last executing test programs:

12.245260267s ago: executing program 4 (id=6703):
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040845}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0)
open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80801)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000500)="a608e5f2e2724fd7d00b71dc97e13f5a2a987046270dc61632cb51d1ec3c7912901302ff866747b05d5e18a21bc5d2d55d87d4683de5d6dc5aa63b9f6e1c4883c3fcae54300a236a34f1fc74e8ca8e2e807635dc41b9bc8ff385223d7d528b631d0f0538f807e106df999fba2f884d84cb60dd41aa1811cf1e995a24", 0x7c}, {&(0x7f0000000600)="d1a75a1596128c62e1a54cdce27b10c886aba86c6984512723139121091f323ea7d8140bf18a01c9c26c276bf48f99f81646de6331281fd9fa888ba2f9edd174", 0x40}, {0x0}, {0x0}], 0x5, 0x0, 0x238}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc75d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d29137a6267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257", 0xf15}], 0x1, 0x1, 0x1ff)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

12.034946552s ago: executing program 4 (id=6706):
socket$unix(0x1, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x5, 0x0, 0xb49, 0x9, 0xdbc8, 0x2, 0x3}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000680)={0xa, 0x4e24, 0xfffffffe, @mcast2, 0x20002}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x14e22, 0xfffffff8, @ipv4}, 0x1c)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x4040)
setsockopt$inet_udp_int(r2, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
sendmmsg$inet(r2, &(0x7f0000000600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000c844)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendto$inet(r2, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa1", 0x467, 0x6000000000000000, 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x22)
unshare(0x62040200)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902"], 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, 0x0, 0x4040010)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})

10.683973599s ago: executing program 1 (id=6712):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007911c00000000000850000003900000095000000f8000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfe01, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x21)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000001d40)={0x0, 0x8, 0x1, 0x1ff, 0x1, [], [0x58, 0x5, 0x4, 0x8], [0xffffffff, 0x23, 0xfffffff7, 0x52], [0x9, 0x10001, 0x3, 0x6]})
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000001380)={'\x00', 0x6, 0x7, 0x1, 0x10001, 0x7, <r3=>0x0})
getresuid(&(0x7f0000001400), &(0x7f0000001440)=<r4=>0x0, &(0x7f0000001480))
statx(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x800, 0x20, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = fcntl$getown(r0, 0x9)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0xc000}})
read$FUSE(r7, &(0x7f0000008340)={0x2020, 0x0, 0x0, <r8=>0x0}, 0x2020)
syz_fuse_handle_req(r7, &(0x7f0000004300)="00e7a0633e8438bafa888b9b02144af32e296a0a01dc194d649b6fa26d6d5e63bac4a04baeeb8aacb22c6eec461b67db6a737737c6d2687acb00572f92e3fdb5d0cb2f11121c557a943020200755bcab77b39c406b733239e2bb1175b9322ba39dc7d67da8f77aed1714dae2e6c24c3ea96be9d151c6ab7b3c54bbe507b8b2461fb4be8dc90042184af6d48f8ace16abb5e3fc943cf61cdb75624a259bdb5f7829b9775820f85f2d1a6ee6c6c2af4fd41ab8a41ecb2612abf13cd2c6f9f3e6db505e4bbe68cc000cf5fa6d5636191a4b366ab59af52132a3f9678d4ed1bd577bacffb3b52850804005eebf3dfa4763168ff30490a11acdbbf4c3312a45f30139f6b72b1e7cdec185006bb30e0e8fa88da2cefc718cae7e9830f7ca101e4e23c6bd16bfacf4a9927fb13af4b79c86ab999beda4ad396abdda354a42fb4ef21d6749175dc21a0cf9191aa4f90d274b50370a580ad8dcd166d2b06c0d8b071973c3fde30f7e2bc371a51ca5866bf8b24eaac75bf482dd4436b214ff62d32e20df223b0b680ede28b3a49e66e330a8a3ecace0db9855d235d5ff23765e742d1a739c2ac8743f4c62664a3b347279da55a1a5b16e1e2828b584a013577d50f890e3894d9e8d6bfccdfb2b70221f12a7fac24b7a8818edce72b65f622c77bf1312771a2c0d805ec9a25c536c91868762032255be78903b77b2c1a773a03996fabba69214e76f5df6df0375b592692a2c3c86c75a3be56fe598ddaea0b9901d20db7e43e128e04e5509283f833c24c625887288459db5727210ba9a301fb8c934dd1d8dca68039fe5b2e1a8d7cdfc6d875e5851098100c3cd42544ed90bb55b58d20a501fabbc485d148c615a3b070fa0520da2ed68ee115a4411d5418b47f3d95616096f67a7a36d68f1e8df82eca8ef96fb4a96b3422fe046a37ea5f5967513a559bd770fecab7228b0692f439765c9e9c6ea4fc608e0b27f9b49064dd2f9ac06f83f6d87ebc61fa3a29bb5ed39641245ce8cf43770df32a84838802b0827ca5a40e2003915e2ed108a005637bb028d29bd2cfd28a1bd55e67ed1b6b7b72163c27c4b0e36d1b134d6dfdb165a66fb46498fc04bb8053b84098af5b18758631d1318d625a6fa4d3ce5a4d3a90e10c6363a26b5ae96c2d56f87ad21a6118af6847d041f88f852ddc3f250c088ef5cb31198f3ac81cff9a5bab26ed56c09f8416188974e08349f7da28fc754b98c1ac4ea0060ac1e1b1c49f7dbadbc59254b265dc418cab9ac14e2bbecc4c3103543e37984efb1f61315e10d2b422732217d3a9b0cfe4561f3765d3bda60be239e02bdc164dd631582e8c87dd8fa60d63dcf9e7f3dadc4ce5e4433a42425b8ee8cb8a2defab0bf9b6109c90b5655b79b18c06884f2670a985d454e08e54de69f645cb0cbb70620bd988ee717c310ae77b4abe81c01c6e7f47268ee20bc30b9062830917705682eba2c5ef966b877f33294aa5f8b29d3dd5ed92302087f34fa18d19a005de05f925e3e93c8c0f24507ff20cd23d9ae5452c32ff58c78ccdb1ab32c98edfaa6d2c3971934ca8f849ac360c286566eb72b0793f12cef84bd282368d533247ee750f18aeda484167f3d680e4aaa3aa0694441d4ff6a71531f1a30f87eeb71afd04c5d686e1f86f27586f4e2c8ff77c09612ba1af9b3fb93efd31af42f8e0498f35d07c662b743a08f2839cad8f95b90cbb4fc0ed2ca45dd093a549cde4c6ff08ce09a2cbc6f9f78b6f96643357f92f8f403202742057731fd3e343a87c0affe803cfdbddb8c2694ab63f2dc35da705624747e30a943000fc82c40f10e1975d2e2ec15aefd531b6dbc053606b054dc976f44d5b5a5f37e9c08532ce16cf8bca55ab6c814ceb855ab50b8b52620f8645a9dc25fcb732080d84bf39c3ebb235b4d96da527b64ec4b72f69e91d16a4efcaf76f2e1f968ca68a06f60b01ec7becc9ffd7877c0992cb0f80fb3daabc039513896bd7697843be06aba53e7761e11e075c61ef2d897d4d9f90041c14283746feeb3f0d456ba4be27843350fe43e7c1110b4439489139f6dae01c43f23ec71f08d3042663c65e059d368e4e2c6e49de45bf078d3182a1bc1208bc59379e705aa3309579947409f2a8b3d79099c8619f916e7a6fa333d2312a274247156b8c25cbcfcc59ef13339c700f56a8691dff39bd4338789001872c0d90929037dc0ad99b380a6ba73f331f73f9274f4c2bf5233d7482edf37bf6ffed4f2c0ee44a1d57cae0d644f25591dc03bf837571a82d0c31b61be7ff85a5b3843e8f96a50eaa43f5c137ecfc4e4530d08a2afa4ba02fcc50117a4ad0d5862302017639344c82749f673dbd650e49b35302d0acbab45c0973198291bb42b4cfcd3b0c252074341ea8eca19e122cd234da6d41bf5eedb706e16c17687ed8b84db67130796d26b94eac83bbcd785b603242bd6252c155711efd7dd22cc54e1eaf6d910d0f22c701f3d4da0314dd2829c6ee13bbcbd126558b47b8066bf0766c792a012315bd29bfeda8f28a2c1f4e638b701758e19a0e5bd5b4f19048b00a877d956292e345f8a3a8367892f955bcb5e50ca145ec5e2c9309e25941bd277e393aaad38f9b72a42514b27da6856223c37a1fc1327fa760551d3fdeb0b222ab180b16c9eea138cf4f327e88fdfee293c5b6b007028eb796a60772148282dcd17ffc1c90ed8b6540ede933545ed5a5301d6ff39734444ff3d85cda4ac3befa5083a4685e9e231eba4a91a35f4f7f48fd5ac2447c64c010e2a9f8e80691c95460e1995444466ec5f3cd71fe509a26ff0b7f3254bc8c3255e903834e841b37c70b267fb33deb0d1ed4ea84a869453ba508fc255b12cf847103d5195046c930ae4a75c956f22fcfe4186d547686b54bd7a534940d5d62216994eac0e8ed3bd2bd59354e6b9c6b5b10511d54a8b928040f1e13c4a423b0cf519fc6e9673df5c48c0778c7edb8fa8d8ace77463a77d2d6313160e1ee72742953e433b670400d59c93464fd91520847db238610ed0c289fc55647881a7d6257cf28090c75a6f19df079cfd35742a74a5ab270314f7c8039c20ff0f3f543d029b75a741b5dc6425241ac2ffabf1f96288e6d4ba34da09fb6049c2c8753fbd41fdb4bc68c57bf374ef4feb0df00c41319debb26afba2ff39e1799a1c2137f4e920ee5b02d93789b6b0c853e8143dae5b08ee85da2ea7c31803610ce797293ea95c16ade6dae2afb008e59d8b9505737f008b5227df5f1e4eb5d707f502698a17ead9b1f5ec09dff34248ff2fb153dc6df4812e39754a4baa42e1d8b77fbddef3ca091701ac28ae5fd422dbd8db5b122d3965383abc37a52d2fca5ce56eba974dba3d059cefe40e3c35c9daa8ae31198214303c1dcb90d58fc983ccfd504fa43925636f94b128d44e8aa5cd3ecfabd50a84062d03f7508a0575ab65ecc749d3ef566fdbc529a8139b7a7fb3a9bd784df52cddc6f2699044ba47615163fbbe19f3d88d38a8b71fe52b2611ca74341429d1cef1a7e350545be29d2caa560e60352cab074c298c44ca2c07f9795ce52f10aa3e2fcdef371f24e309b19e52218881f25a4674527edbe3b3bd0b9b536d810c6f9500c0c81bcfd9a440dd91c1d35c52758d2b2ae1a8497bb394c4f09d3947cf777727b0d1daf5ac4fe4fa3c247a791702cb84b96321b7fec81bf549d4eb5d6dafe019b26187417c68b064e4308908535a3e77b6cd3e28caaf12d726f15590b7958e40134d045a38cbb689131a7e85532f1c63dd4bac9e4d00645cd7b2b71704563f3738b92044a8153f6ba717800ab7cb238175c376d7add2c5ec38e4c856f1ab9c3ee33f6ca6d576ae908dd290e4bae23470182e253765e04e8eb02a791c4396a511ef467879a9e2818b8a4b1b0b39a6c44e816e3ebf6e3be93929dfcb38d5dad7d20b60215447674d0608b8b02331ac20e57083cb9b4449fecbb149441aea0ad82f00a82d87d743fc80d410922bc20923516885440f43c9f32beb81ce148def6140952583a7825c2d2fe012d52d30ef66d32a8a0864ac5c1737e2506228d41ff0515ee80be4cf012927dde0fd2a07cac68eff8c4437f2844d4df07936fd8753e5909f962c5c767f8719cc295bdfa8a16f3f36ff56e34d7b14b6b8c46d5af248b04a9c5396f84990e23d145670950bce5f5638e5e2cea37c371a4483729338f1305cbb32fa1c05dd9d21d2a69e5fa3abe9a2dad2237be20b4088393c04aa66cf13718de4bffac72f641a8c017a1d5568fa15a6a06e4dc833874ec95af6f115bdadf15179bfc8c4e3e64f26f1299e282c4ab397340934efc1e601afc630fe195e8ae7d8da1310568cab4f2fad085d0ec39710d8b7c812b3fd55c6f50925bcfc90fbcb35b8daa0f1e1f69d82fae2034039f7ad6921694ed48a55a68bc541e6d86f1e33c261a92d48b50eb58a03d8e31b2f6564a4ddc3ee988d0dc47b4b610a9a9dcb87571b5c1edb3362df0ec3d58872157e0f7247dfa8100b4478b705702a5620c9201010f40232327550db333e845dbecd6aadbd0a94c064862b1100b6dd45ece811b8c0275e3753e11b4bcd8bc5ed7668e72afa5bc5cc17b4c313273755f532ecfdefdf2d5c47999453a3b7c158d98332f0bd3a820cfb2c8c3bcd43197e7395a032cec6e41662079f2f654965aebc393e22b5c8516d9b8ad01e33ee481a4ac46a2df304dadeaa9e5274d340aaebe14dcea315fe1279f1a41a5c7aa8c94bf4b3d48757503171f53488e01210145e62c0de7c39737848dbdb1b207d4d33b8de180b020e8a76b1b521905e5e3ce97292f8558fb68efdee774681bfffcf1dc3eef35f660dd1659a32950de2d50e762313beee330d9c2a9fe8ce5e4e61ddd86378d3551335f6ef62053d3b248a8c33a11abdf3f3aa1975a15f4a6957a13d5b12a44d0f2b52b9a2d996e98c630c0f2abca80c7ae89efcf81ae284a0d19582cb1319d207077e5657d245533181ed6e07e0f7647123fc46c37bd75b4f4d181112b4a08acdcf445332cb9dde69a0923dd9244dd2ecd818b19588939922e3b2d8dd9d9fed95fa55b0e4564b38aca2c4d24eebc634664400177fbdeaeb278bb1d8eb11baf4be5c87d4f8d9a855bfa75df4c51fb4eec87a27c59df9a47d82523b08022a1c0fb22ff6f93c3d2cc22a4111a6ec5be428cba33617be65739c2240248f3a02d01ddf2d6aca9e537a2296b16d082d2b868504371dd5e41898885b03ebfaca73b40e8924ece83c1c80de6ce14943e1199c6f81bf359f44c3ed5ae3c6eacb730b1039f0b6555347bd566dfff45a7a2176420ab2b40916a73b66a3ad07af6e1ac5597393d203fa1ad34d4564af956a0a3e2997e27a4e5eff67dd89cce8875d995e00c1858234f149f6ad4cac2b8056966f726df57b8c4ee8f22f23097ba1471b1f1036e3a499400fccdb75b56eb13e9eca1407d5bff4b075b06d00fcbfcafc28431eb33156232e73c6577e3eca437330c494ede57b9609e1f40634918dea767338b5542197410cdc000143ace89ca0b7bf645b3267f74767d7c7fce05d2f59c137204e56bfa711f66903c511f681cf7a1b4f9fc0f42b7c438ff8957e1059375321df5b0c5c884f46d94c21686e1300582d34928bc398653118f79bfeea2e7cfbbf31a7718f4aab50fae57db94203d43e060365c9a7455241be03d82dffc3783d0f6aa170c0866eb0dad07485831526922d8348a7a16e2e9903a2ac93c58c6dce83127fab17703ec004a519ae5675baffb31bf4b52f9ca992a84017a44d68dc693abd829947342f277fdcbc87168bcc03c32b8b1e81a1915af2517c464af07d52b79d1b0e53164c82ba049f81e92ed1dc20a88fd72e9ce7aa4b22a7cc57dc5527d14f62bc29cfc9d57ed26fd523cac39ac00ba12d3a49d694709924275fc0793d56acf9558818dc9eb210749fa5307d45886b879257d627cee0542b51c2ce6ce134100efb47c92456ece5b73cdc051f570810a8d534222649eb56cf73a377162b753de6c282bcd4a25dda21dd10901bd8dfe8fd4ba8a70811c39707beded23dd60f23e2933372e3a6bce099899b07f0a4c4956fd98e956a8649622c77717de099463c0c6c9389ab4a1ae10f8ddd086d876af2943ee0b6b402ae5f89e09922e8c510ec0caa0a83e366e916400bfec88a52ab457037a35ddc6a8e2289c33684a5915c37bf5d227cbc65a737b52bdcb4fbbb7b4e7f965db116b46044d0870846c730dce12e120b1fe6dd5798ced24cad72c59a3f44de4978b8bc05a1dbeb766be6e2abf6ef46c67a58a370e54e92d89e5f44525e82b94a388d8d0cb20c3469a258c1633c9dddb6854aee255f93f59435ff317622f6899250aa185c207644275278580c5d32401741fe264a2e03b80f442ed58fd0704ebac923ac6a5abb7f0c695252f82e3fbcf2b99d721589a8fe3fad4d5926aee3d7bfafb6739e525faae3d25b12841fa2cc61dddc44d36acb9a8b72d60ecdd9c8cf04f9bac341b5e0f9bc59042db8126324888b07afe72b18cce36d61eec975b6b4ef5dc4a16ac14440cf770599bd4db630bd110eb63a03a80cd95c16d314a4de60cc5115bf0754cb7ab84a827ecefafa96069c721a5979f227fdc2467b4cd1975dafb5b28e1d6f3c1c3a2816ad831dd98c1378a03798c128f176426eaa0e361571e758d54bf4ec2c988355f016e16d6cd5cf97bb4891ab33f5623b7e796af313cc7a9e2f9510cd2bead1ea5dd080d9de1f595b2629ebccf69a0feaed3963ae8a6c89edd66fbf6e566379898185828925f8669668d6bddff961b08aaedbbe7fc196931a887ec740da6bcdab8f826a34aa2aa1e406a258558f3baf022a64222df4d6ee8726c79ba3dd6e11a19e4b4bb49b4a8cd99c189e6392f08ad731e415b65d0ccb919dca46efe9f79e21437111ab09e926d3038182044ae047bf1cc92e2d2644c528985719667a1a8abaf65d0f211172ea789b2fa016e1a88325d1ed706239da4dbb9e2079e3598b4ae5885667587ba1e0921c9ba55d7a3be4c47bc2f2f3547ce9efe32e5a22855f761bd4cbe1cd9337eda4bd7d82a918084d7e116b656104ca87e64b1b8c62323c3c296c5b5b98051feb607b872edf9f789744aff710c4b7279711182bcac6b76c05f5cd982f52f451e7e29046550e012e01d8cdd3e305427030f4247488c9136303084c12175c5c781cdd08aede5a356ea0ccdd05a460be3c7b4bfd62c3ce9ab68e285a36c1546d0b18edad71f69f5bedb340772e1bbb035514b085067259e39f59dc292a12557350c66904b253efee29a5eb7a6920f583c899dc46a1d3e2af2db3a3d1a0e8d1f98722a16c6cc1e401058d60c8c436d8f1166ba53bdde5810f9d0288528affd486c266546a864c92af3df8abd451cc1e0d6bfea534865cea9d49b3ea5e390fa823118df8a61e31022f5fbb8ceee870bf2e60890263c4d14e24d053d0fddf665ff80a66fa00a5957f8a30fe82a4b82cf2f6b4d49def98f66bfcdaa0aef13314e950ca9f3849b1edf3b82eaf74a0dbcf45c3dba9bd2d853281a78484f1efaf4150da1207ec3cb61fbcbf759f8182b7052b28d7164b73197b0a440759fe9d5ddf827f1897a174e82fb968a9a07c61bee44bc1f7f9ee5c6de04c02d57735c5fab741b36aec7c8642e56cba932a08b8e8a9d3eb066a4ee7cbf22e5abbd4346de59eca1f24ad9f7f9ff7621e5f30dd08f4cddda8e80e496908109f5212a72bab1378d1237def07bdda4178719975346c68405de15153031fb17535894e5e3c1de6fdd507333f0226b78ba7cae509cfb48d6735ede9392650bf85ac1db919b1e9fe0a823119d8253204dbb2f7a8f524be6d419f3a45c5051a7a88ef0bd41586d90c11a894d647f03895f671a6e19f1c70e32668653aba8366a3d372522f49844081a9637db080663ab02f4a8af502955d5411461b62f85308c91852f8fb9f0bdddd500b4a133791d3a2f91a82dc4b09f5ad2196a9172ab0cd3fafe7266e9f6d159110d99ca8da8a34b17be17a04ad4509a9fffab1e45e10f10e0cf9cfbd9c761ad044064c07e473fdc626289cfb88b13a11455c069b70aa02426d9119ac878a14c9483be9c0d5bcbb5fa76c8d06531f59c7cf7c26372e750e2f332418ca769e5e7fbeb3ada7bb58b573a0635e2e3ad9a53ddb809ea01086a3fa993ad57e89da6f9c5e61bd0f8ba69212a386b2aa1ae17520d7fb989dbe14021885eb50fa3048aebd42c861a09a308b660d382c0480ead8a52a1e14927c7c77957f94bb59ccfd557f8c4a7af23360a298a603d20ebc386db041d8c306b3e32b0bff541bdec5ff75c3b40950815cf9f89d48a382f67e44c409d046c01fb1262aca0df6f5238a3c3c09977261494f7361ba326815d6e23f49e4d6d4b54665081067332265fff59cf54af9da0db9d19bc611cbcb6e6f3f1e2e1ffb6cdd6253578d78d06a2ff5f9250f1994c5749e3ce49231fbd63bba28e948f9150933e3ae31299babaa41043b181a100882e613b4b4b8f49ceeb742d22f860853a9b917f5a323a8a1fb1f3363a7be4407fba44b408f259b5db79a055b92ce3d7a0649cc59f4afa2b1f69959d5c6f5eef1fa7987a47bee4491f685c52e9db1ee1a231ab5a4bae1019c97868a409dd0d57b32525394a233023c4a7ac429808bbcb57a34b41883202744c3bdebc0a637773273f19c2be6e806bef7fc1002846db762ee4e16867773808c5477987d5851d5b1641d070feabc203cb3d7943ffb206272fcac1bccb616352d85975f5a22c0f247548535ad9fb83fb2be17689453f10691143c060cd964df63c3c70e7b1cfc7e2b468015f327f9869353477bfeeed330b03ddd9e4e0a2441182244da283d7a59d2b2b20e6de3e3a47c26aeef4944c1190bba674523a6c3c4ed6bac53b9edffcb0e9fb19d8bf36949d03ef6a7e59eb903a00d9614f642d1932c766421906f5b177963c71e881453560e3ffcec792e8dc46b1832a8fcb2ab2268a9c1fb648d1c6fa1c8cbd50d5a2d8264fbc6c063e6daac5519d362da389dcd3d12c8039f991de91e728abf5bab95c3aef66dd8cc36c60e73cb10afb02eff6df20ff12c59b142b07fc48fe94612de80b8b958f78256fd7cf3c6f79a83867f3bb5f70da392957badadecefdf7b6e4ebd39ff945397c7d302ca0a5a3918d8abb893cd9cdd680916a50fe19699ff0476ad82e6ba46523f26ccc5eb65313c1df1077c8876d2b73bf86ba311862d12b0c557a92ef827197121512e87f817167d4b17c7e225a48b3f8fbbf4187438e0e9b78e905cdbeb72e80dfb37ec0104f5186b39b4ff34f0cdf4b74dc915acd3f98874cd6a67308d0ad9697121ac477550b1affe004f433705933f9647522be65cb5a7471120ec942aeb956f195be0c1783102cf7d842f2968222ae1a7fa6513f200d3fa85d71724956ed697f0673ee3b40a4d46ba4850439ec125b708ed52b52b9f72906477d520c90a9f5dd49a7a33a328137a183f439895532b78ae451a8c3db789bc862fbc37241d523027e1a008629c969380f6eb55f9cf3f0675bca6851f00df6aaf90de9f62d5c179945ef81d1073850301f97e379ea415d830e3f3751cf83e2dba541cb6cdd89e6b674f2c53e329e5f3dd418d534ada6469a5b3bca5b7cfbdfdd6df4abaf77d4520d0311e801145c91b52586a56086e663841b702f52cef9fff8cfb7b33dfa125688ba6b4fadd1dca8defaf4259ca85323b23d3bbb45933562c25af3e8d7bc6ad4a50ae974f8d207994b3bd74a6812ab6a40fcaf96bb4e17bd20d742b14c72226caef3e0f5c56c4930071e9f9a894f18650fbb785c6f707605c86b634c9722c8690cf3a954f68d7c2db3a257339ade67a41259f6f878dd0ab7876deffa77f6f00819282a8f4c4da84c6cf4f335cd0410770a2b1a1fbb3f85f4489eeceb78bbfddb2d1866c57b41f6ed179a0bc3750a486403d23473f2feef43ebc5af1018d9c20089e277d77fb9c34f425c8f8af4c49864b57572fa8c232e61ef37194251a1ddc2f73ffecd57e638751cb72bcb2c40d22540166ca1e8588f24b010c9fbd962e3a2c23a7e93f131df61b8703ce326ed80cc87912d3c6aaa27574bbe8d65bcaecd660c31cead132a44b1d0e4a53cacc0b82a263c4e7783944af0af08ea9e68e8e25ed9111cfef841f1b2fd24164f9097f70efe09b1109e5cb91fe68a2760381fd63a7fd422dd578a60661abc9ee3a5db1c2cde2fb21f2040f1ed3fc27b99e254256949d0560e8b98fa028fca50768caa951a87bf8969af498d50a9ee773c9caa7d9f7d8e1955506013f198cda316d79b177e59f233b98f727afd2494fc18642f0015adab756ea6742690c7d00f28655b915ce4eb8b3ba2e8559ba23e1ff1ccc9f79ae2df85f924459c56715dec78ef4592352eb1a850cd65ecd36e1a9121e888586b7b2fa84da920b8cf44480433e61ab076b10171c0537524bb170a4b99b0b0c437418a665b7ef909652b6483b20362e557c1480c2a2a0efa221fc59054a48122b52d38245f9bd026001635be5b155f5c766a59306fbde231fa72b4d74449a2fe8fb969496ee26af5881adaafb4189b439877ab8f78709cfd32c10ea576a010bfc137b7a4aae137ea3d29070ce3bc8dbe6655e967115ca3461ad9d28b9cf8af07441e68a54ec5e889846f3978f07ba51f7d5af5da78c5c675dc5d0c1a4a399ff4247203573a46fb903eaf7bc886e6cbd3126fa4a3fe3bb13bbdfea7da871f6563aa750f6ad7895b34b2809563dcf5ed30f1c60cef4138aa49d4f55e396534ed10cf4d857723a2b442f47d79de162c30ec6c4daf939b4c88649494e3682d1da81b4a5928d8e18a16c46707a685305e592589acb484e28e9d5af89c44b6e563d125ec97c0155410527406d94b90bc9576a662db99da1cb82b04d610d02187ce08f22ea0e8fd31919d53fa6aaf980e31ca7f8610e695a41919c24136a8406c62d5f15fca365892a2b54ece17664b5247583ad60d863f283f3c288946139575dcaedc978762e85f534e56334ef0221c34ffae054ddf79339b8f08701e9699b11041df8f518dd33203363c8098fbefb01555bcc2542422777b38d8dff11b15aadb0c251ce2c5b32f8735b3cb784f2e5731b48feb5a0e791a1106abdea0f7d1f087737cbe7fdf523fa14c9be2a2987511004c5b7ac1814ef6961db16799698242452c469a07c30e4a1f73193c74a41bdd88aef50035e4648bc9dfa276951798420a45e4085932bdb9381af3cc4678bd962af616549e4020d2c9fd25e2117a6d8934fde2218273d7833d60ea492e251417a27e7fb32012a940a6b6487af4b64958bf05f1b1107732149d227eeda5ca5a43cf583dc297d66072a1acd75e93a7caefd36a0d581e21d5cb08654c4ecef46ebac5391546e0b7d2a6418548d8f816446bcf237f676e873e6bae9107234abe5ab24c53ea472ad10653cef068fd9f4e729fc0d526e489f8df13af5575f1e70e0ec22899728b0659d70fc2dd509d9df3ec170638f89e540f4d3f02aa9b1b1819f84da596e0d7b45a5818061728f8eeccd2bea0f460dd7e18cb95f2364c50e351f0690e184eb63ebbb14a0b4b2117e44f3b2b3", 0x2000, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x130, 0x0, 0x4fcb6233, {0x0, 0xd, 0x0, '\x00', {0x7ff, 0x7ff, 0xadf, 0x804, r8, 0x0, 0x8000, '\x00', 0x6, 0x81, 0x1, 0x3, {0x8, 0x6}, {0x4000000000006, 0x809}, {0x1, 0xd}, {0x1000000000, 0xa00}, 0x2, 0xd, 0xfffffe00, 0x7}}}})
r9 = getegid()
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001600)=<r10=>0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000001640)={0xf, 0x400000, {0xffffffffffffffff}, {<r11=>0xee00}, 0xba, 0x1})
r12 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r13=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r13)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
r15 = socket$nl_netfilter(0x10, 0x3, 0xc)
r16 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r17 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r18 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r18, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x3c, r17, 0x1, 0x0, 0x0, {0x54}, [{{@nsim={{0xe, 0x2}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
close_range(r16, 0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_ADD(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x28, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
sendmmsg$unix(r14, &(0x7f00000bd000), 0x318, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001c40)=[{{&(0x7f0000000080)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001300)=[{&(0x7f0000000300)="ce7c3b77d0b9712ecb7dfc13412526a2ef7a8abfe199bcde976c9cc3bc4a422fddcda0d1811822b63b73ef3e9f78e341d93e4450f59d577960ff86ec514c9939aceb40bf493846a053b4974f0ee0f79c43cca0f76ee7cf9929f866d166504e08a2ed074a43471308cf376666c7f45128fde3a384155c442747c9bffc5fffcd917834092f489efbaaa29edf377b4fe17932c420c35d64116e1584a8d637a3bc976dc4c13f525dcf6af97e0b92eb1645916c62d8cb9786de6c3434c3c86f41cbdd05fa4d51209cbbff2b231b000cfe358efb929b80b9036589c33b9da44a6e10b064d691900d4db1d2c2b8f0773f8f62e33b296fc797c7ade36c1619008ae39c506adeffc7fe30bfc21493548d45df7561606904792ffa8b0506a39c994b7040a423a9f873ff7e4e0ec36e7f10ec90df6e9eaa173160ac0d6a7d31d8ccc25eafa448a5608569303c576ba99cf4bd5ecd66dc001b5c11603a58c82c467f857433aad8ba0c7706859f8e7df05eb57199cb0331e1c46b55b5e760db2fd4203efb336b1fc6ff6c88c701dbd8dce00bf1eeeca8230f54387770b39fd78b5d789423ded9a9d584f6528b2583aff9976b6cac49f7f98170a0cce4c3918f0b50071dd2a07df82244f14f72a0b90fdef3792d1636a822cafb187894ad3d49aef678fe0d1c6f61af20635c08f0015f4c6b12e2bbdede4c8a6c63270f5141db97b2fbc1ec671a05b1dcf63c197cc1785cd7dc1bff7d3fe7bfb40cc814b054c3a0a8e46d0c7fcbc27f0579febd147a47b54792d88db4c554369726f2ef694235c15a5e92ed5ecdc99f71ae199e3e2aa3e81b2d4ef29f0f7c36050866d3d714d1ee896b5405c29be21777ec15828e05d6c44087a4ab172325627aed10c36436fa19b31a00b4c8a9d1d1b34684786c23d3cb6e7399213c0daa6416f50ae04162db5ec831588a27999363ce9e71be1106546eda6b588bc021a64accf2de22254f7c16cbfebbbbb5ebe500cbb3e7e0ec92c9f67218fc6efa9e619ca75a4e9499e783cfda5378fba8afdc2cfa43b7733e50db28e671c8e0874e3481737ec86d7706850822a3b59f534ca30dcabec1f6794ac0e6299d11077ed37dde7c737d1b86b1f63c24471ee7dd83393510d5a98414db78dfa0b5e2a29a7a5d5dffbe7c6346d7b5e55a9200e83e189be6c7a474a4c12cfb253999edf4d09af638660975c681ab41bde8a611ea420aed7cfd03392695eca7267cce4aca662305e691a7e6a18795a9725e8bf7e5503bcc1ed6796c5fd127a4792a9faadf236654e90313f292e2e955ab9731d148c685b30be980264637ad0c7753868f25f10499afbfe0feab16d9339aee5fe08b3698dcb2c1d3777db1a23fdacb3c9787bfe7cda96c2168cf40c8c29d17b01330da196460093022506f71c463dbcc4164a3cbbe316472b46b1215db38a07b95a6b93024b878c60aedf027ff1d738f50fe974ccd13ae96a38587095611ee476fb18476f5c2d0cce51dd4968fe9b5525d5590004e344e886956c15d8a6e579fc3ff12fc2a7ec15cc76d65a52421f73d4edec78aa3074aeeb4c6e59cc3ad20fa86540fd64cd32fa323f288f907189a03a58e292ac9a288c617e97b598c500ae9dbca9628a30a609064fa1bcf4af0043619abaaa4716344c968d6a207e8ffd8bc8d09acec05c6971cb131bc85d170d9e523715843bcb8135053fd5a099c95e2a88b52c0d31b119bd5638cb0ec9e7321930bf8ae5cfb569fd197dbb3acbcf2f5ccf15f3190b980eff099d5f214933111b0d2503d847e7b55141063b24bd08d95335769fd372f8dcfd630c5726684b6a4f90755c85f7af1aa57e8303d6d3dca1b2f4b05ea7c4d98c7957690185100c829ebb6694fe6139d1c1e607e0557666a3d2d4d05046c2c487806fba7a79c8671df1f7f4a4e467e9dfd89c93f73eaae46c5acdca12a6b986dc60be42e10a683ed4b320104278db4c846acbeaaa37e352c60b9eb8211625fd977324a2bc5f3382d05ed8c7544f485a3c9dcf3aad2d1b5a583041f57c4468b3808b86d2a029e2c2199c5b15ea4a3256ccf0de333dcfd43ba16eacf667b45bfb9bb4d76e9ea022f18642d73f176c5baadb88276eb21595ffcff19785b337b7ad1d00c3168035825e692a0ab14c5857abc94e2827bbe47c02a62e3f999d6f08f67fc7c5a4810bec224132559486d96e7ee6dce81479fa500721685843deea4113bc422d499d37c480907b2b70aecb825bab93064b758daee17793d1b9083b4461ccd3f6ed0f0c9bb42367f92f1d1c29e91bb2d710ebd82d526ec74c5397a72fef6640777ba66730721d615ab73eef77e460469916c3767b77234bbe3867a1d4f84952cc993403368ea7ebe0e7b825f97ae61e1890b884f618fccc8ec9e716f7347ff914a5850f7f3ace2d1e3e6e1684ed526bd7e53c7c64c4d1c1f1ac135f076540ff2ff6c2ce316debdbc79f89044e84880d237f14276523a023ff7091a19cf1a3d1c7d92bb6c4a633319c523ffa5dfbe9a39e2d46feb58fea220aa5700cb4b12d946133f0190b79910865451dd92a8a3b85079b551ac54a5cd9f78191c89a883c4d15a31333d192205217d3399e9fbb10d5bfe88458f6f3dd5f811e89ba53815aa530557cbec0b00c84c8d581502309c30dda2211bc15651758de88f2900506e67ebf2e37442387a20f3ca8d99f564a94d4c38b427a33e2351211b96f03b9045db7bf9a9bd382fe05dea25336c8ebb6ca3f6abcfeba79da618ccc312e8afa80fb45d8830a80ec141ae4c123ae5ef0c70d0c8d0be43ff3db859bf730e5179d515e10beb8ff94bb3977f1e23424ee9b9bd01ce9ca3eb62107797a93f8b5bf01d5f7bcafdfce47aa458278fb53cfea0bd98f731c750647011ce6852718a698bdde7770863e5729c0df1c4547f4efb26381a1fbd79ef3d454ace84dfeccf979d4c63f12e3964b881c5b9d34091eedfd73760063abc7c8b9239193c7d7cb1ae13bbcbbd3fc401e16b7502dd800dd76e1562cdf82dcec49e8b166ee3c1e56448a56a2c188b25b3dfdee66a76cfd5562611efbe3ce832918975b44fffa431b832ab3128cb22e60b316fad46d5082b084e15f54a7540325283ac50a91d787aa9e8b2aa88ab11c79c98a7e9d325aabe95d58641633c266b46b37d35adb674868dade3e67178488336314b2014ce05336105d0c0d97e727723f7b1bde85263a49e609d6e4fe9cb62ddd6544d8e35a624c2ebf29f7f4004d5864c460a7121132e26ab71e7bc29428a1847571cf49f4c3952f2b86004a5f65c2aabbee92a11de15b43f727b480d1f29a6d35323088bfdd87d147fe5cc3629207cdb0abbc8f8ca4aac08aff2747d83cd77e8d6f66c3202a17c568ed25604a01334ed396a182387d80ea3b9273c130b6dcf54562426f43712c3f7f049227c924177603484b30aefe9f2e0cf95b38f971a66cfa398ba707dd8caa12d5d3f84c9ab2c9aa0ac823fe7f1c7ae872ba09d7b97fd3e8fac18f5abd090ab184fdb664e32e35deff85f610e3ae89525f5a94f2f09e088ecf855a180021f82118c34bdb0fcaada706e7136ea9b239d96169b54781b355b26911ad27897102c1b0a1146949a4e8573fa655bf9b80c71940253dcc9357e950d88b9bd334e1316b8e2b885fa00cd17851076b3125a8accc7cd410f908656765f5669483521639ef92f7c17aac21408e3cabbb1ca88336e32df6197342505f77f63e357ae07484cc648e9a645d331e7faa45fbfa38c0a0734764a5e688586d0fb2b2e6ca2d6d434dcd447f98dfbaa149f25a806e107aa6044543a51b6f7f9f825ed57f49bdec8c9172f9bee4b13a6f908bcd438ed2e87de5cf91b7e49cb8c9810a28a024cbf5fdc115423ce6b3f368855fe8fd9db0f1835154568668b0112c2445a6f2e376561f984e4319282c193553d3bf7fad23935cbb43a5757a4bb2e1a87b6437a61f2e93993e08cdc86cb9fe1abd0af924d217fc3d7a3b5230d3033f56e4720101a8e8e93b3f73f794710e8fccbbb3e2e44c1fbf6fd295a00083132183899df7be673605b8da14bb487b37d073348a9cdecd381010d491947798899685572ff61d68c74260db11f666dba724c01f084f785d4b2ba3383722c305d1a8904ee44abf8f67ec268381b41ba933145ba253c0d81571646af24e1672233cffd38a8b0a6de5f1b2a46108a637232d204b4eee6223e47e678bb8cac1ebbc2fb7df075efd7d9698415b1b3fdbb927db8c60228c612db5b6218044d682f3b3b948cad7cf3c7ec9e07097e38c2faa802614746f7645e172945308f3873c9ade89036eef7ac74d39dda6228f3bf2102d056cec60af52b6b28a17064337d077484092f8dc4c55a62ddcc9813b3090456f18e22eecea82e4a0223b4885c476f832898d4f4215cbf3163430d8331e70bfdb30ca286aacfc9160911f67129f6c4d0bc0ea4994d1b2164fd009d0b1e8faee1c80d0d62bbcef81ae2fe0828618ee99beb507fd4bbaeb74599eb6b9cec096c2cfd759f997aa1560583c34690aa48abc71009919b246e722ee5f510762c3b8c29363bb3c8f3597b2f12cd4d09a7a7bf8977295267974594298794adc0a532f2f1ecaaf5224f359263e471b98bfc116640184eb3f1309568e9af8f3eed4c46f52be55033b25682d4ce97fe4b5eb98a78f2a1fb87349eeb003ce0f25d602a26bfdc54e199f3c32f99a25b7c375b437208ec8f696771510d42eaca05b2c58802e946aa0c5e2d1d9da06a7b13e2dd7b1a950569b3d27c5efde093acfca898baeec930177dd510eb1b2ff8662ff848db888bc72bcd9459ca2431bcff42a4d7fd057d8f6f9dba7448df6842e3c0d840c1429ddf14be7c5482cbe887a876b10068dbd6f984e71b3b12e9f278418fe894f7ed119e5e15ae3979f588ca66de50e8dc5ecf5e45173cd945f15a45b0e602598f73b514c39f9126c8542f07a338dbff290d1479fcc42b43eb8ecb69dc41c83032d1624f0c76aee466fb2d89e2a7d9f2a63dccf9725e08d92e3e17bffff53f63cfb36928fae388db62fc6133eac1445ce91dfcabc4a5b0751bc02a472358adea0c48e281d7d1d10fe29a090327702eea59ff0486a5556b903764e89d4ce30aff2db73e24db37bada20e48a3e7285911b9f76c29867b0facae1bd1509d9dc8be10b839bb1c14d6ccdbc60efcdd2c957eb07fc8b5c1efa949e4ef5905a5e70a7d855057901999e2b7e39a342460f7cd38b4ac5998e6e37ac4afdb115ebaa5cff0d47d75efe9259db3d97d11a56bc4f131a7c03eac5aa019c5808430b92dc5c5079dfa02e8b6deab18af4665558464df221e93e557d21d0024cf4c16e1205ab613c8e12a900ca7b98e6f1a3d4645447deb4399ffe60c5ac0f2985bd00b14d2937833a5205dc0303fa2c47a06dfcb5106b6b9e5bdda064aeac7b35dd2c730038cbec04a8a674d5170c48bbb0eab1dcd119531cfe3ace2ccdf3214475fded74e1fc2afcbf401dd459469c25a04d972d8bd0564623e323740ee9105df4b3223dbde44aa517686394efe598b6e1faf5fc363cb507ca60ef935b412ffd55034a490a249b5d10e91ac5856ce5ab91df5a5f10352fda3e4b230ef7cc481cda0ebe59f2594fa5dfcb024240b40b47de44c2e753f4b9fc1008757c686ac759c7c98085b497eea208ca16923e5a667d3a000bd480344d7f5c309e28285efa695da939191e8eb364871d6a3b9e258517dd481788b7abca17640c2ee7e6b6abd0e41c16f43ddcd5a14b3d5c7574e5891e0e8867909d1113e20ab04bf43fdd3f1ea2e61ee3b86afb", 0x1000}, {&(0x7f0000000100)="a03ff5d474d065e5cfacdc38f4f91822a238005af7d68719c6f2a4014c247f4e4744dab15a1c72ffe0944ed3a368c8b9b27bdc3275da3d604d8d6dee9f09af4cde07fdea4b0dbe289de38119cd67a1c32d0844650158e0291e4eaa2049fee94c37c1656b23c906582abb78f57e9a61", 0x6f}, {&(0x7f0000000180)="3115a349942f2c3d6a1063e71963275ac8d2ec2da7188044eb0df8c5677833b33c0b95c85ce71e9e7234003d98c2cac3e835262848949c49dda09eeb2e64e81127dda95c0d945e7c7c598952f85ec93c54a7989daca4b9b5eda9d979fd168ba1e8e823362dc8f37388c4f2a175629e", 0x6f}, {&(0x7f0000000200)="4e7cea3ad965075758d88c10e85e12cdeecc2aa064c3e017f0b410951e35a6c9d2a673", 0x23}, {&(0x7f0000000240)="d5d9533934d191704142c8353e78eb7b0e18c607a319ed1ed0e74b9aabeb6e0ed0593bec22df14f3540437181d244c09ccd10df56ea5bcb675097a15473a165df9d88dfae64fb18cb3782029393229d6ae6e1d760e169844158c20b1439105ef67fd3d4839b87905b586af", 0x6b}], 0x5, &(0x7f0000001680)=[@cred={{0x1c, 0x1, 0x2, {r3, r4, r5}}}, @cred={{0x1c, 0x1, 0x2, {r6, r8, r9}}}, @cred={{0x1c, 0x1, 0x2, {r10, r11, r13}}}, @rights={{0x1c, 0x1, 0x1, [r0, r0, r0]}}, @rights={{0x1c, 0x1, 0x1, [r0, r0, r14]}}, @rights={{0x24, 0x1, 0x1, [r0, r0, r0, r0, r0]}}], 0xc8, 0x40044}}, {{&(0x7f0000001780)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001bc0)=[{&(0x7f0000001800)="64e60ad1d8b36ac798ccbc49325a3d3cda6b4abe06dd1187a53a4ec47d0ed79e652be7fd4a6929f5732cc3c1280297ed3b8f2fb78843988146b5873ca6257a0891837f8390542369dafbcfe859f3", 0x4e}, {&(0x7f0000001880)="64f17dc87b2c1ca87ec0ace6455d5ada3b2e799a2abacf32e7e9310ec77b75099bfc8b2893a421235e72151cbdf3cc46a8ab17d45e89eb6212f1f64218c9ce04c3ac919ec39029f03edd3749ac6f42a96fe5c2a8454d067995db73a3d08abb013e84db476b0ae29f797f160ca6eba54722aba3e01b01da45002ebf449e9f229b264d622cb260251531ac2b1cfd39dbe9155c8d7bd4d1fec2951d2c49408948d71b9f58a3eae829dd95ff012ca50ed3b94fbf100170dcc9c66b33e5e47c4e22f084fb8f7422ee527ee648275774054cc3b22d262e9a178c6bacc7f3a2", 0xdc}, {&(0x7f0000001980)="af7e216782a45e9eb7156173695aff7932d52e4fd0155282646dd372b9cb616cfaa23bdae286bdc1d3d0d36658e17f1dafd3d6de5d0a6d97f1220d78bc490ce3eff0bc6a0e78a956919549549f0598f3fdd60e8793d68cfff6232a5418928339dbb36f546fff4a506a", 0x69}, {&(0x7f0000001a00)="2124d2ca3ee8e09885f814a65dbc2c50f27002207bd1b1af59eae10c73ac48000d211fe805a697cf59e337f3cd5b62ad604b8413f4e0733d5f198eb0ec54fcf1721336c3bcb9a26c9d0c8a8c09480bfdbbb836af64a1c94d7a64b3aca58095a642b67244845cdd16ee2ba1acd8b20acbac22e310ae5b85bec76580e2b9d329fcba2526b317f4556e99", 0x89}, {&(0x7f0000001ac0)="855932322269008db86f6eb9b13bcca8eb0cf210a811f9c568e4b7063d08f5ad09e7c22022d3e3646a6c62f74daa0fba525bec6181921ac5530574148d4c4d568d901a06c1951d5988f991dcbb6e9212d140e78a8794e7720ed6ee06d3376e1c825557715737f2d4822d8d96cb2c58d3b57d5fd179929b15bd5a3700a89369254c3a036b7c4925af2e3066a814b114bc241e68129650cadc5baa4b4bd914b913f35dde56c7899728840131c062fd055b5240717e6b5417cbbb9ff7489be904f0c3dd4b3f0a3be13b86694a41302d367bcae68055aa2afbe01f4a647192c86a2d4281f33877cd71748208372582f80d402657c9167298c72b3359fe65d9c83f", 0xff}], 0x5}}], 0x2, 0x10)

9.582845852s ago: executing program 1 (id=6716):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r2, 0x0, 0x0}, 0x20)

8.907366099s ago: executing program 2 (id=6718):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x0, 0x0, 0x0)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0xebff, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, 0x0)
r4 = shmget$private(0x0, 0x3000, 0x400, &(0x7f0000ffd000/0x3000)=nil)
r5 = shmat(r4, &(0x7f0000fec000/0x4000)=nil, 0x600c)
shmdt(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r6, 0x6, 0x5, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000580)={&(0x7f0000000480)=[0x0, 0x0, <r8=>0x0], 0x0, 0x0, 0x0, 0x3})
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f00000005c0)={0x0, 0x0, 0x0, r8, 0xf8, 0x8, 0x7ff, 0x6, {0x8, 0x8, 0x2, 0x5, 0x0, 0x2, 0x1, 0x1, 0x0, 0xffff, 0x8, 0xe6, 0xffffffff, 0x77, "ba9a42184edc4097e01b52f22e2cbb318719fb31f6699332292cc81f89f07580"}})
setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0x20, &(0x7f0000000000)={@in6={{0xa, 0x4e22, 0x9, @local, 0x7}}, 0x0, 0x0, 0x3a, 0x0, "a30b3b28af4d2f246a016542daa845f387713f4048ff2ece1e75f1fc0100f41e4de6256109383664417165bba0dd5ace522fa788000000000033035551502f07b4001a00"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x4e21, 0xc, @loopback, 0x400}}, 0x0, 0x0, 0x40, 0x0, "947116a1a606754bab1cb61212bb07a2bd205f00f81bef965a071f0d1aadd97b9640d9a0cd9ea71a5e9aec7f03d4406a7710c42cb5e754b089928abcd7589d209bc45b4064028eb7fafaa8b125736e00"}, 0xd8)
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=@ipv6_getnexthop={0x18, 0x6a, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

7.777351157s ago: executing program 4 (id=6722):
lseek(0xffffffffffffffff, 0x7, 0x1)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[], 0x40}}, 0x20008884)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0}, 0x0)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f00000000c0))
syz_usb_control_io(r0, 0x0, 0x0)

7.667929053s ago: executing program 2 (id=6723):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201411e30f56920ac05190272f00102030109021b1a01000010000900042300"/42], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x40, &(0x7f0000000200)=ANY=[@ANYRESHEX=r0, @ANYBLOB="982785469c77eb640e46b2e67494fcbb8bee4b449e85e3cd0dff39ac2be16a087d44ea3d9fd6769f3da1eba75041"])
syz_usb_control_io(r0, 0x0, 0x0)

7.339914165s ago: executing program 1 (id=6726):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

7.286938494s ago: executing program 1 (id=6727):
r0 = socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
keyctl$negate(0xd, 0x0, 0xfffffffffffffffe, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_SET(r2, 0x0, 0x8811)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbefb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000700)=@abs={0x0, 0x0, 0x10000}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)={0x1c, 0x7, 0x6, 0x401, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x4000080)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r7, 0xc08c5336, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})
landlock_restrict_self(0xffffffffffffffff, 0x5)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000004c0)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)

6.924024872s ago: executing program 3 (id=6729):
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000300)=""/102392, 0x18ff8)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf1c)

6.344682339s ago: executing program 2 (id=6731):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x2000000000000329, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000100)='GPL\x00', 0x4}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r2, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1ff}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002240)=""/102400, 0x19000)
setreuid(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
stat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980))
getgroups(0x7, &(0x7f0000000b40)=[0xee01, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xee01, 0xffffffffffffffff, 0xee01])
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x8000, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r4 = syz_open_dev$vbi(&(0x7f00000028c0), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x640, 0x1, 0x1, 0xd59f83, 0x7, 0x42, 0x19ef, 0x3, 0x3, 0x2800, 0x2800, 0x2, 0xba3, 0x9, 0x0, {0x8, 0xffffffff}, 0xd0, 0x9}})

5.253511985s ago: executing program 0 (id=6732):
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1404200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, 0x0, 0x0)
ioctl$NS_GET_USERNS(r1, 0xb701, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000300)={0x9, 0x301000, 0x2000, 0x1, 0x1, 0x0, 0x0, 0x1}, 0x10)
modify_ldt$write(0x1, &(0x7f0000000080)={0x1, 0x20001000, 0xffffffffffffdfff, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="090000000100000042000000"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r2, @ANYRESDEC=r3, @ANYBLOB="000226bd7000fddbdf250f000000657673696d0000000f0002006e657464657673696d30000008000b00ea140000060011000100"/62], 0x44}, 0x1, 0x0, 0x0, 0x20040800}, 0x44000)
setrlimit(0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003)
socket$unix(0x1, 0x1, 0x0)

5.17597383s ago: executing program 4 (id=6733):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = epoll_create1(0x0)
r1 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
r2 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8)
request_key(&(0x7f00000002c0)='encrypted\x00', &(0x7f0000000240)={'syz', 0x2}, 0x0, r2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x80)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r3, 0x29, 0x13, &(0x7f0000000000)=0x1, 0x4)
r4 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x1)
r5 = memfd_create(&(0x7f0000000340)='[\v\xdbX\xae[\x1a\xad\xd1md\xc8\x85HX\xa9%\f\x1a\xd8\xb9\\Q\xd7\xbc\xf1\xb3\x86\xe2/Op\xd0\xa2\x82\x1eb;(\xb5\xe1j\xc8\f\xe5\x89\x17\xee|J\x90=5\xed\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q%\x8a\xda\x05\x00f\xe3j%\x00\x00\x1c#\xc6\xd8\xdbD\x92P\xe16W\x10\xdau\xc7\x8f\xaa\x8d\xa9\x97\x9d\xcb\x1e\x80\xe7\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\xbdD\xcc\'\xa2\xaf`\xf6L\x0e\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecM\xe4H\xb7\xaf\xa8\x96dh\xa9\xab > \xac\x00O^\x14\xcbv\x17Hkb\xe7\xcb\x9d;\xd2\x9f\x05\xd1\x00\x8b\xd3\x9f\a\x99^v\xf7\xfa\xe5\xf0h\x87l\xd9\x15\xd2\x87~?\xb1\x9d\xc1\x92`\x8a\r\xfc\xeb\x14\xd1\x94\fv\x8a\xe3\x1d\x0fj}\x9f\xedsc\xd3\xee\xe6cXw\xa1\xbc\xd0o\xf9\x9cJ\b\x00\xd8;\\ik0+\xc6\xb9/e3\x80\x00\xc8\xf2\x87\xdf\t\x97\x9dB\xc1\xa0\xa71\xf25GU|]A\x1eel \x8ff\xc6\nt\xd0\x91\x9d\x1c\xfe%RY\xc4>n\x11+\xef\x8c\xa4\xe5\xde\x06\x00\xffE\xf4\x96#\x92-9\xe5\xa7\xf8%\xb0I\xd4\x91r\xbf\x1bOS\xee}\x16\x87\x05\xf2\xb9\x81\x14\xe2NZ\\I\xd0[\xc4\xf2\"\x87\xf5\xb8\x95.M\xb1S\xbd\xe4i\x00\xc1b\t]?}0\t\xebV\xbci\xa5\x05\xca\xb6\xc22\x7fL\x89&\xa0\xcfMULr0rs\xb4\n\xa6)\xe23\xf0\x8d\x9dO\xb9\xc9\x83\xabS\x013\"\x1b\x97K\x17\x16\x89\a\xee\xc903\xad\x15\x1cH\xd2\x95\x91\xb4$\x1b\xbf\xaf\xf5\x9b\xc2\x85\xe7[\xe5\xfb}\x1d@f2\x11\x13Y\x98\xa4\xecWEE\x9eI\x05\v\x11\xad\x93!^T\xe5N\xf6LI\x9aE\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\x1a\xc9(a\x06>g', 0x2)
fsetxattr$security_ima(r5, &(0x7f0000001140), &(0x7f0000000040)=@md5={0x1, "74c676018fc6babce6aef87a5287b81d"}, 0x11, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r6 = getpgrp(0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x2, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x1, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x11, 0xffffffffffffffff, 0x0)
r8 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r8, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x8, 0x0)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=ANY=[@ANYBLOB="380000001800dd8d0000000000000000020010000000000600000000060003"], 0x38}}, 0x0)

4.884718237s ago: executing program 2 (id=6734):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x14, 0x399b, 0x23, 0x0, 0x0)
r5 = socket(0x1, 0x1, 0x1)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r6, &(0x7f00000027c0)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010029bd7000fbdbdf25010000000c000200d5400000000000001c0007800c00018008000100", @ANYRES32=r5, @ANYBLOB='\f'], 0x3c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000)

3.867461727s ago: executing program 4 (id=6735):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37}, 0x28) (fail_nth: 6)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="050000000400000004000000070000000008343d0000", @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="020000000100000000000800"/28], 0x50)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xd}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x3, 0x1, 0x8, 0x4, 0xff, 0x6}, {0x4, 0x0, 0x3, 0xa159, 0x1000, 0x7}, 0x3, 0x8, 0x41e}}, @TCA_TBF_PTAB={0x404, 0x3, [0x104, 0x2, 0xc, 0xfff, 0x0, 0x8ba, 0xa1, 0x4d91, 0x7fffffff, 0x63c4, 0x0, 0x7ffd, 0x400, 0x255, 0x6, 0xc, 0xd81, 0x3, 0xa, 0xa, 0x7, 0x6, 0xc, 0x200, 0xfffffffd, 0x5, 0xb96, 0x7, 0x0, 0xffffffff, 0x200, 0x3, 0x80000001, 0x7c, 0xfffffffc, 0x5, 0x3, 0x2, 0x8, 0x6, 0x1, 0xd, 0x80, 0x400, 0x80, 0x90000010, 0x3800000, 0x0, 0xfffff30b, 0x0, 0xf6, 0x81, 0xfffffffa, 0x80, 0x101, 0x3f, 0xfffffbff, 0x36a5, 0x4, 0x6, 0x200, 0x1ba, 0x9, 0xab, 0x6, 0xfffffff7, 0x6, 0x0, 0x3, 0x1, 0x963, 0x1ff, 0x2, 0xfffffffd, 0x6, 0x5, 0x0, 0x3, 0x0, 0xb09, 0x3ff, 0xa, 0x8000, 0x4, 0x8, 0x1000, 0x101, 0x5, 0x3, 0x6, 0x9, 0x3, 0x1, 0x80, 0x10008e, 0x80000005, 0xfffff76b, 0x0, 0x7, 0x4275c4e9, 0xb53, 0x5, 0x800, 0x4, 0x955, 0x5, 0x6cdf139e, 0x9, 0x3, 0x5, 0x10001, 0xff, 0x80000001, 0xed2, 0x5, 0xfffffffa, 0x10002, 0x18d0, 0x0, 0x3, 0x9486, 0x80, 0x5, 0x80000000, 0xdb, 0x3, 0x80, 0xffbf7ffc, 0x5, 0x8, 0x7, 0x1, 0x2, 0x8008, 0x2, 0x8, 0x2, 0x81, 0x3, 0x1, 0x6bf, 0x7, 0xea, 0x4, 0xc1, 0x2, 0x40, 0x5, 0x27f, 0x200, 0x7, 0x40, 0x7, 0x4, 0x7, 0xff, 0x400, 0x8, 0x7fffffff, 0xfffffff8, 0x8, 0xfffffff4, 0x8, 0xc, 0x96, 0x6, 0x104, 0x62cc, 0x2, 0x7, 0x2eb7, 0x10001, 0xcbf, 0x10000, 0x101, 0x9, 0xfffffffa, 0x1, 0x8, 0x7, 0x8001, 0xf, 0x5, 0x8, 0x8d, 0xfffffffb, 0x2, 0x7, 0x1, 0x61, 0xffffffff, 0x494, 0xb, 0x1, 0x1, 0xd1, 0xd, 0x9, 0x1002, 0xffffffff, 0x6, 0x3, 0xfffffffb, 0xffff, 0xff, 0x5, 0xe, 0x401, 0x2, 0x8cc5, 0x8, 0x159, 0xfffffff7, 0x81, 0x382ae49d, 0x9, 0xffffffff, 0xffdf, 0xdf3b, 0x8d, 0x6, 0xfffffef7, 0x89c3, 0x6319da67, 0x5, 0x9, 0x2, 0xfffff801, 0x0, 0x5, 0x5, 0x7, 0x7, 0x7f, 0x7, 0x1, 0x0, 0xffffffff, 0xdfed, 0xb, 0x77, 0x7, 0xff, 0xb331, 0x9, 0x6, 0x9, 0x7, 0x5, 0x400, 0x10001, 0x1, 0x800, 0x6000, 0xfe000000, 0xfffffffd]}]}}]}, 0x45c}}, 0x0)

3.851988251s ago: executing program 1 (id=6736):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r2, 0x0, 0x0}, 0x20)

3.795625298s ago: executing program 0 (id=6737):
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x802)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x7a, 0x0, &(0x7f0000000040))
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x7d, &(0x7f0000000040), &(0x7f0000000100)=0x8)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000100)='affs\x00', 0x200000, 0x0)
syz_pidfd_open(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="8c00e019000be152e90c8ea737cacf186ea5d8d300ab497d2de8c77dfa61ea39b48667b2110a36f12113ab914d5387547853137a42490e3707000000cedc29c334b5ab059bcaa828fb38b48079d8950e61fea7283d1ffd00"/98, @ANYBLOB="00000000000000006c0012800e00010069703665727370616e000000580002"], 0x8c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfffffffffffffc87, &(0x7f0000000240)={&(0x7f00000003c0)=@deltaction={0x114, 0x31, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x28, 0x1, [{0xa, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffe}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}, @TCA_ACT_TAB={0x4c, 0x1, [{0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x9}}, {0x10, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x334}}, {0x10, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}, @TCA_ACT_TAB={0x78, 0x1, [{0xc, 0x819, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x40}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fffffff}}, {0x9, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @TCA_ACT_TAB={0x14, 0x1, [{0x10, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x2}}]}]}, 0x114}, 0x1, 0x0, 0x0, 0xc}, 0x4c0)

3.261454968s ago: executing program 3 (id=6738):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x800}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
r7 = syz_io_uring_setup(0x3bd4, &(0x7f0000000180)={0x0, 0xcc19, 0x130c8, 0x6, 0x30e}, &(0x7f0000000100), &(0x7f0000000200))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r7, 0xb, &(0x7f0000001080)=[@ioring_restriction_sqe_op, @ioring_restriction_sqe_flags_required={0x3, 0x11}], 0x2)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r7, 0xc, 0x0, 0x0)
io_uring_enter(r7, 0x2e6f, 0x8555, 0x2, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_uring_enter(r2, 0x7277, 0x0, 0x0, 0x0, 0x0)

2.944825406s ago: executing program 2 (id=6739):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = semget$private(0x0, 0x6, 0x0)
semtimedop(r2, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(r2, &(0x7f0000000040)=[{0x4, 0x1, 0x3800}, {0x85dcd55b49c0b1ee, 0x3, 0x1000}, {0x3, 0x7fff, 0x1800}, {0x1, 0x8, 0x1000}, {0x0, 0x3, 0x800}, {0x4, 0x5ee9, 0x1000}, {0x1, 0x76, 0x1800}, {0x0, 0x0, 0x1000}, {0x4, 0xf72, 0x1000}], 0x9)
semop(r2, &(0x7f0000001240)=[{}, {0x2, 0x0, 0x2000}], 0x2)
semctl$IPC_RMID(r2, 0x0, 0x0)
semctl$IPC_RMID(r2, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, 0x0, 0x0, 0x2018081, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r5, 0x58, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0x10, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xe}, {0x1ffdf, 0xe}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000)
ioctl$SG_BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x1, 0xcf9b, 0x0, 0x4, 0x80000000, r1})

2.325485805s ago: executing program 0 (id=6740):
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000900)={{{@in=@broadcast, @in6=@initdev}}, {{@in6=@private0}, 0x0, @in=@dev}}, &(0x7f00000007c0)=0xe8)
r0 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x40002)
writev(r0, &(0x7f0000000c40)=[{0x0}, {&(0x7f00000005c0)="c21cfb", 0x3}, {&(0x7f00000007c0), 0x300}, {&(0x7f0000000900), 0x4000}], 0xe)

2.235703757s ago: executing program 0 (id=6741):
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040), 0x0)
setsockopt$inet6_opts(r2, 0x29, 0x39, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000001c0))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x2404c040}, 0x11)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'fo\x00', 0x3d, 0xff, 0xf}, 0x2c)
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x86dd}, @val={0x0, 0x4, 0x11, 0x4, 0x0, 0xa6b9}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x4}, 0x1, {0x8100}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0xc, 0x0, 0x0, 0x2, 0x7, 0x2}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)

1.517052294s ago: executing program 0 (id=6742):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
socket$nl_xfrm(0x10, 0x3, 0x6)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)={0xd4, 0x40, 0x107, 0x70bd29, 0x0, {0x1, 0x7c}, [@typed={0x8, 0x14c, 0x0, 0x0, @uid}, @typed={0x8, 0xd, 0x0, 0x0, @uid}, @nested={0xb0, 0x2, 0x0, 0x1, [@nested={0xaa, 0x14, 0x0, 0x1, [@generic="8dd82b463bdf4add58426fc9adceabe596475db441d39020e420226182db56ea8648a986be40f7c31efb2b32800b525c92a7a54690de4e42972e6539b700f1e9dc666872ffce0399255d5a20a71fbc1c40e939e4fcecb1c8bff88336b6b01a037a410ff026fd3879385d87f6fdb685d6f970a3df8c0e1d67927058b1ac05db14927d56e0a7aff8216fc7ee49b97c4af8c14b7141539534ddeccbf3892425f6b6f38f70fc6883"]}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
socket(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000340)=@newsa={0x184, 0x10, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@local, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x14, 0x6c}, @in=@empty=0x14, {0x0, 0x800000000, 0x0, 0xfffffff7ffffffff, 0x0, 0x0, 0x1000000000000000}, {0x0, 0x4}, {}, 0x80000000, 0x0, 0x2, 0x1, 0x6, 0x2c}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_aead={0x4c, 0x12, {{'authencesn(blake2s-224-x86,xts-aes-neon)\x00'}, 0x0, 0x60}}]}, 0x184}, 0x1, 0x0, 0x0, 0x4004050}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x8}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @log={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOG_GROUP={0x6, 0x1, 0x1, 0x0, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)

1.348009208s ago: executing program 1 (id=6743):
setsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000180)=[{0x3, 0xf, 0x9, 0x7}, {0xbffe, 0x7, 0x1, 0x80}, {0xf000, 0x24, 0x0, 0x1ff}]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x141301)
ioctl$USBDEVFS_CLEAR_HALT(r2, 0x80045515, 0x0)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x3)
r3 = fsopen(&(0x7f00000000c0)='msdos\x00', 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x8)
r6 = openat$cgroup_ro(r5, 0x0, 0x275a, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
dup2(r7, r6)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r6, 0x0)
mbind(&(0x7f0000000000/0x1000)=nil, 0x3000, 0x2, &(0x7f0000000300)=0x2, 0x7797, 0x3)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000280)="1400000016001963d25a80648c56915a1974a8d9", 0x14}], 0x1}, 0x44050)
recvmsg(r8, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x10020)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r4, 0x3b82, &(0x7f00000000c0)={0x18, 0x0, 0x2, 0x0, &(0x7f0000000280)=[{0x7ffd, 0xffffffffffffffff}, {0xffffffffffffffff, 0x69b7}]})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000000)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1})
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000b00)='\xbf%#\x00', 0x0)

1.347542509s ago: executing program 2 (id=6744):
socket$unix(0x1, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x5, 0x0, 0xb49, 0x9, 0xdbc8, 0x2, 0x3}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000680)={0xa, 0x4e24, 0xfffffffe, @mcast2, 0x20002}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x14e22, 0xfffffff8, @ipv4}, 0x1c)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x4040)
setsockopt$inet_udp_int(r2, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
sendmmsg$inet(r2, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, 0x0, 0x0)
sendto$inet(r2, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa1", 0x467, 0x6000000000000000, 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x22)
unshare(0x62040200)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902"], 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, 0x0, 0x4040010)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})

1.28218013s ago: executing program 3 (id=6745):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xa, 0x4, &(0x7f0000006680))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x14, 0x26, 0x1, 0x70bd25, 0x25dfdbfc, {0x7}}, 0x14}}, 0x2400e844)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000004c00)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000a80)={{0x0, 0x5, 0x0, 0x7, 0xfe54, 0x0, 0x200, 0x7f, 0x3, 0x9, 0x9, 0x9, 0x7, 0xa4, 0x8}})
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f0000001b40)={{0x0, 0x8, 0x11, 0xd751, 0x7, 0x6, 0x200004, 0x7, 0x1003, 0xd3f, 0x5, 0x8, 0xfffffffffffffc00, 0x101, 0xffffffffffffff7f}})
close_range(r0, 0xffffffffffffffff, 0x0)

903.103684ms ago: executing program 3 (id=6746):
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x208000, 0x0)

780.150909ms ago: executing program 3 (id=6747):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000001010400000000141a000002000010240001801400018008000100e000000108000200e00000010c00028005000100000000001800028014000180080001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={0x0, 0xa4}}, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x11, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300"], 0x122}}, 0x0)

232.257098ms ago: executing program 4 (id=6748):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004bec0220a20603008cb4010203010902120001000000000904"], 0x0)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x4040844)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000180)="9c1613cf195e48d5ea6cd59081dc61f97af86a3a4ffcf98a25626711a810ee17c828a5bad167fccd3d64e6c1a1ba979e7be260e8903ccd39eb9a5d38431ad4764e873fbd6d3128d5a7b8a4c57df9df29fcc878ca34e2e0748cea0cb0b46d9b2291137dda1c0373b8e8b16071f69e5d31c617fa35222d948879f5df9c326650", 0x7f, r1)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x7fff}, 0x2}, 0x1c)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r3)
r4 = syz_open_dev$vcsn(&(0x7f0000000280), 0x5, 0x42000)
setsockopt$WPAN_WANTACK(r4, 0x0, 0x0, &(0x7f0000000300), 0x4)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7b13000000000000201012800b00010067676e657665000010000280060005004e20000004000600"], 0x40}}, 0x40800)
socket$can_bcm(0x1d, 0x2, 0x2)
syz_open_dev$char_usb(0xc, 0xb4, 0x1800000)

116.194896ms ago: executing program 3 (id=6749):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0xfffffd10, &(0x7f0000000200)=0x2000000000006)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x9, &(0x7f0000000040)=[{0xffff, 0x4c, 0x9d, 0x800}, {0x65e, 0x6, 0x9, 0xefe}, {0xc287, 0xb, 0x3, 0x7fff}, {0x3, 0x8, 0x1, 0x8}, {0x3, 0x5, 0x8, 0x5}, {0x3, 0x6, 0xa5, 0x6}, {0xffff, 0x6, 0x5, 0x7}, {0x7, 0x3, 0x6, 0x6}, {0x800, 0x9, 0x8}]})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000000c0))
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffa000/0x4000)=nil)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x127c8, 0x0, 0xffffffffffffffff, 0x20}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000580)={r4, 0x0, 0x25, 0x2, @val=@netkit={@void, @value=r4}}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000440)={@link_local, @random, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x7, 0x2, 0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}, @address_request}}}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x3b8, 0x98, 0x0, 0x130, 0x288, 0x288, 0x320, 0x320, 0x320, 0x320, 0x320, 0x6, 0x0, {[{{@ip={@multicast1, @local, 0xffffffff, 0xff, 'team_slave_0\x00', 'pim6reg0\x00', {0xff}, {}, 0x32, 0x1, 0x8}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xffffff00, 0x0, 'ip6gre0\x00', 'veth1_virt_wifi\x00', {}, {}, 0xff, 0x3, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xa}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0xf2}}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x8}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x1, 0x3, 0x3}}}, {{@ip={@loopback, @dev={0xac, 0x14, 0x14, 0x13}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x418)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a01"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_dev$hiddev(&(0x7f0000000400), 0x0, 0x100)
ioctl$HIDIOCSREPORT(r7, 0x400c4808, &(0x7f0000000480)={0x1, 0xffffffff, 0x1})
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044050}, 0x0)

0s ago: executing program 0 (id=6750):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0002}]})
rt_sigtimedwait(&(0x7f0000000140)={[0xfffffffffffffff7]}, 0x0, 0x0, 0x8)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xd}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x3, 0x1, 0x8, 0x4, 0xff, 0x6}, {0x4, 0x0, 0x3, 0xa159, 0x1000, 0x7}, 0x3, 0x8, 0x41e}}, @TCA_TBF_PTAB={0x404, 0x3, [0x104, 0x2, 0xc, 0xfff, 0x0, 0x8ba, 0xa1, 0x4d91, 0x7fffffff, 0x63c4, 0x0, 0x7ffd, 0x400, 0x255, 0x6, 0xc, 0xd81, 0x3, 0xa, 0xa, 0x7, 0x6, 0xc, 0x200, 0xfffffffd, 0x5, 0xb96, 0x7, 0x0, 0xffffffff, 0x200, 0x3, 0x80000001, 0x7c, 0xfffffffc, 0x5, 0x3, 0x2, 0x8, 0x6, 0x1, 0xd, 0x80, 0x400, 0x80, 0x90000010, 0x3800000, 0x0, 0xfffff30b, 0x0, 0xf6, 0x81, 0xfffffffa, 0x80, 0x101, 0x3f, 0xfffffbff, 0x36a5, 0x4, 0x6, 0x200, 0x1ba, 0x9, 0xab, 0x6, 0xfffffff7, 0x6, 0x0, 0x3, 0x1, 0x963, 0x1ff, 0x2, 0xfffffffd, 0x6, 0x5, 0x0, 0x3, 0x0, 0xb09, 0x3ff, 0xa, 0x8000, 0x4, 0x8, 0x1000, 0x101, 0x5, 0x3, 0x6, 0x9, 0x3, 0x1, 0x80, 0x10008e, 0x80000005, 0xfffff76b, 0x0, 0x7, 0x4275c4e9, 0xb53, 0x5, 0x800, 0x4, 0x955, 0x5, 0x6cdf139e, 0x9, 0x3, 0x5, 0x10001, 0xff, 0x80000001, 0xed2, 0x5, 0xfffffffa, 0x10002, 0x18d0, 0x0, 0x3, 0x9486, 0x80, 0x5, 0x80000000, 0xdb, 0x3, 0x80, 0xffbf7ffc, 0x5, 0x8, 0x7, 0x1, 0x2, 0x8008, 0x2, 0x8, 0x2, 0x81, 0x3, 0x1, 0x6bf, 0x7, 0xea, 0x4, 0xc1, 0x2, 0x40, 0x5, 0x27f, 0x200, 0x7, 0x40, 0x7, 0x4, 0x7, 0xff, 0x400, 0x8, 0x7fffffff, 0xfffffff8, 0x8, 0xfffffff4, 0x8, 0xc, 0x96, 0x6, 0x104, 0x62cc, 0x2, 0x7, 0x2eb7, 0x10001, 0xcbf, 0x10000, 0x101, 0x9, 0xfffffffa, 0x1, 0x8, 0x7, 0x8001, 0xf, 0x5, 0x8, 0x8d, 0xfffffffb, 0x2, 0x7, 0x1, 0x61, 0xffffffff, 0x494, 0xb, 0x1, 0x1, 0xd1, 0xd, 0x9, 0x1002, 0xffffffff, 0x6, 0x3, 0xfffffffb, 0xffff, 0xff, 0x5, 0xe, 0x401, 0x2, 0x8cc5, 0x8, 0x159, 0xfffffff7, 0x81, 0x382ae49d, 0x9, 0xffffffff, 0xffdf, 0xdf3b, 0x8d, 0x6, 0xfffffef7, 0x89c3, 0x6319da67, 0x5, 0x9, 0x2, 0xfffff801, 0x0, 0x5, 0x5, 0x7, 0x7, 0x7f, 0x7, 0x1, 0x0, 0xffffffff, 0xdfed, 0xb, 0x77, 0x7, 0xff, 0xb331, 0x9, 0x6, 0x9, 0x7, 0x5, 0x400, 0x10001, 0x1, 0x800, 0x6000, 0xfe000000, 0xfffffffd]}]}}]}, 0x45c}}, 0x0)

kernel console output (not intermixed with test programs):

T18126] usb 3-1: Manufacturer: syz
[ 1584.088826][T18126] usb 3-1: SerialNumber: syz
[ 1584.102160][T18126] usb 3-1: config 0 descriptor??
[ 1584.751609][ T5827] block nbd0: Receive control failed (result -22)
[ 1584.790365][T28360] nbd0: detected capacity change from 0 to 32
[ 1584.801665][T28174] block nbd0: Dead connection, failed to find a fallback
[ 1584.809337][T28174] block nbd0: shutting down sockets
[ 1584.877184][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1584.950583][T28174] buffer_io_error: 328 callbacks suppressed
[ 1584.950621][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1585.109420][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1585.182447][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1585.235831][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1585.317254][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1585.385554][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1585.547463][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1586.058410][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1586.118319][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1587.257699][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1587.276133][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1587.290394][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1587.299857][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1587.580164][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1587.590227][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1587.608563][T28174] ldm_validate_partition_table(): Disk read failed.
[ 1587.618439][T18126] usb 3-1: USB disconnect, device number 3
[ 1587.624838][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1587.634600][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1587.658891][T28174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1588.279142][T28174] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1588.384356][T28174] Dev nbd0: unable to read RDB block 0
[ 1588.390730][T28174]  nbd0: unable to read partition table
[ 1588.642554][T28174] ldm_validate_partition_table(): Disk read failed.
[ 1588.649208][T28174] Dev nbd0: unable to read RDB block 0
[ 1588.667828][T28174]  nbd0: unable to read partition table
[ 1590.610215][T18126] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 1591.106371][T18126] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1591.116231][T18126] usb 1-1: config 4 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1591.506062][T18126] usb 1-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1591.792546][T28434] netlink: 'syz.1.6249': attribute type 4 has an invalid length.
[ 1592.140470][T18126] usb 1-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[ 1592.167573][T18126] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1592.185149][T18126] usb 1-1: Product: syz
[ 1592.200198][T18126] usb 1-1: Manufacturer: syz
[ 1592.213744][T18126] usb 1-1: SerialNumber: syz
[ 1592.247033][T18126] usblp0: Disabling reads from problematic bidirectional printer
[ 1592.859863][T18126] usblp 1-1:4.0: usblp0: USB Unidirectional printer dev 109 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004
[ 1592.886950][T18126] usb 1-1: USB disconnect, device number 109
[ 1592.928649][T18126] usblp0: removed
[ 1593.650141][T18126] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 1594.384617][T18126] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1594.420140][T18126] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1594.467617][T18126] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1594.492169][T18126] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1594.536472][T18126] usb 3-1: Manufacturer: syz
[ 1594.559935][T18126] usb 3-1: config 0 descriptor??
[ 1594.660255][T27024] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[ 1594.864484][T27024] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1594.876837][T27024] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1594.887920][T27024] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1594.897123][T27024] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1594.920930][T27024] usb 1-1: Manufacturer: syz
[ 1594.969206][T27024] usb 1-1: config 0 descriptor??
[ 1595.620088][T25574] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1595.657634][T28455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6255'.
[ 1595.771571][T25574] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1595.791165][T18126] uclogic 0003:256C:006D.0068: failed retrieving string descriptor #100: -71
[ 1595.804250][T25574] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1595.804262][T18126] uclogic 0003:256C:006D.0068: failed retrieving pen parameters: -71
[ 1595.804280][T18126] uclogic 0003:256C:006D.0068: failed probing pen v1 parameters: -71
[ 1595.832330][T18126] uclogic 0003:256C:006D.0068: failed probing parameters: -71
[ 1595.841557][T18126] uclogic 0003:256C:006D.0068: probe with driver uclogic failed with error -71
[ 1595.854248][T25574] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1595.855435][T18126] usb 3-1: USB disconnect, device number 4
[ 1595.872534][T25574] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1595.901378][T25574] usb 5-1: Manufacturer: syz
[ 1595.908607][T25574] usb 5-1: config 0 descriptor??
[ 1596.053815][T28460] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6256'.
[ 1596.701392][T27024] uclogic 0003:256C:006D.0069: failed retrieving string descriptor #100: -71
[ 1596.711092][T27024] uclogic 0003:256C:006D.0069: failed retrieving pen parameters: -71
[ 1596.729658][T27024] uclogic 0003:256C:006D.0069: failed probing pen v1 parameters: -71
[ 1596.746603][T27024] uclogic 0003:256C:006D.0069: failed probing parameters: -71
[ 1596.759155][T27024] uclogic 0003:256C:006D.0069: probe with driver uclogic failed with error -71
[ 1596.776758][T27024] usb 1-1: USB disconnect, device number 110
[ 1597.288917][T28474] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6258'.
[ 1597.382549][T25574] uclogic 0003:256C:006D.006A: failed retrieving string descriptor #100: -71
[ 1597.392511][T25574] uclogic 0003:256C:006D.006A: failed retrieving pen parameters: -71
[ 1597.400881][T25574] uclogic 0003:256C:006D.006A: failed probing pen v1 parameters: -71
[ 1597.408963][T25574] uclogic 0003:256C:006D.006A: failed probing parameters: -71
[ 1597.455757][T25574] uclogic 0003:256C:006D.006A: probe with driver uclogic failed with error -71
[ 1597.473358][T25574] usb 5-1: USB disconnect, device number 16
[ 1597.612854][T28492] netlink: 'syz.0.6264': attribute type 4 has an invalid length.
[ 1598.010090][T18126] usb 1-1: new high-speed USB device number 111 using dummy_hcd
[ 1598.021584][T28497] netlink: 'syz.2.6265': attribute type 4 has an invalid length.
[ 1598.360150][T18126] usb 1-1: Using ep0 maxpacket: 16
[ 1598.778284][T18126] usb 1-1: config 0 has no interfaces?
[ 1598.795012][T18126] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1598.815878][T18126] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1598.830086][T18126] usb 1-1: Manufacturer: syz
[ 1598.945266][T18126] usb 1-1: config 0 descriptor??
[ 1599.080133][T27024] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1599.240284][T27024] usb 3-1: Using ep0 maxpacket: 16
[ 1600.440167][T27024] usb 3-1: config 0 has no interfaces?
[ 1600.560897][T27024] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1600.569958][T27024] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1600.712449][T27024] usb 3-1: Manufacturer: syz
[ 1600.881652][T27024] usb 3-1: config 0 descriptor??
[ 1601.000096][T27024] usb 3-1: can't set config #0, error -71
[ 1601.009925][T27024] usb 3-1: USB disconnect, device number 5
[ 1602.078649][T27024] usb 1-1: USB disconnect, device number 111
[ 1602.286197][T27024] hid-generic 0000:0000:0000.006B: unknown main item tag 0x0
[ 1602.475492][T27024] hid-generic 0000:0000:0000.006B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1602.613469][T28547] ALSA: mixer_oss: invalid OSS volume ''
[ 1602.688913][ T5813] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1602.701844][ T5813] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1602.709552][ T5813] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1602.717276][ T5813] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1602.724748][ T5813] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1602.775087][T28545] fido_id[28545]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1603.725908][T28555] netlink: 'syz.1.6272': attribute type 4 has an invalid length.
[ 1603.734923][T28555] netlink: 152 bytes leftover after parsing attributes in process `syz.1.6272'.
[ 1603.815108][T20944] .`: (slave syz_tun): Releasing backup interface
[ 1604.200101][ T7817] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1604.420820][ T7817] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1604.516502][T28549] chnl_net:caif_netlink_parms(): no params data found
[ 1604.520534][ T7817] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1604.678513][ T7817] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1604.800136][ T5813] Bluetooth: hci0: command tx timeout
[ 1604.860124][ T7817] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1604.869850][ T7817] usb 3-1: Manufacturer: syz
[ 1604.890974][ T7817] usb 3-1: config 0 descriptor??
[ 1604.960773][T28549] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1605.044596][T28549] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1605.051848][T28549] bridge_slave_0: entered allmulticast mode
[ 1605.058558][T28549] bridge_slave_0: entered promiscuous mode
[ 1605.349706][T28549] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1605.364402][T28549] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1605.380274][T28549] bridge_slave_1: entered allmulticast mode
[ 1605.387475][T28549] bridge_slave_1: entered promiscuous mode
[ 1605.492146][T28549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1605.511419][T28549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1605.702726][T28549] team0: Port device team_slave_0 added
[ 1605.744603][T28549] team0: Port device team_slave_1 added
[ 1605.958058][T28557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6279'.
[ 1606.095527][ T7817] uclogic 0003:256C:006D.006C: failed retrieving string descriptor #100: -71
[ 1606.105488][ T7817] uclogic 0003:256C:006D.006C: failed retrieving pen parameters: -71
[ 1606.116451][ T7817] uclogic 0003:256C:006D.006C: failed probing pen v1 parameters: -71
[ 1606.138499][ T7817] uclogic 0003:256C:006D.006C: failed probing parameters: -71
[ 1606.158520][ T7817] uclogic 0003:256C:006D.006C: probe with driver uclogic failed with error -71
[ 1606.417609][ T7817] usb 3-1: USB disconnect, device number 6
[ 1606.474890][T28594] netlink: 'syz.0.6286': attribute type 4 has an invalid length.
[ 1606.883622][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1606.889912][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1606.896349][ T5827] Bluetooth: hci0: command tx timeout
[ 1607.050598][T25574] usb 1-1: new high-speed USB device number 112 using dummy_hcd
[ 1607.110110][T27024] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1607.213015][ T3828] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1607.223703][ T3828] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1607.230098][T25574] usb 1-1: Using ep0 maxpacket: 16
[ 1607.238881][ T3828] .` (unregistering): (slave team0): Releasing backup interface
[ 1607.255385][ T3828] .` (unregistering): Released all slaves
[ 1607.264009][T25574] usb 1-1: config 0 has no interfaces?
[ 1607.277364][T25574] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1607.287744][T27024] usb 3-1: config 4 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1607.314784][T25574] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1607.325726][T27024] usb 3-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1607.454143][T25574] usb 1-1: Manufacturer: syz
[ 1607.462544][T25574] usb 1-1: config 0 descriptor??
[ 1607.470423][T27024] usb 3-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[ 1607.482466][T27024] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1607.490667][T27024] usb 3-1: Product: syz
[ 1607.494855][T27024] usb 3-1: Manufacturer: syz
[ 1607.500753][T27024] usb 3-1: SerialNumber: syz
[ 1607.779586][ T3828] bond0 (unregistering): Released all slaves
[ 1608.622251][ T3828] bond1 (unregistering): Released all slaves
[ 1608.740389][ T7817] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 1608.752493][ T3828] bond2 (unregistering): Released all slaves
[ 1608.812995][T28549] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1608.838297][T28549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1608.906962][ T7817] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1608.940973][ T7817] usb 4-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1608.960143][ T5827] Bluetooth: hci0: command tx timeout
[ 1608.960923][T28549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1608.996264][ T7817] usb 4-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[ 1609.018061][ T7817] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1609.047063][T28549] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1609.054712][ T7817] usb 4-1: Product: syz
[ 1609.058933][ T7817] usb 4-1: Manufacturer: syz
[ 1609.074293][T28549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1609.100912][ T7817] usb 4-1: SerialNumber: syz
[ 1609.127004][T28549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1610.377528][T27024] usb 3-1: USB disconnect, device number 7
[ 1611.041379][ T5827] Bluetooth: hci0: command tx timeout
[ 1611.321613][T28549] hsr_slave_0: entered promiscuous mode
[ 1611.331842][T27024] usb 4-1: USB disconnect, device number 111
[ 1611.345415][T28549] hsr_slave_1: entered promiscuous mode
[ 1611.358421][T28549] debugfs: 'hsr0' already exists in 'hsr'
[ 1611.383318][T28549] Cannot create hsr debugfs directory
[ 1611.418082][ T3828] hsr_slave_0: left promiscuous mode
[ 1611.431382][ T3828] hsr_slave_1: left promiscuous mode
[ 1611.437315][ T3828] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1611.460133][ T3828] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1611.827881][T28658] netlink: 'syz.2.6296': attribute type 4 has an invalid length.
[ 1611.965831][ T3828] team0 (unregistering): Port device team_slave_1 removed
[ 1612.393848][ T3828] team0 (unregistering): Port device team_slave_0 removed
[ 1612.590084][ T7817] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1612.762811][ T7817] usb 3-1: Using ep0 maxpacket: 16
[ 1612.803427][ T7817] usb 3-1: config 0 has no interfaces?
[ 1612.834286][ T7817] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1612.848386][ T7817] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1612.861000][ T7817] usb 3-1: Manufacturer: syz
[ 1612.879433][ T7817] usb 3-1: config 0 descriptor??
[ 1613.016367][ T7817] usb 1-1: USB disconnect, device number 112
[ 1613.350428][ T3828] IPVS: stop unused estimator thread 0...
[ 1613.402382][ T7817] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 1613.577242][ T7817] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1613.596970][ T7817] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1613.626962][ T7817] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[ 1613.653157][ T7817] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1613.701694][ T7817] usb 1-1: config 0 descriptor??
[ 1613.744963][ T7817] usb-storage 1-1:0.0: USB Mass Storage device detected
[ 1613.775029][ T7817] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[ 1613.868311][T28549] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1613.888586][T28549] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1613.898773][T28549] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1613.908646][T28549] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1613.999579][T27024] usb 1-1: USB disconnect, device number 113
[ 1614.065680][T28549] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1614.100519][T28549] 8021q: adding VLAN 0 to HW filter on device team0
[ 1614.131112][ T3828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1614.138160][ T3828] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1614.270459][ T3828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1614.277570][ T3828] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1614.706737][ T7817] usb 3-1: USB disconnect, device number 8
[ 1614.889645][T28549] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1616.466631][T28549] veth0_vlan: entered promiscuous mode
[ 1616.562706][T28549] veth1_vlan: entered promiscuous mode
[ 1616.607610][T28549] veth0_macvtap: entered promiscuous mode
[ 1616.640991][T28549] veth1_macvtap: entered promiscuous mode
[ 1617.236106][T28549] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1617.368864][T28549] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1617.438235][T26761] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1617.500067][T26761] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1617.536956][T26761] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1617.724692][T26761] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.135416][T28798] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6311'.
[ 1619.188086][T14757] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.199210][T14757] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1619.313798][T26761] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.335660][T26761] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1620.404682][T28822] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6314'.
[ 1627.272332][T28899] netlink: 'syz.4.6330': attribute type 4 has an invalid length.
[ 1628.005806][T28894] ALSA: mixer_oss: invalid OSS volume ''
[ 1628.052339][ T8044] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1628.210114][ T8044] usb 5-1: Using ep0 maxpacket: 16
[ 1628.227739][ T8044] usb 5-1: config 0 has no interfaces?
[ 1628.677300][ T8044] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1628.702985][ T8044] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1628.720987][T28907] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1628.727573][T28907] block nbd1: shutting down sockets
[ 1628.747542][ T8044] usb 5-1: Manufacturer: syz
[ 1628.767223][ T8044] usb 5-1: config 0 descriptor??
[ 1629.270152][ T8044] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1629.432749][T28918] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6337'.
[ 1629.917169][ T8044] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1630.758994][ T8044] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1630.769654][ T8044] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1630.778809][ T8044] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1630.786824][ T8044] usb 3-1: Manufacturer: syz
[ 1630.793421][ T8044] usb 3-1: config 0 descriptor??
[ 1631.170313][ T7817] usb 5-1: USB disconnect, device number 17
[ 1632.121615][T28909] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6335'.
[ 1632.286565][ T8044] uclogic 0003:256C:006D.006D: failed retrieving string descriptor #100: -71
[ 1632.304321][ T8044] uclogic 0003:256C:006D.006D: failed retrieving pen parameters: -71
[ 1632.391176][ T8044] uclogic 0003:256C:006D.006D: failed probing pen v1 parameters: -71
[ 1632.399832][ T8044] uclogic 0003:256C:006D.006D: failed probing parameters: -71
[ 1632.408098][ T8044] uclogic 0003:256C:006D.006D: probe with driver uclogic failed with error -71
[ 1632.434634][ T8044] usb 3-1: USB disconnect, device number 9
[ 1634.133556][T28953] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1634.140169][T28953] block nbd1: shutting down sockets
[ 1634.440350][T25574] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[ 1634.580214][T16973] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[ 1634.653623][T25574] usb 1-1: Using ep0 maxpacket: 32
[ 1634.665638][T25574] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1634.678966][T25574] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1634.701312][T25574] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1634.717159][T25574] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1634.740153][T16973] usb 4-1: Using ep0 maxpacket: 16
[ 1634.749987][T16973] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1634.777945][T16973] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1634.805964][T16973] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1634.817683][T16973] usb 4-1: Product: syz
[ 1634.823514][T25574] usb 1-1: config 0 descriptor??
[ 1634.832271][T16973] usb 4-1: Manufacturer: syz
[ 1634.844727][T16973] usb 4-1: SerialNumber: syz
[ 1634.980229][T16973] usb 4-1: config 0 descriptor??
[ 1635.368997][T25574] savu 0003:1E7D:2D5A.006E: unknown main item tag 0x0
[ 1635.430422][T25574] savu 0003:1E7D:2D5A.006E: unknown main item tag 0x0
[ 1635.550209][T25574] savu 0003:1E7D:2D5A.006E: unknown main item tag 0x0
[ 1635.653359][T25574] savu 0003:1E7D:2D5A.006E: unknown main item tag 0x0
[ 1635.768652][T25574] savu 0003:1E7D:2D5A.006E: unknown main item tag 0x0
[ 1635.857275][T25574] savu 0003:1E7D:2D5A.006E: unbalanced collection at end of report description
[ 1635.993975][T25574] savu 0003:1E7D:2D5A.006E: parse failed
[ 1636.036175][T25574] savu 0003:1E7D:2D5A.006E: probe with driver savu failed with error -22
[ 1636.102410][T25574] usb 1-1: USB disconnect, device number 114
[ 1637.437476][ T8044] usb 4-1: USB disconnect, device number 112
[ 1643.897327][T25574] hid-generic 0000:0000:0000.006F: unknown main item tag 0x0
[ 1644.081678][T25574] hid-generic 0000:0000:0000.006F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1645.203475][T29068] fido_id[29068]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1645.660078][T25574] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1645.760510][ T7817] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1645.860730][T25574] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1645.870448][T25574] usb 3-1: config 4 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1645.880540][T25574] usb 3-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1645.917909][T25574] usb 3-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[ 1645.927422][T25574] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1645.932605][ T7817] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1645.971264][T25574] usb 3-1: Product: syz
[ 1645.975436][T25574] usb 3-1: Manufacturer: syz
[ 1645.980154][T25574] usb 3-1: SerialNumber: syz
[ 1645.985863][ T7817] usb 5-1: config 4 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1645.988148][T25574] usblp0: Disabling reads from problematic bidirectional printer
[ 1646.023997][ T7817] usb 5-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1646.054072][ T7817] usb 5-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[ 1646.063412][ T7817] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1646.075147][ T7817] usb 5-1: Product: syz
[ 1646.082589][ T7817] usb 5-1: Manufacturer: syz
[ 1646.122010][ T7817] usb 5-1: SerialNumber: syz
[ 1646.142683][ T7817] usblp0: Disabling reads from problematic bidirectional printer
[ 1646.443289][T25574] usblp 3-1:4.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004
[ 1647.361668][T25574] usb 3-1: USB disconnect, device number 10
[ 1649.401833][T25574] usblp0: removed
[ 1649.476994][ T7817] usblp 5-1:4.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004
[ 1650.301899][T29105] 9pnet_fd: p9_fd_create_tcp (29105): problem connecting socket to 127.0.0.1
[ 1650.536377][ T7817] usb 5-1: USB disconnect, device number 18
[ 1650.688051][ T7817] usblp0: removed
[ 1653.183174][T29145] netlink: 'syz.0.6387': attribute type 4 has an invalid length.
[ 1653.502332][T25574] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[ 1653.660060][T25574] usb 1-1: Using ep0 maxpacket: 16
[ 1653.672056][T25574] usb 1-1: config 0 has no interfaces?
[ 1653.690965][T25574] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1653.777632][T25574] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1653.900072][T25574] usb 1-1: Manufacturer: syz
[ 1654.202998][T25574] usb 1-1: config 0 descriptor??
[ 1657.494558][T29191] netlink: 'syz.3.6396': attribute type 4 has an invalid length.
[ 1657.852571][T25574] usb 1-1: USB disconnect, device number 115
[ 1658.079928][T29201] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6399'.
[ 1658.480341][T23283] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1658.488154][T16973] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 1658.644342][T23283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1658.660051][T16973] usb 4-1: Using ep0 maxpacket: 16
[ 1658.677500][T16973] usb 4-1: config 0 has no interfaces?
[ 1658.685918][T23283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1658.698418][T16973] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1658.714395][T23283] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1658.783562][T16973] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1658.799043][T23283] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1658.813280][T16973] usb 4-1: Manufacturer: syz
[ 1658.973936][T23283] usb 5-1: Manufacturer: syz
[ 1659.375477][T29213] netlink: 'syz.1.6402': attribute type 4 has an invalid length.
[ 1659.454562][T16973] usb 4-1: config 0 descriptor??
[ 1659.473365][T23283] usb 5-1: config 0 descriptor??
[ 1660.535782][T29195] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6398'.
[ 1660.731295][T23283] uclogic 0003:256C:006D.0070: failed retrieving string descriptor #100: -71
[ 1660.741188][T23283] uclogic 0003:256C:006D.0070: failed retrieving pen parameters: -71
[ 1660.749370][T23283] uclogic 0003:256C:006D.0070: failed probing pen v1 parameters: -71
[ 1660.758429][T23283] uclogic 0003:256C:006D.0070: failed probing parameters: -71
[ 1660.766260][T23283] uclogic 0003:256C:006D.0070: probe with driver uclogic failed with error -71
[ 1660.822197][T23283] usb 5-1: USB disconnect, device number 19
[ 1660.904163][T16973] usb 4-1: USB disconnect, device number 113
[ 1663.095636][T29262] FAULT_INJECTION: forcing a failure.
[ 1663.095636][T29262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1663.129815][T29247] netlink: 'syz.3.6410': attribute type 4 has an invalid length.
[ 1663.151070][T29247] netlink: 152 bytes leftover after parsing attributes in process `syz.3.6410'.
[ 1663.165303][T29262] CPU: 0 UID: 0 PID: 29262 Comm: syz.1.6415 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1663.165331][T29262] Tainted: [L]=SOFTLOCKUP
[ 1663.165337][T29262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1663.165346][T29262] Call Trace:
[ 1663.165352][T29262]  <TASK>
[ 1663.165360][T29262]  dump_stack_lvl+0x16c/0x1f0
[ 1663.165386][T29262]  should_fail_ex+0x512/0x640
[ 1663.165415][T29262]  _copy_from_user+0x2e/0xd0
[ 1663.165440][T29262]  core_sys_select+0x35b/0xc20
[ 1663.165469][T29262]  ? __pfx_core_sys_select+0x10/0x10
[ 1663.165515][T29262]  ? set_user_sigmask+0x21b/0x2b0
[ 1663.165537][T29262]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1663.165565][T29262]  do_pselect.constprop.0+0x19f/0x1e0
[ 1663.165589][T29262]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[ 1663.165621][T29262]  __x64_sys_pselect6+0x182/0x240
[ 1663.165644][T29262]  ? __pfx___x64_sys_pselect6+0x10/0x10
[ 1663.165674][T29262]  do_syscall_64+0xcd/0xf80
[ 1663.165700][T29262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1663.165717][T29262] RIP: 0033:0x7f26cd78f749
[ 1663.165731][T29262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1663.165747][T29262] RSP: 002b:00007f26ce5d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1663.165765][T29262] RAX: ffffffffffffffda RBX: 00007f26cd9e5fa0 RCX: 00007f26cd78f749
[ 1663.165776][T29262] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[ 1663.165786][T29262] RBP: 00007f26ce5d2090 R08: 0000200000000280 R09: 0000000000000000
[ 1663.165796][T29262] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[ 1663.165806][T29262] R13: 00007f26cd9e6038 R14: 00007f26cd9e5fa0 R15: 00007ffd10216698
[ 1663.165831][T29262]  </TASK>
[ 1663.362028][T29258] program syz.4.6414 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1663.499783][T29269] netlink: 'syz.1.6416': attribute type 4 has an invalid length.
[ 1663.660480][   T30] audit: type=1400 audit(1663.643:1650): avc:  denied  { bind } for  pid=29271 comm="syz.3.6417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1663.709942][T29275] FAULT_INJECTION: forcing a failure.
[ 1663.709942][T29275] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1663.724788][T29275] CPU: 1 UID: 0 PID: 29275 Comm: syz.3.6418 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1663.724815][T29275] Tainted: [L]=SOFTLOCKUP
[ 1663.724822][T29275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1663.724833][T29275] Call Trace:
[ 1663.724838][T29275]  <TASK>
[ 1663.724845][T29275]  dump_stack_lvl+0x16c/0x1f0
[ 1663.724871][T29275]  should_fail_ex+0x512/0x640
[ 1663.724901][T29275]  _copy_to_user+0x32/0xd0
[ 1663.724927][T29275]  simple_read_from_buffer+0xcb/0x170
[ 1663.724952][T29275]  proc_fail_nth_read+0x197/0x240
[ 1663.724972][T29275]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1663.724992][T29275]  ? rw_verify_area+0xcf/0x6c0
[ 1663.725011][T29275]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1663.725029][T29275]  vfs_read+0x1e4/0xcf0
[ 1663.725051][T29275]  ? __pfx___mutex_lock+0x10/0x10
[ 1663.725076][T29275]  ? __pfx_vfs_read+0x10/0x10
[ 1663.725102][T29275]  ? __fget_files+0x20e/0x3c0
[ 1663.725133][T29275]  ksys_read+0x12a/0x250
[ 1663.725153][T29275]  ? __pfx_ksys_read+0x10/0x10
[ 1663.725174][T29275]  ? fput+0x70/0xf0
[ 1663.725193][T29275]  do_syscall_64+0xcd/0xf80
[ 1663.725217][T29275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1663.725234][T29275] RIP: 0033:0x7f7700d8e15c
[ 1663.725248][T29275] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1663.725264][T29275] RSP: 002b:00007f7701ccc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1663.725280][T29275] RAX: ffffffffffffffda RBX: 00007f7700fe5fa0 RCX: 00007f7700d8e15c
[ 1663.725291][T29275] RDX: 000000000000000f RSI: 00007f7701ccc0a0 RDI: 0000000000000005
[ 1663.725301][T29275] RBP: 00007f7701ccc090 R08: 0000000000000000 R09: 0000000000000000
[ 1663.725311][T29275] R10: 000000000000004a R11: 0000000000000246 R12: 0000000000000001
[ 1663.725321][T29275] R13: 00007f7700fe6038 R14: 00007f7700fe5fa0 R15: 00007ffcf9099278
[ 1663.725352][T29275]  </TASK>
[ 1664.031312][T29276] block nbd3: shutting down sockets
[ 1664.179550][T29283] Illegal XDP return value 2007219297 on prog  (id 809) dev syz_tun, expect packet loss!
[ 1664.629038][T29288] FAULT_INJECTION: forcing a failure.
[ 1664.629038][T29288] name failslab, interval 1, probability 0, space 0, times 0
[ 1664.720057][T16973] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[ 1664.740069][T29288] CPU: 0 UID: 0 PID: 29288 Comm: syz.3.6424 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1664.740101][T29288] Tainted: [L]=SOFTLOCKUP
[ 1664.740107][T29288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1664.740117][T29288] Call Trace:
[ 1664.740124][T29288]  <TASK>
[ 1664.740131][T29288]  dump_stack_lvl+0x16c/0x1f0
[ 1664.740158][T29288]  should_fail_ex+0x512/0x640
[ 1664.740182][T29288]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1664.740204][T29288]  should_failslab+0xc2/0x120
[ 1664.740227][T29288]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1664.740247][T29288]  ? alloc_inode+0xc3/0x240
[ 1664.740270][T29288]  ? alloc_inode+0xc3/0x240
[ 1664.740288][T29288]  alloc_inode+0xc3/0x240
[ 1664.740307][T29288]  path_from_stashed+0x25b/0x750
[ 1664.740347][T29288]  open_namespace+0x8c/0x250
[ 1664.740373][T29288]  ? __pfx_open_namespace+0x10/0x10
[ 1664.740399][T29288]  ? do_raw_spin_unlock+0x172/0x230
[ 1664.740424][T29288]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1664.740446][T29288]  pidfd_ioctl+0x1274/0x40b0
[ 1664.740472][T29288]  ? __pfx_pidfd_ioctl+0x10/0x10
[ 1664.740496][T29288]  ? hook_file_ioctl_common+0x144/0x410
[ 1664.740529][T29288]  ? selinux_file_ioctl+0x180/0x270
[ 1664.740550][T29288]  ? selinux_file_ioctl+0xb4/0x270
[ 1664.740574][T29288]  ? __pfx_pidfd_ioctl+0x10/0x10
[ 1664.740599][T29288]  __x64_sys_ioctl+0x18e/0x210
[ 1664.740622][T29288]  do_syscall_64+0xcd/0xf80
[ 1664.740646][T29288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1664.740664][T29288] RIP: 0033:0x7f7700d8f749
[ 1664.740678][T29288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1664.740695][T29288] RSP: 002b:00007f7701ccc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1664.740712][T29288] RAX: ffffffffffffffda RBX: 00007f7700fe5fa0 RCX: 00007f7700d8f749
[ 1664.740723][T29288] RDX: 0000000000000000 RSI: 000000000000ff07 RDI: 0000000000000003
[ 1664.740733][T29288] RBP: 00007f7701ccc090 R08: 0000000000000000 R09: 0000000000000000
[ 1664.740743][T29288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1664.740754][T29288] R13: 00007f7700fe6038 R14: 00007f7700fe5fa0 R15: 00007ffcf9099278
[ 1664.740778][T29288]  </TASK>
[ 1665.481400][T29293] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1665.488768][T29293] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1665.563910][T16973] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1665.567257][T29293] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1665.585130][T29293] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1665.688828][T26993] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1665.744818][T26993] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1665.786370][T26993] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1665.839457][T26993] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1666.189136][T29301] FAULT_INJECTION: forcing a failure.
[ 1666.189136][T29301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1666.202723][T18126] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1666.213086][T29301] CPU: 1 UID: 0 PID: 29301 Comm: syz.2.6427 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1666.213118][T29301] Tainted: [L]=SOFTLOCKUP
[ 1666.213123][T29301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1666.213134][T29301] Call Trace:
[ 1666.213139][T29301]  <TASK>
[ 1666.213146][T29301]  dump_stack_lvl+0x16c/0x1f0
[ 1666.213173][T29301]  should_fail_ex+0x512/0x640
[ 1666.213204][T29301]  _copy_to_user+0x32/0xd0
[ 1666.213231][T29301]  sctp_getsockopt+0xd14/0x70d0
[ 1666.213260][T29301]  ? find_held_lock+0x2b/0x80
[ 1666.213287][T29301]  ? avc_has_perm_noaudit+0x117/0x3b0
[ 1666.213315][T29301]  ? __pfx_sctp_getsockopt+0x10/0x10
[ 1666.213341][T29301]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1666.213371][T29301]  ? avc_has_perm+0x144/0x1f0
[ 1666.213398][T29301]  ? __pfx_avc_has_perm+0x10/0x10
[ 1666.213422][T29301]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1666.213447][T29301]  ? __lock_acquire+0x436/0x2890
[ 1666.213471][T29301]  ? sock_has_perm+0x258/0x2f0
[ 1666.213496][T29301]  ? find_held_lock+0x2b/0x80
[ 1666.213520][T29301]  ? __might_fault+0xe3/0x190
[ 1666.213537][T29301]  ? __might_fault+0xe3/0x190
[ 1666.213552][T29301]  ? __might_fault+0x13b/0x190
[ 1666.213577][T29301]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1666.213598][T29301]  do_sock_getsockopt+0x324/0x410
[ 1666.213621][T29301]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1666.213641][T29301]  ? __fget_files+0x204/0x3c0
[ 1666.213677][T29301]  __sys_getsockopt+0x12f/0x260
[ 1666.213699][T29301]  __x64_sys_getsockopt+0xbd/0x160
[ 1666.213715][T29301]  ? do_syscall_64+0x91/0xf80
[ 1666.213735][T29301]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1666.213756][T29301]  do_syscall_64+0xcd/0xf80
[ 1666.213779][T29301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1666.213797][T29301] RIP: 0033:0x7f1d3e38f749
[ 1666.213811][T29301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1666.213827][T29301] RSP: 002b:00007f1d3f2bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1666.213845][T29301] RAX: ffffffffffffffda RBX: 00007f1d3e5e5fa0 RCX: 00007f1d3e38f749
[ 1666.213856][T29301] RDX: 0000000000000082 RSI: 0000000000000084 RDI: 0000000000000003
[ 1666.213866][T29301] RBP: 00007f1d3f2bb090 R08: 0000200000000040 R09: 0000000000000000
[ 1666.213877][T29301] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1666.213887][T29301] R13: 00007f1d3e5e6038 R14: 00007f1d3e5e5fa0 R15: 00007ffe573076c8
[ 1666.213913][T29301]  </TASK>
[ 1666.620242][T18126] usb 5-1: Using ep0 maxpacket: 32
[ 1666.630169][T18126] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1666.640478][T18126] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1666.653529][T18126] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1666.662588][T18126] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1666.719477][T16973] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1666.730167][T16973] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1666.742489][T18126] usb 5-1: config 0 descriptor??
[ 1666.753725][T16973] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1666.787701][T16973] usb 1-1: Manufacturer: syz
[ 1666.793718][T18126] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1666.851012][T16973] usb 1-1: config 0 descriptor??
[ 1667.431273][T29311] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6430'.
[ 1667.569288][T29311] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6430'.
[ 1667.570656][T16973] usbhid 1-1:0.0: can't add hid device: -71
[ 1667.611774][T29318] FAULT_INJECTION: forcing a failure.
[ 1667.611774][T29318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1667.628677][T16973] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1667.637687][T29318] CPU: 1 UID: 0 PID: 29318 Comm: syz.0.6432 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1667.637712][T29318] Tainted: [L]=SOFTLOCKUP
[ 1667.637718][T29318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1667.637728][T29318] Call Trace:
[ 1667.637734][T29318]  <TASK>
[ 1667.637741][T29318]  dump_stack_lvl+0x16c/0x1f0
[ 1667.637767][T29318]  should_fail_ex+0x512/0x640
[ 1667.637797][T29318]  _copy_from_user+0x2e/0xd0
[ 1667.637822][T29318]  io_submit_one+0xbb/0x1e70
[ 1667.637843][T29318]  ? __lock_acquire+0x436/0x2890
[ 1667.637867][T29318]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1667.637891][T29318]  ? __pfx_io_submit_one+0x10/0x10
[ 1667.637917][T29318]  ? __might_fault+0xe3/0x190
[ 1667.637932][T29318]  ? __might_fault+0x13b/0x190
[ 1667.637953][T29318]  ? __x64_sys_io_submit+0x1a9/0x370
[ 1667.637970][T29318]  __x64_sys_io_submit+0x1a9/0x370
[ 1667.637991][T29318]  ? __pfx___x64_sys_io_submit+0x10/0x10
[ 1667.638021][T29318]  do_syscall_64+0xcd/0xf80
[ 1667.638042][T29318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1667.638058][T29318] RIP: 0033:0x7f8cc858f749
[ 1667.638072][T29318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1667.638088][T29318] RSP: 002b:00007f8cc934a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 1667.638105][T29318] RAX: ffffffffffffffda RBX: 00007f8cc87e5fa0 RCX: 00007f8cc858f749
[ 1667.638117][T29318] RDX: 0000200000000180 RSI: 0000000000000001 RDI: 00007f8cc6768000
[ 1667.638127][T29318] RBP: 00007f8cc934a090 R08: 0000000000000000 R09: 0000000000000000
[ 1667.638138][T29318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1667.638148][T29318] R13: 00007f8cc87e6038 R14: 00007f8cc87e5fa0 R15: 00007ffd97a8ea38
[ 1667.638172][T29318]  </TASK>
[ 1667.662361][T16973] usb 1-1: USB disconnect, device number 116
[ 1668.075417][T29330] netlink: 'syz.3.6433': attribute type 4 has an invalid length.
[ 1668.324685][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.331335][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1668.347731][T29335] overlayfs: failed to resolve './file1': -2
[ 1668.420079][T18126] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[ 1668.650201][T18126] usb 4-1: Using ep0 maxpacket: 16
[ 1668.660715][T18126] usb 4-1: config 0 has no interfaces?
[ 1668.671017][T18126] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1668.688488][T18126] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1668.700236][T18126] usb 4-1: Manufacturer: syz
[ 1668.707796][T18126] usb 4-1: config 0 descriptor??
[ 1669.112242][ T7817] usb 5-1: USB disconnect, device number 20
[ 1669.638395][T29354] FAULT_INJECTION: forcing a failure.
[ 1669.638395][T29354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1669.680584][ T5813] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1669.694418][ T5813] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1669.704369][ T5813] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1669.730311][ T5813] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1669.737450][T29354] CPU: 0 UID: 0 PID: 29354 Comm: syz.1.6444 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1669.737475][T29354] Tainted: [L]=SOFTLOCKUP
[ 1669.737481][T29354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1669.737491][T29354] Call Trace:
[ 1669.737497][T29354]  <TASK>
[ 1669.737504][T29354]  dump_stack_lvl+0x16c/0x1f0
[ 1669.737529][T29354]  should_fail_ex+0x512/0x640
[ 1669.737557][T29354]  _copy_from_iter+0x2a4/0x16c0
[ 1669.737585][T29354]  ? __alloc_skb+0x220/0x410
[ 1669.737608][T29354]  ? __alloc_skb+0x35d/0x410
[ 1669.737628][T29354]  ? __pfx__copy_from_iter+0x10/0x10
[ 1669.737644][T29354]  ? netlink_autobind.isra.0+0x158/0x370
[ 1669.737662][T29354]  netlink_sendmsg+0x820/0xdd0
[ 1669.737677][T29354]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1669.737695][T29354]  ____sys_sendmsg+0xa5d/0xc30
[ 1669.737709][T29354]  ? copy_msghdr_from_user+0x10a/0x160
[ 1669.737720][T29354]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1669.737739][T29354]  ___sys_sendmsg+0x134/0x1d0
[ 1669.737750][T29354]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1669.737777][T29354]  __sys_sendmsg+0x16d/0x220
[ 1669.737788][T29354]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1669.737807][T29354]  do_syscall_64+0xcd/0xf80
[ 1669.737821][T29354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1669.737832][T29354] RIP: 0033:0x7f26cd78f749
[ 1669.737841][T29354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1669.737851][T29354] RSP: 002b:00007f26ce5d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1669.737862][T29354] RAX: ffffffffffffffda RBX: 00007f26cd9e5fa0 RCX: 00007f26cd78f749
[ 1669.737869][T29354] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1669.737875][T29354] RBP: 00007f26ce5d2090 R08: 0000000000000000 R09: 0000000000000000
[ 1669.737881][T29354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1669.737887][T29354] R13: 00007f26cd9e6038 R14: 00007f26cd9e5fa0 R15: 00007ffd10216698
[ 1669.737901][T29354]  </TASK>
[ 1669.738082][ T5813] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1670.015029][T21442] .`: (slave syz_tun): Releasing backup interface
[ 1670.181999][T29365] netlink: 'syz.4.6441': attribute type 4 has an invalid length.
[ 1670.189811][T29365] netlink: 152 bytes leftover after parsing attributes in process `syz.4.6441'.
[ 1670.208591][T29365] .`: renamed from bond0
[ 1670.271390][T29370] ieee802154 phy0 wpan0: encryption failed: -22
[ 1670.278347][   T30] audit: type=1400 audit(1670.253:1651): avc:  denied  { write } for  pid=29368 comm="syz.1.6447" path="socket:[121670]" dev="sockfs" ino=121670 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1671.213202][T29356] chnl_net:caif_netlink_parms(): no params data found
[ 1671.552742][T16973] usb 4-1: USB disconnect, device number 114
[ 1671.712698][T29391] netlink: 'syz.1.6450': attribute type 4 has an invalid length.
[ 1672.051517][ T5813] Bluetooth: hci2: command tx timeout
[ 1672.205975][T29356] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1672.239486][T29356] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1672.256046][T29356] bridge_slave_0: entered allmulticast mode
[ 1672.291158][T29356] bridge_slave_0: entered promiscuous mode
[ 1672.363294][T29356] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1672.383885][T29356] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1672.402531][T29356] bridge_slave_1: entered allmulticast mode
[ 1672.418859][T29356] bridge_slave_1: entered promiscuous mode
[ 1673.402278][   T30] audit: type=1400 audit(1673.383:1652): avc:  denied  { read } for  pid=29412 comm="syz.4.6456" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1673.475765][T15791] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1673.485706][T15791] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1673.498979][T15791] .` (unregistering): (slave vlan2): Releasing backup interface
[ 1673.510086][T23283] usb 1-1: new high-speed USB device number 117 using dummy_hcd
[ 1673.519155][T15791] .` (unregistering): (slave team0): Releasing backup interface
[ 1673.542281][T15791] .` (unregistering): Released all slaves
[ 1673.631537][T29356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1673.640674][T23283] usb 1-1: device descriptor read/64, error -71
[ 1673.723970][T29356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1673.877188][T29356] team0: Port device team_slave_0 added
[ 1673.890061][T23283] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[ 1673.910917][T29356] team0: Port device team_slave_1 added
[ 1673.968713][T29432] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.6459'.
[ 1673.995187][T15791] hsr_slave_0: left promiscuous mode
[ 1674.019310][T15791] hsr_slave_1: left promiscuous mode
[ 1674.028900][T15791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1674.036119][T23283] usb 1-1: device descriptor read/64, error -71
[ 1674.052656][T15791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1674.082078][ T5813] Bluetooth: hci2: command tx timeout
[ 1674.152871][T23283] usb usb1-port1: attempt power cycle
[ 1674.205827][T29438] netlink: 'syz.4.6458': attribute type 32 has an invalid length.
[ 1674.223943][T29438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6458'.
[ 1674.260102][ T7817] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[ 1674.412126][ T7817] usb 4-1: device descriptor read/64, error -71
[ 1674.520447][T23283] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[ 1674.540484][T23283] usb 1-1: device descriptor read/8, error -71
[ 1674.650073][ T7817] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[ 1674.695404][T15791] team0 (unregistering): Port device team_slave_1 removed
[ 1674.733797][T15791] team0 (unregistering): Port device team_slave_0 removed
[ 1674.780077][T23283] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[ 1674.803345][ T7817] usb 4-1: device descriptor read/64, error -71
[ 1674.810522][T23283] usb 1-1: device descriptor read/8, error -71
[ 1674.922380][T23283] usb usb1-port1: unable to enumerate USB device
[ 1674.925894][ T7817] usb usb4-port1: attempt power cycle
[ 1675.198923][T29356] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1675.206209][T29356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1675.233235][T29356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1675.263309][T29438] workqueue: Failed to create a rescuer kthread for wq "bond0": -EINTR
[ 1675.271068][T29444] : renamed from veth0_vlan
[ 1675.287902][T29356] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1675.300225][ T7817] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 1675.306637][T29356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1675.340865][ T7817] usb 4-1: device descriptor read/8, error -71
[ 1675.360287][T29356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1675.477972][T29356] hsr_slave_0: entered promiscuous mode
[ 1675.501785][T29356] hsr_slave_1: entered promiscuous mode
[ 1675.508161][T29356] debugfs: 'hsr0' already exists in 'hsr'
[ 1675.514192][T29356] Cannot create hsr debugfs directory
[ 1675.600589][ T7817] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 1675.626709][T29452] netlink: 'syz.4.6461': attribute type 4 has an invalid length.
[ 1675.711782][ T7817] usb 4-1: device descriptor read/8, error -71
[ 1675.822793][ T7817] usb usb4-port1: unable to enumerate USB device
[ 1675.824592][T15791] IPVS: stop unused estimator thread 0...
[ 1676.030863][ T7817] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1676.198119][ T5813] Bluetooth: hci2: command tx timeout
[ 1676.220051][ T7817] usb 5-1: Using ep0 maxpacket: 16
[ 1676.226780][ T7817] usb 5-1: config 0 has no interfaces?
[ 1676.233326][ T7817] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1676.242859][ T7817] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1676.252631][ T7817] usb 5-1: Manufacturer: syz
[ 1676.258773][ T7817] usb 5-1: config 0 descriptor??
[ 1677.403652][T29492] FAULT_INJECTION: forcing a failure.
[ 1677.403652][T29492] name failslab, interval 1, probability 0, space 0, times 0
[ 1677.560449][T29492] CPU: 1 UID: 0 PID: 29492 Comm: syz.3.6469 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1677.560479][T29492] Tainted: [L]=SOFTLOCKUP
[ 1677.560485][T29492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1677.560495][T29492] Call Trace:
[ 1677.560502][T29492]  <TASK>
[ 1677.560510][T29492]  dump_stack_lvl+0x16c/0x1f0
[ 1677.560537][T29492]  should_fail_ex+0x512/0x640
[ 1677.560561][T29492]  ? __kmalloc_noprof+0xca/0x910
[ 1677.560590][T29492]  should_failslab+0xc2/0x120
[ 1677.560614][T29492]  __kmalloc_noprof+0xeb/0x910
[ 1677.560639][T29492]  ? sock_kmalloc+0x111/0x170
[ 1677.560664][T29492]  ? sock_kmalloc+0x111/0x170
[ 1677.560683][T29492]  sock_kmalloc+0x111/0x170
[ 1677.560705][T29492]  af_alg_alloc_areq+0xbc/0x240
[ 1677.560726][T29492]  skcipher_recvmsg+0x314/0x1030
[ 1677.560757][T29492]  ? __pfx_skcipher_recvmsg+0x10/0x10
[ 1677.560785][T29492]  ____sys_recvmsg+0x5f9/0x6b0
[ 1677.560812][T29492]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1677.560843][T29492]  ? __lock_acquire+0x436/0x2890
[ 1677.560872][T29492]  ___sys_recvmsg+0x114/0x1a0
[ 1677.560890][T29492]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1677.560922][T29492]  ? __pfx___might_resched+0x10/0x10
[ 1677.560945][T29492]  do_recvmmsg+0x2fe/0x750
[ 1677.560971][T29492]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1677.560995][T29492]  ? __mutex_unlock_slowpath+0x161/0x790
[ 1677.561026][T29492]  ? __fget_files+0x20e/0x3c0
[ 1677.561056][T29492]  __x64_sys_recvmmsg+0x22a/0x280
[ 1677.561076][T29492]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1677.561102][T29492]  do_syscall_64+0xcd/0xf80
[ 1677.561126][T29492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1677.561143][T29492] RIP: 0033:0x7f7700d8f749
[ 1677.561159][T29492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1677.561176][T29492] RSP: 002b:00007f7701ccc038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1677.561193][T29492] RAX: ffffffffffffffda RBX: 00007f7700fe5fa0 RCX: 00007f7700d8f749
[ 1677.561205][T29492] RDX: 0000000000000002 RSI: 0000200000000d80 RDI: 0000000000000004
[ 1677.561215][T29492] RBP: 00007f7701ccc090 R08: 0000000000000000 R09: 0000000000000000
[ 1677.561226][T29492] R10: 00000000400101c3 R11: 0000000000000246 R12: 0000000000000001
[ 1677.561237][T29492] R13: 00007f7700fe6038 R14: 00007f7700fe5fa0 R15: 00007ffcf9099278
[ 1677.561262][T29492]  </TASK>
[ 1678.374690][ T5813] Bluetooth: hci2: command tx timeout
[ 1678.612120][T29507] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1678.620931][T29507] block nbd1: shutting down sockets
[ 1678.642079][T29356] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1678.714695][T29356] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1678.736015][T29511] sctp: [Deprecated]: syz.1.6472 (pid 29511) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1678.736015][T29511] Use struct sctp_sack_info instead
[ 1678.844459][T16973] usb 5-1: USB disconnect, device number 21
[ 1678.845203][T29356] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1678.875806][T29356] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1679.562564][T29531] 9pnet_virtio: no channels available for device syz
[ 1679.573310][T29356] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1679.601937][T29356] 8021q: adding VLAN 0 to HW filter on device team0
[ 1679.625072][T14757] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1679.632168][T14757] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1679.927187][T14757] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1679.934854][T14757] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1679.984570][ T5813] Bluetooth: hci5: unexpected event for opcode 0x0c03
[ 1680.250134][T25574] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1680.481441][T25574] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1680.497341][T25574] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1680.531044][T29356] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1680.534994][T25574] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1680.572037][T25574] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1680.619591][T25574] usb 5-1: Manufacturer: syz
[ 1680.664451][T25574] usb 5-1: config 0 descriptor??
[ 1680.687229][T29356] veth0_vlan: entered promiscuous mode
[ 1680.758975][T29356] veth1_vlan: entered promiscuous mode
[ 1680.888674][T29356] veth0_macvtap: entered promiscuous mode
[ 1680.933269][T29356] veth1_macvtap: entered promiscuous mode
[ 1681.036888][T29356] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1681.137371][T29356] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1681.164673][T29565] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6481'.
[ 1681.206777][ T6126] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1681.381670][ T6126] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1681.484656][ T6126] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1681.523434][ T6126] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1681.736572][T26993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1681.800406][T26993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1682.440106][ T3968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1682.450731][ T3968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1682.472014][T25574] uclogic 0003:256C:006D.0071: failed retrieving string descriptor #100: -71
[ 1682.498710][T25574] uclogic 0003:256C:006D.0071: failed retrieving pen parameters: -71
[ 1682.520593][T25574] uclogic 0003:256C:006D.0071: failed probing pen v1 parameters: -71
[ 1682.554184][T25574] uclogic 0003:256C:006D.0071: failed probing parameters: -71
[ 1682.579792][T25574] uclogic 0003:256C:006D.0071: probe with driver uclogic failed with error -71
[ 1682.615866][T25574] usb 5-1: USB disconnect, device number 22
[ 1682.771071][T29600] netlink: 'syz.1.6484': attribute type 4 has an invalid length.
[ 1684.086936][T29619] FAULT_INJECTION: forcing a failure.
[ 1684.086936][T29619] name failslab, interval 1, probability 0, space 0, times 0
[ 1684.150367][T29619] CPU: 0 UID: 0 PID: 29619 Comm: syz.0.6489 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1684.150386][T29619] Tainted: [L]=SOFTLOCKUP
[ 1684.150390][T29619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1684.150396][T29619] Call Trace:
[ 1684.150400][T29619]  <TASK>
[ 1684.150405][T29619]  dump_stack_lvl+0x16c/0x1f0
[ 1684.150422][T29619]  should_fail_ex+0x512/0x640
[ 1684.150438][T29619]  ? fs_reclaim_acquire+0xae/0x150
[ 1684.150455][T29619]  should_failslab+0xc2/0x120
[ 1684.150470][T29619]  __kmalloc_noprof+0xeb/0x910
[ 1684.150486][T29619]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1684.150504][T29619]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1684.150518][T29619]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1684.150533][T29619]  ? tomoyo_profile+0x47/0x60
[ 1684.150550][T29619]  tomoyo_path_number_perm+0x245/0x580
[ 1684.150562][T29619]  ? tomoyo_path_number_perm+0x237/0x580
[ 1684.150575][T29619]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1684.150588][T29619]  ? find_held_lock+0x2b/0x80
[ 1684.150618][T29619]  ? find_held_lock+0x2b/0x80
[ 1684.150633][T29619]  ? hook_file_ioctl_common+0x144/0x410
[ 1684.150652][T29619]  ? __fget_files+0x20e/0x3c0
[ 1684.150670][T29619]  security_file_ioctl+0x9b/0x240
[ 1684.150685][T29619]  __x64_sys_ioctl+0xb7/0x210
[ 1684.150698][T29619]  do_syscall_64+0xcd/0xf80
[ 1684.150713][T29619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1684.150724][T29619] RIP: 0033:0x7f8cc858f749
[ 1684.150733][T29619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1684.150743][T29619] RSP: 002b:00007f8cc934a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1684.150753][T29619] RAX: ffffffffffffffda RBX: 00007f8cc87e5fa0 RCX: 00007f8cc858f749
[ 1684.150760][T29619] RDX: 00002000000003c0 RSI: 00000000000089e7 RDI: 0000000000000004
[ 1684.150766][T29619] RBP: 00007f8cc934a090 R08: 0000000000000000 R09: 0000000000000000
[ 1684.150772][T29619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1684.150778][T29619] R13: 00007f8cc87e6038 R14: 00007f8cc87e5fa0 R15: 00007ffd97a8ea38
[ 1684.150795][T29619]  </TASK>
[ 1684.150829][T29619] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1685.036018][T16973] IPVS: starting estimator thread 0...
[ 1685.160096][T29626] IPVS: using max 53 ests per chain, 127200 per kthread
[ 1686.620103][T16973] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1686.982974][T16973] usb 3-1: Using ep0 maxpacket: 8
[ 1687.366003][T16973] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1687.411004][T16973] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1687.451003][T29665] FAULT_INJECTION: forcing a failure.
[ 1687.451003][T29665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1687.481451][T16973] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1687.490589][T29665] CPU: 0 UID: 0 PID: 29665 Comm: syz.3.6503 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1687.490614][T29665] Tainted: [L]=SOFTLOCKUP
[ 1687.490618][T29665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1687.490624][T29665] Call Trace:
[ 1687.490628][T29665]  <TASK>
[ 1687.490632][T29665]  dump_stack_lvl+0x16c/0x1f0
[ 1687.490649][T29665]  should_fail_ex+0x512/0x640
[ 1687.490668][T29665]  _copy_from_iter+0x43b/0x16c0
[ 1687.490685][T29665]  ? __alloc_skb+0x35d/0x410
[ 1687.490701][T29665]  ? __pfx__copy_from_iter+0x10/0x10
[ 1687.490717][T29665]  ? netlink_autobind.isra.0+0x158/0x370
[ 1687.490735][T29665]  netlink_sendmsg+0x820/0xdd0
[ 1687.490750][T29665]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1687.490768][T29665]  ____sys_sendmsg+0xa5d/0xc30
[ 1687.490782][T29665]  ? copy_msghdr_from_user+0x10a/0x160
[ 1687.490792][T29665]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1687.490811][T29665]  ___sys_sendmsg+0x134/0x1d0
[ 1687.490822][T29665]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1687.490848][T29665]  __sys_sendmsg+0x16d/0x220
[ 1687.490859][T29665]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1687.490878][T29665]  do_syscall_64+0xcd/0xf80
[ 1687.490892][T29665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1687.490904][T29665] RIP: 0033:0x7f7700d8f749
[ 1687.490912][T29665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1687.490923][T29665] RSP: 002b:00007f7701ccc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1687.490933][T29665] RAX: ffffffffffffffda RBX: 00007f7700fe5fa0 RCX: 00007f7700d8f749
[ 1687.490939][T29665] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[ 1687.490945][T29665] RBP: 00007f7701ccc090 R08: 0000000000000000 R09: 0000000000000000
[ 1687.490951][T29665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1687.490957][T29665] R13: 00007f7700fe6038 R14: 00007f7700fe5fa0 R15: 00007ffcf9099278
[ 1687.490971][T29665]  </TASK>
[ 1687.790047][T16973] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1687.798285][T16973] usb 3-1: Product: syz
[ 1687.802643][T16973] usb 3-1: Manufacturer: syz
[ 1687.807206][T16973] usb 3-1: SerialNumber: syz
[ 1687.813815][T16973] usb 3-1: config 0 descriptor??
[ 1688.004025][   T30] audit: type=1400 audit(1687.973:1653): avc:  denied  { read } for  pid=29669 comm="syz.3.6505" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1688.037353][   T30] audit: type=1400 audit(1687.973:1654): avc:  denied  { open } for  pid=29669 comm="syz.3.6505" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1688.127861][T29675] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[ 1689.339535][   T30] audit: type=1400 audit(1689.313:1655): avc:  denied  { setopt } for  pid=29650 comm="syz.2.6498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1689.396791][T16973] usb 3-1: USB disconnect, device number 11
[ 1689.852866][T29667] tipc: Started in network mode
[ 1689.857752][T29667] tipc: Node identity ac14140f, cluster identity 4711
[ 1689.864981][T29667] tipc: New replicast peer: 255.255.255.255
[ 1689.871541][T29667] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1690.573898][T29702] netlink: 100 bytes leftover after parsing attributes in process `syz.0.6515'.
[ 1691.000186][ T7817] tipc: Node number set to 2886997007
[ 1691.241583][T29714] erspan0: entered promiscuous mode
[ 1691.252956][T29714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6519'.
[ 1691.750060][T16973] usb 4-1: new full-speed USB device number 119 using dummy_hcd
[ 1691.870075][T25574] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1691.901346][T16973] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1691.909457][T16973] usb 4-1: config 0 has no interface number 0
[ 1691.915618][T16973] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1691.924728][T16973] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1691.934276][T16973] usb 4-1: config 0 descriptor??
[ 1691.943678][T16973] usb 4-1: selecting invalid altsetting 1
[ 1691.951654][T16973] dvb_ttusb_budget: ttusb_init_controller: error
[ 1691.958210][T16973] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1692.003592][T16973] DVB: Unable to find symbol cx22700_attach()
[ 1692.020071][T25574] usb 5-1: Using ep0 maxpacket: 32
[ 1692.028276][T25574] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1692.046731][T16973] DVB: Unable to find symbol tda10046_attach()
[ 1692.053521][T25574] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1692.062152][T16973] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1692.077618][T25574] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1692.266211][ T7817] usb 4-1: USB disconnect, device number 119
[ 1692.790147][T25574] gspca_nw80x: reg_r err -110
[ 1692.795587][T25574] nw80x 5-1:3.0: probe with driver nw80x failed with error -110
[ 1692.817196][T25574] usb 5-1: USB disconnect, device number 23
[ 1692.851291][   T30] audit: type=1400 audit(1692.833:1656): avc:  denied  { create } for  pid=29737 comm="syz.0.6526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[ 1694.698168][T29756] netlink: 'syz.1.6530': attribute type 1 has an invalid length.
[ 1694.715906][T29756] netlink: 'syz.1.6530': attribute type 1 has an invalid length.
[ 1694.747039][   T30] audit: type=1400 audit(1694.723:1657): avc:  denied  { execmod } for  pid=29737 comm="syz.0.6526" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=123737 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1696.040162][   T30] audit: type=1400 audit(1695.943:1658): avc:  denied  { open } for  pid=29766 comm="syz.3.6532" path="/dev/ttyqb" dev="devtmpfs" ino=386 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1696.267939][T29768] hfs: unable to load iocharset "io#harset"
[ 1696.607867][  T791] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[ 1696.790085][  T791] usb 1-1: device descriptor read/64, error -71
[ 1697.340082][  T791] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[ 1697.513779][  T791] usb 1-1: device descriptor read/64, error -71
[ 1697.524816][T29789] ALSA: mixer_oss: invalid OSS volume ''
[ 1697.700737][  T791] usb usb1-port1: attempt power cycle
[ 1698.583708][  T791] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[ 1698.640645][  T791] usb 1-1: device descriptor read/8, error -71
[ 1698.693497][T29808] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6544'.
[ 1698.900092][  T791] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[ 1698.970923][  T791] usb 1-1: device descriptor read/8, error -71
[ 1699.090815][  T791] usb usb1-port1: unable to enumerate USB device
[ 1699.244091][T29815] netlink: 27 bytes leftover after parsing attributes in process `syz.4.6546'.
[ 1699.267185][T29815] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1699.273455][   T30] audit: type=1400 audit(1699.243:1659): avc:  denied  { map } for  pid=29813 comm="syz.4.6546" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1699.851657][   T30] audit: type=1400 audit(1699.833:1660): avc:  denied  { bind } for  pid=29822 comm="syz.0.6548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1699.888845][   T30] audit: type=1400 audit(1699.853:1661): avc:  denied  { write } for  pid=29822 comm="syz.0.6548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1700.625507][T29829] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[ 1702.846461][T29848] FAULT_INJECTION: forcing a failure.
[ 1702.846461][T29848] name failslab, interval 1, probability 0, space 0, times 0
[ 1702.880423][T29848] CPU: 0 UID: 0 PID: 29848 Comm: syz.4.6554 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1702.880442][T29848] Tainted: [L]=SOFTLOCKUP
[ 1702.880445][T29848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1702.880452][T29848] Call Trace:
[ 1702.880455][T29848]  <TASK>
[ 1702.880460][T29848]  dump_stack_lvl+0x16c/0x1f0
[ 1702.880477][T29848]  should_fail_ex+0x512/0x640
[ 1702.880494][T29848]  ? fs_reclaim_acquire+0xae/0x150
[ 1702.880510][T29848]  should_failslab+0xc2/0x120
[ 1702.880525][T29848]  __kmalloc_noprof+0xeb/0x910
[ 1702.880542][T29848]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1702.880559][T29848]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1702.880573][T29848]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1702.880589][T29848]  ? tomoyo_profile+0x47/0x60
[ 1702.880607][T29848]  tomoyo_path_number_perm+0x245/0x580
[ 1702.880619][T29848]  ? tomoyo_path_number_perm+0x237/0x580
[ 1702.880632][T29848]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1702.880645][T29848]  ? find_held_lock+0x2b/0x80
[ 1702.880674][T29848]  ? find_held_lock+0x2b/0x80
[ 1702.880689][T29848]  ? hook_file_ioctl_common+0x144/0x410
[ 1702.880708][T29848]  ? __fget_files+0x20e/0x3c0
[ 1702.880731][T29848]  security_file_ioctl+0x9b/0x240
[ 1702.880753][T29848]  __x64_sys_ioctl+0xb7/0x210
[ 1702.880773][T29848]  do_syscall_64+0xcd/0xf80
[ 1702.880795][T29848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.880809][T29848] RIP: 0033:0x7fbc0478f749
[ 1702.880818][T29848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1702.880829][T29848] RSP: 002b:00007fbc056c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1702.880839][T29848] RAX: ffffffffffffffda RBX: 00007fbc049e5fa0 RCX: 00007fbc0478f749
[ 1702.880845][T29848] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[ 1702.880851][T29848] RBP: 00007fbc056c1090 R08: 0000000000000000 R09: 0000000000000000
[ 1702.880857][T29848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1702.880864][T29848] R13: 00007fbc049e6038 R14: 00007fbc049e5fa0 R15: 00007fff06ee4d18
[ 1702.880877][T29848]  </TASK>
[ 1702.880882][T29848] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1703.139717][T29852] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6555'.
[ 1703.229631][T29855] netlink: 'syz.2.6556': attribute type 4 has an invalid length.
[ 1703.484222][T29864] netlink: zone id is out of range
[ 1703.489342][T29864] netlink: zone id is out of range
[ 1703.510452][T29862] netlink: 'syz.0.6557': attribute type 4 has an invalid length.
[ 1703.534312][T29864] netlink: zone id is out of range
[ 1703.539932][T29864] netlink: zone id is out of range
[ 1703.546449][T29864] netlink: zone id is out of range
[ 1703.551671][T29864] netlink: zone id is out of range
[ 1703.560057][T29864] netlink: zone id is out of range
[ 1703.565267][T29864] netlink: zone id is out of range
[ 1703.589732][T29864] netlink: zone id is out of range
[ 1703.600942][T29864] netlink: zone id is out of range
[ 1703.630278][T16973] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1704.664236][T16973] usb 3-1: Using ep0 maxpacket: 16
[ 1704.750119][T16973] usb 3-1: config 0 has no interfaces?
[ 1704.757179][T16973] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1704.766469][T16973] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1704.786100][T16973] usb 3-1: Manufacturer: syz
[ 1704.813145][T16973] usb 3-1: config 0 descriptor??
[ 1704.820062][ T8044] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1705.020044][ T8044] usb 1-1: Using ep0 maxpacket: 16
[ 1705.043556][ T8044] usb 1-1: config 0 has no interfaces?
[ 1705.121271][ T8044] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1705.148151][ T8044] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1705.162820][ T8044] usb 1-1: Manufacturer: syz
[ 1705.179919][ T8044] usb 1-1: config 0 descriptor??
[ 1706.245120][ T8044] usb 3-1: USB disconnect, device number 12
[ 1706.712680][T29909] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1706.719363][T29909] block nbd1: shutting down sockets
[ 1707.117090][T16973] usb 1-1: USB disconnect, device number 125
[ 1707.294237][T29910] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6566'.
[ 1707.303208][T29910] nbd: must specify a size in bytes for the device
[ 1707.618649][T29930] netlink: 'syz.4.6571': attribute type 5 has an invalid length.
[ 1708.384326][ T8044] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1708.862062][   T30] audit: type=1400 audit(1708.843:1662): avc:  denied  { write } for  pid=29947 comm="syz.3.6577" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[ 1709.056242][ T8044] usb 3-1: Using ep0 maxpacket: 32
[ 1709.143203][ T8044] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1709.158000][ T8044] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1709.168115][ T8044] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1709.190106][ T8044] usb 3-1: Product: syz
[ 1709.194270][ T8044] usb 3-1: Manufacturer: syz
[ 1709.198829][ T8044] usb 3-1: SerialNumber: syz
[ 1709.204637][T29960] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6581'.
[ 1709.211305][ T8044] usb 3-1: config 0 descriptor??
[ 1709.230507][ T8044] cdc_wdm 3-1:0.0: probe with driver cdc_wdm failed with error -22
[ 1709.434826][T29966] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1709.566030][ T8044] usb 3-1: USB disconnect, device number 13
[ 1709.769927][T29974] netlink: 277 bytes leftover after parsing attributes in process `syz.1.6582'.
[ 1710.192654][T29976] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6584'.
[ 1710.242278][T29976] nbd: must specify at least one socket
[ 1710.631200][T29986] netlink: 'syz.2.6587': attribute type 27 has an invalid length.
[ 1710.845360][   T30] audit: type=1400 audit(1710.663:1663): avc:  denied  { ioctl } for  pid=29981 comm="syz.2.6587" path="socket:[126286]" dev="sockfs" ino=126286 ioctlcmd=0xf503 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1711.613889][T29986] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1711.621389][T29986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1711.867736][T29986] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1711.880748][T29986] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1712.016894][  T791] libceph: connect (1)[c::]:6789 error -101
[ 1712.023089][  T791] libceph: mon0 (1)[c::]:6789 connect error
[ 1712.121804][T30000] ceph: No mds server is up or the cluster is laggy
[ 1712.311783][  T791] libceph: connect (1)[c::]:6789 error -101
[ 1712.318854][  T791] libceph: mon0 (1)[c::]:6789 connect error
[ 1712.362291][T29987] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1712.369479][T29987] 8021q: adding VLAN 0 to HW filter on device team0
[ 1712.388493][T29987] net_ratelimit: 5 callbacks suppressed
[ 1712.388501][T29987] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1712.475347][T16249] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1712.601909][T29999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6591'.
[ 1712.902679][T16249] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1713.086576][T16249] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1713.119883][T16249] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1713.374356][T30020] FAULT_INJECTION: forcing a failure.
[ 1713.374356][T30020] name failslab, interval 1, probability 0, space 0, times 0
[ 1713.407953][T30020] CPU: 1 UID: 0 PID: 30020 Comm: syz.4.6595 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1713.407981][T30020] Tainted: [L]=SOFTLOCKUP
[ 1713.407987][T30020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1713.407997][T30020] Call Trace:
[ 1713.408004][T30020]  <TASK>
[ 1713.408011][T30020]  dump_stack_lvl+0x16c/0x1f0
[ 1713.408037][T30020]  should_fail_ex+0x512/0x640
[ 1713.408062][T30020]  ? __kmalloc_noprof+0xca/0x910
[ 1713.408090][T30020]  should_failslab+0xc2/0x120
[ 1713.408114][T30020]  __kmalloc_noprof+0xeb/0x910
[ 1713.408140][T30020]  ? fuse_direct_io+0x575/0x2510
[ 1713.408167][T30020]  ? fuse_direct_io+0x575/0x2510
[ 1713.408186][T30020]  fuse_direct_io+0x575/0x2510
[ 1713.408209][T30020]  ? __lock_acquire+0x436/0x2890
[ 1713.408252][T30020]  ? __pfx_fuse_direct_io+0x10/0x10
[ 1713.408273][T30020]  ? __pfx_generic_write_checks+0x10/0x10
[ 1713.408296][T30020]  ? register_lock_class+0x41/0x4b0
[ 1713.408320][T30020]  fuse_direct_write_iter+0x65c/0x840
[ 1713.408344][T30020]  ? __lock_acquire+0x436/0x2890
[ 1713.408363][T30020]  ? __pfx_fuse_direct_write_iter+0x10/0x10
[ 1713.408410][T30020]  fuse_file_write_iter+0x5c9/0x990
[ 1713.408436][T30020]  vfs_write+0x7d3/0x11d0
[ 1713.408458][T30020]  ? __pfx_fuse_file_write_iter+0x10/0x10
[ 1713.408484][T30020]  ? __pfx_vfs_write+0x10/0x10
[ 1713.408523][T30020]  ksys_write+0x12a/0x250
[ 1713.408545][T30020]  ? __pfx_ksys_write+0x10/0x10
[ 1713.408574][T30020]  do_syscall_64+0xcd/0xf80
[ 1713.408598][T30020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1713.408615][T30020] RIP: 0033:0x7fbc0478f749
[ 1713.408629][T30020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1713.408650][T30020] RSP: 002b:00007fbc056c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1713.408668][T30020] RAX: ffffffffffffffda RBX: 00007fbc049e5fa0 RCX: 00007fbc0478f749
[ 1713.408680][T30020] RDX: 0000000000000030 RSI: 0000200000000100 RDI: 0000000000000004
[ 1713.408690][T30020] RBP: 00007fbc056c1090 R08: 0000000000000000 R09: 0000000000000000
[ 1713.408700][T30020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1713.408710][T30020] R13: 00007fbc049e6038 R14: 00007fbc049e5fa0 R15: 00007fff06ee4d18
[ 1713.408737][T30020]  </TASK>
[ 1714.175352][   T30] audit: type=1400 audit(1714.153:1664): avc:  denied  { connect } for  pid=30022 comm="syz.2.6596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1715.125405][T30045] FAULT_INJECTION: forcing a failure.
[ 1715.125405][T30045] name failslab, interval 1, probability 0, space 0, times 0
[ 1715.176682][T30045] CPU: 1 UID: 0 PID: 30045 Comm: syz.2.6599 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1715.176711][T30045] Tainted: [L]=SOFTLOCKUP
[ 1715.176717][T30045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1715.176727][T30045] Call Trace:
[ 1715.176733][T30045]  <TASK>
[ 1715.176741][T30045]  dump_stack_lvl+0x16c/0x1f0
[ 1715.176768][T30045]  should_fail_ex+0x512/0x640
[ 1715.176792][T30045]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1715.176813][T30045]  should_failslab+0xc2/0x120
[ 1715.176835][T30045]  kmem_cache_alloc_noprof+0x83/0x770
[ 1715.176851][T30045]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1715.176872][T30045]  ? alloc_empty_file+0x55/0x1e0
[ 1715.176894][T30045]  ? alloc_empty_file+0x55/0x1e0
[ 1715.176908][T30045]  ? __schedule+0x114c/0x6150
[ 1715.176932][T30045]  alloc_empty_file+0x55/0x1e0
[ 1715.176949][T30045]  path_openat+0xde/0x3140
[ 1715.176980][T30045]  ? __pfx_path_openat+0x10/0x10
[ 1715.177004][T30045]  ? __pfx___schedule+0x10/0x10
[ 1715.177029][T30045]  do_filp_open+0x20b/0x470
[ 1715.177051][T30045]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1715.177073][T30045]  ? __pfx_do_filp_open+0x10/0x10
[ 1715.177126][T30045]  ? alloc_fd+0x471/0x7d0
[ 1715.177156][T30045]  do_sys_openat2+0x121/0x290
[ 1715.177173][T30045]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1715.177198][T30045]  __x64_sys_openat+0x174/0x210
[ 1715.177215][T30045]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1715.177233][T30045]  ? rcu_is_watching+0x12/0xc0
[ 1715.177257][T30045]  do_syscall_64+0xcd/0xf80
[ 1715.177280][T30045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1715.177298][T30045] RIP: 0033:0x7f7b7a38f749
[ 1715.177312][T30045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1715.177328][T30045] RSP: 002b:00007f7b7b161038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1715.177345][T30045] RAX: ffffffffffffffda RBX: 00007f7b7a5e6180 RCX: 00007f7b7a38f749
[ 1715.177356][T30045] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1715.177367][T30045] RBP: 00007f7b7b161090 R08: 0000000000000000 R09: 0000000000000000
[ 1715.177378][T30045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1715.177388][T30045] R13: 00007f7b7a5e6218 R14: 00007f7b7a5e6180 R15: 00007ffe76c287e8
[ 1715.177412][T30045]  </TASK>
[ 1715.958200][T30051] FAULT_INJECTION: forcing a failure.
[ 1715.958200][T30051] name failslab, interval 1, probability 0, space 0, times 0
[ 1715.970931][T30051] CPU: 1 UID: 0 PID: 30051 Comm: syz.2.6601 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1715.970957][T30051] Tainted: [L]=SOFTLOCKUP
[ 1715.970963][T30051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1715.970973][T30051] Call Trace:
[ 1715.970979][T30051]  <TASK>
[ 1715.970986][T30051]  dump_stack_lvl+0x16c/0x1f0
[ 1715.971013][T30051]  should_fail_ex+0x512/0x640
[ 1715.971037][T30051]  ? fs_reclaim_acquire+0xae/0x150
[ 1715.971063][T30051]  should_failslab+0xc2/0x120
[ 1715.971087][T30051]  __kmalloc_noprof+0xeb/0x910
[ 1715.971111][T30051]  ? rcu_is_watching+0x12/0xc0
[ 1715.971129][T30051]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1715.971158][T30051]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1715.971180][T30051]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1715.971205][T30051]  ? tomoyo_profile+0x47/0x60
[ 1715.971232][T30051]  tomoyo_path_number_perm+0x245/0x580
[ 1715.971251][T30051]  ? tomoyo_path_number_perm+0x237/0x580
[ 1715.971273][T30051]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1715.971301][T30051]  ? irqentry_exit+0x1dd/0x8c0
[ 1715.971321][T30051]  ? rcu_is_watching+0x12/0xc0
[ 1715.971350][T30051]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[ 1715.971372][T30051]  ? hook_file_ioctl_common+0x144/0x410
[ 1715.971403][T30051]  ? __fget_files+0x20e/0x3c0
[ 1715.971432][T30051]  security_file_ioctl+0x9b/0x240
[ 1715.971456][T30051]  __x64_sys_ioctl+0xb7/0x210
[ 1715.971478][T30051]  do_syscall_64+0xcd/0xf80
[ 1715.971501][T30051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1715.971519][T30051] RIP: 0033:0x7f7b7a38f749
[ 1715.971533][T30051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1715.971549][T30051] RSP: 002b:00007f7b7b161038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1715.971566][T30051] RAX: ffffffffffffffda RBX: 00007f7b7a5e6180 RCX: 00007f7b7a38f749
[ 1715.971577][T30051] RDX: 0000200000000040 RSI: 0000000000008b2a RDI: 0000000000000006
[ 1715.971587][T30051] RBP: 00007f7b7b161090 R08: 0000000000000000 R09: 0000000000000000
[ 1715.971603][T30051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1715.971613][T30051] R13: 00007f7b7a5e6218 R14: 00007f7b7a5e6180 R15: 00007ffe76c287e8
[ 1715.971638][T30051]  </TASK>
[ 1715.971659][T30051] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1716.725542][   T30] audit: type=1400 audit(1716.693:1665): avc:  denied  { setattr } for  pid=30058 comm="syz.4.6604" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1716.927423][T30065] netlink: 212340 bytes leftover after parsing attributes in process `syz.2.6605'.
[ 1716.950151][T30065] openvswitch: netlink: Port 167772160 exceeds max allowable 65535
[ 1717.049109][T30071] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6609'.
[ 1717.060083][ T8044] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[ 1717.268319][ T8044] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1717.279325][ T8044] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1717.299567][ T8044] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1717.704150][ T8044] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1717.744142][ T8044] usb 1-1: config 0 descriptor??
[ 1718.196096][ T8044] keytouch 0003:0926:3333.0072: fixing up Keytouch IEC report descriptor
[ 1719.323734][T30053] xt_connbytes: Forcing CT accounting to be enabled
[ 1719.350296][ T8044] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0072/input/input36
[ 1719.390375][T30053] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'nat'
[ 1719.425548][T30053] QAT: Device 8 not found
[ 1719.576084][T30097] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[ 1719.762997][ T8044] keytouch 0003:0926:3333.0072: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[ 1720.780797][ T8044] usb 1-1: USB disconnect, device number 126
[ 1721.848658][T30114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6620'.
[ 1722.109813][T30120] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6615'.
[ 1723.530810][T30125] sctp: [Deprecated]: syz.1.6618 (pid 30125) Use of int in max_burst socket option deprecated.
[ 1723.530810][T30125] Use struct sctp_assoc_value instead
[ 1723.549416][T30133] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[ 1723.793257][T30140] FAULT_INJECTION: forcing a failure.
[ 1723.793257][T30140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1723.806373][T30140] CPU: 1 UID: 0 PID: 30140 Comm: syz.4.6626 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1723.806398][T30140] Tainted: [L]=SOFTLOCKUP
[ 1723.806405][T30140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1723.806415][T30140] Call Trace:
[ 1723.806421][T30140]  <TASK>
[ 1723.806428][T30140]  dump_stack_lvl+0x16c/0x1f0
[ 1723.806454][T30140]  should_fail_ex+0x512/0x640
[ 1723.806482][T30140]  _copy_from_user+0x2e/0xd0
[ 1723.806508][T30140]  video_usercopy+0xee2/0x16c0
[ 1723.806530][T30140]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1723.806547][T30140]  ? selinux_kernel_read_file+0x90/0x120
[ 1723.806570][T30140]  ? __pfx_video_usercopy+0x10/0x10
[ 1723.806605][T30140]  v4l2_ioctl+0x1bd/0x250
[ 1723.806623][T30140]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1723.806642][T30140]  __x64_sys_ioctl+0x18e/0x210
[ 1723.806664][T30140]  do_syscall_64+0xcd/0xf80
[ 1723.806687][T30140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1723.806705][T30140] RIP: 0033:0x7fbc0478f749
[ 1723.806720][T30140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1723.806736][T30140] RSP: 002b:00007fbc0567f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1723.806753][T30140] RAX: ffffffffffffffda RBX: 00007fbc049e6180 RCX: 00007fbc0478f749
[ 1723.806764][T30140] RDX: 00002000000000c0 RSI: 00000000c0145608 RDI: 000000000000000a
[ 1723.806774][T30140] RBP: 00007fbc0567f090 R08: 0000000000000000 R09: 0000000000000000
[ 1723.806784][T30140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1723.806800][T30140] R13: 00007fbc049e6218 R14: 00007fbc049e6180 R15: 00007fff06ee4d18
[ 1723.806823][T30140]  </TASK>
[ 1724.670095][T16973] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1724.850210][T16973] usb 3-1: Using ep0 maxpacket: 16
[ 1724.856960][T16973] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[ 1724.865391][T16973] usb 3-1: config 0 has an invalid descriptor of length 26, skipping remainder of the config
[ 1724.879299][T16973] usb 3-1: config 0 has no interface number 0
[ 1724.893450][T16973] usb 3-1: config 0 interface 31 altsetting 198 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[ 1725.041614][T16973] usb 3-1: config 0 interface 31 has no altsetting 0
[ 1725.066887][T16973] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1725.080463][T16973] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1725.093748][T16973] usb 3-1: Product: syz
[ 1725.101275][T16973] usb 3-1: Manufacturer: syz
[ 1725.108196][T16973] usb 3-1: SerialNumber: syz
[ 1725.314970][T16973] usb 3-1: config 0 descriptor??
[ 1725.569807][T16973] usb 3-1: USB disconnect, device number 14
[ 1725.610062][  T791] usb 4-1: new low-speed USB device number 120 using dummy_hcd
[ 1725.769121][   T30] audit: type=1400 audit(1725.743:1666): avc:  denied  { mount } for  pid=30159 comm="syz.4.6632" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1725.816363][  T791] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[ 1725.841968][  T791] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[ 1725.863810][  T791] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1726.197623][  T791] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[ 1726.218710][  T791] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[ 1726.234542][  T791] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1726.250042][  T791] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[ 1726.266070][  T791] usb 4-1: language id specifier not provided by device, defaulting to English
[ 1726.284182][  T791] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[ 1726.293443][  T791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1726.301607][  T791] usb 4-1: Manufacturer: 
[ 1726.310866][  T791] usb 4-1: config 0 descriptor??
[ 1726.364207][T30171] RDS: rds_bind could not find a transport for ::ffff:10.1.1.0, load rds_tcp or rds_rdma?
[ 1726.433777][  T791] hub 4-1:0.0: bad descriptor, ignoring hub
[ 1726.633919][T30174] ALSA: mixer_oss: invalid OSS volume ''
[ 1726.644372][  T791] hub 4-1:0.0: probe with driver hub failed with error -5
[ 1726.681219][  T791] input:  as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input37
[ 1726.733212][ T5813] Bluetooth: hci0: command 0x0406 tx timeout
[ 1726.999557][T30176] FAULT_INJECTION: forcing a failure.
[ 1726.999557][T30176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1727.013602][T30176] CPU: 0 UID: 0 PID: 30176 Comm: syz.4.6637 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1727.013626][T30176] Tainted: [L]=SOFTLOCKUP
[ 1727.013632][T30176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1727.013640][T30176] Call Trace:
[ 1727.013644][T30176]  <TASK>
[ 1727.013648][T30176]  dump_stack_lvl+0x16c/0x1f0
[ 1727.013666][T30176]  should_fail_ex+0x512/0x640
[ 1727.013684][T30176]  _copy_from_user+0x2e/0xd0
[ 1727.013701][T30176]  snd_timer_user_params.isra.0+0xf5/0x920
[ 1727.013718][T30176]  ? __pfx_snd_timer_user_params.isra.0+0x10/0x10
[ 1727.013733][T30176]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1727.013751][T30176]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1727.013775][T30176]  __snd_timer_user_ioctl.isra.0+0x1494/0x27b0
[ 1727.013791][T30176]  ? lock_acquire+0x179/0x330
[ 1727.013804][T30176]  ? __pfx___snd_timer_user_ioctl.isra.0+0x10/0x10
[ 1727.013820][T30176]  ? __pfx___might_resched+0x10/0x10
[ 1727.013831][T30176]  ? rcu_is_watching+0x12/0xc0
[ 1727.013842][T30176]  ? trace_contention_end+0xdd/0x110
[ 1727.013855][T30176]  ? __mutex_lock+0x27b/0x1ca0
[ 1727.013870][T30176]  ? do_vfs_ioctl+0x128/0x14f0
[ 1727.013882][T30176]  ? snd_timer_user_ioctl+0x4a/0xd0
[ 1727.013897][T30176]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1727.013909][T30176]  ? __pfx___mutex_lock+0x10/0x10
[ 1727.013933][T30176]  snd_timer_user_ioctl+0x76/0xd0
[ 1727.013947][T30176]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[ 1727.013964][T30176]  __x64_sys_ioctl+0x18e/0x210
[ 1727.013976][T30176]  do_syscall_64+0xcd/0xf80
[ 1727.013991][T30176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1727.014002][T30176] RIP: 0033:0x7fbc0478f749
[ 1727.014011][T30176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1727.014021][T30176] RSP: 002b:00007fbc056c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1727.014031][T30176] RAX: ffffffffffffffda RBX: 00007fbc049e5fa0 RCX: 00007fbc0478f749
[ 1727.014038][T30176] RDX: 0000000000000000 RSI: 0000000040505412 RDI: 0000000000000003
[ 1727.014044][T30176] RBP: 00007fbc056c1090 R08: 0000000000000000 R09: 0000000000000000
[ 1727.014050][T30176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1727.014056][T30176] R13: 00007fbc049e6038 R14: 00007fbc049e5fa0 R15: 00007fff06ee4d18
[ 1727.014070][T30176]  </TASK>
[ 1728.198276][T16973] usb 4-1: USB disconnect, device number 120
[ 1728.433314][   T30] audit: type=1400 audit(1728.413:1667): avc:  denied  { read write } for  pid=30194 comm="syz.4.6644" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1728.435797][T16973] kernel read not supported for file /vga_arbiter (pid: 16973 comm: kworker/0:1)
[ 1728.829571][   T30] audit: type=1400 audit(1728.413:1668): avc:  denied  { open } for  pid=30194 comm="syz.4.6644" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1728.920620][T30203] netlink: 'syz.3.6645': attribute type 4 has an invalid length.
[ 1728.957783][T30203] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.6645'.
[ 1729.486069][   T30] audit: type=1400 audit(1729.463:1669): avc:  denied  { setattr } for  pid=30209 comm="syz.2.6648" name="#21" dev="tmpfs" ino=188 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1729.697893][T30213] ALSA: mixer_oss: invalid OSS volume ''
[ 1729.773730][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1729.773784][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.660186][   T30] audit: type=1400 audit(1730.633:1670): avc:  denied  { accept } for  pid=30228 comm="syz.3.6654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1731.622283][T30245] netlink: 'syz.1.6659': attribute type 1 has an invalid length.
[ 1731.803521][T30251] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6661'.
[ 1732.114037][T30238] netlink: 'syz.0.6656': attribute type 4 has an invalid length.
[ 1732.136280][T30238] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6656'.
[ 1732.218312][T30258] FAULT_INJECTION: forcing a failure.
[ 1732.218312][T30258] name failslab, interval 1, probability 0, space 0, times 0
[ 1732.262254][T30258] CPU: 1 UID: 0 PID: 30258 Comm: syz.1.6663 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1732.262282][T30258] Tainted: [L]=SOFTLOCKUP
[ 1732.262287][T30258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1732.262293][T30258] Call Trace:
[ 1732.262297][T30258]  <TASK>
[ 1732.262301][T30258]  dump_stack_lvl+0x16c/0x1f0
[ 1732.262319][T30258]  should_fail_ex+0x512/0x640
[ 1732.262335][T30258]  ? __kmalloc_cache_node_noprof+0x62/0x830
[ 1732.262350][T30258]  should_failslab+0xc2/0x120
[ 1732.262365][T30258]  __kmalloc_cache_node_noprof+0x83/0x830
[ 1732.262378][T30258]  ? __get_vm_area_node+0x101/0x330
[ 1732.262391][T30258]  ? find_held_lock+0x2b/0x80
[ 1732.262410][T30258]  ? __get_vm_area_node+0x101/0x330
[ 1732.262423][T30258]  __get_vm_area_node+0x101/0x330
[ 1732.262439][T30258]  __vmalloc_node_range_noprof+0x247/0x16b0
[ 1732.262460][T30258]  ? bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.262477][T30258]  ? bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.262489][T30258]  ? __pfx_stack_trace_save+0x10/0x10
[ 1732.262501][T30258]  ? stack_depot_save_flags+0x29/0x9b0
[ 1732.262518][T30258]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1732.262535][T30258]  ? kasan_save_stack+0x42/0x60
[ 1732.262546][T30258]  ? kasan_save_stack+0x33/0x60
[ 1732.262557][T30258]  ? kasan_save_track+0x14/0x30
[ 1732.262568][T30258]  ? do_seccomp+0x767/0x26d0
[ 1732.262582][T30258]  ? do_syscall_64+0xcd/0xf80
[ 1732.262594][T30258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1732.262607][T30258]  ? bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.262618][T30258]  __vmalloc_node_noprof+0xad/0xf0
[ 1732.262633][T30258]  ? bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.262646][T30258]  __vmalloc_noprof+0xa3/0x120
[ 1732.262661][T30258]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1732.262680][T30258]  bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.262695][T30258]  bpf_prog_alloc+0x3b/0x230
[ 1732.262707][T30258]  bpf_prog_create_from_user+0xb4/0x2f0
[ 1732.262720][T30258]  ? __pfx_seccomp_check_filter+0x10/0x10
[ 1732.262736][T30258]  do_seccomp+0x7b4/0x26d0
[ 1732.262751][T30258]  ? __fget_files+0x20e/0x3c0
[ 1732.262767][T30258]  ? __pfx_do_seccomp+0x10/0x10
[ 1732.262782][T30258]  ? fput+0x70/0xf0
[ 1732.262791][T30258]  ? ksys_write+0x1ac/0x250
[ 1732.262803][T30258]  ? __pfx_ksys_write+0x10/0x10
[ 1732.262820][T30258]  do_syscall_64+0xcd/0xf80
[ 1732.262834][T30258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1732.262844][T30258] RIP: 0033:0x7f26cd78f749
[ 1732.262853][T30258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1732.262864][T30258] RSP: 002b:00007f26ce5d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[ 1732.262875][T30258] RAX: ffffffffffffffda RBX: 00007f26cd9e5fa0 RCX: 00007f26cd78f749
[ 1732.262881][T30258] RDX: 0000200000000040 RSI: 0000000000000000 RDI: 0000000000000001
[ 1732.262887][T30258] RBP: 00007f26ce5d2090 R08: 0000000000000000 R09: 0000000000000000
[ 1732.262893][T30258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1732.262899][T30258] R13: 00007f26cd9e6038 R14: 00007f26cd9e5fa0 R15: 00007ffd10216698
[ 1732.262912][T30258]  </TASK>
[ 1732.263098][T30258] syz.1.6663: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[ 1732.587591][T30258] CPU: 1 UID: 0 PID: 30258 Comm: syz.1.6663 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1732.587616][T30258] Tainted: [L]=SOFTLOCKUP
[ 1732.587622][T30258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1732.587632][T30258] Call Trace:
[ 1732.587638][T30258]  <TASK>
[ 1732.587645][T30258]  dump_stack_lvl+0x16c/0x1f0
[ 1732.587669][T30258]  warn_alloc+0x248/0x3a0
[ 1732.587687][T30258]  ? __pfx_warn_alloc+0x10/0x10
[ 1732.587700][T30258]  ? trace_kmalloc+0x2b/0xb0
[ 1732.587718][T30258]  ? __kmalloc_cache_node_noprof+0x2ed/0x830
[ 1732.587738][T30258]  ? find_held_lock+0x2b/0x80
[ 1732.587765][T30258]  ? __kasan_kmalloc+0x8a/0xb0
[ 1732.587784][T30258]  ? __get_vm_area_node+0x208/0x330
[ 1732.587810][T30258]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[ 1732.587840][T30258]  ? bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.587859][T30258]  ? __pfx_stack_trace_save+0x10/0x10
[ 1732.587877][T30258]  ? stack_depot_save_flags+0x29/0x9b0
[ 1732.587901][T30258]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1732.587927][T30258]  ? kasan_save_stack+0x42/0x60
[ 1732.587942][T30258]  ? kasan_save_stack+0x33/0x60
[ 1732.587959][T30258]  ? kasan_save_track+0x14/0x30
[ 1732.587975][T30258]  ? do_seccomp+0x767/0x26d0
[ 1732.587996][T30258]  ? do_syscall_64+0xcd/0xf80
[ 1732.588014][T30258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1732.588034][T30258]  ? bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.588050][T30258]  __vmalloc_node_noprof+0xad/0xf0
[ 1732.588071][T30258]  ? bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.588089][T30258]  __vmalloc_noprof+0xa3/0x120
[ 1732.588111][T30258]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1732.588140][T30258]  bpf_prog_alloc_no_stats+0x58/0x610
[ 1732.588165][T30258]  bpf_prog_alloc+0x3b/0x230
[ 1732.588182][T30258]  bpf_prog_create_from_user+0xb4/0x2f0
[ 1732.588202][T30258]  ? __pfx_seccomp_check_filter+0x10/0x10
[ 1732.588225][T30258]  do_seccomp+0x7b4/0x26d0
[ 1732.588247][T30258]  ? __fget_files+0x20e/0x3c0
[ 1732.588270][T30258]  ? __pfx_do_seccomp+0x10/0x10
[ 1732.588292][T30258]  ? fput+0x70/0xf0
[ 1732.588305][T30258]  ? ksys_write+0x1ac/0x250
[ 1732.588324][T30258]  ? __pfx_ksys_write+0x10/0x10
[ 1732.588349][T30258]  do_syscall_64+0xcd/0xf80
[ 1732.588370][T30258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1732.588385][T30258] RIP: 0033:0x7f26cd78f749
[ 1732.588397][T30258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1732.588412][T30258] RSP: 002b:00007f26ce5d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[ 1732.588427][T30258] RAX: ffffffffffffffda RBX: 00007f26cd9e5fa0 RCX: 00007f26cd78f749
[ 1732.588443][T30258] RDX: 0000200000000040 RSI: 0000000000000000 RDI: 0000000000000001
[ 1732.588452][T30258] RBP: 00007f26ce5d2090 R08: 0000000000000000 R09: 0000000000000000
[ 1732.588462][T30258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1732.588471][T30258] R13: 00007f26cd9e6038 R14: 00007f26cd9e5fa0 R15: 00007ffd10216698
[ 1732.588492][T30258]  </TASK>
[ 1732.588661][T30258] Mem-Info:
[ 1732.915432][T30258] active_anon:16833 inactive_anon:0 isolated_anon:0
[ 1732.915432][T30258]  active_file:23774 inactive_file:4278 isolated_file:0
[ 1732.915432][T30258]  unevictable:768 dirty:794 writeback:0
[ 1732.915432][T30258]  slab_reclaimable:8304 slab_unreclaimable:98459
[ 1732.915432][T30258]  mapped:31416 shmem:10591 pagetables:1205
[ 1732.915432][T30258]  sec_pagetables:0 bounce:0
[ 1732.915432][T30258]  kernel_misc_reclaimable:0
[ 1732.915432][T30258]  free:1326129 free_pcp:11193 free_cma:0
[ 1732.915487][T30258] Node 0 active_anon:67320kB inactive_anon:0kB active_file:95096kB inactive_file:16976kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:125664kB dirty:3172kB writeback:0kB shmem:40828kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12196kB pagetables:4672kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1732.915526][T30258] Node 1 active_anon:12kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1732.915560][T30258] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1732.915604][T30258] lowmem_reserve[]: 0 2481 2482 2482 2482
[ 1732.915635][T30258] Node 0 DMA32 free:1381928kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:67320kB inactive_anon:0kB active_file:95096kB inactive_file:16976kB unevictable:1536kB writepending:3172kB zspages:0kB present:3129332kB managed:2540852kB mlocked:0kB bounce:0kB free_pcp:44532kB local_pcp:19960kB free_cma:0kB
[ 1732.915680][T30258] lowmem_reserve[]: 0 0 1 1 1
[ 1732.915709][T30258] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1732.915752][T30258] lowmem_reserve[]: 0 0 0 0 0
[ 1732.915782][T30258] Node 1 Normal free:3907228kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:240kB local_pcp:0kB free_cma:0kB
[ 1732.915828][T30258] lowmem_reserve[]: 0 0 0 0 0
[ 1732.915858][T30258] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1732.915958][T30258] Node 0 DMA32: 5948*4kB (UME) 6623*8kB (UME) 4577*16kB (UME) 1670*32kB (UME) 1082*64kB (UME) 596*128kB (UME) 395*256kB (UME) 286*512kB (UME) 235*1024kB (UM) 30*2048kB (UME) 118*4096kB (UM) = 1381944kB
[ 1732.916097][T30258] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1732.916181][T30258] Node 1 Normal: 199*4kB (UE) 56*8kB (UE) 46*16kB (UE) 201*32kB (UE) 103*64kB (UE) 32*128kB (UE) 12*256kB (UME) 14*512kB (UME) 5*1024kB (UME) 3*2048kB (UM) 944*4096kB (UM) = 3907228kB
[ 1732.916322][T30258] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1732.916335][T30258] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1732.916346][T30258] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1732.916359][T30258] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1732.916370][T30258] 38633 total pagecache pages
[ 1732.916376][T30258] 0 pages in swap cache
[ 1732.916381][T30258] Free swap  = 124996kB
[ 1732.916387][T30258] Total swap = 124996kB
[ 1732.916393][T30258] 2097051 pages RAM
[ 1732.916398][T30258] 0 pages HighMem/MovableOnly
[ 1732.916403][T30258] 429812 pages reserved
[ 1732.916408][T30258] 0 pages cma reserved
[ 1733.331062][T30270] FAULT_INJECTION: forcing a failure.
[ 1733.331062][T30270] name failslab, interval 1, probability 0, space 0, times 0
[ 1733.331084][T30270] CPU: 1 UID: 0 PID: 30270 Comm: syz.1.6666 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1733.331099][T30270] Tainted: [L]=SOFTLOCKUP
[ 1733.331103][T30270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1733.331109][T30270] Call Trace:
[ 1733.331113][T30270]  <TASK>
[ 1733.331117][T30270]  dump_stack_lvl+0x16c/0x1f0
[ 1733.331134][T30270]  should_fail_ex+0x512/0x640
[ 1733.331150][T30270]  ? __kmalloc_noprof+0xca/0x910
[ 1733.331168][T30270]  should_failslab+0xc2/0x120
[ 1733.331182][T30270]  __kmalloc_noprof+0xeb/0x910
[ 1733.331198][T30270]  ? filemap_splice_read+0x962/0xd60
[ 1733.331209][T30270]  ? iter_file_splice_write+0x1cc/0x12b0
[ 1733.331227][T30270]  ? iter_file_splice_write+0x1cc/0x12b0
[ 1733.331242][T30270]  iter_file_splice_write+0x1cc/0x12b0
[ 1733.331259][T30270]  ? __pfx_filemap_splice_read+0x10/0x10
[ 1733.331276][T30270]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1733.331301][T30270]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1733.331316][T30270]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1733.331332][T30270]  direct_splice_actor+0x192/0x6c0
[ 1733.331349][T30270]  splice_direct_to_actor+0x345/0xa30
[ 1733.331365][T30270]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1733.331383][T30270]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1733.331397][T30270]  ? get_pid_task+0xfc/0x250
[ 1733.331413][T30270]  do_splice_direct+0x174/0x240
[ 1733.331428][T30270]  ? __pfx_do_splice_direct+0x10/0x10
[ 1733.331451][T30270]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1733.331466][T30270]  ? bpf_lsm_file_permission+0x9/0x10
[ 1733.331476][T30270]  ? security_file_permission+0x71/0x210
[ 1733.331492][T30270]  ? rw_verify_area+0xcf/0x6c0
[ 1733.331504][T30270]  do_sendfile+0xb06/0xe50
[ 1733.331519][T30270]  ? __pfx_do_sendfile+0x10/0x10
[ 1733.331532][T30270]  ? __fget_files+0x20e/0x3c0
[ 1733.331549][T30270]  __x64_sys_sendfile64+0x1d8/0x220
[ 1733.331565][T30270]  ? ksys_write+0x1ac/0x250
[ 1733.331577][T30270]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1733.331597][T30270]  do_syscall_64+0xcd/0xf80
[ 1733.331611][T30270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1733.331622][T30270] RIP: 0033:0x7f26cd78f749
[ 1733.331631][T30270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1733.331642][T30270] RSP: 002b:00007f26ce5b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1733.331652][T30270] RAX: ffffffffffffffda RBX: 00007f26cd9e6090 RCX: 00007f26cd78f749
[ 1733.331659][T30270] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[ 1733.331665][T30270] RBP: 00007f26ce5b1090 R08: 0000000000000000 R09: 0000000000000000
[ 1733.331671][T30270] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000001
[ 1733.331677][T30270] R13: 00007f26cd9e6128 R14: 00007f26cd9e6090 R15: 00007ffd10216698
[ 1733.331690][T30270]  </TASK>
[ 1733.476033][T30274] sctp: [Deprecated]: syz.3.6667 (pid 30274) Use of int in max_burst socket option deprecated.
[ 1733.476033][T30274] Use struct sctp_assoc_value instead
[ 1733.532940][T30276] dlm: plock device version mismatch: kernel (1.2.0), user (1.33554432.0)
[ 1735.693380][T30294] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[ 1735.826527][   T30] audit: type=1400 audit(1735.803:1671): avc:  denied  { write } for  pid=30286 comm="syz.0.6671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1736.410027][T25574] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1736.630021][T25574] usb 3-1: Using ep0 maxpacket: 16
[ 1736.636440][T25574] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1736.645347][T25574] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1736.665028][T25574] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1736.689176][T25574] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1736.708660][T25574] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1736.732906][T25574] usb 3-1: Product: syz
[ 1736.737046][T25574] usb 3-1: Manufacturer: syz
[ 1736.746600][T25574] usb 3-1: SerialNumber: syz
[ 1737.176073][T25574] usb 3-1: 0:2 : does not exist
[ 1737.232331][T30311] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6676'.
[ 1737.445529][T30316] Device name not specified.
[ 1737.445529][T30316] 
[ 1737.452376][  T791] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1737.621324][  T791] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1737.645881][  T791] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1737.676982][  T791] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1737.699211][  T791] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1737.722812][  T791] usb 5-1: config 0 descriptor??
[ 1737.813220][T25574] usb 3-1: 1:0: failed to get current value for ch 0 (-22)
[ 1737.859491][T25574] usb 3-1: USB disconnect, device number 15
[ 1737.890522][T29821] udevd[29821]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1738.263228][   T30] audit: type=1400 audit(1738.243:1672): avc:  denied  { accept } for  pid=30325 comm="syz.1.6680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1738.356632][T30309] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6677'.
[ 1738.544353][T30333] netlink: 'syz.2.6681': attribute type 16 has an invalid length.
[ 1738.617382][T30333] netlink: 'syz.2.6681': attribute type 17 has an invalid length.
[ 1739.143345][T30333] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1739.166945][T30333] 8021q: adding VLAN 0 to HW filter on device team0
[ 1739.186137][T30333] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1740.160516][  T791] usbhid 5-1:0.0: can't add hid device: -71
[ 1740.166505][  T791] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1740.199872][T30349] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6685'.
[ 1740.210325][  T791] usb 5-1: USB disconnect, device number 24
[ 1740.271343][T30351] netlink: 752 bytes leftover after parsing attributes in process `syz.4.6686'.
[ 1740.799401][T30358] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6686'.
[ 1741.163272][T16973] IPVS: starting estimator thread 0...
[ 1741.164226][T30363] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1741.270083][T30371] IPVS: using max 44 ests per chain, 105600 per kthread
[ 1741.398411][T30377] netlink: 'syz.2.6693': attribute type 3 has an invalid length.
[ 1742.560979][T30391] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1742.567589][T30391] block nbd1: shutting down sockets
[ 1743.338392][T30409] fuse: Unknown parameter '0x0000000000000003'
[ 1743.442120][   T30] audit: type=1400 audit(1743.423:1673): avc:  denied  { listen } for  pid=30415 comm="syz.2.6704" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1743.464080][T30419] fuse: Unknown parameter '~r��-'
[ 1744.826689][T30435] netlink: 'syz.4.6706': attribute type 4 has an invalid length.
[ 1744.935281][T30449] (syz.0.6711,30449,0):ocfs2_get_sector:1714 ERROR: status = -5
[ 1744.954048][T30449] (syz.0.6711,30449,0):ocfs2_sb_probe:753 ERROR: status = -5
[ 1744.962910][T30449] (syz.0.6711,30449,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[ 1744.985082][T30449] (syz.0.6711,30449,0):ocfs2_fill_super:1177 ERROR: status = -5
[ 1745.092048][T30451] loop2: detected capacity change from 0 to 7
[ 1745.100599][T30451] Dev loop2: unable to read RDB block 7
[ 1745.116817][T30451]  loop2: AHDI p1 p2 p3
[ 1745.127527][T30451] loop2: partition table partially beyond EOD, truncated
[ 1745.265743][T30451] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1745.304213][T30451] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1745.381089][T16973] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1745.474106][ T5187] Dev loop2: unable to read RDB block 7
[ 1745.479681][ T5187]  loop2: AHDI p1 p2 p3
[ 1745.486173][ T5187] loop2: partition table partially beyond EOD, truncated
[ 1745.501914][ T5187] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1745.534388][T16973] usb 5-1: Using ep0 maxpacket: 16
[ 1745.562912][ T5187] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1745.584625][T16973] usb 5-1: config 0 has no interfaces?
[ 1745.595869][T16973] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1745.624316][T16973] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1745.646739][T30459] fuse: Unknown parameter '0x0000000000000003'
[ 1745.701163][T16973] usb 5-1: Manufacturer: syz
[ 1745.728363][T16973] usb 5-1: config 0 descriptor??
[ 1745.929385][T30462] ALSA: mixer_oss: invalid OSS volume ''
[ 1746.066063][T30463] netlink: 'syz.0.6713': attribute type 4 has an invalid length.
[ 1746.075137][T30463] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6713'.
[ 1746.691266][T30471] tipc: Can't bind to reserved service type 1
[ 1747.687013][T30477] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1747.801820][  T791] usb 5-1: USB disconnect, device number 25
[ 1748.296747][  T791] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1748.312854][T30495] overlayfs: workdir and upperdir must be separate subtrees
[ 1748.364592][T16973] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1748.570345][  T791] usb 5-1: Using ep0 maxpacket: 32
[ 1748.581893][  T791] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1748.599585][  T791] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1748.619556][  T791] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1748.635276][  T791] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1748.662038][  T791] usb 5-1: config 0 descriptor??
[ 1748.672351][  T791] hub 5-1:0.0: USB hub found
[ 1748.710190][T16973] usb 3-1: Using ep0 maxpacket: 32
[ 1748.735163][T16973] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1748.757289][T16973] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1748.788416][T16973] usb 3-1: can't read configurations, error -71
[ 1749.085320][   T30] audit: type=1400 audit(1749.063:1674): avc:  denied  { ioctl } for  pid=30498 comm="syz.0.6728" path="socket:[127764]" dev="sockfs" ino=127764 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1749.134288][  T791] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1749.187198][  T791] usbhid 5-1:0.0: can't add hid device: -71
[ 1749.193751][  T791] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1749.241033][  T791] usb 5-1: USB disconnect, device number 26
[ 1749.370646][T30506] netlink: 'syz.1.6727': attribute type 4 has an invalid length.
[ 1749.378385][T30506] netlink: 152 bytes leftover after parsing attributes in process `syz.1.6727'.
[ 1750.689485][   T30] audit: type=1400 audit(1750.393:1675): avc:  denied  { ioctl } for  pid=30513 comm="syz.0.6732" path="ipc:[4026532987]" dev="nsfs" ino=4026532987 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1750.765501][   T30] audit: type=1400 audit(1750.743:1676): avc:  denied  { setopt } for  pid=30516 comm="syz.4.6733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1751.596447][T30522] netlink: 'syz.4.6733': attribute type 3 has an invalid length.
[ 1752.360658][T30526] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1752.367317][T30526] block nbd1: shutting down sockets
[ 1752.596273][T30534] affs: No valid root block on device nullb0
[ 1753.250073][   T30] audit: type=1400 audit(1752.873:1677): avc:  denied  { append } for  pid=30532 comm="syz.3.6738" name="video1" dev="devtmpfs" ino=931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1753.675150][T30551] FAULT_INJECTION: forcing a failure.
[ 1753.675150][T30551] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1753.688576][T30551] CPU: 0 UID: 0 PID: 30551 Comm: syz.4.6735 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1753.688602][T30551] Tainted: [L]=SOFTLOCKUP
[ 1753.688608][T30551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1753.688627][T30551] Call Trace:
[ 1753.688633][T30551]  <TASK>
[ 1753.688640][T30551]  dump_stack_lvl+0x16c/0x1f0
[ 1753.688666][T30551]  should_fail_ex+0x512/0x640
[ 1753.688695][T30551]  _copy_to_user+0x32/0xd0
[ 1753.688721][T30551]  copy_to_sockptr_offset.constprop.0+0x129/0x150
[ 1753.688748][T30551]  ? __pfx_copy_to_sockptr_offset.constprop.0+0x10/0x10
[ 1753.688774][T30551]  ? __asan_memset+0x23/0x50
[ 1753.688791][T30551]  ? bpf_vlog_finalize+0x1ba/0x360
[ 1753.688811][T30551]  btf_new_fd+0x16be/0x54c0
[ 1753.688834][T30551]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1753.688864][T30551]  ? cred_has_capability.isra.0+0x18f/0x310
[ 1753.688893][T30551]  ? __pfx_btf_new_fd+0x10/0x10
[ 1753.688917][T30551]  ? cap_capable+0x10d/0x3f0
[ 1753.688937][T30551]  ? bpf_lsm_capable+0x9/0x10
[ 1753.688955][T30551]  ? security_capable+0x7e/0x260
[ 1753.688975][T30551]  ? ns_capable+0xd7/0x110
[ 1753.689001][T30551]  __sys_bpf+0x39f/0x4980
[ 1753.689025][T30551]  ? lock_acquire+0x179/0x330
[ 1753.689046][T30551]  ? __pfx___sys_bpf+0x10/0x10
[ 1753.689067][T30551]  ? finish_task_switch.isra.0+0x202/0xbd0
[ 1753.689096][T30551]  ? rcu_is_watching+0x12/0xc0
[ 1753.689111][T30551]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1753.689136][T30551]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1753.689157][T30551]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1753.689184][T30551]  ? rcu_is_watching+0x12/0xc0
[ 1753.689200][T30551]  ? __schedule+0x10b9/0x6150
[ 1753.689218][T30551]  ? __schedule+0x114c/0x6150
[ 1753.689254][T30551]  ? fput+0x70/0xf0
[ 1753.689271][T30551]  ? rcu_is_watching+0x12/0xc0
[ 1753.689291][T30551]  __x64_sys_bpf+0x78/0xc0
[ 1753.689318][T30551]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1753.689343][T30551]  do_syscall_64+0xcd/0xf80
[ 1753.689370][T30551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1753.689387][T30551] RIP: 0033:0x7fbc0478f749
[ 1753.689401][T30551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1753.689417][T30551] RSP: 002b:00007fbc0567f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1753.689434][T30551] RAX: ffffffffffffffda RBX: 00007fbc049e6180 RCX: 00007fbc0478f749
[ 1753.689445][T30551] RDX: 0000000000000028 RSI: 0000200000000380 RDI: 0000000000000012
[ 1753.689455][T30551] RBP: 00007fbc0567f090 R08: 0000000000000000 R09: 0000000000000000
[ 1753.689466][T30551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1753.689475][T30551] R13: 00007fbc049e6218 R14: 00007fbc049e6180 R15: 00007fff06ee4d18
[ 1753.689500][T30551]  </TASK>
[ 1753.956459][T30549] sch_tbf: burst 0 is lower than device lo mtu (18) !
[ 1753.981018][T30545] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1754.238063][T30555] netlink: 188 bytes leftover after parsing attributes in process `syz.0.6742'.
[ 1754.288201][T30555] openvswitch: netlink: Flow key attr not present in new flow.
[ 1754.860983][T30571] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6747'.
[ 1755.516195][T30575] netlink: 'syz.4.6748': attribute type 10 has an invalid length.
[ 1755.531671][  T791] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1755.784863][T30580] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1755.823181][T30580] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6749'.
[ 1755.892957][  T791] usb 3-1: Using ep0 maxpacket: 16
[ 1755.899865][  T791] usb 3-1: config 0 has no interfaces?
[ 1755.906298][  T791] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1755.915513][  T791] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1755.925981][T30575] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1755.940432][T25574] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1756.049119][  T791] usb 3-1: Manufacturer: syz
[ 1756.061571][  T791] usb 3-1: config 0 descriptor??
[ 1756.083252][T30575] .`: (slave batadv0): Enslaving as an active interface with an up link
[ 1757.074516][T25574] usb 5-1: Using ep0 maxpacket: 32
[ 1862.159937][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1862.166900][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P30563/1:b..l
[ 1862.175358][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=163933, q=136 ncpus=2)
[ 1862.183146][    C0] task:syz.1.6743      state:R  running task     stack:26424 pid:30563 tgid:30557 ppid:25357  task_flags:0x400040 flags:0x00080002
[ 1862.197239][    C0] Call Trace:
[ 1862.200513][    C0]  <TASK>
[ 1862.203431][    C0]  ? __schedule+0x10b9/0x6150
[ 1862.208099][    C0]  __schedule+0x1139/0x6150
[ 1862.212588][    C0]  ? find_held_lock+0x2b/0x80
[ 1862.217266][    C0]  ? __pfx___schedule+0x10/0x10
[ 1862.222104][    C0]  ? mark_held_locks+0x49/0x80
[ 1862.226859][    C0]  preempt_schedule_irq+0x51/0x90
[ 1862.231872][    C0]  irqentry_exit+0x1d8/0x8c0
[ 1862.236458][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1862.242423][    C0] RIP: 0010:mtree_range_walk+0x0/0xc00
[ 1862.247867][    C0] Code: ff 48 8b 7c 24 18 e8 1f f0 b9 f6 e9 9f fc ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <41> 57 41 56 41 55 41 54 55 53 48 83 ec 78 48 89 3c 24 e8 a9 19 50
[ 1862.267459][    C0] RSP: 0018:ffffc900044bf710 EFLAGS: 00000246
[ 1862.273517][    C0] RAX: 0000000000080000 RBX: ffff888030d48e00 RCX: ffffc9000ff61000
[ 1862.281476][    C0] RDX: 0000000000080000 RSI: ffffffff8b71bf1c RDI: ffffc900044bf760
[ 1862.289435][    C0] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000002
[ 1862.297387][    C0] R10: 0000000000000000 R11: ffff888076398b30 R12: 0000000000000000
[ 1862.305343][    C0] R13: ffffc900044bf858 R14: 0000000000000300 R15: 0000000000000002
[ 1862.313306][    C0]  ? mt_find+0x4bc/0xa20
[ 1862.317542][    C0]  mt_find+0x4c5/0xa20
[ 1862.321601][    C0]  ? __pfx_mt_find+0x10/0x10
[ 1862.326189][    C0]  ? __pfx_scm_recv_unix+0x10/0x10
[ 1862.331299][    C0]  find_vma+0xbf/0x140
[ 1862.335357][    C0]  ? __pfx_find_vma+0x10/0x10
[ 1862.340027][    C0]  lock_mm_and_find_vma+0x62/0x6e0
[ 1862.345131][    C0]  do_user_addr_fault+0x2ac/0x1370
[ 1862.350233][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1862.354984][    C0]  exc_page_fault+0x64/0xc0
[ 1862.359476][    C0]  asm_exc_page_fault+0x26/0x30
[ 1862.364311][    C0] RIP: 0010:rep_movs_alternative+0x30/0x90
[ 1862.370120][    C0] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[ 1862.389711][    C0] RSP: 0018:ffffc900044bfa48 EFLAGS: 00050206
[ 1862.395761][    C0] RAX: 0000000000000001 RBX: 0000200000329000 RCX: 0000000000000038
[ 1862.403717][    C0] RDX: fffff52000897f5a RSI: 0000200000329000 RDI: ffffc900044bfa98
[ 1862.411671][    C0] RBP: 0000000000000038 R08: 0000000000000001 R09: fffff52000897f59
[ 1862.419623][    C0] R10: ffffc900044bfacf R11: ffff888076398b30 R12: 0000000000000000
[ 1862.427577][    C0] R13: ffffc900044bfa98 R14: ffffc900044bfb80 R15: ffffc900044bfa98
[ 1862.435545][    C0]  _copy_from_user+0x98/0xd0
[ 1862.440128][    C0]  copy_msghdr_from_user+0x98/0x160
[ 1862.445312][    C0]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1862.451117][    C0]  ? irqentry_exit+0x1dd/0x8c0
[ 1862.455930][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1862.461116][    C0]  ___sys_recvmsg+0xdb/0x1a0
[ 1862.465697][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1862.470890][    C0]  ? __pfx___might_resched+0x10/0x10
[ 1862.476164][    C0]  do_recvmmsg+0x2fe/0x750
[ 1862.480568][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1862.485522][    C0]  ? find_held_lock+0x2b/0x80
[ 1862.490191][    C0]  __x64_sys_recvmmsg+0x22a/0x280
[ 1862.495202][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1862.500738][    C0]  do_syscall_64+0xcd/0xf80
[ 1862.505231][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1862.511118][    C0] RIP: 0033:0x7f26cd78f749
[ 1862.515520][    C0] RSP: 002b:00007f26ce5b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1862.523915][    C0] RAX: ffffffffffffffda RBX: 00007f26cd9e6090 RCX: 00007f26cd78f749
[ 1862.531869][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1862.539823][    C0] RBP: 00007f26cd813f91 R08: 0000000000000000 R09: 0000000000000000
[ 1862.547776][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1862.555727][    C0] R13: 00007f26cd9e6128 R14: 00007f26cd9e6090 R15: 00007ffd10216698
[ 1862.563696][    C0]  </TASK>
[ 1862.566699][    C0] rcu: rcu_preempt kthread starved for 10536 jiffies! g163933 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1862.577961][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1862.587908][    C0] rcu: RCU grace-period kthread stack dump:
[ 1862.593772][    C0] task:rcu_preempt     state:R  running task     stack:28048 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1862.607246][    C0] Call Trace:
[ 1862.610510][    C0]  <TASK>
[ 1862.613427][    C0]  ? __schedule+0x10b9/0x6150
[ 1862.618090][    C0]  __schedule+0x1139/0x6150
[ 1862.622593][    C0]  ? __pfx___schedule+0x10/0x10
[ 1862.627428][    C0]  ? find_held_lock+0x2b/0x80
[ 1862.632095][    C0]  ? schedule+0x2d7/0x3a0
[ 1862.636415][    C0]  schedule+0xe7/0x3a0
[ 1862.640472][    C0]  schedule_timeout+0x123/0x290
[ 1862.645309][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1862.650668][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1862.655941][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1862.661732][    C0]  ? prepare_to_swait_event+0xf5/0x480
[ 1862.667179][    C0]  rcu_gp_fqs_loop+0x1ea/0xaf0
[ 1862.671934][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1862.677208][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1862.682137][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1862.686888][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1862.692685][    C0]  rcu_gp_kthread+0x26d/0x380
[ 1862.697348][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1862.702618][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1862.707365][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1862.712554][    C0]  ? __kthread_parkme+0x19e/0x250
[ 1862.717567][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1862.722752][    C0]  kthread+0x3c5/0x780
[ 1862.726806][    C0]  ? __pfx_kthread+0x10/0x10
[ 1862.731383][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1862.736132][    C0]  ? __pfx_kthread+0x10/0x10
[ 1862.740708][    C0]  ret_from_fork+0x983/0xb10
[ 1862.745284][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1862.750385][    C0]  ? __switch_to+0x7af/0x10d0
[ 1862.755051][    C0]  ? __pfx_kthread+0x10/0x10
[ 1862.759628][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1862.764393][    C0]  </TASK>
[ 1862.767396][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1862.773702][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1862.784185][    C0] Tainted: [L]=SOFTLOCKUP
[ 1862.788489][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1862.798529][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1862.804147][    C0] Code: d6 5f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 59 12 00 fb f4 <e9> cc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1862.823737][    C0] RSP: 0018:ffffffff8e007df8 EFLAGS: 000002c6
[ 1862.829785][    C0] RAX: 0000000007925cc3 RBX: 0000000000000000 RCX: ffffffff8b7806d9
[ 1862.837744][    C0] RDX: 0000000000000000 RSI: ffffffff8dacdec9 RDI: ffffffff8bf2b400
[ 1862.845702][    C0] RBP: fffffbfff1c12f68 R08: 0000000000000001 R09: ffffed101708673d
[ 1862.853655][    C0] R10: ffff8880b84339eb R11: ffffffff8e098670 R12: 0000000000000000
[ 1862.861608][    C0] R13: ffffffff8e097b40 R14: ffffffff9088b5d0 R15: 0000000000000000
[ 1862.869562][    C0] FS:  0000000000000000(0000) GS:ffff8881248f5000(0000) knlGS:0000000000000000
[ 1862.878474][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1862.885049][    C0] CR2: 000020000011d030 CR3: 00000000274bd000 CR4: 00000000003526f0
[ 1862.893004][    C0] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[ 1862.900959][    C0] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1862.908911][    C0] Call Trace:
[ 1862.912174][    C0]  <TASK>
[ 1862.915091][    C0]  default_idle+0x13/0x20
[ 1862.919409][    C0]  default_idle_call+0x6c/0xb0
[ 1862.924163][    C0]  do_idle+0x38d/0x510
[ 1862.928226][    C0]  ? __pfx_do_idle+0x10/0x10
[ 1862.932813][    C0]  cpu_startup_entry+0x4f/0x60
[ 1862.937565][    C0]  rest_init+0x16b/0x2b0
[ 1862.941807][    C0]  ? acpi_subsystem_init+0x133/0x180
[ 1862.947076][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[ 1862.952604][    C0]  start_kernel+0x3ef/0x4d0
[ 1862.957102][    C0]  x86_64_start_reservations+0x18/0x30
[ 1862.962552][    C0]  x86_64_start_kernel+0x130/0x190
[ 1862.967656][    C0]  common_startup_64+0x13e/0x148
[ 1862.972592][    C0]  </TASK>