last executing test programs:

23m28.019747832s ago: executing program 32 (id=23):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100ff2bbe11a5ce7879edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x20000000, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_emit_ethernet(0x17b, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaa"], 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4000}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x14}]}]}, 0x5c}}, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r8 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x3, @remote}, 0x10)
openat$vcs(0xffffffffffffff9c, 0x0, 0x100, 0x0)
syslog(0x4, &(0x7f0000000140)=""/179, 0xb3)

21m22.51458934s ago: executing program 33 (id=262):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x15, 0x0, 0x1}, {0x1c}, {0x6, 0x0, 0x0, 0x7ffffcb9}]})
r0 = socket$kcm(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001540)=ANY=[@ANYBLOB="bf16000000000000b707000000010000487000000000000050000000000000ff95000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd086004c4a56c6cce6e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e430a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c0000000000000000000a000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000cfd2f4d005578b9ed06e1c41ef3b411066739de953d39b968caaca1507928d68c8f052"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x0, 0x300}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000, 0x40000000}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x5, 0x0, 0xfffffffc, 0x5}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x470a, 0x0, 0x8000000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x7ffc, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2b25}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x3}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0xfffffffd}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x8, 0x0, 0x3}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0x0, 0x0, 0x0, 0x200}, {}, {0x4}, {}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3, 0xfffffffe}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xfffffffc}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x4, 0x2, 0x2000000, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9d, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x1, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0xffffffff, 0x0, 0x0, 0x0, 0xfffffffe}, {0x2d, 0x0, 0x10000}, {0x0, 0x0, 0x8000}, {0x0, 0x8000, 0x0, 0xe}, {0x3, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0xffffffff, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x0, 0x1}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {0x2}, {}, {}, {}, {0x0, 0x1}, {}, {0x3, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {0x0, 0x1}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x2}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x5, 0x1}, {}, {0x1}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b000100001000090455070103490200090582030004"], 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000680)={0x24, &(0x7f0000000480)={0x40, 0x31, 0xb5, {0xb5, 0x30, "985a39f6fcfd81c076710892e0967c0a8abe3c44bbe114333f858d0dd4ac25abe60157035588abf6f82ad20e27331989128b0671ee02f3e9e958bc3d88269a7f6117eadd99d989f30e51b6ad26b698e2b79783a08d5925b99fd449594746d571ce9402a9c0c0afbdeba4f609375481bc969e412b9a22a98e872cbe1ca157000b4658acb464912e5d56528e03e0a2dbf30ca200ba7a860aaa3af3fe22454fa19157bc0ad3912f5d5dca006cd6eecad7c10dfe44"}}, &(0x7f0000000400)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x814}}, &(0x7f0000000540)={0x0, 0x22, 0xe, {[@main=@item_4={0x3, 0x0, 0x8, "8b5bacf9"}, @global=@item_012={0x2, 0x1, 0x5, "4c1b"}, @local=@item_012={0x1, 0x2, 0x0, "ed"}, @main=@item_012={0x0, 0x0, 0xc}, @global=@item_012={0x2, 0x1, 0xb, "f62b"}]}}, &(0x7f0000000640)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7, 0xbb, 0x1, {0x22, 0x9d0}}}}, &(0x7f00000008c0)={0x2c, &(0x7f00000006c0)={0x0, 0xe, 0x63, "3ec614e03b42e9d9a25282a6999a1140a62bae9b6f236263b6e9b4d875f59ad3ab5e757b03ce1c0a275468aa195b86afc5857b0f6f262c38e0cbd76e36fa632b414aa2a8f572873912287708406efefce5302c9ed58727ed98c95647b5b413cc937928"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x9}, &(0x7f00000007c0)={0x20, 0x1, 0xb7, "5c8d344c383960fb44f0e76b5d752d921dcfbbfc2b73fcb62a30575d6bd9bc005997393955ed7f976edf6719a38113fafb01120d22ac4281835913ae13f16fb7076384dd2a9dbc46a9dda0c94db07379410253f52e2a42a637be4cf98ca44d3cac71dfb2379f9d67e7ef1284d5d2b288b62346514fe01c434ee589e905fb01d20d46d85ab5650d8b2a38cacb022e5571658ed420d2c203123d39a4c25a691447de4877d9d58e01b778382b860535f9e2900fac2783cb83"}, &(0x7f0000000880)={0x20, 0x3, 0x1}})
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001280), r4)
sendmsg$NL80211_CMD_DEL_PMK(r5, &(0x7f0000001340)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001300)={&(0x7f00000012c0)={0x38, r6, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x20000000)
socket$inet6_tcp(0xa, 0x1, 0x0)
fsopen(&(0x7f0000000240)='ramfs\x00', 0x0)
syz_open_dev$sndpcmc(&(0x7f00000000c0), 0x2, 0x400000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r9, &(0x7f0000000000)=0x2b00, 0x12)

11m54.873434872s ago: executing program 3 (id=1728):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x11, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x2, 0x80802, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socket$inet6_tcp(0xa, 0x1, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0x143fc2, 0x1d8)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x40042, 0x121)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='pagemap\x00')
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x0, 0x4}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00006ec000/0x1000)=nil, &(0x7f00002c7000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000559000/0x4000)=nil, &(0x7f000008d000/0x1000)=nil, &(0x7f00005e2000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000021a000/0x1000)=nil, &(0x7f00005e1000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="0000000010000000660002000000ffb0180000000007000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000020b50a00000000000085"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
pipe(&(0x7f0000000100))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0208000004"], 0x48)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

11m54.729779234s ago: executing program 3 (id=1731):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x44}}, 0x0)

11m54.597574424s ago: executing program 3 (id=1732):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x11, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x2, 0x80802, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socket$inet6_tcp(0xa, 0x1, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0x143fc2, 0x1d8)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x40042, 0x121)
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x0, 0x4}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00006ec000/0x1000)=nil, &(0x7f00002c7000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000559000/0x4000)=nil, &(0x7f000008d000/0x1000)=nil, &(0x7f00005e2000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000021a000/0x1000)=nil, &(0x7f00005e1000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000004000000000000000000010851000000600000018020000", @ANYBLOB="0000000010000000660002000000ffb0180000000007000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000020b50a00000000000085"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
pipe(&(0x7f0000000100))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0208000004"], 0x48)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

11m54.480464348s ago: executing program 3 (id=1733):
r0 = mq_open(&(0x7f0000000440)='eth0\x00\xe7\x87\xaf\x9d#`\xda8\xce1\xca\xe0!>\f\xe1\x13\xf7B\xb96\x8e@\xe8k,\xad\xc7h\xc6-\x8c\xce?q\x8f\xeaX=\xc1#\xb1\xa5\xd5:L^\x85P\x0e\x11*\x8fl\xbbC\xf96\xbd\xbe\xbc41Gs\x18\x80\xf6\xac\x81\x1f\x80P2&h\x9db\xb9Q \xec\xdb!\xa5\xb6A\x1c\xd3\f-\x8f\x86\fr\x02\x12\x91U=\x0f\x9fE\xd7^oK\'9\xcbx\xa1\xa0\xe3\x93\xf7->\x97N\x1c]\bL\xe0r\x11\a\x84\xac\xb6\x14\xa0\xe0\xaa:C\xaf\x0e)\xedf\xa0\x8e\x98\xe9\x90/\xe7o\xa3\xcd\xd6]\xf91Y\x1a{\x8a\xa5)\xd4\x90\xc5\xf1?,\x8fS\x85.q\xbd_CQ3\x955\xad\xac\x94\xbe\xebT\xce\x037\x1ao[\xdc\xde(\xf9 \xe7\x17^p\xffA\v\x9c\xef\x01\xf7\xa9\x00\aF\xd5\x87\nI\xa6:Oy1\x1a\x97\x1a\x05\x1e\xbc\xd1\xe8L\xf3Yh\xb6\x8b\x1a\xc5\x87)3', 0x42, 0x0, 0x0)
readv(r0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2)

11m54.012136254s ago: executing program 3 (id=1735):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)

11m53.050387391s ago: executing program 3 (id=1737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d0", 0x1}], 0x1, 0x0, 0x0, 0x800300}, 0x20004801)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='xprtrdma_reply\x00', r5}, 0x18)

11m37.235402981s ago: executing program 34 (id=1737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d0", 0x1}], 0x1, 0x0, 0x0, 0x800300}, 0x20004801)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='xprtrdma_reply\x00', r5}, 0x18)

10m42.75667821s ago: executing program 1 (id=1800):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x11, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x2, 0x80802, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socket$inet6_tcp(0xa, 0x1, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0x143fc2, 0x1d8)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x40042, 0x121)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='pagemap\x00')
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x0, 0x4}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00006ec000/0x1000)=nil, &(0x7f00002c7000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000559000/0x4000)=nil, &(0x7f000008d000/0x1000)=nil, &(0x7f00005e2000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000021a000/0x1000)=nil, &(0x7f00005e1000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="0000000010000000660002000000ffb0180000000007000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000020b50a00000000000085"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
pipe(&(0x7f0000000100))
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

10m42.501388689s ago: executing program 1 (id=1802):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
accept4(r5, 0x0, 0x0, 0x800)
dup2(r0, r0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x1c}, 0x3f}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)

10m40.676587283s ago: executing program 1 (id=1803):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000"], 0x44}}, 0x0)

10m36.881477135s ago: executing program 1 (id=1809):
inotify_init1(0x800)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x28, 0x43, 0x107, 0xfffffffe, 0x25dfdbfc, {0x3, 0x7c}, [@nested={0x4, 0x145}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x1c, 0x0, 0x1, [@typed={0x4, 0x125}, @nested={0x4, 0x91}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x84}, 0xc000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x820000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0/../file0/../file0\x00', 0x0, 0x1210020, &(0x7f0000000000)={[{@uid, 0x41}]})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000002140)={0x2020}, 0x2020)
ioctl$DRM_IOCTL_MODE_ADDFB(0xffffffffffffffff, 0xc01c64ae, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x2f, 0x18})
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00')
read$FUSE(r3, &(0x7f0000002080)={0x2020}, 0x54)
syz_emit_ethernet(0x66, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x30, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xc, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x9, 0x8}, @generic={0x1, 0xf, "539e5d238ab988ad84107fd270"}]}}}}}}}}, 0x0)

10m36.500478609s ago: executing program 1 (id=1811):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x14}, 0x4c8c0)
dup2(r0, r0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)

10m32.410964021s ago: executing program 1 (id=1814):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r1 = fcntl$dupfd(r0, 0x0, r0)
read$ptp(r1, &(0x7f0000002700)=""/4096, 0x1000)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000005040)={0x0, 0x0, &(0x7f0000005000)={0x0}, 0x1, 0x0, 0x0, 0x20008041}, 0x10)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e04032420"], 0x7)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r1, 0x7ac, &(0x7f0000000080)={&(0x7f0000000100)={{@hyper}, {@local, 0x4000000}, 0x400, "02f5013836c14292297b85d10cb76ea6763eafe485535ee1c83642fab30d2da24264ba4df77db379834fb5c1cf39aff9c71e0250cde11ed43d0137656c93b27c9c948beca6ce13ea79cf53df53b5ea78f544a2cce2ba77dad5c0ae490c79eafaee7dfc06ec5543677e001bc25c732450d10c0390520b5d807bb72ed967c5ef9a05f0383388412a051299012948cdd9a7153869e40086f18c2ffbe9ddf3a0751c97da6a93ccd04bed4feb2361085162945e43767b16684225f90ed99667d533e35d13d1a40099fc8f3439fcaaaf6a85b31d54ddedab6eea3bf80920fb12050e96f57028c50911b562d9111c8bf6bbc7ed7c0c05f18c8473c242153a948b8e0247d65ba584e8da78fd1413132e00d22e78f975499aec2433203676dcd0495cf3b70793d73283b70985b41d699382e0cec99c8b577374de11da49804bf36edaacc73e1e7fec78d41ba1d33a7c4b6fab85c295d056271b220198c4ac3516de6eb3ffe102ed99ea26b4ee7e53adcd3e90ecdeca0d8218e1216954b5d079a08d6435273bff0f01bb1b49e99577f2e9f401f98204393e2a2b179c93d147e12fec4b0fea1c8ea2056f96148e4611154ca619166ee416fe29eaed3a7a3d14503a938b6d4fe47582ed954dfd205875554c1d7a739ed0c19bc078adc7c613949b23e28d46f141a355a4d821a083df23846e08fb40119995d486d4c5b9e7401ab4fa6d3750247880ff1ea219e7f8ac6cb8ddabd8081861ce954c86fcb3f04d75175d9915090df6f12e73634b3c5c9b78da619fc67992d0191dca1346836b8a0109f3dca06e53d4ea93426861c34f60969ace89d1373ced3f709feaf1f016dfab17b6d36a8487b796098ce95eb52b134a7d42ce4d14293d90e772ed48087d25c04d60db6c332e43855a7a95949beca36b9248da3d5efc463d50dce3daef87eaccdc5e7ca77d95168f25e5f83f011563242735e4d6c4042ebe5a84bfe670ea4ef45a22c6911405ece01deb7e2e55b87a59d7acadb8db3f5be806d4f9f3ce79d8874fbc120d15798f09f52302a2b3da6014bee4f0bc355c29ab88562ac9add07ec900770e7e18d8eb0328a05620b309d3637bbc4cd0cbae68eefc1587e53fe107850220b3dfbb662c327295e5828ce72a4a20c7c81fc82662d3dedae24d873465bb73ec67ae5c6f03f8df27dcc8a85d7da78dffaea48eeb60d9db20c6dc2306649b2a265d8c180d9893c4597962ef0529f3d9188802e37efd0130f6b11d7eeca1ef1bc69ec1041cbd15c36a29f7cebc9b8f54d041aa35d0ba9af8cf59a76ee46dee5f012387049d1bc529c9b1fe7cc2c266174c0a016a13666db74107fad7c6c1993b05a397d5a5071c5845ab74d5ef3dfcc299b3b26fdf126ff9ff0ce8820b89f4fa6411e2e0163e6aeac2f042dc63f1ca7044bd0b8f19b2cd33203a9e3684224143aa30ffa751"}, 0x418})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='tracefs\x00', 0x0, &(0x7f0000000000)='gid=2\x00nk]e')
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r2, 0x8910, &(0x7f00000000c0)={0x3, 0x76fffc, 0x401, 0x3, 0x8, "bb5dee433ea1090000000000000092cd00"})

10m16.913878748s ago: executing program 35 (id=1814):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r1 = fcntl$dupfd(r0, 0x0, r0)
read$ptp(r1, &(0x7f0000002700)=""/4096, 0x1000)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000005040)={0x0, 0x0, &(0x7f0000005000)={0x0}, 0x1, 0x0, 0x0, 0x20008041}, 0x10)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e04032420"], 0x7)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r1, 0x7ac, &(0x7f0000000080)={&(0x7f0000000100)={{@hyper}, {@local, 0x4000000}, 0x400, "02f5013836c14292297b85d10cb76ea6763eafe485535ee1c83642fab30d2da24264ba4df77db379834fb5c1cf39aff9c71e0250cde11ed43d0137656c93b27c9c948beca6ce13ea79cf53df53b5ea78f544a2cce2ba77dad5c0ae490c79eafaee7dfc06ec5543677e001bc25c732450d10c0390520b5d807bb72ed967c5ef9a05f0383388412a051299012948cdd9a7153869e40086f18c2ffbe9ddf3a0751c97da6a93ccd04bed4feb2361085162945e43767b16684225f90ed99667d533e35d13d1a40099fc8f3439fcaaaf6a85b31d54ddedab6eea3bf80920fb12050e96f57028c50911b562d9111c8bf6bbc7ed7c0c05f18c8473c242153a948b8e0247d65ba584e8da78fd1413132e00d22e78f975499aec2433203676dcd0495cf3b70793d73283b70985b41d699382e0cec99c8b577374de11da49804bf36edaacc73e1e7fec78d41ba1d33a7c4b6fab85c295d056271b220198c4ac3516de6eb3ffe102ed99ea26b4ee7e53adcd3e90ecdeca0d8218e1216954b5d079a08d6435273bff0f01bb1b49e99577f2e9f401f98204393e2a2b179c93d147e12fec4b0fea1c8ea2056f96148e4611154ca619166ee416fe29eaed3a7a3d14503a938b6d4fe47582ed954dfd205875554c1d7a739ed0c19bc078adc7c613949b23e28d46f141a355a4d821a083df23846e08fb40119995d486d4c5b9e7401ab4fa6d3750247880ff1ea219e7f8ac6cb8ddabd8081861ce954c86fcb3f04d75175d9915090df6f12e73634b3c5c9b78da619fc67992d0191dca1346836b8a0109f3dca06e53d4ea93426861c34f60969ace89d1373ced3f709feaf1f016dfab17b6d36a8487b796098ce95eb52b134a7d42ce4d14293d90e772ed48087d25c04d60db6c332e43855a7a95949beca36b9248da3d5efc463d50dce3daef87eaccdc5e7ca77d95168f25e5f83f011563242735e4d6c4042ebe5a84bfe670ea4ef45a22c6911405ece01deb7e2e55b87a59d7acadb8db3f5be806d4f9f3ce79d8874fbc120d15798f09f52302a2b3da6014bee4f0bc355c29ab88562ac9add07ec900770e7e18d8eb0328a05620b309d3637bbc4cd0cbae68eefc1587e53fe107850220b3dfbb662c327295e5828ce72a4a20c7c81fc82662d3dedae24d873465bb73ec67ae5c6f03f8df27dcc8a85d7da78dffaea48eeb60d9db20c6dc2306649b2a265d8c180d9893c4597962ef0529f3d9188802e37efd0130f6b11d7eeca1ef1bc69ec1041cbd15c36a29f7cebc9b8f54d041aa35d0ba9af8cf59a76ee46dee5f012387049d1bc529c9b1fe7cc2c266174c0a016a13666db74107fad7c6c1993b05a397d5a5071c5845ab74d5ef3dfcc299b3b26fdf126ff9ff0ce8820b89f4fa6411e2e0163e6aeac2f042dc63f1ca7044bd0b8f19b2cd33203a9e3684224143aa30ffa751"}, 0x418})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='tracefs\x00', 0x0, &(0x7f0000000000)='gid=2\x00nk]e')
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r2, 0x8910, &(0x7f00000000c0)={0x3, 0x76fffc, 0x401, 0x3, 0x8, "bb5dee433ea1090000000000000092cd00"})

4m53.328661566s ago: executing program 0 (id=2401):
r0 = epoll_create1(0x0) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = socket(0x2a, 0x2, 0x0)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000080)={'dummy0\x00', 0xfffffffd}) (async)
dup(r0)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) (async)
r5 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @dev}, 0x2}}, 0x2e) (async)
sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000007000000050013000000000014000800000000000000000000000000000000000c0016000000000000000000050012"], 0x44}}, 0x0) (async)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x80000, &(0x7f0000000100)=ANY=[@ANYRES64=r5, @ANYRESOCT=0x0, @ANYBLOB=',wfdno=', @ANYRESDEC=r1]) (async)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200)=@usbdevfs_connect)

4m52.728954484s ago: executing program 0 (id=2406):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x4a4})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}, 0x3})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f00000008c0)=[{0x0, 0x0, &(0x7f0000000800), 0x0, 0x0, 0x0, 0x400c0}], 0x1, 0x88000)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001080)=""/4096, 0x1000}], 0x1}, 0x2000)

4m51.645421713s ago: executing program 0 (id=2410):
socket$packet(0x11, 0x2, 0x300)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r2 = syz_open_dev$vbi(0x0, 0x3, 0x2)
ioctl$VIDIOC_S_PARM(r2, 0xc0cc5616, &(0x7f0000000480)={0x2, @capture={0x1000, 0x1, {0x10001, 0x6}, 0xd, 0x7}})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000dc0)={0x0, &(0x7f0000000200), 0x0, r3})
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x1, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000440)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x2000080})

4m48.210027225s ago: executing program 0 (id=2419):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x6, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xc000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001e0001002dbd"], 0x1c}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m46.725337369s ago: executing program 0 (id=2424):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmsg$nl_netfilter(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x14}, 0x4c8c0)
accept$phonet_pipe(r5, 0x0, 0x0)
dup2(r0, r0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x1c}, 0x3f}, 0x1c)
socket$netlink(0x10, 0x3, 0x8000000004)

4m46.5252886s ago: executing program 5 (id=2425):
io_setup(0x6, &(0x7f00000000c0)=<r0=>0x0)
r1 = syz_io_uring_setup(0x462, &(0x7f0000000040)={0x0, 0xe079, 0x80, 0x0, 0x2ed}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_WRITE_FIXED={0x5, 0x43, 0x0, @fd, 0x11e, 0x5, 0x0, 0x5, 0x0, {0x3}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITE_FIXED={0x5, 0x48, 0x2000, @fd, 0x0, 0x8, 0xd7, 0x4, 0x0, {0x3}})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_print_times', 0x20001, 0x0)
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000001500)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000100)='9', 0x20000101}])
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r5, 0x800, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x2}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x20048010}, 0x8000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x0)
r6 = landlock_create_ruleset(&(0x7f0000000140)={0x2000}, 0x10, 0x0)
r7 = landlock_create_ruleset(&(0x7f00000002c0)={0x2081, 0x3}, 0x18, 0x0)
landlock_restrict_self(r7, 0x0)
landlock_restrict_self(r6, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="12000000070000000800000008"], 0x50)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)=ANY=[@ANYRES32=r8, @ANYRES32=r9, @ANYRES64=r9], 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x3c, 0x10, 0x403, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x88afa5b4, 0x40}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x3}]}, 0x3c}}, 0x0)

4m44.697297587s ago: executing program 5 (id=2428):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a050600000000000000000100000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001405000d40460000001400"], 0x6c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r3, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4m44.511844056s ago: executing program 5 (id=2429):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r0, 0x29, 0xcf, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x80000)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r3 = memfd_create(&(0x7f0000000700)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\x00\x00\x00\x00\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc3Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x06.3(QF?\f\x05\xa4uY\xee\xab\x8a\xeb~\xed\xcb0\xb7\xe7\xe6?8g\x8aN\xda\x8f\x9d\xde\x1eNaS\x8fLk\xf1\x965N\x18\x8c\xb9=5\x991\xae\x89N\x13\xd1\xf7\xf0\x13\xb2\xaeS\xa1\x97\x18j\xea\x9f\xde\xb6\xd4\xdc\xe6*\x9c\xfdV\x82\x05', 0x2)
io_setup(0x5, 0x0)
openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_getevents(0x0, 0x3, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, 0x0, 0x0)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100), 0x10)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cf6, 0x0, 0x2, 0x3b9}, &(0x7f0000000480)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x47f6, 0x0, 0x2, 0x0, 0x0)
mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x3)
r6 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000000)={r3, 0x1, 0x1000, 0x2000})
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfd', @ANYRESHEX=r6])

4m44.428041547s ago: executing program 0 (id=2430):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000c40)='./file1\x00', &(0x7f00000000c0), 0xa18000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@loose}]}})

4m43.858729771s ago: executing program 5 (id=2432):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x800, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x34, 0x2, 0x0, "4a5ae5f6fb9826beb34789a56a62b5b92b9010128130e6d352b97b35207cf97d", 0x39555659}) (fail_nth: 1)

4m43.69793735s ago: executing program 6 (id=2433):
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)

4m43.614073558s ago: executing program 5 (id=2434):
syz_emit_vhci(&(0x7f0000000480)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_LOCAL_NAME={{0x3f}, 0x9}}}, 0x7)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
shmctl$SHM_LOCK(0x0, 0xb)

4m43.361408257s ago: executing program 6 (id=2435):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x9, &(0x7f0000000040)=ANY=[@ANYBLOB="1802000000000000000000000001000085100000010000009500000000000000184400000300000000000000000000008500000026000000950000000000000095"], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xa}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)={0x2c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x99}]}]}]}, 0x2c}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={<r6=>r5, @in6={{0xa, 0x3, 0x4, @dev={0xfe, 0x80, '\x00', 0xf}, 0x8}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r6, 0x4d9, 0x3}, &(0x7f00000000c0)=0xc)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x3, @mcast2, 0x5e8}, 0x1c)

4m43.336769437s ago: executing program 5 (id=2436):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x120002)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4})

4m42.965494008s ago: executing program 6 (id=2437):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x4a4})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000000000/0xc00000)=nil, 0xc00000}, 0x3})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f00000008c0)=[{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000400)="5151f857238cdcecda4bac5f69c20493967fc2d3fe8e8a4713973439bed924ecf5c59b183fedfaf1e8f1e1ec67e494df9a18a440bbfdaf11c9a593c51ba78f283d4380b48e23edcc", 0x48}, {&(0x7f0000000900)="5171acb7db9e9cd3f26e6d317ab57c7d416b5380374069bdec17507cce01a70e7a39a051fcfe8adce9036d51980a5ab12b54f38af3855d6fbb6d1f13758077ad2dc71828c93b1fa2caf6b23d81ed96c9cd6bfbe5f8b24deac094ad1ad05c21883f7e52a97a8873e7fa528c6d0184cab4369cd2fd20661d342ea50a0f0e6e791e4074ba1d28b73d788268fee0deacccecaab727f08503a5b2d2fa0200ba153401150946ac36e5d3d2be574196ff3af1", 0xaf}], 0x2, 0x0, 0x0, 0x400c0}], 0x1, 0x88000)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001080)=""/4096, 0x1000}], 0x1}, 0x2000)

4m42.817698966s ago: executing program 6 (id=2438):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000200)={0xc, r1})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, 0x0)

4m42.750905907s ago: executing program 6 (id=2439):
r0 = socket(0x11, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x2, 0x80802, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socket$inet6_tcp(0xa, 0x1, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0x143fc2, 0x1d8)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x40042, 0x121)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='pagemap\x00')
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x0, 0x4}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00006ec000/0x1000)=nil, &(0x7f00002c7000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000559000/0x4000)=nil, &(0x7f000008d000/0x1000)=nil, &(0x7f00005e2000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000021a000/0x1000)=nil, &(0x7f00005e1000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="0000000010000000660002000000ffb0180000000007000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000020b50a00000000000085"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
pipe(&(0x7f0000000100))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0208000004"], 0x48)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

4m42.496133595s ago: executing program 6 (id=2440):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r6)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x2c, r7, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)

4m24.145098943s ago: executing program 36 (id=2430):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000c40)='./file1\x00', &(0x7f00000000c0), 0xa18000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@loose}]}})

4m23.941489323s ago: executing program 37 (id=2436):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x120002)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4})

4m23.489496314s ago: executing program 38 (id=2440):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x900, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r6)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x2c, r7, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)

1m46.418852806s ago: executing program 2 (id=2635):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r4=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x30, r2, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x30}, 0x4, 0x700000000000000}, 0x0) (fail_nth: 1)

1m46.005551853s ago: executing program 2 (id=2636):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x15, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000650000000600000085100000010000009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x3}, 0x90)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0xf, 0x8, 0x0, 0x10, 0x0, 0x0, 0x25dfdbfe, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x20, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x32, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@dev={0xfe, 0x80, '\x00', 0x18}}}, @sadb_address={0x3, 0x6, 0x0, 0x20, 0x0, @in={0x2, 0x4e24, @private=0xa010101}}]}, 0x80}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000840)={0x24, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="5adf346effec125954989b69886770b1b7d9ecf5f683242df47fd0bfbb5f5c0eff7c2c64eadbcf5358ebf8c19f453abed6e79281910fda06cb0096a93860196fd2b7bd39ff46fb4976b04302cb34e545b3a1d4793d3e2893f1598e61a2103f8e64a76caa3c93a939eeba07cbcba8290fbaa27da1d2ae8f533a4c93c87e79f1c1659d06765743562b02864312e7700598f7daa9be092f0e85d96fb07364038c36f0cd9daccb904f8317b3", @ANYRES8=r1], 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
r3 = inotify_init1(0x0)
creat(&(0x7f00000005c0)='./file0\x00', 0x0)
inotify_add_watch(r3, &(0x7f00000019c0)='./file0\x00', 0x20)
inotify_add_watch(r3, &(0x7f0000001a40)='./file0\x00', 0x80000800)
r4 = fsopen(&(0x7f0000000100)='vfat\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x9]}}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x4058534c, &(0x7f00000002c0)={0x80, 0x6, 0xfffffffe, 0x0, 0x0, 0x1})
fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000040)='utf8', &(0x7f0000000080)="a6c5", 0x2)
ioctl$HIDIOCGUSAGE(r2, 0xc018480b, &(0x7f00000000c0)={0x3, 0xffffffff, 0x81, 0x3, 0x21185048, 0xffffffb3})

1m42.236512532s ago: executing program 2 (id=2646):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000400)={'wpan0\x00', <r3=>0x0})
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x30, r1, 0xb, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r4}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x20008800)

1m41.787655876s ago: executing program 2 (id=2650):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000080)={0x6, 0x8, [0x6, 0x8]}) (fail_nth: 1)

1m41.309771681s ago: executing program 2 (id=2653):
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="0000000000000000001e7bfba19c1a7f9c000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r1, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r2, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000180), &(0x7f0000000340)=r0}, 0x20)
r3 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r3, 0xc008551b, &(0x7f0000000080)={0x6, 0x8, [0x6, 0x8]})

1m41.108185876s ago: executing program 2 (id=2656):
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$rds(0x15, 0x5, 0x0)
unshare(0x28000600)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000480)=[@cswp={0x58, 0x114, 0x7, {{0x8, 0x18ebc614}, &(0x7f0000000080), 0x0, 0x0, 0x6d9, 0x2, 0x6, 0x8, 0x6}}, @cswp={0x58, 0x114, 0x7, {{0x48d}, 0x0, 0x0, 0xfffffffffffffff6, 0x8, 0x1b6, 0x7fff, 0x32, 0x10001}}], 0xb0}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1b)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x28, &(0x7f0000000240)=ANY=[@ANYBLOB='max=000000020000000000'])
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x44, 0x2, 0x6, 0x3, 0x0, 0x0, {0xd}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
syz_emit_ethernet(0xd2, &(0x7f0000000200)={@local, @random="6a2ddcf6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0xc4, 0x0, 0x0, 0xff, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x2c, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x3ff, 0x2cc}, @mptcp=@remove_addr={0x1e, 0x8f, 0x0, 0x0, "822a963f76a61f2d7c5d3d441cb8bdc8a7eff2f94ebf03ff3be58a3c05c90a236aae645aae45bf5641d03a0012020680e2840fc1f59a586cd7ffb022d8c95657f5681d294a8e831345886f268ed68b42c86f1f28c7162d99347c3bbaa2090ad0e3cf5877a37237341fd3812797a428b486527c0eda5a1368f9d39e44ec92f166c8cb4d970219588815ca7533"}]}}}}}}}, 0x0)
accept4(r0, &(0x7f0000000140)=@can, &(0x7f00000001c0)=0x80, 0x80000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8022}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000000806030000000000000000000200000805000100070000000900020073797a32000000000900020073797a30000000003e981ffc22a71180aa3461"], 0x34}, 0x1, 0x0, 0x0, 0x4004010}, 0x4)

1m23.996961099s ago: executing program 39 (id=2656):
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$rds(0x15, 0x5, 0x0)
unshare(0x28000600)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000480)=[@cswp={0x58, 0x114, 0x7, {{0x8, 0x18ebc614}, &(0x7f0000000080), 0x0, 0x0, 0x6d9, 0x2, 0x6, 0x8, 0x6}}, @cswp={0x58, 0x114, 0x7, {{0x48d}, 0x0, 0x0, 0xfffffffffffffff6, 0x8, 0x1b6, 0x7fff, 0x32, 0x10001}}], 0xb0}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1b)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x28, &(0x7f0000000240)=ANY=[@ANYBLOB='max=000000020000000000'])
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x44, 0x2, 0x6, 0x3, 0x0, 0x0, {0xd}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
syz_emit_ethernet(0xd2, &(0x7f0000000200)={@local, @random="6a2ddcf6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0xc4, 0x0, 0x0, 0xff, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x2c, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x3ff, 0x2cc}, @mptcp=@remove_addr={0x1e, 0x8f, 0x0, 0x0, "822a963f76a61f2d7c5d3d441cb8bdc8a7eff2f94ebf03ff3be58a3c05c90a236aae645aae45bf5641d03a0012020680e2840fc1f59a586cd7ffb022d8c95657f5681d294a8e831345886f268ed68b42c86f1f28c7162d99347c3bbaa2090ad0e3cf5877a37237341fd3812797a428b486527c0eda5a1368f9d39e44ec92f166c8cb4d970219588815ca7533"}]}}}}}}}, 0x0)
accept4(r0, &(0x7f0000000140)=@can, &(0x7f00000001c0)=0x80, 0x80000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8022}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000000806030000000000000000000200000805000100070000000900020073797a32000000000900020073797a30000000003e981ffc22a71180aa3461"], 0x34}, 0x1, 0x0, 0x0, 0x4004010}, 0x4)

1m3.153625873s ago: executing program 4 (id=2730):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x800)
accept$phonet_pipe(r5, 0x0, 0x0)

59.409637191s ago: executing program 4 (id=2734):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000400)={'wpan0\x00', <r3=>0x0})
r4 = syz_open_procfs$namespace(0x0, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x30, r1, 0xb, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r4}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x20008800)

57.843787009s ago: executing program 4 (id=2737):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
bind(r1, &(0x7f0000001d80)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e23, 0x1, @private2, 0x80000001}}, 0x80)
r2 = socket(0x10, 0x803, 0x0)
r3 = syz_open_dev$media(&(0x7f0000000180), 0x3e, 0x40)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000240)={0x200b})
epoll_wait(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0xdd9)
bind$netlink(r2, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x4000}, 0xc)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x0, 0x2e2c1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x1}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x4}]}}}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x50}, 0x1, 0x0, 0x0, 0x48044}, 0x0)
r6 = io_uring_setup(0x2f04, &(0x7f000000c480)={0x0, 0xa868, 0x1, 0x20001, 0x20002d6})
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000001680), 0x24)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000380)={0x6, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)=""/251, 0xfb}], 0x0, 0x1}, 0x20)
r7 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x653f, 0x0, 0x0, 0x135, 0x0, r6})
io_uring_register$IORING_REGISTER_FILES(r7, 0x1e, &(0x7f0000000280)=[r6], 0x1)
sendmsg$nl_route(r0, &(0x7f0000024c80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="4400000010000d042abd7000077bf70000000000", @ANYRES32=r4, @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x40044}, 0x0)

57.433226228s ago: executing program 4 (id=2740):
getpid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x12)
io_setup(0x735c, &(0x7f0000000980))
r4 = open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_IRQFD(r6, 0x4020ae76, 0x0)
ioctl$KVM_SET_IRQCHIP(r6, 0xae64, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000000000000000000002"], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x10000, @value=r4}, 0x28)
r8 = eventfd2(0x94b0, 0x40001)
write$eventfd(r8, &(0x7f00000000c0)=0x9, 0x8)
sendmsg$nl_generic(r7, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000003f000107000000009b00000003"], 0x18}}, 0x0)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYRESDEC=r1, @ANYRESHEX=0x0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRES64=r2, @ANYRES64=r7, @ANYRES32=r9])
read$FUSE(r9, &(0x7f000000c3c0)={0x2020}, 0x2020)

53.826425298s ago: executing program 4 (id=2745):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000240)={'gre0\x00', <r2=>0x0, 0x40, 0x8000, 0xd2000, 0x2, {{0x32, 0x4, 0x1, 0x3, 0xc8, 0x68, 0x0, 0xa2, 0x4, 0x0, @private=0xa010102, @private=0xa010102, {[@timestamp_prespec={0x44, 0x14, 0xd9, 0x3, 0x7, [{@rand_addr=0x64010100, 0x10002000}, {@empty, 0x2}]}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x2c, 0x79, 0x1, 0x1, [{@empty, 0x6}, {@broadcast, 0xfffffff7}, {@remote, 0x7}, {@private=0xa010101, 0x1c}, {@local, 0x7}]}, @generic={0x7, 0x9, "663b82a181817b"}, @cipso={0x86, 0x32, 0x0, [{0x0, 0x5, "ece32b"}, {0x0, 0x9, "861a26af664d3b"}, {0x0, 0x3, "ac"}, {0x7, 0xa, "359ceda08ac0c582"}, {0x7, 0xc, "b97f887b7ddd6c5aea06"}, {0x7, 0x5, "531195"}]}, @timestamp_prespec={0x44, 0x34, 0x53, 0x3, 0x0, [{@remote, 0x99}, {@multicast1, 0x60000}, {@empty, 0x1}, {@remote, 0x6}, {@dev={0xac, 0x14, 0x14, 0x3d}, 0xe}, {@dev={0xac, 0x14, 0x14, 0x10}, 0x7ff}]}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@RTM_NEWMDB={0x18, 0x54, 0x10, 0x70bd28, 0x25dfdbfb, {0x7, r2}}, 0x18}, 0x1, 0x0, 0x0, 0x240480d4}, 0x8000)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000)
statx(0xffffffffffffffff, &(0x7f00000030c0)='./cgroup/../file0\x00', 0x7400, 0x100, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

41.414337618s ago: executing program 4 (id=2763):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
preadv2(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000300)=@gcm_128={{0x303}, "fc674d000000f8f7", "c5991ee20139b401046a89606ffcf92e", "2c5be7c6", "a0ca05c0707e52f4"}, 0x28)
syz_emit_ethernet(0x42, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffff12aaaaaaaaaa000800480008000000000000019078ac1e0001ac1414bb440c080b00000000000000000d08907800000000000000000000000000000000a9ba1d5099e93b73855c5e97af9bd8681c7c"], 0x0)
unshare(0x2020480)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
setitimer(0x0, 0xffffffffffffffff, 0x0)

16.667711619s ago: executing program 9 (id=2801):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257075bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000071000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b257183fa3bcd48666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09601f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebd00000000000000005839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dcc718a09f4886afc26abba34635d0e8b54bc76be40d435aa8b5202db761014b1b999a12df6bee431a666100"/296], &(0x7f0000000100)='GPL\x00'}, 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r1 = socket$inet6(0xa, 0x4, 0x5)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c)
r2 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000480), 0x4)
r3 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0xfffffffd, @loopback={0x9d}, 0xa77}, 0x1c)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000040)="66b9800000c026f20f00d26635000100000f30c1e0178e67750f015806f3646a970f20c06635000000800f22c066b9800000c00f326635000400000f30670f6b07f083324d0f01f1", 0x48}], 0x1, 0x52, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x428202, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}}, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_usb_connect$uac1(0x3, 0x93, &(0x7f0000000640)=ANY=[@ANYBLOB="1201da22000000086b1d0101000001020301090281000301f580040201020724080b0802090c24020600022200090401010101420000090501090800006102072501020304000904020000010200d00e00006e0980000000000000010102000007240102050210082402014014b3050905820928000465ac3400000050ff070000000000000000000000000000000000000000000000006c98593188ed689e5b55"], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$tipc(r2, &(0x7f0000000400)={&(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000600)="d0972de07653518365c6f46c9fdbaa2ab307066119443e373a59d672de1c6fbaf9", 0x21}], 0x1, 0x0, 0x0, 0x4c840}, 0x24000001)
recvmmsg(r2, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000a40)=""/179, 0xb3}], 0x1, &(0x7f0000000580)=""/103, 0x67}, 0xfffffffc}], 0x1, 0x12260, 0x0)
r7 = syz_open_dev$usbmon(&(0x7f00000001c0), 0xfffffffffffffffa, 0x480800)
ioctl$MON_IOCX_MFETCH(r7, 0xc0109207, &(0x7f0000000280)={&(0x7f0000000240)=[0x0, 0x0], 0x2, 0x5})
syz_open_dev$tty20(0xc, 0x4, 0x1)

12.265662765s ago: executing program 9 (id=2803):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x3, r2, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1}) (fail_nth: 1)

11.705479917s ago: executing program 9 (id=2805):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c0001800900010068617368000000002c000280080007400000000008000340000000160800014000ff00120800024000000000080004400000000020000180080001006e61740014000280080003400000000008000540000000000900010073797a30"], 0x150}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x64, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x37}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xed}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x64}}, 0x0)

8.940400893s ago: executing program 9 (id=2809):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257075bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000071000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b257183fa3bcd48666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09601f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebd00000000000000005839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dcc718a09f4886afc26abba34635d0e8b54bc76be40d435aa8b5202db761014b1b999a12df6bee431a666100"/296], &(0x7f0000000100)='GPL\x00'}, 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r1 = socket$inet6(0xa, 0x4, 0x5)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c)
r2 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000480), 0x4)
r3 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0xfffffffd, @loopback={0x9d}, 0xa77}, 0x1c)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000040)="66b9800000c026f20f00d26635000100000f30c1e0178e67750f015806f3646a970f20c06635000000800f22c066b9800000c00f326635000400000f30670f6b07f083324d0f01f1", 0x48}], 0x1, 0x52, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x428202, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}}, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_usb_connect$uac1(0x3, 0x93, &(0x7f0000000640)=ANY=[@ANYBLOB="1201da22000000086b1d0101000001020301090281000301f580040201020724080b0802090c24020600022200090401010101420000090501090800006102072501020304000904020000010200d00e00006e0980000000000000010102000007240102050210082402014014b3050905820928000465ac3400000050ff070000000000000000000000000000000000000000000000006c98593188ed689e5b55"], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$tipc(r2, &(0x7f0000000400)={&(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000600)="d0972de07653518365c6f46c9fdbaa2ab307066119443e373a59d672de1c6fbaf9", 0x21}], 0x1, 0x0, 0x0, 0x4c840}, 0x24000001)

7.07333002s ago: executing program 7 (id=2813):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="4000000010003b"], 0x40}}, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000180)=0x84000000)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f0000000080)=0x6100204)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x28, 0x52, 0x1, 0x0, 0x0, {0x1c}, [@typed={0x14, 0x2, 0x0, 0x0, @ipv6=@dev}]}, 0x28}}, 0x0)

5.639281998s ago: executing program 9 (id=2814):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100ff2bbe11a5ce7879edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7", 0x31, 0x20000000, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_emit_ethernet(0x17b, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaa"], 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)=@x86={0xa0, 0xfd, 0x5, 0x0, 0x3, 0x3, 0xb, 0x1, 0xf8, 0x19, 0x7, 0x3, 0x0, 0x9d, 0x1, 0x7, 0x6, 0x40, 0x0, '\x00', 0x4, 0xcaa})
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f00000002c0)=0x10000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4000}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x14}]}]}, 0x5c}}, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r6 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x3, @remote}, 0x10)
sendmmsg$inet(r6, &(0x7f0000005240), 0x4000095, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x100, 0x0)
syslog(0x4, &(0x7f0000000140)=""/179, 0xb3)

5.440612873s ago: executing program 8 (id=2815):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000040))

5.379729511s ago: executing program 8 (id=2816):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window, @mss, @window, @window], 0x20000000000000e4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
r7 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0x30000019})
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000000c0)=0x6)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
timerfd_create(0x8, 0x0)

4.026174813s ago: executing program 7 (id=2817):
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0xb4b, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xfffffffd}, 0x8, 0x10, &(0x7f0000000880)={0x0, 0x9}, 0x10}, 0x94)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f00000000c0)={0x400002, 0xffffffffffffffff, 0x1})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x40fa1f24de734a8f, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

3.903747409s ago: executing program 7 (id=2818):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r0}, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000140)={0x18, 0x0, {0x0, @remote, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x2, @broadcast, 'veth1\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)
close(0x4)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), 0xffffffffffffffff)
r4 = socket$inet_icmp(0x2, 0x2, 0x1)
sendmmsg$inet(r4, &(0x7f0000000c40)=[{{0x0, 0x0, &(0x7f0000000840)=[{0x0}, {&(0x7f0000001480)="76bfec8a4de7a2b2", 0x8}], 0x2}}], 0x1, 0x20004804)
sendmsg$IEEE802154_LLSEC_LIST_KEY(0xffffffffffffffff, 0x0, 0x4008008)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', 0x0, 0x0)
r6 = gettid()
r7 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, 0x0)
preadv(r7, &(0x7f0000001cc0)=[{&(0x7f0000000200)=""/126, 0x7e}], 0x1, 0x0, 0xa3)
tkill(r6, 0xb)
close_range(r3, 0xffffffffffffffff, 0x0)

3.478904212s ago: executing program 8 (id=2819):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a010200000000000000000100fffe0900010073797a30000000000900030073797a3213000000dc000000060a010400000000000000000100000508000b4000000000b4000480200001800d00010073796e70726f7879000000000c000280060001400000000034000180080001006c6f670028000280080006400000000d110002402b24292d2d2a5d24402c2d400000000006000440000700003c0001800900010068617368000000002c000280080007400000000008000340000000160800014000ff00120800024000000000080004400000000020000180080001006e61740014000280080003400000000008000540000000000900010073797a30"], 0x150}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x64, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x37}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xed}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x64}}, 0x0)

3.362505383s ago: executing program 7 (id=2820):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000003b80)='gid_map\x00')
read$FUSE(r1, &(0x7f0000027c40)={0x2020}, 0x2020)
pread64(r1, &(0x7f0000000080)=""/229, 0xe5, 0xc8b)
prlimit64(0x0, 0xa, &(0x7f0000000380)={0x200000000000008, 0x88}, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000180)={0x63})

1.891111937s ago: executing program 7 (id=2821):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x54}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x64, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x37}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xed}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x64}}, 0x0)

1.857773383s ago: executing program 8 (id=2822):
socket(0x2, 0x80805, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x1, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYRES64=r3, @ANYRES64=r1, @ANYBLOB="01000000000000002400128009000100626f6e6400000000140002800500010004"], 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x20010000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700ff01000000000000000000000000000108000a00", @ANYRES32=r5], 0x54}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x0)
close(0x3)
recvmmsg(r6, &(0x7f00000020c0)=[{{&(0x7f0000000240)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/254, 0xfe}, {&(0x7f0000002280)=""/74, 0x4a}], 0x2, &(0x7f0000000500)=""/247, 0xf7}, 0x3}, {{&(0x7f0000000600)=@sco={0x1f, @none}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000680)=""/120, 0x78}], 0x1, &(0x7f0000000740)=""/69, 0x45}, 0x3}, {{&(0x7f00000007c0)=@nfc, 0x80, &(0x7f0000001880)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1, &(0x7f0000001880)}, 0x401}, {{&(0x7f00000018c0)=@caif=@rfm, 0x80, &(0x7f0000001ac0)=[{&(0x7f0000001940)=""/33, 0x21}, {&(0x7f0000001980)=""/34, 0x22}, {&(0x7f00000019c0)=""/254, 0xfe}], 0x3, &(0x7f0000001b00)=""/138, 0x8a}, 0x800}, {{0x0, 0x0, &(0x7f0000001d00)=[{&(0x7f0000001bc0)=""/68, 0x44}, {&(0x7f0000001c40)=""/133, 0x85}], 0x2}, 0x4}, {{&(0x7f0000001d40)=@ethernet={0x0, @local}, 0x80, &(0x7f0000001f80)=[{&(0x7f0000001dc0)=""/156, 0x9c}, {&(0x7f0000001e80)=""/75, 0x4b}, {&(0x7f0000001f00)=""/79, 0x4f}], 0x3, &(0x7f0000001fc0)=""/248, 0xf8}, 0x42}], 0x6, 0x10000, &(0x7f0000002240)={0x77359400})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
socket(0x28, 0x5, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r7, 0x6, 0x3, &(0x7f0000000000)=0x34, 0x4)
connect$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)

421.808663ms ago: executing program 9 (id=2823):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, &(0x7f0000000780)}, 0x20)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d000000010902240001000000000904000002214c6a0009050702000000da000905890e"], 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x0, 0x8000000}, 0x14}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b52, &(0x7f0000000000))
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f0000000380)={0x20, 0x16}, 0x0, 0x0})
r3 = socket$inet6(0xa, 0x5, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="200000001500010027bd7000ffdbdf2502003800", @ANYRES32=r4], 0x20}], 0x1}, 0x4000)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @multicast1}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000140)=[@in={0x2, 0x0, @loopback}], 0x10)
syz_usb_control_io(r1, 0x0, 0x0)

208.947223ms ago: executing program 7 (id=2824):
r0 = socket$inet6_sctp(0xa, 0x4, 0x84)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000000)={<r1=>0x0, 0x800}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={r1, 0x101}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000100)={0x2, [0x0, 0x0]}, &(0x7f0000000140)=0xc)
r2 = socket$caif_stream(0x25, 0x1, 0x5)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000180)={<r3=>r2, 0x1, 0x0, 0x5})
openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000001c0), 0x20000)
r4 = semget(0x0, 0x3, 0x4a0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r5=>r0, {0xffffffffffffffff, <r6=>0xee01}}, './file0\x00'})
ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000000240)=<r7=>0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000280)={<r8=>0x0, 0x0, <r9=>0x0}, &(0x7f00000002c0)=0xc)
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000300)={{0x2, 0x0, r6, r7, r9, 0x106, 0x8cc}, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3})
creat(&(0x7f0000000380)='./file0\x00', 0x0)
r10 = socket$inet_sctp(0x2, 0x5, 0x84)
syz_usb_connect(0x3, 0x314, &(0x7f00000003c0)={{0x12, 0x1, 0x200, 0xf2, 0xce, 0x25, 0x10, 0x14c8, 0x3, 0x1b54, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x302, 0x2, 0x4, 0x6, 0xa0, 0x2, [{{0x9, 0x4, 0x4f, 0xc5, 0x8, 0x4d, 0x46, 0x5e, 0x3, [@uac_as={[@as_header={0x7, 0x24, 0x1, 0x67, 0x2, 0x1002}, @format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0xf9, 0x1, 0x9, 0x3, "0fc922647574f65c26"}, @as_header={0x7, 0x24, 0x1, 0xff, 0x31, 0x1}, @as_header={0x7, 0x24, 0x1, 0xc, 0x5, 0x4}]}], [{{0x9, 0x5, 0x9, 0x1, 0x18, 0xd, 0x0, 0x1, [@generic={0xf0, 0x1, "59461f53108cec895abcdaea08cdfca2d5d9324e724709be5fe6cc97407fa25707c5f804a695280f34a9d5327d56c7259634cea0a0a11608e56467ddb8ce8c05e21270edfaeb0cd8641c485633ce9f02c2911acdd012520219cd0bbfd069c76dde8086de6f448d14b63ef652f46b598336f30134879b6fbabf88941dabd39b92df08c3b7e780b76f861d6c7c0d9b335bc29fc10e822fa929f48416ee876b3136410d2c8b22060f792c9e49ee9ee9aa7463e2386a027c7060c95bd1a79c2811c09495b409baa244abbc348ba200479033b447875430ad1969481e94082495b1ef383a6bc833d68fe3e76f62e50d28"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x9}]}}, {{0x9, 0x5, 0xb, 0x10, 0x40, 0x7, 0x8, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x6, 0x9}]}}, {{0x9, 0x5, 0xd, 0x1e, 0x400, 0x6, 0x0, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3, 0x80}]}}, {{0x9, 0x5, 0x2, 0x0, 0x3ff, 0x8, 0x3, 0x5d}}, {{0x9, 0x5, 0x5, 0x0, 0x10, 0x8, 0xe, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xff, 0xff}]}}, {{0x9, 0x5, 0x1, 0xc, 0x3ff, 0x0, 0x67, 0x8}}, {{0x9, 0x5, 0x80, 0x0, 0x20, 0x81, 0x6, 0xd2, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0xfc, 0x3}]}}, {{0x9, 0x5, 0xe, 0x10, 0x10, 0x2, 0xb0, 0x8, [@generic={0x47, 0x5, "0d763f601d07e2b304aec39e193c3166c1bae553d93d527c88a92594936158e5a4121497b5d88b2b664e74bf2cd80c015672f47d937c1ebcb1cdc9f1b4c0dffa4a4bd44340"}, @uac_iso={0x7, 0x25, 0x1, 0x40, 0x8, 0x4}]}}]}}, {{0x9, 0x4, 0x60, 0x86, 0x2, 0x36, 0xeb, 0x41, 0x4, [@generic={0xfd, 0x31, "2df43f4e9c367cb154036af5c3067b110e04ceb2c446d291b2b531554b658856a44b635db48016a782f765d958d1011bb7a93766a658c63ca6c0279176f4fe3254791a3c9cca15071bbe56f7ae058cdc5468fa4fe31855aba62848f048a320605d006b27587658ac79bb655865d782d597641117d59567d356b9c76a652495e5045934d0f7dac4d836d7807912f7b751cd9c7063245fc18f2266bf17a248dc15c6af7dfd4772ad8d61713339e416d69f73b4fb652d5e379036483c7a464be3e63a8ff9d64654f84eb77c306989faf47afb65cff5d24dd7e889d0e642f48e327233c26890d2557a299e5190d798bc3b2fdddc696ea6f7f201df6cc1"}, @hid_hid={0x9, 0x21, 0x8000, 0x2, 0x1, {0x22, 0x713}}], [{{0x9, 0x5, 0x1, 0x10, 0x10, 0x2, 0x9, 0xb9}}, {{0x9, 0x5, 0x8, 0x10, 0x20, 0x34, 0x5, 0x1}}]}}]}}]}}, &(0x7f0000000980)={0xa, &(0x7f0000000700)={0xa, 0x6, 0x110, 0x2, 0xa, 0x85, 0x20, 0x5}, 0x8d, &(0x7f0000000740)={0x5, 0xf, 0x8d, 0x6, [@generic={0x23, 0x10, 0xa, "8b469be2bfa5c0195fb4d4f9c9d56a8bd097cc0b60e908fbc2fc4f44f8c3c0fc"}, @ssp_cap={0x1c, 0x10, 0xa, 0x0, 0x4, 0x6, 0xf000, 0x1fe, [0xffc0, 0x30, 0xc0c0, 0xff00]}, @ss_container_id={0x14, 0x10, 0x4, 0x2, "2538702b2feb91ab8f5f0c762a71f98d"}, @ssp_cap={0x20, 0x10, 0xa, 0x4, 0x5, 0x8, 0xf, 0x4, [0xc0f0, 0x60, 0xc0c0, 0x3f00, 0x3f00]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x7, 0x9, 0xc7}, @wireless={0xb, 0x10, 0x1, 0x2, 0xd, 0x4, 0x9, 0x6, 0x4}]}, 0x4, [{0x4, &(0x7f0000000800)=@lang_id={0x4, 0x3, 0x444}}, {0x4, &(0x7f0000000840)=@lang_id={0x4, 0x3, 0x40f}}, {0x99, &(0x7f0000000880)=@string={0x99, 0x3, "5de9757032bd73355884a3742a98dc71a5009f52d0bc8830017c4ea9db3ae5205db46aff4968aad77bdfd15d8afe67a1c215664162ba81b9fab3e79dc0ccfa8432cba7098ead983eaee96e7f285bc4a235b89edc78f31dc298f08c01116d42a7cab3ed3aca909323ffc6212b26d5692902b1d71d7d277c77ab949f7ae55035340491169abada2f16073ee21d24808e4309116b71122ea0"}}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x300a}}]})
syz_kvm_setup_cpu$x86(r5, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000a80)=[@text64={0x40, &(0x7f0000000a00)="66460f388023f30f2b447413f02159cfc744240080000000c74424023c250000ff1c24400f231ef3a5c744240041040000c744240217000000c7442406000000000f011424c40385cf3600450f01c8c744240042000000c744240200300000ff2c24", 0x62}], 0x1, 0x6, &(0x7f0000000ac0)=[@cstype3={0x5, 0x2}], 0x1)
ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f0000000b40)=@attr_other={0x0, 0x498, 0x8c, &(0x7f0000000b00)})
ioctl$HIDIOCGRDESC(r3, 0x90044802, &(0x7f0000000b80)={0x334, "002adba10dd0c76b1b3994c687b47e3b5bc7b7a81c6792039fd8f91fdc7c4c90a1cb3971763ca95078324ab9ff6f39fdfc1ca18dad6db39960b4be0b925aa5d775ea274ed5c2b1f463d7cfacdfe3ba00096a7253eaa7be850ca8cab031e0318c904bce33fb2005622fb7213f17c2f390ac537a397713515da807959d7387cd83b6db3b16979cecda6920d139995ade2a28a5c9dfce05f562dec30206adc78e289dea0a6eaca61b5483c5cf3bbb5a9df679195346589f89eb167186dc8b884a277fd791b204e5b0a712b4dc2a2dc33ea33a91f33163cabe0cbefbed456a9c8399f091f73eaad0497916bbff4638ea56bc847bc7b16e57e278df41379e7e6c6c82ac9f31739daf8868d16a674111d4e6617269d5b21ceda225f61aa036889d1abf9e154970a2d04e2fc36bd37e52a824551f4f63771f60aa2879d3f6edeeb70d1576f03964259df9b4aacef765d64548e0a2057d4b4d9be3dd1a3840f8ae91bad77e31e7eaff7f47396a5cdeffb5c2f7cb466a7ae53b39022386b0456449292d64a2dbf471c29e7a796f4f14614111a36dc4803027814c64e979e99530ce6bf449553984cb18e8bbcdc880351a7568067ac60b9cd68a5c8907994a9d7b386277a1090002bdabd27f611e7fede9fcd0543c38dc4427ef449278271b7f349272c79d1cea1c1afe0865fff6250b05662b47b957eafec5d59008c9211d4a7d117953454328db2b5e4b799ad032240f3cd9d8e778bb123bfbf0e9ae5638ebe8442e2e107b1c86548361a3de0e51b0d3e3ab9c88fcc3cc1a6e9546f6cac946d45f9ffae2a99b6436b522155383a6ad62b91e93efbfb98c6d9ee4942936ca8217e1396e480b7da68b1c1507fe16aefec8ad2dcc169e35d904529182e612647cbb7b015299977fdbf121e58a7a55d16944d382272a814468a1df7537da2e2d5ba6bbe7e91857eccf06e93240c7c048967414886bfdb4c88c6f73d66dc776923167fba7f596c5953f97f68fbeb9bebb8ab53e2cf224f583397ad1fd2f2869b31d6170ca540a1873f3dcc3db1ffb98f855198f719cf042e5caeb1ff36a44c2f92bb8ccf553e4a36259aa6cf0e58c8ff05806d7af6fcc5f976e33cbe8378f0b570eaf97860058be096d1620ac98fc62336219ac83d268a16e4dea"})
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xf)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$DRM_IOCTL_RM_MAP(r5, 0x4028641b, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000ff2000/0x2000)=nil})
r11 = semget(0x1, 0x1, 0x410)
semctl$IPC_RMID(r11, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000f40)={{0x9, 0x0, 0xffff, 0x6, '\x00', 0x2}, 0x6, 0x10000000, 0x8, r8, 0xa, 0xe, 'syz1\x00', &(0x7f0000000f00)=['&\x00', '.!\x00', '\x00', '\'\x00', '\\]}@\x00', '/dev/qrtr-tun\x00', '-\x00', '/dev/qrtr-tun\x00', '/dev/qrtr-tun\x00', '}#):\x00'], 0x3e})
sendmsg$IPSET_CMD_GET_BYINDEX(r10, &(0x7f0000001140)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x34, 0xf, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x1}, [@IPSET_ATTR_INDEX={0x6, 0xb, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040080}, 0x8000)

100.961074ms ago: executing program 8 (id=2825):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000e00)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000bc0)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})

0s ago: executing program 8 (id=2826):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="4000000010003b"], 0x40}}, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000180)=0x84000000)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f0000000080)=0x6100204)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x28, 0x52, 0x1, 0x0, 0x0, {0x1c}, [@typed={0x14, 0x2, 0x0, 0x0, @ipv6=@dev}]}, 0x28}}, 0x0)

kernel console output (not intermixed with test programs):

.596912][T13871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1331.650709][T13995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1331.651004][T13995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1331.660927][ T5879] usb 9-1: USB disconnect, device number 6
[ 1331.762012][T13873] team0: Port device team_slave_1 added
[ 1331.851131][T13871] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1331.851146][T13871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1331.851167][T13871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1331.857539][T13866] hsr_slave_0: entered promiscuous mode
[ 1331.859556][T13866] hsr_slave_1: entered promiscuous mode
[ 1331.862280][T13866] debugfs: 'hsr0' already exists in 'hsr'
[ 1331.862354][T13866] Cannot create hsr debugfs directory
[ 1332.095095][ T3530] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1332.486748][T13869] hsr_slave_0: entered promiscuous mode
[ 1332.487930][T13869] hsr_slave_1: entered promiscuous mode
[ 1332.495581][T13869] debugfs: 'hsr0' already exists in 'hsr'
[ 1332.495656][T13869] Cannot create hsr debugfs directory
[ 1332.661573][ T3530] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1332.722421][T13873] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1332.722435][T13873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1332.722463][T13873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1332.902545][T13873] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1332.902560][T13873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1332.902581][T13873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1333.235092][ T3530] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1333.403550][T13871] hsr_slave_0: entered promiscuous mode
[ 1333.404595][T13871] hsr_slave_1: entered promiscuous mode
[ 1333.405284][T13871] debugfs: 'hsr0' already exists in 'hsr'
[ 1333.405303][T13871] Cannot create hsr debugfs directory
[ 1333.683276][ T3530] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1333.764002][T14011] ip6gretap0: entered promiscuous mode
[ 1333.764423][T14011] vlan2: entered promiscuous mode
[ 1334.231425][T13873] hsr_slave_0: entered promiscuous mode
[ 1334.232620][T13873] hsr_slave_1: entered promiscuous mode
[ 1334.235556][T13873] debugfs: 'hsr0' already exists in 'hsr'
[ 1334.235584][T13873] Cannot create hsr debugfs directory
[ 1334.298830][T10954] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1334.469929][T10954] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1334.469960][T10954] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1334.469986][T10954] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1334.470010][T10954] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1334.470052][T10954] usb 9-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1334.470084][T10954] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1334.476061][T10954] usb 9-1: config 0 descriptor??
[ 1334.690365][T14016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1334.691103][T14016] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1334.694887][T14016] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2485'.
[ 1334.748285][T10954] hdpvr 9-1:0.0: unexpected answer of status request, len -32
[ 1334.748313][T10954] hdpvr 9-1:0.0: device init failed
[ 1334.748384][T10954] hdpvr 9-1:0.0: probe with driver hdpvr failed with error -12
[ 1334.891888][T10954] usb 9-1: USB disconnect, device number 7
[ 1335.449169][T14019] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2486'.
[ 1337.060353][ T3530] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1337.278855][ T5879] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1337.364139][ T3530] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1337.438070][ T5879] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x64, changing to 0x4
[ 1337.438106][ T5879] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 1337.438140][ T5879] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1337.438157][ T5879] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.477261][ T5879] usb 9-1: config 0 descriptor??
[ 1337.695299][ T5879] ath6kl: Failed to submit usb control message: -71
[ 1337.695356][ T5879] ath6kl: unable to send the bmi data to the device: -71
[ 1337.695372][ T5879] ath6kl: Unable to send get target info: -71
[ 1337.696365][ T5879] ath6kl: Failed to init ath6kl core: -71
[ 1337.697845][ T5879] ath6kl_usb 9-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1337.704421][ T5879] usb 9-1: USB disconnect, device number 8
[ 1337.752302][ T3530] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1338.072588][ T3530] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1338.393714][T14038] FAULT_INJECTION: forcing a failure.
[ 1338.393714][T14038] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1338.393754][T14038] CPU: 0 UID: 0 PID: 14038 Comm: syz.8.2492 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1338.393784][T14038] Tainted: [L]=SOFTLOCKUP
[ 1338.393792][T14038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1338.393806][T14038] Call Trace:
[ 1338.393814][T14038]  <TASK>
[ 1338.393823][T14038]  dump_stack_lvl+0xe8/0x150
[ 1338.393856][T14038]  should_fail_ex+0x46c/0x600
[ 1338.393890][T14038]  _copy_from_user+0x2d/0xb0
[ 1338.393911][T14038]  ___sys_recvmsg+0x12e/0x510
[ 1338.393952][T14038]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1338.393982][T14038]  ? __fget_files+0x2a/0x420
[ 1338.394022][T14038]  ? __fget_files+0x3a6/0x420
[ 1338.394056][T14038]  do_recvmmsg+0x30d/0x770
[ 1338.394094][T14038]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1338.394137][T14038]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1338.394176][T14038]  __x64_sys_recvmmsg+0x190/0x240
[ 1338.394205][T14038]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1338.394246][T14038]  do_syscall_64+0xec/0xf80
[ 1338.394268][T14038]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1338.394289][T14038]  ? trace_irq_disable+0x37/0x100
[ 1338.394311][T14038]  ? clear_bhb_loop+0x60/0xb0
[ 1338.394336][T14038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1338.394358][T14038] RIP: 0033:0x7fe9213af749
[ 1338.394377][T14038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1338.394396][T14038] RSP: 002b:00007fe91f60e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1338.394420][T14038] RAX: ffffffffffffffda RBX: 00007fe921605fa0 RCX: 00007fe9213af749
[ 1338.394436][T14038] RDX: 0000000000000001 RSI: 0000200000005100 RDI: 0000000000000003
[ 1338.394450][T14038] RBP: 00007fe91f60e090 R08: 0000000000000000 R09: 0000000000000000
[ 1338.394462][T14038] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[ 1338.394476][T14038] R13: 00007fe921606038 R14: 00007fe921605fa0 R15: 00007ffdafa8f588
[ 1338.394512][T14038]  </TASK>
[ 1338.770183][ T3530] bridge_slave_1: left allmulticast mode
[ 1338.770209][ T3530] bridge_slave_1: left promiscuous mode
[ 1338.770417][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1338.839944][ T3530] bridge_slave_0: left allmulticast mode
[ 1338.839969][ T3530] bridge_slave_0: left promiscuous mode
[ 1338.840159][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1338.965130][ T3530] bridge_slave_1: left allmulticast mode
[ 1338.965267][ T3530] bridge_slave_1: left promiscuous mode
[ 1338.965457][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1340.126408][ T3530] bridge_slave_0: left allmulticast mode
[ 1340.126442][ T3530] bridge_slave_0: left promiscuous mode
[ 1340.126724][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1340.942069][T14045] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2494'.
[ 1343.209484][ T3530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1343.269452][ T3530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1343.291865][ T3530] bond0 (unregistering): Released all slaves
[ 1344.274342][ T3530] dvmrp0 (unregistering): left allmulticast mode
[ 1345.871491][ T3530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1345.909429][ T3530] bond_slave_0: left allmulticast mode
[ 1345.929395][ T3530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1345.970762][ T3530] bond_slave_1: left allmulticast mode
[ 1345.973346][ T3530] bond0 (unregistering): Released all slaves
[ 1346.300219][ T3530] : left promiscuous mode
[ 1346.388776][T13862] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1346.561117][T13862] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1346.561149][T13862] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1346.561172][T13862] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1346.561193][T13862] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1346.561235][T13862] usb 9-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1346.561259][T13862] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1346.565866][T13862] usb 9-1: config 0 descriptor??
[ 1346.856653][T14052] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2496'.
[ 1346.859179][T13862] hdpvr 9-1:0.0: unexpected answer of status request, len -32
[ 1346.859197][T13862] hdpvr 9-1:0.0: device init failed
[ 1346.859260][T13862] hdpvr 9-1:0.0: probe with driver hdpvr failed with error -12
[ 1346.985644][    T9] usb 9-1: USB disconnect, device number 9
[ 1347.674804][   T38] kauditd_printk_skb: 133 callbacks suppressed
[ 1347.674826][   T38] audit: type=1800 audit(1767655502.130:843): pid=14057 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.2498" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1348.800418][ T5941] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1348.948716][ T5941] usb 9-1: Using ep0 maxpacket: 16
[ 1348.953611][ T5941] usb 9-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1348.953635][ T5941] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1348.953651][ T5941] usb 9-1: Product: syz
[ 1348.953661][ T5941] usb 9-1: Manufacturer: syz
[ 1348.953673][ T5941] usb 9-1: SerialNumber: syz
[ 1348.957997][ T5941] usb 9-1: config 0 descriptor??
[ 1349.181549][T14060] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2499'.
[ 1349.181580][T14060] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2499'.
[ 1349.338895][ T3530] hsr_slave_0: left promiscuous mode
[ 1349.358753][ T3530] hsr_slave_1: left promiscuous mode
[ 1349.359980][ T3530] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1349.360001][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1349.413269][ T3530] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1349.413302][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1349.499408][ T5941] dvb_usb_dtv5100 9-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -110
[ 1349.568769][ T3530] hsr_slave_0: left promiscuous mode
[ 1349.588967][ T3530] hsr_slave_1: left promiscuous mode
[ 1349.589798][ T3530] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1349.589820][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1349.724901][ T3530] veth1_macvtap: left promiscuous mode
[ 1349.724988][ T3530] veth0_macvtap: left promiscuous mode
[ 1349.725169][ T3530] veth1_vlan: left promiscuous mode
[ 1349.839012][ T3530] veth1_macvtap: left promiscuous mode
[ 1349.839096][ T3530] veth0_macvtap: left promiscuous mode
[ 1349.839260][ T3530] veth1_vlan: left allmulticast mode
[ 1349.839468][ T3530] veth1_vlan: left promiscuous mode
[ 1352.809481][ T3530] team0 (unregistering): Port device team_slave_1 removed
[ 1353.109546][ T3530] team0 (unregistering): Port device team_slave_0 removed
[ 1358.489506][ T3530] team0 (unregistering): Port device team_slave_1 removed
[ 1358.790541][ T3530] team0 (unregistering): Port device team_slave_0 removed
[ 1361.801777][T13866] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1361.857690][    T9] usb 9-1: USB disconnect, device number 10
[ 1361.882799][T13866] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1361.965450][T13866] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1362.013065][T13866] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1362.014062][T14066] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2500'.
[ 1362.271157][T14075] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2501'.
[ 1362.351590][T13869] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1362.442842][T13869] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1362.472388][T13869] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1362.518092][T13869] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1362.806912][T13871] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1362.877123][T13871] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1362.948294][T13871] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1363.425372][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1363.462296][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1363.470472][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1363.492415][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1363.493546][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1363.813454][T13871] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1364.184859][T14097] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1364.188065][T14097] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1364.226112][T14097] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1364.228201][T11646] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1364.246774][T14097] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1364.250665][T11646] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1364.298932][T14100] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1365.461451][T14100] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1365.462321][T14100] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1365.501788][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1365.507496][T14100] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1365.534567][T14100] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1365.538066][T14100] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1365.548810][ T5810] Bluetooth: hci0: command tx timeout
[ 1365.549409][ T5810] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1365.571927][ T5810] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1367.014752][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1367.014839][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1367.428850][ T5941] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1367.588985][ T5941] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1367.589021][ T5941] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1367.589047][ T5941] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1367.589069][ T5941] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1367.589110][ T5941] usb 9-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1367.589135][ T5941] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1367.598099][ T5941] usb 9-1: config 0 descriptor??
[ 1367.628740][ T5810] Bluetooth: hci5: command tx timeout
[ 1367.629397][T14100] Bluetooth: hci0: command tx timeout
[ 1367.631910][T14100] Bluetooth: hci4: command tx timeout
[ 1367.632198][ T5810] Bluetooth: hci2: command tx timeout
[ 1367.805672][T14105] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2503'.
[ 1367.858297][ T5941] hdpvr 9-1:0.0: unexpected answer of status request, len -32
[ 1367.858315][ T5941] hdpvr 9-1:0.0: device init failed
[ 1367.858378][ T5941] hdpvr 9-1:0.0: probe with driver hdpvr failed with error -12
[ 1367.884397][ T5941] usb 9-1: USB disconnect, device number 11
[ 1367.945801][ T3530] IPVS: stop unused estimator thread 0...
[ 1368.393571][T14090] chnl_net:caif_netlink_parms(): no params data found
[ 1368.567683][T14094] chnl_net:caif_netlink_parms(): no params data found
[ 1368.748911][T10954] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1368.810122][T14092] chnl_net:caif_netlink_parms(): no params data found
[ 1368.898794][T10954] usb 9-1: Using ep0 maxpacket: 16
[ 1368.906623][T10954] usb 9-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1368.906663][T10954] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1368.906684][T10954] usb 9-1: Product: syz
[ 1368.906700][T10954] usb 9-1: Manufacturer: syz
[ 1368.906718][T10954] usb 9-1: SerialNumber: syz
[ 1368.950756][T10954] r8152-cfgselector 9-1: Unknown version 0x0000
[ 1368.950784][T10954] r8152-cfgselector 9-1: config 0 descriptor??
[ 1370.139437][T14100] Bluetooth: hci2: command tx timeout
[ 1370.139588][T14100] Bluetooth: hci5: command tx timeout
[ 1370.139690][T14100] Bluetooth: hci0: command tx timeout
[ 1370.308766][T14100] Bluetooth: hci4: command tx timeout
[ 1370.395116][T14093] chnl_net:caif_netlink_parms(): no params data found
[ 1370.770449][T14090] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1370.770719][T14090] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1370.770937][T14090] bridge_slave_0: entered allmulticast mode
[ 1370.772895][T14090] bridge_slave_0: entered promiscuous mode
[ 1371.082406][T14090] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1371.082547][T14090] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1371.082784][T14090] bridge_slave_1: entered allmulticast mode
[ 1371.085003][T14090] bridge_slave_1: entered promiscuous mode
[ 1371.086649][T14094] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1371.086834][T14094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1371.086979][T14094] bridge_slave_0: entered allmulticast mode
[ 1371.093745][T14094] bridge_slave_0: entered promiscuous mode
[ 1371.280971][T14094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1371.281106][T14094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1371.281275][T14094] bridge_slave_1: entered allmulticast mode
[ 1371.283416][T14094] bridge_slave_1: entered promiscuous mode
[ 1371.306513][T14092] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1371.311487][T14092] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1371.311757][T14092] bridge_slave_0: entered allmulticast mode
[ 1371.320490][T14092] bridge_slave_0: entered promiscuous mode
[ 1371.626613][ T6124] r8152-cfgselector 9-1: USB disconnect, device number 12
[ 1371.859197][T14092] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1371.860877][T14092] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1371.861057][T14092] bridge_slave_1: entered allmulticast mode
[ 1371.862954][T14092] bridge_slave_1: entered promiscuous mode
[ 1371.880822][T14090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1371.896373][T14137] FAULT_INJECTION: forcing a failure.
[ 1371.896373][T14137] name failslab, interval 1, probability 0, space 0, times 0
[ 1371.896413][T14137] CPU: 1 UID: 0 PID: 14137 Comm: syz.8.2506 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1371.896443][T14137] Tainted: [L]=SOFTLOCKUP
[ 1371.896452][T14137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1371.896466][T14137] Call Trace:
[ 1371.896475][T14137]  <TASK>
[ 1371.896484][T14137]  dump_stack_lvl+0xe8/0x150
[ 1371.896521][T14137]  should_fail_ex+0x46c/0x600
[ 1371.896557][T14137]  should_failslab+0xa8/0x100
[ 1371.896582][T14137]  __kmalloc_cache_noprof+0x84/0x6d0
[ 1371.896615][T14137]  ? cap_capable+0x123/0x440
[ 1371.896646][T14137]  ? yama_ptrace_access_check+0x7a/0xb20
[ 1371.896674][T14137]  ? report_access+0xc1/0x4b0
[ 1371.896707][T14137]  report_access+0xc1/0x4b0
[ 1371.896735][T14137]  ? yama_ptrace_access_check+0x7a/0xb20
[ 1371.896765][T14137]  ? yama_ptrace_access_check+0x7a/0xb20
[ 1371.896800][T14137]  yama_ptrace_access_check+0x8b4/0xb20
[ 1371.896829][T14137]  ? yama_ptrace_access_check+0x7a/0xb20
[ 1371.896864][T14137]  security_ptrace_access_check+0xe5/0x290
[ 1371.896905][T14137]  ptrace_may_access+0x2c/0x50
[ 1371.896935][T14137]  mm_access+0x149/0x2d0
[ 1371.896967][T14137]  process_vm_rw+0x3cb/0xaf0
[ 1371.897007][T14137]  ? get_pid_task+0x20/0x1f0
[ 1371.897037][T14137]  ? get_pid_task+0x20/0x1f0
[ 1371.897071][T14137]  ? __pfx_process_vm_rw+0x10/0x10
[ 1371.897118][T14137]  ? do_raw_spin_lock+0x121/0x290
[ 1371.897159][T14137]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1371.897192][T14137]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1371.897239][T14137]  ? ksys_write+0x230/0x260
[ 1371.897275][T14137]  ? __pfx_ksys_write+0x10/0x10
[ 1371.897312][T14137]  __x64_sys_process_vm_readv+0xe0/0x100
[ 1371.897349][T14137]  do_syscall_64+0xec/0xf80
[ 1371.897370][T14137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1371.897392][T14137]  ? trace_irq_disable+0x37/0x100
[ 1371.897416][T14137]  ? clear_bhb_loop+0x60/0xb0
[ 1371.897444][T14137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1371.897467][T14137] RIP: 0033:0x7fe9213af749
[ 1371.897488][T14137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1371.897508][T14137] RSP: 002b:00007fe91f5ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[ 1371.897532][T14137] RAX: ffffffffffffffda RBX: 00007fe921606090 RCX: 00007fe9213af749
[ 1371.897549][T14137] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 00000000000000b9
[ 1371.897563][T14137] RBP: 00007fe91f5ed090 R08: 0000000000000001 R09: 0000000000000000
[ 1371.897578][T14137] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[ 1371.897593][T14137] R13: 00007fe921606128 R14: 00007fe921606090 R15: 00007ffdafa8f588
[ 1371.897632][T14137]  </TASK>
[ 1372.548671][T11646] Bluetooth: hci0: command tx timeout
[ 1372.548715][T11646] Bluetooth: hci5: command tx timeout
[ 1372.548742][T11646] Bluetooth: hci2: command tx timeout
[ 1372.597622][T14141] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2507'.
[ 1372.789180][T14100] Bluetooth: hci4: command tx timeout
[ 1373.432648][T14090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1373.484086][T14094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1373.912525][T14094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1373.912998][T14093] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1373.914562][T14093] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1373.914738][T14093] bridge_slave_0: entered allmulticast mode
[ 1373.933872][T14093] bridge_slave_0: entered promiscuous mode
[ 1374.028271][T14092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1374.219933][T14093] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1374.220069][T14093] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1374.220297][T14093] bridge_slave_1: entered allmulticast mode
[ 1374.223475][T14093] bridge_slave_1: entered promiscuous mode
[ 1374.244570][T14092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1374.296680][T14090] team0: Port device team_slave_0 added
[ 1374.542174][T14090] team0: Port device team_slave_1 added
[ 1374.545375][T14094] team0: Port device team_slave_0 added
[ 1374.588728][T14100] Bluetooth: hci2: command tx timeout
[ 1374.588765][T14100] Bluetooth: hci5: command tx timeout
[ 1374.829798][T11646] Bluetooth: hci4: command tx timeout
[ 1374.951053][T14094] team0: Port device team_slave_1 added
[ 1374.964497][T14093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1374.967139][T14092] team0: Port device team_slave_0 added
[ 1375.203399][T14093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1375.205494][T14092] team0: Port device team_slave_1 added
[ 1375.247284][T14090] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1375.247299][T14090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1375.247321][T14090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1376.883833][T14090] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1376.883855][T14090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1376.883886][T14090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1376.941055][T14094] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1376.941076][T14094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1376.941106][T14094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1377.208240][T14094] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1377.208254][T14094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1377.208276][T14094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1377.256905][T14093] team0: Port device team_slave_0 added
[ 1377.270490][T14092] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1377.270509][T14092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1377.270541][T14092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1377.335488][T14093] team0: Port device team_slave_1 added
[ 1377.353479][T14092] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1377.353500][T14092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1377.353529][T14092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1377.674299][T14157] netlink: 212348 bytes leftover after parsing attributes in process `syz.8.2511'.
[ 1378.070528][T14093] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1378.070544][T14093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1378.070565][T14093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1378.086269][T14090] hsr_slave_0: entered promiscuous mode
[ 1378.091614][T14090] hsr_slave_1: entered promiscuous mode
[ 1378.094228][T14090] debugfs: 'hsr0' already exists in 'hsr'
[ 1378.094331][T14090] Cannot create hsr debugfs directory
[ 1378.241454][T14093] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1378.241474][T14093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1378.241504][T14093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1378.561907][T14094] hsr_slave_0: entered promiscuous mode
[ 1378.563034][T14094] hsr_slave_1: entered promiscuous mode
[ 1378.563771][T14094] debugfs: 'hsr0' already exists in 'hsr'
[ 1378.563791][T14094] Cannot create hsr debugfs directory
[ 1378.803387][T14092] hsr_slave_0: entered promiscuous mode
[ 1378.807196][T14092] hsr_slave_1: entered promiscuous mode
[ 1378.807968][T14092] debugfs: 'hsr0' already exists in 'hsr'
[ 1378.807988][T14092] Cannot create hsr debugfs directory
[ 1379.323038][T11646] Bluetooth: hci1: command 0x0406 tx timeout
[ 1380.322719][T14167] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2514'.
[ 1380.377293][T14093] hsr_slave_0: entered promiscuous mode
[ 1380.378406][T14093] hsr_slave_1: entered promiscuous mode
[ 1380.384424][T14093] debugfs: 'hsr0' already exists in 'hsr'
[ 1380.384515][T14093] Cannot create hsr debugfs directory
[ 1381.624406][T14173] netlink: 68 bytes leftover after parsing attributes in process `syz.8.2516'.
[ 1382.427932][   T38] audit: type=1326 audit(1767655536.870:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14181 comm="syz.8.2520" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe9213af749 code=0x0
[ 1383.417948][T14188] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2521'.
[ 1384.148885][ T6124] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1384.339013][ T6124] usb 9-1: Using ep0 maxpacket: 16
[ 1384.341223][ T6124] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1384.341249][ T6124] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1384.343759][ T6124] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1384.343789][ T6124] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1384.343804][ T6124] usb 9-1: Product: syz
[ 1384.343815][ T6124] usb 9-1: Manufacturer: syz
[ 1384.343826][ T6124] usb 9-1: SerialNumber: syz
[ 1384.573241][ T6124] usb 9-1: 0:2 : does not exist
[ 1384.573315][ T6124] usb 9-1: unit 9 not found!
[ 1384.576900][ T6124] usb 9-1: 4:0: cannot get min/max values for control 1 (id 4)
[ 1384.634545][ T6124] usb 9-1: 4:0: cannot get min/max values for control 2 (id 4)
[ 1384.640334][ T6124] usb 9-1: 4:0: cannot get min/max values for control 3 (id 4)
[ 1384.655139][ T6124] usb 9-1: 4:0: cannot get min/max values for control 4 (id 4)
[ 1384.662898][ T6124] usb 9-1: 4:0: cannot get min/max values for control 5 (id 4)
[ 1384.679984][ T6124] usb 9-1: 4:0: cannot get min/max values for control 6 (id 4)
[ 1384.716920][ T6124] usb 9-1: USB disconnect, device number 13
[ 1385.319309][ T3530] bridge_slave_1: left allmulticast mode
[ 1385.319339][ T3530] bridge_slave_1: left promiscuous mode
[ 1385.319593][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.380002][ T3530] bridge_slave_0: left allmulticast mode
[ 1385.380027][ T3530] bridge_slave_0: left promiscuous mode
[ 1385.380265][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.472167][ T3530] bridge_slave_1: left allmulticast mode
[ 1385.472206][ T3530] bridge_slave_1: left promiscuous mode
[ 1385.472395][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.539887][ T3530] bridge_slave_0: left allmulticast mode
[ 1385.539912][ T3530] bridge_slave_0: left promiscuous mode
[ 1385.540109][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.612029][ T3530] bridge_slave_1: left allmulticast mode
[ 1385.612053][ T3530] bridge_slave_1: left promiscuous mode
[ 1385.612237][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.700000][ T3530] bridge_slave_0: left allmulticast mode
[ 1385.700032][ T3530] bridge_slave_0: left promiscuous mode
[ 1385.700327][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.772299][ T3530] bridge_slave_1: left allmulticast mode
[ 1385.772325][ T3530] bridge_slave_1: left promiscuous mode
[ 1385.772517][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.840002][ T3530] bridge_slave_0: left allmulticast mode
[ 1385.840027][ T3530] bridge_slave_0: left promiscuous mode
[ 1385.840244][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1386.249490][ T3530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1386.329453][ T3530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1386.391699][ T3530] bond0 (unregistering): Released all slaves
[ 1386.619452][ T3530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1386.729547][ T3530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1386.800886][ T3530] bond0 (unregistering): Released all slaves
[ 1387.236809][ T3530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1387.309845][ T3530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1387.371217][ T3530] bond0 (unregistering): Released all slaves
[ 1387.639658][ T3530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1387.729845][ T3530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1387.797969][ T3530] bond0 (unregistering): Released all slaves
[ 1388.968918][ T3530] hsr_slave_0: left promiscuous mode
[ 1389.008801][ T3530] hsr_slave_1: left promiscuous mode
[ 1389.010612][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1389.059695][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1389.237987][T14209] FAULT_INJECTION: forcing a failure.
[ 1389.237987][T14209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1389.238017][T14209] CPU: 0 UID: 0 PID: 14209 Comm: syz.8.2530 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1389.238040][T14209] Tainted: [L]=SOFTLOCKUP
[ 1389.238046][T14209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1389.238057][T14209] Call Trace:
[ 1389.238063][T14209]  <TASK>
[ 1389.238071][T14209]  dump_stack_lvl+0xe8/0x150
[ 1389.238104][T14209]  should_fail_ex+0x46c/0x600
[ 1389.238132][T14209]  _copy_from_user+0x2d/0xb0
[ 1389.238148][T14209]  ___sys_sendmsg+0x158/0x2a0
[ 1389.238172][T14209]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1389.238220][T14209]  ? __fget_files+0x2a/0x420
[ 1389.238237][T14209]  ? __fget_files+0x3a6/0x420
[ 1389.238261][T14209]  __x64_sys_sendmsg+0x1a1/0x260
[ 1389.238284][T14209]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1389.238311][T14209]  ? __pfx_ksys_write+0x10/0x10
[ 1389.238343][T14209]  do_syscall_64+0xec/0xf80
[ 1389.238359][T14209]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1389.238374][T14209]  ? trace_irq_disable+0x37/0x100
[ 1389.238392][T14209]  ? clear_bhb_loop+0x60/0xb0
[ 1389.238411][T14209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1389.238427][T14209] RIP: 0033:0x7fe9213af749
[ 1389.238441][T14209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1389.238455][T14209] RSP: 002b:00007fe91f60e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1389.238471][T14209] RAX: ffffffffffffffda RBX: 00007fe921605fa0 RCX: 00007fe9213af749
[ 1389.238512][T14209] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[ 1389.238526][T14209] RBP: 00007fe91f60e090 R08: 0000000000000000 R09: 0000000000000000
[ 1389.238539][T14209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1389.238553][T14209] R13: 00007fe921606038 R14: 00007fe921605fa0 R15: 00007ffdafa8f588
[ 1389.238602][T14209]  </TASK>
[ 1389.239114][ T3530] hsr_slave_0: left promiscuous mode
[ 1389.462963][ T3530] hsr_slave_1: left promiscuous mode
[ 1389.464025][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1389.509423][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1389.709036][ T3530] hsr_slave_0: left promiscuous mode
[ 1389.748690][ T3530] hsr_slave_1: left promiscuous mode
[ 1389.749565][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1389.774526][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1389.848721][ T8619] usb 9-1: new low-speed USB device number 14 using dummy_hcd
[ 1389.938925][ T3530] hsr_slave_0: left promiscuous mode
[ 1389.958954][ T3530] hsr_slave_1: left promiscuous mode
[ 1389.959772][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1389.989552][ T3530] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1390.007731][ T8619] usb 9-1: config 1 interface 0 altsetting 7 endpoint 0x82 is Bulk; changing to Interrupt
[ 1390.007766][ T8619] usb 9-1: config 1 interface 0 altsetting 7 endpoint 0x3 is Bulk; changing to Interrupt
[ 1390.007782][ T8619] usb 9-1: config 1 interface 0 altsetting 7 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1390.007802][ T8619] usb 9-1: config 1 interface 0 has no altsetting 0
[ 1390.052907][ T8619] usb 9-1: string descriptor 0 read error: -22
[ 1390.053057][ T8619] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1390.053076][ T8619] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1390.057706][T14217] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1390.057921][T14217] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1390.070342][ T8619] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22
[ 1390.909504][ T3530] team0 (unregistering): Port device team_slave_1 removed
[ 1391.080587][ T3530] team0 (unregistering): Port device team_slave_0 removed
[ 1392.459715][ T3530] team0 (unregistering): Port device team_slave_1 removed
[ 1392.649666][ T3530] team0 (unregistering): Port device team_slave_0 removed
[ 1393.940013][ T3530] team0 (unregistering): Port device team_slave_1 removed
[ 1394.100345][ T3530] team0 (unregistering): Port device team_slave_0 removed
[ 1395.489345][ T3530] team0 (unregistering): Port device team_slave_1 removed
[ 1395.690051][ T3530] team0 (unregistering): Port device team_slave_0 removed
[ 1396.442379][ T5941] usb 9-1: USB disconnect, device number 14
[ 1398.631124][T14090] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1398.671216][T14090] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1398.725470][T14090] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1398.870723][T14090] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1399.066335][T14094] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1399.145280][T14094] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1399.277461][T14094] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1399.305284][T14094] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1401.050006][T14092] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1401.093141][T14092] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1401.205780][T14092] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1401.351536][T14092] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1401.497901][T14090] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1401.563171][ T5804] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1401.617601][T14093] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1401.677303][T14093] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1401.724730][T14093] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1401.749093][ T5804] usb 9-1: Using ep0 maxpacket: 16
[ 1401.755048][ T5804] usb 9-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1401.755082][ T5804] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1401.755103][ T5804] usb 9-1: Product: syz
[ 1401.755118][ T5804] usb 9-1: Manufacturer: syz
[ 1401.755133][ T5804] usb 9-1: SerialNumber: syz
[ 1401.774477][T14093] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1401.816484][ T5804] r8152-cfgselector 9-1: Unknown version 0x0000
[ 1401.816512][ T5804] r8152-cfgselector 9-1: config 0 descriptor??
[ 1401.918103][T14090] 8021q: adding VLAN 0 to HW filter on device team0
[ 1402.027391][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1402.047684][ T5952] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1402.202565][T11176] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1402.202681][T11176] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1403.432898][T14094] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1403.588601][T14094] 8021q: adding VLAN 0 to HW filter on device team0
[ 1403.645024][T11485] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1403.645226][T11485] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1403.698898][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1403.699028][ T5936] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1403.756764][T14092] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1403.871314][T14092] 8021q: adding VLAN 0 to HW filter on device team0
[ 1403.911710][T11176] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1403.911864][T11176] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1403.970471][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1403.970648][ T5936] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1403.998450][T14093] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1404.100300][T14093] 8021q: adding VLAN 0 to HW filter on device team0
[ 1404.137807][T11176] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1404.138024][T11176] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1404.195981][T11176] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1404.196306][T11176] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1404.274644][T14090] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1404.636523][ T5804] r8152-cfgselector 9-1: USB disconnect, device number 15
[ 1404.814445][T14094] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1405.040866][T14094] veth0_vlan: entered promiscuous mode
[ 1405.047966][T14092] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1405.095345][T14094] veth1_vlan: entered promiscuous mode
[ 1405.205595][T14093] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1405.227182][T14094] veth0_macvtap: entered promiscuous mode
[ 1405.252780][T14094] veth1_macvtap: entered promiscuous mode
[ 1405.323955][ T5879] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[ 1405.358448][T14094] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1405.404792][T14094] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1405.460020][T11142] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1405.461210][T11142] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1405.469173][T11142] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1405.490896][ T1333] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1405.508709][ T5879] usb 9-1: config 220 has an invalid interface number: 76 but max is 2
[ 1405.508740][ T5879] usb 9-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1405.508762][ T5879] usb 9-1: config 220 has no interface number 2
[ 1405.508838][ T5879] usb 9-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1405.508867][ T5879] usb 9-1: config 220 interface 0 has no altsetting 0
[ 1405.508887][ T5879] usb 9-1: config 220 interface 76 has no altsetting 0
[ 1405.508907][ T5879] usb 9-1: config 220 interface 1 has no altsetting 0
[ 1405.518151][ T5879] usb 9-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1405.518185][ T5879] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1405.518206][ T5879] usb 9-1: Product: syz
[ 1405.518222][ T5879] usb 9-1: Manufacturer: syz
[ 1405.518238][ T5879] usb 9-1: SerialNumber: syz
[ 1406.061773][T14090] veth0_vlan: entered promiscuous mode
[ 1406.082215][ T5879] usb 9-1: selecting invalid altsetting 0
[ 1406.082894][ T5879] uvcvideo 9-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1406.082923][ T5879] uvcvideo 9-1:220.0: No valid video chain found.
[ 1406.176587][ T5879] usb 9-1: selecting invalid altsetting 0
[ 1406.176631][ T5879] usbtest 9-1:220.1: probe with driver usbtest failed with error -22
[ 1406.227122][ T5879] usb 9-1: USB disconnect, device number 16
[ 1406.284914][T14090] veth1_vlan: entered promiscuous mode
[ 1406.316957][   T84] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1406.316979][   T84] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1406.437304][ T6276] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1406.437329][ T6276] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1406.472267][T14090] veth0_macvtap: entered promiscuous mode
[ 1406.506417][T14092] veth0_vlan: entered promiscuous mode
[ 1406.518769][T14090] veth1_macvtap: entered promiscuous mode
[ 1406.555948][T14093] veth0_vlan: entered promiscuous mode
[ 1406.567292][T14092] veth1_vlan: entered promiscuous mode
[ 1406.597983][T14090] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1406.636166][T14093] veth1_vlan: entered promiscuous mode
[ 1406.646164][T14090] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1406.701794][T11485] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1406.710543][T11485] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1406.736261][T11485] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1406.736818][T14309] FAULT_INJECTION: forcing a failure.
[ 1406.736818][T14309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1406.736855][T14309] CPU: 1 UID: 0 PID: 14309 Comm: syz.2.2442 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1406.736885][T14309] Tainted: [L]=SOFTLOCKUP
[ 1406.736893][T14309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1406.736907][T14309] Call Trace:
[ 1406.736916][T14309]  <TASK>
[ 1406.736925][T14309]  dump_stack_lvl+0xe8/0x150
[ 1406.736960][T14309]  should_fail_ex+0x46c/0x600
[ 1406.736996][T14309]  _copy_from_user+0x2d/0xb0
[ 1406.737019][T14309]  ___sys_sendmsg+0x158/0x2a0
[ 1406.737052][T14309]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1406.737120][T14309]  ? __fget_files+0x2a/0x420
[ 1406.737143][T14309]  ? __fget_files+0x3a6/0x420
[ 1406.737179][T14309]  __x64_sys_sendmsg+0x1a1/0x260
[ 1406.737212][T14309]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1406.737251][T14309]  ? __pfx_ksys_write+0x10/0x10
[ 1406.737297][T14309]  do_syscall_64+0xec/0xf80
[ 1406.737319][T14309]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.737341][T14309]  ? trace_irq_disable+0x37/0x100
[ 1406.737365][T14309]  ? clear_bhb_loop+0x60/0xb0
[ 1406.737393][T14309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.737414][T14309] RIP: 0033:0x7fb31f36f749
[ 1406.737434][T14309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1406.737455][T14309] RSP: 002b:00007fb31d5d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1406.737479][T14309] RAX: ffffffffffffffda RBX: 00007fb31f5c5fa0 RCX: 00007fb31f36f749
[ 1406.737495][T14309] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000003
[ 1406.737511][T14309] RBP: 00007fb31d5d6090 R08: 0000000000000000 R09: 0000000000000000
[ 1406.737525][T14309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1406.737539][T14309] R13: 00007fb31f5c6038 R14: 00007fb31f5c5fa0 R15: 00007ffecd113e48
[ 1406.737574][T14309]  </TASK>
[ 1406.957402][T11485] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1407.048771][T13297] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 1407.094945][T14092] veth0_macvtap: entered promiscuous mode
[ 1407.194296][T14092] veth1_macvtap: entered promiscuous mode
[ 1407.224113][T13297] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1407.224146][T13297] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[ 1407.224172][T13297] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 65535, setting to 1024
[ 1407.224200][T13297] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1024
[ 1407.308282][T13297] usb 9-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[ 1407.308309][T13297] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1407.308330][T13297] usb 9-1: Product: syz
[ 1407.308345][T13297] usb 9-1: Manufacturer: syz
[ 1407.308361][T13297] usb 9-1: SerialNumber: syz
[ 1407.345124][T13297] usb 9-1: config 0 descriptor??
[ 1407.347843][T14308] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1407.362213][T13297] ums-isd200 9-1:0.0: USB Mass Storage device detected
[ 1407.375488][T14093] veth0_macvtap: entered promiscuous mode
[ 1407.498000][T14093] veth1_macvtap: entered promiscuous mode
[ 1407.774823][T14308] netlink: 60 bytes leftover after parsing attributes in process `syz.8.2542'.
[ 1408.760843][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1408.760867][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1408.806295][T14092] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1409.015624][T14092] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1409.096396][T14093] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1409.138079][   T12] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.150203][ T6276] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1409.150224][ T6276] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1409.157956][   T12] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.192033][   T12] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.255030][   T12] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.290736][T14093] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1409.400759][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.426513][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.444719][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.564124][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.916937][T13297] scsi host1: usb-storage 9-1:0.0
[ 1410.012004][T13297] usb 9-1: USB disconnect, device number 17
[ 1410.019945][T14333] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2548'.
[ 1410.272665][ T6276] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1410.272690][ T6276] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1410.390315][T14342] FAULT_INJECTION: forcing a failure.
[ 1410.390315][T14342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1410.390357][T14342] CPU: 0 UID: 0 PID: 14342 Comm: syz.8.2550 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1410.390388][T14342] Tainted: [L]=SOFTLOCKUP
[ 1410.390398][T14342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1410.390413][T14342] Call Trace:
[ 1410.390422][T14342]  <TASK>
[ 1410.390432][T14342]  dump_stack_lvl+0xe8/0x150
[ 1410.390471][T14342]  should_fail_ex+0x46c/0x600
[ 1410.390508][T14342]  _copy_from_user+0x2d/0xb0
[ 1410.390532][T14342]  ___sys_sendmsg+0x158/0x2a0
[ 1410.390565][T14342]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1410.390632][T14342]  ? __fget_files+0x2a/0x420
[ 1410.390656][T14342]  ? __fget_files+0x3a6/0x420
[ 1410.390691][T14342]  __x64_sys_sendmsg+0x1a1/0x260
[ 1410.390723][T14342]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1410.390763][T14342]  ? __pfx_ksys_write+0x10/0x10
[ 1410.390808][T14342]  do_syscall_64+0xec/0xf80
[ 1410.390831][T14342]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1410.390855][T14342]  ? trace_irq_disable+0x37/0x100
[ 1410.390878][T14342]  ? clear_bhb_loop+0x60/0xb0
[ 1410.390905][T14342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1410.390928][T14342] RIP: 0033:0x7fe9213af749
[ 1410.390948][T14342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1410.390968][T14342] RSP: 002b:00007fe91f5ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1410.390992][T14342] RAX: ffffffffffffffda RBX: 00007fe921606090 RCX: 00007fe9213af749
[ 1410.391009][T14342] RDX: 0000000000004000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1410.391024][T14342] RBP: 00007fe91f5ed090 R08: 0000000000000000 R09: 0000000000000000
[ 1410.391038][T14342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1410.391052][T14342] R13: 00007fe921606128 R14: 00007fe921606090 R15: 00007ffdafa8f588
[ 1410.391087][T14342]  </TASK>
[ 1410.688039][ T5937] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1410.688062][ T5937] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1410.770312][ T1333] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1410.770336][ T1333] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1410.962831][ T5936] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1410.962856][ T5936] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1412.118909][ T5879] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 1412.267624][T14353] loop2: detected capacity change from 0 to 7
[ 1412.323956][ T5879] usb 3-1: Using ep0 maxpacket: 16
[ 1412.336603][ T5879] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1412.336631][ T5879] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1412.360575][ T5879] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1412.360608][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1412.360631][ T5879] usb 3-1: Product: syz
[ 1412.360647][ T5879] usb 3-1: Manufacturer: syz
[ 1412.360663][ T5879] usb 3-1: SerialNumber: syz
[ 1412.597370][T14353] Dev loop2: unable to read RDB block 7
[ 1412.597419][T14353]  loop2: AHDI p1 p2 p3
[ 1412.597463][T14353] loop2: partition table partially beyond EOD, truncated
[ 1412.597697][T14353] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1412.597720][T14353] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1412.681881][T14344] loop8: detected capacity change from 0 to 8
[ 1412.747211][T14344] Dev loop8: unable to read RDB block 8
[ 1412.747270][T14344]  loop8: unable to read partition table
[ 1412.747505][T14344] loop8: partition table beyond EOD, truncated
[ 1412.747527][T14344] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1414.333971][ T5879] usb 3-1: 0:2 : does not exist
[ 1414.345293][ T5879] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1414.396099][ T5879] usb 3-1: USB disconnect, device number 2
[ 1414.511495][T14369] FAULT_INJECTION: forcing a failure.
[ 1414.511495][T14369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1414.511537][T14369] CPU: 1 UID: 0 PID: 14369 Comm: syz.8.2558 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1414.511567][T14369] Tainted: [L]=SOFTLOCKUP
[ 1414.511583][T14369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1414.511599][T14369] Call Trace:
[ 1414.511608][T14369]  <TASK>
[ 1414.511618][T14369]  dump_stack_lvl+0xe8/0x150
[ 1414.511653][T14369]  should_fail_ex+0x46c/0x600
[ 1414.511691][T14369]  _copy_from_user+0x2d/0xb0
[ 1414.511715][T14369]  ___sys_sendmsg+0x158/0x2a0
[ 1414.511757][T14369]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1414.511826][T14369]  ? __fget_files+0x2a/0x420
[ 1414.511850][T14369]  ? __fget_files+0x3a6/0x420
[ 1414.511886][T14369]  __x64_sys_sendmsg+0x1a1/0x260
[ 1414.511919][T14369]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1414.511961][T14369]  ? __pfx_ksys_write+0x10/0x10
[ 1414.512007][T14369]  do_syscall_64+0xec/0xf80
[ 1414.512030][T14369]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1414.512053][T14369]  ? trace_irq_disable+0x37/0x100
[ 1414.512078][T14369]  ? clear_bhb_loop+0x60/0xb0
[ 1414.512103][T14369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1414.512125][T14369] RIP: 0033:0x7fe9213af749
[ 1414.512145][T14369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1414.512184][T14369] RSP: 002b:00007fe91f60e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1414.512209][T14369] RAX: ffffffffffffffda RBX: 00007fe921605fa0 RCX: 00007fe9213af749
[ 1414.512225][T14369] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[ 1414.512240][T14369] RBP: 00007fe91f60e090 R08: 0000000000000000 R09: 0000000000000000
[ 1414.512254][T14369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1414.512268][T14369] R13: 00007fe921606038 R14: 00007fe921605fa0 R15: 00007ffdafa8f588
[ 1414.512305][T14369]  </TASK>
[ 1415.652471][T14374] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2559'.
[ 1415.653784][T14373] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2559'.
[ 1416.032694][T13297] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1424.992560][T13297] usb 10-1: config 0 has no interfaces?
[ 1424.992601][T13297] usb 10-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[ 1424.992626][T13297] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1424.997308][T13297] usb 10-1: config 0 descriptor??
[ 1426.969824][ T6015] usb 10-1: USB disconnect, device number 2
[ 1427.900724][T14415] fuse: Unknown parameter '000000000000000000280x0000000000000000'
[ 1428.491811][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.491933][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1429.451296][T14430] FAULT_INJECTION: forcing a failure.
[ 1429.451296][T14430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1429.451326][T14430] CPU: 1 UID: 0 PID: 14430 Comm: syz.4.2574 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1429.451349][T14430] Tainted: [L]=SOFTLOCKUP
[ 1429.451356][T14430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1429.451367][T14430] Call Trace:
[ 1429.451373][T14430]  <TASK>
[ 1429.451380][T14430]  dump_stack_lvl+0xe8/0x150
[ 1429.451407][T14430]  should_fail_ex+0x46c/0x600
[ 1429.451435][T14430]  _copy_from_user+0x2d/0xb0
[ 1429.451452][T14430]  core_sys_select+0x4be/0xa20
[ 1429.451486][T14430]  ? __pfx_core_sys_select+0x10/0x10
[ 1429.451529][T14430]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1429.451547][T14430]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1429.451569][T14430]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1429.451597][T14430]  __se_sys_pselect6+0x27a/0x300
[ 1429.451634][T14430]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1429.451660][T14430]  ? __pfx_ksys_write+0x10/0x10
[ 1429.451688][T14430]  ? __x64_sys_pselect6+0x21/0xf0
[ 1429.451716][T14430]  do_syscall_64+0xec/0xf80
[ 1429.451732][T14430]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.451747][T14430]  ? trace_irq_disable+0x37/0x100
[ 1429.451765][T14430]  ? clear_bhb_loop+0x60/0xb0
[ 1429.451784][T14430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.451800][T14430] RIP: 0033:0x7f23f813f749
[ 1429.451814][T14430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1429.451830][T14430] RSP: 002b:00007f23f6385038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1429.451847][T14430] RAX: ffffffffffffffda RBX: 00007f23f8396090 RCX: 00007f23f813f749
[ 1429.451859][T14430] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1429.451870][T14430] RBP: 00007f23f6385090 R08: 0000000000000000 R09: 0000000000000000
[ 1429.451880][T14430] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1429.451890][T14430] R13: 00007f23f8396128 R14: 00007f23f8396090 R15: 00007ffc6616ce98
[ 1429.451916][T14430]  </TASK>
[ 1435.444935][T10954] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1436.012978][T10954] usb 8-1: device descriptor read/all, error -71
[ 1436.066371][T14463] FAULT_INJECTION: forcing a failure.
[ 1436.066371][T14463] name failslab, interval 1, probability 0, space 0, times 0
[ 1436.066411][T14463] CPU: 1 UID: 0 PID: 14463 Comm: syz.4.2582 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1436.066441][T14463] Tainted: [L]=SOFTLOCKUP
[ 1436.066450][T14463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1436.066466][T14463] Call Trace:
[ 1436.066476][T14463]  <TASK>
[ 1436.066486][T14463]  dump_stack_lvl+0xe8/0x150
[ 1436.066524][T14463]  should_fail_ex+0x46c/0x600
[ 1436.066562][T14463]  should_failslab+0xa8/0x100
[ 1436.066588][T14463]  __kmalloc_noprof+0xe0/0x7e0
[ 1436.066620][T14463]  ? kfree+0x4d/0x900
[ 1436.066648][T14463]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1436.066679][T14463]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1436.066706][T14463]  ? tomoyo_domain+0xd9/0x130
[ 1436.066736][T14463]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1436.066770][T14463]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1436.066807][T14463]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1436.066839][T14463]  ? __lock_acquire+0x6b6/0x2cf0
[ 1436.066872][T14463]  ? do_raw_spin_lock+0x121/0x290
[ 1436.066934][T14463]  ? __fget_files+0x2a/0x420
[ 1436.066963][T14463]  ? __fget_files+0x2a/0x420
[ 1436.066985][T14463]  ? __fget_files+0x3a6/0x420
[ 1436.067018][T14463]  ? __fget_files+0x2a/0x420
[ 1436.067046][T14463]  security_file_ioctl+0xcb/0x2d0
[ 1436.067083][T14463]  __se_sys_ioctl+0x47/0x170
[ 1436.067118][T14463]  do_syscall_64+0xec/0xf80
[ 1436.067140][T14463]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1436.067162][T14463]  ? trace_irq_disable+0x37/0x100
[ 1436.067187][T14463]  ? clear_bhb_loop+0x60/0xb0
[ 1436.067214][T14463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1436.067237][T14463] RIP: 0033:0x7f23f813f749
[ 1436.067257][T14463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1436.067278][T14463] RSP: 002b:00007f23f63a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1436.067309][T14463] RAX: ffffffffffffffda RBX: 00007f23f8395fa0 RCX: 00007f23f813f749
[ 1436.067327][T14463] RDX: 0000200000000000 RSI: 000000004010ae68 RDI: 0000000000000004
[ 1436.067342][T14463] RBP: 00007f23f63a6090 R08: 0000000000000000 R09: 0000000000000000
[ 1436.067356][T14463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1436.067370][T14463] R13: 00007f23f8396038 R14: 00007f23f8395fa0 R15: 00007ffc6616ce98
[ 1436.067408][T14463]  </TASK>
[ 1436.067418][T14463] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1436.338644][ T6124] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 1436.508667][ T6124] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1436.508702][ T6124] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1436.508728][ T6124] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1436.508752][ T6124] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1436.508796][ T6124] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1436.508820][ T6124] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1436.514250][ T6124] usb 3-1: config 0 descriptor??
[ 1436.739148][T14461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2567'.
[ 1436.787189][ T6124] hdpvr 3-1:0.0: unexpected answer of status request, len -32
[ 1436.787216][ T6124] hdpvr 3-1:0.0: device init failed
[ 1436.787317][ T6124] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12
[ 1436.859527][ T6124] usb 3-1: USB disconnect, device number 3
[ 1438.534930][T13297] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 1438.678622][T13297] usb 5-1: Using ep0 maxpacket: 16
[ 1438.686666][T13297] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1438.686698][T13297] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1438.686712][T13297] usb 5-1: Product: syz
[ 1438.686724][T13297] usb 5-1: Manufacturer: syz
[ 1438.686735][T13297] usb 5-1: SerialNumber: syz
[ 1438.738641][T13297] r8152-cfgselector 5-1: Unknown version 0x0000
[ 1438.738662][T13297] r8152-cfgselector 5-1: config 0 descriptor??
[ 1438.908728][T13863] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1440.881006][T13863] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1440.881044][T13863] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1440.881069][T13863] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1440.881114][T13863] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1440.881147][T13863] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1440.887504][T13863] usb 10-1: config 0 descriptor??
[ 1441.483878][T13863] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[ 1441.771258][T11578] usb 10-1: USB disconnect, device number 3
[ 1442.589812][T14493] syz_tun: entered allmulticast mode
[ 1443.499064][T14501] fuse: Unknown parameter '000000000000000000430x0000000000000000'
[ 1444.418650][T14512] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2597'.
[ 1444.774717][T14520] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2600'.
[ 1446.029109][T14400] r8152-cfgselector 5-1: USB disconnect, device number 11
[ 1446.528936][T14535] ip6gretap0: entered promiscuous mode
[ 1446.529177][T14535] vlan2: entered promiscuous mode
[ 1449.673321][T14100] Bluetooth: hci5: command tx timeout
[ 1452.623056][T14572] FAULT_INJECTION: forcing a failure.
[ 1452.623056][T14572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1452.623105][T14572] CPU: 0 UID: 0 PID: 14572 Comm: syz.7.2617 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1452.623136][T14572] Tainted: [L]=SOFTLOCKUP
[ 1452.623144][T14572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1452.623158][T14572] Call Trace:
[ 1452.623167][T14572]  <TASK>
[ 1452.623177][T14572]  dump_stack_lvl+0xe8/0x150
[ 1452.623213][T14572]  should_fail_ex+0x46c/0x600
[ 1452.623250][T14572]  _copy_from_user+0x2d/0xb0
[ 1452.623275][T14572]  ___sys_sendmsg+0x158/0x2a0
[ 1452.623317][T14572]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1452.623387][T14572]  ? __fget_files+0x2a/0x420
[ 1452.623411][T14572]  ? __fget_files+0x3a6/0x420
[ 1452.623446][T14572]  __x64_sys_sendmsg+0x1a1/0x260
[ 1452.623478][T14572]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1452.623518][T14572]  ? __pfx_ksys_write+0x10/0x10
[ 1452.623563][T14572]  do_syscall_64+0xec/0xf80
[ 1452.623587][T14572]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1452.623609][T14572]  ? trace_irq_disable+0x37/0x100
[ 1452.623634][T14572]  ? clear_bhb_loop+0x60/0xb0
[ 1452.623662][T14572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1452.623685][T14572] RIP: 0033:0x7f775381f749
[ 1452.623704][T14572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1452.623724][T14572] RSP: 002b:00007f7751a86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1452.623748][T14572] RAX: ffffffffffffffda RBX: 00007f7753a75fa0 RCX: 00007f775381f749
[ 1452.623765][T14572] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[ 1452.623779][T14572] RBP: 00007f7751a86090 R08: 0000000000000000 R09: 0000000000000000
[ 1452.623794][T14572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1452.623808][T14572] R13: 00007f7753a76038 R14: 00007f7753a75fa0 R15: 00007fff0f9e63a8
[ 1452.623844][T14572]  </TASK>
[ 1455.478178][T14592] netlink: 'syz.2.2609': attribute type 10 has an invalid length.
[ 1455.552897][T14592] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1457.415008][T14605] ip6gretap0: entered promiscuous mode
[ 1457.415103][T14605] vlan2: entered promiscuous mode
[ 1458.798812][T14627] fuse: Unknown parameter '000000000000000000660x0000000000000000'
[ 1459.178001][ T9985] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 1459.178212][T14100] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1459.508679][ T9985] usb 5-1: Using ep0 maxpacket: 16
[ 1459.511033][ T9985] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1459.511061][ T9985] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1459.514122][ T9985] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1459.514153][ T9985] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1459.514176][ T9985] usb 5-1: Product: syz
[ 1459.514192][ T9985] usb 5-1: Manufacturer: syz
[ 1459.514209][ T9985] usb 5-1: SerialNumber: syz
[ 1459.869981][T14619] loop8: detected capacity change from 0 to 8
[ 1459.913422][T14619] Dev loop8: unable to read RDB block 8
[ 1459.913480][T14619]  loop8: unable to read partition table
[ 1459.913721][T14619] loop8: partition table beyond EOD, truncated
[ 1459.913742][T14619] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1460.039840][ T9985] usb 5-1: 0:2 : does not exist
[ 1460.047090][ T9985] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[ 1460.083419][T14635] FAULT_INJECTION: forcing a failure.
[ 1460.083419][T14635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1460.083468][T14635] CPU: 1 UID: 0 PID: 14635 Comm: syz.2.2635 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1460.083499][T14635] Tainted: [L]=SOFTLOCKUP
[ 1460.083508][T14635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1460.083523][T14635] Call Trace:
[ 1460.083533][T14635]  <TASK>
[ 1460.083543][T14635]  dump_stack_lvl+0xe8/0x150
[ 1460.083580][T14635]  should_fail_ex+0x46c/0x600
[ 1460.083622][T14635]  _copy_from_user+0x2d/0xb0
[ 1460.083647][T14635]  ___sys_sendmsg+0x158/0x2a0
[ 1460.083681][T14635]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1460.083749][T14635]  ? __fget_files+0x2a/0x420
[ 1460.083773][T14635]  ? __fget_files+0x3a6/0x420
[ 1460.083809][T14635]  __x64_sys_sendmsg+0x1a1/0x260
[ 1460.083842][T14635]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1460.083881][T14635]  ? __pfx_ksys_write+0x10/0x10
[ 1460.083927][T14635]  do_syscall_64+0xec/0xf80
[ 1460.083949][T14635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1460.083971][T14635]  ? trace_irq_disable+0x37/0x100
[ 1460.083996][T14635]  ? clear_bhb_loop+0x60/0xb0
[ 1460.084025][T14635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1460.084047][T14635] RIP: 0033:0x7fb31f36f749
[ 1460.084068][T14635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1460.084088][T14635] RSP: 002b:00007fb31d5d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1460.084112][T14635] RAX: ffffffffffffffda RBX: 00007fb31f5c5fa0 RCX: 00007fb31f36f749
[ 1460.084130][T14635] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[ 1460.084144][T14635] RBP: 00007fb31d5d6090 R08: 0000000000000000 R09: 0000000000000000
[ 1460.084158][T14635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1460.084171][T14635] R13: 00007fb31f5c6038 R14: 00007fb31f5c5fa0 R15: 00007ffecd113e48
[ 1460.084207][T14635]  </TASK>
[ 1460.087296][ T9985] usb 5-1: USB disconnect, device number 12
[ 1460.505161][T14643] FAULT_INJECTION: forcing a failure.
[ 1460.505161][T14643] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1460.505203][T14643] CPU: 0 UID: 0 PID: 14643 Comm: syz.7.2637 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1460.505235][T14643] Tainted: [L]=SOFTLOCKUP
[ 1460.505244][T14643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1460.505258][T14643] Call Trace:
[ 1460.505268][T14643]  <TASK>
[ 1460.505278][T14643]  dump_stack_lvl+0xe8/0x150
[ 1460.505315][T14643]  should_fail_ex+0x46c/0x600
[ 1460.505353][T14643]  _copy_from_user+0x2d/0xb0
[ 1460.505377][T14643]  ___sys_sendmsg+0x158/0x2a0
[ 1460.505410][T14643]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1460.505483][T14643]  ? __fget_files+0x2a/0x420
[ 1460.505506][T14643]  ? __fget_files+0x3a6/0x420
[ 1460.505543][T14643]  __x64_sys_sendmsg+0x1a1/0x260
[ 1460.505575][T14643]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1460.505614][T14643]  ? __pfx_ksys_write+0x10/0x10
[ 1460.505661][T14643]  do_syscall_64+0xec/0xf80
[ 1460.505683][T14643]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1460.505705][T14643]  ? trace_irq_disable+0x37/0x100
[ 1460.505730][T14643]  ? clear_bhb_loop+0x60/0xb0
[ 1460.505766][T14643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1460.505788][T14643] RIP: 0033:0x7f775381f749
[ 1460.505809][T14643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1460.505829][T14643] RSP: 002b:00007f7751a86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1460.505852][T14643] RAX: ffffffffffffffda RBX: 00007f7753a75fa0 RCX: 00007f775381f749
[ 1460.505869][T14643] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[ 1460.505883][T14643] RBP: 00007f7751a86090 R08: 0000000000000000 R09: 0000000000000000
[ 1460.505897][T14643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1460.505911][T14643] R13: 00007f7753a76038 R14: 00007f7753a75fa0 R15: 00007fff0f9e63a8
[ 1460.505947][T14643]  </TASK>
[ 1460.688634][T13863] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 1460.891441][T13863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1460.891481][T13863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1460.891849][T13863] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1460.891898][T13863] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1460.891924][T13863] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1460.897599][T13863] usb 3-1: config 0 descriptor??
[ 1461.094578][  T805] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1461.235508][T14656] ip6gretap0: entered promiscuous mode
[ 1461.235651][T14656] vlan2: entered promiscuous mode
[ 1461.269275][  T805] usb 5-1: Using ep0 maxpacket: 32
[ 1461.296278][  T805] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1461.296319][  T805] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 30768, setting to 1024
[ 1461.296350][  T805] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[ 1461.296385][  T805] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[ 1461.332563][  T805] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40
[ 1461.332598][  T805] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1461.332632][  T805] usb 5-1: SerialNumber: syz
[ 1461.380940][T14645] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1461.412472][  T805] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[ 1462.143617][  T805] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[ 1462.263134][  T805] usb 5-1: USB disconnect, device number 13
[ 1462.660920][T13863] usbhid 3-1:0.0: can't add hid device: -71
[ 1462.661065][T13863] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1462.734964][T13863] usb 3-1: USB disconnect, device number 4
[ 1464.180751][T14679] FAULT_INJECTION: forcing a failure.
[ 1464.180751][T14679] name failslab, interval 1, probability 0, space 0, times 0
[ 1464.180791][T14679] CPU: 0 UID: 0 PID: 14679 Comm: syz.4.2645 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1464.180834][T14679] Tainted: [L]=SOFTLOCKUP
[ 1464.180843][T14679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1464.180858][T14679] Call Trace:
[ 1464.180867][T14679]  <TASK>
[ 1464.180877][T14679]  dump_stack_lvl+0xe8/0x150
[ 1464.180915][T14679]  should_fail_ex+0x46c/0x600
[ 1464.180951][T14679]  ? getname_flags+0xb8/0x540
[ 1464.180973][T14679]  should_failslab+0xa8/0x100
[ 1464.180996][T14679]  ? getname_flags+0xb8/0x540
[ 1464.181017][T14679]  kmem_cache_alloc_noprof+0x84/0x6c0
[ 1464.181051][T14679]  ? __pfx_ksys_write+0x10/0x10
[ 1464.181088][T14679]  getname_flags+0xb8/0x540
[ 1464.181116][T14679]  __x64_sys_rmdir+0x3a/0x50
[ 1464.181147][T14679]  do_syscall_64+0xec/0xf80
[ 1464.181170][T14679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.181192][T14679]  ? trace_irq_disable+0x37/0x100
[ 1464.181218][T14679]  ? clear_bhb_loop+0x60/0xb0
[ 1464.181247][T14679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.181269][T14679] RIP: 0033:0x7f23f813f749
[ 1464.181290][T14679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1464.181310][T14679] RSP: 002b:00007f23f6385038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[ 1464.181333][T14679] RAX: ffffffffffffffda RBX: 00007f23f8396090 RCX: 00007f23f813f749
[ 1464.181350][T14679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000006300
[ 1464.181364][T14679] RBP: 00007f23f6385090 R08: 0000000000000000 R09: 0000000000000000
[ 1464.181378][T14679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1464.181391][T14679] R13: 00007f23f8396128 R14: 00007f23f8396090 R15: 00007ffc6616ce98
[ 1464.181427][T14679]  </TASK>
[ 1464.271241][   T38] audit: type=1326 audit(1767655618.640:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271307][   T38] audit: type=1326 audit(1767655618.640:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271356][   T38] audit: type=1326 audit(1767655618.640:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271406][   T38] audit: type=1326 audit(1767655618.640:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271463][   T38] audit: type=1326 audit(1767655618.640:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271513][   T38] audit: type=1326 audit(1767655618.640:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271563][   T38] audit: type=1326 audit(1767655618.640:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271612][   T38] audit: type=1326 audit(1767655618.640:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271662][   T38] audit: type=1326 audit(1767655618.640:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.271711][   T38] audit: type=1326 audit(1767655618.670:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14675 comm="syz.7.2647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f775381f749 code=0x7ffc0000
[ 1464.763257][T14686] FAULT_INJECTION: forcing a failure.
[ 1464.763257][T14686] name failslab, interval 1, probability 0, space 0, times 0
[ 1464.763299][T14686] CPU: 0 UID: 0 PID: 14686 Comm: syz.2.2650 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1464.763331][T14686] Tainted: [L]=SOFTLOCKUP
[ 1464.763340][T14686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1464.763354][T14686] Call Trace:
[ 1464.763363][T14686]  <TASK>
[ 1464.763373][T14686]  dump_stack_lvl+0xe8/0x150
[ 1464.763410][T14686]  should_fail_ex+0x46c/0x600
[ 1464.763456][T14686]  should_failslab+0xa8/0x100
[ 1464.763481][T14686]  __kmalloc_noprof+0xe0/0x7e0
[ 1464.763514][T14686]  ? kfree+0x4d/0x900
[ 1464.763541][T14686]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1464.763572][T14686]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1464.763597][T14686]  ? tomoyo_domain+0xd9/0x130
[ 1464.763628][T14686]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1464.763659][T14686]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1464.763695][T14686]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1464.763727][T14686]  ? __lock_acquire+0x6b6/0x2cf0
[ 1464.763760][T14686]  ? do_raw_spin_lock+0x121/0x290
[ 1464.763822][T14686]  ? __fget_files+0x2a/0x420
[ 1464.763849][T14686]  ? __fget_files+0x2a/0x420
[ 1464.763872][T14686]  ? __fget_files+0x3a6/0x420
[ 1464.763895][T14686]  ? __fget_files+0x2a/0x420
[ 1464.763923][T14686]  security_file_ioctl+0xcb/0x2d0
[ 1464.763957][T14686]  __se_sys_ioctl+0x47/0x170
[ 1464.763992][T14686]  do_syscall_64+0xec/0xf80
[ 1464.764014][T14686]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.764037][T14686]  ? trace_irq_disable+0x37/0x100
[ 1464.764061][T14686]  ? clear_bhb_loop+0x60/0xb0
[ 1464.764089][T14686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.764111][T14686] RIP: 0033:0x7fb31f36f749
[ 1464.764133][T14686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1464.764152][T14686] RSP: 002b:00007fb31d5d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1464.764175][T14686] RAX: ffffffffffffffda RBX: 00007fb31f5c5fa0 RCX: 00007fb31f36f749
[ 1464.764192][T14686] RDX: 0000200000000080 RSI: 00000000c008551b RDI: 0000000000000003
[ 1464.764208][T14686] RBP: 00007fb31d5d6090 R08: 0000000000000000 R09: 0000000000000000
[ 1464.764222][T14686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1464.764236][T14686] R13: 00007fb31f5c6038 R14: 00007fb31f5c5fa0 R15: 00007ffecd113e48
[ 1464.764273][T14686]  </TASK>
[ 1464.764283][T14686] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1465.080155][T13863] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[ 1465.184410][T14695] FAULT_INJECTION: forcing a failure.
[ 1465.184410][T14695] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1465.184452][T14695] CPU: 1 UID: 0 PID: 14695 Comm: syz.7.2655 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1465.184483][T14695] Tainted: [L]=SOFTLOCKUP
[ 1465.184492][T14695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1465.184507][T14695] Call Trace:
[ 1465.184516][T14695]  <TASK>
[ 1465.184526][T14695]  dump_stack_lvl+0xe8/0x150
[ 1465.184564][T14695]  should_fail_ex+0x46c/0x600
[ 1465.184602][T14695]  _copy_from_user+0x2d/0xb0
[ 1465.184627][T14695]  ___sys_sendmsg+0x158/0x2a0
[ 1465.184659][T14695]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1465.184727][T14695]  ? __fget_files+0x2a/0x420
[ 1465.184751][T14695]  ? __fget_files+0x3a6/0x420
[ 1465.184786][T14695]  __x64_sys_sendmsg+0x1a1/0x260
[ 1465.184819][T14695]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1465.184858][T14695]  ? __pfx_ksys_write+0x10/0x10
[ 1465.184902][T14695]  do_syscall_64+0xec/0xf80
[ 1465.184925][T14695]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1465.184948][T14695]  ? trace_irq_disable+0x37/0x100
[ 1465.184973][T14695]  ? clear_bhb_loop+0x60/0xb0
[ 1465.185002][T14695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1465.185026][T14695] RIP: 0033:0x7f775381f749
[ 1465.185046][T14695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1465.185066][T14695] RSP: 002b:00007f7751a86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1465.185089][T14695] RAX: ffffffffffffffda RBX: 00007f7753a75fa0 RCX: 00007f775381f749
[ 1465.185105][T14695] RDX: 00000000240008c4 RSI: 0000200000000000 RDI: 0000000000000004
[ 1465.185120][T14695] RBP: 00007f7751a86090 R08: 0000000000000000 R09: 0000000000000000
[ 1465.185135][T14695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1465.185148][T14695] R13: 00007f7753a76038 R14: 00007f7753a75fa0 R15: 00007fff0f9e63a8
[ 1465.185185][T14695]  </TASK>
[ 1465.228737][T13863] usb 9-1: Using ep0 maxpacket: 16
[ 1465.236519][T13863] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1465.236596][T13863] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1465.269834][T13863] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1465.269869][T13863] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1465.269893][T13863] usb 9-1: Product: syz
[ 1465.269910][T13863] usb 9-1: Manufacturer: syz
[ 1465.269925][T13863] usb 9-1: SerialNumber: syz
[ 1465.526722][T14699] devpts: Bad value for 'max'
[ 1465.646273][T14685] loop8: detected capacity change from 0 to 8
[ 1465.784018][T14685] Dev loop8: unable to read RDB block 8
[ 1465.784079][T14685]  loop8: unable to read partition table
[ 1465.784323][T14685] loop8: partition table beyond EOD, truncated
[ 1465.784345][T14685] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1467.759952][T13863] usb 9-1: 0:2 : does not exist
[ 1467.820766][T13863] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[ 1467.928949][T13863] usb 9-1: USB disconnect, device number 18
[ 1468.278782][ T5804] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1468.428628][ T5804] usb 5-1: Using ep0 maxpacket: 32
[ 1468.430940][ T5804] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1468.430973][ T5804] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1468.436471][ T5804] usb 5-1: config 0 descriptor??
[ 1468.655879][ T5804] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1468.715229][ T5804] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1468.716892][ T5804] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1468.716956][ T5804] usb 5-1: media controller created
[ 1468.821234][ T5804] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1468.917920][T14737] FAULT_INJECTION: forcing a failure.
[ 1468.917920][T14737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1468.917950][T14737] CPU: 0 UID: 0 PID: 14737 Comm: syz.7.2667 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1468.917973][T14737] Tainted: [L]=SOFTLOCKUP
[ 1468.917979][T14737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1468.917989][T14737] Call Trace:
[ 1468.917995][T14737]  <TASK>
[ 1468.918002][T14737]  dump_stack_lvl+0xe8/0x150
[ 1468.918037][T14737]  should_fail_ex+0x46c/0x600
[ 1468.918063][T14737]  _copy_from_user+0x2d/0xb0
[ 1468.918080][T14737]  ___sys_sendmsg+0x158/0x2a0
[ 1468.918103][T14737]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1468.918148][T14737]  ? __fget_files+0x2a/0x420
[ 1468.918165][T14737]  ? __fget_files+0x3a6/0x420
[ 1468.918189][T14737]  __x64_sys_sendmsg+0x1a1/0x260
[ 1468.918211][T14737]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1468.918238][T14737]  ? __pfx_ksys_write+0x10/0x10
[ 1468.918269][T14737]  do_syscall_64+0xec/0xf80
[ 1468.918285][T14737]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1468.918300][T14737]  ? trace_irq_disable+0x37/0x100
[ 1468.918317][T14737]  ? clear_bhb_loop+0x60/0xb0
[ 1468.918336][T14737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1468.918351][T14737] RIP: 0033:0x7f775381f749
[ 1468.918366][T14737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1468.918380][T14737] RSP: 002b:00007f7751a86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1468.918397][T14737] RAX: ffffffffffffffda RBX: 00007f7753a75fa0 RCX: 00007f775381f749
[ 1468.918409][T14737] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000005
[ 1468.918420][T14737] RBP: 00007f7751a86090 R08: 0000000000000000 R09: 0000000000000000
[ 1468.918430][T14737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1468.918440][T14737] R13: 00007f7753a76038 R14: 00007f7753a75fa0 R15: 00007fff0f9e63a8
[ 1468.918498][T14737]  </TASK>
[ 1468.999571][ T5804] az6027: usb out operation failed. (-71)
[ 1469.089403][ T5804] az6027: usb out operation failed. (-71)
[ 1469.089464][ T5804] stb0899_attach: Driver disabled by Kconfig
[ 1469.089495][ T5804] az6027: no front-end attached
[ 1469.089495][ T5804] 
[ 1469.099011][ T5804] az6027: usb out operation failed. (-71)
[ 1469.099068][ T5804] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1469.138100][ T5804] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input18
[ 1469.260370][ T5804] dvb-usb: schedule remote query interval to 400 msecs.
[ 1469.260438][ T5804] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1469.314835][ T5804] usb 5-1: USB disconnect, device number 14
[ 1469.372565][T14739] tmpfs: Bad value for 'mpol'
[ 1469.373241][T14739] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2668'.
[ 1469.672064][ T5804] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1470.018726][  T805] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[ 1470.168607][  T805] usb 9-1: Using ep0 maxpacket: 16
[ 1470.171127][  T805] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1470.171155][  T805] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1470.175657][  T805] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1470.175688][  T805] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1470.175711][  T805] usb 9-1: Product: syz
[ 1470.175728][  T805] usb 9-1: Manufacturer: syz
[ 1470.175743][  T805] usb 9-1: SerialNumber: syz
[ 1470.518269][T14746] loop8: detected capacity change from 0 to 8
[ 1470.542229][T14746] Dev loop8: unable to read RDB block 8
[ 1470.542279][T14746]  loop8: unable to read partition table
[ 1470.542626][T14746] loop8: partition table beyond EOD, truncated
[ 1470.542709][T14746] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1473.065366][  T805] usb 9-1: 0:2 : does not exist
[ 1473.091020][  T805] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[ 1473.147749][  T805] usb 9-1: USB disconnect, device number 19
[ 1474.830099][T14774] RDS: rds_bind could not find a transport for ::9d:0:0:0:1, load rds_tcp or rds_rdma?
[ 1475.072039][   T38] kauditd_printk_skb: 8 callbacks suppressed
[ 1475.072060][   T38] audit: type=1326 audit(1767655629.520:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14764 comm="syz.9.2678" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb78bb8f749 code=0x0
[ 1475.128597][ T8619] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1475.278728][ T8619] usb 8-1: Using ep0 maxpacket: 8
[ 1475.310397][ T8619] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1475.312116][ T8619] usb 8-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1475.312142][ T8619] usb 8-1: config 1 has an invalid interface descriptor of length 3, skipping
[ 1475.312162][ T8619] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1475.312184][ T8619] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1475.312207][ T8619] usb 8-1: config 1 has no interface number 0
[ 1475.327261][ T8619] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1475.336070][ T8619] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1475.336102][ T8619] usb 8-1: Product: syz
[ 1475.336119][ T8619] usb 8-1: Manufacturer: syz
[ 1475.336136][ T8619] usb 8-1: SerialNumber: syz
[ 1475.896446][ T8619] usb 8-1: USB disconnect, device number 4
[ 1476.666828][T14786] FAULT_INJECTION: forcing a failure.
[ 1476.666828][T14786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1476.666870][T14786] CPU: 1 UID: 0 PID: 14786 Comm: syz.4.2683 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1476.666901][T14786] Tainted: [L]=SOFTLOCKUP
[ 1476.666911][T14786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1476.666925][T14786] Call Trace:
[ 1476.666934][T14786]  <TASK>
[ 1476.666943][T14786]  dump_stack_lvl+0xe8/0x150
[ 1476.666981][T14786]  should_fail_ex+0x46c/0x600
[ 1476.667018][T14786]  _copy_from_user+0x2d/0xb0
[ 1476.667042][T14786]  ___sys_sendmsg+0x158/0x2a0
[ 1476.667075][T14786]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1476.667142][T14786]  ? __fget_files+0x2a/0x420
[ 1476.667165][T14786]  ? __fget_files+0x3a6/0x420
[ 1476.667201][T14786]  __x64_sys_sendmsg+0x1a1/0x260
[ 1476.667233][T14786]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1476.667273][T14786]  ? __pfx_ksys_write+0x10/0x10
[ 1476.667318][T14786]  do_syscall_64+0xec/0xf80
[ 1476.667341][T14786]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1476.667363][T14786]  ? trace_irq_disable+0x37/0x100
[ 1476.667387][T14786]  ? clear_bhb_loop+0x60/0xb0
[ 1476.667422][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1476.667445][T14786] RIP: 0033:0x7f23f813f749
[ 1476.667465][T14786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1476.667486][T14786] RSP: 002b:00007f23f63a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1476.667510][T14786] RAX: ffffffffffffffda RBX: 00007f23f8395fa0 RCX: 00007f23f813f749
[ 1476.667526][T14786] RDX: 00000000240400d0 RSI: 0000200000000340 RDI: 0000000000000004
[ 1476.667541][T14786] RBP: 00007f23f63a6090 R08: 0000000000000000 R09: 0000000000000000
[ 1476.667555][T14786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1476.667568][T14786] R13: 00007f23f8396038 R14: 00007f23f8395fa0 R15: 00007ffc6616ce98
[ 1476.667604][T14786]  </TASK>
[ 1477.250825][T14793] program syz.7.2684 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1477.861935][T14788] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2684'.
[ 1482.258959][T14820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1486.124590][T11646] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1486.154795][T11646] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1486.160563][T11646] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1486.173917][T11646] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1486.174906][T11646] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1487.208640][T14100] Bluetooth: hci0: command 0x0406 tx timeout
[ 1487.373965][T14699] Set syz1 is full, maxelem 65536 reached
[ 1488.558651][T14100] Bluetooth: hci3: command tx timeout
[ 1488.928644][ T8907] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1489.147811][ T8907] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1489.147845][ T8907] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1489.147872][ T8907] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1489.147895][ T8907] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1489.147938][ T8907] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1489.147963][ T8907] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1490.098675][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1490.098749][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1490.234883][ T8907] usb 5-1: config 0 descriptor??
[ 1490.467755][T14855] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2704'.
[ 1490.505420][ T8907] hdpvr 5-1:0.0: unexpected answer of status request, len -32
[ 1490.505440][ T8907] hdpvr 5-1:0.0: device init failed
[ 1490.505505][ T8907] hdpvr 5-1:0.0: probe with driver hdpvr failed with error -12
[ 1490.585052][ T8907] usb 5-1: USB disconnect, device number 15
[ 1490.588757][ T5810] Bluetooth: hci3: command tx timeout
[ 1491.630098][T14877] fuse: Unknown parameter '000000000000000001450x0000000000000000'
[ 1492.250095][ T5810] Bluetooth: hci4: command 0x0406 tx timeout
[ 1492.469099][ T5810] Bluetooth: hci2: command 0x0406 tx timeout
[ 1492.674687][ T5810] Bluetooth: hci3: command tx timeout
[ 1493.759334][T13863] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[ 1494.439660][T14840] chnl_net:caif_netlink_parms(): no params data found
[ 1494.502997][T13863] usb 9-1: Using ep0 maxpacket: 16
[ 1494.523658][T13863] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1494.523688][T13863] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1494.552671][T13863] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1494.552704][T13863] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1494.552726][T13863] usb 9-1: Product: syz
[ 1494.552741][T13863] usb 9-1: Manufacturer: syz
[ 1494.552757][T13863] usb 9-1: SerialNumber: syz
[ 1494.748591][T11646] Bluetooth: hci3: command tx timeout
[ 1494.865656][T14883] loop8: detected capacity change from 0 to 8
[ 1494.866695][T14883] Dev loop8: unable to read RDB block 8
[ 1494.866761][T14883]  loop8: unable to read partition table
[ 1494.867058][T14883] loop8: partition table beyond EOD, truncated
[ 1494.867095][T14883] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1498.444807][T13863] usb 9-1: 0:2 : does not exist
[ 1498.488773][T13863] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[ 1498.602282][T13863] usb 9-1: USB disconnect, device number 20
[ 1501.695835][T11142] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1501.807177][T14917] vlan2: entered promiscuous mode
[ 1502.109599][T14840] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1502.109821][T14840] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1502.110201][T14840] bridge_slave_0: entered allmulticast mode
[ 1502.113281][T14840] bridge_slave_0: entered promiscuous mode
[ 1502.339006][ T8907] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1502.461064][T11142] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1502.491662][ T8907] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1502.491696][ T8907] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1502.491724][ T8907] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1502.491748][ T8907] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1502.491792][ T8907] usb 10-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1502.491818][ T8907] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1502.612868][ T8907] usb 10-1: config 0 descriptor??
[ 1502.654045][T14840] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1502.654346][T14840] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1502.654755][T14840] bridge_slave_1: entered allmulticast mode
[ 1502.698022][T14840] bridge_slave_1: entered promiscuous mode
[ 1502.866607][T14933] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2720'.
[ 1502.953511][T14946] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2729'.
[ 1502.953961][T14946] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2729'.
[ 1502.956123][T14946] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2729'.
[ 1502.956558][T14946] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2729'.
[ 1502.957468][T14946] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2729'.
[ 1502.969208][ T8907] hdpvr 10-1:0.0: unexpected answer of status request, len -32
[ 1502.969280][ T8907] hdpvr 10-1:0.0: device init failed
[ 1502.969533][ T8907] hdpvr 10-1:0.0: probe with driver hdpvr failed with error -12
[ 1503.086854][T11578] usb 10-1: USB disconnect, device number 4
[ 1503.188632][ T8619] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1503.507318][ T8907] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1504.838638][ T8907] usb 8-1: Using ep0 maxpacket: 16
[ 1504.855216][ T8907] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1504.855254][ T8907] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1504.855279][ T8907] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1504.855316][ T8907] usb 8-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[ 1504.855342][ T8907] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1504.950393][ T8907] usb 8-1: config 0 descriptor??
[ 1504.982007][T11142] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1505.273912][T14840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1506.211538][T14840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1506.728249][ T8907] usbhid 8-1:0.0: can't add hid device: -71
[ 1506.728386][ T8907] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1506.759607][ T8907] usb 8-1: USB disconnect, device number 5
[ 1506.993655][T11142] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.444520][T14966] vlan2: entered promiscuous mode
[ 1508.672394][T14982] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2737'.
[ 1508.724375][T14840] team0: Port device team_slave_0 added
[ 1508.802331][T14840] team0: Port device team_slave_1 added
[ 1509.252645][T14840] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1509.252667][T14840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1509.252696][T14840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1509.547596][T14840] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1509.547615][T14840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1509.547644][T14840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1511.522685][T15004] fuse: Unknown parameter '000000000000000001220x0000000000000000'
[ 1512.190645][T14840] hsr_slave_0: entered promiscuous mode
[ 1512.204735][T14840] hsr_slave_1: entered promiscuous mode
[ 1512.209037][T14840] debugfs: 'hsr0' already exists in 'hsr'
[ 1512.209129][T14840] Cannot create hsr debugfs directory
[ 1512.398694][T14404] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1512.529951][T11142] bridge_slave_1: left allmulticast mode
[ 1512.529984][T11142] bridge_slave_1: left promiscuous mode
[ 1512.530242][T11142] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1512.587640][T14404] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1512.587665][T14404] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1512.587686][T14404] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1512.587723][T14404] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1512.587743][T14404] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1512.674820][T14404] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1512.674854][T14404] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1512.674876][T14404] usb 10-1: Product: syz
[ 1512.674891][T14404] usb 10-1: Manufacturer: syz
[ 1512.720323][T14404] cdc_wdm 10-1:1.0: skipping garbage
[ 1512.720347][T14404] cdc_wdm 10-1:1.0: skipping garbage
[ 1512.723240][T11142] bridge_slave_0: left allmulticast mode
[ 1512.723270][T11142] bridge_slave_0: left promiscuous mode
[ 1512.723545][T11142] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.775996][T14404] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[ 1512.776031][T14404] cdc_wdm 10-1:1.0: Unknown control protocol
[ 1512.828610][ T8619] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1512.942528][T14964] usb 10-1: USB disconnect, device number 5
[ 1513.021449][ T8619] usb 8-1: Using ep0 maxpacket: 16
[ 1513.023924][ T8619] usb 8-1: config 4 has an invalid interface number: 79 but max is 1
[ 1513.023945][ T8619] usb 8-1: config 4 contains an unexpected descriptor of type 0x1, skipping
[ 1513.023959][ T8619] usb 8-1: config 4 has an invalid interface number: 96 but max is 1
[ 1513.023974][ T8619] usb 8-1: config 4 has no interface number 0
[ 1513.023987][ T8619] usb 8-1: config 4 has no interface number 1
[ 1513.024030][ T8619] usb 8-1: config 4 interface 79 altsetting 197 bulk endpoint 0xD has invalid maxpacket 1024
[ 1513.024049][ T8619] usb 8-1: config 4 interface 79 altsetting 197 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[ 1513.024069][ T8619] usb 8-1: config 4 interface 79 altsetting 197 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[ 1513.024089][ T8619] usb 8-1: config 4 interface 79 altsetting 197 has an invalid descriptor for endpoint zero, skipping
[ 1513.024105][ T8619] usb 8-1: config 4 interface 79 altsetting 197 has a duplicate endpoint with address 0xD, skipping
[ 1513.024122][ T8619] usb 8-1: config 4 interface 79 altsetting 197 has 9 endpoint descriptors, different from the interface descriptor's value: 8
[ 1513.024152][ T8619] usb 8-1: config 4 interface 96 altsetting 134 has a duplicate endpoint with address 0x1, skipping
[ 1513.024170][ T8619] usb 8-1: config 4 interface 79 has no altsetting 0
[ 1513.024184][ T8619] usb 8-1: config 4 interface 96 has no altsetting 0
[ 1513.351733][ T8619] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice=1b.54
[ 1513.351767][ T8619] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1513.351789][ T8619] usb 8-1: Product: 灵봲㕳葘璣頪燜¥功볐よ簁ꥎ㫛⃥둝ｪ桉힪巑ﺊꅧᗂ䅦멢릁돺鷧쳀蓺쬲ধ궎㺘置嬨ꋄ렵숝ƌ洑Ꝃ돊㫭郊⎓웿⬡픦⥩넂ᷗ❽睼钫窟僥㐵鄄騖ᘯ㸇ᷢ耤䎎ᄉ煫⸒
[ 1513.351821][ T8619] usb 8-1: Manufacturer: Џ
[ 1513.351838][ T8619] usb 8-1: SerialNumber: 《
[ 1513.422908][T15009] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[ 1513.521565][T15009] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[ 1514.006045][ T8619] usb 8-1: USB disconnect, device number 6
[ 1514.389516][T15029] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2749'.
[ 1515.140617][ T8907] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1515.308675][ T8907] usb 8-1: Using ep0 maxpacket: 16
[ 1515.312181][ T8907] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1515.312209][ T8907] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1515.314715][ T8907] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1515.314751][ T8907] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1515.314767][ T8907] usb 8-1: Product: syz
[ 1515.314778][ T8907] usb 8-1: Manufacturer: syz
[ 1515.314789][ T8907] usb 8-1: SerialNumber: syz
[ 1515.595954][T15031] loop8: detected capacity change from 0 to 8
[ 1515.632174][T15031] Dev loop8: unable to read RDB block 8
[ 1515.632223][T15031]  loop8: unable to read partition table
[ 1515.632538][T15031] loop8: partition table beyond EOD, truncated
[ 1515.632560][T15031] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1516.929786][T11142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1516.999688][T11142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1517.054567][T11142] bond0 (unregistering): Released all slaves
[ 1518.499178][ T8907] usb 8-1: 0:2 : does not exist
[ 1518.516066][ T8907] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[ 1518.586408][ T8907] usb 8-1: USB disconnect, device number 7
[ 1520.915366][T15049] vlan2: entered promiscuous mode
[ 1524.875446][T15073] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2761'.
[ 1525.840469][T14100] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1525.856468][T14100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1525.858127][T14100] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1525.863797][T14100] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1525.864736][T14100] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1526.013596][T15085] FAULT_INJECTION: forcing a failure.
[ 1526.013596][T15085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1526.013665][T15085] CPU: 0 UID: 0 PID: 15085 Comm: syz.7.2766 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1526.013696][T15085] Tainted: [L]=SOFTLOCKUP
[ 1526.013705][T15085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1526.013720][T15085] Call Trace:
[ 1526.013730][T15085]  <TASK>
[ 1526.013741][T15085]  dump_stack_lvl+0xe8/0x150
[ 1526.013788][T15085]  should_fail_ex+0x46c/0x600
[ 1526.013826][T15085]  _copy_from_user+0x2d/0xb0
[ 1526.013850][T15085]  get_nodes+0x29c/0x390
[ 1526.013881][T15085]  ? __pfx_get_nodes+0x10/0x10
[ 1526.013906][T15085]  ? irqentry_exit+0x5e8/0x670
[ 1526.013931][T15085]  ? irqentry_exit+0x5e8/0x670
[ 1526.013952][T15085]  ? rcu_is_watching+0x15/0xb0
[ 1526.013977][T15085]  __x64_sys_set_mempolicy+0x18a/0x210
[ 1526.014017][T15085]  ? __pfx___x64_sys_set_mempolicy+0x10/0x10
[ 1526.014065][T15085]  do_syscall_64+0xec/0xf80
[ 1526.014087][T15085]  ? rcu_is_watching+0x15/0xb0
[ 1526.014107][T15085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1526.014130][T15085]  ? clear_bhb_loop+0x60/0xb0
[ 1526.014158][T15085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1526.014181][T15085] RIP: 0033:0x7f775381f749
[ 1526.014202][T15085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1526.014222][T15085] RSP: 002b:00007f7751a44038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ee
[ 1526.014247][T15085] RAX: ffffffffffffffda RBX: 00007f7753a76180 RCX: 00007f775381f749
[ 1526.014265][T15085] RDX: 0000000000000005 RSI: 0000200000000040 RDI: 0000000000008006
[ 1526.014302][T15085] RBP: 00007f7751a44090 R08: 0000000000000000 R09: 0000000000000000
[ 1526.014317][T15085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1526.014331][T15085] R13: 00007f7753a76218 R14: 00007f7753a76180 R15: 00007fff0f9e63a8
[ 1526.014368][T15085]  </TASK>
[ 1528.459869][T14100] Bluetooth: hci4: command tx timeout
[ 1528.709095][T11142] hsr_slave_0: left promiscuous mode
[ 1528.964869][T11142] hsr_slave_1: left promiscuous mode
[ 1529.002248][T11142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1529.006337][T11142] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1530.290415][T11142] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1530.290444][T11142] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1530.351287][T15112] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2773'.
[ 1530.449067][T11142] veth1_macvtap: left promiscuous mode
[ 1530.449217][T11142] veth0_macvtap: left promiscuous mode
[ 1530.449517][T11142] veth1_vlan: left promiscuous mode
[ 1530.454343][T11142] veth0_vlan: left promiscuous mode
[ 1530.508655][T14100] Bluetooth: hci4: command tx timeout
[ 1532.588684][T14100] Bluetooth: hci4: command tx timeout
[ 1534.677526][T14100] Bluetooth: hci4: command tx timeout
[ 1534.990831][T11142] team0 (unregistering): Port device team_slave_1 removed
[ 1535.290408][T11142] team0 (unregistering): Port device team_slave_0 removed
[ 1538.917324][T15127] FAULT_INJECTION: forcing a failure.
[ 1538.917324][T15127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1538.917373][T15127] CPU: 1 UID: 0 PID: 15127 Comm: syz.9.2779 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1538.917434][T15127] Tainted: [L]=SOFTLOCKUP
[ 1538.917450][T15127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1538.917477][T15127] Call Trace:
[ 1538.917494][T15127]  <TASK>
[ 1538.917503][T15127]  dump_stack_lvl+0xe8/0x150
[ 1538.917541][T15127]  should_fail_ex+0x46c/0x600
[ 1538.917578][T15127]  _copy_from_user+0x2d/0xb0
[ 1538.917602][T15127]  __sys_connect+0x124/0x450
[ 1538.917631][T15127]  ? __pfx___sys_connect+0x10/0x10
[ 1538.917670][T15127]  ? __pfx_ksys_write+0x10/0x10
[ 1538.917712][T15127]  __x64_sys_connect+0x7a/0x90
[ 1538.917739][T15127]  do_syscall_64+0xec/0xf80
[ 1538.917770][T15127]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1538.917794][T15127]  ? clear_bhb_loop+0x60/0xb0
[ 1538.917822][T15127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1538.917845][T15127] RIP: 0033:0x7fb78bb8f749
[ 1538.917866][T15127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1538.917886][T15127] RSP: 002b:00007fb789df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1538.917909][T15127] RAX: ffffffffffffffda RBX: 00007fb78bde5fa0 RCX: 00007fb78bb8f749
[ 1538.917926][T15127] RDX: 0000000000000010 RSI: 0000200000000140 RDI: 0000000000000007
[ 1538.917940][T15127] RBP: 00007fb789df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1538.917954][T15127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1538.917968][T15127] R13: 00007fb78bde6038 R14: 00007fb78bde5fa0 R15: 00007fff0649e978
[ 1538.918004][T15127]  </TASK>
[ 1542.405246][T15082] chnl_net:caif_netlink_parms(): no params data found
[ 1543.028733][T15161] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2787'.
[ 1543.754083][ T5810] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1543.778484][ T5810] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1543.782510][ T5810] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1544.879385][ T5810] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1544.881204][ T5810] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1544.963376][T15082] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1544.963597][T15082] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1544.963806][T15082] bridge_slave_0: entered allmulticast mode
[ 1544.966557][T15082] bridge_slave_0: entered promiscuous mode
[ 1545.029741][T15082] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1545.029878][T15082] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1545.030163][T15082] bridge_slave_1: entered allmulticast mode
[ 1545.037303][T15082] bridge_slave_1: entered promiscuous mode
[ 1546.593849][ T5810] Bluetooth: hci4: command tx timeout
[ 1546.816754][T15082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1546.846328][T15082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1547.598528][ T5810] Bluetooth: hci5: command tx timeout
[ 1549.628664][ T5810] Bluetooth: hci5: command tx timeout
[ 1549.822154][T15206] RDS: rds_bind could not find a transport for ::9d:0:0:0:1, load rds_tcp or rds_rdma?
[ 1550.223524][   T10] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1551.708648][ T5810] Bluetooth: hci5: command tx timeout
[ 1553.402317][T15219] fuse: Unknown parameter '000000000000000002210x0000000000000000'
[ 1553.668735][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1553.668817][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1553.788587][ T5810] Bluetooth: hci5: command tx timeout
[ 1554.020706][T15082] team0: Port device team_slave_0 added
[ 1554.153643][T15222] FAULT_INJECTION: forcing a failure.
[ 1554.153643][T15222] name failslab, interval 1, probability 0, space 0, times 0
[ 1554.153689][T15222] CPU: 0 UID: 0 PID: 15222 Comm: syz.9.2803 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1554.153732][T15222] Tainted: [L]=SOFTLOCKUP
[ 1554.153741][T15222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1554.153756][T15222] Call Trace:
[ 1554.153765][T15222]  <TASK>
[ 1554.153775][T15222]  dump_stack_lvl+0xe8/0x150
[ 1554.153812][T15222]  should_fail_ex+0x46c/0x600
[ 1554.153851][T15222]  should_failslab+0xa8/0x100
[ 1554.153875][T15222]  __kmalloc_noprof+0xe0/0x7e0
[ 1554.153909][T15222]  ? kfree+0x4d/0x900
[ 1554.153935][T15222]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1554.153966][T15222]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1554.153992][T15222]  ? tomoyo_domain+0xd9/0x130
[ 1554.154021][T15222]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1554.154053][T15222]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1554.154088][T15222]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1554.154120][T15222]  ? __lock_acquire+0x6b6/0x2cf0
[ 1554.154154][T15222]  ? do_raw_spin_lock+0x121/0x290
[ 1554.154218][T15222]  ? __fget_files+0x2a/0x420
[ 1554.154247][T15222]  ? __fget_files+0x2a/0x420
[ 1554.154270][T15222]  ? __fget_files+0x3a6/0x420
[ 1554.154293][T15222]  ? __fget_files+0x2a/0x420
[ 1554.154323][T15222]  security_file_ioctl+0xcb/0x2d0
[ 1554.154358][T15222]  __se_sys_ioctl+0x47/0x170
[ 1554.154392][T15222]  do_syscall_64+0xec/0xf80
[ 1554.154415][T15222]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.154437][T15222]  ? trace_irq_disable+0x37/0x100
[ 1554.154461][T15222]  ? clear_bhb_loop+0x60/0xb0
[ 1554.154488][T15222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.154511][T15222] RIP: 0033:0x7fb78bb8f749
[ 1554.154537][T15222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1554.154557][T15222] RSP: 002b:00007fb789df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1554.154582][T15222] RAX: ffffffffffffffda RBX: 00007fb78bde5fa0 RCX: 00007fb78bb8f749
[ 1554.154600][T15222] RDX: 0000200000000040 RSI: 00000000c01c64a3 RDI: 0000000000000003
[ 1554.154615][T15222] RBP: 00007fb789df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1554.154629][T15222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1554.154643][T15222] R13: 00007fb78bde6038 R14: 00007fb78bde5fa0 R15: 00007fff0649e978
[ 1554.154680][T15222]  </TASK>
[ 1554.154690][T15222] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1554.488727][   T10] usb 10-1: device not accepting address 6, error -71
[ 1557.023075][T15238] FAULT_INJECTION: forcing a failure.
[ 1557.023075][T15238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1557.023109][T15238] CPU: 1 UID: 0 PID: 15238 Comm: syz.7.2807 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1557.023133][T15238] Tainted: [L]=SOFTLOCKUP
[ 1557.023140][T15238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1557.023162][T15238] Call Trace:
[ 1557.023169][T15238]  <TASK>
[ 1557.023177][T15238]  dump_stack_lvl+0xe8/0x150
[ 1557.023207][T15238]  should_fail_ex+0x46c/0x600
[ 1557.023237][T15238]  _copy_from_user+0x2d/0xb0
[ 1557.023255][T15238]  ___sys_sendmsg+0x158/0x2a0
[ 1557.023282][T15238]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1557.023335][T15238]  ? __fget_files+0x2a/0x420
[ 1557.023354][T15238]  ? __fget_files+0x3a6/0x420
[ 1557.023383][T15238]  __x64_sys_sendmsg+0x1a1/0x260
[ 1557.023412][T15238]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1557.023446][T15238]  ? __pfx_ksys_write+0x10/0x10
[ 1557.023481][T15238]  do_syscall_64+0xec/0xf80
[ 1557.023498][T15238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.023515][T15238]  ? trace_irq_disable+0x37/0x100
[ 1557.023534][T15238]  ? clear_bhb_loop+0x60/0xb0
[ 1557.023556][T15238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.023573][T15238] RIP: 0033:0x7f775381f749
[ 1557.023590][T15238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1557.023605][T15238] RSP: 002b:00007f7751a86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1557.023624][T15238] RAX: ffffffffffffffda RBX: 00007f7753a75fa0 RCX: 00007f775381f749
[ 1557.023638][T15238] RDX: 0000000000000000 RSI: 0000200000000d40 RDI: 0000000000000003
[ 1557.023650][T15238] RBP: 00007f7751a86090 R08: 0000000000000000 R09: 0000000000000000
[ 1557.023661][T15238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1557.023672][T15238] R13: 00007f7753a76038 R14: 00007f7753a75fa0 R15: 00007fff0f9e63a8
[ 1557.023700][T15238]  </TASK>
[ 1557.160814][ T5810] Bluetooth: hci5: command tx timeout
[ 1557.305269][T11142] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.430885][T15082] team0: Port device team_slave_1 added
[ 1557.550718][T15246] RDS: rds_bind could not find a transport for ::9d:0:0:0:1, load rds_tcp or rds_rdma?
[ 1557.808637][   T10] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1558.858581][   T10] usb 10-1: Using ep0 maxpacket: 8
[ 1558.886008][   T10] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1558.963060][   T10] usb 10-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1558.963091][   T10] usb 10-1: config 1 has an invalid interface descriptor of length 3, skipping
[ 1558.963110][   T10] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1558.963130][   T10] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1558.963154][   T10] usb 10-1: config 1 has no interface number 0
[ 1558.991260][   T10] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1558.991347][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1558.991408][   T10] usb 10-1: Product: syz
[ 1558.991465][   T10] usb 10-1: Manufacturer: syz
[ 1558.991524][   T10] usb 10-1: SerialNumber: syz
[ 1559.353500][   T10] usb 10-1: USB disconnect, device number 8
[ 1562.002458][T11142] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1562.105143][T15082] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1562.105164][T15082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1562.105193][T15082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1562.176421][T15082] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1562.176440][T15082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1562.176470][T15082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1563.185058][T11142] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1566.278630][ T8619] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1566.324779][T11142] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1566.340359][T14927]  1024-page vmalloc region starting at 0xffffc9001784c000 allocated at kcov_ioctl+0x58/0x650
[ 1566.340414][T14927] list_del corruption. next->prev should be ffffc9001ac54000, but was 0000000000000000. (next=ffffc9001784c000)
[ 1566.341096][T14927] ------------[ cut here ]------------
[ 1566.341108][T14927] kernel BUG at lib/list_debug.c:67!
[ 1566.341154][T14927] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1566.341181][T14927] CPU: 0 UID: 0 PID: 14927 Comm: kworker/0:13 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1566.341210][T14927] Tainted: [L]=SOFTLOCKUP
[ 1566.341219][T14927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1566.341235][T14927] Workqueue: usb_hub_wq hub_event
[ 1566.341267][T14927] RIP: 0010:__list_del_entry_valid_or_report+0x18a/0x190
[ 1566.341300][T14927] Code: 2c 53 7a fd 43 80 3c 2c 00 74 08 4c 89 ff e8 8d 85 9a fd 49 8b 56 08 48 c7 c7 20 5d 3f 8b 48 89 de 4c 89 f1 e8 27 f3 9f fc 90 <0f> 0b cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1566.341320][T14927] RSP: 0018:ffffc9000659f738 EFLAGS: 00010246
[ 1566.341338][T14927] RAX: 000000000000006d RBX: ffffc9001ac54000 RCX: da1bc28bc7907400
[ 1566.341353][T14927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1566.341366][T14927] RBP: 0000000000100000 R08: 0000000000000000 R09: 0000000000000000
[ 1566.341378][T14927] R10: dffffc0000000000 R11: ffffed1017104923 R12: 1ffff92002f09801
[ 1566.341404][T14927] R13: dffffc0000000000 R14: ffffc9001784c000 R15: ffffc9001784c008
[ 1566.341421][T14927] FS:  0000000000000000(0000) GS:ffff888126cef000(0000) knlGS:0000000000000000
[ 1566.341438][T14927] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1566.341452][T14927] CR2: 0000001b33f0b000 CR3: 00000000416d4000 CR4: 00000000003526f0
[ 1566.341471][T14927] Call Trace:
[ 1566.341480][T14927]  <TASK>
[ 1566.341491][T14927]  kcov_remote_start+0x2b0/0x710
[ 1566.341517][T14927]  hub_event+0x158/0x4f30
[ 1566.341546][T14927]  ? __lock_acquire+0x6b6/0x2cf0
[ 1566.341577][T14927]  ? __lock_acquire+0x6b6/0x2cf0
[ 1566.341606][T14927]  ? __lock_acquire+0x6b6/0x2cf0
[ 1566.341635][T14927]  ? look_up_lock_class+0x57/0x110
[ 1566.341656][T14927]  ? register_lock_class+0x31/0x2e0
[ 1566.341686][T14927]  ? __lock_acquire+0x6b6/0x2cf0
[ 1566.341719][T14927]  ? finish_task_switch+0x162/0x940
[ 1566.341752][T14927]  ? lock_acquire+0x107/0x340
[ 1566.341782][T14927]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1566.341809][T14927]  ? __pfx_hub_event+0x10/0x10
[ 1566.341837][T14927]  ? process_scheduled_works+0x9ef/0x1770
[ 1566.341865][T14927]  ? process_scheduled_works+0x9ef/0x1770
[ 1566.341889][T14927]  ? process_scheduled_works+0x9ef/0x1770
[ 1566.341913][T14927]  process_scheduled_works+0xad1/0x1770
[ 1566.341952][T14927]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1566.341976][T14927]  ? do_raw_spin_lock+0x121/0x290
[ 1566.342008][T14927]  worker_thread+0x8a0/0xda0
[ 1566.342040][T14927]  ? __kthread_parkme+0x7b/0x200
[ 1566.342072][T14927]  kthread+0x711/0x8a0
[ 1566.342105][T14927]  ? __pfx_worker_thread+0x10/0x10
[ 1566.342130][T14927]  ? __pfx_kthread+0x10/0x10
[ 1566.342173][T14927]  ? rt_spin_unlock+0x150/0x200
[ 1566.342205][T14927]  ? rt_spin_unlock+0x161/0x200
[ 1566.342232][T14927]  ? __pfx_kthread+0x10/0x10
[ 1566.342264][T14927]  ret_from_fork+0x510/0xa50
[ 1566.342289][T14927]  ? __pfx_ret_from_fork+0x10/0x10
[ 1566.342311][T14927]  ? __switch_to+0xc9e/0x1480
[ 1566.342348][T14927]  ? __pfx_kthread+0x10/0x10
[ 1566.342387][T14927]  ret_from_fork_asm+0x1a/0x30
[ 1566.342431][T14927]  </TASK>
[ 1566.342446][T14927] Modules linked in:
[ 1566.342471][T14927] ---[ end trace 0000000000000000 ]---
[ 1566.342488][T14927] RIP: 0010:__list_del_entry_valid_or_report+0x18a/0x190
[ 1566.342518][T14927] Code: 2c 53 7a fd 43 80 3c 2c 00 74 08 4c 89 ff e8 8d 85 9a fd 49 8b 56 08 48 c7 c7 20 5d 3f 8b 48 89 de 4c 89 f1 e8 27 f3 9f fc 90 <0f> 0b cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1566.342538][T14927] RSP: 0018:ffffc9000659f738 EFLAGS: 00010246
[ 1566.342556][T14927] RAX: 000000000000006d RBX: ffffc9001ac54000 RCX: da1bc28bc7907400
[ 1566.342573][T14927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1566.342586][T14927] RBP: 0000000000100000 R08: 0000000000000000 R09: 0000000000000000
[ 1566.342599][T14927] R10: dffffc0000000000 R11: ffffed1017104923 R12: 1ffff92002f09801
[ 1566.342615][T14927] R13: dffffc0000000000 R14: ffffc9001784c000 R15: ffffc9001784c008
[ 1566.342633][T14927] FS:  0000000000000000(0000) GS:ffff888126cef000(0000) knlGS:0000000000000000
[ 1566.342651][T14927] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1566.342667][T14927] CR2: 0000001b33f0b000 CR3: 00000000416d4000 CR4: 00000000003526f0
[ 1566.342691][T14927] Kernel panic - not syncing: Fatal exception
[ 1566.343284][T14927] Kernel Offset: disabled