last executing test programs:

5m36.236126432s ago: executing program 1 (id=5527):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000340)=0x400000afb5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bic', 0xff3d)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x5a9801, 0x0)

5m35.129672212s ago: executing program 1 (id=5528):
keyctl$get_persistent(0x16, 0xffffffffffffffff, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x11)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @broadcast}}, 0x24)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x10022, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, &(0x7f00000000c0)={0x0, 0x0, 0x4})
sendto$packet(r3, 0x0, 0x0, 0x24000801, 0x0, 0x0)
r4 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5803, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x80003519, 0x0, 0x0, 0x0, 0x0)

5m29.452641372s ago: executing program 1 (id=5540):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0xd, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
preadv(0xffffffffffffffff, &(0x7f00000008c0)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4a, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r4, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000200)={0x28, 0x4, r4, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$IOMMU_DESTROY$stdev(r3, 0x3b80, &(0x7f0000000940)={0x8, r5})

5m27.789392326s ago: executing program 1 (id=5543):
socket$netlink(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x107b000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'streebog512\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socket(0x10, 0x803, 0x0)

5m23.499134868s ago: executing program 1 (id=5552):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

5m23.286181711s ago: executing program 1 (id=5553):
openat(0xffffffffffffff9c, 0x0, 0x2c41, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x100000, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@blksize}]}})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000780)='/sys/power/pm_freeze_timeout', 0x42, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r2 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x100, 0x14, 0x193}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000180)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)

5m8.190772284s ago: executing program 32 (id=5553):
openat(0xffffffffffffff9c, 0x0, 0x2c41, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x100000, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@blksize}]}})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000780)='/sys/power/pm_freeze_timeout', 0x42, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r2 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x100, 0x14, 0x193}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000180)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)

3m24.834987178s ago: executing program 3 (id=5967):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000680)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3m22.784071695s ago: executing program 3 (id=5971):
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xf0)
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x800)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3m21.576209791s ago: executing program 3 (id=5976):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
setresgid(0xee00, 0xee01, 0x0)
setfsgid(0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x9002}, 0x4)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000003c0), 0x85d, 0xa570756a9d43cac0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001aa40)=""/102400, 0x19000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)
socket$kcm(0x10, 0x2, 0x0)
r4 = syz_open_dev$media(&(0x7f00000000c0), 0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r5 = syz_io_uring_setup(0x3913, 0x0, 0x0, &(0x7f0000000300))
io_uring_enter(r5, 0x3c92, 0xb93d, 0x8, &(0x7f0000000440)={[0xfffffffffffffff3]}, 0x8)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f00000001c0)={{0x0, 0xffff, 0x7, 0x8, 0x331b, 0x3, 0x200000100000000, 0x100, 0x4, 0xffffffd3, 0x5, 0x1, 0xfffffffffffff609, 0xff}, 0xfffffffffffffe9b, [0x0, 0x0, 0x0, 0x0]})

3m20.508027263s ago: executing program 3 (id=5978):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
setresgid(0xee00, 0xee01, 0x0)
setfsgid(0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x9002}, 0x4)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000003c0), 0x85d, 0xa570756a9d43cac0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001aa40)=""/102400, 0x19000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)
socket$kcm(0x10, 0x2, 0x0)
r4 = syz_open_dev$media(&(0x7f00000000c0), 0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r5 = syz_io_uring_setup(0x3913, &(0x7f0000000000)={0x0, 0xb848, 0x1, 0x3, 0x114}, 0x0, &(0x7f0000000300))
io_uring_enter(r5, 0x3c92, 0xb93d, 0x8, &(0x7f0000000440)={[0xfffffffffffffff3]}, 0x8)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f00000001c0)={{0x0, 0xffff, 0x7, 0x8, 0x331b, 0x3, 0x200000100000000, 0x100, 0x4, 0xffffffd3, 0x5, 0x1, 0xfffffffffffff609, 0xff}, 0xfffffffffffffe9b, [0x0, 0x0, 0x0, 0x0]})

3m19.519191076s ago: executing program 3 (id=5979):
pipe2(&(0x7f00000000c0), 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

3m19.293998768s ago: executing program 3 (id=5980):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/uts\x00')
unshare(0x6a040000)
r0 = socket(0x8, 0x3, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x3, 0x1000}, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd, 0x1}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x3, 0x9, 0x0, 0x8c1, 0x7fffffff}, 0x0, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x6180, 0x0)
sendmmsg$alg(r0, &(0x7f0000005ec0)=[{0x0, 0x0, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="1bf1b44bbf", 0x5}], 0x2, 0x0, 0x0, 0x2006c040}], 0x1, 0x0)

3m4.229424721s ago: executing program 33 (id=5980):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/uts\x00')
unshare(0x6a040000)
r0 = socket(0x8, 0x3, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x3, 0x1000}, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd, 0x1}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x3, 0x9, 0x0, 0x8c1, 0x7fffffff}, 0x0, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x6180, 0x0)
sendmmsg$alg(r0, &(0x7f0000005ec0)=[{0x0, 0x0, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="1bf1b44bbf", 0x5}], 0x2, 0x0, 0x0, 0x2006c040}], 0x1, 0x0)

16.922501625s ago: executing program 4 (id=6866):
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
write$dsp(r2, &(0x7f0000000140)="a52876830a604014f6b5e928f38a5a7cb4b31c0c0f289e9ebb6286660300000000010000", 0x24)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0xfc, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@rand_addr=0x64010101, 0x1, 0x712, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in=@rand_addr=0x64010102, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x3f}, {0x8000000000, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x4}, {0xfffffffffffffffc, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@lastused={0xc, 0xf, 0xfffffffffffffff8}]}, 0xfc}, 0x1, 0x0, 0x0, 0x10008801}, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r7, &(0x7f0000000040)=ANY=[@ANYBLOB="20000000f1000100", @ANYRES64=r6], 0x4000)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, 0x0, 0x0)
sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x1c, r5, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}]}, 0x1c}}, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000001680))
r8 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x0, r8})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001ac0)=""/191, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000000)={0x0, r8})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)

12.54879303s ago: executing program 4 (id=6881):
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
openat$tun(0xffffffffffffff9c, 0x0, 0x200, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
msgctl$IPC_RMID(0x0, 0x0)
msgget(0x1, 0x240)
r1 = syz_open_dev$mouse(&(0x7f0000000340), 0x0, 0x8042)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x4ee59ce4, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
read$FUSE(r1, 0x0, 0x0) (fail_nth: 1)

11.920164251s ago: executing program 4 (id=6883):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc7, 0x3d, 0x8a, 0x8, 0x2770, 0x9120, 0x6c77, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0xb0, 0xe2}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000740)={0x34, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000a80)={{0x5, 0x6, 0x401, 0x7, 'syz1\x00', 0x81}, 0x1, [0x6, 0xfffffffffffffffa, 0x95, 0x7f, 0xffffffff, 0xfff, 0x7, 0xf, 0x1, 0x3, 0xfffffffffffffffd, 0x61, 0xfff, 0x100000001, 0x1, 0xc8, 0x51, 0xa5, 0x0, 0xb6, 0x8000000000000000, 0x8, 0x7, 0x4, 0x6, 0x1000000000000ff, 0x1, 0x4f51, 0x0, 0x3, 0xc, 0xbb33, 0x0, 0x63, 0x4, 0x4, 0x8, 0xffffffffffff7fff, 0x6, 0xfffffffffffffff7, 0x8, 0x0, 0x8, 0x401, 0x3, 0xc1b9, 0xffffffff, 0x8000000000000001, 0x800003, 0x0, 0x9, 0x74, 0x9, 0xcf, 0x6a44d0ea, 0xffffffffffffffff, 0x9, 0x5f2, 0xfffffffffffff2e2, 0x7, 0x6, 0xfffffffffffffffd, 0x7, 0xf0, 0x26e692ff, 0x5, 0x2, 0x2, 0x2, 0x1, 0x9, 0x1, 0xe0000000000000, 0xd, 0x81, 0x80000001, 0x7ffe, 0x6, 0x6, 0x3ff, 0xffffffffffffcc1c, 0x10000, 0xfffffffffffffffb, 0x6, 0x100000001, 0x1, 0xf, 0x7dd, 0xfffffffffffff000, 0x8d6, 0x0, 0x5, 0x4, 0xafae, 0x1, 0x8, 0x1, 0xb, 0x1, 0xffff, 0x7, 0xcc, 0x27, 0xc, 0x4000000000, 0x7, 0x5, 0x0, 0x3, 0x3, 0xaad, 0x7, 0x1, 0x8, 0xe2, 0x5, 0x6, 0xf, 0x7, 0x0, 0xa, 0x5, 0x40, 0x52a7, 0x83d0, 0xf0, 0x100000000, 0x140000000]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r5 = syz_open_dev$dri(0x0, 0x1ff, 0x0)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001500), 0x200)
unshare(0x2c020400)
r6 = socket(0x15, 0x5, 0x0)
getsockopt(r6, 0x200000000114, 0x2718, 0x0, &(0x7f0000000040))
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
munmap(&(0x7f0000ff3000/0xb000)=nil, 0xb000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
brk(0x200000ffc000)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r4, @ANYBLOB=',rootmode=0', @ANYRESDEC=r5, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20000808)
mount$fuse(0x0, 0x0, 0x0, 0x80000, 0x0)

10.435125825s ago: executing program 5 (id=6890):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xfe, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00)
write$FUSE_NOTIFY_STORE(r0, 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x440, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x80}}, 0x50)

8.998510509s ago: executing program 0 (id=6893):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
io_setup(0x1, &(0x7f0000000380)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000000)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2}]) (fail_nth: 1)

8.514428983s ago: executing program 0 (id=6894):
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
userfaultfd(0x1)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x45, 0x9, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000240)={0x14, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x0, 0x0, 0x0}]}, 0x14}], 0x1}, 0x0)

8.393678315s ago: executing program 6 (id=6896):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280), 0x3, 0x2, 0x7})
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x1, 0x15, 0x0, "89753015418ab0cb0900245518580ce0c8bf604cca41f31c108938fcfa393ef569e0bcf244bb4b23555b130900000000000000d0f08e8ad896ba67a07673defa", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee40080000027cc7d24fdc26f1a95d702020000e4b8fb1703e47463b969e4", "ca1bf5ffffffffffffff6570128218a0d22915ff6eddb10000800400", [0xc]})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dstopts_2292={{0x108, 0x29, 0x4, {0x4, 0x1d, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x9, 0x9f, [0x8]}}, @generic={0xfe, 0x6e, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e"}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @calipso={0x7, 0x30, {0x1, 0xa, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}, @generic={0x93}]}}}, @hoplimit={{0x14}}, @hopopts={{0x70, 0x29, 0x36, {0x5e, 0xa, '\x00', [@generic={0xff, 0x41, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70"}, @pad1, @pad1, @calipso={0x7, 0x8, {0x0, 0x0, 0x7, 0x6}}, @generic={0x8}]}}}], 0x1a8}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7.760825512s ago: executing program 5 (id=6898):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000019400)=@newtaction={0xd8, 0x30, 0x1, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x5}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x60, 0x2, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x20fc}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x158c, 0x2}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6, 0xfffffffd, 0x2, 0x80000001, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xd8}}, 0x8000)
socket$kcm(0x29, 0x5, 0x0)
kexec_load(0x0, 0x0, &(0x7f00000000c0), 0x0)
socket$inet(0x2, 0x2, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x3446449, &(0x7f0000000080)={[{@none}, {@clone_children}, {@subsystem='memory'}], [{@dont_hash}]})

7.004363714s ago: executing program 4 (id=6901):
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280), 0x3, 0x2, 0x7})
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x1, 0x15, 0x0, "89753015418ab0cb0900245518580ce0c8bf604cca41f31c108938fcfa393ef569e0bcf244bb4b23555b130900000000000000d0f08e8ad896ba67a07673defa", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee40080000027cc7d24fdc26f1a95d702020000e4b8fb1703e47463b969e4", "ca1bf5ffffffffffffff6570128218a0d22915ff6eddb10000800400", [0xc]})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dstopts_2292={{0x100, 0x29, 0x4, {0x4, 0x1d, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x9, 0x9f, [0x8]}}, @generic={0xfe, 0x6f, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b"}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @calipso={0x7, 0x30, {0x1, 0xa, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}]}}}, @hoplimit={{0x14}}, @hopopts={{0x70, 0x29, 0x36, {0x5e, 0xa, '\x00', [@generic={0xff, 0x41, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70"}, @pad1, @pad1, @calipso={0x7, 0x8, {0x0, 0x0, 0x7, 0x6}}, @generic={0x8}]}}}], 0x1a0}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

6.981329818s ago: executing program 0 (id=6902):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x16}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f00000000c0)="db9796e8", 0x0}, 0x50)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYRESHEX=r2], 0x5c}, 0x1, 0x0, 0x0, 0x45}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x16}, 0x80) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f00000000c0)="db9796e8", 0x0}, 0x50) (async)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYRESHEX=r2], 0x5c}, 0x1, 0x0, 0x0, 0x45}, 0x10) (async)

6.962442487s ago: executing program 6 (id=6903):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

6.750499417s ago: executing program 5 (id=6904):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x1f)

5.534886573s ago: executing program 6 (id=6905):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r4=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.957472869s ago: executing program 0 (id=6906):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005a40)=[{{&(0x7f0000000080)=@file={0x1, './file1\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4004000}}], 0x1, 0x4050)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4048aecb, &(0x7f0000000080))

4.932785783s ago: executing program 5 (id=6907):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x800)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x20000000}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.806452735s ago: executing program 2 (id=6908):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'veth0_to_batadv\x00', &(0x7f0000000300)=@ethtool_rxnfc={0x2d, 0x4, 0x5, {0xb, @ah_ip6_spec={@ipv4={'\x00', '\xff\xff', @multicast1}, @remote, 0xb, 0x3}, {0x0, @empty, 0x9, 0x401, [0x1, 0x1]}, @usr_ip4_spec={@dev={0xac, 0x14, 0x14, 0x1d}, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x1, 0x4, 0x1, 0x94}, {0x0, @local, 0x2, 0x9, [0x100, 0x10]}, 0x102}}})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
write$tun(r3, &(0x7f00000000c0)=ANY=[], 0xfdef)
r4 = getpid()
r5 = socket$kcm(0x10, 0x2, 0x10)
r6 = socket$kcm(0xa, 0x1, 0x106)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f0000000040)='cifs.spnego\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000000280)={0x11, @empty, 0x4c23, 0x1000, 'wrr\x00', 0x7, 0x8, 0x4002b}, 0x2c)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008200000018070000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)=@o_path={&(0x7f0000000340)='./file0/file0\x00', r9, 0x4000, r6}, 0x18)
openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x40100, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000140)='./file0\x00', 0x0, 0x4018, r5}, 0x18)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
timer_create(0x6, &(0x7f0000000040)={0x0, 0x38, 0x0, @tid=r4}, &(0x7f0000000080))

3.908148484s ago: executing program 5 (id=6909):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000780)=@flushpolicy={0x58, 0x1d, 0x200, 0x70bd2d, 0x25dfdbfb, "", [@algo_crypt={0x48, 0x2, {{'ctr-cast6-avx\x00'}}}]}, 0x58}, 0x1, 0x0, 0x0, 0xc0}, 0x44080)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000300)={'ip_vti0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r1=>0x0, 0x40, 0x40, 0x6, 0x8000, {{0x6, 0x4, 0x1, 0x6, 0x18, 0x67, 0x0, 0x7f, 0x2f, 0x0, @broadcast, @local, {[@noop]}}}}})
sendmmsg(r0, &(0x7f0000000dc0)=[{{&(0x7f0000000540)=@ll={0x11, 0x19, r1, 0x1, 0x4}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000600)="ded6428a5918ee0d654fa3090616448acfb51d3e1c0810335481f6f61b6298fa07f54821c6203ba0c4", 0x29}], 0x1}}], 0x1, 0x4088)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.907793557s ago: executing program 6 (id=6910):
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x14, 0x2})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, 0x0, 0x0)

3.154780933s ago: executing program 6 (id=6911):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000022cbbae0f990d1cc95e0682473b2b65cc91159bc58a3a47d65b35a3d196b4c8b1ce1051b2d17cbd4670f63338c51e39538150c27bb99496760513f1abddcbcdca7d7848b1fa82845a81b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r1, 0x5425, 0x8)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r2 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, 0x0, &(0x7f00000007c0)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0}) (async)
io_uring_enter(r2, 0x4d10, 0x2, 0x2, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
io_setup(0x3, &(0x7f0000000140))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001740)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0x10}, {0x10}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40098}, 0x0) (async)
syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
r6 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, r6)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x8000102) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r7 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r8, &(0x7f00000003c0)=[{&(0x7f0000019880)=""/102380, 0x18fec}, {0x0}, {0x0}], 0x3, 0x7, 0xffffffff) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)

3.143722195s ago: executing program 4 (id=6912):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xff, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x0, 0x13}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000040)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1, 0x99}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGREP(r1, 0x80084503, 0x0) (fail_nth: 1)
syz_usb_control_io(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)

2.886573618s ago: executing program 0 (id=6913):
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
userfaultfd(0x1)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x45, 0x9, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000240)={0x14, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x0, 0x0, 0x0}]}, 0x14}], 0x1}, 0x0)

2.813909306s ago: executing program 6 (id=6914):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xff, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x0, 0x13}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000040)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1, 0x99}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGREP(r1, 0x80084503, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r2, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x100003, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x934a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r2, 0x7b1, &(0x7f0000000080)={&(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x282, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x573, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffdfffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x92, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x1], 0x1, 0x400})
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)

2.117671415s ago: executing program 5 (id=6915):
unshare(0x6a040000)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x498144ee5f60e149, 0x0, 0x0, 0x0, 0x0, 0x0)
eventfd(0x401)
r0 = eventfd(0x7)
io_setup(0x25dc, &(0x7f0000000040)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000000280)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x100, r0, &(0x7f00000002c0)="0000100030e67b23aa", 0x9, 0x3}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0x0, r0, 0x0, 0xffffffffffffff80, 0x1000d, 0x0, 0x3, r0}])
pipe2(&(0x7f0000000040), 0x0)
epoll_create1(0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x4000000)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
sendmsg$NFNL_MSG_CTHELPER_GET(r4, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x48, 0x1, 0x9, 0x401, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x7}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xa}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0xa}]}, 0x48}, 0x1, 0x0, 0x0, 0x20044054}, 0x95)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_INFO(r5, 0x0, 0x40, &(0x7f0000000080)={'raw\x00', 0x7003, [0xa, 0x6, 0x129, 0xff, 0x8]}, &(0x7f0000000100)=0x54)

2.087660629s ago: executing program 2 (id=6916):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d7003000c0b, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETGROUP(r0, 0x400454ce, 0xee01)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) (fail_nth: 1)

1.98250061s ago: executing program 2 (id=6917):
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
writev(r0, &(0x7f0000000540)=[{&(0x7f00000005c0)="0800000014001923", 0xfff2}], 0x1) (async)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)) (async)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) (async)
syz_io_uring_setup(0x131, &(0x7f0000000600)={0x0, 0x800006, 0x2}, &(0x7f0000ffe000), 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r2) (async)
umount2(&(0x7f0000000040)='.\x00', 0x2) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r3 = getpid() (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_BURST={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x8001}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0xfffffffffffffffc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}, 0x1, 0x0, 0x0, 0x20000852}, 0x0) (async)
close(0x3) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
r7 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r7, 0xc0845657, &(0x7f00000003c0)={0x0, @bt={0xc, 0x6, 0x1, 0x2, 0x40, 0xffffffff, 0x9, 0x7, 0x17, 0x2, 0xff, 0x5, 0xb, 0xffffffff, 0x2, 0x3, {0x7, 0x80}, 0x5, 0x80}}) (async)
sched_setaffinity(0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="796100000000000000007e000000695605c7f79ed9af0c6b6822fc808d8944cd4b3444450c050a6872131b870d60b2dce9ee51ceb866ceaca0c1b75c74ce61a6c6a9ef058aa64f5d98b357158ea4783a09a99da694568ccff8585d305442ef58c7f872d16d023b7dedf2a162b6378ad6252b46051384d4ae16cffe74d0e9e4d799d605e6d941f4b1e01240472ad48b38c8840900c9cc0438837e631dacffb17b57112db481291c5a9aa843f7eb649c6b727b1ebb12236c23f4cffc32bdd81b02f63ed2745f710600c5c1e8ae64d5d8eff43a69788313f41ee30ba307a3ae1df7e3c7e1c6714b13"], 0x14}}, 0x4000054)

1.892500357s ago: executing program 0 (id=6918):
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000002700), 0x4)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
ioctl$mixer_OSS_GETVERSION(0xffffffffffffffff, 0x80086303, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='binder\x00', 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r5=>0x0}, 0x0)
lchown(&(0x7f0000000040)='./file0\x00', r4, r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bond0\x00', <r8=>0x0})
setsockopt$packet_int(r7, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
sendto$packet(r7, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x18)

1.840295887s ago: executing program 2 (id=6919):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_open_dev$loop(0x0, 0xf01c, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x1, 0x15, 0x0, "89753015418ab0cb0900245518580ce0c8bf604cca41f31c108938fcfa393ef569e0bcf244bb4b23555b130900000000000000d0f08e8ad896ba67a07673defa", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee40080000027cc7d24fdc26f1a95d702020000e4b8fb1703e47463b969e4", "ca1bf5ffffffffffffff6570128218a0d22915ff6eddb10000800400", [0xc]})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dstopts_2292={{0xf0, 0x29, 0x4, {0x4, 0x1a, '\x00', [@generic={0xfe, 0x70, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b08"}, @generic={0x80, 0xf, "09e12e5f0b6bdcf72f2ec7008a15fa"}, @calipso={0x7, 0x30, {0x1, 0xa, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}, @generic={0x93}]}}}, @hoplimit={{0x14}}, @hopopts={{0x78, 0x29, 0x36, {0x5e, 0xb, '\x00', [@generic={0xff, 0x41, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70"}, @pad1, @pad1, @calipso={0x7, 0x8, {0x0, 0x0, 0x7, 0x6}}, @generic={0x8}, @calipso={0x7, 0x8, {0x3, 0x0, 0x3}}]}}}, @rthdr={{0x18}}], 0x1b0}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.666315748s ago: executing program 2 (id=6920):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x800)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x20000000}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

689.781867ms ago: executing program 4 (id=6921):
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x14, 0x2})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, 0x0, 0x0)

0s ago: executing program 2 (id=6922):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000024c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000038000000030a01040000000000000000010000010900030073797a32000000000c00024000000000000000010900010073797a300000000054000000060a01040000000000000000010000000900010073797a310000000008000b40000000030c000640000000000000000314000480100001800b0001007470726f787900000900010073797a30"], 0x7904}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007911b00000000000851000000200000007000000009500a50500"/48], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x6}, 0x70)
mount$overlay(0x0, 0x0, 0x0, 0x40000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000240)={'\x00', 0x4000, 0x6, 0x1, 0x2, 0xff})
sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
utimes(&(0x7f0000000480)='./cgroup\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', r1, 0x0, 0x141)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f000001aa40)=""/102392, 0x18ff8)
r3 = socket(0x2, 0x80805, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r3, 0x8919, 0x0)
r4 = syz_open_dev$I2C(0x0, 0x1, 0x402)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000003c80), 0x0, &(0x7f0000003cc0)={[{@index_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000200)={0x1, 0x2, 0x3, 0x0})
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x6, @remote, 0xfffffffc}}, 0x0, 0x0, 0x6, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8)
mount(&(0x7f0000000180)=@loop={'/dev/loop', 0x0}, &(0x7f0000000240)='./cgroup\x00', 0x0, 0x0, &(0x7f00000001c0)='discard')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000080)={0x50, 0x0, r6, {0x7, 0x29, 0x9, 0xffffffff90adedc4, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x10}}, 0x50)

kernel console output (not intermixed with test programs):

: USB disconnect, device number 44
[ 1624.437210][T23941] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1624.475666][T23941] cp210x 1-1:0.0: device disconnected
[ 1624.836991][T28732] FAULT_INJECTION: forcing a failure.
[ 1624.836991][T28732] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1624.851263][T28732] CPU: 0 UID: 0 PID: 28732 Comm: syz.5.6257 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1624.851291][T28732] Tainted: [L]=SOFTLOCKUP
[ 1624.851298][T28732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1624.851309][T28732] Call Trace:
[ 1624.851315][T28732]  <TASK>
[ 1624.851322][T28732]  dump_stack_lvl+0x100/0x190
[ 1624.851351][T28732]  should_fail_ex.cold+0x5/0xa
[ 1624.851381][T28732]  _copy_from_user+0x2e/0xd0
[ 1624.851405][T28732]  copy_msghdr_from_user+0x9f/0x4f0
[ 1624.851425][T28732]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1624.851455][T28732]  ___sys_sendmsg+0x106/0x1e0
[ 1624.851474][T28732]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1624.851503][T28732]  ? find_held_lock+0x2b/0x80
[ 1624.851543][T28732]  __sys_sendmsg+0x170/0x220
[ 1624.851566][T28732]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1624.851604][T28732]  do_syscall_64+0xc9/0xf80
[ 1624.851626][T28732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1624.851654][T28732] RIP: 0033:0x7f304359acb9
[ 1624.851669][T28732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1624.851686][T28732] RSP: 002b:00007f30443d0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1624.851703][T28732] RAX: ffffffffffffffda RBX: 00007f3043815fa0 RCX: 00007f304359acb9
[ 1624.851715][T28732] RDX: 0000000000000080 RSI: 0000200000002e00 RDI: 0000000000000003
[ 1624.851726][T28732] RBP: 00007f30443d0090 R08: 0000000000000000 R09: 0000000000000000
[ 1624.851736][T28732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1624.851746][T28732] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1624.851769][T28732]  </TASK>
[ 1625.171042][   T30] audit: type=1400 audit(1769008266.216:1057): avc:  denied  { name_bind } for  pid=28738 comm="syz.2.6262" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 1625.193537][T28739] netlink: 'syz.2.6262': attribute type 1 has an invalid length.
[ 1625.235846][T28742] FAULT_INJECTION: forcing a failure.
[ 1625.235846][T28742] name failslab, interval 1, probability 0, space 0, times 1
[ 1625.313255][   T30] audit: type=1400 audit(1769008266.246:1058): avc:  denied  { node_bind } for  pid=28738 comm="syz.2.6262" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1625.315291][T28742] CPU: 0 UID: 0 PID: 28742 Comm: syz.5.6260 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1625.315314][T28742] Tainted: [L]=SOFTLOCKUP
[ 1625.315320][T28742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1625.315329][T28742] Call Trace:
[ 1625.315334][T28742]  <TASK>
[ 1625.315341][T28742]  dump_stack_lvl+0x100/0x190
[ 1625.315365][T28742]  should_fail_ex.cold+0x5/0xa
[ 1625.315392][T28742]  should_failslab+0xc2/0x120
[ 1625.315413][T28742]  kmem_cache_alloc_noprof+0x83/0x780
[ 1625.315432][T28742]  ? dst_alloc+0x99/0x1a0
[ 1625.315453][T28742]  ? __pfx_ip6_dst_gc+0x10/0x10
[ 1625.315469][T28742]  ? dst_alloc+0x99/0x1a0
[ 1625.315484][T28742]  dst_alloc+0x99/0x1a0
[ 1625.315503][T28742]  ip6_rt_cache_alloc+0x1ea/0x8e0
[ 1625.315527][T28742]  ? __pfx_ip6_rt_cache_alloc+0x10/0x10
[ 1625.315555][T28742]  ip6_pol_route+0xd59/0x1230
[ 1625.315572][T28742]  ? __pfx_ip6_pol_route+0x10/0x10
[ 1625.315586][T28742]  ? register_lock_class+0x40/0x560
[ 1625.315603][T28742]  ? ima_match_policy+0x8b8/0x2340
[ 1625.315631][T28742]  ? __pfx_ip6_pol_route_output+0x10/0x10
[ 1625.315650][T28742]  fib6_rule_lookup+0x24c/0x720
[ 1625.315674][T28742]  ? __pfx_fib6_rule_lookup+0x10/0x10
[ 1625.315703][T28742]  ? process_measurement+0x4c2/0x2400
[ 1625.315719][T28742]  ? process_measurement+0x4c2/0x2400
[ 1625.315738][T28742]  ip6_route_output_flags+0x1d0/0x650
[ 1625.315762][T28742]  ip6_dst_lookup_tail.constprop.0+0x116/0x2110
[ 1625.315787][T28742]  ? process_measurement+0x1ea/0x2400
[ 1625.315808][T28742]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[ 1625.315836][T28742]  ? __lock_acquire+0x4a5/0x2630
[ 1625.315853][T28742]  ? __lock_acquire+0x4a5/0x2630
[ 1625.315872][T28742]  ip6_dst_lookup_flow+0x99/0x1d0
[ 1625.315897][T28742]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[ 1625.315919][T28742]  ? find_held_lock+0x2b/0x80
[ 1625.315939][T28742]  ? rawv6_sendmsg+0xbcd/0x48e0
[ 1625.315958][T28742]  ? rawv6_sendmsg+0xbcd/0x48e0
[ 1625.315982][T28742]  rawv6_sendmsg+0xeff/0x48e0
[ 1625.316005][T28742]  ? __x64_sys_membarrier+0xdf/0x200
[ 1625.316028][T28742]  ? avc_has_perm_noaudit+0xe1/0x3b0
[ 1625.316051][T28742]  ? __pfx_rawv6_sendmsg+0x10/0x10
[ 1625.316072][T28742]  ? avc_has_perm_noaudit+0x145/0x3b0
[ 1625.316095][T28742]  ? avc_has_perm+0x135/0x1e0
[ 1625.316115][T28742]  ? __pfx_avc_has_perm+0x10/0x10
[ 1625.316154][T28742]  ? inode_has_perm+0x16d/0x1d0
[ 1625.316175][T28742]  ? __pfx_rawv6_sendmsg+0x10/0x10
[ 1625.316197][T28742]  ? inet_sendmsg+0x11c/0x140
[ 1625.316211][T28742]  inet_sendmsg+0x11c/0x140
[ 1625.316227][T28742]  sock_write_iter+0x509/0x610
[ 1625.316252][T28742]  ? __pfx_sock_write_iter+0x10/0x10
[ 1625.316283][T28742]  ? bpf_lsm_file_permission+0x9/0x10
[ 1625.316303][T28742]  ? security_file_permission+0x76/0x210
[ 1625.316325][T28742]  ? rw_verify_area+0xce/0x6d0
[ 1625.316341][T28742]  vfs_write+0x6ac/0x1070
[ 1625.316358][T28742]  ? __pfx_sock_write_iter+0x10/0x10
[ 1625.316383][T28742]  ? __pfx_vfs_write+0x10/0x10
[ 1625.316398][T28742]  ? find_held_lock+0x2b/0x80
[ 1625.316431][T28742]  ksys_write+0x1f8/0x250
[ 1625.316448][T28742]  ? __pfx_ksys_write+0x10/0x10
[ 1625.316471][T28742]  do_syscall_64+0xc9/0xf80
[ 1625.316489][T28742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1625.316505][T28742] RIP: 0033:0x7f304359acb9
[ 1625.316518][T28742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1625.316533][T28742] RSP: 002b:00007f30443d0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1625.316548][T28742] RAX: ffffffffffffffda RBX: 00007f3043815fa0 RCX: 00007f304359acb9
[ 1625.316558][T28742] RDX: 0000000000000046 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1625.316568][T28742] RBP: 00007f30443d0090 R08: 0000000000000000 R09: 0000000000000000
[ 1625.316577][T28742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1625.316585][T28742] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1625.316607][T28742]  </TASK>
[ 1625.832131][T28739] bond1 (unregistering): Released all slaves
[ 1625.923705][   T30] audit: type=1326 audit(1769008266.396:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28738 comm="syz.2.6262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a119acb9 code=0x7ffc0000
[ 1626.002801][   T30] audit: type=1326 audit(1769008266.396:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28738 comm="syz.2.6262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f68a119acb9 code=0x7ffc0000
[ 1626.031845][T28758] FAULT_INJECTION: forcing a failure.
[ 1626.031845][T28758] name failslab, interval 1, probability 0, space 0, times 0
[ 1626.113428][   T30] audit: type=1326 audit(1769008266.396:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28738 comm="syz.2.6262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a119acb9 code=0x7ffc0000
[ 1626.145928][T28758] CPU: 1 UID: 0 PID: 28758 Comm: syz.2.6268 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1626.145955][T28758] Tainted: [L]=SOFTLOCKUP
[ 1626.145961][T28758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1626.145971][T28758] Call Trace:
[ 1626.145978][T28758]  <TASK>
[ 1626.145985][T28758]  dump_stack_lvl+0x100/0x190
[ 1626.146012][T28758]  should_fail_ex.cold+0x5/0xa
[ 1626.146042][T28758]  should_failslab+0xc2/0x120
[ 1626.146065][T28758]  __kmalloc_cache_noprof+0x80/0x810
[ 1626.146082][T28758]  ? syslog_print_all+0xed/0x3f0
[ 1626.146099][T28758]  ? find_held_lock+0x2b/0x80
[ 1626.146123][T28758]  ? syslog_print_all+0xed/0x3f0
[ 1626.146140][T28758]  syslog_print_all+0xed/0x3f0
[ 1626.146159][T28758]  ? __pfx_syslog_print_all+0x10/0x10
[ 1626.146177][T28758]  ? avc_has_perm+0x135/0x1e0
[ 1626.146214][T28758]  do_syslog+0x350/0x6d0
[ 1626.146233][T28758]  ? __pfx_do_syslog+0x10/0x10
[ 1626.146250][T28758]  ? __fget_files+0x21f/0x3d0
[ 1626.146277][T28758]  ? ksys_write+0x1ac/0x250
[ 1626.146294][T28758]  ? __pfx_ksys_write+0x10/0x10
[ 1626.146317][T28758]  __x64_sys_syslog+0x74/0xb0
[ 1626.146335][T28758]  ? lockdep_hardirqs_on+0x78/0x100
[ 1626.146352][T28758]  do_syscall_64+0xc9/0xf80
[ 1626.146371][T28758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1626.146388][T28758] RIP: 0033:0x7f68a119acb9
[ 1626.146407][T28758] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1626.146424][T28758] RSP: 002b:00007f68a2072028 EFLAGS: 00000246 ORIG_RAX: 0000000000000067
[ 1626.146441][T28758] RAX: ffffffffffffffda RBX: 00007f68a1415fa0 RCX: 00007f68a119acb9
[ 1626.146453][T28758] RDX: 0000000000000043 RSI: 0000200000000800 RDI: 0000000000000003
[ 1626.146463][T28758] RBP: 00007f68a2072090 R08: 0000000000000000 R09: 0000000000000000
[ 1626.146473][T28758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1626.146483][T28758] R13: 00007f68a1416038 R14: 00007f68a1415fa0 R15: 00007ffdbfd0c3e8
[ 1626.146506][T28758]  </TASK>
[ 1626.350843][T28765] netlink: 'syz.4.6267': attribute type 9 has an invalid length.
[ 1626.353552][   T30] audit: type=1326 audit(1769008266.396:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28738 comm="syz.2.6262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f68a119acb9 code=0x7ffc0000
[ 1626.362944][T28765] bond_slave_0: entered promiscuous mode
[ 1626.382093][   T30] audit: type=1326 audit(1769008266.396:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28738 comm="syz.2.6262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a119acb9 code=0x7ffc0000
[ 1626.387656][T28765] bond_slave_1: entered promiscuous mode
[ 1626.411814][   T30] audit: type=1326 audit(1769008266.396:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28738 comm="syz.2.6262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f68a119acb9 code=0x7ffc0000
[ 1626.439964][   T30] audit: type=1326 audit(1769008266.396:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28738 comm="syz.2.6262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a119acb9 code=0x7ffc0000
[ 1626.492806][T28765] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1627.213311][T28798] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6278'.
[ 1627.663141][T28797] netlink: 'syz.4.6280': attribute type 3 has an invalid length.
[ 1628.925341][T28820] o2cb: This node has not been configured.
[ 1628.931297][T28820] o2cb: Cluster check failed. Fix errors before retrying.
[ 1628.938657][T28820] (syz.0.6285,28820,1):user_dlm_register:674 ERROR: status = -22
[ 1628.946425][T28820] (syz.0.6285,28820,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[ 1628.962515][T28820] o2cb: This node has not been configured.
[ 1628.968971][T28820] o2cb: Cluster check failed. Fix errors before retrying.
[ 1628.976521][T28820] (syz.0.6285,28820,1):user_dlm_register:674 ERROR: status = -22
[ 1628.984307][T28820] (syz.0.6285,28820,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[ 1629.341959][ T6183] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[ 1629.511974][ T6183] usb 5-1: Using ep0 maxpacket: 16
[ 1629.593366][ T6183] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1629.650180][ T6183] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1629.687888][ T6183] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1629.707328][ T6183] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1629.778338][ T6183] usb 5-1: Product: syz
[ 1629.788439][ T6183] usb 5-1: Manufacturer: syz
[ 1629.828285][ T6183] usb 5-1: SerialNumber: syz
[ 1629.882784][ T6183] usb 5-1: config 0 descriptor??
[ 1629.903277][ T6183] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1629.941915][ T6183] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[ 1629.974524][T28836] FAULT_INJECTION: forcing a failure.
[ 1629.974524][T28836] name failslab, interval 1, probability 0, space 0, times 0
[ 1630.011976][T28836] CPU: 1 UID: 0 PID: 28836 Comm: syz.0.6292 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1630.012002][T28836] Tainted: [L]=SOFTLOCKUP
[ 1630.012008][T28836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1630.012018][T28836] Call Trace:
[ 1630.012024][T28836]  <TASK>
[ 1630.012031][T28836]  dump_stack_lvl+0x100/0x190
[ 1630.012062][T28836]  should_fail_ex.cold+0x5/0xa
[ 1630.012091][T28836]  should_failslab+0xc2/0x120
[ 1630.012114][T28836]  kmem_cache_alloc_noprof+0x83/0x780
[ 1630.012136][T28836]  ? getname_flags.part.0+0x4c/0x540
[ 1630.012167][T28836]  ? getname_flags.part.0+0x4c/0x540
[ 1630.012191][T28836]  getname_flags.part.0+0x4c/0x540
[ 1630.012219][T28836]  __x64_sys_rmdir+0xb0/0x110
[ 1630.012242][T28836]  do_syscall_64+0xc9/0xf80
[ 1630.012261][T28836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1630.012279][T28836] RIP: 0033:0x7f6feb79acb9
[ 1630.012293][T28836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1630.012310][T28836] RSP: 002b:00007f6fec706028 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[ 1630.012328][T28836] RAX: ffffffffffffffda RBX: 00007f6feba15fa0 RCX: 00007f6feb79acb9
[ 1630.012339][T28836] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[ 1630.012350][T28836] RBP: 00007f6fec706090 R08: 0000000000000000 R09: 0000000000000000
[ 1630.012360][T28836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1630.012370][T28836] R13: 00007f6feba16038 R14: 00007f6feba15fa0 R15: 00007ffe62125b38
[ 1630.012400][T28836]  </TASK>
[ 1630.381223][T28844] input: syz1 as /devices/virtual/input/input137
[ 1630.910406][ T6183] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[ 1631.043085][ T6183] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[ 1631.164018][ T6183] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[ 1631.270963][ T6183] em28xx 5-1:0.0: No AC97 audio processor
[ 1631.498922][ T6183] usb 5-1: USB disconnect, device number 48
[ 1631.530978][ T6183] em28xx 5-1:0.0: Disconnecting em28xx
[ 1631.561267][ T6183] em28xx 5-1:0.0: Freeing device
[ 1632.002892][T28832] mpoa:mpoad_close: (<unknown>) going down
[ 1632.241694][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1632.241715][   T30] audit: type=1400 audit(1769008273.286:1071): avc:  denied  { listen } for  pid=28870 comm="syz.4.6298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1632.598696][ T9079] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[ 1632.978132][ T9079] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1633.182338][ T9079] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=8e.0b
[ 1633.277541][ T9079] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1633.365807][ T9079] usb 5-1: Product: syz
[ 1633.424752][ T9079] usb 5-1: Manufacturer: syz
[ 1633.569338][ T9079] usb 5-1: SerialNumber: syz
[ 1633.751783][ T9079] usb 5-1: config 0 descriptor??
[ 1634.772150][ T9079] usb 5-1: USB disconnect, device number 49
[ 1634.884179][T17389] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1634.893906][T17389] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1634.907853][T17389] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1634.917797][T17389] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1634.925343][T17389] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1635.160439][T17387] syz_tun (unregistering): left allmulticast mode
[ 1635.385094][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1635.528328][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1635.646438][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1635.775946][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1635.834882][T28891] chnl_net:caif_netlink_parms(): no params data found
[ 1635.985137][   T30] audit: type=1400 audit(1769008277.036:1072): avc:  denied  { read } for  pid=28927 comm="syz.4.6313" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1636.074197][   T30] audit: type=1400 audit(1769008277.036:1073): avc:  denied  { write } for  pid=28927 comm="syz.4.6313" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1636.114507][T28937] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6315'.
[ 1636.157862][   T30] audit: type=1400 audit(1769008277.036:1074): avc:  denied  { open } for  pid=28927 comm="syz.4.6313" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1636.323334][T28947] FAULT_INJECTION: forcing a failure.
[ 1636.323334][T28947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1636.350380][   T30] audit: type=1400 audit(1769008277.396:1075): avc:  denied  { associate } for  pid=28945 comm="syz.6.6317" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1636.388735][T28947] CPU: 1 UID: 0 PID: 28947 Comm: syz.5.6304 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1636.388761][T28947] Tainted: [L]=SOFTLOCKUP
[ 1636.388768][T28947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1636.388777][T28947] Call Trace:
[ 1636.388783][T28947]  <TASK>
[ 1636.388789][T28947]  dump_stack_lvl+0x100/0x190
[ 1636.388816][T28947]  should_fail_ex.cold+0x5/0xa
[ 1636.388847][T28947]  _copy_from_user+0x2e/0xd0
[ 1636.388870][T28947]  copy_msghdr_from_user+0x9f/0x4f0
[ 1636.388889][T28947]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1636.388918][T28947]  ___sys_sendmsg+0x106/0x1e0
[ 1636.388936][T28947]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1636.388964][T28947]  ? find_held_lock+0x2b/0x80
[ 1636.389002][T28947]  __sys_sendmsg+0x170/0x220
[ 1636.389025][T28947]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1636.389062][T28947]  do_syscall_64+0xc9/0xf80
[ 1636.389083][T28947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1636.389100][T28947] RIP: 0033:0x7f304359acb9
[ 1636.389115][T28947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1636.389132][T28947] RSP: 002b:00007f30443d0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1636.389148][T28947] RAX: ffffffffffffffda RBX: 00007f3043815fa0 RCX: 00007f304359acb9
[ 1636.389160][T28947] RDX: 0000000004008010 RSI: 0000200000000b80 RDI: 0000000000000003
[ 1636.389170][T28947] RBP: 00007f30443d0090 R08: 0000000000000000 R09: 0000000000000000
[ 1636.389180][T28947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1636.389190][T28947] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1636.389214][T28947]  </TASK>
[ 1637.502720][ T5826] Bluetooth: hci2: command tx timeout
[ 1638.087419][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1638.104727][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1638.116120][   T12] bond0 (unregistering): Released all slaves
[ 1638.149507][T28891] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1638.165892][T28891] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1638.182510][T28891] bridge_slave_0: entered allmulticast mode
[ 1638.201270][T28891] bridge_slave_0: entered promiscuous mode
[ 1638.221295][T28891] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1638.233987][T28891] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1638.244990][T28891] bridge_slave_1: entered allmulticast mode
[ 1638.252857][T28891] bridge_slave_1: entered promiscuous mode
[ 1638.276834][   T12] tipc: Left network mode
[ 1638.341254][T28891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1638.390468][T28891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1638.465845][T28891] team0: Port device team_slave_0 added
[ 1638.510765][T28891] team0: Port device team_slave_1 added
[ 1639.225698][T28998] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6328'.
[ 1639.337000][T29007] FAULT_INJECTION: forcing a failure.
[ 1639.337000][T29007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1639.398725][   T30] audit: type=1400 audit(1769008280.436:1076): avc:  denied  { getopt } for  pid=29006 comm="syz.2.6331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1639.426984][T29007] CPU: 1 UID: 0 PID: 29007 Comm: syz.5.6328 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1639.427011][T29007] Tainted: [L]=SOFTLOCKUP
[ 1639.427018][T29007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1639.427029][T29007] Call Trace:
[ 1639.427035][T29007]  <TASK>
[ 1639.427041][T29007]  dump_stack_lvl+0x100/0x190
[ 1639.427067][T29007]  should_fail_ex.cold+0x5/0xa
[ 1639.427097][T29007]  _copy_from_user+0x2e/0xd0
[ 1639.427120][T29007]  copy_msghdr_from_user+0x9f/0x4f0
[ 1639.427140][T29007]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1639.427161][T29007]  ? __lock_acquire+0x4a5/0x2630
[ 1639.427184][T29007]  ___sys_recvmsg+0xdd/0x1a0
[ 1639.427202][T29007]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1639.427221][T29007]  ? find_held_lock+0x2b/0x80
[ 1639.427271][T29007]  __sys_recvmsg+0x16d/0x220
[ 1639.427294][T29007]  ? __pfx___sys_recvmsg+0x10/0x10
[ 1639.427324][T29007]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1639.427352][T29007]  do_syscall_64+0xc9/0xf80
[ 1639.427372][T29007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1639.427389][T29007] RIP: 0033:0x7f304359acb9
[ 1639.427404][T29007] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1639.427419][T29007] RSP: 002b:00007f304438e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1639.427435][T29007] RAX: ffffffffffffffda RBX: 00007f3043816180 RCX: 00007f304359acb9
[ 1639.427444][T29007] RDX: ba1b474e0b1c775a RSI: 0000200000000100 RDI: 0000000000000003
[ 1639.427454][T29007] RBP: 00007f304438e090 R08: 0000000000000000 R09: 0000000000000000
[ 1639.427464][T29007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1639.427473][T29007] R13: 00007f3043816218 R14: 00007f3043816180 R15: 00007ffe3b234568
[ 1639.427494][T29007]  </TASK>
[ 1639.608330][ T5826] Bluetooth: hci2: command tx timeout
[ 1640.732840][T28891] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1640.751899][T28891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1640.822051][T28891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1640.855984][T28891] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1640.876353][T28891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1640.953321][T28891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1641.046124][   T12] hsr_slave_0: left promiscuous mode
[ 1641.054235][   T12] hsr_slave_1: left promiscuous mode
[ 1641.064409][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1641.081528][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1641.101724][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1641.111475][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1641.149376][   T12] veth1_macvtap: left promiscuous mode
[ 1641.159252][   T12] veth0_macvtap: left promiscuous mode
[ 1641.170289][   T12] veth1_vlan: left promiscuous mode
[ 1641.175909][   T12] veth0_vlan: left promiscuous mode
[ 1641.625627][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1641.652475][ T5826] Bluetooth: hci2: command tx timeout
[ 1641.660430][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1642.160750][T28891] hsr_slave_0: entered promiscuous mode
[ 1642.167546][T28891] hsr_slave_1: entered promiscuous mode
[ 1642.174013][T28891] debugfs: 'hsr0' already exists in 'hsr'
[ 1642.180764][T28891] Cannot create hsr debugfs directory
[ 1642.650205][T29057] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1643.412909][ T6003] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1643.453205][T29081] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1643.698397][   T30] audit: type=1400 audit(1769008284.746:1077): avc:  denied  { ioctl } for  pid=29093 comm="syz.6.6346" path="socket:[130372]" dev="sockfs" ino=130372 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1643.732531][ T5826] Bluetooth: hci2: command tx timeout
[ 1643.923093][T28891] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1643.953281][T28891] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1643.970334][T28891] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1643.991363][T28891] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1644.068956][T28891] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1644.086162][T28891] 8021q: adding VLAN 0 to HW filter on device team0
[ 1644.121725][T28891] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1644.133298][T28891] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1644.165844][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1644.172984][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1644.185878][ T1098] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1644.193033][ T1098] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1644.791337][T28891] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1644.861506][T28891] veth0_vlan: entered promiscuous mode
[ 1644.960998][T28891] veth1_vlan: entered promiscuous mode
[ 1645.020502][T28891] veth0_macvtap: entered promiscuous mode
[ 1645.039830][T28891] veth1_macvtap: entered promiscuous mode
[ 1645.097701][T28891] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1645.159775][T28891] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1645.223808][ T3694] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1645.239689][ T3694] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1645.275191][ T3694] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1645.303839][T29153] program syz.2.6355 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1645.315391][   T30] audit: type=1400 audit(1769008286.346:1078): avc:  denied  { mount } for  pid=29144 comm="syz.2.6355" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1645.343909][ T3694] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1645.465868][ T1004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1645.488944][ T1004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1645.521703][T29156] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6357'.
[ 1645.524725][T28424] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1645.547846][T28424] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1646.349627][T29173] capability: warning: `syz.6.6359' uses 32-bit capabilities (legacy support in use)
[ 1646.412267][   T30] audit: type=1400 audit(1769008287.466:1079): avc:  denied  { read } for  pid=29163 comm="syz.6.6359" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1646.461609][   T30] audit: type=1400 audit(1769008287.496:1080): avc:  denied  { open } for  pid=29163 comm="syz.6.6359" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1646.530816][   T30] audit: type=1400 audit(1769008287.496:1081): avc:  denied  { ioctl } for  pid=29163 comm="syz.6.6359" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 ioctlcmd=0x9427 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1648.554719][T29212] mpoa:mpoad_close: (<unknown>) going down
[ 1648.603489][T28679] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1648.638970][T29233] FAULT_INJECTION: forcing a failure.
[ 1648.638970][T29233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1648.652165][T29233] CPU: 0 UID: 0 PID: 29233 Comm: syz.6.6373 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1648.652193][T29233] Tainted: [L]=SOFTLOCKUP
[ 1648.652199][T29233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1648.652209][T29233] Call Trace:
[ 1648.652215][T29233]  <TASK>
[ 1648.652221][T29233]  dump_stack_lvl+0x100/0x190
[ 1648.652240][T29233]  should_fail_ex.cold+0x5/0xa
[ 1648.652260][T29233]  _copy_from_user+0x2e/0xd0
[ 1648.652276][T29233]  copy_msghdr_from_user+0x9f/0x4f0
[ 1648.652289][T29233]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1648.652307][T29233]  ___sys_sendmsg+0x106/0x1e0
[ 1648.652318][T29233]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1648.652341][T29233]  ? find_held_lock+0x2b/0x80
[ 1648.652365][T29233]  __sys_sendmsg+0x170/0x220
[ 1648.652380][T29233]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1648.652402][T29233]  do_syscall_64+0xc9/0xf80
[ 1648.652416][T29233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1648.652428][T29233] RIP: 0033:0x7f48a5d9acb9
[ 1648.652437][T29233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1648.652448][T29233] RSP: 002b:00007f48a6be5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1648.652459][T29233] RAX: ffffffffffffffda RBX: 00007f48a6015fa0 RCX: 00007f48a5d9acb9
[ 1648.652466][T29233] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000005
[ 1648.652473][T29233] RBP: 00007f48a6be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1648.652480][T29233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1648.652486][T29233] R13: 00007f48a6016038 R14: 00007f48a6015fa0 R15: 00007ffd26559848
[ 1648.652510][T29233]  </TASK>
[ 1648.841992][T28679] usb 3-1: Using ep0 maxpacket: 16
[ 1648.848796][T28679] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1648.860858][T28679] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1648.874372][T28679] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1648.883620][T28679] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1648.905017][T28679] usb 3-1: Product: syz
[ 1648.914943][T28679] usb 3-1: Manufacturer: syz
[ 1648.926144][T28679] usb 3-1: SerialNumber: syz
[ 1648.938686][T28679] usb 3-1: config 0 descriptor??
[ 1648.950911][T28679] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1648.976800][T28679] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[ 1649.297323][T29245] evm: overlay not supported
[ 1649.563595][T28679] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[ 1649.586803][T28679] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[ 1649.635019][T28679] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[ 1649.642166][T28679] em28xx 3-1:0.0: No AC97 audio processor
[ 1649.660006][T28679] usb 3-1: USB disconnect, device number 49
[ 1649.681235][T28679] em28xx 3-1:0.0: Disconnecting em28xx
[ 1649.703377][T28679] em28xx 3-1:0.0: Freeing device
[ 1649.892112][ T5826] Bluetooth: hci3: command 0x0406 tx timeout
[ 1655.119669][T29309] xt_hashlimit: size too large, truncated to 1048576
[ 1655.537023][   T30] audit: type=1400 audit(1769008296.586:1082): avc:  denied  { name_connect } for  pid=29323 comm="syz.0.6393" dest=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[ 1655.660892][T29330] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1655.699711][ T6003] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[ 1655.711336][ T6003] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[ 1655.723786][T29310] mpoa:mpoad_close: (<unknown>) going down
[ 1655.733233][T29172] wlan1: authenticated
[ 1655.733396][T29330] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1655.753006][T29172] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[ 1655.865508][ T6089] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1)
[ 1655.865777][T29337] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1655.883950][ T6089] wlan1: associated
[ 1655.905870][   T30] audit: type=1400 audit(1769008296.956:1083): avc:  denied  { getopt } for  pid=29323 comm="syz.0.6393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1658.522248][T29410] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1658.556006][T29410] team0: Port device batadv1 added
[ 1658.633639][T29410] hub 9-0:1.0: USB hub found
[ 1658.666186][T29410] hub 9-0:1.0: 1 port detected
[ 1659.680216][T29429] FAULT_INJECTION: forcing a failure.
[ 1659.680216][T29429] name failslab, interval 1, probability 0, space 0, times 0
[ 1659.711954][T29429] CPU: 0 UID: 0 PID: 29429 Comm: syz.2.6435 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1659.711972][T29429] Tainted: [L]=SOFTLOCKUP
[ 1659.711977][T29429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1659.711983][T29429] Call Trace:
[ 1659.711988][T29429]  <TASK>
[ 1659.711992][T29429]  dump_stack_lvl+0x100/0x190
[ 1659.712011][T29429]  should_fail_ex.cold+0x5/0xa
[ 1659.712031][T29429]  should_failslab+0xc2/0x120
[ 1659.712046][T29429]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1659.712060][T29429]  __kmalloc_noprof+0xf6/0x9c0
[ 1659.712075][T29429]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1659.712087][T29429]  tomoyo_realpath_from_path+0xb6/0x690
[ 1659.712103][T29429]  tomoyo_path_number_perm+0x23c/0x580
[ 1659.712120][T29429]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1659.712139][T29429]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1659.712170][T29429]  ? find_held_lock+0x2b/0x80
[ 1659.712185][T29429]  ? hook_file_ioctl_common+0x146/0x410
[ 1659.712200][T29429]  ? __fget_files+0x215/0x3d0
[ 1659.712216][T29429]  ? __fget_files+0x21f/0x3d0
[ 1659.712231][T29429]  security_file_ioctl+0xd3/0x230
[ 1659.712244][T29429]  __x64_sys_ioctl+0xb7/0x210
[ 1659.712256][T29429]  do_syscall_64+0xc9/0xf80
[ 1659.712270][T29429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1659.712282][T29429] RIP: 0033:0x7f68a119acb9
[ 1659.712291][T29429] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1659.712302][T29429] RSP: 002b:00007f68a2072028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1659.712313][T29429] RAX: ffffffffffffffda RBX: 00007f68a1415fa0 RCX: 00007f68a119acb9
[ 1659.712320][T29429] RDX: 0000200000000180 RSI: 0000000000006406 RDI: 0000000000000003
[ 1659.712327][T29429] RBP: 00007f68a2072090 R08: 0000000000000000 R09: 0000000000000000
[ 1659.712334][T29429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1659.712340][T29429] R13: 00007f68a1416038 R14: 00007f68a1415fa0 R15: 00007ffdbfd0c3e8
[ 1659.712355][T29429]  </TASK>
[ 1659.712360][T29429] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1660.308503][   T30] audit: type=1400 audit(1769008301.356:1084): avc:  denied  { wake_alarm } for  pid=29440 comm="syz.2.6441" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1660.399948][T29447] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6441'.
[ 1660.997822][T29457] netlink: 96 bytes leftover after parsing attributes in process `syz.4.6445'.
[ 1661.039175][T29455] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1665.265806][T29478] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1666.530602][T29491] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6452'.
[ 1668.297930][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.308640][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1668.465783][T29516] mpoa:mpoad_close: (<unknown>) going down
[ 1669.603337][T29547] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1669.641995][T29547] CIFS mount error: No usable UNC path provided in device string!
[ 1669.641995][T29547] 
[ 1669.693678][T29547] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1672.162121][T29580] nfs: Unknown parameter '&[#'
[ 1672.173298][T29580] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1672.243392][T29568] mpoa:mpoad_close: (<unknown>) going down
[ 1672.427024][T29595] FAULT_INJECTION: forcing a failure.
[ 1672.427024][T29595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1672.469735][T29595] CPU: 1 UID: 0 PID: 29595 Comm: syz.0.6476 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1672.469764][T29595] Tainted: [L]=SOFTLOCKUP
[ 1672.469770][T29595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1672.469780][T29595] Call Trace:
[ 1672.469787][T29595]  <TASK>
[ 1672.469794][T29595]  dump_stack_lvl+0x100/0x190
[ 1672.469821][T29595]  should_fail_ex.cold+0x5/0xa
[ 1672.469852][T29595]  _copy_from_user+0x2e/0xd0
[ 1672.469877][T29595]  move_addr_to_kernel+0x65/0x170
[ 1672.469895][T29595]  __sys_sendto+0x1c9/0x520
[ 1672.469916][T29595]  ? __pfx___sys_sendto+0x10/0x10
[ 1672.469955][T29595]  ? ksys_write+0x1ac/0x250
[ 1672.469974][T29595]  ? __pfx_ksys_write+0x10/0x10
[ 1672.469996][T29595]  __x64_sys_sendto+0xe0/0x1c0
[ 1672.470015][T29595]  ? do_syscall_64+0x94/0xf80
[ 1672.470033][T29595]  ? lockdep_hardirqs_on+0x78/0x100
[ 1672.470050][T29595]  do_syscall_64+0xc9/0xf80
[ 1672.470069][T29595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1672.470087][T29595] RIP: 0033:0x7fb01239acb9
[ 1672.470102][T29595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1672.470117][T29595] RSP: 002b:00007fb0131f1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1672.470135][T29595] RAX: ffffffffffffffda RBX: 00007fb012616090 RCX: 00007fb01239acb9
[ 1672.470146][T29595] RDX: 000000000000000e RSI: 0000200000000600 RDI: 0000000000000004
[ 1672.470156][T29595] RBP: 00007fb0131f1090 R08: 00002000000000c0 R09: 0000000000000014
[ 1672.470167][T29595] R10: 0000000000080810 R11: 0000000000000246 R12: 0000000000000001
[ 1672.470176][T29595] R13: 00007fb012616128 R14: 00007fb012616090 R15: 00007fffe4e682e8
[ 1672.470200][T29595]  </TASK>
[ 1673.008818][T29610] FAULT_INJECTION: forcing a failure.
[ 1673.008818][T29610] name failslab, interval 1, probability 0, space 0, times 0
[ 1673.051826][T29610] CPU: 1 UID: 0 PID: 29610 Comm: syz.6.6488 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1673.051857][T29610] Tainted: [L]=SOFTLOCKUP
[ 1673.051864][T29610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1673.051874][T29610] Call Trace:
[ 1673.051881][T29610]  <TASK>
[ 1673.051888][T29610]  dump_stack_lvl+0x100/0x190
[ 1673.051917][T29610]  should_fail_ex.cold+0x5/0xa
[ 1673.051947][T29610]  should_failslab+0xc2/0x120
[ 1673.051970][T29610]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1673.051991][T29610]  __kmalloc_noprof+0xf6/0x9c0
[ 1673.052016][T29610]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1673.052035][T29610]  tomoyo_realpath_from_path+0xb6/0x690
[ 1673.052060][T29610]  tomoyo_path_number_perm+0x23c/0x580
[ 1673.052085][T29610]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1673.052113][T29610]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1673.052165][T29610]  ? find_held_lock+0x2b/0x80
[ 1673.052188][T29610]  ? hook_file_ioctl_common+0x146/0x410
[ 1673.052210][T29610]  ? __fget_files+0x215/0x3d0
[ 1673.052233][T29610]  ? __fget_files+0x21f/0x3d0
[ 1673.052257][T29610]  security_file_ioctl+0xd3/0x230
[ 1673.052277][T29610]  __x64_sys_ioctl+0xb7/0x210
[ 1673.052302][T29610]  do_syscall_64+0xc9/0xf80
[ 1673.052323][T29610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1673.052340][T29610] RIP: 0033:0x7f48a5d9acb9
[ 1673.052355][T29610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1673.052372][T29610] RSP: 002b:00007f48a6be5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1673.052389][T29610] RAX: ffffffffffffffda RBX: 00007f48a6015fa0 RCX: 00007f48a5d9acb9
[ 1673.052401][T29610] RDX: 0000200000000a40 RSI: 0000000000003ba0 RDI: 0000000000000003
[ 1673.052412][T29610] RBP: 00007f48a6be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1673.052422][T29610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1673.052433][T29610] R13: 00007f48a6016038 R14: 00007f48a6015fa0 R15: 00007ffd26559848
[ 1673.052457][T29610]  </TASK>
[ 1673.362970][T29610] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1674.393327][T29624] mpoa:mpoad_close: (<unknown>) going down
[ 1674.549820][T29633] comedi comedi2: ni_at_a2150: a I/O base address must be specified
[ 1675.725864][T29657] comedi comedi2: ni_at_a2150: a I/O base address must be specified
[ 1675.761350][T29659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6499'.
[ 1677.293876][T29673] mpoa:mpoad_close: (<unknown>) going down
[ 1678.667094][T29709] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6516'.
[ 1678.754273][T29709] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1680.709184][T29754] input: syz1 as /devices/virtual/input/input142
[ 1683.932033][   T30] audit: type=1400 audit(1769008324.846:1085): avc:  denied  { shutdown } for  pid=29811 comm="syz.2.6550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1684.817646][ T6183] kernel read not supported for file /274/syscall (pid: 6183 comm: kworker/1:11)
[ 1685.896210][   T30] audit: type=1400 audit(1769008326.706:1086): avc:  denied  { bind } for  pid=29851 comm="syz.4.6562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1686.047287][ T6003] IPVS: starting estimator thread 0...
[ 1686.185979][T29861] IPVS: using max 39 ests per chain, 93600 per kthread
[ 1687.911983][   T30] audit: type=1326 audit(1769008328.956:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1688.308287][   T30] audit: type=1326 audit(1769008328.966:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1688.459661][   T30] audit: type=1326 audit(1769008328.966:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1688.580732][   T30] audit: type=1326 audit(1769008328.966:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1688.689749][   T30] audit: type=1326 audit(1769008328.966:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1688.747412][   T30] audit: type=1326 audit(1769008328.966:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1688.786884][   T30] audit: type=1400 audit(1769008329.056:1093): avc:  denied  { getopt } for  pid=29877 comm="syz.2.6570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1688.806605][   T30] audit: type=1326 audit(1769008329.176:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x0
[ 1688.982122][   T30] audit: type=1326 audit(1769008329.576:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1689.052155][   T30] audit: type=1326 audit(1769008329.576:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1689.127690][   T30] audit: type=1326 audit(1769008330.146:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1689.210824][   T30] audit: type=1326 audit(1769008330.146:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1689.313629][   T30] audit: type=1326 audit(1769008330.146:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1690.319471][   T30] audit: type=1326 audit(1769008330.166:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1690.369435][   T30] audit: type=1326 audit(1769008330.166:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1690.396248][   T30] audit: type=1326 audit(1769008330.166:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1690.422972][   T30] audit: type=1326 audit(1769008330.166:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1690.581828][   T30] audit: type=1326 audit(1769008330.166:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29880 comm="syz.0.6571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb01239acb9 code=0x7ffc0000
[ 1690.814983][T29914] FAULT_INJECTION: forcing a failure.
[ 1690.814983][T29914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1690.854639][T17389] Bluetooth: hci5: command 0x0406 tx timeout
[ 1691.042613][T29914] CPU: 1 UID: 0 PID: 29914 Comm: syz.6.6569 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1691.042641][T29914] Tainted: [L]=SOFTLOCKUP
[ 1691.042647][T29914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1691.042658][T29914] Call Trace:
[ 1691.042665][T29914]  <TASK>
[ 1691.042672][T29914]  dump_stack_lvl+0x100/0x190
[ 1691.042699][T29914]  should_fail_ex.cold+0x5/0xa
[ 1691.042731][T29914]  _copy_from_user+0x2e/0xd0
[ 1691.042755][T29914]  quota_setquota+0x4f4/0x5f0
[ 1691.042778][T29914]  ? __pfx_quota_setquota+0x10/0x10
[ 1691.042808][T29914]  ? avc_has_perm+0x135/0x1e0
[ 1691.042843][T29914]  ? selinux_quotactl+0x17d/0x300
[ 1691.042873][T29914]  do_quotactl+0xe6a/0x14b0
[ 1691.042896][T29914]  ? __pfx_do_quotactl+0x10/0x10
[ 1691.042923][T29914]  ? __pfx___might_resched+0x10/0x10
[ 1691.042950][T29914]  ? down_read+0x13b/0x460
[ 1691.042972][T29914]  ? __pfx_down_read+0x10/0x10
[ 1691.042991][T29914]  ? mnt_get_write_access+0x262/0x2f0
[ 1691.043017][T29914]  ? mnt_get_write_access+0x26c/0x2f0
[ 1691.043048][T29914]  __x64_sys_quotactl_fd+0x4ce/0x580
[ 1691.043075][T29914]  do_syscall_64+0xc9/0xf80
[ 1691.043096][T29914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1691.043114][T29914] RIP: 0033:0x7f48a5d9acb9
[ 1691.043128][T29914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1691.043145][T29914] RSP: 002b:00007f48a6be5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001bb
[ 1691.043163][T29914] RAX: ffffffffffffffda RBX: 00007f48a6015fa0 RCX: 00007f48a5d9acb9
[ 1691.043175][T29914] RDX: 0000000000000000 RSI: ffffffff80000800 RDI: 0000000000000003
[ 1691.043186][T29914] RBP: 00007f48a6be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1691.043197][T29914] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[ 1691.043208][T29914] R13: 00007f48a6016038 R14: 00007f48a6015fa0 R15: 00007ffd26559848
[ 1691.043233][T29914]  </TASK>
[ 1692.512018][T29948] usb usb7: usbfs: process 29948 (syz.0.6577) did not claim interface 0 before use
[ 1692.607006][T29871] usb 6-1: new low-speed USB device number 12 using dummy_hcd
[ 1693.079726][T29954] CUSE: info not properly terminated
[ 1693.127068][T29954] netlink: 'syz.0.6589': attribute type 12 has an invalid length.
[ 1693.176615][T29871] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1693.191552][T29871] usb 6-1: config 0 has no interface number 0
[ 1693.205048][T29871] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1693.240293][T29871] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1693.271925][T29871] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1693.355262][T29871] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1693.381486][T29871] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1693.411886][T29871] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1696.951760][T29871] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1696.985335][T29871] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1697.088510][T29871] usb 6-1: config 0 descriptor??
[ 1697.094511][T29871] usb 6-1: can't set config #0, error -71
[ 1697.107197][T29871] usb 6-1: USB disconnect, device number 12
[ 1697.609632][   T30] kauditd_printk_skb: 27 callbacks suppressed
[ 1697.609647][   T30] audit: type=1400 audit(1769008338.636:1132): avc:  denied  { map } for  pid=29982 comm="syz.0.6599" path="/dev/video1" dev="devtmpfs" ino=931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1697.659921][   T30] audit: type=1400 audit(1769008338.636:1133): avc:  denied  { execute } for  pid=29982 comm="syz.0.6599" path="/dev/video1" dev="devtmpfs" ino=931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1698.922956][T30019] FAULT_INJECTION: forcing a failure.
[ 1698.922956][T30019] name failslab, interval 1, probability 0, space 0, times 0
[ 1698.940079][T30019] CPU: 0 UID: 0 PID: 30019 Comm: syz.5.6610 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1698.940097][T30019] Tainted: [L]=SOFTLOCKUP
[ 1698.940101][T30019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1698.940108][T30019] Call Trace:
[ 1698.940112][T30019]  <TASK>
[ 1698.940116][T30019]  dump_stack_lvl+0x100/0x190
[ 1698.940136][T30019]  should_fail_ex.cold+0x5/0xa
[ 1698.940156][T30019]  should_failslab+0xc2/0x120
[ 1698.940171][T30019]  __kvmalloc_node_noprof+0x101/0xac0
[ 1698.940185][T30019]  ? _kstrtoull+0x13c/0x1f0
[ 1698.940195][T30019]  ? seq_read_iter+0x819/0x1270
[ 1698.940211][T30019]  ? seq_read_iter+0x819/0x1270
[ 1698.940227][T30019]  seq_read_iter+0x819/0x1270
[ 1698.940255][T30019]  seq_read+0x33b/0x4c0
[ 1698.940275][T30019]  ? __pfx_seq_read+0x10/0x10
[ 1698.940298][T30019]  ? lock_acquire+0x17c/0x330
[ 1698.940320][T30019]  full_proxy_read+0x135/0x1a0
[ 1698.940334][T30019]  ? __pfx_full_proxy_read+0x10/0x10
[ 1698.940347][T30019]  vfs_read+0x1e4/0xb30
[ 1698.940361][T30019]  ? __pfx_vfs_read+0x10/0x10
[ 1698.940372][T30019]  ? find_held_lock+0x2b/0x80
[ 1698.940387][T30019]  ? __fget_files+0x215/0x3d0
[ 1698.940403][T30019]  ? __fget_files+0x21f/0x3d0
[ 1698.940419][T30019]  ksys_read+0x12a/0x250
[ 1698.940431][T30019]  ? __pfx_ksys_read+0x10/0x10
[ 1698.940447][T30019]  do_syscall_64+0xc9/0xf80
[ 1698.940461][T30019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1698.940474][T30019] RIP: 0033:0x7f304359acb9
[ 1698.940485][T30019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1698.940496][T30019] RSP: 002b:00007f30443d0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1698.940507][T30019] RAX: ffffffffffffffda RBX: 00007f3043815fa0 RCX: 00007f304359acb9
[ 1698.940514][T30019] RDX: 0000000000002020 RSI: 0000200000007fc0 RDI: 0000000000000003
[ 1698.940520][T30019] RBP: 00007f30443d0090 R08: 0000000000000000 R09: 0000000000000000
[ 1698.940527][T30019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1698.940533][T30019] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1698.940547][T30019]  </TASK>
[ 1699.559061][   T30] audit: type=1400 audit(1769008340.606:1134): avc:  denied  { name_bind } for  pid=30024 comm="syz.4.6612" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1700.218785][T30036] FAULT_INJECTION: forcing a failure.
[ 1700.218785][T30036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1700.272637][T30036] CPU: 1 UID: 0 PID: 30036 Comm: syz.6.6615 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1700.272664][T30036] Tainted: [L]=SOFTLOCKUP
[ 1700.272671][T30036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1700.272681][T30036] Call Trace:
[ 1700.272687][T30036]  <TASK>
[ 1700.272694][T30036]  dump_stack_lvl+0x100/0x190
[ 1700.272722][T30036]  should_fail_ex.cold+0x5/0xa
[ 1700.272757][T30036]  _copy_from_user+0x2e/0xd0
[ 1700.272784][T30036]  copy_msghdr_from_user+0x9f/0x4f0
[ 1700.272803][T30036]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1700.272832][T30036]  ___sys_sendmsg+0x106/0x1e0
[ 1700.272850][T30036]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1700.272884][T30036]  ? find_held_lock+0x2b/0x80
[ 1700.272922][T30036]  __sys_sendmsg+0x170/0x220
[ 1700.272950][T30036]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1700.272980][T30036]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1700.273009][T30036]  do_syscall_64+0xc9/0xf80
[ 1700.273030][T30036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1700.273048][T30036] RIP: 0033:0x7f48a5d9acb9
[ 1700.273062][T30036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1700.273079][T30036] RSP: 002b:00007f48a6bc4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1700.273097][T30036] RAX: ffffffffffffffda RBX: 00007f48a6016090 RCX: 00007f48a5d9acb9
[ 1700.273109][T30036] RDX: 0000000000000002 RSI: 0000200000000140 RDI: 0000000000000003
[ 1700.273119][T30036] RBP: 00007f48a6bc4090 R08: 0000000000000000 R09: 0000000000000000
[ 1700.273130][T30036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1700.273141][T30036] R13: 00007f48a6016128 R14: 00007f48a6016090 R15: 00007ffd26559848
[ 1700.273166][T30036]  </TASK>
[ 1700.471749][T30039] netlink: 868 bytes leftover after parsing attributes in process `syz.2.6606'.
[ 1700.757356][   T30] audit: type=1400 audit(1769008341.796:1135): avc:  denied  { listen } for  pid=30040 comm="syz.6.6616" lport=37358 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1701.142350][   T30] audit: type=1400 audit(1769008341.796:1136): avc:  denied  { accept } for  pid=30040 comm="syz.6.6616" lport=37358 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1701.167636][   T30] audit: type=1400 audit(1769008341.796:1137): avc:  denied  { read } for  pid=30040 comm="syz.6.6616" lport=37358 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1701.467791][T30060] FAULT_INJECTION: forcing a failure.
[ 1701.467791][T30060] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.481761][T30060] CPU: 1 UID: 0 PID: 30060 Comm: syz.6.6622 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1701.481788][T30060] Tainted: [L]=SOFTLOCKUP
[ 1701.481794][T30060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1701.481804][T30060] Call Trace:
[ 1701.481811][T30060]  <TASK>
[ 1701.481817][T30060]  dump_stack_lvl+0x100/0x190
[ 1701.481849][T30060]  should_fail_ex.cold+0x5/0xa
[ 1701.481880][T30060]  should_failslab+0xc2/0x120
[ 1701.481903][T30060]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1701.481923][T30060]  __kmalloc_noprof+0xf6/0x9c0
[ 1701.481946][T30060]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1701.481964][T30060]  tomoyo_realpath_from_path+0xb6/0x690
[ 1701.481989][T30060]  tomoyo_path_number_perm+0x23c/0x580
[ 1701.482015][T30060]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1701.482043][T30060]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1701.482095][T30060]  ? find_held_lock+0x2b/0x80
[ 1701.482117][T30060]  ? hook_file_ioctl_common+0x146/0x410
[ 1701.482138][T30060]  ? __fget_files+0x215/0x3d0
[ 1701.482164][T30060]  ? __fget_files+0x21f/0x3d0
[ 1701.482188][T30060]  security_file_ioctl+0xd3/0x230
[ 1701.482208][T30060]  __x64_sys_ioctl+0xb7/0x210
[ 1701.482227][T30060]  do_syscall_64+0xc9/0xf80
[ 1701.482248][T30060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1701.482265][T30060] RIP: 0033:0x7f48a5d9acb9
[ 1701.482280][T30060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1701.482297][T30060] RSP: 002b:00007f48a6be5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1701.482314][T30060] RAX: ffffffffffffffda RBX: 00007f48a6015fa0 RCX: 00007f48a5d9acb9
[ 1701.482325][T30060] RDX: 0000200000000280 RSI: 00000000400448c8 RDI: 0000000000000005
[ 1701.482335][T30060] RBP: 00007f48a6be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1701.482345][T30060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1701.482355][T30060] R13: 00007f48a6016038 R14: 00007f48a6015fa0 R15: 00007ffd26559848
[ 1701.482379][T30060]  </TASK>
[ 1701.768419][T30060] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1701.781912][T28994] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 1701.807223][T23941] hid-generic 0005:15C2:0000.001A: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[ 1701.898433][ T5897] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[ 1701.931968][T28994] usb 1-1: device descriptor read/64, error -71
[ 1702.066774][ T5897] usb 6-1: config 0 has an invalid interface number: 133 but max is 0
[ 1702.086033][ T5897] usb 6-1: config 0 has no interface number 0
[ 1702.110136][ T5897] usb 6-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1702.131033][ T5897] usb 6-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[ 1702.151495][ T5897] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1702.182054][ T5897] usb 6-1: Product: syz
[ 1702.199337][ T5897] usb 6-1: Manufacturer: syz
[ 1702.393159][ T5897] usb 6-1: SerialNumber: syz
[ 1703.206620][ T5897] usb 6-1: config 0 descriptor??
[ 1703.212422][T28994] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[ 1703.499139][ T5897] keyspan 6-1:0.133: Keyspan 1 port adapter converter detected
[ 1703.519478][ T5897] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 81
[ 1703.534102][T28994] usb 1-1: device descriptor read/64, error -71
[ 1703.540551][ T5897] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 1
[ 1703.549904][ T5897] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 2
[ 1703.562248][ T5897] usb 6-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[ 1703.588241][ T5897] usb 6-1: USB disconnect, device number 13
[ 1703.611689][ T5897] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[ 1703.637699][ T5897] keyspan 6-1:0.133: device disconnected
[ 1703.649878][T30094] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6632'.
[ 1703.652147][T28994] usb usb1-port1: attempt power cycle
[ 1703.744162][   T30] audit: type=1400 audit(1769008344.796:1138): avc:  denied  { watch } for  pid=30095 comm="syz.6.6633" path="/proc/324/map_files" dev="proc" ino=136549 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1703.769412][   T30] audit: type=1400 audit(1769008344.796:1139): avc:  denied  { watch_sb watch_reads } for  pid=30095 comm="syz.6.6633" path="/proc/324/map_files" dev="proc" ino=136549 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 1703.887262][T30103] FAULT_INJECTION: forcing a failure.
[ 1703.887262][T30103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1703.900556][T30103] CPU: 1 UID: 0 PID: 30103 Comm: syz.6.6635 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1703.900574][T30103] Tainted: [L]=SOFTLOCKUP
[ 1703.900578][T30103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1703.900585][T30103] Call Trace:
[ 1703.900589][T30103]  <TASK>
[ 1703.900594][T30103]  dump_stack_lvl+0x100/0x190
[ 1703.900612][T30103]  should_fail_ex.cold+0x5/0xa
[ 1703.900632][T30103]  _copy_to_user+0x32/0xd0
[ 1703.900648][T30103]  simple_read_from_buffer+0xcb/0x170
[ 1703.900663][T30103]  proc_fail_nth_read+0x1af/0x230
[ 1703.900679][T30103]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1703.900695][T30103]  ? rw_verify_area+0xce/0x6d0
[ 1703.900706][T30103]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1703.900721][T30103]  vfs_read+0x1e4/0xb30
[ 1703.900734][T30103]  ? __pfx_vfs_read+0x10/0x10
[ 1703.900745][T30103]  ? find_held_lock+0x2b/0x80
[ 1703.900761][T30103]  ? __fget_files+0x215/0x3d0
[ 1703.900777][T30103]  ? __fget_files+0x21f/0x3d0
[ 1703.900794][T30103]  ksys_read+0x12a/0x250
[ 1703.900805][T30103]  ? __pfx_ksys_read+0x10/0x10
[ 1703.900821][T30103]  do_syscall_64+0xc9/0xf80
[ 1703.900835][T30103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1703.900847][T30103] RIP: 0033:0x7f48a5d5b58e
[ 1703.900856][T30103] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1703.900867][T30103] RSP: 002b:00007f48a6be4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1703.900878][T30103] RAX: ffffffffffffffda RBX: 00007f48a6be56c0 RCX: 00007f48a5d5b58e
[ 1703.900885][T30103] RDX: 000000000000000f RSI: 00007f48a6be50a0 RDI: 0000000000000006
[ 1703.900896][T30103] RBP: 00007f48a6be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1703.900907][T30103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1703.900917][T30103] R13: 00007f48a6016038 R14: 00007f48a6015fa0 R15: 00007ffd26559848
[ 1703.900939][T30103]  </TASK>
[ 1704.151956][T28994] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[ 1704.172617][T28994] usb 1-1: device descriptor read/8, error -71
[ 1706.326484][T30138] FAULT_INJECTION: forcing a failure.
[ 1706.326484][T30138] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1706.347336][T30138] CPU: 0 UID: 0 PID: 30138 Comm: syz.0.6645 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1706.347363][T30138] Tainted: [L]=SOFTLOCKUP
[ 1706.347370][T30138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1706.347380][T30138] Call Trace:
[ 1706.347387][T30138]  <TASK>
[ 1706.347393][T30138]  dump_stack_lvl+0x100/0x190
[ 1706.347421][T30138]  should_fail_ex.cold+0x5/0xa
[ 1706.347451][T30138]  _copy_from_user+0x2e/0xd0
[ 1706.347481][T30138]  move_addr_to_kernel+0x65/0x170
[ 1706.347500][T30138]  __sys_connect+0xb5/0x170
[ 1706.347519][T30138]  ? __pfx___sys_connect+0x10/0x10
[ 1706.347537][T30138]  ? __fget_files+0x21f/0x3d0
[ 1706.347567][T30138]  ? __pfx_ksys_write+0x10/0x10
[ 1706.347592][T30138]  __x64_sys_connect+0x72/0xb0
[ 1706.347611][T30138]  ? lockdep_hardirqs_on+0x78/0x100
[ 1706.347630][T30138]  do_syscall_64+0xc9/0xf80
[ 1706.347650][T30138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1706.347669][T30138] RIP: 0033:0x7fb01239acb9
[ 1706.347683][T30138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1706.347700][T30138] RSP: 002b:00007fb013212028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1706.347717][T30138] RAX: ffffffffffffffda RBX: 00007fb012615fa0 RCX: 00007fb01239acb9
[ 1706.347728][T30138] RDX: 000000000000000e RSI: 0000200000000080 RDI: 0000000000000005
[ 1706.347738][T30138] RBP: 00007fb013212090 R08: 0000000000000000 R09: 0000000000000000
[ 1706.347749][T30138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1706.347759][T30138] R13: 00007fb012616038 R14: 00007fb012615fa0 R15: 00007fffe4e682e8
[ 1706.347781][T30138]  </TASK>
[ 1706.663161][T30142] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6646'.
[ 1706.731730][   T30] audit: type=1400 audit(1769008347.776:1140): avc:  denied  { append } for  pid=30145 comm="syz.0.6649" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1709.130059][T30192] FAULT_INJECTION: forcing a failure.
[ 1709.130059][T30192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1709.145716][T30192] CPU: 0 UID: 0 PID: 30192 Comm: syz.5.6660 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1709.145744][T30192] Tainted: [L]=SOFTLOCKUP
[ 1709.145751][T30192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1709.145761][T30192] Call Trace:
[ 1709.145767][T30192]  <TASK>
[ 1709.145775][T30192]  dump_stack_lvl+0x100/0x190
[ 1709.145804][T30192]  should_fail_ex.cold+0x5/0xa
[ 1709.145835][T30192]  _copy_to_user+0x32/0xd0
[ 1709.145864][T30192]  simple_read_from_buffer+0xcb/0x170
[ 1709.145887][T30192]  proc_fail_nth_read+0x1af/0x230
[ 1709.145912][T30192]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1709.145937][T30192]  ? rw_verify_area+0xce/0x6d0
[ 1709.145954][T30192]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1709.145978][T30192]  vfs_read+0x1e4/0xb30
[ 1709.146000][T30192]  ? __pfx_vfs_read+0x10/0x10
[ 1709.146016][T30192]  ? find_held_lock+0x2b/0x80
[ 1709.146040][T30192]  ? __fget_files+0x215/0x3d0
[ 1709.146065][T30192]  ? __fget_files+0x21f/0x3d0
[ 1709.146093][T30192]  ksys_read+0x12a/0x250
[ 1709.146111][T30192]  ? __pfx_ksys_read+0x10/0x10
[ 1709.146137][T30192]  do_syscall_64+0xc9/0xf80
[ 1709.146159][T30192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1709.146177][T30192] RIP: 0033:0x7f304355b58e
[ 1709.146191][T30192] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1709.146208][T30192] RSP: 002b:00007f30443aefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1709.146226][T30192] RAX: ffffffffffffffda RBX: 00007f30443af6c0 RCX: 00007f304355b58e
[ 1709.146238][T30192] RDX: 000000000000000f RSI: 00007f30443af0a0 RDI: 0000000000000005
[ 1709.146248][T30192] RBP: 00007f30443af090 R08: 0000000000000000 R09: 0000000000000000
[ 1709.146258][T30192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1709.146269][T30192] R13: 00007f3043816128 R14: 00007f3043816090 R15: 00007ffe3b234568
[ 1709.146294][T30192]  </TASK>
[ 1709.906337][   T30] audit: type=1400 audit(1769008350.956:1141): avc:  denied  { write } for  pid=30216 comm="syz.6.6671" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1710.501910][ T5961] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[ 1710.609145][T30235] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6677'.
[ 1710.623344][T30235] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6677'.
[ 1710.747684][T30242] FAULT_INJECTION: forcing a failure.
[ 1710.747684][T30242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1710.761565][T30242] CPU: 0 UID: 0 PID: 30242 Comm: syz.4.6680 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1710.761591][T30242] Tainted: [L]=SOFTLOCKUP
[ 1710.761597][T30242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1710.761607][T30242] Call Trace:
[ 1710.761613][T30242]  <TASK>
[ 1710.761620][T30242]  dump_stack_lvl+0x100/0x190
[ 1710.761647][T30242]  should_fail_ex.cold+0x5/0xa
[ 1710.761677][T30242]  _copy_from_user+0x2e/0xd0
[ 1710.761701][T30242]  copy_msghdr_from_user+0x9f/0x4f0
[ 1710.761720][T30242]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1710.761749][T30242]  ___sys_sendmsg+0x106/0x1e0
[ 1710.761768][T30242]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1710.761796][T30242]  ? find_held_lock+0x2b/0x80
[ 1710.761833][T30242]  __sys_sendmsg+0x170/0x220
[ 1710.761859][T30242]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1710.761894][T30242]  do_syscall_64+0xc9/0xf80
[ 1710.761915][T30242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1710.761933][T30242] RIP: 0033:0x7f79dfb9acb9
[ 1710.761947][T30242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1710.761964][T30242] RSP: 002b:00007f79e0b0e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1710.761981][T30242] RAX: ffffffffffffffda RBX: 00007f79dfe15fa0 RCX: 00007f79dfb9acb9
[ 1710.761991][T30242] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000004
[ 1710.762001][T30242] RBP: 00007f79e0b0e090 R08: 0000000000000000 R09: 0000000000000000
[ 1710.762012][T30242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1710.762022][T30242] R13: 00007f79dfe16038 R14: 00007f79dfe15fa0 R15: 00007ffc3ad660a8
[ 1710.762046][T30242]  </TASK>
[ 1710.928954][ T5897] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1711.082692][ T5897] usb 6-1: no configurations
[ 1711.087353][ T5897] usb 6-1: can't read configurations, error -22
[ 1711.105635][   T30] audit: type=1400 audit(1769008352.156:1142): avc:  denied  { lock } for  pid=30244 comm="syz.4.6681" path="socket:[136980]" dev="sockfs" ino=136980 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1711.412344][ T5897] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1712.186020][ T5826] Bluetooth: hci4: command 0x0406 tx timeout
[ 1712.281195][ T5897] usb 6-1: no configurations
[ 1712.297639][ T5897] usb 6-1: can't read configurations, error -22
[ 1712.555223][ T5897] usb usb6-port1: attempt power cycle
[ 1712.683424][T30267] fuse: Bad value for 'fd'
[ 1712.746262][T30273] tipc: Enabling <ib:lo> not permitted
[ 1712.755840][T30273] tipc: Enabling of bearer <ib:lo> rejected, failed to enable media
[ 1712.922348][T30277] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1712.944130][T30277] team0: Port device batadv1 added
[ 1712.950940][ T5897] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1713.033282][ T5897] usb 6-1: no configurations
[ 1713.038865][ T5897] usb 6-1: can't read configurations, error -22
[ 1713.043455][T30282] FAULT_INJECTION: forcing a failure.
[ 1713.043455][T30282] name failslab, interval 1, probability 0, space 0, times 0
[ 1713.062815][T30282] CPU: 0 UID: 0 PID: 30282 Comm: syz.4.6694 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1713.062843][T30282] Tainted: [L]=SOFTLOCKUP
[ 1713.062849][T30282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1713.062860][T30282] Call Trace:
[ 1713.062867][T30282]  <TASK>
[ 1713.062874][T30282]  dump_stack_lvl+0x100/0x190
[ 1713.062902][T30282]  should_fail_ex.cold+0x5/0xa
[ 1713.062933][T30282]  should_failslab+0xc2/0x120
[ 1713.062956][T30282]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1713.062977][T30282]  __kmalloc_noprof+0xf6/0x9c0
[ 1713.063003][T30282]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1713.063021][T30282]  tomoyo_realpath_from_path+0xb6/0x690
[ 1713.063047][T30282]  tomoyo_path_number_perm+0x23c/0x580
[ 1713.063074][T30282]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1713.063102][T30282]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1713.063155][T30282]  ? find_held_lock+0x2b/0x80
[ 1713.063177][T30282]  ? hook_file_ioctl_common+0x146/0x410
[ 1713.063205][T30282]  ? __fget_files+0x215/0x3d0
[ 1713.063231][T30282]  ? __fget_files+0x21f/0x3d0
[ 1713.063256][T30282]  security_file_ioctl+0xd3/0x230
[ 1713.063276][T30282]  __x64_sys_ioctl+0xb7/0x210
[ 1713.063295][T30282]  do_syscall_64+0xc9/0xf80
[ 1713.063317][T30282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1713.063335][T30282] RIP: 0033:0x7f79dfb9acb9
[ 1713.063350][T30282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1713.063367][T30282] RSP: 002b:00007f79e0b0e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1713.063385][T30282] RAX: ffffffffffffffda RBX: 00007f79dfe15fa0 RCX: 00007f79dfb9acb9
[ 1713.063397][T30282] RDX: 0000200000000280 RSI: 000000004008af00 RDI: 0000000000000003
[ 1713.063409][T30282] RBP: 00007f79e0b0e090 R08: 0000000000000000 R09: 0000000000000000
[ 1713.063420][T30282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1713.063430][T30282] R13: 00007f79dfe16038 R14: 00007f79dfe15fa0 R15: 00007ffc3ad660a8
[ 1713.063455][T30282]  </TASK>
[ 1713.063462][T30282] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1713.388027][ T5897] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1713.415894][ T5897] usb 6-1: no configurations
[ 1713.420608][ T5897] usb 6-1: can't read configurations, error -22
[ 1713.526827][ T5897] usb usb6-port1: unable to enumerate USB device
[ 1713.584854][T30291] FAULT_INJECTION: forcing a failure.
[ 1713.584854][T30291] name failslab, interval 1, probability 0, space 0, times 0
[ 1713.598179][T30291] CPU: 1 UID: 0 PID: 30291 Comm: syz.5.6699 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1713.598206][T30291] Tainted: [L]=SOFTLOCKUP
[ 1713.598213][T30291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1713.598223][T30291] Call Trace:
[ 1713.598230][T30291]  <TASK>
[ 1713.598237][T30291]  dump_stack_lvl+0x100/0x190
[ 1713.598266][T30291]  should_fail_ex.cold+0x5/0xa
[ 1713.598296][T30291]  should_failslab+0xc2/0x120
[ 1713.598319][T30291]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1713.598338][T30291]  __kmalloc_noprof+0xf6/0x9c0
[ 1713.598363][T30291]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1713.598381][T30291]  tomoyo_realpath_from_path+0xb6/0x690
[ 1713.598407][T30291]  tomoyo_path_number_perm+0x23c/0x580
[ 1713.598433][T30291]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1713.598467][T30291]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1713.598519][T30291]  ? find_held_lock+0x2b/0x80
[ 1713.598542][T30291]  ? hook_file_ioctl_common+0x146/0x410
[ 1713.598564][T30291]  ? __fget_files+0x215/0x3d0
[ 1713.598589][T30291]  ? __fget_files+0x21f/0x3d0
[ 1713.598614][T30291]  security_file_ioctl+0xd3/0x230
[ 1713.598634][T30291]  __x64_sys_ioctl+0xb7/0x210
[ 1713.598652][T30291]  do_syscall_64+0xc9/0xf80
[ 1713.598673][T30291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1713.598691][T30291] RIP: 0033:0x7f304359acb9
[ 1713.598706][T30291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1713.598722][T30291] RSP: 002b:00007f30443d0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1713.598740][T30291] RAX: ffffffffffffffda RBX: 00007f3043815fa0 RCX: 00007f304359acb9
[ 1713.598752][T30291] RDX: 0000200000000140 RSI: 0000000040103d0b RDI: 0000000000000003
[ 1713.598763][T30291] RBP: 00007f30443d0090 R08: 0000000000000000 R09: 0000000000000000
[ 1713.598773][T30291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1713.598784][T30291] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1713.598808][T30291]  </TASK>
[ 1713.598836][T30291] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1713.830557][T30289] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1714.013843][   T30] audit: type=1400 audit(1769008355.066:1143): avc:  denied  { listen } for  pid=30300 comm="syz.5.6701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1714.148595][T30306] block device autoloading is deprecated and will be removed.
[ 1714.293729][T17389] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1714.302702][T17389] Bluetooth: hci2: Injecting HCI hardware error event
[ 1714.311576][T17389] Bluetooth: hci2: hardware error 0x00
[ 1714.914977][T30312] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1715.587832][T30319] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1716.452187][T17389] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1716.717449][T30336] input: syz0 as /devices/virtual/input/input143
[ 1716.741908][T24392] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[ 1716.912355][T24392] usb 5-1: no configurations
[ 1716.917001][T24392] usb 5-1: can't read configurations, error -22
[ 1717.072182][ T6433] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[ 1717.080551][T24392] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[ 1717.234202][ T6433] usb 1-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 55, changing to 9
[ 1717.247319][T24392] usb 5-1: no configurations
[ 1717.251998][T24392] usb 5-1: can't read configurations, error -22
[ 1717.258355][ T6433] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1717.266360][T24392] usb usb5-port1: attempt power cycle
[ 1717.271940][ T6433] usb 1-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00
[ 1717.281760][ T6433] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1717.294104][ T6433] usb 1-1: config 0 descriptor??
[ 1717.475213][    C0] Unknown status report in ack skb
[ 1717.632226][T24392] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 1717.678495][T24392] usb 5-1: no configurations
[ 1717.686909][T24392] usb 5-1: can't read configurations, error -22
[ 1717.822408][T24392] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 1717.854627][T24392] usb 5-1: no configurations
[ 1717.863102][T24392] usb 5-1: can't read configurations, error -22
[ 1717.886812][T24392] usb usb5-port1: unable to enumerate USB device
[ 1717.926798][T30365] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6720'.
[ 1718.038533][T30367] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6721'.
[ 1718.182860][T30367] CIFS mount error: No usable UNC path provided in device string!
[ 1718.182860][T30367] 
[ 1718.195621][T30373] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6723'.
[ 1718.205451][T30367] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1718.261363][T30367] netlink: 6716 bytes leftover after parsing attributes in process `syz.5.6721'.
[ 1718.357306][T30371] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1719.570352][T30388] FAULT_INJECTION: forcing a failure.
[ 1719.570352][T30388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1719.583924][T30388] CPU: 1 UID: 0 PID: 30388 Comm: syz.5.6729 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1719.583951][T30388] Tainted: [L]=SOFTLOCKUP
[ 1719.583958][T30388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1719.583968][T30388] Call Trace:
[ 1719.583974][T30388]  <TASK>
[ 1719.583981][T30388]  dump_stack_lvl+0x100/0x190
[ 1719.584009][T30388]  should_fail_ex.cold+0x5/0xa
[ 1719.584038][T30388]  _copy_from_user+0x2e/0xd0
[ 1719.584063][T30388]  move_addr_to_kernel+0x65/0x170
[ 1719.584081][T30388]  __sys_sendto+0x1c9/0x520
[ 1719.584103][T30388]  ? __pfx___sys_sendto+0x10/0x10
[ 1719.584143][T30388]  ? ksys_write+0x1ac/0x250
[ 1719.584162][T30388]  ? __pfx_ksys_write+0x10/0x10
[ 1719.584183][T30388]  __x64_sys_sendto+0xe0/0x1c0
[ 1719.584203][T30388]  ? do_syscall_64+0x94/0xf80
[ 1719.584220][T30388]  ? lockdep_hardirqs_on+0x78/0x100
[ 1719.584237][T30388]  do_syscall_64+0xc9/0xf80
[ 1719.584257][T30388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1719.584275][T30388] RIP: 0033:0x7f304359acb9
[ 1719.584289][T30388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1719.584306][T30388] RSP: 002b:00007f30443d0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1719.584323][T30388] RAX: ffffffffffffffda RBX: 00007f3043815fa0 RCX: 00007f304359acb9
[ 1719.584335][T30388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000d
[ 1719.584344][T30388] RBP: 00007f30443d0090 R08: 0000200000000180 R09: 0000000000000014
[ 1719.584355][T30388] R10: 0000000000044010 R11: 0000000000000246 R12: 0000000000000001
[ 1719.584366][T30388] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1719.584389][T30388]  </TASK>
[ 1719.940616][ T6433] usbhid 1-1:0.0: can't add hid device: -71
[ 1719.947896][ T6433] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1719.971426][T30397] 8021q: VLANs not supported on xfrm0
[ 1719.990926][ T6433] usb 1-1: USB disconnect, device number 50
[ 1721.030548][T30404] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1721.481941][T24392] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1721.489532][   T30] audit: type=1400 audit(1769008362.536:1144): avc:  denied  { accept } for  pid=30413 comm="syz.4.6733" laddr=::1 lport=60801 faddr=::1 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1721.582521][T17389] Bluetooth: hci1: command 0x0406 tx timeout
[ 1721.621216][T30418] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6734'.
[ 1721.663771][T24392] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1721.684343][T24392] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1721.700909][T24392] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1721.716529][T24392] usb 6-1: SerialNumber: syz
[ 1721.721987][ T6433] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[ 1721.873256][ T6433] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1721.893637][ T6433] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1721.914636][ T6433] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[ 1721.931937][ T6433] usb 1-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[ 1721.961957][ T6433] usb 1-1: Manufacturer: syz
[ 1721.976554][ T6433] usb 1-1: config 0 descriptor??
[ 1721.990463][ T6433] uvcvideo 1-1:0.0: Found UVC 0.00 device <unnamed> (18ec:3288)
[ 1721.998205][ T6433] uvcvideo 1-1:0.0: No valid video chain found.
[ 1722.407742][T24392] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.5-1, CDC Ethernet Device, 42:42:42:42:42:42
[ 1722.837036][ T6003] usb 6-1: USB disconnect, device number 18
[ 1722.844920][ T6003] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.5-1, CDC Ethernet Device
[ 1723.262873][T28994] usb 1-1: USB disconnect, device number 51
[ 1723.322598][ T6433] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1723.471961][ T6433] usb 7-1: Using ep0 maxpacket: 8
[ 1723.478346][ T6433] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[ 1723.487995][ T6433] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1723.497760][ T6433] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1723.507601][ T6433] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1723.518036][ T6433] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1723.531086][ T6433] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1723.540131][ T6433] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1723.641918][ T6003] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1723.641971][T28994] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[ 1723.751352][ T6433] usb 7-1: GET_CAPABILITIES returned 0
[ 1723.756947][ T6433] usbtmc 7-1:16.0: can't read capabilities
[ 1723.801965][T28994] usb 1-1: Using ep0 maxpacket: 8
[ 1723.808283][T28994] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1723.812051][ T6003] usb 6-1: Using ep0 maxpacket: 8
[ 1723.816639][T28994] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1723.825835][ T6003] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1723.831228][T28994] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1723.839796][ T6003] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1723.849070][T28994] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1723.859042][ T6003] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1723.859067][ T6003] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1723.859087][ T6003] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1723.859120][ T6003] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1723.859138][ T6003] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1723.920402][T28994] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1723.933535][T28994] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1723.943272][T28994] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1723.952765][T30461] FAULT_INJECTION: forcing a failure.
[ 1723.952765][T30461] name failslab, interval 1, probability 0, space 0, times 0
[ 1723.965934][T30461] CPU: 1 UID: 0 PID: 30461 Comm: syz.6.6742 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1723.965960][T30461] Tainted: [L]=SOFTLOCKUP
[ 1723.965967][T30461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1723.965977][T30461] Call Trace:
[ 1723.965987][T30461]  <TASK>
[ 1723.965993][T30461]  dump_stack_lvl+0x100/0x190
[ 1723.966020][T30461]  should_fail_ex.cold+0x5/0xa
[ 1723.966052][T30461]  should_failslab+0xc2/0x120
[ 1723.966074][T30461]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1723.966093][T30461]  __kmalloc_noprof+0xf6/0x9c0
[ 1723.966116][T30461]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1723.966135][T30461]  tomoyo_realpath_from_path+0xb6/0x690
[ 1723.966159][T30461]  tomoyo_path_number_perm+0x23c/0x580
[ 1723.966185][T30461]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1723.966212][T30461]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1723.966262][T30461]  ? find_held_lock+0x2b/0x80
[ 1723.966285][T30461]  ? hook_file_ioctl_common+0x146/0x410
[ 1723.966306][T30461]  ? __fget_files+0x215/0x3d0
[ 1723.966331][T30461]  ? __fget_files+0x21f/0x3d0
[ 1723.966357][T30461]  security_file_ioctl+0xd3/0x230
[ 1723.966377][T30461]  __x64_sys_ioctl+0xb7/0x210
[ 1723.966396][T30461]  do_syscall_64+0xc9/0xf80
[ 1723.966422][T30461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1723.966440][T30461] RIP: 0033:0x7f48a5d9acb9
[ 1723.966454][T30461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1723.966470][T30461] RSP: 002b:00007f48a6be5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1723.966487][T30461] RAX: ffffffffffffffda RBX: 00007f48a6015fa0 RCX: 00007f48a5d9acb9
[ 1723.966498][T30461] RDX: 0000000000000000 RSI: 0000000000005b14 RDI: 0000000000000004
[ 1723.966509][T30461] RBP: 00007f48a6be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1723.966519][T30461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1723.966529][T30461] R13: 00007f48a6016038 R14: 00007f48a6015fa0 R15: 00007ffd26559848
[ 1723.966554][T30461]  </TASK>
[ 1723.966579][T30461] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1724.165686][T28994] usb 1-1: GET_CAPABILITIES returned 0
[ 1724.171216][ T6003] usb 6-1: GET_CAPABILITIES returned 0
[ 1724.185561][T28994] usbtmc 1-1:16.0: can't read capabilities
[ 1724.188169][ T6003] usbtmc 6-1:16.0: can't read capabilities
[ 1724.206853][T24392] usb 7-1: USB disconnect, device number 3
[ 1724.248523][T30486] tipc: Started in network mode
[ 1724.253414][T30486] tipc: Node identity 4, cluster identity 4711
[ 1724.259549][T30486] tipc: Node number set to 4
[ 1724.286945][T30482] FAULT_INJECTION: forcing a failure.
[ 1724.286945][T30482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1724.300175][T30482] CPU: 1 UID: 0 PID: 30482 Comm: syz.5.6747 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1724.300202][T30482] Tainted: [L]=SOFTLOCKUP
[ 1724.300209][T30482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1724.300220][T30482] Call Trace:
[ 1724.300226][T30482]  <TASK>
[ 1724.300234][T30482]  dump_stack_lvl+0x100/0x190
[ 1724.300262][T30482]  should_fail_ex.cold+0x5/0xa
[ 1724.300295][T30482]  _copy_to_user+0x32/0xd0
[ 1724.300321][T30482]  simple_read_from_buffer+0xcb/0x170
[ 1724.300344][T30482]  proc_fail_nth_read+0x1af/0x230
[ 1724.300370][T30482]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1724.300396][T30482]  ? rw_verify_area+0xce/0x6d0
[ 1724.300413][T30482]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1724.300436][T30482]  vfs_read+0x1e4/0xb30
[ 1724.300458][T30482]  ? __pfx_vfs_read+0x10/0x10
[ 1724.300475][T30482]  ? find_held_lock+0x2b/0x80
[ 1724.300500][T30482]  ? __fget_files+0x215/0x3d0
[ 1724.300526][T30482]  ? __fget_files+0x21f/0x3d0
[ 1724.300553][T30482]  ksys_read+0x12a/0x250
[ 1724.300573][T30482]  ? __pfx_ksys_read+0x10/0x10
[ 1724.300593][T30482]  ? fdget+0x18b/0x210
[ 1724.300617][T30482]  do_syscall_64+0xc9/0xf80
[ 1724.300638][T30482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1724.300657][T30482] RIP: 0033:0x7f304355b58e
[ 1724.300672][T30482] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1724.300690][T30482] RSP: 002b:00007f30443cffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1724.300708][T30482] RAX: ffffffffffffffda RBX: 00007f30443d06c0 RCX: 00007f304355b58e
[ 1724.300720][T30482] RDX: 000000000000000f RSI: 00007f30443d00a0 RDI: 0000000000000004
[ 1724.300731][T30482] RBP: 00007f30443d0090 R08: 0000000000000000 R09: 0000000000000000
[ 1724.300742][T30482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1724.300752][T30482] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1724.300778][T30482]  </TASK>
[ 1724.512349][T28994] usb 6-1: USB disconnect, device number 19
[ 1724.556477][ T6433] usb 1-1: USB disconnect, device number 52
[ 1724.664924][    C0] Unknown status report in ack skb
[ 1724.901919][T28994] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1725.030191][T30502] 9pnet_virtio: no channels available for device syz
[ 1725.038715][T30502] ubi31: attaching mtd0
[ 1725.045026][T30502] ubi31: scanning is finished
[ 1725.049691][T30502] ubi31: empty MTD device detected
[ 1725.064984][T28994] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1725.078448][T28994] usb 6-1: config 0 has no interfaces?
[ 1725.083988][T28994] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1725.101485][T28994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1725.127865][   T30] audit: type=1400 audit(1769008366.176:1145): avc:  denied  { connect } for  pid=30504 comm="syz.0.6756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1725.234408][T28994] usb 6-1: config 0 descriptor??
[ 1725.269195][T30502] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1725.278139][T30502] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1725.657474][T30502] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1725.768774][T30502] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1726.166939][T30502] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1726.174054][T30502] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1726.192815][T30502] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 674250993
[ 1726.209154][T30502] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1726.800496][T30507] ubi31: background thread "ubi_bgt31d" started, PID 30507
[ 1726.973093][T30508] Set syz1 is full, maxelem 65536 reached
[ 1727.579316][T30121] usb 6-1: USB disconnect, device number 20
[ 1728.742236][T30583] geneve2: entered promiscuous mode
[ 1728.747488][T30583] geneve2: entered allmulticast mode
[ 1728.776620][T30584] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6774'.
[ 1728.792447][   T30] audit: type=1400 audit(1769008369.836:1146): avc:  denied  { watch } for  pid=30574 comm="syz.6.6774" path="/128" dev="tmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1729.086177][   T30] audit: type=1400 audit(1769008369.836:1147): avc:  denied  { watch_sb watch_reads } for  pid=30574 comm="syz.6.6774" path="/128" dev="tmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1729.113660][   T30] audit: type=1400 audit(1769008369.836:1148): avc:  denied  { watch } for  pid=30574 comm="syz.6.6774" path="/128" dev="tmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1729.355472][   T30] audit: type=1800 audit(1769008370.406:1149): pid=30578 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.6775" name="/" dev="fuse" ino=9 res=0 errno=0
[ 1729.628341][T30591] program syz.6.6778 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1729.729659][T30592] fuse: Bad value for 'fd'
[ 1729.753191][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1729.759603][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.088508][T30593] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30593 comm=syz.0.6777
[ 1730.986141][T30607] netlink: 'syz.5.6783': attribute type 12 has an invalid length.
[ 1731.616706][   T30] audit: type=1400 audit(1769008372.666:1150): avc:  denied  { write } for  pid=30598 comm="syz.4.6781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1731.755167][T29020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1731.766242][T29020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1731.796943][T29020] bond0 (unregistering): Released all slaves
[ 1732.728362][T29020] tipc: Left network mode
[ 1733.961963][T30645] netlink: 132 bytes leftover after parsing attributes in process `syz.5.6789'.
[ 1734.198634][T29020] hsr_slave_0: left promiscuous mode
[ 1734.212432][T29020] hsr_slave_1: left promiscuous mode
[ 1734.232443][T29020] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1734.480662][T30652] faux_driver vgem: [drm] Unknown color mode 181; guessing buffer size.
[ 1734.499237][T29020] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1734.588996][T29020] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1734.604190][T29020] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1734.729740][T29020] veth1_macvtap: left promiscuous mode
[ 1734.735328][T29020] veth0_macvtap: left promiscuous mode
[ 1734.740857][T29020] veth1_vlan: left promiscuous mode
[ 1734.751665][T29020] veth0_vlan: left promiscuous mode
[ 1735.721000][T29020] team0 (unregistering): Port device team_slave_1 removed
[ 1735.794680][T29020] team0 (unregistering): Port device team_slave_0 removed
[ 1736.645501][T30683] netlink: 'syz.2.6804': attribute type 1 has an invalid length.
[ 1737.122182][T28679] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1737.149816][T30683] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1737.321945][T28679] usb 7-1: Using ep0 maxpacket: 8
[ 1737.757796][T28679] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1737.785585][T30693] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1737.815670][T28679] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1737.845306][T28679] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1737.872621][T28679] usb 7-1: config 0 descriptor??
[ 1738.266403][T28679] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1738.400334][T30704] NILFS (nullb0): couldn't find nilfs on the device
[ 1738.438922][   T30] audit: type=1400 audit(1769008379.486:1151): avc:  denied  { open } for  pid=30679 comm="syz.6.6803" path="/dev/ptyr1" dev="devtmpfs" ino=136 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1738.504273][   T30] audit: type=1400 audit(1769008379.556:1152): avc:  denied  { ioctl } for  pid=30679 comm="syz.6.6803" path="/dev/ptyr1" dev="devtmpfs" ino=136 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1738.585420][T24392] usb 7-1: USB disconnect, device number 4
[ 1738.766546][T30712] tmpfs: Unknown parameter 'òÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿ
[ 1739.024876][T30717] FAULT_INJECTION: forcing a failure.
[ 1739.024876][T30717] name failslab, interval 1, probability 0, space 0, times 0
[ 1739.142312][T30717] CPU: 1 UID: 0 PID: 30717 Comm: syz.5.6812 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1739.142339][T30717] Tainted: [L]=SOFTLOCKUP
[ 1739.142346][T30717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1739.142357][T30717] Call Trace:
[ 1739.142363][T30717]  <TASK>
[ 1739.142370][T30717]  dump_stack_lvl+0x100/0x190
[ 1739.142398][T30717]  should_fail_ex.cold+0x5/0xa
[ 1739.142428][T30717]  should_failslab+0xc2/0x120
[ 1739.142450][T30717]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1739.142471][T30717]  __kmalloc_noprof+0xf6/0x9c0
[ 1739.142496][T30717]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1739.142515][T30717]  tomoyo_realpath_from_path+0xb6/0x690
[ 1739.142540][T30717]  tomoyo_path_number_perm+0x23c/0x580
[ 1739.142567][T30717]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1739.142595][T30717]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1739.142647][T30717]  ? find_held_lock+0x2b/0x80
[ 1739.142669][T30717]  ? hook_file_ioctl_common+0x146/0x410
[ 1739.142691][T30717]  ? __fget_files+0x215/0x3d0
[ 1739.142716][T30717]  ? __fget_files+0x21f/0x3d0
[ 1739.142740][T30717]  security_file_ioctl+0xd3/0x230
[ 1739.142760][T30717]  __x64_sys_ioctl+0xb7/0x210
[ 1739.142780][T30717]  do_syscall_64+0xc9/0xf80
[ 1739.142802][T30717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1739.142819][T30717] RIP: 0033:0x7f304359acb9
[ 1739.142835][T30717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1739.142851][T30717] RSP: 002b:00007f30443d0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1739.142869][T30717] RAX: ffffffffffffffda RBX: 00007f3043815fa0 RCX: 00007f304359acb9
[ 1739.142881][T30717] RDX: 0000200000000340 RSI: 000000004008af04 RDI: 0000000000000003
[ 1739.142893][T30717] RBP: 00007f30443d0090 R08: 0000000000000000 R09: 0000000000000000
[ 1739.142903][T30717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1739.142914][T30717] R13: 00007f3043816038 R14: 00007f3043815fa0 R15: 00007ffe3b234568
[ 1739.142939][T30717]  </TASK>
[ 1739.142950][T30717] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1740.131778][T30726] sch_fq: defrate 4294967295 ignored.
[ 1740.276144][    C0] wlan1: beacon TX faster than countdown (channel/color switch) completion
[ 1740.754406][T30734] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1740.913321][   T30] audit: type=1400 audit(1769008381.966:1153): avc:  denied  { setopt } for  pid=30739 comm="syz.4.6818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1741.375316][   T30] audit: type=1400 audit(1769008382.416:1154): avc:  denied  { append } for  pid=30745 comm="syz.6.6820" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1742.262203][T30753] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6821'.
[ 1742.660266][   T30] audit: type=1326 audit(1769008383.706:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30745 comm="syz.6.6820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48a5d9acb9 code=0x7ffc0000
[ 1742.778207][   T30] audit: type=1326 audit(1769008383.786:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30745 comm="syz.6.6820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48a5d9acb9 code=0x7ffc0000
[ 1742.802256][   T30] audit: type=1326 audit(1769008383.786:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30745 comm="syz.6.6820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f48a5d9acb9 code=0x7ffc0000
[ 1742.827002][   T30] audit: type=1326 audit(1769008383.786:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30745 comm="syz.6.6820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48a5d9acb9 code=0x7ffc0000
[ 1742.877258][   T30] audit: type=1326 audit(1769008383.786:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30745 comm="syz.6.6820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f48a5d9acb9 code=0x7ffc0000
[ 1742.986183][   T30] audit: type=1326 audit(1769008383.786:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30745 comm="syz.6.6820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48a5d9acb9 code=0x7ffc0000
[ 1743.988544][T30767] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1747.452101][ T6433] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1747.824000][ T6433] usb 7-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1747.837803][ T6433] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1747.854832][ T6433] usb 7-1: Product: syz
[ 1747.860148][ T6433] usb 7-1: Manufacturer: syz
[ 1747.865602][ T6433] usb 7-1: SerialNumber: syz
[ 1747.876953][ T6433] usb 7-1: config 0 descriptor??
[ 1748.308804][ T6433] usb 7-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1748.402741][T30824] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=30824 comm=syz.4.6844
[ 1748.512746][T30801] autofs: Unknown parameter 'autofs'
[ 1748.674456][T30826] netlink: 'syz.4.6844': attribute type 1 has an invalid length.
[ 1749.070836][T30826] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1749.087178][T30827] bond1: (slave dummy0): making interface the new active one
[ 1749.096320][T30827] bond1: (slave dummy0): Enslaving as an active interface with an up link
[ 1749.128128][T30801] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1749.208580][T30801] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1749.786895][ T6433] usb 7-1: failed to fetch extended address, random address set
[ 1750.357422][ T5961] usb 7-1: USB disconnect, device number 5
[ 1750.420639][T30843] program syz.6.6849 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1752.241908][T30121] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1752.813092][T30121] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1752.840943][T30121] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1752.899105][T30121] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1752.908258][T30121] usb 7-1: SerialNumber: syz
[ 1753.365435][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1753.365471][   T30] audit: type=1400 audit(1769008394.416:1184): avc:  denied  { name_bind } for  pid=30864 comm="syz.6.6857" src=28194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[ 1753.450965][T30121] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71
[ 1753.469832][T30121] usb 7-1: USB disconnect, device number 6
[ 1753.745238][T30894] FAULT_INJECTION: forcing a failure.
[ 1753.745238][T30894] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1753.795134][T30894] CPU: 0 UID: 0 PID: 30894 Comm: syz.5.6865 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1753.795161][T30894] Tainted: [L]=SOFTLOCKUP
[ 1753.795168][T30894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1753.795177][T30894] Call Trace:
[ 1753.795183][T30894]  <TASK>
[ 1753.795190][T30894]  dump_stack_lvl+0x100/0x190
[ 1753.795217][T30894]  should_fail_ex.cold+0x5/0xa
[ 1753.795248][T30894]  _copy_from_user+0x2e/0xd0
[ 1753.795273][T30894]  copy_msghdr_from_user+0x9f/0x4f0
[ 1753.795292][T30894]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1753.795312][T30894]  ? _kstrtoull+0x13c/0x1f0
[ 1753.795327][T30894]  ? __pfx__kstrtoull+0x10/0x10
[ 1753.795354][T30894]  ___sys_sendmsg+0x106/0x1e0
[ 1753.795373][T30894]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1753.795417][T30894]  __sys_sendmmsg+0x205/0x430
[ 1753.795442][T30894]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1753.795470][T30894]  ? __fget_files+0x215/0x3d0
[ 1753.795491][T30894]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1753.795520][T30894]  ? fput+0x79/0x100
[ 1753.795542][T30894]  ? ksys_write+0x1ac/0x250
[ 1753.795559][T30894]  ? __pfx_ksys_write+0x10/0x10
[ 1753.795577][T30894]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1753.795603][T30894]  __x64_sys_sendmmsg+0x9c/0x100
[ 1753.795625][T30894]  ? lockdep_hardirqs_on+0x78/0x100
[ 1753.795643][T30894]  do_syscall_64+0xc9/0xf80
[ 1753.795663][T30894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1753.795682][T30894] RIP: 0033:0x7f304359acb9
[ 1753.795696][T30894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1753.795712][T30894] RSP: 002b:00007f30443af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1753.795729][T30894] RAX: ffffffffffffffda RBX: 00007f3043816090 RCX: 00007f304359acb9
[ 1753.795740][T30894] RDX: 0000000000000001 RSI: 0000200000004980 RDI: 0000000000000003
[ 1753.795751][T30894] RBP: 00007f30443af090 R08: 0000000000000000 R09: 0000000000000000
[ 1753.795762][T30894] R10: 0000000020008000 R11: 0000000000000246 R12: 0000000000000001
[ 1753.795772][T30894] R13: 00007f3043816128 R14: 00007f3043816090 R15: 00007ffe3b234568
[ 1753.795794][T30894]  </TASK>
[ 1754.250554][T30901] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6867'.
[ 1755.108665][T30903] netlink: 'syz.0.6868': attribute type 3 has an invalid length.
[ 1756.880155][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1757.912518][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1757.950985][   T51] bond0 (unregistering): (slave dummy0): Releasing backup interface
[ 1757.964059][   T51] bond0 (unregistering): Released all slaves
[ 1758.011888][ T5897] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 1758.095626][   T51] [†’Ì: left promiscuous mode
[ 1758.182631][ T5897] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1758.202791][   T30] audit: type=1400 audit(1769008399.226:1185): avc:  denied  { read write } for  pid=30942 comm="syz.4.6881" name="mouse0" dev="devtmpfs" ino=987 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1758.234372][   T30] audit: type=1400 audit(1769008399.226:1186): avc:  denied  { open } for  pid=30942 comm="syz.4.6881" path="/dev/input/mouse0" dev="devtmpfs" ino=987 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1758.271375][ T5897] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1758.283200][ T5897] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1758.291225][ T5897] usb 6-1: SerialNumber: syz
[ 1758.334821][   T51] tipc: Left network mode
[ 1758.403239][T30944] FAULT_INJECTION: forcing a failure.
[ 1758.403239][T30944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1758.437214][T30944] CPU: 1 UID: 0 PID: 30944 Comm: syz.4.6881 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1758.437245][T30944] Tainted: [L]=SOFTLOCKUP
[ 1758.437252][T30944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1758.437262][T30944] Call Trace:
[ 1758.437269][T30944]  <TASK>
[ 1758.437275][T30944]  dump_stack_lvl+0x100/0x190
[ 1758.437303][T30944]  should_fail_ex.cold+0x5/0xa
[ 1758.437333][T30944]  copy_fpstate_to_sigframe+0x7fe/0xaa0
[ 1758.437351][T30944]  ? do_raw_spin_lock+0x128/0x260
[ 1758.437375][T30944]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 1758.437397][T30944]  ? posixtimer_deliver_signal+0x3da/0x6b0
[ 1758.437419][T30944]  ? x86_task_fpu+0x5f/0x90
[ 1758.437445][T30944]  get_sigframe+0x3fb/0x940
[ 1758.437475][T30944]  ? __pfx_get_sigframe+0x10/0x10
[ 1758.437499][T30944]  ? rcu_is_watching+0x12/0xc0
[ 1758.437522][T30944]  ? siginfo_layout+0x156/0x290
[ 1758.437550][T30944]  x64_setup_rt_frame+0x12f/0xce0
[ 1758.437580][T30944]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 1758.437607][T30944]  ? __mutex_unlock_slowpath+0x15c/0x790
[ 1758.437631][T30944]  arch_do_signal_or_restart+0x59e/0x7a0
[ 1758.437658][T30944]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1758.437691][T30944]  ? ksys_write+0x1ac/0x250
[ 1758.437716][T30944]  exit_to_user_mode_loop+0x86/0x4b0
[ 1758.437735][T30944]  ? rcu_is_watching+0x12/0xc0
[ 1758.437758][T30944]  do_syscall_64+0x4fe/0xf80
[ 1758.437779][T30944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1758.437797][T30944] RIP: 0033:0x7f79dfb5b58e
[ 1758.437811][T30944] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1758.437828][T30944] RSP: 002b:00007f79e0b0dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1758.437845][T30944] RAX: 0000000000000001 RBX: 00007f79e0b0e6c0 RCX: 00007f79dfb5b58e
[ 1758.437855][T30944] RDX: 0000000000000001 RSI: 00007f79e0b0e090 RDI: 0000000000000004
[ 1758.437866][T30944] RBP: 00007f79e0b0e090 R08: 0000000000000000 R09: 0000000000000000
[ 1758.437876][T30944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1758.437886][T30944] R13: 00007f79dfe16038 R14: 00007f79dfe15fa0 R15: 00007ffc3ad660a8
[ 1758.437909][T30944]  </TASK>
[ 1758.803722][T26005] Bluetooth: hci4: unexpected event for opcode 0x1002
[ 1758.843557][   T51] hsr_slave_0: left promiscuous mode
[ 1758.857589][   T51] hsr_slave_1: left promiscuous mode
[ 1758.871321][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1758.895524][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1758.914661][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1758.928493][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1758.957650][ T5897] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71
[ 1759.040974][ T5961] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1759.241935][ T5961] usb 5-1: Using ep0 maxpacket: 8
[ 1759.260815][ T5961] usb 5-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[ 1759.295045][   T51] veth1_macvtap: left promiscuous mode
[ 1759.300514][   T51] veth0_macvtap: left promiscuous mode
[ 1759.316816][   T51] veth1_vlan: left promiscuous mode
[ 1759.346584][   T51] veth0_vlan: left promiscuous mode
[ 1759.428924][ T5961] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1759.437415][ T5897] usb 6-1: USB disconnect, device number 21
[ 1759.573952][ T5961] usb 5-1: Product: syz
[ 1760.027721][ T5961] usb 5-1: Manufacturer: syz
[ 1760.047363][ T5961] usb 5-1: SerialNumber: syz
[ 1760.139894][ T5961] usb 5-1: config 0 descriptor??
[ 1760.157146][ T5961] gspca_main: sq905-2.14.0 probing 2770:9120
[ 1760.252915][T30967] Invalid source name
[ 1760.298063][T30967] UBIFS error (pid: 30967): cannot open "./file0", error -22
[ 1760.403592][T30971] netlink: 'syz.5.6890': attribute type 13 has an invalid length.
[ 1760.922554][   T51] team0 (unregistering): Port device team_slave_1 removed
[ 1761.031622][   T51] team0 (unregistering): Port device team_slave_0 removed
[ 1761.140021][ T5961] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[ 1761.151050][ T5961] sq905 5-1:0.0: probe with driver sq905 failed with error -110
[ 1761.691523][T30987] FAULT_INJECTION: forcing a failure.
[ 1761.691523][T30987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1761.759656][T30987] CPU: 0 UID: 0 PID: 30987 Comm: syz.0.6893 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1761.759688][T30987] Tainted: [L]=SOFTLOCKUP
[ 1761.759694][T30987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1761.759705][T30987] Call Trace:
[ 1761.759711][T30987]  <TASK>
[ 1761.759719][T30987]  dump_stack_lvl+0x100/0x190
[ 1761.759746][T30987]  should_fail_ex.cold+0x5/0xa
[ 1761.759777][T30987]  _copy_from_user+0x2e/0xd0
[ 1761.759800][T30987]  io_submit_one+0xbd/0x1fb0
[ 1761.759827][T30987]  ? __lock_acquire+0x4a5/0x2630
[ 1761.759845][T30987]  ? rcu_is_watching+0x12/0xc0
[ 1761.759867][T30987]  ? irqentry_exit+0x180/0x670
[ 1761.759885][T30987]  ? lockdep_hardirqs_on+0x78/0x100
[ 1761.759903][T30987]  ? __pfx_io_submit_one+0x10/0x10
[ 1761.759935][T30987]  ? __might_fault+0xc5/0x140
[ 1761.759960][T30987]  ? __x64_sys_io_submit+0x1b1/0x3a0
[ 1761.759984][T30987]  __x64_sys_io_submit+0x1b1/0x3a0
[ 1761.760012][T30987]  ? __pfx___x64_sys_io_submit+0x10/0x10
[ 1761.760044][T30987]  ? rcu_is_watching+0x12/0xc0
[ 1761.760068][T30987]  do_syscall_64+0xc9/0xf80
[ 1761.760094][T30987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1761.760112][T30987] RIP: 0033:0x7fb01239acb9
[ 1761.760127][T30987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1761.760144][T30987] RSP: 002b:00007fb013212028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 1761.760162][T30987] RAX: ffffffffffffffda RBX: 00007fb012615fa0 RCX: 00007fb01239acb9
[ 1761.760174][T30987] RDX: 0000200000000000 RSI: 0000000000000001 RDI: 00007fb0131f1000
[ 1761.760185][T30987] RBP: 00007fb013212090 R08: 0000000000000000 R09: 0000000000000000
[ 1761.760195][T30987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1761.760205][T30987] R13: 00007fb012616038 R14: 00007fb012615fa0 R15: 00007fffe4e682e8
[ 1761.760229][T30987]  </TASK>
[ 1762.160350][ T6433] infiniband syz1: ib_query_port failed (-19)
[ 1762.259640][T30989] netlink: 828 bytes leftover after parsing attributes in process `syz.2.6895'.
[ 1762.284684][T30971] gretap0: refused to change device tx_queue_len
[ 1762.299073][T30971] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1763.635168][T24392] usb 5-1: USB disconnect, device number 54
[ 1765.298087][T31022] ubi: mtd0 is already attached to ubi31
[ 1767.831931][T13947] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1768.021447][T13947] usb 5-1: Using ep0 maxpacket: 16
[ 1768.232260][T24392] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1768.450200][T13947] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1768.460161][T13947] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[ 1768.470000][T13947] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1768.484402][T13947] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1768.495239][T13947] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1768.510498][T13947] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1768.525706][T13947] usb 5-1: Product: syz
[ 1768.538110][T13947] usb 5-1: Manufacturer: syz
[ 1768.552795][T13947] usb 5-1: SerialNumber: syz
[ 1768.642638][T24392] usb 7-1: Using ep0 maxpacket: 16
[ 1768.652504][T24392] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1768.676636][T24392] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[ 1768.775373][T13947] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 55 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[ 1768.791197][T24392] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1768.836206][T24392] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1768.860386][T24392] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1768.880942][T24392] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1768.909214][T24392] usb 7-1: Product: syz
[ 1768.913457][T24392] usb 7-1: Manufacturer: syz
[ 1768.918046][T24392] usb 7-1: SerialNumber: syz
[ 1769.342558][T31045] FAULT_INJECTION: forcing a failure.
[ 1769.342558][T31045] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1769.356124][T24392] usblp 7-1:1.0: usblp1: USB Unidirectional printer dev 7 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[ 1769.364277][   T30] audit: type=1400 audit(1769008410.306:1187): avc:  denied  { getopt } for  pid=31072 comm="syz.0.6918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1769.417967][   T30] audit: type=1400 audit(1769008410.316:1188): avc:  denied  { setattr } for  pid=31072 comm="syz.0.6918" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1769.452468][T31045] CPU: 1 UID: 0 PID: 31045 Comm: syz.4.6912 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1769.452494][T31045] Tainted: [L]=SOFTLOCKUP
[ 1769.452500][T31045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1769.452511][T31045] Call Trace:
[ 1769.452517][T31045]  <TASK>
[ 1769.452524][T31045]  dump_stack_lvl+0x100/0x190
[ 1769.452553][T31045]  should_fail_ex.cold+0x5/0xa
[ 1769.452584][T31045]  _copy_to_user+0x32/0xd0
[ 1769.452609][T31045]  simple_read_from_buffer+0xcb/0x170
[ 1769.452630][T31045]  proc_fail_nth_read+0x1af/0x230
[ 1769.452655][T31045]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1769.452679][T31045]  ? rw_verify_area+0xce/0x6d0
[ 1769.452696][T31045]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1769.452719][T31045]  vfs_read+0x1e4/0xb30
[ 1769.452741][T31045]  ? __pfx_vfs_read+0x10/0x10
[ 1769.452758][T31045]  ? find_held_lock+0x2b/0x80
[ 1769.452782][T31045]  ? __fget_files+0x215/0x3d0
[ 1769.452809][T31045]  ? __fget_files+0x21f/0x3d0
[ 1769.452836][T31045]  ksys_read+0x12a/0x250
[ 1769.452856][T31045]  ? __pfx_ksys_read+0x10/0x10
[ 1769.452876][T31045]  ? fdget+0x18b/0x210
[ 1769.452900][T31045]  do_syscall_64+0xc9/0xf80
[ 1769.452922][T31045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1769.452940][T31045] RIP: 0033:0x7f79dfb5b58e
[ 1769.452955][T31045] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1769.452971][T31045] RSP: 002b:00007f79e0b0dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1769.452989][T31045] RAX: ffffffffffffffda RBX: 00007f79e0b0e6c0 RCX: 00007f79dfb5b58e
[ 1769.453000][T31045] RDX: 000000000000000f RSI: 00007f79e0b0e0a0 RDI: 0000000000000007
[ 1769.453011][T31045] RBP: 00007f79e0b0e090 R08: 0000000000000000 R09: 0000000000000000
[ 1769.453020][T31045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1769.453030][T31045] R13: 00007f79dfe16038 R14: 00007f79dfe15fa0 R15: 00007ffc3ad660a8
[ 1769.453053][T31045]  </TASK>
[ 1769.701738][T13947] usb 5-1: USB disconnect, device number 55
[ 1769.743769][T13947] usblp0: removed
[ 1769.745112][   T30] audit: type=1400 audit(1769008410.316:1189): avc:  denied  { getattr } for  pid=31072 comm="syz.0.6918" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1770.603605][   T30] audit: type=1400 audit(1769008410.326:1190): avc:  denied  { read write } for  pid=31043 comm="syz.4.6912" name="lp0" dev="devtmpfs" ino=4134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1770.627398][   T30] audit: type=1400 audit(1769008410.326:1191): avc:  denied  { open } for  pid=31043 comm="syz.4.6912" path="/dev/usb/lp0" dev="devtmpfs" ino=4134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1770.694855][    C1] ==================================================================
[ 1770.702915][    C1] BUG: KASAN: slab-use-after-free in rose_send_frame+0x266/0x2a0
[ 1770.710620][    C1] Write of size 8 at addr ffff88804579ec18 by task kworker/u8:4/25795
[ 1770.718735][    C1] 
[ 1770.721033][    C1] CPU: 1 UID: 0 PID: 25795 Comm: kworker/u8:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1770.721049][    C1] Tainted: [L]=SOFTLOCKUP
[ 1770.721053][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1770.721061][    C1] Workqueue: events_unbound cfg80211_wiphy_work
[ 1770.721078][    C1] Call Trace:
[ 1770.721083][    C1]  <IRQ>
[ 1770.721087][    C1]  dump_stack_lvl+0x100/0x190
[ 1770.721102][    C1]  print_report+0x156/0x4c9
[ 1770.721118][    C1]  ? __virt_addr_valid+0x81/0x620
[ 1770.721129][    C1]  ? __phys_addr+0xe8/0x180
[ 1770.721140][    C1]  ? rose_send_frame+0x266/0x2a0
[ 1770.721155][    C1]  kasan_report+0xdf/0x1a0
[ 1770.721170][    C1]  ? rose_send_frame+0x266/0x2a0
[ 1770.721187][    C1]  rose_send_frame+0x266/0x2a0
[ 1770.721203][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[ 1770.721219][    C1]  rose_transmit_restart_request+0x1b8/0x250
[ 1770.721235][    C1]  rose_t0timer_expiry+0x1d/0x150
[ 1770.721251][    C1]  call_timer_fn+0x19a/0x590
[ 1770.721268][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1770.721286][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[ 1770.721302][    C1]  ? mark_held_locks+0x40/0x70
[ 1770.721314][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[ 1770.721329][    C1]  __run_timers+0x757/0xac0
[ 1770.721344][    C1]  ? __pfx___run_timers+0x10/0x10
[ 1770.721358][    C1]  run_timer_base+0x114/0x190
[ 1770.721367][    C1]  ? __pfx_run_timer_base+0x10/0x10
[ 1770.721378][    C1]  run_timer_softirq+0x1a/0x50
[ 1770.721388][    C1]  handle_softirqs+0x1ea/0x910
[ 1770.721405][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1770.721422][    C1]  __irq_exit_rcu+0xef/0x150
[ 1770.721438][    C1]  irq_exit_rcu+0x9/0x30
[ 1770.721453][    C1]  sysvec_apic_timer_interrupt+0xa3/0xc0
[ 1770.721473][    C1]  </IRQ>
[ 1770.721476][    C1]  <TASK>
[ 1770.721480][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1770.721493][    C1] RIP: 0010:lock_acquire+0x5e/0x330
[ 1770.721504][    C1] Code: 05 7b 1c 01 12 83 f8 07 0f 87 a4 02 00 00 48 0f a3 05 06 12 d4 0e 0f 82 6f 02 00 00 8b 35 9e 42 d4 0e 85 f6 0f 85 8a 00 00 00 <48> 8b 44 24 30 65 48 2b 05 1d 1c 01 12 0f 85 b8 02 00 00 48 83 c4
[ 1770.721515][    C1] RSP: 0018:ffffc9000d1375e8 EFLAGS: 00000206
[ 1770.721524][    C1] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000003
[ 1770.721531][    C1] RDX: 0000000000000000 RSI: ffffffff8dc1ea15 RDI: ffffffff8bfa34a0
[ 1770.721538][    C1] RBP: ffffffff8e5e3360 R08: 000000008e8414f1 R09: 0000000000000007
[ 1770.721545][    C1] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
[ 1770.721552][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1770.721563][    C1]  ? unwind_next_frame+0x3be/0x1ea0
[ 1770.721578][    C1]  ? unwind_next_frame+0x3be/0x1ea0
[ 1770.721594][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1770.721612][    C1]  unwind_next_frame+0xd1/0x1ea0
[ 1770.721627][    C1]  ? unwind_next_frame+0xbd/0x1ea0
[ 1770.721642][    C1]  ? kasan_save_free_info+0x3b/0x70
[ 1770.721660][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1770.721677][    C1]  arch_stack_walk+0x94/0xf0
[ 1770.721693][    C1]  ? kasan_save_free_info+0x3b/0x70
[ 1770.721712][    C1]  stack_trace_save+0x8e/0xc0
[ 1770.721728][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1770.721745][    C1]  ? __lock_acquire+0x4a5/0x2630
[ 1770.721755][    C1]  ? ieee80211_iface_work+0x46f/0x1350
[ 1770.721766][    C1]  ? cfg80211_wiphy_work+0x3f7/0x560
[ 1770.721779][    C1]  ? process_one_work+0x9c2/0x1840
[ 1770.721793][    C1]  kasan_save_stack+0x30/0x50
[ 1770.721805][    C1]  ? kasan_save_stack+0x30/0x50
[ 1770.721818][    C1]  ? kasan_save_track+0x14/0x30
[ 1770.721837][    C1]  ? kasan_save_free_info+0x3b/0x70
[ 1770.721875][    C1]  kasan_save_track+0x14/0x30
[ 1770.721895][    C1]  kasan_save_free_info+0x3b/0x70
[ 1770.721916][    C1]  __kasan_slab_free+0x5f/0x80
[ 1770.721930][    C1]  kmem_cache_free+0x143/0x720
[ 1770.721942][    C1]  ? skb_free_head+0x1cb/0x220
[ 1770.721954][    C1]  ? kfree_skbmem+0x19a/0x210
[ 1770.721965][    C1]  ? kfree_skbmem+0x19a/0x210
[ 1770.721976][    C1]  kfree_skbmem+0x19a/0x210
[ 1770.721985][    C1]  sk_skb_reason_drop+0x10f/0x1b0
[ 1770.722001][    C1]  ieee80211_iface_work+0x46f/0x1350
[ 1770.722012][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1770.722028][    C1]  cfg80211_wiphy_work+0x3f7/0x560
[ 1770.722043][    C1]  process_one_work+0x9c2/0x1840
[ 1770.722058][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1770.722073][    C1]  ? assign_work+0x19c/0x250
[ 1770.722084][    C1]  worker_thread+0x5da/0xe40
[ 1770.722099][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1770.722112][    C1]  ? kthread+0x17d/0x730
[ 1770.722123][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1770.722135][    C1]  kthread+0x3b3/0x730
[ 1770.722146][    C1]  ? __pfx_kthread+0x10/0x10
[ 1770.722157][    C1]  ? ret_from_fork+0x79/0xaf0
[ 1770.722170][    C1]  ? ret_from_fork+0x79/0xaf0
[ 1770.722182][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1770.722196][    C1]  ? __pfx_kthread+0x10/0x10
[ 1770.722208][    C1]  ret_from_fork+0x754/0xaf0
[ 1770.722221][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1770.722234][    C1]  ? __switch_to+0x7b9/0x10c0
[ 1770.722249][    C1]  ? __pfx_kthread+0x10/0x10
[ 1770.722261][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1770.722274][    C1]  </TASK>
[ 1770.722278][    C1] 
[ 1771.214060][    C1] Allocated by task 27417:
[ 1771.218440][    C1]  kasan_save_stack+0x30/0x50
[ 1771.223090][    C1]  kasan_save_track+0x14/0x30
[ 1771.227735][    C1]  __kasan_kmalloc+0xaa/0xb0
[ 1771.232308][    C1]  rose_rt_ioctl+0x586/0x2550
[ 1771.236952][    C1]  rose_ioctl+0x491/0x7d0
[ 1771.241250][    C1]  sock_do_ioctl+0x118/0x280
[ 1771.245815][    C1]  sock_ioctl+0x599/0x6b0
[ 1771.250113][    C1]  __x64_sys_ioctl+0x18e/0x210
[ 1771.254842][    C1]  do_syscall_64+0xc9/0xf80
[ 1771.259313][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1771.265175][    C1] 
[ 1771.267466][    C1] Freed by task 31087:
[ 1771.271497][    C1]  kasan_save_stack+0x30/0x50
[ 1771.276145][    C1]  kasan_save_track+0x14/0x30
[ 1771.280792][    C1]  kasan_save_free_info+0x3b/0x70
[ 1771.285792][    C1]  __kasan_slab_free+0x5f/0x80
[ 1771.290532][    C1]  kfree+0x1c7/0x690
[ 1771.294393][    C1]  rose_timer_expiry+0x53f/0x630
[ 1771.299299][    C1]  call_timer_fn+0x19a/0x590
[ 1771.303865][    C1]  __run_timers+0x757/0xac0
[ 1771.308352][    C1]  run_timer_base+0x114/0x190
[ 1771.313008][    C1]  run_timer_softirq+0x1a/0x50
[ 1771.317740][    C1]  handle_softirqs+0x1ea/0x910
[ 1771.322478][    C1]  __irq_exit_rcu+0xef/0x150
[ 1771.327041][    C1]  irq_exit_rcu+0x9/0x30
[ 1771.331259][    C1]  sysvec_apic_timer_interrupt+0xa3/0xc0
[ 1771.336879][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1771.342829][    C1] 
[ 1771.345125][    C1] The buggy address belongs to the object at ffff88804579ec00
[ 1771.345125][    C1]  which belongs to the cache kmalloc-512 of size 512
[ 1771.359143][    C1] The buggy address is located 24 bytes inside of
[ 1771.359143][    C1]  freed 512-byte region [ffff88804579ec00, ffff88804579ee00)
[ 1771.372827][    C1] 
[ 1771.375122][    C1] The buggy address belongs to the physical page:
[ 1771.381495][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4579c
[ 1771.390231][    C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1771.398698][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1771.406213][    C1] page_type: f5(slab)
[ 1771.410178][    C1] raw: 00fff00000000040 ffff88813fe26c80 ffffea0000c98500 dead000000000002
[ 1771.418738][    C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1771.427288][    C1] head: 00fff00000000040 ffff88813fe26c80 ffffea0000c98500 dead000000000002
[ 1771.435925][    C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1771.444562][    C1] head: 00fff00000000002 ffffea000115e701 00000000ffffffff 00000000ffffffff
[ 1771.453200][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1771.461838][    C1] page dumped because: kasan: bad access detected
[ 1771.468231][    C1] page_owner tracks the page as allocated
[ 1771.473916][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 14701, tgid 14687 (iou-wrk-14696), ts 833133997259, free_ts 340403971783
[ 1771.493853][    C1]  post_alloc_hook+0x1e1/0x250
[ 1771.498590][    C1]  get_page_from_freelist+0xe3d/0x2e10
[ 1771.504031][    C1]  __alloc_frozen_pages_noprof+0x26c/0x2410
[ 1771.509898][    C1]  new_slab+0xaf/0x440
[ 1771.513941][    C1]  ___slab_alloc+0xda3/0x1ca0
[ 1771.518585][    C1]  __slab_alloc.isra.0+0x63/0x110
[ 1771.523575][    C1]  __kmalloc_node_noprof+0x62b/0x9e0
[ 1771.528829][    C1]  alloc_slab_obj_exts+0x46/0x110
[ 1771.533826][    C1]  new_slab+0x354/0x440
[ 1771.537955][    C1]  ___slab_alloc+0xda3/0x1ca0
[ 1771.542596][    C1]  __slab_alloc.isra.0+0x63/0x110
[ 1771.547586][    C1]  __kmalloc_cache_noprof+0x531/0x810
[ 1771.552923][    C1]  io_manage_buffers_legacy+0x409/0xea0
[ 1771.558437][    C1]  __io_issue_sqe+0xe8/0x7a0
[ 1771.562997][    C1]  io_issue_sqe+0x85/0x1430
[ 1771.567467][    C1]  io_wq_submit_work+0x347/0xee0
[ 1771.572370][    C1] page last free pid 9196 tgid 9195 stack trace:
[ 1771.578659][    C1]  __free_frozen_pages+0x822/0x1130
[ 1771.583832][    C1]  __put_partials+0x127/0x160
[ 1771.588474][    C1]  qlist_free_all+0x47/0xe0
[ 1771.592946][    C1]  kasan_quarantine_reduce+0x1a0/0x1f0
[ 1771.598374][    C1]  __kasan_slab_alloc+0x69/0x90
[ 1771.603193][    C1]  __kmalloc_noprof+0x300/0x9c0
[ 1771.608009][    C1]  sk_prot_alloc+0x10b/0x2a0
[ 1771.612571][    C1]  sk_alloc+0x36/0xe80
[ 1771.616609][    C1]  alg_create+0x9e/0x150
[ 1771.620819][    C1]  __sock_create+0x339/0x860
[ 1771.625372][    C1]  __sys_socket+0x14d/0x260
[ 1771.629842][    C1]  __x64_sys_socket+0x72/0xb0
[ 1771.634484][    C1]  do_syscall_64+0xc9/0xf80
[ 1771.638953][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1771.644812][    C1] 
[ 1771.647104][    C1] Memory state around the buggy address:
[ 1771.652699][    C1]  ffff88804579eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1771.660729][    C1]  ffff88804579eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1771.668755][    C1] >ffff88804579ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1771.676782][    C1]                             ^
[ 1771.681594][    C1]  ffff88804579ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1771.689623][    C1]  ffff88804579ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1771.697649][    C1] ==================================================================
[ 1771.705723][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1771.712893][    C1] CPU: 1 UID: 0 PID: 25795 Comm: kworker/u8:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1771.723986][    C1] Tainted: [L]=SOFTLOCKUP
[ 1771.728277][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1771.738302][    C1] Workqueue: events_unbound cfg80211_wiphy_work
[ 1771.744517][    C1] Call Trace:
[ 1771.747766][    C1]  <IRQ>
[ 1771.750581][    C1]  dump_stack_lvl+0x100/0x190
[ 1771.755242][    C1]  vpanic+0x20d/0x630
[ 1771.759193][    C1]  panic+0xd1/0xd1
[ 1771.762895][    C1]  ? __pfx_panic+0x10/0x10
[ 1771.767281][    C1]  ? check_panic_on_warn+0x1f/0x90
[ 1771.772364][    C1]  check_panic_on_warn.cold+0x19/0x34
[ 1771.777718][    C1]  end_report.part.0+0x3a/0x90
[ 1771.782457][    C1]  kasan_report.cold+0xe/0x18
[ 1771.787106][    C1]  ? rose_send_frame+0x266/0x2a0
[ 1771.792024][    C1]  rose_send_frame+0x266/0x2a0
[ 1771.796782][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[ 1771.802389][    C1]  rose_transmit_restart_request+0x1b8/0x250
[ 1771.808343][    C1]  rose_t0timer_expiry+0x1d/0x150
[ 1771.813351][    C1]  call_timer_fn+0x19a/0x590
[ 1771.817917][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1771.823006][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[ 1771.828624][    C1]  ? mark_held_locks+0x40/0x70
[ 1771.833356][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[ 1771.838963][    C1]  __run_timers+0x757/0xac0
[ 1771.843433][    C1]  ? __pfx___run_timers+0x10/0x10
[ 1771.848428][    C1]  run_timer_base+0x114/0x190
[ 1771.853073][    C1]  ? __pfx_run_timer_base+0x10/0x10
[ 1771.858241][    C1]  run_timer_softirq+0x1a/0x50
[ 1771.862974][    C1]  handle_softirqs+0x1ea/0x910
[ 1771.867711][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1771.872969][    C1]  __irq_exit_rcu+0xef/0x150
[ 1771.877533][    C1]  irq_exit_rcu+0x9/0x30
[ 1771.881751][    C1]  sysvec_apic_timer_interrupt+0xa3/0xc0
[ 1771.887358][    C1]  </IRQ>
[ 1771.890260][    C1]  <TASK>
[ 1771.893162][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1771.899112][    C1] RIP: 0010:lock_acquire+0x5e/0x330
[ 1771.904291][    C1] Code: 05 7b 1c 01 12 83 f8 07 0f 87 a4 02 00 00 48 0f a3 05 06 12 d4 0e 0f 82 6f 02 00 00 8b 35 9e 42 d4 0e 85 f6 0f 85 8a 00 00 00 <48> 8b 44 24 30 65 48 2b 05 1d 1c 01 12 0f 85 b8 02 00 00 48 83 c4
[ 1771.923868][    C1] RSP: 0018:ffffc9000d1375e8 EFLAGS: 00000206
[ 1771.929907][    C1] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000003
[ 1771.937849][    C1] RDX: 0000000000000000 RSI: ffffffff8dc1ea15 RDI: ffffffff8bfa34a0
[ 1771.945794][    C1] RBP: ffffffff8e5e3360 R08: 000000008e8414f1 R09: 0000000000000007
[ 1771.953734][    C1] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
[ 1771.961679][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1771.969623][    C1]  ? unwind_next_frame+0x3be/0x1ea0
[ 1771.974807][    C1]  ? unwind_next_frame+0x3be/0x1ea0
[ 1771.979979][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1771.986112][    C1]  unwind_next_frame+0xd1/0x1ea0
[ 1771.991025][    C1]  ? unwind_next_frame+0xbd/0x1ea0
[ 1771.996110][    C1]  ? kasan_save_free_info+0x3b/0x70
[ 1772.001284][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1772.007413][    C1]  arch_stack_walk+0x94/0xf0
[ 1772.011989][    C1]  ? kasan_save_free_info+0x3b/0x70
[ 1772.017162][    C1]  stack_trace_save+0x8e/0xc0
[ 1772.021813][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1772.027179][    C1]  ? __lock_acquire+0x4a5/0x2630
[ 1772.032103][    C1]  ? ieee80211_iface_work+0x46f/0x1350
[ 1772.037529][    C1]  ? cfg80211_wiphy_work+0x3f7/0x560
[ 1772.042786][    C1]  ? process_one_work+0x9c2/0x1840
[ 1772.047870][    C1]  kasan_save_stack+0x30/0x50
[ 1772.052531][    C1]  ? kasan_save_stack+0x30/0x50
[ 1772.057351][    C1]  ? kasan_save_track+0x14/0x30
[ 1772.062173][    C1]  ? kasan_save_free_info+0x3b/0x70
[ 1772.067354][    C1]  kasan_save_track+0x14/0x30
[ 1772.072003][    C1]  kasan_save_free_info+0x3b/0x70
[ 1772.077014][    C1]  __kasan_slab_free+0x5f/0x80
[ 1772.081759][    C1]  kmem_cache_free+0x143/0x720
[ 1772.086492][    C1]  ? skb_free_head+0x1cb/0x220
[ 1772.091226][    C1]  ? kfree_skbmem+0x19a/0x210
[ 1772.095872][    C1]  ? kfree_skbmem+0x19a/0x210
[ 1772.100515][    C1]  kfree_skbmem+0x19a/0x210
[ 1772.104987][    C1]  sk_skb_reason_drop+0x10f/0x1b0
[ 1772.109996][    C1]  ieee80211_iface_work+0x46f/0x1350
[ 1772.115248][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1772.119985][    C1]  cfg80211_wiphy_work+0x3f7/0x560
[ 1772.125071][    C1]  process_one_work+0x9c2/0x1840
[ 1772.129985][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1772.135328][    C1]  ? assign_work+0x19c/0x250
[ 1772.139897][    C1]  worker_thread+0x5da/0xe40
[ 1772.144458][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1772.149541][    C1]  ? kthread+0x17d/0x730
[ 1772.153765][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1772.158848][    C1]  kthread+0x3b3/0x730
[ 1772.162886][    C1]  ? __pfx_kthread+0x10/0x10
[ 1772.167444][    C1]  ? ret_from_fork+0x79/0xaf0
[ 1772.172094][    C1]  ? ret_from_fork+0x79/0xaf0
[ 1772.176741][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1772.181476][    C1]  ? __pfx_kthread+0x10/0x10
[ 1772.186035][    C1]  ret_from_fork+0x754/0xaf0
[ 1772.190599][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1772.195679][    C1]  ? __switch_to+0x7b9/0x10c0
[ 1772.200331][    C1]  ? __pfx_kthread+0x10/0x10
[ 1772.204889][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1772.209624][    C1]  </TASK>
[ 1772.212876][    C1] Kernel Offset: disabled
[ 1772.217171][    C1] Rebooting in 86400 seconds..