last executing test programs:

6m36.485791476s ago: executing program 2 (id=1570):
r0 = syz_open_dev$admmidi(0x0, 0x2, 0x1a9882)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000080)={0x1, 0x0, 0x3, 0x0, 0x7})

6m36.093571102s ago: executing program 2 (id=1574):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newtclass={0x38, 0x28, 0x200, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x10, 0xffff}, {0xfff2, 0x7}, {0x9, 0xfff1}}, [@TCA_RATE={0x6, 0x5, {0xb, 0x7}}, @tclass_kind_options=@c_qfq={{0x8}, {0x4}}]}, 0x38}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="340000001100050000000000feffffff07000000", @ANYRES32=r1], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)
r2 = getpid()
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg(r3, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/40, 0x28}, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb0100594d0000000000003000000030000078680000000f00000001000085090000000e00000005000000000100000a00000000000008050000000c0000000000001010000000002e6100"], &(0x7f00000005c0)=""/222, 0x4c, 0xde, 0x0, 0x8, 0x10000}, 0x28)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, 0x0}}, 0x40)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r8 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r8, 0x10f, 0x82, &(0x7f0000000100), &(0x7f0000000140)=0x4)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket$alg(0x26, 0x5, 0x0)
r10 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r10, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_S_CTRL(r10, 0xc008561c, &(0x7f00000001c0)={0x23, 0x40})
bind$alg(r9, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384)\x00'}, 0x58)
r11 = accept4(r9, 0x0, 0x0, 0x800)
accept4$tipc(r11, 0x0, 0x0, 0x800)

6m34.254296359s ago: executing program 2 (id=1581):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000000c0), 0x10)
r2 = dup3(r1, r0, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000000)={0x8, {0x26, 0x2, 0x800, 0xb4c6, 0x7fffffffffffffff}})
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
r5 = socket$unix(0x1, 0x5, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r5, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
pipe2(&(0x7f0000000000)={<r7=>0x0, <r8=>0x0}, 0x0)
write$binfmt_aout(r6, &(0x7f0000000380)=ANY=[], 0x20)
fcntl$setstatus(r7, 0x4, 0x6000)
splice(r6, &(0x7f0000000040)=0x10, r8, 0x0, 0x807, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000080)={&(0x7f00000001c0)={0x1d, r4, 0x3f420f00}, 0x10, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x2c004000)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x44, r10, 0x10, 0x20001, 0x0, {{}, {@val={0x8, 0x3, r11}, @val={0xc, 0x99, {0x4, 0xd}}}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0xffffffffffffffff)

6m33.677340594s ago: executing program 2 (id=1584):
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000016c0)=ANY=[@ANYBLOB="f000000010000100fefff7ff00010000fe880000000000000000000000000001fc010000000000000000000000000001000107144e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="7f000001000000000000000000000000000004d46c0000007f00000100000000003a17a1eae51903520000000000000092010000000000000600000000000000ffff0000000000001c250800000000000200000000000000f8ffffffffffffff7c232e0e00000000ffffffffffffffff00000000000000001f00000000000000feffffffffffffff02000000fcffffff400000002abd700004350000020001002000000000000000"], 0xf0}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
setsockopt$inet6_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x29, 0x2d, &(0x7f0000000340)={0x5, {{0xa, 0x4e22, 0xb, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0xa}}}, 0x88)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002ac0)=@newtaction={0x494, 0x30, 0x12f, 0x0, 0x0, {}, [{0x480, 0x1, [@m_police={0x47c, 0x1, 0x0, 0x0, {{0xb}, {0x450, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x8001, 0x0, 0x2000003, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfdfffffe, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x548, 0x400, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x240000, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8801, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x0, 0x6, 0xfffffffb, 0x0, 0x0, 0x0, 0x1, 0x1936, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffc, 0x0, 0x0, 0x6, 0x80000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8, 0x2a5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffff, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x400, 0x1000000, 0x0, 0x0, 0x8, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffff000, 0x0, 0x6, 0x54c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffffc, 0x2, 0x4, 0x9, 0x934a, {0x10, 0x0, 0x5, 0x4, 0x5, 0xb}, {0xf9, 0x2, 0x101, 0x81, 0xa}, 0x63febb3a, 0x4, 0x85}}], [@TCA_POLICE_RATE64={0xc, 0x8, 0x100000001}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x1}}}}]}]}, 0x494}}, 0x0)

6m33.249576095s ago: executing program 2 (id=1587):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x10000, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3b}, {0x8, 0x10, 0x100000002, 0x0, 0xfff, 0xffffffffffffb473, 0xffffffffffffffff}, {0x1000000000, 0x2000000000000000, 0x2, 0xffffffffffffffff}, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0xb8}}, 0x4004)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x1b, 0x1, 0xfffffffe, 0x400000, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffb, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}}, [@mark={0xc, 0x15, {0x35075a, 0xc0}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40100}, 0x2c000010)

6m33.130043922s ago: executing program 2 (id=1589):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@deltaction={0x24, 0x31, 0x200, 0x70bd2d, 0x25dfdc02, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004800}, 0x4800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x40, 0x24, 0x400, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x20040084)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000017c00000400c2800c00018006000600843b0000971b0280540214"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0x20008054)

6m17.638871373s ago: executing program 32 (id=1589):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@deltaction={0x24, 0x31, 0x200, 0x70bd2d, 0x25dfdc02, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004800}, 0x4800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x40, 0x24, 0x400, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x20040084)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000017c00000400c2800c00018006000600843b0000971b0280540214"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0x20008054)

2m41.849974847s ago: executing program 4 (id=2355):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875)
socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
read$FUSE(0xffffffffffffffff, &(0x7f0000002080)={0x2020}, 0x54)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)
r3 = socket(0xa, 0x3, 0xff)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, '\x00', 0x18, 0x2c, 0x1, @empty, @mcast2, {[@hopopts={0xff, 0x1, '\x00', [@calipso={0x7, 0x8, {0x2, 0x0, 0x6, 0xad}}]}]}}}}}, 0x0)
recvmmsg(r3, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x10102, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x40800)

2m39.989998969s ago: executing program 4 (id=2358):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x18e)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
pread64(r0, 0x0, 0x0, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x810)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000001400)={0x0, 0x2, 0x1, [0x8, 0xd, 0x8, 0xfc, 0xe], [0x2000000009, 0x9, 0x2, 0x6d3f, 0xa596, 0x7, 0x4, 0x25eb, 0x2, 0xa, 0x5, 0xb2e, 0xbffffffffffffff8, 0x3, 0xddae, 0x7, 0x9, 0x9, 0x5d, 0xaa0, 0x6, 0x400, 0x7ff, 0xf, 0x400000004, 0x101, 0x8, 0x9, 0x101, 0x6, 0x3, 0x7fff, 0x1a2, 0x3, 0x4, 0x80000001, 0x401, 0x7, 0x1, 0x800, 0x20000000, 0xbbcf, 0x0, 0x40000000, 0x5, 0x8001, 0x5, 0xf2, 0x9, 0x0, 0x482, 0x7, 0x8, 0xe, 0x6, 0x3a4, 0x0, 0x2, 0x69, 0x80000000, 0x7, 0x10001, 0x5, 0x5, 0xe7, 0x3, 0x7fffffff, 0xe, 0x2, 0xd, 0x100000000, 0x5, 0x1000, 0xc7ae09b, 0xf6, 0x5, 0x0, 0x2, 0x3, 0x81, 0x3, 0x4, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x8, 0x94, 0x5, 0xf, 0x13d, 0x2000000000000000, 0x6000000, 0x7, 0x4, 0x8, 0x8, 0x749, 0x4000000000000000, 0x7ff, 0x0, 0x0, 0x3, 0x69, 0x5, 0xc3, 0x100, 0xfffffffffffffffc, 0x800000000, 0x1000, 0x209, 0xfffffffffffffffc, 0x4, 0x4, 0xd952, 0x7, 0x991, 0x8001, 0x4, 0x7e6]})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r4, &(0x7f0000000400)=""/4096, 0x1000)
r5 = socket(0x1e, 0x1, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r5, r6, 0x0, 0x6)
r7 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip6_mr_vif\x00')
pread64(r7, &(0x7f0000002140)=""/17, 0x11, 0x0)

2m27.049929401s ago: executing program 4 (id=2394):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, 0x0, 0x0)
sendmsg$inet(r0, 0x0, 0x0)
recvmsg$unix(r1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syz_tun\x00', 0x100})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x100001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000000), 0x100000040, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x100010, r3, 0x151ef000)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040054)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x33, &(0x7f0000000640)={0x0, &(0x7f0000000680)}, 0x10)

2m26.357250636s ago: executing program 4 (id=2397):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x6}]}, 0x10)
r1 = socket(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x48800, &(0x7f0000000000)={0x2, 0x4e24, @broadcast}, 0x10)
sendto$inet(r1, &(0x7f00000023c0)="8ce2ad4d4f95e0", 0x7, 0x0, &(0x7f0000002400)={0x2, 0x0, @multicast2}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x2, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x200000c0}, 0x4004005)
r2 = gettid()
timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r2}, &(0x7f0000044000))
timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
timer_settime(0x0, 0x5, &(0x7f00000001c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2m24.898051231s ago: executing program 4 (id=2400):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
unshare(0x8040480)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x200, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x9a)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)={0x28, r2, 0x801, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}]}, 0x28}, 0x1, 0x0, 0x0, 0x55ecf8253745804b}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2, 0x4c032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000002000000000000000000000105000400000000ff"], 0x0, 0x42, 0x0, 0x0, 0x400000}, 0x28)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x230000)
ioctl$SG_SET_FORCE_PACK_ID(r5, 0x227b, &(0x7f00000000c0)=0x2001)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x0, @time={0x2, 0x6}, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick=0xad36, {0x0, 0x8}}], 0x38)
readv(r6, &(0x7f0000000480)=[{&(0x7f0000001140)=""/136, 0x88}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
mprotect(&(0x7f00006ef000/0x4000)=nil, 0x4000, 0x4)
close(0x3)
creat(&(0x7f00000001c0)='./file0\x00', 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000007000000030000000000000700000000050000000000000e01000000000000000000612e612e"], 0x0, 0x3b, 0x0, 0x1, 0x1}, 0x28)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f00006ec000/0x4000)=nil)

2m24.092828069s ago: executing program 4 (id=2404):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x18e)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
pread64(r0, 0x0, 0x0, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x810)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000001400)={0x0, 0x2, 0x1, [0x8, 0xd, 0x8, 0xfc, 0xe], [0x2000000009, 0x9, 0x2, 0x6d3f, 0xa596, 0x7, 0x4, 0x25eb, 0x2, 0xa, 0x5, 0xb2e, 0xbffffffffffffff8, 0x3, 0xddae, 0x7, 0x9, 0x9, 0x5d, 0xaa0, 0x6, 0x400, 0x7ff, 0xf, 0x400000004, 0x101, 0x8, 0x9, 0x101, 0x6, 0x3, 0x7fff, 0x1a2, 0x3, 0x4, 0x80000001, 0x401, 0x7, 0x1, 0x800, 0x20000000, 0xbbcf, 0x0, 0x40000000, 0x5, 0x8001, 0x5, 0xf2, 0x9, 0x0, 0x482, 0x7, 0x8, 0xe, 0x6, 0x3a4, 0x0, 0x2, 0x69, 0x80000000, 0x7, 0x10001, 0x5, 0x5, 0xe7, 0x3, 0x7fffffff, 0xe, 0x2, 0xd, 0x100000000, 0x5, 0x1000, 0xc7ae09b, 0xf6, 0x5, 0x0, 0x2, 0x3, 0x81, 0x3, 0x4, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x8, 0x94, 0x5, 0xf, 0x13d, 0x2000000000000000, 0x6000000, 0x7, 0x4, 0x8, 0x8, 0x749, 0x4000000000000000, 0x7ff, 0x0, 0x0, 0x3, 0x69, 0x5, 0xc3, 0x100, 0xfffffffffffffffc, 0x800000000, 0x1000, 0x209, 0xfffffffffffffffc, 0x4, 0x4, 0xd952, 0x7, 0x991, 0x8001, 0x4, 0x7e6]})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r4, &(0x7f0000000400)=""/4096, 0x1000)
r5 = socket(0x1e, 0x1, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r5, r6, 0x0, 0x6)
r7 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip6_mr_vif\x00')
pread64(r7, &(0x7f0000002140)=""/17, 0x11, 0x0)

2m7.284460155s ago: executing program 33 (id=2404):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x18e)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
pread64(r0, 0x0, 0x0, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000001940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x810)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000001400)={0x0, 0x2, 0x1, [0x8, 0xd, 0x8, 0xfc, 0xe], [0x2000000009, 0x9, 0x2, 0x6d3f, 0xa596, 0x7, 0x4, 0x25eb, 0x2, 0xa, 0x5, 0xb2e, 0xbffffffffffffff8, 0x3, 0xddae, 0x7, 0x9, 0x9, 0x5d, 0xaa0, 0x6, 0x400, 0x7ff, 0xf, 0x400000004, 0x101, 0x8, 0x9, 0x101, 0x6, 0x3, 0x7fff, 0x1a2, 0x3, 0x4, 0x80000001, 0x401, 0x7, 0x1, 0x800, 0x20000000, 0xbbcf, 0x0, 0x40000000, 0x5, 0x8001, 0x5, 0xf2, 0x9, 0x0, 0x482, 0x7, 0x8, 0xe, 0x6, 0x3a4, 0x0, 0x2, 0x69, 0x80000000, 0x7, 0x10001, 0x5, 0x5, 0xe7, 0x3, 0x7fffffff, 0xe, 0x2, 0xd, 0x100000000, 0x5, 0x1000, 0xc7ae09b, 0xf6, 0x5, 0x0, 0x2, 0x3, 0x81, 0x3, 0x4, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x8, 0x94, 0x5, 0xf, 0x13d, 0x2000000000000000, 0x6000000, 0x7, 0x4, 0x8, 0x8, 0x749, 0x4000000000000000, 0x7ff, 0x0, 0x0, 0x3, 0x69, 0x5, 0xc3, 0x100, 0xfffffffffffffffc, 0x800000000, 0x1000, 0x209, 0xfffffffffffffffc, 0x4, 0x4, 0xd952, 0x7, 0x991, 0x8001, 0x4, 0x7e6]})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}], [], 0x2f})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r4, &(0x7f0000000400)=""/4096, 0x1000)
r5 = socket(0x1e, 0x1, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r5, r6, 0x0, 0x6)
r7 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip6_mr_vif\x00')
pread64(r7, &(0x7f0000002140)=""/17, 0x11, 0x0)

15.729407638s ago: executing program 1 (id=2771):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x9, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0xd, 0x6, 0x0, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x15a5d16c, 0x3, 0x0, 0x9, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x28, 0xd, 0x7, 0x1, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0xe464, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x5, 0x8c, 0x1000, 0xffff, 0x0, 0x8000, 0x4, 0x8008, 0x400, 0x80, 0x3, 0x5, 0x6, 0x3, 0x4, 0x3, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e4, 0xc, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xffffffff, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x2, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x6, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x2, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x29, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x200000, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xf, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa5, 0x5, 0x6, 0xac8, 0xca, 0x4d, 0x3, 0x7ff, 0x12b, 0x7fffffff, 0x1, 0xa, 0x0, 0x1, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x7, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0x3, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x9, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x4, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb3e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
connect$inet(r4, &(0x7f0000000380)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000380)={'ip_vti0\x00', &(0x7f00000002c0)={'sit0\x00', 0x0, 0x7800, 0x700, 0x4, 0x0, {{0x5, 0x4, 0x2, 0xf, 0x14, 0x64, 0x0, 0x7, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}})
r6 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x24004840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a060000000000000500000014000500200100000000000000000300000000001c0009"], 0x4c}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r10 = syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r10, 0x1, 0x60bd27, 0x4, {0x5}}, 0x14}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000200)={0x0, 0x6e, 0xfa00, {0x1, 0x0, 0x106, 0x6}}, 0x20)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)

14.468848718s ago: executing program 1 (id=2772):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mknodat(0xffffffffffffff9c, 0x0, 0x61c0, 0x701)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x7ad3db81}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$comedi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/comedi2\x00', 0x103602, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x4, &(0x7f0000000040)=""/173, &(0x7f0000000100)=0xad)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x1c, 0x0, 0x1, 0xfffffffe, 0x0, {0x4, 0x74, 0x609}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1}]}, 0x1c}, 0x1, 0xffffffff00000003, 0x0, 0x20840}, 0x40440c0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x4000, 0x6d)
faccessat(r4, &(0x7f0000000100)='./file0/../file0\x00', 0x4)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000906010200000000000076c2db018853"], 0x14}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
syz_io_uring_setup(0x45c8, &(0x7f0000000400)={0x0, 0xd386, 0x2, 0x3, 0x7f}, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000180)='@\x00', &(0x7f0000000280)="33b52bd70cd708754bf68d073687c80e5f05a3d8c6f476b1f8f989fff3866ece95fd9055501228e90ce128e0aca94ca53c45e3a015594f86699962cf243a7ff5f6ccb7df910e2849e0fc1296b459e9089039e702495df44749bccf0a1e2aebe7a1e99db351e76e09c29eebe29324601cd7a766c0a43cca669c4312bc1e28213b8f022c2baf638735a6c3c276e69e06f2b85f3854c300891ed4829dcfbfb74299e390c9974a719f4d6d5a2b93cb430550e7d5644a35aa376c23f5268dda593ccf6d71eaac18abd694965ab35b9f7de106", 0xd0)
r5 = syz_open_dev$evdev(&(0x7f0000000100), 0x2, 0x862b01)
ioctl$EVIOCSFF(r5, 0x40304580, &(0x7f00000003c0)={0x57, 0x0, 0xac, {0x1, 0x1}, {0x9, 0x2}, @cond=[{0x8, 0x4, 0xf, 0x7fc, 0xf535, 0x3}, {0x0, 0x805, 0x1, 0x7, 0x60d8, 0x4}]})
write$char_usb(r5, &(0x7f0000000040)="e2", 0x2250)

13.341764162s ago: executing program 1 (id=2777):
mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r0 = inotify_init()
inotify_add_watch(r0, 0x0, 0x400017e)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file4\x00', 0x100, 0x74e)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
read$FUSE(r0, &(0x7f0000001fc0)={0x2020}, 0x2020)

12.253755698s ago: executing program 1 (id=2785):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000002c0)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f00000003c0)={0x0, 0x0, r4, r5, 0x3, 0x100, 0x40, 0x6, {0x6, 0xfffa, 0x2, 0x5, 0x7, 0x10, 0xd, 0x2, 0x7, 0x134f, 0x40, 0x4d, 0xffffffff, 0x7, "d60e4e53f3eff59d859d447fa4136aa6d3d6249c129baa37b5e87b8c3e055de3"}})
ioctl$AUTOFS_IOC_FAIL(r3, 0x9361, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000900)={0x0, 0x0, r2, r5, 0x3, 0x1, 0x2, 0x1200, {0x8, 0x5, 0x5, 0x4, 0x8000, 0x7, 0x0, 0x8, 0xb, 0xfffc, 0x9, 0x80060b, 0x5, 0xffff, "6f4f1b1330d057b30bd15586b7445443c528ffff00009c2cd5ae7297dceeb0be"}})

11.238003995s ago: executing program 5 (id=2788):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x14)
r3 = userfaultfd(0x80000)
ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0)
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000840)={'veth1_virt_wifi\x00', &(0x7f0000000100)=@ethtool_channels={0x1, 0x401, 0x9, 0x6, 0x6, 0x3, 0x3, 0x0, 0x9}})
bind$alg(r4, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0xfffffffffffffffe, 0x0)
socket$packet(0x11, 0x2, 0x300)
r6 = socket$nl_route(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000740)="240000005800410f9c00f4f10085b3a85c91fddf080001000501009f60ecc0817cdb4ac6", 0x24)

9.851404541s ago: executing program 1 (id=2791):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x78, 0x30, 0xb, 0x0, 0xfffffffe, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x4, 0x1, 0x0, 0x1000}}, @TCA_CT_MARK={0x8, 0x10, 0xfffffffe}, @TCA_CT_LABELS={0x14, 0x7, "e3cc00c5b8fbe60832617f2f4a63b45b"}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x10000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000c}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001800010600000000000000001c141400"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x8080)
gettid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x18)

9.603858062s ago: executing program 5 (id=2793):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) (async, rerun: 32)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f0000001040)=0x6) (async, rerun: 64)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) (async, rerun: 64)
r3 = dup3(r2, r1, 0x0) (async, rerun: 64)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) (async, rerun: 32)
r5 = socket$kcm(0x29, 0x0, 0x0) (rerun: 32)
ioctl$EXT4_IOC_MIGRATE(r5, 0x6609) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})
unshare(0x20000400) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@map, 0x26, 0x0, 0xf51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r6 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0) (async)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r7, 0x89f8, &(0x7f0000001200)={'sit0\x00', 0x0}) (async)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8) (async)
eventfd2(0x0, 0x1)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b00)={0x3, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000030000000000010000000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b0000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffb}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8.971666147s ago: executing program 0 (id=2795):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x2000, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)

7.533350669s ago: executing program 1 (id=2797):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r4 = socket$pppoe(0x18, 0x1, 0x0)
getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f00000053c0))
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r3, 0xc01864b0, &(0x7f0000000240)={0x0, 0x0, 0xb, 0xfffff841, 0x2})
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_STREAMON(r5, 0x40045612, &(0x7f00000001c0)=0x1)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x2)
capset(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

6.125676897s ago: executing program 0 (id=2799):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
r1 = socket(0x23, 0x5, 0x0)
listen(r1, 0x0)
listen(r1, 0x7)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x6, 0x7fffffff, 0x5, 0x9, "87368e20f6c6345e7ccc1d5fd36ae270921edd", 0x4, 0x40})
socket$alg(0x26, 0x5, 0x0)
accept4$alg(r1, 0x0, 0x0, 0xc1000)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r2 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x3, {0x8000, 0x1000, 0x4, 0x240}}) (fail_nth: 3)

5.990595238s ago: executing program 5 (id=2800):
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
write$sndseq(r0, &(0x7f0000000600)=[{0x6, 0x0, 0x0, 0x0, @time={0x6, 0x9}, {0x4}, {}, @addr={0x5b, 0x5d}}, {0x4, 0x0, 0x0, 0x0, @time, {}, {0x5}, @quote={{0x5, 0x5}}}, {0x0, 0x0, 0x0, 0x0, @tick=0x100, {}, {}, @connect={{0x7, 0x5f}, {0x2, 0x1}}}, {0x1, 0x0, 0x1, 0x0, @time={0x80000000, 0xfff}, {0x4, 0x1}, {0x7, 0x8}, @quote={{0x2, 0xd8}, 0x8}}], 0x70) (fail_nth: 3)

5.736878763s ago: executing program 5 (id=2801):
r0 = semget(0x3, 0x4, 0x69c)
semop(r0, 0x0, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff])

5.642286995s ago: executing program 6 (id=2802):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x8}, {0x0, [0x0, 0x2e, 0x2e, 0x61, 0x30, 0x61]}}, &(0x7f0000000080)=""/53, 0x20, 0x35, 0x1, 0x9}, 0x28)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
set_mempolicy(0x4005, 0x0, 0x6)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
file_getattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r1, {0x3}}, './file0\x00'})
accept4$inet(r3, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f0000000140)=0x10, 0x40000)
readlink(0x0, 0x0, 0x0)
pipe(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
writev(r5, &(0x7f00000001c0)=[{&(0x7f0000000100)='|', 0x1}], 0x1)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
write$cgroup_pid(r6, &(0x7f0000000000), 0xffffff98)
splice(r4, 0x0, r6, 0x0, 0x80000000, 0x0)
r7 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x18, 0x1)
landlock_restrict_self(r7, 0x9)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000040)={0x1})

5.185664077s ago: executing program 5 (id=2803):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x100001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x100000040, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x58)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000010000e1850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4)
sendmsg$unix(r5, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20040054)
r7 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x33, &(0x7f0000000640)={0x1, &(0x7f0000000680)=[{0xb1, 0x0, 0x0, 0x2}]}, 0x10)

4.35565924s ago: executing program 5 (id=2804):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
socket(0x40000000015, 0x805, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newqdisc={0x50, 0x14, 0xf0b, 0xfffffffc, 0x0, {0x2, 0x0, 0x0, 0x0, {0xfff2}, {0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x24, 0x2, [@TCA_PIE_BETA={0x8, 0x5, 0x19}, @TCA_PIE_TUPDATE={0x8, 0x3, 0x5}, @TCA_PIE_TARGET={0x8, 0x1, 0x5}, @TCA_PIE_TUPDATE={0x8, 0x3, 0x40000005}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, 0x0, 0x8000)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000440)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_STATFS(r2, &(0x7f0000002480)={0x60, 0xfffffffffffffff5, r3, {{0xa, 0x2, 0x2, 0x8, 0x8, 0xb2b9, 0x10000, 0x4}}}, 0x60)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={0x0})
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r4, 0x1, 0x9, &(0x7f0000000080)=0x114c, 0x4)
r5 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r5, 0x0, 0x0)
r6 = openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@ipv4_newroute={0x2c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x25dfdbfe, {0x2, 0x20, 0x10, 0x0, 0xfd, 0x4, 0xfe, 0x2, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x1}, @RTA_PREFSRC={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x16}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4a044}, 0x20004090)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

4.324901584s ago: executing program 6 (id=2805):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000000c0)={0x48, r1, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x5}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)

4.028055739s ago: executing program 6 (id=2806):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x9, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0xd, 0x6, 0x0, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x15a5d16c, 0x3, 0x0, 0x9, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x28, 0xd, 0x7, 0x1, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0xe464, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x5, 0x8c, 0x1000, 0xffff, 0x0, 0x8000, 0x4, 0x8008, 0x400, 0x80, 0x3, 0x5, 0x6, 0x3, 0x4, 0x3, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e4, 0xc, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xffffffff, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x2, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x6, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x2, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x29, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x200000, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xf, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa5, 0x5, 0x6, 0xac8, 0xca, 0x4d, 0x3, 0x7ff, 0x12b, 0x7fffffff, 0x1, 0xa, 0x0, 0x1, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x7, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0x3, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x9, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x4, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb3e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
connect$inet(r4, &(0x7f0000000380)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10)

3.753846537s ago: executing program 3 (id=2807):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0xe, 0x6, 0x401, 0x0, 0x0, {0x1, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x8010)
utimes(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={{0x77359400}, {0x0, 0xea60}})
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@mpol={'mpol', 0x3d, {'interleave', '', @void}}, 0x4e}]})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r2, 0x1, 0x5, 0x0, 0xfc56)
fcntl$lock(r1, 0x5, &(0x7f0000000600)={0x0, 0x2, 0xfffffffffffff7f7, 0xfffffffffffffffd})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x32)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, &(0x7f0000000780)={0xfc78, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x20, 0x1, 0x1, 0x1}, 0x0})
syz_usb_control_io$cdc_ncm(r4, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r5, 0x5b03, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x0, 0x6, 0xdddd0000, 0x1000, &(0x7f0000fff000/0x1000)=nil})

2.601830917s ago: executing program 6 (id=2808):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_open_dev$mouse(&(0x7f0000000140), 0xffffffffffffffff, 0x2804)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="04000000", @ANYRES16=0x0, @ANYBLOB="000107000000fcdbdf25100000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00080000000600110006000000080013000100000005001400010000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0090000000060011000002000008001300080000000500140000000000"], 0x94}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x916, 0x801)
ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0585605, &(0x7f0000000240)={0x1, 0x0, {0xe21f344, 0x7, 0x300e, 0x2, 0xa, 0x4, 0x2, 0x4}})
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0285629, 0x0)
socket$alg(0x26, 0x5, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="e80000000000000100000000000000081e0f315b91fcaec7bf49c2760000000000001bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957e2013d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c02554029c81297"], 0x208}, 0x40000)
mount(0x0, &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010027bd7000fbd3df2502000000050004000100000005000400010000001400020076657468315f746f5f7465616d0000000900030073797a32000000000900010073"], 0x68}, 0x1, 0x0, 0x0, 0x4000145}, 0x0)

1.553443424s ago: executing program 3 (id=2809):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
set_mempolicy(0x3, &(0x7f0000000240)=0x7fff, 0x3)
r2 = openat$full(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$cgroup_pid(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}]}], {0x14}}, 0x58}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c000200060000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

1.364791228s ago: executing program 6 (id=2810):
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000240)='./file0\x00')
chmod(&(0x7f0000000000)='./file0\x00', 0x28c)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x0, 0x3})
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')
r2 = openat$vimc2(0xffffff9c, &(0x7f0000000500), 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000000c0)="b1", 0x1)
r4 = accept$alg(r3, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000001f80)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40}], 0x1, 0x4000001)
recvmmsg(r4, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000100)=""/191, 0xbf}], 0x1}, 0x800}], 0x1, 0x2120, 0x0)
ioctl$VIDIOC_QUERYBUF_DMABUF(r2, 0xc0585609, &(0x7f0000000040)={0xf, 0x6, 0x4, 0x40, 0xd, {0x0, 0xea60}, {0x4, 0x8, 0x0, 0x3b, 0x1, 0x58, "dad9b9cf"}, 0x3, 0x4, {}, 0x3})
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='./file0/file0\x00')
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f00000000c0))

1.147987231s ago: executing program 0 (id=2811):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper})
r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000440)={"0e000016", 0x0, 0x6, 0x2, 0x0, 0x1, "f70000000000000000deffffff00", '\x00\x00\a\x00', "0300", "0001ffff", ['\x00', "808e88e2e9ffffffffff00", "0cdd42000000000000c20d00"]})
ioctl$CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000ac0)={0x7, 0x7, 0x3, 0x9, 0x5, 0x81, "4f4b281fd604be0ebcdcb60d1e532e21", 0x4, 0x2, 0x6, 0x8, 0x10, 0xc, 0x10})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000440)={'#! ', './file1/../file0', [], 0xa, "000278414808f90249a8974898280f3c430a34b2de9a57967d49c269449fc906eef97ae17618a3eb9a5df5a02a484a4fff00"/59}, 0x4f)
write$UHID_INPUT(r3, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf063a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e996459e6d692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b124e4ebe0d9883ef100f1934e42794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b50be87000000000000040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c485bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746733d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d86903704000000c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c1169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5513c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a63941564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9fe9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd94b0d9b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78af7900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae775dc308cd6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc5492b4e1083a2e3d77215a34abef947b5b9a950e780662de18873e55899c92db3ad3d437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef260cb0466c237376ca2944ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c7c636b3a2b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e400", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "9001001c551265406c7f306003d8a0f4bd0000000300", [0x10, 0x4]}})
syz_open_dev$vcsn(&(0x7f0000000000), 0xac, 0x8000)
clock_gettime(0x0, &(0x7f0000000200))
ioctl$VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0xde7, 0x5, 0x4, 0xe100, 0xfffffff3, {0x0, 0xea60}, {0x4, 0x0, 0xfe, 0x5, 0xf4, 0xc, "24e445fe"}, 0x1, 0x1, {&(0x7f00000004c0)=[{0x2, 0xd64f, {0x8}}, {0x3, 0x8001, {0x1}, 0xffff6efb}]}, 0x7})
io_uring_enter(0xffffffffffffffff, 0x655c, 0x2007723, 0x16, 0x0, 0x0)

959.119829ms ago: executing program 3 (id=2812):
r0 = semget(0x3, 0x4, 0x69c)
semop(r0, &(0x7f0000000440), 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff])

597.628912ms ago: executing program 6 (id=2813):
lstat(&(0x7f00000008c0)='./file0\x00', 0x0)
syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x103181)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r1, 0xc06c4124, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd, 0x0, 0x0, 0x0, 0x2})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001880)={'bond_slave_0\x00'})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
futex(&(0x7f0000000200)=0x1, 0x6, 0xf2, &(0x7f0000000240)={0x77359400}, 0x0, 0x1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257075bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000019000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b257183fa3bcd48666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09601f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebd00000000000000005839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dcc718a09f4886afc26abba34635d0e8b54bc76be40d435aa8b5202db761014b1b999a12df6bee431a666100"/296], &(0x7f0000000100)='GPL\x00'}, 0x48)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540), 0x28)
setsockopt$inet6_tcp_int(r3, 0x11a, 0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r4, 0x40146f2c, &(0x7f00000000c0)={0x1, 0x0, 0x3, 0x0, 0x4})
ioctl$DVB_DEMUX_DMX_ADD_PID(r4, 0x40026f33, &(0x7f0000000500)=0x7)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r4, 0x40146f2c, &(0x7f0000000000)={0x101, 0x0, 0x2, 0x1, 0x4})
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r5, 0x5452, &(0x7f0000000000)=0xf4e)
writev(r5, &(0x7f0000019880)=[{&(0x7f0000000400)="fb", 0xffffff5c}, {&(0x7f00000197c0)="1902eb02d5e5f29e59e1a7caec33eb76d2430da474d87e367f6598d026438b65eda8341073b6752abdcee080c8e1e876b25227c37d7dd79886ce33f13e857c8eda1cecf6ac36c03dbf54e3cb5136da5a33fee76fb3113f8b6700e9e5fc006b8eed665fed48738d59395ad07438c3610ae3976aac75caf2facafa21c25be3c2", 0x7f}], 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3e, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x7f, 0x9, 0x5, 0xffff2d37, 0xff7fff01, 0x6, 0x803, 0x7, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x299, 0x7, 0x3, 0x8, 0x4c71, 0x10000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8e, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8002, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x8003, 0x6, 0x2, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x5, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000008, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0xf0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x1, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0xa, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x40004, 0x2950bfaf, 0x1000, 0xa1, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x2005, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x961f, 0x7, 0xfffd, 0x8, 0x6, 0x226, 0x5, 0x4, 0x6, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x6]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

597.141877ms ago: executing program 3 (id=2814):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x100001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x100000040, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, 0x0, 0x0)

505.014112ms ago: executing program 0 (id=2815):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000000c0)={0x48, r1, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x5}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)

338.442887ms ago: executing program 3 (id=2816):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000200), 0x80a00, 0x0)
ioctl$SNDCTL_DSP_POST(r0, 0x5008, 0x0)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000280)=@generic={&(0x7f0000000240)='./file0\x00', 0x0, 0x18}, 0x18)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0)={0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000400)={@fallback=<r3=>r0, 0x0, 0x1, 0x7fff0000, &(0x7f0000000300)=[0x0], 0x1, 0x0, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0], <r4=>0x0}, 0x40)
r5 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000480)='syz0\x00', 0x200002, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x10, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x200}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000540)='GPL\x00', 0x91e, 0x67, &(0x7f0000000580)=""/103, 0x41100, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000640)={0x5, 0x2, 0x6, 0x6}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000680)=[0xffffffffffffffff], &(0x7f00000006c0)=[{0x2, 0x4, 0x4, 0x1}, {0x4, 0x5, 0x3, 0x1}, {0x1, 0x1, 0x10}, {0x2, 0x3, 0x9, 0xb}], 0x10, 0x7fffffff}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000440)={@cgroup=r5, r1, 0xc, 0x0, r2, @void, @value=r6, @void, @void, r4}, 0x20)
ioctl$int_out(r1, 0x0, &(0x7f00000007c0))
read$hiddev(r3, &(0x7f0000000800)=""/82, 0x52)
ioctl$DVB_DVR_DMX_EXPBUF(r3, 0xc00c6f3e, &(0x7f0000000880)={0x73, 0x0, <r7=>r1})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000900)={0x0, <r8=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x3, r8, 0x1, &(0x7f0000000980))
fsetxattr$smack_xattr_label(r0, &(0x7f0000000ec0)='security.SMACK64MMAP\x00', &(0x7f0000000f00)={'}'}, 0x2, 0x1)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), r3)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r3, &(0x7f0000001080)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001040)={&(0x7f0000000fc0)={0x48, r9, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x8, 0x2}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xb4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x72a56ee56b7108f0}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x37}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000884}, 0x1080)
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(r5, 0x4048587b, &(0x7f0000002600)={{<r10=>r1, &(0x7f00000010c0)='^\xc9!\x00', 0x280800, &(0x7f0000001100)={@align=0x80000000, {0x5, 0x6, 0x4}}, 0x0, &(0x7f0000001140), &(0x7f0000001180)=0x401}, 0x5, &(0x7f0000002540)=[{0x2, 0x7ff, &(0x7f00000011c0)='!,*@[\\.+{l#/\x00', &(0x7f0000001200)="d91ebde4f4ffab4ff992bcc8041e95d525b7f8f9c2465d45153df9be99bee27b4fad01415f454ecd2da0b55123bbdab12dfb52772562030ebc4849568434965c504d8475ac5dd0d22240591d57d5f28fa48c1f6b416eaa3bb1a581f47079960724c10f61a67667f0ddc41f63967c74b5cb3566d75cfe7a6a18827e158c22", 0x7e, 0x10}, {0x3, 0x6, &(0x7f0000001280)='GPL\x00', &(0x7f00000012c0)="ea7f820005c279254d5386a9333bb332466af49c0ba98eb188f15c6eeab578a5ecc3f46c7af093fcfd5acd91b815daebe28e9989cf", 0x35, 0x12}, {0x3, 0x1560, &(0x7f0000001300)='\x00', &(0x7f0000001340)="98232809a201352a870d6631030fb9bd85277bca9d6231601fd618bfb3244c8999d27304bf60e1a846bc033bfeb1505fc5fd8a534c90d4dd90e8341ee100dbc33bf9354241cc77f529e3ac057574dfff18cd4cd73d7a69b1c117551d7e05da384a081ffd9b2156e2d766fa7709f42915c29f59196fc077dc6194f77375bbb026", 0x80, 0xa}, {0x2, 0x6, &(0x7f00000013c0)='/dev/audio1\x00', &(0x7f0000001400)="a6d161ff69ffa677b7e1a874017fde08c9013248ad8d357b01d52e3fbaf0b27264b71f1518f896c405ac8d57d70bfe19142a1f8732e4321fe21705b48fd0d896223da671a7dc20b1ef61ee43bc1758a2811969e384ad1d6353d3a1fcd0366854fff93c9a55837dda5c3c77be5c2e9de40a7d0027410128a61529c7f0ba0e32f6e2c20f426613026c5726d1750e1d186580228b22b0577ef140bff896b070b4e1ac884c21f0ab715b1bd5ad9c97e0bfda38010e351e0f6c4241e55d0363c927fc54386b2b7e7309b85c53", 0xca}, {0x1, 0x2, &(0x7f0000001500)='nl80211\x00', &(0x7f0000001540)="e13ebb7f16558e27608c33d2f848aa97c510116883bd3aa7a9346c34556f083897595f4a9ce6d829fa6de4c1215a10cbb5400c36872ca9df1e47b3552bab4d3df8c286f48b6599d3548806aa8c50f465d2ccda5cf4e00ff2d1bb99ed063d9cb4b219e66da5907c1bfc4b5147c99b57ccd0eaf5a834959ca8bff325f2acd3266663eebd942e818809206820f3477c6fba0f31bbb5ea5404bcb6bfa2d6048390772bf1a398928115268ed8c9f3851500de4095a6d227625cb2a23e646ecffd103bab61f0abb1ef4fcb33b9ddae3f4e341ddfea4936e64495dc8d4e8fbd5e9302a5124042d765d85920d153b3c6ecda640e67a565fe5184629f9c2f8d2dc73d84cf637843fa4e06fe7d3360e7026485b348cda19f9d275c1191635e3e8431be4634eb12a0e64614a66fc58b3548f791683d7ad825d740c5ca842f70e1c4c13a285ca3f3ba75e74844fefd9d4d8d8d76b46d3b93e3dcd763cb934b5e7c30bf4eef4d7e418c51395674066646774a14c3854812ba5687f7015e494a6c49f17ce3249c868f4cc04e06f79c12be9a9ca98d7c9b68e2ccc55d2fb3d0b7ad9e9bf51caaaf7500e42d1aa2741ad4af5567dcb011e84e36efbcadbca09c58730be9d59c1ab46d106d3df56508cd597f5e155e31eb53f7c3ba932ccb583350e0d6410112f031ee15529d35e0802f3211cc691a9a0ac00241dd26e1e2d88062d37c5adc16a255c875d85be01393a406b032fa85ed0ffadd8191a87a7191202e8bded842247e4af93d55814ab0a933810ed0999f076be2ccccd17b1f4722db8ed5f77789dcee6ba14400222b7830f603a27a9a2114d4033d6ce0a19d4cbdf1c1b377396e623f96abf612f931658a2b207e3075786ae6b45d90aa100f73fd1e3bd37accb91dfc1da17105f36ecf2a59b72f2d6b4b8cafdadc93c5d3edf7e516e3c613c648f6cb745deed7572bf7030859be582aebe9827d7b4f5cd80e299546d56e9d5ca47864c30135a4944d29d79de7aabbd4852c69eb9e63b9a2d2910ec7c17f710be984984f42b557e814b5d5789c70d31dbd71cd0063a9cb3df23a9c37efd4e8d0edaa1135b2a5da6fa7f60967592bc60170dcf4e3eb6f4700be3dc635e26a1f02f79528ba5ccd2c4398c93cc4da0b391e2777415d3442733bc5df8d368110cc2e2ca2ad7d220ea336537868f42f429be452edeb5611074251a68e18cd2691d041d8a6e3377b80662fa79bcaf152a8b5dbbf22ab0c374b933a5643f6ee8a5e036233be9fd1c6fe76f024b5e3c3aa701b725e225a76f6c74945b8395459ca99f3eea573e952cd9708ac1c31f6e3b33153a13cfd63060741caafbbf78a4e67d6ee1879da3701bf08a0962e8230fb8c4cb9b1202ac0777e58bd9b95ac722109319b37b8a9c8ef7aea2307a9ca2e20865b1c1a99652000320e7bb517c8858c263b0bc83a6820430047d6e5df675471e6453bc480fe93606ca162872b479362da65159c9e8a9162f459ac3c65c70a20b5417f7d33e3e9207d1661590ef1fd8da5b14c3b3118a92f7387e0a91b460fbf484d79e7c93762afbfff3585192bf9cac7ab9c78faf543b3cbe963236539321e7e588b552fe7a0c0b90c29e0a039bcf87c3181f8ff3d6ca44a8cccdeea007678fc5bf8a3699ea06c9d9879953847917198a1e8a44f4d8efcbbf6e975bee92f57fc44331503797627bfae38a6f8d923b7962b6ac2047b930ffd1a3bfc144623abcd984b6782608f94916918af0a2ca16ccf071973ce1c4862e8834b2b6ac0052a50379ce7c46783a5823fbe10ff8fe012e69922651164d97eee0966a6ac1bd1df4b7e65f7b2bce59b925d20e40f74ad2ae084a1e03ce5c294951036afb103e57a0c953a9ac907752fc5adfc7fce738fcca0264c6902cb332bd5d5fe760ee36a9afd79ce0aadff180cd83ec5d3e3b87dfe94301d6692db6c1554996fdc7c229253f68dad0d55efd82e2313ea21602c6f15889d5a83eb57a1fc8ee64fc1aaddfe9703b64fa96f419aa1e7bec791bd7737f888c9892445161cc37b41cecd0da13bc0b334863a923aa39f03fd488f03d6b655e8cd860bbbe6b1f2a725dde042c3cb75604c0729e4b088ca5a915592400b34ae09d0fa7f2622325693075a3d65edf04bddea7a789529933e2932c90464bf1acfc34426425baeba503c8bebda42f57294433a3b5e62746be1c0b9b8219d376938b53996dfd1e9bda4a333f34f6740703a779935c20afd5c41ed52abcc5b2425eeaba8cdf24391f7f01ae9b5a549fd941528bc41e5ce22cc6539518a163e947090d509420972ce431854af24a43a382a6443cff49e65253bd9b6b7209a240f846db80b294b97e651cd88d0504fe96b4d2456081a8e67d4781f13ef3f5eb3a86aa44850f181c118700d29c867e3d8cd377f4502b0535ca8c6dbc2b0c7e7f9076b026c50ad812fd5ee6f896621adc836f535ae7422b5f25ba76bffd0067d1afebb47a6e24507665155d256266f3f92b78331090173641ec68fd0ee0d9d9284f65e88edc58fc9c524264e3512a787ed94161614f6592abcd2d579fe7531e4b465ac09c0adfd3fdaf58368fcfbb6cd67c1e236d001a11940617e4f0ebce2fd7b09ac3f42900d04de526045c5387e168c614e7526488f925ac737792fd8fab4342a0f7bae4a21524aa8a1bb6fa0f737310f73bb0f3b00f5c65769d57675943319e8630ae8e5b0318427bad1e9ed66d19e098a9102f3a6f2530d16177b844f1fc37838ed4aa3711c5a9aff4ef511654e411e42681d175a9e81da25494bee9b4b9b56cccbaf6369422ec9bd1b74318d430a8b5a6290195d027108041182738882da384b7dd209f70d0d945835514f92b05b1895befdf68bb54900f33c901eb82db7c9af0cfa9326b97b3a8a0a12bddaaa33c0b611bd74ff210469c4294c7da2aa5ea4eaffe39b0114106ec47d9fdc5673a87fdb0d56c7d6e1ef62c0ddf9518ef6d99b6fec07cb80c73c73b7125668fa47eb6b558929bc08a22e71918a788e3ce3d6a63111ba4d8beb40151773051bb33ca9a7be52b6eaa983c7b58a617428c1956f9b4829f5a51bd2de84fc0d0869c4fc738922daa41ea7bb2fe168a72395bac2f6c3f83639cfe5ea844afd3001302a991c578d60a98c89403f26ff399f8028a4e3b1ae18716020cc6cc4f27af97093d684c5ba0f9ba402cf686aa274d295ccb2528ff8136dba65f4e9c3d68de1d3c371ed275ca286ed975ee286b46b2590ad4658c5bcde0fef784dceb90e1c04f80190faee48f40fabe6826141164dbbd9a5d3b29fc222616af62ff7f2d84e906d2b6be053d998740651f470b8d9c44da55a707263c781ef9bcf3d3344351704699120ad5ccd78ed7b2f9f8ecb43a61ff3fb7e3d49f4424fb886cec754c0c69d1f152977ecbd4507137747bd168f16e9360068a256b07e00b32983794b1d865d2bf5295651d2192a96be5b345cd30acaeb673f0520c9646bb123850e8f272ddfa2ac462444391f7ec96140b1bcc42d09fbe45fc32cd23caacbdfd3e9e0e16fd997b859b4566cbd537255e724d69a68ef8da3acbee7d0a3f54bd587f6223b8c6239676abcdc20fb0614adb802ffda511131f286e92514a746f709f2f9e2d4a97d8bdfef649b2ddaf5698ef927f303590aa0439de6c6b9f85879ed154b1e5d8b7f491caf5f0d01533bbe6d6738fc035ac218ef05a32cd0aca16b145f88c8ee2a13e056b5880822c5777b50183d2681c635bc9648ea5d69c70b1434abda18d65564fa9e2f3ef45bb1b74fda8a378b7e0c443fca73ce62eca1e1092888b581932ef33faaa8e77d630746d79519e6392917d7eb22cec5c53dd9e4ab5efaceec6f2a73c43352ab5aaaf221735452f79f1a9fbc1c8582ed5555f36c09b4a255c930c948bc388e06827e8826544fa689734256979b2c27f5fc8061636e45346b21e4a3d2b3891736e0c174c19c0605695fc95f211cfc5d2db5135acaecfe32030030dc813cca0fdd7786be33cf384918f91b742aa52fc2a013b39f3a1636fbbe1a6efdca9d76c762a1d6549c5b485680ee9330204bfc6f3e58206f0da0b3572a0e89e42e858add2c00cf569939caf6e53c3413bbc126af7a45e631b4efc81ed24b4386be374d913733527972f29696edf065922f09ce51cf0116bc1cad7ed17c0fd90f7a6fababc7a7fa60a832fd98408f45e1d44daf1d0baffe53a31614c85e1c502d80680cd02b923e2b55144aecc612928f1e6f43719c9f9df9aba7421ba7b766b7bfd146fd6fab9b5c07e45171b8e4e019004924dae4b7007f3c50d8c9f1a7f99f818dc58278c715abf821c979913f2caf8e3af38f37ff452c26e5221495908da901ce6220a167d491242c2cb0eec72d39d8669b8e3bb0b4318912a32129fa68f50be2fee3190dd1061190fd5bd159835d8a6d4a35af3344cba072e23f78bb7af56988b6b84c5f532784bb59b656055f9b16200b740340a7154ea22bc4d9bae6b19e9ab08a4aa81fdc9b42e9ef12d6a54e2601d53357f02baaf26007e2b54a7ce4db4cb92e5ed055527b8a15b7cd7f6a9b286a744ed797539cccbc9185612eba59c12a0238262e7476cff32e52efdfe286ea17b1f72d9559493f8abf25059c68f78abd9f8265f751544886317aa725c4aaf68945145f5c4d7c662f6c07f34c12d359abf10c5848be4756d16abe021abed18ba45c8a48b6a1fa56561c9865006aa073c28c9ee9e1f266a07a371ab4af3049c687515076f75a419bd8ce817a1e9076f510f4a110ba39db85d9b92c946c5000913709f3e0996f347557c4697cb6fc55111485801670a70668a7774b9e421a9c1166e5e46d5fb91e1382ed5cb687e1e1d7e02fe9eb8afedbe587eb44bdf52e1056ce5d519efd475af2d13da80a80d36fec9dc938d52e45c8053bb687d1487a9d30d8bbf8877f4063f32fe13fc657649821b248a04ea7eeedd697b376c29542761ae7d97d7d0d5f28669712019e3366a1be37a8e82a7f0ecc3cd620ac166a2e9700590e6e837cb46e02c757ae8a80353e19a1340cbc5abdf5ae63c8ad96392de72108c8fdbb579c615d6b9ac8db53483f3a9874871c86e2f60fa142e2aaf88f880fb633283e87db9e0ee396ded21a66ef1b0c84c1fc12536125ec4a87665b3891bf19ebd9591139752b5da2aad48e0cd28d56ba82bbf54468563fd055a8a8658b8f04a3bd7f5b9dcdec8bbb0ddc2ceb1c6b7486874b42f1de4a4033dc23e4c0ba47726f6a9a9fbb88ee89a8153e26eb3af355b1765f6f0459ebef2d0f018dde5edd36d2786b1afae63ae87a2e434b3de425e7900857daa6c41e4de5384426f27ab92c264be1f6bd3d8f015b8d31a947e110ca7224259de9fa6b508725d743818da2936b00d9552a012c44b9d5f7924f0ae3b9876d3fd9cf30f9177e252df41c5da88df00ca410f689b240e929dc5192ee112340ef2b2fcd6b558cbd8aa8beda3256eb8fa11d76d02280cec6477e13ef1946af38991f90dc23243f5d3d0496c45d796121e41d498eba9191f43ed3782e913cb126442118599046951ca5c5925f9876e9e103395cf09bbe72d735551249d94d1ca38d9f72c23e4823a670bd0d75b2a3bcc4fd7ea6838cb619c2aefbb45bb6ca3c148024d37a4061a7b63c818f267c71fc49920fcfa479b0af58a9c6fee2ef7263b7e9e91221638db23419705ee84f4a0bcbfe6711f9ba470ca99cc02607c95be91612d6dfd1a3c47b46188260ba9daf6e1c10216cf8dbcca9f991a6aab36e2a6ccb402e1f1d2f3ce3cc8a1d712f7fe29fb10fec803cc25fda56457c928d3d", 0x1000, 0x20}]})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f00000026c0)={{0x3, 0x1, 0x4, 0xb, 'syz1\x00', 0x6}, 0x6, 0x20, 0x4, r8, 0x3, 0xb6e0, 'syz0\x00', &(0x7f0000002680)=['\x00', '+)/:%\x00', '/-\x81#,-[:.\x00'], 0x11})
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r3, &(0x7f00000028c0)={&(0x7f0000002800)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002880)={&(0x7f0000002840)={0x1c, r9, 0x4, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x40)
r11 = openat2$dir(0xffffffffffffff9c, &(0x7f0000002900)='./file1\x00', &(0x7f0000002940)={0x10000, 0xf9, 0x5}, 0x18)
faccessat(r11, &(0x7f0000002980)='./file0\x00', 0xa4)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f00000029c0)={{0x1, 0x1, 0x18, r10, {0xd}}, './file1\x00'})
ioctl$XFS_IOC_GOINGDOWN(r7, 0x8004587d, &(0x7f0000002a00)=0xfffffffb)

319.732785ms ago: executing program 0 (id=2817):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
connect$inet(r0, &(0x7f0000000380)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10)

57.751156ms ago: executing program 3 (id=2818):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1", 0x82}, {0x0}, {0x0}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2", 0x39}, {&(0x7f00000000c0)}], 0x5}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000580)="8f96", 0x2}], 0x2, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x9d}}], 0x78}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}], 0x3, 0x20000044)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = socket$kcm(0x10, 0x2, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000040)=0x1, 0x4)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c)
sched_getattr(0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
sendmmsg$inet(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x14, 0x0, 0x7, {[@noop]}}}], 0x18}}], 0x1, 0x50008000)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r4, &(0x7f0000003040)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0xdd65, @local, 0x4}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000001c0)='7', 0x1}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x4e21, 0x130a, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000200)='7', 0x1}], 0x1}}], 0x2, 0xd8)
shutdown(r4, 0x1)
setsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x1, 0x8001}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
r5 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000280), &(0x7f0000000500)=0x4)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRESHEX=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

0s ago: executing program 0 (id=2819):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, 0x0, 0x8) (async)
connect$inet6(r1, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) (async)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)="d800000019008111e00212ba0d8105040a600000ff0f040b067c55a1bc000900080006990300000015000500fe8081780d001500030001400200000901ac040000d67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd4", 0xb4}], 0x1}, 0x0) (async)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x3, &(0x7f0000000940)=@framed={{0x18, 0x9}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r5 = gettid()
process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) (async)
listen(r0, 0x22) (async)
syz_emit_ethernet(0x5a, &(0x7f0000000240)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x24, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}, @mptcp=@syn={0x1e, 0xc, 0x1, 0x1, 0x1, 0xb5, 0x5}]}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

741.587114][T13019] futex_wake_op: syz.5.2220 tries to shift op by -1; fix this program
[  741.888833][T13009] netlink: 140 bytes leftover after parsing attributes in process `syz.5.2220'.
[  741.888913][T13009] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2220'.
[  743.873133][ T5600] Bluetooth: hci5: unexpected event for opcode 0x1009
[  747.167612][   T59] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  747.213640][   T59] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  747.216377][T13056] netlink: 'syz.4.2234': attribute type 10 has an invalid length.
[  747.242975][T13061] netlink: 'syz.4.2234': attribute type 10 has an invalid length.
[  747.291057][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  747.291124][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  747.294874][T13056] macvlan1: entered promiscuous mode
[  747.294897][T13056] macvlan1: entered allmulticast mode
[  747.338363][T13056] veth1_vlan: entered allmulticast mode
[  747.343835][T13056] team0: Port device macvlan1 added
[  747.348384][T13061] veth1_vlan: left allmulticast mode
[  747.504421][T13074] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2239'.
[  747.506580][T13074] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2239'.
[  747.597246][T11102] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  747.749863][T11102] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  747.749896][T11102] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  747.749931][T11102] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  747.749953][T11102] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.764856][T11102] usb 6-1: config 0 descriptor??
[  747.790403][T13083] fuse: fd is not a fuse device
[  748.252167][T13087] can0: slcan on ttyS3.
[  748.301159][T11102] cp2112 0003:10C4:EA90.000A: invalid report_count -497071143
[  748.301183][T11102] cp2112 0003:10C4:EA90.000A: item 0 4 1 9 parsing failed
[  748.301929][T11102] cp2112 0003:10C4:EA90.000A: parse failed
[  748.312516][T11102] cp2112 0003:10C4:EA90.000A: probe with driver cp2112 failed with error -22
[  748.342788][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2247'.
[  748.448551][ T5845] usb 6-1: USB disconnect, device number 14
[  748.485368][T13095] can0 (unregistered): slcan off ttyS3.
[  749.246140][T13118] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2251'.
[  749.246161][T13118] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2251'.
[  749.246178][T13118] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2251'.
[  751.071567][T13140] FAULT_INJECTION: forcing a failure.
[  751.071567][T13140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  751.071600][T13140] CPU: 1 UID: 0 PID: 13140 Comm: syz.5.2256 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  751.071621][T13140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  751.071632][T13140] Call Trace:
[  751.071639][T13140]  <TASK>
[  751.071647][T13140]  dump_stack_lvl+0xe8/0x150
[  751.071673][T13140]  should_fail_ex+0x46b/0x600
[  751.071705][T13140]  _copy_from_user+0x2d/0xb0
[  751.071727][T13140]  do_sock_getsockopt+0x200/0x7e0
[  751.071754][T13140]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  751.071801][T13140]  ? __fget_files+0x3a6/0x420
[  751.071817][T13140]  ? __fget_files+0x2a/0x420
[  751.071837][T13140]  __x64_sys_getsockopt+0x1aa/0x250
[  751.071861][T13140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.071878][T13140]  do_syscall_64+0x15f/0xf80
[  751.071897][T13140]  ? trace_irq_disable+0x3b/0x140
[  751.071914][T13140]  ? clear_bhb_loop+0x40/0x90
[  751.071935][T13140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.071951][T13140] RIP: 0033:0x7fa57678cdd9
[  751.071967][T13140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  751.071981][T13140] RSP: 002b:00007fa5749de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  751.071999][T13140] RAX: ffffffffffffffda RBX: 00007fa576a05fa0 RCX: 00007fa57678cdd9
[  751.072011][T13140] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000006
[  751.072021][T13140] RBP: 00007fa5749de090 R08: 0000200000000040 R09: 0000000000000000
[  751.072032][T13140] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  751.072042][T13140] R13: 00007fa576a06038 R14: 00007fa576a05fa0 R15: 00007ffd3b343398
[  751.072070][T13140]  </TASK>
[  751.302712][T13144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2258'.
[  751.443829][T13150] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2259'.
[  753.458388][ T5845] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  754.819044][ T5845] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  754.819779][ T5845] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  754.826732][ T5845] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  754.828067][ T5845] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  754.902890][ T5845] usb 6-1: config 0 descriptor??
[  755.089989][ T5845] usbhid 6-1:0.0: can't add hid device: -71
[  755.090099][ T5845] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  755.147282][ T5845] usb 6-1: USB disconnect, device number 15
[  756.637168][  T822] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  756.791819][  T822] usb 1-1: Using ep0 maxpacket: 8
[  756.795017][  T822] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  756.795040][  T822] usb 1-1: config 0 has no interface number 0
[  756.795079][  T822] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  756.795100][  T822] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  756.795122][  T822] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  756.795144][  T822] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  756.795262][  T822] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  756.795283][  T822] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.803511][T13220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2275'.
[  756.826087][  T822] usb 1-1: config 0 descriptor??
[  756.850970][  T822] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  758.522244][T13196] binfmt_misc: register: failed to install interpreter file ./file0
[  759.026790][ T5611] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  759.211789][ T5611] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  759.211820][ T5611] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  759.211844][ T5611] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  759.211865][ T5611] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  759.211919][ T5611] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  759.211941][ T5611] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.310793][ T5611] usb 6-1: config 0 descriptor??
[  759.427184][ T5845] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  759.567303][ T5856] usb 1-1: USB disconnect, device number 57
[  759.583277][ T5856] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  759.586827][ T5845] usb 5-1: config 3 has an invalid interface number: 214 but max is 0
[  759.586849][ T5845] usb 5-1: config 3 has no interface number 0
[  759.601867][ T5845] usb 5-1: config 3 interface 214 altsetting 6 endpoint 0xF has an invalid bInterval 88, changing to 7
[  759.601898][ T5845] usb 5-1: config 3 interface 214 altsetting 6 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  759.601925][ T5845] usb 5-1: config 3 interface 214 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[  759.616268][ T5845] usb 5-1: config 3 interface 214 altsetting 6 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  759.616297][ T5845] usb 5-1: config 3 interface 214 has no altsetting 0
[  759.668042][ T5845] usb 5-1: New USB device found, idVendor=04d8, idProduct=f58b, bcdDevice=62.c2
[  759.668123][ T5845] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  759.668140][ T5845] usb 5-1: Product: syz
[  759.668152][ T5845] usb 5-1: Manufacturer: Ó¿
[  759.668164][ T5845] usb 5-1: SerialNumber: syz
[  760.291264][T13239] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2279'.
[  761.008861][ T5845] ir_toy 5-1:3.214: required endpoints not found
[  761.113605][T13241] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2280'.
[  761.142773][ T5845] usb 5-1: USB disconnect, device number 71
[  761.575653][ T5611] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  761.588760][T13252] netlink: zone id is out of range
[  761.588772][T13252] netlink: zone id is out of range
[  761.588780][T13252] netlink: zone id is out of range
[  761.588786][T13252] netlink: zone id is out of range
[  761.588793][T13252] netlink: zone id is out of range
[  761.588800][T13252] netlink: zone id is out of range
[  761.588806][T13252] netlink: zone id is out of range
[  761.588814][T13252] netlink: zone id is out of range
[  761.588820][T13252] netlink: zone id is out of range
[  761.588827][T13252] netlink: zone id is out of range
[  761.601082][ T5611] usb 6-1: USB disconnect, device number 16
[  761.609858][T13252] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2285'.
[  762.001509][T13261] overlay: Unknown parameter '/'
[  762.759884][T13264] 9p: Bad value for 'rfdno'
[  762.905381][T13259] fido_id[13259]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  763.263127][T13266] can0: slcan on ttyS3.
[  764.672885][T13266] can0 (unregistered): slcan off ttyS3.
[  765.278897][ T5611] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  765.361109][T13285] IPVS: set_ctl: invalid protocol: 103 224.0.0.1:20004
[  765.616263][T13284] can0: slcan on ttyS3.
[  765.677140][   T31] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  765.700866][ T5611] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  765.700891][ T5611] usb 5-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  765.700909][ T5611] usb 5-1: Product: syz
[  765.700918][ T5611] usb 5-1: Manufacturer: syz
[  765.700925][ T5611] usb 5-1: SerialNumber: syz
[  765.708417][ T5611] usb 5-1: config 0 descriptor??
[  765.724159][T13284] can0 (unregistered): slcan off ttyS3.
[  765.754346][ T5611] ch341 5-1:0.0: ch341-uart converter detected
[  765.944801][   T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  765.944831][   T31] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  765.944867][   T31] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  765.944940][   T31] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.008525][   T31] usb 6-1: config 0 descriptor??
[  766.009949][T13298] FAULT_INJECTION: forcing a failure.
[  766.009949][T13298] name failslab, interval 1, probability 0, space 0, times 0
[  766.009977][T13298] CPU: 0 UID: 0 PID: 13298 Comm: syz.0.2303 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  766.009997][T13298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  766.010006][T13298] Call Trace:
[  766.010014][T13298]  <TASK>
[  766.010021][T13298]  dump_stack_lvl+0xe8/0x150
[  766.010046][T13298]  should_fail_ex+0x46b/0x600
[  766.010077][T13298]  should_failslab+0xa8/0x100
[  766.010099][T13298]  __kmalloc_noprof+0xdf/0x7b0
[  766.010117][T13298]  ? snd_interval_refine+0x602/0xa50
[  766.010132][T13298]  ? snd_pcm_hw_refine+0x9b1/0x1710
[  766.010159][T13298]  snd_pcm_hw_refine+0x9b1/0x1710
[  766.010185][T13298]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.010213][T13298]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  766.010267][T13298]  ? __kasan_kmalloc+0x93/0xb0
[  766.010287][T13298]  ? __kmalloc_cache_noprof+0x3a6/0x690
[  766.010313][T13298]  ? _snd_pcm_hw_param_min+0x2f5/0x540
[  766.010338][T13298]  snd_pcm_hw_param_near+0xfd/0x4d0
[  766.010365][T13298]  snd_pcm_oss_change_params_locked+0x1f86/0x3e00
[  766.010412][T13298]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  766.010443][T13298]  ? lockdep_hardirqs_on+0x7a/0x110
[  766.010464][T13298]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  766.010484][T13298]  ? snd_pcm_oss_write+0x20d/0xbe0
[  766.010505][T13298]  snd_pcm_oss_write+0x282/0xbe0
[  766.010540][T13298]  vfs_writev+0x4c6/0x9a0
[  766.010565][T13298]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  766.010588][T13298]  ? __pfx_vfs_writev+0x10/0x10
[  766.010624][T13298]  ? __fget_files+0x2a/0x420
[  766.010645][T13298]  ? __fget_files+0x3a6/0x420
[  766.010659][T13298]  ? __fget_files+0x2a/0x420
[  766.010683][T13298]  do_writev+0x15a/0x2e0
[  766.010709][T13298]  ? __pfx_do_writev+0x10/0x10
[  766.010739][T13298]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.010757][T13298]  do_syscall_64+0x15f/0xf80
[  766.010776][T13298]  ? trace_irq_disable+0x3b/0x140
[  766.010796][T13298]  ? clear_bhb_loop+0x40/0x90
[  766.010818][T13298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.010836][T13298] RIP: 0033:0x7efc15cccdd9
[  766.010854][T13298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  766.010870][T13298] RSP: 002b:00007efc13f26028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  766.010889][T13298] RAX: ffffffffffffffda RBX: 00007efc15f45fa0 RCX: 00007efc15cccdd9
[  766.010902][T13298] RDX: 0000000000000002 RSI: 0000200000000180 RDI: 0000000000000003
[  766.010914][T13298] RBP: 00007efc13f26090 R08: 0000000000000000 R09: 0000000000000000
[  766.010926][T13298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  766.010937][T13298] R13: 00007efc15f46038 R14: 00007efc15f45fa0 R15: 00007ffed32a2da8
[  766.010967][T13298]  </TASK>
[  766.211107][T13301] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  766.225607][T13301] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  766.587321][T13309] overlayfs: failed to clone lowerpath
[  766.705728][T13310] overlay: Unknown parameter '/'
[  767.206624][ T5611] usb 5-1: failed to receive control message: -110
[  767.206695][ T5611] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  767.451943][T13316] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2305'.
[  767.473030][   T31] cp2112 0003:10C4:EA90.000C: invalid report_count -497071143
[  767.473052][   T31] cp2112 0003:10C4:EA90.000C: item 0 4 1 9 parsing failed
[  767.477756][   T31] cp2112 0003:10C4:EA90.000C: parse failed
[  767.477838][   T31] cp2112 0003:10C4:EA90.000C: probe with driver cp2112 failed with error -22
[  767.504477][   T31] usb 6-1: USB disconnect, device number 17
[  768.335541][T10892] usb 5-1: USB disconnect, device number 72
[  768.341240][T10892] ch341 5-1:0.0: device disconnected
[  769.690740][T13334] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2312'.
[  769.917358][T13335] can0: slcan on ttyS3.
[  770.028243][T13335] can0 (unregistered): slcan off ttyS3.
[  770.432541][T13353] FAULT_INJECTION: forcing a failure.
[  770.432541][T13353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  770.432572][T13353] CPU: 1 UID: 0 PID: 13353 Comm: syz.0.2319 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  770.432593][T13353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  770.432604][T13353] Call Trace:
[  770.432611][T13353]  <TASK>
[  770.432619][T13353]  dump_stack_lvl+0xe8/0x150
[  770.432641][T13353]  should_fail_ex+0x46b/0x600
[  770.432660][T13353]  _copy_from_user+0x2d/0xb0
[  770.432672][T13353]  ___sys_recvmsg+0x175/0x590
[  770.432689][T13353]  ? __pfx____sys_recvmsg+0x10/0x10
[  770.432705][T13353]  ? __fget_files+0x2a/0x420
[  770.432722][T13353]  ? __fget_files+0x3a6/0x420
[  770.432736][T13353]  do_recvmmsg+0x33a/0x800
[  770.432753][T13353]  ? __pfx_do_recvmmsg+0x10/0x10
[  770.432773][T13353]  ? rt_mutex_slowunlock+0x1cb/0x300
[  770.432791][T13353]  __x64_sys_recvmmsg+0x198/0x250
[  770.432806][T13353]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  770.432823][T13353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.432834][T13353]  do_syscall_64+0x15f/0xf80
[  770.432846][T13353]  ? trace_irq_disable+0x3b/0x140
[  770.432858][T13353]  ? clear_bhb_loop+0x40/0x90
[  770.432870][T13353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.432880][T13353] RIP: 0033:0x7efc15cccdd9
[  770.432896][T13353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  770.432905][T13353] RSP: 002b:00007efc13f26028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  770.432916][T13353] RAX: ffffffffffffffda RBX: 00007efc15f45fa0 RCX: 00007efc15cccdd9
[  770.432924][T13353] RDX: 0000000000000001 RSI: 0000200000001200 RDI: 0000000000000004
[  770.432930][T13353] RBP: 00007efc13f26090 R08: 0000000000000000 R09: 0000000000000000
[  770.432937][T13353] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000001
[  770.432942][T13353] R13: 00007efc15f46038 R14: 00007efc15f45fa0 R15: 00007ffed32a2da8
[  770.432959][T13353]  </TASK>
[  770.723242][T13358] overlayfs: failed to clone lowerpath
[  771.577683][T13359] overlay: Unknown parameter '/'
[  775.615627][T13371] MTD: Couldn't look up '/dev/nullb0': -13
[  775.615673][T13371] /dev/nullb0: Can't lookup blockdev
[  775.747238][ T5856] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  775.853189][T13385] loop8: detected capacity change from 0 to 7
[  775.885837][T13385] Dev loop8: unable to read RDB block 7
[  775.886764][T13385]  loop8: unable to read partition table
[  775.886982][T13385] loop8: partition table beyond EOD, truncated
[  775.887939][T13385] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  775.916494][ T5856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.916525][ T5856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  775.916560][ T5856] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  775.916581][ T5856] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.938466][ T5856] usb 5-1: config 0 descriptor??
[  776.387548][ T5856] cp2112 0003:10C4:EA90.000D: invalid report_count -497071143
[  776.387572][ T5856] cp2112 0003:10C4:EA90.000D: item 0 4 1 9 parsing failed
[  776.388345][ T5856] cp2112 0003:10C4:EA90.000D: parse failed
[  776.388478][ T5856] cp2112 0003:10C4:EA90.000D: probe with driver cp2112 failed with error -22
[  776.645043][T13401] overlay: Unknown parameter '/'
[  777.484157][ T5856] usb 5-1: USB disconnect, device number 73
[  778.833582][T13410] can0: slcan on ttyS3.
[  778.948478][T13410] can0 (unregistered): slcan off ttyS3.
[  780.273330][T13435] kAFS: No cell specified
[  780.337532][T10892] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  780.487142][T10892] usb 5-1: Using ep0 maxpacket: 16
[  780.492917][T10892] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  780.492944][T10892] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.492962][T10892] usb 5-1: Product: syz
[  780.492975][T10892] usb 5-1: Manufacturer: syz
[  780.492988][T10892] usb 5-1: SerialNumber: syz
[  780.526357][T10892] usb 5-1: config 0 descriptor??
[  780.532167][T10892] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  780.536960][T10892] usb 5-1: Detected FT-X
[  780.853683][T10892] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  781.330973][T13457] can0: slcan on ttyS3.
[  781.405022][T13461] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2351'.
[  781.429902][T10892] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  781.440331][T13461] overlayfs: failed to clone upperpath
[  781.477233][T13457] can0 (unregistered): slcan off ttyS3.
[  781.510582][T10892] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  781.522702][T10892] usb 5-1: USB disconnect, device number 74
[  781.584506][T10892] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  781.586749][T10892] ftdi_sio 5-1:0.0: device disconnected
[  781.877727][T13470] netlink: 'syz.5.2353': attribute type 4 has an invalid length.
[  781.877740][T13470] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2353'.
[  781.883923][T13470] net_ratelimit: 18 callbacks suppressed
[  781.883935][T13470] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  782.177282][T11102] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  782.630607][T11102] usb 6-1: Using ep0 maxpacket: 8
[  783.970590][T13470] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  784.377147][T10892] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  784.761533][T10892] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  784.761561][T10892] usb 1-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  784.761579][T10892] usb 1-1: Product: syz
[  784.761591][T10892] usb 1-1: Manufacturer: syz
[  784.761604][T10892] usb 1-1: SerialNumber: syz
[  785.679737][T10892] usb 1-1: config 0 descriptor??
[  785.696847][T10892] ch341 1-1:0.0: ch341-uart converter detected
[  785.853280][T11102] usb 6-1: unable to get BOS descriptor or descriptor too short
[  785.854181][T11102] usb 6-1: unable to read config index 0 descriptor/start: -71
[  785.854211][T11102] usb 6-1: can't read configurations, error -71
[  785.993034][T13490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  786.063409][T13490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  786.748091][T10892] usb 1-1: failed to receive control message: -110
[  786.748147][T10892] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  786.885626][T13528] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2372'.
[  787.319489][  T822] usb 1-1: USB disconnect, device number 58
[  787.323295][  T822] ch341 1-1:0.0: device disconnected
[  787.745130][T13536] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.2374' sets config #0
[  791.147848][T13550] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2377'.
[  791.185337][T13547] netlink: 136 bytes leftover after parsing attributes in process `syz.3.2378'.
[  791.185367][T13547] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  791.246241][T13550] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.268258][T13550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  791.361761][T13559] 9p: Bad value for 'wfdno'
[  791.927180][T13560] futex_wake_op: syz.5.2381 tries to shift op by -1; fix this program
[  797.660569][T13613] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2396'.
[  799.102651][   T36] kauditd_printk_skb: 26 callbacks suppressed
[  799.102668][   T36] audit: type=1326 audit(1778420527.975:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.104405][   T36] audit: type=1326 audit(1778420527.975:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.104451][   T36] audit: type=1326 audit(1778420527.975:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.105003][   T36] audit: type=1326 audit(1778420527.975:1710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.105307][   T36] audit: type=1326 audit(1778420527.975:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.106576][   T36] audit: type=1326 audit(1778420527.975:1711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.106622][   T36] audit: type=1326 audit(1778420527.975:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.110196][   T36] audit: type=1326 audit(1778420527.975:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.110239][   T36] audit: type=1326 audit(1778420527.985:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.110366][   T36] audit: type=1326 audit(1778420527.985:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13621 comm="syz.3.2401" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c58ccdd9 code=0x7ffc0000
[  799.419548][T13627] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2401'.
[  800.097223][ T5708] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  800.239220][T13630] batadv_slave_0: left promiscuous mode
[  800.240172][T13630] batman_adv: batadv0: Interface activated: batadv_slave_0
[  800.305547][ T5708] usb 6-1: config 3 has an invalid interface number: 214 but max is 0
[  800.305575][ T5708] usb 6-1: config 3 has no interface number 0
[  800.305618][ T5708] usb 6-1: config 3 interface 214 altsetting 6 endpoint 0xF has an invalid bInterval 88, changing to 7
[  800.305644][ T5708] usb 6-1: config 3 interface 214 altsetting 6 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  800.305670][ T5708] usb 6-1: config 3 interface 214 altsetting 6 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  800.305694][ T5708] usb 6-1: config 3 interface 214 has no altsetting 0
[  800.363934][ T5708] usb 6-1: New USB device found, idVendor=04d8, idProduct=f58b, bcdDevice=62.c2
[  800.363962][ T5708] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  800.363981][ T5708] usb 6-1: Product: syz
[  800.363994][ T5708] usb 6-1: Manufacturer: Ó¿
[  800.364007][ T5708] usb 6-1: SerialNumber: syz
[  800.841355][T11102] lo speed is unknown, defaulting to 1000
[  801.237142][ T5708] ir_toy 6-1:3.214: required endpoints not found
[  801.345305][ T5708] usb 6-1: USB disconnect, device number 20
[  801.980633][T13657] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2408'.
[  802.395594][T13670] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2413'.
[  802.405837][T13670] 9p: Bad value for 'rfdno'
[  805.197347][  T822] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[  805.440657][  T822] usb 6-1: config index 0 descriptor too short (expected 5668, got 36)
[  805.440684][  T822] usb 6-1: config 3 has too many interfaces: 84, using maximum allowed: 32
[  805.440711][  T822] usb 6-1: config 3 has 1 interface, different from the descriptor's value: 84
[  805.440730][  T822] usb 6-1: config 3 has no interface number 0
[  805.440775][  T822] usb 6-1: config 3 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  805.440890][  T822] usb 6-1: config 3 interface 20 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  805.509085][  T822] usb 6-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  805.509113][  T822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.509130][  T822] usb 6-1: Product: syz
[  805.509143][  T822] usb 6-1: Manufacturer: syz
[  805.509157][  T822] usb 6-1: SerialNumber: syz
[  805.523740][T13683] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  805.684656][ T5845] libceph: connect (1)[c::]:6789 error -22
[  805.684842][ T5845] libceph: mon0 (1)[c::]:6789 connect error
[  805.730005][T13693] ceph: No mds server is up or the cluster is laggy
[  805.871679][  T822] usb-storage 6-1:3.20: USB Mass Storage device detected
[  805.983775][  T822] usb-storage 6-1:3.20: Quirks match for vid 04e6 pid 000b: 4
[  806.000854][  T822] scsi host1: usb-storage 6-1:3.20
[  806.045492][  T822] usb 6-1: USB disconnect, device number 21
[  806.506428][T13707] FAULT_INJECTION: forcing a failure.
[  806.506428][T13707] name failslab, interval 1, probability 0, space 0, times 0
[  806.506450][T13707] CPU: 1 UID: 0 PID: 13707 Comm: syz.0.2422 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  806.506461][T13707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  806.506468][T13707] Call Trace:
[  806.506472][T13707]  <TASK>
[  806.506477][T13707]  dump_stack_lvl+0xe8/0x150
[  806.506494][T13707]  should_fail_ex+0x46b/0x600
[  806.506514][T13707]  should_failslab+0xa8/0x100
[  806.506528][T13707]  __kmalloc_noprof+0xdf/0x7b0
[  806.506539][T13707]  ? do_raw_spin_lock+0x12b/0x2f0
[  806.506550][T13707]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  806.506570][T13707]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  806.506589][T13707]  genl_start+0x180/0x6c0
[  806.506611][T13707]  __netlink_dump_start+0x469/0x7e0
[  806.506628][T13707]  genl_family_rcv_msg_dumpit+0x213/0x310
[  806.506644][T13707]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  806.506658][T13707]  ? genl_get_cmd+0x6cb/0x960
[  806.506674][T13707]  ? rcu_is_watching+0x15/0xb0
[  806.506688][T13707]  ? __pfx_genl_start+0x10/0x10
[  806.506701][T13707]  ? __pfx_genl_dumpit+0x10/0x10
[  806.506714][T13707]  ? __pfx_genl_done+0x10/0x10
[  806.506730][T13707]  ? bpf_lsm_capable+0x9/0x20
[  806.506742][T13707]  ? security_capable+0x7e/0x2c0
[  806.506761][T13707]  genl_rcv_msg+0x5e8/0x7a0
[  806.506778][T13707]  ? __pfx_genl_rcv_msg+0x10/0x10
[  806.506792][T13707]  ? __pfx_nl802154_dump_llsec_key+0x10/0x10
[  806.506813][T13707]  netlink_rcv_skb+0x232/0x4b0
[  806.506825][T13707]  ? __pfx_genl_rcv_msg+0x10/0x10
[  806.506840][T13707]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  806.506859][T13707]  ? netlink_deliver_tap+0x2e/0x1b0
[  806.506870][T13707]  ? netlink_deliver_tap+0x2e/0x1b0
[  806.506884][T13707]  genl_rcv+0x28/0x40
[  806.506897][T13707]  netlink_unicast+0x780/0x920
[  806.506913][T13707]  netlink_sendmsg+0x813/0xb40
[  806.506930][T13707]  ? __pfx_netlink_sendmsg+0x10/0x10
[  806.506943][T13707]  ? unwind_get_return_address+0x4d/0x90
[  806.506959][T13707]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  806.506971][T13707]  ____sys_sendmsg+0x94c/0x9c0
[  806.506988][T13707]  ? __pfx_____sys_sendmsg+0x10/0x10
[  806.507014][T13707]  ? import_iovec+0x73/0xa0
[  806.507036][T13707]  ___sys_sendmsg+0x2a5/0x360
[  806.507055][T13707]  ? __lock_acquire+0x6b5/0x2cf0
[  806.507079][T13707]  ? __pfx____sys_sendmsg+0x10/0x10
[  806.507112][T13707]  ? __fget_files+0x2a/0x420
[  806.507121][T13707]  ? __fget_files+0x3a6/0x420
[  806.507136][T13707]  __x64_sys_sendmsg+0x1c3/0x2a0
[  806.507150][T13707]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  806.507168][T13707]  ? __pfx_ksys_write+0x10/0x10
[  806.507185][T13707]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.507196][T13707]  do_syscall_64+0x15f/0xf80
[  806.507208][T13707]  ? trace_irq_disable+0x3b/0x140
[  806.507220][T13707]  ? clear_bhb_loop+0x40/0x90
[  806.507233][T13707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.507243][T13707] RIP: 0033:0x7efc15cccdd9
[  806.507254][T13707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  806.507263][T13707] RSP: 002b:00007efc13f05028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  806.507274][T13707] RAX: ffffffffffffffda RBX: 00007efc15f46090 RCX: 00007efc15cccdd9
[  806.507282][T13707] RDX: 0000000000004000 RSI: 00002000000001c0 RDI: 0000000000000007
[  806.507288][T13707] RBP: 00007efc13f05090 R08: 0000000000000000 R09: 0000000000000000
[  806.507294][T13707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  806.507300][T13707] R13: 00007efc15f46128 R14: 00007efc15f46090 R15: 00007ffed32a2da8
[  806.507316][T13707]  </TASK>
[  806.609044][T13707] ceph: No mds server is up or the cluster is laggy
[  806.617664][ T5845] libceph: connect (1)[c::]:6789 error -101
[  806.617792][ T5845] libceph: mon0 (1)[c::]:6789 connect error
[  806.901085][T10892] libceph: connect (1)[c::]:6789 error -101
[  806.907685][T10892] libceph: mon0 (1)[c::]:6789 connect error
[  808.192088][T13717] FAULT_INJECTION: forcing a failure.
[  808.192088][T13717] name failslab, interval 1, probability 0, space 0, times 0
[  808.192110][T13717] CPU: 1 UID: 0 PID: 13717 Comm: syz.5.2425 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  808.192122][T13717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  808.192128][T13717] Call Trace:
[  808.192133][T13717]  <TASK>
[  808.192137][T13717]  dump_stack_lvl+0xe8/0x150
[  808.192172][T13717]  should_fail_ex+0x46b/0x600
[  808.192192][T13717]  should_failslab+0xa8/0x100
[  808.192206][T13717]  kmem_cache_alloc_noprof+0x87/0x680
[  808.192217][T13717]  ? __netlink_lookup+0xc6/0x8b0
[  808.192230][T13717]  ? skb_clone+0x212/0x3a0
[  808.192246][T13717]  skb_clone+0x212/0x3a0
[  808.192260][T13717]  __netlink_deliver_tap+0x404/0x850
[  808.192278][T13717]  ? netlink_deliver_tap+0x2e/0x1b0
[  808.192290][T13717]  netlink_deliver_tap+0x19c/0x1b0
[  808.192302][T13717]  netlink_unicast+0x754/0x920
[  808.192319][T13717]  netlink_sendmsg+0x813/0xb40
[  808.192335][T13717]  ? __pfx_netlink_sendmsg+0x10/0x10
[  808.192348][T13717]  ? unwind_get_return_address+0x4d/0x90
[  808.192369][T13717]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  808.192385][T13717]  ____sys_sendmsg+0x94c/0x9c0
[  808.192401][T13717]  ? __pfx_____sys_sendmsg+0x10/0x10
[  808.192418][T13717]  ? import_iovec+0x73/0xa0
[  808.192432][T13717]  ___sys_sendmsg+0x2a5/0x360
[  808.192444][T13717]  ? __lock_acquire+0x6b5/0x2cf0
[  808.192460][T13717]  ? __pfx____sys_sendmsg+0x10/0x10
[  808.192490][T13717]  ? __fget_files+0x2a/0x420
[  808.192499][T13717]  ? __fget_files+0x3a6/0x420
[  808.192513][T13717]  __x64_sys_sendmsg+0x1c3/0x2a0
[  808.192527][T13717]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  808.192545][T13717]  ? __pfx_ksys_write+0x10/0x10
[  808.192560][T13717]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.192571][T13717]  do_syscall_64+0x15f/0xf80
[  808.192584][T13717]  ? trace_irq_disable+0x3b/0x140
[  808.192596][T13717]  ? clear_bhb_loop+0x40/0x90
[  808.192608][T13717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.192618][T13717] RIP: 0033:0x7fa57678cdd9
[  808.192628][T13717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  808.192637][T13717] RSP: 002b:00007fa5749de028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  808.192649][T13717] RAX: ffffffffffffffda RBX: 00007fa576a05fa0 RCX: 00007fa57678cdd9
[  808.192656][T13717] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000003
[  808.192663][T13717] RBP: 00007fa5749de090 R08: 0000000000000000 R09: 0000000000000000
[  808.192669][T13717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  808.192674][T13717] R13: 00007fa576a06038 R14: 00007fa576a05fa0 R15: 00007ffd3b343398
[  808.192690][T13717]  </TASK>
[  808.192708][T13717] netlink: 'syz.5.2425': attribute type 6 has an invalid length.
[  808.597253][   T59] Bluetooth: hci5: command 0x0406 tx timeout
[  808.669308][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  808.669380][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  809.417132][T13730] futex_wake_op: syz.5.2430 tries to shift op by -1; fix this program
[  810.747310][T13738] fuse: Bad value for 'fd'
[  810.748923][T13738] overlay: Unknown parameter 'mask'
[  811.102249][T13745] netlink: 'syz.3.2436': attribute type 32 has an invalid length.
[  811.102269][T13745] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2436'.
[  811.296275][T13750] FAULT_INJECTION: forcing a failure.
[  811.296275][T13750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  811.296306][T13750] CPU: 1 UID: 0 PID: 13750 Comm: syz.1.2437 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  811.296326][T13750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  811.296337][T13750] Call Trace:
[  811.296345][T13750]  <TASK>
[  811.296353][T13750]  dump_stack_lvl+0xe8/0x150
[  811.296380][T13750]  should_fail_ex+0x46b/0x600
[  811.296411][T13750]  _copy_to_user+0x31/0xb0
[  811.296434][T13750]  simple_read_from_buffer+0xe1/0x170
[  811.296466][T13750]  proc_fail_nth_read+0x1be/0x230
[  811.296500][T13750]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  811.296529][T13750]  ? rw_verify_area+0x2ac/0x4e0
[  811.296550][T13750]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  811.296577][T13750]  vfs_read+0x212/0xa80
[  811.296606][T13750]  ? __pfx_vfs_read+0x10/0x10
[  811.296628][T13750]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  811.296652][T13750]  ? lockdep_hardirqs_on+0x7a/0x110
[  811.296674][T13750]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  811.296696][T13750]  ? mutex_lock_nested+0x152/0x1d0
[  811.296720][T13750]  ? fdget_pos+0x252/0x320
[  811.296747][T13750]  ksys_read+0x156/0x270
[  811.296770][T13750]  ? __pfx_ksys_read+0x10/0x10
[  811.296799][T13750]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.296819][T13750]  do_syscall_64+0x15f/0xf80
[  811.296839][T13750]  ? trace_irq_disable+0x3b/0x140
[  811.296860][T13750]  ? clear_bhb_loop+0x40/0x90
[  811.296882][T13750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.296900][T13750] RIP: 0033:0x7fc3de75d60e
[  811.296918][T13750] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  811.296934][T13750] RSP: 002b:00007fc3dc9edfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  811.296954][T13750] RAX: ffffffffffffffda RBX: 00007fc3dc9ee6c0 RCX: 00007fc3de75d60e
[  811.296968][T13750] RDX: 000000000000000f RSI: 00007fc3dc9ee0a0 RDI: 0000000000000003
[  811.296980][T13750] RBP: 00007fc3dc9ee090 R08: 0000000000000000 R09: 0000000000000000
[  811.296992][T13750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  811.297003][T13750] R13: 00007fc3dea16038 R14: 00007fc3dea15fa0 R15: 00007ffda608f998
[  811.297029][T13750]  </TASK>
[  811.437179][T13745] bond1: Setting coupled_control to off (0)
[  811.674534][T13756] netlink: 'syz.3.2440': attribute type 58 has an invalid length.
[  811.674549][T13756] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2440'.
[  812.507156][T13763] futex_wake_op: syz.1.2441 tries to shift op by -1; fix this program
[  816.718386][T13790] netlink: 'syz.0.2450': attribute type 83 has an invalid length.
[  816.863600][T13792] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  819.259483][T13801] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2453'.
[  819.716656][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  819.770452][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  819.782981][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  819.785975][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  819.790847][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  820.218170][T13818] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2458'.
[  820.527813][   T10] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  820.553798][T13818] vlan2: entered promiscuous mode
[  820.681573][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  820.681606][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  820.681641][   T10] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  820.681661][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.775487][   T10] usb 1-1: config 0 descriptor??
[  820.861271][ T5600] Bluetooth: hci5: unexpected subevent 0x10 length: 11 > 2
[  821.228572][   T10] cp2112 0003:10C4:EA90.000E: unknown main item tag 0x0
[  821.282350][   T10] cp2112 0003:10C4:EA90.000E: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  821.402606][   T10] cp2112 0003:10C4:EA90.000E: Part Number: 0xB7 Device Version: 0xC7
[  821.631779][   T10] cp2112 0003:10C4:EA90.000E: error requesting SMBus config
[  821.655074][   T10] cp2112 0003:10C4:EA90.000E: probe with driver cp2112 failed with error -71
[  821.684107][T11257] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  821.699422][   T10] usb 1-1: USB disconnect, device number 59
[  821.860464][T13848] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.2465'.
[  821.877349][ T5600] Bluetooth: hci1: command tx timeout
[  822.065318][T13834] lo speed is unknown, defaulting to 1000
[  822.495328][T11257] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  823.849386][T13834] xfrm0 speed is unknown, defaulting to 1000
[  823.857532][T13809] lo speed is unknown, defaulting to 1000
[  823.956593][ T5600] Bluetooth: hci1: command tx timeout
[  824.043278][T13809] xfrm0 speed is unknown, defaulting to 1000
[  824.327941][ T5611] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  824.346886][T11257] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.386435][T13882] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2474'.
[  824.504661][ T5611] usb 6-1: Using ep0 maxpacket: 32
[  824.531226][ T5611] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  824.531269][ T5611] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  824.531293][ T5611] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[  824.535857][ T5611] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  824.535883][ T5611] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  824.535902][ T5611] usb 6-1: Product: syz
[  824.535916][ T5611] usb 6-1: Manufacturer: syz
[  824.535930][ T5611] usb 6-1: SerialNumber: syz
[  824.868422][ T5611] cdc_ncm 6-1:1.0: bind() failure
[  824.902634][ T5611] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  824.902672][ T5611] cdc_ncm 6-1:1.1: bind() failure
[  824.935406][ T5611] usb 6-1: USB disconnect, device number 22
[  825.161792][T11257] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.687155][  T822] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  825.818761][T13899] FAULT_INJECTION: forcing a failure.
[  825.818761][T13899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  825.818793][T13899] CPU: 0 UID: 0 PID: 13899 Comm: syz.5.2481 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  825.818814][T13899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  825.818825][T13899] Call Trace:
[  825.818833][T13899]  <TASK>
[  825.818841][T13899]  dump_stack_lvl+0xe8/0x150
[  825.818868][T13899]  should_fail_ex+0x46b/0x600
[  825.818901][T13899]  _copy_from_user+0x2d/0xb0
[  825.818923][T13899]  __sys_bind+0x1cc/0x410
[  825.818945][T13899]  ? __pfx___sys_bind+0x10/0x10
[  825.818976][T13899]  ? __pfx_ksys_write+0x10/0x10
[  825.819001][T13899]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.819022][T13899]  __x64_sys_bind+0x7a/0x90
[  825.819041][T13899]  do_syscall_64+0x15f/0xf80
[  825.819063][T13899]  ? trace_irq_disable+0x3b/0x140
[  825.819084][T13899]  ? clear_bhb_loop+0x40/0x90
[  825.819106][T13899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.819124][T13899] RIP: 0033:0x7fa57678cdd9
[  825.819141][T13899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  825.819157][T13899] RSP: 002b:00007fa5749de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  825.819177][T13899] RAX: ffffffffffffffda RBX: 00007fa576a05fa0 RCX: 00007fa57678cdd9
[  825.819190][T13899] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 0000000000000003
[  825.819202][T13899] RBP: 00007fa5749de090 R08: 0000000000000000 R09: 0000000000000000
[  825.819213][T13899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  825.819224][T13899] R13: 00007fa576a06038 R14: 00007fa576a05fa0 R15: 00007ffd3b343398
[  825.819255][T13899]  </TASK>
[  825.889656][  T822] usb 1-1: config 3 has an invalid interface number: 214 but max is 0
[  825.889682][  T822] usb 1-1: config 3 has no interface number 0
[  825.889727][  T822] usb 1-1: config 3 interface 214 altsetting 6 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  825.889752][  T822] usb 1-1: config 3 interface 214 altsetting 6 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  825.889777][  T822] usb 1-1: config 3 interface 214 has no altsetting 0
[  825.937776][  T822] usb 1-1: New USB device found, idVendor=04d8, idProduct=f58b, bcdDevice=62.c2
[  825.937803][  T822] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.937822][  T822] usb 1-1: Product: syz
[  825.937835][  T822] usb 1-1: Manufacturer: syz
[  825.937848][  T822] usb 1-1: SerialNumber: syz
[  826.027224][ T5600] Bluetooth: hci1: command tx timeout
[  826.285102][T13904] FAULT_INJECTION: forcing a failure.
[  826.285102][T13904] name failslab, interval 1, probability 0, space 0, times 0
[  826.285133][T13904] CPU: 1 UID: 0 PID: 13904 Comm: syz.1.2482 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  826.285153][T13904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  826.285164][T13904] Call Trace:
[  826.285171][T13904]  <TASK>
[  826.285179][T13904]  dump_stack_lvl+0xe8/0x150
[  826.285206][T13904]  should_fail_ex+0x46b/0x600
[  826.285238][T13904]  should_failslab+0xa8/0x100
[  826.285261][T13904]  __kmalloc_noprof+0xdf/0x7b0
[  826.285279][T13904]  ? tomoyo_encode+0x28b/0x550
[  826.285307][T13904]  tomoyo_encode+0x28b/0x550
[  826.285335][T13904]  tomoyo_mount_permission+0x3a2/0x9d0
[  826.285362][T13904]  ? stack_depot_save_flags+0x33/0x810
[  826.285379][T13904]  ? tomoyo_mount_permission+0x2b3/0x9d0
[  826.285403][T13904]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  826.285475][T13904]  security_sb_mount+0xe4/0x320
[  826.285498][T13904]  path_mount+0xbc/0x10e0
[  826.285521][T13904]  ? user_path_at+0xd4/0x160
[  826.285544][T13904]  ? user_path_at+0xd4/0x160
[  826.285564][T13904]  __se_sys_mount+0x31d/0x420
[  826.285594][T13904]  ? __pfx___se_sys_mount+0x10/0x10
[  826.285623][T13904]  ? __x64_sys_mount+0x20/0xc0
[  826.285644][T13904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.285672][T13904]  do_syscall_64+0x15f/0xf80
[  826.285693][T13904]  ? trace_irq_disable+0x3b/0x140
[  826.285713][T13904]  ? clear_bhb_loop+0x40/0x90
[  826.285736][T13904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.285754][T13904] RIP: 0033:0x7fc3de79cdd9
[  826.285772][T13904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  826.285788][T13904] RSP: 002b:00007fc3dc9ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  826.285805][T13904] RAX: ffffffffffffffda RBX: 00007fc3dea15fa0 RCX: 00007fc3de79cdd9
[  826.285815][T13904] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 00002000000001c0
[  826.285823][T13904] RBP: 00007fc3dc9ee090 R08: 0000000000000000 R09: 0000000000000000
[  826.285830][T13904] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000001
[  826.285836][T13904] R13: 00007fc3dea16038 R14: 00007fc3dea15fa0 R15: 00007ffda608f998
[  826.285855][T13904]  </TASK>
[  826.527790][  T822] ir_toy 1-1:3.214: required endpoints not found
[  826.535362][  T822] usb 1-1: USB disconnect, device number 60
[  826.597607][T13908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2484'.
[  826.647169][ T5708] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  826.712769][T13908] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2484'.
[  826.713388][T13908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2484'.
[  826.809944][ T5708] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  826.809976][ T5708] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  826.810011][ T5708] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  826.810032][ T5708] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  826.820095][ T5708] usb 6-1: config 0 descriptor??
[  827.217517][T11257] bridge_slave_1: left allmulticast mode
[  827.217552][T11257] bridge_slave_1: left promiscuous mode
[  827.217797][T11257] bridge0: port 2(bridge_slave_1) entered disabled state
[  827.305157][ T5708] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x4
[  827.340855][ T5708] cp2112 0003:10C4:EA90.000F: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.5-1/input0
[  827.364406][T11257] bridge_slave_0: left allmulticast mode
[  827.364439][T11257] bridge_slave_0: left promiscuous mode
[  827.364711][T11257] bridge0: port 1(bridge_slave_0) entered disabled state
[  827.526472][ T5708] cp2112 0003:10C4:EA90.000F: error requesting version
[  827.586057][ T5708] cp2112 0003:10C4:EA90.000F: probe with driver cp2112 failed with error -71
[  827.623284][ T5708] usb 6-1: USB disconnect, device number 23
[  827.868289][T13946] FAULT_INJECTION: forcing a failure.
[  827.868289][T13946] name failslab, interval 1, probability 0, space 0, times 0
[  827.868321][T13946] CPU: 1 UID: 0 PID: 13946 Comm: syz.1.2492 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  827.868342][T13946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  827.868353][T13946] Call Trace:
[  827.868361][T13946]  <TASK>
[  827.868369][T13946]  dump_stack_lvl+0xe8/0x150
[  827.868393][T13946]  should_fail_ex+0x46b/0x600
[  827.868424][T13946]  should_failslab+0xa8/0x100
[  827.868445][T13946]  kmem_cache_alloc_noprof+0x87/0x680
[  827.868464][T13946]  ? dup_fd+0x55/0xb70
[  827.868498][T13946]  dup_fd+0x55/0xb70
[  827.868522][T13946]  ? __kmalloc_noprof+0x408/0x7b0
[  827.868547][T13946]  copy_files+0xc8/0x120
[  827.868568][T13946]  copy_process+0x1d9c/0x4450
[  827.868600][T13946]  ? copy_process+0xd87/0x4450
[  827.868627][T13946]  ? __pfx_copy_process+0x10/0x10
[  827.868657][T13946]  kernel_clone+0x283/0x870
[  827.868679][T13946]  ? __pfx_kernel_clone+0x10/0x10
[  827.868714][T13946]  __x64_sys_clone+0x1b6/0x230
[  827.868740][T13946]  ? __pfx___x64_sys_clone+0x10/0x10
[  827.868773][T13946]  ? __pfx_ksys_write+0x10/0x10
[  827.868800][T13946]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.868818][T13946]  do_syscall_64+0x15f/0xf80
[  827.868838][T13946]  ? trace_irq_disable+0x3b/0x140
[  827.868858][T13946]  ? clear_bhb_loop+0x40/0x90
[  827.868878][T13946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.868896][T13946] RIP: 0033:0x7fc3de79cdd9
[  827.868913][T13946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  827.868928][T13946] RSP: 002b:00007fc3dc9edfd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  827.868947][T13946] RAX: ffffffffffffffda RBX: 00007fc3dea15fa0 RCX: 00007fc3de79cdd9
[  827.868960][T13946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000100011
[  827.868972][T13946] RBP: 00007fc3dc9ee090 R08: 0000000000000000 R09: 0000000000000000
[  827.868983][T13946] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  827.868994][T13946] R13: 00007fc3dea16038 R14: 00007fc3dea15fa0 R15: 00007ffda608f998
[  827.869023][T13946]  </TASK>
[  828.111085][ T5600] Bluetooth: hci1: command tx timeout
[  828.535915][T13956] FAULT_INJECTION: forcing a failure.
[  828.535915][T13956] name failslab, interval 1, probability 0, space 0, times 0
[  828.535948][T13956] CPU: 0 UID: 0 PID: 13956 Comm: syz.0.2495 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  828.535970][T13956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  828.535981][T13956] Call Trace:
[  828.535988][T13956]  <TASK>
[  828.535996][T13956]  dump_stack_lvl+0xe8/0x150
[  828.536023][T13956]  should_fail_ex+0x46b/0x600
[  828.536056][T13956]  should_failslab+0xa8/0x100
[  828.536080][T13956]  __kmalloc_noprof+0xdf/0x7b0
[  828.536100][T13956]  ? percpu_ref_get_many+0x21/0x1e0
[  828.536120][T13956]  ? io_cache_alloc_new+0x40/0x100
[  828.536147][T13956]  io_cache_alloc_new+0x40/0x100
[  828.536169][T13956]  __io_prep_rw+0x2bd/0xed0
[  828.536200][T13956]  ? __pfx___io_prep_rw+0x10/0x10
[  828.536223][T13956]  ? __pfx___io_alloc_req_refill+0x10/0x10
[  828.536255][T13956]  io_prep_read+0x33/0x110
[  828.536275][T13956]  ? blk_start_plug_nr_ios+0x7e/0x1c0
[  828.536303][T13956]  io_submit_sqes+0xb8d/0x2240
[  828.536354][T13956]  __se_sys_io_uring_enter+0x34a/0x1c40
[  828.536384][T13956]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  828.536410][T13956]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  828.536434][T13956]  ? fput+0xa0/0xd0
[  828.536462][T13956]  ? ksys_write+0x248/0x270
[  828.536493][T13956]  ? __pfx_ksys_write+0x10/0x10
[  828.536519][T13956]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  828.536542][T13956]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.536563][T13956]  do_syscall_64+0x15f/0xf80
[  828.536586][T13956]  ? clear_bhb_loop+0x40/0x90
[  828.536612][T13956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.536631][T13956] RIP: 0033:0x7efc15cccdd9
[  828.536649][T13956] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  828.536665][T13956] RSP: 002b:00007efc13ee4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  828.536685][T13956] RAX: ffffffffffffffda RBX: 00007efc15f46180 RCX: 00007efc15cccdd9
[  828.536699][T13956] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000
[  828.536711][T13956] RBP: 00007efc13ee4090 R08: 0000000000000000 R09: 0000000000000000
[  828.536723][T13956] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001
[  828.536735][T13956] R13: 00007efc15f46218 R14: 00007efc15f46180 R15: 00007ffed32a2da8
[  828.536766][T13956]  </TASK>
[  829.474717][   T36] kauditd_printk_skb: 59 callbacks suppressed
[  829.474733][   T36] audit: type=1326 audit(1778420558.345:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13959 comm="syz.3.2498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9c58ccdd9 code=0x0
[  829.647289][T13965] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2497'.
[  830.497173][   T31] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  830.658639][   T31] usb 1-1: Using ep0 maxpacket: 32
[  830.662204][   T31] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  830.662229][   T31] usb 1-1: config 0 has no interface number 0
[  830.664794][   T31] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  830.664819][   T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  830.664838][   T31] usb 1-1: Product: syz
[  830.664851][   T31] usb 1-1: Manufacturer: syz
[  830.664865][   T31] usb 1-1: SerialNumber: syz
[  830.718664][T11257] bond0 (unregistering): (slave bond1): Releasing backup interface
[  830.721798][   T31] usb 1-1: config 0 descriptor??
[  830.743396][   T31] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  830.769368][T11257] bond0 (unregistering): Released all slaves
[  830.801221][T11257] bond1 (unregistering): Released all slaves
[  830.981499][ T5257] 8021q: adding VLAN 0 to HW filter on device eth5
[  831.137341][T13809] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.137449][T13809] bridge0: port 1(bridge_slave_0) entered disabled state
[  831.137670][T13809] bridge_slave_0: entered allmulticast mode
[  831.175626][T13809] bridge_slave_0: entered promiscuous mode
[  831.179383][   T31] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  831.212043][T13809] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.212156][T13809] bridge0: port 2(bridge_slave_1) entered disabled state
[  831.230820][T13809] bridge_slave_1: entered allmulticast mode
[  831.251503][T13809] bridge_slave_1: entered promiscuous mode
[  831.315503][   T31] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  834.699084][    C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[  834.752317][T11102] usb 1-1: USB disconnect, device number 61
[  836.099197][T11102] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  836.942350][T11102] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  836.962815][T11102] quatech2 1-1:0.51: device disconnected
[  836.976216][T13809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  837.052581][T13809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  837.451971][T13809] team0: Port device team_slave_0 added
[  837.490903][T13809] team0: Port device team_slave_1 added
[  837.727541][T14054] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2523'.
[  837.727728][T14054] netlink: 39 bytes leftover after parsing attributes in process `syz.5.2523'.
[  837.862379][T13809] batman_adv: batadv0: Adding interface: batadv_slave_0
[  837.862390][T13809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  837.862403][T13809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  837.939700][T13809] batman_adv: batadv0: Adding interface: batadv_slave_1
[  837.939715][T13809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  837.939731][T13809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  838.468727][ T5257] 8021q: adding VLAN 0 to HW filter on device eth6
[  839.305468][T14047] futex_wake_op: syz.0.2522 tries to shift op by -1; fix this program
[  839.406327][T14047] netlink: 260 bytes leftover after parsing attributes in process `syz.0.2522'.
[  839.406367][T14047] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2522'.
[  840.368024][T11257] hsr_slave_0: left promiscuous mode
[  840.410165][T11257] hsr_slave_1: left promiscuous mode
[  840.410875][T11257] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  840.410893][T11257] batman_adv: batadv0: Removing interface: batadv_slave_0
[  840.451625][T11257] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  840.451651][T11257] batman_adv: batadv0: Removing interface: batadv_slave_1
[  840.475116][T14079] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2530'.
[  841.063304][T11257] veth1_macvtap: left promiscuous mode
[  841.063405][T11257] veth0_macvtap: left promiscuous mode
[  841.063568][T11257] veth1_vlan: left promiscuous mode
[  841.066976][T11257] veth0_vlan: left promiscuous mode
[  841.153445][T14087] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2534'.
[  841.153470][T14087] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2534'.
[  841.153485][T14087] netlink: 'syz.3.2534': attribute type 2 has an invalid length.
[  841.287377][T14092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2534'.
[  841.288960][T14092] /dev/nullb0: Can't lookup blockdev
[  842.783024][T14110] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2540'.
[  842.838472][T11257] team0 (unregistering): Port device macvlan1 removed
[  843.489113][T11257] team0 (unregistering): Port device team_slave_1 removed
[  843.578092][T11257] team0 (unregistering): Port device team_slave_0 removed
[  844.499925][T14117] input: syz1 as /devices/virtual/input/input16
[  845.101801][T13809] hsr_slave_0: entered promiscuous mode
[  845.107693][T13809] hsr_slave_1: entered promiscuous mode
[  845.727260][   T31] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  845.887577][   T31] usb 6-1: Using ep0 maxpacket: 16
[  845.889437][   T31] usb 6-1: config 0 interface 0 has no altsetting 0
[  845.890579][   T31] usb 6-1: config 0 interface 0 has no altsetting 0
[  845.891730][   T31] usb 6-1: config 0 interface 0 has no altsetting 0
[  845.894059][   T31] usb 6-1: New USB device found, idVendor=046d, idProduct=08b5, bcdDevice=d7.01
[  845.894083][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  845.894102][   T31] usb 6-1: Product: syz
[  845.894115][   T31] usb 6-1: Manufacturer: syz
[  845.894129][   T31] usb 6-1: SerialNumber: syz
[  845.914619][   T31] usb 6-1: config 0 descriptor??
[  845.944108][   T31] pwc: Logitech QuickCam Orbit/Sphere USB webcam detected.
[  846.125521][T14125] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2543'.
[  846.158551][   T31] pwc: Warning: more than 1 configuration available.
[  846.158946][   T31] pwc: Failed to set LED on/off time (-71)
[  846.161766][   T31] pwc: send_video_command error -71
[  846.161775][   T31] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  846.161843][   T31] Philips webcam 6-1:0.0: probe with driver Philips webcam failed with error -71
[  846.546962][   T31] usb 6-1: USB disconnect, device number 24
[  848.665050][T14161] comedi comedi0: pcl724: I/O base address or length out of range
[  851.124767][T14180] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2561'.
[  852.773827][T11257] IPVS: stop unused estimator thread 0...
[  853.162429][T14211] FAULT_INJECTION: forcing a failure.
[  853.162429][T14211] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  853.162485][T14211] CPU: 1 UID: 0 PID: 14211 Comm: syz.5.2570 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  853.162507][T14211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  853.162518][T14211] Call Trace:
[  853.162526][T14211]  <TASK>
[  853.162535][T14211]  dump_stack_lvl+0xe8/0x150
[  853.162562][T14211]  should_fail_ex+0x46b/0x600
[  853.162594][T14211]  prepare_alloc_pages+0x22a/0x6b0
[  853.162626][T14211]  __alloc_frozen_pages_noprof+0x12f/0x380
[  853.162652][T14211]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  853.162679][T14211]  ? __pfx_policy_nodemask+0x10/0x10
[  853.162705][T14211]  ? lockdep_hardirqs_on+0x7a/0x110
[  853.162727][T14211]  ? irqentry_exit+0x218/0x760
[  853.162752][T14211]  alloc_pages_mpol+0xd1/0x380
[  853.162778][T14211]  alloc_pages_noprof+0xd2/0x2f0
[  853.162803][T14211]  __pmd_alloc+0x3a/0x5e0
[  853.162828][T14211]  handle_mm_fault+0xe91/0x13c0
[  853.162848][T14211]  ? mt_find+0x186/0x630
[  853.162875][T14211]  ? handle_mm_fault+0xe7/0x13c0
[  853.162895][T14211]  ? irqentry_exit+0x218/0x760
[  853.162917][T14211]  ? __pfx_handle_mm_fault+0x10/0x10
[  853.162936][T14211]  ? irqentry_exit+0x218/0x760
[  853.162956][T14211]  ? rcu_is_watching+0x15/0xb0
[  853.163011][T14211]  __get_user_pages+0x168f/0x2570
[  853.163062][T14211]  get_user_pages_remote+0x2f6/0xab0
[  853.163091][T14211]  ? __pfx_get_user_pages_remote+0x10/0x10
[  853.163108][T14211]  ? create_init_stack_vma+0x7c8/0x9b0
[  853.163138][T14211]  ? mmap_read_lock_maybe_expand+0xc6/0x3a0
[  853.163165][T14211]  copy_string_kernel+0x2f9/0x5f0
[  853.163197][T14211]  ? __pfx_copy_string_kernel+0x10/0x10
[  853.163221][T14211]  ? count+0x1cb/0x230
[  853.163243][T14211]  do_execveat_common+0x38b/0x690
[  853.163271][T14211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.163291][T14211]  __x64_sys_execve+0x97/0xc0
[  853.163313][T14211]  do_syscall_64+0x15f/0xf80
[  853.163336][T14211]  ? clear_bhb_loop+0x40/0x90
[  853.163359][T14211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.163377][T14211] RIP: 0033:0x7fa57678cdd9
[  853.163396][T14211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  853.163411][T14211] RSP: 002b:00007fa57499c028 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  853.163431][T14211] RAX: ffffffffffffffda RBX: 00007fa576a06180 RCX: 00007fa57678cdd9
[  853.163444][T14211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  853.163457][T14211] RBP: 00007fa57499c090 R08: 0000000000000000 R09: 0000000000000000
[  853.163469][T14211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  853.163480][T14211] R13: 00007fa576a06218 R14: 00007fa576a06180 R15: 00007ffd3b343398
[  853.163511][T14211]  </TASK>
[  854.064330][T14212] ptrace attach of "ci-upstream-kasan-gce-smack-root/syz-executor exec"[5594] was attempted by "ci-upstream-kasan-gce-smack-root/syz-executor exec"[14212]
[  854.236049][T13809] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  854.381040][T13809] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  854.386007][T13809] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  854.499333][T13809] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  854.516549][T13809] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  854.620293][T13809] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  854.631917][T13809] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  854.906776][T13809] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  854.923358][ T5257] 8021q: adding VLAN 0 to HW filter on device eth7
[  855.884949][T13809] 8021q: adding VLAN 0 to HW filter on device bond0
[  856.290234][T14237] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  856.292467][ T5845] team_slave_0: entered promiscuous mode
[  856.292509][ T5845] team_slave_1: entered promiscuous mode
[  856.606125][T13809] 8021q: adding VLAN 0 to HW filter on device team0
[  857.916954][T11275] bridge0: port 1(bridge_slave_0) entered blocking state
[  857.917119][T11275] bridge0: port 1(bridge_slave_0) entered forwarding state
[  858.010424][T11269] bridge0: port 2(bridge_slave_1) entered blocking state
[  858.010592][T11269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  858.303917][T14276] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2585'.
[  858.342505][T14277] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2586'.
[  858.775720][ T5257] 8021q: adding VLAN 0 to HW filter on device eth8
[  864.858338][T14332] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  865.007518][T13809] 8021q: adding VLAN 0 to HW filter on device batadv0
[  865.009987][T14330] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2600'.
[  865.442151][T14338] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2596'.
[  866.069601][T14340] overlay: Bad value for 'workdir'
[  866.623379][T14350] FAULT_INJECTION: forcing a failure.
[  866.623379][T14350] name failslab, interval 1, probability 0, space 0, times 0
[  866.623437][T14350] CPU: 0 UID: 0 PID: 14350 Comm: syz.0.2601 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  866.623461][T14350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  866.623472][T14350] Call Trace:
[  866.623480][T14350]  <TASK>
[  866.623490][T14350]  dump_stack_lvl+0xe8/0x150
[  866.623508][T14350]  should_fail_ex+0x46b/0x600
[  866.623528][T14350]  should_failslab+0xa8/0x100
[  866.623542][T14350]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  866.623554][T14350]  ? __alloc_skb+0x1d0/0x7d0
[  866.623565][T14350]  ? lockdep_hardirqs_on+0x7a/0x110
[  866.623580][T14350]  __alloc_skb+0x1d0/0x7d0
[  866.623593][T14350]  netlink_sendmsg+0x5d4/0xb40
[  866.623605][T14350]  ? irqentry_exit+0x218/0x760
[  866.623616][T14350]  ? trace_irq_disable+0x3b/0x140
[  866.623632][T14350]  ? __pfx_netlink_sendmsg+0x10/0x10
[  866.623646][T14350]  ? ____sys_sendmsg+0x931/0x9c0
[  866.623662][T14350]  ____sys_sendmsg+0x94c/0x9c0
[  866.623678][T14350]  ? __pfx_____sys_sendmsg+0x10/0x10
[  866.623694][T14350]  ? import_iovec+0x73/0xa0
[  866.623708][T14350]  ___sys_sendmsg+0x2a5/0x360
[  866.623720][T14350]  ? __lock_acquire+0x6b5/0x2cf0
[  866.623736][T14350]  ? __pfx____sys_sendmsg+0x10/0x10
[  866.623765][T14350]  ? __fget_files+0x2a/0x420
[  866.623774][T14350]  ? __fget_files+0x3a6/0x420
[  866.623787][T14350]  __x64_sys_sendmsg+0x1c3/0x2a0
[  866.623801][T14350]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  866.623819][T14350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.623834][T14350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.623844][T14350]  do_syscall_64+0x15f/0xf80
[  866.623857][T14350]  ? clear_bhb_loop+0x40/0x90
[  866.623870][T14350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.623880][T14350] RIP: 0033:0x7efc15cccdd9
[  866.623891][T14350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  866.623900][T14350] RSP: 002b:00007efc13f05028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  866.623911][T14350] RAX: ffffffffffffffda RBX: 00007efc15f46090 RCX: 00007efc15cccdd9
[  866.623919][T14350] RDX: 00000000000080d0 RSI: 0000200000001000 RDI: 0000000000000004
[  866.623926][T14350] RBP: 00007efc13f05090 R08: 0000000000000000 R09: 0000000000000000
[  866.623932][T14350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  866.623938][T14350] R13: 00007efc15f46128 R14: 00007efc15f46090 R15: 00007ffed32a2da8
[  866.623954][T14350]  </TASK>
[  870.065982][T13809] veth0_vlan: entered promiscuous mode
[  870.096437][T13809] veth1_vlan: entered promiscuous mode
[  870.144586][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  870.144655][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  872.100918][T13809] veth0_macvtap: entered promiscuous mode
[  872.145261][T13809] veth1_macvtap: entered promiscuous mode
[  872.333013][T13809] batman_adv: batadv0: Interface activated: batadv_slave_0
[  872.454358][T13809] batman_adv: batadv0: Interface activated: batadv_slave_1
[  872.485006][T11249] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  872.502207][T11249] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  872.502408][T11249] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  872.502442][T11249] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  872.510967][T14391] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2611'.
[  872.711076][   T59] Bluetooth: hci1: link tx timeout
[  872.711423][   T59] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  875.271091][ T5600] Bluetooth: hci1: command 0x0406 tx timeout
[  876.474419][T11283] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  876.474438][T11283] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  877.882866][T14454] FAULT_INJECTION: forcing a failure.
[  877.882866][T14454] name failslab, interval 1, probability 0, space 0, times 0
[  877.882898][T14454] CPU: 0 UID: 0 PID: 14454 Comm: syz.0.2624 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  877.882919][T14454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  877.882930][T14454] Call Trace:
[  877.882938][T14454]  <TASK>
[  877.882946][T14454]  dump_stack_lvl+0xe8/0x150
[  877.882973][T14454]  should_fail_ex+0x46b/0x600
[  877.883006][T14454]  should_failslab+0xa8/0x100
[  877.883030][T14454]  kmem_cache_alloc_noprof+0x87/0x680
[  877.883050][T14454]  ? skb_clone+0x212/0x3a0
[  877.883078][T14454]  skb_clone+0x212/0x3a0
[  877.883103][T14454]  __netlink_deliver_tap+0x404/0x850
[  877.883137][T14454]  ? netlink_deliver_tap+0x2e/0x1b0
[  877.883160][T14454]  netlink_deliver_tap+0x19c/0x1b0
[  877.883183][T14454]  netlink_sendskb+0x68/0x140
[  877.883206][T14454]  netlink_rcv_skb+0x2b6/0x4b0
[  877.883227][T14454]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  877.883251][T14454]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  877.883269][T14454]  ? lockdep_hardirqs_on+0x7a/0x110
[  877.883313][T14454]  netlink_unicast+0x780/0x920
[  877.883343][T14454]  netlink_sendmsg+0x813/0xb40
[  877.883373][T14454]  ? __pfx_netlink_sendmsg+0x10/0x10
[  877.883402][T14454]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  877.883425][T14454]  ____sys_sendmsg+0x94c/0x9c0
[  877.883454][T14454]  ? __pfx_____sys_sendmsg+0x10/0x10
[  877.883485][T14454]  ? import_iovec+0x73/0xa0
[  877.883509][T14454]  ___sys_sendmsg+0x2a5/0x360
[  877.883530][T14454]  ? __lock_acquire+0x6b5/0x2cf0
[  877.883560][T14454]  ? __pfx____sys_sendmsg+0x10/0x10
[  877.883593][T14454]  ? kstrtouint+0x6e/0xe0
[  877.883643][T14454]  ? __fget_files+0x2a/0x420
[  877.883659][T14454]  ? __fget_files+0x3a6/0x420
[  877.883686][T14454]  __sys_sendmmsg+0x282/0x4e0
[  877.883714][T14454]  ? __pfx___sys_sendmmsg+0x10/0x10
[  877.883745][T14454]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  877.883778][T14454]  ? ksys_write+0x248/0x270
[  877.883801][T14454]  ? __pfx_ksys_write+0x10/0x10
[  877.883828][T14454]  __x64_sys_sendmmsg+0xa0/0xc0
[  877.883851][T14454]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.883871][T14454]  do_syscall_64+0x15f/0xf80
[  877.883892][T14454]  ? trace_irq_disable+0x3b/0x140
[  877.883913][T14454]  ? clear_bhb_loop+0x40/0x90
[  877.883936][T14454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.883955][T14454] RIP: 0033:0x7efc15cccdd9
[  877.883972][T14454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  877.883988][T14454] RSP: 002b:00007efc13f26028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  877.884009][T14454] RAX: ffffffffffffffda RBX: 00007efc15f45fa0 RCX: 00007efc15cccdd9
[  877.884023][T14454] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 000000000000000b
[  877.884036][T14454] RBP: 00007efc13f26090 R08: 0000000000000000 R09: 0000000000000000
[  877.884047][T14454] R10: 000000000000fff0 R11: 0000000000000246 R12: 0000000000000001
[  877.884059][T14454] R13: 00007efc15f46038 R14: 00007efc15f45fa0 R15: 00007ffed32a2da8
[  877.884090][T14454]  </TASK>
[  878.264529][T10637] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  878.379382][T10637] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  878.386477][T10637] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  878.431235][T10637] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  878.431949][T10637] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  879.290869][   T36] audit: type=1326 audit(1778420608.165:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc15cccdd9 code=0x7ffc0000
[  879.292656][   T36] audit: type=1326 audit(1778420608.165:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc15cccdd9 code=0x7ffc0000
[  879.353764][   T36] audit: type=1326 audit(1778420608.205:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc15cccdd9 code=0x7ffc0000
[  879.353818][   T36] audit: type=1326 audit(1778420608.215:1780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efc15c8d60e code=0x7ffc0000
[  879.353857][   T36] audit: type=1326 audit(1778420608.215:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efc15ccca6b code=0x7ffc0000
[  879.353894][   T36] audit: type=1326 audit(1778420608.215:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efc15ccca6b code=0x7ffc0000
[  879.366672][   T36] audit: type=1326 audit(1778420608.235:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc15cccdd9 code=0x7ffc0000
[  879.383742][   T36] audit: type=1326 audit(1778420608.255:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efc15ccca6b code=0x7ffc0000
[  879.383791][   T36] audit: type=1326 audit(1778420608.255:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efc15ccca6b code=0x7ffc0000
[  879.498781][   T36] audit: type=1326 audit(1778420608.375:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14487 comm="syz.0.2630" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efc15ccca6b code=0x7ffc0000
[  879.663718][   T31] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  879.863516][   T31] usb 1-1: unable to get BOS descriptor or descriptor too short
[  879.863599][   T31] usb 1-1: too many configurations: 203, using maximum allowed: 8
[  879.866600][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.866623][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.891505][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.891529][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.894753][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.894774][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.899761][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.899784][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.902601][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.902623][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.906801][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.906823][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.920208][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.920311][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.922906][   T31] usb 1-1: config 1 has an invalid descriptor of length 114, skipping remainder of the config
[  879.922940][   T31] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  879.933515][   T31] usb 1-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice= 6.38
[  879.933618][   T31] usb 1-1: New USB device strings: Mfr=1, Product=226, SerialNumber=235
[  879.933638][   T31] usb 1-1: Product: syz
[  879.933651][   T31] usb 1-1: Manufacturer: syz
[  879.933664][   T31] usb 1-1: SerialNumber: syz
[  880.693934][   T59] Bluetooth: hci4: command tx timeout
[  883.401168][   T59] Bluetooth: hci4: command tx timeout
[  884.497320][T14534] FAULT_INJECTION: forcing a failure.
[  884.497320][T14534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  884.497342][T14534] CPU: 1 UID: 0 PID: 14534 Comm: syz.1.2638 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  884.497354][T14534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  884.497361][T14534] Call Trace:
[  884.497366][T14534]  <TASK>
[  884.497371][T14534]  dump_stack_lvl+0xe8/0x150
[  884.497388][T14534]  should_fail_ex+0x46b/0x600
[  884.497407][T14534]  _copy_from_user+0x2d/0xb0
[  884.497420][T14534]  __sys_bpf+0x229/0x950
[  884.497434][T14534]  ? __pfx___sys_bpf+0x10/0x10
[  884.497444][T14534]  ? rt_mutex_slowunlock+0x1cb/0x300
[  884.497462][T14534]  ? ksys_write+0x248/0x270
[  884.497475][T14534]  ? __pfx_ksys_write+0x10/0x10
[  884.497488][T14534]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.497499][T14534]  __x64_sys_bpf+0x7c/0x90
[  884.497510][T14534]  do_syscall_64+0x15f/0xf80
[  884.497522][T14534]  ? trace_irq_disable+0x3b/0x140
[  884.497534][T14534]  ? clear_bhb_loop+0x40/0x90
[  884.497547][T14534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.497557][T14534] RIP: 0033:0x7fc3de79cdd9
[  884.497567][T14534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  884.497576][T14534] RSP: 002b:00007fc3dc9ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  884.497588][T14534] RAX: ffffffffffffffda RBX: 00007fc3dea15fa0 RCX: 00007fc3de79cdd9
[  884.497595][T14534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  884.497601][T14534] RBP: 00007fc3dc9ee090 R08: 0000000000000000 R09: 0000000000000000
[  884.497607][T14534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  884.497613][T14534] R13: 00007fc3dea16038 R14: 00007fc3dea15fa0 R15: 00007ffda608f998
[  884.497629][T14534]  </TASK>
[  884.558387][T11102] usb 1-1: USB disconnect, device number 62
[  886.072648][T10637] Bluetooth: hci4: command tx timeout
[  887.053732][T11232] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  887.803646][T14457] lo speed is unknown, defaulting to 1000
[  887.806110][T14457] xfrm0 speed is unknown, defaulting to 1000
[  888.107965][T10637] Bluetooth: hci4: command tx timeout
[  888.640163][T14575] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  888.732814][T11232] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  890.102665][T14603] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  890.786340][T11232] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  891.005111][T14606] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2652'.
[  891.012793][T14606] netlink: 'syz.5.2652': attribute type 1 has an invalid length.
[  891.012817][T14606] netlink: 'syz.5.2652': attribute type 2 has an invalid length.
[  892.972704][T14615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2654'.
[  893.640615][T14624] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2656'.
[  894.042677][T11232] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  894.147968][T14623] netlink: 'syz.5.2657': attribute type 13 has an invalid length.
[  896.310042][T14656] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2665'.
[  896.877439][T14457] bridge0: port 1(bridge_slave_0) entered blocking state
[  896.877561][T14457] bridge0: port 1(bridge_slave_0) entered disabled state
[  896.877772][T14457] bridge_slave_0: entered allmulticast mode
[  896.880408][T14457] bridge_slave_0: entered promiscuous mode
[  897.355603][T11232] bridge_slave_1: left allmulticast mode
[  897.355635][T11232] bridge_slave_1: left promiscuous mode
[  897.355893][T11232] bridge0: port 2(bridge_slave_1) entered disabled state
[  897.479565][T14677] netlink: 276 bytes leftover after parsing attributes in process `syz.1.2671'.
[  897.614049][T11232] bridge_slave_0: left allmulticast mode
[  897.614082][T11232] bridge_slave_0: left promiscuous mode
[  897.614314][T11232] bridge0: port 1(bridge_slave_0) entered disabled state
[  898.298153][T14693] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2677'.
[  898.877995][T11232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  898.937716][T11232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  898.959217][T11232] bond0 (unregistering): Released all slaves
[  898.999267][T14457] bridge0: port 2(bridge_slave_1) entered blocking state
[  898.999413][T14457] bridge0: port 2(bridge_slave_1) entered disabled state
[  898.999612][T14457] bridge_slave_1: entered allmulticast mode
[  899.002917][T14457] bridge_slave_1: entered promiscuous mode
[  899.291915][T14457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  899.355058][T14457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  899.477540][   T31] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  899.632161][   T31] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  899.632199][   T31] usb 6-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  899.632218][   T31] usb 6-1: Product: syz
[  899.632231][   T31] usb 6-1: Manufacturer: syz
[  899.632244][   T31] usb 6-1: SerialNumber: syz
[  899.673571][   T31] usb 6-1: config 0 descriptor??
[  899.676736][   T31] ch341 6-1:0.0: ch341-uart converter detected
[  899.899026][T11102] usb 1-1: new full-speed USB device number 63 using dummy_hcd
[  899.996007][T14697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  900.010368][T14697] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  900.066304][T14457] team0: Port device team_slave_0 added
[  900.085343][T11102] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  900.085400][T11102] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  900.085427][T11102] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10
[  900.085452][T11102] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64
[  900.085477][T11102] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  900.085499][T11102] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  900.085520][T11102] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  900.101788][T11102] usb 1-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  900.101817][T11102] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.101835][T11102] usb 1-1: Product: syz
[  900.101849][T11102] usb 1-1: Manufacturer: syz
[  900.101862][T11102] usb 1-1: SerialNumber: syz
[  900.139064][T11102] usb 1-1: config 0 descriptor??
[  900.139999][T14709] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  900.150218][T11102] ati_remote 1-1:0.0: Initializing ati_remote hardware failed.
[  900.156478][T11102] ati_remote 1-1:0.0: probe with driver ati_remote failed with error -5
[  900.311420][T14457] team0: Port device team_slave_1 added
[  900.411274][T14732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2688'.
[  900.440071][T14729] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2687'.
[  900.722547][ T5845] usb 1-1: USB disconnect, device number 63
[  900.764420][   T31] usb 6-1: failed to receive control message: -110
[  900.764454][   T31] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  900.884728][ T5257] 8021q: adding VLAN 0 to HW filter on device eth9
[  900.928136][   T36] kauditd_printk_skb: 287 callbacks suppressed
[  900.928150][   T36] audit: type=1326 audit(1778420629.805:2074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.928384][   T36] audit: type=1326 audit(1778420629.805:2075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.933418][   T36] audit: type=1326 audit(1778420629.805:2076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.933816][   T36] audit: type=1326 audit(1778420629.805:2077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.933858][   T36] audit: type=1326 audit(1778420629.805:2078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.934312][   T36] audit: type=1326 audit(1778420629.805:2079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.935038][   T36] audit: type=1326 audit(1778420629.805:2080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.935081][   T36] audit: type=1326 audit(1778420629.805:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.935403][   T36] audit: type=1326 audit(1778420629.805:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  900.936333][   T36] audit: type=1326 audit(1778420629.805:2083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14737 comm="syz.1.2689" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3de79cdd9 code=0x7ffc0000
[  901.013915][T14740] FAULT_INJECTION: forcing a failure.
[  901.013915][T14740] name failslab, interval 1, probability 0, space 0, times 0
[  901.013946][T14740] CPU: 0 UID: 0 PID: 14740 Comm: syz.1.2690 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  901.013966][T14740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  901.013977][T14740] Call Trace:
[  901.013985][T14740]  <TASK>
[  901.013992][T14740]  dump_stack_lvl+0xe8/0x150
[  901.014020][T14740]  should_fail_ex+0x46b/0x600
[  901.014054][T14740]  should_failslab+0xa8/0x100
[  901.014089][T14740]  kmem_cache_alloc_noprof+0x87/0x680
[  901.014109][T14740]  ? inet_bind2_bucket_create+0x34/0x510
[  901.014141][T14740]  inet_bind2_bucket_create+0x34/0x510
[  901.014171][T14740]  inet_csk_get_port+0xf4b/0x1710
[  901.014203][T14740]  ? __local_bh_enable+0x1e1/0x2f0
[  901.014229][T14740]  ? __local_bh_enable_ip+0x1ae/0x2b0
[  901.014248][T14740]  ? __inet6_bind+0x455/0xf60
[  901.014273][T14740]  __inet6_bind+0x6e5/0xf60
[  901.014304][T14740]  __sys_bind+0x2e9/0x410
[  901.014326][T14740]  ? __pfx___sys_bind+0x10/0x10
[  901.014359][T14740]  ? __pfx_ksys_write+0x10/0x10
[  901.014384][T14740]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.014404][T14740]  __x64_sys_bind+0x7a/0x90
[  901.014425][T14740]  do_syscall_64+0x15f/0xf80
[  901.014446][T14740]  ? trace_irq_disable+0x3b/0x140
[  901.014467][T14740]  ? clear_bhb_loop+0x40/0x90
[  901.014490][T14740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.014507][T14740] RIP: 0033:0x7fc3de79cdd9
[  901.014524][T14740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  901.014539][T14740] RSP: 002b:00007fc3dc9ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  901.014558][T14740] RAX: ffffffffffffffda RBX: 00007fc3dea15fa0 RCX: 00007fc3de79cdd9
[  901.014570][T14740] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000004
[  901.014582][T14740] RBP: 00007fc3dc9ee090 R08: 0000000000000000 R09: 0000000000000000
[  901.014593][T14740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  901.014604][T14740] R13: 00007fc3dea16038 R14: 00007fc3dea15fa0 R15: 00007ffda608f998
[  901.014638][T14740]  </TASK>
[  902.155337][T14457] batman_adv: batadv0: Adding interface: batadv_slave_0
[  902.155354][T14457] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  902.155378][T14457] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  902.304105][T11102] usb 6-1: USB disconnect, device number 25
[  902.314551][T11102] ch341 6-1:0.0: device disconnected
[  902.562840][T11232] hsr_slave_0: left promiscuous mode
[  902.635826][T11232] hsr_slave_1: left promiscuous mode
[  902.638742][T11232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  902.638768][T11232] batman_adv: batadv0: Removing interface: batadv_slave_0
[  902.689952][T14761] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2698'.
[  902.691823][T11232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  902.691849][T11232] batman_adv: batadv0: Removing interface: batadv_slave_1
[  902.868946][T11232] veth1_macvtap: left promiscuous mode
[  902.869022][T11232] veth0_macvtap: left promiscuous mode
[  902.872492][T11232] veth1_vlan: left promiscuous mode
[  902.896774][T11232] veth0_vlan: left promiscuous mode
[  903.755633][T14747] netlink: 'syz.1.2692': attribute type 5 has an invalid length.
[  903.755647][T14747] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2692'.
[  904.397679][T11232] team0 (unregistering): Port device team_slave_1 removed
[  904.441823][T11232] team0 (unregistering): Port device team_slave_0 removed
[  904.737893][T14457] batman_adv: batadv0: Adding interface: batadv_slave_1
[  904.737910][T14457] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  904.737936][T14457] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  904.898531][T14457] hsr_slave_0: entered promiscuous mode
[  904.904502][T14457] hsr_slave_1: entered promiscuous mode
[  904.908255][T10637] Bluetooth: hci4: command tx timeout
[  907.645336][ T5257] 8021q: adding VLAN 0 to HW filter on device eth10
[  908.217087][   T10] usb 1-1: new low-speed USB device number 64 using dummy_hcd
[  908.415381][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1056, setting to 8
[  908.415413][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  908.415452][   T10] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  908.415473][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  908.421797][   T10] usb 1-1: config 0 descriptor??
[  908.422578][T14818] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  911.359708][T14836] o2cb: This node has not been configured.
[  911.359719][T14836] o2cb: Cluster check failed. Fix errors before retrying.
[  911.359762][T14836] (syz.5.2715,14836,1):user_dlm_register:674 ERROR: status = -22
[  911.359776][T14836] (syz.5.2715,14836,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[  913.029117][   T10] usbhid 1-1:0.0: can't add hid device: -71
[  913.029228][   T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  913.045494][   T10] usb 1-1: USB disconnect, device number 64
[  913.479934][T14861] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2721'.
[  913.491679][T14861] random: crng reseeded on system resumption
[  914.392128][T14867] syz.1.2722 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  915.689384][T14878] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.2725'.
[  916.177939][ T5845] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  916.339651][ T5845] usb 6-1: config 160 has an invalid interface number: 200 but max is 0
[  916.339678][ T5845] usb 6-1: config 160 has no interface number 0
[  916.339720][ T5845] usb 6-1: config 160 interface 200 has no altsetting 0
[  916.341945][ T5845] usb 6-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[  916.341960][ T5845] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  916.341970][ T5845] usb 6-1: Product: syz
[  916.341977][ T5845] usb 6-1: Manufacturer: syz
[  916.341984][ T5845] usb 6-1: SerialNumber: syz
[  916.556852][T14892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  916.557673][T14892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  916.579719][T14892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  916.590329][T14892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  917.429642][T14892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  917.430200][T14892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  917.436252][T14892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  917.442564][T14892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  917.454863][T14892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  917.455432][T14892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  917.761991][T14891] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2728'.
[  917.926783][ T5845] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  917.926841][ T5845] usb 6-1: MIDIStreaming interface descriptor not found
[  917.941613][T14924] FAULT_INJECTION: forcing a failure.
[  917.941613][T14924] name failslab, interval 1, probability 0, space 0, times 0
[  917.941654][T14924] CPU: 1 UID: 0 PID: 14924 Comm: syz.0.2736 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  917.941674][T14924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  917.941685][T14924] Call Trace:
[  917.941693][T14924]  <TASK>
[  917.941700][T14924]  dump_stack_lvl+0xe8/0x150
[  917.941727][T14924]  should_fail_ex+0x46b/0x600
[  917.941757][T14924]  should_failslab+0xa8/0x100
[  917.941779][T14924]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  917.941798][T14924]  ? __alloc_skb+0x1d0/0x7d0
[  917.941815][T14924]  ? lockdep_hardirqs_on+0x7a/0x110
[  917.941838][T14924]  __alloc_skb+0x1d0/0x7d0
[  917.941860][T14924]  netlink_sendmsg+0x5d4/0xb40
[  917.941890][T14924]  ? __pfx_netlink_sendmsg+0x10/0x10
[  917.941913][T14924]  ? unwind_get_return_address+0x4d/0x90
[  917.941939][T14924]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  917.941961][T14924]  ____sys_sendmsg+0x94c/0x9c0
[  917.941988][T14924]  ? __pfx_____sys_sendmsg+0x10/0x10
[  917.942019][T14924]  ? import_iovec+0x73/0xa0
[  917.942042][T14924]  ___sys_sendmsg+0x2a5/0x360
[  917.942063][T14924]  ? __lock_acquire+0x6b5/0x2cf0
[  917.942090][T14924]  ? __pfx____sys_sendmsg+0x10/0x10
[  917.942144][T14924]  ? __fget_files+0x2a/0x420
[  917.942160][T14924]  ? __fget_files+0x3a6/0x420
[  917.942187][T14924]  __x64_sys_sendmsg+0x1c3/0x2a0
[  917.942211][T14924]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  917.942242][T14924]  ? __pfx_ksys_write+0x10/0x10
[  917.942269][T14924]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.942288][T14924]  do_syscall_64+0x15f/0xf80
[  917.942305][T14924]  ? trace_irq_disable+0x3b/0x140
[  917.942322][T14924]  ? clear_bhb_loop+0x40/0x90
[  917.942342][T14924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.942359][T14924] RIP: 0033:0x7efc15cccdd9
[  917.942376][T14924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  917.942389][T14924] RSP: 002b:00007efc13f26028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  917.942407][T14924] RAX: ffffffffffffffda RBX: 00007efc15f45fa0 RCX: 00007efc15cccdd9
[  917.942418][T14924] RDX: 0000000004004000 RSI: 0000200000000000 RDI: 0000000000000003
[  917.942440][T14924] RBP: 00007efc13f26090 R08: 0000000000000000 R09: 0000000000000000
[  917.942451][T14924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  917.942462][T14924] R13: 00007efc15f46038 R14: 00007efc15f45fa0 R15: 00007ffed32a2da8
[  917.942489][T14924]  </TASK>
[  919.764257][ T5845] usb 6-1: USB disconnect, device number 26
[  920.451259][T14953] IPVS: ovf: SCTP 172.20.20.187:0 - no destination available
[  921.159172][   T31] IPVS: starting estimator thread 0...
[  921.218674][T14955] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2745'.
[  921.349021][T14960] IPVS: using max 11 ests per chain, 26400 per kthread
[  921.669358][T14966] FAULT_INJECTION: forcing a failure.
[  921.669358][T14966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  921.669390][T14966] CPU: 1 UID: 0 PID: 14966 Comm: syz.5.2746 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  921.669410][T14966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  921.669420][T14966] Call Trace:
[  921.669428][T14966]  <TASK>
[  921.669436][T14966]  dump_stack_lvl+0xe8/0x150
[  921.669462][T14966]  should_fail_ex+0x46b/0x600
[  921.669494][T14966]  _copy_to_user+0x31/0xb0
[  921.669517][T14966]  scsi_complete_sghdr_rq+0x2e1/0x5a0
[  921.669549][T14966]  sg_io+0x621/0x890
[  921.669578][T14966]  scsi_ioctl+0x148b/0x2130
[  921.669608][T14966]  ? __pfx_scsi_ioctl+0x10/0x10
[  921.669662][T14966]  ? kasan_quarantine_put+0xbb/0x1f0
[  921.669699][T14966]  ? scsi_block_when_processing_errors+0x44f/0x540
[  921.669728][T14966]  ? __pfx_scsi_block_when_processing_errors+0x10/0x10
[  921.669773][T14966]  sg_ioctl+0x1125/0x21a0
[  921.669801][T14966]  ? __pfx_smack_file_ioctl+0x10/0x10
[  921.669823][T14966]  ? __pfx_sg_ioctl+0x10/0x10
[  921.669849][T14966]  ? __fget_files+0x2a/0x420
[  921.669865][T14966]  ? __fget_files+0x3a6/0x420
[  921.669880][T14966]  ? __fget_files+0x2a/0x420
[  921.669898][T14966]  ? bpf_lsm_file_ioctl+0x9/0x20
[  921.669923][T14966]  ? __pfx_sg_ioctl+0x10/0x10
[  921.669944][T14966]  __se_sys_ioctl+0xff/0x170
[  921.669966][T14966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  921.669986][T14966]  do_syscall_64+0x15f/0xf80
[  921.670006][T14966]  ? trace_irq_disable+0x3b/0x140
[  921.670026][T14966]  ? clear_bhb_loop+0x40/0x90
[  921.670049][T14966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  921.670066][T14966] RIP: 0033:0x7fa57678cdd9
[  921.670083][T14966] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  921.670104][T14966] RSP: 002b:00007fa5749de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  921.670123][T14966] RAX: ffffffffffffffda RBX: 00007fa576a05fa0 RCX: 00007fa57678cdd9
[  921.670136][T14966] RDX: 0000200000000000 RSI: 0000000000005393 RDI: 0000000000000003
[  921.670147][T14966] RBP: 00007fa5749de090 R08: 0000000000000000 R09: 0000000000000000
[  921.670159][T14966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  921.670170][T14966] R13: 00007fa576a06038 R14: 00007fa576a05fa0 R15: 00007ffd3b343398
[  921.670200][T14966]  </TASK>
[  922.042621][T14401] udevd[14401]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  922.107238][T10637] Bluetooth: hci0: command 0x0406 tx timeout
[  922.107314][T14942] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  922.188712][T14457] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  922.237525][ T5607] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  922.246520][T14457] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  922.251468][T14457] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  922.410642][T14457] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  922.413634][T14457] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  922.418550][ T5607] usb 1-1: Using ep0 maxpacket: 32
[  922.420417][ T5607] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  922.420439][ T5607] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  922.428377][ T5607] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83
[  922.428403][ T5607] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  922.428421][ T5607] usb 1-1: Product: syz
[  922.428434][ T5607] usb 1-1: Manufacturer: syz
[  922.428447][ T5607] usb 1-1: SerialNumber: syz
[  922.438056][ T5607] usb 1-1: config 0 descriptor??
[  922.539924][   T31] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  922.549249][T14457] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  922.570621][T14457] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  922.654424][T14457] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  922.676494][ T5845] kernel read not supported for file /1659/net/dev_mcast (pid: 5845 comm: kworker/1:8)
[  922.726770][ T5607] snd-usb-6fire 1-1:0.0: unable to receive device firmware state.
[  922.726864][ T5607] snd-usb-6fire 1-1:0.0: probe with driver snd-usb-6fire failed with error -71
[  922.732095][   T31] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  922.732118][   T31] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  922.734892][   T31] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0014, bcdDevice= 0.40
[  922.734916][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  922.734934][   T31] usb 6-1: Product: syz
[  922.734948][   T31] usb 6-1: Manufacturer: syz
[  922.734960][   T31] usb 6-1: SerialNumber: syz
[  922.839810][ T5607] usb 1-1: USB disconnect, device number 65
[  922.898685][   T31] usb 6-1: 0:1 : does not exist
[  923.056490][T14979] nft_compat: unsupported protocol 1
[  923.212334][   T31] usb 6-1: 3:0: failed to get current value for ch 0 (-71)
[  923.243564][   T31] usb 6-1: unit 102 not found!
[  923.316764][   T31] usb 6-1: USB disconnect, device number 27
[  923.400468][T14457] 8021q: adding VLAN 0 to HW filter on device bond0
[  923.529041][T14457] 8021q: adding VLAN 0 to HW filter on device team0
[  923.558874][T11259] bridge0: port 1(bridge_slave_0) entered blocking state
[  923.559001][T11259] bridge0: port 1(bridge_slave_0) entered forwarding state
[  923.623887][T14915] udevd[14915]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  923.689224][T11291] bridge0: port 2(bridge_slave_1) entered blocking state
[  923.689321][T11291] bridge0: port 2(bridge_slave_1) entered forwarding state
[  923.820368][T15002] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  924.360855][T15013] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2758'.
[  926.117551][T10892] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[  926.187415][ T5607] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  926.353296][T10892] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  926.353321][T10892] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  926.353419][T10892] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  926.353441][T10892] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  926.389973][ T5607] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  926.390001][ T5607] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  926.390020][ T5607] usb 1-1: Product: syz
[  926.390033][ T5607] usb 1-1: Manufacturer: syz
[  926.390047][ T5607] usb 1-1: SerialNumber: syz
[  926.486344][ T5607] usb 1-1: config 0 descriptor??
[  926.489098][T10892] usb 6-1: config 0 descriptor??
[  926.520937][T10892] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  926.522346][T10892] dvb-usb: bulk message failed: -22 (3/0)
[  926.804098][T10892] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  926.806252][T10892] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  926.806861][T10892] usb 6-1: media controller created
[  926.853098][T10892] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  926.976126][T10892] dvb-usb: bulk message failed: -22 (6/0)
[  926.985917][T10892] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  927.020615][T10892] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input18
[  927.031710][ T5607] usb 1-1: Firmware version (0.0) predates our first public release.
[  927.031733][ T5607] usb 1-1: Please update to version 0.2 or newer
[  927.033652][ T5607] usb 1-1: Firmware: build 
[  927.074527][T10892] dvb-usb: schedule remote query interval to 150 msecs.
[  927.074550][T10892] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  927.263549][   T31] dvb-usb: bulk message failed: -22 (1/0)
[  927.263608][   T31] dvb-usb: error while querying for an remote control event.
[  927.327317][T14457] 8021q: adding VLAN 0 to HW filter on device batadv0
[  927.412407][T15052] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2769'.
[  927.412438][T15052] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2769'.
[  927.425448][   T31] dvb-usb: bulk message failed: -22 (1/0)
[  927.425479][   T31] dvb-usb: error while querying for an remote control event.
[  927.587706][   T31] dvb-usb: bulk message failed: -22 (1/0)
[  927.587977][   T31] dvb-usb: error while querying for an remote control event.
[  927.767058][   T31] dvb-usb: bulk message failed: -22 (1/0)
[  927.767091][   T31] dvb-usb: error while querying for an remote control event.
[  927.907840][T15053] trusted_key: encrypted_key: insufficient parameters specified
[  927.937567][   T31] dvb-usb: bulk message failed: -22 (1/0)
[  927.937662][   T31] dvb-usb: error while querying for an remote control event.
[  928.107823][T10892] dvb-usb: bulk message failed: -22 (1/0)
[  928.107855][T10892] dvb-usb: error while querying for an remote control event.
[  928.285408][ T5607] dvb-usb: bulk message failed: -22 (1/0)
[  928.285444][ T5607] dvb-usb: error while querying for an remote control event.
[  928.600956][ T5607] dvb-usb: bulk message failed: -22 (1/0)
[  928.601137][ T5607] dvb-usb: error while querying for an remote control event.
[  928.944804][ T5607] dvb-usb: bulk message failed: -22 (1/0)
[  928.944936][ T5607] dvb-usb: error while querying for an remote control event.
[  929.111178][ T5607] dvb-usb: bulk message failed: -22 (1/0)
[  929.111311][ T5607] dvb-usb: error while querying for an remote control event.
[  929.354415][ T5607] dvb-usb: bulk message failed: -22 (1/0)
[  929.354445][ T5607] dvb-usb: error while querying for an remote control event.
[  929.495921][T11102] usb 1-1: USB disconnect, device number 66
[  929.507575][ T5607] dvb-usb: bulk message failed: -22 (1/0)
[  929.507605][ T5607] dvb-usb: error while querying for an remote control event.
[  929.794733][ T5708] usb 6-1: USB disconnect, device number 28
[  930.058455][T15081] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2774'.
[  930.058507][T15081] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2774'.
[  930.334832][ T5708] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  930.677927][T14457] veth0_vlan: entered promiscuous mode
[  930.701569][T14457] veth1_vlan: entered promiscuous mode
[  930.867864][T14457] veth0_macvtap: entered promiscuous mode
[  930.875138][T14457] veth1_macvtap: entered promiscuous mode
[  930.931041][T14457] batman_adv: batadv0: Interface activated: batadv_slave_0
[  931.001685][T14457] batman_adv: batadv0: Interface activated: batadv_slave_1
[  931.170758][T11249] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  931.171209][T11249] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  931.172947][T11249] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  931.172989][T11249] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  931.331285][T15101] FAULT_INJECTION: forcing a failure.
[  931.331285][T15101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  931.331317][T15101] CPU: 1 UID: 0 PID: 15101 Comm: syz.0.2783 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  931.331341][T15101] Tainted: [L]=SOFTLOCKUP
[  931.331356][T15101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  931.331367][T15101] Call Trace:
[  931.331374][T15101]  <TASK>
[  931.331382][T15101]  dump_stack_lvl+0xe8/0x150
[  931.331410][T15101]  should_fail_ex+0x46b/0x600
[  931.331443][T15101]  _copy_to_user+0x31/0xb0
[  931.331466][T15101]  simple_read_from_buffer+0xe1/0x170
[  931.331497][T15101]  proc_fail_nth_read+0x1be/0x230
[  931.331527][T15101]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  931.331554][T15101]  ? rw_verify_area+0x2ac/0x4e0
[  931.331574][T15101]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  931.331600][T15101]  vfs_read+0x212/0xa80
[  931.331628][T15101]  ? __pfx_vfs_read+0x10/0x10
[  931.331651][T15101]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  931.331674][T15101]  ? lockdep_hardirqs_on+0x7a/0x110
[  931.331696][T15101]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  931.331717][T15101]  ? mutex_lock_nested+0x152/0x1d0
[  931.331744][T15101]  ? fdget_pos+0x252/0x320
[  931.331768][T15101]  ksys_read+0x156/0x270
[  931.331789][T15101]  ? __pfx_ksys_read+0x10/0x10
[  931.331816][T15101]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.331836][T15101]  do_syscall_64+0x15f/0xf80
[  931.331856][T15101]  ? trace_irq_disable+0x3b/0x140
[  931.331877][T15101]  ? clear_bhb_loop+0x40/0x90
[  931.331900][T15101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.331917][T15101] RIP: 0033:0x7efc15c8d60e
[  931.331935][T15101] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  931.331950][T15101] RSP: 002b:00007efc13f25fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  931.331970][T15101] RAX: ffffffffffffffda RBX: 00007efc13f266c0 RCX: 00007efc15c8d60e
[  931.331982][T15101] RDX: 000000000000000f RSI: 00007efc13f260a0 RDI: 0000000000000004
[  931.331994][T15101] RBP: 00007efc13f26090 R08: 0000000000000000 R09: 0000000000000000
[  931.332006][T15101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  931.332017][T15101] R13: 00007efc15f46038 R14: 00007efc15f45fa0 R15: 00007ffed32a2da8
[  931.332056][T15101]  </TASK>
[  931.550192][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  931.550261][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  933.876067][T15118] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2788'.
[  934.557735][T15133] netlink: 'syz.1.2791': attribute type 1 has an invalid length.
[  934.705587][T11277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  934.705606][T11277] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  934.894565][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  934.894586][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  937.773162][T15154] loop8: detected capacity change from 0 to 7
[  937.777398][T15154] Dev loop8: unable to read RDB block 7
[  937.777447][T15154]  loop8: unable to read partition table
[  937.777653][T15154] loop8: partition table beyond EOD, truncated
[  937.777669][T15154] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  938.067844][T15157] FAULT_INJECTION: forcing a failure.
[  938.067844][T15157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  938.067870][T15157] CPU: 0 UID: 0 PID: 15157 Comm: syz.5.2800 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  938.067892][T15157] Tainted: [L]=SOFTLOCKUP
[  938.067899][T15157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  938.067909][T15157] Call Trace:
[  938.067916][T15157]  <TASK>
[  938.067924][T15157]  dump_stack_lvl+0xe8/0x150
[  938.067949][T15157]  should_fail_ex+0x46b/0x600
[  938.067981][T15157]  _copy_to_user+0x31/0xb0
[  938.068003][T15157]  simple_read_from_buffer+0xe1/0x170
[  938.068032][T15157]  proc_fail_nth_read+0x1be/0x230
[  938.068059][T15157]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  938.068087][T15157]  ? rw_verify_area+0x2ac/0x4e0
[  938.068104][T15157]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  938.068131][T15157]  vfs_read+0x212/0xa80
[  938.068157][T15157]  ? __pfx_vfs_read+0x10/0x10
[  938.068176][T15157]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  938.068194][T15157]  ? lockdep_hardirqs_on+0x7a/0x110
[  938.068214][T15157]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  938.068233][T15157]  ? mutex_lock_nested+0x152/0x1d0
[  938.068255][T15157]  ? fdget_pos+0x252/0x320
[  938.068278][T15157]  ksys_read+0x156/0x270
[  938.068299][T15157]  ? __pfx_ksys_read+0x10/0x10
[  938.068326][T15157]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.068344][T15157]  do_syscall_64+0x15f/0xf80
[  938.068363][T15157]  ? trace_irq_disable+0x3b/0x140
[  938.068379][T15157]  ? clear_bhb_loop+0x40/0x90
[  938.068396][T15157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.068418][T15157] RIP: 0033:0x7fa57674d60e
[  938.068432][T15157] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  938.068443][T15157] RSP: 002b:00007fa5749ddfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  938.068458][T15157] RAX: ffffffffffffffda RBX: 00007fa5749de6c0 RCX: 00007fa57674d60e
[  938.068468][T15157] RDX: 000000000000000f RSI: 00007fa5749de0a0 RDI: 0000000000000004
[  938.068476][T15157] RBP: 00007fa5749de090 R08: 0000000000000000 R09: 0000000000000000
[  938.068484][T15157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  938.068492][T15157] R13: 00007fa576a06038 R14: 00007fa576a05fa0 R15: 00007ffd3b343398
[  938.068517][T15157]  </TASK>
[  938.401743][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  938.465820][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  938.475956][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  938.495137][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  938.496556][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  938.687713][   T36] kauditd_printk_skb: 4 callbacks suppressed
[  938.687732][   T36] audit: type=1326 audit(1778420667.565:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.689724][   T36] audit: type=1326 audit(1778420667.565:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.691023][   T36] audit: type=1326 audit(1778420667.565:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.692639][   T36] audit: type=1326 audit(1778420667.565:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.692686][   T36] audit: type=1326 audit(1778420667.565:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.692723][   T36] audit: type=1326 audit(1778420667.565:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.692762][   T36] audit: type=1326 audit(1778420667.565:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.693199][   T36] audit: type=1326 audit(1778420667.565:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.693536][   T36] audit: type=1326 audit(1778420667.565:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  938.693660][   T36] audit: type=1326 audit(1778420667.565:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15162 comm="syz.6.2802" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ddbd0cdd9 code=0x7ffc0000
[  940.606489][   T59] Bluetooth: hci1: command tx timeout
[  941.211801][T15187] tmpfs: Bad value for 'mpol'
[  942.399029][T15194] FAULT_INJECTION: forcing a failure.
[  942.399029][T15194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  942.399063][T15194] CPU: 0 UID: 0 PID: 15194 Comm: syz.0.2799 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  942.399088][T15194] Tainted: [L]=SOFTLOCKUP
[  942.399095][T15194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  942.399107][T15194] Call Trace:
[  942.399115][T15194]  <TASK>
[  942.399124][T15194]  dump_stack_lvl+0xe8/0x150
[  942.399150][T15194]  should_fail_ex+0x46b/0x600
[  942.399182][T15194]  _copy_from_user+0x2d/0xb0
[  942.399204][T15194]  video_usercopy+0x36f/0x1450
[  942.399240][T15194]  ? smk_tskacc+0x311/0x3a0
[  942.399259][T15194]  ? __pfx___video_do_ioctl+0x10/0x10
[  942.399284][T15194]  ? __pfx_video_usercopy+0x10/0x10
[  942.399305][T15194]  ? smack_file_ioctl+0x2c2/0x360
[  942.399341][T15194]  ? __fget_files+0x2a/0x420
[  942.399358][T15194]  ? __fget_files+0x3a6/0x420
[  942.399377][T15194]  v4l2_ioctl+0x190/0x1e0
[  942.399401][T15194]  ? __pfx_v4l2_ioctl+0x10/0x10
[  942.399424][T15194]  __se_sys_ioctl+0xff/0x170
[  942.399445][T15194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.399465][T15194]  do_syscall_64+0x15f/0xf80
[  942.399486][T15194]  ? trace_irq_disable+0x3b/0x140
[  942.399507][T15194]  ? clear_bhb_loop+0x40/0x90
[  942.399530][T15194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.399548][T15194] RIP: 0033:0x7efc15cccdd9
[  942.399565][T15194] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  942.399581][T15194] RSP: 002b:00007efc13f26028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  942.399601][T15194] RAX: ffffffffffffffda RBX: 00007efc15f45fa0 RCX: 00007efc15cccdd9
[  942.399615][T15194] RDX: 0000200000000940 RSI: 00000000c040565f RDI: 0000000000000008
[  942.399628][T15194] RBP: 00007efc13f26090 R08: 0000000000000000 R09: 0000000000000000
[  942.399639][T15194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  942.399651][T15194] R13: 00007efc15f46038 R14: 00007efc15f45fa0 R15: 00007ffed32a2da8
[  942.399681][T15194]  </TASK>
[  942.667551][   T59] Bluetooth: hci1: command tx timeout
[  943.065437][T15155] lo speed is unknown, defaulting to 1000
[  943.088010][T15205] loop8: detected capacity change from 0 to 7
[  943.125648][T15155] xfrm0 speed is unknown, defaulting to 1000
[  943.183597][T15199] "syz.6.2810" (15199) uses obsolete ecb(arc4) skcipher
[  943.290185][T15205] Dev loop8: unable to read RDB block 7
[  943.290228][T15205]  loop8: unable to read partition table
[  943.290431][T15205] loop8: partition table beyond EOD, truncated
[  943.290459][T15205] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  944.132490][T15212] ------------[ cut here ]------------
[  944.132504][T15212] debug_locks && !(!get_current()->pi_blocked_on)
[  944.132517][T15212] WARNING: kernel/locking/spinlock_rt.c:40 at rt_spin_lock+0x31c/0x400, CPU#0: syz.6.2813/15212
[  944.132573][T15212] Modules linked in:
[  944.132593][T15212] CPU: 0 UID: 0 PID: 15212 Comm: syz.6.2813 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  944.132620][T15212] Tainted: [L]=SOFTLOCKUP
[  944.132628][T15212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  944.132642][T15212] RIP: 0010:rt_spin_lock+0x31c/0x400
[  944.132682][T15212] Code: 48 3b 44 24 60 0f 85 98 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 fa 20 14 f6 e9 ac fe ff ff 90 <0f> 0b 90 e9 f6 fd ff ff 90 0f 0b 90 e9 3f ff ff ff e8 de 20 14 f6
[  944.132699][T15212] RSP: 0018:ffffc900055475a0 EFLAGS: 00010282
[  944.132716][T15212] RAX: 1ffff11006827917 RBX: 1ffff92000aa8eb8 RCX: 0000000000000046
[  944.132730][T15212] RDX: 0000000000000000 RSI: ffffffff8d86313b RDI: ffffffff8ba74fe0
[  944.132743][T15212] RBP: ffffc90005547660 R08: ffffffff8220f7d4 R09: ffff88801a02a758
[  944.132758][T15212] R10: dffffc0000000000 R11: fffffbfff1f11ddf R12: ffff88803413c8b8
[  944.132774][T15212] R13: dffffc0000000000 R14: ffff88801a02a700 R15: ffffc900055475e0
[  944.132808][T15212] FS:  00007f0dd9f5e6c0(0000) GS:ffff888126176000(0000) knlGS:0000000000000000
[  944.132825][T15212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  944.132839][T15212] CR2: 0000001b34111ff8 CR3: 000000003d316000 CR4: 00000000003526f0
[  944.132857][T15212] Call Trace:
[  944.132866][T15212]  <TASK>
[  944.132879][T15212]  ? __pfx_rt_spin_lock+0x10/0x10
[  944.132911][T15212]  ? fill_pool+0x156/0x580
[  944.132951][T15212]  get_from_partial_node+0x54/0x480
[  944.132980][T15212]  ? __pfx____migrate_enable+0x10/0x10
[  944.133009][T15212]  ? preempt_schedule_thunk+0x16/0x30
[  944.133040][T15212]  ? fill_pool+0x156/0x580
[  944.133076][T15212]  ___slab_alloc+0xb2/0x670
[  944.133129][T15212]  kmem_cache_alloc_noprof+0xea/0x680
[  944.133165][T15212]  ? fill_pool+0x156/0x580
[  944.133206][T15212]  fill_pool+0x156/0x580
[  944.133255][T15212]  ? __pfx_fill_pool+0x10/0x10
[  944.133304][T15212]  ? debug_objects_fill_pool+0x6f/0xd0
[  944.133345][T15212]  ? debug_objects_fill_pool+0x6f/0xd0
[  944.133389][T15212]  debug_objects_fill_pool+0x97/0xd0
[  944.133431][T15212]  debug_object_assert_init+0x34/0x340
[  944.133479][T15212]  hrtimer_start_range_ns+0x3f/0xef0
[  944.133520][T15212]  ? preempt_schedule_thunk+0x16/0x30
[  944.133562][T15212]  ? preempt_schedule_common+0x82/0xd0
[  944.133607][T15212]  futex_lock_pi+0x8df/0xb10
[  944.133678][T15212]  ? __pfx_futex_lock_pi+0x10/0x10
[  944.133723][T15212]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  944.133758][T15212]  ? __lock_acquire+0x6b5/0x2cf0
[  944.133840][T15212]  ? __pfx_futex_wake_mark+0x10/0x10
[  944.133929][T15212]  do_futex+0x292/0x420
[  944.133977][T15212]  ? __pfx_do_futex+0x10/0x10
[  944.134030][T15212]  __se_sys_futex+0x3a8/0x450
[  944.134084][T15212]  ? __pfx___se_sys_futex+0x10/0x10
[  944.134115][T15212]  ? __task_pid_nr_ns+0x28/0x470
[  944.134149][T15212]  ? __x64_sys_futex+0x21/0xf0
[  944.134175][T15212]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.134197][T15212]  do_syscall_64+0x15f/0xf80
[  944.134220][T15212]  ? clear_bhb_loop+0x40/0x90
[  944.134244][T15212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.134262][T15212] RIP: 0033:0x7f0ddbd0cdd9
[  944.134279][T15212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  944.134295][T15212] RSP: 002b:00007f0dd9f5e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  944.134338][T15212] RAX: ffffffffffffffda RBX: 00007f0ddbf85fa0 RCX: 00007f0ddbd0cdd9
[  944.134355][T15212] RDX: 00000000000000f2 RSI: 0000000000000006 RDI: 0000200000000200
[  944.134368][T15212] RBP: 00007f0ddbda2d69 R08: 0000000000000000 R09: 0000000000000001
[  944.134381][T15212] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[  944.134394][T15212] R13: 00007f0ddbf86038 R14: 00007f0ddbf85fa0 R15: 00007ffc06b7dff8
[  944.134424][T15212]  </TASK>
[  944.134442][T15212] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  944.134460][T15212] CPU: 0 UID: 0 PID: 15212 Comm: syz.6.2813 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  944.134488][T15212] Tainted: [L]=SOFTLOCKUP
[  944.134496][T15212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  944.134509][T15212] Call Trace:
[  944.134518][T15212]  <TASK>
[  944.134527][T15212]  vpanic+0x56c/0xa60
[  944.134554][T15212]  ? __pfx__printk+0x10/0x10
[  944.134583][T15212]  ? __pfx_vpanic+0x10/0x10
[  944.134604][T15212]  ? is_bpf_text_address+0x292/0x2b0
[  944.134631][T15212]  ? is_bpf_text_address+0x26/0x2b0
[  944.134663][T15212]  panic+0xc5/0xd0
[  944.134686][T15212]  ? __pfx_panic+0x10/0x10
[  944.134724][T15212]  __warn+0x315/0x4c0
[  944.134746][T15212]  ? rt_spin_lock+0x31c/0x400
[  944.134767][T15212]  ? rt_spin_lock+0x31c/0x400
[  944.134785][T15212]  __report_bug+0x29a/0x540
[  944.134807][T15212]  ? tick_program_event+0x8f/0x120
[  944.134836][T15212]  ? rt_spin_lock+0x31c/0x400
[  944.134854][T15212]  ? __pfx___report_bug+0x10/0x10
[  944.134878][T15212]  ? __lock_acquire+0x6b5/0x2cf0
[  944.134909][T15212]  ? finish_task_switch+0x4de/0xbe0
[  944.134941][T15212]  ? rcu_is_watching+0x15/0xb0
[  944.134975][T15212]  ? rt_spin_lock+0x31c/0x400
[  944.134994][T15212]  report_bug+0x16a/0x220
[  944.135016][T15212]  ? rt_spin_lock+0x31c/0x400
[  944.135035][T15212]  ? rt_spin_lock+0x31e/0x400
[  944.135052][T15212]  handle_bug+0x9c/0x200
[  944.135090][T15212]  exc_invalid_op+0x1a/0x50
[  944.135117][T15212]  asm_exc_invalid_op+0x1a/0x20
[  944.135136][T15212] RIP: 0010:rt_spin_lock+0x31c/0x400
[  944.135153][T15212] Code: 48 3b 44 24 60 0f 85 98 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 fa 20 14 f6 e9 ac fe ff ff 90 <0f> 0b 90 e9 f6 fd ff ff 90 0f 0b 90 e9 3f ff ff ff e8 de 20 14 f6
[  944.135168][T15212] RSP: 0018:ffffc900055475a0 EFLAGS: 00010282
[  944.135184][T15212] RAX: 1ffff11006827917 RBX: 1ffff92000aa8eb8 RCX: 0000000000000046
[  944.135199][T15212] RDX: 0000000000000000 RSI: ffffffff8d86313b RDI: ffffffff8ba74fe0
[  944.135214][T15212] RBP: ffffc90005547660 R08: ffffffff8220f7d4 R09: ffff88801a02a758
[  944.135229][T15212] R10: dffffc0000000000 R11: fffffbfff1f11ddf R12: ffff88803413c8b8
[  944.135246][T15212] R13: dffffc0000000000 R14: ffff88801a02a700 R15: ffffc900055475e0
[  944.135268][T15212]  ? get_from_partial_node+0x54/0x480
[  944.135307][T15212]  ? __pfx_rt_spin_lock+0x10/0x10
[  944.135334][T15212]  ? fill_pool+0x156/0x580
[  944.135353][T15212]  get_from_partial_node+0x54/0x480
[  944.135380][T15212]  ? __pfx____migrate_enable+0x10/0x10
[  944.135411][T15212]  ? preempt_schedule_thunk+0x16/0x30
[  944.135443][T15212]  ? fill_pool+0x156/0x580
[  944.135461][T15212]  ___slab_alloc+0xb2/0x670
[  944.135497][T15212]  kmem_cache_alloc_noprof+0xea/0x680
[  944.135516][T15212]  ? fill_pool+0x156/0x580
[  944.135535][T15212]  fill_pool+0x156/0x580
[  944.135558][T15212]  ? __pfx_fill_pool+0x10/0x10
[  944.135582][T15212]  ? debug_objects_fill_pool+0x6f/0xd0
[  944.135611][T15212]  ? debug_objects_fill_pool+0x6f/0xd0
[  944.135641][T15212]  debug_objects_fill_pool+0x97/0xd0
[  944.135670][T15212]  debug_object_assert_init+0x34/0x340
[  944.135703][T15212]  hrtimer_start_range_ns+0x3f/0xef0
[  944.135733][T15212]  ? preempt_schedule_thunk+0x16/0x30
[  944.135762][T15212]  ? preempt_schedule_common+0x82/0xd0
[  944.135792][T15212]  futex_lock_pi+0x8df/0xb10
[  944.135824][T15212]  ? __pfx_futex_lock_pi+0x10/0x10
[  944.135850][T15212]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  944.135872][T15212]  ? __lock_acquire+0x6b5/0x2cf0
[  944.135920][T15212]  ? __pfx_futex_wake_mark+0x10/0x10
[  944.135961][T15212]  do_futex+0x292/0x420
[  944.135993][T15212]  ? __pfx_do_futex+0x10/0x10
[  944.136026][T15212]  __se_sys_futex+0x3a8/0x450
[  944.136069][T15212]  ? __pfx___se_sys_futex+0x10/0x10
[  944.136096][T15212]  ? __task_pid_nr_ns+0x28/0x470
[  944.136126][T15212]  ? __x64_sys_futex+0x21/0xf0
[  944.136149][T15212]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.136169][T15212]  do_syscall_64+0x15f/0xf80
[  944.136195][T15212]  ? clear_bhb_loop+0x40/0x90
[  944.136219][T15212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.136238][T15212] RIP: 0033:0x7f0ddbd0cdd9
[  944.136255][T15212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  944.136271][T15212] RSP: 002b:00007f0dd9f5e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  944.136290][T15212] RAX: ffffffffffffffda RBX: 00007f0ddbf85fa0 RCX: 00007f0ddbd0cdd9
[  944.136302][T15212] RDX: 00000000000000f2 RSI: 0000000000000006 RDI: 0000200000000200
[  944.136315][T15212] RBP: 00007f0ddbda2d69 R08: 0000000000000000 R09: 0000000000000001
[  944.136331][T15212] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000000
[  944.136343][T15212] R13: 00007f0ddbf86038 R14: 00007f0ddbf85fa0 R15: 00007ffc06b7dff8
[  944.136372][T15212]  </TASK>
[  944.136704][T15212] Kernel Offset: disabled