last executing test programs:

59.224994896s ago: executing program 1 (id=564):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
unshare(0x2040400)
fcntl$dupfd(r0, 0x0, r0)

58.909466402s ago: executing program 1 (id=568):
mmap(&(0x7f000069d000/0x2000)=nil, 0x2000, 0x0, 0x3b071, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="00f2763b243f38728f0000bfa69e189e51000019070400aad0eeb84634a721ed125893e2996c5f961006f27b7bbd1f0065a06f9f37a63693fc217772d161bda2f6e6421fb965d9eab102ce5df58244ea5ba5048a1c2b75c9752eb4b1a229c3eb4c3e556ba2f9ef756ae823e58c39152b62eb938217cc29625f4453bb4b21475b5bcb4a8fac76b953e6b68b31e37d688f6024ce26afca4ea751e08551eb03d0054518ee7ea9f948653c777ef612f0ea3d77788c7cebcce3bc615209", @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000001100850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x99)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, &(0x7f0000000040)={[{@subsystem='hugetlb'}, {@none}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x10a, 0x0, 0x6}]})
socket(0x1e, 0x5, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000e28369caa2cf28aea61c53d054baf416c0d51b2405af6ede8557a088803e5a9a54945b50064d67bcc8bafd7e861123f825ef58589208584f65b756c2a6bcf2a7f505a6af3a03869975c6b03f57d0468e63f820c0aab6ff254a47829c5ea7e35a11bc"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r4, 0xe0, &(0x7f0000001880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
socket(0x5, 0x3, 0xff)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000006a80), 0x1, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_QBUF(r6, 0xc058565d, &(0x7f0000000200)=@multiplanar_fd={0x3, 0x7, 0x4, 0x66f030fe06d20361, 0x7fffffff, {0x0, 0xea60}, {0x2, 0x8, 0x8, 0x4, 0x2, 0x91, "0056c368"}, 0xc, 0x4, {0x0}})
write$vga_arbiter(r5, &(0x7f0000000080)=@target={'target ', {'PCI:', '0', ':', '7', ':', '1d', '.', '0'}}, 0x14)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r7, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004041}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r8], 0x54}, 0x1, 0x0, 0x0, 0x81}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

54.519611906s ago: executing program 1 (id=586):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e24, @empty}], 0x10)
listen(r0, 0x100)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
sendmsg$inet6(r1, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x9}}, 0x1000000, 0x31, 0xffff1893, 0x3, 0x25, 0x0, 0x1b}, 0x9c)

54.339673705s ago: executing program 3 (id=588):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0xffbffffd, 0x5, 0x0, 'queue0\x00', 0xe})
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000001d00)={0x2020}, 0x2020) (fail_nth: 1)

52.734449039s ago: executing program 3 (id=589):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r1, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x83a5, 0x1, [0x400]}, 0xa)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0xffbffffd, 0x5, 0x0, 'queue0\x00', 0xe})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000001d00)={0x2020}, 0x2020)

51.449024609s ago: executing program 3 (id=590):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f00000001c0)={0x1d, r2}, 0x10)
sendmsg$can_raw(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@can={{}, 0x0, 0x1, 0x0, 0x0, "00000000000300"}, 0x10}, 0x1, 0x0, 0x0, 0x24044081}, 0x20000000)

51.142797443s ago: executing program 3 (id=591):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0xc8402, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x42, 0x18)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

50.79409468s ago: executing program 1 (id=592):
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(0xffffffffffffffff, 0x1e, 0x0, 0x1)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48045}, 0x4404)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x118}, 0x1, 0x0, 0x0, 0x2004e953}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="180000002e00010026bdf000fcdbdf1b0400000004"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
close(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000280)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}], 0x38}, 0x50000)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0xc4, r2, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}]}, 0xc4}, 0x1, 0x0, 0x0, 0x90}, 0x54)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
dup3(r5, r4, 0x0)
syz_usb_connect$uac1(0x3, 0xa2, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

50.749025139s ago: executing program 3 (id=593):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000040)="273eebfecb7c0e923301b61c42cb1d11f41d00bdab", 0x15}, {0x0}, {&(0x7f0000000140)="037abfe4c9d87e", 0x7}, {&(0x7f0000000580)="e081573ca3b4338c27e3cdf63e2c6830238af733dec284d7d3768e72a830959699eac32db05ce6e8f44c40120e963788d47c00c3c680934024185e5d54d5f04955ee93a4f6ec9fec78ecd1ce05e7fe16214ce7cabf2e2999b91cbfa98bdcd38523bf1479be8ed572e828c5d1bf57af3b62cd7214ab6ed04d624df1c18a13c4821013e37d18c5885ef258fef13ffce50c4b0ce7193960a53fe12fb6276ab6953b249be4bf090e60b5eb894af58c49c7bfab3f2284581e527a4df533430aacf3fd6f7cd971ee54ae4e876208e349438204b03f41d7566e49d26bd55843cfc20d1000c3fb7162c0dbf45eaa9911098fdba4b4aec028bf4d75703e03e8ea0afd21ab3a5b44c3b61e5c2c588f243780859ff5ca828b985405b6b974c30c0394d2c67a96dcac2044fac7bba808680b761d05a41d97b9158e8a8adbac5b2aec98c347348b7e873336d06d2d35069ac22a831c5f4b9e7afc4e4bafe0de15645ce1e98e9429277d2588a0c6d65f84743e830fc5c94bf663be91531b74a422409c8b1c4c383f37fed104f0bdeb01f5442b6c87d111f8c457bb419f3f2f414b52188c3cff87d09d832c2ba1a4bae8347d93ef9321d6b0e5cff6dceecf64d02259020699ca8bcc09f4fee0cb27935eae9df0bda7b2553559e15bc323a632c0852544dbcc2b0e80291881e7ef2bc7039cd104e9578f07694bd8442cb1238ae38964158c20c05dd967fd60cfe9a743b223bd01396a4fc4e43e4190b0a82eac710584c65b683d984139244dc29b1512717b62febdb67082340ee25c1ed2503fbc6b1cbd9b8a0270ae40b77392eb2bbd91c128a0b73f9a833d6a3d1a5d18d57bf9b9083a799827fce0a2da1db181d8d7c3ab0ca3884a1ab21f215a5be80d78994cedf61d6f19a55eb30e24131a783b0fc0e5344f33c3a420b440fbc5529730e2045f5398015cd026008b684ea8e18cb81b131a58ff8a5220d4b868425a553a5ed6a7dd086fc2194496c55e8d84b161b88d95f3185ab5d42c583f1da06cb0198ae14f7027048129c26819d6fa214c82998abf766441c0d9761a684252e18c2f0cf6bac43bba7f93b3a24d0ae1538d660f132e7ef15e54df6c9cfcec567e2264f438e566c8ae2d68be40bdb07f6aeae0b60f79e9cd0ade6deed783117bbb0c6e81e7c9be31c0cbc770452f7f451cf9c6aeea567d264d772fb61e6f6877c1085b69c079ac339dd8ebd4de822df339ba452e0b1df189bf188ef27f6c3b2f23673b4c9acfafa0764fc4b08ecb419e55afc820a1b5f96c3a75bdc3f66c24b29da553e76bead2cd127af72f9f3c733195bfc466e89e227d1c1dbb1cc57a87b79958c16ace8070fb428e1f7c4751def0e3212b99e24be66118348b643af983f0e09f2506dace327f34a6ee146457102291299c1a80257adcafd5932287c0d51799617bc4e4dcd702a04147a9149e946df386471841744eb3cedb5644997144e7d022f236316c31848a28dfab7591fbcc22a6b6c3a3d6d6236f60829e18221973a3111ca13b34bec49a35eced17ef04f86be6d3721db9cda8894fd231bc1d74acf64083aa374e6c09460ed4091e1ccf3861684b0e8c7e7be69eed9dcf126f9869856766b63390e44cf2fcb0cf2ba4b9fdcb3979adc7fdcd6d57e6d1f8be70285f71a5ef858bbe7294f73ce66c03aee0b69dc962e4a9938a890cadfd359adc56d14a6a3bbe20f1d99b15441a9cbfa098393972308416da24f9455c403e9da2acc6fd5bba7887d868567bbd933f735e0c9e691cafe6ec0f1d6543d8c7a3545f1c63b9c20ca07ad3be7b3980fc93adef0e7df8251a97d7ff35d78df3621b627ce0efc22de41ec01f7dbe76e81fec09f7ffc89932db7fcc25848b3a5f5538ea9232677c3b31981213fedaa59923ebb7ee1c3abf25aaa660b298ff8573ab07555941e6859af3ca2ce1f488271c03753fc7ffc73a5c5097d8b63fca5e257a71060a734e5ac65d84f3f347291306acdd8dc2ef0253661d75301d5eee2a5fea87533c1f740939ba6177862e8e391e5616283eb645593754d9dc08e5c00c26f304dc6c25a1bff932235e55c72862f781dcb8c7d0908b8f9847dc117b98b3a3369908facfbca075beca53c57b9a480a0cce0ade410275c67b5c2e8045a3cc398089ac9811aa43bc031ad0bedc30df3b0866dfc891b1237e28f53f9c50db99f59dc20e35a7a8d6ba90e81748fb7765ac6faa6d406cc310eec7c769088195f2024c5ae68de8e068be38b54dfea5b9312873ba90fbb4c3911956b1bd8df0adb038bcaaac8c06b69c3be98f8338b43941cc1dc0a5eac7356dccb3343e7b95c3637d609ce6c3aed0ea2c9382030a3bc9f33ed1ef0301d795f51089015aca16b68a96a5c400a73692146f0759aaeee1f823164d027658358a5addabd81a452eb7dd0c4f13349ceaac86dde18c2848122ccee02f1121aba4860a0a07bfa1d93b6516ffc7944b503155f8f246ccd7c05e6e956373623ec1f89bf51a2286c72133d2801a02cb3f323eb2a8654b071ba1153ce0b2a584388c4eaf73a6a1acae5b48e9dddd70a243369adb1c5f3c49e71837661fb4915c62a66ee01a063ea6c33c4141d3a5eb0d4c19066a1fcb664ea0d2fdfc528641c0b8f32b51fc17a424c46b64e891f9cbc81aac5e6e859eb9d0857c092a2eadcc699abb0affdbb6d2c18eb80f422ca3e87f3c86d98a6252eb7353bb390bab836a6a94e68c4702c5ac60a8889575284977bc82356954d126a89c1559a4bc50ad825db31ce2f6b7be16680b42ee666bcf1ea25bb83fbb254da7d8b90fcd55d4e181ceda34642509d674ba43671371524852351c94faff4c688ffbb2e9024f6cc2", 0x7de}], 0x4)

50.574986131s ago: executing program 3 (id=594):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYRES32=0x0], 0x48)
r0 = socket(0x11, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000000010104000000000000000002001000240002801400018008000100e000000108000200e00000010c00028005000100000000001c0010800800014000000000d97405010000000008000240000000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000100000040000180060001000a00000008000500000000000c000700000000000000000008000900710000000700060072720000080008000000000008000b"], 0x54}}, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r0)
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000680)={&(0x7f0000000580), 0xc, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="020026bd6c00fbdbdf17250c0000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x48000)
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x7c, r3, 0x10, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_DEST={0x60, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xfff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x81}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@loopback}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xa}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x3c, r7, 0x800, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x47}, {0x1, 0x7}, {0x1}], "634ee4d448d274e3"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x9, 0x1}, {0x6, 0x7}, {0x6, 0x7}], "dc4dfb6843843db5"}}]}, 0x3c}}, 0x44)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xfffffffffffffffd, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000010}, 0x4008000)

50.25248523s ago: executing program 4 (id=598):
r0 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
listen(r1, 0x9)
timer_create(0x1, 0x0, &(0x7f0000000000)=<r2=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
timer_getoverrun(r2)
sendmsg$inet_sctp(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000084"], 0x20, 0x6044}, 0x6)
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000100)={&(0x7f0000000140)})
r4 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
fremovexattr(r4, &(0x7f00000000c0)=@random={'security.', '&/#{\x00'})
syz_usb_control_io(r0, &(0x7f0000000300)={0x2c, &(0x7f0000000140)={0x40, 0x31, 0x16, {0x16, 0x1f, "e90200006a2af8c3a13e2a9a16cfb45ade1dbed5"}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44e}}, &(0x7f0000000200)={0x0, 0xf, 0x3e, {0x5, 0xf, 0x3e, 0x5, [@ss_container_id={0x14, 0x10, 0x4, 0x6, "ca47a4ecd5eb2d5c7833cd5dfaf2bbf3"}, @ext_cap={0x7, 0x10, 0x2, 0x18, 0x7, 0x5, 0x3}, @ssp_cap={0x10, 0x10, 0xa, 0x7, 0x1, 0x5, 0xf011, 0x3, [0xff0030]}, @wireless={0xb, 0x10, 0x1, 0x2, 0x2, 0x0, 0x2, 0x6, 0x7}, @ptm_cap={0x3}]}}, &(0x7f0000000280)={0x20, 0x29, 0xf, {0xf, 0x29, 0x6, 0x75c6a0ffa7558ddc, 0x0, 0x0, "c2db10db", "cad05232"}}, &(0x7f00000002c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x3, 0x5, 0x9, 0x6, 0x88, 0x39c4}}}, &(0x7f0000000980)={0x84, &(0x7f0000000580)={0x0, 0xf, 0x6d, "da8e872ff05087fd5c34be9977cad9b474f355e1b1a6906d609db4c9af88596b9aa276c13d4d73a4b05c4d9a533b1ffde4d8c230b0b8009da5f33dfc645e2129fe673200745d3dcc776443221402fe43e816868be8ffedfec14bda83796e9784b9e3d1cce0fb5ae51919652395"}, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0xfa}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0xf9}, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x2, 0x2}}, &(0x7f0000000600)={0x20, 0x0, 0x8, {0x20, 0x80, [0xf0f0]}}, &(0x7f0000000640)={0x40, 0x7, 0x2, 0x1ff}, &(0x7f0000000680)={0x40, 0x9, 0x1, 0x3}, &(0x7f00000006c0)={0x40, 0xb, 0x2, "518d"}, &(0x7f0000000700)={0x40, 0xf, 0x2, 0x1}, &(0x7f0000000740)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, &(0x7f0000000780)={0x40, 0x17, 0x6}, &(0x7f00000007c0)={0x40, 0x19, 0x2, "f989"}, &(0x7f0000000800)={0x40, 0x1a, 0x2, 0x5}, &(0x7f0000000840)={0x40, 0x1c, 0x1, 0xfb}, &(0x7f0000000880)={0x40, 0x1e, 0x1, 0x5}, &(0x7f00000008c0)={0x40, 0x21, 0x1, 0x40}})
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000e3ddef20501da1604fa1010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r5, 0x0, &(0x7f0000000000)={0x1c, &(0x7f00000002c0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r5, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000240)=ANY=[], 0x0, 0x0})
syz_usb_control_io$hid(r5, 0x0, &(0x7f0000000940)={0x2c, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r5, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
close(r6)
ioctl$USBDEVFS_ALLOW_SUSPEND(r6, 0x5522)
ioctl$SNDRV_PCM_IOCTL_PREPARE(0xffffffffffffffff, 0x4140, 0x0)
syz_usb_control_io$uac3(0xffffffffffffffff, &(0x7f0000000ac0)={0x14, &(0x7f0000000a40)={0x20, 0x22, 0x61, {0x61, 0x7, "9ca2762e58dd63a073fc7f5d33df7b8ff1f86863a68567c0beacf0c28bcc4cb7da04ac0dd41c4b048d52b5027b9e90756851f22aa96386008b12d71d19b5cbc1eed5ac1497b848939f54ef4cf5b8384984feac5a7a7d792479d24ba5bc16a0"}}, &(0x7f0000000900)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2c09}}}, &(0x7f0000000dc0)={0x44, &(0x7f0000000b00)={0x20, 0x5, 0xf5, "f1ffe24b2c2d5d91d89d8b1e331739d7717f40793f441975276d7e2732a90508b3b8dd0812fa8ea531bd1617d9582ff4c0e50d8c500c4c34aeacf33214b811cecf006dc16370893d4b7d3edcd5b8ff2c3fd05ff7c4a03be0938111c0f0acb8bbd1984dd2b00e3e770be931027c75497b161bafc1b7f236a1774a9d4f0c0dc815a9087c12a8bb4dbcc467d3d1a3f8fb77bfc97121c410402f8eb6a18479e3373443b98e646a3dc25b36c90c38075616efd3b41479876f54970b0f83a0170bcd726e0e0749220344b40cd963e962dcc5cbee2757b70da886ba6e0a8ea38ec1260199224d6d5d18488c70368c633c136bed925e1283f8"}, &(0x7f0000000c00)={0x0, 0xa, 0x1, 0x8}, &(0x7f0000000c40)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000c80)={0x20, 0x81, 0x1, 'A'}, &(0x7f0000000cc0)={0x20, 0x82, 0x2, "8884"}, &(0x7f0000000d00)={0x20, 0x83, 0x2, "9ece"}, &(0x7f0000000d40)={0x20, 0x84, 0x1, '-'}, &(0x7f0000000d80)={0x20, 0x85, 0x3, "f8ceb3"}})
syz_usb_control_io$uac2(r5, 0x0, &(0x7f0000000500)={0x44, &(0x7f00000001c0)={0x40, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

49.979635413s ago: executing program 1 (id=600):
r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="300000006800010002000000fcffff7f00000000", @ANYRES32=0x0, @ANYBLOB="04000a"], 0x30}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
pipe(&(0x7f0000000040))
close(0x3)

49.054411747s ago: executing program 1 (id=604):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x14, 0x8023, 0x107, 0x70bd2a, 0x10000, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x891}, 0xc000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x197, 0x0)
r3 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
r6 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
syz_usb_control_io$cdc_ncm(r6, 0x0, 0x0)
io_uring_enter(r3, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFULA_CFG_CMD={0x5, 0x1, 0x3}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x44084}, 0x80)
r8 = eventfd(0xfffffff9)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r7}, 0x8)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r9, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(r2, 0xc0385868, &(0x7f00000004c0)={<r11=>r3, &(0x7f0000000200)='.*{!$\x00', 0x42000, &(0x7f0000000400)={@_ha_fsid={[0x8001, 0x2]}, {0xfff, 0x9, 0x1a1, 0xd}}, 0x80, &(0x7f0000000440)={@_ha_fsid}, &(0x7f0000000480)=0x3})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@bloom_filter={0x1e, 0xdd, 0x5, 0x5, 0x6225c, r9, 0xd747fd1, '\x00', r10, r11, 0x5, 0x2, 0x0, 0xc}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x3, 0xe, &(0x7f0000000140)=@raw=[@printk={@i}, @jmp={0x5, 0x1, 0x3, 0x9, 0x2, 0xfffffffffffffffc, 0x10}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @ldst={0x1, 0x2, 0x0, 0xa, 0x5, 0x40, 0xffffffffffffffff}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}], &(0x7f0000000280)='GPL\x00', 0x7, 0x0, 0x0, 0x1f00, 0x0, '\x00', r10, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffff}, 0x94)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r8)
r12 = syz_clone(0x40001000, 0x0, 0x54, &(0x7f0000000000), 0x0, 0x0)
syz_pidfd_open(r12, 0x0)

47.491455863s ago: executing program 4 (id=609):
setgroups(0x0, &(0x7f0000000000))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x3)
setsockopt$CAIFSO_REQ_PARAM(r2, 0x116, 0x80, 0xffffffffffffffff, 0xffb0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ba20702500000000002003007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\b\x00\x00', &(0x7f0000000300)=""/8, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r4 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
r5 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r7 = dup3(r5, r6, 0x0)
ioctl$MON_IOCG_STATS(r7, 0xc0109207, &(0x7f00000001c0))
setgroups(0x0, 0x0)
getgroups(0x1, &(0x7f0000000400)=[<r8=>0x0])
setregid(r8, r8)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x0, 0x0, 0x815, 0x13, 0xfffffffd, 0x4})
fchmodat(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0x2)
r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r9, &(0x7f00000000c0)='0\x00', 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0500000005000000020008000700000000000000", @ANYRES32, @ANYBLOB="0100000000000500"/20, @ANYBLOB="054750976eeb0463d367d826f9f837e97ec94be785f878333567c3fcff17c16bebbfebd04b92a0033fba62048bc1fe268a12cd2f7c549d8c25d0cf55d99e4ce1c6b3145b78bc6c7a44e5bad9a907bda6bef213bd91494da19216228480ce4e50f4e42f1bdff977a140ada07bf93689e8f5d21df8d35eb1db4f5fccfcd03344e2c1b32a6360bab29373656afbc3bc954e2b2af49d5b81c1dedc7e69b9be77ce4021a6750f288dca411886ecf46d9b629f0f538c516658c5e1a20b3d71fc499704bcdf503472fa8735bd6175e6e35f42d0e1f8a932bd84c2663c0e69ee6db029e6b0df63de6820", @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
syz_usb_control_io(r4, 0x0, 0x0)
ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000000)={0x0})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYRES32=r2], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0xd5)
r10 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0)
ioctl$SNDRV_PCM_IOCTL_DELAY(r10, 0x80084121, &(0x7f00000001c0))
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000440)=ANY=[@ANYBLOB="fcffffffffffffff090000000000000004000000010100000a0000000000000000000000000000800100000000000000ffffff7f000000000000000000000000000000000000000004120000000000000000000000000000176b000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000006000000000000000800000000000000000000000000000000000000000000000a10000000000000000000000000000008000000000000000500000000000000faffffffffffffff0000000000000000000000000000000000260000000000000000000000000000ff00000000000000080000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000003000000000000000300000000000000000000000000000000000000000000000020000000000000000000000000000003000000000000000b000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000900000000000000050000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000f7ffffffffffffff0300000000000000000000040000000000000000000000000502000000000000000000000000000001000000000000000200000000000000080000000000000000000000000000000000000000000000001000"/592])
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x17, 0x4, &(0x7f0000000800)=ANY=[@ANYRESOCT], &(0x7f0000000980)='syzkaller\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl}, 0x94)
r11 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x400000)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r11, 0x54a3)

46.592502932s ago: executing program 0 (id=614):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_setup(0x4de6, &(0x7f0000000200)={0x0, 0x3191, 0x4, 0x3, 0x3c5, 0x0, r1}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000100))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x80, &(0x7f00000002c0)=0x5, 0x0, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@ipv6_deladdrlabel={0x38, 0x49, 0x1, 0x70bd29, 0x25dfdbf8, {0xa, 0x0, 0x80, 0x0, 0x0, 0x2}, [@IFAL_ADDRESS={0x14, 0x1, @loopback}, @IFAL_LABEL={0x8}]}, 0x38}}, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e1e, @dev={0xac, 0x14, 0x14, 0x2e}}, {0x304, @local}, 0x2, {0x2, 0x4e20, @rand_addr=0x64010100}})
sendmsg$NFNL_MSG_ACCT_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x14, 0x1, 0x7, 0x3, 0x0, 0x0, {0x0, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x48)
r7 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16, @ANYBLOB="ff83"], 0x4}}, 0x0)
sendfile(r8, r7, 0x0, 0x100000002)

46.224678053s ago: executing program 0 (id=615):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setfsgid(0xee00)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c4}, 0x4c800)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x73f0, 0x9})
fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x7, 0x5})

46.12067134s ago: executing program 0 (id=616):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0xfffffffc)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x8)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0x0, 0x0, 0x0)
shutdown(r2, 0x0)
close(0x3)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x0, 0x14, 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'/20, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000001c0)="0102", 0x0}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001240)={'vxcan1\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000001280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x3, [@var={0x9, 0x0, 0x0, 0xe, 0x5, 0x1}, @ptr={0x6, 0x0, 0x0, 0x2, 0x2}, @typedef={0x6}, @ptr={0x9, 0x0, 0x0, 0x2, 0x1}, @fwd={0xd}, @type_tag={0x6, 0x0, 0x0, 0x12, 0x5}, @union={0x1, 0x3, 0x0, 0x5, 0x0, 0x5, [{0xe, 0x5, 0x3ff}, {0x6, 0x2, 0x4}, {0x7, 0x0, 0x80000001}]}]}, {0x0, [0x0]}}, &(0x7f0000001340)=""/5, 0x97, 0x5, 0x1, 0x7}, 0x28)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001440)={0x1b, 0x0, 0x0, 0x4, 0x0, r1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x5}, 0x50)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
fchown(r5, 0xee01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001540)=@base={0x20, 0x7fff, 0x319dc475, 0x8, 0x2029, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x4}, 0x50)

45.684464623s ago: executing program 0 (id=617):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000000)={0x4c83bb99bfb2ee58})
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000500)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="cf0400000000fcffffff1200000008000300", @ANYRES32=r7, @ANYBLOB="0a0006000802110000000000080014"], 0x30}, 0x1, 0x0, 0x0, 0x20008010}, 0x40000)
read$FUSE(r3, &(0x7f0000002780)={0x2020}, 0x5ecfb203)

45.680386671s ago: executing program 0 (id=618):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)

45.620957216s ago: executing program 0 (id=619):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
keyctl$dh_compute(0x28, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x101401, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x1000840, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@flag='nolazytime'}]}})
ioctl$PPPIOCSDEBUG(0xffffffffffffffff, 0x40047440, &(0x7f00000000c0)=0x7)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d03be7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0) (async)
keyctl$dh_compute(0x28, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6) (async)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x101401, 0x0) (async)
openat$vcs(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') (async)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x1000840, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@flag='nolazytime'}]}}) (async)
ioctl$PPPIOCSDEBUG(0xffffffffffffffff, 0x40047440, &(0x7f00000000c0)=0x7) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
dup(r2) (async)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d03be7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006) (async)

43.873847724s ago: executing program 4 (id=620):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000010000000000000008000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r2, 0x0, 0x15)

42.792966698s ago: executing program 4 (id=621):
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(0xffffffffffffffff, 0x1e, 0x0, 0x1)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48045}, 0x4404)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x118}, 0x1, 0x0, 0x0, 0x2004e953}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="180000002e00010026bdf000fcdbdf1b040000000400"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
close(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000280)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}], 0x38}, 0x50000)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0xc4, r2, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}]}, 0xc4}, 0x1, 0x0, 0x0, 0x90}, 0x54)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
dup3(r5, r4, 0x0)
syz_usb_connect$uac1(0x3, 0xa2, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

42.098041503s ago: executing program 4 (id=622):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbefb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000700)=@abs={0x0, 0x0, 0x10000}, 0x6e)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$I2C(0x0, 0x19a, 0x200)
ioctl$SIOCGSTAMP(r3, 0x8906, &(0x7f0000000380))
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f000009f580), r4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r4, &(0x7f0000000200)={0x0, 0x40000, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r5, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}}, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

41.45765642s ago: executing program 4 (id=623):
mknod(&(0x7f0000000040)='./file0\x00', 0x800141f, 0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x20842, 0x10c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x220c)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x40c8, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2ca4b2470bcc1c2a356d8d2cf560ef7ac70d93a6ab59edf7934cef79d64404112f8b23542a5959ca240854ec16e92e271b840fa3d7c27ad14381fe9b7e0a474300000000000000"])
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = fanotify_init(0x40, 0x40000)
poll(&(0x7f0000000440)=[{r3, 0x8440}], 0x1, 0x9)
bind$alg(r2, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r4 = accept$alg(r2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r5, &(0x7f00000080c0)=[{{&(0x7f0000000480)={0xa, 0x4e21, 0x8, @private2, 0x6}, 0x1c, &(0x7f0000002280)=[{&(0x7f00000004c0)="b4", 0x1}], 0x1}}, {{&(0x7f0000000800)={0xa, 0x4e24, 0xffffff8d, @rand_addr=' \x01\x00', 0x101}, 0x1c, &(0x7f0000001c80)=[{&(0x7f0000004580)="b8", 0x1}], 0x1}}], 0x2, 0x931766f6319eed40)
shutdown(r5, 0x1)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r5, 0x84, 0x79, &(0x7f00000003c0)={0x0, 0x7, 0xd}, 0x8)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000), 0x4)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000040)="b19ccccf84f524d9ec213c75dac2a883e454482767c5cfcb1430c1", 0x1b)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r10, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r9, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x90000000, 0x28a, &(0x7f0000000000)=0x4})
ioctl$KVM_INTERRUPT(r10, 0x4004ae86, &(0x7f0000000240)=0x4)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3400000044000701feffffff00000000037c0000040042800c00018006000600800a0000100002"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
sendmmsg$alg(r4, &(0x7f0000003000)=[{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000240)="810cac7d48", 0x5}, {&(0x7f00000033c0)="f5ac467833c129406b9fb742", 0xc}], 0x2, 0x0, 0x0, 0xc855}], 0x1, 0x4004004)

34.574684161s ago: executing program 32 (id=594):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYRES32=0x0], 0x48)
r0 = socket(0x11, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000000010104000000000000000002001000240002801400018008000100e000000108000200e00000010c00028005000100000000001c0010800800014000000000d97405010000000008000240000000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000100000040000180060001000a00000008000500000000000c000700000000000000000008000900710000000700060072720000080008000000000008000b"], 0x54}}, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r0)
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000680)={&(0x7f0000000580), 0xc, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="020026bd6c00fbdbdf17250c0000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x48000)
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x7c, r3, 0x10, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_DEST={0x60, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xfff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x81}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@loopback}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xa}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x3c, r7, 0x800, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x47}, {0x1, 0x7}, {0x1}], "634ee4d448d274e3"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0x9, 0x1}, {0x6, 0x7}, {0x6, 0x7}], "dc4dfb6843843db5"}}]}, 0x3c}}, 0x44)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xfffffffffffffffd, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000010}, 0x4008000)

33.454315678s ago: executing program 33 (id=604):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x14, 0x8023, 0x107, 0x70bd2a, 0x10000, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x891}, 0xc000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x197, 0x0)
r3 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
r6 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
syz_usb_control_io$cdc_ncm(r6, 0x0, 0x0)
io_uring_enter(r3, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFULA_CFG_CMD={0x5, 0x1, 0x3}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x44084}, 0x80)
r8 = eventfd(0xfffffff9)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r7}, 0x8)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r9, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(r2, 0xc0385868, &(0x7f00000004c0)={<r11=>r3, &(0x7f0000000200)='.*{!$\x00', 0x42000, &(0x7f0000000400)={@_ha_fsid={[0x8001, 0x2]}, {0xfff, 0x9, 0x1a1, 0xd}}, 0x80, &(0x7f0000000440)={@_ha_fsid}, &(0x7f0000000480)=0x3})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@bloom_filter={0x1e, 0xdd, 0x5, 0x5, 0x6225c, r9, 0xd747fd1, '\x00', r10, r11, 0x5, 0x2, 0x0, 0xc}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x3, 0xe, &(0x7f0000000140)=@raw=[@printk={@i}, @jmp={0x5, 0x1, 0x3, 0x9, 0x2, 0xfffffffffffffffc, 0x10}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @ldst={0x1, 0x2, 0x0, 0xa, 0x5, 0x40, 0xffffffffffffffff}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x2}], &(0x7f0000000280)='GPL\x00', 0x7, 0x0, 0x0, 0x1f00, 0x0, '\x00', r10, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffff}, 0x94)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r8)
r12 = syz_clone(0x40001000, 0x0, 0x54, &(0x7f0000000000), 0x0, 0x0)
syz_pidfd_open(r12, 0x0)

29.278446167s ago: executing program 34 (id=619):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
keyctl$dh_compute(0x28, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x101401, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x1000840, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@flag='nolazytime'}]}})
ioctl$PPPIOCSDEBUG(0xffffffffffffffff, 0x40047440, &(0x7f00000000c0)=0x7)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d03be7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0) (async)
keyctl$dh_compute(0x28, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6) (async)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x101401, 0x0) (async)
openat$vcs(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') (async)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x1000840, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [{@flag='nolazytime'}]}}) (async)
ioctl$PPPIOCSDEBUG(0xffffffffffffffff, 0x40047440, &(0x7f00000000c0)=0x7) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
dup(r2) (async)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d03be7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006) (async)

25.908027037s ago: executing program 35 (id=623):
mknod(&(0x7f0000000040)='./file0\x00', 0x800141f, 0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x20842, 0x10c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x220c)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x40c8, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2ca4b2470bcc1c2a356d8d2cf560ef7ac70d93a6ab59edf7934cef79d64404112f8b23542a5959ca240854ec16e92e271b840fa3d7c27ad14381fe9b7e0a474300000000000000"])
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = fanotify_init(0x40, 0x40000)
poll(&(0x7f0000000440)=[{r3, 0x8440}], 0x1, 0x9)
bind$alg(r2, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r4 = accept$alg(r2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r5, &(0x7f00000080c0)=[{{&(0x7f0000000480)={0xa, 0x4e21, 0x8, @private2, 0x6}, 0x1c, &(0x7f0000002280)=[{&(0x7f00000004c0)="b4", 0x1}], 0x1}}, {{&(0x7f0000000800)={0xa, 0x4e24, 0xffffff8d, @rand_addr=' \x01\x00', 0x101}, 0x1c, &(0x7f0000001c80)=[{&(0x7f0000004580)="b8", 0x1}], 0x1}}], 0x2, 0x931766f6319eed40)
shutdown(r5, 0x1)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r5, 0x84, 0x79, &(0x7f00000003c0)={0x0, 0x7, 0xd}, 0x8)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000), 0x4)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000040)="b19ccccf84f524d9ec213c75dac2a883e454482767c5cfcb1430c1", 0x1b)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r10, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r9, 0x4018aee3, &(0x7f0000000080)=@attr_other={0x0, 0x90000000, 0x28a, &(0x7f0000000000)=0x4})
ioctl$KVM_INTERRUPT(r10, 0x4004ae86, &(0x7f0000000240)=0x4)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3400000044000701feffffff00000000037c0000040042800c00018006000600800a0000100002"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
sendmmsg$alg(r4, &(0x7f0000003000)=[{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000240)="810cac7d48", 0x5}, {&(0x7f00000033c0)="f5ac467833c129406b9fb742", 0xc}], 0x2, 0x0, 0x0, 0xc855}], 0x1, 0x4004004)

21.743601564s ago: executing program 2 (id=633):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbefb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000700)=@abs={0x0, 0x0, 0x10000}, 0x6e)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$I2C(0x0, 0x19a, 0x200)
ioctl$SIOCGSTAMP(r3, 0x8906, &(0x7f0000000380))
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f000009f580), r4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r4, &(0x7f0000000200)={0x0, 0x40000, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r5, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}}, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

20.071311734s ago: executing program 2 (id=634):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {0x0, r1}}, 0x18) (fail_nth: 1)

19.496828777s ago: executing program 2 (id=635):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000010000000000000008000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r1], 0x15)

19.139987592s ago: executing program 2 (id=636):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0, @ANYRESDEC], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000003c0)={0x1c, &(0x7f00000000c0)=ANY=[@ANYBLOB="406bcad1c15a2cc584a622b791f50e00"/28], 0x0, 0x0})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
socket(0x10, 0x803, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x140000000, 0x109003)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0xc1105511, &(0x7f0000000040)={0x8, 0x2, 0x6, 0x4, 'syz1\x00', 0x2})
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000005c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac14141500000000000000000000000000000005000000000a00200000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ac00000000000000ff0f00000000000000000000000000000000000000000000ffffffffffffffffffffff7f0000000000000000000000000200000000000000000a00000000000000000000008040007a03000000000000030000000000000001000000000000004400050000000000000000000000000000000000000004d23c00000000000000ffffffff0000000000000000000000000000000000030000490000000000000000000000cd897f3b0cc909c501d437358a8d4479768d842324d102d34a50e0c6912f219a21fd22d326d4c6c92173a1240cada613d9b97d186e199a7bb0c60913173f3c224221f3339514171b41ac1be8b6d1a743847e4510e7c1124948829d4d8e783d1ad0c56682f6969c9b33e64c5c26fe264e1a1414c71c0fb21adcf35f7d000a1fbe95199cf361dfd0a1681df89bbdb4444de39e11f4e2d3863edded097cf8562d49e91b0d3e16019e319eba8f371b72800155be1cbd1aba21958cbfad633be5d462d319d6ec1c7a"], 0xfc}, 0x1, 0x0, 0x0, 0x8004}, 0x1)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100000000000000000000000000fc01000000000000000000000000000000000000000000000a0000"], 0xfc}}, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r5, &(0x7f0000000300)={0xa, 0x4e22, 0x2, @mcast2, 0x2005}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x42, 0x18)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010101}, {0x2, 0xfffd, @local}, {0x2, 0x4e27, @empty}, 0x1c9, 0x0, 0x0, 0x0, 0xfff6, 0x0, 0x4, 0x8})
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES64=r6, @ANYRESHEX=r5, @ANYRES8=r7], 0x1c}, 0x1, 0x0, 0x0, 0x8c4}, 0x8000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)

15.908913073s ago: executing program 2 (id=637):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000010000000000000008000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRESHEX=r2], 0x15)

15.635235444s ago: executing program 2 (id=638):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(0xffffffffffffffff, 0x4148, 0x0)
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80082380}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0xf4, r0, 0x100, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010100}}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}]}, @MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x10}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @local}}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x44, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010102}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x4}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010100}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ID={0x5}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7}]}, 0xf4}, 0x1, 0x0, 0x0, 0x80}, 0x40841)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="64670feea1096f00003e660f38054c880f323e26640fb9a9c94f660fc7b27f1a360f09366764f4660fdd40e69a3a00e300baa000b0e5ee", 0x37}], 0x1, 0x21, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
capset(0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x5, 0x58000, 0x2000, &(0x7f000000b000/0x2000)=nil})

0s ago: executing program 36 (id=638):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(0xffffffffffffffff, 0x4148, 0x0)
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80082380}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0xf4, r0, 0x100, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010100}}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}]}, @MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x10}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @local}}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x44, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010102}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x4}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010100}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ID={0x5}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7}]}, 0xf4}, 0x1, 0x0, 0x0, 0x80}, 0x40841)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="64670feea1096f00003e660f38054c880f323e26640fb9a9c94f660fc7b27f1a360f09366764f4660fdd40e69a3a00e300baa000b0e5ee", 0x37}], 0x1, 0x21, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
capset(0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x5, 0x58000, 0x2000, &(0x7f000000b000/0x2000)=nil})

kernel console output (not intermixed with test programs):

1 has invalid maxpacket 1024, setting to 64
[  160.066470][ T6346] usb 3-1: config 1 interface 0 has no altsetting 0
[  160.094289][ T6346] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c05, bcdDevice= 0.40
[  160.094316][ T6346] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.094333][ T6346] usb 3-1: Product: Ъ
[  160.094346][ T6346] usb 3-1: Manufacturer: ÐŽ
[  160.094358][ T6346] usb 3-1: SerialNumber: ц
[  160.145929][ T6926] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  160.360056][ T6926] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.360731][ T6926] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  160.417784][ T6346] usbhid 3-1:1.0: can't add hid device: -71
[  160.417877][ T6346] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  160.438190][ T6346] usb 3-1: USB disconnect, device number 8
[  160.749739][ T5899] usb 4-1: device descriptor read/64, error -71
[  162.370025][ T5899] usb 4-1: reset high-speed USB device number 8 using dummy_hcd
[  162.371136][ T5899] usb 4-1: device reset changed ep0 maxpacket size!
[  162.411916][   T43] usb 4-1: USB disconnect, device number 8
[  162.464683][ T6952] FAULT_INJECTION: forcing a failure.
[  162.464683][ T6952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.464710][ T6952] CPU: 0 UID: 0 PID: 6952 Comm: syz.2.360 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  162.464726][ T6952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  162.464733][ T6952] Call Trace:
[  162.464739][ T6952]  <TASK>
[  162.464745][ T6952]  dump_stack_lvl+0xe8/0x150
[  162.464770][ T6952]  should_fail_ex+0x46b/0x600
[  162.464789][ T6952]  _copy_from_user+0x2d/0xb0
[  162.464807][ T6952]  __sys_bpf+0x229/0x950
[  162.464826][ T6952]  ? __pfx___sys_bpf+0x10/0x10
[  162.464838][ T6952]  ? rt_mutex_slowunlock+0x1cb/0x300
[  162.464867][ T6952]  ? ksys_write+0x248/0x270
[  162.464888][ T6952]  ? __pfx_ksys_write+0x10/0x10
[  162.464911][ T6952]  __x64_sys_bpf+0x7c/0x90
[  162.464927][ T6952]  do_syscall_64+0x14d/0xf80
[  162.464944][ T6952]  ? trace_irq_disable+0x3b/0x150
[  162.464959][ T6952]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.464973][ T6952]  ? clear_bhb_loop+0x40/0x90
[  162.464989][ T6952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.465002][ T6952] RIP: 0033:0x7f573b05c799
[  162.465016][ T6952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.465029][ T6952] RSP: 002b:00007f57392b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  162.465045][ T6952] RAX: ffffffffffffffda RBX: 00007f573b2d5fa0 RCX: 00007f573b05c799
[  162.465054][ T6952] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000005
[  162.465062][ T6952] RBP: 00007f57392b6090 R08: 0000000000000000 R09: 0000000000000000
[  162.465069][ T6952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.465077][ T6952] R13: 00007f573b2d6038 R14: 00007f573b2d5fa0 R15: 00007ffd44ac0d18
[  162.465100][ T6952]  </TASK>
[  162.657987][ T6929] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  162.818239][ T6959] FAULT_INJECTION: forcing a failure.
[  162.818239][ T6959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.818270][ T6959] CPU: 0 UID: 0 PID: 6959 Comm: syz.0.363 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  162.818290][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  162.818300][ T6959] Call Trace:
[  162.818308][ T6959]  <TASK>
[  162.818348][ T6959]  dump_stack_lvl+0xe8/0x150
[  162.818379][ T6959]  should_fail_ex+0x46b/0x600
[  162.818405][ T6959]  _copy_to_user+0x31/0xb0
[  162.818430][ T6959]  simple_read_from_buffer+0xe1/0x170
[  162.818456][ T6959]  proc_fail_nth_read+0x1be/0x230
[  162.818480][ T6959]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  162.818504][ T6959]  ? rw_verify_area+0x2ac/0x4e0
[  162.818527][ T6959]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  162.818549][ T6959]  vfs_read+0x212/0xa80
[  162.818581][ T6959]  ? __pfx_vfs_read+0x10/0x10
[  162.818607][ T6959]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  162.818630][ T6959]  ? lockdep_hardirqs_on+0x7a/0x110
[  162.818654][ T6959]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  162.818676][ T6959]  ? mutex_lock_nested+0x152/0x1d0
[  162.818693][ T6959]  ? fdget_pos+0x252/0x320
[  162.818722][ T6959]  ksys_read+0x156/0x270
[  162.818748][ T6959]  ? __pfx_ksys_read+0x10/0x10
[  162.818782][ T6959]  do_syscall_64+0x14d/0xf80
[  162.818804][ T6959]  ? trace_irq_disable+0x3b/0x150
[  162.818823][ T6959]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.818840][ T6959]  ? clear_bhb_loop+0x40/0x90
[  162.818861][ T6959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.818878][ T6959] RIP: 0033:0x7f4b2233cfce
[  162.818895][ T6959] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  162.818910][ T6959] RSP: 002b:00007f4b205d5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  162.818930][ T6959] RAX: ffffffffffffffda RBX: 00007f4b205d66c0 RCX: 00007f4b2233cfce
[  162.818943][ T6959] RDX: 000000000000000f RSI: 00007f4b205d60a0 RDI: 0000000000000003
[  162.818954][ T6959] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  162.818965][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.818975][ T6959] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  162.819005][ T6959]  </TASK>
[  163.243584][ T6965] FAULT_INJECTION: forcing a failure.
[  163.243584][ T6965] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.243615][ T6965] CPU: 0 UID: 0 PID: 6965 Comm: syz.0.368 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  163.243635][ T6965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  163.243647][ T6965] Call Trace:
[  163.243654][ T6965]  <TASK>
[  163.243661][ T6965]  dump_stack_lvl+0xe8/0x150
[  163.243692][ T6965]  should_fail_ex+0x46b/0x600
[  163.243717][ T6965]  _copy_to_user+0x31/0xb0
[  163.243741][ T6965]  simple_read_from_buffer+0xe1/0x170
[  163.243767][ T6965]  proc_fail_nth_read+0x1be/0x230
[  163.243791][ T6965]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.243815][ T6965]  ? rw_verify_area+0x2ac/0x4e0
[  163.243837][ T6965]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.243859][ T6965]  vfs_read+0x212/0xa80
[  163.243957][ T6965]  ? __pfx_vfs_read+0x10/0x10
[  163.243985][ T6965]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  163.244008][ T6965]  ? lockdep_hardirqs_on+0x7a/0x110
[  163.244030][ T6965]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  163.244052][ T6965]  ? mutex_lock_nested+0x152/0x1d0
[  163.244069][ T6965]  ? fdget_pos+0x252/0x320
[  163.244098][ T6965]  ksys_read+0x156/0x270
[  163.244124][ T6965]  ? __pfx_ksys_read+0x10/0x10
[  163.244158][ T6965]  do_syscall_64+0x14d/0xf80
[  163.244179][ T6965]  ? trace_irq_disable+0x3b/0x150
[  163.244198][ T6965]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.244217][ T6965]  ? clear_bhb_loop+0x40/0x90
[  163.244238][ T6965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.244256][ T6965] RIP: 0033:0x7f4b2233cfce
[  163.244273][ T6965] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  163.244288][ T6965] RSP: 002b:00007f4b205d5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  163.244307][ T6965] RAX: ffffffffffffffda RBX: 00007f4b205d66c0 RCX: 00007f4b2233cfce
[  163.244320][ T6965] RDX: 000000000000000f RSI: 00007f4b205d60a0 RDI: 0000000000000004
[  163.244332][ T6965] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  163.244343][ T6965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.244353][ T6965] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  163.244383][ T6965]  </TASK>
[  164.565087][  T890] usb 2-1: USB disconnect, device number 6
[  164.658748][ T6983] FAULT_INJECTION: forcing a failure.
[  164.658748][ T6983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.658781][ T6983] CPU: 1 UID: 0 PID: 6983 Comm: syz.0.373 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  164.658801][ T6983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  164.658812][ T6983] Call Trace:
[  164.658819][ T6983]  <TASK>
[  164.658827][ T6983]  dump_stack_lvl+0xe8/0x150
[  164.658857][ T6983]  should_fail_ex+0x46b/0x600
[  164.658882][ T6983]  _copy_from_user+0x2d/0xb0
[  164.658904][ T6983]  ___sys_sendmsg+0x1c6/0x360
[  164.658935][ T6983]  ? __pfx____sys_sendmsg+0x10/0x10
[  164.658991][ T6983]  ? __fget_files+0x2a/0x420
[  164.659012][ T6983]  ? __fget_files+0x3a6/0x420
[  164.659041][ T6983]  __x64_sys_sendmsg+0x1c3/0x2a0
[  164.659068][ T6983]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  164.659099][ T6983]  ? __pfx_ksys_write+0x10/0x10
[  164.659134][ T6983]  do_syscall_64+0x14d/0xf80
[  164.659155][ T6983]  ? trace_irq_disable+0x3b/0x150
[  164.659175][ T6983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.659193][ T6983]  ? clear_bhb_loop+0x40/0x90
[  164.659214][ T6983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.659232][ T6983] RIP: 0033:0x7f4b2237c799
[  164.659249][ T6983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  164.659264][ T6983] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.659283][ T6983] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  164.659296][ T6983] RDX: 0000000000040010 RSI: 0000200000000100 RDI: 0000000000000004
[  164.659308][ T6983] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  164.659319][ T6983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.659330][ T6983] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  164.659359][ T6983]  </TASK>
[  164.896791][ T5913] udevd[5913]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  165.069760][  T890] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  165.192718][ T6996] XFS (nbd2): no-recovery mounts must be read-only.
[  165.202865][ T6999] FAULT_INJECTION: forcing a failure.
[  165.202865][ T6999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.202896][ T6999] CPU: 0 UID: 0 PID: 6999 Comm: syz.0.379 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  165.202917][ T6999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  165.202926][ T6999] Call Trace:
[  165.202933][ T6999]  <TASK>
[  165.202941][ T6999]  dump_stack_lvl+0xe8/0x150
[  165.202970][ T6999]  should_fail_ex+0x46b/0x600
[  165.202994][ T6999]  _copy_from_user+0x2d/0xb0
[  165.203016][ T6999]  ___sys_sendmsg+0x1c6/0x360
[  165.203052][ T6999]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.203080][ T6999]  ? kstrtouint+0x6e/0xe0
[  165.203119][ T6999]  ? __fget_files+0x2a/0x420
[  165.203139][ T6999]  ? __fget_files+0x3a6/0x420
[  165.203168][ T6999]  __sys_sendmmsg+0x282/0x4e0
[  165.203196][ T6999]  ? __pfx___sys_sendmmsg+0x10/0x10
[  165.203227][ T6999]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  165.203258][ T6999]  ? ksys_write+0x248/0x270
[  165.203284][ T6999]  ? __pfx_ksys_write+0x10/0x10
[  165.203313][ T6999]  __x64_sys_sendmmsg+0xa0/0xc0
[  165.203337][ T6999]  do_syscall_64+0x14d/0xf80
[  165.203357][ T6999]  ? trace_irq_disable+0x3b/0x150
[  165.203376][ T6999]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.203393][ T6999]  ? clear_bhb_loop+0x40/0x90
[  165.203414][ T6999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.203430][ T6999] RIP: 0033:0x7f4b2237c799
[  165.203446][ T6999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  165.203461][ T6999] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  165.203479][ T6999] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  165.203492][ T6999] RDX: 0000000000000001 RSI: 0000200000004480 RDI: 0000000000000003
[  165.203503][ T6999] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  165.203515][ T6999] R10: 00000000000001d3 R11: 0000000000000246 R12: 0000000000000001
[  165.203525][ T6999] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  165.203551][ T6999]  </TASK>
[  166.610675][ T6996] netlink: 20 bytes leftover after parsing attributes in process `syz.2.378'.
[  166.689720][  T890] usb 2-1: Using ep0 maxpacket: 32
[  166.749712][  T890] usb 2-1: device descriptor read/all, error -71
[  166.879696][ T6008] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  167.019744][ T6008] usb 3-1: device descriptor read/64, error -71
[  167.279722][ T6008] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  167.382103][ T6346] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  167.409783][ T6008] usb 3-1: device descriptor read/64, error -71
[  167.525204][ T6346] usb 4-1: device descriptor read/64, error -71
[  167.527417][ T6008] usb usb3-port1: attempt power cycle
[  167.734075][ T7045] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  167.769722][ T6346] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  167.864544][ T6008] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  167.880730][ T6008] usb 3-1: device descriptor read/8, error -71
[  167.899660][ T6346] usb 4-1: device descriptor read/64, error -71
[  168.015852][ T6346] usb usb4-port1: attempt power cycle
[  168.112596][ T7064] FAULT_INJECTION: forcing a failure.
[  168.112596][ T7064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.112618][ T7064] CPU: 1 UID: 0 PID: 7064 Comm: syz.0.408 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  168.112630][ T7064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  168.112636][ T7064] Call Trace:
[  168.112640][ T7064]  <TASK>
[  168.112645][ T7064]  dump_stack_lvl+0xe8/0x150
[  168.112664][ T7064]  should_fail_ex+0x46b/0x600
[  168.112679][ T7064]  _copy_from_user+0x2d/0xb0
[  168.112692][ T7064]  ___sys_sendmsg+0x1c6/0x360
[  168.112710][ T7064]  ? __pfx____sys_sendmsg+0x10/0x10
[  168.112740][ T7064]  ? __fget_files+0x2a/0x420
[  168.112751][ T7064]  ? __fget_files+0x3a6/0x420
[  168.112770][ T7064]  __x64_sys_sendmsg+0x1c3/0x2a0
[  168.112786][ T7064]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  168.112803][ T7064]  ? __pfx_ksys_write+0x10/0x10
[  168.112823][ T7064]  do_syscall_64+0x14d/0xf80
[  168.112835][ T7064]  ? trace_irq_disable+0x3b/0x150
[  168.112847][ T7064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.112857][ T7064]  ? clear_bhb_loop+0x40/0x90
[  168.112868][ T7064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.112878][ T7064] RIP: 0033:0x7f4b2237c799
[  168.112888][ T7064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  168.112897][ T7064] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.112908][ T7064] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  168.112915][ T7064] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  168.112921][ T7064] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  168.112927][ T7064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.112933][ T7064] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  168.112948][ T7064]  </TASK>
[  168.139951][ T6008] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  168.180603][ T6008] usb 3-1: device descriptor read/8, error -71
[  168.290570][ T6008] usb usb3-port1: unable to enumerate USB device
[  168.349677][ T6346] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  168.380335][ T6346] usb 4-1: device descriptor read/8, error -71
[  168.629722][ T6346] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  168.650882][ T6346] usb 4-1: device descriptor read/8, error -71
[  169.879684][ T6346] usb usb4-port1: unable to enumerate USB device
[  170.460406][ T7086] FAULT_INJECTION: forcing a failure.
[  170.460406][ T7086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.460461][ T7086] CPU: 0 UID: 0 PID: 7086 Comm: syz.4.415 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  170.460482][ T7086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  170.460493][ T7086] Call Trace:
[  170.460501][ T7086]  <TASK>
[  170.460508][ T7086]  dump_stack_lvl+0xe8/0x150
[  170.460539][ T7086]  should_fail_ex+0x46b/0x600
[  170.460564][ T7086]  _copy_from_user+0x2d/0xb0
[  170.460587][ T7086]  ___sys_sendmsg+0x1c6/0x360
[  170.460617][ T7086]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.460659][ T7086]  ? irqentry_exit+0x59e/0x620
[  170.460682][ T7086]  ? lockdep_hardirqs_on+0x7a/0x110
[  170.460728][ T7086]  __sys_sendmmsg+0x282/0x4e0
[  170.460756][ T7086]  ? __pfx___sys_sendmmsg+0x10/0x10
[  170.460804][ T7086]  ? ksys_write+0x248/0x270
[  170.460828][ T7086]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  170.460858][ T7086]  __x64_sys_sendmmsg+0xa0/0xc0
[  170.460884][ T7086]  do_syscall_64+0x14d/0xf80
[  170.460905][ T7086]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.460924][ T7086]  ? clear_bhb_loop+0x40/0x90
[  170.460945][ T7086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.460963][ T7086] RIP: 0033:0x7f1cc599c799
[  170.460980][ T7086] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  170.460995][ T7086] RSP: 002b:00007f1cc3bac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  170.461015][ T7086] RAX: ffffffffffffffda RBX: 00007f1cc5c16180 RCX: 00007f1cc599c799
[  170.461028][ T7086] RDX: 0000000000000004 RSI: 00002000000042c0 RDI: 0000000000000007
[  170.461039][ T7086] RBP: 00007f1cc3bac090 R08: 0000000000000000 R09: 0000000000000000
[  170.461051][ T7086] R10: 000000000000c054 R11: 0000000000000246 R12: 0000000000000001
[  170.461062][ T7086] R13: 00007f1cc5c16218 R14: 00007f1cc5c16180 R15: 00007fff585a74d8
[  170.461091][ T7086]  </TASK>
[  170.464256][ T7086] netlink: 24 bytes leftover after parsing attributes in process `syz.4.415'.
[  171.294940][ T7091] FAULT_INJECTION: forcing a failure.
[  171.294940][ T7091] name failslab, interval 1, probability 0, space 0, times 0
[  171.294972][ T7091] CPU: 1 UID: 0 PID: 7091 Comm: syz.4.420 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  171.294992][ T7091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  171.295002][ T7091] Call Trace:
[  171.295009][ T7091]  <TASK>
[  171.295027][ T7091]  dump_stack_lvl+0xe8/0x150
[  171.295057][ T7091]  should_fail_ex+0x46b/0x600
[  171.295080][ T7091]  should_failslab+0xa8/0x100
[  171.295099][ T7091]  __kmalloc_noprof+0xdf/0x7b0
[  171.295122][ T7091]  ? kfree+0x4d/0x6c0
[  171.295142][ T7091]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  171.295165][ T7091]  tomoyo_realpath_from_path+0xe3/0x5d0
[  171.295188][ T7091]  ? tomoyo_path_number_perm+0x219/0x630
[  171.295209][ T7091]  tomoyo_path_number_perm+0x246/0x630
[  171.295234][ T7091]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.295257][ T7091]  ? __lock_acquire+0x6b5/0x2cf0
[  171.295304][ T7091]  ? __fget_files+0x2a/0x420
[  171.295328][ T7091]  ? __fget_files+0x2a/0x420
[  171.295347][ T7091]  ? __fget_files+0x3a6/0x420
[  171.295366][ T7091]  ? __fget_files+0x2a/0x420
[  171.295389][ T7091]  security_file_ioctl+0xc3/0x2a0
[  171.295415][ T7091]  __se_sys_ioctl+0x47/0x170
[  171.295442][ T7091]  do_syscall_64+0x14d/0xf80
[  171.295464][ T7091]  ? trace_irq_disable+0x3b/0x150
[  171.295483][ T7091]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.295500][ T7091]  ? clear_bhb_loop+0x40/0x90
[  171.295519][ T7091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.295536][ T7091] RIP: 0033:0x7f1cc599c799
[  171.295552][ T7091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  171.295566][ T7091] RSP: 002b:00007f1cc3bee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.295584][ T7091] RAX: ffffffffffffffda RBX: 00007f1cc5c15fa0 RCX: 00007f1cc599c799
[  171.295597][ T7091] RDX: 0000000000000000 RSI: 0000000000005441 RDI: 0000000000000003
[  171.295608][ T7091] RBP: 00007f1cc3bee090 R08: 0000000000000000 R09: 0000000000000000
[  171.295618][ T7091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.295628][ T7091] R13: 00007f1cc5c16038 R14: 00007f1cc5c15fa0 R15: 00007fff585a74d8
[  171.295656][ T7091]  </TASK>
[  171.295663][ T7091] ERROR: Out of memory at tomoyo_realpath_from_path.
[  171.542622][ T7096] FAULT_INJECTION: forcing a failure.
[  171.542622][ T7096] name failslab, interval 1, probability 0, space 0, times 0
[  171.542653][ T7096] CPU: 1 UID: 0 PID: 7096 Comm: syz.3.423 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  171.542673][ T7096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  171.542684][ T7096] Call Trace:
[  171.542691][ T7096]  <TASK>
[  171.542699][ T7096]  dump_stack_lvl+0xe8/0x150
[  171.542728][ T7096]  should_fail_ex+0x46b/0x600
[  171.542752][ T7096]  should_failslab+0xa8/0x100
[  171.542772][ T7096]  __kmalloc_noprof+0xdf/0x7b0
[  171.542795][ T7096]  ? kfree+0x4d/0x6c0
[  171.542815][ T7096]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  171.542840][ T7096]  tomoyo_realpath_from_path+0xe3/0x5d0
[  171.542868][ T7096]  ? tomoyo_path_number_perm+0x219/0x630
[  171.542892][ T7096]  tomoyo_path_number_perm+0x246/0x630
[  171.542918][ T7096]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.542943][ T7096]  ? __lock_acquire+0x6b5/0x2cf0
[  171.543002][ T7096]  ? __fget_files+0x2a/0x420
[  171.543026][ T7096]  ? __fget_files+0x2a/0x420
[  171.543046][ T7096]  ? __fget_files+0x3a6/0x420
[  171.543065][ T7096]  ? __fget_files+0x2a/0x420
[  171.543089][ T7096]  security_file_ioctl+0xc3/0x2a0
[  171.543115][ T7096]  __se_sys_ioctl+0x47/0x170
[  171.543143][ T7096]  do_syscall_64+0x14d/0xf80
[  171.543165][ T7096]  ? trace_irq_disable+0x3b/0x150
[  171.543184][ T7096]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.543202][ T7096]  ? clear_bhb_loop+0x40/0x90
[  171.543220][ T7096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.543236][ T7096] RIP: 0033:0x7f7ade8ac799
[  171.543252][ T7096] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  171.543268][ T7096] RSP: 002b:00007f7adcafe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.543286][ T7096] RAX: ffffffffffffffda RBX: 00007f7adeb25fa0 RCX: 00007f7ade8ac799
[  171.543298][ T7096] RDX: 0000000000000000 RSI: 0000000000005441 RDI: 0000000000000003
[  171.543308][ T7096] RBP: 00007f7adcafe090 R08: 0000000000000000 R09: 0000000000000000
[  171.543319][ T7096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.543330][ T7096] R13: 00007f7adeb26038 R14: 00007f7adeb25fa0 R15: 00007ffdee0d3e98
[  171.543359][ T7096]  </TASK>
[  171.543365][ T7096] ERROR: Out of memory at tomoyo_realpath_from_path.
[  173.096771][ T7109] program syz.3.426 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  173.134567][ T7108] FAULT_INJECTION: forcing a failure.
[  173.134567][ T7108] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.134597][ T7108] CPU: 1 UID: 0 PID: 7108 Comm: syz.0.427 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  173.134616][ T7108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  173.134626][ T7108] Call Trace:
[  173.134633][ T7108]  <TASK>
[  173.134640][ T7108]  dump_stack_lvl+0xe8/0x150
[  173.134669][ T7108]  should_fail_ex+0x46b/0x600
[  173.134692][ T7108]  _copy_from_user+0x2d/0xb0
[  173.134713][ T7108]  ___sys_sendmsg+0x1c6/0x360
[  173.134743][ T7108]  ? __pfx____sys_sendmsg+0x10/0x10
[  173.134797][ T7108]  ? __fget_files+0x2a/0x420
[  173.134817][ T7108]  ? __fget_files+0x3a6/0x420
[  173.134844][ T7108]  __x64_sys_sendmsg+0x1c3/0x2a0
[  173.134870][ T7108]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  173.134901][ T7108]  ? __pfx_ksys_write+0x10/0x10
[  173.134935][ T7108]  do_syscall_64+0x14d/0xf80
[  173.134964][ T7108]  ? trace_irq_disable+0x3b/0x150
[  173.134983][ T7108]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.135001][ T7108]  ? clear_bhb_loop+0x40/0x90
[  173.135020][ T7108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.135037][ T7108] RIP: 0033:0x7f4b2237c799
[  173.135054][ T7108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.135070][ T7108] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.135088][ T7108] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  173.135102][ T7108] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  173.135113][ T7108] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  173.135124][ T7108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.135134][ T7108] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  173.135160][ T7108]  </TASK>
[  173.723058][ T7120] netlink: 24 bytes leftover after parsing attributes in process `syz.2.414'.
[  174.669682][ T6008] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  174.709976][ T6346] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  174.786923][ T7140] FAULT_INJECTION: forcing a failure.
[  174.786923][ T7140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.786953][ T7140] CPU: 1 UID: 0 PID: 7140 Comm: syz.3.440 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  174.786971][ T7140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  174.786980][ T7140] Call Trace:
[  174.786987][ T7140]  <TASK>
[  174.786995][ T7140]  dump_stack_lvl+0xe8/0x150
[  174.787023][ T7140]  should_fail_ex+0x46b/0x600
[  174.787044][ T7140]  _copy_to_user+0x31/0xb0
[  174.787066][ T7140]  simple_read_from_buffer+0xe1/0x170
[  174.787089][ T7140]  proc_fail_nth_read+0x1be/0x230
[  174.787113][ T7140]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  174.787134][ T7140]  ? rw_verify_area+0x2ac/0x4e0
[  174.787157][ T7140]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  174.787178][ T7140]  vfs_read+0x212/0xa80
[  174.787204][ T7140]  ? __pfx_vfs_read+0x10/0x10
[  174.787226][ T7140]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  174.787250][ T7140]  ? lockdep_hardirqs_on+0x7a/0x110
[  174.787272][ T7140]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  174.787303][ T7140]  ? mutex_lock_nested+0x152/0x1d0
[  174.787318][ T7140]  ? fdget_pos+0x252/0x320
[  174.787344][ T7140]  ksys_read+0x156/0x270
[  174.787367][ T7140]  ? __pfx_filldir+0x10/0x10
[  174.787385][ T7140]  ? __pfx_ksys_read+0x10/0x10
[  174.787416][ T7140]  do_syscall_64+0x14d/0xf80
[  174.787437][ T7140]  ? trace_irq_disable+0x3b/0x150
[  174.787456][ T7140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.787471][ T7140]  ? clear_bhb_loop+0x40/0x90
[  174.787492][ T7140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.787509][ T7140] RIP: 0033:0x7f7ade86cfce
[  174.787527][ T7140] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  174.787542][ T7140] RSP: 002b:00007f7adcafdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  174.787561][ T7140] RAX: ffffffffffffffda RBX: 00007f7adcafe6c0 RCX: 00007f7ade86cfce
[  174.787573][ T7140] RDX: 000000000000000f RSI: 00007f7adcafe0a0 RDI: 0000000000000006
[  174.787584][ T7140] RBP: 00007f7adcafe090 R08: 0000000000000000 R09: 0000000000000000
[  174.787595][ T7140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.787606][ T7140] R13: 00007f7adeb26038 R14: 00007f7adeb25fa0 R15: 00007ffdee0d3e98
[  174.787636][ T7140]  </TASK>
[  174.949654][ T6008] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.970376][ T6346] usb 3-1: device descriptor read/64, error -71
[  175.005193][ T6008] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  175.005221][ T6008] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[  175.005240][ T6008] usb 2-1: Manufacturer: syz
[  175.005252][ T6008] usb 2-1: SerialNumber: syz
[  175.078598][ T6008] usb 2-1: config 0 descriptor??
[  175.219911][ T6346] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  175.238305][ T7150] FAULT_INJECTION: forcing a failure.
[  175.238305][ T7150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.238337][ T7150] CPU: 1 UID: 0 PID: 7150 Comm: syz.0.444 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  175.238357][ T7150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  175.238368][ T7150] Call Trace:
[  175.238375][ T7150]  <TASK>
[  175.238382][ T7150]  dump_stack_lvl+0xe8/0x150
[  175.238411][ T7150]  should_fail_ex+0x46b/0x600
[  175.238435][ T7150]  _copy_from_user+0x2d/0xb0
[  175.238459][ T7150]  ___sys_sendmsg+0x1c6/0x360
[  175.238488][ T7150]  ? __pfx____sys_sendmsg+0x10/0x10
[  175.238542][ T7150]  ? __fget_files+0x2a/0x420
[  175.238562][ T7150]  ? __fget_files+0x3a6/0x420
[  175.238591][ T7150]  __x64_sys_sendmsg+0x1c3/0x2a0
[  175.238617][ T7150]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  175.238648][ T7150]  ? __pfx_ksys_write+0x10/0x10
[  175.238681][ T7150]  do_syscall_64+0x14d/0xf80
[  175.238702][ T7150]  ? trace_irq_disable+0x3b/0x150
[  175.238721][ T7150]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.238741][ T7150]  ? clear_bhb_loop+0x40/0x90
[  175.238761][ T7150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.238778][ T7150] RIP: 0033:0x7f4b2237c799
[  175.238794][ T7150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  175.238809][ T7150] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.238827][ T7150] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  175.238839][ T7150] RDX: 0000000024000880 RSI: 00002000000000c0 RDI: 0000000000000004
[  175.238850][ T7150] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  175.238862][ T7150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.238872][ T7150] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  175.238901][ T7150]  </TASK>
[  175.289525][  T890] usb 2-1: USB disconnect, device number 9
[  175.432044][ T6346] usb 3-1: device descriptor read/64, error -71
[  175.540133][ T6346] usb usb3-port1: attempt power cycle
[  175.733257][ T7158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.733827][ T7158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.879818][ T6346] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  175.911373][ T6346] usb 3-1: device descriptor read/8, error -71
[  175.969680][  T890] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  177.509678][ T6346] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  177.517193][  T890] usb 1-1: device descriptor read/64, error -71
[  177.540038][ T6346] usb 3-1: device descriptor read/8, error -71
[  177.668677][ T6346] usb usb3-port1: unable to enumerate USB device
[  177.695841][ T7184] netlink: 24 bytes leftover after parsing attributes in process `syz.1.452'.
[  177.697067][ T7184] vlan0: entered promiscuous mode
[  177.749706][  T890] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  177.879766][  T890] usb 1-1: device descriptor read/64, error -71
[  177.990999][  T890] usb usb1-port1: attempt power cycle
[  178.110493][ T7186] netlink: 'syz.2.454': attribute type 10 has an invalid length.
[  178.112655][ T7186] team0: Device ipvlan1 failed to register rx_handler
[  178.329789][  T890] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  178.352438][  T890] usb 1-1: device descriptor read/8, error -71
[  178.750549][  T890] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  178.751004][ T1832] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  178.773053][  T890] usb 1-1: device descriptor read/8, error -71
[  179.555176][  T890] usb usb1-port1: unable to enumerate USB device
[  179.631933][ T1832] usb 2-1: Using ep0 maxpacket: 16
[  179.634309][ T1832] usb 2-1: config 0 has an invalid descriptor of length 55, skipping remainder of the config
[  179.634359][ T1832] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  179.634383][ T1832] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  179.634407][ T1832] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  179.639308][ T1832] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  179.639334][ T1832] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.639351][ T1832] usb 2-1: Product: syz
[  179.639363][ T1832] usb 2-1: Manufacturer: syz
[  179.639376][ T1832] usb 2-1: SerialNumber: syz
[  179.735835][ T1832] usb 2-1: config 0 descriptor??
[  179.867600][ T7207] FAULT_INJECTION: forcing a failure.
[  179.867600][ T7207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.867622][ T7207] CPU: 0 UID: 0 PID: 7207 Comm: syz.4.458 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  179.867642][ T7207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  179.867662][ T7207] Call Trace:
[  179.867670][ T7207]  <TASK>
[  179.867677][ T7207]  dump_stack_lvl+0xe8/0x150
[  179.867708][ T7207]  should_fail_ex+0x46b/0x600
[  179.867732][ T7207]  copy_fpstate_to_sigframe+0xada/0xd90
[  179.867774][ T7207]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  179.867802][ T7207]  ? do_raw_spin_lock+0x12b/0x2f0
[  179.867823][ T7207]  ? fpu__alloc_mathframe+0xac/0x130
[  179.867836][ T7207]  get_sigframe+0x5f7/0x820
[  179.867866][ T7207]  ? __pfx_get_sigframe+0x10/0x10
[  179.867887][ T7207]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  179.867906][ T7207]  ? reacquire_held_locks+0x104/0x190
[  179.867924][ T7207]  ? rt_spin_lock+0x1e0/0x400
[  179.867948][ T7207]  x64_setup_rt_frame+0x161/0xcb0
[  179.867967][ T7207]  ? rt_spin_unlock+0x14f/0x200
[  179.867989][ T7207]  ? rt_spin_unlock+0x160/0x200
[  179.868010][ T7207]  ? get_signal+0x1120/0x1310
[  179.868027][ T7207]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  179.868043][ T7207]  arch_do_signal_or_restart+0x429/0x830
[  179.868065][ T7207]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  179.868093][ T7207]  ? ksys_write+0x248/0x270
[  179.868125][ T7207]  exit_to_user_mode_loop+0x86/0x480
[  179.868149][ T7207]  ? rcu_is_watching+0x15/0xb0
[  179.868172][ T7207]  do_syscall_64+0x32d/0xf80
[  179.868194][ T7207]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.868211][ T7207]  ? clear_bhb_loop+0x40/0x90
[  179.868226][ T7207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.868235][ T7207] RIP: 0033:0x7f1cc595cfce
[  179.868246][ T7207] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  179.868254][ T7207] RSP: 002b:00007f1cc3bedfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  179.868272][ T7207] RAX: 0000000000000001 RBX: 00007f1cc3bee6c0 RCX: 00007f1cc595cfce
[  179.868285][ T7207] RDX: 0000000000000001 RSI: 00007f1cc3bee090 RDI: 0000000000000007
[  179.868296][ T7207] RBP: 00007f1cc3bee090 R08: 0000000000000000 R09: 0000000000000000
[  179.868307][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.868317][ T7207] R13: 00007f1cc5c16038 R14: 00007f1cc5c15fa0 R15: 00007fff585a74d8
[  179.868346][ T7207]  </TASK>
[  180.009038][ T1832] appledisplay 2-1:0.0: Error while getting initial brightness: -71
[  180.140270][ T1832] appledisplay 2-1:0.0: probe with driver appledisplay failed with error -71
[  180.163692][ T1832] usb 2-1: USB disconnect, device number 10
[  182.345591][ T7231] netlink: 'syz.3.466': attribute type 3 has an invalid length.
[  184.012377][ T7268] FAULT_INJECTION: forcing a failure.
[  184.012377][ T7268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.012410][ T7268] CPU: 1 UID: 0 PID: 7268 Comm: syz.0.483 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  184.012430][ T7268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  184.012440][ T7268] Call Trace:
[  184.012448][ T7268]  <TASK>
[  184.012456][ T7268]  dump_stack_lvl+0xe8/0x150
[  184.012486][ T7268]  should_fail_ex+0x46b/0x600
[  184.012511][ T7268]  _copy_from_user+0x2d/0xb0
[  184.012534][ T7268]  ___sys_recvmsg+0x175/0x590
[  184.012565][ T7268]  ? __pfx____sys_recvmsg+0x10/0x10
[  184.012611][ T7268]  ? __fget_files+0x3a6/0x420
[  184.012642][ T7268]  do_recvmmsg+0x33a/0x800
[  184.012674][ T7268]  ? __pfx_do_recvmmsg+0x10/0x10
[  184.012710][ T7268]  ? rt_mutex_slowunlock+0x1cb/0x300
[  184.012744][ T7268]  __x64_sys_recvmmsg+0x198/0x250
[  184.012799][ T7268]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  184.012836][ T7268]  do_syscall_64+0x14d/0xf80
[  184.012867][ T7268]  ? trace_irq_disable+0x3b/0x150
[  184.012886][ T7268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.012904][ T7268]  ? clear_bhb_loop+0x40/0x90
[  184.012925][ T7268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.012942][ T7268] RIP: 0033:0x7f4b2237c799
[  184.012960][ T7268] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  184.012975][ T7268] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  184.012994][ T7268] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  184.013008][ T7268] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003
[  184.013019][ T7268] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  184.013031][ T7268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.013041][ T7268] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  184.013070][ T7268]  </TASK>
[  184.180583][ T1832] usb 2-1: new low-speed USB device number 11 using dummy_hcd
[  184.333199][ T1832] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  184.333226][ T1832] usb 2-1: config 179 has no interface number 0
[  184.333278][ T1832] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  184.333313][ T1832] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  184.333334][ T1832] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  184.333357][ T1832] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8
[  184.333380][ T1832] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  184.333419][ T1832] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  184.333498][ T1832] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.346324][ T7264] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  184.415394][ T7284] =======================================================
[  184.415394][ T7284] WARNING: The mand mount option has been deprecated and
[  184.415394][ T7284]          and is ignored by this kernel. Remove the mand
[  184.415394][ T7284]          option from the mount to silence this warning.
[  184.415394][ T7284] =======================================================
[  184.415520][ T7284] cgroup: none used incorrectly
[  184.512826][ T1832] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  184.539836][ T1832] xpad 2-1:179.65: probe with driver xpad failed with error -90
[  184.573655][  T890] usb 2-1: USB disconnect, device number 11
[  184.580803][ T7288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.489'.
[  184.791504][ T6346] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  184.939930][ T6346] usb 3-1: Using ep0 maxpacket: 32
[  184.942068][ T6346] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  184.942091][ T6346] usb 3-1: config 0 has no interface number 0
[  184.944392][ T6346] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  184.944419][ T6346] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.944437][ T6346] usb 3-1: Product: syz
[  184.944449][ T6346] usb 3-1: Manufacturer: syz
[  184.944514][ T6346] usb 3-1: SerialNumber: syz
[  184.965669][ T6346] usb 3-1: config 0 descriptor??
[  184.975128][ T6346] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  184.986932][ T7304] netlink: 'syz.3.497': attribute type 1 has an invalid length.
[  185.066427][ T7310] loop2: detected capacity change from 0 to 7
[  185.082957][ T7304] 8021q: adding VLAN 0 to HW filter on device bond1
[  185.137978][ T6186] Dev loop2: unable to read RDB block 7
[  185.138022][ T6186]  loop2: unable to read partition table
[  185.141199][ T6186] loop2: partition table beyond EOD, truncated
[  185.209169][ T7309] FAULT_INJECTION: forcing a failure.
[  185.209169][ T7309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.209202][ T7309] CPU: 0 UID: 0 PID: 7309 Comm: syz.0.500 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  185.209222][ T7309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  185.209232][ T7309] Call Trace:
[  185.209242][ T7309]  <TASK>
[  185.209250][ T7309]  dump_stack_lvl+0xe8/0x150
[  185.209288][ T7309]  should_fail_ex+0x46b/0x600
[  185.209315][ T7309]  _copy_from_user+0x2d/0xb0
[  185.209338][ T7309]  ___sys_sendmsg+0x1c6/0x360
[  185.209368][ T7309]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.209396][ T7309]  ? kstrtouint+0x6e/0xe0
[  185.209439][ T7309]  ? __fget_files+0x2a/0x420
[  185.209459][ T7309]  ? __fget_files+0x3a6/0x420
[  185.209488][ T7309]  __sys_sendmmsg+0x282/0x4e0
[  185.209516][ T7309]  ? __pfx___sys_sendmmsg+0x10/0x10
[  185.209547][ T7309]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  185.209574][ T7309]  ? ksys_write+0x248/0x270
[  185.209599][ T7309]  ? __pfx_ksys_write+0x10/0x10
[  185.209626][ T7309]  __x64_sys_sendmmsg+0xa0/0xc0
[  185.209650][ T7309]  do_syscall_64+0x14d/0xf80
[  185.209670][ T7309]  ? trace_irq_disable+0x3b/0x150
[  185.209689][ T7309]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.209707][ T7309]  ? clear_bhb_loop+0x40/0x90
[  185.209728][ T7309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.209745][ T7309] RIP: 0033:0x7f4b2237c799
[  185.209761][ T7309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  185.209777][ T7309] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  185.209796][ T7309] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  185.209809][ T7309] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  185.209821][ T7309] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  185.209832][ T7309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.209843][ T7309] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  185.209872][ T7309]  </TASK>
[  185.236752][ T7310] Dev loop2: unable to read RDB block 7
[  185.236796][ T7310]  loop2: unable to read partition table
[  185.237246][ T7310] loop2: partition table beyond EOD, truncated
[  185.237330][ T7310] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5)
[  185.525739][ T7315] FAULT_INJECTION: forcing a failure.
[  185.525739][ T7315] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.525774][ T7315] CPU: 0 UID: 0 PID: 7315 Comm: syz.1.501 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  185.525794][ T7315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  185.525808][ T7315] Call Trace:
[  185.525815][ T7315]  <TASK>
[  185.525823][ T7315]  dump_stack_lvl+0xe8/0x150
[  185.525854][ T7315]  should_fail_ex+0x46b/0x600
[  185.525880][ T7315]  _copy_from_user+0x2d/0xb0
[  185.525903][ T7315]  ___sys_sendmsg+0x1c6/0x360
[  185.525933][ T7315]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.525988][ T7315]  ? __fget_files+0x2a/0x420
[  185.526010][ T7315]  ? __fget_files+0x3a6/0x420
[  185.526040][ T7315]  __x64_sys_sendmsg+0x1c3/0x2a0
[  185.526066][ T7315]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  185.526099][ T7315]  ? __pfx_ksys_write+0x10/0x10
[  185.526121][ T7315]  ? __task_pid_nr_ns+0x28/0x470
[  185.526159][ T7315]  do_syscall_64+0x14d/0xf80
[  185.526182][ T7315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.526200][ T7315]  ? clear_bhb_loop+0x40/0x90
[  185.526222][ T7315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.526239][ T7315] RIP: 0033:0x7fc068dac799
[  185.526256][ T7315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  185.526272][ T7315] RSP: 002b:00007fc067006028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.526291][ T7315] RAX: ffffffffffffffda RBX: 00007fc069025fa0 RCX: 00007fc068dac799
[  185.526304][ T7315] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  185.526315][ T7315] RBP: 00007fc067006090 R08: 0000000000000000 R09: 0000000000000000
[  185.526326][ T7315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.526337][ T7315] R13: 00007fc069026038 R14: 00007fc069025fa0 R15: 00007ffec7552e58
[  185.526366][ T7315]  </TASK>
[  185.886513][ T7318] openvswitch: netlink: Missing key (keys=1040, expected=10000000)
[  186.149833][ T1249] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  186.319713][ T1249] usb 2-1: Using ep0 maxpacket: 8
[  186.325505][ T1249] usb 2-1: config 64 has an invalid interface number: 19 but max is 0
[  186.325531][ T1249] usb 2-1: config 64 has no interface number 0
[  186.325592][ T1249] usb 2-1: config 64 interface 19 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.325606][ T1249] usb 2-1: config 64 interface 19 altsetting 0 endpoint 0x8F has invalid maxpacket 39713, setting to 1024
[  186.325619][ T1249] usb 2-1: config 64 interface 19 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 1024
[  186.325641][ T1249] usb 2-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  186.325651][ T1249] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.405613][ T7319] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  186.526512][ T1249] usb 2-1: probing VID:PID(2201:012C)   
[  186.568175][ T1249] usb 2-1: vub300 testing BULK IN EndPoint(0) 8F
[  186.568210][ T1249] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs
[  186.568975][ T1249] vub300 2-1:64.19: probe with driver vub300 failed with error -22
[  186.902834][  T890] usb 2-1: USB disconnect, device number 12
[  187.458549][ T6346] usb 3-1: qt2_attach - failed to power on unit: -71
[  187.458812][ T6346] quatech2 3-1:0.51: probe with driver quatech2 failed with error -71
[  187.505710][ T6346] usb 3-1: USB disconnect, device number 17
[  187.533706][ T7355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.515'.
[  187.533728][ T7355] openvswitch: netlink: Flow actions attr not present in new flow.
[  187.647256][ T7361] cgroup: none used incorrectly
[  187.685013][ T7365] FAULT_INJECTION: forcing a failure.
[  187.685013][ T7365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.685044][ T7365] CPU: 1 UID: 0 PID: 7365 Comm: syz.3.518 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  187.685063][ T7365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  187.685074][ T7365] Call Trace:
[  187.685081][ T7365]  <TASK>
[  187.685088][ T7365]  dump_stack_lvl+0xe8/0x150
[  187.685117][ T7365]  should_fail_ex+0x46b/0x600
[  187.685143][ T7365]  _copy_to_user+0x31/0xb0
[  187.685168][ T7365]  simple_read_from_buffer+0xe1/0x170
[  187.685194][ T7365]  proc_fail_nth_read+0x1be/0x230
[  187.685218][ T7365]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.685241][ T7365]  ? rw_verify_area+0x2ac/0x4e0
[  187.685264][ T7365]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.685286][ T7365]  vfs_read+0x212/0xa80
[  187.685318][ T7365]  ? __pfx_vfs_read+0x10/0x10
[  187.685343][ T7365]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  187.685368][ T7365]  ? lockdep_hardirqs_on+0x7a/0x110
[  187.685390][ T7365]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  187.685412][ T7365]  ? mutex_lock_nested+0x152/0x1d0
[  187.685429][ T7365]  ? fdget_pos+0x252/0x320
[  187.685454][ T7365]  ksys_read+0x156/0x270
[  187.685478][ T7365]  ? __pfx_ksys_read+0x10/0x10
[  187.685510][ T7365]  do_syscall_64+0x14d/0xf80
[  187.685532][ T7365]  ? trace_irq_disable+0x3b/0x150
[  187.685551][ T7365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.685566][ T7365]  ? clear_bhb_loop+0x40/0x90
[  187.685584][ T7365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.685601][ T7365] RIP: 0033:0x7f7ade86cfce
[  187.685618][ T7365] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  187.685633][ T7365] RSP: 002b:00007f7adcafdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  187.685651][ T7365] RAX: ffffffffffffffda RBX: 00007f7adcafe6c0 RCX: 00007f7ade86cfce
[  187.685664][ T7365] RDX: 000000000000000f RSI: 00007f7adcafe0a0 RDI: 0000000000000004
[  187.685675][ T7365] RBP: 00007f7adcafe090 R08: 0000000000000000 R09: 0000000000000000
[  187.685686][ T7365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.685698][ T7365] R13: 00007f7adeb26038 R14: 00007f7adeb25fa0 R15: 00007ffdee0d3e98
[  187.685729][ T7365]  </TASK>
[  187.790790][ T7366] netlink: 4 bytes leftover after parsing attributes in process `syz.1.516'.
[  187.849729][  T809] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  187.980947][  T809] usb 1-1: device descriptor read/64, error -71
[  188.128582][ T7376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.521'.
[  188.219728][  T809] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  188.349764][  T809] usb 1-1: device descriptor read/64, error -71
[  188.461778][  T809] usb usb1-port1: attempt power cycle
[  188.655191][ T7390] binfmt_misc: register: failed to install interpreter file ./file0
[  189.449721][  T809] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  189.477056][  T809] usb 1-1: device descriptor read/8, error -71
[  189.535519][ T7396] FAULT_INJECTION: forcing a failure.
[  189.535519][ T7396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.535552][ T7396] CPU: 0 UID: 0 PID: 7396 Comm: syz.2.527 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  189.535572][ T7396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  189.535582][ T7396] Call Trace:
[  189.535590][ T7396]  <TASK>
[  189.535597][ T7396]  dump_stack_lvl+0xe8/0x150
[  189.535626][ T7396]  should_fail_ex+0x46b/0x600
[  189.535650][ T7396]  _copy_from_user+0x2d/0xb0
[  189.535673][ T7396]  ___sys_sendmsg+0x1c6/0x360
[  189.535702][ T7396]  ? __pfx____sys_sendmsg+0x10/0x10
[  189.535757][ T7396]  ? __fget_files+0x2a/0x420
[  189.535778][ T7396]  ? __fget_files+0x3a6/0x420
[  189.535816][ T7396]  __x64_sys_sendmsg+0x1c3/0x2a0
[  189.535841][ T7396]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  189.535873][ T7396]  ? __pfx_ksys_write+0x10/0x10
[  189.535908][ T7396]  do_syscall_64+0x14d/0xf80
[  189.535930][ T7396]  ? trace_irq_disable+0x3b/0x150
[  189.535949][ T7396]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.535967][ T7396]  ? clear_bhb_loop+0x40/0x90
[  189.535988][ T7396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.536004][ T7396] RIP: 0033:0x7f573b05c799
[  189.536021][ T7396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  189.536035][ T7396] RSP: 002b:00007f5739295028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  189.536054][ T7396] RAX: ffffffffffffffda RBX: 00007f573b2d6090 RCX: 00007f573b05c799
[  189.536068][ T7396] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  189.536079][ T7396] RBP: 00007f5739295090 R08: 0000000000000000 R09: 0000000000000000
[  189.536091][ T7396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.536101][ T7396] R13: 00007f573b2d6128 R14: 00007f573b2d6090 R15: 00007ffd44ac0d18
[  189.536130][ T7396]  </TASK>
[  189.740093][  T809] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  189.770605][  T809] usb 1-1: device descriptor read/8, error -71
[  189.883853][  T809] usb usb1-port1: unable to enumerate USB device
[  191.243959][ T7426] cgroup: none used incorrectly
[  191.783791][ T5809] Bluetooth: hci4: link tx timeout
[  191.784099][ T5809] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  192.226997][ T7451] team_slave_0: entered promiscuous mode
[  192.227073][ T7451] team_slave_1: entered promiscuous mode
[  192.227438][ T7451] macvtap1: entered promiscuous mode
[  192.227450][ T7451] team0: entered promiscuous mode
[  192.233024][ T7451] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  192.233248][ T7451] team0: Device macvtap1 is already an upper device of the team interface
[  192.452007][ T7463] overlayfs: conflicting lowerdir path
[  193.150430][ T7451] team0: left promiscuous mode
[  193.151132][ T7451] team_slave_0: left promiscuous mode
[  193.151198][ T7451] team_slave_1: left promiscuous mode
[  193.193914][ T7469] tmpfs: Bad value for 'mpol'
[  193.332458][ T6950] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  193.453948][ T5809] Bluetooth: hci4: link tx timeout
[  193.453963][ T5809] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  193.460007][ T6950] usb 4-1: device descriptor read/64, error -71
[  193.487799][ T5809] Bluetooth: hci4: link tx timeout
[  193.487816][ T5809] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  193.555054][ T7476] cgroup: none used incorrectly
[  193.560328][ T5809] Bluetooth: hci4: link tx timeout
[  193.560347][ T5809] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  193.711374][ T6950] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  193.819713][ T5809] Bluetooth: hci4: command 0x0406 tx timeout
[  193.839730][ T6950] usb 4-1: device descriptor read/64, error -71
[  193.924099][ T7496] FAULT_INJECTION: forcing a failure.
[  193.924099][ T7496] name failslab, interval 1, probability 0, space 0, times 0
[  193.924131][ T7496] CPU: 1 UID: 0 PID: 7496 Comm: syz.0.554 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  193.924152][ T7496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  193.924162][ T7496] Call Trace:
[  193.924170][ T7496]  <TASK>
[  193.924178][ T7496]  dump_stack_lvl+0xe8/0x150
[  193.924208][ T7496]  should_fail_ex+0x46b/0x600
[  193.924232][ T7496]  should_failslab+0xa8/0x100
[  193.924252][ T7496]  __kmalloc_noprof+0xdf/0x7b0
[  193.924276][ T7496]  ? kfree+0x4d/0x6c0
[  193.924296][ T7496]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  193.924321][ T7496]  tomoyo_realpath_from_path+0xe3/0x5d0
[  193.924349][ T7496]  ? tomoyo_path_number_perm+0x219/0x630
[  193.924372][ T7496]  tomoyo_path_number_perm+0x246/0x630
[  193.924398][ T7496]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  193.924424][ T7496]  ? __lock_acquire+0x6b5/0x2cf0
[  193.924473][ T7496]  ? __fget_files+0x2a/0x420
[  193.924497][ T7496]  ? __fget_files+0x2a/0x420
[  193.924516][ T7496]  ? __fget_files+0x3a6/0x420
[  193.924543][ T7496]  ? __fget_files+0x2a/0x420
[  193.924568][ T7496]  security_file_ioctl+0xc3/0x2a0
[  193.924595][ T7496]  __se_sys_ioctl+0x47/0x170
[  193.924623][ T7496]  do_syscall_64+0x14d/0xf80
[  193.924644][ T7496]  ? trace_irq_disable+0x3b/0x150
[  193.924663][ T7496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.924682][ T7496]  ? clear_bhb_loop+0x40/0x90
[  193.924703][ T7496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.924720][ T7496] RIP: 0033:0x7f4b2237c799
[  193.924737][ T7496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  193.924752][ T7496] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  193.924771][ T7496] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  193.924784][ T7496] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003
[  193.924795][ T7496] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  193.924805][ T7496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.924816][ T7496] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  193.924846][ T7496]  </TASK>
[  193.924853][ T7496] ERROR: Out of memory at tomoyo_realpath_from_path.
[  193.970071][ T6950] usb usb4-port1: attempt power cycle
[  194.112253][ T7500] 9pnet_fd: Insufficient options for proto=fd
[  194.235829][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  194.235881][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  194.319869][ T6950] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  194.340260][ T6950] usb 4-1: device descriptor read/8, error -71
[  194.486221][ T7514] FAULT_INJECTION: forcing a failure.
[  194.486221][ T7514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.486243][ T7514] CPU: 1 UID: 0 PID: 7514 Comm: syz.0.559 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  194.486254][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  194.486261][ T7514] Call Trace:
[  194.486265][ T7514]  <TASK>
[  194.486270][ T7514]  dump_stack_lvl+0xe8/0x150
[  194.486289][ T7514]  should_fail_ex+0x46b/0x600
[  194.486304][ T7514]  _copy_from_user+0x2d/0xb0
[  194.486317][ T7514]  do_sock_getsockopt+0x165/0x3f0
[  194.486333][ T7514]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  194.486347][ T7514]  ? __fget_files+0x3a6/0x420
[  194.486359][ T7514]  ? __fget_files+0x2a/0x420
[  194.486374][ T7514]  __x64_sys_getsockopt+0x1aa/0x250
[  194.486399][ T7514]  do_syscall_64+0x14d/0xf80
[  194.486412][ T7514]  ? trace_irq_disable+0x3b/0x150
[  194.486423][ T7514]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.486433][ T7514]  ? clear_bhb_loop+0x40/0x90
[  194.486445][ T7514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.486455][ T7514] RIP: 0033:0x7f4b2237c799
[  194.486465][ T7514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  194.486473][ T7514] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  194.486485][ T7514] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  194.486492][ T7514] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003
[  194.486498][ T7514] RBP: 00007f4b205d6090 R08: 0000200000000040 R09: 0000000000000000
[  194.486504][ T7514] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000001
[  194.486510][ T7514] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  194.486525][ T7514]  </TASK>
[  194.599675][ T6950] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  194.620461][ T6950] usb 4-1: device descriptor read/8, error -71
[  194.758126][ T6950] usb usb4-port1: unable to enumerate USB device
[  194.940098][ T7520] FAULT_INJECTION: forcing a failure.
[  194.940098][ T7520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.940129][ T7520] CPU: 1 UID: 0 PID: 7520 Comm: syz.0.562 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  194.940149][ T7520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  194.940159][ T7520] Call Trace:
[  194.940166][ T7520]  <TASK>
[  194.940174][ T7520]  dump_stack_lvl+0xe8/0x150
[  194.940204][ T7520]  should_fail_ex+0x46b/0x600
[  194.940229][ T7520]  _copy_from_user+0x2d/0xb0
[  194.940252][ T7520]  ___sys_sendmsg+0x1c6/0x360
[  194.940282][ T7520]  ? __pfx____sys_sendmsg+0x10/0x10
[  194.940358][ T7520]  ? __fget_files+0x2a/0x420
[  194.940378][ T7520]  ? __fget_files+0x3a6/0x420
[  194.940408][ T7520]  __x64_sys_sendmsg+0x1c3/0x2a0
[  194.940435][ T7520]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  194.940467][ T7520]  ? __pfx_ksys_write+0x10/0x10
[  194.940501][ T7520]  do_syscall_64+0x14d/0xf80
[  194.940522][ T7520]  ? trace_irq_disable+0x3b/0x150
[  194.940542][ T7520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.940560][ T7520]  ? clear_bhb_loop+0x40/0x90
[  194.940581][ T7520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.940598][ T7520] RIP: 0033:0x7f4b2237c799
[  194.940615][ T7520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  194.940631][ T7520] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.940650][ T7520] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  194.940663][ T7520] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000004
[  194.940675][ T7520] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  194.940686][ T7520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.940697][ T7520] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  194.940726][ T7520]  </TASK>
[  195.159894][ T7522] netlink: 'syz.2.561': attribute type 62 has an invalid length.
[  196.304145][ T5812] Bluetooth: hci0: command 0x0406 tx timeout
[  196.304186][ T5812] Bluetooth: hci1: command 0x0406 tx timeout
[  196.304309][ T5812] Bluetooth: hci2: command 0x0406 tx timeout
[  196.304388][ T5812] Bluetooth: hci3: command 0x0406 tx timeout
[  196.602084][ T7535] cgroup: none used incorrectly
[  197.720515][ T7555] FAULT_INJECTION: forcing a failure.
[  197.720515][ T7555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.720547][ T7555] CPU: 0 UID: 0 PID: 7555 Comm: syz.0.573 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  197.720567][ T7555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  197.720578][ T7555] Call Trace:
[  197.720585][ T7555]  <TASK>
[  197.720593][ T7555]  dump_stack_lvl+0xe8/0x150
[  197.720623][ T7555]  should_fail_ex+0x46b/0x600
[  197.720648][ T7555]  _copy_from_user+0x2d/0xb0
[  197.720670][ T7555]  ___sys_sendmsg+0x1c6/0x360
[  197.720700][ T7555]  ? __pfx____sys_sendmsg+0x10/0x10
[  197.720756][ T7555]  ? __fget_files+0x2a/0x420
[  197.720777][ T7555]  ? __fget_files+0x3a6/0x420
[  197.720806][ T7555]  __x64_sys_sendmsg+0x1c3/0x2a0
[  197.720832][ T7555]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  197.720863][ T7555]  ? __pfx_ksys_write+0x10/0x10
[  197.720898][ T7555]  do_syscall_64+0x14d/0xf80
[  197.720921][ T7555]  ? trace_irq_disable+0x3b/0x150
[  197.720940][ T7555]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.720958][ T7555]  ? clear_bhb_loop+0x40/0x90
[  197.720979][ T7555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.720997][ T7555] RIP: 0033:0x7f4b2237c799
[  197.721013][ T7555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  197.721028][ T7555] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  197.721047][ T7555] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  197.721060][ T7555] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000009
[  197.721072][ T7555] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  197.721084][ T7555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.721094][ T7555] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  197.721124][ T7555]  </TASK>
[  198.223157][ T7559] FAULT_INJECTION: forcing a failure.
[  198.223157][ T7559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.223189][ T7559] CPU: 0 UID: 0 PID: 7559 Comm: syz.3.577 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  198.223209][ T7559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  198.223220][ T7559] Call Trace:
[  198.223227][ T7559]  <TASK>
[  198.223235][ T7559]  dump_stack_lvl+0xe8/0x150
[  198.223263][ T7559]  should_fail_ex+0x46b/0x600
[  198.223288][ T7559]  _copy_from_user+0x2d/0xb0
[  198.223311][ T7559]  ___sys_sendmsg+0x1c6/0x360
[  198.223342][ T7559]  ? __pfx____sys_sendmsg+0x10/0x10
[  198.223398][ T7559]  ? __fget_files+0x2a/0x420
[  198.223419][ T7559]  ? __fget_files+0x3a6/0x420
[  198.223449][ T7559]  __x64_sys_sendmsg+0x1c3/0x2a0
[  198.223475][ T7559]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  198.223507][ T7559]  ? __pfx_ksys_write+0x10/0x10
[  198.223541][ T7559]  do_syscall_64+0x14d/0xf80
[  198.223563][ T7559]  ? trace_irq_disable+0x3b/0x150
[  198.223582][ T7559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.223600][ T7559]  ? clear_bhb_loop+0x40/0x90
[  198.223621][ T7559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.223639][ T7559] RIP: 0033:0x7f7ade8ac799
[  198.223656][ T7559] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  198.223678][ T7559] RSP: 002b:00007f7adcafe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.223697][ T7559] RAX: ffffffffffffffda RBX: 00007f7adeb25fa0 RCX: 00007f7ade8ac799
[  198.223709][ T7559] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 000000000000001b
[  198.223721][ T7559] RBP: 00007f7adcafe090 R08: 0000000000000000 R09: 0000000000000000
[  198.223732][ T7559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.223743][ T7559] R13: 00007f7adeb26038 R14: 00007f7adeb25fa0 R15: 00007ffdee0d3e98
[  198.223773][ T7559]  </TASK>
[  199.496981][ T7586] FAULT_INJECTION: forcing a failure.
[  199.496981][ T7586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.497013][ T7586] CPU: 0 UID: 0 PID: 7586 Comm: syz.0.585 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  199.497033][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  199.497044][ T7586] Call Trace:
[  199.497051][ T7586]  <TASK>
[  199.497059][ T7586]  dump_stack_lvl+0xe8/0x150
[  199.497089][ T7586]  should_fail_ex+0x46b/0x600
[  199.497114][ T7586]  _copy_from_user+0x2d/0xb0
[  199.497136][ T7586]  io_submit_one+0xd3/0x14c0
[  199.497164][ T7586]  ? irqentry_exit+0x59e/0x620
[  199.497187][ T7586]  ? lockdep_hardirqs_on+0x7a/0x110
[  199.497208][ T7586]  ? irqentry_exit+0x59e/0x620
[  199.497228][ T7586]  ? trace_irq_disable+0x3b/0x150
[  199.497252][ T7586]  ? __pfx_io_submit_one+0x10/0x10
[  199.497290][ T7586]  ? __might_fault+0xaf/0x130
[  199.497318][ T7586]  __se_sys_io_submit+0x195/0x340
[  199.497343][ T7586]  ? __pfx___se_sys_io_submit+0x10/0x10
[  199.497364][ T7586]  ? ksys_write+0x248/0x270
[  199.497403][ T7586]  do_syscall_64+0x14d/0xf80
[  199.497425][ T7586]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.497443][ T7586]  ? clear_bhb_loop+0x40/0x90
[  199.497464][ T7586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.497481][ T7586] RIP: 0033:0x7f4b2237c799
[  199.497498][ T7586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  199.497513][ T7586] RSP: 002b:00007f4b205b5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  199.497532][ T7586] RAX: ffffffffffffffda RBX: 00007f4b225f6090 RCX: 00007f4b2237c799
[  199.497545][ T7586] RDX: 0000200000000100 RSI: 0000000000000001 RDI: 00007f4b2312e000
[  199.497557][ T7586] RBP: 00007f4b205b5090 R08: 0000000000000000 R09: 0000000000000000
[  199.497575][ T7586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.497586][ T7586] R13: 00007f4b225f6128 R14: 00007f4b225f6090 R15: 00007ffcd4e5f5d8
[  199.497615][ T7586]  </TASK>
[  201.341581][ T7597] FAULT_INJECTION: forcing a failure.
[  201.341581][ T7597] name failslab, interval 1, probability 0, space 0, times 0
[  201.341637][ T7597] CPU: 1 UID: 0 PID: 7597 Comm: syz.3.588 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  201.341658][ T7597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  201.341669][ T7597] Call Trace:
[  201.341682][ T7597]  <TASK>
[  201.341691][ T7597]  dump_stack_lvl+0xe8/0x150
[  201.341722][ T7597]  should_fail_ex+0x46b/0x600
[  201.341748][ T7597]  should_failslab+0xa8/0x100
[  201.341769][ T7597]  __kvmalloc_node_noprof+0x170/0x8e0
[  201.341789][ T7597]  ? seq_read_iter+0x203/0xe20
[  201.341815][ T7597]  seq_read_iter+0x203/0xe20
[  201.341844][ T7597]  ? __asan_memset+0x22/0x50
[  201.341872][ T7597]  seq_read+0x36a/0x490
[  201.341898][ T7597]  ? __pfx_seq_read+0x10/0x10
[  201.341935][ T7597]  ? __pfx_seq_read+0x10/0x10
[  201.341950][ T7597]  proc_reg_read+0x1f6/0x2f0
[  201.341972][ T7597]  ? __pfx_proc_reg_read+0x10/0x10
[  201.341996][ T7597]  vfs_read+0x212/0xa80
[  201.342029][ T7597]  ? __pfx_vfs_read+0x10/0x10
[  201.342056][ T7597]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  201.342080][ T7597]  ? lockdep_hardirqs_on+0x7a/0x110
[  201.342102][ T7597]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  201.342125][ T7597]  ? mutex_lock_nested+0x152/0x1d0
[  201.342143][ T7597]  ? fdget_pos+0x252/0x320
[  201.342179][ T7597]  ksys_read+0x156/0x270
[  201.342205][ T7597]  ? __pfx_ksys_read+0x10/0x10
[  201.342241][ T7597]  do_syscall_64+0x14d/0xf80
[  201.342263][ T7597]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.342282][ T7597]  ? clear_bhb_loop+0x40/0x90
[  201.342304][ T7597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.342321][ T7597] RIP: 0033:0x7f7ade8ac799
[  201.342339][ T7597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  201.342355][ T7597] RSP: 002b:00007f7adcabc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  201.342374][ T7597] RAX: ffffffffffffffda RBX: 00007f7adeb26180 RCX: 00007f7ade8ac799
[  201.342388][ T7597] RDX: 0000000000002020 RSI: 0000200000001d00 RDI: 0000000000000007
[  201.342400][ T7597] RBP: 00007f7adcabc090 R08: 0000000000000000 R09: 0000000000000000
[  201.342411][ T7597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.342422][ T7597] R13: 00007f7adeb26218 R14: 00007f7adeb26180 R15: 00007ffdee0d3e98
[  201.342453][ T7597]  </TASK>
[  201.939652][ T5875] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  202.131598][ T5875] usb 3-1: Using ep0 maxpacket: 32
[  202.197414][ T5875] usb 3-1: config 0 has no interfaces?
[  202.222254][ T5875] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  202.222283][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.222302][ T5875] usb 3-1: Product: syz
[  202.222315][ T5875] usb 3-1: Manufacturer: syz
[  202.222327][ T5875] usb 3-1: SerialNumber: syz
[  202.271735][ T5875] usb 3-1: config 0 descriptor??
[  203.239946][ T7588] syz.1.586 (7588) used greatest stack depth: 17624 bytes left
[  203.738162][ T7607] Bluetooth: MGMT ver 1.23
[  203.738210][ T7607] Bluetooth: hci0: invalid length 0, exp 2 for type 6
[  204.071318][ T5875] usb 3-1: USB disconnect, device number 18
[  204.560334][  T809] IPVS: starting estimator thread 0...
[  204.662076][ T7622] IPVS: using max 11 ests per chain, 26400 per kthread
[  204.924776][ T5875] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  204.987795][ T7631] FAULT_INJECTION: forcing a failure.
[  204.987795][ T7631] name failslab, interval 1, probability 0, space 0, times 0
[  204.987827][ T7631] CPU: 0 UID: 0 PID: 7631 Comm: syz.2.601 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  204.987846][ T7631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  204.987856][ T7631] Call Trace:
[  204.987862][ T7631]  <TASK>
[  204.987870][ T7631]  dump_stack_lvl+0xe8/0x150
[  204.987900][ T7631]  should_fail_ex+0x46b/0x600
[  204.987934][ T7631]  should_failslab+0xa8/0x100
[  204.987955][ T7631]  __kmalloc_noprof+0xdf/0x7b0
[  204.987979][ T7631]  ? kfree+0x4d/0x6c0
[  204.987999][ T7631]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  204.988024][ T7631]  tomoyo_realpath_from_path+0xe3/0x5d0
[  204.988052][ T7631]  ? tomoyo_path_number_perm+0x219/0x630
[  204.988076][ T7631]  tomoyo_path_number_perm+0x246/0x630
[  204.988102][ T7631]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  204.988127][ T7631]  ? __lock_acquire+0x6b5/0x2cf0
[  204.988178][ T7631]  ? __fget_files+0x2a/0x420
[  204.988202][ T7631]  ? __fget_files+0x2a/0x420
[  204.988221][ T7631]  ? __fget_files+0x3a6/0x420
[  204.988239][ T7631]  ? __fget_files+0x2a/0x420
[  204.988264][ T7631]  security_file_ioctl+0xc3/0x2a0
[  204.988291][ T7631]  __se_sys_ioctl+0x47/0x170
[  204.988319][ T7631]  do_syscall_64+0x14d/0xf80
[  204.988341][ T7631]  ? trace_irq_disable+0x3b/0x150
[  204.988360][ T7631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.988378][ T7631]  ? clear_bhb_loop+0x40/0x90
[  204.988400][ T7631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.988417][ T7631] RIP: 0033:0x7f573b05c799
[  204.988434][ T7631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  204.988449][ T7631] RSP: 002b:00007f5739295028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  204.988468][ T7631] RAX: ffffffffffffffda RBX: 00007f573b2d6090 RCX: 00007f573b05c799
[  204.988481][ T7631] RDX: 0000200000000200 RSI: 000000004008af04 RDI: 0000000000000003
[  204.988492][ T7631] RBP: 00007f5739295090 R08: 0000000000000000 R09: 0000000000000000
[  204.988503][ T7631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.988514][ T7631] R13: 00007f573b2d6128 R14: 00007f573b2d6090 R15: 00007ffd44ac0d18
[  204.988544][ T7631]  </TASK>
[  204.988551][ T7631] ERROR: Out of memory at tomoyo_realpath_from_path.
[  205.243374][ T5875] usb 5-1: Using ep0 maxpacket: 16
[  205.253182][ T5875] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  205.253209][ T5875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.253227][ T5875] usb 5-1: Product: syz
[  205.253239][ T5875] usb 5-1: Manufacturer: syz
[  205.253251][ T5875] usb 5-1: SerialNumber: syz
[  205.305449][ T5875] usb 5-1: config 0 descriptor??
[  205.751916][ T5875] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  205.791418][ T5875] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  205.792411][ T5875] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  205.792465][ T5875] usb 5-1: media controller created
[  205.859145][ T5875] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  206.035320][ T5875] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  206.035339][ T5875] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  206.106445][ T7643] netlink: 'syz.2.606': attribute type 1 has an invalid length.
[  206.170145][ T7646] FAULT_INJECTION: forcing a failure.
[  206.170145][ T7646] name failslab, interval 1, probability 0, space 0, times 0
[  206.170176][ T7646] CPU: 0 UID: 0 PID: 7646 Comm: syz.0.605 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  206.170197][ T7646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  206.170208][ T7646] Call Trace:
[  206.170216][ T7646]  <TASK>
[  206.170223][ T7646]  dump_stack_lvl+0xe8/0x150
[  206.170252][ T7646]  should_fail_ex+0x46b/0x600
[  206.170277][ T7646]  should_failslab+0xa8/0x100
[  206.170297][ T7646]  __kmalloc_noprof+0xdf/0x7b0
[  206.170319][ T7646]  ? kfree+0x4d/0x6c0
[  206.170339][ T7646]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  206.170363][ T7646]  tomoyo_realpath_from_path+0xe3/0x5d0
[  206.170390][ T7646]  ? tomoyo_path_number_perm+0x219/0x630
[  206.170412][ T7646]  tomoyo_path_number_perm+0x246/0x630
[  206.170438][ T7646]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  206.170461][ T7646]  ? __lock_acquire+0x6b5/0x2cf0
[  206.170511][ T7646]  ? __fget_files+0x2a/0x420
[  206.170538][ T7646]  ? __fget_files+0x2a/0x420
[  206.170557][ T7646]  ? __fget_files+0x3a6/0x420
[  206.170575][ T7646]  ? __fget_files+0x2a/0x420
[  206.170600][ T7646]  security_file_ioctl+0xc3/0x2a0
[  206.170626][ T7646]  __se_sys_ioctl+0x47/0x170
[  206.170653][ T7646]  do_syscall_64+0x14d/0xf80
[  206.170683][ T7646]  ? trace_irq_disable+0x3b/0x150
[  206.170702][ T7646]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.170720][ T7646]  ? clear_bhb_loop+0x40/0x90
[  206.170742][ T7646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.170759][ T7646] RIP: 0033:0x7f4b2237c799
[  206.170776][ T7646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  206.170798][ T7646] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  206.170817][ T7646] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  206.170830][ T7646] RDX: 00002000000001c0 RSI: 00000000c0405602 RDI: 0000000000000003
[  206.170842][ T7646] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  206.170853][ T7646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.170863][ T7646] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  206.170894][ T7646]  </TASK>
[  206.173563][ T7646] ERROR: Out of memory at tomoyo_realpath_from_path.
[  206.319670][ T5875] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  206.495641][ T7623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.496132][ T7623] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.543765][  T809] usb 5-1: USB disconnect, device number 12
[  206.659692][ T5875] usb 2-1: Using ep0 maxpacket: 16
[  206.662609][ T5875] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  206.662632][ T5875] usb 2-1: config 0 has no interface number 0
[  206.662674][ T5875] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  206.662698][ T5875] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  206.718354][ T5875] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  206.718382][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  206.718400][ T5875] usb 2-1: Product: syz
[  206.718411][ T5875] usb 2-1: SerialNumber: syz
[  206.771747][ T5875] usb 2-1: config 0 descriptor??
[  206.807063][ T5875] cm109 2-1:0.8: invalid payload size 0, expected 4
[  206.818887][  T809] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  206.860982][ T5875] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input11
[  207.057733][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  207.577342][ T7658] FAULT_INJECTION: forcing a failure.
[  207.577342][ T7658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.577373][ T7658] CPU: 0 UID: 0 PID: 7658 Comm: syz.0.611 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  207.577394][ T7658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  207.577404][ T7658] Call Trace:
[  207.577414][ T7658]  <TASK>
[  207.577422][ T7658]  dump_stack_lvl+0xe8/0x150
[  207.577451][ T7658]  should_fail_ex+0x46b/0x600
[  207.577476][ T7658]  _copy_from_user+0x2d/0xb0
[  207.577498][ T7658]  __sys_bpf+0x229/0x950
[  207.577522][ T7658]  ? __pfx___sys_bpf+0x10/0x10
[  207.577538][ T7658]  ? rt_mutex_slowunlock+0x1cb/0x300
[  207.577570][ T7658]  ? ksys_write+0x248/0x270
[  207.577596][ T7658]  ? __pfx_ksys_write+0x10/0x10
[  207.577626][ T7658]  __x64_sys_bpf+0x7c/0x90
[  207.577646][ T7658]  do_syscall_64+0x14d/0xf80
[  207.577667][ T7658]  ? trace_irq_disable+0x3b/0x150
[  207.577686][ T7658]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.577703][ T7658]  ? clear_bhb_loop+0x40/0x90
[  207.577724][ T7658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.577741][ T7658] RIP: 0033:0x7f4b2237c799
[  207.577758][ T7658] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  207.577773][ T7658] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  207.577793][ T7658] RAX: ffffffffffffffda RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  207.577806][ T7658] RDX: 000000000000000c RSI: 00002000000000c0 RDI: 000000000000000a
[  207.577817][ T7658] RBP: 00007f4b205d6090 R08: 0000000000000000 R09: 0000000000000000
[  207.577828][ T7658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.577839][ T7658] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  207.577869][ T7658]  </TASK>
[  207.849773][  T809] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  208.002331][  T809] usb 5-1: Using ep0 maxpacket: 16
[  208.018547][  T809] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  208.018582][  T809] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.018599][  T809] usb 5-1: Product: syz
[  208.018612][  T809] usb 5-1: Manufacturer: syz
[  208.018625][  T809] usb 5-1: SerialNumber: syz
[  208.066633][  T809] usb 5-1: config 0 descriptor??
[  208.645901][  T809] dvb_usb_dtv5100 5-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71
[  208.673440][  T809] usb 5-1: USB disconnect, device number 13
[  213.491944][ T7687] netlink: 'syz.4.623': attribute type 2 has an invalid length.
[  221.991674][ T5804] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  222.046122][ T5804] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  222.070344][ T5804] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  222.073426][ T5804] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  222.100502][ T5804] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  222.961443][  T809] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  223.248027][  T809] usb 3-1: Using ep0 maxpacket: 16
[  223.259272][  T809] usb 3-1: config index 0 descriptor too short (expected 4495, got 71)
[  223.259300][  T809] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  223.259317][  T809] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  223.264898][  T809] usb 3-1: config 0 has no interface number 0
[  223.313742][ T5800] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  223.338425][ T5800] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  223.340010][  T809] usb 3-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01
[  223.340034][  T809] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.340781][ T5800] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  223.352941][  T809] usb 3-1: Product: syz
[  223.352960][  T809] usb 3-1: Manufacturer: syz
[  223.352973][  T809] usb 3-1: SerialNumber: syz
[  223.364623][ T5800] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  223.449778][  T809] usb 3-1: config 0 descriptor??
[  223.486653][ T5800] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  223.565756][  T809] uvcvideo 3-1:0.105: Found UVC 0.00 device syz (046c:14e0)
[  223.566015][  T809] uvcvideo 3-1:0.105: No valid video chain found.
[  224.219778][ T5800] Bluetooth: hci5: command tx timeout
[  225.493624][  T890] usb 3-1: USB disconnect, device number 19
[  225.579762][ T5800] Bluetooth: hci6: command tx timeout
[  226.309888][ T5800] Bluetooth: hci5: command tx timeout
[  227.437232][ T5804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  227.440964][ T5804] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  227.443383][ T5804] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  227.445311][ T5804] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  227.446293][ T5804] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  227.706474][ T5800] Bluetooth: hci6: command tx timeout
[  228.389663][ T5800] Bluetooth: hci5: command tx timeout
[  229.589631][ T5800] Bluetooth: hci2: command tx timeout
[  229.769734][ T5800] Bluetooth: hci6: command tx timeout
[  230.214457][ T5804] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  230.221343][ T5804] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  230.226764][ T5804] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  230.230630][ T5804] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  230.236736][ T5804] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  230.459705][ T5804] Bluetooth: hci5: command tx timeout
[  231.659713][ T5804] Bluetooth: hci2: command tx timeout
[  231.825338][ T5804] Bluetooth: hci6: command tx timeout
[  232.367732][ T5804] Bluetooth: hci1: command tx timeout
[  233.810534][ T5804] Bluetooth: hci2: command tx timeout
[  234.389782][ T5804] Bluetooth: hci1: command tx timeout
[  234.947335][ T7761] FAULT_INJECTION: forcing a failure.
[  234.947335][ T7761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.947370][ T7761] CPU: 0 UID: 0 PID: 7761 Comm: syz.2.634 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  234.947393][ T7761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  234.947404][ T7761] Call Trace:
[  234.947411][ T7761]  <TASK>
[  234.947419][ T7761]  dump_stack_lvl+0xe8/0x150
[  234.947449][ T7761]  should_fail_ex+0x46b/0x600
[  234.947474][ T7761]  _copy_from_user+0x2d/0xb0
[  234.947497][ T7761]  ucma_write+0x166/0x2f0
[  234.947518][ T7761]  ? __pfx_ucma_write+0x10/0x10
[  234.947539][ T7761]  ? rw_verify_area+0x25b/0x4e0
[  234.947562][ T7761]  ? __pfx_ucma_write+0x10/0x10
[  234.947581][ T7761]  vfs_write+0x2a3/0xba0
[  234.947612][ T7761]  ? __pfx_vfs_write+0x10/0x10
[  234.947637][ T7761]  ? __fget_files+0x2a/0x420
[  234.947660][ T7761]  ? __fget_files+0x2a/0x420
[  234.947679][ T7761]  ? __fget_files+0x3a6/0x420
[  234.947698][ T7761]  ? __fget_files+0x2a/0x420
[  234.947725][ T7761]  ksys_write+0x156/0x270
[  234.947752][ T7761]  ? __pfx_ksys_write+0x10/0x10
[  234.947785][ T7761]  do_syscall_64+0x14d/0xf80
[  234.947808][ T7761]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.947825][ T7761]  ? clear_bhb_loop+0x40/0x90
[  234.947846][ T7761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.947864][ T7761] RIP: 0033:0x7f573b05c799
[  234.947881][ T7761] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  234.947896][ T7761] RSP: 002b:00007f57392b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  234.947915][ T7761] RAX: ffffffffffffffda RBX: 00007f573b2d5fa0 RCX: 00007f573b05c799
[  234.947928][ T7761] RDX: 0000000000000018 RSI: 0000200000000380 RDI: 0000000000000003
[  234.947940][ T7761] RBP: 00007f57392b6090 R08: 0000000000000000 R09: 0000000000000000
[  234.947951][ T7761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.947961][ T7761] R13: 00007f573b2d6038 R14: 00007f573b2d5fa0 R15: 00007ffd44ac0d18
[  234.947990][ T7761]  </TASK>
[  235.330150][ T7763] 9pnet: p9_errstr2errno: server reported unknown error 
[  235.574742][ T7700] chnl_net:caif_netlink_parms(): no params data found
[  235.829741][ T5804] Bluetooth: hci2: command tx timeout
[  236.251822][    T9] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  236.429740][    T9] usb 3-1: device descriptor read/64, error -71
[  236.489713][ T5804] Bluetooth: hci1: command tx timeout
[  236.679721][    T9] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  236.829752][    T9] usb 3-1: device descriptor read/64, error -71
[  236.947549][    T9] usb usb3-port1: attempt power cycle
[  237.299766][    T9] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  237.321600][    T9] usb 3-1: device descriptor read/8, error -71
[  237.589817][    T9] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  237.620765][    T9] usb 3-1: device descriptor read/8, error -71
[  237.746225][    T9] usb usb3-port1: unable to enumerate USB device
[  238.539763][ T5804] Bluetooth: hci1: command tx timeout
[  240.602444][ T7710] chnl_net:caif_netlink_parms(): no params data found
[  240.763404][ T7700] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.763674][ T7700] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.763970][ T7700] bridge_slave_0: entered allmulticast mode
[  240.767792][ T7700] bridge_slave_0: entered promiscuous mode
[  240.801912][ T7725] chnl_net:caif_netlink_parms(): no params data found
[  241.182407][ T7700] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.182906][ T7700] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.184430][ T7700] bridge_slave_1: entered allmulticast mode
[  241.222534][ T7700] bridge_slave_1: entered promiscuous mode
[  241.367035][ T5804] Bluetooth: hci4: link tx timeout
[  241.368348][ T5804] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  241.835218][ T7700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.936753][ T7700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.090689][ T7736] chnl_net:caif_netlink_parms(): no params data found
[  242.622341][ T7700] team0: Port device team_slave_0 added
[  242.769452][ T7700] team0: Port device team_slave_1 added
[  242.775858][ T7725] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.776345][ T7725] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.776759][ T7725] bridge_slave_0: entered allmulticast mode
[  242.807706][ T7725] bridge_slave_0: entered promiscuous mode
[  242.842277][ T7710] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.842771][ T7710] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.843718][ T7710] bridge_slave_0: entered allmulticast mode
[  242.880421][ T7710] bridge_slave_0: entered promiscuous mode
[  243.037924][ T7725] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.038233][ T7725] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.038506][ T7725] bridge_slave_1: entered allmulticast mode
[  243.066125][ T7725] bridge_slave_1: entered promiscuous mode
[  243.431585][ T5800] Bluetooth: hci4: command 0x0406 tx timeout
[  243.608747][ T7710] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.608932][ T7710] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.609307][ T7710] bridge_slave_1: entered allmulticast mode
[  243.638553][ T7710] bridge_slave_1: entered promiscuous mode
[  246.728921][ T7700] batman_adv: batadv0: Adding interface: batadv_slave_0
[  246.728937][ T7700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  246.728962][ T7700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  246.888732][ T7700] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.888748][ T7700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  246.888821][ T7700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.665623][ T7725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  249.686872][ T7710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  250.009703][ T7725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  250.037539][ T7710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  250.042334][ T7736] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.042447][ T7736] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.042615][ T7736] bridge_slave_0: entered allmulticast mode
[  250.044910][ T7736] bridge_slave_0: entered promiscuous mode
[  250.343410][ T7736] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.343531][ T7736] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.343755][ T7736] bridge_slave_1: entered allmulticast mode
[  250.352203][ T7736] bridge_slave_1: entered promiscuous mode
[  250.696162][ T7725] team0: Port device team_slave_0 added
[  250.732157][ T7710] team0: Port device team_slave_0 added
[  250.968885][ T7725] team0: Port device team_slave_1 added
[  251.005294][ T7710] team0: Port device team_slave_1 added
[  252.745324][ T7700] hsr_slave_0: entered promiscuous mode
[  252.747325][ T7700] hsr_slave_1: entered promiscuous mode
[  252.749449][ T7700] debugfs: 'hsr0' already exists in 'hsr'
[  252.755883][ T7700] Cannot create hsr debugfs directory
[  252.820025][ T7736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.244699][ T7736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.659425][ T7725] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.662304][ T7725] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.662335][ T7725] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.747756][ T7710] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.747774][ T7710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.747799][ T7710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  254.031098][ T7725] batman_adv: batadv0: Adding interface: batadv_slave_1
[  254.031114][ T7725] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  254.031140][ T7725] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  254.097417][ T7710] batman_adv: batadv0: Adding interface: batadv_slave_1
[  254.097434][ T7710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  254.097460][ T7710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  254.265263][ T7736] team0: Port device team_slave_0 added
[  255.011487][ T7736] team0: Port device team_slave_1 added
[  255.633607][ T5800] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  255.638637][ T5800] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  255.641332][ T5800] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  255.669435][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  255.669514][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  255.689996][ T5800] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  255.703697][ T5800] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  256.206128][ T7736] batman_adv: batadv0: Adding interface: batadv_slave_0
[  256.206144][ T7736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  256.206168][ T7736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  256.409829][ T7736] batman_adv: batadv0: Adding interface: batadv_slave_1
[  256.409847][ T7736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  256.409873][ T7736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  256.526140][ T7725] hsr_slave_0: entered promiscuous mode
[  256.528222][ T7725] hsr_slave_1: entered promiscuous mode
[  256.537601][ T7725] debugfs: 'hsr0' already exists in 'hsr'
[  256.546990][ T7725] Cannot create hsr debugfs directory
[  256.570767][ T7710] hsr_slave_0: entered promiscuous mode
[  256.573220][ T7710] hsr_slave_1: entered promiscuous mode
[  256.574564][ T7710] debugfs: 'hsr0' already exists in 'hsr'
[  256.574588][ T7710] Cannot create hsr debugfs directory
[  257.248177][ T7736] hsr_slave_0: entered promiscuous mode
[  257.265548][ T7736] hsr_slave_1: entered promiscuous mode
[  257.267068][ T7736] debugfs: 'hsr0' already exists in 'hsr'
[  257.267098][ T7736] Cannot create hsr debugfs directory
[  257.992408][ T5800] Bluetooth: hci3: command tx timeout
[  260.059681][ T5800] Bluetooth: hci3: command tx timeout
[  261.576363][ T7700] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  262.176405][ T5800] Bluetooth: hci3: command tx timeout
[  262.952051][ T7700] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  264.029192][ T7700] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  264.219671][ T5800] Bluetooth: hci3: command tx timeout
[  264.913667][ T7700] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  265.827327][ T7725] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  267.078851][ T7725] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  267.433498][ T7725] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  268.349746][ T7847] chnl_net:caif_netlink_parms(): no params data found
[  268.853330][ T7725] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  270.361940][ T7710] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  270.795503][ T7847] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.796326][ T7847] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.799517][ T7847] bridge_slave_0: entered allmulticast mode
[  270.825988][ T7847] bridge_slave_0: entered promiscuous mode
[  270.846978][ T7710] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  271.201080][ T7847] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.201255][ T7847] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.202922][ T7847] bridge_slave_1: entered allmulticast mode
[  271.250246][ T7847] bridge_slave_1: entered promiscuous mode
[  271.275275][ T7710] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  272.295818][ T7710] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  272.747902][ T7847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.794441][ T7847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  273.350427][ T7847] team0: Port device team_slave_0 added
[  273.451963][ T7847] team0: Port device team_slave_1 added
[  274.063068][ T7736] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  277.719306][ T7736] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  277.778787][ T7847] batman_adv: batadv0: Adding interface: batadv_slave_0
[  277.778804][ T7847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  277.778878][ T7847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  277.841620][ T7736] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  277.879717][ T7847] batman_adv: batadv0: Adding interface: batadv_slave_1
[  277.879734][ T7847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  277.879758][ T7847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  277.944630][ T7736] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  279.289297][ T7700] 8021q: adding VLAN 0 to HW filter on device bond0
[  279.334844][ T7847] hsr_slave_0: entered promiscuous mode
[  279.337046][ T7847] hsr_slave_1: entered promiscuous mode
[  279.361301][ T7847] debugfs: 'hsr0' already exists in 'hsr'
[  279.361328][ T7847] Cannot create hsr debugfs directory
[  281.207472][ T5804] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  281.231431][ T5804] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  281.239085][ T5804] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  281.261980][ T5804] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  281.292155][ T5804] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  283.107295][ T7725] 8021q: adding VLAN 0 to HW filter on device bond0
[  283.420201][ T5804] Bluetooth: hci7: command tx timeout
[  283.549259][ T5800] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  283.564083][ T5800] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  283.565514][ T5800] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  283.567562][ T5800] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  283.568220][ T5800] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  285.515241][ T5804] Bluetooth: hci7: command tx timeout
[  285.742872][ T5804] Bluetooth: hci8: command tx timeout
[  287.612607][ T5804] Bluetooth: hci7: command tx timeout
[  287.767773][ T5800] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  287.793576][ T5800] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  287.796573][ T5800] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  287.821536][ T5800] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  287.823684][ T5800] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  287.835150][ T5809] Bluetooth: hci8: command tx timeout
[  289.669869][ T5809] Bluetooth: hci7: command tx timeout
[  289.816884][ T5804] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  289.846800][ T5804] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  289.863780][ T5804] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  289.878314][ T5804] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  289.899718][ T5800] Bluetooth: hci8: command tx timeout
[  289.928021][ T5804] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  290.070422][ T5804] Bluetooth: hci5: command tx timeout
[  291.979715][ T5809] Bluetooth: hci8: command tx timeout
[  291.979791][ T5804] Bluetooth: hci6: command tx timeout
[  292.140890][ T5804] Bluetooth: hci5: command tx timeout
[  294.059927][ T5804] Bluetooth: hci6: command tx timeout
[  294.229723][ T5804] Bluetooth: hci5: command tx timeout
[  296.149851][ T5804] Bluetooth: hci6: command tx timeout
[  296.300566][ T5804] Bluetooth: hci5: command tx timeout
[  298.229837][ T5804] Bluetooth: hci6: command tx timeout
[  299.812716][ T7847] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  300.214420][ T7847] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  300.383101][ T7847] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  301.506011][ T7847] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  303.630849][ T7953] chnl_net:caif_netlink_parms(): no params data found
[  305.308696][ T7953] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.308974][ T7953] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.309389][ T7953] bridge_slave_0: entered allmulticast mode
[  305.373818][ T7953] bridge_slave_0: entered promiscuous mode
[  305.465959][ T7953] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.466620][ T7953] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.467958][ T7953] bridge_slave_1: entered allmulticast mode
[  305.520523][ T7953] bridge_slave_1: entered promiscuous mode
[  305.568222][ T7958] chnl_net:caif_netlink_parms(): no params data found
[  306.244455][ T7953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.420821][ T7953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  307.112747][ T7961] chnl_net:caif_netlink_parms(): no params data found
[  307.356947][ T7964] chnl_net:caif_netlink_parms(): no params data found
[  307.484818][ T7953] team0: Port device team_slave_0 added
[  307.649284][ T7953] team0: Port device team_slave_1 added
[  308.788301][ T7958] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.788490][ T7958] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.788797][ T7958] bridge_slave_0: entered allmulticast mode
[  308.814209][ T7958] bridge_slave_0: entered promiscuous mode
[  308.974309][ T7958] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.974497][ T7958] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.975273][ T7958] bridge_slave_1: entered allmulticast mode
[  308.979362][ T7958] bridge_slave_1: entered promiscuous mode
[  309.058075][ T7953] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.058139][ T7953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  309.058165][ T7953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.243526][ T7953] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.243543][ T7953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  309.243568][ T7953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  309.620760][ T7958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.791096][ T7958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.792057][ T7961] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.792504][ T7961] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.795228][ T7961] bridge_slave_0: entered allmulticast mode
[  309.799159][ T7961] bridge_slave_0: entered promiscuous mode
[  309.883750][ T7964] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.884037][ T7964] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.885300][ T7964] bridge_slave_0: entered allmulticast mode
[  309.889467][ T7964] bridge_slave_0: entered promiscuous mode
[  311.144706][ T7961] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.145042][ T7961] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.145935][ T7961] bridge_slave_1: entered allmulticast mode
[  311.174864][ T7961] bridge_slave_1: entered promiscuous mode
[  311.266281][ T7964] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.266451][ T7964] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.266789][ T7964] bridge_slave_1: entered allmulticast mode
[  311.297578][ T7964] bridge_slave_1: entered promiscuous mode
[  311.531097][ T7958] team0: Port device team_slave_0 added
[  311.643577][ T7953] hsr_slave_0: entered promiscuous mode
[  311.645775][ T7953] hsr_slave_1: entered promiscuous mode
[  311.647298][ T7953] debugfs: 'hsr0' already exists in 'hsr'
[  311.647321][ T7953] Cannot create hsr debugfs directory
[  311.711451][ T7958] team0: Port device team_slave_1 added
[  311.732543][ T7961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.752710][ T7964] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.804133][ T7961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.829729][ T7964] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.269710][ T7958] batman_adv: batadv0: Adding interface: batadv_slave_0
[  312.269727][ T7958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  312.269753][ T7958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  312.569241][ T7958] batman_adv: batadv0: Adding interface: batadv_slave_1
[  312.569258][ T7958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  312.569282][ T7958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  315.827270][ T7961] team0: Port device team_slave_0 added
[  315.926305][ T7964] team0: Port device team_slave_0 added
[  315.951753][ T7961] team0: Port device team_slave_1 added
[  315.993552][ T7964] team0: Port device team_slave_1 added
[  316.337952][ T7961] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.337970][ T7961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  316.337993][ T7961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.602637][ T7964] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.602656][ T7964] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  316.602682][ T7964] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.608788][ T7961] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.608804][ T7961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  316.608829][ T7961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  316.977170][ T5809] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  317.003030][ T5809] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  317.023628][ T5809] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  317.038191][ T5809] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  317.053763][ T5809] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  317.107681][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  317.107759][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  317.245874][ T7958] hsr_slave_0: entered promiscuous mode
[  317.247314][ T7958] hsr_slave_1: entered promiscuous mode
[  317.248278][ T7958] debugfs: 'hsr0' already exists in 'hsr'
[  317.248301][ T7958] Cannot create hsr debugfs directory
[  317.427125][ T7964] batman_adv: batadv0: Adding interface: batadv_slave_1
[  317.427501][ T7964] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  317.427529][ T7964] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  319.270004][ T5804] Bluetooth: hci1: command tx timeout
[  321.197076][ T7961] hsr_slave_0: entered promiscuous mode
[  321.199362][ T7961] hsr_slave_1: entered promiscuous mode
[  321.213614][ T7961] debugfs: 'hsr0' already exists in 'hsr'
[  321.213699][ T7961] Cannot create hsr debugfs directory
[  321.340332][ T5804] Bluetooth: hci1: command tx timeout
[  321.447422][ T7964] hsr_slave_0: entered promiscuous mode
[  321.458477][ T7964] hsr_slave_1: entered promiscuous mode
[  321.468228][ T7964] debugfs: 'hsr0' already exists in 'hsr'
[  321.468254][ T7964] Cannot create hsr debugfs directory
[  323.420994][ T5804] Bluetooth: hci1: command tx timeout
[  325.510310][ T5804] Bluetooth: hci1: command tx timeout
[  330.763028][ T8006] chnl_net:caif_netlink_parms(): no params data found
[  331.144828][ T8006] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.145021][ T8006] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.145450][ T8006] bridge_slave_0: entered allmulticast mode
[  331.176533][ T8006] bridge_slave_0: entered promiscuous mode
[  331.235983][ T8006] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.236330][ T8006] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.237712][ T8006] bridge_slave_1: entered allmulticast mode
[  331.267059][ T8006] bridge_slave_1: entered promiscuous mode
[  331.414841][ T8006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.432644][ T8006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.618095][ T8006] team0: Port device team_slave_0 added
[  331.638262][ T8006] team0: Port device team_slave_1 added
[  331.748224][ T8006] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.748240][ T8006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  331.748264][ T8006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.825297][ T8006] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.825313][ T8006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  331.825337][ T8006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  334.212058][ T8006] hsr_slave_0: entered promiscuous mode
[  334.214547][ T8006] hsr_slave_1: entered promiscuous mode
[  334.216078][ T8006] debugfs: 'hsr0' already exists in 'hsr'
[  334.216101][ T8006] Cannot create hsr debugfs directory
[  342.602629][ T5809] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  342.619125][ T5809] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  342.632503][ T5809] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  342.650848][ T5809] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  342.657550][ T5809] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  343.899775][ T5804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  343.921260][ T5804] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  343.923549][ T5804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  343.927987][ T5804] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  343.955323][ T5804] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  344.160075][ T8018] chnl_net:caif_netlink_parms(): no params data found
[  344.600683][ T8018] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.600872][ T8018] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.601229][ T8018] bridge_slave_0: entered allmulticast mode
[  344.605556][ T8018] bridge_slave_0: entered promiscuous mode
[  344.678458][ T8018] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.679382][ T8018] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.695988][ T8018] bridge_slave_1: entered allmulticast mode
[  344.699828][ T5804] Bluetooth: hci2: command tx timeout
[  344.723911][ T8018] bridge_slave_1: entered promiscuous mode
[  344.854411][ T8018] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  344.888242][ T8018] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  345.103510][ T8018] team0: Port device team_slave_0 added
[  345.171376][ T8018] team0: Port device team_slave_1 added
[  345.980277][ T5804] Bluetooth: hci3: command tx timeout
[  346.780119][ T5804] Bluetooth: hci2: command tx timeout
[  346.985730][ T8018] batman_adv: batadv0: Adding interface: batadv_slave_0
[  346.985747][ T8018] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  346.985821][ T8018] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.214503][ T8018] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.214585][ T8018] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  347.214612][ T8018] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  347.692927][ T5809] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  347.719746][ T5809] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  347.733920][ T5809] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  347.754170][ T5809] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  347.757168][ T5809] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  348.069979][ T5804] Bluetooth: hci3: command tx timeout
[  348.791580][ T8018] hsr_slave_0: entered promiscuous mode
[  348.793958][ T8018] hsr_slave_1: entered promiscuous mode
[  348.795521][ T8018] debugfs: 'hsr0' already exists in 'hsr'
[  348.795545][ T8018] Cannot create hsr debugfs directory
[  348.859946][ T5804] Bluetooth: hci2: command tx timeout
[  349.820051][ T5804] Bluetooth: hci9: command tx timeout
[  350.142280][ T5804] Bluetooth: hci3: command tx timeout
[  350.518252][ T8026] chnl_net:caif_netlink_parms(): no params data found
[  350.950517][ T5804] Bluetooth: hci2: command tx timeout
[  351.625506][ T8026] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.625960][ T8026] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.626879][ T8026] bridge_slave_0: entered allmulticast mode
[  351.661090][ T8026] bridge_slave_0: entered promiscuous mode
[  351.721387][ T8026] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.721821][ T8026] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.722462][ T8026] bridge_slave_1: entered allmulticast mode
[  351.770236][ T8026] bridge_slave_1: entered promiscuous mode
[  351.900108][ T5804] Bluetooth: hci9: command tx timeout
[  352.051295][ T5809] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  352.080712][ T5809] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  352.083207][ T5809] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  352.220507][ T5809] Bluetooth: hci3: command tx timeout
[  352.286184][ T5809] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  352.287619][ T5809] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  352.624651][ T8026] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.693226][ T8026] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.694819][ T8033] chnl_net:caif_netlink_parms(): no params data found
[  352.973235][ T8026] team0: Port device team_slave_0 added
[  353.100782][ T8026] team0: Port device team_slave_1 added
[  353.990282][ T5804] Bluetooth: hci9: command tx timeout
[  354.460401][ T5804] Bluetooth: hci10: command tx timeout
[  355.127194][ T8026] batman_adv: batadv0: Adding interface: batadv_slave_0
[  355.127211][ T8026] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  355.127236][ T8026] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  355.212983][ T8026] batman_adv: batadv0: Adding interface: batadv_slave_1
[  355.213001][ T8026] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  355.213077][ T8026] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.352817][ T8033] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.353156][ T8033] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.354127][ T8033] bridge_slave_0: entered allmulticast mode
[  355.381870][ T8033] bridge_slave_0: entered promiscuous mode
[  356.069928][ T5804] Bluetooth: hci9: command tx timeout
[  356.097011][ T8033] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.097503][ T8033] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.116770][ T8033] bridge_slave_1: entered allmulticast mode
[  356.422130][ T8033] bridge_slave_1: entered promiscuous mode
[  356.539987][ T5804] Bluetooth: hci10: command tx timeout
[  357.297882][ T8026] hsr_slave_0: entered promiscuous mode
[  357.314331][ T8026] hsr_slave_1: entered promiscuous mode
[  357.316680][ T8026] debugfs: 'hsr0' already exists in 'hsr'
[  357.316827][ T8026] Cannot create hsr debugfs directory
[  357.399489][ T8033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  357.474799][ T8033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  358.620077][ T5804] Bluetooth: hci10: command tx timeout
[  359.986097][ T8033] team0: Port device team_slave_0 added
[  360.195402][ T8033] team0: Port device team_slave_1 added
[  360.369353][ T8033] batman_adv: batadv0: Adding interface: batadv_slave_0
[  360.369371][ T8033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  360.403398][ T8033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  360.674811][ T8033] batman_adv: batadv0: Adding interface: batadv_slave_1
[  360.674829][ T8033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  360.674854][ T8033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  360.710762][ T5804] Bluetooth: hci10: command tx timeout
[  361.639042][ T8033] hsr_slave_0: entered promiscuous mode
[  361.650738][ T8033] hsr_slave_1: entered promiscuous mode
[  361.655400][ T8033] debugfs: 'hsr0' already exists in 'hsr'
[  361.655429][ T8033] Cannot create hsr debugfs directory
[  361.744982][ T8048] chnl_net:caif_netlink_parms(): no params data found
[  363.235536][ T8048] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.235987][ T8048] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.236957][ T8048] bridge_slave_0: entered allmulticast mode
[  363.308312][ T8048] bridge_slave_0: entered promiscuous mode
[  363.434671][ T8048] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.435006][ T8048] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.436202][ T8048] bridge_slave_1: entered allmulticast mode
[  363.502076][ T8048] bridge_slave_1: entered promiscuous mode
[  363.793260][ T8048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  363.953924][ T8048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  364.099434][ T8048] team0: Port device team_slave_0 added
[  364.118198][ T8048] team0: Port device team_slave_1 added
[  364.192061][ T8048] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.192130][ T8048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  364.192155][ T8048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.196167][ T8048] batman_adv: batadv0: Adding interface: batadv_slave_1
[  364.196183][ T8048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  364.196207][ T8048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  364.408501][ T8048] hsr_slave_0: entered promiscuous mode
[  364.420059][ T8048] hsr_slave_1: entered promiscuous mode
[  364.421786][ T8048] debugfs: 'hsr0' already exists in 'hsr'
[  364.421812][ T8048] Cannot create hsr debugfs directory
[  375.340453][   T37] INFO: task kworker/u8:7:570 blocked for more than 143 seconds.
[  375.340478][   T37]       Not tainted syzkaller #0
[  375.340488][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  375.340497][   T37] task:kworker/u8:7    state:D stack:20344 pid:570   tgid:570   ppid:2      task_flags:0x4208060 flags:0x00080000
[  375.340781][   T37] Workqueue: netns cleanup_net
[  375.341359][   T37] Call Trace:
[  375.341368][   T37]  <TASK>
[  375.341382][   T37]  __schedule+0x1553/0x5240
[  375.341916][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  375.342245][   T37]  ? __pfx___schedule+0x10/0x10
[  375.342285][   T37]  rt_mutex_schedule+0x76/0xf0
[  375.342320][   T37]  rt_mutex_slowlock_block+0x508/0x680
[  375.342568][   T37]  rt_mutex_slowlock+0x2dc/0x7b0
[  375.342592][   T37]  ? rt_mutex_slowlock+0x1fd/0x7b0
[  375.342612][   T37]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  375.342649][   T37]  ? lock_acquire+0x20b/0x2e0
[  375.342882][   T37]  ? rcu_barrier+0x4c/0x580
[  375.342910][   T37]  mutex_lock_nested+0x168/0x1d0
[  375.342928][   T37]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  375.342957][   T37]  rcu_barrier+0x4c/0x580
[  375.343193][   T37]  netdev_run_todo+0x2e0/0xde0
[  375.343293][   T37]  ? __pfx_netdev_run_todo+0x10/0x10
[  375.343529][   T37]  ? net_generic+0x1e/0x240
[  375.343874][   T37]  ? net_generic+0x1e/0x240
[  375.343897][   T37]  ? net_generic+0x1f4/0x240
[  375.343916][   T37]  ? nexthop_net_exit_rtnl+0x232/0x270
[  375.344206][   T37]  ops_undo_list+0x3d8/0x940
[  375.344234][   T37]  ? rt_spin_unlock+0x1f0/0x200
[  375.344255][   T37]  ? __pfx_ops_undo_list+0x10/0x10
[  375.344274][   T37]  ? rt_spin_unlock+0x14f/0x200
[  375.344295][   T37]  ? idr_destroy+0x21b/0x2a0
[  375.344744][   T37]  ? rt_spin_unlock+0x160/0x200
[  375.344768][   T37]  cleanup_net+0x56e/0x800
[  375.344792][   T37]  ? __pfx_cleanup_net+0x10/0x10
[  375.344818][   T37]  ? lock_acquire+0x20b/0x2e0
[  375.344837][   T37]  ? process_scheduled_works+0xa25/0x1830
[  375.345059][   T37]  ? process_scheduled_works+0xa25/0x1830
[  375.345086][   T37]  process_scheduled_works+0xb02/0x1830
[  375.345135][   T37]  ? __pfx_process_scheduled_works+0x10/0x10
[  375.345371][   T37]  ? assign_work+0x3d5/0x5e0
[  375.345402][   T37]  worker_thread+0xa50/0xfc0
[  375.345452][   T37]  kthread+0x388/0x470
[  375.345471][   T37]  ? __pfx_worker_thread+0x10/0x10
[  375.345705][   T37]  ? __pfx_kthread+0x10/0x10
[  375.345727][   T37]  ret_from_fork+0x51e/0xb90
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  375.345772][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  375.345794][   T37]  ? __switch_to+0xc7d/0x1450
[  375.346038][   T37]  ? __pfx_kthread+0x10/0x10
[  375.346061][   T37]  ret_from_fork_asm+0x1a/0x30
[  375.346109][   T37]  </TASK>
[  375.346456][   T37] INFO: task syz-executor:5794 blocked for more than 143 seconds.
[  375.346698][   T37]       Not[  375.346698][   T37]       Not tainted syzkaller #0
[  375.346709][   T37]       Blocked by coredump.
[  375.346715][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  375.346723][   T37] task:syz-executor    state:D stack:22056 pid:5794  tgid:5794  ppid:1      task_flags:0x40054c flags:0x00080003
[  375.346772][   T37] Call Trace:
[  375.346778][   T37]  <TASK>
[  375.346791][   T37]  __schedule+0x1553/0x5240
[  375.347033][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  375.347069][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  375.347087][   T37]  ? __pfx___schedule+0x10/0x10
[  375.347122][   T37]  rt_mutex_schedule+0x76/0xf0
[  375.347345][   T37]  rt_mutex_slowlock_block+0x508/0x680
[  375.347383][   T37]  rt_mutex_slowlock+0x2dc/0x7b0
[  375.347402][   T37]  ? rt_mutex_slowlock+0x1fd/0x7b0
[  375.347421][   T37]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  375.347667][   T37]  ? rcu_barrier+0x4c/0x580
[  375.347747][   T37]  ? rcu_barrier+0x4c/0x580
[  375.347976][   T37]  mutex_lock_nested+0x168/0x1d0
[  375.347996][   T37]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  375.348018][   T37]  rcu_barrier+0x4c/0x580
[  375.348049][   T37]  netdev_run_todo+0x2e0/0xde0
[  375.348081][   T37]  ? __pfx_netdev_run_todo+0x10/0x10
[  375.348313][   T37]  ? kasan_quarantine_put+0xbb/0x1f0
[  375.348656][   T37]  ? lockdep_hardirqs_on+0x7a/0x110
[  375.348733][   T37]  ? netdev_state_change+0x1ca/0x220
[  375.348756][   T37]  ? __pfx_tun_chr_close+0x10/0x10
[  375.349216][   T37]  tun_chr_close+0x13f/0x1c0
[  375.349242][   T37]  __fput+0x461/0xa90
[  375.349316][   T37]  task_work_run+0x1d9/0x270
[  375.349541][   T37]  ? __pfx_task_work_run+0x10/0x10
[  375.355403][   T37]  ? kmem_cache_free+0x185/0x6b0
[  375.376795][   T37]  ? put_net+0x191/0x260
[  375.376838][   T37]  do_exit+0x70f/0x23c0
[  375.376890][   T37]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  375.405746][   T37]  ? __pfx_do_exit+0x10/0x10
[  375.405782][   T37]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  375.405803][   T37]  ? reacquire_held_locks+0x104/0x190
[  375.405821][   T37]  ? rt_spin_lock+0x1e0/0x400
[  375.425744][   T37]  do_group_exit+0x21b/0x2d0
[  375.425783][   T37]  ? rt_spin_unlock+0x160/0x200
[  375.425809][   T37]  get_signal+0x125c/0x1310
[  375.437139][   T37]  arch_do_signal_or_restart+0xbc/0x830
[  375.437174][   T37]  ? __pfx___x64_sys_wait4+0x10/0x10
[  375.437205][   T37]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  375.468228][   T37]  exit_to_user_mode_loop+0x86/0x480
[  375.468293][   T37]  ? rcu_is_watching+0x15/0xb0
[  375.575931][   T37]  do_syscall_64+0x32d/0xf80
[  375.575967][   T37]  ? trace_irq_disable+0x3b/0x150
[  375.576013][   T37]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.576048][   T37]  ? clear_bhb_loop+0x40/0x90
[  375.576069][   T37]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.576087][   T37] RIP: 0033:0x7f4b2233cfce
[  375.576104][   T37] RSP: 002b:00007ffcd4e5f8d8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[  375.576196][   T37] RAX: fffffffffffffe00 RBX: 000055556c468500 RCX: 00007f4b2233cfce
[  375.576209][   T37] RDX: 0000000040000000 RSI: 00007ffcd4e5f97c RDI: ffffffffffffffff
[  375.576221][   T37] RBP: 00007ffcd4e5f97c R08: 0000000000000000 R09: 0000000000000000
[  375.576233][   T37] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000000ee
[  375.576244][   T37] R13: 000055556c47b9f0 R14: 00000000000330a3 R15: 00007ffcd4e5f9d0
[  375.576274][   T37]  </TASK>
[  375.576326][   T37] INFO: task syz.1.604:7640 blocked for more than 143 seconds.
[  375.576341][   T37]       Not tainted syzkaller #0
[  375.576350][   T37]       Blocked by coredump.
[  375.576355][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  375.576363][   T37] task:syz.1.604       state:D stack:24024 pid:7640  tgid:7639  ppid:5796   task_flags:0x40054c flags:0x00080003
[  375.576412][   T37] Call Trace:
[  375.576419][   T37]  <TASK>
[  375.576430][   T37]  __schedule+0x1553/0x5240
[  375.576457][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  375.576490][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  375.576509][   T37]  ? __pfx___schedule+0x10/0x10
[  375.576543][   T37]  rt_mutex_schedule+0x76/0xf0
[  375.576565][   T37]  rt_mutex_slowlock_block+0x508/0x680
[  375.576602][   T37]  rt_mutex_slowlock+0x2dc/0x7b0
[  375.576622][   T37]  ? rt_mutex_slowlock+0x1fd/0x7b0
[  375.576641][   T37]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  375.576677][   T37]  ? rcu_barrier+0x4c/0x580
[  375.576702][   T37]  ? rcu_barrier+0x4c/0x580
[  375.576721][   T37]  mutex_lock_nested+0x168/0x1d0
[  375.576738][   T37]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  375.576761][   T37]  rcu_barrier+0x4c/0x580
[  375.576790][   T37]  netdev_run_todo+0x2e0/0xde0
[  375.576822][   T37]  ? __pfx_netdev_run_todo+0x10/0x10
[  375.576845][   T37]  ? kasan_quarantine_put+0xbb/0x1f0
[  375.576869][   T37]  ? lockdep_hardirqs_on+0x7a/0x110
[  375.576898][   T37]  ? netdev_state_change+0x1ca/0x220
[  375.576920][   T37]  ? __pfx_tun_chr_close+0x10/0x10
[  375.576943][   T37]  tun_chr_close+0x13f/0x1c0
[  375.576964][   T37]  __fput+0x461/0xa90
[  375.576996][   T37]  task_work_run+0x1d9/0x270
[  375.577019][   T37]  ? __pfx_task_work_run+0x10/0x10
[  375.577040][   T37]  ? kmem_cache_free+0x185/0x6b0
[  375.577064][   T37]  ? put_net+0x191/0x260
[  375.577091][   T37]  do_exit+0x70f/0x23c0
[  375.577112][   T37]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  375.577138][   T37]  ? __pfx_do_exit+0x10/0x10
[  375.577154][   T37]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  375.577180][   T37]  ? reacquire_held_locks+0x104/0x190
[  375.577199][   T37]  ? rt_spin_lock+0x1e0/0x400
[  375.577228][   T37]  do_group_exit+0x21b/0x2d0
[  375.577248][   T37]  ? rt_spin_unlock+0x160/0x200
[  375.577268][   T37]  get_signal+0x125c/0x1310
[  375.577311][   T37]  arch_do_signal_or_restart+0xbc/0x830
[  375.577341][   T37]  ? __pfx___x64_sys_clone+0x10/0x10
[  375.577365][   T37]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  375.577412][   T37]  exit_to_user_mode_loop+0x86/0x480
[  375.577435][   T37]  ? rcu_is_watching+0x15/0xb0
[  375.577457][   T37]  do_syscall_64+0x32d/0xf80
[  375.577479][   T37]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.577498][   T37]  ? clear_bhb_loop+0x40/0x90
[  375.577520][   T37]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.577537][   T37] RIP: 0033:0x7fc068dac799
[  375.577552][   T37] RSP: 002b:00007fc067005fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  375.577570][   T37] RAX: fffffffffffffff4 RBX: 00007fc069025fa0 RCX: 00007fc068dac799
[  375.577583][   T37] RDX: 0000200000000000 RSI: 0000000000000050 RDI: 0000000040001000
[  375.577594][   T37] RBP: 00007fc068e42c99 R08: 0000000000000000 R09: 0000000000000000
[  375.577605][   T37] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  375.577616][   T37] R13: 00007fc069026038 R14: 00007fc069025fa0 R15: 00007ffec7552e58
[  375.577646][   T37]  </TASK>
[  375.577654][   T37] INFO: task syz.0.619:7674 blocked for more than 143 seconds.
[  375.577666][   T37]       Not tainted syzkaller #0
[  375.577674][   T37]       Blocked by coredump.
[  375.577679][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  375.577687][   T37] task:syz.0.619       state:D stack:25288 pid:7674  tgid:7673  ppid:5794   task_flags:0x40054c flags:0x00080001
[  375.577729][   T37] Call Trace:
[  375.577735][   T37]  <TASK>
[  375.577746][   T37]  __schedule+0x1553/0x5240
[  375.577772][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  375.577794][   T37]  ? kvm_sched_clock_read+0x11/0x20
[  375.577823][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[  375.577842][   T37]  ? __pfx___schedule+0x10/0x10
[  375.577876][   T37]  rt_mutex_schedule+0x76/0xf0
[  375.577896][   T37]  rt_mutex_slowlock_block+0x508/0x680
[  375.577932][   T37]  rt_mutex_slowlock+0x2dc/0x7b0
[  375.577953][   T37]  ? rt_mutex_slowlock+0x1fd/0x7b0
[  375.577974][   T37]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  375.578009][   T37]  ? rcu_barrier+0x4c/0x580
[  375.578035][   T37]  ? rcu_barrier+0x4c/0x580
[  375.578058][   T37]  mutex_lock_nested+0x168/0x1d0
[  375.578075][   T37]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  375.578096][   T37]  rcu_barrier+0x4c/0x580
[  375.578127][   T37]  netdev_run_todo+0x2e0/0xde0
[  375.578155][   T37]  ? __pfx_netdev_run_todo+0x10/0x10
[  375.578183][   T37]  ? unregister_netdevice_queue+0x31f/0x360
[  375.578210][   T37]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  375.578234][   T37]  ? ppp_release+0x8a/0x1f0
[  375.578335][   T37]  ppp_release+0xf5/0x1f0
[  375.578356][   T37]  ? __pfx_ppp_release+0x10/0x10
[  375.578377][   T37]  __fput+0x461/0xa90
[  375.578408][   T37]  task_work_run+0x1d9/0x270
[  375.578432][   T37]  ? __pfx_task_work_run+0x10/0x10
[  375.578453][   T37]  ? rt_spin_unlock+0x160/0x200
[  375.578478][   T37]  do_exit+0x70f/0x23c0
[  375.578498][   T37]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  375.578524][   T37]  ? __pfx_do_exit+0x10/0x10
[  375.578540][   T37]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  375.578558][   T37]  ? reacquire_held_locks+0x104/0x190
[  375.578578][   T37]  ? rt_spin_lock+0x1e0/0x400
[  375.578607][   T37]  do_group_exit+0x21b/0x2d0
[  375.578626][   T37]  ? rt_spin_unlock+0x160/0x200
[  375.578646][   T37]  get_signal+0x125c/0x1310
[  375.578687][   T37]  arch_do_signal_or_restart+0xbc/0x830
[  375.578709][   T37]  ? __pfx_smack_file_ioctl+0x10/0x10
[  375.578816][   T37]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  375.578845][   T37]  ? __fget_files+0x2a/0x420
[  375.578935][   T37]  exit_to_user_mode_loop+0x86/0x480
[  375.578959][   T37]  ? rcu_is_watching+0x15/0xb0
[  375.578982][   T37]  do_syscall_64+0x32d/0xf80
[  375.579003][   T37]  ? trace_irq_disable+0x3b/0x150
[  375.579022][   T37]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.579040][   T37]  ? clear_bhb_loop+0x40/0x90
[  375.579062][   T37]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.579080][   T37] RIP: 0033:0x7f4b2237c799
[  375.579095][   T37] RSP: 002b:00007f4b205d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  375.579114][   T37] RAX: fffffffffffffff2 RBX: 00007f4b225f5fa0 RCX: 00007f4b2237c799
[  375.579127][   T37] RDX: 000000110e22fff6 RSI: 00000000c004743e RDI: 0000000000000003
[  375.579139][   T37] RBP: 00007f4b22412c99 R08: 0000000000000000 R09: 0000000000000000
[  375.579149][   T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.579160][   T37] R13: 00007f4b225f6038 R14: 00007f4b225f5fa0 R15: 00007ffcd4e5f5d8
[  375.579198][   T37]  </TASK>
[  375.579278][   T37] 
[  375.579278][   T37] Showing all locks held in the system:
[  375.579289][   T37] 2 locks held by kworker/u8:0/12:
[  375.579338][   T37] 6 locks held by pr/legacy/17:
[  375.579350][   T37] 4 locks held by rcuc/1/28:
[  375.579359][   T37]  #0: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.579419][   T37]  #1: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: process_backlog+0x271/0xc60
[  375.579462][   T37]  #2: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: NF_HOOK+0x9e/0x3c0
[  375.582026][   T37]  #3: ffff88801da92958 (&n->list_lock){+.+.}-{3:3}, at: __refill_objects_node+0x87/0x560
[  375.582084][   T37] 1 lock held by khungtaskd/37:
[  375.582094][   T37]  #0: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  375.582153][   T37] 8 locks held by kworker/u8:2/42:
[  375.582163][   T37]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  375.582216][   T37]  #1: ffffc90000b37c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  375.582264][   T37]  #2: ffff88802b9f8300 (&devlink->lock_key#10){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  375.582387][   T37]  #3: ffff88807a3f4d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  375.582431][   T37]  #4: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[  375.582470][   T37]  #5: ffffffff8dc630a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.582516][   T37]  #6: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.582561][   T37]  #7: ffff8880b88391f8 ((bh_lock)){+...}-{3:3}, at: napi_skb_cache_get+0xbf/0x410
[  375.582638][   T37] 8 locks held by kworker/u8:3/57:
[  375.582649][   T37]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  375.582693][   T37]  #1: ffffc9000123fc40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  375.582739][   T37]  #2: ffff8880513dc300 (&devlink->lock_key#7){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  375.582785][   T37]  #3: ffff88803d578d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  375.582827][   T37]  #4: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[  375.582866][   T37]  #5: ffffffff8dc630a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.582914][   T37]  #6: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.582961][   T37]  #7: ffff8880b88391f8 ((bh_lock)){+...}-{3:3}, at: napi_skb_cache_get+0xbf/0x410
[  375.583005][   T37] 8 locks held by kworker/u8:4/68:
[  375.583016][   T37] 5 locks held by kworker/u8:5/88:
[  375.583030][   T37] 4 locks held by kworker/u8:7/570:
[  375.583040][   T37]  #0: ffff88801aee1138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  375.583084][   T37]  #1: ffffc900042d7c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  375.583127][   T37]  #2: ffffffff8f14b940 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[  375.583179][   T37]  #3: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.583229][   T37] 8 locks held by kworker/u8:11/1150:
[  375.583239][   T37]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  375.583286][   T37]  #1: ffffc900058ffc40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  375.583332][   T37]  #2: ffff888025504300 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  375.583377][   T37]  #3: ffff88805f5e8920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  375.583418][   T37]  #4: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[  375.583459][   T37]  #5: ffffffff8dc630a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.583507][   T37]  #6: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.583551][   T37]  #7: ffff8880b88391f8 ((bh_lock)){+...}-{3:3}, at: napi_skb_cache_get+0xbf/0x410
[  375.583610][   T37] 3 locks held by klogd/5153:
[  375.583621][   T37] 2 locks held by getty/5552:
[  375.583631][   T37]  #0: ffff888037b260a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  375.583737][   T37]  #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0
[  375.583809][   T37] 3 locks held by sshd-session/5779:
[  375.583820][   T37]  #0: ffff88803e148358 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sendmsg+0x21/0x50
[  375.583896][   T37]  #1: ffffffff8df09470 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  375.583942][   T37]  #2: ffff88801da92958 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0xee/0x2a0
[  375.583989][   T37] 4 locks held by syz-executor/5780:
[  375.584000][   T37] 1 lock held by syz-executor/5794:
[  375.584009][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.584052][   T37] 1 lock held by syz-executor/5797:
[  375.584062][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.584113][   T37] 2 locks held by kbnepd bnep0/7385:
[  375.584123][   T37]  #0: ffffffff8f30d500 (bnep_session_sem){+.+.}-{4:4}, at: bnep_session+0x29c4/0x2c00
[  375.584275][   T37]  #1: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.584320][   T37] 8 locks held by kworker/u8:13/7465:
[  375.584328][   T37]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  375.584370][   T37]  #1: ffffc900058afc40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  375.584417][   T37]  #2: ffff888025394300 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  375.584463][   T37]  #3: ffff888039c2a520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  375.584505][   T37]  #4: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[  375.584544][   T37]  #5: ffffffff8dc630a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.584589][   T37]  #6: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  375.584633][   T37]  #7: ffff8880b88391f8 ((bh_lock)){+...}-{3:3}, at: napi_skb_cache_get+0xbf/0x410
[  375.584674][   T37] 2 locks held by syz.3.594/7613:
[  375.584685][   T37]  #0: ffffffff8f6bf2e0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  375.584784][   T37]  #1: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.584826][   T37] 1 lock held by syz.1.604/7640:
[  375.584836][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.584879][   T37] 1 lock held by syz.0.619/7674:
[  375.584889][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.584930][   T37] 1 lock held by syz-executor/7700:
[  375.584940][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.584981][   T37] 1 lock held by syz-executor/7710:
[  375.584990][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.585033][   T37] 1 lock held by syz-executor/7725:
[  375.585043][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.585085][   T37] 1 lock held by syz-executor/7736:
[  375.585095][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.585138][   T37] 6 locks held by kworker/u8:14/7746:
[  375.585147][   T37]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  375.585198][   T37]  #1: ffffc90004fd7c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  375.585244][   T37]  #2: ffff88802961c300 (&devlink->lock_key#8){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  375.585289][   T37]  #3: ffff888037512520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  375.585331][   T37]  #4: ffffffff8ddcb880 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[  375.585371][   T37]  #5: ffff88801da92958 (&n->list_lock){+.+.}-{3:3}, at: __refill_objects_node+0x87/0x560
[  375.585416][   T37] 7 locks held by kworker/u8:15/7774:
[  375.585427][   T37] 1 lock held by syz.2.638/7781:
[  375.585436][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.585480][   T37] 1 lock held by syz-executor/7847:
[  375.585490][   T37]  #0: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.585536][   T37] 7 locks held by syz-executor/7953:
[  375.585545][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.585629][   T37]  #1: ffff888062b09078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.585739][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.585790][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.585864][   T37]  #4: ffff88803cb5e0d8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x870
[  375.585950][   T37]  #5: ffff88803932c300 (&devlink->lock_key#6){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160
[  375.586027][   T37]  #6: ffffffff8ddd1af0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  375.586069][   T37] 4 locks held by syz-executor/7958:
[  375.586079][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.586126][   T37]  #1: ffff88804e6fd878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.586178][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.586229][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.586274][   T37] 4 locks held by syz-executor/7961:
[  375.586288][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.586336][   T37]  #1: ffff8880297e2078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.586380][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.586428][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.586481][   T37] 4 locks held by syz-executor/7964:
[  375.586491][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.586538][   T37]  #1: ffff8880570d0c78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.586583][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.629765][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.629831][   T37] 7 locks held by kworker/u8:18/7968:
[  375.629846][   T37] 4 locks held by syz-executor/8006:
[  375.629855][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.629904][   T37]  #1: ffff88807853ac78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.629955][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.630004][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.630047][   T37] 4 locks held by syz-executor/8018:
[  375.630058][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.630103][   T37]  #1: ffff888078813c78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.630149][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.630197][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.630241][   T37] 4 locks held by syz-executor/8026:
[  375.630250][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.630299][   T37]  #1: ffff888077b19c78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.630343][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.630391][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.630437][   T37] 4 locks held by syz-executor/8033:
[  375.630448][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.630495][   T37]  #1: ffff88807e00a878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.630539][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.630588][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.630635][   T37] 4 locks held by syz-executor/8048:
[  375.630644][   T37]  #0: ffff8880384e4480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  375.630691][   T37]  #1: ffff888040282c78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  375.630743][   T37]  #2: ffff8880281d2e18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  375.630792][   T37]  #3: ffffffff8e9c79b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  375.630839][   T37] 
[  375.630844][   T37] =============================================
[  375.630844][   T37] 
[  375.630868][   T37] NMI backtrace for cpu 1
[  375.630885][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  375.630911][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  375.630921][   T37] Call Trace:
[  375.630929][   T37]  <TASK>
[  375.630937][   T37]  dump_stack_lvl+0xe8/0x150
[  375.630962][   T37]  nmi_cpu_backtrace+0x274/0x2d0
[  375.630981][   T37]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  375.631006][   T37]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  375.631027][   T37]  sys_info+0x135/0x170
[  375.631049][   T37]  watchdog+0xfd9/0x1030
[  375.631075][   T37]  ? watchdog+0x21a/0x1030
[  375.631099][   T37]  kthread+0x388/0x470
[  375.631117][   T37]  ? __pfx_watchdog+0x10/0x10
[  375.631135][   T37]  ? __pfx_kthread+0x10/0x10
[  375.631154][   T37]  ret_from_fork+0x51e/0xb90
[  375.631178][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  375.631199][   T37]  ? __switch_to+0xc7d/0x1450
[  375.631224][   T37]  ? __pfx_kthread+0x10/0x10
[  375.631241][   T37]  ret_from_fork_asm+0x1a/0x30
[  375.631272][   T37]  </TASK>
[  375.631278][   T37] Sending NMI from CPU 1 to CPUs 0:
[  375.631308][    C0] NMI backtrace for cpu 0
[  375.631322][    C0] CPU: 0 UID: 0 PID: 17 Comm: pr/legacy Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  375.631343][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  375.631353][    C0] RIP: 0010:io_serial_in+0x77/0xc0
[  375.631476][    C0] Code: e8 8e f0 94 fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 df fe fa fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f c3 cc cc cc cc cc 44 89 f9 80 e1 07
[  375.631490][    C0] RSP: 0018:ffffc900001679d0 EFLAGS: 00000202
[  375.631504][    C0] RAX: 1ffffffff332a000 RBX: 00000000000003fd RCX: 0000000000000000
[  375.631514][    C0] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000
[  375.631524][    C0] RBP: ffffffff99950730 R08: 0000000000000000 R09: 0000000000000000
[  375.631534][    C0] R10: dffffc0000000000 R11: ffffffff852f62f0 R12: dffffc0000000000
[  375.631545][    C0] R13: 0000000000000000 R14: ffffffff999504a0 R15: 0000000000000000
[  375.631555][    C0] FS:  0000000000000000(0000) GS:ffff88812633f000(0000) knlGS:0000000000000000
[  375.631568][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.631579][    C0] CR2: 00007f01f0b622bb CR3: 00000000394ea000 CR4: 00000000003526f0
[  375.631592][    C0] Call Trace:
[  375.631599][    C0]  <TASK>
[  375.631606][    C0]  wait_for_lsr+0x1aa/0x2f0
[  375.631629][    C0]  serial8250_console_write+0x120d/0x1b90
[  375.631655][    C0]  ? __pfx_serial8250_console_write+0x10/0x10
[  375.631677][    C0]  ? console_flush_one_record+0x48f/0xb90
[  375.631700][    C0]  console_flush_one_record+0x68b/0xb90
[  375.631724][    C0]  ? console_flush_one_record+0xfa/0xb90
[  375.631746][    C0]  ? __pfx_console_flush_one_record+0x10/0x10
[  375.631768][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  375.631790][    C0]  legacy_kthread_func+0x1b6/0x250
[  375.631811][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[  375.631831][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[  375.631853][    C0]  ? __kthread_parkme+0x7a/0x1f0
[  375.631877][    C0]  kthread+0x388/0x470
[  375.631892][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[  375.631910][    C0]  ? __pfx_kthread+0x10/0x10
[  375.631925][    C0]  ret_from_fork+0x51e/0xb90
[  375.631946][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  375.631963][    C0]  ? __switch_to+0xc7d/0x1450
[  375.631982][    C0]  ? __pfx_kthread+0x10/0x10
[  375.631997][    C0]  ret_from_fork_asm+0x1a/0x30
[  375.632018][    C0]  </TASK>
[  375.632313][   T37] Kernel panic - not syncing: hung_task: blocked tasks
[  375.632327][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  375.632347][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  375.632357][   T37] Call Trace:
[  375.632363][   T37]  <TASK>
[  375.632370][   T37]  vpanic+0x56c/0xa60
[  375.632399][   T37]  ? __pfx_vpanic+0x10/0x10
[  375.632430][   T37]  panic+0xc5/0xd0
[  375.632452][   T37]  ? __pfx_panic+0x10/0x10
[  375.632472][   T37]  ? printk_trigger_flush+0x117/0x180
[  375.632496][   T37]  ? lockdep_hardirqs_on+0x7a/0x110
[  375.632526][   T37]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[  375.632548][   T37]  watchdog+0x1023/0x1030
[  375.632573][   T37]  ? watchdog+0x21a/0x1030
[  375.632599][   T37]  kthread+0x388/0x470
[  375.632617][   T37]  ? __pfx_watchdog+0x10/0x10
[  375.632635][   T37]  ? __pfx_kthread+0x10/0x10
[  375.632653][   T37]  ret_from_fork+0x51e/0xb90
[  375.632679][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  375.632700][   T37]  ? __switch_to+0xc7d/0x1450
[  375.632723][   T37]  ? __pfx_kthread+0x10/0x10
[  375.632750][   T37]  ret_from_fork_asm+0x1a/0x30
[  375.632784][   T37]  </TASK>
[  375.633111][   T37] Kernel Offset: disabled