last executing test programs:

22m54.561279988s ago: executing program 1 (id=2050):
socketpair(0x23, 0x800, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="12000000030000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, 0x0, 0x0}, 0x20)
r1 = socket(0x2b, 0x800, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x12, 0xa01, 0x0, 0x25dfdbfe, {0xa}}, 0x14}}, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000013c0)={0x9, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f000001aa40)=""/102400, 0x19000)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000f40))
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f00000007c0)={0xa, 0x100, 0x3, {0x3, 0xffffffff, 0x403, 0x4}})
close(0x3)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000480))
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x4000040)

22m53.710967225s ago: executing program 1 (id=2053):
mlock2(&(0x7f0000370000/0x3000)=nil, 0x3000, 0x1)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
getpid()
r4 = syz_pidfd_open(r1, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r4, 0xff05, 0x0)
wait4(0x0, &(0x7f0000000380), 0x2, &(0x7f0000000e00))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000001000000"], 0x18}, 0x0, 0x40000, 0x1})
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000021000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a300000000050000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000414000980100002800c0001800800014000000002140000001000010000000000000000000084000a"], 0x98}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
gettid()
syz_usb_connect(0x4, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
r6 = syz_open_dev$swradio(&(0x7f0000002a40), 0x1, 0x2)
accept4$ax25(0xffffffffffffffff, &(0x7f00000002c0)={{0x3, @null}, [@null, @bcast, @bcast, @default, @rose, @remote, @bcast]}, &(0x7f0000000340)=0x48, 0x0)
ioctl$VIDIOC_DQBUF(r6, 0xc0585611, &(0x7f0000002b00)=@multiplanar_overlay={0x66906dc8, 0x1, 0x4, 0x4000, 0xff, {0x0, 0x2710}, {0x0, 0xc, 0x1, 0x0, 0x8, 0x9, "88998790"}, 0x9, 0x3, {0x0}, 0x101})
syz_usb_connect$uac1(0x3, 0x9e, &(0x7f0000000000)=ANY=[@ANYBLOB="12010002000000106b1d010140000102030109028c0003010301000904000000010100000a24010c00080201020c24020101010400010106d40904010000010200000904010101010200000724010a8000000724019b0701100c24020106030329bcc422990905010900040f830a072501020ffe7f0904020000010200000904020101010200000724010106040009058209000405010307250182020b00"], 0x0)

22m47.758872898s ago: executing program 1 (id=2065):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wg1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x38, 0x24, 0xd0f, 0xfffffffd, 0x25dfdbfe, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_TUPDATE={0x8, 0x8, 0xffffffff}]}}]}, 0x38}}, 0x0)

22m46.879914173s ago: executing program 1 (id=2068):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="4a04c8dbeac7457e87d0e7c837a0a7ab6c8d50f58b66ca9ad2ff37ca136fb97eb6128131b4a157493c713340659237a306e9643305639a489e28652c1a34467406b8230cf1fab58abc74b34962c157501f0e2587b57a005bbaa493886da29dfd5272ab8fdcf706285d14a1e0e7e049937fedcdb7f63b98cbad5c2781c25f8a491042167eb8a094d37cbd2bc52d741cf9addd4360974a180b4b9df32b2a2c83d2d3b3cbaa15ff3a04cf1faff34e1e4d0cee9800c1e1fdd1d76530a5a05fca0862f2632d72cdf172f0b5fb8a6ea9841d3b294a6bfcbbc2e962e386a13882c30e", 0xdf)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200, 0x80)
prlimit64(0xffffffffffffffff, 0x1, &(0x7f0000000140)={0xfffffffffffffc01, 0x1}, &(0x7f0000000180))
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x208000)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000200)={{0x6e}, 'port1\x00', 0x80, 0x50400, 0x3, 0x9, 0x6032, 0x6, 0x6, 0x0, 0x2, 0xa})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0xa4, r1, 0x200, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x8, 0x5f}}}}, [@NL80211_ATTR_SCHED_SCAN_MATCH={0x7c, 0x84, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x44, 0x6, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x8, 0x2, 0x2}, @NL80211_BAND_2GHZ={0x8, 0x0, 0xa}, @NL80211_BAND_LC={0x8, 0x5, 0x3}, @NL80211_BAND_LC={0x8, 0x5, 0x401}, @NL80211_BAND_LC={0x8, 0x5, 0x40}, @NL80211_BAND_2GHZ={0x8, 0x0, 0xfffffffd}, @NL80211_BAND_6GHZ={0x8, 0x3, 0xfffffffc}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x5}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x2}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x1}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xa, 0x1, @default_ap_ssid}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @from_mac}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x4}]}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x60000801}, 0x24000000)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, 0x3f7, 0x8, 0x1, 0x25dfdbfd, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x14)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000005c0), 0x200040, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r3, 0xc0044dff, &(0x7f0000000600)=0x5)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000640)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
creat(&(0x7f0000000680)='./file0\x00', 0x180)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000007c0)={&(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000700)=[0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x1, 0x5, 0x6})
ioctl$SNAPSHOT_UNFREEZE(r3, 0x3302)
faccessat(r3, &(0x7f0000000800)='./file0\x00', 0x6)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r3, 0xc0984124, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})
ioctl$BTRFS_IOC_SET_FEATURES(r5, 0x40309439, &(0x7f0000000900)={0x1, 0x3, 0x16})
setrlimit(0xb, &(0x7f0000000940)={0x8, 0x2aff})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r3, 0xc03064ca, &(0x7f0000000a00)={&(0x7f0000000980), &(0x7f00000009c0)=[0x0], 0x30000000000, 0x0, 0x2})
syz_genetlink_get_family_id$fou(&(0x7f0000000a40), r3)
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000a80))
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000b00), r4)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x44, r6, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x5}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0xee1e}]}, 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x30008040)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000c40)={0x7, 0x1, 0x8002, 0x9, 0x4, 0x78, 0x7f, 0x8, <r7=>0x0}, &(0x7f0000000c80)=0x20)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000cc0)={r7, 0x1, 0x0, 0x401, 0x8, 0x432a}, &(0x7f0000000d00)=0x14)
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f0000000d40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r3, 0x40096100, &(0x7f00000012c0)={{&(0x7f0000001240)={'KERNEL\x00', {&(0x7f0000001040)=@adf_hex={@bank={'Bank', '4', 'CoreAffinity\x00'}, {0x7}, {&(0x7f0000000f80)=@adf_str={@normal='NumberDcInstances\x00', {"eaa65da1a512a072e36e219f7dfd8ead1a51dbe78cbefb1f046d2d2a9a0f2e7b0ef1093b670e41dee70d7dc4f2454a6eb74ac2dbbc4cbc499b67770b88268cfc"}}}}}, {&(0x7f00000011c0)={'KERNEL\x00', {&(0x7f0000001100)=@adf_str={@format={'Dc', '1', 'NumConcurrentAsymRequests\x00'}, {"bb2b649851bb9ed029917e443639c4f094e89a97ea65f8fde93110315147398ae9a9c313d8ca51b0e76242c4905eb8dafc872ebf94df87697836a79b613367a1"}}}}}}}, 0x4})
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000001300))
ioctl$TUNGETVNETLE(r3, 0x800454dd, &(0x7f0000001340))

22m46.078033748s ago: executing program 1 (id=2072):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x103182, 0x0)
socket(0x1, 0x1, 0x0)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89a0, &(0x7f0000000200)={@rand_addr=0x64010102, @remote})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f0200006706000020000000620a00fe0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00'}, 0x48)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)

22m45.657434752s ago: executing program 1 (id=2074):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000000000404112155000000000000109022400010000000009040000010300000009210000000122053a"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000640)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0067f6f9e200b0674410cd1e1913219e13061878bdc76150659a8cc03d642f082aa03cbc04573e1a7e8c681a93f185f3390858f66cca13039b584e0c2120217fd4af50b48d5121b801806719af26b9564b99c9fab648b1d3415d1390bb730050ebfa87017fd0a2c7abbf55238ac13d8ba8f7"], 0x0}, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000640)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0067f6f9e200b0674410cd1e1913219e13061878bdc76150659a8cc03d642f082aa03cbc04573e1a7e8c681a93f185f3390858f66cca13039b584e0c2120217fd4af50b48d5121b801806719af26b9564b99c9fab648b1d3415d1390bb730050ebfa87017fd0a2c7abbf55238ac13d8ba8f7"], 0x0}, 0x0)

22m36.33565237s ago: executing program 0 (id=2090):
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r0, @ANYRES32=0x1, @ANYBLOB='<}\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX=0x0], 0x50)
r4 = syz_open_procfs(r1, &(0x7f00000003c0)='statm\x00')
read$FUSE(r4, &(0x7f0000004180)={0x2020}, 0x2020)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000180)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000240)={0x48, 0x5, r5, 0x0, 0xffffffffffffffff, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$int_in(r6, 0x4b65, 0x0)

22m33.103786402s ago: executing program 0 (id=2098):
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="1c681411f7a496c0dacc6a3c24465b016f64b4c00b5f7c691cb24cb8000000001a0000200000000000201500", 0x0, 0x48)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_GET_STATS_FD_vm(r3, 0xaece)
read(r4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f000001b000)=""/102400, 0x19000)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port0\x00', 0xe3, 0x1b1c07, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7c})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x4058534c, &(0x7f0000000000)={0x400080, 0x9, 0x7, 0xe05, 0x20000, 0x28e7})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000002140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000001440)="e403402e6d69aa1cef9ef9a6a8a811114a73730561f86ec24fbd20a031516af10645443ba1ea91a31e618c729fb36241fc852cf7795cc3c0d78ae4de1e5110eafba42f764d048680", 0x0, 0x48)
read$FUSE(r4, &(0x7f00000041c0)={0x2020}, 0xdaa)

22m32.114708859s ago: executing program 0 (id=2102):
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r0, @ANYRES32=0x1, @ANYBLOB='<}\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX=0x0], 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000004180)={0x2020}, 0x2020)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000180)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000240)={0x48, 0x5, r5, 0x0, 0xffffffffffffffff, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$int_in(r6, 0x4b65, 0x0)
syz_open_dev$vbi(&(0x7f00000001c0), 0x0, 0x2)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r7 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r7, 0x29, 0x4a, &(0x7f0000000000)=0x9, 0x4)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x20, r8, 0x9c3fa077fa966179, 0xfffffffd, 0x0, {{0x7e}, {@void, @val={0xc, 0x99, {0x916d, 0x15}}}}}, 0x20}}, 0x4000054)

22m30.441116788s ago: executing program 32 (id=2074):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000000000404112155000000000000109022400010000000009040000010300000009210000000122053a"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000640)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0067f6f9e200b0674410cd1e1913219e13061878bdc76150659a8cc03d642f082aa03cbc04573e1a7e8c681a93f185f3390858f66cca13039b584e0c2120217fd4af50b48d5121b801806719af26b9564b99c9fab648b1d3415d1390bb730050ebfa87017fd0a2c7abbf55238ac13d8ba8f7"], 0x0}, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000640)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0067f6f9e200b0674410cd1e1913219e13061878bdc76150659a8cc03d642f082aa03cbc04573e1a7e8c681a93f185f3390858f66cca13039b584e0c2120217fd4af50b48d5121b801806719af26b9564b99c9fab648b1d3415d1390bb730050ebfa87017fd0a2c7abbf55238ac13d8ba8f7"], 0x0}, 0x0)

22m28.956939275s ago: executing program 0 (id=2110):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0x7}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000000ac0), 0x40000000000019e, 0x40840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)
syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xd4, r3, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x14}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x336}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xb6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xe}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x47}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0xd4}}, 0x800)

22m25.48901493s ago: executing program 0 (id=2119):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x103182, 0x0)
socket(0x1, 0x1, 0x0)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89a0, &(0x7f0000000200)={@rand_addr=0x64010102, @remote})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f0200006706000020000000620a00fe0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00'}, 0x48)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)

22m24.596305323s ago: executing program 0 (id=2121):
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x0, 0x10080)
getsockname$unix(r1, 0x0, &(0x7f00000000c0))
set_mempolicy(0x4005, 0x0, 0x9)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)
r2 = getpid()
creat(&(0x7f0000000140)='./file0\x00', 0x62)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)

22m8.662532303s ago: executing program 33 (id=2121):
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x0, 0x10080)
getsockname$unix(r1, 0x0, &(0x7f00000000c0))
set_mempolicy(0x4005, 0x0, 0x9)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)
r2 = getpid()
creat(&(0x7f0000000140)='./file0\x00', 0x62)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)

18.346282175s ago: executing program 4 (id=6718):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_script(r1, &(0x7f0000000280)={'#! ', './file1', [{0x20, '\x1f\x8fmTh@=\xdeT\x80\x83t\f\xd1N}\xf61q\xbfb=`\xe8\xc4\x93\xdf\x88\'V\xea\xd4\xe0\xa8\x94q\xa5Z\x87\xd4u\x1a\xec\xe4\xe4\xb1\xf0\x82M\xc8\xd2\xb6\xde5~g\x8af\xe0\x01\xd1\xd7\xd6w\xc2cP\x1dN5\xc9\xf7\xe1e-=\xfc\xc4|\xae\x1fl\xd17b\xc0`\va\x1a{Y2\x05\xc5\xb6\xa0\xbb\xe86\x98]F\x1e7\xac.b\xd9\xafN\xffcW.\x9co\x93\x11\x16\'{\x8d\xdc\xfek\x1a\xbf]T\xd1 >SG?$}Y\xdf\xd6\xa9\xe1\xd5\x9a\x0e\x88\f!\xc5Ih>\xe1M;Q8\"\xf0D\x88%g5?8\xe38\x9ab6LB\xa8W\x00\xd0\xff\xea\x82\xa0\xfe\xc6_\t\xe0W0\xcb\x8a\xf9\x92\xedL\x93\x14\x90t\xb6Oh\xcf\xb00\xa4\x1a\x82#%=\x12a|u\x90\xaf\xd7P\x8c[\xd2\xbe\v(EU\bcB\\\x85\xd7\xff\xe2\x1c5\xdc\xc5\xcdjy*\xa5~:8\xc9\xda\xa5\xaf\xe3\x84\x01\x1d\xda\xae/(s\x8b\xd4L\xa4<\xe0{N\xef\xe6\xcd\x9eP\xadU\xe3\xcd\x1f.\xd6\xc3\xd7)\xc5/\x01T\xb2\x11\xa4\xa9\xf9N$\x8a\x8e\x88\xb6\\\x9cw\x88\xbe\x93\xb4:\x00\x19^\xcd\xbbX:7\x194\xed\b\xe9k\x1e-\x97\x1e\xffq\x17\x8e\x84)\x1b\x9f\xc3N\xdc\x01\x9e\xeeA\x01\t\xbb\x1fh\x9a\x1c\xed\n\xafN\xd4\x89\xda\x8a0m\n\xa7kf\x8c\xb7\x84\xf1a\x1a\xdf[n\xa6\x15c\xa09K\xc7\xd4_}\xfe\x1d\xf3\x89\xfb\nOu76\x86)/\n\xa5w\xf9\xed\xe1\x90&1\x83\xcf\xf3f\xc3V\nB7\x99\x16N\xa8,@z\x9d\"\x90\x8d\x9d\x15I\x8e\x8d\xa8\x14\x86C\xee\xfe,\xfd\a\xd1f^\x01\x98U\xe79u\xec?\xdc\xb6s\xc0\xabI0V{B\x04\xc6\x95\xe4\xe2\x96\x13z3[\xfd\xad\'G\xa9\ax\xab\x06r\xd8OSa\xdc\xa6\xb3N\xa2!\xce\xd3\xd5\xd7;\\X\rP\x7f/\x0f\xabW\xb8\xd1\xbd\xd4\xed%\xb0Bh;\x05\f+m\x9f\xc3+& \x97\x05|\xd7\x1b\xe7]\xa2\xe3\xf5.\xe9\x06\xb4\b\xff\x1f\xa1\xec[V*\v\xb8\x89\xf0\xca\xe06\xf8\xe0\xa3\xbc\'\x84\x95\x18\xc9\x199/\xd9~6\x83\xb09\xc8;\xe8\x88\xb5\xb4\xd4\xa8\x85\xc8]\xf3-'}]}, 0x24f)
write$binfmt_misc(r1, &(0x7f0000000240)="09e0b2", 0x3)
r2 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x5, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, 0x0)
close(r1)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000001c0)={0x0, 0x8, 0x16}, 0x18)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket(0x21, 0x80003, 0xff)
fcntl$dupfd(r3, 0x0, r4)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xe)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000100), 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r9, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r9, 0x84, 0x15, &(0x7f00000000c0), 0x1)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f0000000140)={'ipvlan0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x4, 0x0, 0xe, 0x3, 0x0, 0x80, 0x0, 0x0, 0x4, [0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0xfffffffe]}})

16.886376232s ago: executing program 4 (id=6721):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0), 0x0, 0x0)
setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000180)={0x98, 0x20, 0x8d, 0xd, 0x0, 0x2, 0x0, 0x7, 0x4, 0x0, 0x0, 0x2, 0x4}, 0xe)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="300000000000840000000100b9374cb9bd0300181b99ccf92f79279c39361a39a53886edf07fce023f7ebfe1c2699fdf380d5e73a2d839ebe34991ec6b592a80b1a5f5224aa26e084418c6d81cf9a1641d69d8b70b"], 0x30}], 0x1, 0x0)
recvfrom$l2tp6(r2, 0x0, 0x0, 0x40010141, 0x0, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x3, &(0x7f0000000100)=[{0xa, 0x3, 0x7, 0x4}, {0x5, 0x0, 0xd7, 0x4}, {0xffff, 0x3, 0x6, 0x81}]})
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f00000005c0), 0xffffffffffffffff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r4 = syz_io_uring_setup(0x12de, &(0x7f0000000300)={0x0, 0x2000, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000)
io_uring_enter(r4, 0x5b43, 0xaced, 0x20, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_usb_connect(0x3, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0)
syz_usb_control_io(r8, 0x0, &(0x7f00000008c0)={0x84, &(0x7f00000003c0)={0x0, 0x30, 0x4, "5e7ab1b1"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r8, 0x0, &(0x7f0000000440)={0x34, &(0x7f0000000240)={0x40, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)={0x34, r3, 0x1, 0x1070bd0c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x40811}, 0x20)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x50, &(0x7f0000000040)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e79"}}}}}}}, 0x0)

11.896842234s ago: executing program 4 (id=6739):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
writev(r0, &(0x7f0000000580)=[{&(0x7f0000000080)="268292", 0xfff6}], 0x1)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x18, 0x0, 0x500)
lsm_set_self_attr(0x65, &(0x7f0000000800)=ANY=[], 0x20, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, &(0x7f0000000140)={'icmp\x00'}, &(0x7f0000000240)=0x1e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x7}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'y)\x00'}, 0x0, 0x1, {0x0}, 0xea})
r5 = epoll_create1(0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000180)={0xc0002000})
ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f0000000040)={0x4, 0x40100000, 0x5, 0x0, 0x1, "362e851f84882fb90efa3fa665d2eb144970e2", 0x8, 0x81})
r7 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x3416, 0x13100}, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000000)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r7, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000080)=0x2)
close_range(r3, 0xffffffffffffffff, 0x0)
open_tree(r0, &(0x7f00000002c0)='./file0\x00', 0x89100)
r10 = socket(0x2c, 0x3, 0x0)
sendmsg$nl_generic(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="640000001900010000000000fbdbff251d010900500012802a028080080027000e0000003d004180e7227ae5c252f37c41df2a84b5cdecbc7e272fbe572d6a76e2253ab30bd45f00466ac17605d18985dffc132cff49dc226eda6ce3c24e45f03a"], 0x64}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

11.772413108s ago: executing program 6 (id=6741):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = socket(0x80000000000000a, 0x4, 0x0)
socket(0x2, 0x80805, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r2, &(0x7f0000000640)=ANY=[], 0x258)
close(r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r7, 0x58, &(0x7f0000000180)}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000980)=ANY=[@ANYBLOB="1800000000000000000000000400000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703f500085a1ce6b2ea5896491fe490f24396200000000000f6ffea5fa2d25d083cbe3929ca9584d23d0000a2d988bdeb39e97847071f7e1dd055f5538e90ab3df647248c6a7d5ab94439e8d92d6ff16dc200000000000000000000000000000000000000007492fc9baf7bb0499e2f8d479ba7f3f89758898969b2ad0a06b0a21b2340e1db8798f46c971d0e7513af339eea951feb267ca0f27d450ca4e932b497a0a7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r8}, 0x18)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="e000", @ANYRES16], 0xe0}, 0x1, 0x0, 0x0, 0x4002841}, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
r9 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f0000000300)={'fscrypt:', @desc1}, &(0x7f0000000340)={0x0, "8527d2413790af54bfbca283be11c0de7af30e90937920fcba13d90af61beaa44d66a6535daf1bc35fb3af1e9197e31d26589ddb3c101840af347c1a253ec5fb", 0x18}, 0x48, 0xffffffffffffffff)
ioctl$COMEDI_DEVCONFIG(r9, 0x40946400, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

9.23238583s ago: executing program 6 (id=6747):
socket(0x400000000010, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020)
write$6lowpan_enable(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="14e7e100158b010000000000000000000001fd00"], 0x14}}, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r3, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'sit0\x00'})
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000001180)={0x80000000})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000140)={0x8, {"87412fcf3b7656866352bfc3b2a97409f657f12f35013bff5243e9df7287106d02bcb0d638722ca4b8c03c00d8a7008f57b74d0fb9eda8c8d8a733262574a53c242d4bc2315f2a4330212629510faf60e06a809b44e3e956079f8e15309975eff5624b8e45b4290e4fd8619c8cda5e70e7fb7483bcb2d4dd171510932e4433505aa14c048b20f8bcea3979ac05e8a7f8c69335943f945df35be808e545a8701b5be1992667e07680101ae7c1052ba83cc3bd6351e484cc28c90390cc9a670f8e82994662194133d1416df6adf63f7d4dfa6bd4d6ed755b91231e5ad99cd82cde77441875b7f23566f34ec3ef4c58ca1243a22bdb0f3d0c3c0cf3567d3624b00e0822cc27b0c10cd3ebbfe5cee69113acf809ee9cb63e761d1b8b74c19cd23e3e4701f08d76318d0f11a28ad24f46105b6d53b071cc8e51e0b54609f2757158c24bb01751b963681616d9fe8948f2234a5f53ecb3af48f3896e53c92a4a0035c1a22c08dd13808f8d26772e52c418e2860f4d1c51b77ce73bf7ae4a0023218a4e3af6ac7fb00396b4d5d69996e39638c42c51384bca0d141bc64e27ad1cbccc3d45cec59fd5fc46e312696c47b8d1b029c7cbd0194c675d445e93f7abf8bf2d4765f03e57fde167382ece70993a0cfe964e1a6f75b88af69739f654043da63c32c4101f30de250b052f7eb6da1eecf5dd1d6d29b63620af24d62c31c6566c82763b7ab4293441dd14d369f08cf1189a58047952bf8f973c095ffbdfa9b91bbfa8c3c894d85f08fd311ab1eae103318761b47a93a6cae00204635a8cb57b3204c4b8fbb2dfef3c596f8d4dda918110abd6ebc5bf26311c438898a7f814ae9ff9ab8c8f23282906cf57dc2e167bd3be0a2b19945b3dde4e7fe2d01056a1d9d486e543bf2454c4e4219ffc33ae22a824b0e1058706656c59cc6e5c08fcbe0a88d35cf178136aabf450453dec7878bccc1daca7c6690983be524e83a17f9ce02ec0a58c125916cd7575ac1cc02f8485562f1542da73fa09d2be7f4d3e629fde6e5c58389a1ffb95b146e1d1b2a25aede59f02c5f9a55fc53b1867ee3863fb838e0750beb6939097aca0c03ebded37f2ffa945339fcc99ad006aa71863358bf300a71df24adc6b00c2687e7756a8d5e93668ba13989e824dbb992050748b87b9300ffea6ccf04a990046f5522749d80d45444866e3d7c21dfb786563e3ca11b5311eb3f8b7ed70e73ef02e477d76dea6c14bf1b47a2cda66a024eae350efb34d11fd512d0921d16e6c5e90845be2a5e8ea30f438f331f1e316c5d6e60526249300e6fc921dd8c0c8d470e2485b9145b12ed332b0de2bc3b29f7dbf980617c378f28ebfd8b0a37c89124c79c5b2f344b5c3b5d0f3a8641093b4b06d5a67c152a510a56a0bef5a24fea0869455e7d54535163289a970e6e908aacd0c30f85fbf16b923e5d18a997b5b0b1f2bd15a7f1ccc33b8cf1b8fd0e0f8f4f0ff533669e5f71f460f3672f6ca7a1539997689fd6f97f296f53761bf94f5f75aa274cb5ae67b25682cca33c87da759c0c99e064fa973af0d2d6ccf82266a48241d2284eda04590bc80c31b0c0b04fa104cce536fbb29508a222c4a777c072348502a27272ff9656a0fba49538be263d23e9bce31f3e5d573b1cbc0b0ecb27170c2eb10115dd8ecaee8f0ead3202d3c855223c196a7343fd6d2c152430add0c5d088a406f40e4aad95fc2d30655ca81f65aeeaf81eb82821da75334ed82cb09f41c891c53cd193ca8f99017fd28f5b454ada00989697756f2aaf11254c67dca0ee39d51a6dfcd09732401bdda91de59ef0af9a8711c8b3365caab3a941c3aae59a3cc51f7604b8dd945e174a69d556ea00dbf82baef3c263488eaa96c009c399486d7d828dbddf34acf90575c55463cd92b55162647cb1a282e2670928eb9c0c0af020202d2387bffcbe4006019d20b0963da0fbbdf9fefd6ef1f8fb5ba0c6ea129b004df63bcd06d7d6d09b6783e70a1bfa6d2fc1066621f7ea859cca0467c8322b32655eb23f5d3197ebc0a49ecf867c3e934e91ea31c3415ccc7adf01ca6a2e835eed34cd953f2cf89aec22a48cd3ba586001f15012f9c8edaeead6df6ee6cdaaadd62cffd7fd34bb175065cee2a9a79776cc13bb74930e1edc108e03eba8b3bb2c62d1d695d5284c8cad21d9bedad563e2e96570ea03b23032d818d305c188810116bea0e19f33e7a4eb71e2e86281f55c095ad24005dccee4685395206dbfb7480d55f00e191407844cd6ba022ceea6eac1e5ef1107df340764065ff13480924b4d63c00ee00f9b9bfebee99d9ec920a821fcf06f14a1b5bb4e0590dc30a5c9944f5b2ffe6ff0c62165930cf450718b2ad74775553c6a5de2d9eab709912158b00b87836cf8feab171d774fa0745222902d0c99b312240e900e2759211168947d6d52eaf5f9df731d9d2b1ea2cf2713ca5a9fc9c64761f19012bca4d901e65ccae30197b6c3f57d82d7990d0c82d07a9dcd147a470319f0c6261b8cd5eec858a88ca9a28663220ccc0e2361dc40daffd486e625c403013d70bd4b029f8f63797ae6e7b02e800fdf709824b0e27b6073792fcee6c2cc1477368d0832723a2b13ba98daee9cdf9ede4eb6e7aeea7b37c04fee94db6f28c8252cc0b4b36af066b3b148ceb6765357eb01a071fbeef1d41b296d1627066b9ab344ddb259df37cb9e301e26a5cdf362c8f015236c7aed0cadf533431d9336fe9b5cf17f66964ccdff0db89526b9f2256fc3b82e4e749c5672cb14884935efeb65a44ff9035bbb648242bd508449afd0740491ab5819b75f19802b6741d854fbd87e694df208c55a3751c0865cd09e1e328d079693aef4fc437c9bf977c9aeae7b0a4cebf0c54ebe02efec8f53c7889af5b16ab4eb13422d5ba73a76db75d7cffe779b0ffdcc0ad429dd09448b54f10bac299361d7d649e7d38b7c470ab9f77daeba576783a7b0161e59a61f96d407773bc79c4beadc19c1a1dfde445f819aee6afecccad3579e26542321b53ab0877544c25eaa638e405449ad26c9b8ca38838ab31a8387bd7772e521e80df7c63a534f9eb6c0aacc513d17a78ae076bbaac2472153aa43ca3aa454ab5b334126a74e72e833ab718384e3a8c0e3a7a62e89362cd3da082f83052e91c02ed49739357b77546329969214dc0ca44fbdbf98eb558bb20a328788cf80e358db5b55b1c91b1d3e116642527a40850e9935eb894afc010c67be9034d05dbc5ef41f5660c849c588718c8c6517715e3fec863265fb873b03e8c3d60c7bd69ac8fa156cc5455add9ba2b9b2bcf31eae846cd31ac2b6e29bbed6384ae9bc96a2b68d13fddeaf64f08653547416782ab3eb6e206699fe084d51e32911d994626a3e7970dac2b3a7aa79222ea714228dfaeb1947894db1c4e5f21d5149f2f1b9df2084e6e848da180422e7db75f32deaec04f0cec0c3dab199dca6f932e4f774e7a072798d465a79010e08f284bf01fae43340269269eecc7b43ace70661ea38a4f19faa2df9867437dd55c5e711672057fed655eb02c3e8b05516cd08ce5db30c2adae57bb30bb45590d566bd74956d86269bf8ee9ca064780ead780c8f10795e4d93bfefddaebacfb93ab6333c8b5318c0d73d55364c2dfe057184d837d9a9c41b9070cfe2366f9bdcbf30dd9d5b8566c6204bfdb1c11dd936d9a4b288172a706f0ac9b3b8e0e97fa35579e73fe600134eb004dd9c8d1a7f4d625419c2d48b1a906ac1f7ef34f3c9a816de3c53f6f019a4a554f6a282a21f45891ffaa1e85c5af43f949c8a495dfe7953f53793dac5455b679f90efb678d25b9a7b7326193c34922487a2d83b1689261891d55ca69954c5f4d1fb1824c577cdc8dc4a22d5662e15f87ad729df239ec9ee007556c633d5dbbb4874568d11375250dd836e944c523ffcde1c156613877715c1895a0b755a971b41a1167542d5a94b2930e818fa18d169ed1f95db235cabba2f0b8162c93a31e549ee7903cb8ea9b15a39486b1d1347957e768ab1c372513f0816fd03d64e03c95019bb47b221a60f36c9ad2e4eee321175fdc6dcde5bea9d1bf73cd8ac2919a4f652fea4e1f5e761f5aeb78d925f175e066595e642a2f0c9eeb9313432bb0726ad27e3767007a27bfcdaa83a91b903ca122a3c0d503dc1ff3bdcedb096d0c7c74a67536ce50cc4b1aedef43a8d7bd26f657e3044b6ff25b01e91eb50cd17a2b28b2190e088786c5f3a6b79cf10c7de46cf94aecfdf3e99fc7ff07ca0d051375d81c888eeb525ac2b38036700a5646ab2a3814e7e91441f3dc6c0a149804142fecd91f6d6fff02e6058a670cef325dd009897fb9f7650eeabcfd832e30d2d59080c56fe524666f992c090f5ba17cad9ec034374ed4b98d46fa87b9068b31bf99d80714a736218992e37d674a0100128f93503156f9d53070cbcbb6f1aa4758a2b0012ae3b44ed0952a9ab17a626e9ccd994c401a9749b209d95223a0aa6533654a34cb1b3d4581475a22692daf84e4b87e68f6e53124cb6e3598a363d9157e94fb7d3eb59d6871766a1c3e40820f5eb917b03483cec88524ea8deb4f44dcc2bd73d01fb5ab3f45179c9d176666b6d8264aa7a6694aa208f3a8b9e6269d8b57d233d721750ef14b7b9f711e8c90bd480dbfa0c01d6dd3e899162cbde3c55f0dc0a438347b740fcde9aa0ecd9dd8e1265da91a5dd0d502608c045a54d1a23b91aaf0bb0bcb1174429cae5f2bd99011325d3df263621f110550a181767299fe386125069d08614adf9a1f3070fdcbae318c7b995d75e0ae92e5ab781d1fa0aa71c6a9a5b886835469e204da4c4592375df674a95edc197f097386e2b1de0e068df16c80dd7cd281e5c7ac6ed8d472dfdf8a4cb3dfe753635872c9c9f2a7928fc079b9191c72074b84bfdbcf6a8851bd3796f3d8ea0c9a5b124336dde9c80314aaad1e479a83a32c3ea57fd606c4753551a323cc2e83dfdb4ce40330b05a92172842f9c9df0d69c5cac7c1533c8f422dc7f9f5d697f679ea103f386d4d27fa9d3abdb335d78e6e3a1f0287056f65bb82850317883d80eb676acfd2c9c3da6f530c4f10c32865575bc75432bbf646de1f20fea33ba709befa14099bb52938dea4870a79c6814fb47ad4b8d0d8f180c8dfaa629a39ee861da33dbb0729450802e0dd1e669a07cc74e395986f13850c51fe7b7b4f295fafec913e26df87087c1868c8debbe48f83428819357c953e525abba44d25a3ceb23660c8df4f667463063179b792605a1609dcf63bef3114f4a7a41e54caeb6f164737bb508a91c015cfa960e7971dbb9f5a6bf13cdde7584c37a0e143fa5e6132cd553518f7a277b02aa89a9cd7efe86cc86122a7066c5d60de76cfa6aaf0ae10323534ff6065b715a4c1c2c376338c355fea617b5b77aed0375856516de8b9a556f45f0a907255b4417e3ff9d3363ee9c0317f076cea2f2a90477957f6b72d73085f4f700d18e194d136f253d5c5b1b5fa0a76b37aba42baf527b247aa3ae4ef229d14eae58ebbb7dfd69f4f9bcfb56295ea8ce8cad5c71ee9293d8738c36bdccfd56f99f2c4e42848e3a86b365bf470242e2dec850b61988e4ac505d11e46ae9448d9bab6f208d751921dca54c3ac30fc16fae710bf64401238bef451efd53ac49cc2a1b40d50b59e196ac8fa8272f36ab11abf2ad7d7534c2da0d491f6fad41e63de771f8ec66752c4914dc3d7db34b3b21ce286d077e9900933e650b7d63bd021d3ec71f913efef9ff089c0c762b65bb6f50fcfcaed08d2db57b59b613f269072", 0x1000}}, 0x1006)
r5 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x993568c40857f797, &(0x7f00000011c0)=""/57, &(0x7f0000001200)=0x39)
ioctl$sock_SIOCETHTOOL(r5, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x4, 0x0, 0x10, 0x8001, 0x3, 0x0, 0x2, 0xb}})

9.040353017s ago: executing program 4 (id=6748):
socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x8010, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r2 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x2)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
lsm_list_modules(0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
accept4(r1, &(0x7f0000000380)=@ieee802154, &(0x7f0000000400)=0x80, 0x80000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0xffffffffffffffff)
syz_usb_connect(0x5, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x7d, 0x2e, 0x91, 0x8, 0xa2c, 0x8, 0xe9c0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xa2, 0x0, 0x0, 0x3f, [{{0x9, 0x4, 0xec, 0x5, 0x0, 0x87, 0x7c, 0xa9, 0x5b}}]}}]}}, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')

8.137190827s ago: executing program 6 (id=6750):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r3, @ANYBLOB="0198000000000000200012800800010067726500140002800800010089"], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x40)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="400000000906010200000000000000000600000a05000100070000000a00094000000008100008800c00078008000940000000d40900020073797a31"], 0x40}, 0x1, 0x0, 0x0, 0x10000001}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0x5820a61ca228659, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}, {0x1f, 0x7}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x7, 0x1, 0x1}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040191}, 0x800)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x73, 0x10, 0x403, 0x70bd2c, 0x0, {0x0, 0x0, 0x74, r5, 0x40624, 0x10243}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0xff}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
syz_usb_connect(0x0, 0x48, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000c36e8240ac051c92fb9d000000010902360001000000000904000004034100000905", @ANYRES64], 0x0)

7.250228964s ago: executing program 3 (id=6752):
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x4, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffa, 0x40003, 0x0, 0x200004, 0x0, 0x2, 0x0, 0x1], 0x80a0000})
r0 = socket(0x10, 0x803, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

7.159683872s ago: executing program 3 (id=6754):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r2 = socket$kcm(0x2, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
sched_setscheduler(0x0, 0x5, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1f, 0xf, &(0x7f0000000680)=ANY=[@ANYRES64=r1, @ANYRES16=r6, @ANYRES16=r0, @ANYBLOB="87febd799a25c8299b80d139b144215068dad5c047adc9d5a0fdb4dde4e09fd42d42f38bb7bbc9500061b64d4412a3c49298df8daea5db9557e7f2bc308e599c21999237de05f7b085df0bc43f9f44042c670506aaaa881c038e6af43f381ac36887805f4f6c5a03674f34d68f59313c8f58c0a2ec924cdd786058624bc0ff219828956988880667ffdf95906e92a5444b3ba4ecb2ef324d8bacb57af7a530b94f9b3169edb3b8f8f706ab37d262fab0a60a7d3153670b1c93bd70e2cfdaa33695028d021e06c041228b0fa933f1bb7df8215fdb80a6ab", @ANYRESDEC=r2, @ANYRESOCT, @ANYRES16=r1], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r8)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01400000000200000000067400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a733000080002000000e6ff07000700263a3a0914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000600)={{0x2, 0x0, @multicast2}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x4}}, 0x8, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 'lo\x00'})
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r10, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0xfff, 0x0)

5.861338399s ago: executing program 2 (id=6758):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
unshare(0x26020480)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$inet6_icmp(0xa, 0x2, 0x3a)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x6e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0xc00, @remote, 0xffffffff}, 0xffffffffffffffff, 0x3}}, 0x48)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
sendfile(r2, r0, 0x0, 0x80000000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

5.142203592s ago: executing program 2 (id=6759):
r0 = openat$kvm(0x0, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x40000003b)
r2 = gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
flock(0xffffffffffffffff, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={'\x00', 0xa89f, 0x3, 0xe0000000, 0xd187, 0x10000000, r2})
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019bc0)=""/102400, 0x19000)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00001b4000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x12, 0x0, 0x0)
unshare(0x22020600)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYRES32], &(0x7f0000000080)='syzkaller\x00', 0x0, 0xffffffffffffff7f, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r3, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)

4.966364115s ago: executing program 6 (id=6760):
fadvise64(0xffffffffffffffff, 0x1, 0x2000000000b09c, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @loopback, 0x4e24, 0x1, 'none\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e22, 0x2, 0xfffffffe, 0x4, 0x12d5c}}, 0x44)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f00000003c0)={0xc, 0x3, 0x800, 0x5}, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, 0x30, 0x0, @in6={0xa, 0x4e23, 0x1, @loopback, 0x5}, @ib={0x1b, 0x0, 0xc, {"7d735931001016095e000303ff010001"}, 0x4}}}, 0x118)
write$RDMA_USER_CM_CMD_DESTROY_ID(r5, &(0x7f0000000180)={0x1, 0x10, 0xfa00, {0x0}}, 0x18)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x0, 0x10d000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_open_dev$evdev(&(0x7f0000000080), 0x801, 0x8942)
socket$netlink(0x10, 0x3, 0x0)

4.306727909s ago: executing program 4 (id=6761):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = socket(0x2, 0x802, 0x0)
r2 = epoll_create1(0x80000)
shutdown(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, 0x0)
epoll_wait(r2, &(0x7f0000000080)=[{}], 0x1, 0x101)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d65b"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x68}, 0x1, 0x0, 0x0, 0x24000840}, 0x40)
close(0x3)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
syz_usb_ep_write(r4, 0x81, 0x0, 0x0)
syz_usb_ep_write(r4, 0x81, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x100000001, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3fe, 0x7, 0x4, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0xc, 0xe6d5b1111639ab5a}, &(0x7f0000000140))
clock_gettime(0x0, &(0x7f0000000180))
clock_gettime(0x0, &(0x7f0000000300))

4.175818843s ago: executing program 3 (id=6762):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001100), 0x2, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = dup(r1)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780d206050086dd6018232500182c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa620202"], 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000100)=ANY=[@ANYBLOB="aa9d5bc322980157d606050086dd6018232500182c00fe800080000000000000000000000087305277365394fc379af00659ab39e65121dd3e8c7219b1f783b2af6228e8a516d3f134fb660a6200"/91], 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
close(r6)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r5, 0xc01864b0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x3a9e9908})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x6, 0x2, 0x2, 0x0, 0xc6})
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r7, &(0x7f0000000780)=ANY=[@ANYBLOB="c20200007d00000005fa0000006a0000004000000000000000000000000000000010000000020000000000000000000000001f00046e6f6465767b6376666f7825ffffff8102000000000000000000000000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11200fbe161e900000000000000000000f313f6005e00f8f67efb716dcf315ecaf385409ac65b9408679d2c3b9e1d52c3d6da9bf1995688dace6cde7ba4a400b4b0b4dbe64f64b1d63f26796dcbec498623d6a838c69a69dfce9cdd5906f174a666a8529a45773407dbdab2885baf050000000000b3016f6465762d6eb17b2300f9daa1ee23266ecf85fea65eb2d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae89480687bd7f3d7f298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238501000000aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9cf3ee3884002a91c54528b807a89ca184d16645f06188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f299f061f75b7797ce1e411ea918ebd888c1e156b8456931d2ea726ba9609d51a41dd3de304bd7c7ed0a456f0ae12516105c9478f7ded2dc47ec13c0f6af88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff000000000000007461b0ccaaa1933a0e8a826b14d4fcb2989ffaaa1acffa8054e9559dfae4697aa00b03b3d80e5524f8495fee7e8d88cb5a040302acb0d1260f2584db48e8d9064e8ce178ce396e85b97e4886444049810f25f1ceca975deb491a125bf0d72f87cc10b0154e08936daadd8b1e9798d4ec856993d53b9038ab44fdb0223d5a11c9", @ANYRES32=0x0, @ANYRES64=r5, @ANYRES32=0x0], 0x2c2)
write$UHID_INPUT(r2, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d300987f70e06d038e7ff7fc6e5539b0d650e8b089b3f313b6c090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
r8 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
sendmsg$can_bcm(r8, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680))
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x0, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x18, 0x0, 0x0, @ipv4=@multicast1}]}]}, 0x2c}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='statm\x00')
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x36}, './file0\x00'})

3.648059271s ago: executing program 6 (id=6763):
arch_prctl$ARCH_GET_CPUID(0x1011)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x9fac11aa33c6f53a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xec)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000010c0)='net/protocols\x00')
preadv(r1, &(0x7f0000003940)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1, 0x82, 0x3)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000100)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000004140)={0x0, 0x0, &(0x7f0000004100)={&(0x7f0000004080)={0x68, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0xfffffffe, @link='broadcast-link\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0xc0000}, 0x40080)
bpf$ENABLE_STATS(0x20, &(0x7f0000001100), 0x4)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0xee01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030033000b12d25a80648c2594f90124fc60100c03400f000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
syz_usb_connect$uac1(0x2, 0xab, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003000000406b1d010140000102030109029900030156c0000904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f24060205040200020001000100040c2408050400383b0924030102020505f50904010000010200000904010101010200000905010920009301050725010003480f0904020000010200000904020101010200000905820920000d020407250126080300"], &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0})
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x8000)

3.64735208s ago: executing program 2 (id=6764):
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x4, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffa, 0x40003, 0x0, 0x200004, 0x0, 0x2, 0x0, 0x1], 0x80a0000})
r0 = socket(0x10, 0x803, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {0x0}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

3.60019544s ago: executing program 2 (id=6765):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x7f, 0x0)
ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000140)={0x3d7, 0x8, 0x4, 0x2, 0x200, {0x0, 0x2710}, {0x4, 0x2, 0xb, 0x8, 0xdd, 0x3, "e31d0acc"}, 0xed, 0x4, {}, 0xfffff801})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x45, &(0x7f0000000080)=0x101, 0x4)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x44400, 0x0)
ioctl$SNAPSHOT_FREE(r2, 0x3305)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000400)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x10, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}]}, 0x3c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r5 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x1, 0x39d}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

2.898451238s ago: executing program 5 (id=6767):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
r1 = socket(0x11, 0x800000002, 0x9)
ioctl$SIOCPNENABLEPIPE(r1, 0x5411, 0x1000000000000)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x6, @win={{0x6123, 0x9, 0x8, 0x2}, 0x4, 0x1, 0x0, 0x2, 0x0, 0x9}})

2.861668558s ago: executing program 5 (id=6768):
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
fcntl$dupfd(r0, 0x0, r0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
fspick(r1, &(0x7f0000000000)='.\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32=r2], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, 0x0, 0x0)

2.802639933s ago: executing program 3 (id=6769):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x2b, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @local}}}}}}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x5fc, 0x2c, 0xd2b, 0x70bd2b, 0x35dfdbfe, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x5d0, 0x2, [@TCA_U32_SEL={0x384, 0x5, {0x9, 0x7f, 0x3, 0x200, 0x8, 0x0, 0x3, 0x8, [{0x4, 0x400000, 0x0, 0x2}, {0x4800, 0x1, 0x9, 0x3}, {0x4, 0x0, 0x6, 0x8}, {0x1a8f, 0x9, 0xfffff801, 0x7}, {0x7, 0x6, 0x5, 0x400}, {0x73, 0x1400, 0x57e76c05, 0x7fff}, {0x7, 0x5, 0x0, 0x81}, {0x7f, 0x1, 0x1, 0x4}, {0x7fffffff, 0x0, 0x9, 0x7}, {0x5c4, 0xa, 0x6, 0xc}, {0x7, 0x8, 0xff, 0x6}, {0x401, 0xffffffff, 0x7, 0x7}, {0x2, 0x3, 0xd, 0x7}, {0x2, 0x0, 0x100, 0x6}, {0x6, 0x8, 0x1, 0x9}, {0x7, 0x4, 0x2, 0x6}, {0x7fff, 0x0, 0x3, 0x101}, {0x4, 0x5b61, 0x0, 0xe37}, {0x7, 0x2, 0x6, 0x6d}, {0x21, 0x600000, 0xffff, 0x54}, {0xff, 0x81, 0xd4, 0x6}, {0x3, 0x2, 0x3fa4f833, 0x46a}, {0x1, 0x6, 0xff, 0x3ff}, {0x5, 0x9, 0x1, 0x3}, {0x7, 0x1, 0x401, 0x9}, {0x8, 0x100, 0x7, 0x3}, {0x7, 0x9819, 0x6, 0x6}, {0x3, 0xc, 0x5, 0x6}, {0x81, 0x9, 0xf3b8, 0xffff7fff}, {0x0, 0x1, 0x4, 0x9}, {0x4, 0x6, 0x5, 0x8001}, {0xfffffffb, 0xd, 0x7, 0x7f}, {0x2, 0x81, 0x80000000, 0x8}, {0x4, 0xffff, 0x6, 0x2}, {0x80000001, 0x7, 0x6, 0xe0}, {0x0, 0x9, 0x4, 0xb76}, {0x0, 0x8, 0x4, 0x36c2}, {0x6, 0xc63, 0xb, 0x7}, {0x1, 0x5, 0x5, 0x4}, {0x7, 0x200, 0x5, 0x400}, {0x10, 0x0, 0x6, 0x3}, {0xb, 0x5, 0x5, 0x5}, {0x0, 0x9, 0x8, 0xa}, {0x9, 0xd, 0x7f, 0x8000}, {0x7fffffff, 0x51, 0xd6fa, 0xb}, {0xd, 0x6, 0x2, 0x8}, {0x9, 0x9, 0x7ff, 0x9}, {0x8, 0xffffffff, 0x80, 0x200}, {0x7, 0x3, 0x6, 0x401}, {0xdc, 0x1ff, 0x101, 0x5}, {0x0, 0x7f, 0x60d4, 0x3}, {0x6, 0x8, 0xc, 0x8}, {0x400, 0xaef2, 0xffff, 0x1}, {0x10001, 0xfffffffb, 0xfffffffa, 0x1ad}, {0x2, 0x4, 0x800, 0x5}]}}, @TCA_U32_INDEV={0x14, 0x8, 'vxcan1\x00'}, @TCA_U32_SEL={0x234, 0x5, {0x10, 0x9, 0x6, 0x10da, 0xa760, 0x0, 0x10, 0x100, [{0x1000, 0xe, 0xfffff000, 0x9f6}, {0x5, 0x3ff, 0x3, 0x4}, {0x2, 0xffffffff, 0x69c, 0x4000000}, {0x4009, 0x7, 0x40, 0x7d}, {0x2, 0xd033, 0x57, 0x8000}, {0x1, 0x2, 0x9, 0x8}, {0x6, 0x7fff, 0x9, 0x6}, {0x3, 0xde5, 0x1, 0xbd}, {0x3, 0x80, 0x1, 0x6}, {0x7, 0x7fff, 0x0, 0x40}, {0x9, 0x10, 0x5, 0x5}, {0xac, 0xfffff08a, 0x8, 0x3}, {0x8, 0xfffffff9, 0xfffffffa, 0x51}, {0x49f, 0x7, 0x81, 0xb}, {0x5, 0x9, 0x2}, {0x10001, 0x7, 0xc841, 0x2}, {0x1000, 0x2, 0x264, 0x9}, {0x6, 0x0, 0x8, 0x7}, {0x3ff, 0xb, 0x3, 0xa6d}, {0x7, 0x7ff, 0x5, 0xc7}, {0x6, 0x8, 0x2, 0x1}, {0x7, 0x2, 0x5, 0x2}, {0xaa4, 0x406, 0x2, 0x127c}, {0x2, 0x4f, 0x5a2, 0xa2fa}, {0x10, 0xb, 0x2, 0x9}, {0x3, 0x7, 0x200, 0x1}, {0x4, 0x5d14, 0x7f, 0x72}, {0x7, 0x2, 0x7, 0x7}, {0x5, 0x7fff, 0x3, 0x438}, {0x7fff, 0x5, 0x401, 0xc42b}, {0x80, 0x3, 0x2, 0x1e0}, {0xfffffffc, 0x9, 0x40, 0x7}, {0x3, 0xa67, 0x400, 0x80}, {0xc, 0x8000, 0xfffffffb}]}}]}}]}, 0x5fc}}, 0x24040084)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
clock_adjtime(0x7, &(0x7f0000000100)={0x362, 0x6a, 0x55cd, 0x8000000000000001, 0x48c, 0x8, 0xd, 0x80424, 0x2, 0xffffffffffffffff, 0xf423f, 0xfffffffffffffff9, 0x7, 0x6, 0x1000000081, 0x5, 0x0, 0x7, 0x2, 0x9220000000000000, 0x3, 0x0, 0x80000002, 0x0, 0x5, 0x80000000000000})
landlock_create_ruleset(&(0x7f0000000040)={0x2021, 0x1, 0x1}, 0x18, 0x2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
pread64(r5, &(0x7f0000002180)=""/4101, 0x1005, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
fsopen(&(0x7f0000000240)='jfs\x00', 0x1)

2.691551414s ago: executing program 2 (id=6770):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000090000008500000050000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe, 0x0, &(0x7f0000000300)="0000f1bcd399b81e1011f5aa5e5c", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 5)

2.249651864s ago: executing program 5 (id=6771):
getpid()
socket$inet6(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, 0x0, 0x310)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="600000bf85f340181c51471a853500", @ANYRES16=0x0, @ANYBLOB="200028bd7000fddbdf2545000000080001007063690011000200303030303a30303a31302e300000000008008e00010000000e0001006e6574646576"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x4800)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x1, @mcast1, 0x8000}}, {{0xa, 0x0, 0xb53, @empty, 0x80}}}, 0x108)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x70, r4, 0x0, 0x70bd28, 0x25dfdbfd, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e23}, @FOU_ATTR_PEER_V6={0x14, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e20}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_PEER_V4={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0x41}}]}, 0x70}}, 0x800)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @link_local}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', &(0x7f00000003c0)={'ip6gre0\x00', r6, 0x4, 0x1, 0xfa, 0x3, 0x23, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x78fe, 0x40, 0x7, 0x7fff}})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0xc)
sendmsg$AUDIT_SET(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x3c, 0x3e9, 0x806, 0x70bd26, 0x25dfdbfd, {0x2, 0x0, 0x1, r0, 0xe, 0x9, 0x6, 0xffffffff, 0x0, 0x7fff, 0x9}, ["", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040001}, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000040)={0x1, 0x7, 0x3})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
unshare(0x64000600)

2.178225285s ago: executing program 2 (id=6772):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0xc, 0xa00, 0x0, 0x101, 0x300}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), r1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r4 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1, r4})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xfffffd63, &(0x7f00000002c0)={0x0, 0x41, 0x0, &(0x7f00000003c0)=""/166, 0xab}}, 0x10)
r5 = syz_io_uring_setup(0x237, &(0x7f0000000240)={0x0, 0x8101, 0x0, 0x0, 0x250}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000600)=<r7=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f00000001c0)={&(0x7f0000001000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0xc7, 0x3, 0x0, 0x9276, 0x0, 0x1, {0x1}})
io_uring_enter(r5, 0x47bc, 0x3bf6, 0x7, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x0, 0x0, 0xc}, {0x2, 0x0, 0x0, 0x4}, {0x0, 0x4, 0xb0009}], 0x10, 0xfffffff6}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.121868637s ago: executing program 5 (id=6773):
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

894.804969ms ago: executing program 4 (id=6774):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x0, 0x24000004)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x70}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
munlockall()
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001000, 0x2)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0xe, 0x2, 0x87, 0xffffffff, 0x40})
pivot_root(0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMON(r4, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x4, 0x1, 0x1})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[], 0x92fc}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)

628.77309ms ago: executing program 5 (id=6775):
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x4, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffa, 0x40003, 0x0, 0x200004, 0x0, 0x2, 0x0, 0x1], 0x80a0000})
r0 = socket(0x10, 0x803, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {0x0}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

554.223559ms ago: executing program 3 (id=6776):
r0 = openat$kvm(0x0, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x40000003b)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
flock(0xffffffffffffffff, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019bc0)=""/102400, 0x19000)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00001b4000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x12, 0x0, 0x0)
unshare(0x22020600)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYRES32], &(0x7f0000000080)='syzkaller\x00', 0x0, 0xffffffffffffff7f, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)

151.421625ms ago: executing program 6 (id=6777):
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
msgctl$IPC_RMID(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001c00)={0xe, 0x0, 0x0, &(0x7f0000000400)='syzkaller\x00', 0x4, 0xd0, &(0x7f0000001b00)=""/208, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r1, r2, 0x26, 0x0, @void}, 0x10)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$DCCPDIAG_GETSOCK(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000840}, 0x8004)
read$FUSE(r3, &(0x7f0000004080)={0x2020}, 0x2020)
r4 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000000)=[@code={0xa, 0x5e, {"c482fd344f003636460fc71f0f23080f78234631e6c482b5ab9a0d800000c7442400cd3d0000c744240200000000c7442406000000000f011424b9bc0a00000f32662e2ef30fc737f3440f1ee3"}}, @rdmsr={0x32, 0x18, {0xbc1}}, @rdmsr={0x32, 0x18, {0xebe2116834d10134}}, @rdmsr={0x32, 0x18, {0x906}}, @uexit={0x0, 0x18, 0x9}, @wr_crn={0x46, 0x20, {0x4, 0x8001}}, @uexit={0x0, 0x18, 0x71}, @wrmsr={0x1e, 0x20, {0xaa8, 0x6}}, @code={0xa, 0x4c, {"f241ad66b837010f00d0490fc7680066420f3adf26be0fc72f6565460f01d166bad00466b8007066ef0f20d835080000000f22d8460f01cb0f74eb"}}, @uexit={0x0, 0x18, 0x2}, @cpuid={0x14, 0x18, {0x3, 0x91}}, @cpuid={0x14, 0x18, {0x268}}, @uexit={0x0, 0x18, 0x2}, @cpuid={0x14, 0x18, {0x7}}, @wr_crn={0x46, 0x20, {0x0, 0x8}}, @rdmsr={0x32, 0x18, {0xaf2}}, @rdmsr={0x32, 0x18, {0xacc}}, @cpuid={0x14, 0x18, {0xaa}}, @wrmsr={0x1e, 0x20, {0xa4b, 0xb768}}, @code={0xa, 0x6c, {"66ba610066b85aaa66efc40191690f440f783d094257d048b800800000000000000f23d80f21f835c00000000f23f8c74424009c000000c744240202000000ff2c24f3460fc777f3470f01dfc463791dee12470f00538a450f01c4"}}, @wr_crn={0x46, 0x20, {0x0, 0xbec7}}, @uexit={0x0, 0x18, 0x200}, @rdmsr={0x32, 0x18, {0x236}}, @wr_crn={0x46, 0x20, {0x3, 0x44c8}}], 0x33e})
write(r4, &(0x7f0000001600)="6aa6df0c9fcdcff393eef67e31cea121b368438b38c7ff7cb0fcd8a4a64a818e6accf4e2484ec6bbf17ad643001136dd6b45cdda421a3d78b11754ecfeb1fb900a202608d0bff46b867247ecf06eb5e4daabb42c9def779ef294afff982b860512ae5e49ea57b0d5266da299599dfe3f22642b87c0f35167a473671dbeb4e2b74f72f32b1c09bfb1b21b0f4882ef458afe733f6f294c1b48fb5268de5f1a03b56de3097144eeae5fba038097909a93bd3108a4bdec9c13e2cec17c54875d21491ad7c2ef832d8da1370848d6ef854cb2103fe4a6bab25991e0ce8b7454082f335051b9e84fba55af3ae8a764233d1527d7ffa6d12223344fd60d2ea1b0a888855401aeec3e72fbfa21aedf911bc2f06cecd51717fca432e678f09fdaad49c89be1a59d9fa560afda1effe4de8c34340740864ee1287cdd4ed5d6ccb5d56aef40185348bd00bf3a36bb6db441144dd3d943b611652d50017a28d661b5251adbbdb21c63db5c7f19699106a33a732c53bab26572dac8e56a2d918c7f21084c0fa0859f207f37549e0f642ba2530f0d82185e61e73450f4a3eb1874c673d27c995d485722e57d78ab2a021f2702bb176460e035aca80b1ddbe9c4510c6c61261d1cf50a017a374dd0bf064a0135381e457fc5219f47d8571d10e8e2a78d58ac8ae3cd9756f332c382de7e62195fd1e6700d3d8000090c13efc7d6874c92a414694e3da468a505d058c67c14434ff06d48c008cf8ff5c7c6eb82a9e470a920dab636dbe5eb739beb2058ae9a5b863ed71d5ef709f11e409590da04d4cca61e637546b643246d4f643fabc44d22d852360e55bed19aea4d8f5a2e5776832827bc7e3e8022c3b133fc4495691e559383c73b8e25f6a79ca35cfbca6569aa4a84f5babd86a747ba288ea15ca767d080333e2a7ae6527a639974cc4f27b918a1050a9e8c38846ab8f34460295e6060b7e188607408fd83bfd4f4169ebfb11fc02d411d770f3e7e9700bcf2015767eb650a5f653f812092c16e88b475326e67bfe91ad594f1b94dbb519809d02bf82a297d9d3789570d077f404e0c7e31e740797ad49cddf147f245f7ba73a9cb571fdd2d37d29b57e261544219b22688f869caac11b66298cbbf12235568228af2bb5f2f6d8cc776bf8ba625f57d0126390eaf8f6e0b6db0b1f241d99544cbc2ab39f0e4348b4d455c14469084b315b9f2efd380dabc62576dbdd95c498a7cdc36079eeb18286a149739c05666e2bd8509f802dd4c621d33c3954cfc52361aca4948367fb9fcfb44d588703705dc7632741da6ea237e42cd2f107a22d3ab88bcdbfa2ceed8e4e1434aea9709f5bf88ffc0", 0x3ba)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fsopen(&(0x7f0000000100)='binder\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018000000ce7f08266ecd8625c7b127000001000c0000000c000000020000000000000000000004000000000000"], 0x0, 0x26}, 0x28)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x84)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000019c0)=ANY=[@ANYBLOB="24000000330001002bbd7000fedbdb2504000000080004000200000008000500", @ANYRES32=0x0, @ANYBLOB="28bd0c9e92805c910152a9b0970df23ca444378f2ccb5da5246afc25539435fa5f9f7f1eefaf3a087c848c407c480918578023419450bc2fe3ee6ed105a0385b142ceef02671254993a487f272a8ecef384f08dc47db9cf95c04ac54572bc60191d79d3fc5c3b26146ee52c679e3586e15cc6b1ecfde5fe07458d30111efd11da1248e7a39b3a59151a70392f3b8df705914db97e63d0670a03a989af49d53484b556256d945788b3e94e61388d914f902bb79cab079a4b2d6e29c4ef7df548a1436bf9c6d40b6916134d40e1d692bcea42f80d8366ac3974e15fb458750bb249d429c06a5967b776fe23c15daba1f"], 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x4000000)
write$UHID_INPUT(r5, &(0x7f00000005c0)={0x9, {"a2e3ad21ed0d52f91b5a090987f70e06d038e7ff7fc6e5539b5b43078b089b3b073172090890e0878f0e1ac6e7049b3371959b6e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6b922f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa0b9d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c71568f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897f3411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2de8a50ddefeb12c46342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f02f4cded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

109.834376ms ago: executing program 5 (id=6778):
r0 = syz_open_procfs(0x0, &(0x7f00000020c0)='net/rt_cache\x00')
read$FUSE(r0, &(0x7f0000000000)={0x2020}, 0x2020)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x80, 0x2000000, 0x3a6}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x18}, 0x0, 0x40000, 0x1})
io_uring_enter(r2, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0) (fail_nth: 1)

0s ago: executing program 3 (id=6779):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000a40), 0x0}, 0x20)
r0 = open$dir(0x0, 0x7e, 0x8a)
fcntl$setstatus(r0, 0x4, 0x42400)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2400)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x40)

kernel console output (not intermixed with test programs):

[ 2043.448656][   T30] audit: type=1326 audit(2042.644:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30119 comm="syz.2.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafcd18eec9 code=0x7ffc0000
[ 2043.627753][   T30] audit: type=1326 audit(2042.644:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30119 comm="syz.2.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fafcd18eec9 code=0x7ffc0000
[ 2043.633043][T30124] syzkaller1: entered promiscuous mode
[ 2043.690096][T30124] syzkaller1: entered allmulticast mode
[ 2044.429552][T11054] usbhid 5-1:0.0: can't add hid device: -71
[ 2044.435728][T11054] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 2044.468254][T11054] usb 5-1: USB disconnect, device number 37
[ 2044.626773][T20367] usb 6-1: new full-speed USB device number 111 using dummy_hcd
[ 2044.851933][T30148] FAULT_INJECTION: forcing a failure.
[ 2044.851933][T30148] name failslab, interval 1, probability 0, space 0, times 0
[ 2044.937015][T30148] CPU: 0 UID: 0 PID: 30148 Comm: syz.6.6241 Not tainted syzkaller #0 PREEMPT(full) 
[ 2044.937041][T30148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2044.937051][T30148] Call Trace:
[ 2044.937058][T30148]  <TASK>
[ 2044.937064][T30148]  dump_stack_lvl+0x16c/0x1f0
[ 2044.937093][T30148]  should_fail_ex+0x512/0x640
[ 2044.937116][T30148]  ? __kmalloc_noprof+0xbf/0x510
[ 2044.937138][T30148]  ? kobject_get_path+0xd2/0x2a0
[ 2044.937158][T30148]  should_failslab+0xc2/0x120
[ 2044.937180][T30148]  __kmalloc_noprof+0xd2/0x510
[ 2044.937204][T30148]  kobject_get_path+0xd2/0x2a0
[ 2044.937232][T30148]  kobject_uevent_env+0x289/0x1870
[ 2044.937315][T30148]  ? __pfx_dev_uevent_name+0x10/0x10
[ 2044.937341][T30148]  ? queue_work_on+0x12a/0x1f0
[ 2044.937362][T30148]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2044.937386][T30148]  rfkill_set_block+0x3c7/0x550
[ 2044.937437][T30148]  rfkill_fop_write+0x2c0/0x580
[ 2044.937465][T30148]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2044.937491][T30148]  ? bpf_lsm_inode_copy_up+0x10/0x10
[ 2044.937515][T30148]  ? security_file_permission+0x71/0x210
[ 2044.937543][T30148]  ? rw_verify_area+0xcf/0x6c0
[ 2044.937574][T30148]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2044.937600][T30148]  vfs_write+0x2a0/0x11d0
[ 2044.937624][T30148]  ? __pfx_vfs_write+0x10/0x10
[ 2044.937639][T30148]  ? find_held_lock+0x2b/0x80
[ 2044.937662][T30148]  ? __fget_files+0x204/0x3c0
[ 2044.937687][T30148]  ? __fget_files+0x20e/0x3c0
[ 2044.937714][T30148]  ksys_write+0x1f8/0x250
[ 2044.937732][T30148]  ? __pfx_ksys_write+0x10/0x10
[ 2044.937758][T30148]  do_syscall_64+0xcd/0x4e0
[ 2044.937783][T30148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2044.937801][T30148] RIP: 0033:0x7f741938eec9
[ 2044.937816][T30148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2044.937833][T30148] RSP: 002b:00007f741a28d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2044.937851][T30148] RAX: ffffffffffffffda RBX: 00007f74195e6090 RCX: 00007f741938eec9
[ 2044.937863][T30148] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003
[ 2044.937874][T30148] RBP: 00007f741a28d090 R08: 0000000000000000 R09: 0000000000000000
[ 2044.937890][T30148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2044.937901][T30148] R13: 00007f74195e6128 R14: 00007f74195e6090 R15: 00007ffdf95a3f18
[ 2044.937926][T30148]  </TASK>
[ 2044.952930][   T30] audit: type=1400 audit(2045.054:1645): avc:  denied  { append } for  pid=30149 comm="syz.4.6242" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 2045.000943][T20367] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2045.063821][T30154] FAULT_INJECTION: forcing a failure.
[ 2045.063821][T30154] name failslab, interval 1, probability 0, space 0, times 0
[ 2045.069186][T30148] tipc: Resetting bearer <eth:syzkaller0>
[ 2045.098299][T30154] CPU: 1 UID: 0 PID: 30154 Comm: syz.4.6242 Not tainted syzkaller #0 PREEMPT(full) 
[ 2045.098321][T30154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2045.098331][T30154] Call Trace:
[ 2045.098337][T30154]  <TASK>
[ 2045.098344][T30154]  dump_stack_lvl+0x16c/0x1f0
[ 2045.098371][T30154]  should_fail_ex+0x512/0x640
[ 2045.098394][T30154]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2045.098414][T30154]  should_failslab+0xc2/0x120
[ 2045.098434][T30154]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2045.098450][T30154]  ? do_epoll_ctl+0x24d7/0x3790
[ 2045.098475][T30154]  do_epoll_ctl+0x24d7/0x3790
[ 2045.098503][T30154]  ? __pfx_do_epoll_ctl+0x10/0x10
[ 2045.098520][T30154]  ? find_held_lock+0x2b/0x80
[ 2045.098540][T30154]  ? __might_fault+0xe3/0x190
[ 2045.098557][T30154]  ? __might_fault+0xe3/0x190
[ 2045.098586][T30154]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[ 2045.098603][T30154]  __x64_sys_epoll_ctl+0x15c/0x1e0
[ 2045.098643][T30154]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[ 2045.098668][T30154]  do_syscall_64+0xcd/0x4e0
[ 2045.098692][T30154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2045.098708][T30154] RIP: 0033:0x7f9d4c38eec9
[ 2045.098721][T30154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2045.098736][T30154] RSP: 002b:00007f9d4d1bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 2045.098752][T30154] RAX: ffffffffffffffda RBX: 00007f9d4c5e6180 RCX: 00007f9d4c38eec9
[ 2045.098762][T30154] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[ 2045.098771][T30154] RBP: 00007f9d4d1bf090 R08: 0000000000000000 R09: 0000000000000000
[ 2045.098780][T30154] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[ 2045.098790][T30154] R13: 00007f9d4c5e6218 R14: 00007f9d4c5e6180 R15: 00007ffcd68d0ab8
[ 2045.098811][T30154]  </TASK>
[ 2045.425000][T20367] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 2045.436089][T20367] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64
[ 2045.447086][T20367] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 2045.464593][T20367] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 2045.474760][T20367] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 2045.485945][T20367] usb 6-1: Manufacturer: syz
[ 2045.520912][T20367] usb 6-1: config 0 descriptor??
[ 2046.036723][T20367] rc_core: IR keymap rc-hauppauge not found
[ 2046.046658][T20367] Registered IR keymap rc-empty
[ 2046.061742][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.101343][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.146159][T20367] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[ 2046.162346][T20367] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input125
[ 2046.221892][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.331705][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.353864][T30164] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2046.426901][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.452240][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.587150][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.628089][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.682779][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.716760][T20365] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[ 2046.729212][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.757375][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.779736][T20367] mceusb 6-1:0.0: Error: mce write urb status = -71
[ 2046.811707][T20367] mceusb 6-1:0.0: Registered  with mce emulator interface version 1
[ 2046.837856][T20367] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 2046.866813][T20365] usb 3-1: Using ep0 maxpacket: 16
[ 2046.898604][T20365] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 2046.948462][T20367] usb 6-1: USB disconnect, device number 111
[ 2046.961958][T20365] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2046.997500][T20365] usb 3-1: config 0 descriptor??
[ 2047.109489][T30195] FAULT_INJECTION: forcing a failure.
[ 2047.109489][T30195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2047.145074][T30195] CPU: 0 UID: 0 PID: 30195 Comm: syz.4.6256 Not tainted syzkaller #0 PREEMPT(full) 
[ 2047.145092][T30195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2047.145099][T30195] Call Trace:
[ 2047.145105][T30195]  <TASK>
[ 2047.145111][T30195]  dump_stack_lvl+0x16c/0x1f0
[ 2047.145134][T30195]  should_fail_ex+0x512/0x640
[ 2047.145152][T30195]  _copy_to_user+0x32/0xd0
[ 2047.145172][T30195]  simple_read_from_buffer+0xcb/0x170
[ 2047.145190][T30195]  proc_fail_nth_read+0x197/0x240
[ 2047.145206][T30195]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2047.145220][T30195]  ? rw_verify_area+0xcf/0x6c0
[ 2047.145241][T30195]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2047.145261][T30195]  vfs_read+0x1e1/0xcf0
[ 2047.145283][T30195]  ? __pfx___mutex_lock+0x10/0x10
[ 2047.145308][T30195]  ? __pfx_vfs_read+0x10/0x10
[ 2047.145334][T30195]  ? __fget_files+0x20e/0x3c0
[ 2047.145363][T30195]  ksys_read+0x12a/0x250
[ 2047.145381][T30195]  ? __pfx_ksys_read+0x10/0x10
[ 2047.145399][T30195]  ? fput+0x9b/0xd0
[ 2047.145427][T30195]  do_syscall_64+0xcd/0x4e0
[ 2047.145448][T30195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.145460][T30195] RIP: 0033:0x7f9d4c38d8dc
[ 2047.145470][T30195] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2047.145482][T30195] RSP: 002b:00007f9d4d201030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2047.145494][T30195] RAX: ffffffffffffffda RBX: 00007f9d4c5e5fa0 RCX: 00007f9d4c38d8dc
[ 2047.145501][T30195] RDX: 000000000000000f RSI: 00007f9d4d2010a0 RDI: 0000000000000003
[ 2047.145508][T30195] RBP: 00007f9d4d201090 R08: 0000000000000000 R09: 0000000000000000
[ 2047.145515][T30195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2047.145522][T30195] R13: 00007f9d4c5e6038 R14: 00007f9d4c5e5fa0 R15: 00007ffcd68d0ab8
[ 2047.145536][T30195]  </TASK>
[ 2047.594686][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 2047.594709][   T30] audit: type=1400 audit(2047.704:1648): avc:  denied  { listen } for  pid=30198 comm="syz.3.6258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 2047.623847][T30200] FAULT_INJECTION: forcing a failure.
[ 2047.623847][T30200] name failslab, interval 1, probability 0, space 0, times 0
[ 2047.637286][T30200] CPU: 1 UID: 0 PID: 30200 Comm: syz.3.6258 Not tainted syzkaller #0 PREEMPT(full) 
[ 2047.637313][T30200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2047.637325][T30200] Call Trace:
[ 2047.637333][T30200]  <TASK>
[ 2047.637340][T30200]  dump_stack_lvl+0x16c/0x1f0
[ 2047.637371][T30200]  should_fail_ex+0x512/0x640
[ 2047.637395][T30200]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 2047.637419][T30200]  should_failslab+0xc2/0x120
[ 2047.637441][T30200]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 2047.637461][T30200]  ? sock_alloc_inode+0x25/0x1c0
[ 2047.637491][T30200]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 2047.637514][T30200]  sock_alloc_inode+0x25/0x1c0
[ 2047.637537][T30200]  alloc_inode+0x61/0x240
[ 2047.637565][T30200]  sock_alloc+0x40/0x280
[ 2047.637589][T30200]  do_accept+0xf7/0x530
[ 2047.637608][T30200]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2047.637630][T30200]  ? __pfx_do_accept+0x10/0x10
[ 2047.637660][T30200]  ? get_unused_fd_flags+0x56/0x80
[ 2047.637682][T30200]  __sys_accept4+0x100/0x1c0
[ 2047.637701][T30200]  ? __pfx___sys_accept4+0x10/0x10
[ 2047.637721][T30200]  ? __pfx_ksys_write+0x10/0x10
[ 2047.637746][T30200]  __x64_sys_accept4+0x96/0x100
[ 2047.637764][T30200]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2047.637786][T30200]  do_syscall_64+0xcd/0x4e0
[ 2047.637811][T30200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.637830][T30200] RIP: 0033:0x7f2a3218eec9
[ 2047.637845][T30200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2047.637863][T30200] RSP: 002b:00007f2a33057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 2047.637887][T30200] RAX: ffffffffffffffda RBX: 00007f2a323e6090 RCX: 00007f2a3218eec9
[ 2047.637899][T30200] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 2047.637910][T30200] RBP: 00007f2a33057090 R08: 0000000000000000 R09: 0000000000000000
[ 2047.637921][T30200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2047.637932][T30200] R13: 00007f2a323e6128 R14: 00007f2a323e6090 R15: 00007ffe827169c8
[ 2047.637955][T30200]  </TASK>
[ 2048.088738][T20365] usbhid 3-1:0.0: can't add hid device: -71
[ 2048.095043][T20365] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 2048.368938][T20365] usb 3-1: USB disconnect, device number 59
[ 2048.483899][T30212] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6262'.
[ 2048.503863][T30213] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6261'.
[ 2048.773829][   T30] audit: type=1400 audit(2048.874:1649): avc:  denied  { write } for  pid=30219 comm="syz.6.6265" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[ 2049.546114][T30235] syz_tun: entered allmulticast mode
[ 2049.609156][T30235] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[ 2049.617731][T30235] mroute: pending queue full, dropping entries
[ 2049.869944][T30242] FAULT_INJECTION: forcing a failure.
[ 2049.869944][T30242] name failslab, interval 1, probability 0, space 0, times 0
[ 2049.929587][T30242] CPU: 1 UID: 0 PID: 30242 Comm: syz.3.6271 Not tainted syzkaller #0 PREEMPT(full) 
[ 2049.929615][T30242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2049.929623][T30242] Call Trace:
[ 2049.929628][T30242]  <TASK>
[ 2049.929633][T30242]  dump_stack_lvl+0x16c/0x1f0
[ 2049.929654][T30242]  should_fail_ex+0x512/0x640
[ 2049.929673][T30242]  should_failslab+0xc2/0x120
[ 2049.929694][T30242]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2049.929714][T30242]  ? dst_alloc+0x99/0x1a0
[ 2049.929737][T30242]  dst_alloc+0x99/0x1a0
[ 2049.929759][T30242]  rt_dst_alloc+0x35/0x3a0
[ 2049.929801][T30242]  ip_route_output_key_hash_rcu+0x87a/0x28e0
[ 2049.929829][T30242]  ip_route_output_key_hash+0x137/0x2e0
[ 2049.929849][T30242]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 2049.929875][T30242]  ? find_held_lock+0x2b/0x80
[ 2049.929903][T30242]  ip_route_output_flow+0x27/0x150
[ 2049.929924][T30242]  raw_sendmsg+0xd5b/0x37e0
[ 2049.929962][T30242]  ? __pfx_raw_sendmsg+0x10/0x10
[ 2049.929979][T30242]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 2049.929996][T30242]  ? avc_has_perm+0x144/0x1f0
[ 2049.930014][T30242]  ? sock_has_perm+0x259/0x2f0
[ 2049.930035][T30242]  ? __import_iovec+0x1dd/0x650
[ 2049.930054][T30242]  ? __pfx_raw_sendmsg+0x10/0x10
[ 2049.930066][T30242]  inet_sendmsg+0x11c/0x140
[ 2049.930078][T30242]  ____sys_sendmsg+0x973/0xc70
[ 2049.930097][T30242]  ? copy_msghdr_from_user+0x10a/0x160
[ 2049.930111][T30242]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2049.930130][T30242]  ? __pfx__kstrtoull+0x10/0x10
[ 2049.930145][T30242]  ___sys_sendmsg+0x134/0x1d0
[ 2049.930160][T30242]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2049.930181][T30242]  ? find_held_lock+0x2b/0x80
[ 2049.930203][T30242]  __sys_sendmmsg+0x200/0x420
[ 2049.930219][T30242]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2049.930238][T30242]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2049.930259][T30242]  ? fput+0x9b/0xd0
[ 2049.930275][T30242]  ? ksys_write+0x1ac/0x250
[ 2049.930287][T30242]  ? __pfx_ksys_write+0x10/0x10
[ 2049.930301][T30242]  __x64_sys_sendmmsg+0x9c/0x100
[ 2049.930315][T30242]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2049.930329][T30242]  do_syscall_64+0xcd/0x4e0
[ 2049.930344][T30242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2049.930357][T30242] RIP: 0033:0x7f2a3218eec9
[ 2049.930367][T30242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2049.930378][T30242] RSP: 002b:00007f2a33078038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2049.930390][T30242] RAX: ffffffffffffffda RBX: 00007f2a323e5fa0 RCX: 00007f2a3218eec9
[ 2049.930397][T30242] RDX: 0000000000000002 RSI: 0000200000004040 RDI: 0000000000000003
[ 2049.930404][T30242] RBP: 00007f2a33078090 R08: 0000000000000000 R09: 0000000000000000
[ 2049.930412][T30242] R10: 00000000040008a0 R11: 0000000000000246 R12: 0000000000000001
[ 2049.930418][T30242] R13: 00007f2a323e6038 R14: 00007f2a323e5fa0 R15: 00007ffe827169c8
[ 2049.930432][T30242]  </TASK>
[ 2050.454861][   T30] audit: type=1400 audit(2050.564:1650): avc:  denied  { read } for  pid=30244 comm="syz.3.6272" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 2050.555056][T30234] syz_tun: left allmulticast mode
[ 2050.766878][T30252] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6273'.
[ 2050.839829][T30252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6273'.
[ 2051.106907][T30252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6273'.
[ 2051.123110][T30252] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6273'.
[ 2051.776471][T30252] netlink: 'syz.3.6273': attribute type 20 has an invalid length.
[ 2051.949523][T30252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6273'.
[ 2051.958756][   T59] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 2051.969024][   T59] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 2051.978063][T30252] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6273'.
[ 2051.987975][   T59] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 2051.999690][T30252] netlink: 'syz.3.6273': attribute type 20 has an invalid length.
[ 2052.012602][   T59] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 2054.160597][T30305] FAULT_INJECTION: forcing a failure.
[ 2054.160597][T30305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2054.192434][T30305] CPU: 0 UID: 0 PID: 30305 Comm: syz.5.6286 Not tainted syzkaller #0 PREEMPT(full) 
[ 2054.192464][T30305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2054.192476][T30305] Call Trace:
[ 2054.192483][T30305]  <TASK>
[ 2054.192491][T30305]  dump_stack_lvl+0x16c/0x1f0
[ 2054.192522][T30305]  should_fail_ex+0x512/0x640
[ 2054.192552][T30305]  _copy_from_iter+0x29f/0x1720
[ 2054.192580][T30305]  ? __pfx_avc_has_perm+0x10/0x10
[ 2054.192604][T30305]  ? __pfx__copy_from_iter+0x10/0x10
[ 2054.192640][T30305]  ? sock_has_perm+0x259/0x2f0
[ 2054.192663][T30305]  ? __pfx_sock_has_perm+0x10/0x10
[ 2054.192687][T30305]  hci_sock_sendmsg+0x46d/0x25f0
[ 2054.192752][T30305]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[ 2054.192779][T30305]  sock_write_iter+0x4fc/0x5b0
[ 2054.192811][T30305]  ? __pfx_sock_write_iter+0x10/0x10
[ 2054.192846][T30305]  ? bpf_lsm_file_permission+0x9/0x10
[ 2054.192872][T30305]  ? security_file_permission+0x71/0x210
[ 2054.192899][T30305]  ? rw_verify_area+0xcf/0x6c0
[ 2054.192930][T30305]  vfs_write+0x7d3/0x11d0
[ 2054.192950][T30305]  ? __pfx_sock_write_iter+0x10/0x10
[ 2054.192979][T30305]  ? __pfx_vfs_write+0x10/0x10
[ 2054.192995][T30305]  ? find_held_lock+0x2b/0x80
[ 2054.193035][T30305]  ksys_write+0x1f8/0x250
[ 2054.193054][T30305]  ? __pfx_ksys_write+0x10/0x10
[ 2054.193079][T30305]  do_syscall_64+0xcd/0x4e0
[ 2054.193104][T30305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2054.193124][T30305] RIP: 0033:0x7f5fe738eec9
[ 2054.193139][T30305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2054.193157][T30305] RSP: 002b:00007f5fe55d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2054.193176][T30305] RAX: ffffffffffffffda RBX: 00007f5fe75e6090 RCX: 00007f5fe738eec9
[ 2054.193188][T30305] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0000000000000004
[ 2054.193200][T30305] RBP: 00007f5fe55d5090 R08: 0000000000000000 R09: 0000000000000000
[ 2054.193211][T30305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2054.193222][T30305] R13: 00007f5fe75e6128 R14: 00007f5fe75e6090 R15: 00007ffdee5a6f88
[ 2054.193246][T30305]  </TASK>
[ 2054.727765][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.735694][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.743590][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.748814][T30315] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[ 2054.751472][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.769407][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.777248][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.785026][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.792856][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.800659][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.808496][T30311] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 2054.877222][T30319] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2055.019601][T30316] netlink: 'syz.2.6288': attribute type 10 has an invalid length.
[ 2055.175524][T30318] overlayfs: conflicting options: userxattr,metacopy=on
[ 2055.298481][T30324] random: crng reseeded on system resumption
[ 2056.472026][T30316] batman_adv: batadv0: Adding interface: team0
[ 2056.481803][T30316] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2056.520659][T30316] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 2057.276676][T20367] usb 3-1: new full-speed USB device number 60 using dummy_hcd
[ 2057.545135][T20367] usb 3-1: config 0 has an invalid interface number: 128 but max is 0
[ 2057.660633][T20367] usb 3-1: config 0 has no interface number 0
[ 2057.807997][T20367] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 2057.843147][T20367] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2057.882188][T20367] usb 3-1: Product: syz
[ 2057.895745][T20367] usb 3-1: Manufacturer: syz
[ 2057.909188][   T30] audit: type=1400 audit(2058.024:1651): avc:  denied  { append } for  pid=30346 comm="syz.6.6298" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 2057.911012][T20367] usb 3-1: SerialNumber: syz
[ 2057.972418][T20367] usb 3-1: config 0 descriptor??
[ 2058.952786][T30347] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2059.022226][T30347] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 2059.062577][T20367] usb 3-1: Firmware version (0.0) predates our first public release.
[ 2059.070878][T20367] usb 3-1: Please update to version 0.2 or newer
[ 2059.115563][T30347] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2059.167135][T30347] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 2059.239739][T30347] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2059.273055][T30347] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 2059.302602][T30347] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2059.310191][T30347] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 2059.421963][T30347] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 2060.117585][T27980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2060.978659][T20367] usb 3-1: USB disconnect, device number 60
[ 2061.204775][T27980] Bluetooth: hci5: command 0x0405 tx timeout
[ 2061.316832][T27980] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2061.322956][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 2062.216934][T27980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2063.054169][T30417] Mount JFS Failure: -22
[ 2063.074252][T30417] jfs_mount failed w/return code = -22
[ 2063.246801][T27980] Bluetooth: hci5: command 0x0405 tx timeout
[ 2063.283677][T30426] audit: audit_lost=7 audit_rate_limit=0 audit_backlog_limit=64
[ 2063.347678][T30426] audit: out of memory in audit_log_start
[ 2063.396928][T27980] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2063.404476][T27980] Bluetooth: hci1: command 0x0406 tx timeout
[ 2064.211010][T30440] FAULT_INJECTION: forcing a failure.
[ 2064.211010][T30440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2064.350872][T30440] CPU: 1 UID: 0 PID: 30440 Comm: syz.5.6318 Not tainted syzkaller #0 PREEMPT(full) 
[ 2064.350898][T30440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2064.350907][T30440] Call Trace:
[ 2064.350912][T30440]  <TASK>
[ 2064.350916][T30440]  dump_stack_lvl+0x16c/0x1f0
[ 2064.350936][T30440]  should_fail_ex+0x512/0x640
[ 2064.350955][T30440]  copy_fpstate_to_sigframe+0x854/0xaf0
[ 2064.350976][T30440]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 2064.350992][T30440]  ? posixtimer_deliver_signal+0x105/0x6b0
[ 2064.351011][T30440]  ? x86_task_fpu+0x5f/0x90
[ 2064.351026][T30440]  get_sigframe+0x4a8/0x9c0
[ 2064.351099][T30440]  ? __pfx_get_sigframe+0x10/0x10
[ 2064.351112][T30440]  ? trace_irq_enable.constprop.0+0x2f/0x120
[ 2064.351129][T30440]  ? _raw_spin_unlock_irq+0x29/0x50
[ 2064.351143][T30440]  ? siginfo_layout+0x177/0x290
[ 2064.351161][T30440]  x64_setup_rt_frame+0x12e/0xcf0
[ 2064.351179][T30440]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 2064.351197][T30440]  arch_do_signal_or_restart+0x5e4/0x7d0
[ 2064.351212][T30440]  ? __fget_files+0x20e/0x3c0
[ 2064.351226][T30440]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2064.351244][T30440]  ? ksys_write+0x1ac/0x250
[ 2064.351257][T30440]  ? __pfx_ksys_write+0x10/0x10
[ 2064.351271][T30440]  exit_to_user_mode_loop+0x84/0x110
[ 2064.351285][T30440]  do_syscall_64+0x41c/0x4e0
[ 2064.351301][T30440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2064.351313][T30440] RIP: 0033:0x7f5fe738d97f
[ 2064.351324][T30440] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 2064.351335][T30440] RSP: 002b:00007f5fe55f6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 2064.351347][T30440] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 00007f5fe738d97f
[ 2064.351354][T30440] RDX: 0000000000000001 RSI: 00007f5fe55f6090 RDI: 0000000000000003
[ 2064.351361][T30440] RBP: 00007f5fe55f6090 R08: 0000000000000000 R09: 00007f5fe55f5df7
[ 2064.351367][T30440] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 2064.351374][T30440] R13: 00007f5fe75e6038 R14: 00007f5fe75e5fa0 R15: 00007ffdee5a6f88
[ 2064.351387][T30440]  </TASK>
[ 2064.565633][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2064.677576][T20367] usb 5-1: new full-speed USB device number 38 using dummy_hcd
[ 2064.793321][T30448] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6319'.
[ 2065.029845][T30459] FAULT_INJECTION: forcing a failure.
[ 2065.029845][T30459] name failslab, interval 1, probability 0, space 0, times 0
[ 2065.128551][T30459] CPU: 1 UID: 0 PID: 30459 Comm: syz.4.6323 Not tainted syzkaller #0 PREEMPT(full) 
[ 2065.128580][T30459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2065.128592][T30459] Call Trace:
[ 2065.128599][T30459]  <TASK>
[ 2065.128607][T30459]  dump_stack_lvl+0x16c/0x1f0
[ 2065.128637][T30459]  should_fail_ex+0x512/0x640
[ 2065.128661][T30459]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 2065.128685][T30459]  should_failslab+0xc2/0x120
[ 2065.128707][T30459]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 2065.128726][T30459]  ? __d_alloc+0x32/0xae0
[ 2065.128752][T30459]  __d_alloc+0x32/0xae0
[ 2065.128777][T30459]  d_alloc_parallel+0x111/0x1480
[ 2065.128812][T30459]  ? register_lock_class+0x41/0x4c0
[ 2065.128830][T30459]  ? __lock_acquire+0xb97/0x1ce0
[ 2065.128856][T30459]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 2065.128886][T30459]  ? lockdep_init_map_type+0x5c/0x280
[ 2065.128904][T30459]  ? lockdep_init_map_type+0x5c/0x280
[ 2065.128925][T30459]  __lookup_slow+0x193/0x460
[ 2065.128953][T30459]  ? __pfx___lookup_slow+0x10/0x10
[ 2065.128996][T30459]  ? lookup_fast+0x156/0x610
[ 2065.129017][T30459]  walk_component+0x353/0x5b0
[ 2065.129036][T30459]  path_lookupat+0x142/0x6d0
[ 2065.129054][T30459]  ? __lock_acquire+0xb97/0x1ce0
[ 2065.129083][T30459]  filename_lookup+0x224/0x5f0
[ 2065.129104][T30459]  ? __pfx_filename_lookup+0x10/0x10
[ 2065.129143][T30459]  ? getname_flags.part.0+0x1c5/0x550
[ 2065.129173][T30459]  user_path_at+0x3a/0x60
[ 2065.129191][T30459]  do_fchownat+0xf9/0x200
[ 2065.129215][T30459]  ? __pfx_do_fchownat+0x10/0x10
[ 2065.129234][T30459]  ? ksys_write+0x1ac/0x250
[ 2065.129251][T30459]  ? __pfx_ksys_write+0x10/0x10
[ 2065.129273][T30459]  __x64_sys_lchown+0x7e/0xc0
[ 2065.129293][T30459]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2065.129315][T30459]  do_syscall_64+0xcd/0x4e0
[ 2065.129339][T30459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2065.129356][T30459] RIP: 0033:0x7f9d4c38eec9
[ 2065.129370][T30459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2065.129386][T30459] RSP: 002b:00007f9d4d201038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[ 2065.129403][T30459] RAX: ffffffffffffffda RBX: 00007f9d4c5e5fa0 RCX: 00007f9d4c38eec9
[ 2065.129414][T30459] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[ 2065.129424][T30459] RBP: 00007f9d4d201090 R08: 0000000000000000 R09: 0000000000000000
[ 2065.129435][T30459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2065.129445][T30459] R13: 00007f9d4c5e6038 R14: 00007f9d4c5e5fa0 R15: 00007ffcd68d0ab8
[ 2065.129468][T30459]  </TASK>
[ 2065.382407][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2065.740926][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2066.716744][T30488] CUSE: info not properly terminated
[ 2066.724634][T30487] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2067.565791][T30496] netlink: 'syz.4.6329': attribute type 1 has an invalid length.
[ 2067.623945][T30496] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2067.706853][T30493] ip6tnl1: entered allmulticast mode
[ 2067.816723][T25075] usb 3-1: new full-speed USB device number 61 using dummy_hcd
[ 2068.393091][T25075] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 2068.403032][T25075] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 4
[ 2068.416731][T25075] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2068.426131][T25075] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2068.434295][T25075] usb 3-1: Product: syz
[ 2068.438877][T25075] usb 3-1: Manufacturer: syz
[ 2068.443548][T25075] usb 3-1: SerialNumber: syz
[ 2068.451832][T25075] usb 3-1: config 0 descriptor??
[ 2068.470672][T30493] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2068.495495][T30493] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[ 2068.525454][T30493] bond1: (slave ip6tnl1): Error -95 calling set_mac_address
[ 2068.561131][T30506] comedi comedi1: bad chanlist[0]=0x00000004 chan=4 range length=1
[ 2069.310987][T30495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2069.323504][   T30] audit: type=1400 audit(2069.404:1652): avc:  denied  { map } for  pid=30494 comm="syz.2.6331" path="/proc/400/net/fib_trie" dev="proc" ino=4026532845 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 2069.370786][T30495] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2069.459066][T25075] usb 3-1: USB disconnect, device number 61
[ 2069.538701][T28529] udevd[28529]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2069.684478][T30516] ubi: mtd0 is already attached to ubi31
[ 2071.775412][T30534] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6340'.
[ 2071.980505][T30539] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2072.440165][T30545] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6344'.
[ 2072.604855][T30552] Bluetooth: MGMT ver 1.23
[ 2073.753109][T30568] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2074.167462][T11054] usb 6-1: new high-speed USB device number 112 using dummy_hcd
[ 2074.357892][T11054] usb 6-1: Using ep0 maxpacket: 32
[ 2074.901565][T11054] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2074.913230][T11054] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2074.924381][T11054] usb 6-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[ 2074.934670][T11054] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2074.952575][T11054] usb 6-1: config 0 descriptor??
[ 2075.364964][T11054] betop 0003:20BC:5500.002B: unbalanced collection at end of report description
[ 2075.397383][T11054] betop 0003:20BC:5500.002B: parse failed
[ 2075.419717][T11054] betop 0003:20BC:5500.002B: probe with driver betop failed with error -22
[ 2075.568203][T30571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2075.603410][T30571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2075.775640][T30571] netlink: 'syz.5.6350': attribute type 10 has an invalid length.
[ 2075.863379][T30592] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2076.212329][T30593] netlink: 'syz.5.6350': attribute type 10 has an invalid length.
[ 2076.263377][T11054] usb 6-1: USB disconnect, device number 112
[ 2076.881817][T30598] kvm: kvm [30597]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[ 2077.189971][T30609] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6362'.
[ 2077.247173][T30600] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6360'.
[ 2077.322345][T30598] kvm: kvm [30597]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[ 2078.203834][T30616] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2078.210208][T30616] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2078.226751][T30616] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2078.241217][T30616] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2078.300987][T30622] FAULT_INJECTION: forcing a failure.
[ 2078.300987][T30622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2078.314843][T30622] CPU: 0 UID: 0 PID: 30622 Comm: syz.4.6366 Not tainted syzkaller #0 PREEMPT(full) 
[ 2078.314866][T30622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2078.314877][T30622] Call Trace:
[ 2078.314884][T30622]  <TASK>
[ 2078.314890][T30622]  dump_stack_lvl+0x16c/0x1f0
[ 2078.314920][T30622]  should_fail_ex+0x512/0x640
[ 2078.314948][T30622]  _copy_to_iter+0x29f/0x1710
[ 2078.314974][T30622]  ? __might_fault+0x13b/0x190
[ 2078.314998][T30622]  ? __pfx__copy_to_iter+0x10/0x10
[ 2078.315018][T30622]  ? _copy_to_iter+0x15d/0x1710
[ 2078.315035][T30622]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2078.315054][T30622]  simple_copy_to_iter+0x46/0x90
[ 2078.315067][T30622]  __skb_datagram_iter+0x129/0x900
[ 2078.315078][T30622]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 2078.315090][T30622]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 2078.315108][T30622]  __skb_datagram_iter+0x751/0x900
[ 2078.315119][T30622]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 2078.315130][T30622]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2078.315142][T30622]  ? __pfx_tipc_sk_anc_data_recv+0x10/0x10
[ 2078.315184][T30622]  skb_copy_datagram_iter+0x40/0x50
[ 2078.315197][T30622]  tipc_recvmsg+0x453/0xfc0
[ 2078.315218][T30622]  ? __pfx_tipc_recvmsg+0x10/0x10
[ 2078.315242][T30622]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 2078.315259][T30622]  sock_recvmsg+0x1f6/0x250
[ 2078.315277][T30622]  ____sys_recvmsg+0x218/0x6b0
[ 2078.315297][T30622]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 2078.315319][T30622]  ? __lock_acquire+0x62e/0x1ce0
[ 2078.315340][T30622]  ___sys_recvmsg+0x114/0x1a0
[ 2078.315355][T30622]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2078.315370][T30622]  ? find_held_lock+0x2b/0x80
[ 2078.315394][T30622]  do_recvmmsg+0x2fe/0x750
[ 2078.315410][T30622]  ? __pfx_do_recvmmsg+0x10/0x10
[ 2078.315423][T30622]  ? trace_sched_exit_tp+0xd1/0x120
[ 2078.315442][T30622]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 2078.315463][T30622]  ? __pfx___schedule+0x10/0x10
[ 2078.315478][T30622]  __x64_sys_recvmmsg+0x22a/0x280
[ 2078.315494][T30622]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 2078.315513][T30622]  do_syscall_64+0xcd/0x4e0
[ 2078.315529][T30622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2078.315541][T30622] RIP: 0033:0x7f9d4c38eec9
[ 2078.315550][T30622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2078.315561][T30622] RSP: 002b:00007f9d4d201038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2078.315573][T30622] RAX: ffffffffffffffda RBX: 00007f9d4c5e5fa0 RCX: 00007f9d4c38eec9
[ 2078.315581][T30622] RDX: 0000000000000001 RSI: 0000200000000b00 RDI: 0000000000000003
[ 2078.315587][T30622] RBP: 00007f9d4d201090 R08: 0000000000000000 R09: 0000000000000000
[ 2078.315594][T30622] R10: 00000000400122a2 R11: 0000000000000246 R12: 0000000000000001
[ 2078.315601][T30622] R13: 00007f9d4c5e6038 R14: 00007f9d4c5e5fa0 R15: 00007ffcd68d0ab8
[ 2078.315615][T30622]  </TASK>
[ 2079.096522][T30627] 9pnet: Could not find request transport: f
[ 2079.546087][T30645] net_ratelimit: 44 callbacks suppressed
[ 2079.546124][T30645] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 2079.752229][T27980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2080.118928][T30649] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2080.277003][T27980] Bluetooth: hci5: command 0x0405 tx timeout
[ 2080.283184][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2080.283651][T23870] Bluetooth: hci1: command 0x0406 tx timeout
[ 2080.390458][T30655] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2082.748927][T30674] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2082.878364][T30674] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2082.892661][T30674] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2082.908097][T30674] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2083.152803][T30667] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2083.173774][T30685] lo speed is unknown, defaulting to 1000
[ 2083.192312][T30685] lo speed is unknown, defaulting to 1000
[ 2083.248489][T30685] lo speed is unknown, defaulting to 1000
[ 2083.343839][T30685] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 2083.560159][T30685] lo speed is unknown, defaulting to 1000
[ 2083.655964][T30685] lo speed is unknown, defaulting to 1000
[ 2083.672758][T30685] lo speed is unknown, defaulting to 1000
[ 2083.691872][T30696] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6385'.
[ 2083.704413][T30685] lo speed is unknown, defaulting to 1000
[ 2083.715277][T30699] SELinux:  Context system_u:object_r:dhcp_etc_t:s0 is not valid (left unmapped).
[ 2083.720942][T30685] lo speed is unknown, defaulting to 1000
[ 2083.726842][   T30] audit: type=1400 audit(2083.833:1653): avc:  denied  { relabelto } for  pid=30698 comm="syz.2.6387" name="NETLINK" dev="sockfs" ino=118898 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_route_socket permissive=1 trawcon="system_u:object_r:dhcp_etc_t:s0"
[ 2083.760658][T30699] vxfs: WRONG superblock magic 00000000 at 1
[ 2083.771227][T30699] vxfs: WRONG superblock magic 00000000 at 8
[ 2083.781859][T30699] vxfs: can't find superblock.
[ 2083.864898][T30705] netlink: 'syz.2.6388': attribute type 10 has an invalid length.
[ 2083.875165][T30705] bond0: (slave wlan1): Opening slave failed
[ 2084.916733][T27980] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2084.922864][T27980] Bluetooth: hci1: command 0x0406 tx timeout
[ 2084.929197][T23870] Bluetooth: hci5: command 0x0405 tx timeout
[ 2085.404746][T30717] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2085.494189][T30717] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2085.562216][T30717] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2085.585425][T30717] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2086.321945][T30739] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2086.683932][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[ 2086.818808][T30753] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6400'.
[ 2087.565525][T30770] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2087.628542][   T51] Bluetooth: hci5: command 0x0405 tx timeout
[ 2087.646895][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2087.653105][T27980] Bluetooth: hci1: command 0x0406 tx timeout
[ 2087.887816][T30771] syz_tun: entered allmulticast mode
[ 2087.898820][T30768] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[ 2087.907402][T30768] mroute: pending queue full, dropping entries
[ 2088.013838][T30767] syz_tun: left allmulticast mode
[ 2089.354262][   T30] audit: type=1400 audit(2089.463:1654): avc:  denied  { setattr } for  pid=30793 comm="syz.2.6411" name="PPPOE" dev="sockfs" ino=119055 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 2089.786777][T20378] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 2089.914695][T30782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2089.966918][T20378] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 2090.011752][T20378] usb 4-1: config 10 has an invalid interface number: 41 but max is 0
[ 2090.058739][T20378] usb 4-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config
[ 2090.124368][T20378] usb 4-1: config 10 has no interface number 0
[ 2090.192015][T20378] usb 4-1: config 10 interface 41 has no altsetting 0
[ 2090.207965][T20378] usb 4-1: language id specifier not provided by device, defaulting to English
[ 2090.261218][T20378] usb 4-1: New USB device found, idVendor=0499, idProduct=101b, bcdDevice=56.29
[ 2090.278040][T20378] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2090.300315][T20378] usb 4-1: Product: ဉ
[ 2090.314675][T20378] usb 4-1: SerialNumber: syz
[ 2090.604120][T30786] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2090.623192][T30786] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2090.661217][T30786] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2090.708355][T30786] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2090.904450][T30809] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6413'.
[ 2091.534244][T30819] syz_tun: entered allmulticast mode
[ 2091.544085][T30819] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[ 2091.552675][T30819] mroute: pending queue full, dropping entries
[ 2092.366307][T30815] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2092.450529][T30815] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2092.472093][T30821] netlink: 830 bytes leftover after parsing attributes in process `syz.2.6416'.
[ 2092.487821][T30815] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2092.502989][T30815] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2092.515058][T30818] syz_tun: left allmulticast mode
[ 2092.548372][   T30] audit: type=1400 audit(2092.653:1655): avc:  denied  { mount } for  pid=30822 comm="syz.5.6418" name="/" dev="bdev" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bdev_t tclass=filesystem permissive=1
[ 2092.587513][   T30] audit: type=1400 audit(2092.693:1656): avc:  denied  { read } for  pid=30822 comm="syz.5.6418" path="socket:[119147]" dev="sockfs" ino=119147 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 2092.724898][T30831] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6421'.
[ 2092.740605][T30831] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6421'.
[ 2093.624707][T27980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2093.707682][T20378] usb 4-1: Found UVC 0.00 device ဉ (0499:101b)
[ 2093.759347][T20378] usb 4-1: No valid video chain found.
[ 2093.795571][T20378] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2093.918746][T20378] snd-usb-audio 4-1:10.41: probe with driver snd-usb-audio failed with error -2
[ 2094.219864][T20378] usb 4-1: USB disconnect, device number 62
[ 2094.255277][T28525] udevd[28525]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:10.41/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2094.318481][T30855] kvm: pic: non byte read
[ 2094.336894][T30855] kvm: pic: non byte read
[ 2094.356117][T30855] kvm: pic: non byte read
[ 2094.941370][T27980] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2094.947488][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 2094.953541][T23870] Bluetooth: hci5: command 0x0405 tx timeout
[ 2095.234606][T30871] syz_tun: entered allmulticast mode
[ 2095.256446][T30871] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[ 2095.265063][T30871] mroute: pending queue full, dropping entries
[ 2095.576260][T30870] syz_tun: left allmulticast mode
[ 2096.141141][T30877] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2096.173467][T30877] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2096.201781][T30877] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2096.249490][T30877] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2096.767580][T30896] FAULT_INJECTION: forcing a failure.
[ 2096.767580][T30896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2096.780784][T30896] CPU: 0 UID: 0 PID: 30896 Comm: syz.6.6435 Not tainted syzkaller #0 PREEMPT(full) 
[ 2096.780810][T30896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2096.780821][T30896] Call Trace:
[ 2096.780829][T30896]  <TASK>
[ 2096.780835][T30896]  dump_stack_lvl+0x16c/0x1f0
[ 2096.780858][T30896]  should_fail_ex+0x512/0x640
[ 2096.780878][T30896]  _copy_to_user+0x32/0xd0
[ 2096.780898][T30896]  simple_read_from_buffer+0xcb/0x170
[ 2096.780913][T30896]  proc_fail_nth_read+0x197/0x240
[ 2096.780929][T30896]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2096.780943][T30896]  ? rw_verify_area+0xcf/0x6c0
[ 2096.780963][T30896]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2096.780976][T30896]  vfs_read+0x1e1/0xcf0
[ 2096.780989][T30896]  ? __pfx___mutex_lock+0x10/0x10
[ 2096.781006][T30896]  ? __pfx_vfs_read+0x10/0x10
[ 2096.781021][T30896]  ? __fget_files+0x20e/0x3c0
[ 2096.781038][T30896]  ksys_read+0x12a/0x250
[ 2096.781050][T30896]  ? __pfx_ksys_read+0x10/0x10
[ 2096.781066][T30896]  do_syscall_64+0xcd/0x4e0
[ 2096.781082][T30896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2096.781095][T30896] RIP: 0033:0x7f741938d8dc
[ 2096.781106][T30896] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2096.781117][T30896] RSP: 002b:00007f741a28d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2096.781130][T30896] RAX: ffffffffffffffda RBX: 00007f74195e6090 RCX: 00007f741938d8dc
[ 2096.781137][T30896] RDX: 000000000000000f RSI: 00007f741a28d0a0 RDI: 0000000000000007
[ 2096.781144][T30896] RBP: 00007f741a28d090 R08: 0000000000000000 R09: 0000000000000000
[ 2096.781151][T30896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2096.781158][T30896] R13: 00007f74195e6128 R14: 00007f74195e6090 R15: 00007ffdf95a3f18
[ 2096.781172][T30896]  </TASK>
[ 2097.009312][T26318] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 2097.388642][T26318] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 2097.396861][T27980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2097.397841][T26318] usb 4-1: config 10 has an invalid interface number: 41 but max is 0
[ 2097.524215][T26318] usb 4-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config
[ 2097.595099][T26318] usb 4-1: config 10 has no interface number 0
[ 2097.650780][T26318] usb 4-1: config 10 interface 41 has no altsetting 0
[ 2097.699169][T30907] bridge0: port 3(syz_tun) entered blocking state
[ 2097.726944][T26318] usb 4-1: language id specifier not provided by device, defaulting to English
[ 2097.748456][T30907] bridge0: port 3(syz_tun) entered disabled state
[ 2097.798175][T26318] usb 4-1: New USB device found, idVendor=0499, idProduct=101b, bcdDevice=56.29
[ 2097.811391][T30907] syz_tun: entered allmulticast mode
[ 2097.827892][T26318] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2097.830223][T30907] syz_tun: entered promiscuous mode
[ 2097.926686][T26318] usb 4-1: Product: ဉ
[ 2097.930867][T26318] usb 4-1: Manufacturer: syz
[ 2097.932754][T30907] bridge0: port 3(syz_tun) entered blocking state
[ 2097.941965][T30907] bridge0: port 3(syz_tun) entered forwarding state
[ 2097.966659][T26318] usb 4-1: SerialNumber: syz
[ 2098.200918][T27980] Bluetooth: hci5: command 0x0405 tx timeout
[ 2098.276876][T27980] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2098.282988][T23870] Bluetooth: hci1: command 0x0406 tx timeout
[ 2098.396837][   T30] audit: type=1400 audit(2098.453:1657): avc:  denied  { create } for  pid=30902 comm="syz.5.6438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[ 2098.449950][T30918] netlink: 'syz.2.6440': attribute type 10 has an invalid length.
[ 2098.468706][T30918] bond0: (slave wlan1): Opening slave failed
[ 2098.526941][   T30] audit: type=1400 audit(2098.623:1658): avc:  denied  { sys_admin } for  pid=30902 comm="syz.5.6438" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 2098.596408][T26318] usb 4-1: Found UVC 0.00 device ဉ (0499:101b)
[ 2098.612847][T26318] usb 4-1: No valid video chain found.
[ 2098.633756][T26318] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2098.817909][T26318] snd-usb-audio 4-1:10.41: probe with driver snd-usb-audio failed with error -2
[ 2098.900460][T26318] usb 4-1: USB disconnect, device number 63
[ 2098.979626][T28525] udevd[28525]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:10.41/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2099.016861][T30923] netlink: 140 bytes leftover after parsing attributes in process `syz.2.6442'.
[ 2099.197207][T30928] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6442'.
[ 2099.667472][T30937] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6445'.
[ 2099.879211][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 2100.131166][T30944] 9pnet_fd: Insufficient options for proto=fd
[ 2100.149839][T30944] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[ 2100.554618][   T30] audit: type=1400 audit(2100.663:1659): avc:  denied  { read } for  pid=30946 comm="syz.2.6448" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 2100.577976][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2100.608886][   T30] audit: type=1400 audit(2100.713:1660): avc:  denied  { open } for  pid=30946 comm="syz.2.6448" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 2100.632619][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2100.660542][   T30] audit: type=1400 audit(2100.773:1661): avc:  denied  { ioctl } for  pid=30946 comm="syz.2.6448" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 ioctlcmd=0x9427 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 2101.629726][T30972] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6454'.
[ 2101.668573][T28572] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[ 2101.840879][T28572] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 2101.850380][T28572] usb 3-1: config 10 has an invalid interface number: 41 but max is 0
[ 2101.869271][   T30] audit: type=1400 audit(2101.933:1662): avc:  denied  { map } for  pid=30974 comm="syz.6.6455" path="socket:[119427]" dev="sockfs" ino=119427 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2101.912666][T28572] usb 3-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config
[ 2102.014769][T28572] usb 3-1: config 10 has no interface number 0
[ 2102.034961][   T30] audit: type=1400 audit(2101.933:1663): avc:  denied  { accept } for  pid=30974 comm="syz.6.6455" path="socket:[119427]" dev="sockfs" ino=119427 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2102.067538][T20367] usb 6-1: new full-speed USB device number 113 using dummy_hcd
[ 2102.113370][T28572] usb 3-1: config 10 interface 41 has no altsetting 0
[ 2102.178885][T28572] usb 3-1: language id specifier not provided by device, defaulting to English
[ 2102.201390][T28572] usb 3-1: New USB device found, idVendor=0499, idProduct=101b, bcdDevice=56.29
[ 2102.223738][T30980] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6457'.
[ 2102.246633][T28572] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2102.295195][T28572] usb 3-1: Product: ဉ
[ 2102.317977][T20367] usb 6-1: config 1 interface 0 has no altsetting 0
[ 2102.329014][T28572] usb 3-1: SerialNumber: syz
[ 2102.337244][T20367] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 2102.384629][T20367] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2102.425671][T20367] usb 6-1: Product: syz
[ 2102.475648][T20367] usb 6-1: Manufacturer: syz
[ 2102.506205][T20367] usb 6-1: SerialNumber: syz
[ 2102.706228][T30961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2102.746852][T30977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2102.911175][T30977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2103.063941][T30961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2103.114341][T30984] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2103.151293][T30961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2103.181797][T30961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2103.288103][T20367] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 113 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[ 2103.612678][   T30] audit: type=1400 audit(2103.723:1664): avc:  denied  { read write } for  pid=30976 comm="syz.5.6456" name="lp0" dev="devtmpfs" ino=5288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 2103.690031][T30991] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2103.702324][T30991] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2103.747944][   T30] audit: type=1400 audit(2103.723:1665): avc:  denied  { open } for  pid=30976 comm="syz.5.6456" path="/dev/usb/lp0" dev="devtmpfs" ino=5288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 2104.404192][T28572] usb 3-1: Found UVC 0.00 device ဉ (0499:101b)
[ 2104.424400][T28572] usb 3-1: No valid video chain found.
[ 2104.444587][T28572] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 2104.643762][T28572] snd-usb-audio 3-1:10.41: probe with driver snd-usb-audio failed with error -2
[ 2104.724858][T28572] usb 3-1: USB disconnect, device number 62
[ 2104.772444][T28525] udevd[28525]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:10.41/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2104.865176][T25075] usb 6-1: USB disconnect, device number 113
[ 2104.888728][T25075] usblp0: removed
[ 2106.443023][T31031] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2107.149637][T31040] FAULT_INJECTION: forcing a failure.
[ 2107.149637][T31040] name failslab, interval 1, probability 0, space 0, times 0
[ 2107.186723][T31040] CPU: 1 UID: 0 PID: 31040 Comm: syz.4.6472 Not tainted syzkaller #0 PREEMPT(full) 
[ 2107.186750][T31040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2107.186760][T31040] Call Trace:
[ 2107.186767][T31040]  <TASK>
[ 2107.186774][T31040]  dump_stack_lvl+0x16c/0x1f0
[ 2107.186803][T31040]  should_fail_ex+0x512/0x640
[ 2107.186831][T31040]  should_failslab+0xc2/0x120
[ 2107.186854][T31040]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2107.186872][T31040]  ? skb_clone+0x190/0x3f0
[ 2107.186896][T31040]  skb_clone+0x190/0x3f0
[ 2107.186915][T31040]  netlink_deliver_tap+0xabd/0xd30
[ 2107.186942][T31040]  netlink_unicast+0x64c/0x870
[ 2107.186967][T31040]  ? __pfx_netlink_unicast+0x10/0x10
[ 2107.186989][T31040]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2107.187017][T31040]  netlink_sendmsg+0x8d1/0xdd0
[ 2107.187042][T31040]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2107.187072][T31040]  ____sys_sendmsg+0xa98/0xc70
[ 2107.187100][T31040]  ? copy_msghdr_from_user+0x10a/0x160
[ 2107.187122][T31040]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2107.187151][T31040]  ? __pfx__kstrtoull+0x10/0x10
[ 2107.187175][T31040]  ___sys_sendmsg+0x134/0x1d0
[ 2107.187197][T31040]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2107.187231][T31040]  ? find_held_lock+0x2b/0x80
[ 2107.187273][T31040]  __sys_sendmmsg+0x200/0x420
[ 2107.187298][T31040]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2107.187328][T31040]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2107.187363][T31040]  ? fput+0x9b/0xd0
[ 2107.187389][T31040]  ? ksys_write+0x1ac/0x250
[ 2107.187413][T31040]  ? __pfx_ksys_write+0x10/0x10
[ 2107.187436][T31040]  __x64_sys_sendmmsg+0x9c/0x100
[ 2107.187458][T31040]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2107.187479][T31040]  do_syscall_64+0xcd/0x4e0
[ 2107.187503][T31040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2107.187522][T31040] RIP: 0033:0x7f9d4c38eec9
[ 2107.187538][T31040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2107.187555][T31040] RSP: 002b:00007f9d4d1e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2107.187572][T31040] RAX: ffffffffffffffda RBX: 00007f9d4c5e6090 RCX: 00007f9d4c38eec9
[ 2107.187585][T31040] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[ 2107.187596][T31040] RBP: 00007f9d4d1e0090 R08: 0000000000000000 R09: 0000000000000000
[ 2107.187607][T31040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2107.187617][T31040] R13: 00007f9d4c5e6128 R14: 00007f9d4c5e6090 R15: 00007ffcd68d0ab8
[ 2107.187640][T31040]  </TASK>
[ 2107.440754][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2107.456994][T31040] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6472'.
[ 2109.057132][T31046] loop7: detected capacity change from 0 to 16384
[ 2109.200942][T31051] overlayfs: failed to clone upperpath
[ 2109.259510][T31048] loop7: detected capacity change from 16384 to 0
[ 2109.259830][    C1] I/O error, dev loop7, sector 15472 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 2109.276186][    C1] I/O error, dev loop7, sector 6400 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[ 2109.648088][T25075] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[ 2109.897138][   T30] audit: type=1400 audit(2109.883:1666): avc:  denied  { map } for  pid=31059 comm="syz.6.6477" path="socket:[119623]" dev="sockfs" ino=119623 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 2109.924865][T25075] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 2109.962805][T25075] usb 3-1: config 10 has an invalid interface number: 41 but max is 0
[ 2109.990726][T25075] usb 3-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config
[ 2110.063149][T25075] usb 3-1: config 10 has no interface number 0
[ 2110.085300][T25075] usb 3-1: config 10 interface 41 has no altsetting 0
[ 2110.117731][   T30] audit: type=1400 audit(2109.883:1667): avc:  denied  { accept } for  pid=31059 comm="syz.6.6477" path="socket:[119623]" dev="sockfs" ino=119623 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 2110.155084][T25075] usb 3-1: language id specifier not provided by device, defaulting to English
[ 2110.657093][T25075] usb 3-1: New USB device found, idVendor=0499, idProduct=101b, bcdDevice=56.29
[ 2110.666181][T25075] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2110.757914][T25075] usb 3-1: Product: ဉ
[ 2110.766620][T25075] usb 3-1: SerialNumber: syz
[ 2110.933832][T31078] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6482'.
[ 2111.144797][T31050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2111.162408][T31050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2111.230624][T31050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2111.231011][T31050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2112.408317][T25075] usb 3-1: Found UVC 0.00 device ဉ (0499:101b)
[ 2112.421448][T25075] usb 3-1: No valid video chain found.
[ 2112.434924][T25075] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 2112.509291][T25075] snd-usb-audio 3-1:10.41: probe with driver snd-usb-audio failed with error -2
[ 2112.538455][T25075] usb 3-1: USB disconnect, device number 63
[ 2112.594686][T28525] udevd[28525]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:10.41/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2112.890273][T31092] netlink: 'syz.6.6486': attribute type 4 has an invalid length.
[ 2112.940691][T31093] netlink: 'syz.6.6486': attribute type 4 has an invalid length.
[ 2113.454750][   T30] audit: type=1400 audit(2113.563:1668): avc:  denied  { read } for  pid=31099 comm="syz.4.6488" path="socket:[118484]" dev="sockfs" ino=118484 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 2113.980998][T31119] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6491'.
[ 2114.386638][T31123] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6492'.
[ 2115.521145][T31109] lo speed is unknown, defaulting to 1000
[ 2115.623541][T31138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6496'.
[ 2116.662118][T25075] usb 6-1: new high-speed USB device number 114 using dummy_hcd
[ 2116.948440][T25075] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 2116.957447][T25075] usb 6-1: config 10 has an invalid interface number: 41 but max is 0
[ 2116.966863][T25075] usb 6-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config
[ 2117.000763][T31148] syz_tun: refused to change device tx_queue_len
[ 2117.036908][T25075] usb 6-1: config 10 has no interface number 0
[ 2117.049164][T31132] lo speed is unknown, defaulting to 1000
[ 2117.100788][T25075] usb 6-1: config 10 interface 41 has no altsetting 0
[ 2117.176739][T25075] usb 6-1: language id specifier not provided by device, defaulting to English
[ 2117.298002][T25075] usb 6-1: New USB device found, idVendor=0499, idProduct=101b, bcdDevice=56.29
[ 2117.321507][T25075] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2117.326597][T27980] Bluetooth: hci3: ACL packet for unknown connection handle 200
[ 2117.366850][T25075] usb 6-1: Product: ဉ
[ 2117.444179][T25075] usb 6-1: SerialNumber: syz
[ 2117.780488][T31136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2117.789971][T31136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2117.801758][T31136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2117.837532][T31136] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2118.088923][T31165] binder: 31161:31165 ioctl 4018620d 0 returned -22
[ 2118.790704][T31170] FAULT_INJECTION: forcing a failure.
[ 2118.790704][T31170] name failslab, interval 1, probability 0, space 0, times 0
[ 2118.823838][T31170] CPU: 1 UID: 0 PID: 31170 Comm: syz.6.6504 Not tainted syzkaller #0 PREEMPT(full) 
[ 2118.823867][T31170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2118.823882][T31170] Call Trace:
[ 2118.823888][T31170]  <TASK>
[ 2118.823895][T31170]  dump_stack_lvl+0x16c/0x1f0
[ 2118.823939][T31170]  should_fail_ex+0x512/0x640
[ 2118.823965][T31170]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 2118.823991][T31170]  should_failslab+0xc2/0x120
[ 2118.824012][T31170]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 2118.824032][T31170]  ? copy_process+0x4b6/0x7690
[ 2118.824060][T31170]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2118.824084][T31170]  copy_process+0x4b6/0x7690
[ 2118.824117][T31170]  ? __pfx_copy_process+0x10/0x10
[ 2118.824144][T31170]  ? lockdep_init_map_type+0x5c/0x280
[ 2118.824164][T31170]  ? lockdep_init_map_type+0x5c/0x280
[ 2118.824181][T31170]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[ 2118.824208][T31170]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[ 2118.824237][T31170]  vhost_task_create+0x1d2/0x2e0
[ 2118.824258][T31170]  ? __pfx_vhost_task_create+0x10/0x10
[ 2118.824284][T31170]  ? __pfx_vhost_task_fn+0x10/0x10
[ 2118.824320][T31170]  kvm_mmu_post_init_vm+0x1b7/0x380
[ 2118.824344][T31170]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[ 2118.824371][T31170]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[ 2118.824460][T31170]  kvm_vcpu_ioctl+0x5eb/0x1690
[ 2118.824484][T31170]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2118.824507][T31170]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2118.824533][T31170]  ? do_vfs_ioctl+0x128/0x14f0
[ 2118.824560][T31170]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2118.824588][T31170]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 2118.824624][T31170]  ? hook_file_ioctl_common+0x145/0x410
[ 2118.824651][T31170]  ? selinux_file_ioctl+0x180/0x270
[ 2118.824674][T31170]  ? selinux_file_ioctl+0xb4/0x270
[ 2118.824699][T31170]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2118.824723][T31170]  __x64_sys_ioctl+0x18e/0x210
[ 2118.824752][T31170]  do_syscall_64+0xcd/0x4e0
[ 2118.824775][T31170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2118.824792][T31170] RIP: 0033:0x7f741938eec9
[ 2118.824807][T31170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2118.824824][T31170] RSP: 002b:00007f741a2ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2118.824840][T31170] RAX: ffffffffffffffda RBX: 00007f74195e5fa0 RCX: 00007f741938eec9
[ 2118.824851][T31170] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2118.824861][T31170] RBP: 00007f741a2ae090 R08: 0000000000000000 R09: 0000000000000000
[ 2118.824871][T31170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2118.824880][T31170] R13: 00007f74195e6038 R14: 00007f74195e5fa0 R15: 00007ffdf95a3f18
[ 2118.824901][T31170]  </TASK>
[ 2119.095915][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2119.335647][T31175] binder: 31172:31175 ioctl 4018620d 0 returned -22
[ 2119.347107][T31175] FAULT_INJECTION: forcing a failure.
[ 2119.347107][T31175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2119.360242][T31175] CPU: 0 UID: 0 PID: 31175 Comm: syz.2.6505 Not tainted syzkaller #0 PREEMPT(full) 
[ 2119.360266][T31175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2119.360278][T31175] Call Trace:
[ 2119.360289][T31175]  <TASK>
[ 2119.360297][T31175]  dump_stack_lvl+0x16c/0x1f0
[ 2119.360327][T31175]  should_fail_ex+0x512/0x640
[ 2119.360355][T31175]  _copy_from_user+0x2e/0xd0
[ 2119.360383][T31175]  map_update_elem+0x578/0x930
[ 2119.360411][T31175]  ? __pfx_map_update_elem+0x10/0x10
[ 2119.360432][T31175]  ? selinux_bpf+0xee/0x130
[ 2119.360456][T31175]  __sys_bpf+0x161a/0x4de0
[ 2119.360483][T31175]  ? __pfx___sys_bpf+0x10/0x10
[ 2119.360506][T31175]  ? ksys_write+0x190/0x250
[ 2119.360529][T31175]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 2119.360569][T31175]  ? fput+0x9b/0xd0
[ 2119.360592][T31175]  ? ksys_write+0x1ac/0x250
[ 2119.360610][T31175]  ? __pfx_ksys_write+0x10/0x10
[ 2119.360633][T31175]  __x64_sys_bpf+0x78/0xc0
[ 2119.360656][T31175]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2119.360678][T31175]  do_syscall_64+0xcd/0x4e0
[ 2119.360703][T31175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2119.360721][T31175] RIP: 0033:0x7fafcd18eec9
[ 2119.360736][T31175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2119.360753][T31175] RSP: 002b:00007fafcdf40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2119.360770][T31175] RAX: ffffffffffffffda RBX: 00007fafcd3e6180 RCX: 00007fafcd18eec9
[ 2119.360783][T31175] RDX: 0000000000000020 RSI: 0000200000000040 RDI: 0000000000000002
[ 2119.360793][T31175] RBP: 00007fafcdf40090 R08: 0000000000000000 R09: 0000000000000000
[ 2119.360804][T31175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2119.360815][T31175] R13: 00007fafcd3e6218 R14: 00007fafcd3e6180 R15: 00007fffd6053a98
[ 2119.360839][T31175]  </TASK>
[ 2120.107660][T25075] usb 6-1: Found UVC 0.00 device ဉ (0499:101b)
[ 2120.122823][T25075] usb 6-1: No valid video chain found.
[ 2120.167488][T25075] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 2120.375084][T31187] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6508'.
[ 2120.729763][T31189] bridge0: port 1(team0) entered blocking state
[ 2120.736145][T31189] bridge0: port 1(team0) entered disabled state
[ 2120.742580][T31189] team0: entered allmulticast mode
[ 2120.747778][T31189] team_slave_0: entered allmulticast mode
[ 2120.753484][T31189] team_slave_1: entered allmulticast mode
[ 2120.760603][T31189] team0: entered promiscuous mode
[ 2120.765664][T31189] team_slave_0: entered promiscuous mode
[ 2120.771481][T31189] team_slave_1: entered promiscuous mode
[ 2120.834912][T31193] netlink: 'syz.3.6510': attribute type 10 has an invalid length.
[ 2120.868696][T25075] snd-usb-audio 6-1:10.41: probe with driver snd-usb-audio failed with error -2
[ 2120.913851][T31193] bond0: (slave wlan1): Opening slave failed
[ 2120.956310][T25075] usb 6-1: USB disconnect, device number 114
[ 2121.132167][T28525] udevd[28525]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:10.41/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2122.160987][T31219] misc userio: Invalid payload size
[ 2123.072888][T31221] orangefs_mount: mount request failed with -4
[ 2123.082647][T23870] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2123.148588][   T30] audit: type=1400 audit(2122.543:1669): avc:  denied  { mount } for  pid=31218 comm="syz.3.6516" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 2123.198402][   T30] audit: type=1400 audit(2122.553:1670): avc:  denied  { mounton } for  pid=31218 comm="syz.3.6516" path="/133/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[ 2123.552690][   T30] audit: type=1400 audit(2123.663:1671): avc:  denied  { unmount } for  pid=28251 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 2123.633328][T31240] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2125.136825][T20365] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[ 2125.286681][T11054] usb 6-1: new high-speed USB device number 115 using dummy_hcd
[ 2125.298871][T20365] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 2125.347353][T20365] usb 5-1: config 10 has an invalid interface number: 41 but max is 0
[ 2125.365622][T20365] usb 5-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config
[ 2125.416409][T20365] usb 5-1: config 10 has no interface number 0
[ 2125.425423][T20365] usb 5-1: config 10 interface 41 has no altsetting 0
[ 2125.447405][T20365] usb 5-1: language id specifier not provided by device, defaulting to English
[ 2125.462414][T20365] usb 5-1: New USB device found, idVendor=0499, idProduct=101b, bcdDevice=56.29
[ 2125.473606][T20365] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2125.506640][T20365] usb 5-1: Product: ဉ
[ 2125.526711][T20365] usb 5-1: SerialNumber: syz
[ 2125.530909][T11054] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2125.552625][T11054] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2125.593777][T11054] usb 6-1: config 0 descriptor??
[ 2125.986902][T31254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2126.032021][T31254] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2126.048358][T31241] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2126.207731][T31241] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2126.688854][T31265] netlink: 'syz.2.6525': attribute type 10 has an invalid length.
[ 2126.733956][T31265] bond0: (slave wlan1): Opening slave failed
[ 2127.684727][T31277] netlink: 'syz.6.6528': attribute type 4 has an invalid length.
[ 2127.692688][T31277] netlink: 17 bytes leftover after parsing attributes in process `syz.6.6528'.
[ 2128.141150][T20365] usb 5-1: Found UVC 0.00 device ဉ (0499:101b)
[ 2128.220222][T20365] usb 5-1: No valid video chain found.
[ 2128.331387][T20365] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2128.405509][T20365] snd-usb-audio 5-1:10.41: probe with driver snd-usb-audio failed with error -2
[ 2128.505705][T20365] usb 5-1: USB disconnect, device number 39
[ 2128.566977][T28525] udevd[28525]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:10.41/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2128.772228][T20367] usb 6-1: USB disconnect, device number 115
[ 2129.273482][T31309] netlink: 'syz.2.6536': attribute type 10 has an invalid length.
[ 2132.021763][T31309] bond0: (slave wlan1): Opening slave failed
[ 2132.626101][T31341] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2135.102132][T31375] netlink: 'syz.2.6551': attribute type 8 has an invalid length.
[ 2136.006115][T31399] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6557'.
[ 2136.365739][T31409] netlink: 'syz.5.6561': attribute type 10 has an invalid length.
[ 2136.545505][T31411] bridge0: port 3(team0) entered blocking state
[ 2136.552030][T31411] bridge0: port 3(team0) entered disabled state
[ 2136.558527][T31411] team0: entered allmulticast mode
[ 2136.563654][T31411] team_slave_0: entered allmulticast mode
[ 2136.569460][T31411] team_slave_1: entered allmulticast mode
[ 2136.576263][T31411] team0: entered promiscuous mode
[ 2136.581330][T31411] team_slave_0: entered promiscuous mode
[ 2136.587175][T31411] team_slave_1: entered promiscuous mode
[ 2136.593206][T31411] bridge0: port 3(team0) entered blocking state
[ 2136.599547][T31411] bridge0: port 3(team0) entered forwarding state
[ 2136.806861][T31419] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 2137.074630][T31421] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2137.275827][T31426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6566'.
[ 2138.786734][T11054] usb 6-1: new high-speed USB device number 116 using dummy_hcd
[ 2139.010928][T31449] netlink: 'syz.6.6573': attribute type 10 has an invalid length.
[ 2139.021015][T31449] bond0: (slave wlan1): Opening slave failed
[ 2139.038327][T11054] usb 6-1: Using ep0 maxpacket: 8
[ 2139.144957][T11054] usb 6-1: config 162 has an invalid interface number: 236 but max is 0
[ 2139.155122][T11054] usb 6-1: config 162 has no interface number 0
[ 2139.164666][T11054] usb 6-1: config 162 interface 236 has no altsetting 0
[ 2139.396455][   T30] audit: type=1400 audit(2139.500:1672): avc:  denied  { kexec_image_load } for  pid=31455 comm="syz.6.6576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[ 2139.846156][T11054] usb 6-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=e9.c0
[ 2139.874497][T11054] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2139.889039][T11054] usb 6-1: Product: syz
[ 2139.894335][T11054] usb 6-1: Manufacturer: syz
[ 2139.900234][T11054] usb 6-1: SerialNumber: syz
[ 2140.511918][   T30] audit: type=1400 audit(2140.617:1673): avc:  denied  { unmount } for  pid=29351 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[ 2141.016897][T25075] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[ 2141.279532][T25075] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2141.349160][T25075] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2141.408033][T31481] FAULT_INJECTION: forcing a failure.
[ 2141.408033][T31481] name failslab, interval 1, probability 0, space 0, times 0
[ 2141.424780][   T30] audit: type=1400 audit(2141.497:1674): avc:  denied  { ioctl } for  pid=31480 comm="syz.4.6582" path="socket:[120560]" dev="sockfs" ino=120560 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 2141.537001][T25075] usb 3-1: config 0 descriptor??
[ 2141.542575][T31481] CPU: 1 UID: 0 PID: 31481 Comm: syz.4.6582 Not tainted syzkaller #0 PREEMPT(full) 
[ 2141.542604][T31481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2141.542616][T31481] Call Trace:
[ 2141.542623][T31481]  <TASK>
[ 2141.542632][T31481]  dump_stack_lvl+0x16c/0x1f0
[ 2141.542665][T31481]  should_fail_ex+0x512/0x640
[ 2141.542695][T31481]  should_failslab+0xc2/0x120
[ 2141.542719][T31481]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2141.542741][T31481]  ? skb_clone+0x190/0x3f0
[ 2141.542771][T31481]  skb_clone+0x190/0x3f0
[ 2141.542795][T31481]  netlink_deliver_tap+0xabd/0xd30
[ 2141.542827][T31481]  netlink_unicast+0x64c/0x870
[ 2141.542856][T31481]  ? __pfx_netlink_unicast+0x10/0x10
[ 2141.542890][T31481]  netlink_sendmsg+0x8d1/0xdd0
[ 2141.542926][T31481]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2141.542959][T31481]  ____sys_sendmsg+0xa98/0xc70
[ 2141.542988][T31481]  ? copy_msghdr_from_user+0x10a/0x160
[ 2141.543011][T31481]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2141.543041][T31481]  ? find_held_lock+0x2b/0x80
[ 2141.543067][T31481]  ? finish_task_switch.isra.0+0x21c/0xc10
[ 2141.543096][T31481]  ___sys_sendmsg+0x134/0x1d0
[ 2141.543120][T31481]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2141.543172][T31481]  __sys_sendmsg+0x16d/0x220
[ 2141.543196][T31481]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2141.543217][T31481]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2141.543252][T31481]  ? __x64_sys_sendmsg+0x6a/0xb0
[ 2141.543277][T31481]  do_syscall_64+0xcd/0x4e0
[ 2141.543303][T31481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2141.543323][T31481] RIP: 0033:0x7f9d4c38eec9
[ 2141.543339][T31481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2141.543356][T31481] RSP: 002b:00007f9d4d201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2141.543375][T31481] RAX: ffffffffffffffda RBX: 00007f9d4c5e5fa0 RCX: 00007f9d4c38eec9
[ 2141.543388][T31481] RDX: 0000000020000810 RSI: 0000200000000280 RDI: 0000000000000003
[ 2141.543399][T31481] RBP: 00007f9d4d201090 R08: 0000000000000000 R09: 0000000000000000
[ 2141.543410][T31481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2141.543421][T31481] R13: 00007f9d4c5e6038 R14: 00007f9d4c5e5fa0 R15: 00007ffcd68d0ab8
[ 2141.543446][T31481]  </TASK>
[ 2142.038862][T31482] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2144.142359][T31504] FAULT_INJECTION: forcing a failure.
[ 2144.142359][T31504] name failslab, interval 1, probability 0, space 0, times 0
[ 2144.162204][T31504] CPU: 0 UID: 0 PID: 31504 Comm: syz.3.6589 Not tainted syzkaller #0 PREEMPT(full) 
[ 2144.162231][T31504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2144.162242][T31504] Call Trace:
[ 2144.162248][T31504]  <TASK>
[ 2144.162256][T31504]  dump_stack_lvl+0x16c/0x1f0
[ 2144.162284][T31504]  should_fail_ex+0x512/0x640
[ 2144.162313][T31504]  should_failslab+0xc2/0x120
[ 2144.162337][T31504]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2144.162359][T31504]  ? skb_clone+0x190/0x3f0
[ 2144.162385][T31504]  skb_clone+0x190/0x3f0
[ 2144.162408][T31504]  netlink_deliver_tap+0xabd/0xd30
[ 2144.162439][T31504]  netlink_unicast+0x64c/0x870
[ 2144.162466][T31504]  ? __pfx_netlink_unicast+0x10/0x10
[ 2144.162490][T31504]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2144.162518][T31504]  netlink_sendmsg+0x8d1/0xdd0
[ 2144.162545][T31504]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2144.162579][T31504]  ____sys_sendmsg+0xa98/0xc70
[ 2144.162608][T31504]  ? copy_msghdr_from_user+0x10a/0x160
[ 2144.162631][T31504]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2144.162668][T31504]  ___sys_sendmsg+0x134/0x1d0
[ 2144.162692][T31504]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2144.162746][T31504]  __sys_sendmsg+0x16d/0x220
[ 2144.162768][T31504]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2144.162806][T31504]  do_syscall_64+0xcd/0x4e0
[ 2144.162831][T31504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2144.162850][T31504] RIP: 0033:0x7f2a3218eec9
[ 2144.162865][T31504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2144.162882][T31504] RSP: 002b:00007f2a33078038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2144.162901][T31504] RAX: ffffffffffffffda RBX: 00007f2a323e5fa0 RCX: 00007f2a3218eec9
[ 2144.162918][T31504] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 2144.162928][T31504] RBP: 00007f2a33078090 R08: 0000000000000000 R09: 0000000000000000
[ 2144.162939][T31504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2144.162949][T31504] R13: 00007f2a323e6038 R14: 00007f2a323e5fa0 R15: 00007ffe827169c8
[ 2144.162975][T31504]  </TASK>
[ 2144.468383][T20367] usb 3-1: USB disconnect, device number 64
[ 2144.639706][T11054] cypress_cy7c63 6-1:162.236: Cypress CY7C63xxx device now attached
[ 2144.702547][T11054] usb 6-1: USB disconnect, device number 116
[ 2144.712661][T11054] cypress_cy7c63 6-1:162.236: Cypress CY7C63xxx device now disconnected
[ 2144.782216][T31516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6593'.
[ 2144.866638][T25075] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[ 2145.137272][T25075] usb 5-1: Using ep0 maxpacket: 16
[ 2145.361000][T25075] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2145.850294][T25075] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2145.868891][T25075] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2145.883128][T25075] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2145.903585][T25075] usb 5-1: config 0 descriptor??
[ 2145.998605][T31533] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2147.027292][T31542] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2147.033365][T31542] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2147.056931][T31542] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2147.151059][T31542] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2147.258470][T25075] usbhid 5-1:0.0: can't add hid device: -71
[ 2147.264587][T25075] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 2147.289285][T25075] usb 5-1: USB disconnect, device number 40
[ 2147.491638][T31548] FAULT_INJECTION: forcing a failure.
[ 2147.491638][T31548] name failslab, interval 1, probability 0, space 0, times 0
[ 2147.576589][T31548] CPU: 1 UID: 0 PID: 31548 Comm: syz.2.6600 Not tainted syzkaller #0 PREEMPT(full) 
[ 2147.576613][T31548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2147.576623][T31548] Call Trace:
[ 2147.576629][T31548]  <TASK>
[ 2147.576636][T31548]  dump_stack_lvl+0x16c/0x1f0
[ 2147.576663][T31548]  should_fail_ex+0x512/0x640
[ 2147.576688][T31548]  should_failslab+0xc2/0x120
[ 2147.576708][T31548]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2147.576725][T31548]  ? skb_clone+0x190/0x3f0
[ 2147.576747][T31548]  skb_clone+0x190/0x3f0
[ 2147.576766][T31548]  netlink_deliver_tap+0xabd/0xd30
[ 2147.576791][T31548]  netlink_unicast+0x64c/0x870
[ 2147.576825][T31548]  ? __pfx_netlink_unicast+0x10/0x10
[ 2147.576845][T31548]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2147.576872][T31548]  netlink_sendmsg+0x8d1/0xdd0
[ 2147.576898][T31548]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2147.576928][T31548]  ____sys_sendmsg+0xa98/0xc70
[ 2147.576952][T31548]  ? copy_msghdr_from_user+0x10a/0x160
[ 2147.576971][T31548]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2147.577001][T31548]  ___sys_sendmsg+0x134/0x1d0
[ 2147.577020][T31548]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2147.577062][T31548]  __sys_sendmsg+0x16d/0x220
[ 2147.577083][T31548]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2147.577113][T31548]  do_syscall_64+0xcd/0x4e0
[ 2147.577135][T31548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2147.577152][T31548] RIP: 0033:0x7fafcd18eec9
[ 2147.577165][T31548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2147.577180][T31548] RSP: 002b:00007fafcdf82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2147.577194][T31548] RAX: ffffffffffffffda RBX: 00007fafcd3e5fa0 RCX: 00007fafcd18eec9
[ 2147.577205][T31548] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003
[ 2147.577215][T31548] RBP: 00007fafcdf82090 R08: 0000000000000000 R09: 0000000000000000
[ 2147.577225][T31548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2147.577235][T31548] R13: 00007fafcd3e6038 R14: 00007fafcd3e5fa0 R15: 00007fffd6053a98
[ 2147.577258][T31548]  </TASK>
[ 2147.580402][T31548] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 2148.368988][T23870] Bluetooth: hci2: command 0x0406 tx timeout
[ 2149.103982][T23870] Bluetooth: hci1: command 0x0406 tx timeout
[ 2149.110152][T23870] Bluetooth: hci5: command 0x0405 tx timeout
[ 2149.176641][T20365] usb 6-1: new high-speed USB device number 117 using dummy_hcd
[ 2149.276645][T27980] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2149.466683][T20365] usb 6-1: Using ep0 maxpacket: 8
[ 2149.483073][T20365] usb 6-1: config 162 has an invalid interface number: 236 but max is 0
[ 2149.512773][T20365] usb 6-1: config 162 has no interface number 0
[ 2149.522925][T20365] usb 6-1: config 162 interface 236 has no altsetting 0
[ 2149.627838][T20365] usb 6-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=e9.c0
[ 2149.644309][T20365] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2149.654445][T20365] usb 6-1: Product: syz
[ 2149.659092][T20365] usb 6-1: Manufacturer: syz
[ 2149.663784][T20365] usb 6-1: SerialNumber: syz
[ 2152.071831][T31616] netlink: 18 bytes leftover after parsing attributes in process `syz.3.6618'.
[ 2152.143988][T20365] cypress_cy7c63 6-1:162.236: Cypress CY7C63xxx device now attached
[ 2152.204264][T20365] usb 6-1: USB disconnect, device number 117
[ 2152.244812][T20365] cypress_cy7c63 6-1:162.236: Cypress CY7C63xxx device now disconnected
[ 2152.426691][T25075] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 2152.667256][T25075] usb 4-1: Using ep0 maxpacket: 8
[ 2152.681784][T25075] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 2152.702410][T25075] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2152.740407][T25075] usb 4-1: Product: syz
[ 2152.758981][T25075] usb 4-1: Manufacturer: syz
[ 2152.771008][T25075] usb 4-1: SerialNumber: syz
[ 2152.832584][T25075] usb 4-1: config 0 descriptor??
[ 2152.849135][T25075] gspca_main: se401-2.14.0 probing 047d:5003
[ 2152.856659][T20365] usb 6-1: new full-speed USB device number 118 using dummy_hcd
[ 2153.021411][T20365] usb 6-1: config 0 has an invalid interface number: 168 but max is 0
[ 2153.036933][T20365] usb 6-1: config 0 has no interface number 0
[ 2153.044529][T20365] usb 6-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[ 2153.054088][T20365] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2153.083103][T20365] usb 6-1: config 0 descriptor??
[ 2153.262437][T25075] gspca_se401: Bayer format not supported!
[ 2153.357016][T27980] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 2153.748817][T31623] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2153.771325][T31623] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2153.794047][T31623] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2153.818367][T20365] usb 6-1: string descriptor 0 read error: -71
[ 2153.835479][T31623] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2153.845559][T20365] usb-storage 6-1:0.168: USB Mass Storage device detected
[ 2153.911523][T20365] usb-storage 6-1:0.168: Quirks match for vid 05ab pid 0060: 2
[ 2153.943403][T26318] usb 4-1: USB disconnect, device number 64
[ 2153.984025][T20365] usb 6-1: USB disconnect, device number 118
[ 2154.096762][T31637] FAULT_INJECTION: forcing a failure.
[ 2154.096762][T31637] name failslab, interval 1, probability 0, space 0, times 0
[ 2154.118677][T31637] CPU: 0 UID: 0 PID: 31637 Comm: syz.4.6624 Not tainted syzkaller #0 PREEMPT(full) 
[ 2154.118706][T31637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2154.118717][T31637] Call Trace:
[ 2154.118724][T31637]  <TASK>
[ 2154.118731][T31637]  dump_stack_lvl+0x16c/0x1f0
[ 2154.118762][T31637]  should_fail_ex+0x512/0x640
[ 2154.118796][T31637]  should_failslab+0xc2/0x120
[ 2154.118820][T31637]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2154.118840][T31637]  ? skb_clone+0x190/0x3f0
[ 2154.118867][T31637]  skb_clone+0x190/0x3f0
[ 2154.118889][T31637]  netlink_deliver_tap+0xabd/0xd30
[ 2154.118919][T31637]  netlink_unicast+0x64c/0x870
[ 2154.118946][T31637]  ? __pfx_netlink_unicast+0x10/0x10
[ 2154.118969][T31637]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2154.119000][T31637]  netlink_sendmsg+0x8d1/0xdd0
[ 2154.119028][T31637]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2154.119059][T31637]  ____sys_sendmsg+0xa98/0xc70
[ 2154.119087][T31637]  ? copy_msghdr_from_user+0x10a/0x160
[ 2154.119109][T31637]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2154.119145][T31637]  ___sys_sendmsg+0x134/0x1d0
[ 2154.119167][T31637]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2154.119217][T31637]  __sys_sendmsg+0x16d/0x220
[ 2154.119239][T31637]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2154.119276][T31637]  do_syscall_64+0xcd/0x4e0
[ 2154.119302][T31637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2154.119321][T31637] RIP: 0033:0x7f9d4c38eec9
[ 2154.119336][T31637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2154.119353][T31637] RSP: 002b:00007f9d4d201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2154.119371][T31637] RAX: ffffffffffffffda RBX: 00007f9d4c5e5fa0 RCX: 00007f9d4c38eec9
[ 2154.119383][T31637] RDX: 0000000000000000 RSI: 0000200000001380 RDI: 0000000000000003
[ 2154.119393][T31637] RBP: 00007f9d4d201090 R08: 0000000000000000 R09: 0000000000000000
[ 2154.119404][T31637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2154.119415][T31637] R13: 00007f9d4c5e6038 R14: 00007f9d4c5e5fa0 R15: 00007ffcd68d0ab8
[ 2154.119439][T31637]  </TASK>
[ 2154.119486][T31637] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.6624'.
[ 2154.756657][T27980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2154.846732][T31649] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6628'.
[ 2155.796983][T27980] Bluetooth: hci1: command 0x0406 tx timeout
[ 2155.803096][T23870] Bluetooth: hci5: command 0x0405 tx timeout
[ 2155.876674][T23870] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2155.898581][T31657] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2155.904989][T31657] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2155.911134][T31657] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2155.920174][T31657] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2156.109819][T31667] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2157.237065][T27980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2157.625531][T31679] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6632'.
[ 2157.931144][T31683] bridge0: port 3(team0) entered blocking state
[ 2157.937909][T31683] bridge0: port 3(team0) entered disabled state
[ 2157.945376][T31683] team0: entered allmulticast mode
[ 2157.950672][T31683] team_slave_0: entered allmulticast mode
[ 2157.956704][T31683] team_slave_1: entered allmulticast mode
[ 2157.972574][T31683] team0: entered promiscuous mode
[ 2157.977748][T31683] team_slave_0: entered promiscuous mode
[ 2157.984577][T31683] team_slave_1: entered promiscuous mode
[ 2157.993486][T31683] bridge0: port 3(team0) entered blocking state
[ 2157.999884][T31683] bridge0: port 3(team0) entered forwarding state
[ 2158.224904][T23870] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2158.225537][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 2158.231306][T23870] Bluetooth: hci5: command 0x0405 tx timeout
[ 2158.811991][T31692] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2159.356026][T31699] FAULT_INJECTION: forcing a failure.
[ 2159.356026][T31699] name failslab, interval 1, probability 0, space 0, times 0
[ 2159.449716][T31699] CPU: 1 UID: 0 PID: 31699 Comm: syz.2.6639 Not tainted syzkaller #0 PREEMPT(full) 
[ 2159.449745][T31699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2159.449753][T31699] Call Trace:
[ 2159.449757][T31699]  <TASK>
[ 2159.449763][T31699]  dump_stack_lvl+0x16c/0x1f0
[ 2159.449786][T31699]  should_fail_ex+0x512/0x640
[ 2159.449807][T31699]  should_failslab+0xc2/0x120
[ 2159.449823][T31699]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2159.449837][T31699]  ? skb_clone+0x190/0x3f0
[ 2159.449854][T31699]  skb_clone+0x190/0x3f0
[ 2159.449868][T31699]  netlink_deliver_tap+0xabd/0xd30
[ 2159.449887][T31699]  netlink_unicast+0x64c/0x870
[ 2159.449905][T31699]  ? __pfx_netlink_unicast+0x10/0x10
[ 2159.449920][T31699]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2159.449939][T31699]  netlink_sendmsg+0x8d1/0xdd0
[ 2159.449956][T31699]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2159.449981][T31699]  ____sys_sendmsg+0xa98/0xc70
[ 2159.450000][T31699]  ? copy_msghdr_from_user+0x10a/0x160
[ 2159.450014][T31699]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2159.450037][T31699]  ___sys_sendmsg+0x134/0x1d0
[ 2159.450053][T31699]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2159.450084][T31699]  __sys_sendmsg+0x16d/0x220
[ 2159.450098][T31699]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2159.450121][T31699]  do_syscall_64+0xcd/0x4e0
[ 2159.450138][T31699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2159.450150][T31699] RIP: 0033:0x7fafcd18eec9
[ 2159.450160][T31699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2159.450171][T31699] RSP: 002b:00007fafcdf82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2159.450182][T31699] RAX: ffffffffffffffda RBX: 00007fafcd3e5fa0 RCX: 00007fafcd18eec9
[ 2159.450190][T31699] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 2159.450197][T31699] RBP: 00007fafcdf82090 R08: 0000000000000000 R09: 0000000000000000
[ 2159.450203][T31699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2159.450210][T31699] R13: 00007fafcd3e6038 R14: 00007fafcd3e5fa0 R15: 00007fffd6053a98
[ 2159.450224][T31699]  </TASK>
[ 2159.661026][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2160.133430][T31710] FAULT_INJECTION: forcing a failure.
[ 2160.133430][T31710] name failslab, interval 1, probability 0, space 0, times 0
[ 2160.231921][T31710] CPU: 0 UID: 0 PID: 31710 Comm: syz.3.6643 Not tainted syzkaller #0 PREEMPT(full) 
[ 2160.231946][T31710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2160.231956][T31710] Call Trace:
[ 2160.231963][T31710]  <TASK>
[ 2160.231970][T31710]  dump_stack_lvl+0x16c/0x1f0
[ 2160.232006][T31710]  should_fail_ex+0x512/0x640
[ 2160.232033][T31710]  should_failslab+0xc2/0x120
[ 2160.232057][T31710]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2160.232076][T31710]  ? skb_clone+0x190/0x3f0
[ 2160.232103][T31710]  skb_clone+0x190/0x3f0
[ 2160.232127][T31710]  netlink_deliver_tap+0xabd/0xd30
[ 2160.232157][T31710]  netlink_unicast+0x64c/0x870
[ 2160.232185][T31710]  ? __pfx_netlink_unicast+0x10/0x10
[ 2160.232209][T31710]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2160.232241][T31710]  netlink_sendmsg+0x8d1/0xdd0
[ 2160.232269][T31710]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2160.232303][T31710]  ____sys_sendmsg+0xa98/0xc70
[ 2160.232331][T31710]  ? copy_msghdr_from_user+0x10a/0x160
[ 2160.232353][T31710]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2160.232392][T31710]  ___sys_sendmsg+0x134/0x1d0
[ 2160.232416][T31710]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2160.232472][T31710]  __sys_sendmsg+0x16d/0x220
[ 2160.232496][T31710]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2160.232536][T31710]  do_syscall_64+0xcd/0x4e0
[ 2160.232562][T31710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2160.232580][T31710] RIP: 0033:0x7f2a3218eec9
[ 2160.232595][T31710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2160.232613][T31710] RSP: 002b:00007f2a33078038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2160.232631][T31710] RAX: ffffffffffffffda RBX: 00007f2a323e5fa0 RCX: 00007f2a3218eec9
[ 2160.232643][T31710] RDX: 0000000020000014 RSI: 00002000000001c0 RDI: 0000000000000003
[ 2160.232654][T31710] RBP: 00007f2a33078090 R08: 0000000000000000 R09: 0000000000000000
[ 2160.232665][T31710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2160.232676][T31710] R13: 00007f2a323e6038 R14: 00007f2a323e5fa0 R15: 00007ffe827169c8
[ 2160.232701][T31710]  </TASK>
[ 2160.638693][T31684] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2160.863612][T31705] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2160.871056][T31705] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2160.879595][T31705] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2161.832485][T31725] binder: 31716:31725 ioctl c0306201 200000000680 returned -14
[ 2161.888685][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 2162.050665][T31724] lo speed is unknown, defaulting to 1000
[ 2162.179015][T31728] bridge0: port 4(team0) entered blocking state
[ 2162.185355][T31728] bridge0: port 4(team0) entered disabled state
[ 2162.191807][T31728] team0: entered allmulticast mode
[ 2162.197072][T31728] team_slave_0: entered allmulticast mode
[ 2162.202789][T31728] team_slave_1: entered allmulticast mode
[ 2162.210303][T31728] team0: entered promiscuous mode
[ 2162.215338][T31728] team_slave_0: entered promiscuous mode
[ 2162.221161][T31728] team_slave_1: entered promiscuous mode
[ 2162.233110][T31728] bridge0: port 4(team0) entered blocking state
[ 2162.239770][T31728] bridge0: port 4(team0) entered forwarding state
[ 2162.252741][T31684] Bluetooth: hci2: command 0x0406 tx timeout
[ 2162.915295][T31705] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2162.921421][T29859] Bluetooth: hci1: command 0x0406 tx timeout
[ 2162.927670][T31684] Bluetooth: hci5: command 0x0405 tx timeout
[ 2163.058145][T31733] FAULT_INJECTION: forcing a failure.
[ 2163.058145][T31733] name failslab, interval 1, probability 0, space 0, times 0
[ 2163.251778][T31733] CPU: 1 UID: 0 PID: 31733 Comm: syz.2.6650 Not tainted syzkaller #0 PREEMPT(full) 
[ 2163.251802][T31733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2163.251812][T31733] Call Trace:
[ 2163.251819][T31733]  <TASK>
[ 2163.251825][T31733]  dump_stack_lvl+0x16c/0x1f0
[ 2163.251852][T31733]  should_fail_ex+0x512/0x640
[ 2163.251879][T31733]  should_failslab+0xc2/0x120
[ 2163.251900][T31733]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2163.251918][T31733]  ? skb_clone+0x190/0x3f0
[ 2163.251942][T31733]  skb_clone+0x190/0x3f0
[ 2163.251963][T31733]  netlink_deliver_tap+0xabd/0xd30
[ 2163.251990][T31733]  netlink_unicast+0x64c/0x870
[ 2163.252015][T31733]  ? __pfx_netlink_unicast+0x10/0x10
[ 2163.252038][T31733]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2163.252068][T31733]  netlink_sendmsg+0x8d1/0xdd0
[ 2163.252095][T31733]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2163.252129][T31733]  ____sys_sendmsg+0xa98/0xc70
[ 2163.252155][T31733]  ? copy_msghdr_from_user+0x10a/0x160
[ 2163.252175][T31733]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2163.252213][T31733]  ___sys_sendmsg+0x134/0x1d0
[ 2163.252235][T31733]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2163.252288][T31733]  __sys_sendmsg+0x16d/0x220
[ 2163.252308][T31733]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2163.252344][T31733]  do_syscall_64+0xcd/0x4e0
[ 2163.252368][T31733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2163.252384][T31733] RIP: 0033:0x7fafcd18eec9
[ 2163.252398][T31733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2163.252413][T31733] RSP: 002b:00007fafcdf82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2163.252429][T31733] RAX: ffffffffffffffda RBX: 00007fafcd3e5fa0 RCX: 00007fafcd18eec9
[ 2163.252441][T31733] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 2163.252452][T31733] RBP: 00007fafcdf82090 R08: 0000000000000000 R09: 0000000000000000
[ 2163.252462][T31733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2163.252472][T31733] R13: 00007fafcd3e6038 R14: 00007fafcd3e5fa0 R15: 00007fffd6053a98
[ 2163.252496][T31733]  </TASK>
[ 2163.461336][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2163.543150][T31740] lo speed is unknown, defaulting to 1000
[ 2164.916822][T31684] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2167.608055][T31819] FAULT_INJECTION: forcing a failure.
[ 2167.608055][T31819] name failslab, interval 1, probability 0, space 0, times 0
[ 2167.682135][T31819] CPU: 0 UID: 0 PID: 31819 Comm: syz.5.6676 Not tainted syzkaller #0 PREEMPT(full) 
[ 2167.682163][T31819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2167.682172][T31819] Call Trace:
[ 2167.682178][T31819]  <TASK>
[ 2167.682183][T31819]  dump_stack_lvl+0x16c/0x1f0
[ 2167.682204][T31819]  should_fail_ex+0x512/0x640
[ 2167.682222][T31819]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2167.682238][T31819]  should_failslab+0xc2/0x120
[ 2167.682253][T31819]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2167.682265][T31819]  ? security_file_alloc+0x34/0x2b0
[ 2167.682288][T31819]  security_file_alloc+0x34/0x2b0
[ 2167.682306][T31819]  init_file+0x93/0x4c0
[ 2167.682323][T31819]  alloc_empty_file+0x73/0x1e0
[ 2167.682340][T31819]  path_openat+0xda/0x2cb0
[ 2167.682353][T31819]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2167.682370][T31819]  ? __pfx_path_openat+0x10/0x10
[ 2167.682387][T31819]  do_filp_open+0x20b/0x470
[ 2167.682400][T31819]  ? __pfx_do_filp_open+0x10/0x10
[ 2167.682423][T31819]  ? alloc_fd+0x471/0x7d0
[ 2167.682440][T31819]  do_sys_openat2+0x11b/0x1d0
[ 2167.682457][T31819]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2167.682477][T31819]  __do_sys_openat2+0x1c0/0x2d0
[ 2167.682493][T31819]  ? __pfx___do_sys_openat2+0x10/0x10
[ 2167.682508][T31819]  ? ksys_write+0x1ac/0x250
[ 2167.682524][T31819]  do_syscall_64+0xcd/0x4e0
[ 2167.682541][T31819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2167.682551][T31819] RIP: 0033:0x7f5fe738eec9
[ 2167.682562][T31819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2167.682573][T31819] RSP: 002b:00007f5fe55f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[ 2167.682584][T31819] RAX: ffffffffffffffda RBX: 00007f5fe75e5fa0 RCX: 00007f5fe738eec9
[ 2167.682592][T31819] RDX: 0000200000000080 RSI: 0000200000000640 RDI: ffffffffffffff9c
[ 2167.682599][T31819] RBP: 00007f5fe55f6090 R08: 0000000000000000 R09: 0000000000000000
[ 2167.682605][T31819] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[ 2167.682612][T31819] R13: 00007f5fe75e6038 R14: 00007f5fe75e5fa0 R15: 00007ffdee5a6f88
[ 2167.682626][T31819]  </TASK>
[ 2172.099526][T31864] Falling back ldisc for ttyS3.
[ 2172.142714][T31867] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6688'.
[ 2172.151795][T31867] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6688'.
[ 2172.160952][T31867] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6688'.
[ 2172.223965][   T30] audit: type=1400 audit(2172.333:1675): avc:  denied  { unmount } for  pid=26023 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 2173.364232][T31874] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2174.425701][T31894] netlink: 'syz.3.6697': attribute type 1 has an invalid length.
[ 2174.443724][T31894] netlink: 'syz.3.6697': attribute type 2 has an invalid length.
[ 2174.621235][T11054] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[ 2174.695039][T31901] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 2175.068693][T31903] tipc: Started in network mode
[ 2175.074031][T31903] tipc: Node identity 6ab5d0e18f01, cluster identity 4711
[ 2175.081589][T31903] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2175.091006][T31903] syzkaller0: entered promiscuous mode
[ 2175.096637][T31903] syzkaller0: entered allmulticast mode
[ 2175.135409][T31903] tipc: Resetting bearer <eth:syzkaller0>
[ 2175.144723][T31902] tipc: Resetting bearer <eth:syzkaller0>
[ 2175.153787][T11054] usb 5-1: Using ep0 maxpacket: 16
[ 2175.165731][T11054] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2175.198661][T31902] tipc: Disabling bearer <eth:syzkaller0>
[ 2175.316239][T11054] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2175.329400][T11054] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2175.338482][T11054] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2175.357448][T11054] usb 5-1: config 0 descriptor??
[ 2176.044384][T31914] QAT: Invalid ioctl 1075883590
[ 2176.051344][T31914] QAT: Invalid ioctl 1075883590
[ 2176.059407][T31914] QAT: Invalid ioctl 1075883590
[ 2176.065204][T31914] QAT: Invalid ioctl 1075883590
[ 2176.072339][T31914] QAT: Invalid ioctl 1075883590
[ 2176.078064][T31914] QAT: Invalid ioctl 1075883590
[ 2176.086000][T31914] QAT: Invalid ioctl 1075883590
[ 2176.092455][T31914] QAT: Invalid ioctl 1075883590
[ 2176.155454][T31914] QAT: Invalid ioctl 1075883590
[ 2176.161404][T31914] QAT: Invalid ioctl 1075883590
[ 2176.594054][T31919] netlink: 96 bytes leftover after parsing attributes in process `syz.2.6704'.
[ 2176.603482][T31919] netlink: 96 bytes leftover after parsing attributes in process `syz.2.6704'.
[ 2176.612721][T31919] netlink: 96 bytes leftover after parsing attributes in process `syz.2.6704'.
[ 2177.691526][T11054] usbhid 5-1:0.0: can't add hid device: -71
[ 2177.712783][T11054] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 2177.728887][T31937] FAULT_INJECTION: forcing a failure.
[ 2177.728887][T31937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2177.924818][T11054] usb 5-1: USB disconnect, device number 42
[ 2177.941749][T31937] CPU: 1 UID: 0 PID: 31937 Comm: syz.4.6709 Not tainted syzkaller #0 PREEMPT(full) 
[ 2177.941776][T31937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2177.941786][T31937] Call Trace:
[ 2177.941793][T31937]  <TASK>
[ 2177.941801][T31937]  dump_stack_lvl+0x16c/0x1f0
[ 2177.941827][T31937]  should_fail_ex+0x512/0x640
[ 2177.941847][T31937]  _copy_to_user+0x32/0xd0
[ 2177.941866][T31937]  simple_read_from_buffer+0xcb/0x170
[ 2177.941883][T31937]  proc_fail_nth_read+0x197/0x240
[ 2177.941900][T31937]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2177.941914][T31937]  ? rw_verify_area+0xcf/0x6c0
[ 2177.941933][T31937]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2177.941946][T31937]  vfs_read+0x1e1/0xcf0
[ 2177.941960][T31937]  ? __pfx___mutex_lock+0x10/0x10
[ 2177.941977][T31937]  ? __pfx_vfs_read+0x10/0x10
[ 2177.941992][T31937]  ? __fget_files+0x20e/0x3c0
[ 2177.942009][T31937]  ksys_read+0x12a/0x250
[ 2177.942020][T31937]  ? __pfx_ksys_read+0x10/0x10
[ 2177.942032][T31937]  ? fput+0x9b/0xd0
[ 2177.942049][T31937]  do_syscall_64+0xcd/0x4e0
[ 2177.942066][T31937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2177.942078][T31937] RIP: 0033:0x7f9d4c38d8dc
[ 2177.942088][T31937] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2177.942099][T31937] RSP: 002b:00007f9d4d201030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2177.942111][T31937] RAX: ffffffffffffffda RBX: 00007f9d4c5e5fa0 RCX: 00007f9d4c38d8dc
[ 2177.942118][T31937] RDX: 000000000000000f RSI: 00007f9d4d2010a0 RDI: 0000000000000004
[ 2177.942125][T31937] RBP: 00007f9d4d201090 R08: 0000000000000000 R09: 0000000000000000
[ 2177.942131][T31937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2177.942138][T31937] R13: 00007f9d4c5e6038 R14: 00007f9d4c5e5fa0 R15: 00007ffcd68d0ab8
[ 2177.942152][T31937]  </TASK>
[ 2178.474862][T31953] vlan2: entered allmulticast mode
[ 2178.679674][T31953] dummy0: entered allmulticast mode
[ 2180.441793][T31684] Bluetooth: hci2: connection err: -111
[ 2181.528292][T20365] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[ 2181.696745][T20365] usb 3-1: Using ep0 maxpacket: 16
[ 2181.717925][T20365] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2181.743101][T20365] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2181.762873][T20365] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2181.776266][T20365] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2181.801332][T20365] usb 3-1: config 0 descriptor??
[ 2181.827367][T26318] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[ 2181.903860][   T30] audit: type=1400 audit(2182.013:1676): avc:  denied  { checkpoint_restore } for  pid=31991 comm="syz.6.6725" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2182.886760][T26318] usb 5-1: Using ep0 maxpacket: 8
[ 2182.920815][T26318] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2182.963804][T26318] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[ 2182.984770][T26318] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[ 2183.002425][T26318] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 2183.030679][T26318] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 2183.049051][T26318] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 2183.061616][T26318] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 2183.070455][T26318] usb 5-1: Product: syz
[ 2183.074809][T26318] usb 5-1: Manufacturer: syz
[ 2183.196259][T26318] usb 5-1: SerialNumber: syz
[ 2183.202288][   T30] audit: type=1400 audit(2183.313:1677): avc:  denied  { kexec_image_load } for  pid=32013 comm="syz.3.6731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[ 2183.224592][T26318] usb 5-1: config 0 descriptor??
[ 2183.655332][T26318] radio-si470x 5-1:0.0: DeviceID=0x7ab1 ChipID=0xb100
[ 2183.874181][T26318] radio-si470x 5-1:0.0: software version 122, hardware version 177
[ 2184.116766][T20365] usbhid 3-1:0.0: can't add hid device: -71
[ 2184.122834][T20365] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 2184.123404][T31981] l2tp_ppp: sess 2/0: no socket in recv
[ 2184.140356][T20365] usb 3-1: USB disconnect, device number 65
[ 2184.286762][T26318] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 2184.390636][T26318] radio-si470x 5-1:0.0: submitting int urb failed (-90)
[ 2184.438395][T26318] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 2184.910822][T26318] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22
[ 2184.926815][T26318] usb 5-1: USB disconnect, device number 43
[ 2185.033184][T28572] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 2185.114829][T32039] FAULT_INJECTION: forcing a failure.
[ 2185.114829][T32039] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2185.535496][T32039] CPU: 0 UID: 0 PID: 32039 Comm: syz.5.6736 Not tainted syzkaller #0 PREEMPT(full) 
[ 2185.535525][T32039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2185.535536][T32039] Call Trace:
[ 2185.535544][T32039]  <TASK>
[ 2185.535551][T32039]  dump_stack_lvl+0x16c/0x1f0
[ 2185.535582][T32039]  should_fail_ex+0x512/0x640
[ 2185.535610][T32039]  _copy_to_user+0x32/0xd0
[ 2185.535639][T32039]  drm_ioctl+0x5eb/0xc30
[ 2185.535696][T32039]  ? __pfx_drm_wait_vblank_ioctl+0x10/0x10
[ 2185.535728][T32039]  ? __pfx_drm_ioctl+0x10/0x10
[ 2185.535769][T32039]  ? selinux_file_ioctl+0x180/0x270
[ 2185.535795][T32039]  ? selinux_file_ioctl+0xb4/0x270
[ 2185.535821][T32039]  ? __pfx_drm_ioctl+0x10/0x10
[ 2185.535845][T32039]  __x64_sys_ioctl+0x18e/0x210
[ 2185.535876][T32039]  do_syscall_64+0xcd/0x4e0
[ 2185.535900][T32039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2185.535918][T32039] RIP: 0033:0x7f5fe738eec9
[ 2185.535934][T32039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2185.535951][T32039] RSP: 002b:00007f5fe55f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2185.535969][T32039] RAX: ffffffffffffffda RBX: 00007f5fe75e5fa0 RCX: 00007f5fe738eec9
[ 2185.535980][T32039] RDX: 00002000000000c0 RSI: 00000000c018643a RDI: 0000000000000003
[ 2185.535991][T32039] RBP: 00007f5fe55f6090 R08: 0000000000000000 R09: 0000000000000000
[ 2185.536003][T32039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2185.536013][T32039] R13: 00007f5fe75e6038 R14: 00007f5fe75e5fa0 R15: 00007ffdee5a6f88
[ 2185.536038][T32039]  </TASK>
[ 2185.695513][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2185.926704][T28572] usb 4-1: device descriptor read/64, error -71
[ 2186.186682][T28572] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 2186.406812][T28572] usb 4-1: device descriptor read/64, error -71
[ 2186.539788][T28572] usb usb4-port1: attempt power cycle
[ 2186.550990][T29859] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2186.611448][   T30] audit: type=1400 audit(2186.723:1678): avc:  denied  { write } for  pid=32042 comm="syz.4.6739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2186.919429][T28572] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 2187.050328][T28572] usb 4-1: device descriptor read/8, error -71
[ 2188.121447][T32079] block nbd0: Attempted send on invalid socket
[ 2188.129981][T32079] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[ 2188.266587][T25075] usb 6-1: new high-speed USB device number 119 using dummy_hcd
[ 2188.427065][T25075] usb 6-1: Using ep0 maxpacket: 16
[ 2188.461668][T25075] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2188.570141][T25075] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2188.737731][T25075] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2188.771495][T25075] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2188.907285][T25075] usb 6-1: config 0 descriptor??
[ 2190.266356][T32099] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6750'.
[ 2190.335290][T32099] netlink: 'syz.6.6750': attribute type 9 has an invalid length.
[ 2190.361130][T32099] netlink: 'syz.6.6750': attribute type 9 has an invalid length.
[ 2190.386682][T26318] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[ 2190.506140][T25075] usbhid 6-1:0.0: can't add hid device: -71
[ 2190.566793][T25075] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 2190.656765][T26318] usb 5-1: Using ep0 maxpacket: 8
[ 2190.667253][T26318] usb 5-1: config 162 has an invalid interface number: 236 but max is 0
[ 2190.687870][T26318] usb 5-1: config 162 has no interface number 0
[ 2190.700516][T26318] usb 5-1: config 162 interface 236 has no altsetting 0
[ 2190.718781][T26318] usb 5-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=e9.c0
[ 2190.741303][T26318] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2190.761647][T26318] usb 5-1: Product: syz
[ 2190.765933][T26318] usb 5-1: Manufacturer: syz
[ 2190.778929][T26318] usb 5-1: SerialNumber: syz
[ 2190.850664][T32112] tipc: Started in network mode
[ 2190.855687][T32112] tipc: Node identity 080211000001, cluster identity 4711
[ 2190.866042][T32112] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2190.875555][T32112] hfsplus: Unknown parameter 'barriert/tun'
[ 2190.884431][T32112] mac80211_hwsim hwsim32 syzkaller0: entered promiscuous mode
[ 2190.892202][T32112] mac80211_hwsim hwsim32 syzkaller0: entered allmulticast mode
[ 2190.906710][T32112] tipc: Resetting bearer <eth:syzkaller0>
[ 2191.057099][T25075] usb 6-1: USB disconnect, device number 119
[ 2191.897039][T28572] tipc: Node number set to 134418688
[ 2191.906575][T25075] usb 6-1: new high-speed USB device number 120 using dummy_hcd
[ 2191.958833][T32122] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6754'.
[ 2192.169207][T25075] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 2192.191857][T25075] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2192.203632][T25075] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2192.214810][T25075] usb 6-1: config 1 has no interface number 1
[ 2192.221294][T25075] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 2192.325244][   T30] audit: type=1400 audit(2192.423:1679): avc:  denied  { map } for  pid=32126 comm="syz.2.6758" path="socket:[123433]" dev="sockfs" ino=123433 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 2192.356768][T25075] usb 6-1: too many endpoints for config 1 interface 2 altsetting 0: 255, using maximum allowed: 30
[ 2192.736867][T25075] usb 6-1: config 1 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 2192.750157][   T30] audit: type=1400 audit(2192.483:1680): avc:  denied  { ioctl } for  pid=32126 comm="syz.2.6758" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x89f2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 2192.788022][T25075] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2192.800049][T25075] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2192.831587][T25075] usb 6-1: Product: syz
[ 2192.865144][T25075] usb 6-1: Manufacturer: syz
[ 2192.908420][T25075] usb 6-1: SerialNumber: syz
[ 2193.242265][T32119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2193.343126][T32119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2193.540259][T26318] cypress_cy7c63 5-1:162.236: Cypress CY7C63xxx device now attached
[ 2193.602962][T26318] usb 5-1: USB disconnect, device number 44
[ 2193.611971][T26318] cypress_cy7c63 5-1:162.236: Cypress CY7C63xxx device now disconnected
[ 2193.630424][T25075] usb 6-1: USB disconnect, device number 120
[ 2193.730376][   T30] audit: type=1400 audit(2449.830:1681): avc:  denied  { read } for  pid=5204 comm="acpid" name="event9" dev="devtmpfs" ino=5348 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[ 2193.772110][   T30] audit: type=1400 audit(2449.830:1682): avc:  denied  { open } for  pid=5204 comm="acpid" path="/dev/input/event9" dev="devtmpfs" ino=5348 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[ 2193.803088][T28593] udevd[28593]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2193.833356][   T30] audit: type=1400 audit(2449.830:1683): avc:  denied  { ioctl } for  pid=5204 comm="acpid" path="/dev/input/event9" dev="devtmpfs" ino=5348 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[ 2193.962607][   T30] audit: type=1400 audit(2449.880:1684): avc:  denied  { write } for  pid=32139 comm="syz.3.6762" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 2194.347102][T25076] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[ 2194.468189][T32155] netlink: 'syz.6.6763': attribute type 3 has an invalid length.
[ 2194.496671][T25076] usb 5-1: Using ep0 maxpacket: 16
[ 2194.517863][T32155] netlink: 193500 bytes leftover after parsing attributes in process `syz.6.6763'.
[ 2194.539348][T25076] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2194.591797][T25076] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2194.659501][T25076] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2194.715229][T25076] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2194.771692][T25076] usb 5-1: config 0 descriptor??
[ 2195.177880][T32153] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2195.184048][T32153] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 2195.191231][T32153] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2195.197867][T32153] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2195.252161][T32172] FAULT_INJECTION: forcing a failure.
[ 2195.252161][T32172] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2195.271510][T32172] CPU: 0 UID: 0 PID: 32172 Comm: syz.2.6770 Not tainted syzkaller #0 PREEMPT(full) 
[ 2195.271536][T32172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2195.271546][T32172] Call Trace:
[ 2195.271553][T32172]  <TASK>
[ 2195.271560][T32172]  dump_stack_lvl+0x16c/0x1f0
[ 2195.271590][T32172]  should_fail_ex+0x512/0x640
[ 2195.271618][T32172]  _copy_to_user+0x32/0xd0
[ 2195.271647][T32172]  bpf_test_finish.isra.0+0x53c/0x6e0
[ 2195.271679][T32172]  ? __pfx___static_call_update+0x10/0x10
[ 2195.271705][T32172]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[ 2195.271732][T32172]  ? 0xffffffffa02057c0
[ 2195.271745][T32172]  ? bpf_dispatcher_change_prog+0x54d/0xa80
[ 2195.271781][T32172]  bpf_prog_test_run_xdp+0xa0d/0x1590
[ 2195.271814][T32172]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 2195.271837][T32172]  ? __might_fault+0x70/0x190
[ 2195.271861][T32172]  ? fput+0x9b/0xd0
[ 2195.271885][T32172]  ? __bpf_prog_get+0x97/0x2a0
[ 2195.271906][T32172]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 2195.271928][T32172]  __sys_bpf+0x1050/0x4de0
[ 2195.271955][T32172]  ? __pfx___sys_bpf+0x10/0x10
[ 2195.271977][T32172]  ? ksys_write+0x190/0x250
[ 2195.272000][T32172]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 2195.272040][T32172]  ? fput+0x9b/0xd0
[ 2195.272062][T32172]  ? ksys_write+0x1ac/0x250
[ 2195.272080][T32172]  ? __pfx_ksys_write+0x10/0x10
[ 2195.272102][T32172]  __x64_sys_bpf+0x78/0xc0
[ 2195.272124][T32172]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2195.272147][T32172]  do_syscall_64+0xcd/0x4e0
[ 2195.272171][T32172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2195.272189][T32172] RIP: 0033:0x7fafcd18eec9
[ 2195.272204][T32172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2195.272221][T32172] RSP: 002b:00007fafcdf82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2195.272240][T32172] RAX: ffffffffffffffda RBX: 00007fafcd3e5fa0 RCX: 00007fafcd18eec9
[ 2195.272252][T32172] RDX: 0000000000000050 RSI: 0000200000000240 RDI: 000000000000000a
[ 2195.272263][T32172] RBP: 00007fafcdf82090 R08: 0000000000000000 R09: 0000000000000000
[ 2195.272274][T32172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2195.272285][T32172] R13: 00007fafcd3e6038 R14: 00007fafcd3e5fa0 R15: 00007fffd6053a98
[ 2195.272310][T32172]  </TASK>
[ 2196.523973][T31684] Bluetooth: hci2: command 0x0406 tx timeout
[ 2196.582506][T32183] lo speed is unknown, defaulting to 1000
[ 2196.856031][T32186] adf_ctl_ioctl: 15 callbacks suppressed
[ 2196.856044][T32186] QAT: Invalid ioctl 1075883590
[ 2196.870843][T25076] usbhid 5-1:0.0: can't add hid device: -71
[ 2196.887757][T32186] QAT: Invalid ioctl 1075883590
[ 2196.918947][T25076] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 2196.934379][T32186] QAT: Invalid ioctl 1075883590
[ 2196.996735][T32186] QAT: Invalid ioctl 1075883590
[ 2197.001771][T32186] QAT: Invalid ioctl 1075883590
[ 2197.025600][T25076] usb 5-1: USB disconnect, device number 45
[ 2197.076664][T32186] QAT: Invalid ioctl 1075883590
[ 2197.083343][T32186] QAT: Invalid ioctl 1075883590
[ 2197.093156][T32186] QAT: Invalid ioctl 1075883590
[ 2197.105525][T32186] QAT: Invalid ioctl 1075883590
[ 2197.122787][T32186] QAT: Invalid ioctl 1075883590
[ 2197.239481][T31684] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2197.245513][T31684] Bluetooth: hci1: command 0x0406 tx timeout
[ 2197.251767][T31684] Bluetooth: hci5: command 0x0405 tx timeout
[ 2198.126732][T32206] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6779'.
[ 2198.216935][    C1] 
[ 2198.216948][    C1] ========================================================
[ 2198.216968][    C1] WARNING: possible irq lock inversion dependency detected
[ 2198.216977][    C1] syzkaller #0 Not tainted
[ 2198.216989][    C1] --------------------------------------------------------
[ 2198.216996][    C1] syz.6.6777/32208 just changed the state of lock:
[ 2198.217008][    C1] ffff88802b303230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x3b0
[ 2198.217077][    C1] but this lock took another, SOFTIRQ-READ-unsafe lock in the past:
[ 2198.217086][    C1]  (tasklist_lock){.+.+}-{3:3}
[ 2198.217104][    C1] 
[ 2198.217104][    C1] 
[ 2198.217104][    C1] and interrupts could create inverse lock ordering between them.
[ 2198.217104][    C1] 
[ 2198.217112][    C1] 
[ 2198.217112][    C1] other info that might help us debug this:
[ 2198.217122][    C1] Chain exists of:
[ 2198.217122][    C1]   &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock
[ 2198.217122][    C1] 
[ 2198.217159][    C1]  Possible interrupt unsafe locking scenario:
[ 2198.217159][    C1] 
[ 2198.217165][    C1]        CPU0                    CPU1
[ 2198.217171][    C1]        ----                    ----
[ 2198.217176][    C1]   lock(tasklist_lock);
[ 2198.217189][    C1]                                local_irq_disable();
[ 2198.217195][    C1]                                lock(&dev->event_lock#2);
[ 2198.217214][    C1]                                lock(&client->buffer_lock);
[ 2198.217228][    C1]   <Interrupt>
[ 2198.217233][    C1]     lock(&dev->event_lock#2);
[ 2198.217250][    C1] 
[ 2198.217250][    C1]  *** DEADLOCK ***
[ 2198.217250][    C1] 
[ 2198.217255][    C1] 6 locks held by syz.6.6777/32208:
[ 2198.217267][    C1]  #0: ffff888025d8b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 2198.217318][    C1]  #1: ffff888025d8b130 (&tty->atomic_write_lock){+.+.}-{4:4}, at: file_tty_write.constprop.0+0x283/0x9b0
[ 2198.217369][    C1]  #2: ffff888025d8b2e8 (&tty->termios_rwsem){++++}-{4:4}, at: n_tty_write+0x1bc/0x11e0
[ 2198.217421][    C1]  #3: ffffc90000ad2380 (&ldata->output_lock){+.+.}-{4:4}, at: n_tty_write+0x595/0x11e0
[ 2198.217473][    C1]  #4: ffffffff8e5af000 (console_lock){+.+.}-{0:0}, at: do_con_write+0x152/0x8280
[ 2198.217525][    C1]  #5: ffffffff8e5c15a0 (rcu_read_lock){....}-{1:3}, at: led_trigger_event+0x61/0x270
[ 2198.217579][    C1] 
[ 2198.217579][    C1] the shortest dependencies between 2nd lock and 1st lock:
[ 2198.217595][    C1]     -> (tasklist_lock){.+.+}-{3:3} {
[ 2198.217621][    C1]        HARDIRQ-ON-R at:
[ 2198.217636][    C1]                             lock_acquire+0x179/0x350
[ 2198.217655][    C1]                             _raw_read_lock+0x5f/0x70
[ 2198.217676][    C1]                             __do_wait+0x105/0x890
[ 2198.217694][    C1]                             do_wait+0x21e/0x5a0
[ 2198.217709][    C1]                             kernel_wait+0x9f/0x160
[ 2198.217726][    C1]                             call_usermodehelper_exec_work+0xf1/0x170
[ 2198.217755][    C1]                             process_one_work+0x9cc/0x1b70
[ 2198.217775][    C1]                             worker_thread+0x6c8/0xf10
[ 2198.217795][    C1]                             kthread+0x3c2/0x780
[ 2198.217813][    C1]                             ret_from_fork+0x56a/0x730
[ 2198.217832][    C1]                             ret_from_fork_asm+0x1a/0x30
[ 2198.217903][    C1]        SOFTIRQ-ON-R at:
[ 2198.217914][    C1]                             lock_acquire+0x179/0x350
[ 2198.217930][    C1]                             _raw_read_lock+0x5f/0x70
[ 2198.217949][    C1]                             __do_wait+0x105/0x890
[ 2198.217964][    C1]                             do_wait+0x21e/0x5a0
[ 2198.217979][    C1]                             kernel_wait+0x9f/0x160
[ 2198.217996][    C1]                             call_usermodehelper_exec_work+0xf1/0x170
[ 2198.218018][    C1]                             process_one_work+0x9cc/0x1b70
[ 2198.218038][    C1]                             worker_thread+0x6c8/0xf10
[ 2198.218057][    C1]                             kthread+0x3c2/0x780
[ 2198.218074][    C1]                             ret_from_fork+0x56a/0x730
[ 2198.218091][    C1]                             ret_from_fork_asm+0x1a/0x30
[ 2198.218112][    C1]        INITIAL USE at:
[ 2198.218124][    C1]                            lock_acquire+0x179/0x350
[ 2198.218140][    C1]                            _raw_write_lock_irq+0x36/0x50
[ 2198.218160][    C1]                            copy_process+0x4caf/0x7690
[ 2198.218185][    C1]                            kernel_clone+0xfc/0x930
[ 2198.218208][    C1]                            user_mode_thread+0xc7/0x110
[ 2198.218232][    C1]                            rest_init+0x23/0x2b0
[ 2198.218258][    C1]                            start_kernel+0x3ee/0x4d0
[ 2198.218308][    C1]                            x86_64_start_reservations+0x18/0x30
[ 2198.218331][    C1]                            x86_64_start_kernel+0x130/0x190
[ 2198.218353][    C1]                            common_startup_64+0x13e/0x148
[ 2198.218374][    C1]        INITIAL READ USE at:
[ 2198.218385][    C1]                                 lock_acquire+0x179/0x350
[ 2198.218400][    C1]                                 _raw_read_lock+0x5f/0x70
[ 2198.218419][    C1]                                 __do_wait+0x105/0x890
[ 2198.218435][    C1]                                 do_wait+0x21e/0x5a0
[ 2198.218450][    C1]                                 kernel_wait+0x9f/0x160
[ 2198.218467][    C1]                                 call_usermodehelper_exec_work+0xf1/0x170
[ 2198.218488][    C1]                                 process_one_work+0x9cc/0x1b70
[ 2198.218508][    C1]                                 worker_thread+0x6c8/0xf10
[ 2198.218528][    C1]                                 kthread+0x3c2/0x780
[ 2198.218545][    C1]                                 ret_from_fork+0x56a/0x730
[ 2198.218563][    C1]                                 ret_from_fork_asm+0x1a/0x30
[ 2198.218584][    C1]      }
[ 2198.218590][    C1]      ... key      at: [<ffffffff8e20c098>] tasklist_lock+0x18/0x40
[ 2198.218649][    C1]      ... acquired at:
[ 2198.218656][    C1]    _raw_read_lock+0x5f/0x70
[ 2198.218674][    C1]    send_sigio+0xb8/0x3e0
[ 2198.218700][    C1]    kill_fasync+0x214/0x510
[ 2198.218723][    C1]    lease_break_callback+0x23/0x30
[ 2198.218758][    C1]    __break_lease+0x671/0x1810
[ 2198.218776][    C1]    vfs_truncate+0x4d3/0x6e0
[ 2198.218796][    C1]    __x64_sys_truncate+0x172/0x1e0
[ 2198.218815][    C1]    do_syscall_64+0xcd/0x4e0
[ 2198.218838][    C1]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.218856][    C1] 
[ 2198.218861][    C1]    -> (&f_owner->lock){....}-{3:3} {
[ 2198.218887][    C1]       INITIAL USE at:
[ 2198.218899][    C1]                          lock_acquire+0x179/0x350
[ 2198.218915][    C1]                          _raw_write_lock_irq+0x36/0x50
[ 2198.218935][    C1]                          __f_setown+0x61/0x3c0
[ 2198.218957][    C1]                          __tty_fasync+0x1bf/0x300
[ 2198.218977][    C1]                          tty_fasync+0x9e/0xe0
[ 2198.218996][    C1]                          do_fcntl+0xa3d/0x15a0
[ 2198.219019][    C1]                          __x64_sys_fcntl+0x163/0x200
[ 2198.219043][    C1]                          do_syscall_64+0xcd/0x4e0
[ 2198.219066][    C1]                          entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.219084][    C1]       INITIAL READ USE at:
[ 2198.219095][    C1]                               lock_acquire+0x179/0x350
[ 2198.219110][    C1]                               _raw_read_lock_irqsave+0x74/0x90
[ 2198.219131][    C1]                               send_sigio+0x31/0x3e0
[ 2198.219154][    C1]                               kill_fasync+0x214/0x510
[ 2198.219178][    C1]                               n_hdlc_tty_receive+0x186/0x280
[ 2198.219199][    C1]                               tty_ioctl+0x580/0x1680
[ 2198.219219][    C1]                               __x64_sys_ioctl+0x18e/0x210
[ 2198.219245][    C1]                               do_syscall_64+0xcd/0x4e0
[ 2198.219267][    C1]                               entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.219286][    C1]     }
[ 2198.219292][    C1]     ... key      at: [<ffffffff9ae963e0>] __key.1+0x0/0x40
[ 2198.219364][    C1]     ... acquired at:
[ 2198.219370][    C1]    _raw_read_lock_irqsave+0x74/0x90
[ 2198.219390][    C1]    send_sigio+0x31/0x3e0
[ 2198.219413][    C1]    kill_fasync+0x214/0x510
[ 2198.219436][    C1]    n_hdlc_tty_receive+0x186/0x280
[ 2198.219455][    C1]    tty_ioctl+0x580/0x1680
[ 2198.219474][    C1]    __x64_sys_ioctl+0x18e/0x210
[ 2198.219497][    C1]    do_syscall_64+0xcd/0x4e0
[ 2198.219519][    C1]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.219537][    C1] 
[ 2198.219541][    C1]   -> (&new->fa_lock){....}-{3:3} {
[ 2198.219567][    C1]      INITIAL USE at:
[ 2198.219578][    C1]                        lock_acquire+0x179/0x350
[ 2198.219593][    C1]                        _raw_write_lock_irq+0x36/0x50
[ 2198.219614][    C1]                        fasync_remove_entry+0xb2/0x1e0
[ 2198.219639][    C1]                        fasync_helper+0xaf/0xd0
[ 2198.219662][    C1]                        sock_fasync+0x92/0x140
[ 2198.219688][    C1]                        __fput+0x96b/0xb70
[ 2198.219711][    C1]                        task_work_run+0x150/0x240
[ 2198.219731][    C1]                        exit_to_user_mode_loop+0xeb/0x110
[ 2198.219758][    C1]                        do_syscall_64+0x41c/0x4e0
[ 2198.219780][    C1]                        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.219799][    C1]      INITIAL READ USE at:
[ 2198.219810][    C1]                             lock_acquire+0x179/0x350
[ 2198.219826][    C1]                             _raw_read_lock_irqsave+0x74/0x90
[ 2198.219846][    C1]                             kill_fasync+0x138/0x510
[ 2198.219869][    C1]                             n_hdlc_tty_receive+0x186/0x280
[ 2198.219888][    C1]                             tty_ioctl+0x580/0x1680
[ 2198.219908][    C1]                             __x64_sys_ioctl+0x18e/0x210
[ 2198.219934][    C1]                             do_syscall_64+0xcd/0x4e0
[ 2198.219957][    C1]                             entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.219975][    C1]    }
[ 2198.219980][    C1]    ... key      at: [<ffffffff9ae963a0>] __key.0+0x0/0x40
[ 2198.220007][    C1]    ... acquired at:
[ 2198.220014][    C1]    _raw_read_lock_irqsave+0x74/0x90
[ 2198.220034][    C1]    kill_fasync+0x138/0x510
[ 2198.220057][    C1]    evdev_pass_values+0x619/0x9b0
[ 2198.220084][    C1]    evdev_events+0x1bb/0x390
[ 2198.220109][    C1]    input_pass_values+0x74e/0x880
[ 2198.220135][    C1]    input_handle_event+0xf00/0x14d0
[ 2198.220161][    C1]    input_inject_event+0x1e8/0x3b0
[ 2198.220187][    C1]    evdev_write+0x457/0x750
[ 2198.220201][    C1]    vfs_write+0x2a0/0x11d0
[ 2198.220218][    C1]    ksys_write+0x1f8/0x250
[ 2198.220235][    C1]    do_syscall_64+0xcd/0x4e0
[ 2198.220257][    C1]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.220275][    C1] 
[ 2198.220279][    C1]  -> (&client->buffer_lock){....}-{3:3} {
[ 2198.220305][    C1]     INITIAL USE at:
[ 2198.220316][    C1]                      lock_acquire+0x179/0x350
[ 2198.220331][    C1]                      _raw_spin_lock+0x2e/0x40
[ 2198.220349][    C1]                      evdev_pass_values+0x10e/0x9b0
[ 2198.220375][    C1]                      evdev_events+0x1bb/0x390
[ 2198.220401][    C1]                      input_pass_values+0x74e/0x880
[ 2198.220426][    C1]                      input_handle_event+0xf00/0x14d0
[ 2198.220452][    C1]                      input_inject_event+0x1e8/0x3b0
[ 2198.220479][    C1]                      evdev_write+0x457/0x750
[ 2198.220494][    C1]                      vfs_write+0x2a0/0x11d0
[ 2198.220511][    C1]                      ksys_write+0x1f8/0x250
[ 2198.220529][    C1]                      do_syscall_64+0xcd/0x4e0
[ 2198.220551][    C1]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.220569][    C1]   }
[ 2198.220575][    C1]   ... key      at: [<ffffffff9b1664a0>] __key.1+0x0/0x40
[ 2198.220645][    C1]   ... acquired at:
[ 2198.220651][    C1]    _raw_spin_lock+0x2e/0x40
[ 2198.220669][    C1]    evdev_pass_values+0x10e/0x9b0
[ 2198.220694][    C1]    evdev_events+0x1bb/0x390
[ 2198.220719][    C1]    input_pass_values+0x74e/0x880
[ 2198.220749][    C1]    input_handle_event+0xf00/0x14d0
[ 2198.220774][    C1]    input_inject_event+0x1e8/0x3b0
[ 2198.220800][    C1]    evdev_write+0x457/0x750
[ 2198.220815][    C1]    vfs_write+0x2a0/0x11d0
[ 2198.220831][    C1]    ksys_write+0x1f8/0x250
[ 2198.220848][    C1]    do_syscall_64+0xcd/0x4e0
[ 2198.220871][    C1]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.220889][    C1] 
[ 2198.220894][    C1] -> (&dev->event_lock#2){..-.}-{3:3} {
[ 2198.220924][    C1]    IN-SOFTIRQ-W at:
[ 2198.220935][    C1]                     lock_acquire+0x179/0x350
[ 2198.220950][    C1]                     _raw_spin_lock_irqsave+0x3a/0x60
[ 2198.220970][    C1]                     input_inject_event+0x9f/0x3b0
[ 2198.220996][    C1]                     led_set_brightness+0x217/0x290
[ 2198.221025][    C1]                     led_trigger_event+0xda/0x270
[ 2198.221042][    C1]                     kbd_bh+0x21b/0x300
[ 2198.221067][    C1]                     tasklet_action_common+0x281/0x400
[ 2198.221090][    C1]                     handle_softirqs+0x219/0x8e0
[ 2198.221111][    C1]                     __irq_exit_rcu+0x109/0x170
[ 2198.221133][    C1]                     irq_exit_rcu+0x9/0x30
[ 2198.221154][    C1]                     sysvec_apic_timer_interrupt+0xa4/0xc0
[ 2198.221176][    C1]                     asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2198.221211][    C1]                     _raw_spin_unlock_irqrestore+0x31/0x80
[ 2198.221232][    C1]                     do_con_write+0x430e/0x8280
[ 2198.221253][    C1]                     con_write+0x23/0xb0
[ 2198.221273][    C1]                     n_tty_write+0x41c/0x11e0
[ 2198.221297][    C1]                     file_tty_write.constprop.0+0x504/0x9b0
[ 2198.221319][    C1]                     vfs_write+0x7d3/0x11d0
[ 2198.221336][    C1]                     ksys_write+0x12a/0x250
[ 2198.221354][    C1]                     do_syscall_64+0xcd/0x4e0
[ 2198.221377][    C1]                     entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.221394][    C1]    INITIAL USE at:
[ 2198.221405][    C1]                    lock_acquire+0x179/0x350
[ 2198.221421][    C1]                    _raw_spin_lock_irqsave+0x3a/0x60
[ 2198.221440][    C1]                    input_inject_event+0x9f/0x3b0
[ 2198.221466][    C1]                    led_set_brightness+0x217/0x290
[ 2198.221488][    C1]                    kbd_led_trigger_activate+0xcb/0x110
[ 2198.221510][    C1]                    led_trigger_set+0x59a/0xc50
[ 2198.221526][    C1]                    led_trigger_set_default+0x1e0/0x2e0
[ 2198.221544][    C1]                    led_classdev_register_ext+0x7b8/0xa10
[ 2198.221569][    C1]                    input_leds_connect+0x552/0x8e0
[ 2198.221592][    C1]                    input_attach_handler.isra.0+0x176/0x250
[ 2198.221618][    C1]                    input_register_device+0xab9/0x1180
[ 2198.221644][    C1]                    atkbd_connect+0x5f8/0xa40
[ 2198.221663][    C1]                    serio_driver_probe+0x7c/0xd0
[ 2198.221688][    C1]                    really_probe+0x241/0xa90
[ 2198.221714][    C1]                    __driver_probe_device+0x1de/0x440
[ 2198.221740][    C1]                    driver_probe_device+0x4c/0x1b0
[ 2198.221761][    C1]                    __driver_attach+0x283/0x580
[ 2198.221782][    C1]                    bus_for_each_dev+0x13e/0x1d0
[ 2198.221799][    C1]                    serio_handle_event+0x335/0xc30
[ 2198.221824][    C1]                    process_one_work+0x9cc/0x1b70
[ 2198.221843][    C1]                    worker_thread+0x6c8/0xf10
[ 2198.221862][    C1]                    kthread+0x3c2/0x780
[ 2198.221878][    C1]                    ret_from_fork+0x56a/0x730
[ 2198.221895][    C1]                    ret_from_fork_asm+0x1a/0x30
[ 2198.221916][    C1]  }
[ 2198.221921][    C1]  ... key      at: [<ffffffff9b166020>] __key.7+0x0/0x40
[ 2198.221948][    C1]  ... acquired at:
[ 2198.221954][    C1]    __lock_acquire+0x8b7/0x1ce0
[ 2198.221980][    C1]    lock_acquire+0x179/0x350
[ 2198.221994][    C1]    _raw_spin_lock_irqsave+0x3a/0x60
[ 2198.222013][    C1]    input_inject_event+0x9f/0x3b0
[ 2198.222039][    C1]    led_set_brightness+0x217/0x290
[ 2198.222062][    C1]    led_trigger_event+0xda/0x270
[ 2198.222079][    C1]    kbd_bh+0x21b/0x300
[ 2198.222098][    C1]    tasklet_action_common+0x281/0x400
[ 2198.222121][    C1]    handle_softirqs+0x219/0x8e0
[ 2198.222142][    C1]    __irq_exit_rcu+0x109/0x170
[ 2198.222162][    C1]    irq_exit_rcu+0x9/0x30
[ 2198.222182][    C1]    sysvec_apic_timer_interrupt+0xa4/0xc0
[ 2198.222203][    C1]    asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2198.222222][    C1]    _raw_spin_unlock_irqrestore+0x31/0x80
[ 2198.222243][    C1]    do_con_write+0x430e/0x8280
[ 2198.222264][    C1]    con_write+0x23/0xb0
[ 2198.222284][    C1]    n_tty_write+0x41c/0x11e0
[ 2198.222308][    C1]    file_tty_write.constprop.0+0x504/0x9b0
[ 2198.222329][    C1]    vfs_write+0x7d3/0x11d0
[ 2198.222346][    C1]    ksys_write+0x12a/0x250
[ 2198.222363][    C1]    do_syscall_64+0xcd/0x4e0
[ 2198.222385][    C1]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.222403][    C1] 
[ 2198.222407][    C1] 
[ 2198.222407][    C1] stack backtrace:
[ 2198.222418][    C1] CPU: 1 UID: 0 PID: 32208 Comm: syz.6.6777 Not tainted syzkaller #0 PREEMPT(full) 
[ 2198.222442][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2198.222454][    C1] Call Trace:
[ 2198.222461][    C1]  <IRQ>
[ 2198.222468][    C1]  dump_stack_lvl+0x116/0x1f0
[ 2198.222492][    C1]  print_irq_inversion_bug.part.0+0x212/0x270
[ 2198.222522][    C1]  mark_lock+0x2e5/0x610
[ 2198.222552][    C1]  __lock_acquire+0x8b7/0x1ce0
[ 2198.222579][    C1]  ? debug_object_activate+0x2ec/0x4c0
[ 2198.222618][    C1]  ? do_raw_spin_unlock+0x172/0x230
[ 2198.222641][    C1]  lock_acquire+0x179/0x350
[ 2198.222656][    C1]  ? input_inject_event+0x9f/0x3b0
[ 2198.222687][    C1]  _raw_spin_lock_irqsave+0x3a/0x60
[ 2198.222706][    C1]  ? input_inject_event+0x9f/0x3b0
[ 2198.222733][    C1]  input_inject_event+0x9f/0x3b0
[ 2198.222766][    C1]  ? __pfx_input_leds_brightness_set+0x10/0x10
[ 2198.222791][    C1]  led_set_brightness+0x217/0x290
[ 2198.222817][    C1]  led_trigger_event+0xda/0x270
[ 2198.222835][    C1]  kbd_bh+0x21b/0x300
[ 2198.222857][    C1]  tasklet_action_common+0x281/0x400
[ 2198.222883][    C1]  handle_softirqs+0x219/0x8e0
[ 2198.222907][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2198.222932][    C1]  __irq_exit_rcu+0x109/0x170
[ 2198.222953][    C1]  irq_exit_rcu+0x9/0x30
[ 2198.222975][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 2198.222997][    C1]  </IRQ>
[ 2198.223003][    C1]  <TASK>
[ 2198.223010][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2198.223030][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[ 2198.223053][    C1] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 06 4f 00 f6 48 89 df e8 ee a2 00 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 c5 9f f0 f5 65 8b 05 9e 5c 3f 08 85 c0 74 16 5b
[ 2198.223071][    C1] RSP: 0018:ffffc90004e27950 EFLAGS: 00000246
[ 2198.223086][    C1] RAX: 0000000000000006 RBX: ffffffff8f2d7880 RCX: 0000000000000006
[ 2198.223099][    C1] RDX: 0000000000000000 RSI: ffffffff8de52d59 RDI: ffffffff8c163400
[ 2198.223111][    C1] RBP: 0000000000000287 R08: 0000000000000001 R09: 0000000000000001
[ 2198.223123][    C1] R10: ffffffff90ab7697 R11: 0000000000000001 R12: ffff888032ecf035
[ 2198.223135][    C1] R13: dffffc0000000000 R14: ffff88801b899500 R15: ffff88801b899000
[ 2198.223154][    C1]  do_con_write+0x430e/0x8280
[ 2198.223177][    C1]  ? call_rcu_tasks_generic+0x400/0x920
[ 2198.223211][    C1]  ? __pfx_do_con_write+0x10/0x10
[ 2198.223233][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2198.223271][    C1]  con_write+0x23/0xb0
[ 2198.223293][    C1]  n_tty_write+0x41c/0x11e0
[ 2198.223323][    C1]  ? __pfx_n_tty_write+0x10/0x10
[ 2198.223347][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2198.223370][    C1]  ? __pfx_woken_wake_function+0x10/0x10
[ 2198.223393][    C1]  ? kfree+0x24f/0x4d0
[ 2198.223420][    C1]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[ 2198.223443][    C1]  ? __pfx_n_tty_write+0x10/0x10
[ 2198.223468][    C1]  file_tty_write.constprop.0+0x504/0x9b0
[ 2198.223492][    C1]  vfs_write+0x7d3/0x11d0
[ 2198.223511][    C1]  ? __pfx_tty_write+0x10/0x10
[ 2198.223532][    C1]  ? __pfx_vfs_write+0x10/0x10
[ 2198.223550][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2198.223579][    C1]  ksys_write+0x12a/0x250
[ 2198.223597][    C1]  ? __pfx_ksys_write+0x10/0x10
[ 2198.223619][    C1]  do_syscall_64+0xcd/0x4e0
[ 2198.223643][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2198.223661][    C1] RIP: 0033:0x7f741938eec9
[ 2198.223676][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2198.223693][    C1] RSP: 002b:00007f741a24b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2198.223710][    C1] RAX: ffffffffffffffda RBX: 00007f74195e6270 RCX: 00007f741938eec9
[ 2198.223723][    C1] RDX: 0000000000001006 RSI: 00002000000005c0 RDI: 0000000000000005
[ 2198.223744][    C1] RBP: 00007f7419411f91 R08: 0000000000000000 R09: 0000000000000000
[ 2198.223756][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2198.223767][    C1] R13: 00007f74195e6308 R14: 00007f74195e6270 R15: 00007ffdf95a3f18
[ 2198.223785][    C1]  </TASK>
[ 2200.441283][T32182] lo speed is unknown, defaulting to 1000