last executing test programs:

17m4.085908077s ago: executing program 32 (id=829):
timer_create(0xfffffffc, 0x0, &(0x7f00000011c0)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000140), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
r2 = gettid()
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)
tkill(r2, 0x7)
close_range(r1, 0xffffffffffffffff, 0x0)

9m54.532427827s ago: executing program 33 (id=3086):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="58000000100001042dbd", @ANYRES32=0x0, @ANYBLOB="faba817dbcb5f31a24001280110001006272696467655f736c617665000000000c0005800500010005000000140003006272696467655f736c6176655f30"], 0x58}, 0x1, 0x0, 0x0, 0x10044854}, 0x20004040)

9m45.865164121s ago: executing program 34 (id=3146):
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x143480, 0x20)

9m42.557722202s ago: executing program 35 (id=3159):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x5, 0x7fff7ffc}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed, 0x1029577e49}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe5b, 0xac, 0x1b)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x7f, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0xb3, 0x39da], 0x30000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m47.555719309s ago: executing program 36 (id=4751):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x0, 0xa, 0x3ffffffb, 0x14, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x0, 0x2}, 0x50)
syz_io_uring_setup(0x5b0f, &(0x7f0000000000)={0x0, 0xfffffff8, 0x80, 0x0, 0x8c}, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000016500000000c0a010300000000000000000100000008000440000000000900010073797a30000000002800038024000080200001801a0001"], 0xd4}}, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000e40), 0x40001, 0x0)
mlock(&(0x7f0000840000/0x4000)=nil, 0x4000)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff9000/0x6000)=nil, 0x6000, &(0x7f0000000140)='\x00')
mremap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
dup(r2)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000080)={0x10000000})

6m45.601515145s ago: executing program 37 (id=4763):
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000000))
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000fed000/0x13000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x6, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xb, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xffff}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x30040094)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x18)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000080)={0xa, 0xab, 0x8001, 0xd74, 0x5, "7c6a9e60609c74931300000000000400", 0x4bfa824e, 0x6})

6m39.25171909s ago: executing program 38 (id=4795):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x1)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82)

6m35.23192948s ago: executing program 39 (id=4808):
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000380), 0x1, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x101840, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940))
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
io_destroy(r1)
write$cgroup_pid(r0, 0x0, 0x0)
setreuid(0x0, 0xee00)
msgrcv(0x0, 0x0, 0x0, 0xd2f79d26f0753ec0, 0x3400)

6m33.078967479s ago: executing program 40 (id=4816):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x0)

6m10.914427726s ago: executing program 41 (id=4823):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet(0x2, 0x3, 0x8d)
ioctl(0xffffffffffffffff, 0x8916, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000010c0)={<r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
recvfrom(r2, &(0x7f0000004000)=""/4112, 0xfffffffffffffedc, 0x2080, 0x0, 0x0)

5m54.616345696s ago: executing program 42 (id=4836):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000000), 0x4)

5m52.969497814s ago: executing program 43 (id=4845):
r0 = openat$kvm(0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x3)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000240)={0xf000, 0xf000, 0x0, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000003c0)={0xb03, 0x3000, 0x0, r2})

5m50.971088827s ago: executing program 44 (id=4855):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000200)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
syz_clone3(&(0x7f0000000080)={0x180801400, 0x0, 0x0, 0x0, {0x3d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x0)

5m48.707037891s ago: executing program 45 (id=4861):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x83, 0x7fff0002}]})
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0xa, 0x5, 0x0)
ptrace(0x10, r0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000100))

4m57.43778251s ago: executing program 46 (id=4940):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in=@remote}}, {{@in=@local}, 0x0, @in=@initdev}}, &(0x7f0000000400)=0xe8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
tkill(0x0, 0xb)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x1e)
bpf$BPF_LINK_CREATE(0x8, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff, 0x3, 0x0, @val=@tracing={0x0, 0x7}}, 0x20)

4m11.081280032s ago: executing program 47 (id=5158):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000600)=0x9, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000), 0x0)
listen(r0, 0x7)

3m49.616906224s ago: executing program 48 (id=5216):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0xb8, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_USERDATA={0x73, 0x7, 0x1, 0x0, "6fafd039d9febfc3566a4f895995a302c540f502692873d0db58bc5490e2e49f2e87e2f149f9d6e891a3e63dd9a6b5b23d3b18aaebcbce6089b68838e105aeac045549b9964dbd96dd1ffd229056c21320095657ae68ff24325210ed1b10b1ce3716eca88af16d9130169450fab26f"}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x1}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xe0}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0xb8, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_USERDATA={0x73, 0x7, 0x1, 0x0, "6fafd039d9febfc3566a4f895995a302c540f502692873d0db58bc5490e2e49f2e87e2f149f9d6e891a3e63dd9a6b5b23d3b18aaebcbce6089b68838e105aeac045549b9964dbd96dd1ffd229056c21320095657ae68ff24325210ed1b10b1ce3716eca88af16d9130169450fab26f"}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x1}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xe0}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010) (async)

3m44.814227108s ago: executing program 49 (id=5229):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x200, 0x70bd28, 0x0, {0x60, 0x0, 0x0, 0x0, {0x5, 0x10}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RAW={0x8, 0xc, 0x1}]}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000) (fail_nth: 1)

3m44.025815048s ago: executing program 50 (id=5232):
r0 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pread64(r3, &(0x7f0000000140)=""/82, 0x52, 0xffffffffffffffc0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0xc48}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0)

3m42.601910727s ago: executing program 7 (id=5236):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00'})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f00000014c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000080), 0x40002df, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf2000000000000015000000081400002d0301000000000095000000000000006916600000000000bf6700000000000026030000d64dfddf6706000009000000170300000ee60060bf050000000000001d360000000000006507f9ff01000000070700004c00d6cfcc75000000000000bf54000000000000070400000400f9ffad4301000000000095004000000000000500000000000000950000000000000032ff7f5be95e09b67754bb12feffffff8ecf264e0f84f9f17d3c51e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703d6c4f6f3be5b369289aa6812b8e007e733a9a4f16d0abbd5ad9381806ef08513e3d3778a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad5b803306b17cf4ef3f1d45f65727546e7c955ccefa1f6ab689fde4de4e63edf10271a5144ddc8da3aa5b0ab733a1b9ff129e609f4c787c6002d4519af619e3a2a4d69e0dee5eb106774a8f3e6916dfec88b5634ef79b02d2ca8ff54c158f0200000000eafb735fd552bdc206004aeb0743eb2dc819cf5c8ac86d8a297dff0445a13d00dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174cecac4d03723f1c932b3faffffffffffffff5fc998e13b670e373e3e5897f7ad2e99e0e67a993716dbf580469f0f53acbb40b401e3738270b315d362ed834f2a0700000096649a462e7ee4bcf8b07a101c879730beb4000000000000000000000000000000bc00f674629709e7e78f4ddc3d1bc3ebf0bd9d42ca019dd5d022cf7468659fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7eab04871bc47287cd313f3bea788ea2bcdc340ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f3767ce603c9d48cac052ca363f601ae899a53f67b63d20a268bb9f15a0a6e66ce4660fbee91629ab028acfc1d9260e9659a0f6a5480a55c22fe3ae5f562d0ae520c38d2bab6528000000596fb73a96b33c81cdbbd421a27f7f1db054cc7a0a4d372849c99a98822103b9851d924b85b1ca4b21b187db00000000000000066dead3b9670a7604a5ddd0fd2e4fb8a5749a8a8ad78454ba1eebeff1b528da294247d294d2487babb176fdfafeb3d492a325671e6b91afb41f87feda4ce2f468a3758750c0b8f151d4d8574bbbe027687a0e12311cdf3384a26ee3f6f2424b92e5be98ef1f8f2db9a4991e234f9f447e1730ceaf54cf25c0e3ad7cbb0de06d559b89d154c9d3fcd01c551b0ef5d5305845b9a8763b264e8f0bcd0f606fe92e511f122325ebc5fef1b67845d0eb8b8a4f97f83424221e94a5c4623feb8496ccdbc55b27773bf1b3e6a91a20e0c27fc80262647f88d8d1123d199b2c7729bb7700e887ea963f00004a1d0851dbfb9308d16cadcc7b477c9a84e3d6bd82526898735552a203c4797228533b1a73ab44aa115136353964648abcc4adbe765556643842290a92eafea0ec2c000000000000000000000000000000e1f3518dc3fc2bbefe043804ac1b6b1c8b7e3afed045a3a808700bca61a39d5bfa83877803013e2d145e642253632f3a283c6eee0e22cb69fe7f94786220c31e9b2a82a9856e947bace74923e4740bf1c17cb41ef19161c3d417655517c28bd08dee32d77a40b834ba7a12223354e9321b8300f7d5d63fa0e8f074adc176285a8f41609ce040cec99943792f5443ca5292447b0f0f240743c4b2b8142ce0b43d4d1731ce11533f61ef241c83557f5aae58a848b5ccce86b8b0fb21fe369c90f06e2d9680003df72f3f0060e6c3415cc1026d342003bece09fbfd062efdd9b48377335903f3b4e87386915e3ac429a4db646da1cc6e29ad8650f4da326cbfdce12c8d5deba32549d6aefe422e0d665d62325c737fe76ec1f3c3670ed96f86738a2cf1c59b5f9b84ffd068f7b4509f53617910a41b811a3f7cd6251f8100008133af11a4db2d00c0ad86ce9f40f3e06b41b45f72"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xf000000}, 0x48)
recvmmsg$unix(r2, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)}}], 0x1, 0x0, 0x0)

3m41.169829876s ago: executing program 7 (id=5237):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x68cd42, 0x4)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file4\x00', 0x100, 0x74e)
openat$cgroup_ro(r1, 0x0, 0x275a, 0xb)
read$FUSE(r0, &(0x7f0000001fc0)={0x2020}, 0x2020)

3m41.073166516s ago: executing program 7 (id=5238):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, &(0x7f0000000240)={0xfffffffffffffdef, &(0x7f0000000140)={0x0, 0x22, 0xd6, {0xd6, 0x23, "fb996a6fc2c755e83306591a56f9b169d3b3a5480044c495e145f7ddb9c37a7bc4a5184387c1ab36987f354d71fe6874d709d1ec8c73766a468681d22715d023948d0426ca32424420575cb7f48f4a51d1f7e01f161d64f5517a3f901db135a754514faef31ece4cc4fc937e928efb63e32dfd29850b47939e37b78227f47f93b9c84b0356edbe9fc37a5a43d940c69b0025dcb600ad8917ac0642ce861ff402f7fa4f552fce2d3c29db302375c0fedc1e225d93701f4ad8c9f202ee65e4bdb3b258ab779197363e701f696430fb250b9e42540d"}}, &(0x7f0000000040)={0x0, 0x3, 0xa6, @lang_id={0x0, 0x3, 0x843}}}, &(0x7f00000005c0)={0x34, &(0x7f0000000280)={0x60, 0x5, 0x4a, "1598be410087474bf503214be5e820c996ba6ab34c93550fb06cd9059dec6b417ceedd71345e86de40c35e2611cdf2a05a25c4e02fc5884ade0b34b8d7d79c6e6b57a915210dcb9a07de"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000600)={0x0, 0x8, 0x1, 0xff}, &(0x7f0000000380)={0x20, 0x0, 0xfb, {0xf9, "429a4d395cf1c5208dc245cd779c20b7442aa1b03c875ac40094e384e14939fbf35d11b0b98a3ac1cab0424e028dfd5aace6c74050d817a87849f21f9bc052668ed34a501e35eb12f42d4bfefc1f23d3940382e8801a0fe9a4005f3fe34108fd1042d4e1ebc6b491bfb3962d606629ddb26263f8b18852a4c7051875fa633d17b7a0bd8a91713d3922ba42e7d16ec69a7804535a02109cb6d4bf0e924bd6b151812cfe68dad87b4f405dba903cd46c4e7ec069b08c4eb6f5b7d55f657d98c634943ffc1b8f751be6695dd11ae01a0b43eb6c9499504f6f7a18637d7cf12516f746851a9161ac69a6281acded644cc5394f0df89e729c93480d"}}, &(0x7f0000000540)={0x20, 0x1, 0x1, 0x51}, &(0x7f0000000580)={0x20, 0x0, 0x1, 0x8}})

3m37.955247398s ago: executing program 7 (id=5239):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0)

3m37.825992935s ago: executing program 7 (id=5240):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r0, r0, 0x200000000000000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xa000, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
userfaultfd(0x1)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)

3m37.06588165s ago: executing program 7 (id=5241):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in=@remote}}, {{@in=@local}, 0x0, @in=@initdev}}, &(0x7f0000000400)=0xe8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3m36.901033976s ago: executing program 51 (id=5241):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast2, @in=@remote}}, {{@in=@local}, 0x0, @in=@initdev}}, &(0x7f0000000400)=0xe8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3m19.670339722s ago: executing program 5 (id=5243):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f00000000c0)=""/111) (fail_nth: 1)

3m19.501920269s ago: executing program 5 (id=5244):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x68cd42, 0x4)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file4\x00', 0x100, 0x74e)
openat$cgroup_ro(r1, &(0x7f0000000900)='net_prio.prioidx\x00', 0x275a, 0xb)
read$FUSE(r0, 0x0, 0x0)

3m19.372020011s ago: executing program 5 (id=5245):
symlinkat(&(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
r0 = syz_usb_connect$hid(0x2, 0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000400b060a7000000200000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB="de0057000000f92c"], 0x0, 0x0, 0x0, 0x0}, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
syz_open_dev$loop(&(0x7f0000001000), 0xfffffffffffffbee, 0x10000)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
getpid()
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000e40)={0x2, 0x3, {0xffffffffffffffff}, {0xffffffffffffffff}, 0x18c6, 0xfffffffffffffff7})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000e80)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xffffffffffffffff}}, './file0\x00'})
accept4$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000f00), 0x1800)
sendmmsg$unix(r1, &(0x7f0000000fc0)=[{{&(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000ac0)}, {&(0x7f0000000bc0)="9add5f7379bc50df81a214eeacbb55d5bfa87e5d549b53e3a687e1f3fda29ba537b6d364516f19d6fae50637833088d07b89c83197c047c555cdf15e5de7b82c877755a2e2c9ec9575bb9a2b16ea657eabddd2980ca07b6a86a1222a97b3265f2e26", 0x62}, {&(0x7f0000000c40)="449aefd15c225fc3cefb1230a90ea9fc7fe510b094cfe82f93fb4c7d40e8b02bc39f69d7390b2ef8212f15ba268e7ed3ebbed3e4510e7316ce43563599329f686d7c75417dda651d210fd7bd92a94af6830871786ece9ddbfc28b7089a01d285ce679a88e1b6b7cd376490fb9137fbfed19afde4dc243f8229671e19f73f48e0196c4d9fb85d081b5b369b7d00b28041a49f6d111fcfe7c60599761fc8e1376335774cc92c5a6ec566", 0xa9}, {&(0x7f0000000d00)="29b58692e3818a381035bc944aff4f2884461a4989a925cb7b8c92965d59530b65048afe1b992111c13a54d66c737fc8bdd1915a5300bba06786127a04519798e0e9b153ce31e61f0ff5de5117fb739336682aad18b7a6b6929aee", 0x5b}, {&(0x7f0000000d80)="846507996ade81ab63f4385766ce236ed35f2c9ffdb42c634cb7a7101e41e0a8", 0x20}], 0x5, &(0x7f0000000f40), 0x0, 0x8040000}}], 0x1, 0x2000)
r2 = syz_usb_connect$cdc_ncm(0x2, 0x118, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x18, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x106, 0x2, 0x1, 0x8, 0x10, 0x7, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "e80388c522"}, {0x5, 0x24, 0x0, 0xe}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x8000, 0xbe, 0x7f}, {0x6, 0x24, 0x1a, 0xff, 0xc}, [@mdlm_detail={0xa5, 0x24, 0x13, 0x5, "8918478ee6a007ea021e6d0b3631983e726964433c697b1f2121355f66640bb6b4bbf8832997d44be31f4156a30d3596603186a4a0cb223015429c917c6fa43c3d81c7b2f25e86107b4e320df94aae8efa95629abc81a4cd92fabffead284b4e294de93066b1cbf7b0ee264590ac30a3951510d9df074b23b1bf15a92d41ee143b673b0b07ec894c0d36baadadaa05a6ada79c221622e270f6054263218e53eea7"}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x3, 0x6, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x54, 0x4, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x7f, 0x5, 0x6}}}}}}}]}}, &(0x7f0000000500)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x250, 0x0, 0x5, 0x2, 0x40, 0xfb}, 0x6a, &(0x7f0000000a00)=ANY=[@ANYBLOB="050f6a000403100b221003020000080126fc511003cda24162e70fb5b518000000629e5e7d5e835add10ac1d838be63881c37718fc5ff6d77d58363d0bde03ba7ce905b0e18c898f289ce7e6eac1fba265415f6d052e8059754a1d984890a3fb9f65b08cb8386b24638e8e6eb817665854f80d96071082029f7f0000000000000000000000005fccc503e715afa53b5badec34488bbe465e97ba24ed42e21db675111d3f54a1776224f6"], 0x6, [{0x26, &(0x7f00000002c0)=@string={0x26, 0x3, "eed758e48d28eefd2d877527f0dee3718231e05536e50314be63974b3b38e045966e5471"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x43f}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x300a}}, {0x83, &(0x7f0000000400)=@string={0x83, 0x3, "477a07948e57ad529a3ba7b15d2abd2d7a593b7bba3b1ca0635734fb723e72b1c02e2a7cd7ee26bc2e993d488da55ed151316df0be1a9ace9795526fcf9c21c9545f785561f8154fc34520f1a8109f7692458db3ecfa72c7369e165163653f67ee848c6efe8ea128380d9e0cc9278cdc96d3656bf01512121d461e0eb13fdc3c68"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x436}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x861}}]})
syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000700)={0x14, &(0x7f0000000580)={0x40, 0x3, 0xdb, {0xdb, 0x4, "ce4e97c0c0c1db5a504f04380be0601cc09a0ff31c4421d91e8611984fec9fdb2cd79f1a7153c73fd326ebe83baa14bb6396678768e04bd53962418cb7251869268bf186729d8c281dd8c2ac5f873e152b9f54e40e4f62e7b1817ba2e9ac3d465d7bb74a8a62d4af3ece88ed2ed656ab805c2335d67d6ce8b9d546af9de777cb643406e825bfe2ca4700794a1d54af68b703924b0b2adccd4bd06eee2e4e225fa28f2c52392464604080a2a3be44b5974e0fedc7ededded8dad4285166e6cae3003a36ab57f578f752c5866d247c37fa3721868f38c72c43d2"}}, &(0x7f00000006c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000980)={0x44, &(0x7f0000000740)={0x0, 0x8, 0x6b, "a7e70474973956e8aaef3e7207eef03c38fa35728b3a3814a412d0bd9f02f9ba2dd64a4ddcfb68b2347e2b308fd4c02f1bdbd2d85cf04fb717e75bede0fadfa659b5dcdab76a6de4df9f1d5774bd1dbe76bcd6f9f6af1a1a225a8377e9187a28ed5a27a4c5b8578d4f33b2"}, &(0x7f00000007c0)={0x0, 0xa, 0x1, 0xb8}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000840)={0x20, 0x80, 0x1c, {0x4, 0x5, 0x2, 0xfff, 0x1, 0x1, 0x4, 0xfffffffc, 0xfff5, 0x2, 0x9, 0x1000}}, &(0x7f0000000880)={0x20, 0x85, 0x4, 0x1000}, &(0x7f00000008c0)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000900)={0x20, 0x87, 0x2, 0x92}, &(0x7f0000000940)={0x20, 0x89, 0x2}})

3m17.551882569s ago: executing program 5 (id=5246):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0)

3m17.343856836s ago: executing program 5 (id=5247):
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0), 0x800, &(0x7f0000000680)={[{@release_agent={'release_agent', 0x3d, './file0'}}, {@release_agent={'release_agent', 0x3d, './file0'}}]})

3m16.452646418s ago: executing program 5 (id=5248):
r0 = socket(0x11, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000000480)=[{{&(0x7f0000000400)=@qipcrtr={0x2a, 0x4, 0x1}, 0x80, 0x0}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x2, 0x0)
unshare(0x8040600)
r1 = socket$packet(0x11, 0x2, 0x300)
close(0xffffffffffffffff)
syz_usb_connect(0x6, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="050100003a00ea2089044ee0a3e401020301090200000080001000090426030039f7e805"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x6, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000faffffff0000000000004000850000002c0000001800000004000000000000000700000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r2, 0x27, 0xe, 0x0, &(0x7f0000000640)="ed7e17526b2d6f70ac1ae867fd2a", 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
lremovexattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@known='system.posix_acl_access\x00')
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
pread64(r4, &(0x7f0000002140)=""/17, 0x11, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xf, &(0x7f0000001640)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r8)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000007000000040000000200000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r10}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r10, &(0x7f0000000600), &(0x7f0000000340)=@udp6, 0x1}, 0x20)
sendmsg$ETHTOOL_MSG_STRSET_GET(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)={0x2c, r9, 0x1, 0x4070bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80d0}, 0x4800)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xa4, r9, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_HEADER={0x80, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0xa4}, 0x1, 0x0, 0x0, 0x2000}, 0x4000014)
setsockopt$packet_int(r1, 0x107, 0xc, 0x0, 0x0)

3m16.186892674s ago: executing program 52 (id=5248):
r0 = socket(0x11, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000000480)=[{{&(0x7f0000000400)=@qipcrtr={0x2a, 0x4, 0x1}, 0x80, 0x0}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x2, 0x0)
unshare(0x8040600)
r1 = socket$packet(0x11, 0x2, 0x300)
close(0xffffffffffffffff)
syz_usb_connect(0x6, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="050100003a00ea2089044ee0a3e401020301090200000080001000090426030039f7e805"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x6, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000faffffff0000000000004000850000002c0000001800000004000000000000000700000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r2, 0x27, 0xe, 0x0, &(0x7f0000000640)="ed7e17526b2d6f70ac1ae867fd2a", 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
lremovexattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@known='system.posix_acl_access\x00')
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
pread64(r4, &(0x7f0000002140)=""/17, 0x11, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xf, &(0x7f0000001640)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r8)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000007000000040000000200000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r10}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r10, &(0x7f0000000600), &(0x7f0000000340)=@udp6, 0x1}, 0x20)
sendmsg$ETHTOOL_MSG_STRSET_GET(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)={0x2c, r9, 0x1, 0x4070bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80d0}, 0x4800)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xa4, r9, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_HEADER={0x80, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0xa4}, 0x1, 0x0, 0x0, 0x2000}, 0x4000014)
setsockopt$packet_int(r1, 0x107, 0xc, 0x0, 0x0)

2m45.068828647s ago: executing program 2 (id=5341):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0x8)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f00000000c0)='gfs2meta\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x4)
dup2(r5, 0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000060c11afb0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, 0x0, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaa308004500005800660000f92f9078ac1e0001ac1414bbd82bbe980d8e22f8820421880b0000000301000800050086dd080088be000000031106e5050100000000000002080022eb000000042803d2ff02000048d8000004fffa26080800655800000003"], 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002c266690ba70000000000001000000"], 0x14}}, 0x0)

2m43.017981997s ago: executing program 2 (id=5349):
rt_sigpending(0x0, 0x0)

2m42.624007942s ago: executing program 2 (id=5351):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f00000005c0)=[{0x3, 0x4, 0x5, 0x1, @tick, {0x1, 0x10}, {0x4, 0x10}, @raw32={[0x4, 0x1]}}, {0x5, 0x6a, 0xfa, 0x2, @tick=0xc0, {0x9e, 0x66}, {0x52, 0x75}, @result={0xb4c, 0x8}}], 0x38)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003800000038000000030000000100000000000001000000000000000000000000000000010500000010"], 0x0, 0x53}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000200000000000000000000020200000000000000010000050000000000"], &(0x7f0000001f40)=""/4089, 0x3e, 0xff9, 0xa}, 0x28)
read$snapshot(r1, 0x0, 0xffffffbf)
ioctl$SG_GET_NUM_WAITING(r1, 0x227d, 0x0)

2m42.32989174s ago: executing program 2 (id=5354):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x1214040, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0\x00')

2m41.831479775s ago: executing program 2 (id=5356):
syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "001b01", 0x18, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x2, 0x3, 0x1, 0xfffffff6, [{0x5, 0x1, "c89600000500"}]}}}}}}, 0x0)
acct(0x0)
umount2(0x0, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x801}, 0x4000000)

2m40.501972679s ago: executing program 2 (id=5361):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)

2m39.685016035s ago: executing program 53 (id=5361):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)

2m26.740397718s ago: executing program 4 (id=5426):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f00000000c0)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000000)="3f000000010000", 0x7)

2m26.456737557s ago: executing program 4 (id=5427):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/uts\x00')

2m26.249652412s ago: executing program 4 (id=5428):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_SET_ID={0x0, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_FLAGS={0x0, 0x3, 0x1, 0x0, 0x19}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_EXPRESSIONS={0x1d, 0x12, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @match={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x0, 0x3, "e7901f392248c6234bd03dac34c8171cd977f1c0960061075c5f31ffbeb955b23740906f6e74b66138fc2cecac36f8ad822d9c0ba40500d9f816d5e807a11f0aa747a69bc324f0465dff1c223af4139914f7ee1f832b09268adb8b289fc85724abe7eaef4ed79740"}, @NFTA_MATCH_INFO={0x0, 0x3, "6267c896528634d43b845664246b23c0"}, @NFTA_MATCH_NAME={0x0, 0x1, 'dccp\x00'}, @NFTA_MATCH_REV]}}}, {0x0, 0x1, 0x0, 0x1, @fib={{}, @void}}]}, @NFTA_SET_KEY_LEN={0x0, 0x5, 0x1, 0x0, 0x11}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x5, 0x84}}}, 0xbc}, 0x1, 0x0, 0x0, 0x24044004}, 0x24054084)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x1, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1, 0x1})

2m26.11845317s ago: executing program 4 (id=5429):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000f2ffffff0000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x4000000, 0x3c, 0x72, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0xd7, 0xc4, &(0x7f0000000400)="cf2240e6919817e49555d221b4e6c6ba11c4d974ddab2318db7b52cee499399a00be4b71119246d7bca28cc8346eb84414e45f3f4633f4acb77bf8cc38c4c16fe035905db79cdc0be634a915662c4cac58ae94706f86ea320f339c21399b5bb7607044916c63c528ab4149718d6215a9a3749113c268e49b2b9dae91ed804e5ac5d4ec7ac9c5fd67a76f9a2b06f7304f6e81221a751008e786e1edde82cf1ecb76cb4cd71cf781ea3a19b917a1e215b1a6c7ee605b32b91eaae38517fde4303d5f2b1e63e9e52ae4b197fd72de1f71801e1f9f1369d1f5", &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31ec60bb901d96ea99471d823ee523318878ee704a8d9502b566cad45587cb74ea8259c1c0a926fc09499395b2db5af40bb6f4c526", 0x0, 0x8000}, 0x50)

2m25.933990101s ago: executing program 4 (id=5430):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) (fail_nth: 1)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/uts\x00')

2m25.563423779s ago: executing program 4 (id=5431):
r0 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x40600)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)
ioctl$TCSBRKP(r1, 0x5425, 0x1)
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3, 0x3}, 0x18, 0x0) (async)
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0xa) (async)
landlock_restrict_self(r3, 0xa)
open(&(0x7f0000000000)='./file0\x00', 0x703042, 0x6)
r4 = socket$inet6(0xa, 0x3, 0x5)
sendmmsg(r4, &(0x7f00000004c0)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @loopback, 0x4, 0x1}, 0x80, 0x0, 0x0, &(0x7f00000002c0)=[{0x18, 0x29, 0x37, "465ba3ee"}], 0x18}}], 0x1, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x10400, 0x0)
pipe2(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r7, &(0x7f0000000100)=ANY=[], 0xffffff6a) (async)
write$P9_RGETLOCK(r7, &(0x7f0000000100)=ANY=[], 0xffffff6a)
splice(r6, 0x0, r5, 0x0, 0x40010003, 0x0) (async)
splice(r6, 0x0, r5, 0x0, 0x40010003, 0x0)
r8 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
ioctl$FS_IOC_SETVERSION(r8, 0x40087602, &(0x7f0000000080)=0x3e9) (async)
ioctl$FS_IOC_SETVERSION(r8, 0x40087602, &(0x7f0000000080)=0x3e9)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x1b) (async)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x1b)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a9}, 0x0, 0x0)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x6, 0x2, 0x6, 0x2, 0xffffffff}, [@TCA_NETEM_RATE={0x14, 0x6, {0x4, 0x2, 0x0, 0x4}}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x880}, 0x8010)

2m9.906634239s ago: executing program 54 (id=5431):
r0 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x40600)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)
ioctl$TCSBRKP(r1, 0x5425, 0x1)
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3, 0x3}, 0x18, 0x0) (async)
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0xa) (async)
landlock_restrict_self(r3, 0xa)
open(&(0x7f0000000000)='./file0\x00', 0x703042, 0x6)
r4 = socket$inet6(0xa, 0x3, 0x5)
sendmmsg(r4, &(0x7f00000004c0)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @loopback, 0x4, 0x1}, 0x80, 0x0, 0x0, &(0x7f00000002c0)=[{0x18, 0x29, 0x37, "465ba3ee"}], 0x18}}], 0x1, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x10400, 0x0)
pipe2(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r7, &(0x7f0000000100)=ANY=[], 0xffffff6a) (async)
write$P9_RGETLOCK(r7, &(0x7f0000000100)=ANY=[], 0xffffff6a)
splice(r6, 0x0, r5, 0x0, 0x40010003, 0x0) (async)
splice(r6, 0x0, r5, 0x0, 0x40010003, 0x0)
r8 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
ioctl$FS_IOC_SETVERSION(r8, 0x40087602, &(0x7f0000000080)=0x3e9) (async)
ioctl$FS_IOC_SETVERSION(r8, 0x40087602, &(0x7f0000000080)=0x3e9)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x1b) (async)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x1b)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a9}, 0x0, 0x0)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x6, 0x2, 0x6, 0x2, 0xffffffff}, [@TCA_NETEM_RATE={0x14, 0x6, {0x4, 0x2, 0x0, 0x4}}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x880}, 0x8010)

1m34.249858981s ago: executing program 3 (id=5582):
r0 = socket$rds(0x15, 0x5, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x2ffe, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x4b, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000000)={0x0, 0x399a, 0x5, 0x1, 0x2})
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x2)
syz_genetlink_get_family_id$tipc(0x0, r3)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SSUBSCRIP(r4, 0x89e1, 0x0)
syz_emit_ethernet(0x2a, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, 0x0)

1m31.742179216s ago: executing program 3 (id=5593):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000240)={0x3, &(0x7f0000000280)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x8, 0xffffb00c}, {0x6, 0xba, 0x2, 0xffff}]}, 0x10)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000700)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0", 0x114)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e23, 0x8020000c, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, 0x1c)

1m29.03507724s ago: executing program 3 (id=5601):
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r0 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), r3)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000800)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x38, 0x1410, 0x8b7fbbc5948fecd9, 0x70bd29, 0x25dfd9fc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004085}, 0x4004080)
setsockopt$sock_attach_bpf(r4, 0x1, 0x50, &(0x7f0000000700), 0x4)
io_uring_enter(r0, 0x47ba, 0xa25d, 0x0, 0x0, 0x0)

1m26.859704966s ago: executing program 3 (id=5603):
r0 = syz_open_dev$video4linux(&(0x7f0000000140), 0xffffffffffffffff, 0x141202)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f00000002c0)={0x0, 0x0, 0x19, 0x2, 0x1, 0x2000})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f00000096c0)=0x5, 0x4)
socket$packet(0x11, 0x2, 0x300)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40081c4}, 0x44000)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000020000000c000000001466bfdac3c37dd5273545b9193c412d42832b1bc897a82f6f0b95c99bcf82e5ef1a49736b94ceead334e440a96111d5713c3408ca3de393208cc5dfb2d637ec39407436c4494f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000640)=ANY=[@ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x2, 0x3, 0x0, 0xad7}, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="2000000040000701feffffff00000000017c000004004280040001800400028016a31fdf7ce10161d410ff422b8e2fbb5087050c7166e190fcfe13dbf82a57a82fefc92afd799452a689e3a5505df1e8cf0c701ad72839279467c82e3fe76ffc80600202809d4dcd4cc067db037194463cde68290cc1221d89661e517136f46f8a5ac4d4f3c149b0088309c4099b3eff05da02de1357713389"], 0x20}}, 0xc000)
r3 = socket$alg(0x26, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$IPVS_CMD_GET_DEST(r2, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10805}, 0x44049)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000540)='./file0/file0/file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
r7 = getpid()
syz_pidfd_open(r7, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f0000000240)={0x1, 0x94f0c401e8a45575, 0x1000, 0xe1, &(0x7f0000000300)="ed89224bf66978c8417d7c5fea482c879d51dc1abe88caf2fae5b620998d7a47c3db45b018afe9144f5ded8a2245058fd8ac072f3e26c5c2e85bc618dec43919a8298dd5367e6db788ba294e3f000557554a62b403bcff0a3cfd607cfcbf57f1fc4c6fd9fb989595514d242aa8eda04b16cf1c32e88bfe8abf4e3a83d352267225063bd9248b8040f1f91d48a3e1d1ffe07deb34631f6d575e90bf8453a37d684fbfc64b9b67a1023ef7fe3a597a29ca593bd92ed2c9c0017cc9e34adffe61d063c9e6ea2e4bfa2dc3f5c0b796562291515ef8048a96fcc567ce0203e0946bee76", 0x8e, 0x0, &(0x7f00000006c0)="682f2dcef213982bb86ebf2522ab87998dda5c758758612e58744c23eae9d506d0d399a38701eca582d289186f3226644d5d751a33ebbd34f4a6228698655d60abc041ff39f3dc8f327071e3bfd5490254b9f6805acafd40dd34e454a717c2df1f602d1a0c2169ab2c33b40bb6dabd17c76092d368b75e6baa73c310af01e677da2f8a4ecf55a432bc65eae859d2"})

1m25.681967067s ago: executing program 3 (id=5606):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x30}}, 0x0)

1m23.599534514s ago: executing program 3 (id=5614):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x700, 0x8000, 0xf62, 0x2, {{0x6, 0x4, 0x2, 0x18, 0x18, 0x67, 0x0, 0x0, 0x29, 0x0, @broadcast, @multicast1, {[@lsrr={0x83, 0x3, 0xf7}]}}}}})
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_macvtap\x00', 0x40)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/46, 0x0, 0x100000})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000380))
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
read$FUSE(r3, &(0x7f0000000640)={0x2020}, 0x2020)

1m22.947136541s ago: executing program 55 (id=5614):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x700, 0x8000, 0xf62, 0x2, {{0x6, 0x4, 0x2, 0x18, 0x18, 0x67, 0x0, 0x0, 0x29, 0x0, @broadcast, @multicast1, {[@lsrr={0x83, 0x3, 0xf7}]}}}}})
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_macvtap\x00', 0x40)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/46, 0x0, 0x100000})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000380))
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
read$FUSE(r3, &(0x7f0000000640)={0x2020}, 0x2020)

51.820023801s ago: executing program 0 (id=5755):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="40000000200025a729bd7000fddbdf250a0000cdff000001020001000800060000000000080018f64e234e2305001100"], 0x40}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
fanotify_mark(0xffffffffffffffff, 0x1, 0x40001019, r1, 0x0)
pread64(r1, &(0x7f0000000f80)=""/203, 0xcb, 0x3)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x2, 0xa, &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x2f, &(0x7f0000000140)=[{}, {}], 0x10, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x4e, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
r4 = socket$igmp(0x2, 0x3, 0x2)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004c0000440000000000059078ac1414000a01010044140903000000000000000000000000000000008903ce070200000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="86e4837a90780000"], 0x0)
listen(r5, 0x8)
listen(r5, 0x7fff)
setsockopt$MRT_INIT(r4, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$MRT_DEL_VIF(r4, 0x0, 0xcb, &(0x7f0000000280)={0x0, 0x1, 0xc, 0x82, @vifc_lcl_ifindex, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000380)={@rand_addr=0x64010100, @broadcast, r3}, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x10, &(0x7f0000000000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@ldst={0x3, 0x3, 0x3, 0x0, 0x0, 0x51}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="831026bd7000fcdb9f2b1600000018000180140002006e657464657673696d3000000000000005000300010000000500020000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4c810}, 0x20000004)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timerfd_create(0x0, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x500882, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)

49.31434718s ago: executing program 0 (id=5774):
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
timer_create(0x7, &(0x7f00000001c0)={0x0, 0x24, 0x4, @tid=r0}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="40000000000000002b694234ff247d632cbd7000fedbdf2500000000a8f2cf87c25f4cef5c4572ec55f3d683a190da71e1ccb56abf92d661c1b3486c9cdc1ab06339f0", @ANYRES32=0x0, @ANYBLOB="10ec04000000000014002b80080003001100000008000100", @ANYRES32, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4000014}, 0x0)
setsockopt$RDS_RECVERR(0xffffffffffffffff, 0x114, 0x5, &(0x7f0000000f80)=0x1, 0x4)
lsetxattr$security_capability(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000100), &(0x7f0000000140)=@v2={0x2000000, [{0x4, 0x3}, {0x4, 0x4}]}, 0x14, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'ip6tnl0\x00', &(0x7f0000000280)={'syztnl0\x00', <r5=>r2, 0x29, 0x9, 0x69, 0xfffffffa, 0xf3624590d5a74f6e, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, 0x10030, 0x1, 0x3ff}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r7=>0xffffffffffffffff})
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b00)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000}, 0x1, r8}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'virt_wifi0\x00', <r9=>0x0})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000440)=0x14)
sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000f00)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000ec0)={&(0x7f00000026c0)=ANY=[@ANYBLOB='0\n\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fedbdf250300000008000100", @ANYRES32=r2, @ANYBLOB="080102803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r2, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r2, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400ae0f000008000600", @ANYRES64=r10, @ANYRES16=r0, @ANYRES32=r2, @ANYBLOB="dc010280400081fa102405f34fc65f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400e3030000080007000000000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400020000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600a82d5973d45112478418649606a1995eb645a6db3486d7bb57b6b74360ef5b3da984ecc6501c72ac6e15aaf9bdb9a2688fba62e892adbcb8044759a11ac589dcf45835", @ANYRES32=r2, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="3800010024000100616374697665706f7200000000000000000000000000050003000300000008000400b3d39cf74dfd517080a19afa70138c5b99d20a95e51a6e44ae89d298d831b31284daf4b575dcbc6e8eaa715a8734ca4b5db80c62ea5a812afbff652999c544da58124a480fa81aef76e89df55a7dc679ef061feb59cca9ca1d2cd7a1f939f00cb92e53fe208b6a66b98e4a1a7e2f1a0ccddeb9b3f37d3039cdb33448ba81052c37d0e75f7f500569eee34f6832a7dd7fd784cb9681d1fd594ab1f5a3f76a73ba5066ec30d2b4a799f82de81c715a3ca65e281f5ab481d0e1544f384b6bd7ebba8c78a1f2d28123eef091bcec7fa0c45a53a14df80e3a5582a34f67f5e779e7a48f537a44dddb47cb999970c08817de19a1646626ebb4206649f3581ea693aaf44b7981a223d715da340f35e640275605cdac63d219d678fcacb2c4f4d4d981a0aa1082da1aac2ea21daebe779c460009", @ANYRES32=r2, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="74000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000004400040007000c0400800000504d01a59008000000020200bdffffff01000457070000000100fb6effffff7f000880030900000006000987070000007f0002800400000008000100", @ANYRES32=r5, @ANYBLOB="3001028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000800000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000040000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=r2, @ANYBLOB="44000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000110004006163746976656261636b75700000000034000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000400040008000100", @ANYRES32=r2, @ANYBLOB="4002028040000100240001007072696f726974790000000000000000000000000000000000005e308518882d78fab4000000000000050400000e000000080004", @ANYRES32=r8, @ANYRES16=r2, @ANYRES32=r2, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000200000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400137a0000080007000000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000200000008000600", @ANYRES32=r2, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400ffff000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e63650008000100", @ANYRES32=r2, @ANYBLOB="6402028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400feffffff08000600", @ANYRES32=r2, @ANYBLOB="7c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000004c00040008000240030000000080050a0600000001000104ff070000930c0940020000000600f95570af00000100510a01040000ff0f0afb050000000a000a06020000000000cdfc000000003c00010024000100656e61626c65640000000000000000000000010000e4b41638a700000000000000000000000500030006000000040004", @ANYRES32=0x0, @ANYBLOB="44000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001400040071027f0744050000000881e0020000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=r2, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004008000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400b2bbffff34000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000400040044000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000110004006163746976656261636b75700000000008000100", @ANYRES32=r2, @ANYBLOB="340102803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r10, @ANYBLOB="080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000400000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e6365003c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000"], 0xa30}, 0x1, 0x0, 0x0, 0x40000}, 0x326e6f5c4d4e390e)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0xfffffe98, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="8400000000010104000000000000000002000000240001801400018008000100ac1414bb08000200ac0314bb0c0002800500010000000000240002801400018008000100ac1414aa08000200ac1414000c0002800500010000000000080007400000000010001700000000000000000000000000100016"], 0x84}}, 0x0)
semtimedop(0x0, &(0x7f00000003c0)=[{0x0, 0x1}, {0x4, 0x4, 0x1800}], 0x2, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x4}, {0x2}], 0x2)
semop(0x0, &(0x7f0000001240)=[{}, {0x0, 0x0, 0x2000}], 0x2)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000100))

48.016123507s ago: executing program 1 (id=5615):
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@local, 0x9, 0x1, 0x3, 0x8, 0x4}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, r1, 0x3141e0b2751b0f9b, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x60c5}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x20, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

47.80882048s ago: executing program 0 (id=5784):
symlinkat(&(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
r0 = syz_usb_connect$hid(0x2, 0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000400b060a7000000200000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB="de0057000000f92c"], 0x0, 0x0, 0x0, 0x0}, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
syz_open_dev$loop(&(0x7f0000001000), 0xfffffffffffffbee, 0x10000)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
getpid()
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000e40)={0x2, 0x3, {0xffffffffffffffff}, {0xffffffffffffffff}, 0x18c6, 0xfffffffffffffff7})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000e80)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xffffffffffffffff}}, './file0\x00'})
accept4$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000f00), 0x1800)
sendmmsg$unix(r1, &(0x7f0000000fc0)=[{{&(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000ac0)}, {&(0x7f0000000bc0)="9add5f7379bc50df81a214eeacbb55d5bfa87e5d549b53e3a687e1f3fda29ba537b6d364516f19d6fae50637833088d07b89c83197c047c555cdf15e5de7b82c877755a2e2c9ec9575bb9a2b16ea657eabddd2980ca07b6a86a1222a97b3265f2e26", 0x62}, {&(0x7f0000000c40)="449aefd15c225fc3cefb1230a90ea9fc7fe510b094cfe82f93fb4c7d40e8b02bc39f69d7390b2ef8212f15ba268e7ed3ebbed3e4510e7316ce43563599329f686d7c75417dda651d210fd7bd92a94af6830871786ece9ddbfc28b7089a01d285ce679a88e1b6b7cd376490fb9137fbfed19afde4dc243f8229671e19f73f48e0196c4d9fb85d081b5b369b7d00b28041a49f6d111fcfe7c60599761fc8e1376335774cc92c5a6ec566", 0xa9}, {&(0x7f0000000d00)="29b58692e3818a381035bc944aff4f2884461a4989a925cb7b8c92965d59530b65048afe1b992111c13a54d66c737fc8bdd1915a5300bba06786127a04519798e0e9b153ce31e61f0ff5de5117fb739336682aad18b7a6b6929aee", 0x5b}, {&(0x7f0000000d80)="846507996ade81ab63f4385766ce236ed35f2c9ffdb42c634cb7a7101e41e0a8", 0x20}], 0x5, &(0x7f0000000f40), 0x0, 0x8040000}}], 0x1, 0x2000)
r2 = syz_usb_connect$cdc_ncm(0x2, 0x119, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x18, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x107, 0x2, 0x1, 0x8, 0x10, 0x7, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "e80388c522"}, {0x5, 0x24, 0x0, 0xe}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x8000, 0xbe, 0x7f}, {0x6, 0x24, 0x1a, 0xff, 0xc}, [@mdlm_detail={0xa6, 0x24, 0x13, 0x5, "8918478ee6a007ea021e6d0b3631983e726964433c697b1f2121355f66640bb6b4bbf8832997d44be31f4156a30d3596603186a4a0cb223015429c917c6fa43c3d81c7b2f25e86107b4e320df94aae8efa95629abc81a4cd92fabffead284b4e294de93066b1cbf7b0ee264590ac30a3951510d9df074b23b1bf15a92d41ee143b673b0b07ec894c0d36baadadaa05a6ada79c221622e270f6054263218e53eea78f"}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x3, 0x6, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x54, 0x4, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x7f, 0x5, 0x6}}}}}}}]}}, &(0x7f0000000500)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x250, 0x0, 0x5, 0x2, 0x40, 0xfb}, 0x6a, &(0x7f0000000a00)=ANY=[@ANYBLOB="050f6a000403100b221003020000080126fc511003cda24162e70fb5b518000000629e5e7d5e835add10ac1d838be63881c37718fc5ff6d77d58363d0bde03ba7ce905b0e18c898f289ce7e6eac1fba265415f6d052e8059754a1d984890a3fb9f65b08cb8386b24638e8e6eb817665854f80d96071082029f7f0000000000000000000000005fccc503e715afa53b5badec34488bbe465e97ba24ed42e21db675111d3f54"], 0x6, [{0x26, &(0x7f00000002c0)=@string={0x26, 0x3, "eed758e48d28eefd2d877527f0dee3718231e05536e50314be63974b3b38e045966e5471"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x43f}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x300a}}, {0x83, &(0x7f0000000400)=@string={0x83, 0x3, "477a07948e57ad529a3ba7b15d2abd2d7a593b7bba3b1ca0635734fb723e72b1c02e2a7cd7ee26bc2e993d488da55ed151316df0be1a9ace9795526fcf9c21c9545f785561f8154fc34520f1a8109f7692458db3ecfa72c7369e165163653f67ee848c6efe8ea128380d9e0cc9278cdc96d3656bf01512121d461e0eb13fdc3c68"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x436}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x861}}]})
syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000700)={0x14, &(0x7f0000000580)={0x40, 0x3, 0xdb, {0xdb, 0x4, "ce4e97c0c0c1db5a504f04380be0601cc09a0ff31c4421d91e8611984fec9fdb2cd79f1a7153c73fd326ebe83baa14bb6396678768e04bd53962418cb7251869268bf186729d8c281dd8c2ac5f873e152b9f54e40e4f62e7b1817ba2e9ac3d465d7bb74a8a62d4af3ece88ed2ed656ab805c2335d67d6ce8b9d546af9de777cb643406e825bfe2ca4700794a1d54af68b703924b0b2adccd4bd06eee2e4e225fa28f2c52392464604080a2a3be44b5974e0fedc7ededded8dad4285166e6cae3003a36ab57f578f752c5866d247c37fa3721868f38c72c43d2"}}, &(0x7f00000006c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000980)={0x44, &(0x7f0000000740)={0x0, 0x8, 0x6b, "a7e70474973956e8aaef3e7207eef03c38fa35728b3a3814a412d0bd9f02f9ba2dd64a4ddcfb68b2347e2b308fd4c02f1bdbd2d85cf04fb717e75bede0fadfa659b5dcdab76a6de4df9f1d5774bd1dbe76bcd6f9f6af1a1a225a8377e9187a28ed5a27a4c5b8578d4f33b2"}, &(0x7f00000007c0)={0x0, 0xa, 0x1, 0xb8}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000840)={0x20, 0x80, 0x1c, {0x4, 0x5, 0x2, 0xfff, 0x1, 0x1, 0x4, 0xfffffffc, 0xfff5, 0x2, 0x9, 0x1000}}, &(0x7f0000000880)={0x20, 0x85, 0x4, 0x1000}, &(0x7f00000008c0)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000900)={0x20, 0x87, 0x2, 0x92}, &(0x7f0000000940)={0x20, 0x89, 0x2}})

47.437979124s ago: executing program 1 (id=5786):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mounts\x00')
ioctl$OCFS2_IOC_RESVSP64(r1, 0x4030582a, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000359000/0xa000)=nil, 0x400000, 0x2, 0x2})
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000200)=0x1, r6, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @loopback, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r6, 0x7}}, 0x48)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@dellink={0x34, 0x11, 0x1, 0x70bd26, 0x5dfdbff, {0x0, 0x0, 0x0, 0x0, 0xda23, 0x40000}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth0_vlan\x00'}]}, 0x34}, 0x1, 0x200000000000000, 0x0, 0x10}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x33)
ioctl$KVM_IRQ_LINE_STATUS(r9, 0xc008ae67, &(0x7f0000000300)={0x6, 0x80000000})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="20000000170a040200000000000000002200030009154ccb62490ad606000073588ff2c98f42aed664369db5c783a298960a8c6c26615deb70b3cc6293120d49f2e096f328dfaf6eb495a321d1cb22bfdbb42bac38064602b5da6d278fe9a64c0389d51c435795aea0d9a9b6468b57fbe690c689931c3089138f1a47d94b54b15fd5b422b0b1cca09de68e90f1e412583c814d5dbe03cae1a3795286d38247b04ee846d9e20ff1ae04f64458fbec946bb92643dd1e024cb5000000000000000000f1b3985715a160e2d8380a0b5d57f43555f3732de0025e3c941233b80f320b746a27ac1cbc1e29b6a9bdf9ede000881ca5f6fd709de581df941e86f84702f5b3963f347ec78c929d90945b1eb3203b7986a90da78656f1a8a5bb77bf08faa194ea"], 0x20}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000280)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xfffffffffffffcc3}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

45.879681333s ago: executing program 1 (id=5797):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r0, r1, 0x4}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000000)={<r3=>0x0, @in={{0x2, 0x4e20, @multicast1}}, 0x7, 0x8, 0xffffffff, 0x2, 0x1}, &(0x7f00000000c0)=0x98)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000480)={r3, @in6={{0xa, 0x4e24, 0x3, @remote, 0x5df}}, 0xb, 0x400, 0x7, 0x6, 0x11, 0xc, 0x1}, &(0x7f0000000400)=0x9c)

45.752010724s ago: executing program 0 (id=5799):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
munmap(&(0x7f0000000000/0xf000)=nil, 0xf000)
utimes(0x0, &(0x7f0000001640)={{0x0, 0x6}, {0x3, 0x1}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCRSCLRRT(r4, 0x89e4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000100)={0x4, <r5=>r0})
setitimer(0x0, 0x0, 0x0)
getitimer(0x0, 0x0)
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f0000000540)=0x1)

45.496704845s ago: executing program 1 (id=5802):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x6ba]}, 0x8)
r1 = fsopen(&(0x7f0000000100)='ext4\x00', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0xa, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@nodevmap}]}})

45.027294339s ago: executing program 1 (id=5804):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000fe99500"/15], 0x0)
write$binfmt_script(r2, &(0x7f0000001440), 0x4)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8ab00, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNGETFILTER(r3, 0x801054db, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f0000000440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}], 0x7, "0972a06536e9e3"})
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f0000000480)={0x0, ""/256, <r7=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH(r6, 0xd0009411, &(0x7f0000005d00)={{r7, 0x8001, 0x6, 0x8, 0x5, 0x8000000000000000, 0x3, 0x0, 0xffff, 0x3ff, 0x9, 0x8002, 0xfffffffffffffffb, 0x2, 0x5}})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0xd000943e, &(0x7f0000001600)={r5, r7, "6462a5bc12e984e174f3dcab725d18387935f6e2750a919e9ed269c01ed6b70f60dc465a9a0203af6703d66caa193d47e484d2775587ed3ec3e292f2830285117a2a0f4ef3e5ff28811cecf0dc55afffe99b7395171ec52bc3ff3e4bfca54bc18ef759ffb3515d74f620f99dba871bdc36c61b67977d6e45f0db8b48b6eeb749ff508be90f970a45cccd0b87b04e96f05329aebeaaabd08644d5efe997569ce7b01909ce122d91c0d90fc1d957967d2ab3ca85e326853e9379637cfc64279ad689c9ce31ee513fdd203f9dd9febbcb1b918da9efefa8af9ba903c51c68ce6face4ab1823fe900de64ff10f928ec5881315a6bea2f897a5dbfac9fa8a5056dd7d", "ffc04d8c8e60a5727da3e1ebf9ef2b27f61896e6d1e560b271b7e56d423c6530a57183e12fa9f49ffcd6a37257a16c56198cee2ea48a45f29736bcf78d349dac8df9623adbfb269b150a6a091492b808e4d4034739ebcf6fc31ee0e341111d71964c094648152f5440d29be7fbccf11adeaff243240fff19691ef490b2c33291451497a2c52a7a2c2d24399c9042f6d2a4052afdfd689630ebab132524d204ac1ada4d93fe9b907791ab2ca5803fe5362f1e0e8f6aae4e1f381c0a421f3900f0a9c5ca693243d0fddf98341b244f767c13730709a4a7defacd218ec7c1496e990e97cb46f2b34b953dd9b0fc27047db38cd7ea859df5d2c636e5308466a5a2becea9c97f84cb4b9b6d726d916a8cb3b9feb22729eb0806826f918cda986cdcdec42e5f25948a50f03e1460b444aebd39d84d9976e81e8d7486186ea9a2de1f1d411c9fd519532c77febbf2717f966f120b859ee8810b7e438ab251c86d7637741acd59e5bb2dc77ae22037195c7608ffe7a0dda7e41b7eef72178aab48d7124cb5e1b2a2aa28e56cc3825b3b743696aae7cc02d566a7bc6db030aa4a17ba5245c68a05527e1954870d405b120ec0469ac338a07957fddadc7337f6ee347898e5ea807c83858ba8ecdac037e779e55568872634105a0ecf18b3ce4f7e1b75da5f8bab7d4cd571b366ab1cb77e1aebf82d43b968528ac8a3352d937698ac400d4cc6ba68aa5eadb7ac1ecc625a37312a86e454e75cf9e74748ff950d441a345be5a750f104492aa6e0812b5da86c2615ccce6ddefbce98506d590d830d98efc7e037695b80c6d92e1f024ba081bf499cc216d9c27bcfe24eb6c754996f0daf736fd358122c49267efbe76c9e4ab7999e2d8db1b42bcb1bdf3931c78e7955c2a7ad706a820d51d8ba7bc61689e24db42e2cd8a30f562cef1a7da28079e96f12e324a34907ded08d43d2771b39beddd0c33619cad13e3e4e8917a5ed239c242b31dce6cd7ee98e86511bae0f1ef1ba26927694dcc3a19285a4110ace50e9abac769a7c1fc9f93ad53afd3ded6be0c012477f64b5a97bb46ca29e11bf41db511f971208904d66ee1b3f34e05939f7d792763d6bd549d359adccf0c9280f81943821d44cafbd1aa0cae427e034b1319391b06e58af5995ab2825740210f21ef1dbbf236499b4d0ae192e8e460a0aaa1115a353b821eef87699a0640533cf072661076b6ce05946461b7dbc2934e603fbc1687121fa82fd3550a9ee8c734737b69378635cedd648b51b0c1e4d927cd22813fb80fb0ae06b2cde4c409434c02cc06dd27049787929aa5966193894f2f97fdf25eea9423288ea4ed0ce84c8e3a7351445de0373af8d6b06c96c38dc0780132c2b187dc47563040d76c33239bb66c9cc724757477e6dc978f168936609c52042565d667ff430a1f742eb2de737839b13570d096a08279409f3afdf6dd2509b97b95b4ba809a564c8f7b36bd7476e6f6f7761bee758cf5f0199a7b000108866e9a0a9fb80bf172870e398f630b2cda66ef03c1ad5fb2f075e8ed190b98f0d09e90903ddcceb3e98524e5b22bda2b6eb1f626a0d21cc4ca62e45be30688d073851e7ecbf533d522d8e637d523678013857a610c112fecb28db312b1ae91bb35dcc6046d03ae8a4e10589652bd19f15c2eff432e9568aa7455afe4f8c34b57f755d2fe84a0bf3480cf9102d6dd10400a8f24ef846bb6f7baf684ab73b23129b41d342d28fb79e7aa94a3ffa33c6565d43bada9c83ffd1c63bbe883cdabb1b081bf8f94aeb679dab5de3f693e90d4f79d70366faa66d5dc5bde5c9b90767a515535e4970d7dba846761e20999d0209f67ccd749f28ca91982cb5e4a6c28ac9019402e60c3d8289eb540312a47500eabc34dd841dc8c47afaec636d2085611073dfeded55f2c351b09caafca090d295e02ca1fb11932a33da5ad8862fb55cb47949625ccd4056f525f9731e0ee740e922405926349c7d6ede1d12b643b104670c92e9c6febf1ba8aaf44d4f333b0d080c8f1cefc4e0840b97be0f94cf70357cb12a6643ad54d74f0040e5be04825c3bdce17dc89bc9a3523a638ab5396254d500c1116470f3c8b9a4cb5957d62a825ac92eb9369ec065005496b6688d8db0997f713e3bd6a6646bfea588ff1c719ae8dc75ed6842c264904804c3fc2e28db06cf58fdf1103dd9f647148db34d82ea0fda29993c4de48769134c3f8a5976a5831c23a8e6f2649d2d95a5a27916df7ef192ce074a3e53bcef5264466ca60b7ec50afe8b3aea9cbdf51cf12f4e9b07bde5ab8636fbf7bffbebe6b9905adb0d62223178e6fc46b99dd097a3518bf206fcca23e9c0c31ab499265427931ace0ff8c8500be10321b55b94964e00abac7364d10e7a8325e0d4bb4bb009821edfecca1a12f5981fcd90ccc3a4e90d6bb68c12ec67d08dd050ce2024f62f85a4ef6c1064742ec96a88ef07f67fc9c7070870da550d5767222682f194e17ffc8471c04636b7958f0007d9a80ae2591f1c945e2dc55c6f6570242d310bb058a4d78c5127195d3aa5d6b34eb6ad9d4214f16aff2ddbafc2a6f537ccac54a6b05e44ef71958650ae6b6ccc058302125e8c3abe20cc02c6d7fe4469f2356468542edf53d2fb860c8bc85235a6f1674d365ada55b45af89d0e6586e158fa83b201bae95602add33809d0a7d3d268426104da29f7de16599fffed8624114b36fc4d87f74e7dcffe5f25d0cd019c3d847a583a388fcefab5fd2d8ffecce52f5681f9bb21310e84d8b1fc68d918a4256be85a0622afb281ab47b3f1a9b3f7c4a61d7c703c2012418c35ca2c5a11a7c3461d694d948c2f5532a4cd54fd06055de513927f0ab90cd8e6e8f61d65e2412b9c882fcf30c07ec952c6d38553e08be43fc9f2eeef8ccadadef0c2b212c4fc7d324b9617a85ae88d04fbdb0340a056a0f01127f74e53bfd52d9cc12616e8008550200007356f72cb5eb50ae50a2c3206d799c9c719c76eb94c740513d4ebcd5d340af0544b51edbad8fbfaf40a1499373a6c1032890231bb2a509aff75c3ba4f429740b5086b411187fcd2461d8b5a3c7c8ea18e33a09c62337d47e5dfeac23ee1dc9fc69dd7cc6e62cc676f0f21bd8c90e9c1c4e1430e9404b388687a9b89db4c47b1485628eef42f5ee7f75f99138f0b2578b4e22f11d5b3232eaf386351c85c496e0862431ddd6575f68d470faacd176db1831ba385f8a63e85d176b2629af433143d2c7e1ddee6616b1cfe399d8ddca50a4eaf1c8b99db485ef352e4ad4e8829d65da47c9fb642af7d9303e1e5207361d03a07146a4c0133c4458b30a74d20b9d82e00be2e14e28503e34d99da9467d01d8579f6b5a982f4440aece4d53de831b9e55c78f43316bcd97537021dd90d8caec8e09d78071812a1d0a759cb46d47c81029d882f0c6aecf79037416f0ff6f3f685a47901c76236683e13220e5c4fda1bdb4d536d9f290b7b8c4fd12026a6350a7e1a6fd2537bed95b9a5b51225d9c6449b1a959e063213190f4ad3950c8d4d029a9e59d6c12d392f8fcb320155f10fffa2acc0466b74b211b4d449ae87c4aad16656df131b3d8a46c38ee44d2e486fa7ea12e99d3af5d4ce849d5ce2b81cedef356e3b02f68fe2c94534a25e097537ab2cfd619e36e08e3a08a64aa9536c0599137eb7be2bec0cdcd7a5aba42b3edcae64c7366a9df1cf88c24c918e8c60b239e3e80c9615fdd8a269c58ec5771d96a04d45f7bf086f567997eb78c91506da1fa8722652d323d96eec3a347f4f24a3a45622c82a7d02f316e170fdf9bb57fb74cf565c5d5da92b130e7938c7c030f7fa2cf41644607c6c1b736a4628e6f618a234a2bb0db9132e1e50771d2e5430978955d0082aab4f75e1a0ce3eec4c91eaf9cd9d4b50c857cc138ed20523d8a4ce030a06df6a5dbeff804c1b256e7de4929e324249237ae8bc97f09f9687906363716e3d234e75e8a4fa55e44b70dd180a34892d217ea2ee7e3d491f26372e00cd36465e5d2f325477da29de48316a2eeeec8d5c0f36515a0f3e726cf812059dda0dfc579b9423a1e29a23e64f78bc99f05fca084c2f10dc77a0fe74ae2b82c075ef666106ea7c7668f4a0a2631ca21c27e54f6ad0909b50cd49cc7b98c6523edd38c32511dd9582a16d72ce1f54f2b1f5deab6b8d152cb0c739a112184b19752f2a748d847140e2ad0f60a854cc2e914e7c7422a9bfc754c076075740831117affefeac97ef2375eda4565295f63ce1df606af2480f42bdf04688f99985c1c912ed9755cd58bbb44e5d4acf421519cb9b53a78407a6cd94273d936f2a82be58ff6dec85b0e84d856349e7c2c0bd2ec56ee28bde1076c9637d5ea00af7714aa45ca54e1ecb27b0b5078d881cb533c57c0267d4a0341f5d6b8406a55be09e237a2e91984ea27aab036bc312bc1b7fd6af6e4164dc6ab6d1aee7a62808337ec12c40da72b3a58725e5aafb3d5a57674770b0ab5ea164fc7a5f40ad2943016c91d9c854e3b10807712a8bd6f01624eb3357d8f0b67ae33cc9a15e78121d734b92cf605aa6e2d52a06fb38898632a0a4accbae121281239a6f198516d4ef6ecbe9c5329bc26be2b22e1dce576280215589ec36587024ff6a13fce4dadf8ad1e51bdf853682321dc61236d4d1b786f255dcbd3de243f4b32a01e7c85cd78297034610c6c847bec9672239af9aa8d9981078d6fa3410a79269fc7ca3b4c105f014eec64fc3b29309bbc53f441d2cdef74402359e2943996f947f7dc895608d408dd8937f0d6eb40b92de5cebd022cbca5d83b51860d4e1721c63689b5c63a944abe33a21dd7e872ae09f76a93d8a74791196cb60ca0794324875a322f41b6491866714a6f60abcd19751f13a698c72746b9b80c556b0f2e859618068fd42e8282a890e65d447520f06ddab3b825f61962fe4832f2a62f311e6077e9b36fe355d226521bb1474196ca010d70e25b9370b10e811aa820693fc7e02fc669ad3fa4773936624f97d810194edb46956a8ffdfc49610be30a110484976da7075e3cfd10cca0ce7b270c766f40daff628052b4fc594948d3aebf17d90bce3b0b7f2e85daa2727d4f8e0a897b6dfe921fa0656fb2cf6cd26b9b6fba34b79b585cd16c663b80d1522357f10f12a49cddb1365a2a3595974e62791755bd827059a7f404c4e88b6832304e684cac0a2c6b1821e23667370511cacbb8efef4431cd4494882e5c3b6f371aee8d3bce2fe7d31aa11d19756026a7c7b963fdb2e02d5f8e0c56c1198e6c9115ea5526d935dcd447bba5d67ffdaf74fc9b1b209e0b4c551648a93df575b255da1de087a36cbb279d990569ca59215cc1ab6d915e60051853768bba49de9b1658e330e9a6ea88dd356b1f8e67aca6c57db7461bdca364c2d7b741b4a"})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000000)={0x80, 0x40000105, 0x0, 0x0})
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$OCFS2_IOC_MOVE_EXT(r4, 0x40406f06, &(0x7f0000000280)={0x7, 0x1, 0x101, 0x6, 0x2})
r9 = openat$cuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
read$FUSE(r9, &(0x7f0000003cc0)={0x2020}, 0x2020)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
semop(0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

42.386794998s ago: executing program 1 (id=5811):
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x8000000, 0x0, 0x1}, 0x400c0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x565840, 0x2)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sendmmsg(0xffffffffffffffff, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)="4166deb08f5490e60cbd5dc80404c8a1d8b1dcefa938cbb0a2ca79523b6cc1574a6c7282edd54fa942633e7cf2fddaf1b19a9bd2aded624ffe3ed905bd5bc2ef28c3c689bdc609239748afb03e5201f0edcb4e0edfc9f07805d021a76bd013330c33937875ea24a4e7b7c9150afbfb67c43037a0f32d72c4b8b6a70cd359878738", 0x81}], 0x1}}], 0x1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x1)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000400)={0x0, 0x1397, 0x100, 0xfffffffe, 0x280}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r0, 0x47bc, 0x0, 0x4000000000000000, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000300)=[{&(0x7f00000000c0)="19e1cbaa3268de68f07c08a22ea7fe293583a70f27d86768c5545962c9d15e785ba6c28f757d141459a08d6a4d36d19efdc7b2757c5776337d8d25cbcd3186164803c454ea835e5a0118f08d1e2b476288d25d663bea56455f29001fe0b4208538a514ea50d1f38a9414a68f046108ab7e95c4d17c8715a81287d4c082ad6603ea895e48549d9c14bb5e4b66d504bb18dc90bc8dadb97cb5cc6ad00ac1aa27a974", 0xa1}, {&(0x7f0000000200)="2e101e252ed5817ce5f7d621b31a56b901392aefd045757acb5e6bc182b6c9", 0x1f}, {&(0x7f0000000240)="eaf3efa9dd96c16c862974b672ba0f36489a4e605eb6e310f9c1292ac86529be4ee572e64e33a936cdbca777d3e8abe2994176712cdab66d88d17432b11a6abfc60fd844227c20d8ca2773a130d2e2e653bf6228222bcfd6cd287ab581497604d4a91be9a28fd0e84f77da9f229b2e9147465336c2f6d1", 0x77}], 0x3, &(0x7f0000000340)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}], 0x30}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000300)={0x3c, r6, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048814}, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000480)={0x0, 0x7e07})
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000001c0)={'wpan1\x00'})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1a00"], 0x20)
recvfrom(r4, &(0x7f0000000580)=""/185, 0xb9, 0x10040, &(0x7f0000000640)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e24, @empty}, 0x1, 0x2, 0x3, 0x4}}, 0x80)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)

39.064073404s ago: executing program 0 (id=5826):
signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x6ba]}, 0x8)
fsopen(&(0x7f0000000100)='ext4\x00', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0xa, 0x0)

38.789541023s ago: executing program 0 (id=5829):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000000)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3080000, @mcast2, 0x6}, 0x1c)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000040)={0xf0f045})
ppoll(&(0x7f0000000000)=[{r1, 0x7aeb91dfc9e9e23c}, {r1, 0x9f712fd3135d63af}], 0x2, 0x0, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c3a2b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

27.075638513s ago: executing program 56 (id=5811):
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x8000000, 0x0, 0x1}, 0x400c0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x565840, 0x2)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sendmmsg(0xffffffffffffffff, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)="4166deb08f5490e60cbd5dc80404c8a1d8b1dcefa938cbb0a2ca79523b6cc1574a6c7282edd54fa942633e7cf2fddaf1b19a9bd2aded624ffe3ed905bd5bc2ef28c3c689bdc609239748afb03e5201f0edcb4e0edfc9f07805d021a76bd013330c33937875ea24a4e7b7c9150afbfb67c43037a0f32d72c4b8b6a70cd359878738", 0x81}], 0x1}}], 0x1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x1)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000400)={0x0, 0x1397, 0x100, 0xfffffffe, 0x280}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r0, 0x47bc, 0x0, 0x4000000000000000, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000300)=[{&(0x7f00000000c0)="19e1cbaa3268de68f07c08a22ea7fe293583a70f27d86768c5545962c9d15e785ba6c28f757d141459a08d6a4d36d19efdc7b2757c5776337d8d25cbcd3186164803c454ea835e5a0118f08d1e2b476288d25d663bea56455f29001fe0b4208538a514ea50d1f38a9414a68f046108ab7e95c4d17c8715a81287d4c082ad6603ea895e48549d9c14bb5e4b66d504bb18dc90bc8dadb97cb5cc6ad00ac1aa27a974", 0xa1}, {&(0x7f0000000200)="2e101e252ed5817ce5f7d621b31a56b901392aefd045757acb5e6bc182b6c9", 0x1f}, {&(0x7f0000000240)="eaf3efa9dd96c16c862974b672ba0f36489a4e605eb6e310f9c1292ac86529be4ee572e64e33a936cdbca777d3e8abe2994176712cdab66d88d17432b11a6abfc60fd844227c20d8ca2773a130d2e2e653bf6228222bcfd6cd287ab581497604d4a91be9a28fd0e84f77da9f229b2e9147465336c2f6d1", 0x77}], 0x3, &(0x7f0000000340)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}], 0x30}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000300)={0x3c, r6, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048814}, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000480)={0x0, 0x7e07})
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000001c0)={'wpan1\x00'})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1a00"], 0x20)
recvfrom(r4, &(0x7f0000000580)=""/185, 0xb9, 0x10040, &(0x7f0000000640)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e24, @empty}, 0x1, 0x2, 0x3, 0x4}}, 0x80)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)

23.428287327s ago: executing program 57 (id=5829):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000000)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3080000, @mcast2, 0x6}, 0x1c)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000040)={0xf0f045})
ppoll(&(0x7f0000000000)=[{r1, 0x7aeb91dfc9e9e23c}, {r1, 0x9f712fd3135d63af}], 0x2, 0x0, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c3a2b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

8.428031905s ago: executing program 6 (id=5933):
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
syz_usb_connect$lan78xx(0x5, 0x2b, &(0x7f0000001200)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x3cf)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_aout(r4, &(0x7f0000000940)=ANY=[], 0x120)
fcntl$lock(r4, 0x24, &(0x7f0000000080)={0x1, 0x1, 0x1, 0x400000006})
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, &(0x7f00000000c0)={0xf, 0x3, 0x7, 0x200}, 0x10)
sendmsg$nl_generic(r3, 0x0, 0x20008080)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r6 = syz_io_uring_setup(0x58ee, &(0x7f0000000440)={0x0, 0x2664, 0x800, 0x1, 0x296, 0x0, r4}, &(0x7f0000000240), &(0x7f0000000200))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xb, &(0x7f0000000040), 0x3e)
ioctl$KDGKBDIACR(r5, 0x4b4a, 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="000009007981addbc70ce474000000f255a4f78c27ebe6e94e51daa600000000", @ANYRESHEX, @ANYRES32=r3, @ANYBLOB='\x00'/28], 0x48)
r7 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x42)
ioctl$FIBMAP(r7, 0x5381, 0x0)
r8 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x42242, 0x73)
r9 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r9, 0x108, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
pwritev(r8, &(0x7f0000000400)=[{&(0x7f0000000040)='9G', 0x2}, {0x0}], 0x2, 0xffffff01, 0xa)

7.289124918s ago: executing program 9 (id=5934):
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r2 = socket(0x10, 0x803, 0x0) (rerun: 32)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async, rerun: 32)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1) (rerun: 32)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) (async)
r4 = fsmount(r3, 0x0, 0x6)
fchdir(r4) (async)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
read$FUSE(r5, &(0x7f0000003ec0)={0x2020}, 0x2020)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01030003000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) (async, rerun: 64)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010001ffffcfffffffdffffff00000000", @ANYRES32=0x0, @ANYBLOB="0002010000000000240012800b00010065727370616e000014000280050016000000000008000700ac1414bb08000a00", @ANYRES32=r6], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (rerun: 64)

7.068398216s ago: executing program 9 (id=5937):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x14, 0x0, &(0x7f0000000040)="b98bd90ca5b62691b89afe70ec06163f1941e494", 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000300)="3a59bbb0975a"}, 0x50)
syz_usb_connect$cdc_ncm(0x2, 0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904010001020d00000524060001"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x4)
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0xc0, 0x4)
pread64(r0, &(0x7f0000000340)=""/139, 0x8b, 0xc000000000000000)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x1c, &(0x7f0000000c80)=[@in6={0xa, 0x4e24, 0x393, @dev={0xfe, 0x80, '\x00', 0x10}, 0xb}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r4=>0x0]}, &(0x7f0000000080)=0xff73)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f0000000040)={r4, 0x6, 0x5}, 0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000006c0)={r4, 0x1000, "47a6fe687c2d32b9eeb24ebed460e2ec76cbdfbc4aba1708dd44001a9dd46be27d88a300bf5ae3d792e29491370e4fe9e72dedb580ec5fb8a6ffedb59b1ef2edfdc95ba0d37c9daba8f0939a268fd8671e04a86acfff45603c4a5fd702fd8afc8c1fc180805c645d1a560fa05f026dbdc54b0c023e981167e50a6fb0fb3224802c63642eb0f43c6a4dbdb77cabd69eafc75ad196d09d016e56d1b741248e0274a8c5b60a44816a8f8d859cc7094ffd48a0000338cb8f4e17ed70b9f2caab226a016a9766e5f6d1c42e3a3ea0bc67f50feece4460da360b9c526c02153263c131a2d8ba784dbe65ec0348cf1aec35a518e82b36fb4569f0930f238c19abd8a4c54e089b53e84dfbe7714c76aa56a998fbbeb91dada0c6565668cb54c54a98fa2351f9c44a44f2f6b6c84f5f180a4e836109fc67a85d4cfe2e6a4a09aa07ff051cdd2ae396f13899d047f8b46e599c9e104353a9fc91f5cffff1cf141d92c6360f20e9e9ca236e37d9b98c9bf82a93ab107b2cfcdbf420194150432ad6fbbe61d211449cf1241b6550c611be5375337502409d0e763bc6d5c28ac94b6948d72ce94827309af436f502778e2c79b6c17e52cd0000982cd71248285d8189d5d588ec3e125902cd187e316a0af423290a008a04ca987fc70c695e52321f84c4fb4e209e1124dde5afc2ef0ac94d1850ab35b1a2fd2852299c7e894daa6d8aa4738a5fdc6b284b55879a0425021f8275a2c4c66a7e0144d2d93fca2fbb8df63f1870eee240decd8c0a2ff7a4c59a1945bada7b2daf6e187054cd5a31c593b2faadf8653f9f30c363e639131334326ae9a5ae001c8bf9f1484ac55c188061830e1e0ce5b742bc262ac4aebdb23f8ee87e74b2addb00a534843b76151dbaa639cd967628991e2cbb36d7f8ab23e5d462e44aa849fffef91cdd83d30b50b4c75a72672073cb9b3ee2f3d9727db31e6371f8203f4aeef092ff993996314dd7662f7741be0a718f8080f491342d9f38fee08c43924d374b14979bde7f643cd9baef564d8b2ded68f949740377b71b09afca5b63ab157a6fa7f47be71d18c1c20b71a75220dd7659086cd3942b0c0fea7277d9a2bb2b5fe0a4f4dba49f8775dff5ea2e980cc63101e4e63ba39e6d046d5b495d35285ebd27a1b80398a78264a6dacd7d06ec7d53e828bbd6d641d0a301df80e79fc5e091769b762c537a4936a04edd428d6bfc08b7dfe13f443137a98f2bb72da619ca9ed5f05cec801a17890605d981799804a7a04bea267af23f647dd2b18750f87f2500c68a08340563f52d8fdb61e9678673e294eb5477541a04042220f7107864c77598d0d7c2d9634dc83bf5372f305f33d7bab66dd1134fbde9cf90c3225239366e6b75a10dd38570ca0efa9fee15a491d33c39b2002f4676fa2c3023cb4fcbcbfcdf34104ac602816673f7a1874cf33dab099c2b70ea95a6ed3bc23325a5edde77f13544e6dc54699074474c618efa3eb8e2710d59d509916a031ef52f231191ca81abf3a502f0a024f21f45ab55c670e1058668c687b24bb2be2a79b3b88f7b7c3a525854608e7b118b84f372ffa24cbac1f0fdc658a04c5623c4800754d57a09fcb1ba7e0e60f237856ad09e94fb0b7da27c671c78bedc24204b945cf4c5b315b8bb3ff3d52304f82fcd5f80b6371f56c42a71414719972797798110e984116cd4dd351ad46c9b6588303f03f630a7839bc29486808ba3dcb1ba6ae9dc0c5fd90c3ff1e4e6300a64229c26394beb586329a14c9ab9f76a452cf345473714a28bef1abd850c7ffa3d559f98443f1b670aded20e82c87920e4d86c17e0d13ae4cfaaa3d6c1a1376c0c1db203f12f177d5ef8e6c679137c8d6770008adfafc645524f7e508dbd11e34c5a596b805c117a8a13f6af6a5c1efa4fee4d83f0c0d03517d6806e85df48745624657d99912ee884e90ee683607078ed886526ae9e5e82f1ae9c949d4ecd7f4140525d8cce86d75ff0375558eb13ce4e81e2a0f8fc5122ad36a6150e9edd64b7f19d5180d948addbd08f9280c47824e378176c246047aebaccf07eeb8b7eb9e605da07ec0cf13cf14d132166517efcc61cb5d658ce950697e08843ae9d0992a8b6323302ee84adaac332bae3234baedc16aaed1fb970ec1fee31d652fdae24fa208edcadcdabf73776449211a011841d5e4cb010a90690ffdab694e8e516415cda0f9b483f05129e861874e9115f213c9de0d4552b6585e8d399f39aff83469b620fef9f834199828b027e7fd4340c107c7d25bb4c280d59bf2340756ddd856d4790d4cfe4fe7b3fb401f0581b8636af19578a22876fa5dab92ef4c2d8ca00ec35d5c6b4a8dc166563bcf66aa6e038835f3581809e6050580be3dc57498c37c06ec68df6be6c3327339e6d9cc0ea9023e26a51090f55c5e72d28e3f20e3f89af676b8a6bc6ad026fabcab7d68bd7d4dcaa85e25cc287fb38a208912fc643b58131ec546b53da13a81447a4bc6d7a2db3f34a8e28c8a199656603268f062744dea9752aa356d9c7b0495f731d6c95d6bc74a29ec631df18cb14ab5e667e3b760c4e9d4fa64150892bc16e3c147488f2f31645f978559fdf1edd77fc5b1a1bc343d8c41a1f4084c9af8a2034ac916ac8738ea75727b426cc899d48878bffcf7161af14c264d6b332ec2ccea609ef8dc25dda5f70a60ac8ce26e28ac39290889354621c49b93904cd9ec080a7073e653271edbfb4767aee2f66e3b349b47b8a2d92dccbb6de9118eb634fba4e397544dc250df1b74ec7f48409a8a2244ce53541b4885f04e238f8d9aff513ac4462872d12148e1a29ca489eb10c3f6706a40b18142e0712b1e299e7eb70f8617d4395923664d2e551bc7687494f2956439ad1311f5045cb6871757d69f5f883eb082b0bbcf516998beb059393a1c84bff9b257bdb967b8fabb86dd066df3511b0e57a0293c225f51e3b47e86ab4051dd91e0631a9254a47e7fc0249a351985a1fa7c9f8d9eec5e3d3902da3b7e16073315bb564e9016b5424d2ac5d42ce2f59289c84ecd0ae5f256b6b67b30ca2c0b68b1f31e99d6c75a7b0ac1c66543e5774d5f1b1c430343771741fbeeda137b41aa68b85019481dd5f38b71471ba6862331de8889aa90f028702069f72aa87902fbb16fab223b5e1c09b4d4233390b98fa40d21be55a0b13828b51ded293ddead6850f637462e7db42c306e1ae026d02a90de7dc8e7849b088b01132f2f2cf4d4faa097a5500fdf2c8a3beef9ebbe8bdc6172d2af4138aa24fdbbd365daa92d9eb912b92db732880826038ed743f5d599fd6d66f02266079d85133b3a6736e7065d8f49afb3380179049f84ef0fcb159c18a534cb925f3b3720f889568afa678276147eba7a24e18693aac58dded17557edfc73272d88ca0318503ea7772ee2d96d76313913b6efe0667bcf593757bded52b14122400e265edfc508b3b44cb3bb28ff1b4f49cf54e57b2f8e96e77c16c61ab1054f8903bd804145f849e0e03f0ee33ed5aea4abed2665eb6398b9e792d991f48d9588c832688ca631b6916c4ce2a8ac86670477655cdbb8f1f7c921384f215ea41d562229c51bdb1354791b6b7b72598146f6b44008f19c8fc9641ad1d86c5efe69f62f1b5408f9842f9465d0d09ab4c6ede7d738e8488d397e652be3e1d4d1958a4ef0142a94ca9d79f817fc55f44e2ef84312d732abaeb1a9f166bcfeda96d86d1600665684dc080984026089c5b5c856b0a6bbf1ce48505ff5da82963308c52a89db8e8a3553f40eb7fb562541a05420d08541b4ce9f2d45156a8ffdd7b5265a65360641c42aea45f477a99b8f33245bb494a2a4ceafe992f8cdd265b5a59e98ee362d822e7df9ca04fd8349dbc61753ef9fb8ffdd7c0bdc76d3d5c188bb7d92b98a9e43dd1c569462d5e30b9b9503276c4012ad734e7ca6fa86d39a41b3b8c96a47ee7caed7a7dc1b4472d2a7d9aecd6563f81d509d222efb0f3e9d59fae32bd7e6dcc0296b83aa71ed2dcd89dc0a10a5544b2508ed2cb7c04de574ddcc731c8ea91f519d666a52ac33d95c32db18dba8ccb4405af2d57d90c8429d246217068cee2b5233cedde0c6e63ba7af723c386cf52ce09263d5e3b81fdec1fc9865199f6acba9ada1be2b0913694bb8ec267c6d01d3a49dc43b48049d854392a8a07686e812c6d7f9d9847bfc70ed8d1154e99276af1ad15909fa111a13c230b3fec6baffdbd3ad57f6649d5050488a246008cddfbcb13cf3fbc89b7a4571465eed34eca9a2d1501c2382fb59ad3347c9e48159997b04cf9c758dec10b335bcecb7432582aef2727c0220f3be320c895d030288bf3d599c3d6e8f58220a8d93bd2927c112f4396348e7131f3a0e11dc2fa987c7c51d42ab8cf43d8214c6bfc2176182e8d7ccc7db4a93be240d309e2154237783e3f5eb0a9f5e3383d472faaae6f86efdd291d02b7e574e88fc33b4e6b5a90dcacce71cfec398420b98cea806adec3267884925da16836a5988e07976b3764cf0c8431426d7101356fd054e2d4e76757c713c787f2b3e236ff0e38981b190f3996e1ace758993dafb28fb5b74657e7ae9f8cd23e6e9529dfc7193d987f91abf7d66e1aa1bfdb7fc4f2ff683515f5ee9e44c59f2052102b3c3f1af87119a7fcdca2e6e61607d5138fd8b4774e87e1459c75fdb3f2fa9d26a0595bc3278d1487be7d8377da26c1efafec623e7a227f5e138b6416bd785f7638cdb7be653ab0108c78a12c1b56f155de6e50b96cd59c253126618ea6f0221671375105244c53eddd30b85401657f19e34f7977251ea1d9dbf726094c2b27b7977f6b72ad459a45dd2f5ffe27d4dad525dc7998dbfc9d180f4978d1078726e0a2f2966587400be8196a2bd520306de53b84efdbe35e9c004e60019e07a9139cc4720493819362a2f3230c1977b44a8ceeba28e17fb98c81dd1b4b05e8d436a6ab126d0aacda09deb6006e96f97bccd0aadcb338071ed02aa1a49108f4bca28c10fa86bbf7f77dbbbfbc7f0f7b6407917515935322fc20106b5ecf5366b4a01dd356e68d4864d57b6c0766abc9839a3e3741957ecf66797f36bc3abd4d598d0bc5b4f1eae1c0220b3b0f5677e6fd35e82edc25cb23530efedb27a5b62edd8f200a784285350b1eb1bec8d6ad886d4901d77c6bacd3f0c18646081fdf7bc1888e54c76f420cf54eca65cfcdbfcc22141c39b82744ae7fd716570c72f532b5460bc8c6be975bd6951a95601da389d7cbff01ee5e9286fe593a769537a88aca6c4f250e8dd2f12695153e8ebfb248fd8d4cda0ba1af42f01a527f1d400ed05c29321cb2f6774cda49682eab8c1bf12159576038fdee748b9e30563b93cc3862b1726938e34ba43f829f3626d5d47666bdd7fbe14e6890de5fd583d38406012f463d90844d2c6e3c0b59a74c0ab6abfff14fd0620b9ed49f4c831af9daa5195eac7906517f2efe61127056a5d6db7d28d851fdc51d2600d7afc14f01ae77caf729712748d497e5cb50eaa1c10ebcbe03f01ef9bfef910c1750bb27bb7cc9a82693e95a33409239e7777f04c97ff9063db0377bb605ea648b536255c9e68b382c994ceaf1768c7f5e90648ff8398d4c230a247a187f2a6cf7fbc741f6eec393aced3c3752f482dfdaeb366a2ee9380e09e34f9f9e85b2f09200710d64980bde6fb424cb457e4ef4dc36f781de1b68e2ab314e0f954bd274eaf358b1a77c94a21802fb49f79d842f8074b79a8210b4fca647ecf65914c7a9403fd10038c4dd7e8902814a0075d0fbf28053f88fecfbbb4bbc35"}, &(0x7f00000000c0)=0x1008)

5.156978514s ago: executing program 6 (id=5951):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_aout(r4, &(0x7f0000000940)=ANY=[], 0x120) (async)
fcntl$lock(r4, 0x24, &(0x7f0000000080)={0x1, 0x1, 0x1, 0x400000006}) (async)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, &(0x7f00000000c0)={0xf, 0x3, 0x7, 0x200}, 0x10) (async)
sendmsg$nl_generic(r3, 0x0, 0x20008080)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x2) (async)
r6 = syz_io_uring_setup(0x2e06, &(0x7f00000002c0)={0x0, 0x2667, 0x40, 0x3, 0x217}, &(0x7f0000000240), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xb, &(0x7f0000000040), 0x3e) (async)
ioctl$KDGKBDIACR(r5, 0x4b4a, 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) (async)
r7 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x2)
ioctl$FIBMAP(r7, 0x5381, 0x0)
r8 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x42242, 0x73)
r9 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r9, 0x108, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
openat$cgroup_devices(r8, &(0x7f0000000380)='devices.deny\x00', 0x2, 0x0)
pwritev(r8, &(0x7f0000000400)=[{&(0x7f0000000040)='9G', 0x2}, {0x0}], 0x2, 0xffffff01, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61123000000000006113340000000000bf20000000000000150002000ee600f03d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f0670200001f000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

4.425856997s ago: executing program 6 (id=5952):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x26}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x30bd23, 0x25dfdbf8, {0x0, 0x0, 0x0, 0x0, 0x35a38, 0x4522f}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_MTU={0x8, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x41}, 0x20040044)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x22fe0}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

4.130193204s ago: executing program 6 (id=5955):
rseq(&(0x7f0000000100)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
openat$pfkey(0xffffff9c, 0x0, 0x4000, 0x0)
r0 = socket$inet(0x2, 0x1, 0x100)
bind$inet(0xffffffffffffffff, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r0, 0x7)
socket$inet6(0xa, 0xa, 0x2)

3.960992643s ago: executing program 9 (id=5957):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) (fail_nth: 1)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xfc0, &(0x7f0000001180)={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xfb2, 0xfffd, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xf9e, 0x0, @opaque="20cace031ff836314a5b7864e4c973d44ebf0ebe7d4b0c5cf10488690187d24275800c483561dd3caa3dd14d3e2392f85906e5809858a109703a17a82288034ea567930e793a5cb0eab3c4b7a8e777439b2b2fea578ec6a85ad0256309047ead4f9d937f9841e9101c5fae460e314eaeb2e7361a9987b91706a58945948a12ffee7a6a09e9a96526f175bb0c73c7bb4d0d82f28984e91f00c059fc38793e8618284e52dc4af0a0ca764e5abda8b0014f786df04ba5c097a8fb99e9c00034e5c0139f4314a198479d94353ee4b9e6113980c89721ff11ab7c04cb235ff246a02d230021929dd3dc1a3bfa07e3518377be455da28c4503539db5f188620a45abd91d9cb2b6c3384c6e0ee20c6afc702375f63fd58a3484d7eb9e72266ed569ec753943f28414324f59ac592fdab86889e98c3a551152717cb9accd604ec50046bb737db2f10e83e4a74ca15d9eeb326402c2c895bdb85bb33c036f4063d32c37f3a1baf3139f1495f7070ab797263e40c65d1781f61cc7c2c499b673f00d1f00598a78bc33d97b4955df8d861ce057f5f9964a2aa9a266c7b3ef10d9aa4c4f33ce68a2bde618c4b225fd1f3c5db19e3ed8f6a3f01b4a6e06dcd84786265fc13d64d905d98e3f48c4d029d4a920025f9b7e382ec5daa9764cb4befa7b65e9ff21b9053b826e965de7261f036d9ca0134579375910d25e325211ca1bb427c4ace6e7382db4268fddb656af62349305d92d6ff4fa206d95dfe1953c16effbcc7d5cefe2661f5c902a36286eba0fbfb2070cc9e9b93465088bf0b1cfce2734f387e7c7ebd5a3df0733414e4849ffd002826e758b1e6210c1a04a6a6b15ca68e3470d84cc90ccb4b5ee8cfe977bd4242c460186b3af79705eab7086fc8f73b91ef880b6476960b657fa046d016a03b113a017595f6ff9548b7a85ba90f736a8a4e4a69a602958a4e4ff17b266b3c88192c392cef9978d1475de6c0df5238345612f4b8d768923895c337e233b868d9457ae6ff04b101f7316f85fcb75b3193eaa155e89f9a238af830f9d3e297907ef2ca54d2f3cf8c40658b65da7801c3ce7db262c6ec88a355ac3fefcc86025d95cd8c6fc5e5529795ae62686b2ef982235c7ea99400f380fc206dd7c75cb7afaa9e1deb7dcb77a871f6e3ba73bf4911a020652342fc90b4bd139e5a62cabd6b179b76b462c258d61e8e35bd0f73fd0ac0a16ad5b8b123ed426480d0f584d7880c6d907bc03c3a21b00398cda2b71bdeaaa8d18bb3bcaa5338da3ae041de02b6a2c21a8e20df19c7bb328d4b4b03a62b8c9b15a5c8ad7116107d86f22d15bed9622db09e66863f6e611ff983b1b21a7169baecab73389ecaa2c280ad67417adbaaa83a2f6a9a5f8803f501ff817d9ae779bb45807f9690743f9ef604e3f59fbcff9969f0ef4d4234cda164bc28c4f0324533e5f73b5d1f9dfdcca0bdc5bc7bc79ed8519ff2212b8a580c9c9dad510e64b381e152ad5642eb8b8a3abf7b08699b825956369d26fd512b83953913a6f46e0e4a80397bc173ae91e7c5562c63f612eba154ccc6b89d9dda9038bf7714760fe75269d527e5adab4f1c69ab1805a7464b1e4431d4f8632ac6a0529a34c6e3c744c4335f69f6ae3ffac2a70b548e6807d9cb199e2a5f4fe0b3b19945fd4eb085f5eb4096fcee2947b82e76a22fcfa3a33ba4b20cfe7a8392222a822d98ee725567a69e88db3f92fab9b008b96d297f6cb42e2b0506ae3025d09d89991d2038b66d9a204583d1305aed83a548dfa82dd608a3bccb16769625ccf73741ade368fa474de3c3a6f1e2dc731d92efd29401885b617d12e6d4c5e0d54bb3718d17e4b01db1dd1a676ac354102b447ec165b9d7ba3e78d0675e684a2ceb003766c63a0d7633af4ed6274a78495c8d791bbb476360c89f632d3b5dc4141d5dafde3e37b4809e141ba94f5bf34a0a7ff54579620bcd63c22fca8a8d3349b184d4ca0197daa2b9c7d842c8895f5b247829f6fc669e5562afa11ae19f1026de8d2aca9da008283efe5c9abb040cf4521bfc00baa9d8116c9fa35945c447d5fddb86162cda7444968a7abe2257d606a30b77a270667ec2f8126ec51561530e428dab7078f81a0585b9eeb1b10179000b7ddb771fd6eb78781851149d98eb8d7acee05c85c3ba711e497568879cb6a343e954675cbccb2807dc4a49d65043ec6c915491fd057b43380ce05b759f78b365f92ab307f39f5857d137a4b6e2d759222ac5fc6c5d2382ffbee876f7d297d912ffe42d068339a6d0249e9c186c1829be18a63e1bed8ca746cfdac04cc94b80c4cb135c49f5d69ce22e164cd4d9b3ffd6982d4653de159daec66f861d6608bd8460ffdd33ad2a2408e0550f3019a4e2e06d9bd0eb6a74e8e59c2b729e902107ec34a98eb0b08bb98cfbb5153848ee9d3d11830076ba912a8b41c78906e103644f98e38bbd73158288c85f73215d2e86694d403e9637bb42f6478c5563455c15b55de239e880c1d51f23d44e0191b52a99517b1a2795dcc6c90f154f4de55109f41cfea00028ff5f331b47fffc29bee125718232d9b21471b690b779ecd10a03e525fe7e0159c9a96e4d139e8b9b60163d0f164afbbe5129889d6518d511d05afe7afa6e1a3255d74fbad56f0d1daf8f10549dd78600ca878a93db907ee4df25cc9deb4a4f9438fe1459a6af863dae974446583b30fa13886a0c95711038e9df44456983002b9854068f3dcdee5782f3cdbbd7c61731135dd357c68c59b8630160598947285ecb3d8848c956d052a43e558c02d7c6753129dda8a4f4613b82e91d3256fc72828804fcbb1c42163a3ab4f91452f5238825df5a610b27fc70a842fe83343ca5349d1de2a7626de4837c3a92d0187fe9f0b900d37bce9f420e960736955225c3ffb749666c686b0385bb5ee57a332b8a747d85e9add97a57d23061fcad23f2a958751c842555ccdb3fdf5c8190a677661b6f5f635d0ec49ff49b7b9408762621d736d941d9a202b1c0af4b19eec78021c4b36420b5236cfbc3b0f37864bbfa845128d253c4eda1f0c2d13bb7112fe84fcad7710af4a51c3f0ee114906f09602ec0426b69a1b14c63e7821bfa0a31c5e033be9812fef625a08620a5e3b1d8de4950d7e38271e3dee861e2211a16979534a4f601fd531906202be3790968d85cdd9d022347e3e589de153b59814a88aada881036db5c4129b82ef7bf25e8f196924dbc3ecfaf604b41915398b08a642f971a1d72aa0e29f10e158b687f4c6ed93065aa360c8880f6d820abc318c9a5d8e0552a328b2df57f5c16f9fae7d905e0ae9006f65e3920fac7765899bf3cebca3a549b7b54007ac912274584ba63da8ef837f08e73379b0066452f34cd0f12adcbfeae0fe85718efe812caa368188ed7a92123e68f68b52f96baa4e6650aa795bca8c2ef631b3eca830ac6b661b59f3132196435ce2e9330b7af151e13a6b9f51e8ff9cb08ceca866e34328086f4785c08360afe52e85e0343401530fa81895edf13d852875e1262c3c797aebf0550e7296da30a6b94029f33deb337bf61941956e1257c2fdd5505b2b7f47faeeadd88d662ec26b6092a3f714b22c56afdbf08c7b5ab9f86863bb9f3b4a2c3f239d18c8e525795cb7364fa53a253d0e48224255e718f87deb18cf2326b19c8f57fb6186b686a26fda7700bb986dbe30f4ade3978d46f516769512d6b7fc9572ce379810ec7727e22b67e6f4c9e61e854d2e3b48fa148c3fa41d6dd1efc5c65ca1f34e6ad7338046c50b22c759361a02d9b34095c26b70d9458e30d01c71c9183990d50ee31b54704c8e81a0a52674857082d054ca168c792cce32325532aa92699ccdbdc55593ba4aad17c570d8f5c6f5e74aa20bb9a2bb3865549c6f4339da5b67c1db007e63c176500033595034ecfeeeda0a1f0eebe0f10b041ae14f35396b8c1c2e9995c8f2dd129c8ed44d3fe89e0a0bdcc94faff15bc2ecab5a1e1167743cc0859afa93e117a55242bd5d5bcda99df0631746454f8d4799516471b6d49ccdef1c25094d76bc43b5b176dc49b037e2a80a07baf35733ec1283aa145f1dbf0d1607735032f00c7a4a2cecf1879e1811310ab1c4a2c8c5cb77c74c7f6d124b3ac142a39d7455c8b48bf0dbabf652f6ff8153bd7b5c32251c00e336f9e5989238be2a9531d1546b553aa736a60cbce6f5337b579ad19578f820a315fe711bc2197153d4d2fdc0f2dcd49785487e7a8393798da7a654192cd9ab99f11a0e764fe262dcb5492299468a5ebf46bdaa8985d4c38c672e75947563f830dfc5b65045f102fba0636acdc924167e0b33316fa40bde042e364555de86797fd2fc55ae2f24cb8e3d7935de763cf621acad2db980092ab1c21f2208c23ed18ebb38494b23b710873e48ecfe8fb73bd73d97edaceede625e2e7dcc4b4c0c9ee130bdd7385d10700f38c92653e9d6e42635d66b0ff8b09a92622d499b53c81a85761830ab3b31d917302b2159ff1471b2ed8a8eb5348e8fa85b9b1b5f6d97d7b1a2773a4e4d588538da5fea36aa26d79950f52ad94575cf4b708a4747ea7e2cf2a3cb18dbf47f0520f27f7dfdfd5eece98a3383be49fe616c676011a1dd60adc35c4ba4206ed1fd50c027ec1a254ea105cf0c1ce72a8f77244826226728765b7b3110d6e31a5ae2a6a7bc9ec122f6049d56544a26d21546cc112ddc969bfb576bb0b6c59a0c72c8a45ac1f19002f64be958c7c24b9679c6d648e0346d44cbd86664e688882141e52a3025e19958c2712bdef024473afec12f952929dd0a93d11d2772d158390a0dfcf4f76fa95ee89b722e6fa5754368ec395fe8bb8116d6813e44463edf4cb835348cf50e6140a60ad7e2d1e6d9482b94f15d757aafa19966d524a35f2b8324aab5b2a811d7a223494d8eeb287231f6628df2cdb61e23bca982aeb012e9e65c7d439ba37b54c134aa18e32b6930ed2589b7e5944842c974263969f745cff90a400409dcb6da556850896f539d9b1fef25bacc1d5a12372532d8ffb5a4af20e8ba0d56197a8ebc631e91213ecdbcd94dd63a41795217ba429a199bc86f0d4044681a9e0fedce737092dcb42f31492e85ff6f4aafdb1e6aae8f3d04663e112df8567c206a797bf8a28b1f240f6f0d5de4cd4d59a6ba57fd51f350f0944069393cfa629300f6f2022112dd5158e17563170f3b333a4c4e30d7686d6f841ed59a0ef729b294c731bd0df72eec7200bee9766af853aefed09f1234c6102b1d0a9058b3d23a4a740a67dd71a36d11504d0ae583d9337ef45ee44104790b66248582a1069b571821a0f407e3de5819bf0b9a80eee070e43ece1ddbb9203113d6a561c63dbae206ee48573a2714c4f7ad7a5d89b39b9f253b23722d1af300aaa1ebf3a528001ab65404380fbf83cd298eea25f0332b979e60650ce955c25c3919c13bde6ec8babe764f75a62c254c1f87b80ba1b0d07bb0b1cb2e2134ef27584f9f1b2cd5c09737c9006d0bb45f4a204e69a1a51d9ea242d2a2f2531ebc30faf389683f8a750af867dc4e01ee4aa53abb137e80080b8f709792ee598cc29316f3ede82cbb6afd24ca4f447cc0c03531cfb44e61e43f09e7020bfd96735c1474fa2100cea19b1e35475793113e13b63473570852"}}}}}, 0x0)

3.690488827s ago: executing program 9 (id=5959):
r0 = fsopen(&(0x7f0000001040)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

3.477050752s ago: executing program 6 (id=5961):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x0)
setresuid(r1, r1, 0x0)
ioctl$SIOCX25SSUBSCRIP(r0, 0x89e1, 0x0)
r2 = openat$smackfs_load(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/smackfs/load2\x00', 0x2, 0x0)
write$smackfs_load(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="4020242078617400fcd83e771b55debcfbede20f0900936af16a579fdf9fe5d99750cd49c70cad0e9ffdd6d0620ab470b8e4a8b9446e355648976108c7361d6fbb4176a8403a2ca17849c7382a10484d597f5758813d75452e7da82b7cb511926d42ca99809b2b0d8ed869bde6d98a53c55df37178c6e0671785ef8d56bf0eb4055411888e57bc12b39115fd676c67f8240c43a86d92ac6e67151dd0088169f1dc8c4c0a5f43360f29089212326261c58d58a6415e7e9100"/196], 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @local}}}]}]}, 0x44}}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, 0x0)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x10a)
write$P9_RVERSION(r5, &(0x7f0000000c40)=ANY=[], 0x13)
ioctl$SIOCAX25DELFWD(r5, 0x89eb, &(0x7f0000000280)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000980)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="120000000000000000", @ANYRES32], 0x20)
r6 = fanotify_init(0x8, 0x800)
ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000000080))
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000001e00)={'macvtap0\x00', &(0x7f0000001d80)=@ethtool_link_settings={0x4c, 0x409, 0xf1, 0x72, 0x8, 0x6, 0x5, 0x23, 0x2, 0x4, [0x0, 0xc95, 0x80000000, 0x9, 0x10, 0x9, 0x101]}})
syz_usb_connect(0x5, 0x24, &(0x7f0000002700)={{0x12, 0x1, 0x201, 0x4a, 0x5, 0x17, 0x20, 0x93a, 0x50f, 0x8962, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x6, 0xf, 0x80, 0x6, "", [{{0x9, 0x4, 0x76, 0x1, 0x0, 0xc5, 0x12, 0xa5, 0x54}}]}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x418}}, {0x86, &(0x7f0000000040)=@string={0x86, 0x3, "0dbb81c6133bbdcfdb2878ec7244470c6ba05fe1b2fbfdc83574ecdb5aae643ff48a36b27a5e99baaf8e86465c18b4209e3b80d871b3a9bbc36e169589c47ce613a58e4b27ebf21de5096a5df0aaa6fbf10bb0d219b66151808aa9e3dfdb5fa25294c9c84307d2f762d5cf526f7ade486b335597613f258e25db8afe7ed7f8b06a6ddb74"}}]})

3.416237984s ago: executing program 9 (id=5962):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

3.104203318s ago: executing program 9 (id=5965):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

2.357517372s ago: executing program 8 (id=5969):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket(0x15, 0x5, 0x0)
bind$l2tp6(r2, &(0x7f0000000200)={0xa, 0x0, 0x5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, 0x81, 0x2}, 0x20)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x41000, 0x0, <r4=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f00000001c0)={0x1, 'wlan0\x00', 0x3}, 0x18)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000940), r4)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x30, r5, 0x8, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x4}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfffffff8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4080}, 0x801)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0xc0010058}]})
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x6, &(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0xfffffffc, @mcast2}, r7, 0x405}}, 0x48)
ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000000)="f9ed46a1bf240cb53d1d9d4fbf463c598b1aeb63520c293ce01cfd4b95a1d3400690c72019963cbf474f6d2e2d527a726dbee442a86edada490d270600e309701807d4a802ac55a9cce839fff02bd1ca6d7e32174be9a4aef6bc88709b7d0f5dc7b75b1f1569c4123ab774da60da3b96ad7766ff01004f74aca33ba3e5a2627d0c29e1bcd57fc16ced400a527f441e88f9e526bdd51c93ddaae9ebb7c4eceac06dc54ce05d14b3410ae567f3a7ce2d0c54fa141414fd50216b0a590a0da18f36676af4fb12d853825a5294c78c0f63536a0ef6597ecd697c4e4f2c3a6821ae3d4ff269c9a00fd81c476b166c96ccffa92bb32666122f406e30c67f428830c9bc")
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f0000000400)=""/239, 0xef, <r8=>0x0, &(0x7f0000000500)=""/66, 0x42}}, 0x10)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x1d, 0x17, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @call={0x85, 0x0, 0x0, 0xbe}, @call={0x85, 0x0, 0x0, 0xb7}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x8}, @tail_call, @ldst={0x1, 0x0, 0x1, 0x0, 0x3, 0x18, 0xfffffffffffffff0}, @ldst={0x0, 0x194c67c0132b5a71, 0x6, 0x2, 0x1, 0x100, 0xffffffffffffffff}]}, &(0x7f00000006c0)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x1b, r4, 0x8, &(0x7f0000000700)={0x3, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[r4, r4]}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1c, 0x12, &(0x7f0000000300)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @exit, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @generic={0x6, 0x1, 0x8, 0x800, 0x10000}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x9}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @map_val={0x18, 0x8, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x7}, @initr0={0x18, 0x0, 0x0, 0x0, 0xbe, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000000240)='syzkaller\x00', 0x8, 0x0, 0x0, 0x82000, 0x22, '\x00', 0x0, @fallback=0x18, r4, 0x8, &(0x7f0000000280)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, r8, r9, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
socket(0x15, 0x5, 0x0) (async)
bind$l2tp6(r2, &(0x7f0000000200)={0xa, 0x0, 0x5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, 0x81, 0x2}, 0x20) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x41000}) (async)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f00000001c0)={0x1, 'wlan0\x00', 0x3}, 0x18) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000940), r4) (async)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x30, r5, 0x8, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x4}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfffffff8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4080}, 0x801) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0xc0010058}]}) (async)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x6, &(0x7f0000000040), 0x2}}, 0x20) (async)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0xfffffffc, @mcast2}, r7, 0x405}}, 0x48) (async)
ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000000)="f9ed46a1bf240cb53d1d9d4fbf463c598b1aeb63520c293ce01cfd4b95a1d3400690c72019963cbf474f6d2e2d527a726dbee442a86edada490d270600e309701807d4a802ac55a9cce839fff02bd1ca6d7e32174be9a4aef6bc88709b7d0f5dc7b75b1f1569c4123ab774da60da3b96ad7766ff01004f74aca33ba3e5a2627d0c29e1bcd57fc16ced400a527f441e88f9e526bdd51c93ddaae9ebb7c4eceac06dc54ce05d14b3410ae567f3a7ce2d0c54fa141414fd50216b0a590a0da18f36676af4fb12d853825a5294c78c0f63536a0ef6597ecd697c4e4f2c3a6821ae3d4ff269c9a00fd81c476b166c96ccffa92bb32666122f406e30c67f428830c9bc") (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x20, &(0x7f0000000580)={&(0x7f0000000400)=""/239, 0xef, 0x0, &(0x7f0000000500)=""/66, 0x42}}, 0x10) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000780)=@bpf_lsm={0x1d, 0x17, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @call={0x85, 0x0, 0x0, 0xbe}, @call={0x85, 0x0, 0x0, 0xb7}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x8}, @tail_call, @ldst={0x1, 0x0, 0x1, 0x0, 0x3, 0x18, 0xfffffffffffffff0}, @ldst={0x0, 0x194c67c0132b5a71, 0x6, 0x2, 0x1, 0x100, 0xffffffffffffffff}]}, &(0x7f00000006c0)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x1b, r4, 0x8, &(0x7f0000000700)={0x3, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[r4, r4]}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1c, 0x12, &(0x7f0000000300)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @exit, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @generic={0x6, 0x1, 0x8, 0x800, 0x10000}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x9}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @map_val={0x18, 0x8, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x7}, @initr0={0x18, 0x0, 0x0, 0x0, 0xbe, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000000240)='syzkaller\x00', 0x8, 0x0, 0x0, 0x82000, 0x22, '\x00', 0x0, @fallback=0x18, r4, 0x8, &(0x7f0000000280)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, r8, r9, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) (async)

1.953227146s ago: executing program 8 (id=5970):
r0 = fsopen(&(0x7f0000001040)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

1.837489868s ago: executing program 8 (id=5971):
r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
setrlimit(0x0, &(0x7f00000000c0)={0x8, 0x9})
r4 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f00000000c0)="02000000020001000003be8c5ee1768810003c08030300ecff3f000000030000980000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfcceb", 0x90)
ioctl$sock_rose_SIOCRSCLRRT(r5, 0x89e4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}}, @NFT_MSG_NEWSETELEM={0x28, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, &(0x7f0000000100)={0x4, <r7=>0xffffffffffffffff})
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000240)={0x2, &(0x7f0000000280)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x6, 0xba, 0x2, 0xffff}]}, 0x10)
r9 = socket$inet6(0xa, 0x3, 0x6)
sendto$inet6(r9, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x3, @mcast2={0xff, 0x5}, 0xfffffffc}, 0x1c)
setitimer(0x0, &(0x7f0000000080)={{}, {0x0, 0xea60}}, 0x0)
getitimer(0x0, 0x0)
ioctl$DMA_BUF_IOCTL_SYNC(r7, 0x40086200, &(0x7f0000000540)=0x1)
syz_usb_connect(0x1, 0x2d, 0x0, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

1.703999441s ago: executing program 8 (id=5972):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mounts\x00')
ioctl$OCFS2_IOC_RESVSP64(r1, 0x4030582a, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000359000/0xa000)=nil, 0x400000, 0x2, 0x2})
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000200)=0x1, r6, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @loopback, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r6, 0x7}}, 0x48)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@dellink={0x34, 0x11, 0x1, 0x70bd26, 0x5dfdbff, {0x0, 0x0, 0x0, 0x0, 0xda23, 0x40000}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth0_vlan\x00'}]}, 0x34}, 0x1, 0x200000000000000, 0x0, 0x10}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000300)={0x6, 0x80000000})
sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="20000000170a040200000000000000002200030009154ccb62490ad606000073588ff2c98f42aed664369db5c783a298960a8c6c26615deb70b3cc6293120d49f2e096f328dfaf6eb495a321d1cb22bfdbb42bac38064602b5da6d278fe9a64c0389d51c435795aea0d9a9b6468b57fbe690c689931c3089138f1a47d94b54b15fd5b422b0b1cca09de68e90f1e412583c814d5dbe03cae1a3795286d38247b04ee846d9e20ff1ae04f64458fbec946bb92643dd1e024cb5000000000000000000f1b3985715a160e2d8380a0b5d57f43555f3732de0025e3c941233b80f320b746a27ac1cbc1e29b6a9bdf9ede000881ca5f6fd709de581df941e86f84702f5b3963f347ec78c929d90945b1eb3203b7986a90da78656f1a8a5bb77bf08faa194ea"], 0x20}, 0x1, 0x0, 0x0, 0xc004}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000280)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xfffffffffffffcc3}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

1.529959242s ago: executing program 8 (id=5973):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

1.225518884s ago: executing program 8 (id=5974):
syz_usb_connect(0x5, 0x34, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000892e79106d042107259c0102030109022200010000000009040000000e"], 0x0)
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000480)={r1, &(0x7f0000000380), &(0x7f00000003c0)=""/170, 0x4}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x3, 0x4, 0x3, 0x8400, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0xa}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000340)={r2, &(0x7f0000000180)="9ecb3971b3248bc1a83a48e6b2c712b7cacd5a26ef2b0335294516ac9689fc925496921ca0b536a3ef4ac5ae14e169fcd5ce9dab032599a54ef95978805aa2df43a89fe04000e8c64e06eaff3aea6c7805984d4c5cf9e0a3c7aa9b5754a358681204461bacf4b6fbce4f3e5a8a2895ea5f048eb3b4112c64f2ae56dc02d6876fcdfad14b470c14375c6b7bb83f9140d325fdafd0dd9eb224624970dac575004b100d6d70a837a276875adbb680df1f65cd6e2b360a2198a1c51054a47c696d3db37d26c55ba45380175f7a5a2860ca", &(0x7f0000000280)=""/141, 0x4}, 0x20)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000})
syz_usb_connect(0x5, 0x34, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000892e79106d042107259c0102030109022200010000000009040000000e"], 0x0) (async)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3}, 0x50) (async)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000480)={r1, &(0x7f0000000380), &(0x7f00000003c0)=""/170, 0x4}, 0x20) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x3, 0x4, 0x3, 0x8400, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0xa}, 0x50) (async)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000340)={r2, &(0x7f0000000180)="9ecb3971b3248bc1a83a48e6b2c712b7cacd5a26ef2b0335294516ac9689fc925496921ca0b536a3ef4ac5ae14e169fcd5ce9dab032599a54ef95978805aa2df43a89fe04000e8c64e06eaff3aea6c7805984d4c5cf9e0a3c7aa9b5754a358681204461bacf4b6fbce4f3e5a8a2895ea5f048eb3b4112c64f2ae56dc02d6876fcdfad14b470c14375c6b7bb83f9140d325fdafd0dd9eb224624970dac575004b100d6d70a837a276875adbb680df1f65cd6e2b360a2198a1c51054a47c696d3db37d26c55ba45380175f7a5a2860ca", &(0x7f0000000280)=""/141, 0x4}, 0x20) (async)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000}) (async)

0s ago: executing program 6 (id=5975):
r0 = socket$inet6(0xa, 0x1, 0x3)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
write(r1, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
sendmmsg$inet6(r0, 0x0, 0x0, 0x4000000)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f8483f0000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

531][T22844] Tainted: [L]=SOFTLOCKUP
[ 1145.686540][T22844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1145.686552][T22844] Call Trace:
[ 1145.686561][T22844]  <TASK>
[ 1145.686571][T22844]  dump_stack_lvl+0xe8/0x150
[ 1145.686608][T22844]  should_fail_ex+0x46b/0x600
[ 1145.686642][T22844]  _copy_from_user+0x2d/0xb0
[ 1145.686673][T22844]  ___sys_recvmsg+0x175/0x590
[ 1145.686704][T22844]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1145.686752][T22844]  ? __fget_files+0x3a6/0x420
[ 1145.686791][T22844]  do_recvmmsg+0x33a/0x800
[ 1145.686825][T22844]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1145.686863][T22844]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 1145.686906][T22844]  __x64_sys_recvmmsg+0x198/0x250
[ 1145.686933][T22844]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1145.686970][T22844]  do_syscall_64+0x14d/0xf80
[ 1145.687015][T22844]  ? trace_irq_disable+0x3b/0x150
[ 1145.687039][T22844]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.687061][T22844]  ? clear_bhb_loop+0x40/0x90
[ 1145.687087][T22844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.687108][T22844] RIP: 0033:0x7f8c1ce4c799
[ 1145.687129][T22844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1145.687146][T22844] RSP: 002b:00007f8c1b0a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1145.687178][T22844] RAX: ffffffffffffffda RBX: 00007f8c1d0c5fa0 RCX: 00007f8c1ce4c799
[ 1145.687194][T22844] RDX: 0000000000000001 RSI: 0000200000000840 RDI: 0000000000000004
[ 1145.687208][T22844] RBP: 00007f8c1b0a6090 R08: 0000000000000000 R09: 0000000000000000
[ 1145.687221][T22844] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001
[ 1145.687234][T22844] R13: 00007f8c1d0c6038 R14: 00007f8c1d0c5fa0 R15: 00007ffe41ad8cd8
[ 1145.687269][T22844]  </TASK>
[ 1145.971035][T22851] FAULT_INJECTION: forcing a failure.
[ 1145.971035][T22851] name failslab, interval 1, probability 0, space 0, times 0
[ 1145.971072][T22851] CPU: 0 UID: 0 PID: 22851 Comm: syz.0.5619 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1145.971102][T22851] Tainted: [L]=SOFTLOCKUP
[ 1145.971110][T22851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1145.971123][T22851] Call Trace:
[ 1145.971132][T22851]  <TASK>
[ 1145.971142][T22851]  dump_stack_lvl+0xe8/0x150
[ 1145.971179][T22851]  should_fail_ex+0x46b/0x600
[ 1145.971210][T22851]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1145.971237][T22851]  should_failslab+0xa8/0x100
[ 1145.971258][T22851]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1145.971282][T22851]  kmem_cache_alloc_lru_noprof+0x8b/0x680
[ 1145.971314][T22851]  ? sock_alloc_inode+0x28/0xc0
[ 1145.971343][T22851]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1145.971367][T22851]  sock_alloc_inode+0x28/0xc0
[ 1145.971399][T22851]  alloc_inode+0x6a/0x1b0
[ 1145.971427][T22851]  do_accept+0x144/0x760
[ 1145.971455][T22851]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1145.971487][T22851]  ? __pfx_do_accept+0x10/0x10
[ 1145.971537][T22851]  __sys_accept4+0x139/0x230
[ 1145.971569][T22851]  ? __pfx___sys_accept4+0x10/0x10
[ 1145.971598][T22851]  ? __pfx_ksys_write+0x10/0x10
[ 1145.971636][T22851]  __x64_sys_accept+0x7d/0x90
[ 1145.971666][T22851]  do_syscall_64+0x14d/0xf80
[ 1145.971703][T22851]  ? trace_irq_disable+0x3b/0x150
[ 1145.971727][T22851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.971750][T22851]  ? clear_bhb_loop+0x40/0x90
[ 1145.971777][T22851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.971798][T22851] RIP: 0033:0x7f8c1ce4c799
[ 1145.971820][T22851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1145.971837][T22851] RSP: 002b:00007f8c1b0a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[ 1145.971861][T22851] RAX: ffffffffffffffda RBX: 00007f8c1d0c5fa0 RCX: 00007f8c1ce4c799
[ 1145.971878][T22851] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1145.971891][T22851] RBP: 00007f8c1b0a6090 R08: 0000000000000000 R09: 0000000000000000
[ 1145.971904][T22851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1145.971915][T22851] R13: 00007f8c1d0c6038 R14: 00007f8c1d0c5fa0 R15: 00007ffe41ad8cd8
[ 1145.971948][T22851]  </TASK>
[ 1146.095597][T22850] tipc: Failed to remove unknown binding: 66,1,1/0:481140576/481140578
[ 1146.095634][T22850] tipc: Failed to remove unknown binding: 66,1,1/0:481140576/481140578
[ 1146.539024][T22629] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.487879][ T5808] Bluetooth: hci3: command tx timeout
[ 1148.748293][T22629] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1149.566050][ T5808] Bluetooth: hci3: command tx timeout
[ 1150.070343][T22629] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1150.073657][T22934] FAULT_INJECTION: forcing a failure.
[ 1150.073657][T22934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1150.073691][T22934] CPU: 0 UID: 0 PID: 22934 Comm: syz.6.5642 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1150.073716][T22934] Tainted: [L]=SOFTLOCKUP
[ 1150.073723][T22934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1150.073734][T22934] Call Trace:
[ 1150.073741][T22934]  <TASK>
[ 1150.073749][T22934]  dump_stack_lvl+0xe8/0x150
[ 1150.073780][T22934]  should_fail_ex+0x46b/0x600
[ 1150.073806][T22934]  _copy_from_user+0x2d/0xb0
[ 1150.073831][T22934]  __sys_connect+0x156/0x450
[ 1150.073858][T22934]  ? __pfx___sys_connect+0x10/0x10
[ 1150.073893][T22934]  ? __pfx_ksys_write+0x10/0x10
[ 1150.073925][T22934]  __x64_sys_connect+0x7a/0x90
[ 1150.073949][T22934]  do_syscall_64+0x14d/0xf80
[ 1150.073972][T22934]  ? trace_irq_disable+0x3b/0x150
[ 1150.073992][T22934]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1150.074009][T22934]  ? clear_bhb_loop+0x40/0x90
[ 1150.074031][T22934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1150.074051][T22934] RIP: 0033:0x7f643e87c799
[ 1150.074071][T22934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1150.074089][T22934] RSP: 002b:00007f643cad6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1150.074113][T22934] RAX: ffffffffffffffda RBX: 00007f643eaf5fa0 RCX: 00007f643e87c799
[ 1150.074126][T22934] RDX: 000000000000000e RSI: 0000200000000080 RDI: 0000000000000004
[ 1150.074139][T22934] RBP: 00007f643cad6090 R08: 0000000000000000 R09: 0000000000000000
[ 1150.074152][T22934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1150.074163][T22934] R13: 00007f643eaf6038 R14: 00007f643eaf5fa0 R15: 00007ffcbc93eff8
[ 1150.074195][T22934]  </TASK>
[ 1150.260562][   T10] usb 9-1: new full-speed USB device number 19 using dummy_hcd
[ 1150.449305][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1150.449344][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1150.450895][   T10] usb 9-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[ 1150.450924][   T10] usb 9-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1150.450945][   T10] usb 9-1: Manufacturer: syz
[ 1150.508329][   T10] usb 9-1: config 0 descriptor??
[ 1150.912090][ T5802] Bluetooth: hci4: unexpected event for opcode 0x041b
[ 1150.963735][   T10] cougar 0003:060B:700A.001D: item fetching failed at offset 0/5
[ 1150.967414][   T10] cougar 0003:060B:700A.001D: parse failed
[ 1150.967545][   T10] cougar 0003:060B:700A.001D: probe with driver cougar failed with error -22
[ 1151.175806][T22925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1151.205600][T22925] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1151.232450][T14778] usb 9-1: USB disconnect, device number 19
[ 1151.294172][T22836] chnl_net:caif_netlink_parms(): no params data found
[ 1151.655984][ T5802] Bluetooth: hci3: command tx timeout
[ 1151.671748][T22629] bridge_slave_1: left allmulticast mode
[ 1151.671775][T22629] bridge_slave_1: left promiscuous mode
[ 1151.671980][T22629] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1151.851598][T22629] bridge_slave_0: left allmulticast mode
[ 1151.851632][T22629] bridge_slave_0: left promiscuous mode
[ 1151.851944][T22629] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.740048][ T5802] Bluetooth: hci3: command 0x0419 tx timeout
[ 1154.228419][T22629] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1154.298210][T22629] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1154.316140][T20412] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[ 1154.339628][T22629] bond0 (unregistering): Released all slaves
[ 1154.345526][T22629] bond1 (unregistering): Released all slaves
[ 1154.469640][T20412] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1154.469677][T20412] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1154.469701][T20412] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1154.469745][T20412] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1154.469771][T20412] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1154.475109][T20412] usb 9-1: config 0 descriptor??
[ 1154.909371][T20412] plantronics 0003:047F:FFFF.001E: reserved main item tag 0xd
[ 1155.056782][T20412] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[ 1155.208970][T23024] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5662'.
[ 1155.555404][   T10] usb 9-1: USB disconnect, device number 20
[ 1155.807794][ T5808] Bluetooth: hci3: command 0x0419 tx timeout
[ 1156.218081][T23037] FAULT_INJECTION: forcing a failure.
[ 1156.218081][T23037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1156.218122][T23037] CPU: 0 UID: 0 PID: 23037 Comm: syz.6.5667 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1156.218152][T23037] Tainted: [L]=SOFTLOCKUP
[ 1156.218160][T23037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1156.218173][T23037] Call Trace:
[ 1156.218182][T23037]  <TASK>
[ 1156.218192][T23037]  dump_stack_lvl+0xe8/0x150
[ 1156.218227][T23037]  should_fail_ex+0x46b/0x600
[ 1156.218260][T23037]  _copy_from_user+0x2d/0xb0
[ 1156.218292][T23037]  ___sys_sendmsg+0x1c6/0x360
[ 1156.218333][T23037]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1156.218392][T23037]  ? __fget_files+0x2a/0x420
[ 1156.218420][T23037]  ? __fget_files+0x3a6/0x420
[ 1156.218456][T23037]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1156.218482][T23037]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1156.218515][T23037]  ? __pfx_ksys_write+0x10/0x10
[ 1156.218560][T23037]  do_syscall_64+0x14d/0xf80
[ 1156.218590][T23037]  ? trace_irq_disable+0x3b/0x150
[ 1156.218615][T23037]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1156.218637][T23037]  ? clear_bhb_loop+0x40/0x90
[ 1156.218664][T23037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1156.218685][T23037] RIP: 0033:0x7f643e87c799
[ 1156.218706][T23037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1156.218725][T23037] RSP: 002b:00007f643cad6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1156.218749][T23037] RAX: ffffffffffffffda RBX: 00007f643eaf5fa0 RCX: 00007f643e87c799
[ 1156.218765][T23037] RDX: 0000000000000800 RSI: 0000200000000500 RDI: 0000000000000003
[ 1156.218779][T23037] RBP: 00007f643cad6090 R08: 0000000000000000 R09: 0000000000000000
[ 1156.218793][T23037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1156.218806][T23037] R13: 00007f643eaf6038 R14: 00007f643eaf5fa0 R15: 00007ffcbc93eff8
[ 1156.218840][T23037]  </TASK>
[ 1156.226596][ T1860] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1156.392973][ T1860] usb 10-1: Using ep0 maxpacket: 8
[ 1156.501971][ T1860] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1156.502063][ T1860] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1156.502109][ T1860] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1156.502135][ T1860] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1156.664109][ T1860] usb 10-1: config 0 descriptor??
[ 1156.923725][T23042] vimc link validate: Scaler:src:16x68 (0x33424752, 1, 2, 7, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1157.067378][T22836] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1157.067686][T22836] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1157.068177][T22836] bridge_slave_0: entered allmulticast mode
[ 1157.101709][T22836] bridge_slave_0: entered promiscuous mode
[ 1157.116142][ T1860] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1157.138188][T22836] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1157.143596][T22836] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1157.143798][T22836] bridge_slave_1: entered allmulticast mode
[ 1157.145583][T22836] bridge_slave_1: entered promiscuous mode
[ 1157.381982][T23034] iowarrior 10-1:0.0: Error -90 while submitting URB
[ 1157.384516][T23044] 9p: Bad value for 'rfdno'
[ 1159.245545][   T10] usb 10-1: USB disconnect, device number 8
[ 1160.067796][T22836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1160.179677][T22836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1160.396083][   T10] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[ 1161.393175][T23070] FAULT_INJECTION: forcing a failure.
[ 1161.393175][T23070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1161.393239][T23070] CPU: 0 UID: 0 PID: 23070 Comm: syz.8.5677 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1161.393269][T23070] Tainted: [L]=SOFTLOCKUP
[ 1161.393277][T23070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1161.393289][T23070] Call Trace:
[ 1161.393297][T23070]  <TASK>
[ 1161.393308][T23070]  dump_stack_lvl+0xe8/0x150
[ 1161.393332][T23070]  should_fail_ex+0x46b/0x600
[ 1161.393353][T23070]  _copy_from_user+0x2d/0xb0
[ 1161.393371][T23070]  __sys_bpf+0x229/0x950
[ 1161.393395][T23070]  ? __pfx___sys_bpf+0x10/0x10
[ 1161.393430][T23070]  __x64_sys_bpf+0x7c/0x90
[ 1161.393444][T23070]  do_syscall_64+0x14d/0xf80
[ 1161.393462][T23070]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1161.393475][T23070]  ? clear_bhb_loop+0x40/0x90
[ 1161.393490][T23070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1161.393502][T23070] RIP: 0033:0x7f93da0ec799
[ 1161.393515][T23070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1161.393526][T23070] RSP: 002b:00007f93d8304028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1161.393541][T23070] RAX: ffffffffffffffda RBX: 00007f93da366180 RCX: 00007f93da0ec799
[ 1161.393550][T23070] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[ 1161.393558][T23070] RBP: 00007f93d8304090 R08: 0000000000000000 R09: 0000000000000000
[ 1161.393566][T23070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1161.393573][T23070] R13: 00007f93da366218 R14: 00007f93da366180 R15: 00007ffebc244288
[ 1161.393593][T23070]  </TASK>
[ 1161.883023][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1161.883063][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1161.894725][   T10] usb 7-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[ 1161.894755][   T10] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1161.894774][   T10] usb 7-1: Manufacturer: syz
[ 1161.908990][   T10] usb 7-1: config 0 descriptor??
[ 1161.936443][ T5993] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1161.946115][T22629] hsr_slave_0: left promiscuous mode
[ 1161.993213][T22629] hsr_slave_1: left promiscuous mode
[ 1162.002701][T22629] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1162.002731][T22629] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1162.027410][T22629] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1162.027440][T22629] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1162.099364][ T5993] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[ 1162.099397][ T5993] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1162.099418][ T5993] usb 1-1: config 220 has an invalid descriptor of length 50, skipping remainder of the config
[ 1162.099438][ T5993] usb 1-1: config 220 has no interface number 2
[ 1162.099517][ T5993] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1162.099547][ T5993] usb 1-1: config 220 interface 0 has no altsetting 0
[ 1162.099566][ T5993] usb 1-1: config 220 interface 76 has no altsetting 0
[ 1162.099586][ T5993] usb 1-1: config 220 interface 1 has no altsetting 0
[ 1162.138799][ T5993] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1162.138832][ T5993] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1162.138855][ T5993] usb 1-1: Product: syz
[ 1162.138868][ T5993] usb 1-1: Manufacturer: syz
[ 1162.138882][ T5993] usb 1-1: SerialNumber: syz
[ 1162.332849][   T10] cougar 0003:060B:700A.001F: item fetching failed at offset 0/5
[ 1162.333934][   T10] cougar 0003:060B:700A.001F: parse failed
[ 1162.334014][   T10] cougar 0003:060B:700A.001F: probe with driver cougar failed with error -22
[ 1162.419699][T22629] veth1_macvtap: left promiscuous mode
[ 1162.422662][T22629] veth0_macvtap: left promiscuous mode
[ 1162.423191][T22629] veth1_vlan: left promiscuous mode
[ 1162.455817][T22629] veth0_vlan: left promiscuous mode
[ 1162.535841][T23062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1162.536815][T23062] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1162.540276][   T10] usb 7-1: USB disconnect, device number 13
[ 1163.186976][ T5993] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1163.187016][ T5993] uvcvideo 1-1:220.0: No valid video chain found.
[ 1163.187086][ T5993] usb 1-1: selecting invalid altsetting 0
[ 1163.236660][ T5993] usb 1-1: selecting invalid altsetting 0
[ 1163.236706][ T5993] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[ 1163.256753][ T5993] usb 1-1: USB disconnect, device number 60
[ 1163.556315][T14778] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1163.595107][T23077] 9p: Bad value for 'rfdno'
[ 1163.695585][T23079] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5681'.
[ 1163.722198][T14778] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1163.722244][T14778] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1163.722282][T14778] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1163.722305][T14778] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1163.810726][T23075] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1163.819449][T14778] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1164.520362][T14778] usb 7-1: USB disconnect, device number 14
[ 1164.642479][T22629] team0 (unregistering): Port device team_slave_1 removed
[ 1164.674992][T23095] FAULT_INJECTION: forcing a failure.
[ 1164.674992][T23095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1164.675033][T23095] CPU: 0 UID: 0 PID: 23095 Comm: syz.8.5686 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1164.675063][T23095] Tainted: [L]=SOFTLOCKUP
[ 1164.675072][T23095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1164.675084][T23095] Call Trace:
[ 1164.675093][T23095]  <TASK>
[ 1164.675102][T23095]  dump_stack_lvl+0xe8/0x150
[ 1164.675149][T23095]  should_fail_ex+0x46b/0x600
[ 1164.675181][T23095]  _copy_to_user+0x31/0xb0
[ 1164.675214][T23095]  simple_read_from_buffer+0xe1/0x170
[ 1164.675245][T23095]  proc_fail_nth_read+0x1be/0x230
[ 1164.675275][T23095]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1164.675303][T23095]  ? rw_verify_area+0x2ac/0x4e0
[ 1164.675332][T23095]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1164.675358][T23095]  vfs_read+0x212/0xa80
[ 1164.675394][T23095]  ? __pfx_vfs_read+0x10/0x10
[ 1164.675425][T23095]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1164.675457][T23095]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1164.675488][T23095]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1164.675519][T23095]  ? mutex_lock_nested+0x152/0x1d0
[ 1164.675543][T23095]  ? fdget_pos+0x252/0x320
[ 1164.675578][T23095]  ksys_read+0x156/0x270
[ 1164.675609][T23095]  ? __pfx_ksys_read+0x10/0x10
[ 1164.675652][T23095]  do_syscall_64+0x14d/0xf80
[ 1164.675680][T23095]  ? trace_irq_disable+0x3b/0x150
[ 1164.675703][T23095]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1164.675725][T23095]  ? clear_bhb_loop+0x40/0x90
[ 1164.675749][T23095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1164.675769][T23095] RIP: 0033:0x7f93da0acfce
[ 1164.675789][T23095] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1164.675807][T23095] RSP: 002b:00007f93d8345fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1164.675831][T23095] RAX: ffffffffffffffda RBX: 00007f93d83466c0 RCX: 00007f93da0acfce
[ 1164.675848][T23095] RDX: 000000000000000f RSI: 00007f93d83460a0 RDI: 0000000000000004
[ 1164.675867][T23095] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1164.675880][T23095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1164.675893][T23095] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1164.675927][T23095]  </TASK>
[ 1164.988584][T22629] team0 (unregistering): Port device team_slave_0 removed
[ 1165.016616][T23102] 9p: Bad value for 'rfdno'
[ 1165.448882][T22836] team0: Port device team_slave_0 added
[ 1165.524587][T22836] team0: Port device team_slave_1 added
[ 1165.693989][T22836] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1165.694009][T22836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1165.694037][T22836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1165.697559][T22836] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1165.697575][T22836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1165.697599][T22836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1165.897633][T23124] netlink: 32 bytes leftover after parsing attributes in process `syz.8.5697'.
[ 1165.918707][T22836] hsr_slave_0: entered promiscuous mode
[ 1165.936670][T22836] hsr_slave_1: entered promiscuous mode
[ 1165.941308][T22836] debugfs: 'hsr0' already exists in 'hsr'
[ 1165.941346][T22836] Cannot create hsr debugfs directory
[ 1166.009047][T14778] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1166.168169][T14778] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1166.168208][T14778] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1166.168248][T14778] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1166.168271][T14778] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1166.183457][T23115] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1166.223655][T14778] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1166.758380][T23138] 9p: Bad value for 'rfdno'
[ 1166.963272][T14778] usb 1-1: USB disconnect, device number 61
[ 1167.517490][T23141] netlink: 'syz.9.5696': attribute type 4 has an invalid length.
[ 1167.856075][T14778] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1168.077877][T14778] usb 1-1: Using ep0 maxpacket: 8
[ 1168.084156][T14778] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1168.084190][T14778] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.176449][T14778] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1168.176469][T14778] pvrusb2: **********
[ 1168.176478][T14778] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1168.176491][T14778] pvrusb2: Important functionality might not be entirely working.
[ 1168.176501][T14778] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1168.176513][T14778] pvrusb2: **********
[ 1168.325634][ T2370] pvrusb2: Invalid write control endpoint
[ 1168.522083][T23146] pvrusb2: Invalid write control endpoint
[ 1168.847272][ T2370] pvrusb2: Invalid write control endpoint
[ 1168.847301][ T2370] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1168.847311][ T2370] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1168.847321][ T2370] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1168.847332][ T2370] pvrusb2: Device being rendered inoperable
[ 1168.902174][ T2370] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[ 1168.902248][ T2370] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 1168.959265][ T2370] pvrusb2: Attached sub-driver cx25840
[ 1168.959300][ T2370] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1168.959312][ T2370] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1168.982685][T23174] 9p: Bad value for 'wfdno'
[ 1169.201749][T20412] usb 1-1: USB disconnect, device number 62
[ 1169.585826][T23190] FAULT_INJECTION: forcing a failure.
[ 1169.585826][T23190] name failslab, interval 1, probability 0, space 0, times 0
[ 1169.585872][T23190] CPU: 0 UID: 0 PID: 23190 Comm: syz.6.5717 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1169.585901][T23190] Tainted: [L]=SOFTLOCKUP
[ 1169.585909][T23190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1169.585922][T23190] Call Trace:
[ 1169.585931][T23190]  <TASK>
[ 1169.585942][T23190]  dump_stack_lvl+0xe8/0x150
[ 1169.585980][T23190]  should_fail_ex+0x46b/0x600
[ 1169.586014][T23190]  should_failslab+0xa8/0x100
[ 1169.586038][T23190]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[ 1169.586070][T23190]  ? __alloc_skb+0x1d0/0x7d0
[ 1169.586098][T23190]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1169.586136][T23190]  __alloc_skb+0x1d0/0x7d0
[ 1169.586172][T23190]  netlink_sendmsg+0x5d4/0xb40
[ 1169.586212][T23190]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1169.586249][T23190]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1169.586293][T23190]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1169.586329][T23190]  sock_write_iter+0x4a1/0x4f0
[ 1169.586357][T23190]  ? __pfx_sock_write_iter+0x10/0x10
[ 1169.586401][T23190]  do_iter_readv_writev+0x62b/0x8d0
[ 1169.586437][T23190]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1169.586478][T23190]  ? rw_verify_area+0x25b/0x4e0
[ 1169.586511][T23190]  vfs_writev+0x345/0x9a0
[ 1169.586545][T23190]  ? __pfx_vfs_writev+0x10/0x10
[ 1169.586585][T23190]  ? __fget_files+0x2a/0x420
[ 1169.586616][T23190]  ? __fget_files+0x3a6/0x420
[ 1169.586640][T23190]  ? __fget_files+0x2a/0x420
[ 1169.586674][T23190]  do_writev+0x15a/0x2e0
[ 1169.586702][T23190]  ? __pfx_do_writev+0x10/0x10
[ 1169.586739][T23190]  do_syscall_64+0x14d/0xf80
[ 1169.586766][T23190]  ? trace_irq_disable+0x3b/0x150
[ 1169.586790][T23190]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1169.586810][T23190]  ? clear_bhb_loop+0x40/0x90
[ 1169.586834][T23190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1169.586853][T23190] RIP: 0033:0x7f643e87c799
[ 1169.586873][T23190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1169.586890][T23190] RSP: 002b:00007f643cad6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1169.586913][T23190] RAX: ffffffffffffffda RBX: 00007f643eaf5fa0 RCX: 00007f643e87c799
[ 1169.586928][T23190] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003
[ 1169.586942][T23190] RBP: 00007f643cad6090 R08: 0000000000000000 R09: 0000000000000000
[ 1169.586954][T23190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1169.586967][T23190] R13: 00007f643eaf6038 R14: 00007f643eaf5fa0 R15: 00007ffcbc93eff8
[ 1169.587000][T23190]  </TASK>
[ 1170.226115][T20412] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1170.384323][T20412] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1170.387954][T20412] usb 7-1: config 1 has an invalid descriptor of length 120, skipping remainder of the config
[ 1170.387981][T20412] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1170.388016][T20412] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1170.410788][T20412] usb 7-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[ 1170.410820][T20412] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.410839][T20412] usb 7-1: Product: syz
[ 1170.410853][T20412] usb 7-1: Manufacturer: syz
[ 1170.410866][T20412] usb 7-1: SerialNumber: syz
[ 1170.561357][T23221] IPv6: addrconf: prefix option has invalid lifetime
[ 1170.569289][T23221] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1170.781120][T23227] 9p: Bad value for 'wfdno'
[ 1171.486747][T14778] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1171.650470][T14778] usb 10-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1171.655315][T14778] usb 10-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[ 1171.655346][T14778] usb 10-1: Product: syz
[ 1171.655424][T14778] usb 10-1: Manufacturer: syz
[ 1171.655441][T14778] usb 10-1: SerialNumber: syz
[ 1171.665840][T20412] smsusb:smsusb_probe: board id=8, interface number 0
[ 1171.669966][T20412] smsusb:smsusb_probe: Device initialized with return code -19
[ 1171.688203][T14778] usb 10-1: config 0 descriptor??
[ 1171.743383][T14778] ch341 10-1:0.0: ch341-uart converter detected
[ 1171.973963][T20412] usb 7-1: USB disconnect, device number 15
[ 1172.477393][T23255] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5732'.
[ 1172.541364][T23257] FAULT_INJECTION: forcing a failure.
[ 1172.541364][T23257] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1172.541796][T23257] CPU: 0 UID: 0 PID: 23257 Comm: syz.8.5733 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1172.541830][T23257] Tainted: [L]=SOFTLOCKUP
[ 1172.541838][T23257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1172.541850][T23257] Call Trace:
[ 1172.541859][T23257]  <TASK>
[ 1172.541869][T23257]  dump_stack_lvl+0xe8/0x150
[ 1172.541911][T23257]  should_fail_ex+0x46b/0x600
[ 1172.541944][T23257]  _copy_from_user+0x2d/0xb0
[ 1172.541975][T23257]  ___sys_sendmsg+0x1c6/0x360
[ 1172.542005][T23257]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1172.542064][T23257]  ? __fget_files+0x2a/0x420
[ 1172.542101][T23257]  ? __fget_files+0x3a6/0x420
[ 1172.542149][T23257]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1172.542175][T23257]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1172.542207][T23257]  ? __pfx_ksys_write+0x10/0x10
[ 1172.542249][T23257]  do_syscall_64+0x14d/0xf80
[ 1172.542281][T23257]  ? trace_irq_disable+0x3b/0x150
[ 1172.542305][T23257]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.542326][T23257]  ? clear_bhb_loop+0x40/0x90
[ 1172.542351][T23257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.542373][T23257] RIP: 0033:0x7f93da0ec799
[ 1172.542394][T23257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1172.542412][T23257] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1172.542437][T23257] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1172.542453][T23257] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[ 1172.542467][T23257] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1172.542480][T23257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1172.542493][T23257] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1172.542528][T23257]  </TASK>
[ 1172.781907][T14778] usb 10-1: ch341-uart converter now attached to ttyUSB0
[ 1172.883364][T23259] 9p: Bad value for 'wfdno'
[ 1173.042039][T20412] usb 10-1: USB disconnect, device number 9
[ 1173.107136][T20412] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[ 1173.107978][T20412] ch341 10-1:0.0: device disconnected
[ 1173.368359][T23274] FAULT_INJECTION: forcing a failure.
[ 1173.368359][T23274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1173.368396][T23274] CPU: 1 UID: 0 PID: 23274 Comm: syz.8.5740 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1173.368422][T23274] Tainted: [L]=SOFTLOCKUP
[ 1173.368429][T23274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1173.368440][T23274] Call Trace:
[ 1173.368447][T23274]  <TASK>
[ 1173.368455][T23274]  dump_stack_lvl+0xe8/0x150
[ 1173.368485][T23274]  should_fail_ex+0x46b/0x600
[ 1173.368513][T23274]  _copy_from_user+0x2d/0xb0
[ 1173.368539][T23274]  ___sys_recvmsg+0x175/0x590
[ 1173.368564][T23274]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1173.368605][T23274]  ? __fget_files+0x3a6/0x420
[ 1173.368638][T23274]  __x64_sys_recvmsg+0x1c0/0x2a0
[ 1173.368659][T23274]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[ 1173.368688][T23274]  ? __pfx_ksys_write+0x10/0x10
[ 1173.368724][T23274]  do_syscall_64+0x14d/0xf80
[ 1173.368749][T23274]  ? trace_irq_disable+0x3b/0x150
[ 1173.368769][T23274]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1173.368788][T23274]  ? clear_bhb_loop+0x40/0x90
[ 1173.368809][T23274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1173.368827][T23274] RIP: 0033:0x7f93da0ec799
[ 1173.368845][T23274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1173.368861][T23274] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1173.368882][T23274] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1173.368895][T23274] RDX: 0000000040000000 RSI: 0000200000001d00 RDI: 0000000000000003
[ 1173.368907][T23274] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1173.368919][T23274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1173.368931][T23274] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1173.368959][T23274]  </TASK>
[ 1174.060262][T22836] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1174.111803][T22836] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1174.187722][T22836] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1174.224552][T22836] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1174.469443][T23294] FAULT_INJECTION: forcing a failure.
[ 1174.469443][T23294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1174.469483][T23294] CPU: 0 UID: 0 PID: 23294 Comm: syz.9.5746 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1174.469513][T23294] Tainted: [L]=SOFTLOCKUP
[ 1174.469522][T23294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1174.469535][T23294] Call Trace:
[ 1174.469543][T23294]  <TASK>
[ 1174.469553][T23294]  dump_stack_lvl+0xe8/0x150
[ 1174.469589][T23294]  should_fail_ex+0x46b/0x600
[ 1174.469621][T23294]  _copy_from_iter+0x1d3/0x1670
[ 1174.469656][T23294]  ? txopt_get+0x79/0x3f0
[ 1174.469680][T23294]  ? txopt_get+0x79/0x3f0
[ 1174.469702][T23294]  ? txopt_get+0x79/0x3f0
[ 1174.469725][T23294]  ? __pfx__copy_from_iter+0x10/0x10
[ 1174.469750][T23294]  ? txopt_get+0x343/0x3f0
[ 1174.469776][T23294]  ? __pfx_txopt_get+0x10/0x10
[ 1174.469811][T23294]  rawv6_sendmsg+0xbbd/0x18e0
[ 1174.469849][T23294]  ? __pfx_rawv6_sendmsg+0x10/0x10
[ 1174.469880][T23294]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[ 1174.469909][T23294]  ? __lock_acquire+0x6b5/0x2cf0
[ 1174.469949][T23294]  ? sock_rps_record_flow+0x19/0x400
[ 1174.469983][T23294]  ? inet_sendmsg+0x2f4/0x370
[ 1174.470013][T23294]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1174.470046][T23294]  ? __pfx_inet_sendmsg+0x10/0x10
[ 1174.470083][T23294]  sock_write_iter+0x40c/0x4f0
[ 1174.470112][T23294]  ? __pfx_sock_write_iter+0x10/0x10
[ 1174.470159][T23294]  vfs_write+0x629/0xba0
[ 1174.470197][T23294]  ? __pfx_vfs_write+0x10/0x10
[ 1174.470237][T23294]  ? __fget_files+0x2a/0x420
[ 1174.470274][T23294]  ksys_write+0x156/0x270
[ 1174.470308][T23294]  ? __pfx_ksys_write+0x10/0x10
[ 1174.470350][T23294]  do_syscall_64+0x14d/0xf80
[ 1174.470380][T23294]  ? trace_irq_disable+0x3b/0x150
[ 1174.470405][T23294]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.470428][T23294]  ? clear_bhb_loop+0x40/0x90
[ 1174.470454][T23294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.470476][T23294] RIP: 0033:0x7f30d5cdc799
[ 1174.470498][T23294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1174.470516][T23294] RSP: 002b:00007f30d3f36028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1174.470541][T23294] RAX: ffffffffffffffda RBX: 00007f30d5f55fa0 RCX: 00007f30d5cdc799
[ 1174.470557][T23294] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1174.470571][T23294] RBP: 00007f30d3f36090 R08: 0000000000000000 R09: 0000000000000000
[ 1174.470584][T23294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1174.470598][T23294] R13: 00007f30d5f56038 R14: 00007f30d5f55fa0 R15: 00007ffc56a04468
[ 1174.470633][T23294]  </TASK>
[ 1174.822018][T22836] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1174.874038][T22836] 8021q: adding VLAN 0 to HW filter on device team0
[ 1174.928525][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1174.946568][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1174.949528][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1174.949680][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1175.441180][T23316] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5753'.
[ 1175.826099][T21571] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1175.979113][T21571] usb 1-1: Using ep0 maxpacket: 8
[ 1175.981546][T21571] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1175.981659][T21571] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1175.981685][T21571] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1176.036211][T21571] usb 1-1: config 0 descriptor??
[ 1176.042184][T23333] FAULT_INJECTION: forcing a failure.
[ 1176.042184][T23333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1176.042223][T23333] CPU: 0 UID: 0 PID: 23333 Comm: syz.8.5758 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1176.042253][T23333] Tainted: [L]=SOFTLOCKUP
[ 1176.042262][T23333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1176.042275][T23333] Call Trace:
[ 1176.042284][T23333]  <TASK>
[ 1176.042293][T23333]  dump_stack_lvl+0xe8/0x150
[ 1176.042330][T23333]  should_fail_ex+0x46b/0x600
[ 1176.042363][T23333]  _copy_from_user+0x2d/0xb0
[ 1176.042395][T23333]  ___sys_sendmsg+0x1c6/0x360
[ 1176.042422][T23333]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1176.042480][T23333]  ? __fget_files+0x2a/0x420
[ 1176.042506][T23333]  ? __fget_files+0x3a6/0x420
[ 1176.042543][T23333]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1176.042568][T23333]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1176.042600][T23333]  ? __pfx_ksys_write+0x10/0x10
[ 1176.042643][T23333]  do_syscall_64+0x14d/0xf80
[ 1176.042673][T23333]  ? trace_irq_disable+0x3b/0x150
[ 1176.042698][T23333]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.042719][T23333]  ? clear_bhb_loop+0x40/0x90
[ 1176.042744][T23333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.042766][T23333] RIP: 0033:0x7f93da0ec799
[ 1176.042787][T23333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1176.042806][T23333] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1176.042830][T23333] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1176.042848][T23333] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1176.042863][T23333] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1176.042876][T23333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1176.042890][T23333] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1176.042924][T23333]  </TASK>
[ 1176.278155][T23319] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5755'.
[ 1176.327079][T23319] syz_tun: entered allmulticast mode
[ 1176.327327][T23319] syz_tun: left allmulticast mode
[ 1176.416237][T21571] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1176.834974][T22836] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1177.342630][T22836] veth0_vlan: entered promiscuous mode
[ 1177.390129][T22836] veth1_vlan: entered promiscuous mode
[ 1177.586200][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.586355][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.657683][T23364] FAULT_INJECTION: forcing a failure.
[ 1177.657683][T23364] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1177.657731][T23364] CPU: 1 UID: 0 PID: 23364 Comm: syz.9.5770 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1177.657760][T23364] Tainted: [L]=SOFTLOCKUP
[ 1177.657769][T23364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1177.657780][T23364] Call Trace:
[ 1177.657790][T23364]  <TASK>
[ 1177.657801][T23364]  dump_stack_lvl+0xe8/0x150
[ 1177.657837][T23364]  should_fail_ex+0x46b/0x600
[ 1177.657869][T23364]  _copy_from_user+0x2d/0xb0
[ 1177.657901][T23364]  __sys_bpf+0x229/0x950
[ 1177.657929][T23364]  ? __pfx___sys_bpf+0x10/0x10
[ 1177.657951][T23364]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 1177.657994][T23364]  ? ksys_write+0x248/0x270
[ 1177.658027][T23364]  ? __pfx_ksys_write+0x10/0x10
[ 1177.658063][T23364]  __x64_sys_bpf+0x7c/0x90
[ 1177.658087][T23364]  do_syscall_64+0x14d/0xf80
[ 1177.658115][T23364]  ? trace_irq_disable+0x3b/0x150
[ 1177.658139][T23364]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1177.658161][T23364]  ? clear_bhb_loop+0x40/0x90
[ 1177.658189][T23364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1177.658211][T23364] RIP: 0033:0x7f30d5cdc799
[ 1177.658232][T23364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1177.658251][T23364] RSP: 002b:00007f30d3f36028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1177.658283][T23364] RAX: ffffffffffffffda RBX: 00007f30d5f55fa0 RCX: 00007f30d5cdc799
[ 1177.658299][T23364] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[ 1177.658313][T23364] RBP: 00007f30d3f36090 R08: 0000000000000000 R09: 0000000000000000
[ 1177.658326][T23364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1177.658339][T23364] R13: 00007f30d5f56038 R14: 00007f30d5f55fa0 R15: 00007ffc56a04468
[ 1177.658374][T23364]  </TASK>
[ 1177.802229][T22836] veth0_macvtap: entered promiscuous mode
[ 1177.901544][T22836] veth1_macvtap: entered promiscuous mode
[ 1177.994325][ T5993] usb 1-1: USB disconnect, device number 63
[ 1178.061235][T22836] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1178.104583][T23371] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5771'.
[ 1178.136854][T22836] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1178.170136][T22629] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.170379][T22629] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.170421][T22629] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.170458][T22629] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.769559][ T1552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1178.769583][ T1552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1178.900035][ T5863] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 1178.946939][ T1552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1178.946962][ T1552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1179.046416][T21546] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[ 1179.070438][ T5863] usb 10-1: Using ep0 maxpacket: 16
[ 1179.084088][ T5863] usb 10-1: config 63 has an invalid interface number: 222 but max is 0
[ 1179.084119][ T5863] usb 10-1: config 63 has no interface number 0
[ 1179.084153][ T5863] usb 10-1: config 63 interface 222 has no altsetting 0
[ 1179.100245][ T5863] usb 10-1: New USB device found, idVendor=12d1, idProduct=633d, bcdDevice=a3.d7
[ 1179.100276][ T5863] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1179.100295][ T5863] usb 10-1: Product: syz
[ 1179.100309][ T5863] usb 10-1: Manufacturer: syz
[ 1179.100323][ T5863] usb 10-1: SerialNumber: syz
[ 1179.230563][T21546] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1179.230586][T21546] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1179.230639][T21546] usb 7-1: Product: syz
[ 1179.230648][T21546] usb 7-1: Manufacturer: syz
[ 1179.230656][T21546] usb 7-1: SerialNumber: syz
[ 1179.341719][T21546] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1179.413013][ T5863] qmi_wwan 10-1:63.222: probe with driver qmi_wwan failed with error -22
[ 1179.426285][   T10] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1179.514378][ T5863] usb 10-1: USB disconnect, device number 10
[ 1179.870981][T21301] usb 7-1: USB disconnect, device number 16
[ 1180.066788][T21546] usb 1-1: new full-speed USB device number 64 using dummy_hcd
[ 1180.220945][T21546] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1180.220982][T21546] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1180.222939][T21546] usb 1-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[ 1180.222968][T21546] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1180.222988][T21546] usb 1-1: Manufacturer: syz
[ 1180.292589][T21546] usb 1-1: config 0 descriptor??
[ 1180.622014][   T10] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[ 1180.622368][   T10] ath9k_htc: Failed to initialize the device
[ 1180.652393][T21301] usb 7-1: ath9k_htc: USB layer deinitialized
[ 1180.734856][T21546] cougar 0003:060B:700A.0020: item fetching failed at offset 0/5
[ 1180.735640][T21546] cougar 0003:060B:700A.0020: parse failed
[ 1180.735744][T21546] cougar 0003:060B:700A.0020: probe with driver cougar failed with error -22
[ 1180.963371][T23410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1180.964030][T23410] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1181.053574][T21301] usb 1-1: USB disconnect, device number 64
[ 1181.447302][T23456] FAULT_INJECTION: forcing a failure.
[ 1181.447302][T23456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1181.447342][T23456] CPU: 1 UID: 0 PID: 23456 Comm: syz.9.5796 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1181.447373][T23456] Tainted: [L]=SOFTLOCKUP
[ 1181.447382][T23456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1181.447395][T23456] Call Trace:
[ 1181.447404][T23456]  <TASK>
[ 1181.447414][T23456]  dump_stack_lvl+0xe8/0x150
[ 1181.447452][T23456]  should_fail_ex+0x46b/0x600
[ 1181.447486][T23456]  _copy_from_user+0x2d/0xb0
[ 1181.447519][T23456]  do_sock_getsockopt+0x165/0x3f0
[ 1181.447557][T23456]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1181.447592][T23456]  ? __fget_files+0x3a6/0x420
[ 1181.447619][T23456]  ? __fget_files+0x2a/0x420
[ 1181.447654][T23456]  __x64_sys_getsockopt+0x1aa/0x250
[ 1181.447698][T23456]  do_syscall_64+0x14d/0xf80
[ 1181.447729][T23456]  ? trace_irq_disable+0x3b/0x150
[ 1181.447754][T23456]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.447777][T23456]  ? clear_bhb_loop+0x40/0x90
[ 1181.447805][T23456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.447827][T23456] RIP: 0033:0x7f30d5cdc799
[ 1181.447848][T23456] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1181.447868][T23456] RSP: 002b:00007f30d3f36028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1181.447893][T23456] RAX: ffffffffffffffda RBX: 00007f30d5f55fa0 RCX: 00007f30d5cdc799
[ 1181.447910][T23456] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[ 1181.447925][T23456] RBP: 00007f30d3f36090 R08: 0000200000000400 R09: 0000000000000000
[ 1181.447940][T23456] R10: 0000200000000480 R11: 0000000000000246 R12: 0000000000000001
[ 1181.447955][T23456] R13: 00007f30d5f56038 R14: 00007f30d5f55fa0 R15: 00007ffc56a04468
[ 1181.448000][T23456]  </TASK>
[ 1181.923092][T23464] bridge_slave_0: left allmulticast mode
[ 1181.923124][T23464] bridge_slave_0: left promiscuous mode
[ 1181.923374][T23464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1182.095027][T23464] bridge_slave_1: left allmulticast mode
[ 1182.095059][T23464] bridge_slave_1: left promiscuous mode
[ 1182.095317][T23464] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1182.315246][T23464] bond0: (slave bond_slave_0): Releasing backup interface
[ 1183.346931][T23464] bond0: (slave bond_slave_1): Releasing backup interface
[ 1183.558007][T21571] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1183.632012][T23464] team0: Port device team_slave_0 removed
[ 1183.684995][T23464] team0: Port device team_slave_1 removed
[ 1183.689338][T23464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1183.689366][T23464] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1183.708681][T21571] usb 7-1: Using ep0 maxpacket: 16
[ 1183.718990][T21571] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1183.720296][T21571] usb 7-1: config 1 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 8
[ 1183.720327][T21571] usb 7-1: config 1 interface 0 altsetting 2 bulk endpoint 0x3 has invalid maxpacket 32
[ 1183.720350][T21571] usb 7-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1183.720374][T21571] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1183.732705][T21571] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1183.732736][T21571] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1183.732755][T21571] usb 7-1: Product: syz
[ 1183.732769][T21571] usb 7-1: Manufacturer: syz
[ 1183.732783][T21571] usb 7-1: SerialNumber: syz
[ 1183.760609][T23481] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1183.760749][T23481] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1184.040964][T23464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1184.041387][T23464] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1184.089255][T23464] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1184.093989][T23467] team0: Mode changed to "activebackup"
[ 1184.746457][T23506] FAULT_INJECTION: forcing a failure.
[ 1184.746457][T23506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1184.746497][T23506] CPU: 0 UID: 0 PID: 23506 Comm: syz.8.5809 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1184.746526][T23506] Tainted: [L]=SOFTLOCKUP
[ 1184.746534][T23506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1184.746547][T23506] Call Trace:
[ 1184.746556][T23506]  <TASK>
[ 1184.746566][T23506]  dump_stack_lvl+0xe8/0x150
[ 1184.746602][T23506]  should_fail_ex+0x46b/0x600
[ 1184.746634][T23506]  _copy_from_user+0x2d/0xb0
[ 1184.746665][T23506]  ___sys_sendmsg+0x1c6/0x360
[ 1184.746694][T23506]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1184.746753][T23506]  ? __fget_files+0x2a/0x420
[ 1184.746780][T23506]  ? __fget_files+0x3a6/0x420
[ 1184.746817][T23506]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1184.746841][T23506]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1184.746873][T23506]  ? __pfx_ksys_write+0x10/0x10
[ 1184.746914][T23506]  do_syscall_64+0x14d/0xf80
[ 1184.746944][T23506]  ? trace_irq_disable+0x3b/0x150
[ 1184.746969][T23506]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.746992][T23506]  ? clear_bhb_loop+0x40/0x90
[ 1184.747019][T23506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.747041][T23506] RIP: 0033:0x7f93da0ec799
[ 1184.747061][T23506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1184.747090][T23506] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1184.747114][T23506] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1184.747131][T23506] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[ 1184.747145][T23506] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1184.747159][T23506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1184.747174][T23506] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1184.747210][T23506]  </TASK>
[ 1185.399594][T21571] usb 7-1: bad CDC descriptors
[ 1185.454556][T21571] usb 7-1: USB disconnect, device number 17
[ 1185.916012][T21546] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[ 1186.641297][T21546] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1186.641338][T21546] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1186.641383][T21546] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1186.641416][T21546] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.661273][T23522] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1186.689870][T21546] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1187.286596][T21546] usb 10-1: USB disconnect, device number 11
[ 1187.619549][T23547] FAULT_INJECTION: forcing a failure.
[ 1187.619549][T23547] name failslab, interval 1, probability 0, space 0, times 0
[ 1187.619590][T23547] CPU: 0 UID: 0 PID: 23547 Comm: syz.8.5820 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1187.619621][T23547] Tainted: [L]=SOFTLOCKUP
[ 1187.619629][T23547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1187.619641][T23547] Call Trace:
[ 1187.619650][T23547]  <TASK>
[ 1187.619659][T23547]  dump_stack_lvl+0xe8/0x150
[ 1187.619697][T23547]  should_fail_ex+0x46b/0x600
[ 1187.619731][T23547]  should_failslab+0xa8/0x100
[ 1187.619755][T23547]  __kmalloc_noprof+0xdf/0x7b0
[ 1187.619783][T23547]  ? kfree+0x4d/0x6c0
[ 1187.619810][T23547]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1187.619845][T23547]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1187.619892][T23547]  ? tomoyo_path_number_perm+0x219/0x630
[ 1187.619925][T23547]  tomoyo_path_number_perm+0x246/0x630
[ 1187.619961][T23547]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1187.619998][T23547]  ? __lock_acquire+0x6b5/0x2cf0
[ 1187.620059][T23547]  ? __fget_files+0x2a/0x420
[ 1187.620089][T23547]  ? __fget_files+0x2a/0x420
[ 1187.620115][T23547]  ? __fget_files+0x3a6/0x420
[ 1187.620139][T23547]  ? __fget_files+0x2a/0x420
[ 1187.620169][T23547]  security_file_ioctl+0xc3/0x2a0
[ 1187.620194][T23547]  __se_sys_ioctl+0x47/0x170
[ 1187.620229][T23547]  do_syscall_64+0x14d/0xf80
[ 1187.620259][T23547]  ? trace_irq_disable+0x3b/0x150
[ 1187.620282][T23547]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.620305][T23547]  ? clear_bhb_loop+0x40/0x90
[ 1187.620333][T23547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.620356][T23547] RIP: 0033:0x7f93da0ec799
[ 1187.620378][T23547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1187.620396][T23547] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1187.620420][T23547] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1187.620437][T23547] RDX: 0000200000000080 RSI: 00000000c040565f RDI: 0000000000000003
[ 1187.620451][T23547] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1187.620465][T23547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1187.620478][T23547] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1187.620513][T23547]  </TASK>
[ 1187.620522][T23547] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1188.069258][T23553] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5823'.
[ 1188.310362][T23560] FAULT_INJECTION: forcing a failure.
[ 1188.310362][T23560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1188.310402][T23560] CPU: 1 UID: 0 PID: 23560 Comm: syz.8.5825 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1188.310433][T23560] Tainted: [L]=SOFTLOCKUP
[ 1188.310441][T23560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1188.310455][T23560] Call Trace:
[ 1188.310464][T23560]  <TASK>
[ 1188.310474][T23560]  dump_stack_lvl+0xe8/0x150
[ 1188.310511][T23560]  should_fail_ex+0x46b/0x600
[ 1188.310545][T23560]  strncpy_from_user+0x36/0x2b0
[ 1188.310575][T23560]  __se_sys_add_key+0xdb/0x420
[ 1188.310612][T23560]  ? __pfx___se_sys_add_key+0x10/0x10
[ 1188.310654][T23560]  ? __x64_sys_add_key+0x20/0xc0
[ 1188.310688][T23560]  do_syscall_64+0x14d/0xf80
[ 1188.310718][T23560]  ? trace_irq_disable+0x3b/0x150
[ 1188.310743][T23560]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1188.310764][T23560]  ? clear_bhb_loop+0x40/0x90
[ 1188.310789][T23560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1188.310809][T23560] RIP: 0033:0x7f93da0ec799
[ 1188.310827][T23560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1188.310845][T23560] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[ 1188.310868][T23560] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1188.310885][T23560] RDX: 0000000000000000 RSI: 0000200000000b80 RDI: 0000200000000b40
[ 1188.310899][T23560] RBP: 00007f93d8346090 R08: 000000000c68c994 R09: 0000000000000000
[ 1188.310913][T23560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1188.310926][T23560] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1188.310961][T23560]  </TASK>
[ 1189.051363][T23579] FAULT_INJECTION: forcing a failure.
[ 1189.051363][T23579] name failslab, interval 1, probability 0, space 0, times 0
[ 1189.051402][T23579] CPU: 1 UID: 0 PID: 23579 Comm: syz.8.5832 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1189.051432][T23579] Tainted: [L]=SOFTLOCKUP
[ 1189.051441][T23579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1189.051455][T23579] Call Trace:
[ 1189.051464][T23579]  <TASK>
[ 1189.051473][T23579]  dump_stack_lvl+0xe8/0x150
[ 1189.051511][T23579]  should_fail_ex+0x46b/0x600
[ 1189.051544][T23579]  should_failslab+0xa8/0x100
[ 1189.051569][T23579]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[ 1189.051600][T23579]  ? __alloc_skb+0x1d0/0x7d0
[ 1189.051646][T23579]  ? __pfx_tcp_current_mss+0x10/0x10
[ 1189.051679][T23579]  __alloc_skb+0x1d0/0x7d0
[ 1189.051713][T23579]  tcp_stream_alloc_skb+0x3f/0x5c0
[ 1189.051747][T23579]  tcp_sendmsg_locked+0x137b/0x5490
[ 1189.051774][T23579]  ? __lock_acquire+0x6b5/0x2cf0
[ 1189.051820][T23579]  ? __lock_acquire+0x6b5/0x2cf0
[ 1189.051872][T23579]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1189.051916][T23579]  ? __local_bh_enable_ip+0x1ae/0x2b0
[ 1189.051946][T23579]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1189.051980][T23579]  ? __pfx_inet_sendmsg+0x10/0x10
[ 1189.052012][T23579]  tcp_sendmsg+0x2f/0x50
[ 1189.052044][T23579]  __sys_sendto+0x5f1/0x710
[ 1189.052082][T23579]  ? __pfx___sys_sendto+0x10/0x10
[ 1189.052153][T23579]  ? ksys_write+0x248/0x270
[ 1189.052188][T23579]  ? __pfx_ksys_write+0x10/0x10
[ 1189.052226][T23579]  __x64_sys_sendto+0xde/0x100
[ 1189.052261][T23579]  do_syscall_64+0x14d/0xf80
[ 1189.052292][T23579]  ? trace_irq_disable+0x3b/0x150
[ 1189.052317][T23579]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1189.052340][T23579]  ? clear_bhb_loop+0x40/0x90
[ 1189.052367][T23579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1189.052389][T23579] RIP: 0033:0x7f93da0ec799
[ 1189.052410][T23579] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1189.052429][T23579] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1189.052452][T23579] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1189.052469][T23579] RDX: 000000000000059a RSI: 0000200000000580 RDI: 0000000000000003
[ 1189.052483][T23579] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1189.052497][T23579] R10: 0000000010008095 R11: 0000000000000246 R12: 0000000000000001
[ 1189.052511][T23579] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1189.052548][T23579]  </TASK>
[ 1189.687261][T21301] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[ 1189.832555][T23589] FAULT_INJECTION: forcing a failure.
[ 1189.832555][T23589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1189.832605][T23589] CPU: 1 UID: 0 PID: 23589 Comm: syz.8.5835 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1189.832637][T23589] Tainted: [L]=SOFTLOCKUP
[ 1189.832645][T23589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1189.832657][T23589] Call Trace:
[ 1189.832667][T23589]  <TASK>
[ 1189.832677][T23589]  dump_stack_lvl+0xe8/0x150
[ 1189.832716][T23589]  should_fail_ex+0x46b/0x600
[ 1189.832749][T23589]  _copy_from_user+0x2d/0xb0
[ 1189.832782][T23589]  ___sys_sendmsg+0x1c6/0x360
[ 1189.832811][T23589]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1189.832839][T23589]  ? __schedule+0x1569/0x5240
[ 1189.832899][T23589]  ? __fget_files+0x2a/0x420
[ 1189.832926][T23589]  ? __fget_files+0x3a6/0x420
[ 1189.832964][T23589]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1189.832991][T23589]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1189.833049][T23589]  do_syscall_64+0x14d/0xf80
[ 1189.833082][T23589]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1189.833105][T23589]  ? clear_bhb_loop+0x40/0x90
[ 1189.833133][T23589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1189.833155][T23589] RIP: 0033:0x7f93da0ec799
[ 1189.833176][T23589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1189.833195][T23589] RSP: 002b:00007f93d8325028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1189.833219][T23589] RAX: ffffffffffffffda RBX: 00007f93da366090 RCX: 00007f93da0ec799
[ 1189.833236][T23589] RDX: 0000000000000004 RSI: 0000200000000240 RDI: 0000000000000005
[ 1189.833251][T23589] RBP: 00007f93d8325090 R08: 0000000000000000 R09: 0000000000000000
[ 1189.833265][T23589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1189.833279][T23589] R13: 00007f93da366128 R14: 00007f93da366090 R15: 00007ffebc244288
[ 1189.833314][T23589]  </TASK>
[ 1190.272413][T21301] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1190.319152][T21301] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1190.319261][T21301] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1190.319319][T21301] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1190.550731][T21301] usb 10-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[ 1190.550802][T21301] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1190.550864][T21301] usb 10-1: Product: syz
[ 1190.550881][T21301] usb 10-1: Manufacturer: syz
[ 1190.550937][T21301] usb 10-1: SerialNumber: syz
[ 1190.715075][T21301] usb 10-1: config 0 descriptor??
[ 1190.863540][T21301] pn533_usb 10-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[ 1191.284931][T21301] usb 10-1: USB disconnect, device number 12
[ 1193.126006][   T10] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1193.306036][   T10] usb 10-1: config index 0 descriptor too short (expected 45, got 25)
[ 1193.306068][   T10] usb 10-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1193.306121][   T10] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1193.316740][   T10] usb 10-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1193.316772][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1193.316791][   T10] usb 10-1: Product: syz
[ 1193.316804][   T10] usb 10-1: Manufacturer: syz
[ 1193.316818][   T10] usb 10-1: SerialNumber: syz
[ 1193.766452][T23612] kernel profiling enabled (shift: 9)
[ 1193.837128][T23617] FAULT_INJECTION: forcing a failure.
[ 1193.837128][T23617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1193.837169][T23617] CPU: 1 UID: 0 PID: 23617 Comm: syz.6.5845 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1193.837200][T23617] Tainted: [L]=SOFTLOCKUP
[ 1193.837208][T23617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1193.837222][T23617] Call Trace:
[ 1193.837231][T23617]  <TASK>
[ 1193.837246][T23617]  dump_stack_lvl+0xe8/0x150
[ 1193.837284][T23617]  should_fail_ex+0x46b/0x600
[ 1193.837318][T23617]  _copy_from_user+0x2d/0xb0
[ 1193.837350][T23617]  ___sys_sendmsg+0x1c6/0x360
[ 1193.837379][T23617]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1193.837441][T23617]  ? __fget_files+0x2a/0x420
[ 1193.837477][T23617]  ? __fget_files+0x3a6/0x420
[ 1193.837514][T23617]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1193.837539][T23617]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1193.837572][T23617]  ? __pfx_ksys_write+0x10/0x10
[ 1193.837616][T23617]  do_syscall_64+0x14d/0xf80
[ 1193.837647][T23617]  ? trace_irq_disable+0x3b/0x150
[ 1193.837671][T23617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.837694][T23617]  ? clear_bhb_loop+0x40/0x90
[ 1193.837728][T23617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.837750][T23617] RIP: 0033:0x7f643e87c799
[ 1193.837771][T23617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1193.837789][T23617] RSP: 002b:00007f643cad6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1193.837813][T23617] RAX: ffffffffffffffda RBX: 00007f643eaf5fa0 RCX: 00007f643e87c799
[ 1193.837838][T23617] RDX: 00000000000440e0 RSI: 0000200000000100 RDI: 0000000000000003
[ 1193.837852][T23617] RBP: 00007f643cad6090 R08: 0000000000000000 R09: 0000000000000000
[ 1193.837866][T23617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1193.837880][T23617] R13: 00007f643eaf6038 R14: 00007f643eaf5fa0 R15: 00007ffcbc93eff8
[ 1193.837915][T23617]  </TASK>
[ 1194.903395][T23636] FAULT_INJECTION: forcing a failure.
[ 1194.903395][T23636] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1194.903467][T23636] CPU: 0 UID: 0 PID: 23636 Comm: syz.8.5849 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1194.903500][T23636] Tainted: [L]=SOFTLOCKUP
[ 1194.903508][T23636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1194.903522][T23636] Call Trace:
[ 1194.903531][T23636]  <TASK>
[ 1194.903542][T23636]  dump_stack_lvl+0xe8/0x150
[ 1194.903577][T23636]  should_fail_ex+0x46b/0x600
[ 1194.903609][T23636]  strncpy_from_user+0x36/0x2b0
[ 1194.903638][T23636]  path_setxattrat+0x191/0x440
[ 1194.903678][T23636]  ? __pfx_path_setxattrat+0x10/0x10
[ 1194.903749][T23636]  __x64_sys_lsetxattr+0xbf/0xe0
[ 1194.903787][T23636]  do_syscall_64+0x14d/0xf80
[ 1194.903818][T23636]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.903839][T23636]  ? clear_bhb_loop+0x40/0x90
[ 1194.903864][T23636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.903887][T23636] RIP: 0033:0x7f93da0ec799
[ 1194.903907][T23636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1194.903926][T23636] RSP: 002b:00007f93d8304028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[ 1194.903952][T23636] RAX: ffffffffffffffda RBX: 00007f93da366180 RCX: 00007f93da0ec799
[ 1194.903968][T23636] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000080
[ 1194.903983][T23636] RBP: 00007f93d8304090 R08: 0000000000000003 R09: 0000000000000000
[ 1194.903997][T23636] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001
[ 1194.904012][T23636] R13: 00007f93da366218 R14: 00007f93da366180 R15: 00007ffebc244288
[ 1194.904046][T23636]  </TASK>
[ 1195.041015][ T5808] Bluetooth: hci0: command 0x0406 tx timeout
[ 1195.836997][T20412] usb 10-1: USB disconnect, device number 13
[ 1196.037490][T23645] FAULT_INJECTION: forcing a failure.
[ 1196.037490][T23645] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1196.037531][T23645] CPU: 1 UID: 0 PID: 23645 Comm: syz.6.5853 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1196.037562][T23645] Tainted: [L]=SOFTLOCKUP
[ 1196.037571][T23645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1196.037585][T23645] Call Trace:
[ 1196.037594][T23645]  <TASK>
[ 1196.037604][T23645]  dump_stack_lvl+0xe8/0x150
[ 1196.037642][T23645]  should_fail_ex+0x46b/0x600
[ 1196.037675][T23645]  _copy_from_user+0x2d/0xb0
[ 1196.037707][T23645]  ucma_write+0x166/0x2f0
[ 1196.037738][T23645]  ? __pfx_ucma_write+0x10/0x10
[ 1196.037769][T23645]  ? rw_verify_area+0x25b/0x4e0
[ 1196.037799][T23645]  ? __pfx_ucma_write+0x10/0x10
[ 1196.037826][T23645]  vfs_write+0x2a3/0xba0
[ 1196.037867][T23645]  ? __pfx_vfs_write+0x10/0x10
[ 1196.037900][T23645]  ? __fget_files+0x2a/0x420
[ 1196.037940][T23645]  ? __fget_files+0x2a/0x420
[ 1196.037965][T23645]  ? __fget_files+0x3a6/0x420
[ 1196.037991][T23645]  ? __fget_files+0x2a/0x420
[ 1196.038029][T23645]  ksys_write+0x156/0x270
[ 1196.038063][T23645]  ? __pfx_ksys_write+0x10/0x10
[ 1196.038106][T23645]  do_syscall_64+0x14d/0xf80
[ 1196.038137][T23645]  ? trace_irq_disable+0x3b/0x150
[ 1196.038163][T23645]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.038186][T23645]  ? clear_bhb_loop+0x40/0x90
[ 1196.038213][T23645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.038235][T23645] RIP: 0033:0x7f643e87c799
[ 1196.038256][T23645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1196.038276][T23645] RSP: 002b:00007f643cad6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1196.038300][T23645] RAX: ffffffffffffffda RBX: 00007f643eaf5fa0 RCX: 00007f643e87c799
[ 1196.038316][T23645] RDX: 0000000000000018 RSI: 0000200000000180 RDI: 0000000000000003
[ 1196.038331][T23645] RBP: 00007f643cad6090 R08: 0000000000000000 R09: 0000000000000000
[ 1196.038345][T23645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1196.038358][T23645] R13: 00007f643eaf6038 R14: 00007f643eaf5fa0 R15: 00007ffcbc93eff8
[ 1196.038394][T23645]  </TASK>
[ 1196.104966][T23646] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5852'.
[ 1197.253969][T23666] FAULT_INJECTION: forcing a failure.
[ 1197.253969][T23666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1197.254009][T23666] CPU: 0 UID: 0 PID: 23666 Comm: syz.8.5858 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1197.254039][T23666] Tainted: [L]=SOFTLOCKUP
[ 1197.254047][T23666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1197.254059][T23666] Call Trace:
[ 1197.254069][T23666]  <TASK>
[ 1197.254079][T23666]  dump_stack_lvl+0xe8/0x150
[ 1197.254117][T23666]  should_fail_ex+0x46b/0x600
[ 1197.254152][T23666]  _copy_to_user+0x31/0xb0
[ 1197.254186][T23666]  simple_read_from_buffer+0xe1/0x170
[ 1197.254219][T23666]  proc_fail_nth_read+0x1be/0x230
[ 1197.254249][T23666]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1197.254279][T23666]  ? rw_verify_area+0x2ac/0x4e0
[ 1197.254310][T23666]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1197.254338][T23666]  vfs_read+0x212/0xa80
[ 1197.254379][T23666]  ? __pfx_vfs_read+0x10/0x10
[ 1197.254414][T23666]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1197.254447][T23666]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1197.254478][T23666]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1197.254510][T23666]  ? mutex_lock_nested+0x152/0x1d0
[ 1197.254535][T23666]  ? fdget_pos+0x252/0x320
[ 1197.254573][T23666]  ksys_read+0x156/0x270
[ 1197.254600][T23666]  ? __pfx_ksys_read+0x10/0x10
[ 1197.254647][T23666]  do_syscall_64+0x14d/0xf80
[ 1197.254692][T23666]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.254718][T23666]  ? clear_bhb_loop+0x40/0x90
[ 1197.254747][T23666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.254763][T23666] RIP: 0033:0x7f93da0acfce
[ 1197.254780][T23666] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1197.254794][T23666] RSP: 002b:00007f93d8303fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1197.254821][T23666] RAX: ffffffffffffffda RBX: 00007f93d83046c0 RCX: 00007f93da0acfce
[ 1197.254833][T23666] RDX: 000000000000000f RSI: 00007f93d83040a0 RDI: 0000000000000008
[ 1197.254844][T23666] RBP: 00007f93d8304090 R08: 0000000000000000 R09: 0000000000000000
[ 1197.254855][T23666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1197.254866][T23666] R13: 00007f93da366218 R14: 00007f93da366180 R15: 00007ffebc244288
[ 1197.254893][T23666]  </TASK>
[ 1200.899827][T23695] 9p: Bad value for 'rfdno'
[ 1201.112206][ T5808] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1201.138001][ T5808] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1201.140953][ T5808] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1201.142611][ T5808] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1201.143448][ T5808] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1201.667918][   T37] audit: type=1326 audit(1773965014.720:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.672643][   T37] audit: type=1326 audit(1773965014.730:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.676648][   T37] audit: type=1326 audit(1773965014.740:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.676954][   T37] audit: type=1326 audit(1773965014.740:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.677742][   T37] audit: type=1326 audit(1773965014.740:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.678037][   T37] audit: type=1326 audit(1773965014.740:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.678526][   T37] audit: type=1326 audit(1773965014.740:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.683188][   T37] audit: type=1326 audit(1773965014.740:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.686889][   T37] audit: type=1326 audit(1773965014.740:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1201.687216][   T37] audit: type=1326 audit(1773965014.750:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23711 comm="syz.6.5868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f643e87c799 code=0x7ffc0000
[ 1203.147135][T23722] FAULT_INJECTION: forcing a failure.
[ 1203.147135][T23722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1203.147186][T23722] CPU: 0 UID: 0 PID: 23722 Comm: syz.6.5870 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1203.147216][T23722] Tainted: [L]=SOFTLOCKUP
[ 1203.147225][T23722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1203.147238][T23722] Call Trace:
[ 1203.147246][T23722]  <TASK>
[ 1203.147256][T23722]  dump_stack_lvl+0xe8/0x150
[ 1203.147294][T23722]  should_fail_ex+0x46b/0x600
[ 1203.147329][T23722]  _copy_from_user+0x2d/0xb0
[ 1203.147361][T23722]  ___sys_sendmsg+0x1c6/0x360
[ 1203.147390][T23722]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1203.147451][T23722]  ? __fget_files+0x2a/0x420
[ 1203.147478][T23722]  ? __fget_files+0x3a6/0x420
[ 1203.147517][T23722]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1203.147543][T23722]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1203.147587][T23722]  ? __pfx_ksys_write+0x10/0x10
[ 1203.147633][T23722]  do_syscall_64+0x14d/0xf80
[ 1203.147664][T23722]  ? trace_irq_disable+0x3b/0x150
[ 1203.147690][T23722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.147713][T23722]  ? clear_bhb_loop+0x40/0x90
[ 1203.147741][T23722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.147763][T23722] RIP: 0033:0x7f643e87c799
[ 1203.147784][T23722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1203.147804][T23722] RSP: 002b:00007f643cad6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1203.147828][T23722] RAX: ffffffffffffffda RBX: 00007f643eaf5fa0 RCX: 00007f643e87c799
[ 1203.147845][T23722] RDX: 0000000020040000 RSI: 0000200000000240 RDI: 0000000000000003
[ 1203.147860][T23722] RBP: 00007f643cad6090 R08: 0000000000000000 R09: 0000000000000000
[ 1203.147875][T23722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1203.147888][T23722] R13: 00007f643eaf6038 R14: 00007f643eaf5fa0 R15: 00007ffcbc93eff8
[ 1203.147922][T23722]  </TASK>
[ 1203.263240][ T5808] Bluetooth: hci6: command tx timeout
[ 1203.644542][T23732] FAULT_INJECTION: forcing a failure.
[ 1203.644542][T23732] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1203.644582][T23732] CPU: 0 UID: 0 PID: 23732 Comm: syz.6.5874 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1203.644612][T23732] Tainted: [L]=SOFTLOCKUP
[ 1203.644620][T23732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1203.644648][T23732] Call Trace:
[ 1203.644658][T23732]  <TASK>
[ 1203.644668][T23732]  dump_stack_lvl+0xe8/0x150
[ 1203.644705][T23732]  should_fail_ex+0x46b/0x600
[ 1203.644740][T23732]  _copy_to_user+0x31/0xb0
[ 1203.644774][T23732]  simple_read_from_buffer+0xe1/0x170
[ 1203.644808][T23732]  proc_fail_nth_read+0x1be/0x230
[ 1203.644839][T23732]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1203.644869][T23732]  ? rw_verify_area+0x2ac/0x4e0
[ 1203.644900][T23732]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1203.644927][T23732]  vfs_read+0x212/0xa80
[ 1203.644967][T23732]  ? __pfx_vfs_read+0x10/0x10
[ 1203.645002][T23732]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1203.645036][T23732]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1203.645068][T23732]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1203.645100][T23732]  ? mutex_lock_nested+0x152/0x1d0
[ 1203.645125][T23732]  ? fdget_pos+0x252/0x320
[ 1203.645162][T23732]  ksys_read+0x156/0x270
[ 1203.645197][T23732]  ? __pfx_ksys_read+0x10/0x10
[ 1203.645242][T23732]  do_syscall_64+0x14d/0xf80
[ 1203.645273][T23732]  ? trace_irq_disable+0x3b/0x150
[ 1203.645298][T23732]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.645320][T23732]  ? clear_bhb_loop+0x40/0x90
[ 1203.645348][T23732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.645369][T23732] RIP: 0033:0x7f643e83cfce
[ 1203.645391][T23732] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1203.645410][T23732] RSP: 002b:00007f643cab4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1203.645433][T23732] RAX: ffffffffffffffda RBX: 00007f643cab56c0 RCX: 00007f643e83cfce
[ 1203.645449][T23732] RDX: 000000000000000f RSI: 00007f643cab50a0 RDI: 0000000000000005
[ 1203.645463][T23732] RBP: 00007f643cab5090 R08: 0000000000000000 R09: 0000000000000000
[ 1203.645477][T23732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1203.645490][T23732] R13: 00007f643eaf6128 R14: 00007f643eaf6090 R15: 00007ffcbc93eff8
[ 1203.645527][T23732]  </TASK>
[ 1204.177216][T23697] chnl_net:caif_netlink_parms(): no params data found
[ 1204.432276][   T10] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[ 1204.578472][   T10] usb 10-1: config 0 has an invalid interface number: 238 but max is 0
[ 1204.578502][   T10] usb 10-1: config 0 has no interface number 0
[ 1204.578545][   T10] usb 10-1: config 0 interface 238 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1204.578566][   T10] usb 10-1: config 0 interface 238 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 0
[ 1204.578588][   T10] usb 10-1: config 0 interface 238 altsetting 2 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1204.578608][   T10] usb 10-1: config 0 interface 238 has no altsetting 0
[ 1204.582039][   T10] usb 10-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=f6.6a
[ 1204.582074][   T10] usb 10-1: New USB device strings: Mfr=181, Product=147, SerialNumber=160
[ 1204.582098][   T10] usb 10-1: Product: syz
[ 1204.582114][   T10] usb 10-1: Manufacturer: syz
[ 1204.582129][   T10] usb 10-1: SerialNumber: syz
[ 1204.678313][   T10] usb 10-1: config 0 descriptor??
[ 1205.339959][ T5808] Bluetooth: hci6: command tx timeout
[ 1206.003713][   T10] ni6501 10-1:0.238: driver 'ni6501' failed to auto-configure device.
[ 1206.147917][   T10] usb 10-1: USB disconnect, device number 14
[ 1206.195159][ T5802] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1206.228877][ T5802] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1206.232245][ T5802] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1206.265111][ T5802] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1206.276856][ T5802] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1206.549274][T23697] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1206.549464][T23697] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1206.549825][T23697] bridge_slave_0: entered allmulticast mode
[ 1206.591570][T23697] bridge_slave_0: entered promiscuous mode
[ 1206.609818][T23697] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1206.609950][T23697] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1206.610206][T23697] bridge_slave_1: entered allmulticast mode
[ 1206.639339][T23697] bridge_slave_1: entered promiscuous mode
[ 1207.227643][T23776] FAULT_INJECTION: forcing a failure.
[ 1207.227643][T23776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1207.227685][T23776] CPU: 0 UID: 0 PID: 23776 Comm: syz.8.5885 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1207.227716][T23776] Tainted: [L]=SOFTLOCKUP
[ 1207.227724][T23776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1207.227739][T23776] Call Trace:
[ 1207.227748][T23776]  <TASK>
[ 1207.227757][T23776]  dump_stack_lvl+0xe8/0x150
[ 1207.227794][T23776]  should_fail_ex+0x46b/0x600
[ 1207.227829][T23776]  _copy_from_user+0x2d/0xb0
[ 1207.227862][T23776]  ___sys_sendmsg+0x1c6/0x360
[ 1207.227893][T23776]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1207.227923][T23776]  ? kstrtouint+0x6e/0xe0
[ 1207.227977][T23776]  ? __fget_files+0x2a/0x420
[ 1207.228004][T23776]  ? __fget_files+0x3a6/0x420
[ 1207.228043][T23776]  __sys_sendmmsg+0x282/0x4e0
[ 1207.228073][T23776]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1207.228106][T23776]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1207.228149][T23776]  ? ksys_write+0x248/0x270
[ 1207.228183][T23776]  ? __pfx_ksys_write+0x10/0x10
[ 1207.228223][T23776]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1207.228248][T23776]  do_syscall_64+0x14d/0xf80
[ 1207.228279][T23776]  ? trace_irq_disable+0x3b/0x150
[ 1207.228305][T23776]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.228333][T23776]  ? clear_bhb_loop+0x40/0x90
[ 1207.228361][T23776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.228382][T23776] RIP: 0033:0x7f93da0ec799
[ 1207.228404][T23776] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1207.228422][T23776] RSP: 002b:00007f93d8325028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1207.228446][T23776] RAX: ffffffffffffffda RBX: 00007f93da366090 RCX: 00007f93da0ec799
[ 1207.228463][T23776] RDX: 0000000000034000 RSI: 0000200000004380 RDI: 0000000000000006
[ 1207.228479][T23776] RBP: 00007f93d8325090 R08: 0000000000000000 R09: 0000000000000000
[ 1207.228493][T23776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1207.228506][T23776] R13: 00007f93da366128 R14: 00007f93da366090 R15: 00007ffebc244288
[ 1207.228550][T23776]  </TASK>
[ 1207.405988][ T5808] Bluetooth: hci6: command tx timeout
[ 1207.827999][T23697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1207.910891][T23697] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1208.189477][T23786] FAULT_INJECTION: forcing a failure.
[ 1208.189477][T23786] name failslab, interval 1, probability 0, space 0, times 0
[ 1208.189517][T23786] CPU: 1 UID: 0 PID: 23786 Comm: syz.8.5888 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1208.189547][T23786] Tainted: [L]=SOFTLOCKUP
[ 1208.189556][T23786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1208.189569][T23786] Call Trace:
[ 1208.189578][T23786]  <TASK>
[ 1208.189588][T23786]  dump_stack_lvl+0xe8/0x150
[ 1208.189636][T23786]  should_fail_ex+0x46b/0x600
[ 1208.189670][T23786]  should_failslab+0xa8/0x100
[ 1208.189695][T23786]  __kmalloc_noprof+0xdf/0x7b0
[ 1208.189727][T23786]  ? kfree+0x4d/0x6c0
[ 1208.189754][T23786]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1208.189787][T23786]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1208.189825][T23786]  ? tomoyo_path_number_perm+0x219/0x630
[ 1208.189857][T23786]  tomoyo_path_number_perm+0x246/0x630
[ 1208.189895][T23786]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1208.189932][T23786]  ? __lock_acquire+0x6b5/0x2cf0
[ 1208.189992][T23786]  ? __fget_files+0x2a/0x420
[ 1208.190023][T23786]  ? __fget_files+0x2a/0x420
[ 1208.190048][T23786]  ? __fget_files+0x3a6/0x420
[ 1208.190071][T23786]  ? __fget_files+0x2a/0x420
[ 1208.190102][T23786]  security_file_ioctl+0xc3/0x2a0
[ 1208.190125][T23786]  __se_sys_ioctl+0x47/0x170
[ 1208.190157][T23786]  do_syscall_64+0x14d/0xf80
[ 1208.190184][T23786]  ? trace_irq_disable+0x3b/0x150
[ 1208.190205][T23786]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1208.190225][T23786]  ? clear_bhb_loop+0x40/0x90
[ 1208.190248][T23786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1208.190268][T23786] RIP: 0033:0x7f93da0ec799
[ 1208.190289][T23786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1208.190306][T23786] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1208.190329][T23786] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1208.190344][T23786] RDX: 0000000000000001 RSI: 0000000000005425 RDI: 0000000000000003
[ 1208.190358][T23786] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1208.190372][T23786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1208.190385][T23786] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1208.190421][T23786]  </TASK>
[ 1208.190527][T23786] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1208.446212][ T5808] Bluetooth: hci7: command tx timeout
[ 1209.253257][T23808] FAULT_INJECTION: forcing a failure.
[ 1209.253257][T23808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1209.253294][T23808] CPU: 0 UID: 0 PID: 23808 Comm: syz.6.5893 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1209.253320][T23808] Tainted: [L]=SOFTLOCKUP
[ 1209.253327][T23808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1209.253337][T23808] Call Trace:
[ 1209.253344][T23808]  <TASK>
[ 1209.253352][T23808]  dump_stack_lvl+0xe8/0x150
[ 1209.253383][T23808]  should_fail_ex+0x46b/0x600
[ 1209.253410][T23808]  _copy_from_user+0x2d/0xb0
[ 1209.253435][T23808]  ___sys_sendmsg+0x1c6/0x360
[ 1209.253460][T23808]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1209.253512][T23808]  ? __fget_files+0x2a/0x420
[ 1209.253533][T23808]  ? __fget_files+0x3a6/0x420
[ 1209.253563][T23808]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1209.253585][T23808]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1209.253611][T23808]  ? __pfx_ksys_write+0x10/0x10
[ 1209.253647][T23808]  do_syscall_64+0x14d/0xf80
[ 1209.253672][T23808]  ? trace_irq_disable+0x3b/0x150
[ 1209.253691][T23808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.253708][T23808]  ? clear_bhb_loop+0x40/0x90
[ 1209.253729][T23808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.253745][T23808] RIP: 0033:0x7f643e87c799
[ 1209.253763][T23808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1209.253778][T23808] RSP: 002b:00007f643cad6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1209.253797][T23808] RAX: ffffffffffffffda RBX: 00007f643eaf5fa0 RCX: 00007f643e87c799
[ 1209.253810][T23808] RDX: 0000000000008800 RSI: 0000200000000240 RDI: 0000000000000003
[ 1209.253832][T23808] RBP: 00007f643cad6090 R08: 0000000000000000 R09: 0000000000000000
[ 1209.253842][T23808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1209.253852][T23808] R13: 00007f643eaf6038 R14: 00007f643eaf5fa0 R15: 00007ffcbc93eff8
[ 1209.253881][T23808]  </TASK>
[ 1209.376055][   T10] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[ 1209.486073][ T5808] Bluetooth: hci6: command tx timeout
[ 1209.526089][   T10] usb 10-1: Using ep0 maxpacket: 16
[ 1209.528448][   T10] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1209.528526][   T10] usb 10-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1209.528550][   T10] usb 10-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1209.528573][   T10] usb 10-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1209.528595][   T10] usb 10-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1209.528618][   T10] usb 10-1: config 1 interface 0 has no altsetting 0
[ 1209.528651][   T10] usb 10-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1209.528674][   T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1209.543394][   T10] ums-sddr09 10-1:1.0: USB Mass Storage device detected
[ 1209.812548][ T1291] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1210.320718][T23697] team0: Port device team_slave_0 added
[ 1210.526007][ T5808] Bluetooth: hci7: command tx timeout
[ 1210.551414][T23697] team0: Port device team_slave_1 added
[ 1210.595750][T23833] FAULT_INJECTION: forcing a failure.
[ 1210.595750][T23833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1210.595792][T23833] CPU: 1 UID: 0 PID: 23833 Comm: syz.8.5900 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1210.595823][T23833] Tainted: [L]=SOFTLOCKUP
[ 1210.595830][T23833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1210.595848][T23833] Call Trace:
[ 1210.595857][T23833]  <TASK>
[ 1210.595866][T23833]  dump_stack_lvl+0xe8/0x150
[ 1210.595902][T23833]  should_fail_ex+0x46b/0x600
[ 1210.595934][T23833]  _copy_from_user+0x2d/0xb0
[ 1210.595964][T23833]  ___sys_sendmsg+0x1c6/0x360
[ 1210.595994][T23833]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1210.596051][T23833]  ? __fget_files+0x2a/0x420
[ 1210.596076][T23833]  ? __fget_files+0x3a6/0x420
[ 1210.596111][T23833]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1210.596137][T23833]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1210.596169][T23833]  ? __pfx_ksys_write+0x10/0x10
[ 1210.596213][T23833]  do_syscall_64+0x14d/0xf80
[ 1210.596244][T23833]  ? trace_irq_disable+0x3b/0x150
[ 1210.596269][T23833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1210.596292][T23833]  ? clear_bhb_loop+0x40/0x90
[ 1210.596319][T23833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1210.596341][T23833] RIP: 0033:0x7f93da0ec799
[ 1210.596362][T23833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1210.596381][T23833] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1210.596405][T23833] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1210.596421][T23833] RDX: 0000000000040000 RSI: 0000200000000180 RDI: 0000000000000004
[ 1210.596435][T23833] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1210.596447][T23833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1210.596460][T23833] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1210.596496][T23833]  </TASK>
[ 1210.778528][   T10] ums-sddr09 10-1:1.0: probe with driver ums-sddr09 failed with error -22
[ 1210.847016][   T10] usb 10-1: USB disconnect, device number 15
[ 1211.624150][ T1291] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1211.676047][T14778] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1211.711060][T23697] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1211.711079][T23697] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1211.711110][T23697] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1212.057380][T23697] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1212.057401][T23697] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1212.057431][T23697] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1212.946006][ T5808] Bluetooth: hci7: command tx timeout
[ 1212.959210][T14778] usb 7-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1212.959274][T14778] usb 7-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 1212.959301][T14778] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1212.973827][T14778] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 1213.645761][ T1291] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1213.702051][T23886] FAULT_INJECTION: forcing a failure.
[ 1213.702051][T23886] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1213.702093][T23886] CPU: 1 UID: 0 PID: 23886 Comm: syz.8.5914 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1213.702123][T23886] Tainted: [L]=SOFTLOCKUP
[ 1213.702131][T23886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1213.702146][T23886] Call Trace:
[ 1213.702155][T23886]  <TASK>
[ 1213.702165][T23886]  dump_stack_lvl+0xe8/0x150
[ 1213.702200][T23886]  should_fail_ex+0x46b/0x600
[ 1213.702234][T23886]  _copy_from_user+0x2d/0xb0
[ 1213.702278][T23886]  core_sys_select+0x57a/0xc30
[ 1213.702323][T23886]  ? __pfx_core_sys_select+0x10/0x10
[ 1213.702375][T23886]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1213.702402][T23886]  ? kmem_cache_free+0x185/0x6b0
[ 1213.702421][T23886]  ? do_sys_openat2+0x14c/0x200
[ 1213.702457][T23886]  __se_sys_pselect6+0x267/0x320
[ 1213.702499][T23886]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1213.702525][T23886]  ? __pfx_ksys_write+0x10/0x10
[ 1213.702562][T23886]  ? __x64_sys_pselect6+0x21/0xf0
[ 1213.702590][T23886]  do_syscall_64+0x14d/0xf80
[ 1213.702621][T23886]  ? trace_irq_disable+0x3b/0x150
[ 1213.702646][T23886]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.702669][T23886]  ? clear_bhb_loop+0x40/0x90
[ 1213.702697][T23886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.702718][T23886] RIP: 0033:0x7f93da0ec799
[ 1213.702739][T23886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1213.702757][T23886] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1213.702781][T23886] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1213.702798][T23886] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[ 1213.702813][T23886] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1213.702827][T23886] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[ 1213.702842][T23886] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1213.702878][T23886]  </TASK>
[ 1213.902647][T23697] hsr_slave_0: entered promiscuous mode
[ 1213.904187][T23697] hsr_slave_1: entered promiscuous mode
[ 1213.905250][T23697] debugfs: 'hsr0' already exists in 'hsr'
[ 1213.905275][T23697] Cannot create hsr debugfs directory
[ 1214.224768][T14778] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[ 1214.224793][T14778] stv0680 7-1:4.0: STV(e): camera ping failed!!
[ 1214.225202][T14778] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[ 1214.225218][T14778] stv0680 7-1:4.0: last error: 0,  command = 0x0
[ 1214.231144][T14778] usb 7-1: USB disconnect, device number 18
[ 1214.510090][ T1291] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1215.006092][ T5808] Bluetooth: hci7: command tx timeout
[ 1215.118948][T20412] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1215.262370][T23904] FAULT_INJECTION: forcing a failure.
[ 1215.262370][T23904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1215.262408][T23904] CPU: 0 UID: 0 PID: 23904 Comm: syz.9.5921 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1215.262449][T23904] Tainted: [L]=SOFTLOCKUP
[ 1215.262457][T23904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1215.262469][T23904] Call Trace:
[ 1215.262478][T23904]  <TASK>
[ 1215.262487][T23904]  dump_stack_lvl+0xe8/0x150
[ 1215.262523][T23904]  should_fail_ex+0x46b/0x600
[ 1215.262552][T23904]  _copy_from_user+0x2d/0xb0
[ 1215.262582][T23904]  mptcp_setsockopt+0x1887/0x36f0
[ 1215.262613][T23904]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1215.262646][T23904]  ? __pfx_mptcp_setsockopt+0x10/0x10
[ 1215.262681][T23904]  ? __fget_files+0x2a/0x420
[ 1215.262711][T23904]  ? sock_common_setsockopt+0x36/0xc0
[ 1215.262739][T23904]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1215.262770][T23904]  do_sock_setsockopt+0x17c/0x1b0
[ 1215.262808][T23904]  __x64_sys_setsockopt+0x143/0x1b0
[ 1215.262847][T23904]  do_syscall_64+0x14d/0xf80
[ 1215.262878][T23904]  ? trace_irq_disable+0x3b/0x150
[ 1215.262903][T23904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.262926][T23904]  ? clear_bhb_loop+0x40/0x90
[ 1215.262953][T23904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.262975][T23904] RIP: 0033:0x7f30d5cdc799
[ 1215.262996][T23904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1215.263014][T23904] RSP: 002b:00007f30d3f36028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1215.263038][T23904] RAX: ffffffffffffffda RBX: 00007f30d5f55fa0 RCX: 00007f30d5cdc799
[ 1215.263054][T23904] RDX: 0000000000000019 RSI: 0000000000000006 RDI: 0000000000000003
[ 1215.263068][T23904] RBP: 00007f30d3f36090 R08: 0000000000000004 R09: 0000000000000000
[ 1215.263081][T23904] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[ 1215.263095][T23904] R13: 00007f30d5f56038 R14: 00007f30d5f55fa0 R15: 00007ffc56a04468
[ 1215.263130][T23904]  </TASK>
[ 1215.279881][T20412] usb 7-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1215.279942][T20412] usb 7-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 1215.279965][T20412] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1215.570975][T20412] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 1215.606550][T23756] chnl_net:caif_netlink_parms(): no params data found
[ 1215.710481][T23913] FAULT_INJECTION: forcing a failure.
[ 1215.710481][T23913] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1215.710520][T23913] CPU: 0 UID: 0 PID: 23913 Comm: syz.8.5923 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1215.710549][T23913] Tainted: [L]=SOFTLOCKUP
[ 1215.710557][T23913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1215.710569][T23913] Call Trace:
[ 1215.710578][T23913]  <TASK>
[ 1215.710588][T23913]  dump_stack_lvl+0xe8/0x150
[ 1215.710624][T23913]  should_fail_ex+0x46b/0x600
[ 1215.710658][T23913]  _copy_from_user+0x2d/0xb0
[ 1215.710689][T23913]  __sys_connect+0x156/0x450
[ 1215.710726][T23913]  ? __pfx___sys_connect+0x10/0x10
[ 1215.710769][T23913]  ? __pfx_ksys_write+0x10/0x10
[ 1215.710810][T23913]  __x64_sys_connect+0x7a/0x90
[ 1215.710841][T23913]  do_syscall_64+0x14d/0xf80
[ 1215.710871][T23913]  ? trace_irq_disable+0x3b/0x150
[ 1215.710895][T23913]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.710916][T23913]  ? clear_bhb_loop+0x40/0x90
[ 1215.710943][T23913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.710964][T23913] RIP: 0033:0x7f93da0ec799
[ 1215.710985][T23913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1215.711004][T23913] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1215.711028][T23913] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1215.711045][T23913] RDX: 0000000000000048 RSI: 0000200000000300 RDI: 0000000000000005
[ 1215.711060][T23913] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1215.711075][T23913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1215.711088][T23913] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1215.711123][T23913]  </TASK>
[ 1215.876058][T14778] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[ 1216.032142][T14778] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1216.032177][T14778] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1216.032199][T14778] usb 10-1: Product: syz
[ 1216.032214][T14778] usb 10-1: Manufacturer: syz
[ 1216.032229][T14778] usb 10-1: SerialNumber: syz
[ 1216.121278][T14778] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1216.172605][   T10] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1216.628376][   T37] kauditd_printk_skb: 21 callbacks suppressed
[ 1216.628397][   T37] audit: type=1326 audit(1773965029.650:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.628450][   T37] audit: type=1326 audit(1773965029.650:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.628496][   T37] audit: type=1326 audit(1773965029.650:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.628540][   T37] audit: type=1326 audit(1773965029.650:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.628586][   T37] audit: type=1326 audit(1773965029.650:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.628643][   T37] audit: type=1326 audit(1773965029.650:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.628688][   T37] audit: type=1326 audit(1773965029.650:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.628740][   T37] audit: type=1326 audit(1773965029.650:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d5cdc799 code=0x7ffc0000
[ 1216.871133][T21571] usb 10-1: USB disconnect, device number 16
[ 1216.897812][   T37] audit: type=1326 audit(1773965029.850:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f30d5c9cfce code=0x7ffc0000
[ 1216.998926][   T37] audit: type=1326 audit(1773965030.060:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23906 comm="syz.9.5922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f30d5c9cfce code=0x7ffc0000
[ 1217.082544][T23697] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1217.306304][T20412] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[ 1217.306331][T20412] stv0680 7-1:4.0: STV(e): camera ping failed!!
[ 1217.306776][T20412] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[ 1217.306797][T20412] stv0680 7-1:4.0: last error: 0,  command = 0x0
[ 1217.322185][T20412] usb 7-1: USB disconnect, device number 19
[ 1217.336165][   T10] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive
[ 1217.336361][   T10] ath9k_htc: Failed to initialize the device
[ 1217.376040][T21571] usb 10-1: ath9k_htc: USB layer deinitialized
[ 1217.558875][T23697] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1217.642965][ T1291] bridge_slave_1: left allmulticast mode
[ 1217.642999][ T1291] bridge_slave_1: left promiscuous mode
[ 1217.643298][ T1291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1217.741823][ T1291] bridge_slave_0: left allmulticast mode
[ 1217.741857][ T1291] bridge_slave_0: left promiscuous mode
[ 1217.742158][ T1291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1218.106061][   T10] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1218.877847][T23956] netlink: 256 bytes leftover after parsing attributes in process `syz.6.5932'.
[ 1219.229384][T21546] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 1219.388640][T21546] usb 7-1: config index 0 descriptor too short (expected 45, got 25)
[ 1219.388661][T21546] usb 7-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[ 1219.388695][T21546] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1219.392586][T21546] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1219.392606][T21546] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1219.392618][T21546] usb 7-1: Product: syz
[ 1219.392627][T21546] usb 7-1: Manufacturer: syz
[ 1219.392636][T21546] usb 7-1: SerialNumber: syz
[ 1219.546969][ T1291] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1219.629295][ T1291] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1219.674440][ T1291] bond0 (unregistering): Released all slaves
[ 1219.726791][T23756] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1219.727000][T23756] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1219.727665][T23756] bridge_slave_0: entered allmulticast mode
[ 1219.766962][T23756] bridge_slave_0: entered promiscuous mode
[ 1220.138307][T23697] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1220.315810][T23756] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1220.317482][T23756] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1220.317757][T23756] bridge_slave_1: entered allmulticast mode
[ 1220.320657][T23756] bridge_slave_1: entered promiscuous mode
[ 1220.521572][T23974] FAULT_INJECTION: forcing a failure.
[ 1220.521572][T23974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1220.521636][T23974] CPU: 1 UID: 0 PID: 23974 Comm: syz.8.5938 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1220.521666][T23974] Tainted: [L]=SOFTLOCKUP
[ 1220.521674][T23974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1220.521687][T23974] Call Trace:
[ 1220.521696][T23974]  <TASK>
[ 1220.521706][T23974]  dump_stack_lvl+0xe8/0x150
[ 1220.521744][T23974]  should_fail_ex+0x46b/0x600
[ 1220.521777][T23974]  _copy_from_user+0x2d/0xb0
[ 1220.521810][T23974]  ___sys_sendmsg+0x1c6/0x360
[ 1220.521840][T23974]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1220.521901][T23974]  ? __fget_files+0x2a/0x420
[ 1220.521933][T23974]  ? __fget_files+0x3a6/0x420
[ 1220.521972][T23974]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1220.521998][T23974]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1220.522030][T23974]  ? __pfx_ksys_write+0x10/0x10
[ 1220.522076][T23974]  do_syscall_64+0x14d/0xf80
[ 1220.522106][T23974]  ? trace_irq_disable+0x3b/0x150
[ 1220.522132][T23974]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.522154][T23974]  ? clear_bhb_loop+0x40/0x90
[ 1220.522181][T23974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.522203][T23974] RIP: 0033:0x7f93da0ec799
[ 1220.522224][T23974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1220.522243][T23974] RSP: 002b:00007f93d8325028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1220.522267][T23974] RAX: ffffffffffffffda RBX: 00007f93da366090 RCX: 00007f93da0ec799
[ 1220.522283][T23974] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1220.522296][T23974] RBP: 00007f93d8325090 R08: 0000000000000000 R09: 0000000000000000
[ 1220.522309][T23974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1220.522322][T23974] R13: 00007f93da366128 R14: 00007f93da366090 R15: 00007ffebc244288
[ 1220.522359][T23974]  </TASK>
[ 1220.606138][T14778] usb 10-1: new full-speed USB device number 17 using dummy_hcd
[ 1220.696060][ T5802] Bluetooth: hci5: command 0x0406 tx timeout
[ 1220.761628][T14778] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1220.761660][T14778] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1220.761683][T14778] usb 10-1: config 1 has no interface number 0
[ 1220.761861][T14778] usb 10-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1220.780069][T14778] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1220.780101][T14778] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1220.780121][T14778] usb 10-1: Product: syz
[ 1220.780135][T14778] usb 10-1: Manufacturer: syz
[ 1220.780148][T14778] usb 10-1: SerialNumber: syz
[ 1220.825154][T14778] cdc_ncm 10-1:1.1: NCM or ECM functional descriptors missing
[ 1220.825207][T14778] cdc_ncm 10-1:1.1: bind() failure
[ 1221.301588][T23697] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1221.374721][T23756] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1221.654533][T23993] FAULT_INJECTION: forcing a failure.
[ 1221.654533][T23993] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1221.654573][T23993] CPU: 0 UID: 0 PID: 23993 Comm: syz.8.5947 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1221.654603][T23993] Tainted: [L]=SOFTLOCKUP
[ 1221.654611][T23993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1221.654623][T23993] Call Trace:
[ 1221.654633][T23993]  <TASK>
[ 1221.654642][T23993]  dump_stack_lvl+0xe8/0x150
[ 1221.654679][T23993]  should_fail_ex+0x46b/0x600
[ 1221.654714][T23993]  _copy_to_user+0x31/0xb0
[ 1221.654747][T23993]  usbdev_read+0x229/0x750
[ 1221.654775][T23993]  ? kstrtouint+0x6e/0xe0
[ 1221.654805][T23993]  ? __asan_memset+0x22/0x50
[ 1221.654832][T23993]  ? __import_iovec+0x40e/0x7e0
[ 1221.654863][T23993]  ? __pfx_usbdev_read+0x10/0x10
[ 1221.654897][T23993]  ? rw_verify_area+0x2ac/0x4e0
[ 1221.654931][T23993]  vfs_readv+0x597/0x850
[ 1221.654958][T23993]  ? __pfx_usbdev_read+0x10/0x10
[ 1221.654988][T23993]  ? __pfx_vfs_readv+0x10/0x10
[ 1221.655028][T23993]  ? __fget_files+0x2a/0x420
[ 1221.655060][T23993]  ? __fget_files+0x3a6/0x420
[ 1221.655085][T23993]  ? __fget_files+0x2a/0x420
[ 1221.655122][T23993]  do_readv+0x15a/0x2e0
[ 1221.655150][T23993]  ? __pfx_do_readv+0x10/0x10
[ 1221.655184][T23993]  do_syscall_64+0x14d/0xf80
[ 1221.655215][T23993]  ? trace_irq_disable+0x3b/0x150
[ 1221.655240][T23993]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1221.655261][T23993]  ? clear_bhb_loop+0x40/0x90
[ 1221.655294][T23993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1221.655323][T23993] RIP: 0033:0x7f93da0ec799
[ 1221.655346][T23993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1221.655366][T23993] RSP: 002b:00007f93d8346028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 1221.655390][T23993] RAX: ffffffffffffffda RBX: 00007f93da365fa0 RCX: 00007f93da0ec799
[ 1221.655407][T23993] RDX: 0000000000000002 RSI: 0000200000000240 RDI: 0000000000000003
[ 1221.655421][T23993] RBP: 00007f93d8346090 R08: 0000000000000000 R09: 0000000000000000
[ 1221.655435][T23993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1221.655449][T23993] R13: 00007f93da366038 R14: 00007f93da365fa0 R15: 00007ffebc244288
[ 1221.655484][T23993]  </TASK>
[ 1221.747008][T23756] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1221.937473][T23756] team0: Port device team_slave_0 added
[ 1221.980846][T23756] team0: Port device team_slave_1 added
[ 1222.160588][T21546] usb 7-1: USB disconnect, device number 20
[ 1223.019274][T23756] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1223.019305][T23756] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1223.019335][T23756] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1223.227164][ T1291] hsr_slave_0: left promiscuous mode
[ 1223.266847][ T1291] hsr_slave_1: left promiscuous mode
[ 1223.268244][ T1291] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1223.268274][ T1291] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1223.337348][ T1291] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1223.337381][ T1291] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1223.366905][T20412] usb 10-1: USB disconnect, device number 17
[ 1223.500489][T24032] FAULT_INJECTION: forcing a failure.
[ 1223.500489][T24032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1223.500529][T24032] CPU: 0 UID: 0 PID: 24032 Comm: syz.9.5957 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1223.500591][T24032] Tainted: [L]=SOFTLOCKUP
[ 1223.500599][T24032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1223.500613][T24032] Call Trace:
[ 1223.500621][T24032]  <TASK>
[ 1223.500632][T24032]  dump_stack_lvl+0xe8/0x150
[ 1223.500670][T24032]  should_fail_ex+0x46b/0x600
[ 1223.500704][T24032]  _copy_from_user+0x2d/0xb0
[ 1223.500737][T24032]  ___sys_recvmsg+0x175/0x590
[ 1223.500767][T24032]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1223.500818][T24032]  ? __fget_files+0x3a6/0x420
[ 1223.500856][T24032]  do_recvmmsg+0x33a/0x800
[ 1223.500887][T24032]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1223.500921][T24032]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 1223.500964][T24032]  __x64_sys_recvmmsg+0x198/0x250
[ 1223.500991][T24032]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1223.501029][T24032]  do_syscall_64+0x14d/0xf80
[ 1223.501059][T24032]  ? trace_irq_disable+0x3b/0x150
[ 1223.501085][T24032]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.501109][T24032]  ? clear_bhb_loop+0x40/0x90
[ 1223.501136][T24032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.501157][T24032] RIP: 0033:0x7f30d5cdc799
[ 1223.501178][T24032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1223.501198][T24032] RSP: 002b:00007f30d3f36028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1223.501221][T24032] RAX: ffffffffffffffda RBX: 00007f30d5f55fa0 RCX: 00007f30d5cdc799
[ 1223.501238][T24032] RDX: 040000000000012d RSI: 0000200000000080 RDI: 0000000000000003
[ 1223.501253][T24032] RBP: 00007f30d3f36090 R08: 0000000000000000 R09: 0000000000000000
[ 1223.501267][T24032] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[ 1223.501280][T24032] R13: 00007f30d5f56038 R14: 00007f30d5f55fa0 R15: 00007ffc56a04468
[ 1223.501313][T24032]  </TASK>
[ 1223.587747][ T1291] veth1_macvtap: left promiscuous mode
[ 1223.590205][ T1291] veth0_macvtap: left promiscuous mode
[ 1224.206008][   T10] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1224.367888][   T10] usb 7-1: Using ep0 maxpacket: 32
[ 1224.371629][   T10] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1224.373186][   T10] usb 7-1: config 6 has an invalid interface number: 118 but max is 0
[ 1224.373214][   T10] usb 7-1: config 6 has no interface number 0
[ 1224.373247][   T10] usb 7-1: config 6 interface 118 has no altsetting 0
[ 1224.380972][   T10] usb 7-1: New USB device found, idVendor=093a, idProduct=050f, bcdDevice=89.62
[ 1224.381002][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1224.381022][   T10] usb 7-1: Product: syz
[ 1224.381037][   T10] usb 7-1: Manufacturer: 묍욁㬓쾽⣛䑲ేꁫ﮲죽琵깚㽤諴눶幺몙躯䚆ᡜ₴㮞덱뮩滃锖쒉ꔓ䮎ᷲ৥嵪꫰ﮦ௱튰똙兡誀ꉟ鑒죉݃핢勏穯䣞㍫靕㽡踥ﺊ흾냸浪瓛
[ 1224.381060][   T10] usb 7-1: SerialNumber: syz
[ 1225.790756][ T1291] team0 (unregistering): Port device team_slave_1 removed
[ 1225.881085][ T1291] team0 (unregistering): Port device team_slave_0 removed
[ 1226.556192][ T5885] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1226.668651][T23756] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1226.668731][T23756] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1226.668762][T23756] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1226.746096][ T5885] usb 9-1: Using ep0 maxpacket: 16
[ 1226.749982][ T5885] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1226.762169][   T10] gspca_main: mars-2.14.0 probing 093a:050f
[ 1226.783817][ T5885] usb 9-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[ 1226.783851][ T5885] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1226.783873][ T5885] usb 9-1: Product: syz
[ 1226.783889][ T5885] usb 9-1: Manufacturer: syz
[ 1226.783904][ T5885] usb 9-1: SerialNumber: syz
[ 1226.794061][   T10] usb 7-1: USB disconnect, device number 21
[ 1226.891006][ T5885] usb 9-1: config 0 descriptor??
[ 1227.102884][T24073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1227.103502][T24073] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1227.134114][T21546] usb 9-1: USB disconnect, device number 22
[ 1227.401557][T23756] hsr_slave_0: entered promiscuous mode
[ 1227.403423][T23756] hsr_slave_1: entered promiscuous mode
[ 1227.404662][T23756] debugfs: 'hsr0' already exists in 'hsr'
[ 1227.404689][T23756] Cannot create hsr debugfs directory
[ 1227.583895][T24082] netlink: 'syz.6.5975': attribute type 10 has an invalid length.
[ 1228.011586][T24082] veth0_macvtap: left promiscuous mode
[ 1229.219633][T23697] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1229.466319][T24100] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5980'.
[ 1229.599008][T24108] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5980'.
[ 1229.661969][T23697] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1229.849151][T23697] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1229.918535][   T10] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 1229.921989][T23697] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1230.066049][   T10] usb 7-1: Using ep0 maxpacket: 32
[ 1230.070025][   T10] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1230.070061][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1230.070077][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1230.072933][   T10] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[ 1230.072965][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1230.072985][   T10] usb 7-1: Product: syz
[ 1230.072998][   T10] usb 7-1: Manufacturer: syz
[ 1230.073006][   T10] usb 7-1: SerialNumber: syz
[ 1230.083943][   T10] usb 7-1: config 0 descriptor??
[ 1230.110562][T24096] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1230.148528][   T10] hub 7-1:0.0: bad descriptor, ignoring hub
[ 1230.148568][   T10] hub 7-1:0.0: probe with driver hub failed with error -5
[ 1230.154502][   T10] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input49
[ 1230.353169][    C0] usbtouchscreen 7-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[ 1230.353171][T21301] usb 7-1: USB disconnect, device number 22
[ 1231.365073][ T1291] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.922028][ T1291] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.346533][ T1291] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.743703][ T1291] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.832502][T23697] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1232.894709][T23697] 8021q: adding VLAN 0 to HW filter on device team0
[ 1232.909028][ T1304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1232.909178][ T1304] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1232.959688][ T1304] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1232.960346][ T1304] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1233.449861][T23756] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1233.495437][T23756] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1233.534237][ T1291] bridge_slave_1: left allmulticast mode
[ 1233.534282][ T1291] bridge_slave_1: left promiscuous mode
[ 1233.534551][ T1291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1233.627109][ T1291] bridge_slave_0: left allmulticast mode
[ 1233.627133][ T1291] bridge_slave_0: left promiscuous mode
[ 1233.627342][ T1291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1233.887868][   T38] INFO: task syz.4.5431:21966 blocked for more than 143 seconds.
[ 1233.887900][   T38]       Tainted: G             L      syzkaller #0
[ 1233.887913][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1233.887924][   T38] task:syz.4.5431      state:D stack:24832 pid:21966 tgid:21966 ppid:21091  task_flags:0x400040 flags:0x00080002
[ 1233.887994][   T38] Call Trace:
[ 1233.888003][   T38]  <TASK>
[ 1233.888019][   T38]  __schedule+0x1553/0x5240
[ 1233.888062][   T38]  ? __lock_acquire+0x6b5/0x2cf0
[ 1233.888088][   T38]  ? __lock_acquire+0x6b5/0x2cf0
[ 1233.888112][   T38]  ? rcu_is_watching+0x15/0xb0
[ 1233.888146][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.888174][   T38]  ? __pfx___schedule+0x10/0x10
[ 1233.888210][   T38]  ? schedule+0x90/0x360
[ 1233.888243][   T38]  schedule+0x164/0x360
[ 1233.888271][   T38]  schedule_timeout+0xc3/0x2c0
[ 1233.888295][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1233.888318][   T38]  ? futex_unqueue+0x22/0x240
[ 1233.888350][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[ 1233.888381][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.888453][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1233.888489][   T38]  ? wait_for_completion+0x274/0x5e0
[ 1233.888521][   T38]  wait_for_completion+0x2cc/0x5e0
[ 1233.888576][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[ 1233.888608][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.888648][   T38]  restrict_one_thread_callback+0x320/0x570
[ 1233.888685][   T38]  task_work_run+0x1d9/0x270
[ 1233.888715][   T38]  ? __pfx_task_work_run+0x10/0x10
[ 1233.888741][   T38]  ? __pfx_futex_wait+0x10/0x10
[ 1233.888771][   T38]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1233.888799][   T38]  get_signal+0x11c3/0x1310
[ 1233.888835][   T38]  ? do_futex+0x333/0x420
[ 1233.888865][   T38]  arch_do_signal_or_restart+0xbc/0x830
[ 1233.888891][   T38]  ? read_tsc+0x9/0x20
[ 1233.888908][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1233.888936][   T38]  exit_to_user_mode_loop+0x86/0x480
[ 1233.888954][   T38]  ? rcu_is_watching+0x15/0xb0
[ 1233.888970][   T38]  do_syscall_64+0x32d/0xf80
[ 1233.888988][   T38]  ? trace_irq_disable+0x3b/0x150
[ 1233.889002][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.889016][   T38]  ? clear_bhb_loop+0x40/0x90
[ 1233.889031][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.889044][   T38] RIP: 0033:0x7fa36638c799
[ 1233.889057][   T38] RSP: 002b:00007ffc571ba678 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1233.889072][   T38] RAX: fffffffffffffdfc RBX: 00000000001080e3 RCX: 00007fa36638c799
[ 1233.889082][   T38] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa36660618c
[ 1233.889091][   T38] RBP: 0000000000000032 R08: 3fffffffffffffff R09: 0000000000000000
[ 1233.889099][   T38] R10: 00007ffc571ba780 R11: 0000000000000246 R12: 00007ffc571ba7a0
[ 1233.889108][   T38] R13: 00007fa36660618c R14: 0000000000108115 R15: 00007ffc571ba780
[ 1233.889128][   T38]  </TASK>
[ 1233.889134][   T38] INFO: task syz.4.5431:21967 blocked for more than 143 seconds.
[ 1233.889146][   T38]       Tainted: G             L      syzkaller #0
[ 1233.889153][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1233.889159][   T38] task:syz.4.5431      state:D stack:26208 pid:21967 tgid:21966 ppid:21091  task_flags:0x400040 flags:0x00080002
[ 1233.889191][   T38] Call Trace:
[ 1233.889196][   T38]  <TASK>
[ 1233.889203][   T38]  __schedule+0x1553/0x5240
[ 1233.889226][   T38]  ? __lock_acquire+0x6b5/0x2cf0
[ 1233.889249][   T38]  ? __lock_acquire+0x6b5/0x2cf0
[ 1233.889261][   T38]  ? __pfx___schedule+0x10/0x10
[ 1233.889283][   T38]  ? schedule+0x90/0x360
[ 1233.889302][   T38]  schedule+0x164/0x360
[ 1233.889320][   T38]  schedule_timeout+0xc3/0x2c0
[ 1233.889337][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[ 1233.889354][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.889377][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1233.889394][   T38]  ? wait_for_completion+0x274/0x5e0
[ 1233.889412][   T38]  wait_for_completion+0x2cc/0x5e0
[ 1233.889437][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[ 1233.889455][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.889486][   T38]  restrict_one_thread_callback+0x320/0x570
[ 1233.889505][   T38]  task_work_run+0x1d9/0x270
[ 1233.889522][   T38]  ? __pfx_task_work_run+0x10/0x10
[ 1233.889535][   T38]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1233.889554][   T38]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1233.889568][   T38]  ? rt_spin_lock+0x1e0/0x400
[ 1233.889585][   T38]  get_signal+0x11c3/0x1310
[ 1233.889606][   T38]  ? rt_spin_unlock+0x160/0x200
[ 1233.889626][   T38]  arch_do_signal_or_restart+0xbc/0x830
[ 1233.889644][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1233.889670][   T38]  exit_to_user_mode_loop+0x86/0x480
[ 1233.889688][   T38]  ? rcu_is_watching+0x15/0xb0
[ 1233.889704][   T38]  do_syscall_64+0x32d/0xf80
[ 1233.889720][   T38]  ? trace_irq_disable+0x3b/0x150
[ 1233.889733][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.889746][   T38]  ? clear_bhb_loop+0x40/0x90
[ 1233.889761][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.889773][   T38] RIP: 0033:0x7fa36638c799
[ 1233.889784][   T38] RSP: 002b:00007fa3645de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1233.889796][   T38] RAX: fffffffffffffffc RBX: 00007fa366605fa0 RCX: 00007fa36638c799
[ 1233.889806][   T38] RDX: 0000000000000001 RSI: 0000000000005425 RDI: 0000000000000005
[ 1233.889814][   T38] RBP: 00007fa366422c99 R08: 0000000000000000 R09: 0000000000000000
[ 1233.889821][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1233.889829][   T38] R13: 00007fa366606038 R14: 00007fa366605fa0 R15: 00007ffc571ba518
[ 1233.889848][   T38]  </TASK>
[ 1233.889853][   T38] INFO: task syz.4.5431:21969 blocked for more than 143 seconds.
[ 1233.889863][   T38]       Tainted: G             L      syzkaller #0
[ 1233.889870][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1233.889875][   T38] task:syz.4.5431      state:D stack:29024 pid:21969 tgid:21966 ppid:21091  task_flags:0x400140 flags:0x00080006
[ 1233.889906][   T38] Call Trace:
[ 1233.889911][   T38]  <TASK>
[ 1233.889918][   T38]  __schedule+0x1553/0x5240
[ 1233.889938][   T38]  ? __lock_acquire+0x6b5/0x2cf0
[ 1233.889962][   T38]  ? __pfx___schedule+0x10/0x10
[ 1233.889985][   T38]  ? schedule+0x90/0x360
[ 1233.890003][   T38]  schedule+0x164/0x360
[ 1233.890020][   T38]  schedule_timeout+0xc3/0x2c0
[ 1233.890037][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.890054][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[ 1233.890070][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.890092][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1233.890109][   T38]  ? wait_for_completion+0x274/0x5e0
[ 1233.890128][   T38]  wait_for_completion+0x2cc/0x5e0
[ 1233.890152][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[ 1233.890174][   T38]  ? landlock_restrict_sibling_threads+0x25c/0x11f0
[ 1233.890194][   T38]  landlock_restrict_sibling_threads+0xe9c/0x11f0
[ 1233.890219][   T38]  ? landlock_restrict_sibling_threads+0x25c/0x11f0
[ 1233.890238][   T38]  ? __pfx_landlock_restrict_sibling_threads+0x10/0x10
[ 1233.890278][   T38]  ? landlock_put_ruleset+0x10/0xb0
[ 1233.890296][   T38]  __se_sys_landlock_restrict_self+0x540/0x810
[ 1233.890316][   T38]  do_syscall_64+0x14d/0xf80
[ 1233.890334][   T38]  ? trace_irq_disable+0x3b/0x150
[ 1233.890347][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.890360][   T38]  ? clear_bhb_loop+0x40/0x90
[ 1233.890375][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.890388][   T38] RIP: 0033:0x7fa36638c799
[ 1233.890398][   T38] RSP: 002b:00007fa3645bd028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[ 1233.890410][   T38] RAX: ffffffffffffffda RBX: 00007fa366606090 RCX: 00007fa36638c799
[ 1233.890419][   T38] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000005
[ 1233.890426][   T38] RBP: 00007fa366422c99 R08: 0000000000000000 R09: 0000000000000000
[ 1233.890434][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1233.890442][   T38] R13: 00007fa366606128 R14: 00007fa366606090 R15: 00007ffc571ba518
[ 1233.890469][   T38]  </TASK>
[ 1233.890474][   T38] INFO: task syz.4.5431:21970 blocked for more than 143 seconds.
[ 1233.890484][   T38]       Tainted: G             L      syzkaller #0
[ 1233.890490][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1233.890496][   T38] task:syz.4.5431      state:D stack:29024 pid:21970 tgid:21966 ppid:21091  task_flags:0x400140 flags:0x00080006
[ 1233.890526][   T38] Call Trace:
[ 1233.890530][   T38]  <TASK>
[ 1233.890538][   T38]  __schedule+0x1553/0x5240
[ 1233.890557][   T38]  ? __lock_acquire+0x6b5/0x2cf0
[ 1233.890573][   T38]  ? css_rstat_updated+0x23a/0x530
[ 1233.890594][   T38]  ? register_lock_class+0x31/0x2e0
[ 1233.890613][   T38]  ? __pfx___schedule+0x10/0x10
[ 1233.890635][   T38]  ? schedule+0x90/0x360
[ 1233.890654][   T38]  schedule+0x164/0x360
[ 1233.890671][   T38]  schedule_timeout+0xc3/0x2c0
[ 1233.890688][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.890704][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[ 1233.890721][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1233.890742][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1233.890759][   T38]  ? wait_for_completion+0x274/0x5e0
[ 1233.890778][   T38]  wait_for_completion+0x2cc/0x5e0
[ 1233.890802][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[ 1233.890827][   T38]  landlock_restrict_sibling_threads+0xe9c/0x11f0
[ 1233.890849][   T38]  ? landlock_restrict_sibling_threads+0x25c/0x11f0
[ 1233.890868][   T38]  ? __pfx_landlock_restrict_sibling_threads+0x10/0x10
[ 1233.890908][   T38]  ? landlock_put_ruleset+0x10/0xb0
[ 1233.890926][   T38]  __se_sys_landlock_restrict_self+0x540/0x810
[ 1233.890946][   T38]  do_syscall_64+0x14d/0xf80
[ 1233.890962][   T38]  ? trace_irq_disable+0x3b/0x150
[ 1233.890976][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.890988][   T38]  ? clear_bhb_loop+0x40/0x90
[ 1233.891003][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1233.891033][   T38] RIP: 0033:0x7fa36638c799
[ 1233.891044][   T38] RSP: 002b:00007fa36459c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[ 1233.891056][   T38] RAX: ffffffffffffffda RBX: 00007fa366606180 RCX: 00007fa36638c799
[ 1233.891065][   T38] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000005
[ 1233.891073][   T38] RBP: 00007fa366422c99 R08: 0000000000000000 R09: 0000000000000000
[ 1233.891081][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1233.891088][   T38] R13: 00007fa366606218 R14: 00007fa366606180 R15: 00007ffc571ba518
[ 1233.891108][   T38]  </TASK>
[ 1233.891128][   T38] 
[ 1233.891128][   T38] Showing all locks held in the system:
[ 1233.891135][   T38] 3 locks held by kworker/0:1/10:
[ 1233.891143][   T38]  #0: ffff888019c03938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1233.891178][   T38]  #1: ffffc900000f7c40 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1233.891211][   T38]  #2: ffffffff8f15abb8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[ 1233.891248][   T38] 1 lock held by khungtaskd/38:
[ 1233.891255][   T38]  #0: ffffffff8ddcb980 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1233.891297][   T38] 4 locks held by kworker/u8:10/1291:
[ 1233.891305][   T38]  #0: ffff88801aee1138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1233.891337][   T38]  #1: ffffc90005e17c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1233.891368][   T38]  #2: ffffffff8f14c400 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[ 1233.891401][   T38]  #3: ffffffff8f15abb8 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x940
[ 1233.891435][   T38] 3 locks held by kworker/u8:11/1304:
[ 1233.891442][   T38]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1233.891481][   T38]  #1: ffffc90005cc7c40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1233.891513][   T38]  #2: ffffffff8f15abb8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1233.891556][   T38] 1 lock held by dhcpcd/5462:
[ 1233.891563][   T38]  #0: ffffffff8f15abb8 (rtnl_mutex){+.+.}-{4:4}, at: devinet_ioctl+0x32b/0x1b30
[ 1233.891593][   T38] 2 locks held by getty/5556:
[ 1233.891600][   T38]  #0: ffff888036c770a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1233.891631][   T38]  #1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0
[ 1233.891673][   T38] 3 locks held by kworker/u8:16/22629:
[ 1233.891680][   T38]  #0: ffff888031aec138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1233.891713][   T38]  #1: ffffc9000673fc40 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1233.891745][   T38]  #2: ffffffff8f15abb8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x124/0x1680
[ 1233.891778][   T38] 1 lock held by syz-executor/23697:
[ 1233.891785][   T38]  #0: ffffffff8f15abb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8a1/0x1be0
[ 1233.891817][   T38] 1 lock held by syz-executor/23756:
[ 1233.891824][   T38]  #0: ffffffff8f15abb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8a1/0x1be0
[ 1233.891856][   T38] 
[ 1233.891859][   T38] =============================================
[ 1233.891859][   T38] 
[ 1233.891865][   T38] NMI backtrace for cpu 1
[ 1233.891877][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1233.891893][   T38] Tainted: [L]=SOFTLOCKUP
[ 1233.891898][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1233.891905][   T38] Call Trace:
[ 1233.891910][   T38]  <TASK>
[ 1233.891916][   T38]  dump_stack_lvl+0xe8/0x150
[ 1233.891934][   T38]  nmi_cpu_backtrace+0x274/0x2d0
[ 1233.891949][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1233.891967][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1233.891984][   T38]  sys_info+0x135/0x170
[ 1233.891995][   T38]  watchdog+0xfd9/0x1030
[ 1233.892013][   T38]  ? watchdog+0x21a/0x1030
[ 1233.892030][   T38]  kthread+0x388/0x470
[ 1233.892044][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1233.892057][   T38]  ? __pfx_kthread+0x10/0x10
[ 1233.892070][   T38]  ret_from_fork+0x51e/0xb90
[ 1233.892087][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1233.892102][   T38]  ? __switch_to+0xc7d/0x1450
[ 1233.892119][   T38]  ? __pfx_kthread+0x10/0x10
[ 1233.892132][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1233.892151][   T38]  </TASK>
[ 1233.892156][   T38] Sending NMI from CPU 1 to CPUs 0:
[ 1233.892200][    C0] NMI backtrace for cpu 0
[ 1233.892227][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1233.892249][    C0] Tainted: [L]=SOFTLOCKUP
[ 1233.892256][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1233.892265][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1233.892291][    C0] Code: 5e 5d 02 e9 13 c4 03 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d f3 8c 26 00 fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
[ 1233.892307][    C0] RSP: 0018:ffffffff8da07dc0 EFLAGS: 00000246
[ 1233.892322][    C0] RAX: 000000000069b42d RBX: ffffffff81996dba RCX: 0000000080000001
[ 1233.892335][    C0] RDX: 0000000000000001 RSI: ffffffff8d56122d RDI: ffffffff8ba66b00
[ 1233.892347][    C0] RBP: ffffffff8da07eb0 R08: ffff8880b8833f1b R09: 1ffff110171067e3
[ 1233.892359][    C0] R10: dffffc0000000000 R11: ffffed10171067e4 R12: ffffffff8f6a3db0
[ 1233.892372][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1b605d8
[ 1233.892383][    C0] FS:  0000000000000000(0000) GS:ffff88812633c000(0000) knlGS:0000000000000000
[ 1233.892398][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1233.892411][    C0] CR2: 00007f85197afe9c CR3: 000000000dbba000 CR4: 00000000003526f0
[ 1233.892428][    C0] DR0: 0000000000000000 DR1: 0000000000810000 DR2: 0000000000000000
[ 1233.892439][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1233.892450][    C0] Call Trace:
[ 1233.892457][    C0]  <TASK>
[ 1233.892463][    C0]  default_idle+0x9/0x20
[ 1233.892480][    C0]  default_idle_call+0x72/0xb0
[ 1233.892498][    C0]  do_idle+0x1ba/0x5d0
[ 1233.892517][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1233.892536][    C0]  ? __pfx_do_idle+0x10/0x10
[ 1233.892559][    C0]  cpu_startup_entry+0x43/0x60
[ 1233.892579][    C0]  rest_init+0x2de/0x300
[ 1233.892597][    C0]  start_kernel+0x385/0x3d0
[ 1233.892618][    C0]  x86_64_start_reservations+0x24/0x30
[ 1233.892641][    C0]  x86_64_start_kernel+0x143/0x1c0
[ 1233.892662][    C0]  common_startup_64+0x13e/0x147
[ 1233.892686][    C0]  </TASK>
[ 1233.893177][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[ 1233.893189][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1233.893206][   T38] Tainted: [L]=SOFTLOCKUP
[ 1233.893213][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1233.893220][   T38] Call Trace:
[ 1233.893225][   T38]  <TASK>
[ 1233.893231][   T38]  vpanic+0x56c/0xa60
[ 1233.893251][   T38]  ? __pfx_vpanic+0x10/0x10
[ 1233.893273][   T38]  panic+0xc5/0xd0
[ 1233.893289][   T38]  ? __pfx_panic+0x10/0x10
[ 1233.893305][   T38]  ? printk_trigger_flush+0x117/0x180
[ 1233.893322][   T38]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1233.893343][   T38]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[ 1233.893359][   T38]  watchdog+0x1023/0x1030
[ 1233.893377][   T38]  ? watchdog+0x21a/0x1030
[ 1233.893395][   T38]  kthread+0x388/0x470
[ 1233.893408][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1233.893421][   T38]  ? __pfx_kthread+0x10/0x10
[ 1233.893434][   T38]  ret_from_fork+0x51e/0xb90
[ 1233.893452][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1233.893474][   T38]  ? __switch_to+0xc7d/0x1450
[ 1233.893490][   T38]  ? __pfx_kthread+0x10/0x10
[ 1233.893503][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1233.893523][   T38]  </TASK>
[ 1233.893974][   T38] Kernel Offset: disabled