last executing test programs:

35m31.371995193s ago: executing program 32 (id=3):
r0 = getpgrp(0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20000, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@minixdf}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
syz_mount_image$fuse(&(0x7f0000000040), 0x0, 0x308a0ba, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000400)=ANY=[@ANYBLOB='shortname=lower,rodir,nonumtail=0,uni_xlate=1,uni_xlate=0,fmask=00000000000000000005645,shortname=lower,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c757466383d312c6e6f636173656c757466383d302c616c6c6f775f7574696d653d30303030303030303030303030307030303030303030372c726f6469722c756e695f786c6174653d302c75130000000000000030303030303030303030303030303030303237302c6e6f6e756d7461696c3d302c696f636861727365743d63703737352c00"], 0x0, 0x2c0, &(0x7f0000000c80)="$eJzs3U9rI2UYAPBn0mQS9ZAcPInggB48Ldu9ekmRXRB7cslBPWhxd0GaIGyh4B+MPXn14sGDn0AQ/CBe/AaCV8GbFQqvzGTSJE1MG2kqbn+/S5++8zzvPPPOtJ0e+vbDl0eHj4p4cvLFr9HpZNHoRz9Os+hFI6a+igX9bwIA+D87TSn+SBOb1GUR0dleWwDAFl3t539zFv50I20BAFv08N333t7b37//TlF04sHo6+NB+Zt9+XFyfO9JfBzDeBx3oxtnEdWLQiuqt4UyfJBSGjeLUi9eG42PB2Xl6IOf6/n3fo+o6nejG71q6Pxto6p/a//+bjExVz8u+3i+Pn+/rL8X3XjxvHih/t6K+hjk8fqrc/3fiW788lF8EsN4VDUxq/9ytyjeTN/++fn7ZXtlfTY+HrSrvJm0c8O3BgAAAAAAAAAAAAAAAAAAAACAZ9ideu+cdlT795RD9f47O2flJ60opnqL+/NM6rPpRPP7A6WUxim+n+6vc7coilQnzuqb8VJzfmNBAAAAAAAAAAAAAAAAAAAAuL2OPv3s8GA4fPz0WoLpbgDNiPjrYcS/nac/N/JKrE9u1+c8GA4bdbiY05wfiZ1pThaxto3yIq5pWS4LnlvquQ5++HHTCTuX57RWn2vDoLMuZ/p0HR5kq9ewHefz1A/Jd3nELCePK7aR/9OhFJs8fvnKQ92NlyV/oQrGa3IiW9fYG79NVq4eyS5eRV6t6sryVh3MlV94NpbvReoufRVEZ1K+/L0is1sHAAAAAAAAAAAAAAAAAABs1ezvgVccPFlb2kjtrbUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdq9v//NwjGdfEVkvN4evQfXyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC3wN8BAAD//wCUW3g=")
prctl$PR_SCHED_CORE(0x3e, 0x6, r0, 0x2, 0x0)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000002340)='cpuset\x00')
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xfffe, 0x8, @mcast2, 0x9}, 0x18)
pread64(r3, &(0x7f0000002380)=""/253, 0xfd, 0x4eb)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r2, 0x0, 0x0)
fchdir(r4)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
lseek(r5, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000300)={[{@sysvgroups}, {@noblock_validity}, {@jqfmt_vfsv0}, {@grpquota}, {@noinit_itable}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@grpid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x80, 0x54f, &(0x7f0000000a00)="$eJzs3c9vHFcdAPDvbLxufji1SzlAJUqBoqSC7MY1bS0OJUgITpUQ5R6MvbGsrL2Rd93GViScvwAJIUBwggsXJP4AJBSJC0eEFAnOIBWBEDhwQAIy1cyOHdeZ3WzSza5/fD7SZN68+fF9bzYznjfzNBPAifVSRFyJiPtpmr4SEdNFfqUYYrs7ZMvd27m1mA1JpOnb/0giKfJ2t5UU43PFaqcj4htfi/h28nDc9ubW9YVms7FeTNc7qzfq7c2tSyurC8uN5cba3Nzs6/NvzL82f3ko9TwfEW9+5S8/+O7Pv/rmrz//7p+v/u1iVu2YKubvr8djyHbRRL8FulWv5vtiV7bC+hMEO6wm8hoWzpQtkaZpej+d3pdzeyQlAwDgoOwC9iMR8emIeCWm41T/y1kAAADgCEq/NBX/S7pPaEpM9sgHAAAAjpBK3gc2qdSKvgBTUanUat0+vB+Ns5Vmq9353LXWxtrS3R9PRcRMVCvXVpqNy0Vf4ZmoJtn0bJ5+MP3qgem5iHguIr4/fSafri22mkvjvvkBAAAAJ8S5A+3/f0932/8AAADAMTPzcFZlHOUAAAAAnp6S9j8AAABwzGj/AwAAwLH29bfeyoZ09/vXS+9sblxvvXNpqdG+XlvdWKwtttZv1JZbreX8nX2r+9c9VbK9Zqt14wuxtnGz3mm0O/X25tbV1dbGWufqygc+gQ0AAACM0HOfvPPHJCK2v3gmHzKT4y4UMBITe6mkGJcc/X96tjt+b0SFAkai7B7+Qe89M4KCACM38URrpYOcNoBDrjruAgBjlzxifs/OO78rxp8abnkAAIDhu/Dx3s//+38DYNsnAuCIcxDDyXXgQV46Pa6CACOXP/8ftMOviwU4VqoD9QAEjrMP/fz/kdL0sQoEAAAM3VQ+JJVacXtvKiqVWi3ifP5ZgGpybaXZuBwRz0bEH6arz2TTs/maySPbDAAAAAAAAAAAAAAAAAAAAAAAAABAV5omkfZzpe9cAAAA4AiIqPw1+U33Xf4Xpl+eOnh/YDL5T/5J4MmIePcnb//w5kKnsz6b5f9zL7/zoyL/1XHcwQAAAAAO2m2n77bjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY7u3cWry3cyv9786txVHG/fuXI2JmL34+dOdMxOl8fDqqEXH2X0lM7FsviYhTQ4i/fTsiPlYWP8mKtReyLP6Zpx8/Zoq9UBb/3BDiw0l2Jzv/XCk7/irxUj4uP/4mIj4w/aR6n/9i7/x3qsfxf37AGC/c/WW9Z/zbES9MlJ9/duMnD8VPinFloPjf+ubWVq956U8jLkR5/P3R6p3VG/X25talldWF5cZyY21ubvb1+TfmX5u/XL+20mwU/5bG+N4nfnW/X/3P9og/07P+3TK9PFDtI/5/9+bO8z3+XmXxL36mJP5vf1Ys8XD8SrGtzxbpbP6F3fR2N73fi7/4/Yv96r/0oP7VwX7/bsyL/av94AccxoECAAxNe3Pr+kKz2Vg/Conqk6yVtdLLZj1f7IEPX7DJw7J/JB4z8Z2hbjBN07TH/6g7ETHIdpI4DLslT4z3vAQAAAzfg4v+cZcEAAAAAAAAAAAAAAAAAAAATq4hvjNssvQ1eyVvFtjeSyXeDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBrvBwAA//9pfNv4")

29m0.965188477s ago: executing program 33 (id=810):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x0, 0x200000, 0x0, 0xb49, 0x2, 0x7, 0x0, 0x1}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, 0x0, 0x0)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sndpcmc(&(0x7f00000000c0), 0x7, 0x642040)
ioctl$SNDRV_PCM_IOCTL_REWIND(r3, 0x40044146, &(0x7f0000000100)=0x7c8)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg$alg(r5, &(0x7f0000004140)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000001c0)="14", 0x1}, {&(0x7f0000000280)="3b942cdf3dbb4d708446209c8a7a9893c711167b6aee1ac4a8cc59d92a394f460b20f21b9add9e84d2dba9e6df8034c449e64138a4aea2a8df6d35031bd326", 0x3f}], 0x2}], 0x1, 0x0)

27m42.563902705s ago: executing program 34 (id=1014):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x8000, &(0x7f0000000280)={[{@nolazytime}, {@lazytime}, {@mblk_io_submit}, {@resuid}, {@block_validity}, {@abort}]}, 0xff, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x4000087, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x4a, 0x0, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000400)=[{{&(0x7f0000000240)={0xa, 0x4e23, 0x800, @mcast2}, 0x1c, 0x0}}], 0x1, 0x60040000)

23m6.873916402s ago: executing program 6 (id=2113):
syz_mount_image$hfsplus(&(0x7f0000000980), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x9, 0x6ea, &(0x7f0000000280)="$eJzs3c9vHGf9B/D3rNeON98qX6dNaCSKsBKpIEUkTqwUwiUGIZRDhapy6NlKnMbqJqkSF6UFQQoITkgc+gcUJN84ICTuQeHCpdx69bESUi8RQlEltGhmZ9e79jr2Jv6RwOsVjed55sfzfOYzz8x411ltgP9Zl0+neT9FLp9+/W5ZX1udb6+tzh+qV7eTlOVG0uzOUtxMigfJQrm+GJgyMN/ko+WLb376cO2zbq1ZT9X2E/39pncU8og+7tVTZuv2ZkfuObmj9rttVeHlhSRX6vmwqZ22NbRhmbRT9RwOXGeTe+PsvuX1Djz7qqfTj7+czFTPzU1mksP1k7n6naC+OzT2Ncg9MNZdDgAAAJ5Tn9w66AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+VOk+v7/op4a9TyzKXrf/z/VW1aXn0ELO97y/p7GAQAAAAAAAAD746uP8ih3c6RX7xTV3/xPVpVj+aKT/F/ey50s5XbO5G4Ws5KV3M65JDMDDU3dXVxZuX2uv2dp9J7nR+55fr+OGAAAAAAAAAD+K/08rfW//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLOgSCa6s2o6lvyrnGcmjWbW1+Ve8vckUwcd7xiKDfV/d7oOKBwAAAB4MtNPsM//P8qj3M2R3uvjTlG+5s+Xqvp03svNrGQ5K2lnKVfr19Dlq/7G2up8e211/kY5lfXhOL7z+VhhTNUtTFS1UT2fqLZo5VqWqyVncqUK5moa3b5PJSd68QzENeDDz9fDvHRph5E167SWnf12xLsIu+f+UK3xmC1b68El/YzM1bGVex7tZqCo3qhJNmZi27PTHKrNVK1O9ns6l0b/nZ9j2+c8xaXaNr32HK7n5fH8ak9zPq5+JhqpMnG+N/rKa+bxmUi+9uc/vHW9ffOd69funH52DmkbE1ss3zgm5gcy8fJznYnmmNvPVZk43q9fzvfzw5zObN7I7SznR1nMSpbSe6NxsR7P5c+Zx2dqYaj2xnaRTNXnpXvOdhLTbL5XlRZzstr3SJZT5FauZimvVf/O51y+mQu5kIsDZ/j4lnFXx1Zd9Y2NV33vTP9lZPCnvl4Xyrvbr9fvcguPO+KtRudu6d77y7weHchrd9Q/7G91dOA6mBvI0ou97EyObHy8e+OGt9rLPn6xzXNif83UmSgvoN5TohfdS91MNKtn0eZx/rtOuV/aNzud64vvbtH+vQ31V+t5OaxWv7Ld1j2jT8XuKk/Vi5mu7yTDo6Nc91L/LjOwrrM+lrvrhp+45X7Hq3VF0btSf5Bb1QDYfKVO1b/DbWip38XLI3uZr/Y7MbBu6Pet3Eo7V/chfwA8ib+91S/O5PBU6x+tT1oft37Zut56ffq7h7516JWpTP518tvNuYlXG68Uf8rH+Wn1+h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhKd97/4J3Fdnvp9uhCY+tVQ4VWNi7ZquVDo9sp6i/02UFfz0VhOsnQkup7jnali+YY7bQ2htEtTCSpl3R+lux7fnrfaTV6m9+UheamETWqsDC05I+bG/xwzAiLnV0Xe1hoZH87LcfCqFUHeFMC9sXZlRvvnr3z/gffWL6x+PbS20s3Jy9cuDh38cJr82evLbeX5ro/DzpKYC+sP/QPOhIAAAAAAAAAAABgp0Z9MODkCyM/NDLuZzz8z0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgV1w+neb9FDk3d2aurK+tzrfLqVde37KZpNFIip8kxYNkId0pMwPNFfn9g3RG9PPR8sU3P3249tl6W83u9kmjnm/t8WuT3KunzCaZqOdPYai9K0/dXvHP3jGUCfui0+ksPF18sDv+EwAA//8BQfjb")
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001400add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

23m3.381991349s ago: executing program 6 (id=2136):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0x40405515, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x4000}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0xfffffffffffffffc, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7ad, 0x0, 0x0, 0xc7, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7fff, 0x7, 0x0, 0x8]})
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet(0x2, 0x3, 0x2)
sendto$inet(r1, 0x0, 0x0, 0x800, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x4000000000001, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
sendfile(r3, r3, 0x0, 0x40008)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

23m2.240122065s ago: executing program 6 (id=2144):
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, 0x0, &(0x7f00000002c0))
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
ioctl$BLKTRACESTOP(r0, 0x1275, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
sendmmsg$sock(r1, 0x0, 0x0, 0x0)
shutdown(r1, 0x1)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
fsopen(0x0, 0x1)
r4 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_QUERYCTRL(r4, 0xc0445624, &(0x7f0000000340)={0xffffff80, 0x1, "9e2ae6fb200c976a3b82c85b4cf1a4a47b390f9521b1add9abb4c78d079ea7fe", 0xff, 0x5, 0x0, 0xc, 0x200})

23m0.867178382s ago: executing program 6 (id=2148):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffffff858500000071000000180100002020732500000000002020207b1af8ff00000000bfa1000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000001}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x2, 0x1}, 0x20)
mount(&(0x7f0000000380)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000340)='nilfs2\x00', 0x800000, 0x0)
add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f0000000300)={'fscrypt:', @desc3}, &(0x7f0000000440)={0x0, "8527d2100090af54bfbca283be11c0de7af30e90937920fcba13d90af61beaa44d66a6535daf1bc35fb3af1e9197e31d26589d073c10184095fb00", 0x14}, 0x48, 0xffffffffffffffff)
unshare(0x2c020400)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r4, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/comedi2\x00', 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x1411, 0x1, 0x70bd26, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x80)

22m59.356950449s ago: executing program 6 (id=2154):
syz_usb_connect$hid(0x6, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000010ac0100000001000000010902240001000000000904000001030000000921ffff000122"], 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000dae11c105e048402"], 0x0)

22m56.988635521s ago: executing program 6 (id=2165):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0xc2900, 0x0)
sendfile(r4, r5, 0x0, 0x201f00)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300))
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}, @in={0x2, 0x4e24, @remote}], 0x2c)
syz_emit_ethernet(0x76, &(0x7f0000000580)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d3ffff", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x502, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @remote, [@hopopts={0x3a}, @srh={0xc, 0x0, 0x4, 0x0, 0x9, 0x20, 0x2}]}}}}}}}, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000280)={@remote, @rand_addr=' \x01\x00', @empty, 0x7, 0xc6, 0x9, 0x400, 0x80004, 0x1000040})
syz_init_net_socket$llc(0x1a, 0x1, 0x0)

22m56.451161963s ago: executing program 4 (id=2169):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f0000000180)=0x4, 0x4)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff004)

22m51.966889922s ago: executing program 4 (id=2186):
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c362023eb3d259266ec9c37865c6c1a4640ce1b1d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e2485bdec66e11efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606d5c3b90400000000000000c279f035580895b520a227d61dcc3a633bffff250b0a170e7f5670e419dc44febf7ddc73fd4ada0b6c28665f7f92f6a90277469af38103a2584ab40a68e528329d97afc3612e325c1eb4020000006a974448faffffffffffffff00", "0615b3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc75776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086cbd2a7102ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d6932570280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c0716de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab4661384b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d4f4a058b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e03115070000000000003a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb04098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590b38cfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6fa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
syz_usb_connect$hid(0x6, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000dae11c105e048402"], 0x0)

22m48.135987541s ago: executing program 4 (id=2203):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000580)}], 0x2}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}], 0x2, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00', <r0=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000e00)=ANY=[@ANYBLOB="7c0100", @ANYRES16, @ANYRES32, @ANYRES32=r0, @ANYBLOB="400001801400020070696d36"], 0x17c}, 0x1, 0x0, 0x0, 0x4008004}, 0x20000080)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3be", 0x6)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

22m44.633123719s ago: executing program 4 (id=2221):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1ec)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0), 0x8, &(0x7f00000002c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8018, 0x1f7)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x201, 0x4000003e, r3, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000080)={0x8})

22m39.093622829s ago: executing program 35 (id=2165):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0xc2900, 0x0)
sendfile(r4, r5, 0x0, 0x201f00)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300))
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}, @in={0x2, 0x4e24, @remote}], 0x2c)
syz_emit_ethernet(0x76, &(0x7f0000000580)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d3ffff", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x502, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @remote, [@hopopts={0x3a}, @srh={0xc, 0x0, 0x4, 0x0, 0x9, 0x20, 0x2}]}}}}}}}, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000280)={@remote, @rand_addr=' \x01\x00', @empty, 0x7, 0xc6, 0x9, 0x400, 0x80004, 0x1000040})
syz_init_net_socket$llc(0x1a, 0x1, 0x0)

22m38.867726475s ago: executing program 4 (id=2224):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
ftruncate(0xffffffffffffffff, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x8000})

22m36.328086586s ago: executing program 4 (id=2236):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0xc, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
lseek(r1, 0x80000000008, 0x1)

22m35.49980187s ago: executing program 36 (id=2236):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0xc, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
lseek(r1, 0x80000000008, 0x1)

19m19.986368355s ago: executing program 5 (id=3828):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000800)='%pK    \x00'}, 0x20)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x129942, 0x18)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x80, 0x88}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
fcntl$setlease(r3, 0x400, 0x1)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x22060, 0x0)
r6 = timerfd_create(0x0, 0x0)
timerfd_settime(r6, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
read(r6, &(0x7f0000000240)=""/123, 0x7b)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x100000001, 0x2, 0x3, 0x0, 0x6})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r7, 0x0)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r8, 0x89f3, &(0x7f00000003c0)={'sit0\x00', &(0x7f00000002c0)={'gre0\x00', 0x0, 0x80, 0x8000, 0xaace, 0x18b, {{0x5, 0x4, 0x1, 0x3c, 0x14, 0x68, 0x0, 0x0, 0x0, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}})
r9 = socket$netlink(0x10, 0x3, 0x1)
writev(r9, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7101400000000000000ffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r10, r2, 0x25, 0x0, @void}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000880)={{0x1, 0x1, 0x18, <r11=>0xffffffffffffffff, {0xee01, 0xee01}}, './file0\x00'})
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1e000000080000000300000005000000a0000000", @ANYRES32=r0, @ANYBLOB="ff0f00"/20, @ANYRES32=r2, @ANYRES32=r11, @ANYBLOB="05000000050000000000000005000000000000067ca2000000000020000000"], 0x50)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r13}, 0xc)

19m19.732109416s ago: executing program 5 (id=3830):
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x480f0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5fb, @value=0x3})
r0 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000540)="bc3009bb66682c9d4233b0cc", 0xc, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, 0x0, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)

19m19.640256243s ago: executing program 5 (id=3832):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x48)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x17) (fail_nth: 1)

19m19.224019333s ago: executing program 5 (id=3833):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
mount_setattr(r0, 0x0, 0x8000, &(0x7f00000002c0)={0x1, 0xa, 0x80000, {r0}}, 0x20)

19m19.066378426s ago: executing program 5 (id=3835):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x100000, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 1)

19m18.016520908s ago: executing program 5 (id=3844):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000240)={0x13, 0x10, 0x7, {0x0, r4, 0x3}}, 0x18)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2$9p(&(0x7f0000000040), 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0xffc0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a300000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000004000380140000000000010000000000000000000100000a"], 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$IPSET_CMD_TEST(r7, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x38, 0xb, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x101}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000040)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x110})
ppoll(&(0x7f0000000080)=[{r8, 0xa608}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000e"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
bind$can_j1939(r5, &(0x7f00000000c0), 0x18)
connect$can_j1939(r5, &(0x7f0000000140), 0x18)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time\x00')
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x688200, 0x0)

19m17.682805614s ago: executing program 37 (id=3844):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000240)={0x13, 0x10, 0x7, {0x0, r4, 0x3}}, 0x18)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2$9p(&(0x7f0000000040), 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0xffc0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a300000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000004000380140000000000010000000000000000000100000a"], 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$IPSET_CMD_TEST(r7, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x38, 0xb, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x101}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000040)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x110})
ppoll(&(0x7f0000000080)=[{r8, 0xa608}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000e"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
bind$can_j1939(r5, &(0x7f00000000c0), 0x18)
connect$can_j1939(r5, &(0x7f0000000140), 0x18)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time\x00')
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x688200, 0x0)

10m14.648976748s ago: executing program 7 (id=6172):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

10m14.417117565s ago: executing program 7 (id=6174):
syz_usb_connect(0x0, 0x371, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e237"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x76)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRES16=r2, @ANYRES32=r2, @ANYRESDEC=r2, @ANYRES8=r2])
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0x82, &(0x7f0000000200)={0x7939, 0x2, 0x8206, 0x84, 0xe2, 0x0, 0x5, 0x3575}, &(0x7f0000000080)=0x20)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x1d, 0x2, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000140)={'vxcan1\x00'})
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000300)=<r6=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f00000004c0)={@in6={{0xa, 0x4e23, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}}, 0x0, 0x0, 0x22, 0x0, "baf8f226f732b2b896436e90064e642532795fb1775412b385e6f5637eabee1aa022e21e911cc0df56c6e2d353305b842058739adf094d5aadda1e315e1059efecd53bb85aea1070f51b9ba9f77bd70f"}, 0xd8)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r6, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./bus\x00', 0x2308a1, 0x0, 0x3e, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./bus\x00', 0x3000408, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x4002, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c2)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x64fc3dd73500ef8c, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_off}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x8, &(0x7f00000005c0)={[{@lowerdir={'lowerdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0/file0'}}, {@redirect_dir_follow}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@fowner_lt}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@euid_gt}, {@appraise_type}]})
syz_mount_image$fuse(&(0x7f00000001c0), 0x0, 0x322020, 0x0, 0x1, 0x0, 0x0)

10m12.310205225s ago: executing program 7 (id=6187):
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000200)='./file0\x00', 0x810410, &(0x7f0000001a00)=ANY=[], 0xdd, 0x219, &(0x7f00000002c0)="$eJzsmT9oFEEUxr+Zm9tNYhBsLGwsjBjQbHb3VNKkiGAvxL+di9mEM5uc3K1wWRAMNjaWFoKtpY2FRSoLOztbLaIgWJjSLjAys7O7k3ib6CWo4PvBzX375u2b92ZnX3EHgiD+Wz5/+r755NLM1XMAxjEB19i/NtS4qTW3/D8+u3/26ezl568+vHi7evTBxu546n6WS7b3yiN6HAXwZq6BVCsIQErbayIPJYy75hqapb4BhtNG3wbHdaNjMNwy+q6lO6PF8rF3p5MsLLaT2FdDsNhOXCjVstcXALbWGRZMxlJKaRfWW8uWoySJu5ZQ80nTlLFzaiix1y7q/OY4Zs21yk89r5uPH62ra8/YfXCzl0AAjsDoFhjmc7k9Axee51VbYtV/QlTxG/vUP1yRdVONnjpTlqU4ovsEfJktH5s6hMSGFCs4tIDNg8c5gkydyr+2G/+UYLstamtKy/GtjXc/3/XlN9diD/NDak2xAa+M8ydKLnpnlKjX2Zp6P3awyI6paKBP1Z+YAM5Y/UlAFO1DZXZvureWTbVXoqV4KV4Nw9ZF/7zvXwindSPKR+M+Xvad7bL/jej+NFbGZ7JZ0ysd5qAfpWk36ANpNyivwz7fWQnmX3e+aQPX/Y9j8lTuoB6iLtsdvAYzH66/lZqs2qWoSYwgCIIgCIIgCIIgCIIgCOKXOAmmf2U1f1TJGsIr2vtHAAAA//+bi04Z")
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f80)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100000001000089}, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0f00000004000000040000001200000000800000", @ANYRES32, @ANYBLOB="000000bab5be0c694fc4667efb4ff83af1c20decac2c061eda72dfefda56bd118caad4372bdcbf8964c762b7aba7a32452a882cb6f9176955252f940735bdbccd7c4abcbc5f0c5e4716d36fcc2a03b5c88b83a3d1bccd004b4b7fadc2ee5a6acc1a8f0247bd316fb1549dea9766b947e295846ff04", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32], 0x50)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000100)={0x0, 0xea60}, 0x10)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, '.'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}]})

10m7.706057508s ago: executing program 7 (id=6197):
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000001c0)={0x1, 0x1, {<r0=>0x0}, {0xffffffffffffffff}, 0x2, 0x9})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r1, 0x8912, &(0x7f0000000080)=@req={0x28, &(0x7f0000000040)={'dvmrp0\x00', @ifru_addrs=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x2, 0x1}}}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000300)={&(0x7f00000002c0)=[0x0], 0x1, 0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$COMEDI_BUFINFO(r2, 0xc02c640e, &(0x7f0000000400)={0x7ff, 0x4, 0xbd13, 0x81, 0xfffffbff, 0x1, 0x5ae})
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000000)={{0x2, 0x4e23, @rand_addr=0x64010100}, {0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}}, 0x4, {0x2, 0x4e20, @rand_addr=0x64010102}, 'veth1_vlan\x00'})
capset(&(0x7f0000000200)={0x20071026, r0}, &(0x7f0000000280)={0x0, 0x80000001, 0x4, 0x81, 0xffffffff})
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)

10m7.211477429s ago: executing program 2 (id=6198):
restart_syscall()
restart_syscall() (async)
restart_syscall()
restart_syscall()
restart_syscall() (async)
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall() (async)
restart_syscall()
restart_syscall() (async)
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall() (async)
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall()
restart_syscall() (async)
restart_syscall()
restart_syscall() (async)
restart_syscall()
restart_syscall() (async)
restart_syscall()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r0)
restart_syscall()
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd4, r2, 0x20, 0x70bd27, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1d45c7a8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4c}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7fffffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4000800}, 0x4800) (async)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd4, r2, 0x20, 0x70bd27, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1d45c7a8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4c}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7fffffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4000800}, 0x4800)

10m6.891808438s ago: executing program 2 (id=6201):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0xfffffffffffffed5, 0x0, &(0x7f00000003c0)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000300)={@ptr={0x70742a85, 0x1, &(0x7f0000000240)=""/60, 0x37, 0x0, 0x17}, @fda={0x66646185, 0x6, 0x2, 0x36}, @flat=@binder={0x73622a85, 0x1000, 0x1}}, &(0x7f0000000380)={0x0, 0x28, 0x48}}, 0x400}], 0x0, 0x0, 0x0})
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, <r3=>0x0}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x82f49000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r7, 0x4008af14, &(0x7f0000000340)={0x1, 0x9})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001200)=ANY=[@ANYRESHEX=r4, @ANYRES32=r5, @ANYRES16=r1, @ANYRESDEC, @ANYRES64=r3, @ANYRESHEX], 0x48}}, 0x40041)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})

10m4.765482503s ago: executing program 7 (id=6217):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x8081, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000002c0)=[@text16={0x10, &(0x7f0000000200)="bad104ec360f08baf80c66b834e24c8d66efbafc0cecb8e6000f00d866b80500000066b9150000000f01d966b80e0000000f23d80f21f86635000000500f23f8660f3882700d0f323ef30f09440f20c0663506000000440f22c0", 0xfffffffffffffd47}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10m4.503074318s ago: executing program 2 (id=6220):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x3, 0x174, &(0x7f0000000240)="$eJzsmD9PwkAYxp9rESJxcMZBE0lEI6UtalxMJPEDmOCfsEGkErSIQgdh85MYv4CLu/GjKJMLo3NN2wNOouKgJsbnN7z3vNe317u3ydOkIIT8W3pPL48XvcaKDmAGaSTk/LM+qtGU+tVssTl3vZ28K9+WdlL3/fH1BADf//rzYwAeCjo8mfv+27vTctyDNtT70LAs9SEEDKnL0HAgtQOBktQnim4G9YZxXHcd46jpVgNhBsEKgh2E/Pj++lcCVWV/Qrne7nRPK67rtH5QTOpfv6BhS9mf+r4GvTGV/lnQYEmdh0BR6k0kBr2JWqKcPxUbra//8vkpKCj+mhj5k38jsKT4U0zxj5zXOM+1O91svVGpOTXnzLbzG+aaaa7budCIoviJ/02H/pRU1p/6oDYu4riseF7LiuIwt6P4nuPGQ//TkFmMciHnVMLvwaxYCIaMLnNCCCGEEEIIIYQQQgj5duYhwr+gE7B3w+rXAAAA//9nP3XZ")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

10m3.90229061s ago: executing program 2 (id=6224):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getgroups(0x9, &(0x7f00000000c0)=[0xee00, 0xee01, 0xee01, 0xee01, 0x0, 0xee01, 0xee01, 0xee01, 0xffffffffffffffff])

10m3.311911409s ago: executing program 2 (id=6228):
unshare(0x22020600)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x8, &(0x7f0000000a00)=@framed={{}, [@jmp={0x6, 0x0, 0xc, 0x0, 0x0, 0x1, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit, @cb_func={0x18, 0x0, 0x4, 0x0, 0xffffffffffffffff}]}, &(0x7f0000000100)='GPL\x00', 0x6, 0x10a, &(0x7f0000000280)=""/266, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
gettid()
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
ioctl$SIOCSIFHWADDR(r0, 0x8948, &(0x7f00000002c0)={'bond0\x00', @random="d8b30100"})

10m3.311742145s ago: executing program 7 (id=6229):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, 0x0, 0xfffffff9, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66)

10m1.839422882s ago: executing program 2 (id=6243):
socket$packet(0x11, 0x2, 0x300)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x47, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x80008, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

9m47.095724113s ago: executing program 38 (id=6229):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, 0x0, 0xfffffff9, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66)

9m45.751726304s ago: executing program 39 (id=6243):
socket$packet(0x11, 0x2, 0x300)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x47, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x80008, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3.70222024s ago: executing program 0 (id=9265):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000fa0000000000000000010000851000000600000018", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500"], &(0x7f0000000000)='GPL\x00', 0x2, 0xd8, &(0x7f00000001c0)=""/216, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00006000000080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0x800)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x8090}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(r5, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f00000001c0)}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000003c0)}], 0x1, &(0x7f0000000800)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xe}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7f}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}], 0x80}}], 0x3, 0x0)

3.444910268s ago: executing program 0 (id=9268):
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
unshare(0x22020600)
pselect6(0x40, &(0x7f0000000240)={0x2, 0x0, 0x4, 0x3, 0x2, 0x0, 0x100, 0x5}, &(0x7f0000000040)={0x1d, 0xfffffffffffffffe, 0x40, 0x7eff, 0x0, 0xfffffffffffffffe, 0x71e7, 0x4}, 0x0, 0x0, 0x0)

2.647784195s ago: executing program 0 (id=9272):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000b00)=""/209, 0xd1, 0x0, 0x2, 0x3}}, 0x48)

2.513231699s ago: executing program 1 (id=9274):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
pwritev2(r0, &(0x7f0000001140)=[{&(0x7f00000004c0)='\x00', 0x1}], 0x1, 0x6, 0xde, 0x30)

2.396314446s ago: executing program 0 (id=9276):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r2=>0x0})
write(0xffffffffffffffff, &(0x7f0000000040)="240000001e005f0214fffffffffffff807000000010000000000000005", 0x1d)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)

2.228785148s ago: executing program 1 (id=9278):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000e80)={0x0, [{0x3, 0x8, 0xffff, &(0x7f0000000300)="d4"}, {0x3, 0x0, 0x7, 0x0}, {0x3, 0x18, 0x401, &(0x7f0000000000)="9793b5"}, {0x2, 0x0, 0xfffffff1, 0x0}, {0x1, 0x0, 0x8, 0x0}, {0x3, 0x0, 0x428, 0x0}, {0x1, 0x0, 0x81, 0x0}, {0x2, 0x0, 0xa, 0x0}, {0x1, 0x0, 0x200499d, 0x0}, {0x3, 0x0, 0x4, 0x0}, {0x1, 0x0, 0x5, 0x0}, {0x1, 0x0, 0xa, 0x0}, {0x7, 0x0, 0x8009, 0x0}, {0x2, 0x0, 0x4, 0x0}, {0x1, 0x0, 0xa, 0x0}, {0x2, 0x0, 0x8, 0x0}]})
ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0x8080000, 0x4, 0x4, 0x401, 0x0, [{0x3, 0x1, 0xfc, '\x00', 0x9}, {0xb8, 0x5, 0xbb, '\x00', 0x5}, {0x7, 0x4, 0x0, '\x00', 0x56}, {0x5, 0xa, 0x40, '\x00', 0x7}, {0x4, 0x1, 0xa8, '\x00', 0x8d}, {0x1, 0xe, 0x51, '\x00', 0xe}, {0x16, 0x1, 0x5, '\x00', 0xa}, {0x7, 0x1, 0x4, '\x00', 0x5}, {0x9, 0x9, 0x92}, {0x0, 0x71, 0x9, '\x00', 0x68}, {0xd, 0x2, 0xe6}, {0xe0, 0x4, 0x7, '\x00', 0x3}, {0x5, 0x5, 0x15, '\x00', 0x5b}, {0x4, 0x0, 0x9, '\x00', 0x2}, {0x40, 0x1, 0x6, '\x00', 0xf1}, {0xff, 0xad, 0x0, '\x00', 0x7f}, {0x1, 0xb, 0x0, '\x00', 0x7}, {0x8, 0x8, 0x81, '\x00', 0xee}, {0x3, 0x7e, 0x4, '\x00', 0x6}, {0xe1, 0x0, 0xe, '\x00', 0x2}, {0x8, 0x7, 0x2, '\x00', 0x3}, {0x8, 0x7, 0xbe, '\x00', 0x5}, {0x6, 0x2, 0xd0, '\x00', 0x5}, {0xfb, 0x4, 0x8, '\x00', 0xfc}]}})

2.087915475s ago: executing program 0 (id=9280):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000980)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026c170000400000027"], 0x2c}, 0x1, 0x0, 0x0, 0x2048050}, 0x880)

1.81303071s ago: executing program 0 (id=9282):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x20000014})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0x80000001})
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000040)={0x20000014})

1.509107638s ago: executing program 1 (id=9285):
socket(0x1e, 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r1, 0x0, 0x3})
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

917.229226ms ago: executing program 1 (id=9287):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000780)={{0x77000, 0xeeee8000, 0x9, 0x6, 0x3, 0x2, 0x4, 0x9, 0x1, 0x5, 0x80, 0x80}, {0x8000000, 0x70000, 0x3, 0x9, 0x2, 0x5, 0x48, 0x9, 0xf9, 0x0, 0x0, 0x1}, {0x7000, 0x8080000, 0xd, 0x7, 0x5, 0x2, 0x1, 0x0, 0xc2, 0x5, 0x3, 0x5}, {0xc000, 0xf000, 0xc, 0x80, 0x6, 0x7, 0x5, 0x4, 0xff, 0x1a, 0x7, 0x3}, {0xffffffff, 0xfec00000, 0x0, 0x8, 0xc0, 0xc6, 0x6, 0x9, 0x77, 0xf, 0x7f, 0x6}, {0xeeee0000, 0x3000, 0xa, 0xbd, 0x7, 0x5, 0x0, 0x5, 0x1, 0x8, 0x4, 0x9}, {0x70000, 0x54000, 0x0, 0x5, 0x40, 0xd9, 0xc5, 0x9, 0x5, 0x92, 0x7f, 0x8}, {0x9000, 0x100000, 0xb, 0xc1, 0xb, 0x1c, 0x7, 0x1e, 0x4, 0x2, 0x10, 0x6}, {0x6000, 0x7b95}, {0xffffffff, 0x8}, 0x8, 0x0, 0x60000, 0x600120, 0x3, 0xa401, 0x1000, [0x7ff, 0x80, 0x0, 0xfff]})

596.491075ms ago: executing program 3 (id=9292):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x4, 0x1, 0x4}, 0xc)
r1 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040b827ed0100000000000109022400010000000009040000010300000009210000200122050009058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f0000000b00)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x0, "efb9ce47"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000640)={0x84, &(0x7f0000000180)={0x0, 0xc, 0x4, "e8c7d131"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x0, 0x3, 0x0, 0x230d}, 0xc)

596.410823ms ago: executing program 3 (id=9293):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='./bus\x00', 0x2000014, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64, @ANYRESDEC, @ANYRESDEC, @ANYRESHEX, @ANYBLOB="0ea1a3ed758749a35b0cf19e7301710a8a7c5e7fe9b7c49589266bd5045f15f1817fcc4ea04eeac3f0df37b8beaeafc22a5a08a1a70024"], 0xfe, 0x2db, &(0x7f0000000bc0)="$eJzs3U1rE2sUwPHTprdJU9rkwuXCvaAedKOb0MYPoEFakAaU2oi6EKZ2oiFjUmZCJSImG3Hr5ygu3QnqF+hG3Lh3VwRBF12II52ZtJM2bZK+JKn9/6DMeV4Oz9NOWs4TyHT9zqvHxbyTyhsVGY6pDIvUZUMkuRkFhoLrsBePSlhdLo1//3zm1t17c5lsdmZedTazcDmtqpPn3j159vr8h8r47TeTb6Oylry//i39ZW107b/1XwuPCo4WHC2VK2roYrlcMRYtU5cKTjGletMyDcfUQskx7abxvFVeXq6qUVqaiC/bpuOoUapq0axqpawVu6rGQ6NQ0lQqpRNxOd1GOpiTW52fNzJ7DruRI90Rjt1Yq07bztRbD+ZWe7AnAAAwYPav//1af6/6f7s67Kb+/7d9/S8Srv9jwSLU/937sbOj3tRqU//jZKo1N207Y8SD399m1P8AAAAAAAAAAAAAAAAAAAAAAJwEG66bcF03sXkNurx2VERi/kfAvXaft4ljEr7/buhr6/4H7XDOnMiV/u0YRyn0wb2YiPVyJbeS86/+eCYvBbHElClJyE/v9RDw49nr2Zkp9STlvVUL8msruYhEG/kNyVb5Z/+e9vO1Of8viYfXT0tC/mm9frpl/qhcvBDKT0lCPj6Qsliy5L2ut/OfT6teu5HdkT/mzQMAAAAA4E+Q0i2h8/uEd373xr0JMdl9vvfzQ+8PuK5b2+/9gR3n6xH5v5NHVAIAAAAAgENzqk+LhmWZ9gGCqIi0n+wOHWKJ7gLXFenVWnsHEenn6q2Czdt0VUQGZT89CGIi4vfoQdK/bqV3lOV2MGck+A8cg/HzaR/0+y8TAAAAgKO2XfR3kfTpxTHuCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA06fT54E15u8aagzskx5aLtLzbxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYIL8DAAD//wJ6FgQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x60840, 0x8)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000140)=0x101)

442.496031ms ago: executing program 3 (id=9294):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='quota,grpquota_block_hardlimit=3'])

339.555884ms ago: executing program 3 (id=9295):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0xa}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e1}, 0x4890)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$packet(0x11, 0x3, 0x300)
write$RDMA_USER_CM_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f00000002c0)="05031c00d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

252.314693ms ago: executing program 1 (id=9296):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000004b000000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000200008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000900)=r2, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

188.003708ms ago: executing program 3 (id=9297):
syz_usb_connect$uac1(0x5, 0x72, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x582, 0x44, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x60, 0x3, 0x1, 0x4, 0xa0, 0x7, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xf5a6, 0xa}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x1, 0x79, 0x1, {0x7, 0x25, 0x1, 0x0, 0x6}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x250, 0x9, 0x8, 0x6, {0x7, 0x25, 0x1, 0xc, 0x6, 0x1}}}}}}}}]}}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0})

25.719544ms ago: executing program 3 (id=9298):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="20074bb226"], 0x34}, 0x1, 0x0, 0x0, 0x40810}, 0x800)

0s ago: executing program 1 (id=9299):
socket$kcm(0x11, 0x200000000000002, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xd50, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2608054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

 ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2136.558650][ T1322] RSP: 002b:00007feb11fee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2136.558674][ T1322] RAX: ffffffffffffffda RBX: 00007feb14015fa0 RCX: 00007feb13d9ce59
[ 2136.558700][ T1322] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 000000000000000c
[ 2136.558717][ T1322] RBP: 00007feb11fee090 R08: 0000000000000000 R09: 0000000000000000
[ 2136.558732][ T1322] R10: 000000000000fff0 R11: 0000000000000246 R12: 0000000000000001
[ 2136.558746][ T1322] R13: 00007feb14016038 R14: 00007feb14015fa0 R15: 00007ffcffd36cb8
[ 2136.558782][ T1322]  </TASK>
[ 2137.482121][ T5281] 8021q: adding VLAN 0 to HW filter on device eth7
[ 2138.608112][ T1348] netlink: 1053 bytes leftover after parsing attributes in process `syz.1.8755'.
[ 2138.608154][ T1348] openvswitch: netlink: Flow key attr not present in new flow.
[ 2139.119827][ T1361] FAULT_INJECTION: forcing a failure.
[ 2139.119827][ T1361] name failslab, interval 1, probability 0, space 0, times 0
[ 2139.119867][ T1361] CPU: 1 UID: 0 PID: 1361 Comm: syz.1.8757 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2139.119897][ T1361] Tainted: [L]=SOFTLOCKUP
[ 2139.119905][ T1361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2139.119919][ T1361] Call Trace:
[ 2139.119932][ T1361]  <TASK>
[ 2139.119941][ T1361]  dump_stack_lvl+0xe8/0x150
[ 2139.119976][ T1361]  should_fail_ex+0x46b/0x600
[ 2139.120016][ T1361]  should_failslab+0xa8/0x100
[ 2139.120045][ T1361]  __kmalloc_cache_noprof+0x84/0x690
[ 2139.120071][ T1361]  ? resv_map_alloc+0x51/0x2e0
[ 2139.120090][ T1361]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 2139.120117][ T1361]  resv_map_alloc+0x51/0x2e0
[ 2139.120141][ T1361]  hugetlbfs_get_inode+0x5d/0x650
[ 2139.120171][ T1361]  ? fput+0xa0/0xd0
[ 2139.120211][ T1361]  hugetlb_file_setup+0x21d/0x630
[ 2139.120243][ T1361]  ksys_mmap_pgoff+0x22e/0x720
[ 2139.120267][ T1361]  ? __x64_sys_mmap+0x7f/0x140
[ 2139.120298][ T1361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2139.120322][ T1361]  do_syscall_64+0x15f/0x560
[ 2139.120350][ T1361]  ? trace_irq_disable+0x3b/0x140
[ 2139.120375][ T1361]  ? clear_bhb_loop+0x40/0x90
[ 2139.120403][ T1361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2139.120425][ T1361] RIP: 0033:0x7feb13d9ce59
[ 2139.120448][ T1361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2139.120468][ T1361] RSP: 002b:00007feb11fee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 2139.120492][ T1361] RAX: ffffffffffffffda RBX: 00007feb14015fa0 RCX: 00007feb13d9ce59
[ 2139.120509][ T1361] RDX: 0000000000000008 RSI: 0000000000c00000 RDI: 0000200000400000
[ 2139.120524][ T1361] RBP: 00007feb11fee090 R08: ffffffffffffffff R09: 0000000000000000
[ 2139.120539][ T1361] R10: 000000000005d031 R11: 0000000000000246 R12: 0000000000000001
[ 2139.120552][ T1361] R13: 00007feb14016038 R14: 00007feb14015fa0 R15: 00007ffcffd36cb8
[ 2139.120587][ T1361]  </TASK>
[ 2140.303225][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2140.303645][ T1160] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2140.303994][ T1160] bridge_slave_0: entered allmulticast mode
[ 2140.308139][ T1160] bridge_slave_0: entered promiscuous mode
[ 2140.318392][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2140.319496][ T1160] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2140.320415][ T1160] bridge_slave_1: entered allmulticast mode
[ 2140.333144][ T1160] bridge_slave_1: entered promiscuous mode
[ 2140.561984][ T1160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2141.286399][ T1160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2141.414582][ T1160] team0: Port device team_slave_0 added
[ 2141.431512][ T1160] team0: Port device team_slave_1 added
[ 2141.807645][ T1160] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2141.807659][ T1160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2141.807680][ T1160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2141.914364][ T1160] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2141.914383][ T1160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2141.914414][ T1160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2142.365975][T26396] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2142.476536][T26396] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2142.479942][T26396] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2142.481200][T26396] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2142.568188][T26396] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2143.399734][ T1160] hsr_slave_0: entered promiscuous mode
[ 2143.412347][ T1160] hsr_slave_1: entered promiscuous mode
[ 2143.421295][ T1160] debugfs: 'hsr0' already exists in 'hsr'
[ 2143.421325][ T1160] Cannot create hsr debugfs directory
[ 2145.088392][ T1414] FAULT_INJECTION: forcing a failure.
[ 2145.088392][ T1414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2145.088432][ T1414] CPU: 0 UID: 0 PID: 1414 Comm: syz.1.8769 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2145.088463][ T1414] Tainted: [L]=SOFTLOCKUP
[ 2145.088476][ T1414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2145.088490][ T1414] Call Trace:
[ 2145.088499][ T1414]  <TASK>
[ 2145.088508][ T1414]  dump_stack_lvl+0xe8/0x150
[ 2145.088539][ T1414]  should_fail_ex+0x46b/0x600
[ 2145.088573][ T1414]  _copy_from_user+0x2d/0xb0
[ 2145.088597][ T1414]  ___sys_sendmsg+0x1c6/0x360
[ 2145.088623][ T1414]  ? __lock_acquire+0x6b5/0x2d10
[ 2145.088649][ T1414]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2145.088701][ T1414]  ? __fget_files+0x2a/0x420
[ 2145.088716][ T1414]  ? __fget_files+0x3a6/0x420
[ 2145.088740][ T1414]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2145.088767][ T1414]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2145.088799][ T1414]  ? __pfx_ksys_write+0x10/0x10
[ 2145.088827][ T1414]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2145.088846][ T1414]  do_syscall_64+0x15f/0x560
[ 2145.088870][ T1414]  ? trace_irq_disable+0x3b/0x140
[ 2145.088890][ T1414]  ? clear_bhb_loop+0x40/0x90
[ 2145.088912][ T1414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2145.088930][ T1414] RIP: 0033:0x7feb13d9ce59
[ 2145.088947][ T1414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2145.088962][ T1414] RSP: 002b:00007feb11fee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2145.088982][ T1414] RAX: ffffffffffffffda RBX: 00007feb14015fa0 RCX: 00007feb13d9ce59
[ 2145.088996][ T1414] RDX: 000000002c048010 RSI: 0000200000003740 RDI: 0000000000000003
[ 2145.089008][ T1414] RBP: 00007feb11fee090 R08: 0000000000000000 R09: 0000000000000000
[ 2145.089019][ T1414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2145.089030][ T1414] R13: 00007feb14016038 R14: 00007feb14015fa0 R15: 00007ffcffd36cb8
[ 2145.089057][ T1414]  </TASK>
[ 2145.100392][T25889] Bluetooth: hci0: command tx timeout
[ 2145.645183][T26396] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2145.690648][T26396] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2145.698133][T26396] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2145.699869][T26396] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2145.700643][T26396] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2146.622698][ T1450] nbd: must specify at least one socket
[ 2147.252440][ T1465] FAULT_INJECTION: forcing a failure.
[ 2147.252440][ T1465] name failslab, interval 1, probability 0, space 0, times 0
[ 2147.252474][ T1465] CPU: 1 UID: 0 PID: 1465 Comm: syz.3.8792 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2147.252501][ T1465] Tainted: [L]=SOFTLOCKUP
[ 2147.252508][ T1465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2147.252519][ T1465] Call Trace:
[ 2147.252527][ T1465]  <TASK>
[ 2147.252535][ T1465]  dump_stack_lvl+0xe8/0x150
[ 2147.252565][ T1465]  should_fail_ex+0x46b/0x600
[ 2147.252600][ T1465]  should_failslab+0xa8/0x100
[ 2147.252624][ T1465]  __kmalloc_cache_noprof+0x84/0x690
[ 2147.252647][ T1465]  ? do_mq_timedreceive+0x3d1/0xb30
[ 2147.252673][ T1465]  do_mq_timedreceive+0x3d1/0xb30
[ 2147.252701][ T1465]  ? __pfx_do_mq_timedreceive+0x10/0x10
[ 2147.252726][ T1465]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 2147.252759][ T1465]  __x64_sys_mq_timedreceive+0x17a/0x220
[ 2147.252788][ T1465]  ? __pfx___x64_sys_mq_timedreceive+0x10/0x10
[ 2147.252814][ T1465]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2147.252836][ T1465]  do_syscall_64+0x15f/0x560
[ 2147.252864][ T1465]  ? clear_bhb_loop+0x40/0x90
[ 2147.252886][ T1465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2147.252905][ T1465] RIP: 0033:0x7f774e5ece59
[ 2147.252922][ T1465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2147.252938][ T1465] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f3
[ 2147.252958][ T1465] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2147.252971][ T1465] RDX: fffffffffffffee3 RSI: 0000000000000000 RDI: 0000000000000003
[ 2147.252983][ T1465] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2147.252995][ T1465] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 2147.253006][ T1465] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2147.253032][ T1465]  </TASK>
[ 2147.322855][T25889] Bluetooth: hci0: command tx timeout
[ 2148.276803][T25889] Bluetooth: hci2: command tx timeout
[ 2148.365375][ T1482] FAULT_INJECTION: forcing a failure.
[ 2148.365375][ T1482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2148.365404][ T1482] CPU: 0 UID: 0 PID: 1482 Comm: syz.3.8796 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2148.365426][ T1482] Tainted: [L]=SOFTLOCKUP
[ 2148.365433][ T1482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2148.365443][ T1482] Call Trace:
[ 2148.365449][ T1482]  <TASK>
[ 2148.365456][ T1482]  dump_stack_lvl+0xe8/0x150
[ 2148.365483][ T1482]  should_fail_ex+0x46b/0x600
[ 2148.365515][ T1482]  _copy_from_user+0x2d/0xb0
[ 2148.365538][ T1482]  ___sys_sendmsg+0x1c6/0x360
[ 2148.365561][ T1482]  ? __lock_acquire+0x6b5/0x2d10
[ 2148.365584][ T1482]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2148.365630][ T1482]  ? __fget_files+0x2a/0x420
[ 2148.365644][ T1482]  ? __fget_files+0x3a6/0x420
[ 2148.365665][ T1482]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2148.365689][ T1482]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2148.365718][ T1482]  ? __pfx_ksys_write+0x10/0x10
[ 2148.365743][ T1482]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2148.365760][ T1482]  do_syscall_64+0x15f/0x560
[ 2148.365782][ T1482]  ? trace_irq_disable+0x3b/0x140
[ 2148.365801][ T1482]  ? clear_bhb_loop+0x40/0x90
[ 2148.365830][ T1482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2148.365846][ T1482] RIP: 0033:0x7f774e5ece59
[ 2148.365862][ T1482] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2148.365877][ T1482] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2148.365893][ T1482] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2148.365905][ T1482] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000005
[ 2148.365916][ T1482] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2148.365926][ T1482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2148.365935][ T1482] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2148.365960][ T1482]  </TASK>
[ 2149.538253][T25889] Bluetooth: hci0: command tx timeout
[ 2150.078361][ T1528] nbd: nbd1 already in use
[ 2150.478030][T26396] Bluetooth: hci2: command tx timeout
[ 2150.676059][ T1547] cgroup: Unknown subsys name 'cpuset'
[ 2151.766295][T26396] Bluetooth: hci0: command tx timeout
[ 2151.981301][ T1553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8819'.
[ 2152.233317][ T1556] FAULT_INJECTION: forcing a failure.
[ 2152.233317][ T1556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2152.233357][ T1556] CPU: 1 UID: 0 PID: 1556 Comm: syz.3.8821 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2152.233387][ T1556] Tainted: [L]=SOFTLOCKUP
[ 2152.233396][ T1556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2152.233411][ T1556] Call Trace:
[ 2152.233421][ T1556]  <TASK>
[ 2152.233431][ T1556]  dump_stack_lvl+0xe8/0x150
[ 2152.233467][ T1556]  should_fail_ex+0x46b/0x600
[ 2152.233510][ T1556]  _copy_to_user+0x31/0xb0
[ 2152.233552][ T1556]  simple_read_from_buffer+0xe1/0x170
[ 2152.233594][ T1556]  proc_fail_nth_read+0x1be/0x230
[ 2152.233620][ T1556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2152.233646][ T1556]  ? rw_verify_area+0x2ac/0x4e0
[ 2152.233671][ T1556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2152.233696][ T1556]  vfs_read+0x212/0xa80
[ 2152.233730][ T1556]  ? __pfx_vfs_read+0x10/0x10
[ 2152.233757][ T1556]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2152.233787][ T1556]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2152.233821][ T1556]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2152.233851][ T1556]  ? mutex_lock_nested+0x152/0x1d0
[ 2152.233873][ T1556]  ? fdget_pos+0x252/0x320
[ 2152.233903][ T1556]  ksys_read+0x156/0x270
[ 2152.233931][ T1556]  ? __pfx_ksys_read+0x10/0x10
[ 2152.233966][ T1556]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2152.233990][ T1556]  do_syscall_64+0x15f/0x560
[ 2152.234019][ T1556]  ? trace_irq_disable+0x3b/0x140
[ 2152.234045][ T1556]  ? clear_bhb_loop+0x40/0x90
[ 2152.234072][ T1556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2152.234094][ T1556] RIP: 0033:0x7f774e5ad68e
[ 2152.234120][ T1556] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2152.234141][ T1556] RSP: 002b:00007f774c845fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2152.234165][ T1556] RAX: ffffffffffffffda RBX: 00007f774c8466c0 RCX: 00007f774e5ad68e
[ 2152.234182][ T1556] RDX: 000000000000000f RSI: 00007f774c8460a0 RDI: 0000000000000004
[ 2152.234198][ T1556] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2152.234211][ T1556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2152.234226][ T1556] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2152.234263][ T1556]  </TASK>
[ 2152.548796][ T1560] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8822'.
[ 2152.710135][T26396] Bluetooth: hci2: command tx timeout
[ 2153.659304][ T1592] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8829'.
[ 2153.838048][ T1599] FAULT_INJECTION: forcing a failure.
[ 2153.838048][ T1599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2153.838096][ T1599] CPU: 1 UID: 0 PID: 1599 Comm: syz.3.8830 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2153.838127][ T1599] Tainted: [L]=SOFTLOCKUP
[ 2153.838136][ T1599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2153.838151][ T1599] Call Trace:
[ 2153.838161][ T1599]  <TASK>
[ 2153.838171][ T1599]  dump_stack_lvl+0xe8/0x150
[ 2153.838207][ T1599]  should_fail_ex+0x46b/0x600
[ 2153.838250][ T1599]  _copy_from_user+0x2d/0xb0
[ 2153.838281][ T1599]  __sys_bpf+0x2e7/0xd90
[ 2153.838317][ T1599]  ? __pfx___sys_bpf+0x10/0x10
[ 2153.838351][ T1599]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2153.838380][ T1599]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2153.838430][ T1599]  ? ksys_write+0x248/0x270
[ 2153.838458][ T1599]  ? __pfx_ksys_write+0x10/0x10
[ 2153.838490][ T1599]  __x64_sys_bpf+0xba/0xd0
[ 2153.838513][ T1599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2153.838538][ T1599]  do_syscall_64+0x15f/0x560
[ 2153.838567][ T1599]  ? trace_irq_disable+0x3b/0x140
[ 2153.838592][ T1599]  ? clear_bhb_loop+0x40/0x90
[ 2153.838621][ T1599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2153.838651][ T1599] RIP: 0033:0x7f774e5ece59
[ 2153.838673][ T1599] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2153.838693][ T1599] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2153.838718][ T1599] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2153.838735][ T1599] RDX: 000000000000000c RSI: 00002000000003c0 RDI: 000000000000000a
[ 2153.838750][ T1599] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2153.838765][ T1599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2153.838780][ T1599] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2153.838817][ T1599]  </TASK>
[ 2154.615711][ T1618] FAULT_INJECTION: forcing a failure.
[ 2154.615711][ T1618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2154.615753][ T1618] CPU: 0 UID: 0 PID: 1618 Comm: syz.3.8835 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2154.615785][ T1618] Tainted: [L]=SOFTLOCKUP
[ 2154.615794][ T1618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2154.615810][ T1618] Call Trace:
[ 2154.615818][ T1618]  <TASK>
[ 2154.615829][ T1618]  dump_stack_lvl+0xe8/0x150
[ 2154.615864][ T1618]  should_fail_ex+0x46b/0x600
[ 2154.615910][ T1618]  _copy_from_user+0x2d/0xb0
[ 2154.615942][ T1618]  do_sock_getsockopt+0x200/0x7e0
[ 2154.615980][ T1618]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 2154.616032][ T1618]  ? __fget_files+0x3a6/0x420
[ 2154.616053][ T1618]  ? __fget_files+0x2a/0x420
[ 2154.616090][ T1618]  __x64_sys_getsockopt+0x1aa/0x250
[ 2154.616124][ T1618]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2154.616148][ T1618]  do_syscall_64+0x15f/0x560
[ 2154.616186][ T1618]  ? trace_irq_disable+0x3b/0x140
[ 2154.616210][ T1618]  ? clear_bhb_loop+0x40/0x90
[ 2154.616238][ T1618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2154.616261][ T1618] RIP: 0033:0x7f774e5ece59
[ 2154.616281][ T1618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2154.616301][ T1618] RSP: 002b:00007f774c804028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 2154.616325][ T1618] RAX: ffffffffffffffda RBX: 00007f774e866180 RCX: 00007f774e5ece59
[ 2154.616342][ T1618] RDX: 0000000000000007 RSI: 0000000000000112 RDI: 0000000000000008
[ 2154.616355][ T1618] RBP: 00007f774c804090 R08: 0000200000000240 R09: 0000000000000000
[ 2154.616370][ T1618] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[ 2154.616384][ T1618] R13: 00007f774e866218 R14: 00007f774e866180 R15: 00007ffff14f7798
[ 2154.616428][ T1618]  </TASK>
[ 2154.923328][T26396] Bluetooth: hci2: command tx timeout
[ 2155.106595][ T5886] usb 4-1: new full-speed USB device number 78 using dummy_hcd
[ 2155.280093][ T5886] usb 4-1: config 0 has an invalid interface number: 6 but max is 0
[ 2155.280121][ T5886] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2155.280142][ T5886] usb 4-1: config 0 has no interface number 0
[ 2155.280188][ T5886] usb 4-1: config 0 interface 6 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 2155.280217][ T5886] usb 4-1: config 0 interface 6 altsetting 0 endpoint 0x82 has invalid maxpacket 204, setting to 64
[ 2155.284112][ T5886] usb 4-1: New USB device found, idVendor=10cf, idProduct=8061, bcdDevice=b7.12
[ 2155.284142][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2155.284164][ T5886] usb 4-1: Product: syz
[ 2155.284178][ T5886] usb 4-1: Manufacturer: syz
[ 2155.284194][ T5886] usb 4-1: SerialNumber: syz
[ 2155.394054][ T5886] usb 4-1: config 0 descriptor??
[ 2155.395094][ T1618] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2155.395259][ T1618] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2156.042721][ T5886] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8061 (VM140)'.
[ 2156.353044][ T5886] usb 4-1: USB disconnect, device number 78
[ 2156.558378][ T5352] usb 2-1: new full-speed USB device number 54 using dummy_hcd
[ 2156.748893][ T5352] usb 2-1: config 0 has an invalid interface number: 6 but max is 0
[ 2156.748924][ T5352] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2156.748946][ T5352] usb 2-1: config 0 has no interface number 0
[ 2156.748993][ T5352] usb 2-1: config 0 interface 6 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 2156.749046][ T5352] usb 2-1: config 0 interface 6 altsetting 0 endpoint 0x82 has invalid maxpacket 204, setting to 64
[ 2156.775683][ T5352] usb 2-1: New USB device found, idVendor=10cf, idProduct=8061, bcdDevice=b7.12
[ 2156.775727][ T5352] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2156.775770][ T5352] usb 2-1: Product: syz
[ 2156.775793][ T5352] usb 2-1: Manufacturer: syz
[ 2156.775837][ T5352] usb 2-1: SerialNumber: syz
[ 2156.897215][ T5352] usb 2-1: config 0 descriptor??
[ 2156.905428][ T1629] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2156.905560][ T1629] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2156.995177][ T1645] FAULT_INJECTION: forcing a failure.
[ 2156.995177][ T1645] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2156.995217][ T1645] CPU: 1 UID: 0 PID: 1645 Comm: syz.3.8837 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2156.995247][ T1645] Tainted: [L]=SOFTLOCKUP
[ 2156.995256][ T1645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2156.995272][ T1645] Call Trace:
[ 2156.995281][ T1645]  <TASK>
[ 2156.995291][ T1645]  dump_stack_lvl+0xe8/0x150
[ 2156.995327][ T1645]  should_fail_ex+0x46b/0x600
[ 2156.995378][ T1645]  _copy_from_user+0x2d/0xb0
[ 2156.995408][ T1645]  ___sys_sendmsg+0x1c6/0x360
[ 2156.995447][ T1645]  ? __lock_acquire+0x6b5/0x2d10
[ 2156.995480][ T1645]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2156.995548][ T1645]  ? __fget_files+0x2a/0x420
[ 2156.995568][ T1645]  ? __fget_files+0x3a6/0x420
[ 2156.995600][ T1645]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2156.995635][ T1645]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2156.995676][ T1645]  ? __pfx_ksys_write+0x10/0x10
[ 2156.995711][ T1645]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2156.995735][ T1645]  do_syscall_64+0x15f/0x560
[ 2156.995763][ T1645]  ? trace_irq_disable+0x3b/0x140
[ 2156.995789][ T1645]  ? clear_bhb_loop+0x40/0x90
[ 2156.995816][ T1645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2156.995839][ T1645] RIP: 0033:0x7f774e5ece59
[ 2156.995861][ T1645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2156.995881][ T1645] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2156.995905][ T1645] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2156.995926][ T1645] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 2156.995941][ T1645] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2156.995956][ T1645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2156.995970][ T1645] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2156.996005][ T1645]  </TASK>
[ 2157.096276][ T1336] ieee802154 phy0 wpan0: encryption failed: -22
[ 2157.096600][ T1336] ieee802154 phy1 wpan1: encryption failed: -22
[ 2157.305317][ T5352] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8061 (VM140)'.
[ 2157.390844][ T5352] usb 2-1: USB disconnect, device number 54
[ 2158.190451][ T1416] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2158.190901][ T1416] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2158.212989][ T1416] bridge_slave_0: entered allmulticast mode
[ 2158.238639][ T1416] bridge_slave_0: entered promiscuous mode
[ 2158.353773][ T1667] loop3: detected capacity change from 0 to 4096
[ 2158.439832][ T1512] bridge_slave_1: left allmulticast mode
[ 2158.439872][ T1512] bridge_slave_1: left promiscuous mode
[ 2158.440173][ T1512] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2158.480074][ T1667] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 2158.480101][ T1667] UDF-fs: Scanning with blocksize 512 failed
[ 2158.581716][ T1667] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 2158.644557][ T1512] bridge_slave_0: left allmulticast mode
[ 2158.644598][ T1512] bridge_slave_0: left promiscuous mode
[ 2158.644883][ T1512] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2159.845649][ T1703] FAULT_INJECTION: forcing a failure.
[ 2159.845649][ T1703] name failslab, interval 1, probability 0, space 0, times 0
[ 2159.845692][ T1703] CPU: 0 UID: 0 PID: 1703 Comm: syz.3.8850 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2159.845735][ T1703] Tainted: [L]=SOFTLOCKUP
[ 2159.845744][ T1703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2159.845758][ T1703] Call Trace:
[ 2159.845770][ T1703]  <TASK>
[ 2159.845782][ T1703]  dump_stack_lvl+0xe8/0x150
[ 2159.845821][ T1703]  should_fail_ex+0x46b/0x600
[ 2159.845868][ T1703]  should_failslab+0xa8/0x100
[ 2159.845899][ T1703]  __kmalloc_noprof+0xdf/0x7b0
[ 2159.845921][ T1703]  ? kernfs_fop_write_iter+0x159/0x540
[ 2159.845951][ T1703]  kernfs_fop_write_iter+0x159/0x540
[ 2159.845982][ T1703]  vfs_write+0x629/0xba0
[ 2159.846012][ T1703]  ? __pfx_vfs_write+0x10/0x10
[ 2159.846056][ T1703]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2159.846083][ T1703]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2159.846113][ T1703]  ? mutex_lock_nested+0x152/0x1d0
[ 2159.846132][ T1703]  ? fdget_pos+0x252/0x320
[ 2159.846161][ T1703]  ksys_write+0x156/0x270
[ 2159.846185][ T1703]  ? __pfx_ksys_write+0x10/0x10
[ 2159.846215][ T1703]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2159.846236][ T1703]  do_syscall_64+0x15f/0x560
[ 2159.846260][ T1703]  ? trace_irq_disable+0x3b/0x140
[ 2159.846282][ T1703]  ? clear_bhb_loop+0x40/0x90
[ 2159.846307][ T1703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2159.846326][ T1703] RIP: 0033:0x7f774e5ece59
[ 2159.846346][ T1703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2159.846361][ T1703] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2159.846381][ T1703] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2159.846395][ T1703] RDX: 0000000000000008 RSI: 0000200000000040 RDI: 0000000000000003
[ 2159.846406][ T1703] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2159.846418][ T1703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2159.846429][ T1703] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2159.846457][ T1703]  </TASK>
[ 2160.137684][T32105] kernel read not supported for file /nvram (pid: 32105 comm: kworker/1:2)
[ 2160.516228][ T1714] FAULT_INJECTION: forcing a failure.
[ 2160.516228][ T1714] name failslab, interval 1, probability 0, space 0, times 0
[ 2160.516268][ T1714] CPU: 0 UID: 0 PID: 1714 Comm: syz.1.8853 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2160.516299][ T1714] Tainted: [L]=SOFTLOCKUP
[ 2160.516308][ T1714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2160.516322][ T1714] Call Trace:
[ 2160.516331][ T1714]  <TASK>
[ 2160.516341][ T1714]  dump_stack_lvl+0xe8/0x150
[ 2160.516376][ T1714]  should_fail_ex+0x46b/0x600
[ 2160.516419][ T1714]  should_failslab+0xa8/0x100
[ 2160.516448][ T1714]  __kmalloc_noprof+0xdf/0x7b0
[ 2160.516471][ T1714]  ? kfree+0x4d/0x6c0
[ 2160.516491][ T1714]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2160.516531][ T1714]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2160.516567][ T1714]  ? tomoyo_domain+0xd7/0x130
[ 2160.516607][ T1714]  ? tomoyo_path_number_perm+0x219/0x630
[ 2160.516640][ T1714]  tomoyo_path_number_perm+0x246/0x630
[ 2160.516673][ T1714]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2160.516700][ T1714]  ? __lock_acquire+0x6b5/0x2d10
[ 2160.516730][ T1714]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2160.516790][ T1714]  ? __fget_files+0x2a/0x420
[ 2160.516814][ T1714]  ? __fget_files+0x2a/0x420
[ 2160.516833][ T1714]  ? __fget_files+0x3a6/0x420
[ 2160.516852][ T1714]  ? __fget_files+0x2a/0x420
[ 2160.516877][ T1714]  security_file_ioctl+0xc3/0x2a0
[ 2160.516906][ T1714]  __se_sys_ioctl+0x47/0x170
[ 2160.516940][ T1714]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2160.516967][ T1714]  do_syscall_64+0x15f/0x560
[ 2160.516997][ T1714]  ? trace_irq_disable+0x3b/0x140
[ 2160.517023][ T1714]  ? clear_bhb_loop+0x40/0x90
[ 2160.517050][ T1714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2160.517074][ T1714] RIP: 0033:0x7feb13d9ce59
[ 2160.517096][ T1714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2160.517116][ T1714] RSP: 002b:00007feb11fee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2160.517139][ T1714] RAX: ffffffffffffffda RBX: 00007feb14015fa0 RCX: 00007feb13d9ce59
[ 2160.517156][ T1714] RDX: 0000000000000000 RSI: 0000000080487436 RDI: 0000000000000003
[ 2160.517171][ T1714] RBP: 00007feb11fee090 R08: 0000000000000000 R09: 0000000000000000
[ 2160.517186][ T1714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2160.517199][ T1714] R13: 00007feb14016038 R14: 00007feb14015fa0 R15: 00007ffcffd36cb8
[ 2160.517232][ T1714]  </TASK>
[ 2160.557790][ T1714] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2160.866477][ T1717] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8854'.
[ 2161.486895][ T1512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2161.572195][ T1512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2161.629634][ T1512] bond0 (unregistering): Released all slaves
[ 2161.678930][ T1416] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2161.679289][ T1416] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2161.679689][ T1416] bridge_slave_1: entered allmulticast mode
[ 2161.683232][ T1416] bridge_slave_1: entered promiscuous mode
[ 2161.686195][ T1393] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2161.686510][ T1393] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2161.686825][ T1393] bridge_slave_0: entered allmulticast mode
[ 2161.727800][ T1393] bridge_slave_0: entered promiscuous mode
[ 2162.051122][ T1393] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2162.051464][ T1393] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2162.051846][ T1393] bridge_slave_1: entered allmulticast mode
[ 2162.055820][ T1393] bridge_slave_1: entered promiscuous mode
[ 2162.863513][ T1416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2162.930208][ T1416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2163.098095][ T1512] hsr_slave_0: left promiscuous mode
[ 2163.140732][ T1512] hsr_slave_1: left promiscuous mode
[ 2163.142035][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2163.165214][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2163.323298][ T5352] usb 2-1: new full-speed USB device number 55 using dummy_hcd
[ 2163.478392][ T1755] loop3: detected capacity change from 0 to 512
[ 2163.516861][ T5352] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 2163.517503][ T5352] usb 2-1: not running at top speed; connect to a high speed hub
[ 2163.535216][ T5352] usb 2-1: config 5 has an invalid interface number: 246 but max is 0
[ 2163.535249][ T5352] usb 2-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[ 2163.535269][ T5352] usb 2-1: config 5 has no interface number 0
[ 2163.535317][ T5352] usb 2-1: config 5 interface 246 altsetting 4 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 2163.535363][ T5352] usb 2-1: config 5 interface 246 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 2163.535392][ T5352] usb 2-1: config 5 interface 246 has no altsetting 0
[ 2163.609417][ T5352] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4
[ 2163.609466][ T5352] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2163.609490][ T5352] usb 2-1: Product: syz
[ 2163.609506][ T5352] usb 2-1: Manufacturer: syz
[ 2163.609522][ T5352] usb 2-1: SerialNumber: syz
[ 2164.069534][ T5352] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 2164.149154][ T5352] usb 2-1: USB disconnect, device number 55
[ 2164.174586][ T1524] usb 2-1: Failed to submit usb control message: -19
[ 2164.174626][ T1524] usb 2-1: unable to send the bmi data to the device: -19
[ 2164.174647][ T1524] usb 2-1: unable to get target info from device
[ 2164.174663][ T1524] usb 2-1: could not get target info (-19)
[ 2164.175231][ T1524] usb 2-1: could not probe fw (-19)
[ 2164.761896][ T1771] FAULT_INJECTION: forcing a failure.
[ 2164.761896][ T1771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2164.761939][ T1771] CPU: 0 UID: 0 PID: 1771 Comm: syz.3.8872 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2164.761971][ T1771] Tainted: [L]=SOFTLOCKUP
[ 2164.761981][ T1771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2164.761996][ T1771] Call Trace:
[ 2164.762005][ T1771]  <TASK>
[ 2164.762017][ T1771]  dump_stack_lvl+0xe8/0x150
[ 2164.762053][ T1771]  should_fail_ex+0x46b/0x600
[ 2164.762097][ T1771]  _copy_from_user+0x2d/0xb0
[ 2164.762129][ T1771]  __sys_bpf+0x2e7/0xd90
[ 2164.762165][ T1771]  ? __pfx___sys_bpf+0x10/0x10
[ 2164.762201][ T1771]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2164.762233][ T1771]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2164.762285][ T1771]  ? ksys_write+0x248/0x270
[ 2164.762315][ T1771]  ? __pfx_ksys_write+0x10/0x10
[ 2164.762369][ T1771]  __x64_sys_bpf+0xba/0xd0
[ 2164.762395][ T1771]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2164.762421][ T1771]  do_syscall_64+0x15f/0x560
[ 2164.762451][ T1771]  ? trace_irq_disable+0x3b/0x140
[ 2164.762478][ T1771]  ? clear_bhb_loop+0x40/0x90
[ 2164.762506][ T1771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2164.762530][ T1771] RIP: 0033:0x7f774e5ece59
[ 2164.762552][ T1771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2164.762602][ T1771] RSP: 002b:00007f774c804028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2164.762627][ T1771] RAX: ffffffffffffffda RBX: 00007f774e866180 RCX: 00007f774e5ece59
[ 2164.762645][ T1771] RDX: 0000000000000050 RSI: 0000200000000440 RDI: 000000000000000a
[ 2164.762661][ T1771] RBP: 00007f774c804090 R08: 0000000000000000 R09: 0000000000000000
[ 2164.762677][ T1771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2164.762693][ T1771] R13: 00007f774e866218 R14: 00007f774e866180 R15: 00007ffff14f7798
[ 2164.762729][ T1771]  </TASK>
[ 2165.962995][ T1512] team0 (unregistering): Port device team_slave_1 removed
[ 2166.049673][ T1512] team0 (unregistering): Port device team_slave_0 removed
[ 2166.480084][ T1393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2166.907695][ T1807] FAULT_INJECTION: forcing a failure.
[ 2166.907695][ T1807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2166.907734][ T1807] CPU: 1 UID: 0 PID: 1807 Comm: syz.3.8888 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2166.907765][ T1807] Tainted: [L]=SOFTLOCKUP
[ 2166.907774][ T1807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2166.907788][ T1807] Call Trace:
[ 2166.907797][ T1807]  <TASK>
[ 2166.907808][ T1807]  dump_stack_lvl+0xe8/0x150
[ 2166.907841][ T1807]  should_fail_ex+0x46b/0x600
[ 2166.907881][ T1807]  _copy_to_user+0x31/0xb0
[ 2166.907914][ T1807]  simple_read_from_buffer+0xe1/0x170
[ 2166.907955][ T1807]  proc_fail_nth_read+0x1be/0x230
[ 2166.907981][ T1807]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2166.908007][ T1807]  ? rw_verify_area+0x2ac/0x4e0
[ 2166.908032][ T1807]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2166.908054][ T1807]  vfs_read+0x212/0xa80
[ 2166.908097][ T1807]  ? __pfx_vfs_read+0x10/0x10
[ 2166.908122][ T1807]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2166.908149][ T1807]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2166.908175][ T1807]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2166.908206][ T1807]  ? mutex_lock_nested+0x152/0x1d0
[ 2166.908227][ T1807]  ? fdget_pos+0x252/0x320
[ 2166.908256][ T1807]  ksys_read+0x156/0x270
[ 2166.908310][ T1807]  ? __pfx_ksys_read+0x10/0x10
[ 2166.908333][ T1807]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2166.908365][ T1807]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2166.908389][ T1807]  do_syscall_64+0x15f/0x560
[ 2166.908416][ T1807]  ? trace_irq_disable+0x3b/0x140
[ 2166.908450][ T1807]  ? clear_bhb_loop+0x40/0x90
[ 2166.908477][ T1807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2166.908499][ T1807] RIP: 0033:0x7f774e5ad68e
[ 2166.908520][ T1807] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2166.908540][ T1807] RSP: 002b:00007f774c845fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2166.908564][ T1807] RAX: ffffffffffffffda RBX: 00007f774c8466c0 RCX: 00007f774e5ad68e
[ 2166.908582][ T1807] RDX: 000000000000000f RSI: 00007f774c8460a0 RDI: 0000000000000003
[ 2166.908596][ T1807] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2166.908611][ T1807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2166.908624][ T1807] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2166.908660][ T1807]  </TASK>
[ 2166.921446][ T1393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2167.425519][ T1416] team0: Port device team_slave_0 added
[ 2167.502122][ T1416] team0: Port device team_slave_1 added
[ 2168.258623][ T1393] team0: Port device team_slave_0 added
[ 2168.876027][ T1393] team0: Port device team_slave_1 added
[ 2168.972802][ T1416] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2168.972816][ T1416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2168.972836][ T1416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2169.195904][ T1416] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2169.195918][ T1416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2169.195939][ T1416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2169.295003][ T1842] FAULT_INJECTION: forcing a failure.
[ 2169.295003][ T1842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2169.295041][ T1842] CPU: 0 UID: 0 PID: 1842 Comm: syz.3.8904 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2169.295071][ T1842] Tainted: [L]=SOFTLOCKUP
[ 2169.295080][ T1842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2169.295093][ T1842] Call Trace:
[ 2169.295102][ T1842]  <TASK>
[ 2169.295112][ T1842]  dump_stack_lvl+0xe8/0x150
[ 2169.295147][ T1842]  should_fail_ex+0x46b/0x600
[ 2169.295189][ T1842]  _copy_to_user+0x31/0xb0
[ 2169.295221][ T1842]  simple_read_from_buffer+0xe1/0x170
[ 2169.295262][ T1842]  proc_fail_nth_read+0x1be/0x230
[ 2169.295288][ T1842]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2169.295322][ T1842]  ? rw_verify_area+0x2ac/0x4e0
[ 2169.295347][ T1842]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2169.295371][ T1842]  vfs_read+0x212/0xa80
[ 2169.295404][ T1842]  ? __pfx_vfs_read+0x10/0x10
[ 2169.295433][ T1842]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2169.295462][ T1842]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2169.295490][ T1842]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2169.295517][ T1842]  ? mutex_lock_nested+0x152/0x1d0
[ 2169.295538][ T1842]  ? fdget_pos+0x252/0x320
[ 2169.295569][ T1842]  ksys_read+0x156/0x270
[ 2169.295596][ T1842]  ? __pfx_ksys_read+0x10/0x10
[ 2169.295634][ T1842]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2169.295658][ T1842]  do_syscall_64+0x15f/0x560
[ 2169.295687][ T1842]  ? trace_irq_disable+0x3b/0x140
[ 2169.295712][ T1842]  ? clear_bhb_loop+0x40/0x90
[ 2169.295738][ T1842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2169.295760][ T1842] RIP: 0033:0x7f774e5ad68e
[ 2169.295782][ T1842] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2169.295801][ T1842] RSP: 002b:00007f774c845fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2169.295824][ T1842] RAX: ffffffffffffffda RBX: 00007f774c8466c0 RCX: 00007f774e5ad68e
[ 2169.295839][ T1842] RDX: 000000000000000f RSI: 00007f774c8460a0 RDI: 0000000000000004
[ 2169.295853][ T1842] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2169.295868][ T1842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2169.295882][ T1842] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2169.295919][ T1842]  </TASK>
[ 2170.068695][ T1393] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2170.068717][ T1393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2170.068749][ T1393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2170.121732][ T1393] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2170.121752][ T1393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2170.121785][ T1393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2170.324492][ T1416] hsr_slave_0: entered promiscuous mode
[ 2170.326781][ T1416] hsr_slave_1: entered promiscuous mode
[ 2170.328593][ T1416] debugfs: 'hsr0' already exists in 'hsr'
[ 2170.328620][ T1416] Cannot create hsr debugfs directory
[ 2170.550070][ T1393] hsr_slave_0: entered promiscuous mode
[ 2170.556102][ T1393] hsr_slave_1: entered promiscuous mode
[ 2170.573809][ T1393] debugfs: 'hsr0' already exists in 'hsr'
[ 2170.573835][ T1393] Cannot create hsr debugfs directory
[ 2170.670253][ T1864] netlink: 'syz.1.8913': attribute type 8 has an invalid length.
[ 2170.670276][ T1864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8913'.
[ 2170.824956][ T1864] veth1_to_team: entered promiscuous mode
[ 2170.850772][ T1864] gretap0: entered promiscuous mode
[ 2170.991366][ T1864] veth1_to_team: left promiscuous mode
[ 2171.105083][ T1864] gretap0: left promiscuous mode
[ 2171.230058][ T5352] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 2171.423466][ T5352] usb 2-1: Using ep0 maxpacket: 32
[ 2171.438925][ T5352] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 2171.438962][ T5352] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 2171.438990][ T5352] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[ 2171.439014][ T5352] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 2171.441525][ T5352] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[ 2171.441572][ T5352] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2171.441595][ T5352] usb 2-1: Product: syz
[ 2171.441611][ T5352] usb 2-1: Manufacturer: syz
[ 2171.441627][ T5352] usb 2-1: SerialNumber: syz
[ 2171.556276][ T5352] usb 2-1: config 0 descriptor??
[ 2171.804062][ T1868] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2171.804715][ T1868] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2172.687769][ T5886] usb 2-1: USB disconnect, device number 56
[ 2175.303958][ T1160] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2175.429197][ T1160] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 2175.464559][ T1160] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2175.517256][ T1160] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 2175.563972][ T1160] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2175.714911][ T1160] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 2175.726707][ T1160] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2175.766362][ T1160] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 2176.611289][ T1984] FAULT_INJECTION: forcing a failure.
[ 2176.611289][ T1984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2176.611329][ T1984] CPU: 1 UID: 0 PID: 1984 Comm: syz.1.8967 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2176.611360][ T1984] Tainted: [L]=SOFTLOCKUP
[ 2176.611368][ T1984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2176.611381][ T1984] Call Trace:
[ 2176.611390][ T1984]  <TASK>
[ 2176.611400][ T1984]  dump_stack_lvl+0xe8/0x150
[ 2176.611434][ T1984]  should_fail_ex+0x46b/0x600
[ 2176.611479][ T1984]  _copy_from_user+0x2d/0xb0
[ 2176.611510][ T1984]  ___sys_sendmsg+0x1c6/0x360
[ 2176.611540][ T1984]  ? __lock_acquire+0x6b5/0x2d10
[ 2176.611572][ T1984]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2176.611640][ T1984]  ? __fget_files+0x2a/0x420
[ 2176.611668][ T1984]  ? __fget_files+0x3a6/0x420
[ 2176.611699][ T1984]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2176.611733][ T1984]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2176.611791][ T1984]  ? __pfx_ksys_write+0x10/0x10
[ 2176.611826][ T1984]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2176.611850][ T1984]  do_syscall_64+0x15f/0x560
[ 2176.611881][ T1984]  ? clear_bhb_loop+0x40/0x90
[ 2176.611913][ T1984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2176.611935][ T1984] RIP: 0033:0x7feb13d9ce59
[ 2176.611956][ T1984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2176.611974][ T1984] RSP: 002b:00007feb11fcd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2176.611999][ T1984] RAX: ffffffffffffffda RBX: 00007feb14016090 RCX: 00007feb13d9ce59
[ 2176.612016][ T1984] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[ 2176.612030][ T1984] RBP: 00007feb11fcd090 R08: 0000000000000000 R09: 0000000000000000
[ 2176.612045][ T1984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2176.612060][ T1984] R13: 00007feb14016128 R14: 00007feb14016090 R15: 00007ffcffd36cb8
[ 2176.612096][ T1984]  </TASK>
[ 2177.931540][ T2002] cgroup: Unknown subsys name 'cpuset'
[ 2180.375622][ T2011] FAULT_INJECTION: forcing a failure.
[ 2180.375622][ T2011] name failslab, interval 1, probability 0, space 0, times 0
[ 2180.375651][ T2011] CPU: 1 UID: 0 PID: 2011 Comm: syz.3.8979 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2180.375674][ T2011] Tainted: [L]=SOFTLOCKUP
[ 2180.375680][ T2011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2180.375690][ T2011] Call Trace:
[ 2180.375702][ T2011]  <TASK>
[ 2180.375710][ T2011]  dump_stack_lvl+0xe8/0x150
[ 2180.375736][ T2011]  should_fail_ex+0x46b/0x600
[ 2180.375767][ T2011]  should_failslab+0xa8/0x100
[ 2180.375787][ T2011]  kmem_cache_alloc_noprof+0x87/0x680
[ 2180.375804][ T2011]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2180.375824][ T2011]  ? do_getname+0x2e/0x250
[ 2180.375848][ T2011]  do_getname+0x2e/0x250
[ 2180.375868][ T2011]  ? getname_flags+0x11/0x20
[ 2180.375891][ T2011]  do_sys_openat2+0xcc/0x200
[ 2180.375918][ T2011]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2180.375942][ T2011]  ? ksys_write+0x248/0x270
[ 2180.375961][ T2011]  ? __pfx_ksys_write+0x10/0x10
[ 2180.375982][ T2011]  __x64_sys_openat+0x138/0x170
[ 2180.376007][ T2011]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2180.376024][ T2011]  do_syscall_64+0x15f/0x560
[ 2180.376044][ T2011]  ? trace_irq_disable+0x3b/0x140
[ 2180.376062][ T2011]  ? clear_bhb_loop+0x40/0x90
[ 2180.376081][ T2011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2180.376096][ T2011] RIP: 0033:0x7f774e5ece59
[ 2180.376111][ T2011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2180.376125][ T2011] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2180.376142][ T2011] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2180.376155][ T2011] RDX: 0000000000040543 RSI: 0000200000000000 RDI: 0000000000000005
[ 2180.376165][ T2011] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2180.376176][ T2011] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 2180.376186][ T2011] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2180.376214][ T2011]  </TASK>
[ 2182.367350][ T1416] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 2182.576915][ T1416] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 2182.844161][ T1416] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 2182.970955][ T1416] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 2182.981880][ T1416] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 2183.042583][ T1416] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 2183.330505][ T1416] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 2183.365987][ T1416] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 2183.573803][ T1160] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2183.995462][ T1512] bridge_slave_1: left allmulticast mode
[ 2183.995497][ T1512] bridge_slave_1: left promiscuous mode
[ 2183.995715][ T1512] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2184.044914][ T2060] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8995'.
[ 2184.129047][ T2061] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8995'.
[ 2184.209340][ T1512] bridge_slave_0: left allmulticast mode
[ 2184.209377][ T1512] bridge_slave_0: left promiscuous mode
[ 2184.209686][ T1512] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2184.286778][ T2069] FAULT_INJECTION: forcing a failure.
[ 2184.286778][ T2069] name failslab, interval 1, probability 0, space 0, times 0
[ 2184.286817][ T2069] CPU: 0 UID: 0 PID: 2069 Comm: syz.3.8999 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2184.286847][ T2069] Tainted: [L]=SOFTLOCKUP
[ 2184.286856][ T2069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2184.286871][ T2069] Call Trace:
[ 2184.286879][ T2069]  <TASK>
[ 2184.286890][ T2069]  dump_stack_lvl+0xe8/0x150
[ 2184.286925][ T2069]  should_fail_ex+0x46b/0x600
[ 2184.286968][ T2069]  should_failslab+0xa8/0x100
[ 2184.286997][ T2069]  __kmalloc_cache_noprof+0x84/0x690
[ 2184.287023][ T2069]  ? __se_sys_mount+0x166/0x420
[ 2184.287084][ T2069]  __se_sys_mount+0x166/0x420
[ 2184.287123][ T2069]  ? __pfx___se_sys_mount+0x10/0x10
[ 2184.287163][ T2069]  ? __x64_sys_mount+0x20/0xc0
[ 2184.287197][ T2069]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2184.287221][ T2069]  do_syscall_64+0x15f/0x560
[ 2184.287250][ T2069]  ? trace_irq_disable+0x3b/0x140
[ 2184.287275][ T2069]  ? clear_bhb_loop+0x40/0x90
[ 2184.287303][ T2069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2184.287326][ T2069] RIP: 0033:0x7f774e5ece59
[ 2184.287348][ T2069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2184.287368][ T2069] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2184.287393][ T2069] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2184.287411][ T2069] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000000
[ 2184.287426][ T2069] RBP: 00007f774c846090 R08: 0000200000000280 R09: 0000000000000000
[ 2184.287448][ T2069] R10: 00000000020080a0 R11: 0000000000000246 R12: 0000000000000001
[ 2184.287463][ T2069] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2184.287500][ T2069]  </TASK>
[ 2184.854850][ T1512] bridge_slave_1: left allmulticast mode
[ 2184.854887][ T1512] bridge_slave_1: left promiscuous mode
[ 2184.855418][ T1512] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2185.053358][ T1512] bridge_slave_0: left allmulticast mode
[ 2185.053413][ T1512] bridge_slave_0: left promiscuous mode
[ 2185.053729][ T1512] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2185.979169][ T1512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2186.105853][ T1512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2186.213288][ T1512] bond0 (unregistering): Released all slaves
[ 2186.793806][ T1512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2186.923552][ T1512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2187.015437][ T1512] bond0 (unregistering): Released all slaves
[ 2187.123696][ T5281] 8021q: adding VLAN 0 to HW filter on device eth5
[ 2187.653185][ T2118] FAULT_INJECTION: forcing a failure.
[ 2187.653185][ T2118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2187.653222][ T2118] CPU: 1 UID: 0 PID: 2118 Comm: syz.3.9015 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2187.653258][ T2118] Tainted: [L]=SOFTLOCKUP
[ 2187.653265][ T2118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2187.653276][ T2118] Call Trace:
[ 2187.653284][ T2118]  <TASK>
[ 2187.653292][ T2118]  dump_stack_lvl+0xe8/0x150
[ 2187.653321][ T2118]  should_fail_ex+0x46b/0x600
[ 2187.653354][ T2118]  _copy_from_user+0x2d/0xb0
[ 2187.653378][ T2118]  __sys_bpf+0x2e7/0xd90
[ 2187.653406][ T2118]  ? __pfx___sys_bpf+0x10/0x10
[ 2187.653432][ T2118]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2187.653456][ T2118]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2187.653492][ T2118]  ? ksys_write+0x248/0x270
[ 2187.653515][ T2118]  ? __pfx_ksys_write+0x10/0x10
[ 2187.653539][ T2118]  __x64_sys_bpf+0xba/0xd0
[ 2187.653557][ T2118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2187.653576][ T2118]  do_syscall_64+0x15f/0x560
[ 2187.653599][ T2118]  ? trace_irq_disable+0x3b/0x140
[ 2187.653619][ T2118]  ? clear_bhb_loop+0x40/0x90
[ 2187.653640][ T2118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2187.653658][ T2118] RIP: 0033:0x7f774e5ece59
[ 2187.653676][ T2118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2187.653692][ T2118] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2187.653712][ T2118] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2187.653726][ T2118] RDX: 0000000000000028 RSI: 0000200000000380 RDI: 0000000000000012
[ 2187.653737][ T2118] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2187.653748][ T2118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2187.653758][ T2118] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2187.653785][ T2118]  </TASK>
[ 2188.641063][ T1160] 8021q: adding VLAN 0 to HW filter on device team0
[ 2189.093748][ T1512] hsr_slave_0: left promiscuous mode
[ 2189.192405][ T1512] hsr_slave_1: left promiscuous mode
[ 2189.202701][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2189.350136][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2189.512185][ T2133] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9022'.
[ 2189.586622][ T1512] hsr_slave_0: left promiscuous mode
[ 2189.625905][ T1512] hsr_slave_1: left promiscuous mode
[ 2189.660049][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2189.661277][ T2136] loop9: detected capacity change from 0 to 2640
[ 2189.718635][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2189.886781][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.886813][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.915509][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.915545][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.915680][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.915707][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.915861][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.915889][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.916023][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.916048][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.916246][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.916272][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.954412][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.954502][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.954977][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.955073][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.963405][ T2136] ldm_validate_partition_table(): Disk read failed.
[ 2189.963677][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.963757][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2189.964113][ T2136] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2189.964187][ T2136] Buffer I/O error on dev loop9, logical block 0, async page read
[ 2190.062185][ T2136] Dev loop9: unable to read RDB block 0
[ 2190.200558][ T2136]  loop9: unable to read partition table
[ 2190.200845][ T2136] loop_reread_partitions: partition scan of loop9 (3Ÿ¾‚³˜) failed (rc=-5)
[ 2190.809396][ T1512] team0 (unregistering): Port device team_slave_1 removed
[ 2190.959313][ T1512] team0 (unregistering): Port device team_slave_0 removed
[ 2190.974781][T25889] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2191.046202][T25889] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2191.048745][T25889] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2191.050030][T25889] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2191.096283][T25889] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2192.253452][ T1512] team0 (unregistering): Port device team_slave_1 removed
[ 2192.316054][ T1512] team0 (unregistering): Port device team_slave_0 removed
[ 2192.749059][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2192.749344][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2192.936520][ T2187] FAULT_INJECTION: forcing a failure.
[ 2192.936520][ T2187] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2192.936562][ T2187] CPU: 0 UID: 0 PID: 2187 Comm: syz.3.9046 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2192.936644][ T2187] Tainted: [L]=SOFTLOCKUP
[ 2192.936654][ T2187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2192.936668][ T2187] Call Trace:
[ 2192.936678][ T2187]  <TASK>
[ 2192.936688][ T2187]  dump_stack_lvl+0xe8/0x150
[ 2192.936724][ T2187]  should_fail_ex+0x46b/0x600
[ 2192.936765][ T2187]  _copy_from_user+0x2d/0xb0
[ 2192.936795][ T2187]  ___sys_sendmsg+0x1c6/0x360
[ 2192.936825][ T2187]  ? __lock_acquire+0x6b5/0x2d10
[ 2192.936857][ T2187]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2192.936894][ T2187]  ? kstrtouint+0x6e/0xe0
[ 2192.936943][ T2187]  ? __fget_files+0x2a/0x420
[ 2192.936963][ T2187]  ? __fget_files+0x3a6/0x420
[ 2192.936994][ T2187]  __sys_sendmmsg+0x282/0x4e0
[ 2192.937038][ T2187]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2192.937076][ T2187]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2192.937114][ T2187]  ? ksys_write+0x248/0x270
[ 2192.937141][ T2187]  ? __pfx_ksys_write+0x10/0x10
[ 2192.937174][ T2187]  __x64_sys_sendmmsg+0xa0/0xc0
[ 2192.937205][ T2187]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2192.937227][ T2187]  do_syscall_64+0x15f/0x560
[ 2192.937263][ T2187]  ? trace_irq_disable+0x3b/0x140
[ 2192.937288][ T2187]  ? clear_bhb_loop+0x40/0x90
[ 2192.937315][ T2187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2192.937346][ T2187] RIP: 0033:0x7f774e5ece59
[ 2192.937367][ T2187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2192.937387][ T2187] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2192.937412][ T2187] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2192.937430][ T2187] RDX: 0000000000000001 RSI: 0000200000004640 RDI: 0000000000000003
[ 2192.937444][ T2187] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2192.937459][ T2187] R10: 0000000024000000 R11: 0000000000000246 R12: 0000000000000001
[ 2192.937473][ T2187] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2192.937508][ T2187]  </TASK>
[ 2193.662342][T25889] Bluetooth: hci1: command tx timeout
[ 2193.812022][ T2200] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9051'.
[ 2194.265051][ T2204] 9p: Bad value for 'wfdno'
[ 2194.593069][ T2212] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9056'.
[ 2195.566764][ T2227] 9p: Bad value for 'wfdno'
[ 2195.872191][T25889] Bluetooth: hci1: command tx timeout
[ 2197.032996][ T2256] FAULT_INJECTION: forcing a failure.
[ 2197.032996][ T2256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2197.033027][ T2256] CPU: 0 UID: 0 PID: 2256 Comm: syz.3.9069 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2197.033049][ T2256] Tainted: [L]=SOFTLOCKUP
[ 2197.033056][ T2256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2197.033067][ T2256] Call Trace:
[ 2197.033073][ T2256]  <TASK>
[ 2197.033080][ T2256]  dump_stack_lvl+0xe8/0x150
[ 2197.033107][ T2256]  should_fail_ex+0x46b/0x600
[ 2197.033137][ T2256]  _copy_from_user+0x2d/0xb0
[ 2197.033159][ T2256]  ___sys_sendmsg+0x1c6/0x360
[ 2197.033181][ T2256]  ? __lock_acquire+0x6b5/0x2d10
[ 2197.033204][ T2256]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2197.033259][ T2256]  ? __fget_files+0x2a/0x420
[ 2197.033273][ T2256]  ? __fget_files+0x3a6/0x420
[ 2197.033295][ T2256]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2197.033320][ T2256]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2197.033350][ T2256]  ? __pfx_ksys_write+0x10/0x10
[ 2197.033380][ T2256]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2197.033397][ T2256]  do_syscall_64+0x15f/0x560
[ 2197.033419][ T2256]  ? trace_irq_disable+0x3b/0x140
[ 2197.033438][ T2256]  ? clear_bhb_loop+0x40/0x90
[ 2197.033458][ T2256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2197.033481][ T2256] RIP: 0033:0x7f774e5ece59
[ 2197.033496][ T2256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2197.033510][ T2256] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2197.033527][ T2256] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2197.033540][ T2256] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[ 2197.033561][ T2256] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2197.033571][ T2256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2197.033581][ T2256] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2197.033605][ T2256]  </TASK>
[ 2197.954458][ T1416] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2198.098343][T25889] Bluetooth: hci1: command tx timeout
[ 2198.491375][ T1416] 8021q: adding VLAN 0 to HW filter on device team0
[ 2198.689795][ T2012] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2198.690961][ T2012] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2199.000183][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2199.000465][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2199.434502][ T2289] FAULT_INJECTION: forcing a failure.
[ 2199.434502][ T2289] name fail_futex, interval 1, probability 0, space 0, times 0
[ 2199.434545][ T2289] CPU: 1 UID: 0 PID: 2289 Comm: syz.1.9076 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2199.434577][ T2289] Tainted: [L]=SOFTLOCKUP
[ 2199.434586][ T2289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2199.434601][ T2289] Call Trace:
[ 2199.434611][ T2289]  <TASK>
[ 2199.434621][ T2289]  dump_stack_lvl+0xe8/0x150
[ 2199.434657][ T2289]  should_fail_ex+0x46b/0x600
[ 2199.434699][ T2289]  get_futex_key+0x1b0/0x1590
[ 2199.434732][ T2289]  ? perf_lock_task_context+0x785/0x850
[ 2199.434763][ T2289]  ? __pfx_get_futex_key+0x10/0x10
[ 2199.434789][ T2289]  ? __lock_acquire+0x6b5/0x2d10
[ 2199.434831][ T2289]  futex_wake+0x114/0x580
[ 2199.434860][ T2289]  ? __pfx_futex_wake+0x10/0x10
[ 2199.434884][ T2289]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2199.434921][ T2289]  do_futex+0x395/0x420
[ 2199.434958][ T2289]  ? __pfx_do_futex+0x10/0x10
[ 2199.434993][ T2289]  ? __might_fault+0xaf/0x130
[ 2199.435022][ T2289]  mm_release+0x101/0x290
[ 2199.435058][ T2289]  exit_mm+0x54/0x2d0
[ 2199.435090][ T2289]  do_exit+0x6a2/0x22c0
[ 2199.435120][ T2289]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2199.435154][ T2289]  ? __pfx_do_exit+0x10/0x10
[ 2199.435187][ T2289]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 2199.435210][ T2289]  ? reacquire_held_locks+0x104/0x190
[ 2199.435242][ T2289]  ? rt_spin_lock+0x1e0/0x400
[ 2199.435277][ T2289]  do_group_exit+0x21b/0x2d0
[ 2199.435305][ T2289]  ? rt_spin_unlock+0x160/0x200
[ 2199.435331][ T2289]  get_signal+0x1284/0x1330
[ 2199.435391][ T2289]  arch_do_signal_or_restart+0xbc/0x840
[ 2199.435417][ T2289]  ? __fget_files+0x2a/0x420
[ 2199.435437][ T2289]  ? __fget_files+0x3a6/0x420
[ 2199.435458][ T2289]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2199.435492][ T2289]  ? ksys_read+0x248/0x270
[ 2199.435527][ T2289]  exit_to_user_mode_loop+0x8c/0x4d0
[ 2199.435553][ T2289]  ? rcu_is_watching+0x15/0xb0
[ 2199.435585][ T2289]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2199.435609][ T2289]  do_syscall_64+0x33e/0x560
[ 2199.435642][ T2289]  ? clear_bhb_loop+0x40/0x90
[ 2199.435670][ T2289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2199.435706][ T2289] RIP: 0033:0x7feb13d9ce59
[ 2199.435726][ T2289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2199.435745][ T2289] RSP: 002b:00007feb11fac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2199.435769][ T2289] RAX: fffffffffffffe00 RBX: 00007feb14016180 RCX: 00007feb13d9ce59
[ 2199.435786][ T2289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[ 2199.435800][ T2289] RBP: 00007feb11fac090 R08: 0000000000000000 R09: 0000000000000000
[ 2199.435814][ T2289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2199.435828][ T2289] R13: 00007feb14016218 R14: 00007feb14016180 R15: 00007ffcffd36cb8
[ 2199.435863][ T2289]  </TASK>
[ 2200.332119][ T2299] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9079'.
[ 2200.344024][T26396] Bluetooth: hci1: command tx timeout
[ 2200.554703][ T2308] FAULT_INJECTION: forcing a failure.
[ 2200.554703][ T2308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2200.554742][ T2308] CPU: 1 UID: 0 PID: 2308 Comm: syz.3.9082 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2200.554773][ T2308] Tainted: [L]=SOFTLOCKUP
[ 2200.554782][ T2308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2200.554796][ T2308] Call Trace:
[ 2200.554805][ T2308]  <TASK>
[ 2200.554815][ T2308]  dump_stack_lvl+0xe8/0x150
[ 2200.554851][ T2308]  should_fail_ex+0x46b/0x600
[ 2200.554893][ T2308]  _copy_to_user+0x31/0xb0
[ 2200.554926][ T2308]  simple_read_from_buffer+0xe1/0x170
[ 2200.554976][ T2308]  proc_fail_nth_read+0x1be/0x230
[ 2200.555003][ T2308]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2200.555029][ T2308]  ? rw_verify_area+0x2ac/0x4e0
[ 2200.555062][ T2308]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2200.555085][ T2308]  vfs_read+0x212/0xa80
[ 2200.555118][ T2308]  ? __pfx_vfs_read+0x10/0x10
[ 2200.555146][ T2308]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2200.555177][ T2308]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2200.555206][ T2308]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2200.555236][ T2308]  ? mutex_lock_nested+0x152/0x1d0
[ 2200.555257][ T2308]  ? fdget_pos+0x252/0x320
[ 2200.555288][ T2308]  ksys_read+0x156/0x270
[ 2200.555312][ T2308]  ? __pfx_filldir64+0x10/0x10
[ 2200.555344][ T2308]  ? __pfx_ksys_read+0x10/0x10
[ 2200.555378][ T2308]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2200.555403][ T2308]  do_syscall_64+0x15f/0x560
[ 2200.555433][ T2308]  ? trace_irq_disable+0x3b/0x140
[ 2200.555459][ T2308]  ? clear_bhb_loop+0x40/0x90
[ 2200.555488][ T2308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2200.555510][ T2308] RIP: 0033:0x7f774e5ad68e
[ 2200.555532][ T2308] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2200.555556][ T2308] RSP: 002b:00007f774c845fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2200.555581][ T2308] RAX: ffffffffffffffda RBX: 00007f774c8466c0 RCX: 00007f774e5ad68e
[ 2200.555599][ T2308] RDX: 000000000000000f RSI: 00007f774c8460a0 RDI: 0000000000000006
[ 2200.555614][ T2308] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2200.555629][ T2308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2200.555644][ T2308] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2200.555681][ T2308]  </TASK>
[ 2202.002392][ T2147] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2202.004594][ T2147] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2202.004974][ T2147] bridge_slave_0: entered allmulticast mode
[ 2202.016572][   T32] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 2202.043269][ T2147] bridge_slave_0: entered promiscuous mode
[ 2202.120042][ T2147] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2202.120382][ T2147] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2202.120760][ T2147] bridge_slave_1: entered allmulticast mode
[ 2202.154455][ T2147] bridge_slave_1: entered promiscuous mode
[ 2202.198239][   T32] usb 2-1: Using ep0 maxpacket: 8
[ 2202.202339][   T32] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2202.202400][   T32] usb 2-1: New USB device found, idVendor=0408, idProduct=3001, bcdDevice= 0.00
[ 2202.202426][   T32] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2202.208080][   T32] usb 2-1: config 0 descriptor??
[ 2202.262370][   T32] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 2202.676618][ T2147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2202.676808][ T2346] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9085'.
[ 2202.677027][ T2346] netlink: 23 bytes leftover after parsing attributes in process `syz.1.9085'.
[ 2203.373884][T29362] usb 2-1: USB disconnect, device number 57
[ 2203.874726][ T2379] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9097'.
[ 2203.959423][ T2147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2204.328929][ T2379] 8021q: VLANs not supported on lo
[ 2205.281270][ T2390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9100'.
[ 2206.293761][ T2147] team0: Port device team_slave_0 added
[ 2206.738964][ T2147] team0: Port device team_slave_1 added
[ 2207.386992][ T2147] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2207.387013][ T2147] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2207.387044][ T2147] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2207.441451][ T2147] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2207.441505][ T2147] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2207.441593][ T2147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2207.859487][ T2147] hsr_slave_0: entered promiscuous mode
[ 2207.861589][ T2147] hsr_slave_1: entered promiscuous mode
[ 2207.863913][ T2147] debugfs: 'hsr0' already exists in 'hsr'
[ 2207.863939][ T2147] Cannot create hsr debugfs directory
[ 2208.447791][ T2410] FAULT_INJECTION: forcing a failure.
[ 2208.447791][ T2410] name failslab, interval 1, probability 0, space 0, times 0
[ 2208.447831][ T2410] CPU: 0 UID: 0 PID: 2410 Comm: syz.3.9108 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2208.447862][ T2410] Tainted: [L]=SOFTLOCKUP
[ 2208.447871][ T2410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2208.447886][ T2410] Call Trace:
[ 2208.447895][ T2410]  <TASK>
[ 2208.447905][ T2410]  dump_stack_lvl+0xe8/0x150
[ 2208.447941][ T2410]  should_fail_ex+0x46b/0x600
[ 2208.447984][ T2410]  should_failslab+0xa8/0x100
[ 2208.448014][ T2410]  kmem_cache_alloc_noprof+0x87/0x680
[ 2208.448039][ T2410]  ? do_getname+0x2e/0x250
[ 2208.448067][ T2410]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2208.448103][ T2410]  do_getname+0x2e/0x250
[ 2208.448131][ T2410]  ? user_path_at+0x1e/0x160
[ 2208.448157][ T2410]  user_path_at+0x2a/0x160
[ 2208.448183][ T2410]  __se_sys_mount+0x2dc/0x420
[ 2208.448224][ T2410]  ? __pfx___se_sys_mount+0x10/0x10
[ 2208.448266][ T2410]  ? __x64_sys_mount+0x20/0xc0
[ 2208.448301][ T2410]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2208.448342][ T2410]  do_syscall_64+0x15f/0x560
[ 2208.448372][ T2410]  ? trace_irq_disable+0x3b/0x140
[ 2208.448398][ T2410]  ? clear_bhb_loop+0x40/0x90
[ 2208.448425][ T2410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2208.448457][ T2410] RIP: 0033:0x7f774e5ece59
[ 2208.448480][ T2410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2208.448505][ T2410] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2208.448531][ T2410] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2208.448549][ T2410] RDX: 0000000000000000 RSI: 00002000000020c0 RDI: 0000000000000000
[ 2208.448565][ T2410] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2208.448580][ T2410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2208.448594][ T2410] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2208.448630][ T2410]  </TASK>
[ 2208.940820][T25889] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2209.110934][T25889] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2209.144079][T25889] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2209.180610][T25889] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2209.228835][T25889] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2211.571045][ T1512] bridge_slave_1: left allmulticast mode
[ 2211.571086][ T1512] bridge_slave_1: left promiscuous mode
[ 2211.571400][ T1512] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2211.678762][ T1512] bridge_slave_0: left allmulticast mode
[ 2211.678801][ T1512] bridge_slave_0: left promiscuous mode
[ 2211.679100][ T1512] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2211.703113][T26396] Bluetooth: hci0: command tx timeout
[ 2212.070418][T25889] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2212.175606][T25889] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2212.218720][T25889] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2212.257475][T25889] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2212.259713][T25889] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2212.763822][ T2441] FAULT_INJECTION: forcing a failure.
[ 2212.763822][ T2441] name failslab, interval 1, probability 0, space 0, times 0
[ 2212.763891][ T2441] CPU: 0 UID: 0 PID: 2441 Comm: syz.3.9112 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2212.763922][ T2441] Tainted: [L]=SOFTLOCKUP
[ 2212.763931][ T2441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2212.763945][ T2441] Call Trace:
[ 2212.763955][ T2441]  <TASK>
[ 2212.763965][ T2441]  dump_stack_lvl+0xe8/0x150
[ 2212.764001][ T2441]  should_fail_ex+0x46b/0x600
[ 2212.764044][ T2441]  should_failslab+0xa8/0x100
[ 2212.764074][ T2441]  kmem_cache_alloc_noprof+0x87/0x680
[ 2212.764098][ T2441]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2212.764127][ T2441]  ? do_getname+0x2e/0x250
[ 2212.764162][ T2441]  do_getname+0x2e/0x250
[ 2212.764191][ T2441]  ? getname_flags+0x11/0x20
[ 2212.764226][ T2441]  do_sys_openat2+0xcc/0x200
[ 2212.764259][ T2441]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2212.764290][ T2441]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2212.764337][ T2441]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2212.764366][ T2441]  __x64_sys_openat+0x138/0x170
[ 2212.764405][ T2441]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2212.764429][ T2441]  do_syscall_64+0x15f/0x560
[ 2212.764467][ T2441]  ? clear_bhb_loop+0x40/0x90
[ 2212.764495][ T2441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2212.764518][ T2441] RIP: 0033:0x7f774e5ece59
[ 2212.764540][ T2441] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2212.764560][ T2441] RSP: 002b:00007f774c804028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2212.764584][ T2441] RAX: ffffffffffffffda RBX: 00007f774e866180 RCX: 00007f774e5ece59
[ 2212.764602][ T2441] RDX: 0000000000000042 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 2212.764619][ T2441] RBP: 00007f774c804090 R08: 0000000000000000 R09: 0000000000000000
[ 2212.764635][ T2441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2212.764650][ T2441] R13: 00007f774e866218 R14: 00007f774e866180 R15: 00007ffff14f7798
[ 2212.764686][ T2441]  </TASK>
[ 2213.920860][T25889] Bluetooth: hci0: command tx timeout
[ 2214.014749][ T2454] FAULT_INJECTION: forcing a failure.
[ 2214.014749][ T2454] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2214.014786][ T2454] CPU: 1 UID: 0 PID: 2454 Comm: syz.3.9117 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2214.014812][ T2454] Tainted: [L]=SOFTLOCKUP
[ 2214.014819][ T2454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2214.014831][ T2454] Call Trace:
[ 2214.014839][ T2454]  <TASK>
[ 2214.014847][ T2454]  dump_stack_lvl+0xe8/0x150
[ 2214.014877][ T2454]  should_fail_ex+0x46b/0x600
[ 2214.014920][ T2454]  _copy_from_user+0x2d/0xb0
[ 2214.014946][ T2454]  ___sys_sendmsg+0x1c6/0x360
[ 2214.014972][ T2454]  ? __lock_acquire+0x6b5/0x2d10
[ 2214.014999][ T2454]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2214.015077][ T2454]  ? __fget_files+0x2a/0x420
[ 2214.015095][ T2454]  ? __fget_files+0x3a6/0x420
[ 2214.015120][ T2454]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2214.015148][ T2454]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2214.015182][ T2454]  ? __pfx_ksys_write+0x10/0x10
[ 2214.015212][ T2454]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2214.015232][ T2454]  do_syscall_64+0x15f/0x560
[ 2214.015257][ T2454]  ? trace_irq_disable+0x3b/0x140
[ 2214.015277][ T2454]  ? clear_bhb_loop+0x40/0x90
[ 2214.015301][ T2454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2214.015319][ T2454] RIP: 0033:0x7f774e5ece59
[ 2214.015338][ T2454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2214.015356][ T2454] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2214.015377][ T2454] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2214.015392][ T2454] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 2214.015404][ T2454] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2214.015415][ T2454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2214.015427][ T2454] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2214.015455][ T2454]  </TASK>
[ 2214.681437][T25889] Bluetooth: hci2: command tx timeout
[ 2214.831731][ T2475] FAULT_INJECTION: forcing a failure.
[ 2214.831731][ T2475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2214.831776][ T2475] CPU: 1 UID: 0 PID: 2475 Comm: syz.3.9126 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2214.831810][ T2475] Tainted: [L]=SOFTLOCKUP
[ 2214.831821][ T2475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2214.831837][ T2475] Call Trace:
[ 2214.831847][ T2475]  <TASK>
[ 2214.831859][ T2475]  dump_stack_lvl+0xe8/0x150
[ 2214.831899][ T2475]  should_fail_ex+0x46b/0x600
[ 2214.831948][ T2475]  _copy_to_user+0x31/0xb0
[ 2214.832119][ T2475]  simple_read_from_buffer+0xe1/0x170
[ 2214.832166][ T2475]  proc_fail_nth_read+0x1be/0x230
[ 2214.832196][ T2475]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2214.832225][ T2475]  ? rw_verify_area+0x2ac/0x4e0
[ 2214.832249][ T2475]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2214.832274][ T2475]  vfs_read+0x212/0xa80
[ 2214.832312][ T2475]  ? __pfx_vfs_read+0x10/0x10
[ 2214.832343][ T2475]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2214.832376][ T2475]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2214.832408][ T2475]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2214.832440][ T2475]  ? mutex_lock_nested+0x152/0x1d0
[ 2214.832463][ T2475]  ? fdget_pos+0x252/0x320
[ 2214.832497][ T2475]  ksys_read+0x156/0x270
[ 2214.832525][ T2475]  ? __pfx_ksys_read+0x10/0x10
[ 2214.832559][ T2475]  ? __secure_computing+0xe1/0x2a0
[ 2214.832593][ T2475]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2214.832622][ T2475]  do_syscall_64+0x15f/0x560
[ 2214.832653][ T2475]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2214.832679][ T2475]  ? clear_bhb_loop+0x40/0x90
[ 2214.832711][ T2475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2214.832737][ T2475] RIP: 0033:0x7f774e5ad68e
[ 2214.832760][ T2475] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2214.832781][ T2475] RSP: 002b:00007f774c845fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2214.832807][ T2475] RAX: ffffffffffffffda RBX: 00007f774c8466c0 RCX: 00007f774e5ad68e
[ 2214.832827][ T2475] RDX: 000000000000000f RSI: 00007f774c8460a0 RDI: 0000000000000003
[ 2214.832843][ T2475] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2214.832859][ T2475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2214.832874][ T2475] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2214.832919][ T2475]  </TASK>
[ 2215.123359][ T1512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2215.310672][ T1512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2215.568409][ T1512] bond0 (unregistering): Released all slaves
[ 2215.644524][ T2486] FAULT_INJECTION: forcing a failure.
[ 2215.644524][ T2486] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2215.644593][ T2486] CPU: 1 UID: 0 PID: 2486 Comm: syz.3.9129 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2215.644624][ T2486] Tainted: [L]=SOFTLOCKUP
[ 2215.644634][ T2486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2215.644648][ T2486] Call Trace:
[ 2215.644657][ T2486]  <TASK>
[ 2215.644667][ T2486]  dump_stack_lvl+0xe8/0x150
[ 2215.644704][ T2486]  should_fail_ex+0x46b/0x600
[ 2215.644748][ T2486]  _copy_from_user+0x2d/0xb0
[ 2215.644802][ T2486]  do_ipv6_setsockopt+0x25c/0x3150
[ 2215.644843][ T2486]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[ 2215.644877][ T2486]  ? __schedule+0x170f/0x5500
[ 2215.644915][ T2486]  ? __pfx___schedule+0x10/0x10
[ 2215.644957][ T2486]  ? irqentry_exit+0x218/0x760
[ 2215.644995][ T2486]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2215.645024][ T2486]  ? irqentry_exit+0x218/0x760
[ 2215.645050][ T2486]  ? rcu_is_watching+0x15/0xb0
[ 2215.645097][ T2486]  ? security_socket_setsockopt+0x6f/0x290
[ 2215.645139][ T2486]  ipv6_setsockopt+0x59/0x170
[ 2215.645170][ T2486]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 2215.645198][ T2486]  do_sock_setsockopt+0x17c/0x1b0
[ 2215.645233][ T2486]  __x64_sys_setsockopt+0x143/0x1b0
[ 2215.645267][ T2486]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2215.645292][ T2486]  do_syscall_64+0x15f/0x560
[ 2215.645324][ T2486]  ? clear_bhb_loop+0x40/0x90
[ 2215.645353][ T2486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2215.645376][ T2486] RIP: 0033:0x7f774e5ece59
[ 2215.645397][ T2486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2215.645418][ T2486] RSP: 002b:00007f774c804028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 2215.645442][ T2486] RAX: ffffffffffffffda RBX: 00007f774e866180 RCX: 00007f774e5ece59
[ 2215.645458][ T2486] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000005
[ 2215.645472][ T2486] RBP: 00007f774c804090 R08: 0000000000000018 R09: 0000000000000000
[ 2215.645486][ T2486] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[ 2215.645499][ T2486] R13: 00007f774e866218 R14: 00007f774e866180 R15: 00007ffff14f7798
[ 2215.645534][ T2486]  </TASK>
[ 2216.314614][T25889] Bluetooth: hci0: command tx timeout
[ 2217.023263][T25889] Bluetooth: hci2: command tx timeout
[ 2217.840631][ T2501] FAULT_INJECTION: forcing a failure.
[ 2217.840631][ T2501] name failslab, interval 1, probability 0, space 0, times 0
[ 2217.840670][ T2501] CPU: 0 UID: 0 PID: 2501 Comm: syz.3.9133 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2217.840700][ T2501] Tainted: [L]=SOFTLOCKUP
[ 2217.840709][ T2501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2217.840722][ T2501] Call Trace:
[ 2217.840731][ T2501]  <TASK>
[ 2217.840741][ T2501]  dump_stack_lvl+0xe8/0x150
[ 2217.840778][ T2501]  should_fail_ex+0x46b/0x600
[ 2217.840821][ T2501]  should_failslab+0xa8/0x100
[ 2217.840853][ T2501]  __kvmalloc_node_noprof+0x170/0x8e0
[ 2217.840884][ T2501]  ? seq_read_iter+0x203/0xe20
[ 2217.840911][ T2501]  ? mutex_lock_nested+0x152/0x1d0
[ 2217.840940][ T2501]  ? seq_read_iter+0xb8/0xe20
[ 2217.840971][ T2501]  seq_read_iter+0x203/0xe20
[ 2217.841022][ T2501]  vfs_read+0x58b/0xa80
[ 2217.841063][ T2501]  ? __pfx_vfs_read+0x10/0x10
[ 2217.841097][ T2501]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2217.841126][ T2501]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2217.841158][ T2501]  ? mutex_lock_nested+0x152/0x1d0
[ 2217.841179][ T2501]  ? fdget_pos+0x252/0x320
[ 2217.841209][ T2501]  ksys_read+0x156/0x270
[ 2217.841244][ T2501]  ? __pfx_ksys_read+0x10/0x10
[ 2217.841279][ T2501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2217.841303][ T2501]  do_syscall_64+0x15f/0x560
[ 2217.841331][ T2501]  ? trace_irq_disable+0x3b/0x140
[ 2217.841355][ T2501]  ? clear_bhb_loop+0x40/0x90
[ 2217.841382][ T2501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2217.841405][ T2501] RIP: 0033:0x7f774e5ece59
[ 2217.841425][ T2501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2217.841444][ T2501] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2217.841467][ T2501] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2217.841483][ T2501] RDX: 0000000000002020 RSI: 0000200000002c00 RDI: 0000000000000003
[ 2217.841498][ T2501] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2217.841511][ T2501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2217.841525][ T2501] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2217.841561][ T2501]  </TASK>
[ 2218.527274][T25889] Bluetooth: hci0: command tx timeout
[ 2219.777376][T25889] Bluetooth: hci2: command tx timeout
[ 2220.292137][ T5281] 8021q: adding VLAN 0 to HW filter on device eth5
[ 2220.450284][ T1512] hsr_slave_0: left promiscuous mode
[ 2220.494609][ T1512] hsr_slave_1: left promiscuous mode
[ 2220.495525][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2220.516573][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2221.009935][ T1512] team0 (unregistering): Port device team_slave_1 removed
[ 2221.059864][ T1512] team0 (unregistering): Port device team_slave_0 removed
[ 2221.566795][ T2413] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2221.567048][ T2413] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2221.567326][ T2413] bridge_slave_0: entered allmulticast mode
[ 2221.569990][ T2413] bridge_slave_0: entered promiscuous mode
[ 2221.610970][ T2413] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2221.611331][ T2413] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2221.611696][ T2413] bridge_slave_1: entered allmulticast mode
[ 2221.615994][ T2413] bridge_slave_1: entered promiscuous mode
[ 2221.738134][ T2413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2221.847740][ T2413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2221.966977][T25889] Bluetooth: hci2: command tx timeout
[ 2222.238622][ T2413] team0: Port device team_slave_0 added
[ 2222.263762][ T2413] team0: Port device team_slave_1 added
[ 2222.728918][ T1336] ieee802154 phy0 wpan0: encryption failed: -22
[ 2222.729032][ T1336] ieee802154 phy1 wpan1: encryption failed: -22
[ 2223.074385][ T2413] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2223.074401][ T2413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2223.074422][ T2413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2223.240504][ T2413] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2223.240524][ T2413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2223.240554][ T2413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2223.495946][ T2413] hsr_slave_0: entered promiscuous mode
[ 2223.497689][ T2413] hsr_slave_1: entered promiscuous mode
[ 2223.498975][ T2413] debugfs: 'hsr0' already exists in 'hsr'
[ 2223.499004][ T2413] Cannot create hsr debugfs directory
[ 2225.259924][ T2434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2225.267344][ T2434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2225.267722][ T2434] bridge_slave_0: entered allmulticast mode
[ 2225.277461][ T2434] bridge_slave_0: entered promiscuous mode
[ 2225.658828][ T2434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2225.659064][ T2434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2225.659356][ T2434] bridge_slave_1: entered allmulticast mode
[ 2225.661881][ T2434] bridge_slave_1: entered promiscuous mode
[ 2225.663589][ T2147] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2225.695135][ T2147] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 2225.852047][ T2147] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2225.906343][ T2147] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 2226.179031][ T2147] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2226.225176][ T2147] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 2226.590574][ T2434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2226.628049][ T2147] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2226.665412][ T2147] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 2226.700685][ T2434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2226.959240][ T2434] team0: Port device team_slave_0 added
[ 2226.990738][ T2434] team0: Port device team_slave_1 added
[ 2227.074508][ T2434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2227.074527][ T2434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2227.074560][ T2434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2227.157216][ T2434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2227.157233][ T2434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2227.157257][ T2434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2227.457718][ T2434] hsr_slave_0: entered promiscuous mode
[ 2227.459804][ T2434] hsr_slave_1: entered promiscuous mode
[ 2227.461963][ T2434] debugfs: 'hsr0' already exists in 'hsr'
[ 2227.461986][ T2434] Cannot create hsr debugfs directory
[ 2228.584480][ T2147] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2228.828615][ T1512] bridge_slave_1: left allmulticast mode
[ 2228.828654][ T1512] bridge_slave_1: left promiscuous mode
[ 2228.828944][ T1512] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2229.044110][ T1512] bridge_slave_0: left allmulticast mode
[ 2229.044149][ T1512] bridge_slave_0: left promiscuous mode
[ 2229.044420][ T1512] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2229.351740][ T1512] bridge_slave_1: left allmulticast mode
[ 2229.351777][ T1512] bridge_slave_1: left promiscuous mode
[ 2229.352041][ T1512] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2229.481468][ T1512] bridge_slave_0: left allmulticast mode
[ 2229.481507][ T1512] bridge_slave_0: left promiscuous mode
[ 2229.481819][ T1512] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2230.519630][ T2621] loop3: detected capacity change from 0 to 512
[ 2230.816488][ T1512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2230.881134][ T1512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2230.907337][ T1512] bond0 (unregistering): Released all slaves
[ 2231.507691][ T1512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2231.633353][ T1512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2231.717388][ T1512] bond0 (unregistering): Released all slaves
[ 2231.794426][   T38] audit: type=1326 audit(1779439279.620:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2637 comm="syz.3.9153" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f774e5ece59 code=0x0
[ 2231.846368][ T5281] 8021q: adding VLAN 0 to HW filter on device eth5
[ 2231.953883][ T2147] 8021q: adding VLAN 0 to HW filter on device team0
[ 2231.984230][ T2639] FAULT_INJECTION: forcing a failure.
[ 2231.984230][ T2639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2231.984270][ T2639] CPU: 1 UID: 0 PID: 2639 Comm: syz.3.9153 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2231.984301][ T2639] Tainted: [L]=SOFTLOCKUP
[ 2231.984309][ T2639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2231.984323][ T2639] Call Trace:
[ 2231.984331][ T2639]  <TASK>
[ 2231.984342][ T2639]  dump_stack_lvl+0xe8/0x150
[ 2231.984375][ T2639]  should_fail_ex+0x46b/0x600
[ 2231.984417][ T2639]  _copy_from_user+0x2d/0xb0
[ 2231.984450][ T2639]  core_sys_select+0x57a/0xc30
[ 2231.984498][ T2639]  ? __pfx_core_sys_select+0x10/0x10
[ 2231.984552][ T2639]  ? __pfx_set_user_sigmask+0x10/0x10
[ 2231.984585][ T2639]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 2231.984606][ T2639]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2231.984668][ T2639]  __se_sys_pselect6+0x267/0x320
[ 2231.984711][ T2639]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 2231.984743][ T2639]  ? __pfx_ksys_write+0x10/0x10
[ 2231.984773][ T2639]  ? __x64_sys_pselect6+0x21/0xf0
[ 2231.984805][ T2639]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2231.984888][ T2639]  do_syscall_64+0x15f/0x560
[ 2231.984917][ T2639]  ? trace_irq_disable+0x3b/0x140
[ 2231.984942][ T2639]  ? clear_bhb_loop+0x40/0x90
[ 2231.984969][ T2639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2231.984992][ T2639] RIP: 0033:0x7f774e5ece59
[ 2231.985012][ T2639] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2231.985031][ T2639] RSP: 002b:00007f774c825028 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 2231.985056][ T2639] RAX: ffffffffffffffda RBX: 00007f774e866090 RCX: 00007f774e5ece59
[ 2231.985073][ T2639] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 2231.985087][ T2639] RBP: 00007f774c825090 R08: 0000000000000000 R09: 0000000000000000
[ 2231.985102][ T2639] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 2231.985118][ T2639] R13: 00007f774e866128 R14: 00007f774e866090 R15: 00007ffff14f7798
[ 2231.985153][ T2639]  </TASK>
[ 2232.317106][ T2641] netlink: 1688 bytes leftover after parsing attributes in process `syz.1.9154'.
[ 2232.785158][  T399] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2232.785390][  T399] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2232.830987][ T1557] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2232.831212][ T1557] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2233.037589][ T2648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9156'.
[ 2233.037620][ T2648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9156'.
[ 2233.702530][ T1512] hsr_slave_0: left promiscuous mode
[ 2233.747274][ T1512] hsr_slave_1: left promiscuous mode
[ 2233.748443][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2233.803983][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2234.085424][ T1512] hsr_slave_0: left promiscuous mode
[ 2234.129823][ T1512] hsr_slave_1: left promiscuous mode
[ 2234.131221][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2234.198826][ T1512] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2235.147994][ T2703] FAULT_INJECTION: forcing a failure.
[ 2235.147994][ T2703] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2235.148024][ T2703] CPU: 0 UID: 0 PID: 2703 Comm: syz.3.9172 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2235.148048][ T2703] Tainted: [L]=SOFTLOCKUP
[ 2235.148054][ T2703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2235.148064][ T2703] Call Trace:
[ 2235.148070][ T2703]  <TASK>
[ 2235.148078][ T2703]  dump_stack_lvl+0xe8/0x150
[ 2235.148106][ T2703]  should_fail_ex+0x46b/0x600
[ 2235.148137][ T2703]  prepare_alloc_pages+0x22a/0x6b0
[ 2235.148164][ T2703]  __alloc_frozen_pages_noprof+0x12f/0x380
[ 2235.148188][ T2703]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2235.148214][ T2703]  ? __pfx_policy_nodemask+0x10/0x10
[ 2235.148243][ T2703]  alloc_pages_mpol+0xd1/0x380
[ 2235.148266][ T2703]  alloc_pages_noprof+0xd2/0x2f0
[ 2235.148289][ T2703]  pte_alloc_one+0x22/0x380
[ 2235.148316][ T2703]  do_pte_missing+0x126d/0x2940
[ 2235.148341][ T2703]  ? mt_find+0x481/0x630
[ 2235.148370][ T2703]  handle_mm_fault+0xdc4/0x14d0
[ 2235.148392][ T2703]  ? handle_mm_fault+0xed/0x14d0
[ 2235.148413][ T2703]  ? __pfx_handle_mm_fault+0x10/0x10
[ 2235.148451][ T2703]  ? __lock_acquire+0x6b5/0x2d10
[ 2235.148475][ T2703]  ? lock_mm_and_find_vma+0xa7/0x340
[ 2235.148505][ T2703]  do_user_addr_fault+0x75b/0x1340
[ 2235.148538][ T2703]  exc_page_fault+0x6a/0xc0
[ 2235.148561][ T2703]  asm_exc_page_fault+0x26/0x30
[ 2235.148578][ T2703] RIP: 0010:__get_user_4+0x14/0x30
[ 2235.148596][ T2703] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 40 2f 05 00 90 90 90 90 90 90 90 90 90 90
[ 2235.148611][ T2703] RSP: 0018:ffffc90003f6fd90 EFLAGS: 00050287
[ 2235.148626][ T2703] RAX: 00007f774c7fc000 RBX: ffff88802e08c340 RCX: 0000000000000046
[ 2235.148638][ T2703] RDX: 00007ffffffff000 RSI: ffffffff8d89993f RDI: ffffffff8ba9af80
[ 2235.148650][ T2703] RBP: ffffc90003f6fee0 R08: ffffffff8218109f R09: ffff88802597acb0
[ 2235.148662][ T2703] R10: ffffc90003f6fe20 R11: fffff520007edfcc R12: 00007f774c7fc000
[ 2235.148674][ T2703] R13: dffffc0000000000 R14: ffff88802597a880 R15: dffffc0000000000
[ 2235.148692][ T2703]  ? __might_fault+0xaf/0x130
[ 2235.148715][ T2703]  lookup_ioctx+0x61/0x720
[ 2235.148745][ T2703]  __se_sys_io_submit+0xc0/0x340
[ 2235.148764][ T2703]  ? fput+0xa0/0xd0
[ 2235.148788][ T2703]  ? __pfx___se_sys_io_submit+0x10/0x10
[ 2235.148805][ T2703]  ? ksys_write+0x248/0x270
[ 2235.148834][ T2703]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2235.148851][ T2703]  do_syscall_64+0x15f/0x560
[ 2235.148872][ T2703]  ? trace_irq_disable+0x3b/0x140
[ 2235.148890][ T2703]  ? clear_bhb_loop+0x40/0x90
[ 2235.148910][ T2703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2235.148926][ T2703] RIP: 0033:0x7f774e5ece59
[ 2235.148940][ T2703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2235.148953][ T2703] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 2235.148969][ T2703] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2235.148981][ T2703] RDX: 0000200000000780 RSI: 0000000000000020 RDI: 00007f774c7fc000
[ 2235.148992][ T2703] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2235.149003][ T2703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2235.149013][ T2703] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2235.149038][ T2703]  </TASK>
[ 2235.663022][ T1512] team0 (unregistering): Port device team_slave_1 removed
[ 2235.767046][ T1512] team0 (unregistering): Port device team_slave_0 removed
[ 2236.426955][ T1512] team0 (unregistering): Port device team_slave_1 removed
[ 2236.490837][ T1512] team0 (unregistering): Port device team_slave_0 removed
[ 2236.742082][ T5281] 8021q: adding VLAN 0 to HW filter on device eth6
[ 2237.650611][ T2736] FAULT_INJECTION: forcing a failure.
[ 2237.650611][ T2736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2237.650662][ T2736] CPU: 0 UID: 0 PID: 2736 Comm: syz.1.9181 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2237.650693][ T2736] Tainted: [L]=SOFTLOCKUP
[ 2237.650702][ T2736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2237.650715][ T2736] Call Trace:
[ 2237.650725][ T2736]  <TASK>
[ 2237.650735][ T2736]  dump_stack_lvl+0xe8/0x150
[ 2237.650771][ T2736]  should_fail_ex+0x46b/0x600
[ 2237.650814][ T2736]  _copy_to_user+0x31/0xb0
[ 2237.650845][ T2736]  simple_read_from_buffer+0xe1/0x170
[ 2237.650887][ T2736]  proc_fail_nth_read+0x1be/0x230
[ 2237.650914][ T2736]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2237.650940][ T2736]  ? rw_verify_area+0x2ac/0x4e0
[ 2237.650964][ T2736]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2237.650988][ T2736]  vfs_read+0x212/0xa80
[ 2237.651021][ T2736]  ? __pfx_vfs_read+0x10/0x10
[ 2237.651049][ T2736]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2237.651079][ T2736]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2237.651109][ T2736]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2237.651139][ T2736]  ? mutex_lock_nested+0x152/0x1d0
[ 2237.651161][ T2736]  ? fdget_pos+0x252/0x320
[ 2237.651191][ T2736]  ksys_read+0x156/0x270
[ 2237.651220][ T2736]  ? __pfx_ksys_read+0x10/0x10
[ 2237.651255][ T2736]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2237.651280][ T2736]  do_syscall_64+0x15f/0x560
[ 2237.651310][ T2736]  ? trace_irq_disable+0x3b/0x140
[ 2237.651335][ T2736]  ? clear_bhb_loop+0x40/0x90
[ 2237.651363][ T2736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2237.651385][ T2736] RIP: 0033:0x7feb13d5d68e
[ 2237.651407][ T2736] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2237.651428][ T2736] RSP: 002b:00007feb11fccfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2237.651453][ T2736] RAX: ffffffffffffffda RBX: 00007feb11fcd6c0 RCX: 00007feb13d5d68e
[ 2237.651470][ T2736] RDX: 000000000000000f RSI: 00007feb11fcd0a0 RDI: 0000000000000003
[ 2237.651485][ T2736] RBP: 00007feb11fcd090 R08: 0000000000000000 R09: 0000000000000000
[ 2237.651500][ T2736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2237.651514][ T2736] R13: 00007feb14016128 R14: 00007feb14016090 R15: 00007ffcffd36cb8
[ 2237.651550][ T2736]  </TASK>
[ 2238.981712][ T2761] FAULT_INJECTION: forcing a failure.
[ 2238.981712][ T2761] name failslab, interval 1, probability 0, space 0, times 0
[ 2238.981840][ T2761] CPU: 0 UID: 0 PID: 2761 Comm: syz.3.9188 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2238.981873][ T2761] Tainted: [L]=SOFTLOCKUP
[ 2238.981882][ T2761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2238.981897][ T2761] Call Trace:
[ 2238.981907][ T2761]  <TASK>
[ 2238.981917][ T2761]  dump_stack_lvl+0xe8/0x150
[ 2238.981954][ T2761]  should_fail_ex+0x46b/0x600
[ 2238.981998][ T2761]  should_failslab+0xa8/0x100
[ 2238.982028][ T2761]  __kvmalloc_node_noprof+0x170/0x8e0
[ 2238.982057][ T2761]  ? seq_read_iter+0x203/0xe20
[ 2238.982085][ T2761]  ? mutex_lock_nested+0x152/0x1d0
[ 2238.982108][ T2761]  ? seq_read_iter+0xb8/0xe20
[ 2238.982140][ T2761]  seq_read_iter+0x203/0xe20
[ 2238.982172][ T2761]  ? apparmor_file_permission+0x1f4/0x300
[ 2238.982215][ T2761]  vfs_read+0x58b/0xa80
[ 2238.982251][ T2761]  ? __pfx_vfs_read+0x10/0x10
[ 2238.982287][ T2761]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2238.982316][ T2761]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2238.982350][ T2761]  ? mutex_lock_nested+0x152/0x1d0
[ 2238.982371][ T2761]  ? fdget_pos+0x252/0x320
[ 2238.982402][ T2761]  ksys_read+0x156/0x270
[ 2238.982430][ T2761]  ? __pfx_ksys_read+0x10/0x10
[ 2238.982466][ T2761]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2238.982491][ T2761]  do_syscall_64+0x15f/0x560
[ 2238.982522][ T2761]  ? clear_bhb_loop+0x40/0x90
[ 2238.982550][ T2761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2238.982573][ T2761] RIP: 0033:0x7f774e5ece59
[ 2238.982596][ T2761] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2238.982615][ T2761] RSP: 002b:00007f774c804028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2238.982639][ T2761] RAX: ffffffffffffffda RBX: 00007f774e866180 RCX: 00007f774e5ece59
[ 2238.982656][ T2761] RDX: 0000000000001016 RSI: 0000200000000000 RDI: 0000000000000003
[ 2238.982671][ T2761] RBP: 00007f774c804090 R08: 0000000000000000 R09: 0000000000000000
[ 2238.982686][ T2761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2238.982701][ T2761] R13: 00007f774e866218 R14: 00007f774e866180 R15: 00007ffff14f7798
[ 2238.982738][ T2761]  </TASK>
[ 2240.746599][ T2790] FAULT_INJECTION: forcing a failure.
[ 2240.746599][ T2790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2240.746640][ T2790] CPU: 1 UID: 0 PID: 2790 Comm: syz.3.9193 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2240.746670][ T2790] Tainted: [L]=SOFTLOCKUP
[ 2240.746680][ T2790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2240.746696][ T2790] Call Trace:
[ 2240.746705][ T2790]  <TASK>
[ 2240.746715][ T2790]  dump_stack_lvl+0xe8/0x150
[ 2240.746752][ T2790]  should_fail_ex+0x46b/0x600
[ 2240.746794][ T2790]  _copy_from_user+0x2d/0xb0
[ 2240.746826][ T2790]  ___sys_sendmsg+0x1c6/0x360
[ 2240.746857][ T2790]  ? __lock_acquire+0x6b5/0x2d10
[ 2240.746889][ T2790]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2240.746957][ T2790]  ? __fget_files+0x2a/0x420
[ 2240.746977][ T2790]  ? __fget_files+0x3a6/0x420
[ 2240.747010][ T2790]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 2240.747045][ T2790]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2240.747088][ T2790]  ? __pfx_ksys_write+0x10/0x10
[ 2240.747123][ T2790]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2240.747147][ T2790]  do_syscall_64+0x15f/0x560
[ 2240.747179][ T2790]  ? trace_irq_disable+0x3b/0x140
[ 2240.747204][ T2790]  ? clear_bhb_loop+0x40/0x90
[ 2240.747232][ T2790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2240.747254][ T2790] RIP: 0033:0x7f774e5ece59
[ 2240.747275][ T2790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2240.747294][ T2790] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2240.747317][ T2790] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2240.747343][ T2790] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 2240.747357][ T2790] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2240.747372][ T2790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2240.747386][ T2790] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2240.747419][ T2790]  </TASK>
[ 2240.999364][   T32] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 2241.181875][   T32] usb 2-1: Using ep0 maxpacket: 8
[ 2241.184738][   T32] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 2241.184816][   T32] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2241.184842][   T32] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2241.184870][   T32] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2241.184897][   T32] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2241.184942][   T32] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 2241.184967][   T32] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2241.497523][   T32] usb 2-1: usb_control_msg returned -32
[ 2241.497573][   T32] usbtmc 2-1:16.0: can't read capabilities
[ 2242.219385][ T2809] FAULT_INJECTION: forcing a failure.
[ 2242.219385][ T2809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2242.219415][ T2809] CPU: 1 UID: 0 PID: 2809 Comm: syz.3.9198 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2242.219438][ T2809] Tainted: [L]=SOFTLOCKUP
[ 2242.219444][ T2809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2242.219455][ T2809] Call Trace:
[ 2242.219462][ T2809]  <TASK>
[ 2242.219469][ T2809]  dump_stack_lvl+0xe8/0x150
[ 2242.219495][ T2809]  should_fail_ex+0x46b/0x600
[ 2242.219525][ T2809]  _copy_from_user+0x2d/0xb0
[ 2242.219546][ T2809]  do_semtimedop+0x235/0x3a0
[ 2242.219568][ T2809]  ? __pfx_do_semtimedop+0x10/0x10
[ 2242.219621][ T2809]  __x64_sys_semtimedop+0x156/0x1c0
[ 2242.219642][ T2809]  ? __pfx___x64_sys_semtimedop+0x10/0x10
[ 2242.219667][ T2809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2242.219684][ T2809]  do_syscall_64+0x15f/0x560
[ 2242.219705][ T2809]  ? trace_irq_disable+0x3b/0x140
[ 2242.219723][ T2809]  ? clear_bhb_loop+0x40/0x90
[ 2242.219742][ T2809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2242.219758][ T2809] RIP: 0033:0x7f774e5ece59
[ 2242.219773][ T2809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2242.219787][ T2809] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 00000000000000dc
[ 2242.219804][ T2809] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2242.219817][ T2809] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000000
[ 2242.219827][ T2809] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2242.219838][ T2809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2242.219848][ T2809] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2242.219872][ T2809]  </TASK>
[ 2242.349053][ T2810] FAULT_INJECTION: forcing a failure.
[ 2242.349053][ T2810] name failslab, interval 1, probability 0, space 0, times 0
[ 2242.349160][ T2810] CPU: 1 UID: 0 PID: 2810 Comm: syz.1.9192 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2242.349239][ T2810] Tainted: [L]=SOFTLOCKUP
[ 2242.349267][ T2810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2242.349302][ T2810] Call Trace:
[ 2242.349324][ T2810]  <TASK>
[ 2242.349354][ T2810]  dump_stack_lvl+0xe8/0x150
[ 2242.349446][ T2810]  should_fail_ex+0x46b/0x600
[ 2242.349568][ T2810]  should_failslab+0xa8/0x100
[ 2242.349644][ T2810]  __kmalloc_noprof+0xdf/0x7b0
[ 2242.349708][ T2810]  ? kfree+0x4d/0x6c0
[ 2242.349762][ T2810]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2242.349871][ T2810]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2242.349966][ T2810]  ? tomoyo_domain+0xd7/0x130
[ 2242.350093][ T2810]  ? tomoyo_path_number_perm+0x219/0x630
[ 2242.350194][ T2810]  tomoyo_path_number_perm+0x246/0x630
[ 2242.350284][ T2810]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2242.350359][ T2810]  ? __lock_acquire+0x6b5/0x2d10
[ 2242.350437][ T2810]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2242.350585][ T2810]  ? __fget_files+0x2a/0x420
[ 2242.350648][ T2810]  ? __fget_files+0x2a/0x420
[ 2242.350700][ T2810]  ? __fget_files+0x3a6/0x420
[ 2242.350753][ T2810]  ? __fget_files+0x2a/0x420
[ 2242.350820][ T2810]  security_file_ioctl+0xc3/0x2a0
[ 2242.350904][ T2810]  __se_sys_ioctl+0x47/0x170
[ 2242.350979][ T2810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2242.351043][ T2810]  do_syscall_64+0x15f/0x560
[ 2242.351120][ T2810]  ? trace_irq_disable+0x3b/0x140
[ 2242.351192][ T2810]  ? clear_bhb_loop+0x40/0x90
[ 2242.351256][ T2810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2242.351320][ T2810] RIP: 0033:0x7feb13d9ce59
[ 2242.351374][ T2810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2242.351427][ T2810] RSP: 002b:00007feb11fac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2242.351521][ T2810] RAX: ffffffffffffffda RBX: 00007feb14016180 RCX: 00007feb13d9ce59
[ 2242.351591][ T2810] RDX: 0000000000000000 RSI: 0000000000005b02 RDI: 0000000000000005
[ 2242.351630][ T2810] RBP: 00007feb11fac090 R08: 0000000000000000 R09: 0000000000000000
[ 2242.351674][ T2810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2242.351708][ T2810] R13: 00007feb14016218 R14: 00007feb14016180 R15: 00007ffcffd36cb8
[ 2242.351803][ T2810]  </TASK>
[ 2242.427922][ T2810] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2242.819815][ T2810] usbtmc 2-1:16.0: CHECK_CLEAR_STATUS returned 57
[ 2243.146303][ T5886] usb 2-1: USB disconnect, device number 58
[ 2243.181713][ T2147] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2243.802140][ T2147] veth0_vlan: entered promiscuous mode
[ 2244.052868][ T2836] FAULT_INJECTION: forcing a failure.
[ 2244.052868][ T2836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2244.052939][ T2836] CPU: 0 UID: 0 PID: 2836 Comm: syz.3.9203 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2244.052971][ T2836] Tainted: [L]=SOFTLOCKUP
[ 2244.052980][ T2836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2244.052994][ T2836] Call Trace:
[ 2244.053003][ T2836]  <TASK>
[ 2244.053013][ T2836]  dump_stack_lvl+0xe8/0x150
[ 2244.053048][ T2836]  should_fail_ex+0x46b/0x600
[ 2244.053089][ T2836]  _copy_to_user+0x31/0xb0
[ 2244.053116][ T2836]  simple_read_from_buffer+0xe1/0x170
[ 2244.053150][ T2836]  proc_fail_nth_read+0x1be/0x230
[ 2244.053172][ T2836]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2244.053193][ T2836]  ? rw_verify_area+0x2ac/0x4e0
[ 2244.053257][ T2836]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2244.053276][ T2836]  vfs_read+0x212/0xa80
[ 2244.053303][ T2836]  ? __pfx_vfs_read+0x10/0x10
[ 2244.053325][ T2836]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2244.053351][ T2836]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2244.053375][ T2836]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2244.053399][ T2836]  ? mutex_lock_nested+0x152/0x1d0
[ 2244.053416][ T2836]  ? fdget_pos+0x252/0x320
[ 2244.053440][ T2836]  ksys_read+0x156/0x270
[ 2244.053463][ T2836]  ? __pfx_ksys_read+0x10/0x10
[ 2244.053490][ T2836]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2244.053510][ T2836]  do_syscall_64+0x15f/0x560
[ 2244.053536][ T2836]  ? clear_bhb_loop+0x40/0x90
[ 2244.053558][ T2836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2244.053577][ T2836] RIP: 0033:0x7f774e5ad68e
[ 2244.053593][ T2836] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2244.053609][ T2836] RSP: 002b:00007f774c803fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2244.053629][ T2836] RAX: ffffffffffffffda RBX: 00007f774c8046c0 RCX: 00007f774e5ad68e
[ 2244.053642][ T2836] RDX: 000000000000000f RSI: 00007f774c8040a0 RDI: 0000000000000005
[ 2244.053654][ T2836] RBP: 00007f774c804090 R08: 0000000000000000 R09: 0000000000000000
[ 2244.053666][ T2836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2244.053677][ T2836] R13: 00007f774e866218 R14: 00007f774e866180 R15: 00007ffff14f7798
[ 2244.053705][ T2836]  </TASK>
[ 2244.117123][ T2147] veth1_vlan: entered promiscuous mode
[ 2244.591302][ T2147] veth0_macvtap: entered promiscuous mode
[ 2244.796096][ T2147] veth1_macvtap: entered promiscuous mode
[ 2245.719501][ T2147] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2245.769325][ T2147] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2246.036334][ T1557] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2246.039698][ T1557] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2246.066052][ T1557] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2246.275098][ T1557] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2247.839660][ T2916] FAULT_INJECTION: forcing a failure.
[ 2247.839660][ T2916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2247.839703][ T2916] CPU: 0 UID: 0 PID: 2916 Comm: syz.3.9220 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2247.839734][ T2916] Tainted: [L]=SOFTLOCKUP
[ 2247.839743][ T2916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2247.839757][ T2916] Call Trace:
[ 2247.839766][ T2916]  <TASK>
[ 2247.839776][ T2916]  dump_stack_lvl+0xe8/0x150
[ 2247.839810][ T2916]  should_fail_ex+0x46b/0x600
[ 2247.839851][ T2916]  _copy_from_user+0x2d/0xb0
[ 2247.839887][ T2916]  __sys_bind+0x1cc/0x410
[ 2247.839915][ T2916]  ? __pfx___sys_bind+0x10/0x10
[ 2247.839952][ T2916]  ? __pfx_ksys_write+0x10/0x10
[ 2247.839984][ T2916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2247.840010][ T2916]  __x64_sys_bind+0x7a/0x90
[ 2247.840036][ T2916]  do_syscall_64+0x15f/0x560
[ 2247.840067][ T2916]  ? trace_irq_disable+0x3b/0x140
[ 2247.840092][ T2916]  ? clear_bhb_loop+0x40/0x90
[ 2247.840119][ T2916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2247.840141][ T2916] RIP: 0033:0x7f774e5ece59
[ 2247.840162][ T2916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2247.840182][ T2916] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 2247.840206][ T2916] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2247.840223][ T2916] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000004
[ 2247.840243][ T2916] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2247.840258][ T2916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2247.840272][ T2916] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2247.840306][ T2916]  </TASK>
[ 2250.898648][ T2956] FAULT_INJECTION: forcing a failure.
[ 2250.898648][ T2956] name failslab, interval 1, probability 0, space 0, times 0
[ 2250.898691][ T2956] CPU: 0 UID: 0 PID: 2956 Comm: syz.3.9236 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2250.898721][ T2956] Tainted: [L]=SOFTLOCKUP
[ 2250.898730][ T2956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2250.898744][ T2956] Call Trace:
[ 2250.898758][ T2956]  <TASK>
[ 2250.898769][ T2956]  dump_stack_lvl+0xe8/0x150
[ 2250.898803][ T2956]  should_fail_ex+0x46b/0x600
[ 2250.898846][ T2956]  should_failslab+0xa8/0x100
[ 2250.898875][ T2956]  kmem_cache_alloc_noprof+0x87/0x680
[ 2250.898900][ T2956]  ? do_getname+0x2e/0x250
[ 2250.898938][ T2956]  do_getname+0x2e/0x250
[ 2250.898967][ T2956]  ? __se_sys_rmdir+0x12/0x140
[ 2250.898996][ T2956]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2250.899021][ T2956]  __se_sys_rmdir+0x1e/0x140
[ 2250.899049][ T2956]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2250.899074][ T2956]  do_syscall_64+0x15f/0x560
[ 2250.899103][ T2956]  ? trace_irq_disable+0x3b/0x140
[ 2250.899128][ T2956]  ? clear_bhb_loop+0x40/0x90
[ 2250.899157][ T2956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2250.899179][ T2956] RIP: 0033:0x7f774e5ece59
[ 2250.899202][ T2956] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2250.899223][ T2956] RSP: 002b:00007f774c846028 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[ 2250.899247][ T2956] RAX: ffffffffffffffda RBX: 00007f774e865fa0 RCX: 00007f774e5ece59
[ 2250.899264][ T2956] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0
[ 2250.899279][ T2956] RBP: 00007f774c846090 R08: 0000000000000000 R09: 0000000000000000
[ 2250.899295][ T2956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2250.899310][ T2956] R13: 00007f774e866038 R14: 00007f774e865fa0 R15: 00007ffff14f7798
[ 2250.899346][ T2956]  </TASK>
[ 2250.964489][ T2958] netlink: 'syz.1.9237': attribute type 1 has an invalid length.
[ 2251.919243][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2251.919266][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2252.300583][T13249] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2252.300602][T13249] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2252.373916][ T2413] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 2252.450596][ T2413] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 2252.452497][ T2413] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 2252.613907][ T2413] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 2252.651697][ T2413] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 2252.692196][ T2413] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 2252.740240][ T2413] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 2252.855291][ T2413] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 2255.969920][ T2413] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2256.242292][ T3064] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9280'.
[ 2256.588615][ T2413] 8021q: adding VLAN 0 to HW filter on device team0
[ 2256.667995][ T7716] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2256.668108][ T7716] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2257.220435][T24858] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2257.261810][T24858] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2257.421537][ T2434] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 2257.584900][ T2434] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 2257.592603][ T2434] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 2257.815116][ T2434] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 2257.829269][ T2434] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 2258.005823][ T2434] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 2258.025327][ T2434] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 2258.073983][ T2434] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 2258.357446][ T3070] ==================================================================
[ 2258.357468][ T3070] BUG: KASAN: slab-use-after-free in reverse_path_check_proc+0x5b/0x240
[ 2258.357511][ T3070] Read of size 8 at addr ffff88803f60e220 by task syz.0.9282/3070
[ 2258.357533][ T3070] 
[ 2258.357551][ T3070] CPU: 1 UID: 0 PID: 3070 Comm: syz.0.9282 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2258.357586][ T3070] Tainted: [L]=SOFTLOCKUP
[ 2258.357596][ T3070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2258.357620][ T3070] Call Trace:
[ 2258.357631][ T3070]  <TASK>
[ 2258.357643][ T3070]  dump_stack_lvl+0xe8/0x150
[ 2258.357678][ T3070]  print_address_description+0x55/0x1e0
[ 2258.357723][ T3070]  ? reverse_path_check_proc+0x5b/0x240
[ 2258.357753][ T3070]  print_report+0x58/0x70
[ 2258.357783][ T3070]  kasan_report+0x117/0x150
[ 2258.357821][ T3070]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2258.357859][ T3070]  ? reverse_path_check_proc+0x5b/0x240
[ 2258.357893][ T3070]  ? ep_insert+0xbbb/0x1820
[ 2258.357918][ T3070]  reverse_path_check_proc+0x5b/0x240
[ 2258.357951][ T3070]  ? ep_insert+0xbbb/0x1820
[ 2258.357977][ T3070]  ep_insert+0xc6c/0x1820
[ 2258.358011][ T3070]  ? __pfx_ep_insert+0x10/0x10
[ 2258.358043][ T3070]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2258.358075][ T3070]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2258.358107][ T3070]  ? mutex_lock_nested+0x152/0x1d0
[ 2258.358130][ T3070]  ? do_epoll_ctl_file+0xc69/0xed0
[ 2258.358155][ T3070]  do_epoll_ctl_file+0x8bb/0xed0
[ 2258.358181][ T3070]  ? do_epoll_ctl_file+0xac3/0xed0
[ 2258.358210][ T3070]  ? __pfx_do_epoll_ctl_file+0x10/0x10
[ 2258.358238][ T3070]  ? __fget_files+0x3a6/0x420
[ 2258.358260][ T3070]  ? __fget_files+0x2a/0x420
[ 2258.358286][ T3070]  __se_sys_epoll_ctl+0x14e/0x210
[ 2258.358315][ T3070]  ? __pfx___se_sys_epoll_ctl+0x10/0x10
[ 2258.358348][ T3070]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2258.358376][ T3070]  do_syscall_64+0x15f/0x560
[ 2258.358409][ T3070]  ? trace_irq_disable+0x3b/0x140
[ 2258.358439][ T3070]  ? clear_bhb_loop+0x40/0x90
[ 2258.358470][ T3070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2258.358497][ T3070] RIP: 0033:0x7f928ca3ce59
[ 2258.358521][ T3070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2258.358544][ T3070] RSP: 002b:00007f928ac6d028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 2258.358574][ T3070] RAX: ffffffffffffffda RBX: 00007f928ccb6090 RCX: 00007f928ca3ce59
[ 2258.358605][ T3070] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000006
[ 2258.358621][ T3070] RBP: 00007f928cad2d6f R08: 0000000000000000 R09: 0000000000000000
[ 2258.358638][ T3070] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2258.358657][ T3070] R13: 00007f928ccb6128 R14: 00007f928ccb6090 R15: 00007ffc38a5ce58
[ 2258.358687][ T3070]  </TASK>
[ 2258.358697][ T3070] 
[ 2258.358704][ T3070] Allocated by task 3069:
[ 2258.358715][ T3070]  kasan_save_track+0x3e/0x80
[ 2258.358740][ T3070]  __kasan_slab_alloc+0x6c/0x80
[ 2258.358765][ T3070]  kmem_cache_alloc_noprof+0x33b/0x680
[ 2258.358790][ T3070]  ep_insert+0x512/0x1820
[ 2258.358823][ T3070]  do_epoll_ctl_file+0x8bb/0xed0
[ 2258.358846][ T3070]  __se_sys_epoll_ctl+0x14e/0x210
[ 2258.358869][ T3070]  do_syscall_64+0x15f/0x560
[ 2258.358901][ T3070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2258.358925][ T3070] 
[ 2258.358932][ T3070] Freed by task 3069:
[ 2258.358944][ T3070]  kasan_save_track+0x3e/0x80
[ 2258.358975][ T3070]  kasan_save_free_info+0x46/0x50
[ 2258.359009][ T3070]  __kasan_slab_free+0x5c/0x80
[ 2258.359033][ T3070]  kmem_cache_free+0x187/0x6c0
[ 2258.359060][ T3070]  eventpoll_release_file+0xc2/0x240
[ 2258.359081][ T3070]  __fput+0x83c/0xa70
[ 2258.359114][ T3070]  task_work_run+0x1d9/0x270
[ 2258.359143][ T3070]  get_signal+0x11eb/0x1330
[ 2258.359176][ T3070]  arch_do_signal_or_restart+0xbc/0x840
[ 2258.359202][ T3070]  exit_to_user_mode_loop+0x8c/0x4d0
[ 2258.359231][ T3070]  do_syscall_64+0x33e/0x560
[ 2258.359261][ T3070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2258.359284][ T3070] 
[ 2258.359290][ T3070] The buggy address belongs to the object at ffff88803f60e220
[ 2258.359290][ T3070]  which belongs to the cache ep_head of size 16
[ 2258.359312][ T3070] The buggy address is located 0 bytes inside of
[ 2258.359312][ T3070]  freed 16-byte region [ffff88803f60e220, ffff88803f60e230)
[ 2258.359336][ T3070] 
[ 2258.359343][ T3070] The buggy address belongs to the physical page:
[ 2258.359368][ T3070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803f60e1c0 pfn:0x3f60e
[ 2258.359397][ T3070] memcg:ffff888029592801
[ 2258.359411][ T3070] flags: 0x80000000000200(workingset|node=0|zone=1)
[ 2258.359439][ T3070] page_type: f5(slab)
[ 2258.359462][ T3070] raw: 0080000000000200 ffff888140aeac80 ffffea0000d010d0 ffff888020aa2f88
[ 2258.359487][ T3070] raw: ffff88803f60e1c0 0000000800800051 00000000f5000000 ffff888029592801
[ 2258.359501][ T3070] page dumped because: kasan: bad access detected
[ 2258.359519][ T3070] page_owner tracks the page as allocated
[ 2258.359529][ T3070] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4993, tgid 4993 (udevd), ts 49415760260, free_ts 0
[ 2258.359571][ T3070]  post_alloc_hook+0x1f9/0x250
[ 2258.359596][ T3070]  get_page_from_freelist+0x265c/0x26e0
[ 2258.359627][ T3070]  __alloc_frozen_pages_noprof+0x18d/0x380
[ 2258.359658][ T3070]  allocate_slab+0x74/0x5e0
[ 2258.359691][ T3070]  refill_objects+0x33c/0x3d0
[ 2258.359723][ T3070]  __pcs_replace_empty_main+0x373/0x720
[ 2258.359771][ T3070]  kmem_cache_alloc_noprof+0x433/0x680
[ 2258.359816][ T3070]  ep_insert+0x512/0x1820
[ 2258.359839][ T3070]  do_epoll_ctl_file+0x8bb/0xed0
[ 2258.359861][ T3070]  __se_sys_epoll_ctl+0x14e/0x210
[ 2258.359885][ T3070]  do_syscall_64+0x15f/0x560
[ 2258.359913][ T3070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2258.359936][ T3070] page_owner free stack trace missing
[ 2258.359945][ T3070] 
[ 2258.359953][ T3070] Memory state around the buggy address:
[ 2258.359966][ T3070]  ffff88803f60e100: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[ 2258.359998][ T3070]  ffff88803f60e180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2258.360016][ T3070] >ffff88803f60e200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2258.360030][ T3070]                                ^
[ 2258.360044][ T3070]  ffff88803f60e280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2258.360061][ T3070]  ffff88803f60e300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[ 2258.360075][ T3070] ==================================================================
[ 2258.360696][ T3070] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2258.360728][ T3070] CPU: 1 UID: 0 PID: 3070 Comm: syz.0.9282 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 2258.360766][ T3070] Tainted: [L]=SOFTLOCKUP
[ 2258.360784][ T3070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2258.360810][ T3070] Call Trace:
[ 2258.360822][ T3070]  <TASK>
[ 2258.360833][ T3070]  vpanic+0x56c/0xa60
[ 2258.360874][ T3070]  ? __pfx_vpanic+0x10/0x10
[ 2258.360916][ T3070]  panic+0xc5/0xd0
[ 2258.360951][ T3070]  ? __pfx_panic+0x10/0x10
[ 2258.360988][ T3070]  ? preempt_schedule_thunk+0x16/0x40
[ 2258.361018][ T3070]  ? preempt_schedule_thunk+0x16/0x40
[ 2258.361046][ T3070]  ? reverse_path_check_proc+0x5b/0x240
[ 2258.361076][ T3070]  check_panic_on_warn+0x89/0xb0
[ 2258.361108][ T3070]  ? reverse_path_check_proc+0x5b/0x240
[ 2258.361139][ T3070]  end_report+0x73/0x170
[ 2258.361168][ T3070]  ? reverse_path_check_proc+0x5b/0x240
[ 2258.361198][ T3070]  kasan_report+0x128/0x150
[ 2258.361226][ T3070]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2258.361262][ T3070]  ? reverse_path_check_proc+0x5b/0x240
[ 2258.361297][ T3070]  ? ep_insert+0xbbb/0x1820
[ 2258.361321][ T3070]  reverse_path_check_proc+0x5b/0x240
[ 2258.361356][ T3070]  ? ep_insert+0xbbb/0x1820
[ 2258.361398][ T3070]  ep_insert+0xc6c/0x1820
[ 2258.361432][ T3070]  ? __pfx_ep_insert+0x10/0x10
[ 2258.361464][ T3070]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2258.361496][ T3070]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 2258.361530][ T3070]  ? mutex_lock_nested+0x152/0x1d0
[ 2258.361552][ T3070]  ? do_epoll_ctl_file+0xc69/0xed0
[ 2258.361580][ T3070]  do_epoll_ctl_file+0x8bb/0xed0
[ 2258.361606][ T3070]  ? do_epoll_ctl_file+0xac3/0xed0
[ 2258.361641][ T3070]  ? __pfx_do_epoll_ctl_file+0x10/0x10
[ 2258.361693][ T3070]  ? __fget_files+0x3a6/0x420
[ 2258.361715][ T3070]  ? __fget_files+0x2a/0x420
[ 2258.361742][ T3070]  __se_sys_epoll_ctl+0x14e/0x210
[ 2258.361772][ T3070]  ? __pfx___se_sys_epoll_ctl+0x10/0x10
[ 2258.361817][ T3070]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2258.361846][ T3070]  do_syscall_64+0x15f/0x560
[ 2258.361879][ T3070]  ? trace_irq_disable+0x3b/0x140
[ 2258.361908][ T3070]  ? clear_bhb_loop+0x40/0x90
[ 2258.361940][ T3070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2258.361965][ T3070] RIP: 0033:0x7f928ca3ce59
[ 2258.361990][ T3070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2258.362012][ T3070] RSP: 002b:00007f928ac6d028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 2258.362052][ T3070] RAX: ffffffffffffffda RBX: 00007f928ccb6090 RCX: 00007f928ca3ce59
[ 2258.362133][ T3070] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000006
[ 2258.362150][ T3070] RBP: 00007f928cad2d6f R08: 0000000000000000 R09: 0000000000000000
[ 2258.362166][ T3070] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2258.362182][ T3070] R13: 00007f928ccb6128 R14: 00007f928ccb6090 R15: 00007ffc38a5ce58
[ 2258.362213][ T3070]  </TASK>
[ 2258.362832][ T3070] Kernel Offset: disabled