f9297aac607d3891a455a5b62e6e988db9dacf920a000f49bab3dda6141ff43d3c5af45e80997347d29090fa745ec6cbfce63106a24d79c12f3aacf8c593ad3d3d928cb5f0c3d4ed702525c8b739edfecf5c489effa425b415bc151f7651bb59a110b1bcebe7d1edcdfb69ccbfe2ec57e9a16bb75a90651b3e348df603642a9b5a05bb8e356d6f2"}, {&(0x7f0000000780)="aca6d790908aabe646c9a16e8cc50f9e5b1214af8fa87e96f66283a7bcf0d450174215493752690ca8f347a44c315f57b3cfa350856e403fb19802719d4776f04bbcd207ad5d563cde7aace468b1"}], 0x1)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=@newqdisc={0x78, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfd, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0xf, 0x9}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xffffffff, 0x50, 0x1, 0x9, 0x3}, 0x8, 0x1, 0x8, 0x920, 0xd, 0x1b, 0x1a, 0x14, 0x2, 0xfc, {0x9, 0x7f, 0x7fff, 0x80000000, 0x5, 0xfffffff7}}}}]}, 0x78}}, 0x2000020)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000040)={<r6=>0x0}, &(0x7f0000000080)=0xc)
prlimit64(r6, 0x2, &(0x7f00000000c0)={0x7, 0xfffffffffffffffb}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={0xa4, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_NAT_DST={0x10, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}]}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
r7 = fanotify_init(0x28, 0x109800)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000180)="3f768e69b9b43bb7", 0x8}], 0x1)

11.403298597s ago: executing program 7 (id=4013):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xb05, 0x1abe, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xe8, 0xb, "", [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7ffd, 0x0, 0x1, {0x22, 0x1e3}}, {{{0x9, 0x5, 0x81, 0x3, 0x38d707d343173689, 0x5, 0xa, 0x70}}}}}]}}]}}, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x48081, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f0000000040))
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780)=[{&(0x7f0000000340)="1588f4022a26b72a88b937b2e2c296115c43638e377159816e5b8729bb058a8c4de2457fa4c30cd822f989ddb4d399a114fa5df0215dbbc09c9d5fbeb31089ce186bee2525b82a1a6ca2163ea17331d98d8c044a80a532437316dac0209c188d818543b5ce9ae928145c49c09d2923d2de7debce", 0x74}, {&(0x7f00000003c0)="81f664755d72f3880a415011c6c03de3345eb2f98242f646a96146b7a54812f72993364b7d9c3b0017ae590f715912dbb79d3434d75b49c061fdfebe950dc9", 0x3f}, {&(0x7f0000000480)="d9749d0649803a39ebdde5fd914040625bc73ce11f672820d3018736bdfc4535dbe7cba690b52c9e68ce6daa247bd45ac34844763ce78dddc67e700f1ed12f3d53a414ff06b6b8574ce3973b48ee7c3aef14ccd93421b595adf7464228f849e27dba240e6f8327989a82de997542dab5a52e80c8bb9a556ed76ef55ccb8908c63bede46c1057ed61354293f2a13af633b85a8881b4a05c00b4b18c651837039f348406fe9f87e185661d3d2a8ddd2a838ba94969751c37e457835684376dd92b4afbba26c701a1f1aeb9", 0xca}, {&(0x7f0000000580)="07e009d7bf74cac6e503fdecefb8c61cde4df01ccf73548af3f9eaf2b736d13393e6d48fdcf9dcffa6b5fcee68fe9110c2216837f52408f9c1b0dea5f3454d0194c6aab08063d80782e329eecb9c57c3ec6dd88903c81f3f62fe66010477b636ca3d137dbd22e6fb862d89900a35e4f21d49b30762ce522aaef59595a75e26e8df308d1b4a75856e3eada74424ea0f6695f74a5217737385efb5b84b025b79f5dfaf044a58ee110253afedecaa805b0bf409c81068e85f6643ea83d4a0b3f093db26bb381d0e0c312dcc88f788d61b5a3a3ff6e82762c09628b6e5f5b7dbb21c43bfbdd7e766c995b1e324e9f554af840f4c850ab4", 0xf5}, {&(0x7f0000000680)="026a1a29d72719910f8fd3b527b08dbf68169c4e9eda8527b6a47d689573855394fe6fec121470f1364bef075b70e686638086ef3d38db047706fcaf50fc96f58c273a40a336997a39d77eb2f7924e2bcb9f2eca737f048c828b2a1f0ef2576012c3343ab48cd93af84b20d10b46be65e9c3441ea64c89ae5f5e735efb595ee712348698016448bfa9bb7de7debd17138babf3542ab5274823aa0902b850be06a87898852a227b4fa6f852118ff992dbad0f89bad23818753b158bec16ff7ec62ef218bb5955a5d7e04fcd1055df2547f421b10245afd1c2c2187a604d1d15c2e985196b8ec41f0ad7742f0ab50096e14bbd64", 0xf3}], 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="3400000076f1b16379000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00'], 0x38, 0x10}, 0x8000)
syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000800)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x5, 0x8e077c1db25586c4, 0x8e, "", [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x7, 0x1, 0x3, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x5, 0xff, 0x5}}, [{{0x9, 0x5, 0x82, 0x2, 0x400, 0x5, 0x4, 0x9}}]}}}]}}]}}, &(0x7f0000000ac0)={0xa, &(0x7f0000000880)={0xa, 0x6, 0x250, 0xfb, 0x5, 0x1, 0x40}, 0x5, &(0x7f00000008c0)={0x5, 0xf, 0x5}, 0x2, [{0xec, &(0x7f0000000900)=@string={0xec, 0x3, "1520551870ef0906cb19180a1ccf7b4aadd292354f6893edb279d7db30f55ea36fe0f30f72e3c2886a298ff9ee5e52ec1a9a67420ae85e4d99c92cb096562ff8b430597f092e44bac1adb9814a24ad1e9cff4e2493f50526e537f11910f5b1ab9f3b9ccefc189dbbc2c4ea31274d94329c7614ade8b64f5f9b382a28ca3af28c0add39038ed4e781e98c2fb850f4418d0d5113a59ab801b93c3034a5c4fa75edcdbef3eb33cad72ef51acaaf595bfaeae1786fd552721e1275751aefef7b0334bd963b9fb269956952cfeb71e42cecd2e89984743f05d9542dfadbe3af15af85c80a88ab7b2b049c81a5"}}, {0xb5, &(0x7f0000000a00)=@string={0xb5, 0x3, "c683720f66cb61e4d4cc7457ecbb9869f47d1fef0edee2d9465d12b393777787a511aec27b770a827cbbcf8f5ca91d8e980f7d7298a984d1932f0bda3458dd219a8208282c57e0f90f19ce5b73798e741415d07e4ed1a75915e9f01f3edf84e63aa437e191bfff7c82ceeafacf01337013200221b4440db1c6a4e3f3f36ea6cc1c162d84ff69476a539ef5176e840d7f7953afff3297ba3800fb9a3a64745b254dcea168540f216d6636e39092bc4ff5f9ab63"}}]})
syz_usb_connect$hid(0x1, 0x1, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x1555555555555650, [{0x2b, &(0x7f0000000240)=@string={0x32, 0x3, "366789599b0e44f740e150f2edc7f847f9cddeac9e850deffa2a169f52a5094b87a5d0706e38f6efecd806782a4d08cd1864c7a772caa3f9d7f9be9548953f67"}}]})
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})
utime(&(0x7f0000000000)='./file1\x00', 0x0)

10.034081631s ago: executing program 0 (id=4017):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x121682, 0x0)
read$nci(r0, 0x0, 0x0) (fail_nth: 1)

9.49217796s ago: executing program 0 (id=4018):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000700)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x5}, 0x50) (async)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000700)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYRES8=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}]}], {0x14}}, 0xc0}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)

9.044411914s ago: executing program 0 (id=4021):
syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904"], 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r1 = syz_usb_connect(0x3, 0x62, 0x0, 0x0)
syz_usb_control_io$printer(r1, &(0x7f00000001c0)={0x14, &(0x7f0000000000)={0x0, 0x30, 0x11, {0x11, 0x23, "f62bb5486f99ecfa64df01a59c8d21"}}, &(0x7f0000000100)={0x0, 0x3, 0x82, @string={0x82, 0x3, "757a9a97029f01c69fbf0600003dc0ba185f4060ca1b7cff2456b4b0d7913db078540d698577823cd38f39ae78ac38b2575727683219cfd6b349729219440abab8c0b6958fc25e8d261719a8de8194519fcde822cc078a88cb29dbd310952feaea3181b616a403c246e21048972ec9d016ff0000008ccd9c63207aeae0d0ac00"}}}, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

8.916658484s ago: executing program 6 (id=4022):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, 0x0, 0x0, 0x4}, 0x20)

8.776439055s ago: executing program 6 (id=4023):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

8.681905082s ago: executing program 6 (id=4024):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

8.610309432s ago: executing program 6 (id=4026):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000a7d4635d7b1af8ff00000000bfa1"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000010000100000a38000000060a010400000000000000000a0000040c000340000000000000000109000200730000000000000114000000110001000000b0dc846cb1e3d4a80b3f86af0000000000000500000a00"/96], 0x60}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x1c, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c"], 0xfdef)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

8.568958881s ago: executing program 7 (id=4027):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_pidfd_open(0x0, 0x0)
setns(r4, 0x24020000)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r5, 0x84, 0x7f, &(0x7f00000020c0)=""/4057, &(0x7f0000000000)=0xfd9)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r7, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0x8000, '\x00', @p_u8=&(0x7f0000000080)}})
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x78, 0x30, 0xb, 0x70bd26, 0x0, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "4614c334e344ae53204373dc0ddeb17f"}, @TCA_CT_ZONE={0x6, 0x8}, @TCA_CT_PARMS={0x18, 0x1, {0xfffffffc}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x40800}, 0x1010)

7.000635864s ago: executing program 5 (id=4029):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

6.659390917s ago: executing program 5 (id=4032):
r0 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x7005, 0x0)
readv(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast2, 0x2}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

6.582730953s ago: executing program 7 (id=4033):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, 0x0, 0x0, 0x4}, 0x20)

6.442172698s ago: executing program 0 (id=4034):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xb, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="8500000011000000630a04ff000000004400000000000002950000000000000018100000", @ANYRES32, @ANYBLOB="00000000000b000005000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448ca, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x400448c9, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4, @loopback}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000002c0)={'batadv_slave_0\x00', <r3=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0xf7, r3, 0x1, 0x9, 0x6, @link_local}, 0x14)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000100)=0x5, 0x4)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}], 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum64={0x1, 0x0, 0x0, 0x13, 0x0, 0x2}]}}, 0x0, 0x26, 0x0, 0x8}, 0x28)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x20, 0x39, 0x1, 0x7fffa, 0x4, {0x1}, [@typed={0x9, 0xec, 0x0, 0x0, @str='\x02A+/\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), r6)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r6, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000b00)=ANY=[@ANYBLOB="5c020000", @ANYRES16=r7, @ANYBLOB="010029bd7000fddbdf251800000008000300", @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="0c00060000000000000000007c00308005000200030000004c000180480003800c00040000000000000000000c0004000200aaaaaaaaaaaa060003008a2d0000080002000100000006000300a2aa00000c0004000200aaaaaaaaaaaa060001000300000024000300ba7cc8e11ce6af988b7069827e70bcf280d7a3c8a4602d08a32d7bb1a4b61b300c00060001"], 0x25c}, 0x1, 0x0, 0x0, 0x8010}, 0x40000)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000d80), 0x36f, 0x20102, 0x0)
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x181440, 0x0)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_MCAST_LEAVE_GROUP(r9, 0x0, 0x2d, &(0x7f0000000200)={0x10001, {{0x2, 0x4e24, @local}}}, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r10=>0x0})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r8, 0x89f3, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'ip6_vti0\x00', r10, 0x4, 0x0, 0x32, 0x0, 0x40, @loopback, @remote, 0x7800, 0x700, 0x69f, 0x101}})

6.371245254s ago: executing program 7 (id=4036):
socket(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8905, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x4})
connect$rxrpc(r0, &(0x7f0000000900)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e23, @private=0xa010101}}, 0x24)

6.348351387s ago: executing program 6 (id=4037):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000600), r0)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000002a00)={&(0x7f00000029c0)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfd}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x10000)
r2 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi0\x00', 0x101001, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000140)={'das1800\x00', [0x100003, 0x2, 0xc0000002, 0x40, 0x30, 0x8, 0xf1, 0x6, 0x80ffa, 0x802, 0x2000100, 0x8506, 0x1003, 0x3, 0xf, 0x10000, 0x4, 0x7ffffffd, 0x1ff, 0x9e3, 0x10, 0x7fff, 0x40008, 0x2, 0x1, 0x3, 0x5, 0xc, 0x0, 0x2, 0x7ffd]})
r3 = openat$kvm(0x0, &(0x7f00000002c0), 0xa600, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
write$nbd(r7, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000000000000000040000900000082b0cfc4337965941538be09000000000000000000007400a391793ba70d0800000000fdf7068d4dae2ee0c900", @ANYBLOB], 0x40)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x0, 0x8800)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x7f, 0xa0080)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r8, 0xc1105517, &(0x7f00000004c0)={{0x7, 0x5, 0x560, 0x3, 'syz0\x00', 0x2}, 0x2, 0x0, 0x9, r4, 0x3, 0xb0e, 'syz0\x00', &(0x7f0000000480)=['TIPC\x00', '\x00\x00\x00\x00\x00\x00', 'TIPC\x00'], 0x10})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x200000d4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r9 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x44000, 0x50)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000180)=[0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x6, 0x5, 0x6})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r11, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40001)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="44000000f9644abe358e0c7b7c39084d16dcfed664307c99a6f31dd4e209fd58eaa6dc6e24f5baef8613d1b710c2f1083b0ab15ab506be1bc71444c0040570ef87c1c7213cb8e13154c5dab72e78f47961ad8226e388ff50469180a042ebaab39faad6ccec41ff6aa5eea87654660972c413d6c8b81cde365833a4bffac44ed6b520a20336a899d9126afcaf5905e9", @ANYBLOB="a1a9cef98b58beac06bb763649e1dfc8185f453d576b1e1b81e15a322d38c3ad73a9cf535d3c6ac8550db793d6e5531418823a15f94548631530dbfae393ca4ed939b9559d25a6b6d3df04d0b88a3068b24fe99460b563c949a64fa8a6c47c0f11b9dc04e429777c8c32a04976765c7d7978503bcfe94041fc885f6b0d89683c87dd30323d3ad281730c3bf50568b6a8cc34f475fc2245522cde1b53ae4f44430e699ebbd22f18825a1196ee8e851d1571729a796246a5d04c", @ANYRESOCT=r3], 0x44}}, 0x4010010)
ioctl$DRM_IOCTL_MODE_GETCRTC(r9, 0xc06864a1, &(0x7f0000000640)={&(0x7f0000000380), 0x0, r10})

6.347639911s ago: executing program 5 (id=4038):
r0 = syz_open_dev$vcsu(&(0x7f0000000000), 0xc5, 0x8400)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x5, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x488c1}, 0x40)
fsetxattr$smack_xattr_label(r0, &(0x7f0000000140)='security.SMACK64\x00', &(0x7f0000000180)={'syz2\x00'}, 0x6, 0x1)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f00000001c0)={@local, 0x4})
pipe2$9p(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
write$P9_RSYMLINK(r2, &(0x7f0000000240)={0x14, 0x11, 0x1, {0x40, 0x4, 0x5}}, 0x14)
sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, 0x0, 0xb, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}, [@NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x40051)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000003c0)={0x1, &(0x7f0000000380)=[{<r3=>0x0}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000480)={r3, &(0x7f0000000400)=""/97})
close(r1)
read$FUSE(r0, &(0x7f00000004c0)={0x2020}, 0x2020)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000002500)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x62a, 0x7100, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x1, 0x0, 0x0, "", [{{0x9, 0x4, 0x0, 0x40, 0x1, 0x3, 0x1, 0x1, 0x9, {0x9, 0x21, 0x5, 0x8}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x4, 0xc, 0x9}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0x8, 0xa4, 0x5}}]}}}]}}]}}, &(0x7f0000002640)={0xa, &(0x7f0000002540)={0xa, 0x6, 0x201, 0x8, 0x3, 0xf9, 0xff, 0x2}, 0x67, &(0x7f0000002580)={0x5, 0xf, 0x67, 0x6, [@ss_container_id={0x14, 0x10, 0x4, 0xa, "01696da016ebbc6a3575b509c29cba8b"}, @wireless={0xb, 0x10, 0x1, 0x8, 0xda, 0xf8, 0x6, 0x2, 0x97}, @ss_container_id={0x14, 0x10, 0x4, 0x5, "9f767e76b2da75c49912d596f0a71159"}, @ss_container_id={0x14, 0x10, 0x4, 0x45, "d34388e055611e9d7ae7bb81b5a2d733"}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "561a37a7ad87541b7ad0b2d0a3cb9313"}, @ext_cap={0x7, 0x10, 0x2, 0x1c, 0x8, 0x0, 0x2}]}, 0x1, [{0x4, &(0x7f0000002600)=@lang_id={0x4, 0x3, 0x4001}}]})
ioctl$XFS_IOC_EXCHANGE_RANGE(r0, 0x40285881, &(0x7f0000002680)={r1, 0x0, 0x5, 0x9, 0x7, 0x1})
r4 = syz_usb_connect$hid(0x5, 0x3f, &(0x7f00000026c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x146b, 0x902, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x2, 0x10, 0xd, "", [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x3, 0x1, 0x5, 0x7f, {0x9, 0x21, 0x10, 0xf9, 0x1, {0x22, 0x3a}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xe4, 0x80, 0x40}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0xf8, 0x3, 0x7f}}]}}}]}}]}}, &(0x7f00000027c0)={0xa, &(0x7f0000002700)={0xa, 0x6, 0x250, 0x0, 0x31, 0x6, 0x8, 0xd}, 0x23, &(0x7f0000002740)={0x5, 0xf, 0x23, 0x3, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0x5, 0x5, 0x5}, @ss_container_id={0x14, 0x10, 0x4, 0xd, "5a54d32857eada73f18aa8df17cd00e8"}]}, 0x1, [{0x4, &(0x7f0000002780)=@lang_id={0x4, 0x3, 0xc04}}]})
syz_usb_control_io$hid(r4, &(0x7f00000029c0)={0x24, &(0x7f0000002800)={0x20, 0x8, 0xfa, {0xfa, 0x23, "a31ac53a2ce139b2e303ef10eaa9a806d824abd28c36df6c45cda31e6602713e95d032d307a65848a3d4edd24893f50fdd7c9bd9976cd54d11258fe5d38c92b40951c362ea5131b6486c729d26e9ad68fa0e50bc8be1b06dbef161647f5cb6904b1e0693e9be9acc5c2e0c3b196a43e9f31b5d86291dc52f332d37ee54756d0dd2f27a97e9a0486a229f2fb198b4d77b73bed06f055d8573a1e1f872c22a864a2bd0bbd132d9a188a2281b98c8ca64bb7b953a86269d62421c401586f029dec0869d9612b106e4ebd125589483b2c50083b1bf1be2253989c99902d875143771fb756fba0e36a842d5db0a76ff8a41abf4139e26f0020ab2"}}, &(0x7f0000002900)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x430}}, &(0x7f0000002940)={0x0, 0x22, 0x9, {[@local=@item_012={0x2, 0x2, 0x1, "1206"}, @global=@item_012={0x2, 0x1, 0x8, "971d"}, @global=@item_012={0x2, 0x1, 0x0, "9647"}]}}, &(0x7f0000002980)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7, 0x4, 0x1, {0x22, 0x8f0}}}}, &(0x7f0000002c00)={0x2c, &(0x7f0000002a00)={0x0, 0x3, 0x4e, "eadc24e6871b1712f6b08ea51de739448a9e401567e6016795fa5035ab3f0c97da9d46d78f0a6956d7db92b32b8c6d556a005da96255a546358943301265e5bcfd99e80f67118b28ec2c937a2eb8"}, &(0x7f0000002a80)={0x0, 0xa, 0x1, 0xc0}, &(0x7f0000002ac0)={0x0, 0x8, 0x1, 0x54}, &(0x7f0000002b00)={0x20, 0x1, 0x80, "e367a5b1de4bec64f0631fd820be8846c67981ccab2146a2ed84aa1ac81b743eed9fe43ec56281ee31c57b6e8a76c9d7a64bf3bb8fdab182aa73e7cc21b3ac0bf5874782025c7a3d016ff2475c556cc89619e22984567af47a0e76c023e4bcf367a84145746fc1b7ba883618e3dc25dbfab0a034858554074fb8162291dc10ec"}, &(0x7f0000002bc0)={0x20, 0x3, 0x1, 0x5}})
ioctl$FBIOGET_VSCREENINFO(r0, 0x4600, &(0x7f0000002c40))
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000002e00)={&(0x7f0000002d00)=[0x0, 0x0], &(0x7f0000002d40)=[0x0, 0x0], &(0x7f0000002d80)=[0x0, 0x0], &(0x7f0000002dc0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x2, 0x2, 0x5})
ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000002e80))
close_range(r1, r2, 0x0)

3.275164722s ago: executing program 7 (id=4040):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="3c00000068000100030310000500ff7f00000000000000002400020002000a00f5000000000d"], 0x3c}, 0x1, 0x0, 0x0, 0x24008018}, 0x4004890)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x0, 0x20000000, 0xffffffff, 0x4}, 0x1, r3}}]}, {0x4, 0xa}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x68}}, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r4 = socket$inet_icmp(0x2, 0x2, 0x1)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10)
r5 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f00000000c0)=0x4, 0x4)
setsockopt$inet6_int(r5, 0x29, 0x4b, &(0x7f0000000000)=0x1, 0x4)
unshare(0x22020600)
r6 = syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010d80402f000000000000109022d00010000001009040000010300000009211000fd0122050009058103"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0xb, "31779791"}]}}, 0x0}, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x105}, @l2cap_cid_signaling={{0x101}, [@l2cap_info_rsp={{0xb, 0x5, 0x4}}, @l2cap_move_chan_cfm={{0x10, 0xff, 0x4}, {0x1, 0x4}}, @l2cap_info_rsp={{0xb, 0x0, 0xae}, {0x2000, 0x3, "44983af3e3c9cb693325508b5b95ac76d64fc76d0f5488f962a28eb4828a7fdbe79c418b55167f6f69781b770f2d3613b68aa4d66e160f4c39ebdae9f16b984e6ff875d594fbfd54afa7d2d3c35a5cf9f38446704f9bb7380bd97ca7fa4cedda128d45618eaea421aaf9944a82e743b9247c3d4551b2f01877a0593abd8bbb37b950738840ac4865f3e6736def87d5d6c156ad56d6d9b7ee35b4c29b12fc8ebd6b6085969ce2f46eebf7"}}, @l2cap_disconn_req={{0x6, 0x6, 0x4}, {0xffff, 0x6}}, @l2cap_conf_req={{0x4, 0x0, 0x2c}, {0x6, 0xfff7, [@l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0xc, 0xc, 0x10, 0x2, 0x8}}, @l2cap_conf_mtu={0x1, 0x2, 0x5}, @l2cap_conf_efs={0x6, 0x10, {0x4, 0x0, 0x4, 0x6, 0x2, 0xed1}}, @l2cap_conf_mtu={0x1, 0x2, 0x8e3}]}}, @l2cap_move_chan_req={{0xe, 0xc, 0x3}, {0xc5a, 0x1}}]}}, 0x10a)

2.859420411s ago: executing program 2 (id=4041):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x20, 0x10, 0x4, 0xfffff00c}, {0x30, 0x0, 0xfd, 0x5ae9}, {0x6, 0x0, 0x7, 0x2}]}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)='*s', 0x2}], 0x1}}], 0x1, 0x4080000)

2.776122602s ago: executing program 0 (id=4042):
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000132c0)=[{{0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000001bc0)="b7b41591", 0x4}], 0x1}}], 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002780)=ANY=[@ANYBLOB="38000000400095012dbd7000fedbdf25047c00001c00c280180009801264060000000000000074756e00000004000180040008"], 0x38}, 0x1, 0x0, 0x0, 0x4c090}, 0xc000)
io_uring_setup(0x55d4, &(0x7f0000000000)={0x0, 0xfca1, 0x4000, 0x2, 0x4001e})
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.660032357s ago: executing program 2 (id=4043):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r6, 0x84, 0x7f, &(0x7f00000020c0)=""/4057, &(0x7f0000000000)=0xfd9)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r8, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0x8000, '\x00', @p_u8=&(0x7f0000000080)}})
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x78, 0x30, 0xb, 0x70bd26, 0x0, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "4614c334e344ae53204373dc0ddeb17f"}, @TCA_CT_ZONE={0x6, 0x8}, @TCA_CT_PARMS={0x18, 0x1, {0xfffffffc}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x40800}, 0x1010)

2.504877332s ago: executing program 6 (id=4044):
syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904"], 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r1 = syz_usb_connect(0x3, 0x62, 0x0, 0x0)
syz_usb_control_io$printer(r1, &(0x7f00000001c0)={0x14, &(0x7f0000000000)={0x0, 0x30, 0x11, {0x11, 0x23, "f62bb5486f99ecfa64df01a59c8d21"}}, &(0x7f0000000100)={0x0, 0x3, 0x82, @string={0x82, 0x3, "757a9a97029f01c69fbf0600003dc0ba185f4060ca1b7cff2456b4b0d7913db078540d698577823cd38f39ae78ac38b2575727683219cfd6b349729219440abab8c0b6958fc25e8d261719a8de8194519fcde822cc078a88cb29dbd310952feaea3181b616a403c246e21048972ec9d016ff0000008ccd9c63207aeae0d0ac00"}}}, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

1.006536325s ago: executing program 2 (id=4045):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x2, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@deltaction={0x54, 0x18, 0x1, 0x70bd29, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x80, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0)

966.817217ms ago: executing program 5 (id=4046):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, 0x0, 0x0, 0x4}, 0x20)

872.622113ms ago: executing program 0 (id=4047):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d3e457201e040b40e73e000000010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000180)={0x2c, &(0x7f0000000c00)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0xc2400, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200), 0x60242, 0x0)
write$vga_arbiter(r1, &(0x7f00000010c0)=ANY=[], 0x8)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x7d, &(0x7f0000000080)={r3, 0x8000}, 0x8)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt(r2, 0x84, 0x7f, &(0x7f0000000080)="d3d0666d223e4686", 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x400)
ioctl$DRM_IOCTL_WAIT_VBLANK(r4, 0xc018643a, &(0x7f0000000040)={0x4000000, 0x400000})
close(r4)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8437f, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xd40, 0x82)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_io_uring_setup(0x74e6, &(0x7f0000000500)={0x0, 0x4533, 0x8, 0x0, 0x24c}, &(0x7f0000000880), &(0x7f0000000280), &(0x7f0000000000))

764.7229ms ago: executing program 5 (id=4048):
r0 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x7005, 0x0)
readv(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast2, 0x2}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

625.588457ms ago: executing program 5 (id=4049):
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002)
timer_create(0x2, &(0x7f00000000c0)={0x0, 0xf, 0x2}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000480)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FE_SET_FRONTEND(r0, 0x40000000, &(0x7f0000000080)={0x30a32c0, 0x1, @vsb={0xa}})
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x4000010)

517.405119ms ago: executing program 2 (id=4050):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast5)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0", 0x25}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085", 0xcb}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x4)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x8d, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

382.653379ms ago: executing program 2 (id=4051):
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') (async)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000b40)=""/119, 0x77}], 0x1, 0x4f, 0x0)

61.505344ms ago: executing program 7 (id=4052):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000002740), 0x80080)
r3 = fsopen(&(0x7f0000000040)='ceph\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000100)='test_dummy_encryption', 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)
mount(0x0, 0x0, &(0x7f0000000180)='tmpfs\x00', 0x2204c96, 0x0)
r5 = syz_init_net_socket$llc(0x1a, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, 0x0, 0x0, r5)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r6, 0xfffd, 0x0) (fail_nth: 4)

0s ago: executing program 2 (id=4053):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x20, 0x10, 0x4, 0xfffff00c}, {0x30, 0x0, 0xfd, 0x5ae9}, {0x6, 0x0, 0x7, 0x2}]}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed", 0x3}], 0x1}}], 0x1, 0x4080000)

kernel console output (not intermixed with test programs):

ex+0x46b/0x600
[  740.798841][T15927]  should_failslab+0xa8/0x100
[  740.798860][T15927]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  740.798886][T15927]  ? __alloc_skb+0x1d0/0x7d0
[  740.798911][T15927]  ? lockdep_hardirqs_on+0x7a/0x110
[  740.798938][T15927]  __alloc_skb+0x1d0/0x7d0
[  740.798967][T15927]  netlink_sendmsg+0x5d4/0xb40
[  740.798993][T15927]  ? __pfx_netlink_sendmsg+0x10/0x10
[  740.799011][T15927]  ? unwind_get_return_address+0x4d/0x90
[  740.799035][T15927]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  740.799063][T15927]  ____sys_sendmsg+0x94c/0x9c0
[  740.799088][T15927]  ? __pfx_____sys_sendmsg+0x10/0x10
[  740.799124][T15927]  ? import_iovec+0x73/0xa0
[  740.799149][T15927]  ___sys_sendmsg+0x2a5/0x360
[  740.799168][T15927]  ? __lock_acquire+0x6b5/0x2cf0
[  740.799192][T15927]  ? __pfx____sys_sendmsg+0x10/0x10
[  740.799240][T15927]  ? __fget_files+0x2a/0x420
[  740.799261][T15927]  ? __fget_files+0x3a6/0x420
[  740.799291][T15927]  __x64_sys_sendmsg+0x1c3/0x2a0
[  740.799313][T15927]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  740.799340][T15927]  ? __pfx_ksys_write+0x10/0x10
[  740.799374][T15927]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  740.799394][T15927]  do_syscall_64+0x15f/0xf80
[  740.799416][T15927]  ? trace_irq_disable+0x3b/0x140
[  740.799434][T15927]  ? clear_bhb_loop+0x40/0x90
[  740.799455][T15927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  740.799473][T15927] RIP: 0033:0x7f0d8877c819
[  740.799490][T15927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  740.799507][T15927] RSP: 002b:00007f0d869ce028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  740.799528][T15927] RAX: ffffffffffffffda RBX: 00007f0d889f5fa0 RCX: 00007f0d8877c819
[  740.799541][T15927] RDX: 0000000004008094 RSI: 0000200000000100 RDI: 0000000000000003
[  740.799553][T15927] RBP: 00007f0d869ce090 R08: 0000000000000000 R09: 0000000000000000
[  740.799566][T15927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  740.799580][T15927] R13: 00007f0d889f6038 R14: 00007f0d889f5fa0 R15: 00007fffb00f7fd8
[  740.799607][T15927]  </TASK>
[  741.170023][   T31] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  741.578322][   T31] usb 8-1: Using ep0 maxpacket: 8
[  741.999995][ T5819] Bluetooth: hci0: command tx timeout
[  742.005206][   T31] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  742.005241][   T31] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  742.005269][   T31] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 60960, setting to 1024
[  742.005300][   T31] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  742.005327][   T31] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  742.005385][   T31] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  742.005412][   T31] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.408219][T15925] netlink: 68 bytes leftover after parsing attributes in process `syz.7.3713'.
[  742.411683][   T31] usb 8-1: GET_CAPABILITIES returned 0
[  742.411736][   T31] usbtmc 8-1:16.0: can't read capabilities
[  742.637414][T15925] netlink: 204 bytes leftover after parsing attributes in process `syz.7.3713'.
[  742.637441][T15925] openvswitch: netlink: Flow key attr not present in new flow.
[  742.700854][   T31] usb 8-1: USB disconnect, device number 3
[  742.730010][ T5942] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  742.840744][T15937] FAULT_INJECTION: forcing a failure.
[  742.840744][T15937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  742.840789][T15937] CPU: 0 UID: 0 PID: 15937 Comm: syz.5.3717 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  742.840822][T15937] Tainted: [L]=SOFTLOCKUP
[  742.840830][T15937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  742.840842][T15937] Call Trace:
[  742.840851][T15937]  <TASK>
[  742.840860][T15937]  dump_stack_lvl+0xe8/0x150
[  742.840901][T15937]  should_fail_ex+0x46b/0x600
[  742.840929][T15937]  _copy_from_user+0x2d/0xb0
[  742.840958][T15937]  __sys_connect+0x156/0x450
[  742.840994][T15937]  ? __pfx___sys_connect+0x10/0x10
[  742.841039][T15937]  ? __pfx_ksys_write+0x10/0x10
[  742.841075][T15937]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.841116][T15937]  __x64_sys_connect+0x7a/0x90
[  742.841149][T15937]  do_syscall_64+0x15f/0xf80
[  742.841177][T15937]  ? trace_irq_disable+0x3b/0x140
[  742.841200][T15937]  ? clear_bhb_loop+0x40/0x90
[  742.841228][T15937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.841249][T15937] RIP: 0033:0x7f35d318c819
[  742.841271][T15937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  742.841291][T15937] RSP: 002b:00007f35d13e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  742.841315][T15937] RAX: ffffffffffffffda RBX: 00007f35d3405fa0 RCX: 00007f35d318c819
[  742.841332][T15937] RDX: 000000000000006e RSI: 000020000057eff8 RDI: 0000000000000003
[  742.841347][T15937] RBP: 00007f35d13e6090 R08: 0000000000000000 R09: 0000000000000000
[  742.841360][T15937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.841373][T15937] R13: 00007f35d3406038 R14: 00007f35d3405fa0 R15: 00007fffacc2e338
[  742.841405][T15937]  </TASK>
[  743.003126][ T5942] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  743.003194][ T5942] usb 7-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00
[  743.003222][ T5942] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  743.094042][ T5942] usb 7-1: config 0 descriptor??
[  743.095325][T15941] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  744.034256][ T5819] Bluetooth: hci0: command tx timeout
[  744.511736][ T5942] hid_parser_main: 105 callbacks suppressed
[  744.511799][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.511832][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.511860][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.511887][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.511914][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.511942][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.511969][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.511997][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.512025][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.512052][ T5942] asus 0003:0B05:1ABE.0013: unknown main item tag 0x0
[  744.513227][ T5942] asus 0003:0B05:1ABE.0013: unexpected long global item
[  744.515924][ T5942] asus 0003:0B05:1ABE.0013: Asus hid parse failed: -22
[  744.516056][ T5942] asus 0003:0B05:1ABE.0013: probe with driver asus failed with error -22
[  744.675677][T15956] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  744.944481][T15893] chnl_net:caif_netlink_parms(): no params data found
[  745.022364][T15982] FAULT_INJECTION: forcing a failure.
[  745.022364][T15982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.022407][T15982] CPU: 0 UID: 0 PID: 15982 Comm: syz.5.3734 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  745.022439][T15982] Tainted: [L]=SOFTLOCKUP
[  745.022448][T15982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  745.022463][T15982] Call Trace:
[  745.022473][T15982]  <TASK>
[  745.022503][T15982]  dump_stack_lvl+0xe8/0x150
[  745.022547][T15982]  should_fail_ex+0x46b/0x600
[  745.022580][T15982]  _copy_to_user+0x31/0xb0
[  745.022612][T15982]  simple_read_from_buffer+0xe1/0x170
[  745.022646][T15982]  proc_fail_nth_read+0x1be/0x230
[  745.022681][T15982]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  745.022713][T15982]  ? rw_verify_area+0x2ac/0x4e0
[  745.022745][T15982]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  745.022776][T15982]  vfs_read+0x212/0xa80
[  745.022824][T15982]  ? __pfx_vfs_read+0x10/0x10
[  745.022858][T15982]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  745.022889][T15982]  ? lockdep_hardirqs_on+0x7a/0x110
[  745.022919][T15982]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  745.022948][T15982]  ? mutex_lock_nested+0x152/0x1d0
[  745.022984][T15982]  ? fdget_pos+0x252/0x320
[  745.023024][T15982]  ksys_read+0x156/0x270
[  745.023059][T15982]  ? __pfx_ksys_read+0x10/0x10
[  745.023091][T15982]  ? __pfx_do_sync_core+0x10/0x10
[  745.023128][T15982]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.023154][T15982]  do_syscall_64+0x15f/0xf80
[  745.023183][T15982]  ? clear_bhb_loop+0x40/0x90
[  745.023211][T15982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.023233][T15982] RIP: 0033:0x7f35d314d04e
[  745.023255][T15982] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  745.023274][T15982] RSP: 002b:00007f35d13e5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  745.023298][T15982] RAX: ffffffffffffffda RBX: 00007f35d13e66c0 RCX: 00007f35d314d04e
[  745.023315][T15982] RDX: 000000000000000f RSI: 00007f35d13e60a0 RDI: 0000000000000004
[  745.023330][T15982] RBP: 00007f35d13e6090 R08: 0000000000000000 R09: 0000000000000000
[  745.023353][T15982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.023367][T15982] R13: 00007f35d3406038 R14: 00007f35d3405fa0 R15: 00007fffacc2e338
[  745.023404][T15982]  </TASK>
[  745.547702][T15893] bridge0: port 1(bridge_slave_0) entered blocking state
[  745.548139][T15893] bridge0: port 1(bridge_slave_0) entered disabled state
[  745.548774][T15893] bridge_slave_0: entered allmulticast mode
[  745.576747][T15893] bridge_slave_0: entered promiscuous mode
[  745.602804][T15893] bridge0: port 2(bridge_slave_1) entered blocking state
[  745.603066][T15893] bridge0: port 2(bridge_slave_1) entered disabled state
[  745.603311][T15893] bridge_slave_1: entered allmulticast mode
[  745.607424][T15893] bridge_slave_1: entered promiscuous mode
[  745.680129][ T1864] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  745.813355][T15893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  745.854685][ T1864] usb 6-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  745.854721][ T1864] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.854743][ T1864] usb 6-1: Product: syz
[  745.854760][ T1864] usb 6-1: Manufacturer: syz
[  745.854778][ T1864] usb 6-1: SerialNumber: syz
[  745.878811][T15893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  746.013948][ T5942] usb 7-1: USB disconnect, device number 6
[  746.109981][ T5819] Bluetooth: hci0: command tx timeout
[  746.211912][ T1864] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  746.211978][ T1864] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  746.212002][ T1864] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  746.264454][T15893] team0: Port device team_slave_0 added
[  746.268866][T15893] team0: Port device team_slave_1 added
[  746.442612][T15893] batman_adv: batadv0: Adding interface: batadv_slave_0
[  746.442633][T15893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  746.442663][T15893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  746.445145][T15893] batman_adv: batadv0: Adding interface: batadv_slave_1
[  746.445162][T15893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  746.445191][T15893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  746.566432][T16010] FAULT_INJECTION: forcing a failure.
[  746.566432][T16010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  746.566474][T16010] CPU: 0 UID: 0 PID: 16010 Comm: syz.6.3744 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  746.566506][T16010] Tainted: [L]=SOFTLOCKUP
[  746.566514][T16010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  746.566527][T16010] Call Trace:
[  746.566536][T16010]  <TASK>
[  746.566545][T16010]  dump_stack_lvl+0xe8/0x150
[  746.566588][T16010]  should_fail_ex+0x46b/0x600
[  746.566618][T16010]  _copy_from_user+0x2d/0xb0
[  746.566647][T16010]  __se_sys_mount+0x18b/0x420
[  746.566683][T16010]  ? __pfx___se_sys_mount+0x10/0x10
[  746.566714][T16010]  ? __x64_sys_mount+0x20/0xc0
[  746.566739][T16010]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.566764][T16010]  do_syscall_64+0x15f/0xf80
[  746.566794][T16010]  ? trace_irq_disable+0x3b/0x140
[  746.566817][T16010]  ? clear_bhb_loop+0x40/0x90
[  746.566847][T16010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.566871][T16010] RIP: 0033:0x7f0d8877c819
[  746.566894][T16010] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  746.566914][T16010] RSP: 002b:00007f0d869ce028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  746.566940][T16010] RAX: ffffffffffffffda RBX: 00007f0d889f5fa0 RCX: 00007f0d8877c819
[  746.566960][T16010] RDX: 0000200000004fc0 RSI: 0000200000004f80 RDI: 0000000000000000
[  746.566976][T16010] RBP: 00007f0d869ce090 R08: 0000200000000200 R09: 0000000000000000
[  746.566992][T16010] R10: 0000000000004481 R11: 0000000000000246 R12: 0000000000000001
[  746.567007][T16010] R13: 00007f0d889f6038 R14: 00007f0d889f5fa0 R15: 00007fffb00f7fd8
[  746.567043][T16010]  </TASK>
[  746.571298][ T1864] lan78xx 6-1:1.0: probe with driver lan78xx failed with error -71
[  746.611408][T16010] tmpfs: Bad value for 'mpol'
[  746.709618][T16012] FAULT_INJECTION: forcing a failure.
[  746.709618][T16012] name failslab, interval 1, probability 0, space 0, times 0
[  746.709657][T16012] CPU: 1 UID: 0 PID: 16012 Comm: syz.5.3746 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  746.709686][T16012] Tainted: [L]=SOFTLOCKUP
[  746.709694][T16012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  746.709706][T16012] Call Trace:
[  746.709715][T16012]  <TASK>
[  746.709724][T16012]  dump_stack_lvl+0xe8/0x150
[  746.709762][T16012]  should_fail_ex+0x46b/0x600
[  746.709792][T16012]  should_failslab+0xa8/0x100
[  746.709815][T16012]  kmem_cache_alloc_noprof+0x87/0x680
[  746.709853][T16012]  ? dst_alloc+0x105/0x170
[  746.709881][T16012]  ? __pfx_ip6_dst_gc+0x10/0x10
[  746.709910][T16012]  dst_alloc+0x105/0x170
[  746.709939][T16012]  ip6_pol_route+0xafb/0x13d0
[  746.709969][T16012]  ? ip6_pol_route+0x160/0x13d0
[  746.710003][T16012]  ? __pfx_ip6_pol_route+0x10/0x10
[  746.710039][T16012]  ? __lock_acquire+0x6b5/0x2cf0
[  746.710073][T16012]  fib6_rule_lookup+0x556/0x730
[  746.710103][T16012]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  746.710133][T16012]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  746.710162][T16012]  ? inet6_ehashfn+0x2f/0x3b0
[  746.710190][T16012]  ? __inet6_lookup_established+0xbca/0xc60
[  746.710212][T16012]  ? unwind_next_frame+0xa6/0x2550
[  746.710250][T16012]  ip6_route_input+0x730/0xad0
[  746.710287][T16012]  ? __pfx_ip6_route_input+0x10/0x10
[  746.710347][T16012]  ? tcp_v6_early_demux+0x56e/0x970
[  746.710380][T16012]  ? ip6_rcv_finish_core+0x222/0x420
[  746.710408][T16012]  ip6_rcv_finish+0x141/0x280
[  746.710435][T16012]  NF_HOOK+0x336/0x3c0
[  746.710461][T16012]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  746.710484][T16012]  ? NF_HOOK+0x9e/0x3c0
[  746.710506][T16012]  ? __pfx_NF_HOOK+0x10/0x10
[  746.710532][T16012]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  746.710563][T16012]  ? netif_receive_skb+0x102/0xbf0
[  746.710592][T16012]  netif_receive_skb+0x278/0xbf0
[  746.710626][T16012]  ? __pfx_netif_receive_skb+0x10/0x10
[  746.710651][T16012]  ? rcu_is_watching+0x15/0xb0
[  746.710676][T16012]  ? __local_bh_disable_ip+0x3c/0x420
[  746.710709][T16012]  ? tun_rx_batched+0x191/0x760
[  746.710731][T16012]  ? tun_rx_batched+0x191/0x760
[  746.710758][T16012]  tun_rx_batched+0x1ee/0x760
[  746.710787][T16012]  ? __pfx_tun_rx_batched+0x10/0x10
[  746.710820][T16012]  ? tun_get_user+0x278d/0x4400
[  746.710844][T16012]  ? tun_get_user+0x278d/0x4400
[  746.710869][T16012]  ? __local_bh_enable_ip+0x1ae/0x2b0
[  746.710898][T16012]  ? lockdep_hardirqs_on+0x7a/0x110
[  746.710930][T16012]  tun_get_user+0x2bd1/0x4400
[  746.710951][T16012]  ? is_bpf_text_address+0x292/0x2b0
[  746.710984][T16012]  ? tun_get_user+0x278d/0x4400
[  746.711021][T16012]  ? __pfx_tun_get_user+0x10/0x10
[  746.711046][T16012]  ? __lock_acquire+0x6b5/0x2cf0
[  746.711086][T16012]  ? ref_tracker_alloc+0x332/0x4a0
[  746.711108][T16012]  ? get_pid_task+0x20/0x1f0
[  746.711133][T16012]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  746.711159][T16012]  ? tun_get+0x1c/0x2f0
[  746.711180][T16012]  ? tun_get+0x1c/0x2f0
[  746.711208][T16012]  ? tun_get+0x1c/0x2f0
[  746.711230][T16012]  ? tun_get+0x1c/0x2f0
[  746.711257][T16012]  tun_chr_write_iter+0x119/0x200
[  746.711282][T16012]  vfs_write+0x629/0xba0
[  746.711328][T16012]  ? __pfx_vfs_write+0x10/0x10
[  746.711369][T16012]  ? __fget_files+0x2a/0x420
[  746.711405][T16012]  ksys_write+0x156/0x270
[  746.711438][T16012]  ? __pfx_ksys_write+0x10/0x10
[  746.711477][T16012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.711500][T16012]  do_syscall_64+0x15f/0xf80
[  746.711524][T16012]  ? trace_irq_disable+0x3b/0x140
[  746.711546][T16012]  ? clear_bhb_loop+0x40/0x90
[  746.711573][T16012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.711594][T16012] RIP: 0033:0x7f35d314d04e
[  746.711614][T16012] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  746.711632][T16012] RSP: 002b:00007f35d13e5fb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  746.711654][T16012] RAX: ffffffffffffffda RBX: 00007f35d13e66c0 RCX: 00007f35d314d04e
[  746.711670][T16012] RDX: 000000000000004a RSI: 0000200000000000 RDI: 00000000000000c8
[  746.711683][T16012] RBP: 00007f35d13e6090 R08: 0000000000000000 R09: 0000000000000000
[  746.711696][T16012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  746.711709][T16012] R13: 00007f35d3406038 R14: 00007f35d3405fa0 R15: 00007fffacc2e338
[  746.711744][T16012]  </TASK>
[  746.828591][ T1864] usb 6-1: USB disconnect, device number 2
[  746.998064][T16016] binder: 16015:16016 ioctl c0306201 0 returned -14
[  747.052497][T16016] FAULT_INJECTION: forcing a failure.
[  747.052497][T16016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  747.052535][T16016] CPU: 1 UID: 0 PID: 16016 Comm: syz.6.3748 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  747.052564][T16016] Tainted: [L]=SOFTLOCKUP
[  747.052572][T16016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  747.052585][T16016] Call Trace:
[  747.052594][T16016]  <TASK>
[  747.052602][T16016]  dump_stack_lvl+0xe8/0x150
[  747.052640][T16016]  should_fail_ex+0x46b/0x600
[  747.052669][T16016]  _copy_from_user+0x2d/0xb0
[  747.052695][T16016]  binder_ioctl_write_read+0xadd/0xa490
[  747.052719][T16016]  ? is_bpf_text_address+0x26/0x2b0
[  747.052758][T16016]  ? __kernel_text_address+0xd/0x30
[  747.052801][T16016]  ? __pfx_binder_ioctl_write_read+0x10/0x10
[  747.052825][T16016]  ? stack_depot_save_flags+0x33/0x810
[  747.052858][T16016]  ? do_raw_spin_lock+0x12b/0x2f0
[  747.052896][T16016]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  747.052918][T16016]  ? reacquire_held_locks+0x104/0x190
[  747.052945][T16016]  ? rt_spin_lock+0x1e0/0x400
[  747.052966][T16016]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  747.052989][T16016]  ? rt_spin_unlock+0x14f/0x200
[  747.053018][T16016]  ? binder_get_thread+0x177/0x6d0
[  747.053043][T16016]  binder_ioctl+0x426/0x1b10
[  747.053063][T16016]  ? tomoyo_path_number_perm+0x219/0x630
[  747.053098][T16016]  ? tomoyo_path_number_perm+0x219/0x630
[  747.053129][T16016]  ? do_vfs_ioctl+0x117b/0x1540
[  747.053150][T16016]  ? __pfx_binder_ioctl+0x10/0x10
[  747.053171][T16016]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  747.053190][T16016]  ? __pfx_smack_log+0x10/0x10
[  747.053214][T16016]  ? smk_access+0x14c/0x4e0
[  747.053243][T16016]  ? smk_tskacc+0x311/0x3a0
[  747.053271][T16016]  ? smack_file_ioctl+0x2c2/0x360
[  747.053300][T16016]  ? __pfx_smack_file_ioctl+0x10/0x10
[  747.053345][T16016]  ? __fget_files+0x2a/0x420
[  747.053369][T16016]  ? __fget_files+0x3a6/0x420
[  747.053394][T16016]  ? __fget_files+0x2a/0x420
[  747.053421][T16016]  ? bpf_lsm_file_ioctl+0x9/0x20
[  747.053442][T16016]  ? __pfx_binder_ioctl+0x10/0x10
[  747.053462][T16016]  __se_sys_ioctl+0xff/0x170
[  747.053492][T16016]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.053514][T16016]  do_syscall_64+0x15f/0xf80
[  747.053538][T16016]  ? trace_irq_disable+0x3b/0x140
[  747.053559][T16016]  ? clear_bhb_loop+0x40/0x90
[  747.053583][T16016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.053604][T16016] RIP: 0033:0x7f0d8877c819
[  747.053624][T16016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  747.053643][T16016] RSP: 002b:00007f0d869ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  747.053666][T16016] RAX: ffffffffffffffda RBX: 00007f0d889f5fa0 RCX: 00007f0d8877c819
[  747.053682][T16016] RDX: 0000200000000180 RSI: 00000000c0306201 RDI: 0000000000000003
[  747.053696][T16016] RBP: 00007f0d869ce090 R08: 0000000000000000 R09: 0000000000000000
[  747.053710][T16016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.053723][T16016] R13: 00007f0d889f6038 R14: 00007f0d889f5fa0 R15: 00007fffb00f7fd8
[  747.053755][T16016]  </TASK>
[  747.075161][T16016] binder: 16015:16016 ioctl c0306201 200000000180 returned -14
[  747.635347][ T1328] ieee802154 phy0 wpan0: encryption failed: -22
[  747.635430][ T1328] ieee802154 phy1 wpan1: encryption failed: -22
[  747.763223][T16030] FAULT_INJECTION: forcing a failure.
[  747.763223][T16030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  747.763265][T16030] CPU: 0 UID: 0 PID: 16030 Comm: syz.7.3754 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  747.763296][T16030] Tainted: [L]=SOFTLOCKUP
[  747.763304][T16030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  747.763318][T16030] Call Trace:
[  747.763328][T16030]  <TASK>
[  747.763338][T16030]  dump_stack_lvl+0xe8/0x150
[  747.763378][T16030]  should_fail_ex+0x46b/0x600
[  747.763424][T16030]  _copy_from_iter+0x1d3/0x1670
[  747.763459][T16030]  ? trace_kmem_cache_alloc+0x29/0xe0
[  747.763492][T16030]  ? __alloc_skb+0x27d/0x7d0
[  747.763526][T16030]  ? __pfx__copy_from_iter+0x10/0x10
[  747.763550][T16030]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  747.763584][T16030]  ? __alloc_skb+0x27d/0x7d0
[  747.763637][T16030]  ? netlink_sendmsg+0x650/0xb40
[  747.763658][T16030]  ? skb_put+0x11b/0x210
[  747.763691][T16030]  netlink_sendmsg+0x6c0/0xb40
[  747.763722][T16030]  ? __pfx_netlink_sendmsg+0x10/0x10
[  747.763753][T16030]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  747.763788][T16030]  ____sys_sendmsg+0x94c/0x9c0
[  747.763820][T16030]  ? __pfx_____sys_sendmsg+0x10/0x10
[  747.763854][T16030]  ? import_iovec+0x73/0xa0
[  747.763884][T16030]  ___sys_sendmsg+0x2a5/0x360
[  747.763906][T16030]  ? __lock_acquire+0x6b5/0x2cf0
[  747.763937][T16030]  ? __pfx____sys_sendmsg+0x10/0x10
[  747.763997][T16030]  ? __fget_files+0x2a/0x420
[  747.764025][T16030]  ? __fget_files+0x3a6/0x420
[  747.764061][T16030]  __x64_sys_sendmsg+0x1c3/0x2a0
[  747.764089][T16030]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  747.764125][T16030]  ? __pfx_ksys_write+0x10/0x10
[  747.764165][T16030]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.764189][T16030]  do_syscall_64+0x15f/0xf80
[  747.764216][T16030]  ? trace_irq_disable+0x3b/0x140
[  747.764238][T16030]  ? clear_bhb_loop+0x40/0x90
[  747.764266][T16030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.764289][T16030] RIP: 0033:0x7f8020fcc819
[  747.764312][T16030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  747.764334][T16030] RSP: 002b:00007f801f21e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  747.764359][T16030] RAX: ffffffffffffffda RBX: 00007f8021245fa0 RCX: 00007f8020fcc819
[  747.764376][T16030] RDX: 000000000000c840 RSI: 00002000000012c0 RDI: 0000000000000003
[  747.764400][T16030] RBP: 00007f801f21e090 R08: 0000000000000000 R09: 0000000000000000
[  747.764415][T16030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.764430][T16030] R13: 00007f8021246038 R14: 00007f8021245fa0 R15: 00007ffdfbb5b928
[  747.764465][T16030]  </TASK>
[  747.977087][T15893] hsr_slave_0: entered promiscuous mode
[  748.008177][T15893] hsr_slave_1: entered promiscuous mode
[  748.016877][T15893] debugfs: 'hsr0' already exists in 'hsr'
[  748.016907][T15893] Cannot create hsr debugfs directory
[  748.179985][ T5819] Bluetooth: hci0: command tx timeout
[  748.730617][ T6025] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  749.214119][T16047] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  749.303123][ T6025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  749.303178][ T6025] usb 6-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00
[  749.303205][ T6025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.432404][ T6025] usb 6-1: config 0 descriptor??
[  749.478043][T16038] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  749.960665][ T6025] hid (null): unknown global tag 0xe1
[  749.962645][ T6025] hid (null): unknown global tag 0x2a
[  749.965680][ T6025] hid (null): global environment stack underflow
[  749.997059][ T6025] hid_parser_main: 113 callbacks suppressed
[  749.997089][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997122][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997150][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997177][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997206][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997233][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997260][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997297][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997324][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.997352][ T6025] asus 0003:0B05:1ABE.0014: unknown main item tag 0x0
[  749.999197][ T6025] asus 0003:0B05:1ABE.0014: unexpected long global item
[  750.083771][ T6025] asus 0003:0B05:1ABE.0014: Asus hid parse failed: -22
[  750.084716][ T6025] asus 0003:0B05:1ABE.0014: probe with driver asus failed with error -22
[  750.375405][ T5942] usb 6-1: USB disconnect, device number 3
[  750.847523][T15893] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  751.230017][ T7726] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  751.380229][ T7726] usb 8-1: Using ep0 maxpacket: 16
[  751.382716][ T7726] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  751.382775][ T7726] usb 8-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00
[  751.382804][ T7726] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.501609][ T7726] usb 8-1: config 0 descriptor??
[  751.610476][T16072] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  752.054660][ T7726] hid (null): bogus close delimiter
[  752.132909][ T7726] logitech-djreceiver 0003:046D:C52B.0015: bogus close delimiter
[  752.132936][ T7726] logitech-djreceiver 0003:046D:C52B.0015: item 0 2 2 10 parsing failed
[  752.138820][ T7726] logitech-djreceiver 0003:046D:C52B.0015: logi_dj_probe: parse failed
[  752.138912][ T7726] logitech-djreceiver 0003:046D:C52B.0015: probe with driver logitech-djreceiver failed with error -22
[  752.403613][ T7726] usb 8-1: USB disconnect, device number 4
[  752.717097][T15893] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.122801][T16110] FAULT_INJECTION: forcing a failure.
[  753.122801][T16110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  753.122829][T16110] CPU: 1 UID: 0 PID: 16110 Comm: syz.2.3787 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  753.122848][T16110] Tainted: [L]=SOFTLOCKUP
[  753.122853][T16110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  753.122861][T16110] Call Trace:
[  753.122867][T16110]  <TASK>
[  753.122874][T16110]  dump_stack_lvl+0xe8/0x150
[  753.122899][T16110]  should_fail_ex+0x46b/0x600
[  753.122918][T16110]  _copy_from_user+0x2d/0xb0
[  753.122935][T16110]  do_sys_poll+0x2a0/0xf50
[  753.122959][T16110]  ? __lock_acquire+0x6b5/0x2cf0
[  753.122974][T16110]  ? __pfx_do_sys_poll+0x10/0x10
[  753.122991][T16110]  ? is_bpf_text_address+0x292/0x2b0
[  753.123007][T16110]  ? is_bpf_text_address+0x26/0x2b0
[  753.123073][T16110]  ? set_user_sigmask+0xcd/0x1c0
[  753.123094][T16110]  ? __pfx_set_user_sigmask+0x10/0x10
[  753.123116][T16110]  ? kmem_cache_free+0x187/0x6c0
[  753.123129][T16110]  ? do_sys_openat2+0x14c/0x200
[  753.123149][T16110]  __se_sys_ppoll+0x209/0x2b0
[  753.123167][T16110]  ? __pfx___se_sys_ppoll+0x10/0x10
[  753.123182][T16110]  ? __pfx_ksys_write+0x10/0x10
[  753.123205][T16110]  ? __x64_sys_ppoll+0x20/0xc0
[  753.123219][T16110]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.123233][T16110]  do_syscall_64+0x15f/0xf80
[  753.123250][T16110]  ? trace_irq_disable+0x3b/0x140
[  753.123263][T16110]  ? clear_bhb_loop+0x40/0x90
[  753.123279][T16110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.123292][T16110] RIP: 0033:0x7f8cc20cc819
[  753.123305][T16110] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  753.123317][T16110] RSP: 002b:00007f8cc0326028 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  753.123332][T16110] RAX: ffffffffffffffda RBX: 00007f8cc2345fa0 RCX: 00007f8cc20cc819
[  753.123342][T16110] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  753.123360][T16110] RBP: 00007f8cc0326090 R08: 0000000000000000 R09: 0000000000000000
[  753.123368][T16110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  753.123376][T16110] R13: 00007f8cc2346038 R14: 00007f8cc2345fa0 R15: 00007ffccf603c98
[  753.123395][T16110]  </TASK>
[  753.229737][T16104] 9p: Invalid gid '0x00000000ffffffff'
[  753.832142][T15893] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.012699][T16136] FAULT_INJECTION: forcing a failure.
[  754.012699][T16136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  754.012741][T16136] CPU: 0 UID: 0 PID: 16136 Comm: syz.7.3798 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  754.012780][T16136] Tainted: [L]=SOFTLOCKUP
[  754.012789][T16136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  754.012803][T16136] Call Trace:
[  754.012813][T16136]  <TASK>
[  754.012825][T16136]  dump_stack_lvl+0xe8/0x150
[  754.012870][T16136]  should_fail_ex+0x46b/0x600
[  754.012903][T16136]  _copy_to_user+0x31/0xb0
[  754.012935][T16136]  simple_read_from_buffer+0xe1/0x170
[  754.012970][T16136]  proc_fail_nth_read+0x1be/0x230
[  754.013003][T16136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  754.013037][T16136]  ? rw_verify_area+0x2ac/0x4e0
[  754.013067][T16136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  754.013098][T16136]  vfs_read+0x212/0xa80
[  754.013138][T16136]  ? __pfx_vfs_read+0x10/0x10
[  754.013174][T16136]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  754.013205][T16136]  ? lockdep_hardirqs_on+0x7a/0x110
[  754.013235][T16136]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  754.013264][T16136]  ? mutex_lock_nested+0x152/0x1d0
[  754.013299][T16136]  ? fdget_pos+0x252/0x320
[  754.013338][T16136]  ksys_read+0x156/0x270
[  754.013384][T16136]  ? __pfx_ksys_read+0x10/0x10
[  754.013416][T16136]  ? __pfx_usbdev_ioctl+0x10/0x10
[  754.013448][T16136]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.013474][T16136]  do_syscall_64+0x15f/0xf80
[  754.013503][T16136]  ? trace_irq_disable+0x3b/0x140
[  754.013527][T16136]  ? clear_bhb_loop+0x40/0x90
[  754.013557][T16136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.013581][T16136] RIP: 0033:0x7f8020f8d04e
[  754.013611][T16136] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  754.013633][T16136] RSP: 002b:00007f801f21dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  754.013660][T16136] RAX: ffffffffffffffda RBX: 00007f801f21e6c0 RCX: 00007f8020f8d04e
[  754.013677][T16136] RDX: 000000000000000f RSI: 00007f801f21e0a0 RDI: 0000000000000005
[  754.013694][T16136] RBP: 00007f801f21e090 R08: 0000000000000000 R09: 0000000000000000
[  754.013710][T16136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  754.013725][T16136] R13: 00007f8021246038 R14: 00007f8021245fa0 R15: 00007ffdfbb5b928
[  754.013763][T16136]  </TASK>
[  754.718882][T16144] ALSA: mixer_oss: invalid OSS volume ''
[  755.096468][T15893] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  755.518880][T16180] FAULT_INJECTION: forcing a failure.
[  755.518880][T16180] name failslab, interval 1, probability 0, space 0, times 0
[  755.518922][T16180] CPU: 0 UID: 0 PID: 16180 Comm: syz.5.3810 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  755.518956][T16180] Tainted: [L]=SOFTLOCKUP
[  755.518965][T16180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  755.518978][T16180] Call Trace:
[  755.518988][T16180]  <TASK>
[  755.518999][T16180]  dump_stack_lvl+0xe8/0x150
[  755.519043][T16180]  should_fail_ex+0x46b/0x600
[  755.519075][T16180]  should_failslab+0xa8/0x100
[  755.519100][T16180]  kmem_cache_alloc_noprof+0x87/0x680
[  755.519135][T16180]  ? rcu_is_watching+0x15/0xb0
[  755.519164][T16180]  ? security_file_alloc+0x34/0x310
[  755.519204][T16180]  security_file_alloc+0x34/0x310
[  755.519240][T16180]  init_file+0x96/0x2d0
[  755.519268][T16180]  alloc_empty_file+0x74/0x1d0
[  755.519306][T16180]  path_openat+0x11b/0x38a0
[  755.519349][T16180]  ? try_to_take_rt_mutex+0x840/0xb00
[  755.519375][T16180]  ? arch_stack_walk+0xfb/0x150
[  755.519415][T16180]  ? __lock_acquire+0x6b5/0x2cf0
[  755.519447][T16180]  ? __pfx_path_openat+0x10/0x10
[  755.519484][T16180]  ? kasan_save_track+0x4f/0x80
[  755.519515][T16180]  ? kasan_save_track+0x3e/0x80
[  755.519545][T16180]  ? __kasan_slab_alloc+0x6c/0x80
[  755.519577][T16180]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  755.519620][T16180]  ? do_raw_spin_lock+0x12b/0x2f0
[  755.519654][T16180]  do_file_open+0x23e/0x4a0
[  755.519688][T16180]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  755.519722][T16180]  ? __pfx_do_file_open+0x10/0x10
[  755.519754][T16180]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  755.519804][T16180]  ? alloc_fd+0x64e/0x6c0
[  755.519847][T16180]  do_sys_openat2+0x113/0x200
[  755.519879][T16180]  ? __pfx_do_sys_openat2+0x10/0x10
[  755.519907][T16180]  ? ksys_write+0x248/0x270
[  755.519940][T16180]  ? __pfx_ksys_write+0x10/0x10
[  755.519973][T16180]  __x64_sys_openat+0x138/0x170
[  755.520004][T16180]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.520028][T16180]  do_syscall_64+0x15f/0xf80
[  755.520055][T16180]  ? trace_irq_disable+0x3b/0x140
[  755.520077][T16180]  ? clear_bhb_loop+0x40/0x90
[  755.520104][T16180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.520125][T16180] RIP: 0033:0x7f35d314d04e
[  755.520147][T16180] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  755.520167][T16180] RSP: 002b:00007f35d13c4b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  755.520193][T16180] RAX: ffffffffffffffda RBX: 00007f35d13c56c0 RCX: 00007f35d314d04e
[  755.520209][T16180] RDX: 0000000000101301 RSI: 00007f35d13c4c00 RDI: ffffffffffffff9c
[  755.520225][T16180] RBP: 00007f35d13c4c00 R08: 0000000000000000 R09: 0000000000000000
[  755.520239][T16180] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  755.520254][T16180] R13: 00007f35d3406128 R14: 00007f35d3406090 R15: 00007fffacc2e338
[  755.520290][T16180]  </TASK>
[  756.190016][ T5942] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  756.295848][   T37] kauditd_printk_skb: 144 callbacks suppressed
[  756.295870][   T37] audit: type=1326 audit(1776582546.677:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16188 comm="syz.7.3813" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8020fcc819 code=0x0
[  756.423421][ T5942] usb 7-1: config 0 has an invalid interface number: 64 but max is 0
[  756.423458][ T5942] usb 7-1: config 0 has no interface number 0
[  756.426702][ T5942] usb 7-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  756.426737][ T5942] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  756.426760][ T5942] usb 7-1: Product: syz
[  756.426777][ T5942] usb 7-1: Manufacturer: syz
[  756.426794][ T5942] usb 7-1: SerialNumber: syz
[  756.439701][ T5942] usb 7-1: config 0 descriptor??
[  756.674569][ T5942] uvcvideo 7-1:0.64: Found UVC 0.08 device syz (046d:0823)
[  756.674613][ T5942] uvcvideo 7-1:0.64: No valid video chain found.
[  756.683051][ T5942] usb 7-1: USB disconnect, device number 7
[  756.894602][T15893] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  756.895157][T16197] FAULT_INJECTION: forcing a failure.
[  756.895157][T16197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  756.895193][T16197] CPU: 1 UID: 0 PID: 16197 Comm: syz.2.3815 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  756.895224][T16197] Tainted: [L]=SOFTLOCKUP
[  756.895232][T16197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  756.895244][T16197] Call Trace:
[  756.895251][T16197]  <TASK>
[  756.895258][T16197]  dump_stack_lvl+0xe8/0x150
[  756.895283][T16197]  should_fail_ex+0x46b/0x600
[  756.895301][T16197]  _copy_from_user+0x2d/0xb0
[  756.895318][T16197]  video_usercopy+0x36f/0x1450
[  756.895343][T16197]  ? smk_tskacc+0x311/0x3a0
[  756.895364][T16197]  ? __pfx___video_do_ioctl+0x10/0x10
[  756.895379][T16197]  ? __pfx_video_usercopy+0x10/0x10
[  756.895391][T16197]  ? smack_file_ioctl+0x2c2/0x360
[  756.895416][T16197]  ? __fget_files+0x2a/0x420
[  756.895432][T16197]  ? __fget_files+0x3a6/0x420
[  756.895450][T16197]  v4l2_ioctl+0x190/0x1e0
[  756.895478][T16197]  ? __pfx_v4l2_ioctl+0x10/0x10
[  756.895510][T16197]  __se_sys_ioctl+0xff/0x170
[  756.895544][T16197]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.895570][T16197]  do_syscall_64+0x15f/0xf80
[  756.895596][T16197]  ? trace_irq_disable+0x3b/0x140
[  756.895619][T16197]  ? clear_bhb_loop+0x40/0x90
[  756.895646][T16197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.895666][T16197] RIP: 0033:0x7f8cc20cc819
[  756.895680][T16197] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  756.895692][T16197] RSP: 002b:00007f8cc0326028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  756.895707][T16197] RAX: ffffffffffffffda RBX: 00007f8cc2345fa0 RCX: 00007f8cc20cc819
[  756.895718][T16197] RDX: 0000200000000180 RSI: 00000000c0cc5615 RDI: 0000000000000003
[  756.895726][T16197] RBP: 00007f8cc0326090 R08: 0000000000000000 R09: 0000000000000000
[  756.895735][T16197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  756.895748][T16197] R13: 00007f8cc2346038 R14: 00007f8cc2345fa0 R15: 00007ffccf603c98
[  756.895768][T16197]  </TASK>
[  757.185080][T15893] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  757.186136][T15893] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  757.501604][T15893] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  757.513277][T15893] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  757.578379][T15893] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  757.579640][T15893] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  757.653862][T15893] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  758.301706][T16232] FAULT_INJECTION: forcing a failure.
[  758.301706][T16232] name failslab, interval 1, probability 0, space 0, times 0
[  758.301734][T16232] CPU: 1 UID: 0 PID: 16232 Comm: syz.2.3826 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  758.301753][T16232] Tainted: [L]=SOFTLOCKUP
[  758.301758][T16232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  758.301767][T16232] Call Trace:
[  758.301772][T16232]  <TASK>
[  758.301778][T16232]  dump_stack_lvl+0xe8/0x150
[  758.301805][T16232]  should_fail_ex+0x46b/0x600
[  758.301823][T16232]  should_failslab+0xa8/0x100
[  758.301837][T16232]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  758.301857][T16232]  ? __alloc_skb+0x1d0/0x7d0
[  758.301876][T16232]  ? lockdep_hardirqs_on+0x7a/0x110
[  758.301896][T16232]  __alloc_skb+0x1d0/0x7d0
[  758.301918][T16232]  netlink_sendmsg+0x5d4/0xb40
[  758.301936][T16232]  ? __pfx_netlink_sendmsg+0x10/0x10
[  758.301950][T16232]  ? unwind_get_return_address+0x4d/0x90
[  758.301967][T16232]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  758.301997][T16232]  ____sys_sendmsg+0x94c/0x9c0
[  758.302015][T16232]  ? __pfx_____sys_sendmsg+0x10/0x10
[  758.302034][T16232]  ? import_iovec+0x73/0xa0
[  758.302052][T16232]  ___sys_sendmsg+0x2a5/0x360
[  758.302066][T16232]  ? __lock_acquire+0x6b5/0x2cf0
[  758.302084][T16232]  ? __pfx____sys_sendmsg+0x10/0x10
[  758.302122][T16232]  ? __fget_files+0x2a/0x420
[  758.302139][T16232]  ? __fget_files+0x3a6/0x420
[  758.302160][T16232]  __x64_sys_sendmsg+0x1c3/0x2a0
[  758.302176][T16232]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  758.302205][T16232]  ? __pfx_ksys_write+0x10/0x10
[  758.302229][T16232]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.302243][T16232]  do_syscall_64+0x15f/0xf80
[  758.302259][T16232]  ? trace_irq_disable+0x3b/0x140
[  758.302272][T16232]  ? clear_bhb_loop+0x40/0x90
[  758.302288][T16232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  758.302301][T16232] RIP: 0033:0x7f8cc20cc819
[  758.302315][T16232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  758.302327][T16232] RSP: 002b:00007f8cc0326028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  758.302342][T16232] RAX: ffffffffffffffda RBX: 00007f8cc2345fa0 RCX: 00007f8cc20cc819
[  758.302352][T16232] RDX: 0000000000004004 RSI: 0000200000000080 RDI: 0000000000000003
[  758.302361][T16232] RBP: 00007f8cc0326090 R08: 0000000000000000 R09: 0000000000000000
[  758.302369][T16232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  758.302377][T16232] R13: 00007f8cc2346038 R14: 00007f8cc2345fa0 R15: 00007ffccf603c98
[  758.302396][T16232]  </TASK>
[  758.532369][T15893] 8021q: adding VLAN 0 to HW filter on device bond0
[  758.651261][T16235] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  758.897851][T15893] 8021q: adding VLAN 0 to HW filter on device team0
[  758.948198][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  759.051033][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  759.097008][ T1049] bridge0: port 2(bridge_slave_1) entered blocking state
[  759.097172][ T1049] bridge0: port 2(bridge_slave_1) entered forwarding state
[  760.414220][T16275] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  760.513562][T16275] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  760.513885][T16275] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  760.579517][T16275] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  760.624309][T16275] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  760.624424][T16275] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  760.645998][T15893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  760.724493][T16275] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  760.838710][T16275] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  760.838805][T16275] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  760.900487][T15893] veth0_vlan: entered promiscuous mode
[  760.938523][T15893] veth1_vlan: entered promiscuous mode
[  761.042235][T16275] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  761.069449][T15893] veth0_macvtap: entered promiscuous mode
[  761.097486][T15893] veth1_macvtap: entered promiscuous mode
[  761.144593][T16275] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  761.144696][T16275] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  761.305222][T16284] FAULT_INJECTION: forcing a failure.
[  761.305222][T16284] name failslab, interval 1, probability 0, space 0, times 0
[  761.305264][T16284] CPU: 1 UID: 0 PID: 16284 Comm: syz.5.3843 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  761.305306][T16284] Tainted: [L]=SOFTLOCKUP
[  761.305313][T16284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  761.305324][T16284] Call Trace:
[  761.305332][T16284]  <TASK>
[  761.305340][T16284]  dump_stack_lvl+0xe8/0x150
[  761.305374][T16284]  should_fail_ex+0x46b/0x600
[  761.305400][T16284]  should_failslab+0xa8/0x100
[  761.305420][T16284]  __kmalloc_noprof+0xdf/0x7b0
[  761.305447][T16284]  ? sock_kmalloc+0xd6/0x160
[  761.305473][T16284]  sock_kmalloc+0xd6/0x160
[  761.305496][T16284]  hash_recvmsg+0x1d4/0x840
[  761.305527][T16284]  ? __pfx_hash_recvmsg+0x10/0x10
[  761.305551][T16284]  sock_recvmsg_nosec+0x10c/0x140
[  761.305579][T16284]  ____sys_recvmsg+0x3ef/0x4b0
[  761.305609][T16284]  ? __pfx_____sys_recvmsg+0x10/0x10
[  761.305645][T16284]  ? import_iovec+0x73/0xa0
[  761.305672][T16284]  ___sys_recvmsg+0x215/0x590
[  761.305700][T16284]  ? __pfx____sys_recvmsg+0x10/0x10
[  761.305728][T16284]  ? __fget_files+0x2a/0x420
[  761.305784][T16284]  do_recvmmsg+0x33a/0x800
[  761.305812][T16284]  ? __pfx_do_recvmmsg+0x10/0x10
[  761.305849][T16284]  ? rt_mutex_slowunlock+0x1cb/0x300
[  761.305886][T16284]  __x64_sys_recvmmsg+0x198/0x250
[  761.305912][T16284]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  761.305942][T16284]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.305998][T16284]  do_syscall_64+0x15f/0xf80
[  761.306020][T16284]  ? trace_irq_disable+0x3b/0x140
[  761.306039][T16284]  ? clear_bhb_loop+0x40/0x90
[  761.306071][T16284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.306090][T16284] RIP: 0033:0x7f35d318c819
[  761.306110][T16284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  761.306126][T16284] RSP: 002b:00007f35d13c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  761.306147][T16284] RAX: ffffffffffffffda RBX: 00007f35d3406090 RCX: 00007f35d318c819
[  761.306161][T16284] RDX: 0000000000000600 RSI: 0000200000003700 RDI: 0000000000000005
[  761.306172][T16284] RBP: 00007f35d13c5090 R08: 0000000000000000 R09: 0000000000000000
[  761.306184][T16284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  761.306195][T16284] R13: 00007f35d3406128 R14: 00007f35d3406090 R15: 00007fffacc2e338
[  761.306226][T16284]  </TASK>
[  761.320603][T16275] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  761.327217][T15893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  761.395139][T15893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  761.804190][ T1145] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  761.808360][ T1145] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  761.839690][ T1145] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  761.853512][ T1145] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  762.662860][ T5819] Bluetooth: hci2: command 0x0406 tx timeout
[  762.673820][ T5819] Bluetooth: hci1: command 0x0c1a tx timeout
[  762.684399][ T5819] Bluetooth: hci4: command 0x0c1a tx timeout
[  762.919030][ T5819] Bluetooth: hci5: command 0x0c1a tx timeout
[  763.263337][ T5819] Bluetooth: hci0: command 0x0c1a tx timeout
[  764.784451][T16322] FAULT_INJECTION: forcing a failure.
[  764.784451][T16322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  764.784488][T16322] CPU: 0 UID: 0 PID: 16322 Comm: syz.2.3856 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  764.784518][T16322] Tainted: [L]=SOFTLOCKUP
[  764.784525][T16322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  764.784537][T16322] Call Trace:
[  764.784544][T16322]  <TASK>
[  764.784553][T16322]  dump_stack_lvl+0xe8/0x150
[  764.784595][T16322]  should_fail_ex+0x46b/0x600
[  764.784621][T16322]  _copy_to_user+0x31/0xb0
[  764.784646][T16322]  simple_read_from_buffer+0xe1/0x170
[  764.784675][T16322]  proc_fail_nth_read+0x1be/0x230
[  764.784703][T16322]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  764.784730][T16322]  ? rw_verify_area+0x2ac/0x4e0
[  764.784756][T16322]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  764.784781][T16322]  vfs_read+0x212/0xa80
[  764.784816][T16322]  ? __pfx_vfs_read+0x10/0x10
[  764.784846][T16322]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  764.784872][T16322]  ? lockdep_hardirqs_on+0x7a/0x110
[  764.784896][T16322]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  764.784919][T16322]  ? mutex_lock_nested+0x152/0x1d0
[  764.784946][T16322]  ? fdget_pos+0x252/0x320
[  764.784977][T16322]  ksys_read+0x156/0x270
[  764.785005][T16322]  ? __pfx_ksys_read+0x10/0x10
[  764.785032][T16322]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  764.785063][T16322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.785082][T16322]  do_syscall_64+0x15f/0xf80
[  764.785104][T16322]  ? trace_irq_disable+0x3b/0x140
[  764.785123][T16322]  ? clear_bhb_loop+0x40/0x90
[  764.785147][T16322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.785165][T16322] RIP: 0033:0x7f8cc208d04e
[  764.785183][T16322] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  764.785199][T16322] RSP: 002b:00007f8cc0325fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  764.785220][T16322] RAX: ffffffffffffffda RBX: 00007f8cc03266c0 RCX: 00007f8cc208d04e
[  764.785235][T16322] RDX: 000000000000000f RSI: 00007f8cc03260a0 RDI: 0000000000000004
[  764.785247][T16322] RBP: 00007f8cc0326090 R08: 0000000000000000 R09: 0000000000000000
[  764.785260][T16322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  764.785283][T16322] R13: 00007f8cc2346038 R14: 00007f8cc2345fa0 R15: 00007ffccf603c98
[  764.785313][T16322]  </TASK>
[  764.831543][ T5819] Bluetooth: hci4: command 0x0c1a tx timeout
[  764.866188][  T140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  764.866213][  T140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  765.003799][ T5819] Bluetooth: hci1: command 0x0c1a tx timeout
[  765.003843][ T5819] Bluetooth: hci5: command 0x0c1a tx timeout
[  765.308806][ T5819] Bluetooth: hci0: command 0x0c1a tx timeout
[  765.611854][ T1049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  765.611881][ T1049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  765.630891][T16331] vivid-001: disconnect
[  765.632008][T16330] vivid-001: reconnect
[  765.939981][ T5942] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  766.324966][ T5942] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  766.325010][ T5942] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  766.328139][ T5942] usb 7-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  766.328176][ T5942] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  766.328200][ T5942] usb 7-1: Manufacturer: syz
[  766.961423][ T5942] usb 7-1: config 0 descriptor??
[  767.052284][ T5819] Bluetooth: hci4: command 0x0c1a tx timeout
[  767.070652][ T5819] Bluetooth: hci5: command 0x0c1a tx timeout
[  767.422819][ T5819] Bluetooth: hci1: command 0x0c1a tx timeout
[  767.422866][ T5819] Bluetooth: hci0: command 0x0c1a tx timeout
[  767.987599][ T5942] hid (null): unknown global tag 0xe
[  768.094156][ T5942] cougar 0003:060B:700A.0016: unknown global tag 0xe
[  768.094187][ T5942] cougar 0003:060B:700A.0016: item 0 1 1 14 parsing failed
[  768.097174][ T5942] cougar 0003:060B:700A.0016: parse failed
[  768.097319][ T5942] cougar 0003:060B:700A.0016: probe with driver cougar failed with error -22
[  769.018265][ T5819] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  769.078723][ T5819] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  769.091775][ T5819] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  769.104734][ T5819] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  769.110468][ T5819] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  769.468694][   T10] usb 7-1: USB disconnect, device number 8
[  770.374625][T16391] FAULT_INJECTION: forcing a failure.
[  770.374625][T16391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  770.374667][T16391] CPU: 1 UID: 0 PID: 16391 Comm: syz.5.3881 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  770.374701][T16391] Tainted: [L]=SOFTLOCKUP
[  770.374709][T16391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  770.374724][T16391] Call Trace:
[  770.374733][T16391]  <TASK>
[  770.374743][T16391]  dump_stack_lvl+0xe8/0x150
[  770.374787][T16391]  should_fail_ex+0x46b/0x600
[  770.374819][T16391]  _copy_to_user+0x31/0xb0
[  770.374851][T16391]  do_pagemap_cmd+0xbaf/0xc50
[  770.374888][T16391]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  770.374939][T16391]  ? __fget_files+0x3a6/0x420
[  770.374967][T16391]  ? __fget_files+0x2a/0x420
[  770.375010][T16391]  ? bpf_lsm_file_ioctl+0x9/0x20
[  770.375034][T16391]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  770.375059][T16391]  __se_sys_ioctl+0xff/0x170
[  770.375091][T16391]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.375117][T16391]  do_syscall_64+0x15f/0xf80
[  770.375146][T16391]  ? trace_irq_disable+0x3b/0x140
[  770.375169][T16391]  ? clear_bhb_loop+0x40/0x90
[  770.375203][T16391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.375226][T16391] RIP: 0033:0x7f35d318c819
[  770.375249][T16391] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  770.375269][T16391] RSP: 002b:00007f35d13e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  770.375297][T16391] RAX: ffffffffffffffda RBX: 00007f35d3405fa0 RCX: 00007f35d318c819
[  770.375315][T16391] RDX: 0000200000000040 RSI: 00000000c0606610 RDI: 0000000000000003
[  770.375331][T16391] RBP: 00007f35d13e6090 R08: 0000000000000000 R09: 0000000000000000
[  770.375346][T16391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.375361][T16391] R13: 00007f35d3406038 R14: 00007f35d3405fa0 R15: 00007fffacc2e338
[  770.375396][T16391]  </TASK>
[  770.560100][   T36] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  770.710977][   T36] usb 7-1: Using ep0 maxpacket: 8
[  770.714247][   T36] usb 7-1: config 0 interface 0 altsetting 20 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  770.714285][   T36] usb 7-1: config 0 interface 0 altsetting 20 endpoint 0x81 has invalid wMaxPacketSize 0
[  770.714310][   T36] usb 7-1: config 0 interface 0 altsetting 20 endpoint 0x2 has an invalid bInterval 203, changing to 11
[  770.714340][   T36] usb 7-1: config 0 interface 0 has no altsetting 0
[  770.714379][   T36] usb 7-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  770.714403][   T36] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  770.805634][   T36] usb 7-1: config 0 descriptor??
[  771.140438][ T5815] Bluetooth: hci3: command tx timeout
[  771.160132][ T6025] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  771.220821][   T36] usb 7-1: string descriptor 0 read error: -71
[  771.241762][   T36] usbhid 7-1:0.0: can't add hid device: -71
[  771.241898][   T36] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  771.291101][   T36] usb 7-1: USB disconnect, device number 9
[  771.332284][ T6025] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  771.332326][ T6025] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  771.351097][ T6025] usb 8-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  771.351130][ T6025] usb 8-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  771.351151][ T6025] usb 8-1: Manufacturer: syz
[  771.460474][   T10] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  771.563545][ T6025] usb 8-1: config 0 descriptor??
[  771.610104][   T10] usb 1-1: Using ep0 maxpacket: 16
[  771.612625][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  771.612686][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  771.612716][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  771.612758][   T10] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  771.612785][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.677897][   T10] usb 1-1: config 0 descriptor??
[  772.147463][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  772.191671][   T10] hid-picolcd 0003:04D8:F002.0017: global environment stack underflow
[  772.191700][   T10] hid-picolcd 0003:04D8:F002.0017: item 0 4 1 11 parsing failed
[  772.194209][   T10] hid-picolcd 0003:04D8:F002.0017: device report parse failed
[  772.194329][   T10] hid-picolcd 0003:04D8:F002.0017: probe with driver hid-picolcd failed with error -22
[  772.411540][ T6025] hid (null): unknown global tag 0xe
[  772.484056][ T6025] cougar 0003:060B:700A.0018: unknown global tag 0xe
[  772.484076][ T6025] cougar 0003:060B:700A.0018: item 0 1 1 14 parsing failed
[  772.484586][ T6025] cougar 0003:060B:700A.0018: parse failed
[  772.484819][ T6025] cougar 0003:060B:700A.0018: probe with driver cougar failed with error -22
[  773.227363][ T5815] Bluetooth: hci3: command tx timeout
[  773.283031][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  773.328182][ T6025] usb 1-1: USB disconnect, device number 22
[  773.411597][T16422] FAULT_INJECTION: forcing a failure.
[  773.411597][T16422] name failslab, interval 1, probability 0, space 0, times 0
[  773.411643][T16422] CPU: 0 UID: 0 PID: 16422 Comm: syz.0.3892 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  773.411678][T16422] Tainted: [L]=SOFTLOCKUP
[  773.411686][T16422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  773.411701][T16422] Call Trace:
[  773.411711][T16422]  <TASK>
[  773.411721][T16422]  dump_stack_lvl+0xe8/0x150
[  773.411766][T16422]  should_fail_ex+0x46b/0x600
[  773.411799][T16422]  should_failslab+0xa8/0x100
[  773.411825][T16422]  __kmalloc_noprof+0xdf/0x7b0
[  773.411860][T16422]  ? sock_kmalloc+0xd6/0x160
[  773.411893][T16422]  sock_kmalloc+0xd6/0x160
[  773.411921][T16422]  skcipher_recvmsg+0x517/0x1140
[  773.411977][T16422]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  773.412009][T16422]  ? __lock_acquire+0x6b5/0x2cf0
[  773.412041][T16422]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  773.412064][T16422]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  773.412097][T16422]  ? security_socket_recvmsg+0x7e/0x2c0
[  773.412129][T16422]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  773.412171][T16422]  sock_recvmsg+0x172/0x1b0
[  773.412208][T16422]  ____sys_recvmsg+0x1f2/0x4b0
[  773.412244][T16422]  ? __pfx_____sys_recvmsg+0x10/0x10
[  773.412294][T16422]  ? import_iovec+0x73/0xa0
[  773.412326][T16422]  ___sys_recvmsg+0x215/0x590
[  773.412350][T16422]  ? get_pid_task+0x20/0x1f0
[  773.412382][T16422]  ? __pfx____sys_recvmsg+0x10/0x10
[  773.412413][T16422]  ? __fget_files+0x2a/0x420
[  773.412463][T16422]  ? __fget_files+0x3a6/0x420
[  773.412500][T16422]  __x64_sys_recvmsg+0x1c0/0x2a0
[  773.412528][T16422]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  773.412565][T16422]  ? __pfx_ksys_write+0x10/0x10
[  773.412600][T16422]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.412621][T16422]  do_syscall_64+0x15f/0xf80
[  773.412644][T16422]  ? trace_irq_disable+0x3b/0x140
[  773.412662][T16422]  ? clear_bhb_loop+0x40/0x90
[  773.412685][T16422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.412703][T16422] RIP: 0033:0x7f036a65c819
[  773.412722][T16422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  773.412738][T16422] RSP: 002b:00007f03688ae028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  773.412760][T16422] RAX: ffffffffffffffda RBX: 00007f036a8d5fa0 RCX: 00007f036a65c819
[  773.412774][T16422] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  773.412786][T16422] RBP: 00007f03688ae090 R08: 0000000000000000 R09: 0000000000000000
[  773.412798][T16422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  773.412809][T16422] R13: 00007f036a8d6038 R14: 00007f036a8d5fa0 R15: 00007fff94d2ae78
[  773.412840][T16422]  </TASK>
[  773.711148][T16418] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3889'.
[  773.990993][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.075026][   T31] usb 8-1: USB disconnect, device number 5
[  774.210052][T16364] chnl_net:caif_netlink_parms(): no params data found
[  774.400010][ T6025] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  774.563268][ T6025] usb 6-1: unable to get BOS descriptor or descriptor too short
[  774.563369][ T6025] usb 6-1: too many configurations: 77, using maximum allowed: 8
[  774.568423][ T6025] usb 6-1: unable to read config index 0 descriptor/start: -61
[  774.568468][ T6025] usb 6-1: can't read configurations, error -61
[  774.720015][ T6025] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  774.903181][ T6025] usb 6-1: unable to get BOS descriptor or descriptor too short
[  774.903343][ T6025] usb 6-1: too many configurations: 77, using maximum allowed: 8
[  774.913394][ T6025] usb 6-1: unable to read config index 0 descriptor/start: -61
[  774.913435][ T6025] usb 6-1: can't read configurations, error -61
[  774.913850][ T6025] usb usb6-port1: attempt power cycle
[  774.977670][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.101326][  T815] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  775.216459][   T31] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  775.251798][ T6025] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  775.252368][  T815] usb 1-1: Using ep0 maxpacket: 16
[  775.268792][  T815] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  775.268849][  T815] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.268883][  T815] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  775.268923][  T815] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  775.268948][  T815] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.273359][ T6025] usb 6-1: unable to get BOS descriptor or descriptor too short
[  775.273445][ T6025] usb 6-1: too many configurations: 77, using maximum allowed: 8
[  775.276069][ T6025] usb 6-1: unable to read config index 0 descriptor/start: -61
[  775.276104][ T6025] usb 6-1: can't read configurations, error -61
[  775.300007][ T5815] Bluetooth: hci3: command tx timeout
[  775.354456][  T815] usb 1-1: config 0 descriptor??
[  775.387084][T16364] bridge0: port 1(bridge_slave_0) entered blocking state
[  775.387239][T16364] bridge0: port 1(bridge_slave_0) entered disabled state
[  775.401707][   T31] usb 8-1: Using ep0 maxpacket: 16
[  775.403922][   T31] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  775.403970][   T31] usb 8-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00
[  775.403995][   T31] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.404865][T16364] bridge_slave_0: entered allmulticast mode
[  775.438892][T16364] bridge_slave_0: entered promiscuous mode
[  775.463583][ T6025] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  775.502782][T16364] bridge0: port 2(bridge_slave_1) entered blocking state
[  775.505132][T16364] bridge0: port 2(bridge_slave_1) entered disabled state
[  775.505523][T16364] bridge_slave_1: entered allmulticast mode
[  775.509430][ T6025] usb 6-1: unable to get BOS descriptor or descriptor too short
[  775.509536][ T6025] usb 6-1: too many configurations: 77, using maximum allowed: 8
[  775.565147][ T6025] usb 6-1: unable to read config index 0 descriptor/start: -61
[  775.565188][ T6025] usb 6-1: can't read configurations, error -61
[  775.654401][ T5815] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  775.657739][T16364] bridge_slave_1: entered promiscuous mode
[  775.664803][ T6025] usb usb6-port1: unable to enumerate USB device
[  775.684475][   T31] usb 8-1: config 0 descriptor??
[  775.685927][T16448] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22
[  776.082027][   T31] hid_parser_main: 454 callbacks suppressed
[  776.082059][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082093][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082190][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082266][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082363][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082391][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082419][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x4
[  776.082515][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082544][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.082570][   T31] logitech-djreceiver 0003:046D:C52B.0019: unknown main item tag 0x0
[  776.083201][   T31] logitech-djreceiver 0003:046D:C52B.0019: ignoring exceeding usage max
[  776.180547][   T31] logitech-djreceiver 0003:046D:C52B.0019: ignoring exceeding usage max
[  776.233738][   T31] logitech-djreceiver 0003:046D:C52B.0019: item fetching failed at offset 285/483
[  776.256574][   T31] logitech-djreceiver 0003:046D:C52B.0019: logi_dj_probe: parse failed
[  776.256743][   T31] logitech-djreceiver 0003:046D:C52B.0019: probe with driver logitech-djreceiver failed with error -22
[  776.506130][  T815] usbhid 1-1:0.0: can't add hid device: -71
[  776.506270][  T815] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  776.606106][  T815] usb 1-1: USB disconnect, device number 23
[  776.606270][   T31] usb 8-1: USB disconnect, device number 6
[  776.942290][T16364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  776.942770][T16460] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3904'.
[  776.953327][T16364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  777.344809][T16364] team0: Port device team_slave_0 added
[  777.380664][ T5815] Bluetooth: hci3: command tx timeout
[  777.622716][T16364] team0: Port device team_slave_1 added
[  778.361943][T16468] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  778.890171][   T10] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  779.017509][T16364] batman_adv: batadv0: Adding interface: batadv_slave_0
[  779.017531][T16364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  779.017563][T16364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  779.056790][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  779.056827][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  779.058356][   T10] usb 8-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  779.058384][   T10] usb 8-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  779.058404][   T10] usb 8-1: Manufacturer: syz
[  779.065215][   T10] usb 8-1: config 0 descriptor??
[  779.146149][  T814] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  779.317419][  T814] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  779.317529][  T814] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  779.317576][  T814] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.01
[  779.317604][  T814] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  779.455811][  T814] usb 1-1: config 0 descriptor??
[  779.668261][   T10] hid (null): unknown global tag 0xe
[  779.874585][   T10] cougar 0003:060B:700A.001A: unknown global tag 0xe
[  779.874618][   T10] cougar 0003:060B:700A.001A: item 0 1 1 14 parsing failed
[  779.884449][   T10] cougar 0003:060B:700A.001A: parse failed
[  779.884562][   T10] cougar 0003:060B:700A.001A: probe with driver cougar failed with error -22
[  779.908994][  T814] arvo 0003:1E7D:30D4.001B: item fetching failed at offset 5/7
[  779.910338][  T814] arvo 0003:1E7D:30D4.001B: parse failed
[  779.910415][  T814] arvo 0003:1E7D:30D4.001B: probe with driver arvo failed with error -22
[  779.949388][T16364] batman_adv: batadv0: Adding interface: batadv_slave_1
[  779.949409][T16364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  779.949442][T16364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  780.123037][ T1864] usb 1-1: USB disconnect, device number 24
[  780.536931][  T814] usb 8-1: USB disconnect, device number 7
[  780.656596][   T37] audit: type=1326 audit(1776582571.037:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.656757][   T37] audit: type=1326 audit(1776582571.037:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.657222][   T37] audit: type=1326 audit(1776582571.037:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.657370][   T37] audit: type=1326 audit(1776582571.037:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.657527][   T37] audit: type=1326 audit(1776582571.037:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.657663][   T37] audit: type=1326 audit(1776582571.037:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.657911][   T37] audit: type=1326 audit(1776582571.037:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.658099][   T37] audit: type=1326 audit(1776582571.037:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.658228][   T37] audit: type=1326 audit(1776582571.037:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.658408][   T37] audit: type=1326 audit(1776582571.037:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16493 comm="syz.0.3915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f036a65c819 code=0x7ffc0000
[  780.680385][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  780.752756][   T13] bridge_slave_1: left allmulticast mode
[  780.752786][   T13] bridge_slave_1: left promiscuous mode
[  780.753044][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  780.880589][    T9] usb 6-1: Using ep0 maxpacket: 16
[  780.885790][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  780.885931][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  780.885961][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  780.885999][    T9] usb 6-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  780.886022][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.893676][    T9] usb 6-1: config 0 descriptor??
[  780.916030][   T13] bridge_slave_0: left allmulticast mode
[  780.916060][   T13] bridge_slave_0: left promiscuous mode
[  780.916348][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  781.312905][    T9] hid-picolcd 0003:04D8:F002.001C: global environment stack underflow
[  781.312932][    T9] hid-picolcd 0003:04D8:F002.001C: item 0 4 1 11 parsing failed
[  781.313800][    T9] hid-picolcd 0003:04D8:F002.001C: device report parse failed
[  781.313911][    T9] hid-picolcd 0003:04D8:F002.001C: probe with driver hid-picolcd failed with error -22
[  781.503384][ T5815] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  782.462163][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  782.526285][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  782.563430][   T13] bond0 (unregistering): Released all slaves
[  782.582537][   T13] bond1 (unregistering): Released all slaves
[  782.599452][   T13] bond2 (unregistering): Released all slaves
[  782.700108][T16492] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3914'.
[  782.902084][T16364] hsr_slave_0: entered promiscuous mode
[  782.938736][T16364] hsr_slave_1: entered promiscuous mode
[  782.942898][T16364] debugfs: 'hsr0' already exists in 'hsr'
[  782.942932][T16364] Cannot create hsr debugfs directory
[  783.380811][   T31] usb 6-1: USB disconnect, device number 8
[  784.580833][T16514] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  785.200282][T16526] netlink: 'syz.5.3924': attribute type 1 has an invalid length.
[  785.200330][T16526] netlink: 'syz.5.3924': attribute type 3 has an invalid length.
[  785.200345][T16526] netlink: 212 bytes leftover after parsing attributes in process `syz.5.3924'.
[  785.285037][T16529] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3925'.
[  785.285069][T16529] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3925'.
[  785.429084][T16529] erspan0: entered promiscuous mode
[  785.430587][T16529] gretap0: entered promiscuous mode
[  785.628234][T16520] dvmrp0: entered allmulticast mode
[  785.927549][T16536] binder: 16535:16536 ioctl c0306201 0 returned -14
[  785.952353][ T5942] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  785.992343][T16536] binder: 16535:16536 ioctl 4010aeac 200000000080 returned -22
[  786.182563][ T5942] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  786.182625][ T5942] usb 6-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00
[  786.182654][ T5942] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.189136][ T5942] usb 6-1: config 0 descriptor??
[  786.191564][T16532] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  786.410959][T16539] netlink: 256 bytes leftover after parsing attributes in process `syz.7.3929'.
[  786.724195][ T5942] hid (null): unknown global tag 0xe1
[  786.729030][ T5942] hid (null): unknown global tag 0x2a
[  786.745288][ T5942] hid (null): global environment stack underflow
[  786.773939][ T5942] hid_parser_main: 201 callbacks suppressed
[  786.773966][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.773999][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774026][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774053][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774080][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774106][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774141][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774166][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774192][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.774217][ T5942] asus 0003:0B05:1ABE.001D: unknown main item tag 0x0
[  786.854642][ T5942] asus 0003:0B05:1ABE.001D: unexpected long global item
[  786.855557][ T5942] asus 0003:0B05:1ABE.001D: Asus hid parse failed: -22
[  786.855690][ T5942] asus 0003:0B05:1ABE.001D: probe with driver asus failed with error -22
[  786.993513][ T5942] usb 6-1: USB disconnect, device number 9
[  788.152073][   T13] hsr_slave_0: left promiscuous mode
[  788.201497][   T13] hsr_slave_1: left promiscuous mode
[  788.202691][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  788.202720][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  788.261700][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  788.261733][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  788.416878][T16575] FAULT_INJECTION: forcing a failure.
[  788.416878][T16575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  788.416923][T16575] CPU: 0 UID: 0 PID: 16575 Comm: syz.0.3936 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  788.416956][T16575] Tainted: [L]=SOFTLOCKUP
[  788.416965][T16575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  788.416978][T16575] Call Trace:
[  788.416987][T16575]  <TASK>
[  788.416998][T16575]  dump_stack_lvl+0xe8/0x150
[  788.417042][T16575]  should_fail_ex+0x46b/0x600
[  788.417072][T16575]  _copy_to_user+0x31/0xb0
[  788.417107][T16575]  simple_read_from_buffer+0xe1/0x170
[  788.417143][T16575]  proc_fail_nth_read+0x1be/0x230
[  788.417177][T16575]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  788.417211][T16575]  ? rw_verify_area+0x2ac/0x4e0
[  788.417244][T16575]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  788.417277][T16575]  vfs_read+0x212/0xa80
[  788.417319][T16575]  ? __pfx_vfs_read+0x10/0x10
[  788.417356][T16575]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  788.417393][T16575]  ? lockdep_hardirqs_on+0x7a/0x110
[  788.417421][T16575]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  788.417451][T16575]  ? mutex_lock_nested+0x152/0x1d0
[  788.417486][T16575]  ? fdget_pos+0x252/0x320
[  788.417524][T16575]  ksys_read+0x156/0x270
[  788.417561][T16575]  ? __pfx_ksys_read+0x10/0x10
[  788.417594][T16575]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  788.417632][T16575]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.417658][T16575]  do_syscall_64+0x15f/0xf80
[  788.417687][T16575]  ? trace_irq_disable+0x3b/0x140
[  788.417710][T16575]  ? clear_bhb_loop+0x40/0x90
[  788.417739][T16575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.417782][T16575] RIP: 0033:0x7f036a61d04e
[  788.417805][T16575] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  788.417834][T16575] RSP: 002b:00007f03688adfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  788.417858][T16575] RAX: ffffffffffffffda RBX: 00007f03688ae6c0 RCX: 00007f036a61d04e
[  788.417876][T16575] RDX: 000000000000000f RSI: 00007f03688ae0a0 RDI: 0000000000000004
[  788.417890][T16575] RBP: 00007f03688ae090 R08: 0000000000000000 R09: 0000000000000000
[  788.417906][T16575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  788.417920][T16575] R13: 00007f036a8d6038 R14: 00007f036a8d5fa0 R15: 00007fff94d2ae78
[  788.417955][T16575]  </TASK>
[  788.745110][   T13] veth1_macvtap: left promiscuous mode
[  788.745236][   T13] veth0_macvtap: left promiscuous mode
[  788.745510][   T13] veth1_vlan: left promiscuous mode
[  788.745597][   T13] veth0_vlan: left promiscuous mode
[  790.983727][   T13] team0 (unregistering): Port device team_slave_1 removed
[  791.080978][   T13] team0 (unregistering): Port device team_slave_0 removed
[  791.701676][  T815] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  791.854883][  T815] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  791.854909][  T815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.854922][  T815] usb 1-1: Product: syz
[  791.854932][  T815] usb 1-1: Manufacturer: syz
[  791.854941][  T815] usb 1-1: SerialNumber: syz
[  791.933676][  T815] usb 1-1: config 0 descriptor??
[  792.049961][ T5942] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  792.145630][  T815] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  792.206905][ T5942] usb 7-1: device descriptor read/64, error -71
[  792.211585][ T1864] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  792.360005][ T1864] usb 8-1: Using ep0 maxpacket: 16
[  792.362690][ T1864] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  792.362814][ T1864] usb 8-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00
[  792.362841][ T1864] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.482879][ T5942] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  792.645950][ T5467] 8021q: adding VLAN 0 to HW filter on device eth13
[  792.756640][ T1864] usb 8-1: config 0 descriptor??
[  792.766679][T16608] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22
[  792.841905][ T5942] usb 7-1: device descriptor read/64, error -71
[  792.960165][ T5942] usb usb7-port1: attempt power cycle
[  793.420296][ T5942] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  793.448188][ T5942] usb 7-1: device descriptor read/8, error -71
[  793.669047][  T814] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  793.701811][ T1864] hid (null): bogus close delimiter
[  793.789945][ T5942] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  793.811668][ T5942] usb 7-1: device descriptor read/8, error -71
[  793.844384][  T814] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 4
[  793.863165][  T814] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  793.863202][  T814] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  793.863226][  T814] usb 6-1: Product: syz
[  793.863243][  T814] usb 6-1: Manufacturer: syz
[  793.863259][  T814] usb 6-1: SerialNumber: syz
[  793.931144][ T5942] usb usb7-port1: unable to enumerate USB device
[  794.193738][  T815] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  794.317472][ T1864] hid_parser_main: 105 callbacks suppressed
[  794.317502][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317558][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317587][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317616][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317641][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317670][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317697][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x4
[  794.317747][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317764][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.317780][ T1864] logitech-djreceiver 0003:046D:C52B.001E: unknown main item tag 0x0
[  794.325857][ T1864] logitech-djreceiver 0003:046D:C52B.001E: bogus close delimiter
[  794.325880][ T1864] logitech-djreceiver 0003:046D:C52B.001E: item 0 2 2 10 parsing failed
[  794.347180][ T1864] logitech-djreceiver 0003:046D:C52B.001E: logi_dj_probe: parse failed
[  794.347264][ T1864] logitech-djreceiver 0003:046D:C52B.001E: probe with driver logitech-djreceiver failed with error -22
[  794.513209][  T815] usb 1-1: USB disconnect, device number 25
[  794.587800][ T1864] usb 8-1: USB disconnect, device number 8
[  794.841449][  T814] usb 6-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  794.911681][  T814] usb 6-1: found format II with max.bitrate = 0, frame size=5
[  794.911711][  T814] usb 6-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  795.030795][  T814] usb 6-1: USB disconnect, device number 10
[  795.138734][ T6724] udevd[6724]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  795.640443][T16624] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3948'.
[  795.672889][T16624] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3948'.
[  795.791747][ T5819] Bluetooth: hci0: command 0x0c1a tx timeout
[  798.901181][  T814] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  799.050022][  T814] usb 8-1: Using ep0 maxpacket: 32
[  799.052529][  T814] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  799.055739][  T814] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  799.055774][  T814] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  799.055808][  T814] usb 8-1: Product: syz
[  799.055825][  T814] usb 8-1: Manufacturer: syz
[  799.055841][  T814] usb 8-1: SerialNumber: syz
[  799.119445][  T814] usb 8-1: config 0 descriptor??
[  799.136293][  T814] smsc95xx 8-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  799.136628][  T814] smsc95xx 8-1:0.0: probe with driver smsc95xx failed with error -22
[  799.372072][  T814] usb 8-1: USB disconnect, device number 9
[  801.164421][T16697] FAULT_INJECTION: forcing a failure.
[  801.164421][T16697] name failslab, interval 1, probability 0, space 0, times 0
[  801.164469][T16697] CPU: 1 UID: 0 PID: 16697 Comm: syz.7.3965 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  801.164502][T16697] Tainted: [L]=SOFTLOCKUP
[  801.164511][T16697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  801.164525][T16697] Call Trace:
[  801.164535][T16697]  <TASK>
[  801.164545][T16697]  dump_stack_lvl+0xe8/0x150
[  801.164590][T16697]  should_fail_ex+0x46b/0x600
[  801.164623][T16697]  should_failslab+0xa8/0x100
[  801.164648][T16697]  __kmalloc_cache_noprof+0x84/0x690
[  801.164683][T16697]  ? mutex_lock_nested+0x152/0x1d0
[  801.164718][T16697]  ? rxrpc_lookup_local+0x578/0x15c0
[  801.164757][T16697]  ? rxrpc_lookup_local+0xc8/0x15c0
[  801.164792][T16697]  rxrpc_lookup_local+0x578/0x15c0
[  801.164833][T16697]  ? __pfx_rxrpc_lookup_local+0x10/0x10
[  801.164876][T16697]  ? __local_bh_enable+0x1e1/0x2f0
[  801.164920][T16697]  ? lockdep_hardirqs_on+0x7a/0x110
[  801.164956][T16697]  rxrpc_sendmsg+0x399/0x710
[  801.164993][T16697]  ____sys_sendmsg+0x94c/0x9c0
[  801.165027][T16697]  ? __pfx_____sys_sendmsg+0x10/0x10
[  801.165062][T16697]  ? import_iovec+0x73/0xa0
[  801.165087][T16697]  ___sys_sendmsg+0x2a5/0x360
[  801.165106][T16697]  ? __lock_acquire+0x6b5/0x2cf0
[  801.165131][T16697]  ? __pfx____sys_sendmsg+0x10/0x10
[  801.165181][T16697]  ? __fget_files+0x2a/0x420
[  801.165203][T16697]  ? __fget_files+0x3a6/0x420
[  801.165233][T16697]  __x64_sys_sendmsg+0x1c3/0x2a0
[  801.165256][T16697]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  801.165284][T16697]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.165310][T16697]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.165329][T16697]  do_syscall_64+0x15f/0xf80
[  801.165353][T16697]  ? clear_bhb_loop+0x40/0x90
[  801.165374][T16697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.165393][T16697] RIP: 0033:0x7f8020fcc819
[  801.165410][T16697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  801.165425][T16697] RSP: 002b:00007f801f1dc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  801.165445][T16697] RAX: ffffffffffffffda RBX: 00007f8021246180 RCX: 00007f8020fcc819
[  801.165458][T16697] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000008
[  801.165470][T16697] RBP: 00007f801f1dc090 R08: 0000000000000000 R09: 0000000000000000
[  801.165481][T16697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  801.165491][T16697] R13: 00007f8021246218 R14: 00007f8021246180 R15: 00007ffdfbb5b928
[  801.165520][T16697]  </TASK>
[  802.031694][T16699] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3967'.
[  802.031736][T16699] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3967'.
[  802.129354][    T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  802.341418][    T9] usb 1-1: Using ep0 maxpacket: 16
[  802.344523][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  802.344587][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  802.344620][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  802.344664][    T9] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  802.344690][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.456896][    T9] usb 1-1: config 0 descriptor??
[  803.595596][T16699] gretap0: entered promiscuous mode
[  803.616339][T16712] openvswitch: netlink: EtherType 50a is less than min 600
[  803.618219][ T5815] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  803.735103][T16699] gretap0: left promiscuous mode
[  803.845823][T16715] FAULT_INJECTION: forcing a failure.
[  803.845823][T16715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  803.845862][T16715] CPU: 1 UID: 0 PID: 16715 Comm: syz.7.3972 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  803.845890][T16715] Tainted: [L]=SOFTLOCKUP
[  803.845897][T16715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  803.845909][T16715] Call Trace:
[  803.845917][T16715]  <TASK>
[  803.845926][T16715]  dump_stack_lvl+0xe8/0x150
[  803.845960][T16715]  should_fail_ex+0x46b/0x600
[  803.845997][T16715]  _copy_to_user+0x31/0xb0
[  803.846027][T16715]  kvm_vcpu_ioctl_get_cpuid2+0x140/0x290
[  803.846067][T16715]  kvm_arch_vcpu_ioctl+0x176e/0x2ff0
[  803.846098][T16715]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  803.846119][T16715]  ? unwind_next_frame+0xa6/0x2550
[  803.846143][T16715]  ? is_bpf_text_address+0x26/0x2b0
[  803.846174][T16715]  ? is_bpf_text_address+0x26/0x2b0
[  803.846199][T16715]  ? is_bpf_text_address+0x292/0x2b0
[  803.846218][T16715]  ? is_bpf_text_address+0x26/0x2b0
[  803.846241][T16715]  ? kernel_text_address+0xa5/0xe0
[  803.846266][T16715]  ? __kernel_text_address+0xd/0x30
[  803.846288][T16715]  ? unwind_get_return_address+0x4d/0x90
[  803.846308][T16715]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  803.846328][T16715]  ? arch_stack_walk+0xfb/0x150
[  803.846361][T16715]  ? stack_trace_save+0xa9/0x100
[  803.846378][T16715]  ? __pfx_stack_trace_save+0x10/0x10
[  803.846395][T16715]  ? kasan_save_free_info+0x46/0x50
[  803.846422][T16715]  ? stack_depot_save_flags+0x33/0x810
[  803.846450][T16715]  ? kasan_save_track+0x4f/0x80
[  803.846474][T16715]  ? kasan_save_track+0x3e/0x80
[  803.846497][T16715]  ? kasan_save_free_info+0x46/0x50
[  803.846516][T16715]  ? __kasan_slab_free+0x5c/0x80
[  803.846539][T16715]  ? kfree+0x1c5/0x6c0
[  803.846561][T16715]  ? tomoyo_path_number_perm+0x501/0x630
[  803.846587][T16715]  ? security_file_ioctl+0xc3/0x2a0
[  803.846611][T16715]  ? __se_sys_ioctl+0x47/0x170
[  803.846638][T16715]  ? do_syscall_64+0x15f/0xf80
[  803.846659][T16715]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.846697][T16715]  ? __lock_acquire+0x6b5/0x2cf0
[  803.846755][T16715]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  803.846781][T16715]  ? lockdep_hardirqs_on+0x7a/0x110
[  803.846803][T16715]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  803.846825][T16715]  ? _mutex_lock_killable+0x152/0x1d0
[  803.846843][T16715]  ? kvm_vcpu_ioctl+0x283/0xfe0
[  803.846869][T16715]  kvm_vcpu_ioctl+0x7e7/0xfe0
[  803.846898][T16715]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  803.846926][T16715]  ? __asan_memset+0x22/0x50
[  803.846949][T16715]  ? smack_file_ioctl+0x331/0x360
[  803.846976][T16715]  ? __pfx_smack_file_ioctl+0x10/0x10
[  803.847022][T16715]  ? __fget_files+0x2a/0x420
[  803.847043][T16715]  ? __fget_files+0x3a6/0x420
[  803.847064][T16715]  ? __fget_files+0x2a/0x420
[  803.847091][T16715]  ? bpf_lsm_file_ioctl+0x9/0x20
[  803.847110][T16715]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  803.847132][T16715]  __se_sys_ioctl+0xff/0x170
[  803.847158][T16715]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.847178][T16715]  do_syscall_64+0x15f/0xf80
[  803.847199][T16715]  ? trace_irq_disable+0x3b/0x140
[  803.847217][T16715]  ? clear_bhb_loop+0x40/0x90
[  803.847239][T16715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.847257][T16715] RIP: 0033:0x7f8020fcc819
[  803.847276][T16715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  803.847292][T16715] RSP: 002b:00007f801f21e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  803.847313][T16715] RAX: ffffffffffffffda RBX: 00007f8021245fa0 RCX: 00007f8020fcc819
[  803.847326][T16715] RDX: 0000200000000040 RSI: 00000000c008ae91 RDI: 0000000000000005
[  803.847338][T16715] RBP: 00007f801f21e090 R08: 0000000000000000 R09: 0000000000000000
[  803.847350][T16715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.847362][T16715] R13: 00007f8021246038 R14: 00007f8021245fa0 R15: 00007ffdfbb5b928
[  803.847393][T16715]  </TASK>
[  804.297188][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  804.297319][    T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  804.338866][    T9] usb 1-1: USB disconnect, device number 26
[  804.720324][T16724] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3976'.
[  804.820005][    T9] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  804.999991][    T9] usb 1-1: Using ep0 maxpacket: 32
[  805.002370][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  805.005543][    T9] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  805.005575][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.005597][    T9] usb 1-1: Product: syz
[  805.005612][    T9] usb 1-1: Manufacturer: syz
[  805.005626][    T9] usb 1-1: SerialNumber: syz
[  805.081900][    T9] usb 1-1: config 0 descriptor??
[  805.107707][    T9] smsc95xx 1-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  805.108002][    T9] smsc95xx 1-1:0.0: probe with driver smsc95xx failed with error -22
[  805.322529][    T9] usb 1-1: USB disconnect, device number 27
[  805.679949][T16741] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3978'.
[  809.159026][ T1328] ieee802154 phy0 wpan0: encryption failed: -22
[  809.159109][ T1328] ieee802154 phy1 wpan1: encryption failed: -22
[  812.892081][T16767] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  813.262799][T16770] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3984'.
[  813.262830][T16770] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3984'.
[  814.470045][ T7726] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  814.642332][ T7726] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  814.642371][ T7726] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  814.642410][ T7726] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  814.642434][ T7726] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.732441][ T7726] usb 7-1: config 0 descriptor??
[  814.734088][T16364] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  814.870178][    T9] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  815.039947][    T9] usb 6-1: Using ep0 maxpacket: 32
[  815.043122][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  815.049141][    T9] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  815.049246][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.049270][    T9] usb 6-1: Product: syz
[  815.049286][    T9] usb 6-1: Manufacturer: syz
[  815.049303][    T9] usb 6-1: SerialNumber: syz
[  815.129835][    T9] usb 6-1: config 0 descriptor??
[  815.151904][    T9] smsc95xx 6-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  815.152491][    T9] smsc95xx 6-1:0.0: probe with driver smsc95xx failed with error -22
[  815.223049][ T7726] hid_parser_main: 339 callbacks suppressed
[  815.223080][ T7726] pyra 0003:1E7D:2CF6.001F: unknown main item tag 0x0
[  815.223116][ T7726] pyra 0003:1E7D:2CF6.001F: unknown main item tag 0x0
[  815.223142][ T7726] pyra 0003:1E7D:2CF6.001F: unknown main item tag 0x0
[  815.223169][ T7726] pyra 0003:1E7D:2CF6.001F: unknown main item tag 0x0
[  815.223196][ T7726] pyra 0003:1E7D:2CF6.001F: unknown main item tag 0x0
[  815.223223][ T7726] pyra 0003:1E7D:2CF6.001F: unknown main item tag 0x0
[  815.223249][ T7726] pyra 0003:1E7D:2CF6.001F: unknown main item tag 0x0
[  815.331130][T16364] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  815.350206][T16364] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  815.385565][   T31] usb 6-1: USB disconnect, device number 11
[  815.498414][T16798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3993'.
[  815.536929][T16364] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  815.537994][T16364] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  815.573105][ T7726] pyra 0003:1E7D:2CF6.001F: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.6-1/input0
[  815.659474][T16364] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  815.668911][T16364] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  815.822147][ T7726] pyra 0003:1E7D:2CF6.001F: couldn't init struct pyra_device
[  815.822213][ T7726] pyra 0003:1E7D:2CF6.001F: couldn't install mouse
[  815.857110][ T7726] pyra 0003:1E7D:2CF6.001F: probe with driver pyra failed with error -71
[  815.884831][ T7726] usb 7-1: USB disconnect, device number 14
[  816.711170][T16364] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  816.735724][T16808] FAULT_INJECTION: forcing a failure.
[  816.735724][T16808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  816.735766][T16808] CPU: 0 UID: 0 PID: 16808 Comm: syz.5.3995 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  816.735797][T16808] Tainted: [L]=SOFTLOCKUP
[  816.735805][T16808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  816.735818][T16808] Call Trace:
[  816.735828][T16808]  <TASK>
[  816.735838][T16808]  dump_stack_lvl+0xe8/0x150
[  816.735879][T16808]  should_fail_ex+0x46b/0x600
[  816.735909][T16808]  _copy_to_user+0x31/0xb0
[  816.735941][T16808]  video_usercopy+0xe0a/0x1450
[  816.735973][T16808]  ? __pfx___video_do_ioctl+0x10/0x10
[  816.736000][T16808]  ? __pfx_video_usercopy+0x10/0x10
[  816.736021][T16808]  ? smack_file_ioctl+0x2c2/0x360
[  816.736066][T16808]  ? __fget_files+0x2a/0x420
[  816.736095][T16808]  ? __fget_files+0x3a6/0x420
[  816.736127][T16808]  v4l2_ioctl+0x190/0x1e0
[  816.736163][T16808]  ? __pfx_v4l2_ioctl+0x10/0x10
[  816.736196][T16808]  __se_sys_ioctl+0xff/0x170
[  816.736232][T16808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.736258][T16808]  do_syscall_64+0x15f/0xf80
[  816.736286][T16808]  ? trace_irq_disable+0x3b/0x140
[  816.736310][T16808]  ? clear_bhb_loop+0x40/0x90
[  816.736338][T16808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.736362][T16808] RIP: 0033:0x7f35d318c819
[  816.736385][T16808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  816.736405][T16808] RSP: 002b:00007f35d13e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  816.736431][T16808] RAX: ffffffffffffffda RBX: 00007f35d3405fa0 RCX: 00007f35d318c819
[  816.736449][T16808] RDX: 0000200000000040 RSI: 00000000c008561c RDI: 0000000000000003
[  816.736465][T16808] RBP: 00007f35d13e6090 R08: 0000000000000000 R09: 0000000000000000
[  816.736480][T16808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  816.736494][T16808] R13: 00007f35d3406038 R14: 00007f35d3405fa0 R15: 00007fffacc2e338
[  816.736529][T16808]  </TASK>
[  817.203721][T16364] 8021q: adding VLAN 0 to HW filter on device bond0
[  817.269009][T16364] 8021q: adding VLAN 0 to HW filter on device team0
[  817.295040][ T1833] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.295301][ T1833] bridge0: port 1(bridge_slave_0) entered forwarding state
[  817.309034][ T5995] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.309236][ T5995] bridge0: port 2(bridge_slave_1) entered forwarding state
[  817.310190][   T31] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  817.380338][ T7726] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  817.462206][   T31] usb 6-1: Using ep0 maxpacket: 8
[  817.467840][   T31] usb 6-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice= 0.00
[  817.467876][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.467899][   T31] usb 6-1: Product: syz
[  817.467917][   T31] usb 6-1: Manufacturer: syz
[  817.467935][   T31] usb 6-1: SerialNumber: syz
[  817.550534][ T7726] usb 8-1: Using ep0 maxpacket: 32
[  817.578037][ T7726] usb 8-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  817.578075][ T7726] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.578098][ T7726] usb 8-1: Product: syz
[  817.578116][ T7726] usb 8-1: Manufacturer: syz
[  817.578134][ T7726] usb 8-1: SerialNumber: syz
[  817.624056][ T7726] usb 8-1: config 0 descriptor??
[  817.748356][   T31] kalmia 6-1:1.0 (unnamed net_device) (uninitialized): Error sending init packet. Status -71
[  817.748669][   T31] kalmia 6-1:1.0: probe with driver kalmia failed with error -71
[  817.845166][   T31] usb 6-1: USB disconnect, device number 12
[  817.864300][ T7726] RobotFuzz Open Source InterFace, OSIF 8-1:0.0: failure sending bit rate
[  817.864348][ T7726] RobotFuzz Open Source InterFace, OSIF 8-1:0.0: probe with driver RobotFuzz Open Source InterFace, OSIF failed with error -71
[  817.941534][ T7726] usb 8-1: USB disconnect, device number 10
[  818.220101][  T814] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  818.331404][T16364] 8021q: adding VLAN 0 to HW filter on device batadv0
[  818.379315][  T814] usb 1-1: Using ep0 maxpacket: 32
[  818.387531][  T814] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  818.406927][  T814] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  818.406964][  T814] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.406988][  T814] usb 1-1: Product: syz
[  818.407005][  T814] usb 1-1: Manufacturer: syz
[  818.407023][  T814] usb 1-1: SerialNumber: syz
[  818.536341][  T814] usb 1-1: config 0 descriptor??
[  819.480311][  T814] smsc95xx 1-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  819.480631][  T814] smsc95xx 1-1:0.0: probe with driver smsc95xx failed with error -22
[  819.588744][T16364] veth0_vlan: entered promiscuous mode
[  819.710315][T16364] veth1_vlan: entered promiscuous mode
[  819.740361][ T6025] usb 1-1: USB disconnect, device number 28
[  819.931788][T16364] veth0_macvtap: entered promiscuous mode
[  819.984059][T16364] veth1_macvtap: entered promiscuous mode
[  820.029006][T16364] batman_adv: batadv0: Interface activated: batadv_slave_0
[  820.053369][T16364] batman_adv: batadv0: Interface activated: batadv_slave_1
[  820.103167][ T1145] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  820.103488][ T1145] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  820.103533][ T1145] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  820.103574][ T1145] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  820.384080][T16856] tipc: Started in network mode
[  820.384122][T16856] tipc: Node identity 0600000000000000010001, cluster identity 4711
[  821.187500][ T1351] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  821.187524][ T1351] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  821.268933][ T1864] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  821.510295][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  821.633507][ T1864] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  821.633568][ T1864] usb 8-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00
[  821.633597][ T1864] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  821.671502][T16868] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4016'.
[  821.678066][ T1864] usb 8-1: config 0 descriptor??
[  821.711511][T16863] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  821.829942][    T9] usb 6-1: Using ep0 maxpacket: 16
[  821.869869][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  821.869930][    T9] usb 6-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00
[  821.869956][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  821.955109][    T9] usb 6-1: config 0 descriptor??
[  821.956205][T16866] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  822.128637][T16873] FAULT_INJECTION: forcing a failure.
[  822.128637][T16873] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  822.128675][T16873] CPU: 0 UID: 0 PID: 16873 Comm: syz.0.4017 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  822.128709][T16873] Tainted: [L]=SOFTLOCKUP
[  822.128717][T16873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  822.128729][T16873] Call Trace:
[  822.128737][T16873]  <TASK>
[  822.128746][T16873]  dump_stack_lvl+0xe8/0x150
[  822.128784][T16873]  should_fail_ex+0x46b/0x600
[  822.128811][T16873]  _copy_to_user+0x31/0xb0
[  822.128836][T16873]  simple_read_from_buffer+0xe1/0x170
[  822.128865][T16873]  proc_fail_nth_read+0x1be/0x230
[  822.128892][T16873]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  822.128918][T16873]  ? rw_verify_area+0x2ac/0x4e0
[  822.128944][T16873]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  822.128967][T16873]  vfs_read+0x212/0xa80
[  822.129001][T16873]  ? __pfx_vfs_read+0x10/0x10
[  822.129029][T16873]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  822.129053][T16873]  ? lockdep_hardirqs_on+0x7a/0x110
[  822.129075][T16873]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  822.129098][T16873]  ? mutex_lock_nested+0x152/0x1d0
[  822.129126][T16873]  ? fdget_pos+0x252/0x320
[  822.129159][T16873]  ksys_read+0x156/0x270
[  822.129188][T16873]  ? __pfx_ksys_read+0x10/0x10
[  822.129222][T16873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.129242][T16873]  do_syscall_64+0x15f/0xf80
[  822.129266][T16873]  ? clear_bhb_loop+0x40/0x90
[  822.129289][T16873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.129307][T16873] RIP: 0033:0x7f036a61d04e
[  822.129326][T16873] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  822.129344][T16873] RSP: 002b:00007f03688adfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  822.129366][T16873] RAX: ffffffffffffffda RBX: 00007f03688ae6c0 RCX: 00007f036a61d04e
[  822.129380][T16873] RDX: 000000000000000f RSI: 00007f03688ae0a0 RDI: 0000000000000004
[  822.129393][T16873] RBP: 00007f03688ae090 R08: 0000000000000000 R09: 0000000000000000
[  822.129405][T16873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  822.129417][T16873] R13: 00007f036a8d6038 R14: 00007f036a8d5fa0 R15: 00007fff94d2ae78
[  822.129447][T16873]  </TASK>
[  822.297281][ T1864] hid (null): unknown global tag 0xe1
[  822.312075][ T1864] hid (null): unknown global tag 0x2a
[  822.328127][ T1864] hid (null): global environment stack underflow
[  822.382320][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.382358][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387166][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387200][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387226][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387253][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387277][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387301][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387325][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.387349][ T1864] asus 0003:0B05:1ABE.0020: unknown main item tag 0x0
[  822.388385][ T1864] asus 0003:0B05:1ABE.0020: unexpected long global item
[  822.400340][ T1864] asus 0003:0B05:1ABE.0020: Asus hid parse failed: -22
[  822.400455][ T1864] asus 0003:0B05:1ABE.0020: probe with driver asus failed with error -22
[  822.488543][    T9] hid (null): bogus close delimiter
[  822.489969][ T3098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  822.489992][ T3098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  822.610085][    T9] logitech-djreceiver 0003:046D:C52B.0021: bogus close delimiter
[  822.610113][    T9] logitech-djreceiver 0003:046D:C52B.0021: item 0 2 2 10 parsing failed
[  822.611195][    T9] logitech-djreceiver 0003:046D:C52B.0021: logi_dj_probe: parse failed
[  822.611283][    T9] logitech-djreceiver 0003:046D:C52B.0021: probe with driver logitech-djreceiver failed with error -22
[  822.672461][ T9186] usb 8-1: USB disconnect, device number 11
[  822.836312][    T9] usb 6-1: USB disconnect, device number 13
[  823.058151][T16887] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3872'.
[  823.260560][  T815] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  823.375654][T16895] warning: `syz.2.4025' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  823.423416][  T815] usb 1-1: Using ep0 maxpacket: 32
[  823.425492][  T815] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  823.446859][  T815] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  823.446889][  T815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.446902][  T815] usb 1-1: Product: syz
[  823.446912][  T815] usb 1-1: Manufacturer: syz
[  823.446921][  T815] usb 1-1: SerialNumber: syz
[  823.485525][  T815] usb 1-1: config 0 descriptor??
[  823.693132][  T815] smsc95xx 1-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  823.701783][  T815] smsc95xx 1-1:0.0: probe with driver smsc95xx failed with error -22
[  824.847576][ T6025] usb 1-1: USB disconnect, device number 29
[  826.737369][T16927] comedi: valid board names for 8255 driver are:
[  826.737389][T16927]  8255
[  826.737398][T16927] comedi: valid board names for vmk80xx driver are:
[  826.737408][T16927]  vmk80xx
[  826.737417][T16927] comedi: valid board names for usbduxsigma driver are:
[  826.737430][T16927]  usbduxsigma
[  826.737438][T16927] comedi: valid board names for usbduxfast driver are:
[  826.737450][T16927]  usbduxfast
[  826.737458][T16927] comedi: valid board names for usbdux driver are:
[  826.737470][T16927]  usbdux
[  826.737479][T16927] comedi: valid board names for ni6501 driver are:
[  826.737513][T16927]  ni6501
[  826.737522][T16927] comedi: valid board names for dt9812 driver are:
[  826.737532][T16927]  dt9812
[  826.737541][T16927] comedi: valid board names for ni_labpc_cs driver are:
[  826.737552][T16927]  ni_labpc_cs
[  826.737560][T16927] comedi: valid board names for ni_daq_700 driver are:
[  826.737571][T16927]  ni_daq_700
[  826.737580][T16927] comedi: valid board names for labpc_pci driver are:
[  826.737591][T16927]  labpc_pci
[  826.737600][T16927] comedi: valid board names for adl_pci9118 driver are:
[  826.737612][T16927]  pci9118dg
[  826.737620][T16927]  pci9118hg
[  826.737628][T16927]  pci9118hr
[  826.737636][T16927] comedi: valid board names for 8255_pci driver are:
[  826.737647][T16927]  8255_pci
[  826.737656][T16927] comedi: valid board names for s526 driver are:
[  826.737667][T16927]  s526
[  826.737675][T16927] comedi: valid board names for multiq3 driver are:
[  826.737685][T16927]  multiq3
[  826.737694][T16927] comedi: valid board names for pcmuio driver are:
[  826.737705][T16927]  pcmuio48
[  826.737713][T16927]  pcmuio96
[  826.737721][T16927] comedi: valid board names for pcmmio driver are:
[  826.737732][T16927]  pcmmio
[  826.737747][T16927] comedi: valid board names for pcmda12 driver are:
[  826.737758][T16927]  pcmda12
[  826.737766][T16927] comedi: valid board names for pcmad driver are:
[  826.737775][T16927]  pcmad12
[  826.737783][T16927]  pcmad16
[  826.737791][T16927] comedi: valid board names for ni_labpc driver are:
[  826.737800][T16927]  lab-pc-1200
[  826.737808][T16927]  lab-pc-1200ai
[  826.737817][T16927]  lab-pc+
[  826.737824][T16927] comedi: valid board names for atmio16 driver are:
[  826.737835][T16927]  atmio16
[  826.737843][T16927]  atmio16d
[  826.737851][T16927] comedi: valid board names for ni_at_ao driver are:
[  826.737861][T16927]  at-ao-6
[  826.737869][T16927]  at-ao-10
[  826.737878][T16927] comedi: valid board names for ni_at_a2150 driver are:
[  826.737887][T16927]  ni_at_a2150
[  826.737895][T16927] comedi: valid board names for adq12b driver are:
[  826.737906][T16927]  adq12b
[  826.737914][T16927] comedi: valid board names for mpc624 driver are:
[  826.737925][T16927]  mpc624
[  826.737933][T16927] comedi: valid board names for c6xdigio driver are:
[  826.737943][T16927]  c6xdigio
[  826.737952][T16927] comedi: valid board names for aio_iiro_16 driver are:
[  826.737963][T16927]  aio_iiro_16
[  826.737971][T16927] comedi: valid board names for aio_aio12_8 driver are:
[  826.737982][T16927]  aio_aio12_8
[  826.737989][T16927]  aio_ai12_8
[  826.737997][T16927]  aio_ao12_4
[  826.738004][T16927] comedi: valid board names for fl512 driver are:
[  826.738013][T16927]  fl512
[  826.738021][T16927] comedi: valid board names for dmm32at driver are:
[  826.738031][T16927]  dmm32at
[  826.738039][T16927] comedi: valid board names for dt282x driver are:
[  826.738049][T16927]  dt2821
[  826.738057][T16927]  dt2821-f
[  826.738065][T16927]  dt2821-g
[  826.738073][T16927]  dt2823
[  826.738081][T16927]  dt2824-pgh
[  826.738089][T16927]  dt2824-pgl
[  826.738096][T16927]  dt2825
[  826.738103][T16927]  dt2827
[  826.738111][T16927]  dt2828
[  826.738118][T16927]  dt2829
[  826.738127][T16927]  dt21-ez
[  826.738135][T16927]  dt23-ez
[  826.738142][T16927]  dt24-ez
[  826.738150][T16927]  dt24-ez-pgl
[  826.738159][T16927] comedi: valid board names for dt2817 driver are:
[  826.738169][T16927]  dt2817
[  826.738177][T16927] comedi: valid board names for dt2815 driver are:
[  826.738187][T16927]  dt2815
[  826.738194][T16927] comedi: valid board names for dt2814 driver are:
[  826.738204][T16927]  dt2814
[  826.738212][T16927] comedi: valid board names for dt2811 driver are:
[  826.738222][T16927]  dt2811-pgh
[  826.738229][T16927]  dt2811-pgl
[  826.738237][T16927] comedi: valid board names for dt2801 driver are:
[  826.738247][T16927]  dt2801
[  826.738255][T16927] comedi: valid board names for das6402 driver are:
[  826.738265][T16927]  das6402-12
[  826.738274][T16927]  das6402-16
[  826.738282][T16927] comedi: valid board names for das1800 driver are:
[  826.738293][T16927]  das-1701st
[  826.738301][T16927]  das-1701st-da
[  826.738309][T16927]  das-1702st
[  826.738318][T16927]  das-1702st-da
[  826.738326][T16927]  das-1702hr
[  826.738334][T16927]  das-1702hr-da
[  826.738343][T16927]  das-1701ao
[  826.738351][T16927]  das-1702ao
[  826.738359][T16927]  das-1801st
[  826.738365][T16927]  das-1801st-da
[  826.738373][T16927]  das-1802st
[  826.738381][T16927]  das-1802st-da
[  826.738390][T16927]  das-1802hr
[  826.738399][T16927]  das-1802hr-da
[  826.738407][T16927]  das-1801hc
[  826.738415][T16927]  das-1802hc
[  826.738424][T16927]  das-1801ao
[  826.738432][T16927]  das-1802ao
[  826.738441][T16927] comedi: valid board names for das800 driver are:
[  826.738452][T16927]  das-800
[  826.738460][T16927]  cio-das800
[  826.846834][T16927]  das-801
[  826.846848][T16927]  cio-das801
[  826.846856][T16927]  das-802
[  826.846864][T16927]  cio-das802
[  826.846872][T16927]  cio-das802/16
[  826.846881][T16927] comedi: valid board names for isa-das08 driver are:
[  826.846892][T16927]  isa-das08
[  826.846899][T16927]  das08-pgm
[  826.846906][T16927]  das08-pgh
[  826.846913][T16927]  das08-pgl
[  826.846920][T16927]  das08-aoh
[  826.846927][T16927]  das08-aol
[  826.846935][T16927]  das08-aom
[  826.846941][T16927]  das08/jr-ao
[  826.846949][T16927]  das08jr-16-ao
[  826.846956][T16927]  pc104-das08
[  826.846964][T16927]  das08jr/16
[  826.846972][T16927] comedi: valid board names for das16m1 driver are:
[  826.846982][T16927]  das16m1
[  826.846989][T16927] comedi: valid board names for dac02 driver are:
[  826.846999][T16927]  dac02
[  826.847006][T16927] comedi: valid board names for rti802 driver are:
[  826.847017][T16927]  rti802
[  826.847024][T16927] comedi: valid board names for rti800 driver are:
[  826.847034][T16927]  rti800
[  826.847042][T16927]  rti815
[  826.847049][T16927] comedi: valid board names for pcm3724 driver are:
[  826.847059][T16927]  pcm3724
[  826.847066][T16927] comedi: valid board names for pcl818 driver are:
[  826.847076][T16927]  pcl818l
[  826.847083][T16927]  pcl818h
[  826.847090][T16927]  pcl818hd
[  826.847097][T16927]  pcl818hg
[  826.847105][T16927]  pcl818
[  826.847112][T16927]  pcl718
[  826.847119][T16927]  pcm3718
[  826.847127][T16927] comedi: valid board names for pcl816 driver are:
[  826.847137][T16927]  pcl816
[  826.847144][T16927]  pcl814b
[  826.847152][T16927] comedi: valid board names for pcl812 driver are:
[  826.847161][T16927]  pcl812
[  826.847169][T16927]  pcl812pg
[  826.847176][T16927]  acl8112pg
[  826.847183][T16927]  acl8112dg
[  826.847190][T16927]  acl8112hg
[  826.847198][T16927]  a821pgl
[  826.847204][T16927]  a821pglnda
[  826.847212][T16927]  a821pgh
[  826.847219][T16927]  a822pgl
[  826.847226][T16927]  a822pgh
[  826.847233][T16927]  a823pgl
[  826.847240][T16927]  a823pgh
[  826.847264][T16927]  pcl813
[  826.847271][T16927]  pcl813b
[  826.847279][T16927]  acl8113
[  826.847286][T16927]  iso813
[  826.847292][T16927]  acl8216
[  826.847299][T16927]  a826pg
[  826.847306][T16927] comedi: valid board names for pcl730 driver are:
[  826.847316][T16927]  pcl730
[  826.847323][T16927]  iso730
[  826.847330][T16927]  acl7130
[  826.847338][T16927]  pcm3730
[  826.847344][T16927]  pcl725
[  826.847351][T16927]  p8r8dio
[  826.847358][T16927]  acl7225b
[  826.847365][T16927]  p16r16dio
[  826.847372][T16927]  pcl733
[  826.847379][T16927]  pcl734
[  826.847387][T16927]  opmm-1616-xt
[  826.847394][T16927]  pearl-mm-p
[  826.847401][T16927]  ir104-pbf
[  826.847409][T16927] comedi: valid board names for pcl726 driver are:
[  826.847418][T16927]  pcl726
[  826.847425][T16927]  pcl727
[  826.847432][T16927]  pcl728
[  826.847439][T16927]  acl6126
[  826.847446][T16927]  acl6128
[  826.847453][T16927] comedi: valid board names for pcl724 driver are:
[  826.847462][T16927]  pcl724
[  826.847469][T16927]  pcl722
[  826.847476][T16927]  pcl731
[  826.847483][T16927]  acl7122
[  826.847490][T16927]  acl7124
[  826.847496][T16927]  pet48dio
[  826.847504][T16927]  pcmio48
[  826.847511][T16927]  onyx-mm-dio
[  826.847520][T16927] comedi: valid board names for pcl711 driver are:
[  826.847530][T16927]  pcl711
[  826.847538][T16927]  pcl711b
[  826.847545][T16927]  acl8112hg
[  826.847552][T16927]  acl8112dg
[  826.847560][T16927] comedi: valid board names for amplc_pc263 driver are:
[  826.847569][T16927]  pc263
[  826.847576][T16927] comedi: valid board names for amplc_pc236 driver are:
[  826.847586][T16927]  pc36at
[  826.847601][T16927] comedi: valid board names for amplc_dio200 driver are:
[  826.847612][T16927]  pc212e
[  826.847618][T16927]  pc214e
[  826.847625][T16927]  pc215e
[  826.847632][T16927]  pc218e
[  826.847639][T16927]  pc272e
[  826.847646][T16927] comedi: valid board names for comedi_parport driver are:
[  826.847656][T16927]  comedi_parport
[  826.847664][T16927] comedi: valid board names for comedi_test driver are:
[  826.847673][T16927]  comedi_test
[  826.847681][T16927] comedi: valid board names for comedi_bond driver are:
[  826.847691][T16927]  comedi_bond
[  826.855274][T16929] netlink: 420 bytes leftover after parsing attributes in process `syz.0.4034'.
[  827.531266][ T6025] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  827.680612][ T6025] usb 6-1: Using ep0 maxpacket: 8
[  828.551959][ T6025] usb 6-1: config 1 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 228, changing to 11
[  828.551997][ T6025] usb 6-1: config 1 interface 0 altsetting 6 endpoint 0x2 has an invalid bInterval 248, changing to 11
[  828.552025][ T6025] usb 6-1: config 1 interface 0 has no altsetting 0
[  828.575923][ T6025] usb 6-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.40
[  828.575959][ T6025] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  828.575981][ T6025] usb 6-1: Product: syz
[  828.575996][ T6025] usb 6-1: Manufacturer: syz
[  828.576011][ T6025] usb 6-1: SerialNumber: syz
[  828.902298][T16922] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  829.078982][ T6025] usbhid 6-1:1.0: can't add hid device: -71
[  829.079124][ T6025] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  829.115566][ T6025] usb 6-1: USB disconnect, device number 14
[  829.181450][T16454] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  829.199169][T16943] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4042'.
[  829.380227][T16454] usb 8-1: Using ep0 maxpacket: 16
[  829.385138][T16454] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  829.385227][T16454] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  829.385259][T16454] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  829.385304][T16454] usb 8-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  829.385332][T16454] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  829.450352][T16454] usb 8-1: config 0 descriptor??
[  830.878758][T16454] hid-picolcd 0003:04D8:F002.0022: global environment stack underflow
[  830.878813][T16454] hid-picolcd 0003:04D8:F002.0022: item 0 4 1 11 parsing failed
[  830.907664][T16454] hid-picolcd 0003:04D8:F002.0022: device report parse failed
[  830.907807][T16454] hid-picolcd 0003:04D8:F002.0022: probe with driver hid-picolcd failed with error -22
[  830.919975][ T5857] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  831.071374][ T5857] usb 7-1: Using ep0 maxpacket: 32
[  831.074166][ T5857] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  831.077422][ T5857] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  831.077455][ T5857] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  831.077503][ T5857] usb 7-1: Product: syz
[  831.077520][ T5857] usb 7-1: Manufacturer: syz
[  831.077536][ T5857] usb 7-1: SerialNumber: syz
[  831.115507][ T5857] usb 7-1: config 0 descriptor??
[  831.120199][ T5819] Bluetooth: hci5: ACL packet for unknown connection handle 201
[  831.129325][ T5857] smsc95xx 7-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  831.129600][ T5857] smsc95xx 7-1:0.0: probe with driver smsc95xx failed with error -22
[  831.291203][T16454] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  831.367404][ T5857] usb 7-1: USB disconnect, device number 15
[  831.440102][T16454] usb 1-1: Using ep0 maxpacket: 32
[  831.442819][T16454] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  831.442851][T16454] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.491403][T16454] usb 1-1: config 0 descriptor??
[  831.521737][T16454] gspca_main: sunplus-2.14.0 probing 041e:400b
[  831.842025][T16870] usb 8-1: USB disconnect, device number 12
[  831.883999][T16946] ------------[ cut here ]------------
[  831.884017][T16946] kcov->t != t
[  831.884024][T16946] WARNING: kernel/kcov.c:483 at kcov_task_exit+0xf5/0x160, CPU#1: syz.6.4044/16946
[  831.884078][T16946] Modules linked in:
[  831.884103][T16946] CPU: 1 UID: 0 PID: 16946 Comm: syz.6.4044 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  831.884138][T16946] Tainted: [L]=SOFTLOCKUP
[  831.884146][T16946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  831.884161][T16946] RIP: 0010:kcov_task_exit+0xf5/0x160
[  831.884197][T16946] Code: 10 00 00 48 8b bb 90 00 00 00 e8 36 68 55 00 48 89 df 5b 41 5e 41 5f e9 49 25 5b 00 7c 1c 5b 41 5e 41 5f e9 7d cb 69 09 cc 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 9b 64 68 09 48 89 df be 03 00
[  831.884216][T16946] RSP: 0018:ffffc900041b7d20 EFLAGS: 00010206
[  831.884230][T16946] RAX: 620bc69f90b08500 RBX: ffff8880203c6000 RCX: 0000000000000000
[  831.884240][T16946] RDX: 0000000012fbb439 RSI: ffffffff8ba73040 RDI: 00000000ffffffff
[  831.884250][T16946] RBP: ffffc900041b7e78 R08: ffffffff8b2cf750 R09: ffffffff8dfc80c0
[  831.884260][T16946] R10: dffffc0000000000 R11: fffffbfff1f1717f R12: dffffc0000000000
[  831.884269][T16946] R13: 0000000000000000 R14: ffff8880203c6008 R15: ffff8880291abd80
[  831.884279][T16946] FS:  00005555693a6500(0000) GS:ffff888126209000(0000) knlGS:0000000000000000
[  831.884291][T16946] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  831.884300][T16946] CR2: 00007f8021d756b8 CR3: 00000000577d8000 CR4: 00000000003526f0
[  831.884315][T16946] Call Trace:
[  831.884322][T16946]  <TASK>
[  831.884329][T16946]  do_exit+0x150/0x22c0
[  831.884346][T16946]  ? lockdep_hardirqs_on+0x7a/0x110
[  831.884364][T16946]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  831.884383][T16946]  ? reacquire_held_locks+0x104/0x190
[  831.884401][T16946]  ? rt_spin_lock+0x1e0/0x400
[  831.884413][T16946]  ? __pfx_do_exit+0x10/0x10
[  831.884430][T16946]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  831.884449][T16946]  ? rt_spin_unlock+0x160/0x200
[  831.884464][T16946]  do_group_exit+0x21b/0x2d0
[  831.884482][T16946]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.884498][T16946]  __x64_sys_exit_group+0x3f/0x40
[  831.884514][T16946]  x64_sys_call+0x221a/0x2240
[  831.884530][T16946]  do_syscall_64+0x15f/0xf80
[  831.884551][T16946]  ? clear_bhb_loop+0x40/0x90
[  831.884576][T16946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.884596][T16946] RIP: 0033:0x7f0d8877c819
[  831.884616][T16946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  831.884633][T16946] RSP: 002b:00007fffb00f8318 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  831.884647][T16946] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0d8877c819
[  831.884657][T16946] RDX: 00007f0d879d1000 RSI: 0000000000000000 RDI: 0000000000000000
[  831.884665][T16946] RBP: 00007fffb00f837c R08: 0000000000000000 R09: 00000000000927c0
[  831.884674][T16946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000055
[  831.884683][T16946] R13: 00000000000927c0 R14: 00000000000c9e83 R15: 00007fffb00f83d0
[  831.884702][T16946]  </TASK>
[  831.884710][T16946] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  831.884722][T16946] CPU: 1 UID: 0 PID: 16946 Comm: syz.6.4044 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  831.884740][T16946] Tainted: [L]=SOFTLOCKUP
[  831.884745][T16946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  831.884753][T16946] Call Trace:
[  831.884759][T16946]  <TASK>
[  831.884764][T16946]  vpanic+0x56c/0xa60
[  831.884781][T16946]  ? __pfx__printk+0x10/0x10
[  831.884883][T16946]  ? __pfx_vpanic+0x10/0x10
[  831.884907][T16946]  ? is_bpf_text_address+0x292/0x2b0
[  831.884924][T16946]  ? is_bpf_text_address+0x26/0x2b0
[  831.884944][T16946]  panic+0xc5/0xd0
[  831.884959][T16946]  ? __pfx_panic+0x10/0x10
[  831.884981][T16946]  __warn+0x315/0x4c0
[  831.884994][T16946]  ? kcov_task_exit+0xf5/0x160
[  831.885016][T16946]  ? kcov_task_exit+0xf5/0x160
[  831.885037][T16946]  __report_bug+0x29a/0x540
[  831.885057][T16946]  ? kcov_task_exit+0xf5/0x160
[  831.885077][T16946]  ? __pfx___report_bug+0x10/0x10
[  831.885094][T16946]  ? __pfx_rtlock_slowlock_locked+0x10/0x10
[  831.885111][T16946]  ? rt_spin_lock+0x1e0/0x400
[  831.885125][T16946]  ? rt_spin_lock+0x1e0/0x400
[  831.885139][T16946]  ? kcov_task_exit+0xf5/0x160
[  831.885157][T16946]  report_bug+0x16a/0x220
[  831.885173][T16946]  ? kcov_task_exit+0xf5/0x160
[  831.885191][T16946]  ? kcov_task_exit+0xf7/0x160
[  831.885210][T16946]  handle_bug+0x9c/0x200
[  831.885229][T16946]  exc_invalid_op+0x1a/0x50
[  831.885254][T16946]  asm_exc_invalid_op+0x1a/0x20
[  831.885267][T16946] RIP: 0010:kcov_task_exit+0xf5/0x160
[  831.885289][T16946] Code: 10 00 00 48 8b bb 90 00 00 00 e8 36 68 55 00 48 89 df 5b 41 5e 41 5f e9 49 25 5b 00 7c 1c 5b 41 5e 41 5f e9 7d cb 69 09 cc 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 9b 64 68 09 48 89 df be 03 00
[  831.885301][T16946] RSP: 0018:ffffc900041b7d20 EFLAGS: 00010206
[  831.885314][T16946] RAX: 620bc69f90b08500 RBX: ffff8880203c6000 RCX: 0000000000000000
[  831.885326][T16946] RDX: 0000000012fbb439 RSI: ffffffff8ba73040 RDI: 00000000ffffffff
[  831.885336][T16946] RBP: ffffc900041b7e78 R08: ffffffff8b2cf750 R09: ffffffff8dfc80c0
[  831.885346][T16946] R10: dffffc0000000000 R11: fffffbfff1f1717f R12: dffffc0000000000
[  831.885356][T16946] R13: 0000000000000000 R14: ffff8880203c6008 R15: ffff8880291abd80
[  831.885370][T16946]  ? rt_spin_lock+0x1e0/0x400
[  831.885389][T16946]  do_exit+0x150/0x22c0
[  831.885405][T16946]  ? lockdep_hardirqs_on+0x7a/0x110
[  831.885423][T16946]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  831.885441][T16946]  ? reacquire_held_locks+0x104/0x190
[  831.885459][T16946]  ? rt_spin_lock+0x1e0/0x400
[  831.885567][T16946]  ? __pfx_do_exit+0x10/0x10
[  831.885594][T16946]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  831.885622][T16946]  ? rt_spin_unlock+0x160/0x200
[  831.885638][T16946]  do_group_exit+0x21b/0x2d0
[  831.885656][T16946]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.885671][T16946]  __x64_sys_exit_group+0x3f/0x40
[  831.885687][T16946]  x64_sys_call+0x221a/0x2240
[  831.885702][T16946]  do_syscall_64+0x15f/0xf80
[  831.885722][T16946]  ? clear_bhb_loop+0x40/0x90
[  831.885739][T16946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.885753][T16946] RIP: 0033:0x7f0d8877c819
[  831.885775][T16946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  831.885787][T16946] RSP: 002b:00007fffb00f8318 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  831.885802][T16946] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0d8877c819
[  831.885812][T16946] RDX: 00007f0d879d1000 RSI: 0000000000000000 RDI: 0000000000000000
[  831.885821][T16946] RBP: 00007fffb00f837c R08: 0000000000000000 R09: 00000000000927c0
[  831.885829][T16946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000055
[  831.885839][T16946] R13: 00000000000927c0 R14: 00000000000c9e83 R15: 00007fffb00f83d0
[  831.885859][T16946]  </TASK>
[  831.886361][T16946] Kernel Offset: disabled