last executing test programs:

41m48.725840456s ago: executing program 3 (id=4):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(0x3)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r2, &(0x7f0000000300)={{0x6, @rose, 0x8}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}, 0x48)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r3, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
listen(r3, 0x80)
accept$netrom(r3, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, 0x0, 0x0)
read(r1, &(0x7f0000000540)=""/132, 0x84)
sendmsg(r2, &(0x7f0000000c00)={0x0, 0x0, 0x0}, 0x40)
connect$inet(r1, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000700)=0x100)
setresuid(0xee01, 0x0, 0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, 0x0)
close(r0)

41m47.274489909s ago: executing program 3 (id=7):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x14)
syz_open_dev$vivid(&(0x7f00000017c0), 0x3, 0x2)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, 0x0, 0x0)
ioctl$DVB_DVR_DMX_QUERYBUF(0xffffffffffffffff, 0xc0186f3d, &(0x7f0000000140)={0x7ff, 0xb, 0x80, 0x3, 0xd, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
fallocate(r4, 0x0, 0xf17e, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)

41m38.987877814s ago: executing program 3 (id=15):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x32, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = memfd_create(&(0x7f0000000100)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabh\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)r\xdc\x17\x99J\xaeE\xbdt\xe2L^2\xca\x8f\x1cZ\x84\xe3\xe6\x86iC\xcc\xa9\xbf\xeb\x92\r \xa86\x82\xc3\xa8\xf1\xb4\x0f\x9b\x88\x0f\xc8U\x99;\x9c\x17\xfc7\xdd\xd6\x8e%4\x17~\x9d\xe1\a\x00\x00\x00\xa5\x8fG\\\xd8\x80\x15\xcaw\x7f\xac\x063\xbaE\x11\xcc~Q\xcb/\x8bv\xf2B_\xc5\x8d\xb3\xdd\xbd\x1e\xde\x19\xb5\xc4\xcf%p\x89\xa2\xda\xc7', 0x2)
r6 = fanotify_init(0x20, 0x80000)
r7 = dup(r5)
fanotify_mark(r6, 0x201, 0x48001038, r7, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB="7c000000000101040000000000000000"], 0x7c}}, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000200), 0x2, 0x80000)

41m37.22318151s ago: executing program 3 (id=17):
r0 = memfd_secret(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000180)={@dev={0xfe, 0x80, '\x00', 0x9}}, 0x14)
modify_ldt$write(0x1, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_usb_connect(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$uac1(r5, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x46ee, 0x400, 0xffffdffe, 0x32e}, &(0x7f0000000140)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r4, 0x22, &(0x7f00000000c0)=@un=@file={0x1, './file0\x00'}, 0x0, 0x0, 0x1})
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
io_uring_enter(r6, 0x3516, 0x67f, 0x64, 0x0, 0x0)
connect$qrtr(r0, 0x0, 0x0)

41m21.900191874s ago: executing program 32 (id=17):
r0 = memfd_secret(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000180)={@dev={0xfe, 0x80, '\x00', 0x9}}, 0x14)
modify_ldt$write(0x1, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_usb_connect(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$uac1(r5, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x46ee, 0x400, 0xffffdffe, 0x32e}, &(0x7f0000000140)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r4, 0x22, &(0x7f00000000c0)=@un=@file={0x1, './file0\x00'}, 0x0, 0x0, 0x1})
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
io_uring_enter(r6, 0x3516, 0x67f, 0x64, 0x0, 0x0)
connect$qrtr(r0, 0x0, 0x0)

37m22.903397705s ago: executing program 4 (id=943):
openat$vmci(0xffffff9c, 0x0, 0x2, 0x0)
setrlimit(0x7, &(0x7f0000000f80)={0x2, 0x2})
socket$rxrpc(0x21, 0x2, 0xa)

37m22.56753291s ago: executing program 4 (id=946):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000002000)=0x4)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0x3)

37m21.681537689s ago: executing program 4 (id=949):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

37m21.208292806s ago: executing program 4 (id=956):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000580)={@private2, @loopback={0xb00000000000000}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2000000, 0x0, 0x7d, 0x200, 0xfffffffffffffffd, 0x930311})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback={0x3f}, @loopback, 0x6, 0x0, 0x4, 0x0, 0x4000000000000009, 0x810200})

37m20.943866161s ago: executing program 4 (id=959):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0)

37m20.651538665s ago: executing program 4 (id=962):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x3)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
writev(r2, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x80d}], 0x1)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x18, 0x2, 0x2, 0x400, 0x80000000, 0x0, 0x8, 0x0, 0x6, 0x1, 0xfffffffb, 0x39, 0x747d5e13, 0x800, 0xfffffb9a, 0xfffffffe, 0x0, 0xfffffffb, 0x2004, 0x3, 0x0, 0x0, 0x80, 0x4800, 0x300000, 0x4000007, 0xe, 0x4623f, 0x0, 0x10001, 0x1ff, 0x8000, 0x0, 0x3, 0xc, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x5, 0xe, 0x4, 0x2, 0x6f, 0x8, 0x9, 0x1, 0x199d, 0x6, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x805, 0x3d, 0x8, 0xa, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x0, 0x0, 0x7, 0xfffffffc, 0x8, 0x7fff, 0x72c, 0x1c32, 0x3, 0x5, 0x10000, 0x400, 0x7ffd, 0x3, 0x3, 0x297, 0x5, 0x0, 0x981, 0x4, 0x0, 0x3ff, 0x0, 0xfffffbfe, 0x8, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0xa, 0x1, 0xffffffff, 0x6, 0x2000008, 0x800, 0x6, 0x806, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xe, 0x3, 0x19, 0x9, 0xe, 0x7, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x4, 0x200, 0xf], [0x404, 0x8000c584, 0xb, 0xcd3, 0x7, 0x1f, 0x404, 0x4, 0x0, 0xc, 0x7, 0x9, 0x1e8c, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x0, 0xffe, 0x80040101, 0x5, 0x4, 0x5, 0x200003, 0x1, 0x5, 0x80, 0x9, 0x8001, 0xc0e, 0x0, 0x3, 0x400004, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x9, 0x956, 0x4, 0x3ff, 0xe, 0x6, 0x100fffd, 0x2005, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0x80, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0xffff, 0x3, 0x3, 0x88, 0x4, 0x4000000, 0x6, 0x8000, 0x2, 0x763, 0xb, 0x402, 0x1, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x3, 0x4, 0xe47, 0x4, 0x3, 0x4, 0x200, 0x2851, 0x3b, 0x20000001, 0x5, 0x5, 0xa80a, 0x65f413f9, 0x4, 0x20008, 0x8a5, 0x86, 0x44, 0x409, 0x6, 0x4, 0x4, 0xe, 0x4, 0xffffffff, 0x7fff, 0xffff8a33, 0xfffffff8, 0x401, 0x3, 0x200, 0x7, 0x7fff, 0xfffffffd, 0xa, 0xe, 0x101, 0xf, 0xf, 0x136, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
write$input_event(0xffffffffffffffff, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)

37m5.412749502s ago: executing program 33 (id=962):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x3)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
writev(r2, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x80d}], 0x1)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x18, 0x2, 0x2, 0x400, 0x80000000, 0x0, 0x8, 0x0, 0x6, 0x1, 0xfffffffb, 0x39, 0x747d5e13, 0x800, 0xfffffb9a, 0xfffffffe, 0x0, 0xfffffffb, 0x2004, 0x3, 0x0, 0x0, 0x80, 0x4800, 0x300000, 0x4000007, 0xe, 0x4623f, 0x0, 0x10001, 0x1ff, 0x8000, 0x0, 0x3, 0xc, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x5, 0xe, 0x4, 0x2, 0x6f, 0x8, 0x9, 0x1, 0x199d, 0x6, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x805, 0x3d, 0x8, 0xa, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x0, 0x0, 0x7, 0xfffffffc, 0x8, 0x7fff, 0x72c, 0x1c32, 0x3, 0x5, 0x10000, 0x400, 0x7ffd, 0x3, 0x3, 0x297, 0x5, 0x0, 0x981, 0x4, 0x0, 0x3ff, 0x0, 0xfffffbfe, 0x8, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0xa, 0x1, 0xffffffff, 0x6, 0x2000008, 0x800, 0x6, 0x806, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xe, 0x3, 0x19, 0x9, 0xe, 0x7, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x4, 0x200, 0xf], [0x404, 0x8000c584, 0xb, 0xcd3, 0x7, 0x1f, 0x404, 0x4, 0x0, 0xc, 0x7, 0x9, 0x1e8c, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x0, 0xffe, 0x80040101, 0x5, 0x4, 0x5, 0x200003, 0x1, 0x5, 0x80, 0x9, 0x8001, 0xc0e, 0x0, 0x3, 0x400004, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x9, 0x956, 0x4, 0x3ff, 0xe, 0x6, 0x100fffd, 0x2005, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0x80, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0xffff, 0x3, 0x3, 0x88, 0x4, 0x4000000, 0x6, 0x8000, 0x2, 0x763, 0xb, 0x402, 0x1, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x3, 0x4, 0xe47, 0x4, 0x3, 0x4, 0x200, 0x2851, 0x3b, 0x20000001, 0x5, 0x5, 0xa80a, 0x65f413f9, 0x4, 0x20008, 0x8a5, 0x86, 0x44, 0x409, 0x6, 0x4, 0x4, 0xe, 0x4, 0xffffffff, 0x7fff, 0xffff8a33, 0xfffffff8, 0x401, 0x3, 0x200, 0x7, 0x7fff, 0xfffffffd, 0xa, 0xe, 0x101, 0xf, 0xf, 0x136, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
write$input_event(0xffffffffffffffff, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)

29m34.914330878s ago: executing program 0 (id=3938):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
close(0xffffffffffffffff)
sendmsg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x20008080)
shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24000040)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000600)=ANY=[@ANYBLOB="b8000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000fffffffffeffffff0000800000200000fcffffffffffffff0000000000000000000a000000000000040000000000000002e3b5000000000800000000000000000101"], 0xb8}}, 0x4)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendto$inet6(r2, &(0x7f0000000240)="c8", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @dev={0xfe, 0x80, '\x00', 0x36}, 0x9}, 0x1c)

29m29.259769269s ago: executing program 0 (id=3953):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r4, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000380)='dx\xeb\xf4\xd8&w\xef\xcd1w\xfd2\x19x\xcc\x8d\xabN\xea\xd1\xea\xfa\xc3u\xcdMB\xb2m\xe5Bq\xe3\x9a~\xbe3\xd7\xb1\x16\x8b\xb9\xb6\xc6u\x0f9S\x05\x83n\x01\xa1\x1c\x82\\fsa<\xcd\x18}=A{\x17\xd0\x95\xbd25N\b^\x8eFsTvd)\xad')
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x0)
r6 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r6, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f00000000c0)}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r7, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x41, 0x0, 0x0)
connect$inet(r7, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x81}]}, 0x10)
sendto(r7, 0x0, 0x0, 0x4008044, 0x0, 0x0)
write$binfmt_misc(r7, &(0x7f0000000000)='i', 0x1)
sendto$inet(r7, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e74800", 0xba, 0x0, 0x0, 0x0)

29m27.966916393s ago: executing program 0 (id=3955):
mlockall(0x6)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000040)={&(0x7f00006c6000/0x400000)=nil, &(0x7f0000685000/0x4000)=nil, 0x400000, 0x0, 0x18100})

29m25.867169184s ago: executing program 0 (id=3958):
io_setup(0x8, &(0x7f0000004200))
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x7, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f000015bffc)='nfs\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000002280)={0x28, 0x7, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)

29m24.253686945s ago: executing program 0 (id=3962):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x810001000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40000041, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000758000/0x3000)=nil, 0x3000, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c0001800900010068617368000000002c000280080007400000000008000340000000160800014000ff00120800024000000000080004400000000020000180080001006e61740014000280080003400000000008000540000000000900010073797a30"], 0x150}}, 0x0)

29m17.697262898s ago: executing program 0 (id=3979):
syz_open_dev$video(&(0x7f0000000100), 0x3, 0x2000)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0xffff, 0xc}, {0x0, 0xfff1}, {0xc, 0x4}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x20001d}]}}]}, 0x3c}}, 0x0)

29m2.522110412s ago: executing program 34 (id=3979):
syz_open_dev$video(&(0x7f0000000100), 0x3, 0x2000)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0xffff, 0xc}, {0x0, 0xfff1}, {0xc, 0x4}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x20001d}]}}]}, 0x3c}}, 0x0)

23m16.482485813s ago: executing program 2 (id=5604):
r0 = syz_io_uring_setup(0xac9, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x0, 0x3938700}, 0x1, 0x8})
io_uring_enter(r0, 0x6efc, 0x3900, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x35, {0x5, 0x1}, 0x1}, 0x1)

23m15.881462034s ago: executing program 2 (id=5613):
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20010840)
syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004d968119f68f58d94773b9ab884100003c"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

23m15.662421944s ago: executing program 2 (id=5618):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000000)={&(0x7f00001c4000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, 0x3000, 0x0, 0x2})

23m15.497200864s ago: executing program 2 (id=5621):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1ec)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10010, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)

23m15.318839175s ago: executing program 2 (id=5623):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x181001, 0x0)
r0 = syz_io_uring_setup(0x110, &(0x7f00000008c0)={0x0, 0xfad8, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000940)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x133d, 0x0, 0x8, 0x0, 0x0)

23m14.258168941s ago: executing program 2 (id=5642):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e24, @rand_addr=0x64010100}], 0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000200), 0x4)
listen(r0, 0xfff)
getpeername$inet6(r0, 0x0, &(0x7f0000000040))

23m13.815309126s ago: executing program 35 (id=5642):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e24, @rand_addr=0x64010100}], 0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000200), 0x4)
listen(r0, 0xfff)
getpeername$inet6(r0, 0x0, &(0x7f0000000040))

47.657958446s ago: executing program 5 (id=17289):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfa, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x6e)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000340)="71ffff15cdf0311c00003a52a7d96bd1", 0x10)
io_setup(0x42, &(0x7f0000000100)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000580)=[0x0])
unshare(0x2a020400)
sendto$phonet(r0, &(0x7f0000000040)="9c", 0x1, 0x20040000, &(0x7f0000000100)={0x23, 0x45, 0xaa, 0x7}, 0x10)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1814070000000079292b3c50d10a1866132e1fbf92ae000000b4a728000085105e653c1c1fcc10"], 0x18}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r8 = socket(0x2d, 0x2, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(r8, 0x65, 0x2, 0x0, 0x0)

46.45939827s ago: executing program 5 (id=17292):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo\x00')
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000000)=[r0], 0x1)
syz_usb_connect$rtl8150(0x5, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000a00)={0x14, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = eventfd2(0x0, 0x0)
ppoll(&(0x7f0000000180)=[{r3, 0x81}, {r2, 0x110}], 0x2, 0x0, 0x0, 0x0)
shutdown(r2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, 0x0)
fchdir(r0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0303020000000400000006"], 0x1c}}, 0x0)
creat(&(0x7f00000020c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x11)

44.702367576s ago: executing program 5 (id=17296):
r0 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080)) (async)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000080)={0x1, 0x40}) (async)
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000100)={0x60, 0x1, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x8020, 0x0, 0x0, 0xe2, 0x0, 0x2, 0x0, 0x7c})
r2 = dup2(r1, r1) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ipvlan1\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f00000000c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x70, r3})

44.442262393s ago: executing program 5 (id=17299):
r0 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/direct\x00', 0x2, 0x0)
write$cgroup_netprio_ifpriomap(r0, &(0x7f0000001800)=ANY=[], 0xb)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44100010203010902bf0002010650000900000000020d001b052401082400a9b30d2d0f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042406"], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)
r1 = creat(&(0x7f00000005c0)='./file0\x00', 0x1a)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000000080), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x408, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB="2c726f6f746d6f30303030303030303030303130303030302c0b0065725f69643d3ab2402d3385b2cda404b96f779afa5d0b957f2fff9071bf975eaa33c77e3190acd066f8c5fbf080a191ad1c23d76b88f665618308901d096fe24136307afed2a13fb48099f781ea646338e9770cffb7", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
mount$fuseblk(&(0x7f0000002880), &(0x7f00000028c0)='./file0\x00', &(0x7f0000002900), 0x200, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r3, &(0x7f0000000040)='disconnect aa:aa:aa:aa:aa:10 2', 0x1e)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000010901020000000000000000010000013bb9a8db3d1c0d5a67a9f0a437ebfc7ca4da8a81861b15de945f9f70f8736dd0d621296755c737909c6500c1df3de85bb16418a0ce48d709b0a6d5982b32da628f6b9966eaa86708993a77b2930748774b7b916c4943c8007a3bdc079412624033981d29b17b2f8be47f7b612c2bfc1b6cec054dc9bcea4671c5a1b40d32e350927a58622aff5e24fec6f156bd0eb6e3e1c66eaf1bf6723122658bd32a11fb27afee2e74d885f341cda61da170ed8d6a2c2b6941039b50425371c7cbdc2c7b611f449fcb8d855e1ee26eb09ebc29133a57431dd5"], 0x14}, 0x1, 0x0, 0x0, 0xdddfb8c95d0a80d3}, 0x4000080)
write$cgroup_subtree(r4, &(0x7f00000004c0)=ANY=[@ANYBLOB="33fe00006600"], 0xfe33)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f020000d706000020000000620a04ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d2"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000006c0)={0x2, 0x4e20, @broadcast}, 0x10)
bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r7 = accept4(r6, 0x0, 0x0, 0x800)
sendmsg$nl_route(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x13, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/73, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})

42.786348479s ago: executing program 5 (id=17302):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x550, 0x1190, 0x800, 0x480, 0x7fffffff, 0xd3b5, 0x1, 0x2, {0xa9f, 0x0, 0x1}, {0x7, 0xd, 0x1}, {0x92, 0x10001}, {0x10, 0xb, 0x1}, 0x2, 0x10, 0x5415, 0xfffffffc, 0x0, 0x100, 0x9, 0x5, 0x7f, 0x5b, 0xd, 0xfffff49b, 0xd, 0x4, 0xb2f317bddc44bf58})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5)
getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000100), &(0x7f0000000140)=0x4)
syz_usb_connect(0x6, 0x34d, &(0x7f0000000180)={{0x12, 0x1, 0x310, 0x3b, 0x4c, 0xd4, 0x40, 0x1d50, 0x6062, 0x758d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x33b, 0x2, 0xc1, 0xb2, 0x0, 0x4, [{{0x9, 0x4, 0x6d, 0x0, 0xe, 0xff, 0xff, 0xff, 0x37, [], [{{0x9, 0x5, 0x4, 0x8, 0x400, 0x40, 0x81, 0xfd, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x6, 0x3}]}}, {{0x9, 0x5, 0x3, 0x10, 0x8, 0x4, 0x6, 0xf6}}, {{0x9, 0x5, 0x3, 0x8, 0x10, 0xae, 0x8, 0xe, [@generic={0x71, 0xcc6aed74b2742a79, "176bacb5658c9b07af92d452836d51a3ebbc074c8a12c4853c88168e7c3f3ff57033eef026d7e1eaaa95087e8eebb3542fd64733b51b8d9ffbc26a40bc67043101eb820241afdcb7bef89d01efd48fb57cfac4783bd33d6064ed401ddd3d267b21882f2bbbeb2e552e909fac36093b"}]}}, {{0x9, 0x5, 0x6, 0x2, 0x0, 0x0, 0x1, 0x6}}, {{0x9, 0x5, 0x7, 0x10, 0x0, 0xb, 0x10, 0xf5, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x2, 0xfff8}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x3}]}}, {{0x9, 0x5, 0xc, 0x0, 0x40, 0xc, 0x8, 0x1, [@generic={0x6e, 0x11, "44e8a07e7545cc03dc3cbb516b20a3e8480d821edc0cfa0d86d072645e740d6da0249005b13e3a5055f588af4099b310bdb910c63b05cd505310c9a19d7788f1ec7071930357a5f3d57920ec4efa34e3e35e5687510ce8e2925886e0a4ce1136f8e55cd8ab396adecb914cef"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x200, 0x9, 0x7f, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x9}]}}, {{0x9, 0x5, 0xf, 0x4, 0x400, 0x1, 0x6, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0x5906}]}}, {{0x9, 0x5, 0x8, 0x10, 0x8, 0x2, 0x0, 0x7f}}, {{0x9, 0x5, 0xd, 0x4, 0x10, 0xf, 0xda, 0x87}}, {{0x9, 0x5, 0xa, 0xc, 0x400, 0x2c, 0x7, 0x8, [@generic={0xd9, 0x30, "920185cb1990b4e13e08f9d91daa539b270a5dd4f65a5e4399a332bd2f952b7081a7efe1b1d0240f707859ab02ee908c990360c07feb0de95ba48f5634364343e8f05823fb7d22e5ef39b5a91ec0027fde1555f1bd7243b27ba97e390b5094e1e9211d28161b6e0adeaa1fbbe73db304fdd97e672dab03cf4949972a845e6127df3fb1cd22a2fc0023cf9cdc974f11500bf418910e70034748494f592c868083bacf37cce6b6d20056d943a6c31bf56ccbc316c1661a93cc32490faf3ab88590a7033e3bc95bb5bce9f1de02e2ebaedf44be565ef9f74d"}]}}, {{0x9, 0x5, 0xf, 0x1, 0x8, 0x2c, 0x8b, 0x5}}, {{0x9, 0x5, 0x8, 0x3, 0x400, 0x93, 0x3, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x9, 0x6}]}}, {{0x9, 0x5, 0xb, 0x10, 0x3ff, 0x8, 0x8, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x8, 0x5}, @generic={0x14, 0x18, "0a9887ae7261839ef534082a02ff32bc61c6"}]}}]}}, {{0x9, 0x4, 0x26, 0x2, 0x2, 0x60, 0xc6, 0x4e, 0xc, [], [{{0x9, 0x5, 0x7, 0x8, 0x40, 0x5, 0x9, 0xd0, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x800}]}}, {{0x9, 0x5, 0x5, 0x13, 0x3ff, 0x8, 0x8, 0x9d, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x2, 0x3}, @generic={0x85, 0x21, "097201eee89d9bdaef494462802d7027093f12cab988f9c5f439afc4caa8def395ea270ecaec73684028f7ee6c6e80abd1112c71219b81be030777d5501deec178d3314d106f9100f1441fca932570602da33cc1778afc6dc1dc1d02a8b5f242974d76671c6d0911d122ea072967754573d94853c4dabd961eeabb2fa1e4c594c3065f"}]}}]}}]}}]}}, &(0x7f0000000880)={0xa, &(0x7f0000000500)={0xa, 0x6, 0x201, 0x6, 0x5, 0xf, 0x40, 0x9a}, 0x245, &(0x7f0000000540)={0x5, 0xf, 0x245, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0x9, 0xe, 0x400}, @ptm_cap={0x3}, @generic={0xaa, 0x10, 0xa, "60371764fa0103fad26c557cace136f8e9348aa205de3c9e2d1492eb27fa71b4fced6a3f27ade7bdac7b214aa1dfe0b211192ae197b118e61a0cb03db8435357c3e12846456bdb506bc79570c4b0d61cbfdb35d0d0b9bd6261c5edf51ccde3018b852c878ffb96d60204c12b6016fa853c4c7fa354bccd02406c0bf9f60fd3410f3489f198ea5d8ff3031861e37b7183567a39d5f64d4cd8bffdc970a0fd1d2e8ebad19a1e82c0"}, @generic={0x8c, 0x10, 0x3, "58eb5b65f0176024c14100f208c13d55be63e3aa81ae07fb68061c53485cfdaaaa87936cfad67499b47cb071e7c25d49ec95a8d28819818c847283a31389f57d209a8c86799bacb70fe1c76288b2c6e85ee741513536ce55fa84a5016122899d7715ede57fd3de403979f73df4a7d7c5652f7fd5d4613d07ab8af56c452b5524ae19a7aab9980444b4"}, @generic={0xfa, 0x10, 0x3, "259a57e275fe8664edbcf430109481bad34c44da39ef32538d566606a37451c15708b48d8cec2c02bd81073094d074f72823e9be79e0db4ee08b40867746f5cba06fa97737aa2fd674425bf49791eac38b53970a1f091166cf05ced1eadc4165bd053f037dd441e1c2e60b945c14655e5786a93e099e2e92595071f1179ed42d5f6230b60d06219c94734e0277523d470282ad3ea61e67290c43decbd2596a6b87a49614afc8b73001f2178d55cc6f1a0f7fb0fcf08ec7ff5dbbd668ee478c9c0a55bb275d60417b1541ba9ed58633755753c9b195fd1c7bf0d3b97389f9ed07580524b3a744425f844e0fcc0615b5243de64f826fb357"}, @ptm_cap={0x3}]}, 0x2, [{0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x1409}}, {0x58, &(0x7f0000000800)=@string={0x58, 0x3, "46a5e6d85a8d1cd2e25aeab6e1314e1af96a8d3aefa52bff52df70e1f1eab13edb3dea05bfe2d212e8d96c3bf5e1aaba6cc98b5a174f6d2e2b068570e59263106b619e87ca01d5e26657f807e5cb5041294f9049e325"}}]})
ioctl$FBIOGETCMAP(r0, 0x4604, &(0x7f00000009c0)={0x2, 0x3, &(0x7f00000008c0)=[0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000940)=[0x0, 0x0], &(0x7f0000000980)=[0x0, 0x0, 0x0]})
mkdir(&(0x7f0000000a00)='./file0\x00', 0x110)
openat(r0, &(0x7f0000000a40)='./file0/file0\x00', 0x0, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ptrace$ARCH_SHSTK_ENABLE(0x1e, 0x0, 0x2, 0x5001)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x0, &(0x7f0000000a80), &(0x7f0000000ac0)=0x4)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
close_range(r3, r2, 0x2)
ioctl$BTRFS_IOC_WAIT_SYNC(r3, 0x40089416, &(0x7f0000000b00))
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000b40), 0x2300, 0x0)
flock(r1, 0x4)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_usb_connect$uac1(0x2, 0xca, &(0x7f0000002e80)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xb8, 0x3, 0x1, 0x5, 0x70, 0x3, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x2, 0x6}, [@extension_unit={0xd, 0x24, 0x8, 0x6, 0x1, 0x10, "d32676c447cb"}, @processing_unit={0x8, 0x24, 0x7, 0x3, 0x5, 0x0, '\x00'}, @processing_unit={0xa, 0x24, 0x7, 0x1, 0x4, 0x0, "eb9f8d"}, @input_terminal={0xc, 0x24, 0x2, 0x6, 0x204, 0x4, 0x3, 0x1, 0x4e, 0x8}, @output_terminal={0x9, 0x24, 0x3, 0x3, 0x304, 0x6, 0x5, 0xcd}, @processing_unit={0xa, 0x24, 0x7, 0x5, 0x0, 0x81, '/A>'}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x5, 0x6, 0xb4549994735956b0}, @as_header={0x7, 0x24, 0x1, 0x5, 0xff, 0x4}, @format_type_i_discrete={0xd, 0x24, 0x2, 0x1, 0x7, 0x1, 0x4, 0x5, "1ddc3be160"}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x1, 0x79, 0x6, {0x7, 0x25, 0x1, 0x2, 0x3, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0xc, 0x3, 0x10, {0x7, 0x25, 0x1, 0x0, 0x34, 0x3}}}}}}}]}}, &(0x7f0000003340)={0xa, &(0x7f0000002f80)={0xa, 0x6, 0x310, 0x1, 0x0, 0x4b, 0x10}, 0xad, &(0x7f0000002fc0)={0x5, 0xf, 0xad, 0x6, [@ssp_cap={0x1c, 0x10, 0xa, 0xa, 0x4, 0x0, 0xf011, 0x4, [0xc000, 0xf0, 0x30, 0x3f00]}, @ssp_cap={0x14, 0x10, 0xa, 0x2, 0x2, 0xeb, 0xf, 0x9, [0xc030, 0xff3fff]}, @generic={0x4f, 0x10, 0x0, "03d306b654a5c4ce5541f177b1495a82a7b27009e76d65c574fee030bbb9270fdbee3de4d391df83c4b0776ccc9b182e4daab20970b17db5348efb3747037f3c3717cff92209b776b708eeba"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x6, 0x1, 0x7, 0x539a}, @wireless={0xb, 0x10, 0x1, 0x8, 0x42, 0x10, 0xa, 0x9, 0x5}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "c58d76b496c8ad431f743c8548e43176"}]}, 0x8, [{0x4, &(0x7f0000003080)=@lang_id={0x4, 0x3, 0x140a}}, {0xb1, &(0x7f00000030c0)=@string={0xb1, 0x3, "5261436bb50c9cf8cc036f74a6937a340a98dc5f4fe17b8da5a73ce9d8889636820a50a78b0ef7ff5367a51518278a01033859ca54429caa2773594df73afe13e051220344607b13e6e70c519dcf044b4cefe4ecda1ae5fd87273ae7226a6ab550ac2d8fdce5aff6a20457b854f6a582fd129b2a469244cf99997a0ab4d403dccb47db7dd2b4e03c540f2db22e619b69abd77328632ec9217db4133e8bbe78212a8d5ce0db15128132e8dafb53ac92"}}, {0x4, &(0x7f0000003180)=@lang_id={0x4, 0x3, 0x140a}}, {0x42, &(0x7f00000031c0)=@string={0x42, 0x3, "8341044399a8a6245fb63aca89336bfcba880a0edf869611ebcfe388c0ce38011132776b55ae17896b8638fefe2cb1307de2cacae737f0ff3c397a9640ec2814"}}, {0x4, &(0x7f0000003240)=@lang_id={0x4, 0x3, 0x4b}}, {0x4, &(0x7f0000003280)=@lang_id={0x4, 0x3, 0x4644}}, {0x4, &(0x7f00000032c0)=@lang_id={0x4}}, {0x4, &(0x7f0000003300)=@lang_id={0x4, 0x3, 0x413}}]})
syz_usb_connect$cdc_ecm(0x4, 0x62, &(0x7f00000033c0)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x50, 0x1, 0x1, 0x0, 0x10, 0x6, [{{0x9, 0x4, 0x0, 0x7, 0x3, 0x2, 0x6, 0x0, 0x3, {{0x9, 0x24, 0x6, 0x0, 0x0, "8abaa821"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x5, 0x6, 0x4, 0x6}, [@mbim_extended={0x8, 0x24, 0x1c, 0x4000, 0xf0, 0x7}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x20, 0xb, 0x7, 0x8}}], {{0x9, 0x5, 0x82, 0x2, 0x8, 0xd, 0xa, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0xf, 0xd, 0x2}}}}}]}}]}}, &(0x7f00000035c0)={0xa, &(0x7f0000003440)={0xa, 0x6, 0x201, 0x8, 0x7, 0xf, 0x40, 0x8}, 0x60, &(0x7f0000003480)={0x5, 0xf, 0x60, 0x6, [@ptm_cap={0x3}, @ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0x3, 0x1, 0x4}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x10, 0x2, 0x1}, @ptm_cap={0x3}, @generic={0x41, 0x10, 0x3, "a7ebe6365b843f1becc83424df4dc1cfd65544c82244f048b73337d03975e0a20c5d942d47b9ee0131450041f94157ff2e7c3cedce9a3ca0f810e80a61f6"}]}, 0x2, [{0x4, &(0x7f0000003500)=@lang_id={0x4, 0x3, 0x41f}}, {0x61, &(0x7f0000003540)=@string={0x61, 0x3, "f40e74b0df4ec9e4d4dd9438e2a77e3d39cf17a9a072396aea409b25dc8a6f3f6ed4f21f8c89c1b6ca28086b915bbd22b3c4d313476274c93341991a25bb8663d403424eb485658af712ba7c4277965016c66cb39d117a6987e2d2ab37674a"}}]})

39.241457668s ago: executing program 5 (id=17316):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f00000002c0)={0x81, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000000)={0x8000000, 0xffff1000, 0x1, 0x1, 0x999})

23.523548204s ago: executing program 8 (id=17406):
r0 = syz_open_dev$radio(0x0, 0x2, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000002280)={0x0, 0x1, 0x40})
r1 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f00000002c0)={0x0, 0x1, 0x2})

23.409668774s ago: executing program 8 (id=17408):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$DVB_DVR_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000000)={0xf86, 0x0, r0})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x3, 0x2, 0x1, 0xc5, 0x9, 0x28, 0x2, 0x1, 0x95, 0xb, 0x8, 0x7f, 0x7}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

20.118163175s ago: executing program 8 (id=17418):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket(0x14, 0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x61d0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYRES64=r0], 0x1c}, 0x1, 0x0, 0x0, 0x200408e5}, 0x8040)

19.935510114s ago: executing program 8 (id=17419):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)

19.874027771s ago: executing program 8 (id=17420):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x3ff, 0x2, 0x5}, 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffffffe}]}}}]}]}], {0x14}}, 0xc0}}, 0x0)

19.489977851s ago: executing program 8 (id=17422):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x4e, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r7, {0x0, 0x10}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x7, 0x1, 0x100, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
r8 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r8, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r8, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0xc}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x40005)

19.145680439s ago: executing program 7 (id=17425):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r3, 0x10)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000180)=[{&(0x7f0000001940)='{', 0x1}], 0x1}, 0x80d1)

19.024584091s ago: executing program 7 (id=17427):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

18.528192747s ago: executing program 7 (id=17430):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000002000000000000040017028500000011000000850000000500000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000140)="e02742e8680d85ff9782762f86dd", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

18.375052584s ago: executing program 7 (id=17431):
r0 = syz_io_uring_setup(0x105, &(0x7f0000000540)={0x0, 0x84d9, 0x0, 0x0, 0x2d4}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r0, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)

18.150782996s ago: executing program 7 (id=17432):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_genetlink_get_family_id$tipc(0x0, r0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, 0x0, 0x4000001)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x61d0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYRES64=r1], 0x1c}, 0x1, 0x0, 0x0, 0x200408e5}, 0x8040)

17.907350317s ago: executing program 7 (id=17434):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r5, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r2, @ANYBLOB="0100000001"], 0x3c}}, 0x0)

16.89390924s ago: executing program 1 (id=17438):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(0x0, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000600)=ANY=[@ANYBLOB="5000000008021100000108021100000050505050505000000000000000000000000401000006020202020202"], 0x36)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})

15.759687219s ago: executing program 6 (id=17439):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

15.441657854s ago: executing program 1 (id=17440):
openat2$dir(0xffffff9c, 0x0, &(0x7f00000001c0)={0xd2f1292d633aa197, 0x122, 0x4}, 0x18)

15.423051813s ago: executing program 6 (id=17441):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb2960100, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x20060400)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)

15.282588035s ago: executing program 1 (id=17442):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000a80)="d80000001d0081044e81f777db44b904021d080201000000040000a1bc0001000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c16fb4007134cf6ee08000a0e408e8d8ef075c11503c6bbace801bcb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322107c9fd6", 0x81}, {&(0x7f00000006c0)="54f6d4be7eb3f14085", 0x9}, {&(0x7f0000000980)="027a64c0072ebbb1512b328dda11b4efd4ba07fc642b7e012bea071dbbdea51e41958755533ccc", 0x27}], 0x3, 0x0, 0x0, 0x7400}, 0x10)

15.257671331s ago: executing program 1 (id=17443):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_genetlink_get_family_id$tipc(0x0, r0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, 0x0, 0x4000001)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x61d0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYRES64=r1], 0x1c}, 0x1, 0x0, 0x0, 0x200408e5}, 0x8040)

15.225923091s ago: executing program 6 (id=17444):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x15, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000100)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f0000000780)=""/4108, 0x437aba2}], 0x1, 0x0, 0xfffffdee, 0x407006}, 0x104)

14.645724675s ago: executing program 1 (id=17445):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x1, 0x8, 0x301, 0x0, 0x0, {0x5, 0x0, 0x2}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008800}, 0x80)
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001c00010429bd7000fddbdf2507000000", @ANYRES32=r1], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20040040)

14.313982268s ago: executing program 6 (id=17446):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="3400000002030103000000000000000002000006080004400000003f0800054000000007080001"], 0x34}, 0x1, 0x0, 0x0, 0x6000048}, 0x0)

14.240383245s ago: executing program 6 (id=17447):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)

14.081646767s ago: executing program 6 (id=17448):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, r1})
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
ioctl$PTP_PIN_SETFUNC(0xffffffffffffffff, 0x40603d07, &(0x7f0000000040)={'\x00', 0x7fff, 0x2, 0xfffffff9})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x7168, 0x3010, 0x2, 0x41}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000080)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x311, 0x80, 0x2, 0x34f}, &(0x7f00000000c0)=<r10=>0x0, &(0x7f0000000080))
syz_io_uring_submit(r10, r9, &(0x7f0000000140)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x60, 0x4004, @fd=r6, 0x47, 0x0, 0x0, 0xd})
io_uring_enter(r7, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
r11 = socket$kcm(0x29, 0x2, 0x0)
ioctl$int_in(r11, 0x5452, &(0x7f0000000240)=0x3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
fsopen(&(0x7f0000000700)='affs\x00', 0x1)

4.481732157s ago: executing program 36 (id=17422):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x4e, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r7, {0x0, 0x10}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x7, 0x1, 0x100, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
r8 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r8, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r8, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0xc}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x40005)

1.990716528s ago: executing program 37 (id=17434):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r5, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r2, @ANYBLOB="0100000001"], 0x3c}}, 0x0)

0s ago: executing program 1 (id=17451):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_genetlink_get_family_id$tipc(0x0, r0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, 0x0, 0x4000001)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x14, 0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x61d0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYRES64=r1], 0x1c}, 0x1, 0x0, 0x0, 0x200408e5}, 0x8040)

kernel console output (not intermixed with test programs):

6789 connect error
[ 2457.681059][T15977] ceph: No mds server is up or the cluster is laggy
[ 2459.794591][T16020] netlink: 'syz.5.16461': attribute type 5 has an invalid length.
[ 2459.960010][T12745] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 2460.100205][T12745] usb 2-1: device descriptor read/64, error -71
[ 2460.128159][T16050] FAULT_INJECTION: forcing a failure.
[ 2460.128159][T16050] name failslab, interval 1, probability 0, space 0, times 0
[ 2460.128195][T16050] CPU: 0 UID: 0 PID: 16050 Comm: syz.7.16473 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2460.128221][T16050] Tainted: [L]=SOFTLOCKUP
[ 2460.128229][T16050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2460.128241][T16050] Call Trace:
[ 2460.128248][T16050]  <TASK>
[ 2460.128258][T16050]  dump_stack_lvl+0xe8/0x150
[ 2460.128288][T16050]  should_fail_ex+0x46b/0x600
[ 2460.128317][T16050]  should_failslab+0xa8/0x100
[ 2460.128339][T16050]  kmem_cache_alloc_noprof+0x87/0x680
[ 2460.128360][T16050]  ? ceph_msg_new2+0x3b/0x500
[ 2460.128383][T16050]  ceph_msg_new2+0x3b/0x500
[ 2460.128406][T16050]  ceph_monc_init+0x611/0xad0
[ 2460.128437][T16050]  ceph_create_client+0x230/0x310
[ 2460.128464][T16050]  ceph_get_tree+0x1c5/0x19e0
[ 2460.128485][T16050]  ? safesetid_security_capable+0xa9/0x1a0
[ 2460.128518][T16050]  vfs_get_tree+0x92/0x2a0
[ 2460.128540][T16050]  vfs_cmd_create+0xa2/0x200
[ 2460.128562][T16050]  __se_sys_fsconfig+0x6cf/0x820
[ 2460.128586][T16050]  ? __pfx___se_sys_fsconfig+0x10/0x10
[ 2460.128604][T16050]  ? ksys_write+0x248/0x270
[ 2460.128625][T16050]  ? __pfx_ksys_write+0x10/0x10
[ 2460.128650][T16050]  ? __x64_sys_fsconfig+0x20/0xc0
[ 2460.128671][T16050]  do_syscall_64+0x14d/0xf80
[ 2460.128700][T16050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2460.128718][T16050]  ? trace_irq_disable+0x37/0x100
[ 2460.128734][T16050]  ? clear_bhb_loop+0x40/0x90
[ 2460.128756][T16050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2460.128773][T16050] RIP: 0033:0x7f7459edbf79
[ 2460.128790][T16050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2460.128807][T16050] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 2460.128827][T16050] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2460.128841][T16050] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[ 2460.128853][T16050] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2460.128866][T16050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2460.128879][T16050] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2460.128911][T16050]  </TASK>
[ 2461.407160][T12745] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 2461.530336][T12745] usb 2-1: device descriptor read/64, error -71
[ 2461.650693][T12745] usb usb2-port1: attempt power cycle
[ 2462.000296][T12745] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 2462.054145][T12745] usb 2-1: device descriptor read/8, error -71
[ 2462.180048][T18927] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[ 2462.290011][T12745] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 2462.318260][T12745] usb 2-1: device descriptor read/8, error -71
[ 2462.334858][T18927] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 2462.334890][T18927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2462.334911][T18927] usb 6-1: Product: syz
[ 2462.334925][T18927] usb 6-1: Manufacturer: syz
[ 2462.334940][T18927] usb 6-1: SerialNumber: syz
[ 2462.375156][T18927] usb 6-1: config 0 descriptor??
[ 2462.405183][T18927] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 2462.420672][T12745] usb usb2-port1: unable to enumerate USB device
[ 2462.661796][T16093] FAULT_INJECTION: forcing a failure.
[ 2462.661796][T16093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2462.661831][T16093] CPU: 0 UID: 0 PID: 16093 Comm: syz.7.16493 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2462.661857][T16093] Tainted: [L]=SOFTLOCKUP
[ 2462.661863][T16093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2462.661875][T16093] Call Trace:
[ 2462.661883][T16093]  <TASK>
[ 2462.661891][T16093]  dump_stack_lvl+0xe8/0x150
[ 2462.661924][T16093]  should_fail_ex+0x46b/0x600
[ 2462.661951][T16093]  _copy_to_user+0x31/0xb0
[ 2462.661976][T16093]  bpf_verifier_vlog+0x48c/0x8f0
[ 2462.662006][T16093]  verbose+0x11d/0x1a0
[ 2462.662032][T16093]  ? __pfx_verbose+0x10/0x10
[ 2462.662056][T16093]  ? compute_live_registers+0x143/0x1a30
[ 2462.662078][T16093]  ? bpf_insn_successors+0x216/0x3e0
[ 2462.662104][T16093]  compute_live_registers+0x144b/0x1a30
[ 2462.662126][T16093]  ? kfree+0x1c1/0x690
[ 2462.662158][T16093]  ? __pfx_compute_live_registers+0x10/0x10
[ 2462.662177][T16093]  ? __pfx_verbose+0x10/0x10
[ 2462.662196][T16093]  ? __pfx_disasm_kfunc_name+0x10/0x10
[ 2462.662229][T16093]  bpf_check+0x5ef9/0x1ce10
[ 2462.662258][T16093]  ? try_to_take_rt_mutex+0x840/0xb00
[ 2462.662294][T16093]  ? __lock_acquire+0x6b5/0x2cf0
[ 2462.662330][T16093]  ? __lock_acquire+0x6b5/0x2cf0
[ 2462.662354][T16093]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2462.662377][T16093]  ? css_rstat_updated+0x23a/0x530
[ 2462.662421][T16093]  ? pcpu_memcg_post_alloc_hook+0x77/0x580
[ 2462.662444][T16093]  ? __pfx_bpf_check+0x10/0x10
[ 2462.662467][T16093]  ? ktime_get_with_offset+0x93/0x2a0
[ 2462.662506][T16093]  ? ktime_get_with_offset+0x93/0x2a0
[ 2462.662529][T16093]  ? __asan_memset+0x22/0x50
[ 2462.662554][T16093]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[ 2462.662577][T16093]  ? security_bpf_prog_load+0x125/0x3c0
[ 2462.662601][T16093]  bpf_prog_load+0x1484/0x1ae0
[ 2462.662633][T16093]  ? __pfx_bpf_prog_load+0x10/0x10
[ 2462.662646][T16093]  ? __might_fault+0xaf/0x130
[ 2462.662667][T16093]  ? bpf_lsm_bpf+0x9/0x20
[ 2462.662679][T16093]  ? security_bpf+0x7e/0x2d0
[ 2462.662696][T16093]  __sys_bpf+0x618/0x950
[ 2462.662724][T16093]  ? __pfx___sys_bpf+0x10/0x10
[ 2462.662746][T16093]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 2462.662782][T16093]  ? ksys_write+0x248/0x270
[ 2462.662802][T16093]  ? __pfx_ksys_write+0x10/0x10
[ 2462.662820][T16093]  __x64_sys_bpf+0x7c/0x90
[ 2462.662835][T16093]  do_syscall_64+0x14d/0xf80
[ 2462.662849][T16093]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2462.662865][T16093]  ? trace_irq_disable+0x37/0x100
[ 2462.662881][T16093]  ? clear_bhb_loop+0x40/0x90
[ 2462.662903][T16093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2462.662921][T16093] RIP: 0033:0x7f7459edbf79
[ 2462.662939][T16093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2462.662956][T16093] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2462.662974][T16093] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2462.662982][T16093] RDX: 000000000000002d RSI: 00002000002a0fb8 RDI: 0000000000000005
[ 2462.662989][T16093] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2462.662995][T16093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2462.663002][T16093] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2462.663018][T16093]  </TASK>
[ 2463.411879][    T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 2463.476510][T18927] gspca_sunplus: reg_r err -71
[ 2463.476594][T18927] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[ 2463.493554][T18927] usb 6-1: USB disconnect, device number 56
[ 2463.572249][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2463.572284][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2463.572322][    T9] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 2463.572347][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2463.578802][    T9] usb 2-1: config 0 descriptor??
[ 2464.311147][T12745] usb 6-1: new full-speed USB device number 57 using dummy_hcd
[ 2464.476482][T12745] usb 6-1: unable to read config index 0 descriptor/start: -71
[ 2464.476519][T12745] usb 6-1: can't read configurations, error -71
[ 2464.507892][    T9] usbhid 2-1:0.0: can't add hid device: -71
[ 2464.508001][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2464.520429][    T9] usb 2-1: USB disconnect, device number 17
[ 2465.137261][T16218] FAULT_INJECTION: forcing a failure.
[ 2465.137261][T16218] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2465.137297][T16218] CPU: 1 UID: 0 PID: 16218 Comm: syz.7.16552 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2465.137330][T16218] Tainted: [L]=SOFTLOCKUP
[ 2465.137337][T16218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2465.137349][T16218] Call Trace:
[ 2465.137356][T16218]  <TASK>
[ 2465.137366][T16218]  dump_stack_lvl+0xe8/0x150
[ 2465.137394][T16218]  should_fail_ex+0x46b/0x600
[ 2465.137421][T16218]  _copy_to_user+0x31/0xb0
[ 2465.137447][T16218]  simple_read_from_buffer+0xe1/0x170
[ 2465.137475][T16218]  proc_fail_nth_read+0x1be/0x230
[ 2465.137499][T16218]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2465.137521][T16218]  ? rw_verify_area+0x2ac/0x4e0
[ 2465.137546][T16218]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2465.137565][T16218]  vfs_read+0x212/0xa70
[ 2465.137592][T16218]  ? __pfx_vfs_read+0x10/0x10
[ 2465.137612][T16218]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2465.137636][T16218]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2465.137658][T16218]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2465.137680][T16218]  ? mutex_lock_nested+0x152/0x1d0
[ 2465.137697][T16218]  ? fdget_pos+0x252/0x320
[ 2465.137728][T16218]  ksys_read+0x156/0x270
[ 2465.137749][T16218]  ? __pfx_ksys_read+0x10/0x10
[ 2465.137769][T16218]  ? __secure_computing+0xe1/0x2a0
[ 2465.137792][T16218]  do_syscall_64+0x14d/0xf80
[ 2465.137813][T16218]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2465.137831][T16218]  ? trace_irq_disable+0x37/0x100
[ 2465.137847][T16218]  ? clear_bhb_loop+0x40/0x90
[ 2465.137870][T16218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2465.137885][T16218] RIP: 0033:0x7f7459e9c84e
[ 2465.137900][T16218] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2465.137916][T16218] RSP: 002b:00007f7458135fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2465.137934][T16218] RAX: ffffffffffffffda RBX: 00007f74581366c0 RCX: 00007f7459e9c84e
[ 2465.137946][T16218] RDX: 000000000000000f RSI: 00007f74581360a0 RDI: 0000000000000003
[ 2465.137956][T16218] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2465.137967][T16218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2465.137978][T16218] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2465.138007][T16218]  </TASK>
[ 2465.409853][T16229] netlink: 'syz.1.16559': attribute type 5 has an invalid length.
[ 2466.592120][T16257] FAULT_INJECTION: forcing a failure.
[ 2466.592120][T16257] name failslab, interval 1, probability 0, space 0, times 0
[ 2466.592155][T16257] CPU: 0 UID: 0 PID: 16257 Comm: syz.6.16569 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2466.592182][T16257] Tainted: [L]=SOFTLOCKUP
[ 2466.592189][T16257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2466.592201][T16257] Call Trace:
[ 2466.592209][T16257]  <TASK>
[ 2466.592218][T16257]  dump_stack_lvl+0xe8/0x150
[ 2466.592249][T16257]  should_fail_ex+0x46b/0x600
[ 2466.592277][T16257]  should_failslab+0xa8/0x100
[ 2466.592300][T16257]  __kmalloc_noprof+0xdf/0x7b0
[ 2466.592319][T16257]  ? kfree+0x4d/0x690
[ 2466.592336][T16257]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2466.592362][T16257]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2466.592385][T16257]  ? tomoyo_domain+0xd8/0x130
[ 2466.592419][T16257]  ? tomoyo_path_number_perm+0x219/0x630
[ 2466.592445][T16257]  tomoyo_path_number_perm+0x246/0x630
[ 2466.592473][T16257]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2466.592496][T16257]  ? __lock_acquire+0x6b5/0x2cf0
[ 2466.592522][T16257]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2466.592577][T16257]  ? __fget_files+0x2a/0x420
[ 2466.592603][T16257]  ? __fget_files+0x2a/0x420
[ 2466.592623][T16257]  ? __fget_files+0x3a6/0x420
[ 2466.592644][T16257]  ? __fget_files+0x2a/0x420
[ 2466.592670][T16257]  security_file_ioctl+0xc3/0x2a0
[ 2466.592698][T16257]  __se_sys_ioctl+0x47/0x170
[ 2466.592720][T16257]  do_syscall_64+0x14d/0xf80
[ 2466.592743][T16257]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2466.592761][T16257]  ? trace_irq_disable+0x37/0x100
[ 2466.592778][T16257]  ? clear_bhb_loop+0x40/0x90
[ 2466.592800][T16257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2466.592818][T16257] RIP: 0033:0x7f458116bf79
[ 2466.592836][T16257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2466.592853][T16257] RSP: 002b:00007f457f3be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2466.592873][T16257] RAX: ffffffffffffffda RBX: 00007f45813e5fa0 RCX: 00007f458116bf79
[ 2466.592888][T16257] RDX: 0000200000000100 RSI: 000000008010aa01 RDI: 0000000000000003
[ 2466.592901][T16257] RBP: 00007f457f3be090 R08: 0000000000000000 R09: 0000000000000000
[ 2466.592915][T16257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2466.592927][T16257] R13: 00007f45813e6038 R14: 00007f45813e5fa0 R15: 00007fffe454f898
[ 2466.592959][T16257]  </TASK>
[ 2466.592968][T16257] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2467.380095][T16282] FAULT_INJECTION: forcing a failure.
[ 2467.380095][T16282] name failslab, interval 1, probability 0, space 0, times 0
[ 2467.380132][T16282] CPU: 0 UID: 0 PID: 16282 Comm: syz.1.16577 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2467.380166][T16282] Tainted: [L]=SOFTLOCKUP
[ 2467.380173][T16282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2467.380185][T16282] Call Trace:
[ 2467.380193][T16282]  <TASK>
[ 2467.380202][T16282]  dump_stack_lvl+0xe8/0x150
[ 2467.380233][T16282]  should_fail_ex+0x46b/0x600
[ 2467.380261][T16282]  should_failslab+0xa8/0x100
[ 2467.380284][T16282]  kmem_cache_alloc_lru_noprof+0x8b/0x680
[ 2467.380305][T16282]  ? __d_alloc+0x37/0x6f0
[ 2467.380335][T16282]  __d_alloc+0x37/0x6f0
[ 2467.380361][T16282]  d_alloc_parallel+0xe6/0x1610
[ 2467.380377][T16282]  ? __d_lookup+0x66/0x780
[ 2467.380392][T16282]  ? __d_lookup+0x66/0x780
[ 2467.380410][T16282]  ? __d_lookup+0x66/0x780
[ 2467.380427][T16282]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 2467.380446][T16282]  ? seqcount_lockdep_reader_access+0xa9/0x100
[ 2467.380472][T16282]  path_openat+0xcc3/0x38a0
[ 2467.380514][T16282]  ? __pfx_path_openat+0x10/0x10
[ 2467.380541][T16282]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2467.380566][T16282]  do_file_open+0x23e/0x4a0
[ 2467.380580][T16282]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2467.380603][T16282]  ? __pfx_do_file_open+0x10/0x10
[ 2467.380615][T16282]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 2467.380638][T16282]  ? __pfx_kfree_link+0x10/0x10
[ 2467.380664][T16282]  ? alloc_fd+0x64e/0x6c0
[ 2467.380691][T16282]  do_sys_openat2+0x113/0x200
[ 2467.380712][T16282]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2467.380730][T16282]  ? ksys_write+0x248/0x270
[ 2467.380747][T16282]  ? __pfx_ksys_write+0x10/0x10
[ 2467.380764][T16282]  __x64_sys_openat+0x138/0x170
[ 2467.380786][T16282]  do_syscall_64+0x14d/0xf80
[ 2467.380804][T16282]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2467.380818][T16282]  ? trace_irq_disable+0x37/0x100
[ 2467.380831][T16282]  ? clear_bhb_loop+0x40/0x90
[ 2467.380848][T16282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2467.380863][T16282] RIP: 0033:0x7fd03f60c84e
[ 2467.380876][T16282] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2467.380890][T16282] RSP: 002b:00007fd03d85bec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2467.380907][T16282] RAX: ffffffffffffffda RBX: 00007fd03d85c6c0 RCX: 00007fd03f60c84e
[ 2467.380919][T16282] RDX: 0000000000000002 RSI: 00007fd03d85bf90 RDI: ffffffffffffff9c
[ 2467.380929][T16282] RBP: 00007fd03d85c090 R08: 0000000000000000 R09: 0000000000000000
[ 2467.380939][T16282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2467.380949][T16282] R13: 00007fd03f8c6218 R14: 00007fd03f8c6180 R15: 00007ffdc6cae308
[ 2467.380974][T16282]  </TASK>
[ 2467.652364][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[ 2467.960079][T18927] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[ 2468.090142][T18927] usb 6-1: device descriptor read/64, error -71
[ 2468.332211][T18927] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[ 2468.460882][T18927] usb 6-1: device descriptor read/64, error -71
[ 2468.570669][T18927] usb usb6-port1: attempt power cycle
[ 2468.910145][T18927] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[ 2468.930905][T18927] usb 6-1: device descriptor read/8, error -71
[ 2469.170053][T18927] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[ 2469.193220][T18927] usb 6-1: device descriptor read/8, error -71
[ 2469.300729][T18927] usb usb6-port1: unable to enumerate USB device
[ 2470.052536][T16428] FAULT_INJECTION: forcing a failure.
[ 2470.052536][T16428] name failslab, interval 1, probability 0, space 0, times 0
[ 2470.052573][T16428] CPU: 1 UID: 0 PID: 16428 Comm: syz.7.16652 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2470.052599][T16428] Tainted: [L]=SOFTLOCKUP
[ 2470.052607][T16428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2470.052619][T16428] Call Trace:
[ 2470.052627][T16428]  <TASK>
[ 2470.052635][T16428]  dump_stack_lvl+0xe8/0x150
[ 2470.052664][T16428]  should_fail_ex+0x46b/0x600
[ 2470.052690][T16428]  should_failslab+0xa8/0x100
[ 2470.052711][T16428]  __kmalloc_noprof+0xdf/0x7b0
[ 2470.052728][T16428]  ? kfree+0x4d/0x690
[ 2470.052743][T16428]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2470.052786][T16428]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2470.052808][T16428]  ? tomoyo_domain+0xd8/0x130
[ 2470.052834][T16428]  ? tomoyo_path_number_perm+0x219/0x630
[ 2470.052859][T16428]  tomoyo_path_number_perm+0x246/0x630
[ 2470.052886][T16428]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2470.052909][T16428]  ? __lock_acquire+0x6b5/0x2cf0
[ 2470.052936][T16428]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2470.052990][T16428]  ? __fget_files+0x2a/0x420
[ 2470.053016][T16428]  ? __fget_files+0x2a/0x420
[ 2470.053037][T16428]  ? __fget_files+0x3a6/0x420
[ 2470.053057][T16428]  ? __fget_files+0x2a/0x420
[ 2470.053083][T16428]  security_file_ioctl+0xc3/0x2a0
[ 2470.053111][T16428]  __se_sys_ioctl+0x47/0x170
[ 2470.053134][T16428]  do_syscall_64+0x14d/0xf80
[ 2470.053156][T16428]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2470.053175][T16428]  ? trace_irq_disable+0x37/0x100
[ 2470.053192][T16428]  ? clear_bhb_loop+0x40/0x90
[ 2470.053220][T16428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2470.053239][T16428] RIP: 0033:0x7f7459edbf79
[ 2470.053256][T16428] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2470.053272][T16428] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2470.053293][T16428] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2470.053308][T16428] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2470.053320][T16428] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2470.053332][T16428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2470.053344][T16428] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2470.053377][T16428]  </TASK>
[ 2470.053385][T16428] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2472.506938][T16448] netlink: 'syz.5.16660': attribute type 5 has an invalid length.
[ 2473.917898][T16521] overlayfs: overlapping lowerdir path
[ 2473.926457][T16522] netlink: 'syz.5.16691': attribute type 5 has an invalid length.
[ 2474.141952][T16536] FAULT_INJECTION: forcing a failure.
[ 2474.141952][T16536] name failslab, interval 1, probability 0, space 0, times 0
[ 2474.141991][T16536] CPU: 0 UID: 0 PID: 16536 Comm: syz.7.16699 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2474.142017][T16536] Tainted: [L]=SOFTLOCKUP
[ 2474.142023][T16536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2474.142034][T16536] Call Trace:
[ 2474.142041][T16536]  <TASK>
[ 2474.142050][T16536]  dump_stack_lvl+0xe8/0x150
[ 2474.142079][T16536]  should_fail_ex+0x46b/0x600
[ 2474.142107][T16536]  should_failslab+0xa8/0x100
[ 2474.142129][T16536]  __kmalloc_noprof+0xdf/0x7b0
[ 2474.142149][T16536]  ? kfree+0x4d/0x690
[ 2474.142164][T16536]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2474.142191][T16536]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2474.142212][T16536]  ? tomoyo_domain+0xd8/0x130
[ 2474.142238][T16536]  ? tomoyo_path_number_perm+0x219/0x630
[ 2474.142264][T16536]  tomoyo_path_number_perm+0x246/0x630
[ 2474.142292][T16536]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2474.142316][T16536]  ? __lock_acquire+0x6b5/0x2cf0
[ 2474.142343][T16536]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2474.142396][T16536]  ? __fget_files+0x2a/0x420
[ 2474.142421][T16536]  ? __fget_files+0x2a/0x420
[ 2474.142442][T16536]  ? __fget_files+0x3a6/0x420
[ 2474.142463][T16536]  ? __fget_files+0x2a/0x420
[ 2474.142489][T16536]  security_file_ioctl+0xc3/0x2a0
[ 2474.142518][T16536]  __se_sys_ioctl+0x47/0x170
[ 2474.142541][T16536]  do_syscall_64+0x14d/0xf80
[ 2474.142563][T16536]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2474.142582][T16536]  ? trace_irq_disable+0x37/0x100
[ 2474.142600][T16536]  ? clear_bhb_loop+0x40/0x90
[ 2474.142622][T16536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2474.142640][T16536] RIP: 0033:0x7f7459edbf79
[ 2474.142657][T16536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2474.142672][T16536] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2474.142693][T16536] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2474.142707][T16536] RDX: 0000200000000040 RSI: 00000000000089f0 RDI: 0000000000000003
[ 2474.142720][T16536] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2474.142732][T16536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2474.142744][T16536] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2474.142778][T16536]  </TASK>
[ 2474.142786][T16536] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2474.142814][T16536] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 2474.142831][T16536] bond0: (slave lo): Error: Device can not be enslaved while up
[ 2474.470101][T12745] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[ 2474.649427][T12745] usb 2-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00
[ 2474.649458][T12745] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2474.684017][T16556] kAFS: unable to lookup cell 'mS�jˡ8'
[ 2474.685894][T12745] usb 2-1: config 0 descriptor??
[ 2474.699843][T16556] bpf: Bad value for 'gid'
[ 2474.700168][T16556] bpf: Bad value for 'gid'
[ 2474.700445][T16556] bpf: Bad value for 'gid'
[ 2474.700695][T16556] bpf: Bad value for 'gid'
[ 2474.700945][T16556] bpf: Bad value for 'gid'
[ 2474.701179][T16556] bpf: Bad value for 'gid'
[ 2474.701433][T16556] bpf: Bad value for 'gid'
[ 2474.701697][T16556] bpf: Bad value for 'gid'
[ 2474.701942][T16556] bpf: Bad value for 'gid'
[ 2474.702179][T16556] bpf: Bad value for 'gid'
[ 2474.702426][T16556] bpf: Bad value for 'gid'
[ 2474.702674][T16556] bpf: Bad value for 'gid'
[ 2474.702917][T16556] bpf: Bad value for 'gid'
[ 2474.703154][T16556] bpf: Bad value for 'gid'
[ 2474.703396][T16556] bpf: Bad value for 'gid'
[ 2474.703637][T16556] bpf: Bad value for 'gid'
[ 2474.703980][T16556] bpf: Bad value for 'gid'
[ 2474.704307][T16556] bpf: Bad value for 'gid'
[ 2474.704581][T16556] bpf: Bad value for 'gid'
[ 2474.704886][T16556] bpf: Bad value for 'gid'
[ 2474.705298][T16556] bpf: Bad value for 'gid'
[ 2474.705547][T16556] bpf: Bad value for 'gid'
[ 2474.705856][T16556] bpf: Bad value for 'gid'
[ 2474.706097][T16556] bpf: Bad value for 'gid'
[ 2474.706347][T16556] bpf: Bad value for 'gid'
[ 2474.706600][T16556] bpf: Bad value for 'gid'
[ 2474.706859][T16556] bpf: Bad value for 'gid'
[ 2474.707101][T16556] bpf: Bad value for 'gid'
[ 2474.707352][T16556] bpf: Bad value for 'gid'
[ 2474.707596][T16556] bpf: Bad value for 'gid'
[ 2474.707864][T16556] bpf: Bad value for 'gid'
[ 2474.708117][T16556] bpf: Bad value for 'gid'
[ 2474.708366][T16556] bpf: Bad value for 'gid'
[ 2474.736381][T16557] netlink: 'syz.7.16707': attribute type 1 has an invalid length.
[ 2474.736419][T16557] netlink: 'syz.7.16707': attribute type 1 has an invalid length.
[ 2474.736964][T16556] netlink: zone id is out of range
[ 2474.736983][T16556] netlink: zone id is out of range
[ 2474.736990][T16556] netlink: zone id is out of range
[ 2474.736998][T16556] netlink: zone id is out of range
[ 2474.737005][T16556] netlink: zone id is out of range
[ 2474.737013][T16556] netlink: zone id is out of range
[ 2474.737020][T16556] netlink: zone id is out of range
[ 2474.737028][T16556] netlink: zone id is out of range
[ 2474.737036][T16556] netlink: zone id is out of range
[ 2474.737044][T16556] netlink: zone id is out of range
[ 2475.391615][T12745] usbhid 2-1:0.0: can't add hid device: -71
[ 2475.391731][T12745] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2475.420268][T12745] usb 2-1: USB disconnect, device number 18
[ 2475.440019][   T31] usb 6-1: new full-speed USB device number 63 using dummy_hcd
[ 2475.599478][   T31] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 2475.599506][   T31] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2475.599520][   T31] usb 6-1: config 0 has no interface number 0
[ 2475.622463][   T31] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[ 2475.622566][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2475.622587][   T31] usb 6-1: Product: syz
[ 2475.622672][   T31] usb 6-1: Manufacturer: syz
[ 2475.622687][   T31] usb 6-1: SerialNumber: syz
[ 2475.646235][   T31] usb 6-1: config 0 descriptor??
[ 2475.675856][   T31] cx231xx 6-1:0.1: New device syz syz @ 12 Mbps (0572:58a5) with 1 interfaces
[ 2475.675889][   T31] cx231xx 6-1:0.1: Not found matching IAD interface
[ 2475.865985][   T31] usb 6-1: USB disconnect, device number 63
[ 2476.123447][T16631] FAULT_INJECTION: forcing a failure.
[ 2476.123447][T16631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2476.123483][T16631] CPU: 1 UID: 0 PID: 16631 Comm: syz.8.16739 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2476.123510][T16631] Tainted: [L]=SOFTLOCKUP
[ 2476.123516][T16631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2476.123535][T16631] Call Trace:
[ 2476.123544][T16631]  <TASK>
[ 2476.123552][T16631]  dump_stack_lvl+0xe8/0x150
[ 2476.123583][T16631]  should_fail_ex+0x46b/0x600
[ 2476.123610][T16631]  _copy_from_user+0x2d/0xb0
[ 2476.123635][T16631]  ___sys_sendmsg+0x1c6/0x360
[ 2476.123654][T16631]  ? __lock_acquire+0x6b5/0x2cf0
[ 2476.123682][T16631]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2476.123735][T16631]  ? __fget_files+0x2a/0x420
[ 2476.123757][T16631]  ? __fget_files+0x3a6/0x420
[ 2476.123788][T16631]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2476.123810][T16631]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2476.123838][T16631]  ? __pfx_ksys_write+0x10/0x10
[ 2476.123861][T16631]  ? arch_syscall_is_vdso_sigreturn+0x11f/0x1a0
[ 2476.123886][T16631]  do_syscall_64+0x14d/0xf80
[ 2476.123909][T16631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2476.123927][T16631]  ? trace_irq_disable+0x37/0x100
[ 2476.123943][T16631]  ? clear_bhb_loop+0x40/0x90
[ 2476.123965][T16631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2476.123983][T16631] RIP: 0033:0x7f42d797bf79
[ 2476.124001][T16631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2476.124018][T16631] RSP: 002b:00007f42d5bd6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2476.124039][T16631] RAX: ffffffffffffffda RBX: 00007f42d7bf5fa0 RCX: 00007f42d797bf79
[ 2476.124053][T16631] RDX: 0000000000008000 RSI: 0000200000000540 RDI: 0000000000000003
[ 2476.124066][T16631] RBP: 00007f42d5bd6090 R08: 0000000000000000 R09: 0000000000000000
[ 2476.124079][T16631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2476.124091][T16631] R13: 00007f42d7bf6038 R14: 00007f42d7bf5fa0 R15: 00007fff013d4ee8
[ 2476.124122][T16631]  </TASK>
[ 2476.336603][T16641] netlink: 8 bytes leftover after parsing attributes in process `syz.8.16743'.
[ 2477.943457][   T31] usb 6-1: new full-speed USB device number 64 using dummy_hcd
[ 2478.097694][   T31] usb 6-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00
[ 2478.097724][   T31] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2478.122315][   T31] usb 6-1: config 0 descriptor??
[ 2479.957585][   T31] usbhid 6-1:0.0: can't add hid device: -71
[ 2479.957702][   T31] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 2479.980522][   T31] usb 6-1: USB disconnect, device number 64
[ 2480.648652][   T36] kauditd_printk_skb: 1850 callbacks suppressed
[ 2480.648670][   T36] audit: type=1326 audit(2000004160.720:2900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.648714][   T36] audit: type=1326 audit(2000004160.720:2901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.648752][   T36] audit: type=1326 audit(2000004160.720:2902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.649013][   T36] audit: type=1326 audit(2000004160.720:2903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.649469][   T36] audit: type=1326 audit(2000004160.720:2904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.697268][   T36] audit: type=1326 audit(2000004160.770:2905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.697320][   T36] audit: type=1326 audit(2000004160.770:2906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.697357][   T36] audit: type=1326 audit(2000004160.770:2907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2480.697393][   T36] audit: type=1326 audit(2000004160.770:2908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7459e9c84e code=0x7ffc0000
[ 2480.697430][   T36] audit: type=1326 audit(2000004160.770:2909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16708 comm="syz.7.16774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7459edbf79 code=0x7ffc0000
[ 2481.519997][   T31] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[ 2481.522214][T12272] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[ 2481.637537][T16756] FAULT_INJECTION: forcing a failure.
[ 2481.637537][T16756] name failslab, interval 1, probability 0, space 0, times 0
[ 2481.637573][T16756] CPU: 0 UID: 0 PID: 16756 Comm: syz.6.16792 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2481.637600][T16756] Tainted: [L]=SOFTLOCKUP
[ 2481.637607][T16756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2481.637617][T16756] Call Trace:
[ 2481.637625][T16756]  <TASK>
[ 2481.637633][T16756]  dump_stack_lvl+0xe8/0x150
[ 2481.637662][T16756]  should_fail_ex+0x46b/0x600
[ 2481.637692][T16756]  should_failslab+0xa8/0x100
[ 2481.637713][T16756]  __kmalloc_noprof+0xdf/0x7b0
[ 2481.637731][T16756]  ? kfree+0x4d/0x690
[ 2481.637746][T16756]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2481.637769][T16756]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2481.637801][T16756]  tomoyo_check_open_permission+0x229/0x470
[ 2481.637824][T16756]  ? tomoyo_check_open_permission+0x1d3/0x470
[ 2481.637846][T16756]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 2481.637903][T16756]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2481.637925][T16756]  ? tomoyo_file_open+0x167/0x220
[ 2481.637950][T16756]  security_file_open+0xa9/0x240
[ 2481.637970][T16756]  do_dentry_open+0x4c0/0x13e0
[ 2481.637996][T16756]  ? vfs_open+0x31/0x350
[ 2481.638022][T16756]  vfs_open+0x3b/0x350
[ 2481.638040][T16756]  ? path_openat+0x2e25/0x38a0
[ 2481.638060][T16756]  path_openat+0x2e3d/0x38a0
[ 2481.638106][T16756]  ? __pfx_path_openat+0x10/0x10
[ 2481.638129][T16756]  ? kasan_save_track+0x4f/0x80
[ 2481.638145][T16756]  ? kasan_save_track+0x3e/0x80
[ 2481.638159][T16756]  ? __kasan_slab_alloc+0x6c/0x80
[ 2481.638175][T16756]  ? kmem_cache_alloc_noprof+0x33b/0x680
[ 2481.638201][T16756]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2481.638231][T16756]  do_file_open+0x23e/0x4a0
[ 2481.638249][T16756]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2481.638275][T16756]  ? __pfx_do_file_open+0x10/0x10
[ 2481.638290][T16756]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 2481.638337][T16756]  ? alloc_fd+0x64e/0x6c0
[ 2481.638371][T16756]  do_sys_openat2+0x113/0x200
[ 2481.638396][T16756]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2481.638418][T16756]  ? ksys_write+0x248/0x270
[ 2481.638438][T16756]  ? __pfx_ksys_write+0x10/0x10
[ 2481.638461][T16756]  __x64_sys_open+0x11e/0x150
[ 2481.638489][T16756]  do_syscall_64+0x14d/0xf80
[ 2481.638511][T16756]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2481.638530][T16756]  ? trace_irq_disable+0x37/0x100
[ 2481.638547][T16756]  ? clear_bhb_loop+0x40/0x90
[ 2481.638569][T16756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2481.638586][T16756] RIP: 0033:0x7f458116bf79
[ 2481.638604][T16756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2481.638622][T16756] RSP: 002b:00007f457f3be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 2481.638644][T16756] RAX: ffffffffffffffda RBX: 00007f45813e5fa0 RCX: 00007f458116bf79
[ 2481.638658][T16756] RDX: 0000000000000144 RSI: 0000000000121200 RDI: 0000200000000040
[ 2481.638672][T16756] RBP: 00007f457f3be090 R08: 0000000000000000 R09: 0000000000000000
[ 2481.638684][T16756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2481.638696][T16756] R13: 00007f45813e6038 R14: 00007f45813e5fa0 R15: 00007fffe454f898
[ 2481.638730][T16756]  </TASK>
[ 2481.644815][T16756] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2481.680417][   T31] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[ 2481.680446][   T31] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 2481.680466][   T31] usb 6-1: config 220 has no interface number 2
[ 2481.680550][   T31] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 2481.680578][   T31] usb 6-1: config 220 interface 0 has no altsetting 0
[ 2481.680596][   T31] usb 6-1: config 220 interface 76 has no altsetting 0
[ 2481.680615][   T31] usb 6-1: config 220 interface 1 has no altsetting 0
[ 2481.683280][   T31] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 2481.683309][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2481.683330][   T31] usb 6-1: Product: syz
[ 2481.683344][   T31] usb 6-1: Manufacturer: syz
[ 2481.683358][   T31] usb 6-1: SerialNumber: syz
[ 2481.684652][T12272] usb 2-1: not running at top speed; connect to a high speed hub
[ 2481.685954][T12272] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 2481.685976][T12272] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2481.690602][T12272] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2481.690630][T12272] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2481.690650][T12272] usb 2-1: Product: ᐊ
[ 2481.690663][T12272] usb 2-1: Manufacturer: 慒歃ವό瑯鎦㑺頊応赻ꞥ裘㚖ંꝐ຋￷杓ᖥ✘Ɗ㠃쩙䉔ꪜ猧䵙㫷᏾几̢恄፻儌쾝䬄᫚﷥➇樢땪걐輭Ң롗芥ዽ⪛鉆콄香੺풴䟋緛듒㳠པ눭愮榛힫⡳⹣⇉둽㸓뺋ⅸ贪ᗛ脒ﯚ걓
[ 2481.690693][T12272] usb 2-1: SerialNumber: 䆃䌄ꢙ⒦뙟쨺㎉ﱫ袺ช蛟ᆖ쿫裣컀ĸ㈑歷깕褗虫︸⳾ケ쫊㟧￰㤼険ᐨ
[ 2481.977486][T12272] usb 2-1: 0:2 : does not exist
[ 2482.035304][T12272] usb 2-1: USB disconnect, device number 19
[ 2482.095269][T13031] udevd[13031]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2482.421541][   T31] usb 6-1: selecting invalid altsetting 0
[ 2482.422153][   T31] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 2482.422185][   T31] uvcvideo 6-1:220.0: No valid video chain found.
[ 2482.452213][   T31] usb 6-1: selecting invalid altsetting 0
[ 2482.452251][   T31] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[ 2482.455796][   T31] usb 6-1: USB disconnect, device number 65
[ 2482.551273][T16776] FAULT_INJECTION: forcing a failure.
[ 2482.551273][T16776] name failslab, interval 1, probability 0, space 0, times 0
[ 2482.551310][T16776] CPU: 0 UID: 0 PID: 16776 Comm: syz.7.16802 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2482.551344][T16776] Tainted: [L]=SOFTLOCKUP
[ 2482.551351][T16776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2482.551362][T16776] Call Trace:
[ 2482.551370][T16776]  <TASK>
[ 2482.551378][T16776]  dump_stack_lvl+0xe8/0x150
[ 2482.551409][T16776]  should_fail_ex+0x46b/0x600
[ 2482.551434][T16776]  should_failslab+0xa8/0x100
[ 2482.551456][T16776]  __kmalloc_noprof+0xdf/0x7b0
[ 2482.551474][T16776]  ? __list_lru_init+0x528/0x600
[ 2482.551495][T16776]  ? __list_lru_init+0xbe/0x600
[ 2482.551521][T16776]  __list_lru_init+0xbe/0x600
[ 2482.551547][T16776]  alloc_super+0x8c5/0xac0
[ 2482.551572][T16776]  ? rt_spin_unlock+0x160/0x200
[ 2482.551595][T16776]  sget_fc+0x329/0xa40
[ 2482.551622][T16776]  ? __pfx_set_anon_super_fc+0x10/0x10
[ 2482.551638][T16776]  ? __pfx_mqueue_fill_super+0x10/0x10
[ 2482.551659][T16776]  get_tree_nodev+0x2a/0x150
[ 2482.551680][T16776]  vfs_get_tree+0x92/0x2a0
[ 2482.551701][T16776]  fc_mount_longterm+0x1c/0x100
[ 2482.551724][T16776]  mq_init_ns+0x513/0x760
[ 2482.551753][T16776]  copy_ipcs+0x460/0x6c0
[ 2482.551777][T16776]  create_new_namespaces+0x210/0x6a0
[ 2482.551801][T16776]  ? bpf_lsm_capable+0x9/0x20
[ 2482.551824][T16776]  ? security_capable+0x7e/0x2c0
[ 2482.551851][T16776]  unshare_nsproxy_namespaces+0x11a/0x160
[ 2482.551896][T16776]  ksys_unshare+0x4f4/0x900
[ 2482.551930][T16776]  ? __pfx_ksys_unshare+0x10/0x10
[ 2482.551954][T16776]  ? __pfx_ksys_write+0x10/0x10
[ 2482.551976][T16776]  ? arch_syscall_is_vdso_sigreturn+0x11f/0x1a0
[ 2482.552001][T16776]  __x64_sys_unshare+0x38/0x50
[ 2482.552024][T16776]  do_syscall_64+0x14d/0xf80
[ 2482.552047][T16776]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2482.552064][T16776]  ? trace_irq_disable+0x37/0x100
[ 2482.552081][T16776]  ? clear_bhb_loop+0x40/0x90
[ 2482.552104][T16776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2482.552122][T16776] RIP: 0033:0x7f7459edbf79
[ 2482.552139][T16776] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2482.552156][T16776] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 2482.552176][T16776] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2482.552190][T16776] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008040600
[ 2482.552202][T16776] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2482.552214][T16776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2482.552226][T16776] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2482.552254][T16776]  </TASK>
[ 2482.553385][T16774] fuse: Unknown parameter 'user_id00000000000000000000'
[ 2484.517204][   T31] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[ 2484.627195][T16831] tipc: Enabled bearer <udp:syz2>, priority 10
[ 2484.629516][T16834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2484.640185][T16834] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2484.682910][   T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2484.682954][   T31] usb 6-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 2484.682977][   T31] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2484.719691][   T31] usb 6-1: config 0 descriptor??
[ 2485.680048][    T9] tipc: Node number set to 4278321153
[ 2485.767440][T16850] fuse: Unknown parameter 'user_id00000000000000000000'
[ 2485.835249][   T36] kauditd_printk_skb: 72 callbacks suppressed
[ 2485.835268][   T36] audit: type=1326 audit(2000004165.910:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f973bf3c84e code=0x7ffc0000
[ 2485.864825][   T31] lenovo 0003:17EF:6047.0046: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.5-1/input0
[ 2485.977314][   T36] audit: type=1326 audit(2000004166.050:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f973bf7bf79 code=0x7ffc0000
[ 2485.977822][   T36] audit: type=1326 audit(2000004166.050:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f973bf7bce2 code=0x7ffc0000
[ 2485.978470][   T36] audit: type=1326 audit(2000004166.050:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f973bf7bd77 code=0x7ffc0000
[ 2486.035353][   T36] audit: type=1326 audit(2000004166.050:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f973bf38d11 code=0x7ffc0000
[ 2486.035406][   T36] audit: type=1326 audit(2000004166.110:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f973bf7cd89 code=0x7ffc0000
[ 2486.035444][   T36] audit: type=1326 audit(2000004166.110:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f973bf3846c code=0x7ffc0000
[ 2486.035482][   T36] audit: type=1326 audit(2000004166.110:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f973bf38d7b code=0x7ffc0000
[ 2486.038011][   T36] audit: type=1326 audit(2000004166.110:2991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f973bf384ce code=0x7ffc0000
[ 2486.038061][   T36] audit: type=1326 audit(2000004166.110:2990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16822 comm="syz.5.16821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f973bf7bf79 code=0x7ffc0000
[ 2486.242757][   T31] lenovo 0003:17EF:6047.0046: Failed to switch F7/9/11 mode: -71
[ 2486.243111][   T31] lenovo 0003:17EF:6047.0046: Failed to switch middle button: -71
[ 2486.243454][   T31] lenovo 0003:17EF:6047.0046: Fn-lock setting failed: -71
[ 2486.243854][   T31] lenovo 0003:17EF:6047.0046: Sensitivity setting failed: -71
[ 2486.294253][   T31] usb 6-1: USB disconnect, device number 66
[ 2488.453803][T16918] FAULT_INJECTION: forcing a failure.
[ 2488.453803][T16918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2488.453838][T16918] CPU: 0 UID: 0 PID: 16918 Comm: syz.7.16860 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2488.453863][T16918] Tainted: [L]=SOFTLOCKUP
[ 2488.453870][T16918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2488.453882][T16918] Call Trace:
[ 2488.453889][T16918]  <TASK>
[ 2488.453905][T16918]  dump_stack_lvl+0xe8/0x150
[ 2488.453934][T16918]  should_fail_ex+0x46b/0x600
[ 2488.453961][T16918]  _copy_to_user+0x31/0xb0
[ 2488.453987][T16918]  bpf_verifier_vlog+0x48c/0x8f0
[ 2488.454017][T16918]  verbose+0x11d/0x1a0
[ 2488.454043][T16918]  ? __pfx_verbose+0x10/0x10
[ 2488.454068][T16918]  ? compute_live_registers+0x143/0x1a30
[ 2488.454089][T16918]  ? bpf_insn_successors+0x216/0x3e0
[ 2488.454114][T16918]  compute_live_registers+0x14ac/0x1a30
[ 2488.454137][T16918]  ? kfree+0x1c1/0x690
[ 2488.454167][T16918]  ? __pfx_compute_live_registers+0x10/0x10
[ 2488.454189][T16918]  ? __pfx_verbose+0x10/0x10
[ 2488.454209][T16918]  ? __pfx_disasm_kfunc_name+0x10/0x10
[ 2488.454244][T16918]  bpf_check+0x5ef9/0x1ce10
[ 2488.454277][T16918]  ? try_to_take_rt_mutex+0x840/0xb00
[ 2488.454318][T16918]  ? __lock_acquire+0x6b5/0x2cf0
[ 2488.454355][T16918]  ? __lock_acquire+0x6b5/0x2cf0
[ 2488.454380][T16918]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2488.454403][T16918]  ? css_rstat_updated+0x23a/0x530
[ 2488.454446][T16918]  ? pcpu_memcg_post_alloc_hook+0x77/0x580
[ 2488.454470][T16918]  ? __pfx_bpf_check+0x10/0x10
[ 2488.454495][T16918]  ? ktime_get_with_offset+0x93/0x2a0
[ 2488.454525][T16918]  ? ktime_get_with_offset+0x93/0x2a0
[ 2488.454548][T16918]  ? __asan_memset+0x22/0x50
[ 2488.454571][T16918]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[ 2488.454593][T16918]  ? security_bpf_prog_load+0x125/0x3c0
[ 2488.454618][T16918]  bpf_prog_load+0x1484/0x1ae0
[ 2488.454649][T16918]  ? __pfx_bpf_prog_load+0x10/0x10
[ 2488.454667][T16918]  ? __might_fault+0xaf/0x130
[ 2488.454705][T16918]  ? bpf_lsm_bpf+0x9/0x20
[ 2488.454725][T16918]  ? security_bpf+0x7e/0x2d0
[ 2488.454745][T16918]  __sys_bpf+0x618/0x950
[ 2488.454772][T16918]  ? __pfx___sys_bpf+0x10/0x10
[ 2488.454794][T16918]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 2488.454827][T16918]  ? ksys_write+0x248/0x270
[ 2488.454845][T16918]  ? __pfx_ksys_write+0x10/0x10
[ 2488.454869][T16918]  __x64_sys_bpf+0x7c/0x90
[ 2488.454898][T16918]  do_syscall_64+0x14d/0xf80
[ 2488.454919][T16918]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2488.454936][T16918]  ? trace_irq_disable+0x37/0x100
[ 2488.454951][T16918]  ? clear_bhb_loop+0x40/0x90
[ 2488.454972][T16918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2488.454988][T16918] RIP: 0033:0x7f7459edbf79
[ 2488.455005][T16918] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2488.455021][T16918] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2488.455041][T16918] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2488.455055][T16918] RDX: 000000000000002d RSI: 00002000002a0fb8 RDI: 0000000000000005
[ 2488.455067][T16918] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2488.455079][T16918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2488.455092][T16918] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2488.455122][T16918]  </TASK>
[ 2489.978628][T16934] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 2490.420153][   T31] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[ 2490.585818][   T31] usb 6-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 2490.585851][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2490.585872][   T31] usb 6-1: Product: syz
[ 2490.585887][   T31] usb 6-1: Manufacturer: syz
[ 2490.585902][   T31] usb 6-1: SerialNumber: syz
[ 2490.593623][   T31] usb 6-1: config 0 descriptor??
[ 2490.598279][   T31] i2c-tiny-usb 6-1:0.0: version 6d.cc found at bus 006 address 067
[ 2491.004372][   T31]  (null): failure reading functionality
[ 2491.012564][   T31] i2c i2c-2: failure reading functionality
[ 2491.027854][   T31] i2c i2c-2: connected i2c-tiny-usb device
[ 2491.038008][   T31] usb 6-1: USB disconnect, device number 67
[ 2491.787873][T17022] FAULT_INJECTION: forcing a failure.
[ 2491.787873][T17022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2491.787911][T17022] CPU: 0 UID: 0 PID: 17022 Comm: syz.5.16905 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2491.787938][T17022] Tainted: [L]=SOFTLOCKUP
[ 2491.787945][T17022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2491.787957][T17022] Call Trace:
[ 2491.787965][T17022]  <TASK>
[ 2491.787979][T17022]  dump_stack_lvl+0xe8/0x150
[ 2491.788012][T17022]  should_fail_ex+0x46b/0x600
[ 2491.788040][T17022]  _copy_from_user+0x2d/0xb0
[ 2491.788065][T17022]  ___sys_sendmsg+0x1c6/0x360
[ 2491.788087][T17022]  ? __lock_acquire+0x6b5/0x2cf0
[ 2491.788114][T17022]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2491.788137][T17022]  ? kstrtouint+0x6e/0xe0
[ 2491.788182][T17022]  ? __fget_files+0x2a/0x420
[ 2491.788205][T17022]  ? __fget_files+0x3a6/0x420
[ 2491.788237][T17022]  __sys_sendmmsg+0x282/0x4e0
[ 2491.788261][T17022]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2491.788289][T17022]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2491.788322][T17022]  ? ksys_write+0x248/0x270
[ 2491.788343][T17022]  ? __pfx_ksys_write+0x10/0x10
[ 2491.788368][T17022]  __x64_sys_sendmmsg+0xa0/0xc0
[ 2491.788389][T17022]  do_syscall_64+0x14d/0xf80
[ 2491.788417][T17022]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2491.788435][T17022]  ? trace_irq_disable+0x37/0x100
[ 2491.788451][T17022]  ? clear_bhb_loop+0x40/0x90
[ 2491.788473][T17022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2491.788490][T17022] RIP: 0033:0x7f973bf7bf79
[ 2491.788507][T17022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2491.788524][T17022] RSP: 002b:00007f973a1d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2491.788544][T17022] RAX: ffffffffffffffda RBX: 00007f973c1f5fa0 RCX: 00007f973bf7bf79
[ 2491.788558][T17022] RDX: 0000000000000001 RSI: 0000200000004c00 RDI: 0000000000000004
[ 2491.788570][T17022] RBP: 00007f973a1d6090 R08: 0000000000000000 R09: 0000000000000000
[ 2491.788582][T17022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2491.788595][T17022] R13: 00007f973c1f6038 R14: 00007f973c1f5fa0 R15: 00007fff17f6eee8
[ 2491.788625][T17022]  </TASK>
[ 2492.800059][   T31] usb 6-1: new full-speed USB device number 68 using dummy_hcd
[ 2492.955301][   T31] usb 6-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00
[ 2492.955333][   T31] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2492.973534][   T31] usb 6-1: config 0 descriptor??
[ 2493.483214][   T31] usbhid 6-1:0.0: can't add hid device: -71
[ 2493.483321][   T31] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 2493.495439][   T31] usb 6-1: USB disconnect, device number 68
[ 2494.144461][T17099] random: crng reseeded on system resumption
[ 2495.727284][T17129] random: crng reseeded on system resumption
[ 2496.700032][   T31] usb 6-1: new full-speed USB device number 69 using dummy_hcd
[ 2496.852570][   T31] usb 6-1: not running at top speed; connect to a high speed hub
[ 2496.854172][   T31] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 2496.854201][   T31] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2496.856971][   T31] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2496.857003][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2496.857024][   T31] usb 6-1: Product: ᐊ
[ 2496.857039][   T31] usb 6-1: Manufacturer: 慒歃ವό瑯鎦㑺頊応赻ꞥ裘㚖ંꝐ຋￷杓ᖥ✘Ɗ㠃쩙䉔ꪜ猧䵙㫷᏾几̢恄፻儌쾝䬄᫚﷥➇樢땪걐輭Ң롗芥ዽ⪛鉆콄香੺풴䟋緛듒㳠པ눭愮榛힫⡳⹣⇉둽㸓뺋ⅸ贪ᗛ脒ﯚ걓
[ 2496.857176][   T31] usb 6-1: SerialNumber: 䆃䌄ꢙ⒦뙟쨺㎉ﱫ袺ช蛟ᆖ쿫裣컀ĸ㈑歷깕褗虫︸⳾ケ쫊㟧￰㤼険ᐨ
[ 2496.890062][T18927] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[ 2497.041819][T18927] usb 2-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00
[ 2497.041839][T18927] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2497.112588][T18927] usb 2-1: config 0 descriptor??
[ 2497.135212][   T31] usb 6-1: 0:2 : does not exist
[ 2497.272126][   T31] usb 6-1: USB disconnect, device number 69
[ 2497.424867][T17190] FAULT_INJECTION: forcing a failure.
[ 2497.424867][T17190] name failslab, interval 1, probability 0, space 0, times 0
[ 2497.424901][T17190] CPU: 0 UID: 0 PID: 17190 Comm: syz.6.16978 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2497.424924][T17190] Tainted: [L]=SOFTLOCKUP
[ 2497.424931][T17190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2497.424941][T17190] Call Trace:
[ 2497.424939][T13031] udevd[13031]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2497.424948][T17190]  <TASK>
[ 2497.424969][T17190]  dump_stack_lvl+0xe8/0x150
[ 2497.425000][T17190]  should_fail_ex+0x46b/0x600
[ 2497.425027][T17190]  should_failslab+0xa8/0x100
[ 2497.425049][T17190]  kmem_cache_alloc_noprof+0x87/0x680
[ 2497.425069][T17190]  ? __kvm_mmu_topup_memory_cache+0x1b4/0x610
[ 2497.425097][T17190]  __kvm_mmu_topup_memory_cache+0x1b4/0x610
[ 2497.425142][T17190]  mmu_topup_memory_caches+0x21/0x170
[ 2497.425170][T17190]  kvm_mmu_load+0x9d/0x2320
[ 2497.425189][T17190]  ? kvm_lapic_sync_to_vapic+0x2ba/0x850
[ 2497.425215][T17190]  ? __pfx_kvm_lapic_sync_to_vapic+0x10/0x10
[ 2497.425238][T17190]  ? vmx_update_cr8_intercept+0x151/0x330
[ 2497.425262][T17190]  vcpu_run+0x5d5b/0x7920
[ 2497.425366][T17190]  ? __pfx_vcpu_run+0x10/0x10
[ 2497.425385][T17190]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[ 2497.425407][T17190]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[ 2497.425440][T17190]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[ 2497.425475][T17190]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[ 2497.425495][T17190]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 2497.425520][T17190]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2497.425551][T17190]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2497.425575][T17190]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2497.425596][T17190]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2497.425617][T17190]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 2497.425643][T17190]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2497.425662][T17190]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2497.425683][T17190]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2497.425705][T17190]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2497.425727][T17190]  ? rt_write_unlock+0x190/0x230
[ 2497.425748][T17190]  kvm_vcpu_ioctl+0xa65/0xfe0
[ 2497.425772][T17190]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2497.425794][T17190]  ? __asan_memset+0x22/0x50
[ 2497.425819][T17190]  ? smack_file_ioctl+0x331/0x360
[ 2497.425844][T17190]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 2497.425877][T17190]  ? __fget_files+0x2a/0x420
[ 2497.425899][T17190]  ? __fget_files+0x3a6/0x420
[ 2497.425920][T17190]  ? __fget_files+0x2a/0x420
[ 2497.425944][T17190]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 2497.425974][T17190]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2497.425992][T17190]  __se_sys_ioctl+0xff/0x170
[ 2497.426014][T17190]  do_syscall_64+0x14d/0xf80
[ 2497.426034][T17190]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2497.426052][T17190]  ? trace_irq_disable+0x37/0x100
[ 2497.426068][T17190]  ? clear_bhb_loop+0x40/0x90
[ 2497.426091][T17190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2497.426107][T17190] RIP: 0033:0x7f458116bf79
[ 2497.426126][T17190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2497.426141][T17190] RSP: 002b:00007f457f39d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2497.426161][T17190] RAX: ffffffffffffffda RBX: 00007f45813e6090 RCX: 00007f458116bf79
[ 2497.426175][T17190] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2497.426186][T17190] RBP: 00007f457f39d090 R08: 0000000000000000 R09: 0000000000000000
[ 2497.426197][T17190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2497.426207][T17190] R13: 00007f45813e6128 R14: 00007f45813e6090 R15: 00007fffe454f898
[ 2497.426238][T17190]  </TASK>
[ 2497.709823][T18927] usbhid 2-1:0.0: can't add hid device: -71
[ 2497.710162][T18927] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2497.734530][T18927] usb 2-1: USB disconnect, device number 20
[ 2498.152782][T17214] random: crng reseeded on system resumption
[ 2499.130098][    T9] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 2499.407214][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2499.407498][    T9] usb 6-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 2499.407569][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2499.864758][    T9] usb 6-1: config 0 descriptor??
[ 2499.899576][T17269] fuseblk: Bad value for 'fd'
[ 2500.079483][T17251] netlink: 'syz.5.17009': attribute type 7 has an invalid length.
[ 2500.079612][T17251] netlink: 'syz.5.17009': attribute type 8 has an invalid length.
[ 2500.079626][T17251] netlink: 'syz.5.17009': attribute type 13 has an invalid length.
[ 2500.147370][T17251] 9p: Bad value for 'rfdno'
[ 2500.374287][    T9] lenovo 0003:17EF:6047.0047: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.5-1/input0
[ 2500.794725][    T9] lenovo 0003:17EF:6047.0047: Failed to switch middle button: -71
[ 2500.795208][    T9] lenovo 0003:17EF:6047.0047: Fn-lock setting failed: -71
[ 2500.795806][    T9] lenovo 0003:17EF:6047.0047: Sensitivity setting failed: -71
[ 2500.826620][    T9] usb 6-1: USB disconnect, device number 70
[ 2501.246838][T17324] FAULT_INJECTION: forcing a failure.
[ 2501.246838][T17324] name failslab, interval 1, probability 0, space 0, times 0
[ 2501.246874][T17324] CPU: 1 UID: 0 PID: 17324 Comm: syz.7.17039 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2501.246900][T17324] Tainted: [L]=SOFTLOCKUP
[ 2501.246907][T17324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2501.246919][T17324] Call Trace:
[ 2501.246927][T17324]  <TASK>
[ 2501.246936][T17324]  dump_stack_lvl+0xe8/0x150
[ 2501.246964][T17324]  should_fail_ex+0x46b/0x600
[ 2501.246989][T17324]  should_failslab+0xa8/0x100
[ 2501.247011][T17324]  __kmalloc_noprof+0xdf/0x7b0
[ 2501.247032][T17324]  ? tomoyo_encode+0x28b/0x550
[ 2501.247058][T17324]  tomoyo_encode+0x28b/0x550
[ 2501.247084][T17324]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 2501.247106][T17324]  ? tomoyo_domain+0xd8/0x130
[ 2501.247131][T17324]  ? tomoyo_path_number_perm+0x219/0x630
[ 2501.247157][T17324]  tomoyo_path_number_perm+0x246/0x630
[ 2501.247184][T17324]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2501.247208][T17324]  ? __lock_acquire+0x6b5/0x2cf0
[ 2501.247234][T17324]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2501.247289][T17324]  ? __fget_files+0x2a/0x420
[ 2501.247315][T17324]  ? __fget_files+0x2a/0x420
[ 2501.247336][T17324]  ? __fget_files+0x3a6/0x420
[ 2501.247357][T17324]  ? __fget_files+0x2a/0x420
[ 2501.247381][T17324]  security_file_ioctl+0xc3/0x2a0
[ 2501.247409][T17324]  __se_sys_ioctl+0x47/0x170
[ 2501.247431][T17324]  do_syscall_64+0x14d/0xf80
[ 2501.247454][T17324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2501.247472][T17324]  ? trace_irq_disable+0x37/0x100
[ 2501.247489][T17324]  ? clear_bhb_loop+0x40/0x90
[ 2501.247522][T17324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2501.247540][T17324] RIP: 0033:0x7f7459edbf79
[ 2501.247558][T17324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2501.247575][T17324] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2501.247596][T17324] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2501.247610][T17324] RDX: 0000000000000000 RSI: 00000000000089f0 RDI: 0000000000000003
[ 2501.247622][T17324] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2501.247634][T17324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2501.247646][T17324] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2501.247679][T17324]  </TASK>
[ 2501.247698][T17324] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2501.690014][T18927] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[ 2501.965578][T18927] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2501.965613][T18927] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2501.965653][T18927] usb 6-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 2501.965678][T18927] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2502.661855][T18927] usb 6-1: config 0 descriptor??
[ 2503.937590][T18927] usbhid 6-1:0.0: can't add hid device: -71
[ 2503.947439][T18927] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 2503.962062][T18927] usb 6-1: USB disconnect, device number 71
[ 2504.850069][T18927] usb 6-1: new full-speed USB device number 72 using dummy_hcd
[ 2505.122569][T18927] usb 6-1: not running at top speed; connect to a high speed hub
[ 2505.123744][T18927] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 2505.123770][T18927] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2505.126102][T18927] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2505.126134][T18927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2505.126155][T18927] usb 6-1: Product: ᐊ
[ 2505.126170][T18927] usb 6-1: Manufacturer: 慒歃ವό瑯鎦㑺頊応赻ꞥ裘㚖ંꝐ຋￷杓ᖥ✘Ɗ㠃쩙䉔ꪜ猧䵙㫷᏾几̢恄፻儌쾝䬄᫚﷥➇樢땪걐輭Ң롗芥ዽ⪛鉆콄香੺풴䟋緛듒㳠པ눭愮榛힫⡳⹣⇉둽㸓뺋ⅸ贪ᗛ脒ﯚ걓
[ 2505.126199][T18927] usb 6-1: SerialNumber: 䆃䌄ꢙ⒦뙟쨺㎉ﱫ袺ช蛟ᆖ쿫裣컀ĸ㈑歷깕褗虫︸⳾ケ쫊㟧￰㤼険ᐨ
[ 2505.287879][T17438] fuse: Unknown parameter '0x0000000000000003'
[ 2505.390187][    T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 2505.425891][T18927] usb 6-1: 0:2 : does not exist
[ 2505.471956][T18927] usb 6-1: USB disconnect, device number 72
[ 2505.544796][T13031] udevd[13031]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2505.550758][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 2505.553238][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2505.553264][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2505.555724][    T9] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2505.555754][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2505.555774][    T9] usb 2-1: Product: syz
[ 2505.555788][    T9] usb 2-1: Manufacturer: syz
[ 2505.555802][    T9] usb 2-1: SerialNumber: syz
[ 2505.864967][    T9] usb 2-1: 0:2 : does not exist
[ 2505.874553][    T9] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 2506.011602][    T9] usb 2-1: USB disconnect, device number 21
[ 2506.095464][T13031] udevd[13031]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2507.354283][T17539] FAULT_INJECTION: forcing a failure.
[ 2507.354283][T17539] name failslab, interval 1, probability 0, space 0, times 0
[ 2507.354327][T17539] CPU: 0 UID: 0 PID: 17539 Comm: syz.7.17138 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2507.354353][T17539] Tainted: [L]=SOFTLOCKUP
[ 2507.354360][T17539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2507.354372][T17539] Call Trace:
[ 2507.354379][T17539]  <TASK>
[ 2507.354388][T17539]  dump_stack_lvl+0xe8/0x150
[ 2507.354418][T17539]  should_fail_ex+0x46b/0x600
[ 2507.354446][T17539]  should_failslab+0xa8/0x100
[ 2507.354468][T17539]  __kmalloc_noprof+0xdf/0x7b0
[ 2507.354492][T17539]  ? tomoyo_encode+0x28b/0x550
[ 2507.354516][T17539]  tomoyo_encode+0x28b/0x550
[ 2507.354538][T17539]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 2507.354558][T17539]  ? tomoyo_domain+0xd8/0x130
[ 2507.354582][T17539]  ? tomoyo_path_number_perm+0x219/0x630
[ 2507.354605][T17539]  tomoyo_path_number_perm+0x246/0x630
[ 2507.354631][T17539]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2507.354654][T17539]  ? __lock_acquire+0x6b5/0x2cf0
[ 2507.354676][T17539]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2507.354726][T17539]  ? __fget_files+0x2a/0x420
[ 2507.354751][T17539]  ? __fget_files+0x2a/0x420
[ 2507.354769][T17539]  ? __fget_files+0x3a6/0x420
[ 2507.354789][T17539]  ? __fget_files+0x2a/0x420
[ 2507.354813][T17539]  security_file_ioctl+0xc3/0x2a0
[ 2507.354841][T17539]  __se_sys_ioctl+0x47/0x170
[ 2507.354860][T17539]  do_syscall_64+0x14d/0xf80
[ 2507.354880][T17539]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2507.354897][T17539]  ? trace_irq_disable+0x37/0x100
[ 2507.354914][T17539]  ? clear_bhb_loop+0x40/0x90
[ 2507.354933][T17539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2507.354948][T17539] RIP: 0033:0x7f7459edbf79
[ 2507.354964][T17539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2507.354978][T17539] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2507.354997][T17539] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2507.355009][T17539] RDX: 0000200000000040 RSI: 00000000000089f0 RDI: 0000000000000003
[ 2507.355021][T17539] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2507.355033][T17539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2507.355045][T17539] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2507.355076][T17539]  </TASK>
[ 2507.355913][T17539] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2507.355945][T17539] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 2507.355963][T17539] bond0: (slave lo): Error: Device can not be enslaved while up
[ 2507.370163][T17541] fuse: Unknown parameter 'fd0x0000000000000003'
[ 2508.352489][T17574] netlink: 144 bytes leftover after parsing attributes in process `syz.5.17152'.
[ 2510.043008][    T9] usb 6-1: new high-speed USB device number 73 using dummy_hcd
[ 2510.193372][    T9] usb 6-1: config 0 has an invalid interface number: 106 but max is 0
[ 2510.193402][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2510.193421][    T9] usb 6-1: config 0 has no interface number 0
[ 2510.193468][    T9] usb 6-1: config 0 interface 106 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2510.193492][    T9] usb 6-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[ 2510.193535][    T9] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[ 2510.193560][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2510.199382][    T9] usb 6-1: config 0 descriptor??
[ 2510.281077][    T9] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 2510.456896][T17588] netlink: 'syz.5.17158': attribute type 3 has an invalid length.
[ 2510.456919][T17588] netlink: 3 bytes leftover after parsing attributes in process `syz.5.17158'.
[ 2510.460703][T17712] usb 6-1: Failed to submit usb control message: -71
[ 2510.460735][T17712] usb 6-1: unable to send the bmi data to the device: -71
[ 2510.460751][T17712] usb 6-1: unable to get target info from device
[ 2510.460766][T17712] usb 6-1: could not get target info (-71)
[ 2510.460783][T17712] usb 6-1: could not probe fw (-71)
[ 2510.480396][T18927] usb 6-1: USB disconnect, device number 73
[ 2510.618785][T17614] FAULT_INJECTION: forcing a failure.
[ 2510.618785][T17614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2510.618824][T17614] CPU: 0 UID: 0 PID: 17614 Comm: syz.7.17168 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2510.618850][T17614] Tainted: [L]=SOFTLOCKUP
[ 2510.618858][T17614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2510.618869][T17614] Call Trace:
[ 2510.618878][T17614]  <TASK>
[ 2510.618887][T17614]  dump_stack_lvl+0xe8/0x150
[ 2510.618917][T17614]  should_fail_ex+0x46b/0x600
[ 2510.618945][T17614]  _copy_to_user+0x31/0xb0
[ 2510.618971][T17614]  rng_dev_read+0x3ec/0x7a0
[ 2510.619001][T17614]  ? __pfx_rng_dev_read+0x10/0x10
[ 2510.619021][T17614]  ? __lock_acquire+0x6b5/0x2cf0
[ 2510.619054][T17614]  ? rw_verify_area+0x2ac/0x4e0
[ 2510.619083][T17614]  vfs_readv+0x594/0x850
[ 2510.619112][T17614]  ? __pfx_rng_dev_read+0x10/0x10
[ 2510.619138][T17614]  ? __pfx_vfs_readv+0x10/0x10
[ 2510.619173][T17614]  ? __fget_files+0x2a/0x420
[ 2510.619200][T17614]  ? __fget_files+0x3a6/0x420
[ 2510.619221][T17614]  ? __fget_files+0x2a/0x420
[ 2510.619252][T17614]  __x64_sys_preadv+0x1a2/0x2b0
[ 2510.619275][T17614]  ? __pfx___x64_sys_preadv+0x10/0x10
[ 2510.619306][T17614]  do_syscall_64+0x14d/0xf80
[ 2510.619328][T17614]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2510.619346][T17614]  ? trace_irq_disable+0x37/0x100
[ 2510.619359][T17614]  ? clear_bhb_loop+0x40/0x90
[ 2510.619379][T17614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2510.619397][T17614] RIP: 0033:0x7f7459edbf79
[ 2510.619415][T17614] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2510.619433][T17614] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 2510.619453][T17614] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2510.619468][T17614] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000005
[ 2510.619481][T17614] RBP: 00007f7458136090 R08: 00000000fffffff8 R09: 0000000000000000
[ 2510.619494][T17614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2510.619506][T17614] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2510.619538][T17614]  </TASK>
[ 2511.730053][T18927] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 2511.892603][T18927] usb 2-1: config 0 has an invalid interface number: 106 but max is 0
[ 2511.892634][T18927] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2511.892654][T18927] usb 2-1: config 0 has no interface number 0
[ 2511.892701][T18927] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2511.892725][T18927] usb 2-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[ 2511.892767][T18927] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[ 2511.892791][T18927] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2511.971959][T18927] usb 2-1: config 0 descriptor??
[ 2512.035784][T18927] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 2512.178036][T17631] netlink: 'syz.1.17176': attribute type 3 has an invalid length.
[ 2512.178061][T17631] netlink: 3 bytes leftover after parsing attributes in process `syz.1.17176'.
[ 2513.201466][ T1395] usb 2-1: Failed to submit usb control message: -110
[ 2513.201505][ T1395] usb 2-1: unable to send the bmi data to the device: -110
[ 2513.201523][ T1395] usb 2-1: unable to get target info from device
[ 2513.201538][ T1395] usb 2-1: could not get target info (-110)
[ 2513.201556][ T1395] usb 2-1: could not probe fw (-110)
[ 2514.139756][ T9784] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2514.158104][ T9784] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2514.158617][ T9784] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2514.160460][ T9784] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2514.163633][ T9784] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2514.663650][T19399] usb 2-1: USB disconnect, device number 22
[ 2514.691690][T17738] FAULT_INJECTION: forcing a failure.
[ 2514.691690][T17738] name failslab, interval 1, probability 0, space 0, times 0
[ 2514.691731][T17738] CPU: 0 UID: 0 PID: 17738 Comm: syz.7.17218 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2514.691783][T17738] Tainted: [L]=SOFTLOCKUP
[ 2514.691790][T17738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2514.691802][T17738] Call Trace:
[ 2514.691810][T17738]  <TASK>
[ 2514.691818][T17738]  dump_stack_lvl+0xe8/0x150
[ 2514.691848][T17738]  should_fail_ex+0x46b/0x600
[ 2514.691872][T17738]  ? __pfx_mqueue_alloc_inode+0x10/0x10
[ 2514.691887][T17738]  should_failslab+0xa8/0x100
[ 2514.691901][T17738]  ? __pfx_mqueue_alloc_inode+0x10/0x10
[ 2514.691910][T17738]  kmem_cache_alloc_lru_noprof+0x8b/0x680
[ 2514.691923][T17738]  ? mqueue_alloc_inode+0x28/0x40
[ 2514.691935][T17738]  ? __pfx_mqueue_alloc_inode+0x10/0x10
[ 2514.691944][T17738]  mqueue_alloc_inode+0x28/0x40
[ 2514.691954][T17738]  alloc_inode+0x6a/0x1b0
[ 2514.691966][T17738]  ? __pfx_mqueue_fill_super+0x10/0x10
[ 2514.691977][T17738]  new_inode+0x22/0x170
[ 2514.691989][T17738]  ? sget_fc+0x962/0xa40
[ 2514.692002][T17738]  ? __pfx_mqueue_fill_super+0x10/0x10
[ 2514.692013][T17738]  mqueue_fill_super+0xdc/0x380
[ 2514.692025][T17738]  ? __pfx_mqueue_fill_super+0x10/0x10
[ 2514.692036][T17738]  get_tree_nodev+0xbb/0x150
[ 2514.692047][T17738]  vfs_get_tree+0x92/0x2a0
[ 2514.692058][T17738]  fc_mount_longterm+0x1c/0x100
[ 2514.692071][T17738]  mq_init_ns+0x513/0x760
[ 2514.692089][T17738]  copy_ipcs+0x460/0x6c0
[ 2514.692101][T17738]  create_new_namespaces+0x210/0x6a0
[ 2514.692117][T17738]  ? bpf_lsm_capable+0x9/0x20
[ 2514.692133][T17738]  ? security_capable+0x7e/0x2c0
[ 2514.692149][T17738]  unshare_nsproxy_namespaces+0x11a/0x160
[ 2514.692162][T17738]  ksys_unshare+0x4f4/0x900
[ 2514.692183][T17738]  ? __pfx_ksys_unshare+0x10/0x10
[ 2514.692197][T17738]  ? __pfx_ksys_write+0x10/0x10
[ 2514.692209][T17738]  ? arch_syscall_is_vdso_sigreturn+0x11f/0x1a0
[ 2514.692223][T17738]  __x64_sys_unshare+0x38/0x50
[ 2514.692237][T17738]  do_syscall_64+0x14d/0xf80
[ 2514.692253][T17738]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2514.692264][T17738]  ? trace_irq_disable+0x37/0x100
[ 2514.692273][T17738]  ? clear_bhb_loop+0x40/0x90
[ 2514.692286][T17738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2514.692296][T17738] RIP: 0033:0x7f7459edbf79
[ 2514.692307][T17738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2514.692316][T17738] RSP: 002b:00007f7458136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 2514.692328][T17738] RAX: ffffffffffffffda RBX: 00007f745a155fa0 RCX: 00007f7459edbf79
[ 2514.692336][T17738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008040600
[ 2514.692342][T17738] RBP: 00007f7458136090 R08: 0000000000000000 R09: 0000000000000000
[ 2514.692349][T17738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2514.692355][T17738] R13: 00007f745a156038 R14: 00007f745a155fa0 R15: 00007ffd90e3a948
[ 2514.692372][T17738]  </TASK>
[ 2514.708952][T17739] random: crng reseeded on system resumption
[ 2515.538584][T17712] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2515.656222][T17725] chnl_net:caif_netlink_parms(): no params data found
[ 2515.860497][T17712] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2516.112604][T17712] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2516.151127][T17725] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2516.151255][T17725] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2516.151447][T17725] bridge_slave_0: entered allmulticast mode
[ 2516.152960][T17725] bridge_slave_0: entered promiscuous mode
[ 2516.155048][T17725] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2516.155163][T17725] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2516.155292][T17725] bridge_slave_1: entered allmulticast mode
[ 2516.156671][T17725] bridge_slave_1: entered promiscuous mode
[ 2516.311381][   T61] Bluetooth: hci3: command tx timeout
[ 2516.413016][T17712] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2516.470767][T17725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2516.521954][T17725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2516.636130][T17725] team0: Port device team_slave_0 added
[ 2516.639463][T17725] team0: Port device team_slave_1 added
[ 2516.702741][T17775] random: crng reseeded on system resumption
[ 2516.740576][T17725] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2516.740592][T17725] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2516.740612][T17725] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2516.745943][T17725] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2516.745960][T17725] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2516.745987][T17725] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2516.921695][T17725] hsr_slave_0: entered promiscuous mode
[ 2516.922800][T17725] hsr_slave_1: entered promiscuous mode
[ 2516.923583][T17725] debugfs: 'hsr0' already exists in 'hsr'
[ 2516.923605][T17725] Cannot create hsr debugfs directory
[ 2517.330079][    T9] usb 6-1: new high-speed USB device number 74 using dummy_hcd
[ 2517.482656][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2517.482691][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2517.482725][    T9] usb 6-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 2517.482738][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2517.486609][    T9] usb 6-1: config 0 descriptor??
[ 2518.079663][    T9] usbhid 6-1:0.0: can't add hid device: -71
[ 2518.079807][    T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 2518.093942][    T9] usb 6-1: USB disconnect, device number 74
[ 2518.383149][   T61] Bluetooth: hci3: command tx timeout
[ 2518.960478][T17712] dvmrp6 (unregistering): left allmulticast mode
[ 2519.662277][T17712] bond0 (unregistering): Released all slaves
[ 2520.463449][   T61] Bluetooth: hci3: command tx timeout
[ 2520.899502][T17725] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2520.925514][T17725] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2520.972671][T17725] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2521.004672][T17725] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2521.191741][T17725] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2521.217085][T17725] 8021q: adding VLAN 0 to HW filter on device team0
[ 2521.232419][T17493] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2521.232604][T17493] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2521.246641][T17493] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2521.246826][T17493] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2521.606658][T17725] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2521.808185][T17725] veth0_vlan: entered promiscuous mode
[ 2521.815522][T17725] veth1_vlan: entered promiscuous mode
[ 2521.844538][T17725] veth0_macvtap: entered promiscuous mode
[ 2521.847740][T17725] veth1_macvtap: entered promiscuous mode
[ 2521.869036][T17725] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2521.892299][T17725] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2521.898855][ T2942] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2521.899075][ T2942] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2521.899127][ T2942] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2521.899159][ T2942] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2522.172219][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2522.172249][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2522.213242][ T1395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2522.213264][ T1395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2522.540801][   T61] Bluetooth: hci3: command tx timeout
[ 2529.026906][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[ 2534.501686][T17877] netlink: 156 bytes leftover after parsing attributes in process `syz.6.17245'.
[ 2536.798704][ T9784] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2536.869129][ T9784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2536.881439][ T9784] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2536.883857][ T9784] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2536.884706][ T9784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2537.663231][T17905] kAFS: unable to lookup cell '�'
[ 2538.869636][T17890] netlink: 128 bytes leftover after parsing attributes in process `syz.6.17248'.
[ 2538.977645][T17910] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17247'.
[ 2538.977684][T17910] net_ratelimit: 3 callbacks suppressed
[ 2538.977691][T17910] openvswitch: netlink: Unknown nsh attribute 0
[ 2539.260419][ T9784] Bluetooth: hci1: command tx timeout
[ 2539.469655][T17886] chnl_net:caif_netlink_parms(): no params data found
[ 2539.864636][T17886] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2539.864710][T17886] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2539.864906][T17886] bridge_slave_0: entered allmulticast mode
[ 2539.869312][T17886] bridge_slave_0: entered promiscuous mode
[ 2539.917224][T17886] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2539.917349][T17886] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2539.919020][T17886] bridge_slave_1: entered allmulticast mode
[ 2539.955706][T17886] bridge_slave_1: entered promiscuous mode
[ 2540.118068][T17886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2540.162260][T17886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2540.285645][T17886] team0: Port device team_slave_0 added
[ 2540.289238][T17886] team0: Port device team_slave_1 added
[ 2540.562017][T18927] usb 6-1: new high-speed USB device number 75 using dummy_hcd
[ 2540.705831][T17953] random: crng reseeded on system resumption
[ 2540.750053][T18927] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[ 2540.750071][T18927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2540.750082][T18927] usb 6-1: Product: syz
[ 2540.750090][T18927] usb 6-1: Manufacturer: syz
[ 2540.750097][T18927] usb 6-1: SerialNumber: syz
[ 2541.352697][ T9784] Bluetooth: hci1: command tx timeout
[ 2541.790821][T17886] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2541.791149][T17886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2541.791177][T17886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2543.350651][T17886] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2543.350671][T17886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2543.350699][T17886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2543.423248][T18927] rtl8150 6-1:1.0: couldn't reset the device
[ 2543.423604][T18927] rtl8150 6-1:1.0: probe with driver rtl8150 failed with error -5
[ 2543.430464][ T9784] Bluetooth: hci1: command tx timeout
[ 2543.544608][T18927] usb 6-1: USB disconnect, device number 75
[ 2543.771265][T17977] can0: slcan on pty32.
[ 2543.878962][T17886] hsr_slave_0: entered promiscuous mode
[ 2543.886655][T17886] hsr_slave_1: entered promiscuous mode
[ 2543.887617][T17886] debugfs: 'hsr0' already exists in 'hsr'
[ 2543.887642][T17886] Cannot create hsr debugfs directory
[ 2544.323327][T17971] can0 (unregistered): slcan off pty32.
[ 2544.650530][T17992] overlayfs: missing 'workdir'
[ 2544.693684][T17992] overlay: ./file0 is not a directory
[ 2544.857729][   T36] kauditd_printk_skb: 5 callbacks suppressed
[ 2544.857747][   T36] audit: type=1326 audit(2000004480.929:2997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870085][   T36] audit: type=1326 audit(2000004480.939:2998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870138][   T36] audit: type=1326 audit(2000004480.939:2999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870250][   T36] audit: type=1326 audit(2000004480.939:3000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870289][   T36] audit: type=1326 audit(2000004480.939:3001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870325][   T36] audit: type=1326 audit(2000004480.939:3002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870363][   T36] audit: type=1326 audit(2000004480.939:3003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870398][   T36] audit: type=1326 audit(2000004480.939:3004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870435][   T36] audit: type=1326 audit(2000004480.939:3005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2544.870470][   T36] audit: type=1326 audit(2000004480.939:3006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17996 comm="syz.6.17272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe75110bf79 code=0x7ffc0000
[ 2545.006279][T17999] netlink: 'syz.6.17273': attribute type 5 has an invalid length.
[ 2545.510025][ T9784] Bluetooth: hci1: command tx timeout
[ 2545.850191][T19582] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 2545.955684][T17886] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2545.963730][T18012] FAULT_INJECTION: forcing a failure.
[ 2545.963730][T18012] name failslab, interval 1, probability 0, space 0, times 0
[ 2545.963775][T18012] CPU: 1 UID: 0 PID: 18012 Comm: syz.8.17277 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2545.963802][T18012] Tainted: [L]=SOFTLOCKUP
[ 2545.963810][T18012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2545.963821][T18012] Call Trace:
[ 2545.963829][T18012]  <TASK>
[ 2545.963838][T18012]  dump_stack_lvl+0xe8/0x150
[ 2545.963868][T18012]  should_fail_ex+0x46b/0x600
[ 2545.963896][T18012]  should_failslab+0xa8/0x100
[ 2545.963920][T18012]  kmem_cache_alloc_noprof+0x87/0x680
[ 2545.963940][T18012]  ? __kvm_mmu_topup_memory_cache+0x1b4/0x610
[ 2545.963971][T18012]  __kvm_mmu_topup_memory_cache+0x1b4/0x610
[ 2545.964007][T18012]  mmu_topup_memory_caches+0x21/0x170
[ 2545.964033][T18012]  kvm_mmu_load+0x9d/0x2320
[ 2545.964053][T18012]  ? kvm_lapic_sync_to_vapic+0x2ba/0x850
[ 2545.964080][T18012]  ? __pfx_kvm_lapic_sync_to_vapic+0x10/0x10
[ 2545.964104][T18012]  ? vmx_update_cr8_intercept+0x151/0x330
[ 2545.964130][T18012]  vcpu_run+0x5d5b/0x7920
[ 2545.964226][T18012]  ? __pfx_vcpu_run+0x10/0x10
[ 2545.964245][T18012]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[ 2545.964267][T18012]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[ 2545.964301][T18012]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[ 2545.964336][T18012]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[ 2545.964356][T18012]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 2545.964382][T18012]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2545.964414][T18012]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2545.964439][T18012]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2545.964461][T18012]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2545.964483][T18012]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 2545.964508][T18012]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2545.964527][T18012]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2545.964549][T18012]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2545.964569][T18012]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2545.964591][T18012]  ? rt_write_unlock+0x190/0x230
[ 2545.964612][T18012]  kvm_vcpu_ioctl+0xa65/0xfe0
[ 2545.964637][T18012]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2545.964658][T18012]  ? __asan_memset+0x22/0x50
[ 2545.964682][T18012]  ? smack_file_ioctl+0x331/0x360
[ 2545.964708][T18012]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 2545.964740][T18012]  ? __fget_files+0x2a/0x420
[ 2545.964769][T18012]  ? __fget_files+0x3a6/0x420
[ 2545.964790][T18012]  ? __fget_files+0x2a/0x420
[ 2545.964816][T18012]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 2545.964838][T18012]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2545.964856][T18012]  __se_sys_ioctl+0xff/0x170
[ 2545.964878][T18012]  do_syscall_64+0x14d/0xf80
[ 2545.964900][T18012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2545.964918][T18012]  ? trace_irq_disable+0x37/0x100
[ 2545.964934][T18012]  ? clear_bhb_loop+0x40/0x90
[ 2545.964955][T18012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2545.964973][T18012] RIP: 0033:0x7f42d797bf79
[ 2545.964991][T18012] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2545.965008][T18012] RSP: 002b:00007f42d5bb5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2545.965029][T18012] RAX: ffffffffffffffda RBX: 00007f42d7bf6090 RCX: 00007f42d797bf79
[ 2545.965043][T18012] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2545.965054][T18012] RBP: 00007f42d5bb5090 R08: 0000000000000000 R09: 0000000000000000
[ 2545.965066][T18012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2545.965078][T18012] R13: 00007f42d7bf6128 R14: 00007f42d7bf6090 R15: 00007fff013d4ee8
[ 2545.965111][T18012]  </TASK>
[ 2546.022896][T19582] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[ 2546.022927][T19582] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2546.022947][T19582] usb 2-1: Product: syz
[ 2546.022962][T19582] usb 2-1: Manufacturer: syz
[ 2546.022976][T19582] usb 2-1: SerialNumber: syz
[ 2546.906779][T18022] netlink: 'syz.5.17280': attribute type 5 has an invalid length.
[ 2546.931950][T19582] rtl8150 2-1:1.0: couldn't reset the device
[ 2546.932358][T19582] rtl8150 2-1:1.0: probe with driver rtl8150 failed with error -5
[ 2546.974864][T19582] usb 2-1: USB disconnect, device number 23
[ 2547.682398][T17886] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2548.282002][T17886] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2549.771998][T18059] netlink: 156 bytes leftover after parsing attributes in process `syz.6.17290'.
[ 2550.598632][T17886] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2550.970263][    T9] usb 6-1: new high-speed USB device number 76 using dummy_hcd
[ 2551.866638][    T9] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[ 2551.866668][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2551.866686][    T9] usb 6-1: Product: syz
[ 2551.866698][    T9] usb 6-1: Manufacturer: syz
[ 2551.866710][    T9] usb 6-1: SerialNumber: syz
[ 2552.032824][T17886] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2552.114521][T17886] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2552.170837][T17886] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2552.290754][T17886] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2552.326050][    T9] rtl8150 6-1:1.0: couldn't reset the device
[ 2552.326397][    T9] rtl8150 6-1:1.0: probe with driver rtl8150 failed with error -5
[ 2552.361644][    T9] usb 6-1: USB disconnect, device number 76
[ 2552.646781][T17886] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2552.674520][T17886] 8021q: adding VLAN 0 to HW filter on device team0
[ 2552.682561][ T1166] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2552.682830][ T1166] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2552.697141][T29019] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2552.697280][T29019] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2552.920002][    T9] usb 6-1: new high-speed USB device number 77 using dummy_hcd
[ 2553.082469][    T9] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[ 2553.082500][    T9] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 2553.082521][    T9] usb 6-1: config 220 has no interface number 2
[ 2553.082607][    T9] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 2553.082636][    T9] usb 6-1: config 220 interface 0 has no altsetting 0
[ 2553.082654][    T9] usb 6-1: config 220 interface 76 has no altsetting 0
[ 2553.082672][    T9] usb 6-1: config 220 interface 1 has no altsetting 0
[ 2553.085759][    T9] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 2553.085787][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2553.085806][    T9] usb 6-1: Product: syz
[ 2553.085820][    T9] usb 6-1: Manufacturer: syz
[ 2553.085833][    T9] usb 6-1: SerialNumber: syz
[ 2553.398321][T18089] fuseblk: Unknown parameter 'rootmo00000000000100000'
[ 2553.525441][    T9] usb 6-1: selecting invalid altsetting 0
[ 2553.570042][    T9] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 2553.570079][    T9] uvcvideo 6-1:220.0: No valid video chain found.
[ 2553.602445][    T9] usb 6-1: selecting invalid altsetting 0
[ 2553.602484][    T9] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[ 2553.643925][    T9] usb 6-1: USB disconnect, device number 77
[ 2553.818114][T17886] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2554.214764][T18111] netlink: 156 bytes leftover after parsing attributes in process `syz.8.17303'.
[ 2556.646653][T18927] usb 6-1: new full-speed USB device number 78 using dummy_hcd
[ 2556.713004][T18133] netlink: 'syz.1.17307': attribute type 29 has an invalid length.
[ 2556.718988][T18133] netlink: 'syz.1.17307': attribute type 29 has an invalid length.
[ 2556.719543][T18133] netlink: 'syz.1.17307': attribute type 29 has an invalid length.
[ 2556.767400][T17886] veth0_vlan: entered promiscuous mode
[ 2556.787895][T17886] veth1_vlan: entered promiscuous mode
[ 2556.805602][T18927] usb 6-1: not running at top speed; connect to a high speed hub
[ 2556.806809][T18927] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 2556.806825][T18927] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2556.808842][T18927] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2556.808859][T18927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2556.808870][T18927] usb 6-1: Product: ᐊ
[ 2556.808877][T18927] usb 6-1: Manufacturer: 慒歃ವό瑯鎦㑺頊応赻ꞥ裘㚖ંꝐ຋￷杓ᖥ✘Ɗ㠃쩙䉔ꪜ猧䵙㫷᏾几̢恄፻儌쾝䬄᫚﷥➇樢땪걐輭Ң롗芥ዽ⪛鉆콄香੺풴䟋緛듒㳠པ눭愮榛힫⡳⹣⇉둽㸓뺋ⅸ贪ᗛ脒ﯚ걓
[ 2556.808892][T18927] usb 6-1: SerialNumber: 䆃䌄ꢙ⒦뙟쨺㎉ﱫ袺ช蛟ᆖ쿫裣컀ĸ㈑歷깕褗虫︸⳾ケ쫊㟧￰㤼険ᐨ
[ 2556.997261][T17886] veth0_macvtap: entered promiscuous mode
[ 2557.058635][T18135] netlink: 'syz.8.17308': attribute type 29 has an invalid length.
[ 2557.067681][T18927] usb 6-1: 0:2 : does not exist
[ 2557.080641][T17886] veth1_macvtap: entered promiscuous mode
[ 2557.111056][T17886] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2557.155407][T17886] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2557.185282][T18927] usb 6-1: USB disconnect, device number 78
[ 2557.203136][T17493] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2557.203574][T17493] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2557.228132][T29020] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2557.228664][T29020] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2557.333725][T17885] udevd[17885]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2557.844018][T17493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2557.844039][T17493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2557.954946][ T3020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2557.954969][ T3020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2558.815852][   T61] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2558.829713][   T61] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2558.835183][   T61] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2558.843476][   T61] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2558.847262][   T61] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2559.379990][T19582] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 2559.559707][T19582] usb 2-1: config 0 has no interfaces?
[ 2559.569030][T19582] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 2559.569062][T19582] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2559.569082][T19582] usb 2-1: Product: syz
[ 2559.569097][T19582] usb 2-1: Manufacturer: syz
[ 2559.569110][T19582] usb 2-1: SerialNumber: syz
[ 2559.616578][T19582] usb 2-1: config 0 descriptor??
[ 2560.088569][T18176] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2560.089696][T18176] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 2560.272569][T18172] veth0_vlan: left promiscuous mode
[ 2560.274101][T18172] veth0_vlan: entered promiscuous mode
[ 2560.274457][T18176] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 2560.408819][T18176] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2560.409248][T18176] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 2560.502252][T18176] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 2560.608925][T18176] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2560.609079][T18176] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 2560.632922][T18169] chnl_net:caif_netlink_parms(): no params data found
[ 2560.674225][T19582] usb 2-1: USB disconnect, device number 24
[ 2560.700390][T18176] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 2560.758681][T18169] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2560.758820][T18169] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2560.758950][T18169] bridge_slave_0: entered allmulticast mode
[ 2560.761586][T18169] bridge_slave_0: entered promiscuous mode
[ 2560.764790][T18169] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2560.764979][T18169] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2560.765171][T18169] bridge_slave_1: entered allmulticast mode
[ 2560.767600][T18169] bridge_slave_1: entered promiscuous mode
[ 2561.248393][T18169] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2561.286657][T18169] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2561.421414][T18169] team0: Port device team_slave_0 added
[ 2561.427746][T18169] team0: Port device team_slave_1 added
[ 2561.477200][T18211] syzkaller0: entered promiscuous mode
[ 2561.477228][T18211] syzkaller0: entered allmulticast mode
[ 2561.590254][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2561.672234][T18228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17336'.
[ 2561.672277][T18228] openvswitch: netlink: Unknown VXLAN extension attribute 0
[ 2561.933422][T18169] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2561.933434][T18169] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2561.933449][T18169] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2561.936190][T18224] syz_tun: entered allmulticast mode
[ 2562.113057][T18169] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2562.113075][T18169] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2562.113100][T18169] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2562.171461][T18243] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2562.174839][T18243] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2562.283145][T18222] syz_tun: left allmulticast mode
[ 2562.460037][   T61] Bluetooth: hci1: command 0x0c1a tx timeout
[ 2562.549360][T18169] hsr_slave_0: entered promiscuous mode
[ 2562.551150][T18169] hsr_slave_1: entered promiscuous mode
[ 2562.552195][T18169] debugfs: 'hsr0' already exists in 'hsr'
[ 2562.552218][T18169] Cannot create hsr debugfs directory
[ 2562.620156][   T61] Bluetooth: hci4: command 0x041b tx timeout
[ 2563.253794][T18261] syzkaller0: entered promiscuous mode
[ 2563.253819][T18261] syzkaller0: entered allmulticast mode
[ 2563.266532][T18260] sctp: [Deprecated]: syz.6.17346 (pid 18260) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2563.266532][T18260] Use struct sctp_sack_info instead
[ 2563.660061][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2564.068583][T18169] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2564.553044][   T61] Bluetooth: hci1: command 0x0c1a tx timeout
[ 2564.710079][   T61] Bluetooth: hci4: command 0x041b tx timeout
[ 2565.435269][T18169] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2565.633761][T18298] netlink: 'syz.1.17358': attribute type 39 has an invalid length.
[ 2565.735555][T18169] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2565.750053][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2565.923664][T18298] syz_tun (unregistering): left allmulticast mode
[ 2565.923685][T18298] syz_tun (unregistering): left promiscuous mode
[ 2565.923843][T18298] bridge0: port 1(syz_tun) entered disabled state
[ 2566.475884][T18169] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2566.504621][T18309] netlink: 'syz.8.17363': attribute type 1 has an invalid length.
[ 2566.567271][T18309] bond4: (slave bridge3): Enslaving as a backup interface with an up link
[ 2566.602663][T18309] bond4: (slave bridge4): Enslaving as a backup interface with a down link
[ 2566.608715][T18309] netlink: 28 bytes leftover after parsing attributes in process `syz.8.17363'.
[ 2566.618037][T29020] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 2566.630071][   T61] Bluetooth: hci1: command 0x0c1a tx timeout
[ 2566.657518][T18309] 8021q: adding VLAN 0 to HW filter on device bond4
[ 2566.746148][T29020] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 2566.779999][   T61] Bluetooth: hci4: command 0x041b tx timeout
[ 2567.325471][T18284] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 2567.326416][T18312] netlink: 12 bytes leftover after parsing attributes in process `syz.8.17364'.
[ 2567.525731][T18169] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2567.625027][T18169] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2567.663170][T18169] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2567.667098][T18327] netlink: 64 bytes leftover after parsing attributes in process `syz.1.17368'.
[ 2567.667138][T18327] nbd: couldn't find a device at index 0
[ 2567.786071][T18169] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2567.907933][T18338] netlink: 12 bytes leftover after parsing attributes in process `syz.1.17372'.
[ 2567.951369][T18338] netlink: 12 bytes leftover after parsing attributes in process `syz.1.17372'.
[ 2568.644901][T18350] bridge0: port 3(syz_tun) entered blocking state
[ 2568.645019][T18350] bridge0: port 3(syz_tun) entered disabled state
[ 2568.645278][T18350] syz_tun: entered allmulticast mode
[ 2568.647890][T18350] syz_tun: entered promiscuous mode
[ 2568.690572][T18350] bridge0: port 3(syz_tun) entered blocking state
[ 2568.691357][T18350] bridge0: port 3(syz_tun) entered forwarding state
[ 2568.706110][T18351] bridge0: entered promiscuous mode
[ 2568.714964][T14220] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 2568.714998][T14220] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2568.746011][T10108] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 2568.746043][T10108] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2568.791999][ T3020] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 2568.792035][ T3020] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2568.796330][ T3020] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 2568.796362][ T3020] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2568.866595][ T9784] Bluetooth: hci4: command 0x041b tx timeout
[ 2570.765382][T18169] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2570.795066][T18169] 8021q: adding VLAN 0 to HW filter on device team0
[ 2570.804510][T29019] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2570.804855][T29019] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2570.868937][ T3020] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2570.869063][ T3020] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2570.942270][   T61] Bluetooth: hci4: command 0x041b tx timeout
[ 2571.101179][T18419] netlink: 4 bytes leftover after parsing attributes in process `syz.7.17386'.
[ 2571.164121][T18423] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2571.391391][T18419] team0 (unregistering): Port device team_slave_0 removed
[ 2571.443648][T18419] team0 (unregistering): Port device team_slave_1 removed
[ 2571.709209][T18414] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2571.787408][T18444] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2572.217732][T18451] syzkaller0: entered promiscuous mode
[ 2572.217760][T18451] syzkaller0: entered allmulticast mode
[ 2572.557463][T18439] lec:lec_atm_close: lec0: Shut down!
[ 2572.685351][T18471] netlink: 28 bytes leftover after parsing attributes in process `syz.8.17397'.
[ 2572.896568][T18473] syzkaller0: entered promiscuous mode
[ 2572.896596][T18473] syzkaller0: entered allmulticast mode
[ 2572.936871][T18169] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2573.005361][T18491] netlink: 8 bytes leftover after parsing attributes in process `syz.8.17399'.
[ 2573.005405][T18491] netlink: 8 bytes leftover after parsing attributes in process `syz.8.17399'.
[ 2573.020425][   T61] Bluetooth: hci4: command 0x041b tx timeout
[ 2574.060306][T18927] lec:lec_start_xmit: lec0:No lecd attached
[ 2576.039980][   T61] Bluetooth: hci4: command 0x041b tx timeout
[ 2576.416202][T18169] veth0_vlan: entered promiscuous mode
[ 2576.514026][T18169] veth1_vlan: entered promiscuous mode
[ 2576.797122][T18169] veth0_macvtap: entered promiscuous mode
[ 2576.817903][T18169] veth1_macvtap: entered promiscuous mode
[ 2576.864745][T18169] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2576.886508][T18169] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2576.911348][T17493] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2576.927009][T17493] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2576.928699][T17493] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2576.928900][T17493] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2577.204775][T18555] netlink: 4 bytes leftover after parsing attributes in process `syz.6.17416'.
[ 2577.331320][T18564] netlink: 28 bytes leftover after parsing attributes in process `syz.1.17421'.
[ 2577.766948][T18578] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2577.798257][T18578] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2577.986566][ T9784] Bluetooth: hci3: unexpected event for opcode 0x0c1b
[ 2578.025507][T18568] syzkaller0: entered promiscuous mode
[ 2578.025527][T18568] syzkaller0: entered allmulticast mode
[ 2578.906148][T18589] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2579.069918][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2579.070328][    C0] lec:lec_tx_timeout: lec0
[ 2579.071618][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2579.103925][T18616] netlink: 'syz.7.17434': attribute type 1 has an invalid length.
[ 2579.225259][T18620] netlink: 28 bytes leftover after parsing attributes in process `syz.7.17434'.
[ 2581.062257][T18590] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 2582.668883][T18654] netlink: 8 bytes leftover after parsing attributes in process `syz.6.17446'.
[ 2584.079921][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2584.079953][    C0] lec:lec_tx_timeout: lec0
[ 2584.080071][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2589.089978][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2589.090011][    C0] lec:lec_tx_timeout: lec0
[ 2589.090087][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2590.466881][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[ 2592.669610][   T61] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2592.688449][   T61] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2592.693524][   T61] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2592.735326][   T61] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2592.736179][   T61] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2594.100049][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2594.100079][    C0] lec:lec_tx_timeout: lec0
[ 2594.102855][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2594.844300][ T9784] Bluetooth: hci5: command tx timeout
[ 2595.093879][   T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2595.154364][   T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2595.154771][   T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2595.156374][   T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2595.157048][   T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2596.764706][T18616] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 2596.868086][ T9784] Bluetooth: hci5: command tx timeout
[ 2596.922326][T18652] netlink: 16 bytes leftover after parsing attributes in process `syz.1.17445'.
[ 2596.994301][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2596.994321][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2597.340366][ T9784] Bluetooth: hci6: command tx timeout
[ 2598.011837][T18690] netlink: 'syz.1.17453': attribute type 4 has an invalid length.
[ 2598.141239][T18617] bridge0: port 3(syz_tun) entered disabled state
[ 2598.312367][T18617] syz_tun (unregistering): left allmulticast mode
[ 2598.312386][T18617] syz_tun (unregistering): left promiscuous mode
[ 2598.312453][T18617] bridge0: port 3(syz_tun) entered disabled state
[ 2598.371447][T18694] lec:lec_atm_close: lec0: Shut down!
[ 2598.490923][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2598.490943][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2598.940092][ T9784] Bluetooth: hci5: command tx timeout
[ 2598.984435][T18733] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2599.039649][T18725] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2599.117511][T18725] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2599.252609][T18671] chnl_net:caif_netlink_parms(): no params data found
[ 2599.309094][T18667] chnl_net:caif_netlink_parms(): no params data found
[ 2599.420337][ T9784] Bluetooth: hci6: command tx timeout
[ 2599.477388][T18671] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2599.477527][T18671] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2599.477661][T18671] bridge_slave_0: entered allmulticast mode
[ 2599.479047][T18671] bridge_slave_0: entered promiscuous mode
[ 2599.523992][T18671] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2599.524127][T18671] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2599.524391][T18671] bridge_slave_1: entered allmulticast mode
[ 2599.525893][T18671] bridge_slave_1: entered promiscuous mode
[ 2599.575203][T18667] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2599.575343][T18667] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2599.575482][T18667] bridge_slave_0: entered allmulticast mode
[ 2599.576892][T18667] bridge_slave_0: entered promiscuous mode
[ 2599.604110][T18667] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2599.604224][T18667] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2599.604418][T18667] bridge_slave_1: entered allmulticast mode
[ 2599.607989][T18667] bridge_slave_1: entered promiscuous mode
[ 2599.613384][T18671] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2599.654856][T18671] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2599.694543][T18667] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2599.718903][T18667] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2599.730664][T18671] team0: Port device team_slave_0 added
[ 2599.751273][T18671] team0: Port device team_slave_1 added
[ 2599.782894][T18667] team0: Port device team_slave_0 added
[ 2599.807749][T18667] team0: Port device team_slave_1 added
[ 2599.808437][T18671] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2599.808449][T18671] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2599.808471][T18671] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2599.831055][T18671] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2599.831073][T18671] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2599.831100][T18671] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2599.871163][T18667] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2599.871180][T18667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2599.871207][T18667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2599.876092][T18667] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2599.876109][T18667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2599.876135][T18667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2599.943219][T18671] hsr_slave_0: entered promiscuous mode
[ 2599.944573][T18671] hsr_slave_1: entered promiscuous mode
[ 2599.945494][T18671] debugfs: 'hsr0' already exists in 'hsr'
[ 2599.945518][T18671] Cannot create hsr debugfs directory
[ 2600.035319][T18667] hsr_slave_0: entered promiscuous mode
[ 2600.036148][T18667] hsr_slave_1: entered promiscuous mode
[ 2600.036706][T18667] debugfs: 'hsr0' already exists in 'hsr'
[ 2600.036725][T18667] Cannot create hsr debugfs directory
[ 2601.020144][ T9784] Bluetooth: hci5: command tx timeout
[ 2601.508505][ T9784] Bluetooth: hci6: command tx timeout
[ 2602.395538][T18667] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 2602.431620][T18667] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 2602.473613][T18667] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 2602.522540][T18667] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 2602.748096][T18671] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2602.787609][T18671] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2602.833057][T18671] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2602.869439][T18671] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2603.055238][T18667] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2603.114575][T18667] 8021q: adding VLAN 0 to HW filter on device team0
[ 2603.134768][T10108] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2603.134968][T10108] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2603.159401][T18671] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2603.161834][ T3020] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2603.163549][ T3020] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2603.213667][T18671] 8021q: adding VLAN 0 to HW filter on device team0
[ 2603.235415][T17710] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2603.235653][T17710] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2603.276648][T14220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2603.276730][T14220] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2603.580282][ T9784] Bluetooth: hci6: command tx timeout
[ 2603.649333][T18667] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2603.835155][T18671] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2603.900849][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5530 ms
[ 2603.900881][    C0] lec:lec_tx_timeout: lec0
[ 2603.901037][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2603.954311][T18671] veth0_vlan: entered promiscuous mode
[ 2603.997581][T18671] veth1_vlan: entered promiscuous mode
[ 2604.073268][T18671] veth0_macvtap: entered promiscuous mode
[ 2604.084182][T18671] veth1_macvtap: entered promiscuous mode
[ 2604.153763][T18671] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2604.176875][T18671] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2604.206012][ T1166] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2604.214942][ T1166] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2604.215924][ T1166] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2604.216123][ T1166] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2604.217640][T18667] veth0_vlan: entered promiscuous mode
[ 2604.288272][T18667] veth1_vlan: entered promiscuous mode
[ 2604.545809][T29020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2604.545829][T29020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2604.609815][T18667] veth0_macvtap: entered promiscuous mode
[ 2604.645209][T18667] veth1_macvtap: entered promiscuous mode
[ 2604.677642][T14220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2604.677663][T14220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2604.742618][T18667] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2604.764481][T18667] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2604.796920][T17710] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2604.798793][T17710] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2604.803944][T17710] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2604.804383][T17710] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2605.223636][T17710] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2605.223657][T17710] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2605.297645][T14220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2605.297665][T14220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2608.940210][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5040 ms
[ 2608.940243][    C0] lec:lec_tx_timeout: lec0
[ 2608.940392][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2613.949972][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2613.950006][    C0] lec:lec_tx_timeout: lec0
[ 2613.950131][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2618.959942][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2618.959975][    C0] lec:lec_tx_timeout: lec0
[ 2618.960079][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2623.969932][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2623.969966][    C0] lec:lec_tx_timeout: lec0
[ 2623.970422][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2628.979996][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2628.980030][    C0] lec:lec_tx_timeout: lec0
[ 2628.980145][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2633.989968][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2633.990009][    C0] lec:lec_tx_timeout: lec0
[ 2633.990096][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2638.999960][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2638.999983][    C0] lec:lec_tx_timeout: lec0
[ 2639.000059][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2644.009928][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2644.009953][    C0] lec:lec_tx_timeout: lec0
[ 2644.010049][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2649.020320][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2649.020354][    C0] lec:lec_tx_timeout: lec0
[ 2649.020493][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2651.907397][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[ 2654.029985][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2654.030017][    C0] lec:lec_tx_timeout: lec0
[ 2654.030860][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2659.049934][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5020 ms
[ 2659.049968][    C0] lec:lec_tx_timeout: lec0
[ 2659.050229][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2664.060571][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2664.060605][    C0] lec:lec_tx_timeout: lec0
[ 2664.060689][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2669.070001][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 2669.070048][    C0] lec:lec_tx_timeout: lec0
[ 2669.070138][    C0] lec:lec_start_xmit: lec0:No lecd attached
[ 2670.460199][   T37] INFO: task kworker/u8:15:17712 blocked for more than 143 seconds.
[ 2670.460227][   T37]       Tainted: G             L      syzkaller #0
[ 2670.460239][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2670.460250][   T37] task:kworker/u8:15   state:D stack:20720 pid:17712 tgid:17712 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 2670.460295][   T37] Workqueue: netns cleanup_net
[ 2670.461613][   T37] Call Trace:
[ 2670.461624][   T37]  <TASK>
[ 2670.461638][   T37]  __schedule+0x14de/0x5210
[ 2670.461691][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[ 2670.461714][   T37]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2670.461734][   T37]  ? rt_spin_lock+0x1e0/0x400
[ 2670.461746][   T37]  ? __pfx___schedule+0x10/0x10
[ 2670.461764][   T37]  ? schedule+0x90/0x360
[ 2670.461778][   T37]  schedule+0x164/0x360
[ 2670.461791][   T37]  afs_cell_purge+0x40d/0x580
[ 2670.461806][   T37]  ? __pfx_afs_cell_purge+0x10/0x10
[ 2670.461818][   T37]  ? __pfx_var_wake_function+0x10/0x10
[ 2670.461833][   T37]  ? __timer_delete_sync+0x53e/0x610
[ 2670.461851][   T37]  afs_net_exit+0x50/0x100
[ 2670.461913][   T37]  ops_undo_list+0x49f/0x940
[ 2670.461931][   T37]  ? rt_spin_unlock+0x170/0x200
[ 2670.461942][   T37]  ? __pfx_ops_undo_list+0x10/0x10
[ 2670.461955][   T37]  ? rt_spin_unlock+0x14f/0x200
[ 2670.461968][   T37]  ? rt_spin_unlock+0x160/0x200
[ 2670.461980][   T37]  cleanup_net+0x4e5/0x7b0
[ 2670.461996][   T37]  ? __pfx_cleanup_net+0x10/0x10
[ 2670.462013][   T37]  ? process_scheduled_works+0xa0f/0x17a0
[ 2670.462025][   T37]  ? process_scheduled_works+0xa0f/0x17a0
[ 2670.462038][   T37]  process_scheduled_works+0xaec/0x17a0
[ 2670.462065][   T37]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2670.462081][   T37]  ? assign_work+0x3d5/0x5e0
[ 2670.462095][   T37]  worker_thread+0xa50/0xfc0
[ 2670.462122][   T37]  kthread+0x388/0x470
[ 2670.462138][   T37]  ? __pfx_worker_thread+0x10/0x10
[ 2670.462149][   T37]  ? __pfx_kthread+0x10/0x10
[ 2670.462164][   T37]  ret_from_fork+0x51e/0xb90
[ 2670.462180][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 2670.462192][   T37]  ? __switch_to+0xc7d/0x1400
[ 2670.462206][   T37]  ? __pfx_kthread+0x10/0x10
[ 2670.462222][   T37]  ret_from_fork_asm+0x1a/0x30
[ 2670.462253][   T37]  </TASK>
[ 2670.462319][   T37] 
[ 2670.462319][   T37] Showing all locks held in the system:
[ 2670.462326][   T37] 1 lock held by khungtaskd/37:
[ 2670.462333][   T37]  #0: ffffffff8dbcd480 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 2670.462392][   T37] 2 locks held by getty/5561:
[ 2670.462398][   T37]  #0: ffff888036ae00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2670.462425][   T37]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0
[ 2670.462457][   T37] 3 locks held by kworker/u8:15/17712:
[ 2670.462464][   T37]  #0: ffff88801b289138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9d4/0x17a0
[ 2670.462488][   T37]  #1: ffffc9001399fc40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa0f/0x17a0
[ 2670.462513][   T37]  #2: ffffffff8ef3f800 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xfe/0x7b0
[ 2670.462550][   T37] 
[ 2670.462553][   T37] =============================================
[ 2670.462553][   T37] 
[ 2670.462562][   T37] NMI backtrace for cpu 1
[ 2670.462573][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2670.462588][   T37] Tainted: [L]=SOFTLOCKUP
[ 2670.462592][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2670.462598][   T37] Call Trace:
[ 2670.462603][   T37]  <TASK>
[ 2670.462607][   T37]  dump_stack_lvl+0xe8/0x150
[ 2670.462622][   T37]  nmi_cpu_backtrace+0x274/0x2d0
[ 2670.462634][   T37]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2670.462648][   T37]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 2670.462665][   T37]  sys_info+0x135/0x170
[ 2670.462680][   T37]  watchdog+0xf90/0xfe0
[ 2670.462694][   T37]  ? watchdog+0x209/0xfe0
[ 2670.462707][   T37]  kthread+0x388/0x470
[ 2670.462721][   T37]  ? __pfx_watchdog+0x10/0x10
[ 2670.462729][   T37]  ? __pfx_kthread+0x10/0x10
[ 2670.462744][   T37]  ret_from_fork+0x51e/0xb90
[ 2670.462758][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 2670.462770][   T37]  ? __switch_to+0xc7d/0x1400
[ 2670.462782][   T37]  ? __pfx_kthread+0x10/0x10
[ 2670.462796][   T37]  ret_from_fork_asm+0x1a/0x30
[ 2670.462819][   T37]  </TASK>
[ 2670.462823][   T37] Sending NMI from CPU 1 to CPUs 0:
[ 2670.462862][    C0] NMI backtrace for cpu 0
[ 2670.462877][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2670.462898][    C0] Tainted: [L]=SOFTLOCKUP
[ 2670.462904][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2670.462919][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 2670.462940][    C0] Code: 14 4c 02 e9 53 c2 03 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 53 32 17 00 fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
[ 2670.462954][    C0] RSP: 0018:ffffffff8d807dc0 EFLAGS: 00000246
[ 2670.462968][    C0] RAX: 00000000032c717b RBX: ffffffff819849cd RCX: 0000000080000001
[ 2670.462980][    C0] RDX: 0000000000000001 RSI: ffffffff8d34722c RDI: ffffffff8b861580
[ 2670.462990][    C0] RBP: ffffffff8d807eb0 R08: ffff8880b8833cdb R09: 1ffff1101710679b
[ 2670.463003][    C0] R10: dffffc0000000000 R11: ffffed101710679c R12: ffffffff8f492870
[ 2670.463014][    C0] R13: 1ffffffff1b205d8 R14: 0000000000000000 R15: 0000000000000000
[ 2670.463025][    C0] FS:  0000000000000000(0000) GS:ffff888126595000(0000) knlGS:0000000000000000
[ 2670.463038][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2670.463050][    C0] CR2: 000055b11fde1660 CR3: 000000000d9ba000 CR4: 00000000003526f0
[ 2670.463064][    C0] DR0: 0000000000000007 DR1: 00000000000001f8 DR2: 0000000000000086
[ 2670.463074][    C0] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 2670.463086][    C0] Call Trace:
[ 2670.463092][    C0]  <TASK>
[ 2670.463098][    C0]  default_idle+0x9/0x20
[ 2670.463117][    C0]  default_idle_call+0x72/0xb0
[ 2670.463136][    C0]  do_idle+0x1bd/0x500
[ 2670.463151][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2670.463171][    C0]  ? __pfx_do_idle+0x10/0x10
[ 2670.463191][    C0]  cpu_startup_entry+0x43/0x60
[ 2670.463206][    C0]  rest_init+0x2de/0x300
[ 2670.463221][    C0]  start_kernel+0x380/0x3d0
[ 2670.463292][    C0]  x86_64_start_reservations+0x24/0x30
[ 2670.463336][    C0]  x86_64_start_kernel+0x143/0x1c0
[ 2670.463355][    C0]  common_startup_64+0x13e/0x147
[ 2670.463384][    C0]  </TASK>
[ 2670.463848][   T37] Kernel panic - not syncing: hung_task: blocked tasks
[ 2670.463860][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2670.463875][   T37] Tainted: [L]=SOFTLOCKUP
[ 2670.463879][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2670.463885][   T37] Call Trace:
[ 2670.463890][   T37]  <TASK>
[ 2670.463894][   T37]  vpanic+0x1e0/0x670
[ 2670.463912][   T37]  panic+0xc5/0xd0
[ 2670.463926][   T37]  ? __pfx_panic+0x10/0x10
[ 2670.463939][   T37]  ? printk_trigger_flush+0x117/0x180
[ 2670.463952][   T37]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2670.463968][   T37]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[ 2670.463980][   T37]  watchdog+0xfda/0xfe0
[ 2670.463993][   T37]  ? watchdog+0x209/0xfe0
[ 2670.464005][   T37]  kthread+0x388/0x470
[ 2670.464020][   T37]  ? __pfx_watchdog+0x10/0x10
[ 2670.464029][   T37]  ? __pfx_kthread+0x10/0x10
[ 2670.464044][   T37]  ret_from_fork+0x51e/0xb90
[ 2670.464058][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 2670.464069][   T37]  ? __switch_to+0xc7d/0x1400
[ 2670.464082][   T37]  ? __pfx_kthread+0x10/0x10
[ 2670.464097][   T37]  ret_from_fork_asm+0x1a/0x30
[ 2670.464120][   T37]  </TASK>
[ 2670.464449][   T37] Kernel Offset: disabled