last executing test programs:

10.953254529s ago: executing program 2 (id=6437):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x2888}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8}, @IFLA_BOND_AD_LACP_ACTIVE={0x5}]}}}]}, 0x44}}, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000000)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x9, 0xb49, 0x5, 0x8, 0x0, 0xb}, 0x0)
io_uring_setup(0x664c, &(0x7f0000000500))
r3 = accept(r0, &(0x7f0000000240)=@isdn, &(0x7f00000002c0)=0x80)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYRESDEC=r3], 0x80}, 0x1, 0x0, 0x0, 0x4008031}, 0x24000000)
socket$kcm(0x29, 0x2, 0x0)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
r5 = socket(0xa, 0x3, 0xff)
recvmmsg(r5, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x40010022, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r7 = socket(0x22, 0x2, 0x4)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x84}, 0x20000090)
unshare(0x66000080)
r8 = socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000001c0)={'netdevsim0\x00', <r9=>0x0})
r10 = gettid()
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r9, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r10], 0x28}}, 0x0)
syz_open_dev$vbi(&(0x7f00000028c0), 0x0, 0x2)

9.012950448s ago: executing program 0 (id=6439):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000300)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000380)='memory.stat\x00', 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendfile(r2, r1, 0x0, 0x17)
ioprio_set$pid(0x1, 0x0, 0x0)
r3 = syz_clone(0x200000, &(0x7f0000000100)="79a9cdf730787e3dcce4a7ca6cd9da6df0bfd6d7e964b8b27c5119376b686b13a6aafb61d9b5dbea0fe9ac6ba31d6f090f21a280445e1475cda0b9aa951816d40b8a2712b0c1ef3cf307064fad29e276becc7a31a6b3c12a3825f0fbd5e6b21f2a90e6807f66ed290ab3b8255315d9ec6c0735a165df530ce92d6eb4b9614117", 0x80, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000340)="aedf46e50984713d1595da1a3422cc483cfb26583c55ff1ce7a40ed3668d9ffe179d7238696715cb7fb653fa59481eb9c4f7f28e7e4f32cc8d3a26775ecacd23461c65d12d594521c9f47b0ee7263a42fefc0cafd9e32e98399c7f968fc988dde9760c13f34fe22cc3e6a7d9aaf7c12b8112ad96f23bb1638d53b1ead393f6bc57563eafecda722e794eeed62b6b9e5ae19934b7672adcf3a247b9d873b2a7494e8c6626efe5f916fe9b3632e28aaebb282b05b58caa538e063e1019edffb0dd009b9c0e4fba944389f4ce82c3793e3cc9975a08c1bfba9609365925ef62")
sched_setparam(r3, &(0x7f0000000200)=0xe)
syz_usb_connect(0x3, 0x24, &(0x7f00000014c0)={{0x12, 0x1, 0x0, 0xf9, 0xde, 0x50, 0x8, 0x1b3d, 0x1cd, 0x800, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5, 0xc, 0x190, 0x6, [{{0x9, 0x4, 0x48, 0xfa, 0x0, 0xcc, 0x6a, 0xec, 0x61}}]}}]}}, 0x0)
futimesat(0xffffffffffffff9c, &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

8.47416872s ago: executing program 3 (id=6440):
socket$alg(0x26, 0x5, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000380)})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8004, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfffffffe, 0xffffffff}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000200)="9c30fb4d", 0x4}], 0x1) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) (async, rerun: 32)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3201000000a4000000060a010400000000000000000100000008000b40000000007c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000440001800c0001006269747769736500340002800800034000000004080001400000001408000240000000120c0005800800010088634d580c000480080001006eee7e000900010073797a300000000014000000110001"], 0x118}}, 0x0) (async, rerun: 64)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000100)={0xa00, 0xa00}) (async, rerun: 64)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (async)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000011c0)={0x0, &(0x7f0000001200)}) (async)
r6 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r6, 0xc0184800, &(0x7f0000000100)={0x20004, <r7=>r5, 0x80000}) (async)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001180)='net/ip_tables_matches\x00')
preadv(r8, &(0x7f0000000040)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000bc0)={{0xfd, 0x1}, {0xe}, 0x2005, 0xbfbf})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001240)=ANY=[@ANYBLOB="28000000010701010004000000000000010000091400078008170140000000060800024000000001961de6d75f265b21981f8c6654ccbc8c16f203632052178091fca6ebe1c2c9549545bed1eb9b4e7c931af447fd223300d06009d57fba0a0716587b4eb928113feb63b2f517f77bb621f69f37ea3feccfe62f43df87c8a6a1987c0ecb38d3c9b91dea1100a912ff4fc3d9a903"], 0x28}, 0x1, 0x0, 0x0, 0x804c}, 0xc080)
r10 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r10, 0xc02c564a, &(0x7f0000000000)={0x100, 0x31384142, 0x0, @stepwise={0x0, 0x400, 0x0, 0xc, 0xfffffffc}})
r11 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r11, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r7}) (async)
sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000000406030000000000000000000300000105000100e9ffffffe810030073797a31000000000900020073797a3000000000"], 0x34}, 0x1, 0x0, 0x0, 0x1800}, 0x40004) (async)
openat$nci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)

7.508964025s ago: executing program 4 (id=6441):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'erspan0\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000140)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001200), 0x101101, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xd68, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0xc9ca]}, 0x8)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000040)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xe, 0x401}, 0x1c)
socket(0x10, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x3, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
setxattr$security_capability(0x0, &(0x7f00000011c0), 0x0, 0x0, 0x5)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ipv6_route\x00')
preadv(r5, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1, 0x96, 0x0)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x3)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x1ff)
socket(0x8000000010, 0x2, 0x0)

7.374804586s ago: executing program 0 (id=6442):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d000000010902240001000000000904000002214c6a0009050702000000da000905890e"], 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3, 0xfd}, 0x8)
write$rfkill(r1, &(0x7f0000000340)={0x6, 0x0, 0x3, 0x0, 0x1}, 0x8)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x2cb02, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00')
r3 = epoll_create1(0x3809612feefad543)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x40002015})
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f0000000c40))
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_open_dev$audion(&(0x7f00000001c0), 0xb, 0x4100)
ioctl$int_in(r4, 0x5421, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC=r4], 0x50)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="400a2e0000004e261153b606000f7a9f8c8b93ee8b8e684866d0ef333ba826585e849c0977d2ce968a0c672f83130bb56e23bb8680ef840cd2985dc1b15fd21d96ae05a07e0c21e762dbb5e39204b0f073af469e1f3ab58a08d89df64974d26ec62f183f3e634684f42b017cf22b5ac28f9b56111310db32934f1614"], 0x0, 0x0, 0x0, 0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000001c0)=@newlink={0x34, 0x10, 0x40d, 0x70bd2a, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x600b2, 0x41d43}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008840}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file0\x00'})
syz_usb_control_io(r0, 0x0, 0x0)
socket(0x3, 0x800, 0xd81)

6.871961405s ago: executing program 3 (id=6444):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000140)='wg0\x00', 0x4)
connect$inet(r3, &(0x7f00000001c0)={0x2, 0x2, @multicast1}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x191c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffefff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, &(0x7f0000000200)=0xe, 0x4)
socket(0x400000000010, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'nr0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newtfilter={0x2c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r6, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@TCA_RATE={0x6, 0x5, {0x22, 0x12}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x50)

6.00741003s ago: executing program 0 (id=6445):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f0000000200), 0x400000000000041, 0x2103, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_create_resource$binfmt(&(0x7f0000000040)='./file0\x00')
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000100100000000000000", @ANYRES32, @ANYBLOB="0300000000edffffffffffffff00000000000000", @ANYRES32=r2, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc100565c, 0x0)
socket(0x1d, 0x2, 0x6)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000140)={0x0, 0x1, 0x4, 0x8000000000000})
fcntl$lock(r4, 0x7, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
unshare(0x22020600)
preadv(r5, &(0x7f0000000640), 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x304}, "479d97341a1706ff", "2c91bd9c550ac481f14889884cc7b0e8", "84313d4e", "37a9cadf6a11fb4b"}, 0x28)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, 0x0, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x1, 0x80000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r8, 0x10e, 0x2, 0x0, 0x0)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x1, 0x50)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r9, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xce9dc54468bb77b8}, 0x40)
mmap(&(0x7f00005ef000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r0, 0x2c93a000)
ioctl$BLKPBSZGET(r0, 0x127b, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r7, 0x8030942b, &(0x7f0000000000)={0x6, {0x68, 0x2, 0x8, 0x6, 0x13d2}})

5.84013374s ago: executing program 2 (id=6446):
r0 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x10, r0, 0xb2741000)
ioctl$DVB_DEMUX_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000040)={0x9, 0x0, <r1=>r0})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000080)={[0x3, 0x800, 0x8, 0x2, 0x400, 0x80, 0x2, 0x0, 0x33d1c58c, 0x7f4, 0x1ff, 0x5, 0x7fffffffffffffff, 0x9, 0x10001, 0x5de2c810], 0xc000, 0x80080})
fcntl$lock(r1, 0x0, &(0x7f0000000140)={0x2, 0x0, 0x502f, 0x80})
copy_file_range(r1, &(0x7f0000000180)=0x3ff, r0, 0x0, 0x9, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000001c0)=<r2=>0x0)
ptrace$setregs(0xd, r2, 0x5, &(0x7f0000000200)="8922d55df60072ca49a7df437945bb1ad8482cb05cdd11afb0c6fb4756663230812765f2efe695e014d435f16c80dda7a4d749e2d406530e85f3770031c278c67e295371d5b616c8989fdcf0ea375aa4c857fa32db33eccb240aadad74f3f61e454ab91ee5bf41c03eae938f4220700153c2194a6875b2e4c65c984ba372547f57a61c00b03814896693e50c426b67e17138ba91aee7e62e5353f1b3655f3bc696")
fcntl$setownex(r1, 0xf, &(0x7f00000002c0)={0x1, r2})
ioctl$BTRFS_IOC_SYNC(r1, 0x9408, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0406618, &(0x7f0000000300)={@id={0x2, 0x0, @d}})
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000340), 0x200101, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, &(0x7f0000000380)=0xb8)
syz_open_dev$hidraw(&(0x7f00000003c0), 0x3, 0x100)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000400))
r4 = io_uring_setup(0x3354, &(0x7f0000000440)={0x0, 0xfdf, 0x40, 0x1, 0x3d8, 0x0, r1})
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r3, 0x8008f512, &(0x7f00000004c0))
r5 = syz_open_dev$hiddev(&(0x7f0000000500), 0x68f69f4e, 0x84000)
read$hiddev(r5, &(0x7f0000000540)=""/200, 0xc8)
ioctl$SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000000640))
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000680)={0x6, 0x2, 0x200, "578c9f241e94f75e96bd22aa577d1ae18719bc0d0f5898fcdefd048ca4956917"})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000006c0)={<r6=>0x0, @private, @multicast2}, &(0x7f0000000700)=0xc)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000740)={0x0, 0x0, 0xc, r6, 0x1}, 0xc)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000780)={{0x1, 0x1, 0x18, <r7=>r4, {0x7}}, './file0\x00'})
ioctl$SNDCTL_SEQ_NRSYNTHS(r7, 0x8004510a, &(0x7f00000007c0))
ioctl$sock_inet_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000800)={'netdevsim0\x00', {0x2, 0x4e22, @multicast1}})
r8 = openat$incfs(0xffffffffffffffff, &(0x7f0000000840)='.log\x00', 0x20c00, 0x40)
copy_file_range(r5, 0x0, r8, &(0x7f0000000880), 0x5611, 0x0)
epoll_create1(0x80000)
write$apparmor_current(r1, &(0x7f00000008c0)=@hat={'permhat ', 0x4, 0x5e, ['\\/)$%,)+-!*@m@\x00', '/\'^</\x00', '/dev/audio\x00', '\x00', ')+\x00', 'netdevsim0\x00', '\x00', '/dev/audio\x00', '({\\#-@\x00', '~\xb8\n\xf3\xf2N\xf0\x86rjL\xea:\x15L\xe0']}, 0x6d)

5.327351994s ago: executing program 2 (id=6447):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
socket$netlink(0x10, 0x3, 0x10)
unshare(0x66040080)
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'netdevsim0\x00', <r2=>0x0})
r3 = gettid()
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
close(r5)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'tunl0\x00'})
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r2, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r3], 0x28}}, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
unshare(0x28000600)
ioctl$KVM_TDX_INIT_MEM_REGION(r6, 0xc008aeba, 0x0)

4.279102513s ago: executing program 1 (id=6448):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0))
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000500), 0x8, 0x0)
r1 = syz_io_uring_setup(0x437d, &(0x7f0000000580)={0x0, 0x8b2, 0x13500, 0xfffffffe, 0x304}, &(0x7f0000000240), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x21, &(0x7f0000000440)=r0, 0x1)
r2 = socket(0x10, 0x803, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x1, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b040000000000007f94050017000000f0ffff2700048024000180090001006d6574610000000014000280080002400000000908000140000000010c00034000000000000000020900020073797a3200000000140000001100010000000000000000000000000aa4d336b96c4f340c08c26a960426e0a4831643c6ff6a17981f1b90a4462255f49dbd6ff66059fbc374579fd789c23b9a1b8e1e5864e42913b133e5f740143bae3ada6190bd576f2b33bf423794211073ba8a3a38856c4cd20f6e0169d9632c9539e1c3020a0d21977d98041434d8cbdb"], 0x7c}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f00000007c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYRES16=0x0, @ANYBLOB="0000000000118b0b000000000000afe6366f8b4426ebd2d02f4a4d6492e4bd0e010001002ffe00d10f12c69ab0b1c6f68cc172df8faa790ae50c7c6e30ce421a7061546b3fa48cb827b3496c6122afaf592ff5b791225d83d97c45f716137ae2479b"], 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x4040080)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="400000001000390400000000000000", @ANYRES32=r5, @ANYBLOB="01980000000000002000128008000101000000001007751e000080080001000f44a9ea1be24194cf16e9586baae4202a5e5df958aace731be574102af965be890958c622cb91650e4a38e4dd001c8e249e755a8d7d0da01c79a32c4367843c4ae49dc6c5263cac9f245e5f4d5a9b7538f5fb17a1b9ab439e93e5b2be959985a6781f25ce871c7787c96b813c9239f9bc9cfc7a2fae13ccda6db329971defb5cb0d20d1773d6bbf7005b7ee7a19420fcf1e1ae41654811e6634", @ANYRESDEC=r3], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000004f40)={'gre0\x00', &(0x7f0000000240)={'gretap0\x00', r5, 0x1, 0x20, 0x0, 0x4, {{0x5, 0x4, 0x1, 0x8, 0x14, 0x67, 0x0, 0xdb, 0x29, 0x0, @empty, @empty}}}})
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000080)={0x0, 0x6, 0x200b, 0x1fd})
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000280)={0x2, 0x0, 0x2f, 0x2000000000000009})
execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)={[&(0x7f0000000040)='gre0\x00']}, &(0x7f0000000300)={[&(0x7f00000001c0)='gre0\x00', &(0x7f0000000280)='%%^\x00', &(0x7f00000002c0)='!()\'.){\x00']}, 0x800)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000bc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, {0xa, 0x4e24, 0x9, @mcast2, 0x9}}}, 0x3a)
pread64(0xffffffffffffffff, &(0x7f00000003c0)=""/234, 0xea, 0x3)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000000)={'team0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="540000001000ffff27bd3000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100766c616e000000001c4002800600010000000000100003800c003900040500dd4603000008000500", @ANYRES32=r9, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x20044010}, 0x8000042)

4.265108854s ago: executing program 0 (id=6449):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.kill\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1, 0x2, 0x1468, 0x3})
syz_open_dev$usbfs(&(0x7f0000000040), 0x8, 0x4c0942)
fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xf5b})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendmmsg$inet6(r3, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000580)='B', 0x1}], 0x1}}], 0x1, 0x400c404)
exit(0xfe)
sendmmsg$inet6(r3, &(0x7f00000005c0)=[{{&(0x7f00000004c0)={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x10003}, 0x1c, &(0x7f00000007c0)}}, {{&(0x7f0000000800)={0xa, 0x4e21, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c, &(0x7f0000000c40)=[{&(0x7f0000000840)="11b1bfad69c9e86215472a62a9773cd45edddf1fe28799b805943daeac8c4c3a22b571b37c290e338dd4b545648fb3ee6693b661eb024687", 0x38}, {&(0x7f00000014c0)="4569d7f8db46e8f2b09d61a56d8e173367e721b701e44f3ba4805cfbb916f78f2da02c538c6cae96b71eedb4d90036eaf39526833502ba3cf6c82f3b70c0574d80eaa8b4d13d300b82cb6f5cfc2e261fe1f467df75254a6a86829583f507d65c1235d25684cef8948ac22faab6fae6b5da4dc4e7c5d455841ddc8258187ee9272b662cd3748d838bda1a2d7094f045d176d854214dd8e094b5025b91caebe468021f7a66d75d8224eebc8f45cc8a2969dace8cfb2c4605ddbca6dd5dbf777bd39bcecd56ed32e1478786763061f1a5b6e3f997edb2b10696bfd6a69bc97179ccdeade338a1a0b41fa309be82b3565ee10f462168b41783f5ec790335f7b716e3137f59d130f9d6988c6e44b1c4ad9d01272f7e58757370ea24c9cd4d1a9f7d4c8fd30b778b2d3ce5fd66072b04ecdae10b920d432dd52952d52b94e757624f457fa4669e181bc32c09ae936def46966920085cb9679b6a423a3fd214cb2b654ea44f51ff60bc84a8e15cb10fb92173faed54d9722065a7dca63c82dc1480e249cb217726913d1029e2fbbca13a9f17a12dbfa3db8000dabead908ce0edbdff785f4a8d9985dc8bcefa48b8bd7ccd316c02d157f7195fa5c74f796824917b312ad4ab995f2ca14e8cd413cb6d94fa08d0070b59134de68b99be3a4b7a50f85e9f535c0af78187b1374a52da970ef97fb80f169177375fb55ab115e0aece7767ac000c968f9a8ed39188c61b426a8e1d0cdb8e375fa2fdfff1f840b5a082d80e531c3c0bd14607b1151bad29f9d93d6e8dd64e0f69c70ee0beab7bb08b5db020fc9a40fd911646181198452830812c3a2537bcacd8bec24ce4e7aa4cfa0ca47bdcd2f80138ff508e1adf9ce43fa3e35ecd35c60753e4aff829293e586b26b0b0a09a1aa865dfcefc5efb93f15cdc4a6bd6dff2a5ad294b7906f112362c6292ed978cd5747518b00c5c8a1dec890f13dde16dc62903bfd047125190ccadc4532a44a1d527dcc612f4308a7e241f1f78310b7798925f3381266b69566be3eb7d22333634dfcea1d07166b4ebaadf6b96cad578a77d58cf611b6739a5e3a582f36282d88a7c68d4ba84a416415aad38f7e1427b8c07c3d69f6c8f386523dab9e561b9daa8e52492834486776e711792278ef14db42abe834d9e71ebc249f36b530a4d3ab986b1097b2e83c769fd63e1bc923042bca8b1a99a3b058b9b7b1fe8970f4ea5918eddd1955ad8522c5c11a7aaa5a20b515176ac703ab3e4ace9fedf2030eea0403d92802095f68f30695c580191bc33a75ed53b0921d289907b49bf2c90eb7b4691bdc9ed7783b585802672f9fb0ea0e98fdc1182f2469b5c31b8b474628130bfc589c04378286f039f85cf384d17987b4747416dee9b6d0d5a38a001c2fd2defbf239c44ab096725f8a683031e50f3da0f5fce7b8f1ff641cc989d6a0e291f054103345b3016b0f1636072b35f6453308195c87a82d31e7e66ec296a21b5ed14ec3465242b40a203d3b7d5c2b669c534bb320a1d1d03c1c3e9c110f1c7e14d58acab453484e8c3c65957ecea0c1a63cc31be11bfd6e098a817ccda4968923cd94b42407c2bc3cba6dee5ad05a4eadddcf131dad086531808cddee9b5fec2df1722977e5d8555600da6c33c4ead063cafa905a160df40723fbbc70d78fd2cfc3139741b541ab918b1c0fc75f952c7a8271e508015d15f2d017f8ccaeed5cd06a1218f2c9f9dd2e27f9cd49c134198483812a939b96da167c76ec63580d8e83241e127163dcbe92e5e6a37820bd8a1efd29de86f154a9c1b9d525a38709aaa25674f2810dbd81a3ce3cadbac7a4b7cef490900d37b6d82a67c9f27b39cf7013a7b0c48a8bdaa0d52429d85655b76994d7f7320b68b9095960ee6bf34f7f6ec9da4025d037c83d2ef6ca25457dac63f88cab07c0d619cbd8ea76bdb4a4e6de4a4df3505799563ec21f35650c3bb8be31e449c22e1ac0c6329ee8098cb0fbf7e93c20183b51e57fdc18a1f5f0577a74b7709d6a5e51cce7117a9001116479be8c0c361b380d0e3a6a970a29d839fa83fe8a5e2e30e5759a55593d1a8948448f7583704efe5daee248b8a1227377090e11e5718cdff6652817ecc7e7bf5cc02e1d985cb92caceaffcd2d124c6c7c73c0c9090161c30374f5579a9a7296412f753e7809066d6e799ff219cc3c453337e3a5ee023adfa0b3bbd88cefe82e7091fd9faa605312d3fe7bddbae59bffbe808dda0131f7de4f495f76a9005ebfdd88fa120e65c9cfff463ca30accee8839a29a5ff1451f48070fa7df5700ba9977e7bd561577c08ac8085634121889dbf8be605cfa92d7c5e4ab088d27c6d1cb802e7dbd5e106c47741c35e31", 0x689}, {&(0x7f0000000940)}, {0x0}, {0x0}, {&(0x7f0000000c00)}], 0x6}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000048c0)=ANY=[], 0x80}}], 0x3, 0x48c0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r4 = syz_open_procfs(0x0, &(0x7f0000002340)='fdinfo\x00')
getdents(r4, &(0x7f0000000000)=""/43, 0x2b)
getdents64(r4, 0x0, 0x0)
memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r5 = socket$kcm(0xa, 0x2, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010102, 0x4e22, 0x3, 'lblcr\x00', 0x1, 0x9d3d, 0x6a}, 0x2c)
socket$inet(0x2, 0x2, 0x1)
setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x10000, 0xcd}}, 0x44)
sendmsg$sock(r5, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev, 0xe0}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

3.647497652s ago: executing program 2 (id=6450):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000001280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001240)={&(0x7f00000000c0)={0x1170, 0x3c, 0x200, 0x70bd2b, 0x25dfdbfb, {0x9}, [@nested={0x1c, 0x1c, 0x0, 0x1, [@typed={0x14, 0x159, 0x0, 0x0, @ipv6=@local}, @nested={0x4, 0xed}]}, @generic="21d601a0629bf2edd557cd314daf5a2514675ff2a6992531a89f47ffb83ada893329402acd209aca15cc08c37cf4fbbf5b13afa0c21a962847aaad730e6fb402271937eac2fdb7db449c574e81bafd213b966331cf377b2842d253f1502b078681463af3984008f432e41a43f30dbf47013f60566d126a04bd529f1d86a4a4b20cd5e98a36a2e4f4795c2912223834d9f501eb6b09028817fb0e38aa91d56b90c069c73111149e295d053f6d4c301626532ed128ca3994963b83f10de252c1423049a434c64e780d8b6c231c219a80acff7ea5daea76ba19f916577e45e7f68de2dd461676aeaf7537e74b2e89b4c3a596d861449f9d7d7be2b1f5e7373f0eb9e2e37c7c82aef31d991c175dd3acc17d4b260980bcf0799a3e24292a35b2e908f686cd4a2a56f1411bedf3d0954fa0b2a3176d6fd23a62aeade227bfcfb739e9423c8000df1a48ffab85616b40c4a05c9e60d67da7dd5710582ec69e02262a9d3573088968ec8a7191174b4cd21574a0423520f14c02a5ec9c2241b51b58b00dfcf81bf5b75f2062e71a23b35c53f2cc0cc148ed7b50d345241f933269fbf5623b4c2d828bc8585b37606e27bdc59988c6a5fb603271244e9887b0f0a109cec3378684b2217cdaaef2d1b387f8ba6288c6811a4cdcf12a5d12a1c0c6fd83f2c293a2df4e374ac0b4a841f3607c3736ad2dddad554c8f3e054b2b9d7c8301b6786181ff02aad9d4c909ecafcb42d6e2b6f924fd0a986bee6bf144f19ca1181385295ecc404292b8154541b93600726cb6869aad3f6608d0143a3e0f9429445c4a72aec49dd27537e08a0cb5bd648382364b91203753f0c4f90d94689a1e53f4c1339f0139189acb2d672560144e5c4b3f049465ae228d1e3310d9160487ac9fa8c98260ee11e6cdbbb9a5e5beaa16180c21ab99dd0f4e87670d958e322311551ae543ac0aeb332b18e17b6e14ec661c31f89e7efdb907f19a2e8b51be52c44c1bcf019994a13b655732b3cba3fe6151cf0298ddf1c48b81980091ee3a2b9d6c6f5daf0c51efc1e6a3b93cb4e3fe315de8c47e0ee851bf62bbc2e0ec8535e8c7f717f40ebe69ebb89b0a8a99e9ad9a2709a632aaca3c3f6f0f4cfbfa911d031913ff9e58c458107879d71461133722c51304cf39b7b6fdacb12b9cc0fe1ef7ff4f93ccb124ed167e07fc856d9849eceaf322d4f2643b50f019927ff4ecfd723d6419c80da3e5460e5e1625f23b47e0d140e83c20bd2992340a51915095c6386541c5d1df900513ce392004a9ac53275f42c036f2322974947b9de064b575e4005a48a1ab79f8574d33ed6f01cef6c46ef37abcc154e843438447a71a703b170451a50127e6ea447983b27ad824d4c7648e50eff2e597462801797468e7fcaf6e4dc81e8e9550e4ee69b223454b8d1e6a7930a69d87a2c3060ac34c6f1ddef4949934f2009ab1a91b9a1c3107a94bcf708e9c135441308e3a5123bb7b3bf37b5d5f902ae5cb4716ed62e00082f34b808cdf941aeb35b6826e8b1b98db5e9729e458b6e31d710277b155f21ffd3c3554a52c2c4021fdb32b1bc9339a02f09aff644c7422d69d3d0f19fa06414b36c3e029378816d2a60ed3b2ffa208c294545b65fb9fb57c6350e2a77a4c0bc8500833eeecdc73104598d52809783098d2f1b071d1f085d4c4a760551e87529ec938f81a4cec69d9fe69bc515bc855091f22eb85a1937cf5d9eeb470aba9a7bc68cd865708e60bb04a7308778a5cc87e5fd173702d11b1de04cc6401e1a65f3313fd14bc8ff961fb9de3d84cfcfe4155695ce33850bddcb089bacedbe78631615c84fb268d37b3efbaa2a24349256ef05a6d97ea3f8f36a8f67c95e56d05ee5e799c454b60f86e1ca957c9afedf4cf3bae91b8efe98fa06cdaf69c2627c8cf7bd990f412a8d7c4cb6e3164337336dea43224fd4cbd213bff8be96cc72653cc84af8bc1080b7f1eed13dcad1e66f501d36939ddf429d5e1db2ab7874d8a14041bf9b6196e6acad96c3360fd93d3160c09e647078281b88d97fd5b16dd258fe5c9e1bfdca394a6e3e90f14987ae79e7b3f9c3c765c3314fa0cbe45771b6780ba915100f42c6edeb43a1f6c23bec23cfa3c82a033c81cdac59bb65d4242978e0675d28631b6306403e3077960df9fc20b15a9f7fe6f0531a4daf4f5310c3a6bff104c2dcbd7b30c7e3099ccfe52228fa0a29c73884dcb8f5f99dafe1b26f5c3fd92c422d1253a2f821c3f3ca4975fe16ed55a290b92137e86036d8e463262113a1bc8cdfb311f902c280e9dfda6ea7437ec5ace248e479ad75f7c174cfe4fa53d87ef01958be9d0767c2f1923beebe1cf07772ae821993564ea352aca10ff6778f41ee9c5bc8844c01791ad25136822ef62b3239a72244de74a6eaa115285f213493f3bed34aec2da8b4b2977df10bf91d663e1242818b77c81261e2e938129eab1037c65ade54ae6a01a92f776bd6f434fe5ac66efcc235b188a01139d0bcd054a44b58e1fa490ea0b338b864bbac726d86682f803a7b538c88b68ce7f67f260d54ea1124a5b6e0aa343b1468cd490751f3237b36c6b2f02581e4d3da9fcc94b097023cb9033d63fa90ce275a582be425d643892ff36ec0d87e8a33e853ebf1481d36fe59a8b747a24e645db4231a367a477ac054ceffc41b6e3dc79e42d1cd5947056f4b2c5fa8a92011f5b9623bd9598f586ebd51b1f786cf8c5ff91c3da4049a3bc75491a07520d42fed9b805cea22785d7d8af4b29b19a0d2dd44cdb389ec9f2a8354349e919557bd2dd85886496466e3c87aa55e9c26674b8f19d33dc43406125ea2fa737a48f5ed43d958882fc53ebe0718e82c7251157a1e0828bc18b3c05ff1ad0b9a58f8e788895e6b318d7eb924c3810d83228e8664a69abdaa090089743268da98a9e48dd23e3b61ee231fd11c4fe465f557ac8e9baccae0d8f21c6202763214a1f6921c4420c00e6f606cea9a3ece76af972f5074e240d33883415e495eec2643acf14004983dd484ad4bd79d2deeacc304e6f1a185115ad30b4b3d14283b8596d2dda83e22f9b73cdbe7207f8a4c041259364901c45515a215059bac7ac26049d3cb7a99c5d5f7232af9b72af4f88c8a00abf9c89303cc93fe96bf48109f8407852bf380bd4bec11324f99717367cde2148956cc8d02d2bc6ec854803c7717acc66f1809876dc7f02e4bb6b4a4683650b21d9ba28e43cfc00771b3cb19df9d342deb7be7cb448a47a243e60a0713f1da0f0fd398ada1bd8c76116278080e6d2b3bd7312de29796b6c76f4e9bc6b3e44260cc5670cb764df0893357a7671e39045f6955be1318a1e50de077286162f44a538f423d7df17cdeb414b8438c290785504a5818e9adfd55a619b98dc9896789d035a7dcfc9eacfa91f225f8b1d3958d6d4922061a425a52350e7eb84afeee85bc54c28c08c2b65bfd72e96d289d79780cfa04706c2c80f9c7fb4924dc6e3121225245be7229b1e87b3830a574adafd43c5f10477cb61df31e46117f9cef8f4812f369cb1ef01da97a795508cc9fc7769b34ab5c85ef4eac05fe10c34d8e390f3385eb780293ab6bf4b8877e194608ab71964d893e0ea0b9f28fdf21461e92384ddece493c99081434417e795e4bb2936f66ccf1710637f6f0dd052ae2ad6d09419322c047b5d56aeadd819d4eb1375e9b66a99a4a13fe7db5b7f16eb05f3aab6574d363b63bc4ba98de4078c56d0d5d434b07cb8be9330a5d7d497bc499bc2a03e6bf0ea3a757f6663f9debe6a412116e5e07e6085e7cd01a630e65dd17c8fd39fbd4cec0fb2b5c7e9700e4ea5fa0e527d898e34c072216b8d81d182baf4d10976d6ee6c14f65044b2634a80102b1de227266edfc46ae6f3452d56e842160a4cb2df09568d799293e5b5a49bb22765225bb218cc4d63cf9909af8ef44d0a210acd4467fa19b8163a1a1aa8b85add81cdabe1fb15df9c6d665abe37c76a5c019576b5ed09cfaa2af50a1c7ffb0da162764416f7b9528ba4a63cdc2f1d12c2dc72cc6334a0443b2a6bf556d41a1fa4a236869acaa3e1fb603a6918225f57501e97c370927ee19e405ff69830b3e5d935896d16caeb84083770e8ed8478cc7470c5d16d3b57d3965a91bbfe5418a31c4e801450491a64a5e1f65a4db54afcae672ddc4ced35c565ef613620a7574162c28668fa9f7e762d0393cf5bf7247eeaa04746a0606d4c8e5e62b611ba94133249d5aff865894ce950b1df4a40e31788c8213da4f537ca94140516a4b873229beddfded240ae7c339ce37ad039548a9b822a6e8372a4f7b222a6c89f8218cbe48bf0aa154a29c2295595efac676f9b6defa6f207c81eb1fe2420ea641681a1679fc7867b2db96bafdb0e5622164df4022291ace1c7e6bb2d224b3b8c68f819892b90bc822b93952efc894d018aacfdb098db953e1af4dd98baacc2e1fab7c0e20838fb9b037368ed3d685ce9ad929c085d137552a9947c054b7b87cf836933f5aa6732a1844cba530668620dad7eee73b168b24055c577ba538ecf7321a05d72981d9775f18e75ad414be04c0bad4bec1819d39f36023bc2d79077d6e84df554bed4f8c3591e017c3335374ecd0330d6d387409fe29ffecc4fb4aabe09aa24389fad02bb057b1e9795ba36fd028aefb26e8c9c2bbf506031fb8554891fdf4e99ed00b4fcb83317191db0289a223c0c9ded02c799815e1f136d08f9392d779ab95016cc60e68d8997f2694e404d5898acb352a690d1bb32fd43c0c3fbbdc97459247e43c4ad154a8ac62bfbca80b5033b94f9d4237c444cab6916a3f6bae58a7e7d43bc9053f9904afe156afaa86413c1777eeee9a5d31d92e24785dce5ba33fe7ea1296c0bfb1f20ab8757b6ed952b106777ca6642c887e4bffbbf3628cd2291aa37027ce336c0d8f5bca7f1d378f17c095b8d2af4d32cb60c37e31100f086817586309e8bba0a7332bf7efc4fb4c165199042331a2cb55c0eee348b66701f7e56e7d889b94744dfc2aa015f0805598c657bfaeff1cae00ef8ccdadd5543ecb238d7873ca9357d64c5cae14bae9ecaeee033a0156a05c1757cd4c1e22e356f56729dfa2c22cd4870c54c52391c440062da8dbbc197b0219d9d080e07b370f4858c9224e73e4deecee1be91fd4f4764f7849202b568a5c76d318ecb7de24c9a8f2c3f0f1f4d3f6da24158c20a6656527a256f4a85ae05f8b46be97a817b4accb388fef91ba21082f9a039699b29d9bc568f2b82f153c629416ce714c0af071f57a024f9f6fad7f7836e0cfc49e3267eba6c3f761c71c1ce7b84b79da1a9935af9b405f7919d5cc0691e692190a49cf9e394ead8d93307c055eeba8f016583aa6ccd4c32c680d580bbc470fce10955e4d0e608272e4e3101976e911d23006678f1aafdf1eb7e66772159d918e68ba02f05cc0c76bd3ee4f854f43da1c998a3f289c3d8f7fa346b81f5abb3238fe55e0b43deb23cddcb21999825700a5be4417ca010dd49c03db648b757d3051091a322621128bde4389f7fe9543547b1dd9ee152f8398fbae97fbee51d5928edbaefe98791f3d9907e6d53daaa3a92ef82000fa391f1d03013379cea1eba29c7d913f780062f8ecbd6d40ec5b9643427649e33e1d5d3ef30069d51ef6d67b29476b343b4517547763a4682619a1103b62e6da4fcfe28d0ca16020ccd90efb24606bc55d278a2ef9c64baefa2b1a445064ad79b7885be56e4d553286bdd46717d97919311e497b2748f07ba3fb683a625af2ce68f08e9850b640f09f6541583f09cf1e2824d", @nested={0xb0, 0x2b, 0x0, 0x1, [@nested={0x4, 0x1f}, @typed={0x8, 0x120, 0x0, 0x0, @ipv4=@loopback}, @generic="e3df3e890005dd612ab73cf6240f015c4227d013613dcee21b0acc3a8b1ec4418332b15a547e565a399865661ab60344b33580f54fa78cc186994efabfaaf53abadf3b57222a455b248c1ffc5ec6de1927fc74af348363ea304cb368e134d539f32dc1dd37cd9883122a17cd19c5a3ef834b61846fc996b774d78858d5cd0a827e39e495e110426ff4609495b6a8e8c4", @nested={0x4, 0xc8}, @typed={0x8, 0xd9, 0x0, 0x0, @ipv4=@loopback}, @nested={0x4, 0x4e}]}, @generic="a307afaaaafe959453f1072184b7e93335dd8dad4c878b284cb3cd8a4b2de752cf7f05f6cc328a8eaef1", @nested={0x10, 0x2e, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @str='*(]\x00'}, @nested={0x4, 0x26}]}, @generic="dfe5d6c46a52e58b2726a66fee604ad079d92e79df0df64aa003401d1a9b183cfb83842266b056a34b120bf88155ff18994130509a7d938265419fa1eddd6f21b62e6d230e6169", @nested={0x4, 0xbe}, @typed={0x8, 0x4c, 0x0, 0x0, @str='$Z/\x00'}]}, 0x1170}, 0x1, 0x0, 0x0, 0x4c000}, 0x20000800)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a3a440000102030109025c00020100000009040000ee010d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d000009040101"], 0x0)

3.486585253s ago: executing program 4 (id=6451):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d000000010902240001000000000904000002214c6a0009050702000000da000905890e"], 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3, 0xfd}, 0x8)
write$rfkill(r1, &(0x7f0000000340)={0x6, 0x0, 0x3, 0x0, 0x1}, 0x8)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x2cb02, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00')
r3 = epoll_create1(0x3809612feefad543)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x40002015})
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f0000000c40))
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_open_dev$audion(&(0x7f00000001c0), 0xb, 0x4100)
ioctl$int_in(r4, 0x5421, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC=r4], 0x50)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="400a2e0000004e261153b606000f7a9f8c8b93ee8b8e684866d0ef333ba826585e849c0977d2ce968a0c672f83130bb56e23bb8680ef840cd2985dc1b15fd21d96ae05a07e0c21e762dbb5e39204b0f073af469e1f3ab58a08d89df64974d26ec62f183f3e634684f42b017cf22b5ac28f9b56111310db32934f1614"], 0x0, 0x0, 0x0, 0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000001c0)=@newlink={0x34, 0x10, 0x40d, 0x70bd2a, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x600b2, 0x41d43}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008840}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file0\x00'})
syz_usb_control_io(r0, 0x0, 0x0)
socket(0x3, 0x800, 0xd81)

3.355996959s ago: executing program 1 (id=6452):
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$kcm(0x29, 0x7, 0x0)

3.127432909s ago: executing program 1 (id=6453):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000004020000040000000a0000", @ANYRES32=0x1, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRESHEX], 0x48)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r3, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[], 0x78}, 0x1, 0x0, 0x0, 0x10}, 0xc1)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x503, 0xffffffff, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x44, 0x100}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000010}, 0x0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000080)={<r9=>0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa090100}]}, &(0x7f0000000000)=0x10)
shutdown(r8, 0x1)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r8, 0x84, 0x82, &(0x7f0000000040)={r9, 0x2002}, &(0x7f00000000c0)=0x8)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x0, 0x400, 0x80, 0x89, 0x0, 0x8, 0x7], 0x100000, 0x240046})
ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f0000000140)={0x1, 0x0, [{0x1, 0x9aa, 0x5, 0x93, 0x800}]})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r10 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x3238, 0x400, 0xffffffff, 0x288}, &(0x7f0000000340)=<r11=>0x0, &(0x7f0000000540)=<r12=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r11, r12, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="f000000000000000010000005eb7000075177ff3309da1d8c85f82edfed4bb53954223bd9d5ed15e772b9f42bc28de83c35f12ef0e5a50ee1e38bc77ee86a3f8536afe510f411731dd16ccd50ef88788e58b91dcb90a33af1104b199f023b2f1e848bd5ff446f4329d0c647852abf81992adc4ced5ba47f8037ae4306f519b835659f6a0160f94ec6b6265ff069a1950dd0e47a544f92d6fe23183dd00ebcd83cc8940e4e153f0ac7f22c599dc6a4241df91d1b88b78ac2a3b5b8a927325d8fa797bd2a1b20c129daae788155431779e9208e1afc14ac6d27d2124c6db6569a7e89a1df7a849af490ace439998b27e0088000000000000000c0100000a0000004587e2218aba2bbd5d926f2500607ef93120718ff1716c0ec85714843724bc1d8485007f9eeb6c3063b7fd49744699dc07679e79e8a8922030f548550ce2c151b43c7a95770464893f929b66be05863d02b20dcdea7c71696820cd5d6ef8045de5594bcf95447bab306cf4c414269820e400000000000000200000000000000013010000e30f000087f7cfef6937d55f2bb0d3640000000078000000000000000100000001000000529fc01ddd98c8e4893b6a0c57044002fa9105670ca3d8110272df7d15958f10169448647650f73bb889ca1fc432fd8a5f6b26278e32165bdb4dc14071266dd1b47782f4c93c563fe4a917d2656af0ba15453697a518c3e1fd169b1c53fa755f530cb43c01000000b80000000000000014010000030000006cbadba9dd3dc276d15d7bdbb346952ff931f007c4525e33c52cd8451ffe3cf1d078efc9dec7a09f93bba9814b65654f22b7f25a43126d4dc64f556e063d502421dc3b8513b06a2008096451b68fc101ed07a2b9c1c91c1a95eec91a99f0734f93c5565364993b086893ab1a06892b45adc36fdbcd0ecd8d73a9851eb811c2143f4bd9e5546a1f2e06abc9b4f7cdedfb34721abf2db555fb0de85a9943603a383a63a400000000007800000000000000110100000900000093e0e9cc93d74b0f9bbbb4ddc39b630330077ed7cd75898e59a8ed04a030db7617ddc5aa4f2e40e16e8636913f0bbd12dbf496c7c7558d9188b6a8b8a4e3b0b1ecb647fe01bb8930c514fbf465db1787ead6c6fe9f37ed072dae4daa72878e48aa1a000000000000100000000000000001000000e37b000028000000000000000000000000000000d7ef081a4e412d77969dcff9b227b114a4991dc000000000c0"], 0x438}, 0x0, 0x12f4c4729764ea1b, 0x1})
io_uring_enter(r10, 0x3516, 0xa00100, 0x0, 0x0, 0x0)

2.835847303s ago: executing program 3 (id=6454):
r0 = syz_open_dev$video(&(0x7f00000001c0), 0x8, 0x1)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000300)={0x0, @reserved})
r1 = socket$unix(0x1, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, 0x0, 0x1de)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000580)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0)
sendfile(r4, r3, &(0x7f00000000c0)=0x8b, 0x1000005f5)
syz_usb_connect(0x2, 0x5d, 0x0, 0x0)

2.744625486s ago: executing program 2 (id=6455):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d000000010902240001000000000904000002214c6a0009050702000000da000905890e"], 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3, 0xfd}, 0x8)
write$rfkill(r1, &(0x7f0000000340)={0x6, 0x0, 0x3, 0x0, 0x1}, 0x8)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x2cb02, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00')
r3 = epoll_create1(0x3809612feefad543)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x40002015})
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f0000000c40))
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_open_dev$audion(&(0x7f00000001c0), 0xb, 0x4100)
ioctl$int_in(r4, 0x5421, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC=r4], 0x50)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="400a2e0000004e261153b606000f7a9f8c8b93ee8b8e684866d0ef333ba826585e849c0977d2ce968a0c672f83130bb56e23bb8680ef840cd2985dc1b15fd21d96ae05a07e0c21e762dbb5e39204b0f073af469e1f3ab58a08d89df64974d26ec62f183f3e634684f42b017cf22b5ac28f9b56111310db32934f1614"], 0x0, 0x0, 0x0, 0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x600b2, 0x41d43}, [@IFLA_CARRIER_CHANGES={0x8, 0x23, 0x1}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008840}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
socket(0x3, 0x800, 0xd81)

2.503418199s ago: executing program 1 (id=6456):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c000000100003040100"/20, @ANYRES32=r3, @ANYBLOB="46060900000000001c00128009000100626f6e6400586ad04e36b8543bb075f66f7f0eb1810000000c00028005001b0004000000e75048b6f8759fb28ba36b0e7ae8fd64"], 0x3c}, 0x1, 0x0, 0x0, 0x690}, 0x20048040) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f00000000c0)=0x2, 0x38) (async)
setsockopt$sock_int(r2, 0x1, 0xa, &(0x7f00000001c0)=0x3, 0x4)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x58}}, 0x10) (async)
sendto(r4, &(0x7f0000000140)='A', 0xfffff, 0x40008c1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r5, @ANYRESDEC=r0, @ANYRES8], 0x30}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="100026bd7000fbdbdf254400000008000301c32100", @ANYRES32=r6, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x80) (async)
recvmmsg(r4, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000004140)=""/4096, 0x1000}], 0x1}, 0x5}], 0x1, 0x102, 0x0)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)) (async)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
keyctl$restrict_keyring(0xa, 0x0, 0x0, 0x0) (async)
r8 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r8, 0x10e, 0xc, &(0x7f0000000080)=0x4, 0x4) (async)
sendmsg$netlink(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000500)=ANY=[], 0x20}], 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640)={[&(0x7f0000000180), &(0x7f00000005c0)='\x00', &(0x7f0000000600)='-\x00']}, &(0x7f0000000700)={[&(0x7f0000000680)='wlan0\x00', &(0x7f00000006c0)='l2tp\x00']}, 0x400) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="17090000000000000000010000000500070000000000080009000000000008000a0000000000060002000000000014001f00000000000000000000000000000000001400200000000000000000000000ffffac1414bb05002200010000005e4b835b68a50f78b454a24ce3d20f07cda69040ce21189b9e"], 0x64}}, 0x0)

2.256162739s ago: executing program 1 (id=6457):
inotify_init()
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x68cd42, 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x900, 0x0, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x1000000000000000}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

2.216133952s ago: executing program 4 (id=6458):
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r0 = creat(&(0x7f0000000240)='./file0\x00', 0x40)
close(r0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
bind$can_raw(r2, &(0x7f0000000000), 0x10)
getsockname$packet(r2, 0x0, &(0x7f0000000080))
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'veth1_to_batadv\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000030500"/18, @ANYRES32=0x0, @ANYBLOB="8b18010000000000240012800b0001006d61637365630000140002800500080000000000050007000000000008000500", @ANYRES32=r4], 0x4c}}, 0x0)
ioctl$KVM_MEMORY_ENCRYPT_REG_REGION(r0, 0x8010aebb, &(0x7f0000000200)={0x10000, 0x102000})
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x930, 0x6000002, 0x4018831, r0, 0x0)
r6 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6c9ecbf09d6dd7be5a06dfd645630500c1a303434a36bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffdc0fb243c3111dda42112650cc", 0x0, 0x48)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000080)={0x8, 0x7, 0xfffff801, 0x8}, 0x10)
read$char_usb(r0, &(0x7f0000000380)=""/190, 0xbe)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r2, &(0x7f0000000300)={0x1d, r8, 0x0, {0x2, 0xff, 0x2}, 0x1fc}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x60042, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x541b, &(0x7f0000000000)={<r9=>0xffffffffffffffff})
close_range(r9, 0xffffffffffffffff, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0x7ff, @dev={0xfe, 0x80, '\x00', 0x14}, 0x7}, 0x1c)
listen(0xffffffffffffffff, 0x2)

1.978892894s ago: executing program 3 (id=6459):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900038073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x25}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0xffffc0fe, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)

1.952832277s ago: executing program 4 (id=6460):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2003, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="50000000100001042abd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7b01000001c80400300012800b000100627269646765000020"], 0x50}, 0x1, 0x0, 0x0, 0x20008000}, 0x20040844)
r5 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x0, 0x6, 0xffffffff}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x4}, 0x8)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r6, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r6, &(0x7f0000000040), &(0x7f000009de80), 0x0)

1.909480415s ago: executing program 1 (id=6461):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000000c0)=0x9, 0x4)
sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000240)={{r0}, 0x8, 0x7, 0x1})
close(r1)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000080)={<r4=>0x0, 0xb9, "761496fbff8388046a7625ba7b7cba26957e7dc6f5754a794006b99d1c6ed1a68a29f3147e3589c06cb05be18647c605423ac7a709548c8bac7fede881a0f62dc0b90b6afd0cc601697eb39a72320c46ab3363816826f26268d843a3dcf4b7b8a31e5719d886673e44f33b49ae1ad2bdeb88ea994b751659bc12edfab5028a75d98384d27ed6d88a8307e115cb2769706f2e82562161a0cd97102ce0127481603f67e6f1a38f2798e5b19aabafb57d6fbca3e7892f95b0fc9f"}, &(0x7f0000000000)=0xc1)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000180)={r4, 0xc}, &(0x7f00000001c0)=0x8)
r5 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000040)=0x44)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000280))
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)

1.840584076s ago: executing program 2 (id=6462):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x89b0, &(0x7f0000000080)={'batadv0\x00', &(0x7f0000000040)=@ethtool_channels={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x2102, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f0000051000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000080)=0x2, 0x95, 0x102)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000300)={0xb, @sdr={0x34565559, 0x2}})
poll(&(0x7f0000000100), 0x0, 0x8)
r5 = fcntl$getown(r1, 0x9)
sendmsg$unix(r4, &(0x7f00000007c0)={&(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000480)="5da1927f3292858fb076d7396af8e6bc62ace591b25776f9b344bae679db0f87db22d2341b3761eb9e0562996c5fcdfd45c617fcd19eb3661b06b73252687bb2a6b12f5d10b477101db89765285b6c122c49e7dcff46ef9b9daf884ae735e9649dcfc43c5028bd269f28c201e04e0e24a324cc347f88fcef34e3b33893e0821cfea7e88c7b2a3e33a8463c470a3dbab657bcdf37cf1790d268bccddf456cc6", 0x9f}, {&(0x7f0000000580)="68ff72cb6fc966d8a9486b7e0ddb2f90931d4488a781f58bbcf9dcc7f42c39e6951d55f05a54fb6970962fcffe1ca13c62df7f12ae96c067ad79d67bcbdbb7e32f2378e2a90202c9378d", 0x4a}, {&(0x7f0000000000)="52c7a18b963ef454f16f0be45d336831679eb4bbefcf0d3edfb5dde73c7cec365dd71b69b66c63", 0x27}, {&(0x7f0000000600)="68489a7924ae4088c1adc26fbdb885a6da70f57c3c631a5dad0533de11df7e4a84a956a0f0416cdd2b2cb4bb8768c55190c5a98f652a3e79cf3854d640b9973c93ceaa5113", 0x45}, {&(0x7f0000000680)="09b84d0f307114d996c651165130e877df52407599e822f24856d6c5d494e20acd68ab1bde3225900c3d7656c62064e5b2f85772c689f908f9ee0762ee52fb7298f0cd5f33c7ed79ba6d7eb7494b2e3aabff6a342ada95bc03ca9afa2304a1f112d2d21be33f4853ed646add1e41539c9424370b6c955f4c10769de4777b9fd2f76788e9786418be8d1e58621e5c9515b302a8fcbca0b26894", 0x99}], 0x5, &(0x7f0000000240)=[@cred={{0x1c, 0x1, 0x2, {r5, 0xee01, 0xee00}}}], 0x20, 0x2000}, 0x24008811)
r6 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto(r7, &(0x7f0000000100)="51bf7336f6cdf0ca6c13c866d6bc7b55f2d501845841bb2c078a988b7eb38f11a326083cf884920013fbae4a3a5d9c8ea7ea86669fb6212da0b5c82136d9519daeb17c9f96ad78cccef50ab4eabcafbc1a18735359cd7329816984d180735476f901401079349dfbe2e614f51a07c00544d90a594972ba60e1b497f88dcdc1e45dd28c0678d803638e7bd70a8638136e52c5e932c4111d3c917fb22583198b00707e3a2e001260cbc206759c245451686164eff751e4df8995", 0xb9, 0x20000000, &(0x7f0000000800)=@pppoe={0x18, 0x0, {0x3, @local, 'veth0_to_hsr\x00'}}, 0x80)
bind$inet(r6, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x1a000}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000180)={0x80000000, 0x0, 0x0, 0xb71}, 0x10)
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@mpls_getroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfd, 0x2}}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0xc080)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xbf}, @exit], &(0x7f00000000c0)='GPL\x00', 0x9}, 0x94)
socket$packet(0x11, 0x2, 0x300)

740.373902ms ago: executing program 0 (id=6463):
close(0x3)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400030010000305000000000000000000100000", @ANYRES32=0x0, @ANYBLOB="01000000000000001c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r0], 0x44}}, 0x0)

421.044536ms ago: executing program 3 (id=6464):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000090000000060a010400000000000000000100000008000b400000000068000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500030007000000300001800c000100626974776973650020000280080003400000000208000140000000140800024000000012040004800900010073797a3000000000140000001100010000000000000000000700000a"], 0x104}}, 0x0)

269.55759ms ago: executing program 4 (id=6465):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x708ff00, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000001580)=ANY=[@ANYBLOB="080100000000000029000000", @ANYRES16=r0], 0x108}}], 0x1, 0xc040)

195.401951ms ago: executing program 3 (id=6466):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
shutdown(r1, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000640)='dU|\xcbM\xe6\x91q\xe0\x05\xbes\xc0\xd2\xdb0}\xa6\xc4tly\xe0+\xb8~\xd9ymx\xa1\x06\xb4F\xf3Q:\xfem\xea\xed\xfc\x04\xf88\xe0\xa1&\xa8\xff\x10\xb3\xb2\x92N\f\x00!\xdbV\xc3\xca\r\x8c\xfb\x8esJ\xb3\x1bf\xce\v\x0e\xe3\xd5', 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="3800000010000108fdffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000008001b000000000010001a800c002d800800"], 0x38}}, 0x0)
unshare(0x2040400)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x5, 0x3, 0xeeee7000, 0x1000, &(0x7f00007ab000/0x1000)=nil})

46.71866ms ago: executing program 0 (id=6467):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000040)}, 0x10)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x20, r4, 0x309, 0x0, 0x0, {0x1d}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}]}, 0x20}}, 0x0)
add_key$keyring(&(0x7f0000000380), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x331002, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000100)={0x60, 0xf0, 0x60, 0x0, 0x0, 0x4db, 0x8, 0x0, {0x5, 0x40}, {0x0, 0x1}, {0x8000}, {0x3, 0x0, 0x1}, 0x0, 0x100, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffc00, 0x0, 0x400, 0x0, 0x0, 0x21, 0x0, 0x0, 0x7})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x28040)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(0xffffffffffffffff, &(0x7f00000000c0)={@val={0x8, 0x15}, @val={0x7, 0x3, 0x3, 0x2, 0x15}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x4, 0x28, 0x0, 0x0, 0x8, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x8100, 0x88a8, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x20, 0x5}}}}, 0x36)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r7, 0x0)

0s ago: executing program 4 (id=6468):
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$dvb_demux(0x0, 0x0, 0x41)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r1 = io_uring_setup(0x1b7b, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8, 0xffff}, {0xe, 0x10}}}, 0x24}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x40004)
io_uring_setup(0x77fb, &(0x7f00000000c0)={0x0, 0x2946, 0x2000, 0x2, 0x3a3})
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04100f01aaaaaa90aa11040808070bb90500035233de60d7d65574c779baf46f2119c4fe3e8b860a726da97f238d6411a2bee9c5cf281d38c4ff10652262c14a49b63bb78e06ec941b021ffd57b72220d5db3bc7b53fbe3cddd4b81f843fe8c770880dd1b5b55cf721319a"], 0x12)

kernel console output (not intermixed with test programs):

 Gadget: couldn't find an available UDC or it's busy
[ 1805.719987][T27373] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1806.145007][T27377] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5889'.
[ 1806.196951][T27376] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5889'.
[ 1806.238493][T27376] random: crng reseeded on system resumption
[ 1806.347793][T27379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1806.360323][T27379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1806.485101][T27382] netlink: 92 bytes leftover after parsing attributes in process `syz.3.5890'.
[ 1807.012501][T27381] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5886'.
[ 1807.331211][   T35] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1807.673446][T27385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1807.682490][T27385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1808.096017][T27388] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1808.123372][T27388] tipc: Resetting bearer <eth:syzkaller0>
[ 1809.280635][T27403] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5896'.
[ 1809.492046][T27406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1809.512483][T27406] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1809.853718][T27416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1809.865800][T27416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1810.381452][T27420] kvm: user requested TSC rate below hardware speed
[ 1810.400979][T27420] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1811.001744][T27430] syz.2.5904: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[ 1811.017493][T27430] CPU: 1 UID: 0 PID: 27430 Comm: syz.2.5904 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1811.017519][T27430] Tainted: [L]=SOFTLOCKUP
[ 1811.017525][T27430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1811.017534][T27430] Call Trace:
[ 1811.017542][T27430]  <TASK>
[ 1811.017550][T27430]  dump_stack_lvl+0xe8/0x150
[ 1811.017576][T27430]  warn_alloc+0x249/0x340
[ 1811.017594][T27430]  ? stack_trace_save+0xa9/0x100
[ 1811.017616][T27430]  ? __pfx_warn_alloc+0x10/0x10
[ 1811.017638][T27430]  ? kasan_save_track+0x4f/0x80
[ 1811.017651][T27430]  ? kasan_save_track+0x3e/0x80
[ 1811.017663][T27430]  ? __kasan_kmalloc+0x93/0xb0
[ 1811.017678][T27430]  ? __kmalloc_cache_noprof+0x3d1/0x6e0
[ 1811.017693][T27430]  ? xskq_create+0x56/0x170
[ 1811.017707][T27430]  ? xsk_setsockopt+0x54c/0x990
[ 1811.017728][T27430]  ? do_sock_setsockopt+0x17c/0x1b0
[ 1811.017746][T27430]  ? __x64_sys_setsockopt+0x13d/0x1b0
[ 1811.017765][T27430]  ? do_syscall_64+0xe2/0xf80
[ 1811.017784][T27430]  __vmalloc_node_range_noprof+0x132/0x1730
[ 1811.017830][T27430]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1811.017850][T27430]  ? __kasan_kmalloc+0x93/0xb0
[ 1811.017870][T27430]  vmalloc_user_noprof+0xad/0xe0
[ 1811.017885][T27430]  ? xskq_create+0xbf/0x170
[ 1811.017900][T27430]  xskq_create+0xbf/0x170
[ 1811.017917][T27430]  xsk_init_queue+0xad/0x110
[ 1811.017943][T27430]  xsk_setsockopt+0x54c/0x990
[ 1811.017968][T27430]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1811.017991][T27430]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1811.018012][T27430]  ? aa_sock_opt_perm+0xff/0x1a0
[ 1811.018033][T27430]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1811.018049][T27430]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1811.018073][T27430]  do_sock_setsockopt+0x17c/0x1b0
[ 1811.018096][T27430]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1811.018120][T27430]  do_syscall_64+0xe2/0xf80
[ 1811.018137][T27430]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1811.018151][T27430]  ? trace_irq_disable+0x37/0x100
[ 1811.018166][T27430]  ? clear_bhb_loop+0x60/0xb0
[ 1811.018184][T27430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1811.018199][T27430] RIP: 0033:0x7fb51299aeb9
[ 1811.018213][T27430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1811.018236][T27430] RSP: 002b:00007fb5137bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1811.018252][T27430] RAX: ffffffffffffffda RBX: 00007fb512c15fa0 RCX: 00007fb51299aeb9
[ 1811.018264][T27430] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000c
[ 1811.018274][T27430] RBP: 00007fb512a08c1f R08: 0000000000000004 R09: 0000000000000000
[ 1811.018283][T27430] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1811.018292][T27430] R13: 00007fb512c16038 R14: 00007fb512c15fa0 R15: 00007fb512d3fa48
[ 1811.018317][T27430]  </TASK>
[ 1811.018334][T27430] Mem-Info:
[ 1811.311814][T27430] active_anon:14608 inactive_anon:1 isolated_anon:0
[ 1811.311814][T27430]  active_file:26234 inactive_file:42869 isolated_file:0
[ 1811.311814][T27430]  unevictable:768 dirty:239 writeback:0
[ 1811.311814][T27430]  slab_reclaimable:13107 slab_unreclaimable:112821
[ 1811.311814][T27430]  mapped:34090 shmem:5555 pagetables:2702
[ 1811.311814][T27430]  sec_pagetables:0 bounce:0
[ 1811.311814][T27430]  kernel_misc_reclaimable:0
[ 1811.311814][T27430]  free:1268931 free_pcp:11492 free_cma:0
[ 1811.359350][T27430] Node 0 active_anon:58432kB inactive_anon:4kB active_file:104936kB inactive_file:171276kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:136360kB dirty:956kB writeback:0kB shmem:20684kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:15080kB pagetables:10676kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1811.440087][T27430] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1811.745992][T27437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1811.763502][T27437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1811.840372][T27430] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1811.931915][T27441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1811.951234][T27441] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1811.960614][T27430] lowmem_reserve[]: 0 2494 2495 2495 2495
[ 1811.987418][T27430] Node 0 DMA32 free:1148908kB boost:0kB min:34216kB low:42768kB high:51320kB reserved_highatomic:0KB free_highatomic:0KB active_anon:69292kB inactive_anon:4kB active_file:104936kB inactive_file:171276kB unevictable:1536kB writepending:980kB zspages:0kB present:3129332kB managed:2554116kB mlocked:0kB bounce:0kB free_pcp:25688kB local_pcp:14076kB free_cma:0kB
[ 1812.065764][T27430] lowmem_reserve[]: 0 0 1 1 1
[ 1812.071107][T27430] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1812.101029][T27430] lowmem_reserve[]: 0 0 0 0 0
[ 1812.120338][T27430] Node 1 Normal free:3902636kB boost:0kB min:55668kB low:69584kB high:83500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:13632kB local_pcp:8352kB free_cma:0kB
[ 1812.205540][T27430] lowmem_reserve[]: 0 0 0 0 0
[ 1812.244769][T27430] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1812.280104][T27430] Node 0 DMA32: 5396*4kB (UME) 5747*8kB (UME) 4677*16kB (UM) 876*32kB (UM) 564*64kB (UM) 344*128kB (UM) 299*256kB (UME) 177*512kB (UM) 137*1024kB (UM) 4*2048kB (ME) 142*4096kB (M) = 1147832kB
[ 1812.307214][T27430] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1812.323252][T27430] Node 1 Normal: 199*4kB (UME) 46*8kB (UME) 48*16kB (UME) 217*32kB (UME) 58*64kB (UME) 17*128kB (UME) 7*256kB (UME) 2*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 947*4096kB (M) = 3902636kB
[ 1812.394397][T27430] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1812.425786][T27430] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1812.439623][T27430] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1812.473834][T27430] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1812.487764][T27430] 74657 total pagecache pages
[ 1812.496800][T27430] 2 pages in swap cache
[ 1812.503849][T27430] Free swap  = 118736kB
[ 1812.514137][T27430] Total swap = 124996kB
[ 1812.523000][T27430] 2097051 pages RAM
[ 1812.528006][T27430] 0 pages HighMem/MovableOnly
[ 1812.534398][T27430] 426624 pages reserved
[ 1812.542077][T27430] 0 pages cma reserved
[ 1812.858296][T27446] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5902'.
[ 1813.768176][T27448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1813.840298][T27448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1813.852323][T27460] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1814.049744][T27460] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1814.307963][T27468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1814.317680][T27468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1814.876570][T27471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1814.960306][T27471] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1817.977063][T27491] openvswitch: netlink: Unexpected mask (mask=20440, allowed=10048)
[ 1818.012911][ T5146] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1818.234881][T27498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1818.244671][T27498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1818.304237][T27498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1818.313573][T27498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1819.033289][T27515] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1819.082952][T27515] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1819.276316][T27513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1819.287136][T27513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1819.860622][T27524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5919'.
[ 1819.962190][T27526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1820.001999][T27526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1820.119535][T27526] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5924'.
[ 1820.467248][T27532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1820.485101][T27532] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1820.552834][T27534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1820.562484][T27534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1820.710646][T27532] tipc: Resetting bearer <eth:syzkaller0>
[ 1820.876570][T27532] tipc: Resetting bearer <eth:syzkaller0>
[ 1820.898253][T27532] tipc: Resetting bearer <eth:syzkaller0>
[ 1821.695281][T27545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5930'.
[ 1822.717324][T27558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1822.732192][T27558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1824.165718][T27570] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1824.524056][T27570] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1824.614876][T27570] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5938'.
[ 1826.040409][T27578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5941'.
[ 1826.137164][T27588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1826.182745][T27588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1827.493187][T27594] trusted_key: syz.2.5946 sent an empty control message without MSG_MORE.
[ 1827.537086][T27607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1827.584657][T27607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1827.804605][T27608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1827.818606][T27608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1828.206718][T27614] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1828.218415][T27614] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1829.233007][T27624] netlink: 212344 bytes leftover after parsing attributes in process `syz.4.5954'.
[ 1829.712895][T27629] loop2: detected capacity change from 0 to 7
[ 1829.729947][T27629] Dev loop2: unable to read RDB block 7
[ 1829.753185][T27629]  loop2: unable to read partition table
[ 1829.767548][T27629] loop2: partition table beyond EOD, truncated
[ 1829.779055][T27629] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1831.640480][T27631] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5956'.
[ 1831.781550][T27633] netlink: 172 bytes leftover after parsing attributes in process `syz.0.5957'.
[ 1832.157907][T27650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1832.184240][T27650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1832.214776][T27652] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1832.237339][T27652] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1832.968413][T27661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1833.080871][T27661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1833.144764][T27663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1833.190552][T27663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1833.208920][T27665] binder: 27664:27665 ioctl c0306201 2000000003c0 returned -22
[ 1834.321052][T27685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1834.331108][T27685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1834.682506][T27690] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5972'.
[ 1834.701236][T27690] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5972'.
[ 1834.712913][T27690] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5972'.
[ 1834.916704][T27692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1834.941369][T27692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1835.051102][T27694] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5974'.
[ 1835.314231][T27684] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5971'.
[ 1835.584121][T27699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1835.626979][T27699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1835.993210][T27707] syzkaller1: left promiscuous mode
[ 1835.998476][T27707] syzkaller1: left allmulticast mode
[ 1836.006420][T27707] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5979'.
[ 1836.076163][T27708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1836.152576][T27708] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1836.589090][T27714] nfs: Unknown parameter '	'
[ 1836.876007][T27718] bridge6: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[ 1836.950692][T27723] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5983'.
[ 1837.024536][T27723] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5983'.
[ 1837.057947][T27724] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1837.102859][T27724] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1837.130214][T27726] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5983'.
[ 1837.162289][T27718] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1837.367140][T27741] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5986'.
[ 1837.691966][T27718] batadv_slave_0: left promiscuous mode
[ 1837.701271][T27718] batadv_slave_0: left allmulticast mode
[ 1837.873885][T27718] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1838.292395][T27718] vlan0: left promiscuous mode
[ 1838.445859][T27718] vlan2: left promiscuous mode
[ 1838.453059][T27718] bridge0: left promiscuous mode
[ 1838.527387][T27718] mac80211_hwsim hwsim10 syzkaller0: left promiscuous mode
[ 1838.545417][T27718] mac80211_hwsim hwsim10 syzkaller0: left allmulticast mode
[ 1838.676011][T27718] bond6: left promiscuous mode
[ 1838.709788][T27718] bond6: left allmulticast mode
[ 1838.722415][T27718] bond7: left promiscuous mode
[ 1838.762847][T27718] bond7: left allmulticast mode
[ 1838.767958][T27718] hsr1: left promiscuous mode
[ 1838.803651][T27718] vlan3: left promiscuous mode
[ 1838.818741][T27718] veth0: left promiscuous mode
[ 1838.824335][T27762] FAULT_INJECTION: forcing a failure.
[ 1838.824335][T27762] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1838.890261][T27718] bond8: left promiscuous mode
[ 1838.896649][T27762] CPU: 1 UID: 0 PID: 27762 Comm: syz.3.5989 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1838.896681][T27762] Tainted: [L]=SOFTLOCKUP
[ 1838.896689][T27762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1838.896701][T27762] Call Trace:
[ 1838.896710][T27762]  <TASK>
[ 1838.896720][T27762]  dump_stack_lvl+0xe8/0x150
[ 1838.896751][T27762]  should_fail_ex+0x412/0x560
[ 1838.896782][T27762]  _copy_from_user+0x2d/0xb0
[ 1838.896808][T27762]  copy_from_sockptr_offset+0x66/0xa0
[ 1838.896827][T27762]  do_ipt_set_ctl+0x934/0xe00
[ 1838.896845][T27762]  ? rcu_is_watching+0x15/0xb0
[ 1838.896861][T27762]  ? trace_contention_end+0x39/0x100
[ 1838.896877][T27762]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[ 1838.896905][T27762]  ? __pfx___mutex_lock+0x10/0x10
[ 1838.896923][T27762]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1838.896946][T27762]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1838.896968][T27762]  nf_setsockopt+0x26f/0x290
[ 1838.896990][T27762]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1838.897008][T27762]  do_sock_setsockopt+0x17c/0x1b0
[ 1838.897031][T27762]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1838.897055][T27762]  do_syscall_64+0xe2/0xf80
[ 1838.897077][T27762]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1838.897092][T27762]  ? trace_irq_disable+0x37/0x100
[ 1838.897106][T27762]  ? clear_bhb_loop+0x60/0xb0
[ 1838.897124][T27762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1838.897138][T27762] RIP: 0033:0x7f1b3db9aeb9
[ 1838.897152][T27762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1838.897165][T27762] RSP: 002b:00007f1b3ea6e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1838.897181][T27762] RAX: ffffffffffffffda RBX: 00007f1b3de15fa0 RCX: 00007f1b3db9aeb9
[ 1838.897192][T27762] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[ 1838.897201][T27762] RBP: 00007f1b3ea6e090 R08: 00000000000003d8 R09: 0000000000000000
[ 1838.897211][T27762] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1838.897220][T27762] R13: 00007f1b3de16038 R14: 00007f1b3de15fa0 R15: 00007f1b3df3fa48
[ 1838.897243][T27762]  </TASK>
[ 1838.911003][T27718] bond8: left allmulticast mode
[ 1839.224636][T27718] bond9: left promiscuous mode
[ 1839.239914][T27718] bond9: left allmulticast mode
[ 1839.245008][T27718] bond10: left promiscuous mode
[ 1839.270386][T27718] bond10: left allmulticast mode
[ 1839.275853][T27718] bond11: left promiscuous mode
[ 1839.319816][T27718] bond11: left allmulticast mode
[ 1839.325006][T27718] bond12: left promiscuous mode
[ 1839.359794][T27718] bond12: left allmulticast mode
[ 1839.364982][T27718] bond13: left promiscuous mode
[ 1839.388004][T27764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1839.398525][T27764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1839.406713][T27718] bond13: left allmulticast mode
[ 1839.495965][T27755] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5987'.
[ 1839.534717][ T1149] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 256 - 0
[ 1839.543969][ T1149] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1839.680512][ T1149] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 256 - 0
[ 1839.725897][ T1149] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1839.888736][T27770] 
: renamed from bond0 (while UP)
[ 1840.027428][ T1149] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 256 - 0
[ 1840.059224][ T1149] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1840.088008][ T1149] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 256 - 0
[ 1840.113383][ T1149] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1840.146871][T27776] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1840.203575][T27776] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1841.110078][T27786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5992'.
[ 1841.434915][T27791] fuse: Bad value for 'fd'
[ 1842.086081][T27802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1842.140553][T27802] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1842.326228][T27805] binder: 27803:27805 ioctl 3ba0 200000000140 returned -22
[ 1842.335628][T27804] binder: 27803:27804 ioctl 3b8a 200000000280 returned -22
[ 1843.452617][T27820] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.6003'.
[ 1843.466834][T27819] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6002'.
[ 1843.488455][T27819] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6002'.
[ 1843.502332][T27819] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6002'.
[ 1843.703257][T27827] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1843.718508][T27829] FAULT_INJECTION: forcing a failure.
[ 1843.718508][T27829] name failslab, interval 1, probability 0, space 0, times 0
[ 1843.771976][T27829] CPU: 0 UID: 0 PID: 27829 Comm: syz.4.6005 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1843.772009][T27829] Tainted: [L]=SOFTLOCKUP
[ 1843.772017][T27829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1843.772030][T27829] Call Trace:
[ 1843.772038][T27829]  <TASK>
[ 1843.772048][T27829]  dump_stack_lvl+0xe8/0x150
[ 1843.772081][T27829]  should_fail_ex+0x412/0x560
[ 1843.772114][T27829]  should_failslab+0xa8/0x100
[ 1843.772147][T27829]  __kmalloc_noprof+0xde/0x7e0
[ 1843.772167][T27829]  ? kfree+0x4d/0x650
[ 1843.772194][T27829]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1843.772229][T27829]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1843.772259][T27829]  ? tomoyo_domain+0xd7/0x130
[ 1843.772294][T27829]  ? tomoyo_path_number_perm+0x219/0x630
[ 1843.772318][T27829]  tomoyo_path_number_perm+0x246/0x630
[ 1843.772350][T27829]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1843.772374][T27829]  ? __lock_acquire+0x6b5/0x2cf0
[ 1843.772420][T27829]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1843.772467][T27829]  ? __fget_files+0x2a/0x420
[ 1843.772494][T27829]  ? __fget_files+0x2a/0x420
[ 1843.772516][T27829]  ? __fget_files+0x3a0/0x420
[ 1843.772538][T27829]  ? __fget_files+0x2a/0x420
[ 1843.772566][T27829]  security_file_ioctl+0xc3/0x2a0
[ 1843.772590][T27829]  __se_sys_ioctl+0x47/0x170
[ 1843.772624][T27829]  do_syscall_64+0xe2/0xf80
[ 1843.772646][T27829]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1843.772666][T27829]  ? trace_irq_disable+0x37/0x100
[ 1843.772686][T27829]  ? clear_bhb_loop+0x60/0xb0
[ 1843.772712][T27829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1843.772733][T27829] RIP: 0033:0x7faa5fb9aeb9
[ 1843.772752][T27829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1843.772771][T27829] RSP: 002b:00007faa5ddd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1843.772793][T27829] RAX: ffffffffffffffda RBX: 00007faa5fe16090 RCX: 00007faa5fb9aeb9
[ 1843.772808][T27829] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 1843.772821][T27829] RBP: 00007faa5ddd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1843.772833][T27829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1843.772845][T27829] R13: 00007faa5fe16128 R14: 00007faa5fe16090 R15: 00007faa5ff3fa48
[ 1843.772879][T27829]  </TASK>
[ 1843.773942][T27829] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1843.773945][T27827] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1845.159915][T27849] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6011'.
[ 1845.615619][T27859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1845.639787][T27859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1845.984706][T27841] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6009'.
[ 1846.473028][T27870] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6016'.
[ 1847.410657][T27880] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1847.434747][T27880] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1849.624642][T27901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1849.634128][T27901] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1849.972127][T27911] FAULT_INJECTION: forcing a failure.
[ 1849.972127][T27911] name failslab, interval 1, probability 0, space 0, times 0
[ 1849.994317][T27911] CPU: 0 UID: 0 PID: 27911 Comm: syz.2.6026 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1849.994352][T27911] Tainted: [L]=SOFTLOCKUP
[ 1849.994361][T27911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1849.994381][T27911] Call Trace:
[ 1849.994390][T27911]  <TASK>
[ 1849.994400][T27911]  dump_stack_lvl+0xe8/0x150
[ 1849.994433][T27911]  should_fail_ex+0x412/0x560
[ 1849.994465][T27911]  should_failslab+0xa8/0x100
[ 1849.994491][T27911]  __kmalloc_cache_noprof+0x83/0x6e0
[ 1849.994515][T27911]  ? alloc_pipe_info+0xe8/0x4d0
[ 1849.994541][T27911]  alloc_pipe_info+0xe8/0x4d0
[ 1849.994564][T27911]  splice_direct_to_actor+0xa08/0xc70
[ 1849.994595][T27911]  ? kstrtouint+0x6e/0xe0
[ 1849.994622][T27911]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1849.994648][T27911]  ? __pfx_aa_file_perm+0x10/0x10
[ 1849.994680][T27911]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1849.994715][T27911]  do_splice_direct+0x195/0x290
[ 1849.994741][T27911]  ? __pfx_do_splice_direct+0x10/0x10
[ 1849.994766][T27911]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1849.994799][T27911]  ? rw_verify_area+0x255/0x4d0
[ 1849.994833][T27911]  do_sendfile+0x535/0x7d0
[ 1849.994866][T27911]  ? __pfx_do_sendfile+0x10/0x10
[ 1849.994903][T27911]  __se_sys_sendfile64+0xdf/0x1a0
[ 1849.994930][T27911]  ? __pfx___se_sys_sendfile64+0x10/0x10
[ 1849.994959][T27911]  ? __secure_computing+0xe1/0x2a0
[ 1849.994994][T27911]  do_syscall_64+0xe2/0xf80
[ 1849.995018][T27911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1849.995038][T27911]  ? trace_irq_disable+0x37/0x100
[ 1849.995058][T27911]  ? clear_bhb_loop+0x60/0xb0
[ 1849.995083][T27911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1849.995104][T27911] RIP: 0033:0x7fb51299aeb9
[ 1849.995124][T27911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1849.995142][T27911] RSP: 002b:00007fb5137bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1849.995165][T27911] RAX: ffffffffffffffda RBX: 00007fb512c15fa0 RCX: 00007fb51299aeb9
[ 1849.995180][T27911] RDX: 00002000000000c0 RSI: 0000000000000006 RDI: 0000000000000007
[ 1849.995194][T27911] RBP: 00007fb5137bf090 R08: 0000000000000000 R09: 0000000000000000
[ 1849.995208][T27911] R10: 0000000100000500 R11: 0000000000000246 R12: 0000000000000001
[ 1849.995221][T27911] R13: 00007fb512c16038 R14: 00007fb512c15fa0 R15: 00007fb512d3fa48
[ 1849.995255][T27911]  </TASK>
[ 1850.500551][T27914] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6025'.
[ 1851.205070][T27928] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6031'.
[ 1851.319747][T27929] Invalid argument reading file caps for ./file0
[ 1851.640433][T27933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1851.684237][T27933] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1852.515915][T27951] FAULT_INJECTION: forcing a failure.
[ 1852.515915][T27951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1852.545685][T27951] CPU: 0 UID: 0 PID: 27951 Comm: syz.4.6038 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1852.545720][T27951] Tainted: [L]=SOFTLOCKUP
[ 1852.545729][T27951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1852.545742][T27951] Call Trace:
[ 1852.545751][T27951]  <TASK>
[ 1852.545761][T27951]  dump_stack_lvl+0xe8/0x150
[ 1852.545794][T27951]  should_fail_ex+0x412/0x560
[ 1852.545825][T27951]  _copy_from_user+0x2d/0xb0
[ 1852.545846][T27951]  cmsghdr_from_user_compat_to_kern+0x3a4/0x810
[ 1852.545888][T27951]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[ 1852.545915][T27951]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1852.545947][T27951]  ____sys_sendmsg+0x240/0xad0
[ 1852.545985][T27951]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1852.546022][T27951]  ? __fget_files+0x2a/0x420
[ 1852.546054][T27951]  __sys_sendmsg_sock+0x28/0x40
[ 1852.546083][T27951]  io_sendmsg+0x1fa/0x580
[ 1852.546118][T27951]  __io_issue_sqe+0x180/0x4b0
[ 1852.546159][T27951]  ? io_file_get_normal+0xe9/0x2d0
[ 1852.546193][T27951]  io_issue_sqe+0x165/0x1060
[ 1852.546225][T27951]  ? io_sendmsg_prep+0x3d2/0x5f0
[ 1852.546258][T27951]  io_submit_sqes+0xbf3/0x2130
[ 1852.546312][T27951]  __se_sys_io_uring_enter+0x2f7/0x2c30
[ 1852.546354][T27951]  ? ksys_write+0x1e6/0x270
[ 1852.546388][T27951]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[ 1852.546406][T27951]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1852.546438][T27951]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1852.546467][T27951]  ? __fget_files+0x3a0/0x420
[ 1852.546498][T27951]  ? fput+0xa0/0xd0
[ 1852.546522][T27951]  ? ksys_write+0x242/0x270
[ 1852.546554][T27951]  ? __pfx_ksys_write+0x10/0x10
[ 1852.546590][T27951]  ? __x64_sys_io_uring_enter+0x21/0xf0
[ 1852.546614][T27951]  do_syscall_64+0xe2/0xf80
[ 1852.546636][T27951]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1852.546656][T27951]  ? trace_irq_disable+0x37/0x100
[ 1852.546676][T27951]  ? clear_bhb_loop+0x60/0xb0
[ 1852.546701][T27951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1852.546722][T27951] RIP: 0033:0x7faa5fb9aeb9
[ 1852.546741][T27951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1852.546759][T27951] RSP: 002b:00007faa5ddf6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1852.546781][T27951] RAX: ffffffffffffffda RBX: 00007faa5fe15fa0 RCX: 00007faa5fb9aeb9
[ 1852.546796][T27951] RDX: 0000000000a00100 RSI: 0000000000003516 RDI: 0000000000000005
[ 1852.546809][T27951] RBP: 00007faa5ddf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1852.546823][T27951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1852.546835][T27951] R13: 00007faa5fe16038 R14: 00007faa5fe15fa0 R15: 00007faa5ff3fa48
[ 1852.546870][T27951]  </TASK>
[ 1854.337526][T27978] xt_TCPMSS: Only works on TCP SYN packets
[ 1855.936716][T27988] kvm: kvm [27987]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010001) = 0x1
[ 1855.946108][T27973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1856.011358][T27973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1856.259475][T27999] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1856.372648][T27996] No such timeout policy "syz0"
[ 1857.353750][T28011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1857.362959][T28011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1858.546664][T28034] batadv_slave_0: entered promiscuous mode
[ 1858.553251][T28034] batadv_slave_0: entered allmulticast mode
[ 1858.600702][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1858.607073][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1858.702047][T28011] netlink: 'syz.1.6053': attribute type 16 has an invalid length.
[ 1858.736047][T28011] netlink: 'syz.1.6053': attribute type 17 has an invalid length.
[ 1858.840593][T28011] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1859.964663][T28049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1860.004518][T28049] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1860.300673][T28054] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1860.752405][ T5146] Bluetooth: hci3: unexpected event 0x10 length: 15 > 1
[ 1860.754722][ T5146] Bluetooth: hci3: hardware error 0x01
[ 1861.041984][T28075] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6075'.
[ 1861.054504][T28077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1861.078044][T28077] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1861.202413][T28084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1861.337714][T28084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1861.348657][T28086] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1861.383887][T28086] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1861.446842][T28086] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1861.494739][T28086] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1861.604721][T28086] overlay: Unknown parameter 'ÅWõƒzÓ!ö?V1—|GŸ*‚<bÿd•|%pù’ÔKÐSnål/F‰6O¸ž�lõ»"xÔv|QTc™r¦nþiYŠÖWªcÙ©Öxë�¾Y8ë.G€»8РXSÿlଅ3èµç÷kgnK^fÚšr¿-¢57ŒÞÂ@'
[ 1861.607661][T28088] netlink: 64 bytes leftover after parsing attributes in process `syz.3.6079'.
[ 1861.685437][T28092] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6079'.
[ 1861.735500][T28092] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6079'.
[ 1862.324676][T28097] netlink: 64 bytes leftover after parsing attributes in process `syz.3.6081'.
[ 1862.337561][T28097] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6081'.
[ 1862.381203][T28097] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6081'.
[ 1862.548737][T28105] CUSE: info not properly terminated
[ 1862.576353][T28105] batman_adv: batadv0: Adding interface: dummy0
[ 1862.582950][T28105] batman_adv: batadv0: Interface activated: dummy0
[ 1862.621376][T28105] batadv0: mtu less than device minimum
[ 1862.636103][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.647542][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.658724][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.670090][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.681284][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.692380][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.703432][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.714513][T28105] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1862.856450][T21366] Bluetooth: hci4: unexpected event 0x10 length: 15 > 1
[ 1862.858581][T21366] Bluetooth: hci4: hardware error 0x01
[ 1862.861017][ T5146] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1862.946551][T28111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1863.047307][T28111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1863.096442][T28113] FAULT_INJECTION: forcing a failure.
[ 1863.096442][T28113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1863.185067][T28113] CPU: 0 UID: 0 PID: 28113 Comm: syz.4.6085 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1863.185102][T28113] Tainted: [L]=SOFTLOCKUP
[ 1863.185111][T28113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1863.185124][T28113] Call Trace:
[ 1863.185134][T28113]  <TASK>
[ 1863.185144][T28113]  dump_stack_lvl+0xe8/0x150
[ 1863.185177][T28113]  should_fail_ex+0x412/0x560
[ 1863.185209][T28113]  _copy_from_user+0x2d/0xb0
[ 1863.185231][T28113]  do_ip_setsockopt+0x3ee/0x2ea0
[ 1863.185271][T28113]  ? __pfx_do_ip_setsockopt+0x10/0x10
[ 1863.185300][T28113]  ? aa_sk_perm+0x82d/0x960
[ 1863.185327][T28113]  ? __fget_files+0x2a/0x420
[ 1863.185356][T28113]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1863.185384][T28113]  ? __fget_files+0x2a/0x420
[ 1863.185405][T28113]  ? aa_sock_opt_perm+0xff/0x1a0
[ 1863.185435][T28113]  ip_setsockopt+0x66/0x110
[ 1863.185464][T28113]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1863.185490][T28113]  do_sock_setsockopt+0x17c/0x1b0
[ 1863.185529][T28113]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1863.185563][T28113]  do_syscall_64+0xe2/0xf80
[ 1863.185586][T28113]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1863.185607][T28113]  ? trace_irq_disable+0x37/0x100
[ 1863.185628][T28113]  ? clear_bhb_loop+0x60/0xb0
[ 1863.185654][T28113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1863.185673][T28113] RIP: 0033:0x7faa5fb9aeb9
[ 1863.185691][T28113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1863.185709][T28113] RSP: 002b:00007faa5ddb5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1863.185736][T28113] RAX: ffffffffffffffda RBX: 00007faa5fe16090 RCX: 00007faa5fb9aeb9
[ 1863.185752][T28113] RDX: 0000000000000017 RSI: 0000000000000000 RDI: 000000000000000a
[ 1863.185765][T28113] RBP: 00007faa5ddb5090 R08: 0000000000000004 R09: 0000000000000000
[ 1863.185779][T28113] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[ 1863.185793][T28113] R13: 00007faa5fe16128 R14: 00007faa5fe16090 R15: 00007faa5ff3fa48
[ 1863.185828][T28113]  </TASK>
[ 1864.020415][T28126] syzkaller1: entered promiscuous mode
[ 1864.025981][T28126] syzkaller1: entered allmulticast mode
[ 1864.319841][T28128] forcing mempool usage for bio_alloc_bioset+0x4b3/0x14e0
[ 1864.682693][T28136] netlink: 64 bytes leftover after parsing attributes in process `syz.2.6092'.
[ 1864.710036][T28139] ALSA: mixer_oss: invalid OSS volume ''
[ 1864.755977][T28136] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6092'.
[ 1864.772207][T28139] ptrace attach of "./syz-executor exec"[28140] was attempted by "./syz-executor exec"[28139]
[ 1864.786427][T28136] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6092'.
[ 1864.943474][T21366] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1865.242775][   T30] audit: type=1326 audit(1770510090.938:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1865.324731][   T30] audit: type=1326 audit(1770510090.938:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1865.431755][T28149] FAULT_INJECTION: forcing a failure.
[ 1865.431755][T28149] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1865.481529][T28149] CPU: 1 UID: 0 PID: 28149 Comm: syz.2.6095 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1865.481553][T28149] Tainted: [L]=SOFTLOCKUP
[ 1865.481559][T28149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1865.481568][T28149] Call Trace:
[ 1865.481575][T28149]  <TASK>
[ 1865.481582][T28149]  dump_stack_lvl+0xe8/0x150
[ 1865.481606][T28149]  should_fail_ex+0x412/0x560
[ 1865.481633][T28149]  _copy_from_user+0x2d/0xb0
[ 1865.481648][T28149]  ___sys_sendmsg+0x1c6/0x360
[ 1865.481669][T28149]  ? __lock_acquire+0x6b5/0x2cf0
[ 1865.481693][T28149]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1865.481738][T28149]  ? __fget_files+0x2a/0x420
[ 1865.481754][T28149]  ? __fget_files+0x3a0/0x420
[ 1865.481783][T28149]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1865.481806][T28149]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1865.481833][T28149]  ? __pfx_ksys_write+0x10/0x10
[ 1865.481865][T28149]  do_syscall_64+0xe2/0xf80
[ 1865.481881][T28149]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1865.481896][T28149]  ? trace_irq_disable+0x37/0x100
[ 1865.481910][T28149]  ? clear_bhb_loop+0x60/0xb0
[ 1865.481928][T28149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1865.481943][T28149] RIP: 0033:0x7fb51299aeb9
[ 1865.481957][T28149] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1865.481969][T28149] RSP: 002b:00007fb5137bf028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1865.481985][T28149] RAX: ffffffffffffffda RBX: 00007fb512c15fa0 RCX: 00007fb51299aeb9
[ 1865.481997][T28149] RDX: 0000000024044080 RSI: 0000200000000240 RDI: 0000000000000003
[ 1865.482007][T28149] RBP: 00007fb5137bf090 R08: 0000000000000000 R09: 0000000000000000
[ 1865.482016][T28149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1865.482025][T28149] R13: 00007fb512c16038 R14: 00007fb512c15fa0 R15: 00007fb512d3fa48
[ 1865.482048][T28149]  </TASK>
[ 1865.886503][   T30] audit: type=1326 audit(1770510090.938:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1865.909581][   T30] audit: type=1326 audit(1770510090.938:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1866.006068][   T30] audit: type=1326 audit(1770510090.938:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1866.039807][   T30] audit: type=1326 audit(1770510090.938:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1866.096939][   T30] audit: type=1326 audit(1770510090.938:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1866.189863][   T30] audit: type=1326 audit(1770510090.938:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1866.284734][   T30] audit: type=1326 audit(1770510090.938:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1866.360330][T28157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1866.380192][T28157] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1866.396918][   T30] audit: type=1326 audit(1770510090.938:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28144 comm="syz.4.6094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa5fb9aeb9 code=0x7ffc0000
[ 1866.520788][T28166] FAULT_INJECTION: forcing a failure.
[ 1866.520788][T28166] name failslab, interval 1, probability 0, space 0, times 0
[ 1866.577397][T28166] CPU: 0 UID: 0 PID: 28166 Comm: syz.2.6101 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1866.577422][T28166] Tainted: [L]=SOFTLOCKUP
[ 1866.577428][T28166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1866.577437][T28166] Call Trace:
[ 1866.577443][T28166]  <TASK>
[ 1866.577450][T28166]  dump_stack_lvl+0xe8/0x150
[ 1866.577475][T28166]  should_fail_ex+0x412/0x560
[ 1866.577497][T28166]  should_failslab+0xa8/0x100
[ 1866.577516][T28166]  __kmalloc_noprof+0xde/0x7e0
[ 1866.577530][T28166]  ? kfree+0x4d/0x650
[ 1866.577550][T28166]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1866.577575][T28166]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1866.577597][T28166]  ? tomoyo_domain+0xd7/0x130
[ 1866.577723][T28166]  ? tomoyo_path_number_perm+0x219/0x630
[ 1866.577748][T28166]  tomoyo_path_number_perm+0x246/0x630
[ 1866.577776][T28166]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1866.577792][T28166]  ? __lock_acquire+0x6b5/0x2cf0
[ 1866.577825][T28166]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1866.577858][T28166]  ? __fget_files+0x2a/0x420
[ 1866.577877][T28166]  ? __fget_files+0x2a/0x420
[ 1866.577892][T28166]  ? __fget_files+0x3a0/0x420
[ 1866.577909][T28166]  ? __fget_files+0x2a/0x420
[ 1866.577929][T28166]  security_file_ioctl+0xc3/0x2a0
[ 1866.577947][T28166]  __se_sys_ioctl+0x47/0x170
[ 1866.577972][T28166]  do_syscall_64+0xe2/0xf80
[ 1866.577988][T28166]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1866.578003][T28166]  ? trace_irq_disable+0x37/0x100
[ 1866.578018][T28166]  ? clear_bhb_loop+0x60/0xb0
[ 1866.578036][T28166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1866.578050][T28166] RIP: 0033:0x7fb51299aeb9
[ 1866.578064][T28166] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1866.578077][T28166] RSP: 002b:00007fb5137bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1866.578093][T28166] RAX: ffffffffffffffda RBX: 00007fb512c15fa0 RCX: 00007fb51299aeb9
[ 1866.578105][T28166] RDX: 0000200000000200 RSI: 00000000c0105512 RDI: 0000000000000003
[ 1866.578115][T28166] RBP: 00007fb5137bf090 R08: 0000000000000000 R09: 0000000000000000
[ 1866.578124][T28166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1866.578133][T28166] R13: 00007fb512c16038 R14: 00007fb512c15fa0 R15: 00007fb512d3fa48
[ 1866.578157][T28166]  </TASK>
[ 1866.578322][T28166] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1866.861775][T28162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1866.880734][T28162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1867.097507][T28162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1867.114965][T28162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1867.685399][T28187] fuse: Bad value for 'group_id'
[ 1867.690600][T28187] fuse: Bad value for 'group_id'
[ 1867.746180][T28187] CUSE: info not properly terminated
[ 1868.181587][T28201] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6112'.
[ 1868.205359][T28199] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[ 1868.212374][T28199] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1868.249944][T28199] vhci_hcd vhci_hcd.0: Device attached
[ 1868.489582][T27736] usb 35-1: new high-speed USB device number 2 using vhci_hcd
[ 1868.722656][T28213] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1869.238953][T28218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1869.283512][T28218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1869.430077][T28224] ALSA: mixer_oss: invalid OSS volume ''
[ 1869.494135][T28224] ptrace attach of "./syz-executor exec"[28225] was attempted by "./syz-executor exec"[28224]
[ 1870.127888][T28202] vhci_hcd: connection reset by peer
[ 1870.165628][   T35] vhci_hcd vhci_hcd.1: stop threads
[ 1870.180516][   T35] vhci_hcd vhci_hcd.1: release socket
[ 1870.199974][   T35] vhci_hcd vhci_hcd.1: disconnect device
[ 1870.432581][T28229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1870.452520][T28229] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1870.464732][T28232] i2c i2c-0: dtv_property_process_set: SET cmd 0x20202020 undefined
[ 1870.474348][T28232] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1870.503281][T28229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1870.514877][T28229] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1871.195231][T21366] Bluetooth: hci2: unexpected event 0x10 length: 15 > 1
[ 1871.197352][T21366] Bluetooth: hci2: hardware error 0x01
[ 1872.223123][T28259] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6128'.
[ 1872.440743][T28267] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1872.587406][T28267] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1873.259805][T21366] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1873.397899][T28277] ALSA: mixer_oss: invalid OSS volume ''
[ 1873.526082][T28277] ptrace attach of "./syz-executor exec"[28278] was attempted by "./syz-executor exec"[28277]
[ 1874.273930][T28282] fuse: Bad value for 'fd'
[ 1874.281186][T27736] vhci_hcd vhci_hcd.1: vhci_device speed not set
[ 1874.688864][T21366] Bluetooth: hci0: unexpected event 0x10 length: 15 > 1
[ 1874.692589][T28114] Bluetooth: hci0: hardware error 0x01
[ 1875.382323][T28293] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1875.399923][T28293] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1875.416924][   T30] kauditd_printk_skb: 134 callbacks suppressed
[ 1875.416944][   T30] audit: type=1326 audit(1770510101.108:1581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1875.453912][T28293] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6136'.
[ 1875.494286][   T30] audit: type=1326 audit(1770510101.108:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1875.550257][   T30] audit: type=1326 audit(1770510101.108:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1875.651285][   T30] audit: type=1326 audit(1770510101.108:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1875.891301][   T30] audit: type=1326 audit(1770510101.108:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1876.008469][   T30] audit: type=1326 audit(1770510101.108:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1876.271327][   T30] audit: type=1326 audit(1770510101.108:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1876.359670][T28305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1876.382950][T28305] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1876.391483][   T30] audit: type=1326 audit(1770510101.108:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1876.452219][   T30] audit: type=1326 audit(1770510101.108:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1876.556884][T28310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1876.586277][T28310] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1876.620445][   T30] audit: type=1326 audit(1770510101.108:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28286 comm="syz.2.6136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1876.692252][T28310] mac80211_hwsim hwsim10 syzkaller0: entered promiscuous mode
[ 1876.710965][T28310] mac80211_hwsim hwsim10 syzkaller0: entered allmulticast mode
[ 1876.756143][T28310] tipc: Resetting bearer <eth:syzkaller0>
[ 1876.771245][T28114] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1878.657279][T28331] xt_socket: unknown flags 0x50
[ 1879.476290][T28340] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6150'.
[ 1879.564036][T28340] Invalid argument reading file caps for ./file0
[ 1879.711575][T28351] ALSA: mixer_oss: invalid OSS volume ''
[ 1879.751010][T28351] ptrace attach of "./syz-executor exec"[28352] was attempted by "./syz-executor exec"[28351]
[ 1880.941225][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1880.941240][   T30] audit: type=1326 audit(1770510106.608:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1881.412698][   T30] audit: type=1326 audit(1770510106.608:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1881.548652][   T30] audit: type=1326 audit(1770510106.608:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1881.810374][   T30] audit: type=1326 audit(1770510106.618:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1882.002053][   T30] audit: type=1326 audit(1770510106.618:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1882.146471][   T30] audit: type=1326 audit(1770510106.718:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1882.245475][   T30] audit: type=1326 audit(1770510106.718:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1882.378860][   T30] audit: type=1326 audit(1770510106.718:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1882.452201][   T30] audit: type=1326 audit(1770510106.718:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1882.637712][   T30] audit: type=1326 audit(1770510106.718:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28355 comm="syz.3.6152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3db9aeb9 code=0x7ffc0000
[ 1883.610074][T28379] FAULT_INJECTION: forcing a failure.
[ 1883.610074][T28379] name failslab, interval 1, probability 0, space 0, times 0
[ 1883.639871][T28379] CPU: 0 UID: 0 PID: 28379 Comm: syz.1.6162 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1883.639905][T28379] Tainted: [L]=SOFTLOCKUP
[ 1883.639913][T28379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1883.639926][T28379] Call Trace:
[ 1883.639935][T28379]  <TASK>
[ 1883.639945][T28379]  dump_stack_lvl+0xe8/0x150
[ 1883.639979][T28379]  should_fail_ex+0x412/0x560
[ 1883.640011][T28379]  should_failslab+0xa8/0x100
[ 1883.640037][T28379]  __kmalloc_noprof+0xde/0x7e0
[ 1883.640057][T28379]  ? kfree+0x4d/0x650
[ 1883.640081][T28379]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1883.640114][T28379]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1883.640144][T28379]  ? tomoyo_domain+0xd7/0x130
[ 1883.640187][T28379]  ? tomoyo_path_number_perm+0x219/0x630
[ 1883.640209][T28379]  tomoyo_path_number_perm+0x246/0x630
[ 1883.640235][T28379]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1883.640262][T28379]  ? sb_end_write+0xe9/0x1c0
[ 1883.640286][T28379]  ? vfs_write+0x9bc/0xb90
[ 1883.640349][T28379]  ? ksys_write+0x1fc/0x270
[ 1883.640391][T28379]  security_file_ioctl+0xc3/0x2a0
[ 1883.640415][T28379]  __se_sys_ioctl+0x47/0x170
[ 1883.640447][T28379]  do_syscall_64+0xe2/0xf80
[ 1883.640470][T28379]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1883.640490][T28379]  ? trace_irq_disable+0x37/0x100
[ 1883.640510][T28379]  ? clear_bhb_loop+0x60/0xb0
[ 1883.640534][T28379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1883.640560][T28379] RIP: 0033:0x7f5a4999aeb9
[ 1883.640580][T28379] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1883.640597][T28379] RSP: 002b:00007f5a4a829028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1883.640620][T28379] RAX: ffffffffffffffda RBX: 00007f5a49c15fa0 RCX: 00007f5a4999aeb9
[ 1883.640635][T28379] RDX: 00002000000000c0 RSI: 000000004020ae46 RDI: 0000000000000004
[ 1883.640649][T28379] RBP: 00007f5a4a829090 R08: 0000000000000000 R09: 0000000000000000
[ 1883.640662][T28379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1883.640674][T28379] R13: 00007f5a49c16038 R14: 00007f5a49c15fa0 R15: 00007f5a49d3fa48
[ 1883.640708][T28379]  </TASK>
[ 1883.640717][T28379] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1884.212047][T28392] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1884.368181][T28392] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1884.417063][T28399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1884.624005][T28399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1884.683614][T28392] tipc: Resetting bearer <eth:syzkaller0>
[ 1884.840351][T28392] tipc: Resetting bearer <eth:syzkaller0>
[ 1886.117112][T28421] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6172'.
[ 1887.030982][T28435] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1887.057558][T28435] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1887.112752][T28435] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6176'.
[ 1888.395309][T28450] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1888.458267][T28450] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1888.516389][T28450] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1888.656443][T28450] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1888.668905][T28456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1888.682037][T28456] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1888.881565][T28449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6174'.
[ 1888.961940][T28462] syzkaller1: entered promiscuous mode
[ 1888.961960][T28462] syzkaller1: entered allmulticast mode
[ 1891.616673][T28491] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1891.778499][T28491] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1891.810422][T28491] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6188'.
[ 1892.742016][T28504] loop2: detected capacity change from 0 to 7
[ 1892.757918][T28504] Dev loop2: unable to read RDB block 7
[ 1892.793413][T28504]  loop2: AHDI p1 p2 p3
[ 1892.805439][T28504] loop2: partition table partially beyond EOD, truncated
[ 1892.825940][T28504] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1892.834317][T28504] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1892.985871][T28511] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6195'.
[ 1892.998487][T28511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1893.012939][T28511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1893.054330][T28511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1893.165022][T28511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1894.077694][T28524] fuse: Invalid rootmode
[ 1894.724745][T28541] 
: renamed from bond0 (while UP)
[ 1895.108752][T28547] FAULT_INJECTION: forcing a failure.
[ 1895.108752][T28547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1895.130388][T28547] CPU: 0 UID: 0 PID: 28547 Comm: syz.0.6203 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1895.130424][T28547] Tainted: [L]=SOFTLOCKUP
[ 1895.130433][T28547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1895.130448][T28547] Call Trace:
[ 1895.130458][T28547]  <TASK>
[ 1895.130468][T28547]  dump_stack_lvl+0xe8/0x150
[ 1895.130505][T28547]  should_fail_ex+0x412/0x560
[ 1895.130541][T28547]  _copy_to_user+0x31/0xb0
[ 1895.130566][T28547]  simple_read_from_buffer+0xe1/0x170
[ 1895.130596][T28547]  proc_fail_nth_read+0x1bb/0x230
[ 1895.130636][T28547]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1895.130674][T28547]  ? rw_verify_area+0x2a6/0x4d0
[ 1895.130707][T28547]  ? __local_bh_enable_ip+0xd0/0x130
[ 1895.130728][T28547]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1895.130765][T28547]  vfs_read+0x20c/0xa70
[ 1895.130797][T28547]  ? fdget_pos+0x246/0x320
[ 1895.130841][T28547]  ? __pfx___mutex_lock+0x10/0x10
[ 1895.130870][T28547]  ? __pfx_vfs_read+0x10/0x10
[ 1895.130906][T28547]  ? __fget_files+0x2a/0x420
[ 1895.130937][T28547]  ? __fget_files+0x3a0/0x420
[ 1895.130962][T28547]  ? __fget_files+0x2a/0x420
[ 1895.130998][T28547]  ksys_read+0x150/0x270
[ 1895.131034][T28547]  ? __pfx_ksys_read+0x10/0x10
[ 1895.131089][T28547]  do_syscall_64+0xe2/0xf80
[ 1895.131115][T28547]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1895.131137][T28547]  ? trace_irq_disable+0x37/0x100
[ 1895.131160][T28547]  ? clear_bhb_loop+0x60/0xb0
[ 1895.131197][T28547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1895.131230][T28547] RIP: 0033:0x7f975455b78e
[ 1895.131252][T28547] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1895.131272][T28547] RSP: 002b:00007f9755419fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1895.131297][T28547] RAX: ffffffffffffffda RBX: 00007f975541a6c0 RCX: 00007f975455b78e
[ 1895.131315][T28547] RDX: 000000000000000f RSI: 00007f975541a0a0 RDI: 000000000000000b
[ 1895.131330][T28547] RBP: 00007f975541a090 R08: 0000000000000000 R09: 0000000000000000
[ 1895.131344][T28547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1895.131359][T28547] R13: 00007f9754816128 R14: 00007f9754816090 R15: 00007f975493fa48
[ 1895.131397][T28547]  </TASK>
[ 1897.422618][T28572] FAULT_INJECTION: forcing a failure.
[ 1897.422618][T28572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1897.452574][T28573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6209'.
[ 1897.496562][T28572] CPU: 1 UID: 0 PID: 28572 Comm: syz.0.6208 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1897.496596][T28572] Tainted: [L]=SOFTLOCKUP
[ 1897.496601][T28572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1897.496611][T28572] Call Trace:
[ 1897.496618][T28572]  <TASK>
[ 1897.496626][T28572]  dump_stack_lvl+0xe8/0x150
[ 1897.496650][T28572]  should_fail_ex+0x412/0x560
[ 1897.496673][T28572]  _copy_from_user+0x2d/0xb0
[ 1897.496688][T28572]  ___sys_recvmsg+0x175/0x590
[ 1897.496718][T28572]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1897.496743][T28572]  ? __fget_files+0x2a/0x420
[ 1897.496781][T28572]  do_recvmmsg+0x334/0x800
[ 1897.496809][T28572]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1897.496844][T28572]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1897.496874][T28572]  __x64_sys_recvmmsg+0x198/0x250
[ 1897.496898][T28572]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1897.496928][T28572]  do_syscall_64+0xe2/0xf80
[ 1897.496944][T28572]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1897.496959][T28572]  ? trace_irq_disable+0x37/0x100
[ 1897.496974][T28572]  ? clear_bhb_loop+0x60/0xb0
[ 1897.496991][T28572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1897.497006][T28572] RIP: 0033:0x7f975459aeb9
[ 1897.497020][T28572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1897.497032][T28572] RSP: 002b:00007f975544d028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1897.497049][T28572] RAX: ffffffffffffffda RBX: 00007f9754816090 RCX: 00007f975459aeb9
[ 1897.497060][T28572] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[ 1897.497070][T28572] RBP: 00007f975544d090 R08: 0000000000000000 R09: 0000000000000000
[ 1897.497080][T28572] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[ 1897.497090][T28572] R13: 00007f9754816128 R14: 00007f9754816090 R15: 00007f975493fa48
[ 1897.497114][T28572]  </TASK>
[ 1897.936670][T28576] fuse: Bad value for 'rootmode'
[ 1900.236324][T28625] fuse: Bad value for 'rootmode'
[ 1900.581911][T28636] FAULT_INJECTION: forcing a failure.
[ 1900.581911][T28636] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.618861][T28636] CPU: 1 UID: 0 PID: 28636 Comm: syz.1.6226 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1900.618896][T28636] Tainted: [L]=SOFTLOCKUP
[ 1900.618905][T28636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1900.618918][T28636] Call Trace:
[ 1900.618927][T28636]  <TASK>
[ 1900.618937][T28636]  dump_stack_lvl+0xe8/0x150
[ 1900.618971][T28636]  should_fail_ex+0x412/0x560
[ 1900.619003][T28636]  should_failslab+0xa8/0x100
[ 1900.619030][T28636]  __kmalloc_noprof+0xde/0x7e0
[ 1900.619051][T28636]  ? tomoyo_encode+0x28b/0x550
[ 1900.619085][T28636]  tomoyo_encode+0x28b/0x550
[ 1900.619122][T28636]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1900.619161][T28636]  ? tomoyo_path_number_perm+0x219/0x630
[ 1900.619184][T28636]  tomoyo_path_number_perm+0x246/0x630
[ 1900.619211][T28636]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1900.619232][T28636]  ? __lock_acquire+0x6b5/0x2cf0
[ 1900.619278][T28636]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1900.619324][T28636]  ? __fget_files+0x2a/0x420
[ 1900.619351][T28636]  ? __fget_files+0x2a/0x420
[ 1900.619373][T28636]  ? __fget_files+0x3a0/0x420
[ 1900.619396][T28636]  ? __fget_files+0x2a/0x420
[ 1900.619422][T28636]  security_file_ioctl+0xc3/0x2a0
[ 1900.619447][T28636]  __se_sys_ioctl+0x47/0x170
[ 1900.619480][T28636]  do_syscall_64+0xe2/0xf80
[ 1900.619504][T28636]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1900.619525][T28636]  ? trace_irq_disable+0x37/0x100
[ 1900.619543][T28636]  ? clear_bhb_loop+0x60/0xb0
[ 1900.619569][T28636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1900.619597][T28636] RIP: 0033:0x7f5a4999aeb9
[ 1900.619616][T28636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1900.619635][T28636] RSP: 002b:00007f5a4a829028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1900.619658][T28636] RAX: ffffffffffffffda RBX: 00007f5a49c15fa0 RCX: 00007f5a4999aeb9
[ 1900.619674][T28636] RDX: 0000200000000200 RSI: 00000000c0105512 RDI: 0000000000000003
[ 1900.619687][T28636] RBP: 00007f5a4a829090 R08: 0000000000000000 R09: 0000000000000000
[ 1900.619700][T28636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1900.619712][T28636] R13: 00007f5a49c16038 R14: 00007f5a49c15fa0 R15: 00007f5a49d3fa48
[ 1900.619744][T28636]  </TASK>
[ 1901.063151][T28636] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1901.658804][T28638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1901.671787][T28638] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1902.192539][T28663] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[ 1903.480717][T28666] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6233'.
[ 1905.845972][T28698] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6241'.
[ 1905.910066][T28700] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6242'.
[ 1906.942400][T28712] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1907.167048][T28712] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1907.242072][T28714] netlink: 'syz.1.6246': attribute type 8 has an invalid length.
[ 1907.461348][T28720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6249'.
[ 1907.461567][T28722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1907.499760][T28722] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1907.544112][T28722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1907.611892][T28722] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1907.693411][T28729] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1907.729950][T28729] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1907.784826][T28727] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1907.873057][T28729] net_ratelimit: 11 callbacks suppressed
[ 1907.873083][T28729] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1907.888781][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1909.355391][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1909.556577][   T30] kauditd_printk_skb: 31 callbacks suppressed
[ 1909.556597][   T30] audit: type=1326 audit(1770510135.248:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28736 comm="syz.0.6254" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f975459aeb9 code=0x0
[ 1909.674960][T28742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1909.684527][T28742] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1909.953403][T28746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1909.987582][T28746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1910.295540][   T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1910.304993][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1911.019518][T28759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1911.068267][T28759] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1911.108812][T28114] Bluetooth: hci1: SCO packet for unknown connection handle 1
[ 1911.585066][T28767] netlink: 252 bytes leftover after parsing attributes in process `syz.3.6263'.
[ 1911.897310][T28769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1911.941660][T28769] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1912.015206][T28769] netlink: 'syz.4.6264': attribute type 10 has an invalid length.
[ 1912.058416][T28769] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1912.067142][T28770] netlink: 'syz.4.6264': attribute type 10 has an invalid length.
[ 1912.075742][T28770] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6264'.
[ 1912.131463][T28769] batadv0: entered promiscuous mode
[ 1912.171693][T28769] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1912.256489][T28770] batadv0: entered allmulticast mode
[ 1912.375878][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1912.389494][T28770] bond0: (slave batadv0): Releasing backup interface
[ 1912.453051][T28114] Bluetooth: hci1: unknown advertising packet type: 0xe1
[ 1912.453075][T28114] Bluetooth: hci1: Malformed LE Event: 0x02
[ 1912.497489][T28770] bridge0: port 4(batadv0) entered blocking state
[ 1912.505781][T28770] bridge0: port 4(batadv0) entered disabled state
[ 1912.729015][T28777] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1912.761861][T28777] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1912.919570][ T1091] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1912.929550][ T1091] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1913.526006][T28791] netlink: 64 bytes leftover after parsing attributes in process `syz.4.6272'.
[ 1913.559042][T28791] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6272'.
[ 1913.587852][T28791] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6272'.
[ 1913.674048][   T30] audit: type=1326 audit(1770510139.368:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1913.733280][T28800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1913.861980][   T30] audit: type=1326 audit(1770510139.448:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1913.910429][T28800] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1913.953667][   T30] audit: type=1326 audit(1770510139.458:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1913.983699][T28800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1914.017416][T28800] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1914.032316][   T30] audit: type=1326 audit(1770510139.458:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.135213][   T30] audit: type=1326 audit(1770510139.458:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.201140][   T30] audit: type=1326 audit(1770510139.458:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.382631][   T30] audit: type=1326 audit(1770510139.458:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.479683][   T30] audit: type=1326 audit(1770510139.458:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.516745][   T30] audit: type=1326 audit(1770510139.458:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.559354][   T30] audit: type=1326 audit(1770510139.458:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.689253][   T30] audit: type=1326 audit(1770510139.458:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.729237][   T30] audit: type=1326 audit(1770510139.458:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.759477][   T30] audit: type=1326 audit(1770510139.458:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.921807][   T30] audit: type=1326 audit(1770510139.458:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1914.948178][   T30] audit: type=1326 audit(1770510139.458:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1915.195421][   T30] audit: type=1326 audit(1770510139.458:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1915.261741][   T30] audit: type=1326 audit(1770510139.458:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1915.341019][   T30] audit: type=1326 audit(1770510139.458:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1915.410879][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1915.456018][   T30] audit: type=1326 audit(1770510139.458:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28793 comm="syz.2.6274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1915.490761][ T1091] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1915.499261][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1916.414506][T28834] FAULT_INJECTION: forcing a failure.
[ 1916.414506][T28834] name failslab, interval 1, probability 0, space 0, times 0
[ 1916.429966][T28834] CPU: 0 UID: 0 PID: 28834 Comm: syz.3.6284 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1916.429999][T28834] Tainted: [L]=SOFTLOCKUP
[ 1916.430008][T28834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1916.430021][T28834] Call Trace:
[ 1916.430029][T28834]  <TASK>
[ 1916.430039][T28834]  dump_stack_lvl+0xe8/0x150
[ 1916.430072][T28834]  should_fail_ex+0x412/0x560
[ 1916.430104][T28834]  should_failslab+0xa8/0x100
[ 1916.430131][T28834]  __kvmalloc_node_noprof+0x166/0x8d0
[ 1916.430153][T28834]  ? net_generic+0x1e/0x240
[ 1916.430185][T28834]  ? alloc_netdev_mqs+0xa6/0x11b0
[ 1916.430209][T28834]  alloc_netdev_mqs+0xa6/0x11b0
[ 1916.430225][T28834]  ? __pfx_vlan_setup+0x10/0x10
[ 1916.430253][T28834]  register_vlan_device+0x235/0x4b0
[ 1916.430280][T28834]  ? __pfx_register_vlan_device+0x10/0x10
[ 1916.430307][T28834]  ? security_capable+0x7e/0x2c0
[ 1916.430348][T28834]  vlan_ioctl_handler+0x248/0x630
[ 1916.430374][T28834]  ? __pfx___mutex_lock+0x10/0x10
[ 1916.430399][T28834]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 1916.430432][T28834]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1916.430468][T28834]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 1916.430490][T28834]  sock_ioctl+0x668/0x7f0
[ 1916.430511][T28834]  ? __pfx_sock_ioctl+0x10/0x10
[ 1916.430529][T28834]  ? __fget_files+0x2a/0x420
[ 1916.430548][T28834]  ? __fget_files+0x3a0/0x420
[ 1916.430568][T28834]  ? __fget_files+0x2a/0x420
[ 1916.430592][T28834]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1916.430615][T28834]  ? __pfx_sock_ioctl+0x10/0x10
[ 1916.430632][T28834]  __se_sys_ioctl+0xfc/0x170
[ 1916.430662][T28834]  do_syscall_64+0xe2/0xf80
[ 1916.430682][T28834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1916.430700][T28834]  ? trace_irq_disable+0x37/0x100
[ 1916.430718][T28834]  ? clear_bhb_loop+0x60/0xb0
[ 1916.430741][T28834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1916.430760][T28834] RIP: 0033:0x7f1b3db9aeb9
[ 1916.430778][T28834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1916.430794][T28834] RSP: 002b:00007f1b3ea6e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1916.430814][T28834] RAX: ffffffffffffffda RBX: 00007f1b3de15fa0 RCX: 00007f1b3db9aeb9
[ 1916.430828][T28834] RDX: 0000200000000000 RSI: 0000000000008982 RDI: 0000000000000003
[ 1916.430840][T28834] RBP: 00007f1b3ea6e090 R08: 0000000000000000 R09: 0000000000000000
[ 1916.430852][T28834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1916.430863][T28834] R13: 00007f1b3de16038 R14: 00007f1b3de15fa0 R15: 00007f1b3df3fa48
[ 1916.430896][T28834]  </TASK>
[ 1917.295425][T28852] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1917.304870][T28852] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1918.463395][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1918.466915][T28861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1918.486270][T28861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1920.248235][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1920.255063][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1921.070100][T28895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1921.106601][T28895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1921.157383][T28895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1921.186970][T28895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1921.250542][ T1091] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1921.259261][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1921.489903][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1921.986441][T28912] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1921.998740][T28912] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1923.161898][   T30] kauditd_printk_skb: 29 callbacks suppressed
[ 1923.161920][   T30] audit: type=1326 audit(1770510148.848:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.282465][   T30] audit: type=1326 audit(1770510148.848:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.311345][T28923] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1923.341636][T28923] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1923.393321][   T30] audit: type=1326 audit(1770510148.858:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.475587][T28923] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1923.482115][   T30] audit: type=1326 audit(1770510148.858:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.509888][T28923] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1923.559220][   T30] audit: type=1326 audit(1770510148.858:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.639290][   T30] audit: type=1326 audit(1770510148.878:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.761242][   T30] audit: type=1326 audit(1770510148.878:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.859482][   T30] audit: type=1326 audit(1770510148.898:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1923.946413][   T30] audit: type=1326 audit(1770510148.898:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1924.022932][   T30] audit: type=1326 audit(1770510148.908:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28922 comm="syz.2.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb51299aeb9 code=0x7ffc0000
[ 1924.532029][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1925.107313][T28927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1925.139662][T28927] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1925.153588][T28941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1925.165344][T28941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1925.567745][T28959] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6313'.
[ 1926.007232][T28961] trusted_key: encrypted_key: insufficient parameters specified
[ 1927.010171][T25151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1927.018564][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1927.469445][T28970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1927.512018][T28970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1927.546221][T28973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1927.586506][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1927.609353][T28973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1927.643812][T28973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1927.676341][T28973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1928.780006][T28996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1928.789638][T28996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1930.430595][T29003] forcing mempool usage for bio_alloc_bioset+0x336/0x14e0
[ 1930.722890][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1930.973586][T29008] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6324'.
[ 1930.995040][T29008] vlan2: entered promiscuous mode
[ 1931.013922][T29008] veth1: entered promiscuous mode
[ 1931.242349][T29014] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6326'.
[ 1932.433191][T29022] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1932.444416][T29022] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1932.490537][T29034] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1932.571025][T29034] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1932.776946][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.786524][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1933.771858][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1934.070813][T29041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1934.137999][T29041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1935.112431][T29054] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1935.151051][T29054] batadv0: mtu less than device minimum
[ 1935.171828][T29054] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1935.184058][T29054] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1935.195721][T29054] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1935.207387][T29054] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1935.219048][T29054] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1935.555951][T29064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1935.611663][T29064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1935.662693][T29064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1935.671586][T29064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1935.904108][T29074] loop2: detected capacity change from 0 to 7
[ 1935.935777][T29074] Dev loop2: unable to read RDB block 7
[ 1935.960891][T29074]  loop2: unable to read partition table
[ 1935.966822][T29074] loop2: partition table beyond EOD, truncated
[ 1936.016498][T29074] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1936.275275][T29078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1936.297349][T29078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1936.319428][T29082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6344'.
[ 1936.337372][T29078] netlink: 68 bytes leftover after parsing attributes in process `syz.3.6343'.
[ 1936.352707][T29083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1936.390038][T29083] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1936.451496][T29083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1936.463423][T29083] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1936.620530][T29089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1936.963021][T29097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1937.013264][T29097] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1937.058199][T29097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1937.102133][T29097] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1937.160038][T29097] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6349'.
[ 1937.761715][T29111] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6356'.
[ 1937.808652][T29111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1937.846776][T29111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1937.861859][T29124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1937.890896][   T35] net_ratelimit: 15 callbacks suppressed
[ 1937.890919][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1937.892614][T29124] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1937.897976][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1937.946950][T29129] ipt_ECN: cannot use operation on non-tcp rule
[ 1939.249578][T29135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1939.308159][T29135] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1939.896789][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1942.929809][T27736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1943.667024][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1943.675809][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1944.408050][T29187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6370'.
[ 1944.595415][T29189] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6371'.
[ 1944.856795][T29191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6372'.
[ 1945.890835][T29208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1945.914243][T29208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1945.984101][T27736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1947.258328][T29221] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6378'.
[ 1948.315522][T29232] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6381'.
[ 1949.010200][T27736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1949.171694][T29237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1949.200818][T29237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1949.239670][T29238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1949.294077][T29238] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1949.302059][T29240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1949.332344][T29240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1949.353355][T29237] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1949.410985][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1949.419526][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1950.104240][T29253] binder: BINDER_SET_CONTEXT_MGR already set
[ 1950.128142][T29253] binder: 29251:29253 ioctl 4018620d 200000004a80 returned -16
[ 1950.284142][T29258] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6388'.
[ 1950.539601][   T30] kauditd_printk_skb: 85 callbacks suppressed
[ 1950.539623][   T30] audit: type=1400 audit(1770510176.228:1782): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A2F2F2604C0248B51 pid=29260 comm="syz.0.6389"
[ 1950.871114][T29265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1950.908271][T29265] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1951.621477][T29272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1951.678202][T29272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1951.733690][T29272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1951.745218][T29272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1951.874317][T29280] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6394'.
[ 1951.904070][T29280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1951.923400][T29280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1951.967603][T29280] FAULT_INJECTION: forcing a failure.
[ 1951.967603][T29280] name failslab, interval 1, probability 0, space 0, times 0
[ 1951.993363][T29280] CPU: 0 UID: 0 PID: 29280 Comm: syz.1.6394 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1951.993399][T29280] Tainted: [L]=SOFTLOCKUP
[ 1951.993408][T29280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1951.993421][T29280] Call Trace:
[ 1951.993430][T29280]  <TASK>
[ 1951.993440][T29280]  dump_stack_lvl+0xe8/0x150
[ 1951.993473][T29280]  should_fail_ex+0x412/0x560
[ 1951.993503][T29280]  should_failslab+0xa8/0x100
[ 1951.993528][T29280]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1951.993562][T29280]  ? __alloc_skb+0x193/0x390
[ 1951.993587][T29280]  ? __alloc_skb+0x1d7/0x390
[ 1951.993609][T29280]  ? __local_bh_enable_ip+0xd0/0x130
[ 1951.993630][T29280]  ? __alloc_skb+0x193/0x390
[ 1951.993656][T29280]  __alloc_skb+0x1d7/0x390
[ 1951.993686][T29280]  netlink_sendmsg+0x5d4/0xb40
[ 1951.993719][T29280]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1951.993756][T29280]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1951.993784][T29280]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1951.993809][T29280]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1951.993831][T29280]  ____sys_sendmsg+0xa68/0xad0
[ 1951.993860][T29280]  ? __might_fault+0xaf/0x130
[ 1951.993897][T29280]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1951.993936][T29280]  ? import_iovec+0x73/0xa0
[ 1951.993979][T29280]  ___sys_sendmsg+0x2a5/0x360
[ 1951.994007][T29280]  ? __lock_acquire+0x6b5/0x2cf0
[ 1951.994040][T29280]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1951.994105][T29280]  ? __fget_files+0x2a/0x420
[ 1951.994128][T29280]  ? __fget_files+0x3a0/0x420
[ 1951.994162][T29280]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1951.994194][T29280]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1951.994231][T29280]  ? __pfx_ksys_write+0x10/0x10
[ 1951.994273][T29280]  do_syscall_64+0xe2/0xf80
[ 1951.994297][T29280]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1951.994317][T29280]  ? trace_irq_disable+0x37/0x100
[ 1951.994337][T29280]  ? clear_bhb_loop+0x60/0xb0
[ 1951.994362][T29280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1951.994383][T29280] RIP: 0033:0x7f5a4999aeb9
[ 1951.994403][T29280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1951.994421][T29280] RSP: 002b:00007f5a4a829028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1951.994444][T29280] RAX: ffffffffffffffda RBX: 00007f5a49c15fa0 RCX: 00007f5a4999aeb9
[ 1951.994459][T29280] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[ 1951.994473][T29280] RBP: 00007f5a4a829090 R08: 0000000000000000 R09: 0000000000000000
[ 1951.994486][T29280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1951.994499][T29280] R13: 00007f5a49c16038 R14: 00007f5a49c15fa0 R15: 00007f5a49d3fa48
[ 1951.994531][T29280]  </TASK>
[ 1952.263503][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1952.334320][T29280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1952.551213][T29280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1953.314698][T29296] FAULT_INJECTION: forcing a failure.
[ 1953.314698][T29296] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1953.330647][   T30] audit: type=1326 audit(1770510179.028:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.359300][T29296] CPU: 1 UID: 0 PID: 29296 Comm: syz.0.6400 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1953.359334][T29296] Tainted: [L]=SOFTLOCKUP
[ 1953.359342][T29296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1953.359356][T29296] Call Trace:
[ 1953.359365][T29296]  <TASK>
[ 1953.359375][T29296]  dump_stack_lvl+0xe8/0x150
[ 1953.359418][T29296]  should_fail_ex+0x412/0x560
[ 1953.359450][T29296]  _copy_to_user+0x31/0xb0
[ 1953.359473][T29296]  simple_read_from_buffer+0xe1/0x170
[ 1953.359502][T29296]  proc_fail_nth_read+0x1bb/0x230
[ 1953.359536][T29296]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1953.359570][T29296]  ? rw_verify_area+0x2a6/0x4d0
[ 1953.359599][T29296]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1953.359630][T29296]  vfs_read+0x20c/0xa70
[ 1953.359658][T29296]  ? fdget_pos+0x246/0x320
[ 1953.359685][T29296]  ? __pfx___mutex_lock+0x10/0x10
[ 1953.359713][T29296]  ? __pfx_vfs_read+0x10/0x10
[ 1953.359743][T29296]  ? __fget_files+0x2a/0x420
[ 1953.359770][T29296]  ? __fget_files+0x3a0/0x420
[ 1953.359791][T29296]  ? __fget_files+0x2a/0x420
[ 1953.359823][T29296]  ksys_read+0x150/0x270
[ 1953.359855][T29296]  ? __pfx_ksys_read+0x10/0x10
[ 1953.359882][T29296]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 1953.359926][T29296]  do_syscall_64+0xe2/0xf80
[ 1953.359948][T29296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1953.359967][T29296]  ? trace_irq_disable+0x37/0x100
[ 1953.359987][T29296]  ? clear_bhb_loop+0x60/0xb0
[ 1953.360013][T29296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1953.360034][T29296] RIP: 0033:0x7f975455b78e
[ 1953.360048][T29296] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1953.360061][T29296] RSP: 002b:00007f975546dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1953.360076][T29296] RAX: ffffffffffffffda RBX: 00007f975546e6c0 RCX: 00007f975455b78e
[ 1953.360088][T29296] RDX: 000000000000000f RSI: 00007f975546e0a0 RDI: 0000000000000004
[ 1953.360097][T29296] RBP: 00007f975546e090 R08: 0000000000000000 R09: 0000000000000000
[ 1953.360106][T29296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1953.360114][T29296] R13: 00007f9754816038 R14: 00007f9754815fa0 R15: 00007f975493fa48
[ 1953.360138][T29296]  </TASK>
[ 1953.610979][   T30] audit: type=1326 audit(1770510179.048:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.633634][   T30] audit: type=1326 audit(1770510179.048:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.656121][   T30] audit: type=1326 audit(1770510179.048:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.678628][   T30] audit: type=1326 audit(1770510179.048:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.701439][   T30] audit: type=1326 audit(1770510179.048:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5a4995b78e code=0x7ffc0000
[ 1953.723941][   T30] audit: type=1326 audit(1770510179.048:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.746637][   T30] audit: type=1326 audit(1770510179.048:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.769268][   T30] audit: type=1326 audit(1770510179.058:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29293 comm="syz.1.6399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a4999aeb9 code=0x7ffc0000
[ 1953.883152][T29295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1953.904119][T29295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1954.075222][T29299] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1954.096953][T29299] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1954.301410][T29303] Cannot find del_set index 2 as target
[ 1954.593625][T16925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1954.602389][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1955.380313][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1955.391792][ T1149] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1955.401107][T27748] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1955.418104][T27736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1955.544885][T29312] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1955.555553][T29312] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1955.605891][T29324] fuse: Bad value for 'user_id'
[ 1955.738782][T29324] fuse: Bad value for 'user_id'
[ 1956.646105][T29335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1956.688119][T29335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1956.835741][T29340] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1956.867536][T29340] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1956.906001][T29340] tipc: Resetting bearer <eth:syzkaller0>
[ 1958.453468][T27736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1959.880196][T29375] fuse: Unknown parameter '00000000000000000006'
[ 1960.296072][   T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1960.304836][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1960.446854][T29381] netlink: 'syz.4.6423': attribute type 3 has an invalid length.
[ 1960.966044][T25151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1960.975085][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1960.992060][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1961.452764][T29399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1961.484478][T29399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1961.633285][T29404] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1961.656231][T29404] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1963.904171][T29419] FAULT_INJECTION: forcing a failure.
[ 1963.904171][T29419] name failslab, interval 1, probability 0, space 0, times 0
[ 1964.011003][T29419] CPU: 1 UID: 0 PID: 29419 Comm: syz.1.6434 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1964.011038][T29419] Tainted: [L]=SOFTLOCKUP
[ 1964.011045][T29419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1964.011058][T29419] Call Trace:
[ 1964.011067][T29419]  <TASK>
[ 1964.011075][T29419]  dump_stack_lvl+0xe8/0x150
[ 1964.011109][T29419]  should_fail_ex+0x412/0x560
[ 1964.011140][T29419]  should_failslab+0xa8/0x100
[ 1964.011165][T29419]  __kmalloc_cache_node_noprof+0x87/0x6d0
[ 1964.011189][T29419]  ? __get_vm_area_node+0x13f/0x300
[ 1964.011234][T29419]  __get_vm_area_node+0x13f/0x300
[ 1964.011271][T29419]  __vmalloc_node_range_noprof+0x372/0x1730
[ 1964.011293][T29419]  ? copy_process+0x508/0x3980
[ 1964.011316][T29419]  ? percpu_ref_get_many+0x19/0x140
[ 1964.011340][T29419]  ? percpu_ref_get_many+0x19/0x140
[ 1964.011382][T29419]  ? __memcg_slab_post_alloc_hook+0x6af/0x8d0
[ 1964.011416][T29419]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1964.011445][T29419]  ? memcpy_and_pad+0x48/0x80
[ 1964.011474][T29419]  __vmalloc_node_noprof+0xc2/0x100
[ 1964.011495][T29419]  ? copy_process+0x508/0x3980
[ 1964.011513][T29419]  ? copy_process+0x508/0x3980
[ 1964.011536][T29419]  dup_task_struct+0x228/0x9a0
[ 1964.011559][T29419]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1964.011584][T29419]  copy_process+0x508/0x3980
[ 1964.011631][T29419]  ? __pfx_copy_process+0x10/0x10
[ 1964.011660][T29419]  ? mutex_init_lockep+0xf9/0x130
[ 1964.011685][T29419]  vhost_task_create+0x1f9/0x380
[ 1964.011708][T29419]  ? arch_stack_walk+0xfb/0x150
[ 1964.011730][T29419]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[ 1964.011755][T29419]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[ 1964.011779][T29419]  ? __pfx_vhost_task_create+0x10/0x10
[ 1964.011805][T29419]  ? __pfx_vhost_task_fn+0x10/0x10
[ 1964.011828][T29419]  ? __lock_acquire+0x6b5/0x2cf0
[ 1964.011855][T29419]  ? kasan_save_track+0x4f/0x80
[ 1964.011870][T29419]  ? kasan_save_track+0x3e/0x80
[ 1964.011883][T29419]  ? kasan_save_free_info+0x46/0x50
[ 1964.011908][T29419]  kvm_mmu_post_init_vm+0x14c/0x300
[ 1964.011936][T29419]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[ 1964.011970][T29419]  ? __mutex_trylock_common+0x158/0x260
[ 1964.011988][T29419]  ? look_up_lock_class+0x57/0x110
[ 1964.012010][T29419]  ? register_lock_class+0x31/0x2e0
[ 1964.012035][T29419]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 1964.012063][T29419]  ? __lock_acquire+0x6b5/0x2cf0
[ 1964.012088][T29419]  ? __mutex_lock+0x319/0x1300
[ 1964.012113][T29419]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1964.012149][T29419]  ? do_raw_write_lock+0x11d/0x260
[ 1964.012181][T29419]  kvm_vcpu_ioctl+0xa62/0xfd0
[ 1964.012209][T29419]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1964.012237][T29419]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1964.012273][T29419]  ? __fget_files+0x2a/0x420
[ 1964.012294][T29419]  ? __fget_files+0x2a/0x420
[ 1964.012311][T29419]  ? __fget_files+0x3a0/0x420
[ 1964.012328][T29419]  ? __fget_files+0x2a/0x420
[ 1964.012349][T29419]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1964.012370][T29419]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1964.012392][T29419]  __se_sys_ioctl+0xfc/0x170
[ 1964.012418][T29419]  do_syscall_64+0xe2/0xf80
[ 1964.012437][T29419]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1964.012452][T29419]  ? trace_irq_disable+0x37/0x100
[ 1964.012469][T29419]  ? clear_bhb_loop+0x60/0xb0
[ 1964.012488][T29419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1964.012504][T29419] RIP: 0033:0x7f5a4999aeb9
[ 1964.012520][T29419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1964.012534][T29419] RSP: 002b:00007f5a4a808028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1964.012552][T29419] RAX: ffffffffffffffda RBX: 00007f5a49c16090 RCX: 00007f5a4999aeb9
[ 1964.012565][T29419] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 1964.012575][T29419] RBP: 00007f5a4a808090 R08: 0000000000000000 R09: 0000000000000000
[ 1964.012585][T29419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1964.012595][T29419] R13: 00007f5a49c16128 R14: 00007f5a49c16090 R15: 00007f5a49d3fa48
[ 1964.012621][T29419]  </TASK>
[ 1964.012635][T29419] syz.1.6434: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[ 1964.418840][T27736] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1964.458425][T29422] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6435'.
[ 1964.469788][T29419] ,cpuset=syz1,mems_allowed=0-1
[ 1964.474914][T29419] CPU: 1 UID: 0 PID: 29419 Comm: syz.1.6434 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1964.474941][T29419] Tainted: [L]=SOFTLOCKUP
[ 1964.474948][T29419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1964.474958][T29419] Call Trace:
[ 1964.474966][T29419]  <TASK>
[ 1964.474973][T29419]  dump_stack_lvl+0xe8/0x150
[ 1964.475000][T29419]  warn_alloc+0x249/0x340
[ 1964.475023][T29419]  ? __pfx_warn_alloc+0x10/0x10
[ 1964.475042][T29419]  ? __get_vm_area_node+0x13f/0x300
[ 1964.475071][T29419]  ? __get_vm_area_node+0x2b5/0x300
[ 1964.475102][T29419]  __vmalloc_node_range_noprof+0x397/0x1730
[ 1964.475121][T29419]  ? percpu_ref_get_many+0x19/0x140
[ 1964.475141][T29419]  ? percpu_ref_get_many+0x19/0x140
[ 1964.475174][T29419]  ? __memcg_slab_post_alloc_hook+0x6af/0x8d0
[ 1964.475200][T29419]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1964.475223][T29419]  ? memcpy_and_pad+0x48/0x80
[ 1964.475245][T29419]  __vmalloc_node_noprof+0xc2/0x100
[ 1964.475261][T29419]  ? copy_process+0x508/0x3980
[ 1964.475276][T29419]  ? copy_process+0x508/0x3980
[ 1964.475294][T29419]  dup_task_struct+0x228/0x9a0
[ 1964.475312][T29419]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1964.475331][T29419]  copy_process+0x508/0x3980
[ 1964.475367][T29419]  ? __pfx_copy_process+0x10/0x10
[ 1964.475390][T29419]  ? mutex_init_lockep+0xf9/0x130
[ 1964.475409][T29419]  vhost_task_create+0x1f9/0x380
[ 1964.475429][T29419]  ? arch_stack_walk+0xfb/0x150
[ 1964.475446][T29419]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[ 1964.475468][T29419]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[ 1964.475491][T29419]  ? __pfx_vhost_task_create+0x10/0x10
[ 1964.475517][T29419]  ? __pfx_vhost_task_fn+0x10/0x10
[ 1964.475540][T29419]  ? __lock_acquire+0x6b5/0x2cf0
[ 1964.475577][T29419]  ? kasan_save_track+0x4f/0x80
[ 1964.475592][T29419]  ? kasan_save_track+0x3e/0x80
[ 1964.475606][T29419]  ? kasan_save_free_info+0x46/0x50
[ 1964.475631][T29419]  kvm_mmu_post_init_vm+0x14c/0x300
[ 1964.475658][T29419]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[ 1964.475691][T29419]  ? __mutex_trylock_common+0x158/0x260
[ 1964.475709][T29419]  ? look_up_lock_class+0x57/0x110
[ 1964.475728][T29419]  ? register_lock_class+0x31/0x2e0
[ 1964.475751][T29419]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[ 1964.475779][T29419]  ? __lock_acquire+0x6b5/0x2cf0
[ 1964.475804][T29419]  ? __mutex_lock+0x319/0x1300
[ 1964.475829][T29419]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1964.475865][T29419]  ? do_raw_write_lock+0x11d/0x260
[ 1964.476003][T29419]  kvm_vcpu_ioctl+0xa62/0xfd0
[ 1964.476035][T29419]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1964.476057][T29419]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1964.476093][T29419]  ? __fget_files+0x2a/0x420
[ 1964.476115][T29419]  ? __fget_files+0x2a/0x420
[ 1964.476132][T29419]  ? __fget_files+0x3a0/0x420
[ 1964.476150][T29419]  ? __fget_files+0x2a/0x420
[ 1964.476172][T29419]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1964.476193][T29419]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1964.476215][T29419]  __se_sys_ioctl+0xfc/0x170
[ 1964.476241][T29419]  do_syscall_64+0xe2/0xf80
[ 1964.476260][T29419]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1964.476277][T29419]  ? trace_irq_disable+0x37/0x100
[ 1964.476293][T29419]  ? clear_bhb_loop+0x60/0xb0
[ 1964.476313][T29419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1964.476329][T29419] RIP: 0033:0x7f5a4999aeb9
[ 1964.476346][T29419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1964.476360][T29419] RSP: 002b:00007f5a4a808028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1964.476378][T29419] RAX: ffffffffffffffda RBX: 00007f5a49c16090 RCX: 00007f5a4999aeb9
[ 1964.476391][T29419] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 1964.476401][T29419] RBP: 00007f5a4a808090 R08: 0000000000000000 R09: 0000000000000000
[ 1964.476412][T29419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1964.476422][T29419] R13: 00007f5a49c16128 R14: 00007f5a49c16090 R15: 00007f5a49d3fa48
[ 1964.476448][T29419]  </TASK>
[ 1964.476460][T29419] Mem-Info:
[ 1964.879620][T29419] active_anon:13724 inactive_anon:1 isolated_anon:0
[ 1964.879620][T29419]  active_file:22537 inactive_file:40914 isolated_file:0
[ 1964.879620][T29419]  unevictable:780 dirty:224 writeback:0
[ 1964.879620][T29419]  slab_reclaimable:13009 slab_unreclaimable:113375
[ 1964.879620][T29419]  mapped:32143 shmem:5568 pagetables:2721
[ 1964.879620][T29419]  sec_pagetables:0 bounce:0
[ 1964.879620][T29419]  kernel_misc_reclaimable:0
[ 1964.879620][T29419]  free:1273921 free_pcp:12973 free_cma:0
[ 1964.960013][T29419] Node 0 active_anon:55296kB inactive_anon:4kB active_file:90148kB inactive_file:163456kB unevictable:1584kB isolated(anon):0kB isolated(file):0kB mapped:128572kB dirty:896kB writeback:0kB shmem:20736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:15440kB pagetables:10752kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1964.981180][T29422] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6435'.
[ 1965.011061][T29423] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6435'.
[ 1965.126227][T29419] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1965.318161][T29419] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1965.349656][T29419] lowmem_reserve[]: 0 2494 2495 2495 2495
[ 1965.360195][T29419] Node 0 DMA32 free:1184876kB boost:0kB min:34216kB low:42768kB high:51320kB reserved_highatomic:0KB free_highatomic:0KB active_anon:57648kB inactive_anon:4kB active_file:90148kB inactive_file:163456kB unevictable:1584kB writepending:900kB zspages:0kB present:3129332kB managed:2554116kB mlocked:0kB bounce:0kB free_pcp:32888kB local_pcp:16456kB free_cma:0kB
[ 1965.442144][T29430] bond0: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[ 1965.554355][T29430] bond0 (unregistering): Released all slaves
[ 1965.804496][T29419] lowmem_reserve[]: 0 0 1 1 1
[ 1965.825147][T29419] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1965.949738][T29419] lowmem_reserve[]: 0 0 0 0 0
[ 1965.954594][T29419] Node 1 Normal free:3902892kB boost:0kB min:55668kB low:69584kB high:83500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:13376kB local_pcp:8096kB free_cma:0kB
[ 1966.007992][   T30] kauditd_printk_skb: 45 callbacks suppressed
[ 1966.008007][   T30] audit: type=1326 audit(1770510191.698:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1966.050508][T25151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1966.058875][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1966.086152][T29419] lowmem_reserve[]: 0 0 0 0 0
[ 1966.123003][T29440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1966.136548][T29419] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1966.156482][   T30] audit: type=1326 audit(1770510191.698:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1966.420614][T29419] Node 0 DMA32: 8371*4kB (UME) 6162*8kB (UME) 4533*16kB (UM) 1166*32kB (UME) 599*64kB (UME) 513*128kB (UM) 334*256kB (UM) 207*512kB (UM) 154*1024kB (UM) 3*2048kB (UME) 129*4096kB (M) = 1180332kB
[ 1966.421234][   T30] audit: type=1326 audit(1770510191.698:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1966.549711][T29440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1966.570053][T29437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1966.589313][T29419] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1966.601857][   T30] audit: type=1326 audit(1770510191.698:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1966.626502][T29437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1966.668119][T29419] Node 1 Normal: 199*4kB (UME) 46*8kB (UME) 48*16kB (UME) 219*32kB (UME) 59*64kB (UME) 18*128kB (UME) 7*256kB (UME) 2*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 947*4096kB (M) = 3902892kB
[ 1966.708714][   T30] audit: type=1326 audit(1770510191.728:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1966.718019][T25151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1966.741106][T27745] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1966.769719][T27731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1966.803391][T29419] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1966.869918][   T30] audit: type=1326 audit(1770510191.728:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1966.912898][T29419] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1967.022011][T29419] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1967.072861][   T30] audit: type=1326 audit(1770510191.728:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1967.099285][T29419] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1967.131516][   T30] audit: type=1326 audit(1770510191.728:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1967.159707][   T30] audit: type=1326 audit(1770510191.728:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1967.159723][T29419] 70719 total pagecache pages
[ 1967.159794][   T30] audit: type=1326 audit(1770510191.728:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29439 comm="syz.0.6439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f975459aeb9 code=0x7ffc0000
[ 1967.214538][T29430] 
: (slave netdevsim0): Releasing backup interface
[ 1967.292961][T29430] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[ 1967.315487][T29430] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1967.336384][T29419] 1 pages in swap cache
[ 1967.347377][T29419] Free swap  = 124992kB
[ 1967.365117][T29419] Total swap = 124996kB
[ 1967.378451][T29419] 2097051 pages RAM
[ 1967.395604][T29419] 0 pages HighMem/MovableOnly
[ 1967.409764][T29419] 426624 pages reserved
[ 1967.436939][T29419] 0 pages cma reserved
[ 1967.828086][T29455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1967.886486][T29454] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1967.898918][T29454] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1967.909326][T29454] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1967.918868][T29454] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1967.927899][T29454] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1968.019928][T29455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1970.088148][T29473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1970.157460][T29473] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1971.150559][T29491] netlink: 64 bytes leftover after parsing attributes in process `syz.1.6448'.
[ 1971.280807][T29495] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6448'.
[ 1971.461637][T29491] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6448'.
[ 1971.533240][T29498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1971.578994][T29498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1971.608395][T29500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1971.625166][T29500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1971.712529][T29500] tipc: Resetting bearer <eth:syzkaller0>
[ 1971.811955][   T50] net_ratelimit: 2 callbacks suppressed
[ 1971.811976][   T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1971.826127][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1971.974005][T29506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6453'.
[ 1972.351623][T29513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1972.378096][T29513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1972.450527][T16925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1972.460254][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1972.475868][ T5895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1972.576931][T29516] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6456'.
[ 1972.603702][T29516] workqueue: Failed to create a rescuer kthread for wq "bond8": -EINTR
[ 1972.887696][T29523] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6458'.
[ 1973.049936][T29528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6459'.
[ 1974.927900][T29550] xt_hashlimit: size too large, truncated to 1048576
[ 1975.031358][    C0] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] SMP KASAN PTI
[ 1975.043323][    C0] KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]
[ 1975.051781][    C0] CPU: 0 UID: 0 PID: 29551 Comm: syz.3.6466 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1975.062751][    C0] Tainted: [L]=SOFTLOCKUP
[ 1975.067090][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1975.077171][    C0] RIP: 0010:skb_segment+0x2ac4/0x3f80
[ 1975.082564][    C0] Code: 00 00 00 8b 6c 24 58 81 7c 24 14 ff ff 00 00 0f 85 1c e1 ff ff e8 ec d1 60 f8 48 8b 44 24 20 48 8d 58 70 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 14 09 00 00 8b 1b e9 21 e1 ff ff e8 c3
[ 1975.102209][    C0] RSP: 0018:ffffc90000006310 EFLAGS: 00010202
[ 1975.108299][    C0] RAX: 000000000000000e RBX: 0000000000000070 RCX: ffff88802a010000
[ 1975.116272][    C0] RDX: 0000000000000100 RSI: ffff8880907ff06e RDI: 000000000000ffff
[ 1975.124255][    C0] RBP: 0000000000000003 R08: ffff88802a010000 R09: 0000000000000002
[ 1975.132248][    C0] R10: 000000000000a888 R11: 0000000000000100 R12: ffff8880907ff060
[ 1975.140266][    C0] R13: 00000000fffffff8 R14: 0000000000000000 R15: dffffc0000000000
[ 1975.148256][    C0] FS:  00007f1b3ea2c6c0(0000) GS:ffff8881256f3000(0000) knlGS:0000000000000000
[ 1975.157187][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1975.163774][    C0] CR2: 00002000002db030 CR3: 0000000040fe8000 CR4: 00000000003526f0
[ 1975.171777][    C0] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000404
[ 1975.179766][    C0] DR3: ffffffffefffbf14 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1975.187753][    C0] Call Trace:
[ 1975.191043][    C0]  <IRQ>
[ 1975.193920][    C0]  ? stack_trace_save+0xa9/0x100
[ 1975.198879][    C0]  ? check_noncircular+0xda/0x150
[ 1975.203923][    C0]  tcp_gso_segment+0x424/0x1a40
[ 1975.208789][    C0]  ? __pfx_tcp_wfree+0x10/0x10
[ 1975.213558][    C0]  ipv6_gso_segment+0xb80/0x2200
[ 1975.218509][    C0]  ? __pfx_ipv6_gso_segment+0x10/0x10
[ 1975.223891][    C0]  ? __pfx_skb_network_protocol+0x10/0x10
[ 1975.229734][    C0]  ? __pfx_ipv6_gso_segment+0x10/0x10
[ 1975.235142][    C0]  skb_mac_gso_segment+0x325/0x650
[ 1975.240295][    C0]  ? skb_mac_gso_segment+0x184/0x650
[ 1975.245625][    C0]  ? __pfx_skb_mac_gso_segment+0x10/0x10
[ 1975.251286][    C0]  __skb_gso_segment+0x376/0x540
[ 1975.256254][    C0]  validate_xmit_skb+0xa13/0x1440
[ 1975.261304][    C0]  ? __asan_memset+0x22/0x50
[ 1975.266006][    C0]  validate_xmit_skb_list+0x84/0x120
[ 1975.271307][    C0]  sch_direct_xmit+0xdf/0x4c0
[ 1975.276013][    C0]  ? __pfx_sch_direct_xmit+0x10/0x10
[ 1975.281310][    C0]  ? qdisc_bstats_update+0x110/0x1d0
[ 1975.286618][    C0]  __dev_queue_xmit+0x17db/0x3850
[ 1975.291675][    C0]  ? __dev_queue_xmit+0x274/0x3850
[ 1975.296857][    C0]  ? __pfx_nf_confirm+0x10/0x10
[ 1975.301777][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1975.307176][    C0]  ? ip6_output+0x340/0x550
[ 1975.311699][    C0]  ? lock_acquire+0x106/0x330
[ 1975.316398][    C0]  ? ip6_output+0x340/0x550
[ 1975.320916][    C0]  ? ip6_finish_output2+0xe7e/0x1360
[ 1975.326225][    C0]  ? ip6_output+0x126/0x550
[ 1975.330869][    C0]  ip6_output+0x340/0x550
[ 1975.335248][    C0]  ip6_xmit+0x120f/0x19d0
[ 1975.339599][    C0]  ? ip6_xmit+0x2b2/0x19d0
[ 1975.344038][    C0]  ? __pfx_ip6_xmit+0x10/0x10
[ 1975.348733][    C0]  ? inet6_csk_xmit+0x1ee/0x750
[ 1975.353634][    C0]  ? lock_acquire+0x106/0x330
[ 1975.358333][    C0]  ? inet6_csk_xmit+0x1ee/0x750
[ 1975.363290][    C0]  inet6_csk_xmit+0x4a5/0x750
[ 1975.367989][    C0]  ? inet6_csk_xmit+0x1ee/0x750
[ 1975.372960][    C0]  ? __pfx_inet6_csk_xmit+0x10/0x10
[ 1975.378226][    C0]  ? tcp_established_options+0x485/0x9c0
[ 1975.383869][    C0]  ? csum_ipv6_magic+0x1ea/0x2f0
[ 1975.388837][    C0]  ? __pfx_inet6_csk_xmit+0x10/0x10
[ 1975.394052][    C0]  __tcp_transmit_skb+0x20b6/0x3ad0
[ 1975.399311][    C0]  ? __x64_sys_recvfrom+0xde/0x100
[ 1975.404529][    C0]  ? do_syscall_64+0xe2/0xf80
[ 1975.409245][    C0]  ? __pfx___tcp_transmit_skb+0x10/0x10
[ 1975.414833][    C0]  ? tcp_small_queue_check+0x1c1/0x3b0
[ 1975.420317][    C0]  tcp_write_xmit+0x16e8/0x6980
[ 1975.425236][    C0]  __tcp_push_pending_frames+0x97/0x380
[ 1975.430798][    C0]  tcp_rcv_established+0xfee/0x25b0
[ 1975.436043][    C0]  ? lock_acquire+0x106/0x330
[ 1975.440754][    C0]  ? __pfx_tcp_rcv_established+0x10/0x10
[ 1975.446401][    C0]  ? ip6_dst_check+0xe2/0x7e0
[ 1975.451080][    C0]  ? ip6_dst_check+0x5e3/0x7e0
[ 1975.455855][    C0]  ? __pfx_ip6_dst_check+0x10/0x10
[ 1975.460983][    C0]  tcp_v6_do_rcv+0x8eb/0x1ba0
[ 1975.465685][    C0]  tcp_v6_rcv+0x2811/0x3110
[ 1975.470208][    C0]  ? raw6_local_deliver+0x15d/0xae0
[ 1975.475436][    C0]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 1975.480300][    C0]  ? nf_nat_ipv6_fn+0x229/0x2f0
[ 1975.485159][    C0]  ? __pfx_nf_nat_ipv6_fn+0x10/0x10
[ 1975.490360][    C0]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 1975.495232][    C0]  ip6_protocol_deliver_rcu+0xa73/0x1600
[ 1975.500907][    C0]  ip6_input_finish+0x191/0x370
[ 1975.505815][    C0]  NF_HOOK+0x336/0x3c0
[ 1975.509893][    C0]  ? __pfx_ip6_input_finish+0x10/0x10
[ 1975.515280][    C0]  ? NF_HOOK+0x9e/0x3c0
[ 1975.519443][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1975.524059][    C0]  ? __pfx_ip6_input_finish+0x10/0x10
[ 1975.529459][    C0]  ip6_input+0x16a/0x270
[ 1975.533724][    C0]  ? ip6_input+0x23/0x270
[ 1975.538070][    C0]  NF_HOOK+0x336/0x3c0
[ 1975.542145][    C0]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1975.547378][    C0]  ? NF_HOOK+0x9e/0x3c0
[ 1975.551547][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1975.556157][    C0]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1975.561367][    C0]  ? process_backlog+0x3eb/0x1950
[ 1975.566414][    C0]  process_backlog+0x7dd/0x1950
[ 1975.571282][    C0]  __napi_poll+0xae/0x340
[ 1975.575629][    C0]  ? skb_defer_free_flush+0x233/0x260
[ 1975.581020][    C0]  net_rx_action+0x627/0xf70
[ 1975.585634][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1975.590752][    C0]  ? kvm_sched_clock_read+0x11/0x20
[ 1975.595973][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1975.601281][    C0]  handle_softirqs+0x22a/0x7c0
[ 1975.606058][    C0]  ? do_softirq+0x76/0xd0
[ 1975.610394][    C0]  ? sk_wait_data+0x20e/0x4d0
[ 1975.615089][    C0]  do_softirq+0x76/0xd0
[ 1975.619250][    C0]  </IRQ>
[ 1975.622198][    C0]  <TASK>
[ 1975.625146][    C0]  __local_bh_enable_ip+0xf8/0x130
[ 1975.630263][    C0]  sk_wait_data+0x20e/0x4d0
[ 1975.634800][    C0]  ? __pfx_sk_wait_data+0x10/0x10
[ 1975.639979][    C0]  ? __pfx_woken_wake_function+0x10/0x10
[ 1975.645635][    C0]  ? __tcp_send_ack+0x21a/0x4f0
[ 1975.650507][    C0]  tcp_recvmsg_locked+0xd71/0x35b0
[ 1975.655653][    C0]  ? is_bpf_text_address+0x292/0x2b0
[ 1975.660957][    C0]  ? kernel_text_address+0xa5/0xe0
[ 1975.666095][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[ 1975.671047][    C0]  ? __pfx_tcp_recvmsg_locked+0x10/0x10
[ 1975.676614][    C0]  ? stack_trace_save+0xa9/0x100
[ 1975.681584][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1975.686975][    C0]  ? stack_depot_save_flags+0x33/0x810
[ 1975.692442][    C0]  ? aa_label_sk_perm+0x529/0x6d0
[ 1975.697575][    C0]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1975.702608][    C0]  ? lock_sock_nested+0x6a/0x100
[ 1975.707556][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1975.712950][    C0]  ? __local_bh_enable_ip+0xd0/0x130
[ 1975.718247][    C0]  tcp_recvmsg+0x213/0x7f0
[ 1975.722682][    C0]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1975.728197][    C0]  ? aa_sk_perm+0x82d/0x960
[ 1975.732725][    C0]  ? __fget_files+0x2a/0x420
[ 1975.737345][    C0]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1975.742299][    C0]  inet6_recvmsg+0x13e/0x6c0
[ 1975.746910][    C0]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1975.751774][    C0]  ? __pfx_inet6_recvmsg+0x10/0x10
[ 1975.756899][    C0]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 1975.762194][    C0]  ? security_socket_recvmsg+0x7e/0x2c0
[ 1975.767763][    C0]  sock_recvmsg+0x105/0x270
[ 1975.772281][    C0]  __sys_recvfrom+0x240/0x3c0
[ 1975.777062][    C0]  ? __pfx___sys_recvfrom+0x10/0x10
[ 1975.782264][    C0]  ? freezing_slow_path+0x115/0x160
[ 1975.787486][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1975.793301][    C0]  ? __pfx_kcov_ioctl+0x10/0x10
[ 1975.798173][    C0]  __x64_sys_recvfrom+0xde/0x100
[ 1975.803520][    C0]  do_syscall_64+0xe2/0xf80
[ 1975.808054][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1975.814144][    C0]  ? trace_irq_disable+0x37/0x100
[ 1975.819205][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 1975.824005][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1975.829928][    C0] RIP: 0033:0x7f1b3db9aeb9
[ 1975.834374][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1975.854033][    C0] RSP: 002b:00007f1b3ea2c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[ 1975.862483][    C0] RAX: ffffffffffffffda RBX: 00007f1b3de16180 RCX: 00007f1b3db9aeb9
[ 1975.870483][    C0] RDX: fffffffffffffd0b RSI: 0000200000000080 RDI: 0000000000000003
[ 1975.878526][    C0] RBP: 00007f1b3dc08c1f R08: 0000000000000000 R09: fffffffffffffd25
[ 1975.886596][    C0] R10: 00000000c9100120 R11: 0000000000000246 R12: 0000000000000000
[ 1975.894584][    C0] R13: 00007f1b3de16218 R14: 00007f1b3de16180 R15: 00007f1b3df3fa48
[ 1975.902590][    C0]  </TASK>
[ 1975.905634][    C0] Modules linked in:
[ 1975.909692][    C0] ---[ end trace 0000000000000000 ]---
[ 1975.915207][    C0] RIP: 0010:skb_segment+0x2ac4/0x3f80
[ 1975.920619][    C0] Code: 00 00 00 8b 6c 24 58 81 7c 24 14 ff ff 00 00 0f 85 1c e1 ff ff e8 ec d1 60 f8 48 8b 44 24 20 48 8d 58 70 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 14 09 00 00 8b 1b e9 21 e1 ff ff e8 c3
[ 1975.940261][    C0] RSP: 0018:ffffc90000006310 EFLAGS: 00010202
[ 1975.946361][    C0] RAX: 000000000000000e RBX: 0000000000000070 RCX: ffff88802a010000
[ 1975.954370][    C0] RDX: 0000000000000100 RSI: ffff8880907ff06e RDI: 000000000000ffff
[ 1975.962376][    C0] RBP: 0000000000000003 R08: ffff88802a010000 R09: 0000000000000002
[ 1975.970382][    C0] R10: 000000000000a888 R11: 0000000000000100 R12: ffff8880907ff060
[ 1975.978391][    C0] R13: 00000000fffffff8 R14: 0000000000000000 R15: dffffc0000000000
[ 1975.986418][    C0] FS:  00007f1b3ea2c6c0(0000) GS:ffff8881256f3000(0000) knlGS:0000000000000000
[ 1975.995377][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1976.001985][    C0] CR2: 00002000002db030 CR3: 0000000040fe8000 CR4: 00000000003526f0
[ 1976.010000][    C0] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000404
[ 1976.017983][    C0] DR3: ffffffffefffbf14 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1976.025992][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 1976.033779][    C0] Kernel Offset: disabled
[ 1976.038108][    C0] Rebooting in 86400 seconds..