last executing test programs:

6m12.449315177s ago: executing program 1 (id=1161):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000021c0)=@delchain={0xe4, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x4}, {0x0, 0xa}}, [@TCA_CHAIN={0x8}, @TCA_CHAIN={0x8, 0xb, 0x89f}, @filter_kind_options=@f_u32={{0x8}, {0xa8, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0x2, 0x7, 0x2, 0x0, 0x7, 0xd, 0x94, 0x2}}, @TCA_U32_ACT={0x90, 0x7, [@m_skbedit={0x30, 0x18, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_police={0x30, 0xb, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_bpf={0x2c, 0x13, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}]}]}}]}, 0xe4}, 0x1, 0x0, 0x0, 0x91}, 0x0) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a3c000000120a090000000000000000000200000009000200a30000000000000008000440000000000900010073797a30000000000800034000000003140000001100010000000000000040000000000a"], 0x64}}, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

6m11.888748711s ago: executing program 1 (id=1166):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e23, @rand_addr=0x64010180}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000240)={r3, 0x4}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSISO7816(r4, 0xc0285443, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r10, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r11=>0x0})
bind$can_j1939(r10, &(0x7f0000000340)={0x1d, r11, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18)
sendmsg$inet(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r10, 0x6b, 0x1, &(0x7f0000000380)=[{0x3, 0x1, {0x1, 0x1f1}, {0x2}, 0xfe, 0xfd}], 0x20)
sendmsg$nl_route_sched(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x74, r11, {0xfff3, 0x10}, {0xfff1, 0x9}, {0x2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x404c083}, 0x20000050)
ftruncate(r8, 0x8008976)

6m10.315350027s ago: executing program 1 (id=1170):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f00000005c0)}, 0x20)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0x19, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = syz_open_dev$video4linux(&(0x7f0000000080), 0xe97, 0x0)
ioctl$VIDIOC_SUBDEV_S_CROP(r3, 0xc038563c, &(0x7f00000003c0)={0x0, 0x0, {0xfffffff8, 0xfffffffd, 0xfffff1b4}})

6m8.840791476s ago: executing program 1 (id=1175):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003a00010325bd70000000a0812ef60000"], 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002480)={'wlan0\x00'})
sendmsg$NL80211_CMD_TDLS_OPER(r1, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f00000024c0)={0x28, r2, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x8014)
r3 = socket(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0xfff0)
r4 = io_uring_setup(0x2c4d, &(0x7f0000000200))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r4, 0x18, &(0x7f0000000000), 0x1)

6m8.361326891s ago: executing program 1 (id=1179):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000003d80), 0xffffffffffffffff)
io_uring_setup(0x7d95, &(0x7f0000000940)={0x0, 0xdf07, 0x40, 0x1, 0x91})
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
socket(0x2b, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004340)=""/102376, 0x18fe8)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
tgkill(0x0, 0x0, 0x12)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$sock(r3, &(0x7f00000022c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24004000)
recvmmsg(r3, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000340)=""/1, 0x1}], 0x1}, 0xe75}], 0x3aa0, 0x60002000, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)

6m7.637560484s ago: executing program 1 (id=1181):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r0 = syz_io_uring_setup(0x4aa, &(0x7f0000000380)={0x0, 0xfffffffc, 0x10100, 0x10000000, 0x13a}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x4126}})
io_uring_enter(r0, 0x38c5, 0x2000000, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000041c0)=ANY=[@ANYBLOB="14000000260001002ebdf000fcdbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x48080)

5m52.478727307s ago: executing program 32 (id=1181):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r0 = syz_io_uring_setup(0x4aa, &(0x7f0000000380)={0x0, 0xfffffffc, 0x10100, 0x10000000, 0x13a}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x4126}})
io_uring_enter(r0, 0x38c5, 0x2000000, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000041c0)=ANY=[@ANYBLOB="14000000260001002ebdf000fcdbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x48080)

2m50.579781198s ago: executing program 5 (id=1809):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e23, @rand_addr=0x64010180}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000240)={r3, 0x4}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioctl$TIOCSISO7816(0xffffffffffffffff, 0xc0285443, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r10=>0x0})
bind$can_j1939(r9, &(0x7f0000000340)={0x1d, r10, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r9, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r9, 0x6b, 0x1, &(0x7f0000000380)=[{0x3, 0x1, {0x1, 0x1f1}, {0x2}, 0xfe, 0xfd}], 0x20)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x74, r10, {0xfff3, 0x10}, {0xfff1, 0x9}, {0x2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x404c083}, 0x20000050)
ftruncate(r7, 0x8008976)

2m49.206801363s ago: executing program 5 (id=1811):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0xa, &(0x7f0000000180)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @ringbuf_query, @map_fd={0x18, 0x7}], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x5, 0x7, 0x81, 0x2}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[{0x1, 0x4, 0x6, 0x4}]}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0x32, &(0x7f0000000f00)=0x1000000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'veth0_macvtap\x00', <r2=>0x0})
sendmmsg$inet(r1, &(0x7f0000000000)=[{{&(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @local, @loopback}}}, @ip_retopts={{0x10}}], 0x30}}], 0x1, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000007c0)={0xffffffffffffffff, 0x20, &(0x7f0000000780)={&(0x7f0000000580)=""/193, 0xc1, <r3=>0x0, &(0x7f0000000740)=""/47, 0x2f}}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000800)={r0, r2, 0x25, 0x0, @val=@tracing={r3}}, 0x20)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
getsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="0000000000008214880c3177a1ec000000000000000000d8dda7bc00d2e4ff04488d4b042a4165f3f5064d3ead6114476b6daf2e00cb72688b9be4f0f0a7a6785cc62b599a5b8972d2f204dfaa9599990ccbe1e4c5bee507c96e5409cc52f4585a3f051e5e7d715f0c17ea2e87f4ea3a4d9f27a58a4c0f87b0b752509b2e3cb26c0a0fc401107970755d2e472fb1564d4291f34308364378919fab0b2394c60d86e9cb42cf612c756ad127cc58e8dd5388647a81b8641bae7265b8557588985b1e1fb1280a4f54f87c554bd2ca78ee3f4464d11466f08c1366c5f7901df4273adbc80a72ff259e33"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

2m47.482984002s ago: executing program 5 (id=1815):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001380)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001440)={&(0x7f00000013c0)={0x48, 0x0, 0x10, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x5, 0x6}}}}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x8f6}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x8}, @NL80211_ATTR_SSID={0x10, 0x34, @random="9bd1fdd2e23ce57149633525"}]}, 0x48}, 0x1, 0x0, 0x0, 0x200000c0}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r6, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x90, 0x1, 0x2, 0xd59f80, 0x19ef, 0x6, 0x19ef, 0xffffffff, 0x4, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r7, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0x2, 0x0, 0x7}})
write$uinput_user_dev(r7, &(0x7f0000000380)={'syz0\x00', {0xfc, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x7, 0xe6a, 0x8, 0x1, 0x5, 0x80, 0x54, 0x7fffdfff, 0x2, 0x9, 0x8, 0x9, 0x9, 0x3, 0x7, 0x40000, 0x1a, 0x26, 0x2, 0x0, 0x3f7, 0xfffffff4, 0x1, 0xda6, 0xa, 0xa7, 0xeb36, 0x2, 0x9, 0x200, 0x200, 0x1, 0x1, 0x1, 0x7, 0x9, 0xd, 0x7, 0x9, 0x80000000, 0x9, 0xb50, 0x40, 0x800, 0x5, 0x0, 0xff, 0x7, 0x5, 0x8, 0x2, 0x7fff, 0x8, 0xffffffff, 0x1, 0x0, 0x0, 0x7f, 0x964e, 0x2d5, 0x149, 0x1], [0x66ac, 0xfffffffa, 0x3, 0x3, 0x8e, 0x7, 0x80000001, 0x9, 0x6, 0x2, 0x0, 0x7, 0x100006, 0x8001, 0x9, 0x8, 0x2, 0x5, 0x3ff, 0x2, 0x7ff, 0x5, 0x9, 0xc00, 0x85, 0x7ff, 0x0, 0x1, 0x10000, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x7, 0x0, 0x4, 0x4c, 0x7, 0x8, 0x5, 0xe66, 0x8, 0x0, 0x7f, 0x4b, 0x7d, 0x6, 0xb, 0x4, 0x9, 0x1, 0x8d1, 0x100008fd, 0xfffffffa, 0xf3, 0x8e, 0x10001, 0x2004, 0x401, 0x80000001, 0x7f, 0x9], [0x8396, 0x7, 0x10000, 0x9, 0x8000, 0x1, 0x9, 0x12, 0x8, 0x6, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8001, 0x7, 0x3, 0x6, 0x5, 0x3, 0xc7, 0x2, 0xe87, 0x0, 0x2, 0x8003, 0xc, 0x5, 0xb10, 0x1e, 0x3, 0x800, 0x80008, 0x9, 0x3, 0x200, 0xfffffff7, 0x4, 0xe, 0x464b, 0x6, 0x1002e7, 0x7ff, 0x200, 0x6, 0x87ff, 0x2, 0x7fffffff, 0xffffffff, 0x4, 0xfdff, 0xd5d, 0xa0c787d, 0xffffff4e, 0x9, 0xa, 0x40, 0x3, 0x0, 0x1fc1, 0x9, 0x1, 0x16], [0x10000010, 0x7, 0x7, 0x1, 0xa5e, 0xfe, 0xff, 0x8, 0x7ffffffe, 0x0, 0xe, 0x2, 0x4, 0x3, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xfffffff7, 0x4, 0x0, 0x103, 0x6, 0xd0, 0x6, 0x4000400, 0xffffffff, 0xfffffffa, 0x40, 0x80000000, 0x4, 0x7, 0xfff, 0x40, 0x9, 0x0, 0xa, 0xffffffff, 0x0, 0x7, 0x6, 0x3, 0x1, 0x80000002, 0x7ffffffe, 0xff, 0x6, 0x3, 0xfffff801, 0xffefffff, 0x37d, 0xfffffff8, 0xd, 0x7, 0xd, 0x8, 0x0, 0x0, 0x8, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c)
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x3)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0xb82e5000)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x406, r0)
syz_usb_connect(0x3, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100005ae4c41096050100f5fd0002030109021b0001000000000904d60001b5e14500090583"], 0x0)
ioctl$SCSI_IOCTL_PROBE_HOST(r9, 0x5385, &(0x7f00000002c0)={0x100d, ""/4109})

2m44.249388624s ago: executing program 5 (id=1825):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
unshare(0x20000400)
r2 = fanotify_init(0x20, 0x2)
fanotify_mark(r2, 0x21e, 0x8, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x147bfe28ad63f17, 0x14})
mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000)
mremap(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil)
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

2m42.841378789s ago: executing program 5 (id=1828):
r0 = socket$netlink(0x10, 0x3, 0x15)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xts-twofish-avx,camellia-asm,cbcmac(aes))\x00'}, 0x58)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="04010000100053"], 0x104}, 0x1, 0x0, 0x0, 0x20040890}, 0x200080c0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x7, 0x0, 0x7fff8000}]})
gettid()
r2 = getpid()
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='nfsd\x00', 0x0, 0x0)
kcmp(r2, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000000, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r6, 0xc058560f, &(0x7f0000005140)=@multiplanar_userptr={0x3, 0x3, 0x4, 0x20, 0x0, {0x0, 0xea60}, {0x3, 0x8, 0x1, 0x44, 0x2, 0x68, "d6fda0f1"}, 0x8, 0x2, {0x0}, 0x8})
unshare(0x6020400)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r7, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff, 0x3}, 0xe)
ioctl$FIBMAP(r5, 0x1, &(0x7f0000000080)=0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))

2m37.901001386s ago: executing program 5 (id=1835):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x14}, 0x94)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x87}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f00000004c0)={{r2}, {@void, @max}})
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x2, r4, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_genetlink_get_family_id$team(&(0x7f00000002c0), r4)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000300)={'sit0\x00', &(0x7f0000000480)={'gretap0\x00', <r8=>0x0, 0x40, 0x7f00, 0x4, 0x5, {{0x5, 0x4, 0x1, 0x2c, 0x14, 0x68, 0x0, 0x8f, 0x29, 0x0, @empty, @rand_addr=0x64010101}}}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f00000003c0)={'wg2\x00', <r9=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)={0x98, r7, 0x800, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r8}, {0x7c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r9}}}]}}]}, 0x98}}, 0x4000000)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r10 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r10, 0xc0285700, &(0x7f0000000100)={0xfffffff8, "07875fac0800cb0d6c446593aa7eaba9a256d98e03ab46af0000000000ed00", <r11=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r11, 0xc0383e04, &(0x7f0000000140)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)=[{}]})

2m22.807227004s ago: executing program 33 (id=1835):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x14}, 0x94)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x87}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f00000004c0)={{r2}, {@void, @max}})
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x2, r4, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_genetlink_get_family_id$team(&(0x7f00000002c0), r4)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000300)={'sit0\x00', &(0x7f0000000480)={'gretap0\x00', <r8=>0x0, 0x40, 0x7f00, 0x4, 0x5, {{0x5, 0x4, 0x1, 0x2c, 0x14, 0x68, 0x0, 0x8f, 0x29, 0x0, @empty, @rand_addr=0x64010101}}}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f00000003c0)={'wg2\x00', <r9=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)={0x98, r7, 0x800, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r8}, {0x7c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r9}}}]}}]}, 0x98}}, 0x4000000)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r10 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r10, 0xc0285700, &(0x7f0000000100)={0xfffffff8, "07875fac0800cb0d6c446593aa7eaba9a256d98e03ab46af0000000000ed00", <r11=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r11, 0xc0383e04, &(0x7f0000000140)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)=[{}]})

39.74952798s ago: executing program 6 (id=2179):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(0x3)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000000400)={0x2020}, 0x2020)
r2 = socket$unix(0x1, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 5)

39.296002945s ago: executing program 6 (id=2180):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x101800, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x1ff, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r1, {<r3=>0xffffffffffffffff}}, './file0\x00'})
ioctl$SIOCRSACCEPT(r2, 0x89e3)
ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000100))
ioctl$VIDIOC_S_FBUF(r2, 0x4030560b, &(0x7f00000002c0)={0x31, 0x44, &(0x7f0000000200)="bcf2df5c7e8c3f5e7f888d0931c1b1d2bc28a9187c8f813c15c0f49f426b189f3020d62711882b8bffa9943cf989bbdb125731a782843fea62c44c372d2b28c257565e20631a374a72b6179bc73e988b152f01fb4d12f77c1f49ccd42746be678c5241c0cc6b0bed16729d172a7f76a06dc2e7237142ac12379f8ed7a8419c90ec2535e0eebd3cd56d9e3e41dd1511266c3f147525b110aa48ddfc495036cc25c82d", {0xffffffff, 0x5, 0x384c4150, 0x9, 0x5, 0x6, 0x0, 0x2}})
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000340)=@generic={&(0x7f0000000300)='./file0\x00', r3}, 0x18)
ioctl$FIONCLEX(r3, 0x5450)
r4 = socket$kcm(0x29, 0x7, 0x0)
ioctl$sock_ifreq(r4, 0x891d, &(0x7f0000000380)={'ipvlan1\x00', @ifru_addrs=@l2tp={0x2, 0x0, @multicast2, 0x2}})
sendmsg$kcm(r4, &(0x7f0000002cc0)={&(0x7f00000003c0)=@ethernet={0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x80, &(0x7f0000001740)=[{&(0x7f0000000440)="8523ef505fae718e4456d2", 0xb}, {&(0x7f0000000480)="3cdc858e8cef162a14a971779dcf1179c340c9584faf270f26772db49e778037132290405c1263ea5511c0df67076a2e025c50a8bf1d68a3bc17690c84df772591c6a981d9d8", 0x46}, {&(0x7f0000000500)="f4", 0x1}, {&(0x7f0000000540)="3615e1742712ea4f256198a1541f195c36c635e6c1aaef6fdb205212d9a7a26dc904f34b859deea3073d881d56cba8c49405e1b9d198fa4f606d6de95d44f750ac647af6f2a1b087268f9e", 0x4b}, {&(0x7f00000005c0)}, {&(0x7f0000000600)="350b2299f48904c0ab816c8d5704e1f0c086bc7422144bbef0c271ff03530fb79e5feee4b58d17e7eb993d9808fb0a0dc546b129763651d98751b9231a525aaed707d7f7a5e70c6c25b8aa16f68f8eabf93f002c966005437b7735457799d4b896c95ef37c076e51a2a10b48069324b2f66166e413b7b713d0ec56b6eb8ac03efc4576fc2b4fd2360af22bfa32ec46e281c4fc8aac9b24b8c4bc4453aa629c5ae7c6ad8e9cae2748ab72d57ec83cc8ad888fa22148e69799cc880b6d0c55c16c0c3cf2fc529de9f9ba9e922a10fa2cb3686eb86b0094523327587f3d026af9c327255665bce7", 0xe6}, {&(0x7f0000000700)="d84f5cef57bef396002fccc9151a982d4294301bac84a2ed244761fd8fc6fa", 0x1f}, {&(0x7f0000000740)="ae74a1acb5ce587c654506c1a34f832aae29e7f10725a0757ab0f781eafc319f871029bf4ecc1384a0f560d6f5e434ea74642ec33853a0613d0c2ebeea410d7c6e0cb7f7a8dc30e95171e75385fdac7f6d02e93c94345f502b425804f110bd31e558664a8d11682bcace8dbce19d0279b84c3752eb99f5c456f55a4d708b543a02cc515f3c78e486b9f1ae181904a5ca6cbbd9f7bc08038706886aad895c3a81b507a85d69516ad233b28cff86f61c0019d59a97e3f3c46b27afd4d5adc3e1317de4aa24d2e5d07dbc55a24d1009e115bfdeaf72aceb7b9048ac5ca7b51d7c6a401d6a7264f22982a70d7c05c9fddbf0b9687336351927c7d84da2ed03622e364ac167e39a83624c594c4db4289264fbe9c8d0d773eab51a2754b4e2e1f6615dd15096b0f6fa7026126953ffbf721a886b30d4bdc43086e51d9a45c04463cd912e6cb4da27b2499303ee93554d89710b7dadfe9d2db3fec9ddda75a7ff066a39d672e4dafc1bf1d3723f8e17f5b382bc3439671ee9ec004ce058e674a77bdb9a81b3574517314a1f3a8d4734d4c145785455270037444fdb2ca0fe1a3ed2afbcc1fb4a84f0fb09301d668eae2801927ff84edb61f332af5e4e3a20dda128026506adfa4d8d455aa97edf66e7a5991a981d07a5e821175ccda90c28d8580334db48ac2592f470e7063de4d0146b7262d014a2b9c5592b9fb81f5535c5b03bd25ab8f63121bfc5bc490fbee43cba8b6d9c42a082d3efd7765f9ff735476fc7248f0ce4f4843fe1a3201abca7e8093a759f5f3b4a5ad71b51d6e3facaad1e98c27778c3eec853c55f53ae33b5ddee86f8feaddbf057c74cfaab9092b58d19f453207f1e5ab36c8630640fe49b19f682301862bd63ecff9d916b846ac17814275309cd5ef8b6eafd71a042402edb58db654fffaf768f98b893882b694b3275e13eb3850b4dcfdd672da14d13f48318ea511cbfab37dfb9504c3473766a7fbee63378d85f9969725c5d7a2cdcf7017ba3a2bab13e00e5e68309b09fd92cd773fad41d646e67e160059d16be572542ddfdcda09722a3e19af8f8ee8fa8915a71a6f417d7bdff2216c4fdd36aab54bcbccd3bec2f538d15148431e4f9e39492ff9bbdeb80edc554b9c05433b44145455050dde46dbb56a16fbb72eccd77635c0686a4b5bccaadaf4c019ef8e4600093aafa887ce0ecfa24e27b8c38a15120b8401cbc42bf14be8bdb299954f7de47de207eef3ce850f6cd9e21a058b8c3c67d0f58df0269f96d59e770c3a4d4d76981eb2fafbe39a21bbde670e38e3b8701733f266d94bbb48a9e42e24b9676bebe99bce7edbb6184a97a82dc310b7bc3bbf4898224288ea38534faab24bf74018d603240a267b1407e825573a93ed212519e7c563e246d0983181631a2433ee70d0198b97328738b6f9e25b0e1c9b7bc7163148cba8f9ce1a794dda32916541d57ba5b0326ec66b31ef355c6224c0d8a89f6e5be32429929a01b5a6f2eb0c45fcb392c1a33daf226d6e66c158dfd40dc1a9d49842c2691934d4b1257c2b0d09e8ccecf6856b958768f07dbecb9bd4e1925b0ce7c544173120db9e99fc59cf7868dda44adb9ffe342e7ae625288384b2c25b7a5450dfc20ddd536ae4242bb145fabd0b785f73f3eb45345753847a79e9f858719ada62782286b6f8246c491c1f065eff937241a6fab0c51eb3c8ddc292c4cd88d0f076cd9bb381500b34040ef17ddb176ba9b87e5f29085d18c16a829367aa287864a70c6a9f6687fc613eb7e00eeaa7ae2a63ed4e4981cd0a9b9cdad891983e2d76cf833c05a4d0653512fdcab3f894e66a9793bd4c060e529d89c8cbf9c16a08e7bfe4cff1c914fb2404f28058c059a8778e481990f879e641fce89f0373f34003798495a0736eb092b4c55651ff89b1725c3483574e7430a45515961f8fe75c37f2e765899a5cbd9bf2468a3d5e17e0a6984940027223e1b84be808b188d76019839eda897a06eb7853d7a91727507832a7bb7777e44f1202e0f3377bcb1575c3bb309ec64a04713312b079f322f81a12a87147c4c4eeb0f7f65e3e2a9a50cb679e42f2d36e77b849184bb700a6d567d4befbdd088d636a10bf904b695ed0956bc0580534c77f69530eb8093b766d136458412e267ddd962554f7380732dd1e87661f35e83dbfe1c40308b6c23d56ad092ce7ddc3bdd29385ecdf2979fc90c728e381dc108bb0b09e94c9e1a1fce5643f62d3fca827204f9f112617aa3095bd8ace6ed05b225b840a85db596f1cff8a728ab23b9f92de7cdd3e208c6c9338555a6c1a5efc9528b6c219a6eb01c54029bb0e6e2954cee6cee25cdaff299bb9fb14d02ae351c82916dcb481e4bc544a7aadc8b60c38e03b6fbb5c619952ebbfa34a9bb0e05c2919bb4d1feadbf468b1aae15942998f33f8c01d07f452d4f01acd6e29d9a213535edb0ab77eb70bded53c5b65d2617dc993904bddcb1e027b0b264796ccc92063719785c1f58af874d720195fabad499c1af3d3ccf8b051bd013775ec7ac7e51ea249ef41740d9706d64f602e50dffb06e188bf9695dd844b1e5713d6c89b5f13c906a794ee5d0491683a8f9742aad47da4722b2138219bca654a1b3bcd73633013918e4701350241dec021780cb862283cf720e55e7cf19d4a665a05c6b7e06008039fcaf8e485017992ecfe2956550ae7c6409ae590bc6bce37e9afce6ff279ca1ac3d4ed23cf733431895cf9cbdbcbbe7b13b5538558bfa44df4226e667fa7a0de1470a2b388dc9d21ff8f2f083ec069ce1062a60a6bebb4e9adc8cecc33ebf184b2539231b0ece0c155a779ec1437451716f2c0203fd33efecffa305bdb84a50bf41386d23562f33dddf31e34bd7f85847878f971561dea9aeb49fe61e74e0d5e069446ebd359c713eff7243f8cc3dfaa403d7f9e97e7c23deda321344e62cf3a910b4da67459a2e3161fa3c118c28dd9c637d047abd536d3fad7ac777243d70770e33a6397f8ddd9925c69e3e140d648e6758f0867df50662630adf4e6120a010a399c10ba584a439331d38a65b2f38de06ef472e125d8a2867eca39e215cb865b0a7c979da1dffd9abd9c668712b9592bf9fc87545530ceffe83d44ee375fc8f0ff1ec2a2584a26c8a66dfdf94e148e0c450d0f46c121f79e19de2bad57873bd7b75da7cfac057ff80bf2238b1abad3e18d42bbcd6ae7f5a1808adba44d4e11cb98d77c847a5decc785f6794c16e4505855bcd9cdf5164dd98ed36a6dd73ac2946354fdea17b8cbf42de38da5d00e1a660ae71bebfe27354db9994792ebaeea61bee48b6d7d242da3b0149efdd2030b085c1950217f8fea89d2e8c4248a5a039bbbc2d8bc83054033a674f6138d37bac479a39c10a93053c61d244f02838ab58a5a73160f4e1eb084870098fbd79ac9979007205bc8bf5e1a6bcd32ae2ec99b22cecbf91459505849c9199ea79687f6b7833c185202ebeb396820ffa69ab437902d2efed9331552370ca09f7d1b3e80ae4f6c106ffcbe942c8f6e4e5e0151a44905399210c0641ee5b7703326951dc7c6bd580a139dd3ff1fb66be49d45258eb8cea1023f019c61429b4c669762b851d72f2e203c28c8420f25ec7610fce508d0fb1945a66b2705cd0897123ac7954b353a7dc0d9af015694b2fa17799764b07df83c9808cccf7cdcc795bd7ed7f2c5dd21df245eac7bf427d41bf013a2ddf71e8f3e5ec324bd5deda8179643ba0ed28c953d18f6a71de09a22085c3410eb4e5f1b5576e5e7bd105afa4cb102e22dcae309f91b0dd17c0c63b5cb5efbbb022bd4e5467b7a0ebbc56dce2ce5f53c088fd2f31677ce5b2d5b2fe6409bd28e9e08e9e1f6d4013fdc8e47935c12307ce39abd1f3596ce39994b82d4f186b1871c38ba4a601678aa4051d60019d3f1419f42133d882ab7f962ea8dafe15248f21b68d24344e5abe38b7eacbc2ce307469e5178a55605676fd08c598fe03a9df72bb950e5e1d078764f80f86d13e5c4357af15dee0a6016d852b52f9b243469c1f36cf292e24d6cef1ef96286d67532247b464dc0b409f2e0b260fd67934a0accf9ce5ea49e63aebc99337a2e5d580707f3264cdb590c53d96296dcc112857d7e7ca335e1931720bf63121e8dbfae3c423b4159362731751d1d0ac9e431dfacb1cc8f79d7856688220f2fbc7844b920fec61a87fe4577fb09f935a8469251704f4fa44b95dbd2fac39b50f1a4ec54191a4962828d7e177d3193a2ab7bd26e95cb227df5203534d4ecfa2dc2936dfd6e5c40b3c8c16abbef28086abda332c802baecb200ef369c741841acb3974e98e8d0e8c2fc0e5ba6f897dec4e6ddabc38dbb8e3e8ea7943f388cc21788fa2f5d55dc77d9f8bd0651dd370a7c1066bb61e715e9c3f687701b207ae7487c9fce5ac98789ca2a4a9cf5db40de3eafce6b63ca67a32414fed2f31b9f42050c49de3abcb32ec0fd8cd4da8c670ea85966946e54fc00d42166110f678adf2f9f63d34d5d02b9b1ddb3a27cb63215f7c508a52945a102a94985de200e3489f9c26fa1b0b7af7799a158fbe412f4162703d868685c0ef5e499c65d089cb857e6edbfecd60b8f11cc3978bec27a18b435830a0110750468987dd804640f3a41fe9ce82ce540c3961577fe4b331650f95dd38df269b8708825a91f4ce4ca9aed6638ea8927f40b3abfa52756f4e791637192f423211786e9c2b4f2e25ce6d526265832efec4071563b5db43e6268d1d854ec8a80d0d47205321458d37efc1d88e08c3a3aacb38657fd017ea23814836564e86df2074cd4e06c0d7f3048e966cf8aeadcb172ba68b92bd97af44a62ec1bab84fc847c21d87c7fb6df6d5d40cbf7f7057d5c68a3cfed5eb22bc627d7ca400ecac3a84d0f407fac44cff11f5bd52b787eab8dd75db0f74069fd8fd100b0a5876165b9ac7da16dd64e4fccaa90ac27905551307f605f3542bff2d2a0d20f4f24a7f0355a44882257bddc9fef71ed2ac2b332a84d62b045b1de951979711c351bd2cec7d9970d530fed0d54c3551570b5d6284713687e8b1013ee8737eeb3d085bccb4c097733af764580fa51c882f265167f584c4b60e96c40230a5f9e8a77c1a22aa185a762ef5b6b82e9135f530f9af85a77ef3d2525ddf38f14b296f4884683bef23d67a03868dc381b26405630190c3706dae835a7ec7a592628e0c82ba65896904f3e48a747c37daa3cc724f3a495a459da4899b2653cbd313a845b48185db0ef438e8d83e3e62246f6a2bf02bc9e891e61c4991a99f6e1c5dc603a13db46ea0f584ef0e50c4f4ce09b6052c5b1d13f90666fac726b53132a49019f448106e9cf856b713356a8d1023a2bb12eee988b4d825cfe4a000b6049561187d4ffcb586bfdee65698f47acb517be0b16077b848f7f790ea70468e8e177c77b4c748e3e90a3225e5324e660e713f0469abe4599914788990fe8fef443746a7cb8856f279fdd50a3f9573454971999d07904b9cf1ff2593d885759b6b60f7448b0e328eac4306fc54aceed3073df5d846ab1210ce6f648a25fed90333d02c7b3c7c31d3f582e61c2085cef5cb60cfe06fe83e93872e0b0847404fc01d0131eaf89e02f16853e5c4dcbd6ce103c2d581d3bc442986d92c9d68a8552986a5b8a0813fb2a80906b46b4f51819272aaf432fb4fea8085cc9b1082cbe87338743877bfe4aae55abb23edc1c293ab0606b1509965a0e6352634558cfe5827f08da046bbfe9a240c84cd2dcaa8ec00c7f952b3d00539b593fc9aed5b5d38cd77dc5d86392776d252", 0x1000}], 0x8, &(0x7f00000017c0)=[{0x100, 0xff, 0x24, "e010257911327b911b9233f7b42be8af3e5dfbae0cdb58ed3b551953f7bb81764f28da665d7fc5dce1825defc5bd37198b70fbc4d6564ae7a1b14e4fe871b600e2caefad56ebd646862932e1a177c6d166e39f828a56e9a84f585ba18ee42758b938f4b2e588ff9bc448765d890be8ace1a43afefef87d5152f761e3a723aa705c253721bbf55e2d2d321d053cf8344d5d532f24f66cd7dbebaa1ba211022216b78a0fea16f613f500b777ed60d8548578b02684fe02c31604e788b2093fef83fe45bf14158e67bfaf4c65d11f41aeda6d0e0d93ca617c965ab8907284e72b0b29ce5fd66a17085e8efdf3"}, {0x30, 0x117, 0x5, "5107d62de289e1563b70d8b8099934237f87e7e95216870228b9534297235b"}, {0x50, 0x104, 0x1, "dfc1d50e429cafc2e0ed4f54d26850ad424054367f735ad74b1758c234be677d052e111c5a6b0b64e5626319661697cc5ac03208b022fbbcf948868a"}, {0x90, 0x84, 0x5, "9a20eff624e3f8805d242dc4788a262ad27034624f07a826fce7d1757dc0739a64de4896826f1535d0ed76587ae4108ffd9b220578c9174dc6a3b1e7792efef99fa70866e798d3e4f8a4fcd3aa94b80cc273c4e1265f2bf45f829181f866d3be20c447eedf26b4faa74268c3227c81f69229943120211549c888"}, {0x110, 0x10b, 0x6, "3ad0242cf132bf941db058fd89b352c1f843db05f9a646276e742792897c0fa5a26d8b3c962bfca6cb5cc8cf868e9839eb7c27e85ddf88982321b30b8fd03f7b92a3bb0549638f02d9ea88af8ada400224d8a206413edb4291dcab274f2774defb5c343acf15001f89a8c14ebd1d84a20b1f33f2b73ad15881c254774d15dbb9814708aeab5038459d80796a68d676084a1c9f79f7ad4d072bd509eb06b3f3915115c4df408758cc395316be81068f97e66ae0cc36b2b86605d0cfe7d683c554e61a41de1e2d8751690484e7a1ee006408767cfa3cb2dcf1858f1db7a786bc3b3eaf6a14a04127cb7ff75e511073bba9d2864a5f6b0368a0e4de72"}, {0x1010, 0x10d, 0x1, "36306c22c0cfd2cd699d4cd34643a8bccf7e34a76bf28a6acaae591b308a71576cac6c77eaa98e639757abac7bc09470bbbae0eb2f8e36dbfe0a0bbed6c2caee952bee8330a1ea89d0ed178be7107232eed94302910d18d734f3a94b7cb0582a8480b12db3fe7d0afebf5297a413881f9a53ad284935a66f9b2a0d48ed46fad1f4b46661971682ec7fdb6283e76f805e7be24c425957b72b49719bc9e2ba4ce3cc7a85ad54025f752750b892ca0e51a3b23845b8fb20e51ff6ad7d363b8d69ba6888018dc92f5c0e5831ac1652b9681cfbef7b7e1f0790e5244800f7d91f6a77547babb9ef28dbe80c42e6d667fc72b7a48bf391c32f59093e18e8bc1a4ce25be385f46d6f7b45c4d57a4fa9e1ed480c55642e66c267d739b4017130cbeb3f7b6763374069dfb76b912ada4e7bb21bf34fd37f2b97aff17d43bd0ca654bd285893383bd77d582267fb201f54865ec9d6654c14e26b52efe5c3a012447c1ad006509f31408b4560d9d077cfae4423f78098f8a844b72f0e22ac6c4b8f2dd00f2feaf61b7cafd7cedf5b1752f5a5ccce92f5166871f06756fd7f239667cc4bfe8338666bfccc3398ba4f2113a10a20958e74a926adfc7b773e708384f262df0e702d5bf9937619a4882a15e170ee765ec23c2bdd79dbdf0b158f9f3a5ac2a3f2aeba7b68e5e6f57e992f40e779ee866d71a22a8497c0a21b6d392107c516ef543ef1f8a1b112c9bff0efa9f9b5f3cd044861b455db43f34099abefbb2dc70e74997659e91507b0683b412b7e6b6d7ec73001f681eee7f09bf2a94195eeefbddae6724632d03c0a6b9b50ca086c125726c93d71aa1bfa3cb4d49e573a69eaab3a0006d16fd5b23d1f59820f73598724d79f8584469c3216b02b872993ff39b67a632c056f92ed4593a57a5819c64fc241cbeacbe14a0ae6b2cde967d528b870ba64bde4999812daf026ea96ae7e783e7eed5c7b68fc0ae50bccaef96c8f51634b190f25d7d9ac798675fdc31a2905ebffa9c3db8442c91c893fb2375dceb6e8475376a28c758f5dcc8af0f12222c942016d9007bdc23d9e21c70aca0aca333a6939ec28d7d8991f1842bdf2b4d2d46792077736b19dd1f8e8b59e6ddf34425c876dd163411e0b9f0198cb57060ee6302b6f88f1d8081d98958d834122578bd7f51cacadb07016c3d8a8359017fceb61747f7165d7f5ff9514a9b3388622b8f4b3094e31de19964000894fed011b5632b88f653437313d8a77d45bf4403f44c7a03e03bcc5b07be981415562780eb254a9c937ac310741dfc3d66387ff6d84781ad40326a35ea32d4eaeed09bb5c86824720b0d2c705ea02c0b4c6fddb2b984845ce8c8ebbf3426abedb437da8b1b248e4e412b76a8e09ba9c33e1495248fa151aea9fdf57341a97fbe557042d039b857a3d69de147ddde55a4bae8759ef6ec8c639d3fb038af6d55871e81d6b15ebc9c9dee312d6d354115d89c642e516b2e3d7c06270ca27b6768013ca7fdeceaaa11ec498afdc1cfe16b5913706b1c8b1d8dee5eaf1d7bffe9b31c5ce6bbb11def849984730447012323112c93d562deb40a065771317eabebe850452aded7af0bd3c15bda30d210dd6daac790b1bc92acacc2ee94e493fe1a5c6b8ffd960adbd0cf8a23484aaada017dc2b82ea5167cc8d3b1c10697c6d11ad7a13a06bf311c5aa425745ad419e9b5801ec062872a608c1824df11fa87a430a5b43c33a56624f70e7ca52d32bee09f2964605d67de1672cac11e9814a58d49c5f178bfa0fa20a3be105b68129621acd65e54c2d2de67456ea382203772757cd0c45e25d06d12eecb523b53bf80d6f02a1066a55acbd7836e2d804baec824dda865b4ce16ceb01b18c9b9be7b393433fb6324b284e94b6f2f4956725246c7acaa1a6835a297b0bb3466feca8b3145d1f623b90d836ef4c483235c01e09de902a75ef057d0f2a947e47179b29b0e8e3a773237132e230d6772b0e78ffc219c10f6fa603801901f9553a5420c25766d777324afa2230eb85b329a44fe4f4c17078bf11bc99e73cc9400cac82e85e7c0225562e4c278eac0579b4908923c7d7de9ce250da0744c9d9c050e8812951e505badeb63704799a2af0aeeb861883a6d88b34eba87de5303511f6e3bd1a898c379773c39e8b67941b2510e42b59e0cc8f687b52ee0889b368bb769b0bea0861291781d242bd889f1973ba41b1712f3a782edde58412065f065d1af5906e49f53dea0e68a59f2967001c9b2c7af31bcd2b3f240d37792ce91a31305e737ba20151d516502ddc4a9743d1ed196af033aaeab5914a58fced21b81526154797f25defeeb43b32ea94c10d6c3faa886550675f63bb3ea34f008cd2f53cc3bd551cc03077a0a7adb449cbdad83a2545f8815602093d00b6b5330fe4ce4b70d5945507f4a28b894f12c7d27d6aa584c099d31d3a8729a9dc3aa17e69428e71349745d4aeb8485c5bf6d16e94a5ef3a37cb69338bcb72de9097b136a62292e26f31c524beb4b7b6d6f9e5b1bd702d064c3a889a39b2ab142e929c2d3e5d7c55926cf77c249155827b61ae9174eb0868bbb3644c6c855b450c9820d80f013d0d14dc5f392d0e75e3bc01f46e8cb36e0477dac61d919c019962b54134a2e22151aea455359b9025703b645fa040046a5262eaa2f9cf5e1af8ad34ae7883f9f4a35563fda2ac8cbbfba005b966579bee2bd033194038764a001d9fd596739a08da913bf993a616960667f2e4b77fc78aa3e9e1c1968bd11d2302d630547f214727cdf90dde766444cdd9eca4805716030c8ede72e532699290065e3d5b51c48241ad7182b6c5aeab9bdbbe6a78f695500771f7b007e41e5f4bdc75f7cac3cef910fc8f3241aabe166d00c08237e9cfc7e2c763f3369d7dc67350bd36aff1ca1dafeeabb68ac08fe1f73bbd3ea2a6f2ed06795a44d51807e2308abf2a8852c5d38a920c9969064a3c924986334ac8bdecc325988338c461f91d61a132297f82972c1f0066feb50560a025ca495c59b2c74caa8e71e59e17e31479c418c75cb69f753c6b4ccc1151305db635d3c8eb3e3aa614849e76d18a713f0ea665c0c372907f9a1929562a46deef9f4606d6b30fc683cead0924d3cb24cd8094dcffe9b026fd1f8be2136ba1214b004c6d73266d3bb21700a3f79307af9dcac70d5d967e2c4ba3813c62d4e6a4c47a9b204ac8906f0aa7fdd8e11980ed4febdc4b3d6d32580e5c8db8e07e84c60c002541d2a2fef33f087de5344ae8bfcc2234d06705353f9c771c6be7d828061586178fb319974fde48c1c8f112e939bd31dd3ba8e43564229dbf2ff38e60633e265b2dbe2d41000a56fb3f24357928cc29fbbcd96d5ba05bf5ebbc41ed7c18d0174653f09aad88e366a79a9fb160198f33c1f887b9d50859b9a20a9676f3995e7527568db2651e5a28a1b7b8526c963df6d70de2c9294b4f8274bdcb84466d2e410215f173317707596137bbf32be040a4e17aa9b8d461742723e3a5b4f83c5f32df351c04530388e8c185b271859acf7fafc5f16c1b11901515a350844f034fa2832d65f884a9fc7fbdc174d81ee6c164503194e5d16b0046a0917ff7b0875541d094cb04f7d642ef1d2343b29ba8c8e2307ac1f4ea25c138155c5b998fb698b9c7b4277d0941ce7aea029d506bb80d74c373e1779cd9fd4fca778da0be85147c9b56323d353cd6194dc61312eeac3fb31e26f18d2751fd99893deae34be6288dac33a6a9343e67bfe82159bfb4f0688d4df644bab75c778f1c315a2f9257554c72639e7aa7db82b4fe77239d5924241ea0afa85385efb067c20abd038effe0c32921d69fb6ed71e805ad822c7e63cecf732c95740a5e9607c05fedc053cc050bed3dd45c7f210b03990981bc980db5234aa691d2a4c840f4358e9703a1e350045277b02fa7c12514b38c74dbf68e12f60844f1d889034416a813ebbbb70d86086a26e4a3ab5439ad50c4654b1b7e07e91ed07d7b2af5f5cdd2308ee4d4e6a91550a4a12f2f9c3dc1dc0def63482c805fc7244aa5a955e54fb64cd683f53033a8950e3c71e7a680fb28ac910e8d0d71f1c7d9c36596449863d12e4598d8faad65f5f1c8ef81665a7b7fbe87d2a218085d5d1339dce9d0b5842acffa82c6c976801d0010dc0a96a539570e444468508832881a48d3dfc97941e3f1068400974a7f4c5fdde9539046aca6e740362b5b28dc80028f324012e25ca5479aff444f7b152263c742fceec43ea260114dd9e2ffc70375f7aa64d9dbae0d2f807556f782dd79d859f6f1fff1e1abeee00399dfd927123441da7bf7439ad27f11bb4824d0140bf9b72250915da54e6407179bf8b2678314dfb9041f7c5d90f6795e887bb0e61e3ad4d17eb3deb75284a1147ea36658da4111bc40bfb153652c913f6698cf048d2d1dcf4fa6d5a2112b25f46ab69484da29f30ddce7ed208ca8a44296e24f418592ddba3bd834b68614e1e140a1dcdee0b7e5b315429e6fd7db5716883ad2d0118591421eb74b9f86c81f653bd43e3af3fe78acb507e570b0e5ae02ca7dcd2489ba587e10b5e2c608f603f431404a69a53ded053b502acfe990ca8b1d54e9d50f27acc370a7d2ca7dff064eefaddcc80c671e7f9f747de16ffd90a3a52e2f712ba2ef9e86e68dd92531ccd9997a15238d222bdfe6a266b4ec69f16f027aa30249e9d4f7c7ece0494755ac901f17f44341a06dc281e6981e053b245be4a103a0a557705fdb1022156612b2126b3d9ffb8daf0d7899bea71346e98843f8cfa8b8cf8b71b87d66d465dfd90787cd788ed7487e06a6d393bd7eb6fde6dc02f0bfffabbfcc9f6215953de5f2f4c0c09dcc6d11030e08b031a607e615f9b5c8e9b62d8381e7144f52047b7dc73ea042089a99f45b2a3b98030701ec5d4c15956e7dd349306f5f5236020e1d42f43b103b6f95fd4c1fefc3a918b4f54d8fdcefdea5405a6e2d6e6b96ccaa8d71626ca425b146e948039593252cfd9a7881cd18662df9c91c44281545add5efb441f9f42e61b78c7476cf68ff2870cb2cb5cd70e4fa61836b0b7e6f2c4f0c9b2ca01cca2b562405d81b140aa9498591e254f0df9a2d17a708e26ab045243b7f1689fd3ee36807159c01d538b6be3045e6870909ee1b19d4e6a6fe778b9f520126ed2123d1f6bbed1065ecb0c100a6e4f09450ac9d8d99d0ffa1563731390be2be1481d5b55842138a78d1bede7226345f507c3b7184eaa8e6d48cbb8ee9f98c882a78592e41916e943d27d301a669a70e06a538110d27c7122b7ae26da6192d1152b6cc2af357fd3c3d4c4740578fb7c1858a1e5f7df528db075bc8f75f9fc9d62fcf7dccbd85f83f2142b00a06a385e587eba776f5c3cb7a8b214ddfc5b3c5baddbca156a021f742c8f92ffbb55ebb9db60c77c252ea72e5f386844bc53067ce21e60dbb4d9f9f707047cf9afc389c65b8bd71b401664bb19b8bbcdc73c7849830439ebb62397fc58782de2e2694380fba2e2c6d5593a9053b87bcc590e46112c021841e11a83bffc58ca1dd3f8cbcf296f09cc6d340a4c2072dd9900b48fc9180b368a0e1cf393ec1223dd04f3e460619f923d855fe9a84e953e1e1f4d938e671bbb9da6d129ab55e6e4a62a12fe314cb224702e6111ddf4dbb8ea8678543af96d41dc6e955a5cdb8fe0d9feb5c1613ee54a78b299e16c9dba061dc7e3c81ab824528eacd8ff836e3b78d6efe46b5c28bf7b934f94007df537195b485836ac485caf44210ea1ef6b5242554e0b11011cf732b1e2ae95167a11b2f3209"}, {0xe8, 0x119, 0x5, "b6309dffba7ef6ab10c5b3fca70dccdedcdd9b448aa9ffd25ce323fbeaaf4e462fb1e9d90e3f056549a9ccb42c55c3ed9cc78c0315487a09af5c8e25e1071fd4a486e5365b1116df30067e809513477e35b8f0eadab85c0f601cf3ead918bfd612d622169c2a50825f4e95b788d71ca87267610ccf54cf0458dc8be06a9b9c5a210aa01239c0c0f07baad5f341f840b4d6f9eab5a356d136eff43ebed32183cbfd7c8f4e4c75d8ff4272ab5fb9544723f02f47aacd1b2b95c30a00ce3d298f9b9a7ed403b29cd227bdb7acd57575ccc29f467668"}, {0x18, 0x114, 0x7fff, "27723b1e2d9271"}, {0xa8, 0x10f, 0x4, "91cb6d0dc362c89b9d1e7627268fb3e95b86c1c1942539f726c5db7f2c3eed9dad8f3cc990adc628dc8239f4e72f0f8fe7e33fca6f31ea79d3d9e6c6653a70940e769c9fc81dc2069f4aedac6e1ebd1d987ceabfb3ff868071af7897c6faa658ef4c159e2a32fdecec541d2005838e4dd0b5298740701a80151d59368ab44b93ee4aea9a345b94201ab0cf364e5f9e87a08ef644de0ffe"}], 0x14d8}, 0x8001)
msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x6)
ioctl$VIDIOC_G_CROP(r3, 0xc014563b, &(0x7f0000002d00)={0x4, {0x40, 0xd9e3, 0xbd, 0x5}})
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f0000002d40)={0x0, 0x0, {0x800, 0x80000000, 0x3016, 0x9, 0x7, 0x6, 0x2}})
r5 = syz_open_dev$sndpcmp(&(0x7f0000002dc0), 0x3, 0x2000)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r5, 0xc0984124, &(0x7f0000002e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
ioctl$VIDIOC_QUERYSTD(r3, 0x8008563f, &(0x7f0000002ec0))
getsockname(r4, &(0x7f0000002f00)=@generic, &(0x7f0000002f80)=0x80)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000002fc0)={'wlan1\x00'})
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
pidfd_send_signal(r2, 0xa, &(0x7f0000003000)={0x2c, 0xb, 0x3}, 0x0)
r6 = socket$pptp(0x18, 0x1, 0x2)
splice(0xffffffffffffffff, &(0x7f0000003080)=0x8, r6, &(0x7f00000030c0)=0x7fffffff, 0x4d, 0x1)
ioctl$sock_SIOCGIFBR(r3, 0x8940, &(0x7f00000031c0)=@get={0x1, &(0x7f0000003100)=""/159, 0x20d})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r3, 0xc040564a, &(0x7f0000003200)={0xffffffff, 0x0, 0x1010, 0x6, 0x7d0b, 0x9, 0x4})
ioctl$PTP_SYS_OFFSET(r3, 0x43403d05, &(0x7f0000003240)={0x11})
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r2, 0x111, 0x3, 0x0, 0x4)
ioctl$VIDIOC_G_CROP(r3, 0xc014563b, &(0x7f0000003580)={0x2, {0xfffffff7, 0x7fff, 0x7, 0x385}})
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000035c0)={'wlan0\x00'})
ptrace$pokeuser(0x6, 0x0, 0x1, 0xe46)

38.881410053s ago: executing program 6 (id=2182):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/crypto\x00', 0x0, 0x0)
userfaultfd(0x80001)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @typedef={0x3, 0x0, 0x0, 0x8, 0x3}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}, @volatile={0x0, 0x0, 0x0, 0xa, 0xffffffff}]}, {0x0, [0x2e, 0x61, 0x61]}}, 0x0, 0x51}, 0x28)
r4 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x0, 0x40, 0x28}, 0x18)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, r3, 0x3, 0x3, 0x2}, 0x50)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0x20001}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000380)={0x7fffffff, <r8=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0x13, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0x4, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0xbb, &(0x7f0000000540)=""/187, 0x41100, 0x2b, '\x00', r7, @fallback=0x4, r3, 0x8, &(0x7f0000000200)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x0, 0xb, 0x6, 0x200}, 0x10, r8, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000680)=[{0x1, 0x2, 0x5, 0x2}, {0x4, 0x1, 0xc, 0xa}, {0x9, 0x2, 0x6, 0x2}, {0x5, 0x3, 0xb, 0x7}, {0x0, 0x3, 0xa, 0x8}], 0x10, 0xe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1c, 0x19, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@exit, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @ldst={0x0, 0x3, 0x1, 0x4, 0x5, 0x5638d467adbd282d, 0x10}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x73, &(0x7f0000000200)=""/115, 0x41000, 0x68, '\x00', 0x0, @fallback=0x1f, r0, 0x8, &(0x7f0000000140)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0x2, 0xfffffffa, 0x1c}, 0x10, r8, r0, 0x1, &(0x7f0000000300)=[r0, r0, r0, r2, r0, r0, r0], &(0x7f0000000340)=[{0x2, 0x3, 0xb, 0x4}], 0x10, 0xfffffffb}, 0x94)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000203030100000000000000000400000a0800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x2000c010)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r10, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

37.976600135s ago: executing program 6 (id=2189):
mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x4, &(0x7f0000000600)=@framed={{}, [@ldst={0x1, 0x1, 0x3, 0x4801e328b66c8e20, 0xa, 0x40}]}, &(0x7f0000000300)='GPL\x00', 0x8, 0xfe8, &(0x7f0000001e00)=""/4072}, 0x94) (fail_nth: 5)

37.153312939s ago: executing program 6 (id=2190):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000100)=ANY=[@ANYRES8=r0, @ANYRESHEX=r1], 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1, 0x1}}, 0x40)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x20, 0x10012, r1, 0xf2)

34.02557188s ago: executing program 6 (id=2203):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x503800, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000005e00679a36b201123e7701ffc4"], 0x1c}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sync()
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket(0x2, 0x1, 0x0)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCCONS(r3, 0x541d)
r4 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r5, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
setsockopt(r2, 0x6, 0x8, &(0x7f0000000040)="fb9f0f7d", 0x4)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000004c0)={[0x81, 0x3, 0x9, 0x802, 0x7ffc, 0xa, 0x120000, 0x9, 0x1, 0x5, 0x8000000000000001, 0x1, 0x0, 0xfe, 0x4, 0x1], 0x4000, 0x1906a2})
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000100)=@x86={0x6, 0x2, 0x10, 0x0, 0x1000a, 0x7, 0x2, 0x9, 0x1, 0x51, 0x0, 0x8, 0x0, 0x4, 0x10, 0xff, 0xb, 0x11, 0x7, '\x00', 0x6, 0x4080000000000005})
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000040)=0x3)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

18.569694263s ago: executing program 34 (id=2203):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x503800, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000005e00679a36b201123e7701ffc4"], 0x1c}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sync()
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket(0x2, 0x1, 0x0)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCCONS(r3, 0x541d)
r4 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r5, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
setsockopt(r2, 0x6, 0x8, &(0x7f0000000040)="fb9f0f7d", 0x4)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000004c0)={[0x81, 0x3, 0x9, 0x802, 0x7ffc, 0xa, 0x120000, 0x9, 0x1, 0x5, 0x8000000000000001, 0x1, 0x0, 0xfe, 0x4, 0x1], 0x4000, 0x1906a2})
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000100)=@x86={0x6, 0x2, 0x10, 0x0, 0x1000a, 0x7, 0x2, 0x9, 0x1, 0x51, 0x0, 0x8, 0x0, 0x4, 0x10, 0xff, 0xb, 0x11, 0x7, '\x00', 0x6, 0x4080000000000005})
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000040)=0x3)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

10.207122527s ago: executing program 2 (id=2287):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000002300)='projid_map\x00')
read$FUSE(r1, &(0x7f00000000c0)={0x2020}, 0x2020)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_IOAS_COPY(r2, 0x3b83, &(0x7f0000000040)={0x28, 0x5, 0x0, 0x0, 0x3, 0xfffffffffffffffa, 0x3fff})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
syz_open_dev$vcsn(&(0x7f0000000000), 0x50, 0x400000)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x200000000000000, 0x4, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
r5 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000002200), 0x105200, 0x0)
accept4$packet(r5, &(0x7f0000002240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002280)=0x14, 0x80000)
close_range(r3, r4, 0x0)
sendto$inet(r1, &(0x7f0000000000), 0x0, 0x40, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000280)=ANY=[@ANYBLOB="00000108000021"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r7, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r8, r8, 0x0, 0x2000fb)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x0, 0x2, 0x0, 0x0)
preadv2(r6, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000180)={0x0, 0xc, 0x3, "3e1ae0"}, 0x0, 0x0})

9.484751969s ago: executing program 3 (id=2290):
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x1000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x10}, [@ldst={0x4}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xcb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = syz_usb_connect(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb9, 0x50, 0xb1, 0x40, 0x4e8, 0x662e, 0x9dcb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x71, 0x2, 0x2, 0x68, 0x8b, 0xef, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40, 0x0, 0x3d, 0x1}}]}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')

6.823482193s ago: executing program 3 (id=2295):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x9, &(0x7f0000000000), 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = fsopen(&(0x7f0000000100)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffa)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x408, 0x1)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

5.347094358s ago: executing program 3 (id=2297):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
close_range(r1, r2, 0x0)
r3 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000380)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
setresgid(0xee00, 0xee01, 0x0)
fchmodat(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0xe0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r5, 0xc0287c02, &(0x7f00000000c0)={0x80000000, &(0x7f00000002c0), &(0x7f0000000040)})
bind$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x2, 0x1000, @private2}, 0x1c)
syz_emit_ethernet(0x3e, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

4.547959191s ago: executing program 2 (id=2299):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000071a6fd9f0000000000040000000081", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$USBDEVFS_DISCSIGNAL(r0, 0x8010550e, &(0x7f0000000200)={0xf975, &(0x7f00000002c0)="0d31b246f9faced8a6174bb8677fa27d0c8ae1659e62d12c5603b7b6ea7fbe08685e5523758bcd42ef6c6bd5c35ddd5dcd0e06713f77c876b481f4e04444cc187c4aa5705c5609c1f2ae1842da1a99582f3c6a572de85b4d781693833548cab3ea2bd1b3e161ac831d6e6a450bd61b9975429f9929815eb44723566ed8587a0574048f1650666ad09976f0e74fbf2a35bdf23154928eb0d9929ea588576d64f559db70f85880d0e692aaa439"})
r3 = socket(0xa, 0x3, 0xff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000c00000/0x400000)=nil)
close(0x4)
setsockopt$inet6_int(r3, 0x29, 0x5, &(0x7f0000000040)=0xfffffff9, 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)
recvmmsg(r3, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/20, 0x14}, 0x7}], 0x4000000000000d4, 0x102, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r6, @ANYBLOB="010028bd7000fbdbdf080500000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x40010}, 0x4040140)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100))
open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
syz_usb_connect(0x3, 0x38, &(0x7f0000001880)={{0x12, 0x1, 0x250, 0x8e, 0x5a, 0xe4, 0x10, 0x424, 0xc001, 0xe20c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x26, 0x1, 0x8, 0x5, 0x80, 0x1, [{{0x9, 0x4, 0x22, 0x2, 0x2, 0x64, 0x5, 0x79, 0x3, [], [{{0x9, 0x5, 0x2, 0x0, 0x400, 0x0, 0x67, 0x9}}, {{0x9, 0x5, 0xd, 0xc, 0x200, 0x1, 0x92, 0x7, [@generic={0x2, 0xb}]}}]}}]}}]}}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0})

4.33058452s ago: executing program 3 (id=2300):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000600)='.\x00', 0x0, 0x11)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
r2 = dup2(r1, r0)
socketpair(0x23, 0x5, 0x0, &(0x7f0000000080))
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000200))
socket(0x10, 0x803, 0x0)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r4)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r5, 0xeb)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r4, 0x894b, 0x0)
close(0x3)
r6 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r6, 0x29, 0x19, &(0x7f0000000100)=0x1, 0x4)
syz_emit_ethernet(0x6e, &(0x7f00000001c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, 'z&-', 0x38, 0x3a, 0xfe, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x4fe, {0x2, 0x6, "081331", 0x3f6f, 0xff, 0x0, @mcast1, @loopback={0x30}, [@fragment={0x84, 0x0, 0xa, 0x0, 0x0, 0x7, 0x65}]}}}}}}}, 0x0)

4.026477335s ago: executing program 3 (id=2304):
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x1000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x10}, [@ldst={0x4}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xcb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
syz_usb_connect(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb9, 0x50, 0xb1, 0x40, 0x4e8, 0x662e, 0x9dcb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x71, 0x2, 0x2, 0x68, 0x8b, 0xef, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40, 0x0, 0x3d, 0x1}}]}}]}}]}}, 0x0)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')

2.869066001s ago: executing program 0 (id=2307):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x120000, 0x0)
ioctl$SNDCTL_DSP_RESET(r0, 0x5000, 0x0)
keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x80000})
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r2, 0x358, 0x800000000000)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

2.633556224s ago: executing program 4 (id=2309):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x28010)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', <r1=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f0000000580)={0x1d, r1}, 0x10, &(0x7f0000000080)={&(0x7f0000001680)=@canfd={{0x2, 0x0, 0x0, 0x1}, 0x21, 0x3, 0x0, 0x0, "4b00da3a929a667d4dc30a7b0a4e06bcae7553ee9e66da75901b8620076714f79c9b8de6b3079729ab66cd7972b74a339533e93505e6aa5e8ca5b3f52ad00d57"}, 0x48}, 0x2, 0x0, 0x0, 0x2472ca9aa3d5954b}, 0x10044009) (fail_nth: 4)

2.633146075s ago: executing program 0 (id=2310):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4) (async, rerun: 64)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xfffffffe, @empty, 0x5e}, 0x1c) (async, rerun: 64)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_open_procfs(r1, &(0x7f0000000000)='attr/keycreate\x00') (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x3)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x14e22, 0xfffffff8, @ipv4}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0) (async, rerun: 32)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) (rerun: 32)
listen(r5, 0xa7ba) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
listen(r4, 0x0) (async, rerun: 64)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 64)
listen(r6, 0x0) (async)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0) (async)
socket$netlink(0x10, 0x3, 0x8000000004)
r8 = socket$inet(0xa, 0x801, 0x84)
listen(r8, 0x8)
r9 = socket$inet(0xa, 0x801, 0x84)
listen(r9, 0xfffffffd) (async)
r10 = socket$inet(0xa, 0x5, 0x84)
listen(r10, 0x8)
r11 = socket$inet(0xa, 0x801, 0x84)
listen(r11, 0x8) (async, rerun: 64)
socket$inet6(0xa, 0x1, 0x8010000000000084) (rerun: 64)

2.568003379s ago: executing program 4 (id=2311):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r4, &(0x7f0000001040)={0x27, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, "d92984bd1ca44c226af5160e961711a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000000200000000001900", 0x3f}, 0x60)
sendto(r4, 0x0, 0x0, 0x0, 0x0, 0x0)

2.552291923s ago: executing program 3 (id=2312):
pipe(&(0x7f0000000740))
socket$xdp(0x2c, 0x3, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$key(0xf, 0x3, 0x2)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x33)
socket$packet(0x11, 0x3, 0x300)
creat(&(0x7f0000000140)='./file0\x00', 0x18a)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708"], 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012})
dup(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, 0x0)

2.401488967s ago: executing program 0 (id=2313):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @ioapic={0x10000, 0x5fa, 0x8, 0x1ff, 0x0, [{0x6d, 0x6, 0x9, '\x00', 0xa}, {0x6, 0x19, 0x72, '\x00', 0x3}, {0x0, 0xfe, 0x9, '\x00', 0x40}, {0x81, 0x3, 0x8, '\x00', 0x5}, {0xb, 0x6, 0x7f, '\x00', 0x5c}, {0x0, 0x4, 0x6, '\x00', 0x8}, {0x6, 0x6, 0x8, '\x00', 0xa}, {0xd, 0x7, 0xb, '\x00', 0x9}, {0x2, 0x9, 0x0, '\x00', 0x9}, {0x7, 0x5, 0x0, '\x00', 0x6}, {0x40, 0x3, 0x2, '\x00', 0x1}, {0x8, 0x4, 0x19, '\x00', 0xff}, {0x1, 0x86, 0xc, '\x00', 0xfb}, {0x5, 0x4f}, {0x6, 0x4, 0x96, '\x00', 0x3}, {0xb, 0x0, 0x7, '\x00', 0x7f}, {0x10, 0x5, 0x1, '\x00', 0x3}, {0x68, 0x3, 0x2, '\x00', 0x3}, {0x5, 0x9e, 0xc0, '\x00', 0x2}, {0x3a, 0x4c, 0xa, '\x00', 0x3}, {0x7, 0x1, 0x0, '\x00', 0x1}, {0x3, 0x0, 0x6, '\x00', 0x6}, {0x93, 0x4, 0x4, '\x00', 0xe9}, {0x3, 0x7f, 0xdf, '\x00', 0x47}]}})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000780)={@in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x0, 0x0, 0x21, 0x0, "a386bcb957f6ee650a88e8065cb3b0852da5b6b12cf609fdffffff0f392be7124f3883ab73ec229f5fab90b052c3572db8ed729eed0700001400000000de12709700"}, 0xd8)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000740)={"0bd13af7e222d7b82977a894bcf2d741b99f8f02da617b9ad94014424a83db0314f34fdfe9a260e953f1aaf3610eec4c839a08a42b569d1e59b5520d8ad988ecacf773bc8c1855c13291a20986512ff73d4967f734679cb88ac4c1013a6d38828f96b71019283ce07d08bbb370738322ffae7a0afc79279598c1166ec564d5be5344fc87a5f00ca1354bced1fccde226dcd6e864d8262199e37fda0824cafccbe5f8cd0518aa106eb5f8a0986aca2d05a5eaa0177c72d3caeb3579fd729cfe1e7c8e2bb7a9dcfc32e31c7dd4cb48b11128a933481391a63c788de6306217984ef3aa5c402cf680385d96c065818632f2eb3b976ae7997d793ee5a91e26017c70319748f5b8505ce26e2fc2a50296523adc134596ff6ce79f6b58e5ca0612085af940096fb90cb23a7eac4d0e1f0933ef17dd5b760ed2864d8cc3dca7174f7d10bc4ccde5463f72f0265c673a73a1d7d41a581d8491c8f37615278b543c2c3310ae461a924409d0b5a1a75085d800e69f73510c7a1b7961a017dcbd827381d2133be3eda141656239ee6859843e51305726cc2444f1360e65e2993842d09428843f2c50c989084ed7722d34e930873d420e9c9fffda5fedf8370000000000000000885e2e653d083ccc91792e12e3082139763d44f68d1115d8e545444accee3bb38a9fa3b9ff7172868cfaf0a8f22a6939248404db646f2aa405a21b953498132fe3167e4783623451da9253e12187b4086f56bdd827e75a5523e04683335992552fa2cce95d2b23833d57bf2872f9e428b374d049a35636113207f68e34d7f1392c05add0d78b9d999c7a5d47dcbb803bcab54544dbceb73f41d5ac0970883308fecd0edcbb3eea10c1b56c851d13ff248353994d4fc68815b1bf45d202c9944b5cecc4d09a99b422ef51442a8c16e1dbb6a955c4618d592d43cd7e52c206929662f178afe060401868ffaf0db2f1eb3aaeb591be9eae546ae97266315e87487dd399ea4ec20423904c3953376a3ab41853f00b720b270b6ae8fd3cbd6c66e4af6d15bbae6aa085e56a3f8ca4a40117a72209d18e4e31e06389650b8115ef5f1fcd8c2d56b37d66fff06008836e501304a332dd3a9e6eea4f8f8d9e3671edc0abe7788692ba653850e980c36a4d3f60d090a58e34fa033b8e92ce7c19a1730872bd9b58530729400823e68ebb0ab9294bebfcd5404194a9dce119d204e01736b57ef37f7bc11ebf9bbf4d33a35ccebc67a3e38bc092cc208e8d70f33d830d26e16b5adcfb3a8928ececc4273771716dce7a0cd4d6f37f8cf70242fe91f09d9d07745e60c35b93bc343eb27751afc6ffb4693ef290668824287595c20cda170ff582c630e2a5df595cb8b7868b8f28665c7fb592d8763b6a0c3e20154f6400"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @pic={0x0, 0x0, 0x3, 0x93, 0x0, 0x0, 0x1, 0xbb, 0x2, 0xc0, 0x4d, 0x9, 0x61, 0x7, 0x90, 0xd}}) (fail_nth: 5)

1.340554455s ago: executing program 4 (id=2314):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000140)={0x0, 0x2000bb22, 0x2, {0x1, @pix_mp={0xd0, 0x10, 0x38414262, 0x6, 0x6, [{0x8, 0x2}, {0x6}, {0x3, 0x4}, {0x1, 0xffffffff}, {0x3}, {0xa, 0x1ff}, {0x0, 0xffff}, {0x4, 0x74f}], 0x66, 0x3, 0x0, 0x2, 0x6}}})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000001040)=ANY=[@ANYRES64=0x0, @ANYRES16=r6, @ANYBLOB="010028bd7000fedb139f7bff04c26e64a18e610000edff0200", @ANYRES32=r6, @ANYBLOB="700033008000e100ffffffffffff0802110000005050505050500020ffffff07000000000100010001000406079702000200060207000503198440250300687d2a01002d1a02000cffffffffffffffff340001000f0000000700060000000872060303030303037107ffff00ffff4000"], 0x8c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000080)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000a80)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000dc0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000d80)={&(0x7f0000001100)=ANY=[@ANYBLOB="8402fcffa3eb2368fa58588e204f7946dd0d4b73", @ANYRES16=r5, @ANYBLOB="000129bd7000fddbdf252700000008000300", @ANYRES32=r7, @ANYBLOB="0a00060050505050505000000a00060050505050505000000a000600080211000000000037022a001001798c181801faef71ae8ee39275c5d9aee9a76b3c967a9c419f9cd82d1a000818db000000000000007f008000010000000008624d000028720603030303030303018d07f27ca6367068a885e6af05a972af1fed756b662f9ca43f467e4174e6452bbe772e7cf572e16a46aab7fcb58916fe36cf402364056a1cd44a3fc4250ccb0c091d98c7adcd088924f3e18cdc278a433c0086fe44d3b1497b831904e2dbf2477076bb4761d987b63c2dd3482f16bcac57c456b3d9fcb3f99dd3cdc2e455c369a71685c573b96f59adaaebfc33781f25303c5195c7aa741ba7e2f8c227d2fe88fb8fcaa57654f6690457cc9f42135b84d64d31f68fe2cb0977cd99715067bf42b6e89d33a075301868f4ccc19b940bf90d92a6946d1a6be07a5d47f0db029ccc4eeda26da2a5e3d6e28f759b7bff2774a4a2406d5684d5020d0008021100000101000000170040ffffffffffff080000000802110000000f0040ffffffffffff40000000080211000000310040ffffffffffff004000000802110000002e00000802110000000000000018004008021100000108000000ffffffffffff360040080211000000000000800802110000012d00000802110000000b0000002c004008021100000002000000ffffffffffff3e00000802110000005a0b00000c0040080211000000070000000802110000001b00000802110000010a000000130000ffffffffffff0800000000000301b7831f00000cffffffffffff030000000900000001000000ffffffffffff04000000000a0034000202020202020000"], 0x284}, 0x1, 0x0, 0x0, 0x4004000}, 0x801)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000800))
r8 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@wr_drn={0x6e, 0x20, {0x3, 0x5}}, @wrmsr={0x1e, 0x20, {0x923, 0x9c}}], 0x40})
ioctl$BTRFS_IOC_BALANCE_CTL(r2, 0x40049421, 0x1)
ioctl$KVM_CAP_HYPERV_SYNIC(r8, 0x4068aea3, &(0x7f0000000300))
r9 = socket$qrtr(0x2a, 0x2, 0x0)
recvmsg$qrtr(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000380)=""/188, 0xbc}, {&(0x7f0000000500)=""/195, 0xc3}, {&(0x7f0000000440)=""/34, 0x22}], 0x3, &(0x7f0000000600)=[{0x38, 0x0, 0x0, ""/33}, {0x78, 0x0, 0x0, ""/97}, {0xa8, 0x0, 0x0, ""/152}, {0x58, 0x0, 0x0, ""/70}], 0x1b0}, 0x38, 0x101)
ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(r2, 0x4068aea3, &(0x7f0000000280)={0xc1, 0x0, 0x3})
r10 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40140, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1, 0x3, &(0x7f0000000840)=ANY=[@ANYBLOB="850000002f000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc", @ANYRESDEC=r0], &(0x7f0000000180)='GPL\x00'}, 0x94)
close(r10)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r11)
sendmsg$NLBL_MGMT_C_PROTOCOLS(r11, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x14, r12, 0x701, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000040)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r11, 0x0, 0x54)
r13 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000e40), 0xffffffffffffffff)
r14 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r14, 0x0)
mmap(&(0x7f00009c5000/0x1000)=nil, 0x1000, 0x3, 0x28012, r14, 0x0)
sendmsg$NLBL_UNLABEL_C_LIST(r11, &(0x7f0000000f40)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000f80)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="00082dbd7000fddbdf250200000014000200fe80000000000000000000000000002114008499ff49000000000000000000ff01000000000000011400060077673000000000000000000000f6c697bf89d3a300000000000000"], 0x58}, 0x1, 0x0, 0x0, 0x14004000}, 0x8000)

1.268832581s ago: executing program 2 (id=2315):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000980)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x84, 0x84, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x2, 0xe9}}, @enum64={0x2, 0x8, 0x0, 0x13, 0x1, 0x6, [{0x8, 0x9, 0xb}, {0x5, 0x5, 0x3}, {0x10, 0x4d, 0x5}, {0x3, 0x8, 0x1}, {0x4, 0x0, 0x2}, {0xe, 0x80000000, 0x401}, {0xa, 0x6, 0x10}, {0xd, 0x1}]}]}, {0x0, [0x30]}}, &(0x7f0000000a40)=""/106, 0x9f, 0x6a, 0x0, 0x101, 0x10000}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x16, 0x0, 0x1, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x1, 0x800}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000000000800000000000000000850000004100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r3 = socket$inet(0x2, 0x0, 0x4000009)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet6(r4, &(0x7f0000000040)={&(0x7f00000000c0)={0xa, 0x4e20, 0x3ff, @rand_addr=' \x01\x00', 0x7c}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00)'], 0x24}, 0x24000080)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
unshare(0x22020400)
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4000)
pipe2(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x84000)
close_range(r6, r7, 0x2)
tee(r5, r8, 0xfffffffffffffc01, 0x0)

1.149548401s ago: executing program 0 (id=2316):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x9, &(0x7f0000000000), 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = fsopen(&(0x7f0000000100)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffa)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x408, 0x1)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1.122787241s ago: executing program 4 (id=2317):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/crypto\x00', 0x0, 0x0)
userfaultfd(0x80001)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @typedef={0x3, 0x0, 0x0, 0x8, 0x3}, @ptr={0x0, 0x0, 0x0, 0x2, 0x2}, @volatile={0x0, 0x0, 0x0, 0xa, 0xffffffff}]}, {0x0, [0x2e, 0x61, 0x61]}}, 0x0, 0x51}, 0x28)
openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x0, 0x40, 0x28}, 0x18)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, r2, 0x3, 0x3, 0x2}, 0x50)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0x20001}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000380)={0x7fffffff, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1c, 0x19, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@exit, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @ldst={0x0, 0x3, 0x1, 0x4, 0x5, 0x5638d467adbd282d, 0x10}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x73, &(0x7f0000000200)=""/115, 0x41000, 0x68, '\x00', 0x0, @fallback=0x1f, r0, 0x8, &(0x7f0000000140)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0x2, 0xfffffffa, 0x1c}, 0x10, r5, r0, 0x1, &(0x7f0000000300)=[r0, r0, r0, r1, r0, r0, r0], &(0x7f0000000340)=[{0x2, 0x3, 0xb, 0x4}], 0x10, 0xfffffffb}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)

824.35985ms ago: executing program 2 (id=2318):
r0 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x90, 0x1, 0x2, 0xd59f80, 0x19ef, 0x6, 0x19ef, 0xffffffff, 0x4, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1802000000000000000000000110000085100000010000009500000000000000180100002020732500000000002020207b1af8ff00000000bfa10000000000000500000000000000a502000008180000b703000000000028850000007600000018000000090000000000000005ebff0095"], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESDEC=r1, @ANYRES32=0x1], 0x50)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000100)={0x0, 0x7fffffffffffffff, 0x3})

657.615084ms ago: executing program 2 (id=2319):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x28010)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x14}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x40005}, 0x40)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', <r2=>0x0})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
getsockopt$netlink(r1, 0x10e, 0x3, &(0x7f0000000100)=""/69, &(0x7f0000000180)=0x45)
write(r3, &(0x7f0000000000)="09000000010000", 0x7)
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f0000000580)={0x1d, r2}, 0x10, &(0x7f0000000080)={&(0x7f0000001680)=@canfd={{0x2, 0x0, 0x0, 0x1}, 0x21, 0x3, 0x0, 0x0, "4b00da3a929a667d4dc30a7b0a4e06bcae7553ee9e66da75901b8620076714f79c9b8de6b3079729ab66cd7972b74a339533e93505e6aa5e8ca5b3f52ad00d57"}, 0x48}, 0x2, 0x0, 0x0, 0x2472ca9aa3d5954b}, 0x10044009)

657.330945ms ago: executing program 0 (id=2320):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000071a6fd9f0000000000040000000081", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$USBDEVFS_DISCSIGNAL(r0, 0x8010550e, &(0x7f0000000200)={0xf975, &(0x7f00000002c0)="0d31b246f9faced8a6174bb8677fa27d0c8ae1659e62d12c5603b7b6ea7fbe08685e5523758bcd42ef6c6bd5c35ddd5dcd0e06713f77c876b481f4e04444cc187c4aa5705c5609c1f2ae1842da1a99582f3c6a572de85b4d781693833548cab3ea2bd1b3e161ac831d6e6a450bd61b9975429f9929815eb44723566ed8587a0574048f1650666ad09976f0e74fbf2a35bdf23154928eb0d9929ea588576d64f559db70f85880d0e692aaa439"})
r3 = socket(0xa, 0x3, 0xff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000c00000/0x400000)=nil)
close(0x4)
setsockopt$inet6_int(r3, 0x29, 0x5, &(0x7f0000000040)=0xfffffff9, 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)
recvmmsg(r3, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/20, 0x14}, 0x7}], 0x4000000000000d4, 0x102, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r6, @ANYBLOB="010028bd7000fbdbdf080500000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x40010}, 0x4040140)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
syz_usb_connect(0x3, 0x38, &(0x7f0000001880)={{0x12, 0x1, 0x250, 0x8e, 0x5a, 0xe4, 0x10, 0x424, 0xc001, 0xe20c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x26, 0x1, 0x8, 0x5, 0x80, 0x1, [{{0x9, 0x4, 0x22, 0x2, 0x2, 0x64, 0x5, 0x79, 0x3, [], [{{0x9, 0x5, 0x2, 0x0, 0x400, 0x0, 0x67, 0x9}}, {{0x9, 0x5, 0xd, 0xc, 0x200, 0x1, 0x92, 0x7, [@generic={0x2, 0xb}]}}]}}]}}]}}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0})
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r1, r7, 0x1c, 0x0, @void}, 0x10)

390.148411ms ago: executing program 2 (id=2321):
r0 = syz_clone(0x40001000, 0x0, 0xffffffffffffff5c, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$ARCH_GET_GS(0x1e, r0, &(0x7f0000000040), 0x1004)

327.663611ms ago: executing program 4 (id=2322):
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x1000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x10}, [@ldst={0x4}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xcb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')

153.424486ms ago: executing program 0 (id=2323):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f0000002080)=0x64, 0x23b)
ppoll(&(0x7f0000000880)=[{r2, 0x240}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'macvlan0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYBLOB="84000000100005000004855a9ffbf21304000000", @ANYRES32=r4, @ANYBLOB="1546010000000000540012800c0001006d6163766c616e0044000280060002000100000008000100010000000800030003000000080007000500000008000100100000000600020001000000080005"], 0x84}}, 0x20008040)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r8, @ANYBLOB="08002600851600000a00180000000000000000001c005a801800"], 0x4c}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000340)={<r9=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000240))
r10 = epoll_create(0x1)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=@delneigh={0x1c, 0x1d, 0x1, 0x70bd2d, 0x25dfdbfb, {0xa, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x40040)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r10, 0xf501, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$devlink(&(0x7f0000000dc0), 0xffffffffffffffff)
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000480), 0x579105abaef8718)
sendmsg$DEVLINK_CMD_TRAP_GET(r13, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)={0x50, r14, 0x1, 0xffffffff, 0x25dfdbff, {0x27}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c, 0x51}}]}, 0x50}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(r12, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000680)={0x58, r14, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x8}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0x25, 0xa9, @random="15ecb39df69bf98916af4eacf5f10281a5968cba8ba31fb7b760a16a847f6a67c1"}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xe}]}, 0x58}}, 0x4000)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0xc0041, 0x0)
timerfd_create(0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f00000001c0)={r9})

148.820135ms ago: executing program 4 (id=2324):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000071a6fd9f0000000000040000000081", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$USBDEVFS_DISCSIGNAL(r0, 0x8010550e, &(0x7f0000000200)={0xf975, &(0x7f00000002c0)="0d31b246f9faced8a6174bb8677fa27d0c8ae1659e62d12c5603b7b6ea7fbe08685e5523758bcd42ef6c6bd5c35ddd5dcd0e06713f77c876b481f4e04444cc187c4aa5705c5609c1f2ae1842da1a99582f3c6a572de85b4d781693833548cab3ea2bd1b3e161ac831d6e6a450bd61b9975429f9929815eb44723566ed8587a0574048f1650666ad09976f0e74fbf2a35bdf23154928eb0d9929ea588576d64f559db70f85880d0e692aaa439"})
r3 = socket(0xa, 0x3, 0xff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000c00000/0x400000)=nil)
close(0x4)
setsockopt$inet6_int(r3, 0x29, 0x5, &(0x7f0000000040)=0xfffffff9, 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)
recvmmsg(r3, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/20, 0x14}, 0x7}], 0x4000000000000d4, 0x102, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r6, @ANYBLOB="010028bd7000fbdbdf080500000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x40010}, 0x4040140)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100))
open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
syz_usb_connect(0x3, 0x38, &(0x7f0000001880)={{0x12, 0x1, 0x250, 0x8e, 0x5a, 0xe4, 0x10, 0x424, 0xc001, 0xe20c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x26, 0x1, 0x8, 0x5, 0x80, 0x1, [{{0x9, 0x4, 0x22, 0x2, 0x2, 0x64, 0x5, 0x79, 0x3, [], [{{0x9, 0x5, 0x2, 0x0, 0x400, 0x0, 0x67, 0x9}}, {{0x9, 0x5, 0xd, 0xc, 0x200, 0x1, 0x92, 0x7, [@generic={0x2, 0xb}]}}]}}]}}]}}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0})

0s ago: executing program 7 (id=2255):
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f00000000c0)={0x1c000000000, 0x6d, 0x4, 0x8001, 0x3, 0x0, [{0x1, 0x7accd6a4, 0x2}, {0x8, 0x5, 0x8, '\x00', 0x200}, {0x6, 0x10001, 0xfffffffffffffffd, '\x00', 0x2908}]})
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000540)={@private2={0xfc, 0x2, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r2})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@ipv6_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8}}, 0x1c}}, 0x0)

kernel console output (not intermixed with test programs):

 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  800.640377][T12808] RSP: 002b:00007fbf51156030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  800.640397][T12808] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eed9dc
[  800.640412][T12808] RDX: 000000000000000f RSI: 00007fbf511560a0 RDI: 0000000000000004
[  800.640425][T12808] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  800.640438][T12808] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001
[  800.640451][T12808] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  800.640486][T12808]  </TASK>
[  800.932235][ T5894] usb 3-1: USB disconnect, device number 62
[  800.967528][ T5894] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0
[  800.968187][ T5894] ipaq 3-1:1.113: device disconnected
[  801.007292][T12813] netlink: 'syz.3.2090': attribute type 1 has an invalid length.
[  801.178604][T12825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2094'.
[  802.418081][T12842] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2099'.
[  802.563359][T12846] FAULT_INJECTION: forcing a failure.
[  802.563359][T12846] name failslab, interval 1, probability 0, space 0, times 0
[  802.563394][T12846] CPU: 0 UID: 0 PID: 12846 Comm: syz.2.2101 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  802.563442][T12846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  802.563454][T12846] Call Trace:
[  802.563462][T12846]  <TASK>
[  802.563471][T12846]  dump_stack_lvl+0x189/0x250
[  802.563503][T12846]  ? __pfx____ratelimit+0x10/0x10
[  802.563527][T12846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  802.563554][T12846]  ? __pfx__printk+0x10/0x10
[  802.563591][T12846]  should_fail_ex+0x46c/0x600
[  802.563622][T12846]  should_failslab+0xa8/0x100
[  802.563651][T12846]  __kmalloc_noprof+0xcc/0x7d0
[  802.563675][T12846]  ? io_cache_alloc_new+0x40/0x100
[  802.563701][T12846]  io_cache_alloc_new+0x40/0x100
[  802.563724][T12846]  io_arm_apoll+0x477/0x910
[  802.563758][T12846]  ? __pfx_io_arm_apoll+0x10/0x10
[  802.563787][T12846]  ? __io_issue_sqe+0x1f9/0x4b0
[  802.563818][T12846]  ? io_file_get_normal+0x104/0x300
[  802.563842][T12846]  ? io_arm_poll_handler+0x20a/0x2a0
[  802.563874][T12846]  io_queue_async+0x175/0x240
[  802.563906][T12846]  io_submit_sqes+0xe78/0x1e60
[  802.563960][T12846]  __se_sys_io_uring_enter+0x2db/0x2b70
[  802.563994][T12846]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  802.564019][T12846]  ? lockdep_hardirqs_on+0x9c/0x150
[  802.564043][T12846]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  802.564067][T12846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  802.564096][T12846]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  802.564118][T12846]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  802.564142][T12846]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  802.564162][T12846]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  802.564194][T12846]  ? fput+0xa0/0xd0
[  802.564213][T12846]  ? ksys_write+0x230/0x260
[  802.564238][T12846]  ? __pfx_ksys_write+0x10/0x10
[  802.564265][T12846]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  802.564292][T12846]  do_syscall_64+0xfa/0xfa0
[  802.564315][T12846]  ? lockdep_hardirqs_on+0x9c/0x150
[  802.564337][T12846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.564357][T12846]  ? clear_bhb_loop+0x60/0xb0
[  802.564380][T12846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.564399][T12846] RIP: 0033:0x7f078279efc9
[  802.564417][T12846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  802.564434][T12846] RSP: 002b:00007f07809fe038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  802.564455][T12846] RAX: ffffffffffffffda RBX: 00007f07829f5fa0 RCX: 00007f078279efc9
[  802.564469][T12846] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000
[  802.564482][T12846] RBP: 00007f07809fe090 R08: 0000000000000000 R09: 0000000000000000
[  802.564495][T12846] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001
[  802.564508][T12846] R13: 00007f07829f6038 R14: 00007f07829f5fa0 R15: 00007fff557cd328
[  802.564539][T12846]  </TASK>
[  802.926597][ T5969] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  803.946676][ T5969] usb 3-1: Using ep0 maxpacket: 8
[  804.305665][ T5969] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  804.353377][ T5969] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  804.353411][ T5969] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  804.353434][ T5969] usb 3-1: Product: syz
[  804.353450][ T5969] usb 3-1: Manufacturer: syz
[  804.353466][ T5969] usb 3-1: SerialNumber: syz
[  804.359693][ T5969] usb 3-1: config 0 descriptor??
[  804.380234][ T5969] streamzap 3-1:0.0: streamzap_probe: Unexpected desc.bNumEndpoints (0)
[  805.745874][   T10] usb 3-1: USB disconnect, device number 63
[  806.053693][T12857] syz.3.2104 (12857) used greatest stack depth: 14416 bytes left
[  806.545688][ T5817] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  808.888315][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  808.888387][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  809.196864][   T37] kauditd_printk_skb: 5 callbacks suppressed
[  809.196883][   T37] audit: type=1326 audit(1762204543.124:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.196928][   T37] audit: type=1326 audit(1762204543.124:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.727005][   T37] audit: type=1326 audit(1762204543.664:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.729385][   T37] audit: type=1326 audit(1762204543.664:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.729439][   T37] audit: type=1326 audit(1762204543.664:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.729484][   T37] audit: type=1326 audit(1762204543.664:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.740199][   T37] audit: type=1326 audit(1762204543.674:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.740253][   T37] audit: type=1326 audit(1762204543.674:1981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.740295][   T37] audit: type=1326 audit(1762204543.674:1982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  809.740334][   T37] audit: type=1326 audit(1762204543.674:1983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12897 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fbf52eeefc9 code=0x7ffc0000
[  810.632195][   T86] Bluetooth: hci9: Frame reassembly failed (-84)
[  812.419735][T12951] genirq: Flags mismatch irq 7. 00202080 (ttyS3) vs. 00202000 (dt2814)
[  812.745847][T10110] Bluetooth: hci9: command 0x1003 tx timeout
[  812.746243][ T5817] Bluetooth: hci9: Opcode 0x1003 failed: -110
[  812.779049][T12955] genirq: Flags mismatch irq 7. 00202080 (ttyS3) vs. 00202000 (dt2814)
[  812.825872][T12941] FAULT_INJECTION: forcing a failure.
[  812.825872][T12941] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.825903][T12941] CPU: 1 UID: 0 PID: 12941 Comm: syz.0.2129 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  812.825923][T12941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  812.825933][T12941] Call Trace:
[  812.825941][T12941]  <TASK>
[  812.825949][T12941]  dump_stack_lvl+0x189/0x250
[  812.825977][T12941]  ? __pfx____ratelimit+0x10/0x10
[  812.825998][T12941]  ? __pfx_dump_stack_lvl+0x10/0x10
[  812.826020][T12941]  ? __pfx__printk+0x10/0x10
[  812.826052][T12941]  should_fail_ex+0x46c/0x600
[  812.826079][T12941]  _copy_to_user+0x31/0xb0
[  812.826099][T12941]  simple_read_from_buffer+0xe1/0x170
[  812.826124][T12941]  proc_fail_nth_read+0x1b6/0x220
[  812.826145][T12941]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.826165][T12941]  ? rw_verify_area+0x2ac/0x4e0
[  812.826192][T12941]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.826210][T12941]  vfs_read+0x206/0xa30
[  812.826236][T12941]  ? __pfx_vfs_read+0x10/0x10
[  812.826252][T12941]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  812.826278][T12941]  ? mutex_lock_nested+0x154/0x1d0
[  812.826293][T12941]  ? fdget_pos+0x253/0x320
[  812.826322][T12941]  ksys_read+0x14b/0x260
[  812.826343][T12941]  ? __pfx_ksys_read+0x10/0x10
[  812.826359][T12941]  ? arch_syscall_is_vdso_sigreturn+0x120/0x1a0
[  812.826382][T12941]  ? syscall_user_dispatch+0x4f/0x90
[  812.826413][T12941]  do_syscall_64+0xfa/0xfa0
[  812.826433][T12941]  ? lockdep_hardirqs_on+0x9c/0x150
[  812.826454][T12941]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.826470][T12941]  ? clear_bhb_loop+0x60/0xb0
[  812.826489][T12941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.826505][T12941] RIP: 0033:0x7fbf52eed9dc
[  812.826521][T12941] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  812.826535][T12941] RSP: 002b:00007fbf51156030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  812.826553][T12941] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eed9dc
[  812.826565][T12941] RDX: 000000000000000f RSI: 00007fbf511560a0 RDI: 0000000000000003
[  812.826575][T12941] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  812.826584][T12941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.826594][T12941] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  812.826622][T12941]  </TASK>
[  813.980753][T12951] infiniband s�: RDMA CMA: cma_listen_on_dev, error -98
[  813.999621][T12960] tty tty2: ldisc open failed (-12), clearing slot 1
[  814.546634][ T5894] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  814.610536][ T1454] Bluetooth: hci9: Frame reassembly failed (-84)
[  814.707949][ T5894] usb 1-1: Using ep0 maxpacket: 16
[  814.713813][ T5894] usb 1-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  814.713843][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  814.713865][ T5894] usb 1-1: Product: syz
[  814.713879][ T5894] usb 1-1: Manufacturer: syz
[  814.713955][ T5894] usb 1-1: SerialNumber: syz
[  814.919197][ T5894] usb 1-1: config 0 descriptor??
[  814.951341][ T5894] as10x_usb: device has been detected
[  814.952506][ T5894] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  815.386031][ T5894] usb 1-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  815.645639][T12966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  815.646082][T12966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  815.689625][T12966] random: crng reseeded on system resumption
[  815.812646][ T5894] as10x_usb: error during firmware upload part1
[  815.812737][ T5894] Registered device Sky IT Digital Key (green led)
[  815.900370][ T5894] usb 1-1: USB disconnect, device number 62
[  815.957636][T12990] FAULT_INJECTION: forcing a failure.
[  815.957636][T12990] name failslab, interval 1, probability 0, space 0, times 0
[  815.957666][T12990] CPU: 0 UID: 0 PID: 12990 Comm: syz.4.2141 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  815.957686][T12990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  815.957697][T12990] Call Trace:
[  815.957705][T12990]  <TASK>
[  815.957714][T12990]  dump_stack_lvl+0x189/0x250
[  815.957744][T12990]  ? __pfx____ratelimit+0x10/0x10
[  815.957767][T12990]  ? __pfx_dump_stack_lvl+0x10/0x10
[  815.957791][T12990]  ? __pfx__printk+0x10/0x10
[  815.957820][T12990]  ? __pfx___might_resched+0x10/0x10
[  815.957837][T12990]  ? fs_reclaim_acquire+0x7d/0x100
[  815.957866][T12990]  should_fail_ex+0x46c/0x600
[  815.957896][T12990]  should_failslab+0xa8/0x100
[  815.957932][T12990]  __kmalloc_noprof+0xcc/0x7d0
[  815.957956][T12990]  ? security_task_alloc+0x4d/0x360
[  815.957972][T12990]  ? perf_event_init_task+0x138/0x4c0
[  815.957994][T12990]  security_task_alloc+0x4d/0x360
[  815.958015][T12990]  ? copy_process+0x979/0x3ae0
[  815.958038][T12990]  copy_process+0x152e/0x3ae0
[  815.958075][T12990]  ? copy_process+0x979/0x3ae0
[  815.958112][T12990]  ? __pfx_copy_process+0x10/0x10
[  815.958151][T12990]  vhost_task_create+0x1e9/0x340
[  815.958176][T12990]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  815.958203][T12990]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  815.958232][T12990]  ? __pfx_vhost_task_create+0x10/0x10
[  815.958267][T12990]  ? __pfx_vhost_task_fn+0x10/0x10
[  815.958296][T12990]  ? rtlock_slowlock_locked+0xd8/0x4010
[  815.958325][T12990]  ? mutex_lock_nested+0x154/0x1d0
[  815.958344][T12990]  ? kvm_mmu_post_init_vm+0x91/0x300
[  815.958369][T12990]  kvm_mmu_post_init_vm+0x14c/0x300
[  815.958393][T12990]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  815.958423][T12990]  ? do_raw_spin_lock+0x121/0x290
[  815.958449][T12990]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  815.958474][T12990]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  815.958498][T12990]  ? lockdep_hardirqs_on+0x9c/0x150
[  815.958523][T12990]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  815.958548][T12990]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  815.958580][T12990]  ? rt_mutex_slowunlock+0x493/0x8a0
[  815.958598][T12990]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  815.958621][T12990]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  815.958646][T12990]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  815.958667][T12990]  ? rt_write_unlock+0x73/0x230
[  815.958692][T12990]  ? rt_write_unlock+0x191/0x230
[  815.958715][T12990]  kvm_vcpu_ioctl+0x95f/0xe90
[  815.958741][T12990]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  815.958769][T12990]  ? __asan_memset+0x22/0x50
[  815.958790][T12990]  ? smack_file_ioctl+0x305/0x340
[  815.958818][T12990]  ? __pfx_smack_file_ioctl+0x10/0x10
[  815.958857][T12990]  ? __fget_files+0x3a6/0x420
[  815.958881][T12990]  ? __fget_files+0x2a/0x420
[  815.958916][T12990]  ? bpf_lsm_file_ioctl+0x9/0x20
[  815.958935][T12990]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  815.958955][T12990]  __se_sys_ioctl+0xff/0x170
[  815.958977][T12990]  do_syscall_64+0xfa/0xfa0
[  815.958997][T12990]  ? lockdep_hardirqs_on+0x9c/0x150
[  815.959015][T12990]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.959029][T12990]  ? clear_bhb_loop+0x60/0xb0
[  815.959047][T12990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.959061][T12990] RIP: 0033:0x7fdd03dfefc9
[  815.959076][T12990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.959088][T12990] RSP: 002b:00007fdd02045038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  815.959105][T12990] RAX: ffffffffffffffda RBX: 00007fdd04056090 RCX: 00007fdd03dfefc9
[  815.959116][T12990] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  815.959125][T12990] RBP: 00007fdd02045090 R08: 0000000000000000 R09: 0000000000000000
[  815.959134][T12990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  815.959142][T12990] R13: 00007fdd04056128 R14: 00007fdd04056090 R15: 00007ffccca11888
[  815.959168][T12990]  </TASK>
[  816.079986][T12992] FAULT_INJECTION: forcing a failure.
[  816.079986][T12992] name failslab, interval 1, probability 0, space 0, times 0
[  816.080020][T12992] CPU: 0 UID: 0 PID: 12992 Comm: syz.6.2144 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  816.080042][T12992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  816.080054][T12992] Call Trace:
[  816.080062][T12992]  <TASK>
[  816.080072][T12992]  dump_stack_lvl+0x189/0x250
[  816.080102][T12992]  ? __pfx____ratelimit+0x10/0x10
[  816.080128][T12992]  ? __pfx_dump_stack_lvl+0x10/0x10
[  816.080154][T12992]  ? __pfx__printk+0x10/0x10
[  816.080182][T12992]  ? __pfx___might_resched+0x10/0x10
[  816.080202][T12992]  ? fs_reclaim_acquire+0x7d/0x100
[  816.080232][T12992]  should_fail_ex+0x46c/0x600
[  816.080278][T12992]  should_failslab+0xa8/0x100
[  816.080306][T12992]  __kmalloc_node_noprof+0xd4/0x7f0
[  816.080334][T12992]  ? __vmalloc_node_range_noprof+0x5bb/0x12d0
[  816.080365][T12992]  __vmalloc_node_range_noprof+0x5bb/0x12d0
[  816.080419][T12992]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  816.080444][T12992]  ? __might_fault+0xb0/0x130
[  816.080475][T12992]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  816.080500][T12992]  __vmalloc_noprof+0xb1/0xf0
[  816.080523][T12992]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  816.080550][T12992]  bpf_prog_alloc_no_stats+0x4a/0x530
[  816.080580][T12992]  bpf_prog_alloc+0x3c/0x1a0
[  816.080608][T12992]  bpf_prog_load+0x735/0x19e0
[  816.080645][T12992]  ? __pfx_bpf_prog_load+0x10/0x10
[  816.080693][T12992]  ? bpf_lsm_bpf+0x9/0x20
[  816.080709][T12992]  ? security_bpf+0x7e/0x300
[  816.080733][T12992]  __sys_bpf+0x507/0x860
[  816.080759][T12992]  ? __pfx___sys_bpf+0x10/0x10
[  816.080780][T12992]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  816.080817][T12992]  ? ksys_write+0x230/0x260
[  816.080841][T12992]  ? __pfx_ksys_write+0x10/0x10
[  816.080870][T12992]  __x64_sys_bpf+0x7c/0x90
[  816.080893][T12992]  do_syscall_64+0xfa/0xfa0
[  816.080916][T12992]  ? lockdep_hardirqs_on+0x9c/0x150
[  816.080944][T12992]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.080963][T12992]  ? clear_bhb_loop+0x60/0xb0
[  816.080986][T12992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.081004][T12992] RIP: 0033:0x7f093b88efc9
[  816.081022][T12992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  816.081038][T12992] RSP: 002b:00007f0939aee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  816.081057][T12992] RAX: ffffffffffffffda RBX: 00007f093bae5fa0 RCX: 00007f093b88efc9
[  816.081072][T12992] RDX: 0000000000000094 RSI: 0000200000000600 RDI: 0000000000000005
[  816.081085][T12992] RBP: 00007f0939aee090 R08: 0000000000000000 R09: 0000000000000000
[  816.081098][T12992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  816.081110][T12992] R13: 00007f093bae6038 R14: 00007f093bae5fa0 R15: 00007ffeee7a5b28
[  816.081143][T12992]  </TASK>
[  816.083486][T12992] syz.6.2144: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  816.083552][T12992] CPU: 0 UID: 0 PID: 12992 Comm: syz.6.2144 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  816.083574][T12992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  816.083585][T12992] Call Trace:
[  816.083593][T12992]  <TASK>
[  816.083602][T12992]  dump_stack_lvl+0x189/0x250
[  816.083634][T12992]  ? __pfx_dump_stack_lvl+0x10/0x10
[  816.083659][T12992]  ? __pfx__printk+0x10/0x10
[  816.083681][T12992]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  816.083702][T12992]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  816.083726][T12992]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  816.083751][T12992]  warn_alloc+0x22e/0x3b0
[  816.083779][T12992]  ? __pfx___might_resched+0x10/0x10
[  816.083798][T12992]  ? fs_reclaim_acquire+0x7d/0x100
[  816.083825][T12992]  ? __pfx_warn_alloc+0x10/0x10
[  816.083847][T12992]  ? should_fail_ex+0x344/0x600
[  816.083876][T12992]  ? rcu_is_watching+0x15/0xb0
[  816.083895][T12992]  ? trace_kmalloc+0x1f/0xd0
[  816.083915][T12992]  ? __kmalloc_node_noprof+0x3b6/0x7f0
[  816.083945][T12992]  ? __vmalloc_node_range_noprof+0x5bb/0x12d0
[  816.083975][T12992]  __vmalloc_node_range_noprof+0x690/0x12d0
[  816.084029][T12992]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  816.084054][T12992]  ? __might_fault+0xb0/0x130
[  816.084085][T12992]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  816.084109][T12992]  __vmalloc_noprof+0xb1/0xf0
[  816.084131][T12992]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  816.084159][T12992]  bpf_prog_alloc_no_stats+0x4a/0x530
[  816.084188][T12992]  bpf_prog_alloc+0x3c/0x1a0
[  816.084216][T12992]  bpf_prog_load+0x735/0x19e0
[  816.084254][T12992]  ? __pfx_bpf_prog_load+0x10/0x10
[  816.084301][T12992]  ? bpf_lsm_bpf+0x9/0x20
[  816.084318][T12992]  ? security_bpf+0x7e/0x300
[  816.084342][T12992]  __sys_bpf+0x507/0x860
[  816.084367][T12992]  ? __pfx___sys_bpf+0x10/0x10
[  816.084389][T12992]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  816.084427][T12992]  ? ksys_write+0x230/0x260
[  816.084451][T12992]  ? __pfx_ksys_write+0x10/0x10
[  816.084479][T12992]  __x64_sys_bpf+0x7c/0x90
[  816.084503][T12992]  do_syscall_64+0xfa/0xfa0
[  816.084528][T12992]  ? lockdep_hardirqs_on+0x9c/0x150
[  816.084551][T12992]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.084569][T12992]  ? clear_bhb_loop+0x60/0xb0
[  816.084592][T12992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.084610][T12992] RIP: 0033:0x7f093b88efc9
[  816.084626][T12992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  816.084642][T12992] RSP: 002b:00007f0939aee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  816.084661][T12992] RAX: ffffffffffffffda RBX: 00007f093bae5fa0 RCX: 00007f093b88efc9
[  816.084675][T12992] RDX: 0000000000000094 RSI: 0000200000000600 RDI: 0000000000000005
[  816.084687][T12992] RBP: 00007f0939aee090 R08: 0000000000000000 R09: 0000000000000000
[  816.084700][T12992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  816.084712][T12992] R13: 00007f093bae6038 R14: 00007f093bae5fa0 R15: 00007ffeee7a5b28
[  816.084745][T12992]  </TASK>
[  816.085951][T12992] Mem-Info:
[  816.085963][T12992] active_anon:3123 inactive_anon:10048 isolated_anon:0
[  816.085963][T12992]  active_file:17294 inactive_file:41841 isolated_file:0
[  816.085963][T12992]  unevictable:768 dirty:114 writeback:2
[  816.085963][T12992]  slab_reclaimable:13022 slab_unreclaimable:108285
[  816.085963][T12992]  mapped:45353 shmem:7097 pagetables:1453
[  816.085963][T12992]  sec_pagetables:0 bounce:0
[  816.085963][T12992]  kernel_misc_reclaimable:0
[  816.085963][T12992]  free:1268634 free_pcp:8361 free_cma:0
[  816.086016][T12992] Node 0 active_anon:12492kB inactive_anon:40192kB active_file:68920kB inactive_file:167364kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:181408kB dirty:456kB writeback:8kB shmem:26852kB kernel_stack:13580kB pagetables:5652kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  816.086061][T12992] Node 1 active_anon:0kB inactive_anon:0kB active_file:256kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  816.086102][T12992] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  816.086159][T12992] lowmem_reserve[]: 0 2515 2517 2517 2517
[  816.086190][T12992] Node 0 DMA32 free:1157000kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12492kB inactive_anon:40192kB active_file:68920kB inactive_file:167364kB unevictable:1536kB writepending:464kB zspages:0kB present:3129332kB managed:2576092kB mlocked:0kB bounce:0kB free_pcp:33444kB local_pcp:17012kB free_cma:0kB
[  816.086250][T12992] lowmem_reserve[]: 0 0 1 1 1
[  816.086279][T12992] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  816.086334][T12992] lowmem_reserve[]: 0 0 0 0 0
[  816.086364][T12992] Node 1 Normal free:3902176kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:256kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  816.088196][T12992] lowmem_reserve[]: 0 0 0 0 0
[  816.088230][T12992] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  816.088336][T12992] Node 0 DMA32: 708*4kB (UE) 105*8kB (UM) 1*16kB (M) 116*32kB (UM) 45*64kB (UE) 25*128kB (UE) 113*256kB (UM) 67*512kB (UM) 17*1024kB (UME) 7*2048kB (UM) 256*4096kB (UM) = 1157032kB
[  816.088478][T12992] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  816.088569][T12992] Node 1 Normal: 178*4kB (UE) 49*8kB (UE) 33*16kB (UE) 218*32kB (UE) 87*64kB (UME) 29*128kB (UME) 9*256kB (UME) 6*512kB (UME) 2*1024kB (ME) 3*2048kB (UM) 945*4096kB (M) = 3902176kB
[  816.088712][T12992] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  816.088728][T12992] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  816.088744][T12992] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  816.088760][T12992] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  816.088776][T12992] 66228 total pagecache pages
[  816.088783][T12992] 0 pages in swap cache
[  816.088790][T12992] Free swap  = 124996kB
[  816.088798][T12992] Total swap = 124996kB
[  816.088806][T12992] 2097051 pages RAM
[  816.088813][T12992] 0 pages HighMem/MovableOnly
[  816.088820][T12992] 421002 pages reserved
[  816.088827][T12992] 0 pages cma reserved
[  816.666635][ T5803] Bluetooth: hci9: command 0x1003 tx timeout
[  816.667025][ T5817] Bluetooth: hci9: Opcode 0x1003 failed: -110
[  817.132567][ T5894] Unregistered device Sky IT Digital Key (green led)
[  817.462383][ T5894] as10x_usb: device has been disconnected
[  817.558137][T13015] FAULT_INJECTION: forcing a failure.
[  817.558137][T13015] name failslab, interval 1, probability 0, space 0, times 0
[  817.558172][T13015] CPU: 0 UID: 0 PID: 13015 Comm: syz.4.2151 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  817.558195][T13015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  817.558207][T13015] Call Trace:
[  817.558216][T13015]  <TASK>
[  817.558225][T13015]  dump_stack_lvl+0x189/0x250
[  817.558257][T13015]  ? __pfx____ratelimit+0x10/0x10
[  817.558281][T13015]  ? __pfx_dump_stack_lvl+0x10/0x10
[  817.558308][T13015]  ? __pfx__printk+0x10/0x10
[  817.558337][T13015]  ? __pfx___might_resched+0x10/0x10
[  817.558357][T13015]  ? fs_reclaim_acquire+0x7d/0x100
[  817.558388][T13015]  should_fail_ex+0x46c/0x600
[  817.558419][T13015]  should_failslab+0xa8/0x100
[  817.558447][T13015]  __kmalloc_node_track_caller_noprof+0xcf/0x7e0
[  817.558473][T13015]  ? alloc_vfsmnt+0xeb/0x430
[  817.558501][T13015]  kstrdup+0x42/0x100
[  817.558524][T13015]  alloc_vfsmnt+0xeb/0x430
[  817.558548][T13015]  clone_mnt+0x4b/0x9a0
[  817.558577][T13015]  copy_tree+0xde/0x930
[  817.558598][T13015]  ? rwbase_write_lock+0x56f/0x750
[  817.558623][T13015]  ? __init_waitqueue_head+0xae/0x160
[  817.558650][T13015]  ? __do_loopback+0x1dd/0x450
[  817.558674][T13015]  vfs_open_tree+0x531/0x7c0
[  817.558699][T13015]  ? __pfx_vfs_open_tree+0x10/0x10
[  817.558716][T13015]  ? ksys_write+0x230/0x260
[  817.558742][T13015]  ? __pfx_ksys_write+0x10/0x10
[  817.558770][T13015]  __x64_sys_open_tree+0x7d/0xf0
[  817.558797][T13015]  do_syscall_64+0xfa/0xfa0
[  817.558819][T13015]  ? lockdep_hardirqs_on+0x9c/0x150
[  817.558844][T13015]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.558864][T13015]  ? clear_bhb_loop+0x60/0xb0
[  817.558894][T13015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.558913][T13015] RIP: 0033:0x7fdd03dfefc9
[  817.558931][T13015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  817.558949][T13015] RSP: 002b:00007fdd02066038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac
[  817.558971][T13015] RAX: ffffffffffffffda RBX: 00007fdd04055fa0 RCX: 00007fdd03dfefc9
[  817.558986][T13015] RDX: 0000000000089901 RSI: 0000200000000640 RDI: ffffffffffffff9c
[  817.559000][T13015] RBP: 00007fdd02066090 R08: 0000000000000000 R09: 0000000000000000
[  817.559013][T13015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  817.559026][T13015] R13: 00007fdd04056038 R14: 00007fdd04055fa0 R15: 00007ffccca11888
[  817.559061][T13015]  </TASK>
[  817.573599][T13016] netlink: 400 bytes leftover after parsing attributes in process `syz.6.2152'.
[  817.736630][ T5130] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  818.199765][ T5130] usb 3-1: Using ep0 maxpacket: 32
[  818.299670][ T5130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  818.299692][ T5130] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  818.299705][ T5130] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  818.304310][ T5130] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  818.304330][ T5130] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  818.304342][ T5130] usb 3-1: Product: syz
[  818.304353][ T5130] usb 3-1: Manufacturer: syz
[  818.304368][ T5130] usb 3-1: SerialNumber: syz
[  818.343492][ T5130] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input17
[  818.529809][T13012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  818.530238][T13012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  818.548900][   T10] usb 3-1: USB disconnect, device number 64
[  818.639522][   T10] appletouch 3-1:1.0: input: appletouch disconnected
[  820.306620][ T5806] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  820.608384][T13049] overlayfs: overlapping lowerdir path
[  821.543953][ T5894] usb 3-1: new full-speed USB device number 65 using dummy_hcd
[  821.562147][T13049] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  821.590729][ T5806] usb 5-1: Using ep0 maxpacket: 16
[  821.596675][ T5806] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  821.596705][ T5806] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  821.596726][ T5806] usb 5-1: Product: syz
[  821.596741][ T5806] usb 5-1: Manufacturer: syz
[  821.596757][ T5806] usb 5-1: SerialNumber: syz
[  821.604424][ T5806] usb 5-1: config 0 descriptor??
[  821.842560][ T5894] usb 3-1: config 0 has an invalid interface number: 50 but max is 0
[  821.842597][ T5894] usb 3-1: config 0 has no interface number 0
[  821.845916][ T5894] usb 3-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  821.845948][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  821.845968][ T5894] usb 3-1: Product: syz
[  821.845981][ T5894] usb 3-1: Manufacturer: syz
[  821.845996][ T5894] usb 3-1: SerialNumber: syz
[  821.858118][ T5894] usb 3-1: config 0 descriptor??
[  821.989966][ T5894] ttusb_dec_send_command: command bulk message failed: error -22
[  821.990234][ T5894] ttusb-dec 3-1:0.50: probe with driver ttusb-dec failed with error -22
[  822.195571][ T9880] usb 3-1: USB disconnect, device number 65
[  822.234196][T13073] tmpfs: Bad value for 'mpol'
[  823.078451][ T9880] usb 5-1: USB disconnect, device number 63
[  823.164940][T13078] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2172'.
[  823.644195][ T5817] Bluetooth: hci0: command 0x0406 tx timeout
[  823.644332][   T37] kauditd_printk_skb: 35 callbacks suppressed
[  823.644346][   T37] audit: type=1326 audit(1762204557.284:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644393][   T37] audit: type=1326 audit(1762204557.284:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644435][   T37] audit: type=1326 audit(1762204557.284:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644477][   T37] audit: type=1326 audit(1762204557.284:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644520][   T37] audit: type=1326 audit(1762204557.284:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644561][   T37] audit: type=1326 audit(1762204557.284:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644602][   T37] audit: type=1326 audit(1762204557.284:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644644][   T37] audit: type=1326 audit(1762204557.284:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644686][   T37] audit: type=1326 audit(1762204557.284:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  823.644728][   T37] audit: type=1326 audit(1762204557.284:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13081 comm="syz.3.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff6ab6cefc9 code=0x7ffc0000
[  825.517311][ T5130] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  825.571010][T13101] FAULT_INJECTION: forcing a failure.
[  825.571010][T13101] name failslab, interval 1, probability 0, space 0, times 0
[  825.571045][T13101] CPU: 0 UID: 0 PID: 13101 Comm: syz.6.2179 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  825.571077][T13101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  825.571090][T13101] Call Trace:
[  825.571098][T13101]  <TASK>
[  825.571108][T13101]  dump_stack_lvl+0x189/0x250
[  825.571139][T13101]  ? __pfx____ratelimit+0x10/0x10
[  825.571163][T13101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  825.571190][T13101]  ? __pfx__printk+0x10/0x10
[  825.571218][T13101]  ? __pfx___might_resched+0x10/0x10
[  825.571238][T13101]  ? fs_reclaim_acquire+0x7d/0x100
[  825.571267][T13101]  should_fail_ex+0x46c/0x600
[  825.571296][T13101]  ? getname_flags+0xb8/0x540
[  825.571321][T13101]  should_failslab+0xa8/0x100
[  825.571344][T13101]  ? getname_flags+0xb8/0x540
[  825.571366][T13101]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  825.571396][T13101]  getname_flags+0xb8/0x540
[  825.571425][T13101]  user_path_at+0x24/0x60
[  825.571443][T13101]  __se_sys_mount+0x2d4/0x410
[  825.571474][T13101]  ? __pfx___se_sys_mount+0x10/0x10
[  825.571501][T13101]  ? do_syscall_64+0xbe/0xfa0
[  825.571524][T13101]  ? __x64_sys_mount+0x20/0xc0
[  825.571551][T13101]  do_syscall_64+0xfa/0xfa0
[  825.571573][T13101]  ? lockdep_hardirqs_on+0x9c/0x150
[  825.571594][T13101]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.571613][T13101]  ? clear_bhb_loop+0x60/0xb0
[  825.571653][T13101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.571671][T13101] RIP: 0033:0x7f093b88efc9
[  825.571689][T13101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  825.571705][T13101] RSP: 002b:00007f0939aee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  825.571727][T13101] RAX: ffffffffffffffda RBX: 00007f093bae5fa0 RCX: 00007f093b88efc9
[  825.571742][T13101] RDX: 00002000000002c0 RSI: 0000200000000040 RDI: 0000000000000000
[  825.571755][T13101] RBP: 00007f0939aee090 R08: 0000200000000080 R09: 0000000000000000
[  825.571769][T13101] R10: 0000000000010044 R11: 0000000000000246 R12: 0000000000000001
[  825.571782][T13101] R13: 00007f093bae6038 R14: 00007f093bae5fa0 R15: 00007ffeee7a5b28
[  825.571811][T13101]  </TASK>
[  825.816648][ T5130] usb 5-1: Using ep0 maxpacket: 8
[  825.822395][ T5130] usb 5-1: config 0 has an invalid interface number: 143 but max is 0
[  825.822424][ T5130] usb 5-1: config 0 has no interface number 0
[  825.822475][ T5130] usb 5-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  825.822499][ T5130] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.866060][ T5130] usb 5-1: config 0 descriptor??
[  825.977416][ T5130] viperboard 5-1:0.143: version 0.00 found at bus 005 address 064
[  826.013583][ T5130] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100
[  826.013617][ T5130] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  826.230653][ T5806] usb 5-1: USB disconnect, device number 64
[  826.330144][T13114] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  826.972826][T13128] FAULT_INJECTION: forcing a failure.
[  826.972826][T13128] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  826.972861][T13128] CPU: 0 UID: 0 PID: 13128 Comm: syz.0.2188 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  826.972893][T13128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  826.972905][T13128] Call Trace:
[  826.972914][T13128]  <TASK>
[  826.972924][T13128]  dump_stack_lvl+0x189/0x250
[  826.972958][T13128]  ? __pfx____ratelimit+0x10/0x10
[  826.972984][T13128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  826.973011][T13128]  ? __pfx__printk+0x10/0x10
[  826.973036][T13128]  ? fs_reclaim_acquire+0x7d/0x100
[  826.973072][T13128]  should_fail_ex+0x46c/0x600
[  826.973104][T13128]  prepare_alloc_pages+0x213/0x670
[  826.973139][T13128]  __alloc_frozen_pages_noprof+0x123/0x370
[  826.973171][T13128]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  826.973211][T13128]  ? policy_nodemask+0x27c/0x720
[  826.973236][T13128]  ? __asan_memset+0x22/0x50
[  826.973262][T13128]  alloc_pages_mpol+0xd1/0x380
[  826.973294][T13128]  alloc_pages_noprof+0xcf/0x1e0
[  826.973324][T13128]  get_free_pages_noprof+0xf/0x80
[  826.973351][T13128]  alloc_loaded_vmcs+0x155/0x3c0
[  826.973387][T13128]  enter_vmx_operation+0x32/0x4f0
[  826.973415][T13128]  ? free_nested+0x213/0x6f0
[  826.973442][T13128]  vmx_set_nested_state+0x392/0x11f0
[  826.973481][T13128]  kvm_arch_vcpu_ioctl+0x206e/0x2b40
[  826.973504][T13128]  ? __lock_acquire+0xab9/0xd20
[  826.973535][T13128]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  826.973564][T13128]  ? __lock_acquire+0xab9/0xd20
[  826.973611][T13128]  ? is_bpf_text_address+0x26/0x2b0
[  826.973643][T13128]  ? is_bpf_text_address+0x292/0x2b0
[  826.973668][T13128]  ? is_bpf_text_address+0x26/0x2b0
[  826.973694][T13128]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  826.973728][T13128]  ? kernel_text_address+0xa5/0xe0
[  826.973749][T13128]  ? __kernel_text_address+0xd/0x40
[  826.973767][T13128]  ? unwind_get_return_address+0x4d/0x90
[  826.973791][T13128]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  826.973817][T13128]  ? arch_stack_walk+0xfc/0x150
[  826.973856][T13128]  ? stack_trace_save+0x9c/0xe0
[  826.973880][T13128]  ? stack_depot_save_flags+0x40/0x860
[  826.973916][T13128]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  826.973944][T13128]  ? kasan_save_track+0x4f/0x80
[  826.973966][T13128]  ? kasan_save_track+0x3e/0x80
[  826.973986][T13128]  ? __kasan_save_free_info+0x46/0x50
[  826.974004][T13128]  ? __kasan_slab_free+0x5c/0x80
[  826.974027][T13128]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  826.974052][T13128]  ? security_file_ioctl+0xcb/0x2d0
[  826.974070][T13128]  ? __se_sys_ioctl+0x47/0x170
[  826.974089][T13128]  ? do_syscall_64+0xfa/0xfa0
[  826.974112][T13128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.974155][T13128]  ? __lock_acquire+0xab9/0xd20
[  826.974203][T13128]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  826.974229][T13128]  ? lockdep_hardirqs_on+0x9c/0x150
[  826.974254][T13128]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  826.974278][T13128]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  826.974315][T13128]  ? _mutex_lock_killable+0x154/0x1d0
[  826.974335][T13128]  ? kvm_vcpu_ioctl+0x231/0xe90
[  826.974358][T13128]  kvm_vcpu_ioctl+0x750/0xe90
[  826.974384][T13128]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  826.974415][T13128]  ? __asan_memset+0x22/0x50
[  826.974437][T13128]  ? smack_file_ioctl+0x305/0x340
[  826.974466][T13128]  ? __pfx_smack_file_ioctl+0x10/0x10
[  826.974504][T13128]  ? __fget_files+0x3a6/0x420
[  826.974528][T13128]  ? __fget_files+0x2a/0x420
[  826.974557][T13128]  ? bpf_lsm_file_ioctl+0x9/0x20
[  826.974576][T13128]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  826.974596][T13128]  __se_sys_ioctl+0xff/0x170
[  826.974620][T13128]  do_syscall_64+0xfa/0xfa0
[  826.974643][T13128]  ? lockdep_hardirqs_on+0x9c/0x150
[  826.974667][T13128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.974686][T13128]  ? clear_bhb_loop+0x60/0xb0
[  826.974710][T13128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.974729][T13128] RIP: 0033:0x7fbf52eeefc9
[  826.974747][T13128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  826.974764][T13128] RSP: 002b:00007fbf51156038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  826.974785][T13128] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eeefc9
[  826.974799][T13128] RDX: 0000200000003680 RSI: 000000004080aebf RDI: 0000000000000005
[  826.974813][T13128] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  826.974826][T13128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  826.974839][T13128] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  826.974875][T13128]  </TASK>
[  827.853305][T13140] FAULT_INJECTION: forcing a failure.
[  827.853305][T13140] name failslab, interval 1, probability 0, space 0, times 0
[  827.853342][T13140] CPU: 1 UID: 0 PID: 13140 Comm: syz.6.2189 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  827.853366][T13140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  827.853379][T13140] Call Trace:
[  827.853387][T13140]  <TASK>
[  827.853397][T13140]  dump_stack_lvl+0x189/0x250
[  827.853430][T13140]  ? __pfx____ratelimit+0x10/0x10
[  827.853456][T13140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  827.853482][T13140]  ? __pfx__printk+0x10/0x10
[  827.853511][T13140]  ? __pfx___might_resched+0x10/0x10
[  827.853532][T13140]  ? fs_reclaim_acquire+0x7d/0x100
[  827.853563][T13140]  should_fail_ex+0x46c/0x600
[  827.853595][T13140]  should_failslab+0xa8/0x100
[  827.853624][T13140]  __kmalloc_node_noprof+0xd4/0x7f0
[  827.853648][T13140]  ? __vmalloc_node_range_noprof+0x5bb/0x12d0
[  827.853680][T13140]  __vmalloc_node_range_noprof+0x5bb/0x12d0
[  827.853736][T13140]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  827.853763][T13140]  ? __might_fault+0xb0/0x130
[  827.853797][T13140]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  827.853822][T13140]  __vmalloc_noprof+0xb1/0xf0
[  827.853845][T13140]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  827.853882][T13140]  bpf_prog_alloc_no_stats+0x4a/0x530
[  827.853913][T13140]  bpf_prog_alloc+0x3c/0x1a0
[  827.853941][T13140]  bpf_prog_load+0x735/0x19e0
[  827.853981][T13140]  ? __pfx_bpf_prog_load+0x10/0x10
[  827.854031][T13140]  ? bpf_lsm_bpf+0x9/0x20
[  827.854049][T13140]  ? security_bpf+0x7e/0x300
[  827.854073][T13140]  __sys_bpf+0x507/0x860
[  827.854100][T13140]  ? __pfx___sys_bpf+0x10/0x10
[  827.854122][T13140]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  827.854161][T13140]  ? ksys_write+0x230/0x260
[  827.854187][T13140]  ? __pfx_ksys_write+0x10/0x10
[  827.854216][T13140]  __x64_sys_bpf+0x7c/0x90
[  827.854240][T13140]  do_syscall_64+0xfa/0xfa0
[  827.854263][T13140]  ? lockdep_hardirqs_on+0x9c/0x150
[  827.854287][T13140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.854306][T13140]  ? clear_bhb_loop+0x60/0xb0
[  827.854336][T13140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.854355][T13140] RIP: 0033:0x7f093b88efc9
[  827.854373][T13140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.854391][T13140] RSP: 002b:00007f0939aee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  827.854412][T13140] RAX: ffffffffffffffda RBX: 00007f093bae5fa0 RCX: 00007f093b88efc9
[  827.854427][T13140] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000005
[  827.854440][T13140] RBP: 00007f0939aee090 R08: 0000000000000000 R09: 0000000000000000
[  827.854453][T13140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.854465][T13140] R13: 00007f093bae6038 R14: 00007f093bae5fa0 R15: 00007ffeee7a5b28
[  827.854500][T13140]  </TASK>
[  827.854510][T13140] syz.6.2189: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  827.854573][T13140] CPU: 1 UID: 0 PID: 13140 Comm: syz.6.2189 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  827.854595][T13140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  827.854606][T13140] Call Trace:
[  827.854614][T13140]  <TASK>
[  827.854623][T13140]  dump_stack_lvl+0x189/0x250
[  827.854653][T13140]  ? __pfx_dump_stack_lvl+0x10/0x10
[  827.854680][T13140]  ? __pfx__printk+0x10/0x10
[  827.854703][T13140]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  827.854726][T13140]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  827.854752][T13140]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  827.854777][T13140]  warn_alloc+0x22e/0x3b0
[  827.854805][T13140]  ? __pfx___might_resched+0x10/0x10
[  827.854825][T13140]  ? fs_reclaim_acquire+0x7d/0x100
[  827.854854][T13140]  ? __pfx_warn_alloc+0x10/0x10
[  827.854882][T13140]  ? should_fail_ex+0x344/0x600
[  827.854911][T13140]  ? rcu_is_watching+0x15/0xb0
[  827.854931][T13140]  ? trace_kmalloc+0x1f/0xd0
[  827.854952][T13140]  ? __kmalloc_node_noprof+0x3b6/0x7f0
[  827.854975][T13140]  ? __vmalloc_node_range_noprof+0x5bb/0x12d0
[  827.855006][T13140]  __vmalloc_node_range_noprof+0x690/0x12d0
[  827.855062][T13140]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  827.855088][T13140]  ? __might_fault+0xb0/0x130
[  827.855121][T13140]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  827.855144][T13140]  __vmalloc_noprof+0xb1/0xf0
[  827.855168][T13140]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  827.855196][T13140]  bpf_prog_alloc_no_stats+0x4a/0x530
[  827.855228][T13140]  bpf_prog_alloc+0x3c/0x1a0
[  827.855256][T13140]  bpf_prog_load+0x735/0x19e0
[  827.855294][T13140]  ? __pfx_bpf_prog_load+0x10/0x10
[  827.855344][T13140]  ? bpf_lsm_bpf+0x9/0x20
[  827.855362][T13140]  ? security_bpf+0x7e/0x300
[  827.855385][T13140]  __sys_bpf+0x507/0x860
[  827.855412][T13140]  ? __pfx___sys_bpf+0x10/0x10
[  827.855434][T13140]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  827.855473][T13140]  ? ksys_write+0x230/0x260
[  827.855499][T13140]  ? __pfx_ksys_write+0x10/0x10
[  827.855528][T13140]  __x64_sys_bpf+0x7c/0x90
[  827.855553][T13140]  do_syscall_64+0xfa/0xfa0
[  827.855575][T13140]  ? lockdep_hardirqs_on+0x9c/0x150
[  827.855599][T13140]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.855618][T13140]  ? clear_bhb_loop+0x60/0xb0
[  827.855642][T13140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.855661][T13140] RIP: 0033:0x7f093b88efc9
[  827.855677][T13140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.855693][T13140] RSP: 002b:00007f0939aee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  827.855719][T13140] RAX: ffffffffffffffda RBX: 00007f093bae5fa0 RCX: 00007f093b88efc9
[  827.855734][T13140] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000005
[  827.855747][T13140] RBP: 00007f0939aee090 R08: 0000000000000000 R09: 0000000000000000
[  827.855760][T13140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.855771][T13140] R13: 00007f093bae6038 R14: 00007f093bae5fa0 R15: 00007ffeee7a5b28
[  827.855807][T13140]  </TASK>
[  827.855815][T13140] Mem-Info:
[  827.855825][T13140] active_anon:3123 inactive_anon:10172 isolated_anon:0
[  827.855825][T13140]  active_file:17322 inactive_file:41841 isolated_file:0
[  827.855825][T13140]  unevictable:768 dirty:208 writeback:0
[  827.855825][T13140]  slab_reclaimable:13153 slab_unreclaimable:108008
[  827.855825][T13140]  mapped:46419 shmem:7097 pagetables:1622
[  827.855825][T13140]  sec_pagetables:0 bounce:0
[  827.855825][T13140]  kernel_misc_reclaimable:0
[  827.855825][T13140]  free:1273016 free_pcp:3889 free_cma:0
[  827.855885][T13140] Node 0 active_anon:12492kB inactive_anon:40688kB active_file:69032kB inactive_file:167364kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:185644kB dirty:832kB writeback:0kB shmem:26852kB kernel_stack:13532kB pagetables:6328kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  827.855932][T13140] Node 1 active_anon:0kB inactive_anon:0kB active_file:256kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:32kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  827.855976][T13140] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  827.856035][T13140] lowmem_reserve[]: 0 2515 2517 2517 2517
[  827.856070][T13140] Node 0 DMA32 free:1174528kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12492kB inactive_anon:40688kB active_file:69032kB inactive_file:167364kB unevictable:1536kB writepending:832kB zspages:0kB present:3129332kB managed:2576092kB mlocked:0kB bounce:0kB free_pcp:15556kB local_pcp:13616kB free_cma:0kB
[  827.856131][T13140] lowmem_reserve[]: 0 0 1 1 1
[  827.856162][T13140] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  827.856219][T13140] lowmem_reserve[]: 0 0 0 0 0
[  827.856250][T13140] Node 1 Normal free:3902176kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:256kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  827.856310][T13140] lowmem_reserve[]: 0 0 0 0 0
[  827.856341][T13140] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  827.861882][T13140] Node 0 DMA32: 16*4kB (UME) 0*8kB 0*16kB 126*32kB (UME) 166*64kB (UME) 102*128kB (UME) 123*256kB (UME) 68*512kB (UME) 17*1024kB (UM) 7*2048kB (UM) 256*4096kB (UM) = 1174400kB
[  827.862028][T13140] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  827.862125][T13140] Node 1 Normal: 178*4kB (UE) 49*8kB (UE) 33*16kB (UE) 218*32kB (UE) 87*64kB (UME) 29*128kB (UME) 9*256kB (UME) 6*512kB (UME) 2*1024kB (ME) 3*2048kB (UM) 945*4096kB (M) = 3902176kB
[  827.862276][T13140] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  827.862293][T13140] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  827.862310][T13140] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  827.862327][T13140] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  827.862343][T13140] 66256 total pagecache pages
[  827.862351][T13140] 0 pages in swap cache
[  827.862358][T13140] Free swap  = 124996kB
[  827.862366][T13140] Total swap = 124996kB
[  827.862375][T13140] 2097051 pages RAM
[  827.862383][T13140] 0 pages HighMem/MovableOnly
[  827.862390][T13140] 421002 pages reserved
[  827.862397][T13140] 0 pages cma reserved
[  828.246694][ T5969] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  828.346564][ T5806] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  828.399693][ T5969] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  828.399720][ T5969] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  828.399741][ T5969] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  828.399761][ T5969] usb 5-1: config 1 has no interface number 1
[  828.404363][ T5969] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  828.404415][ T5969] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  828.408462][ T5969] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  828.408493][ T5969] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  828.408601][ T5969] usb 5-1: Product: syz
[  828.408616][ T5969] usb 5-1: Manufacturer: syz
[  828.408632][ T5969] usb 5-1: SerialNumber: syz
[  828.476864][ T5806] usb 3-1: device descriptor read/64, error -71
[  828.720377][ T5806] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  828.858348][ T5806] usb 3-1: device descriptor read/64, error -71
[  828.967338][ T5806] usb usb3-port1: attempt power cycle
[  829.047935][ T5969] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  829.048122][ T5969] usb 5-1: MIDIStreaming interface descriptor not found
[  829.115369][ T5969] usb 5-1: USB disconnect, device number 65
[  829.253423][T13157] FAULT_INJECTION: forcing a failure.
[  829.253423][T13157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  829.253474][T13157] CPU: 1 UID: 0 PID: 13157 Comm: syz.0.2194 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  829.253497][T13157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  829.253508][T13157] Call Trace:
[  829.253517][T13157]  <TASK>
[  829.253526][T13157]  dump_stack_lvl+0x189/0x250
[  829.253558][T13157]  ? __pfx____ratelimit+0x10/0x10
[  829.253582][T13157]  ? __pfx_dump_stack_lvl+0x10/0x10
[  829.253609][T13157]  ? __pfx__printk+0x10/0x10
[  829.253632][T13157]  ? __might_fault+0xb0/0x130
[  829.253668][T13157]  should_fail_ex+0x46c/0x600
[  829.253698][T13157]  _copy_from_iter+0x1de/0x1790
[  829.253725][T13157]  ? skb_set_owner_w+0x25b/0x3a0
[  829.253752][T13157]  ? sock_alloc_send_pskb+0x877/0x990
[  829.253780][T13157]  ? __pfx__copy_from_iter+0x10/0x10
[  829.253816][T13157]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  829.253843][T13157]  skb_copy_datagram_from_iter+0xf5/0x720
[  829.253872][T13157]  ? skb_put+0x11b/0x210
[  829.253896][T13157]  tun_get_user+0x1691/0x3ec0
[  829.253927][T13157]  ? __lock_acquire+0xab9/0xd20
[  829.253961][T13157]  ? __might_fault+0xb0/0x130
[  829.253997][T13157]  ? __pfx_tun_get_user+0x10/0x10
[  829.254025][T13157]  ? _parse_integer_limit+0x1ae/0x1f0
[  829.254058][T13157]  ? __lock_acquire+0xab9/0xd20
[  829.254087][T13157]  ? ref_tracker_alloc+0x2fe/0x450
[  829.254110][T13157]  ? __lock_acquire+0xab9/0xd20
[  829.254135][T13157]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  829.254165][T13157]  ? tun_get+0x1c/0x2f0
[  829.254193][T13157]  ? tun_get+0x1c/0x2f0
[  829.254214][T13157]  ? tun_get+0x1c/0x2f0
[  829.254240][T13157]  tun_chr_write_iter+0x119/0x200
[  829.254267][T13157]  vfs_write+0x5d5/0xb40
[  829.254294][T13157]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  829.254318][T13157]  ? __pfx_vfs_write+0x10/0x10
[  829.254349][T13157]  ? __fget_files+0x2a/0x420
[  829.254384][T13157]  ksys_write+0x14b/0x260
[  829.254408][T13157]  ? __pfx_ksys_write+0x10/0x10
[  829.254433][T13157]  ? do_syscall_64+0xbe/0xfa0
[  829.254461][T13157]  do_syscall_64+0xfa/0xfa0
[  829.254483][T13157]  ? lockdep_hardirqs_on+0x9c/0x150
[  829.254506][T13157]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.254525][T13157]  ? clear_bhb_loop+0x60/0xb0
[  829.254547][T13157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.254565][T13157] RIP: 0033:0x7fbf52eeda7f
[  829.254582][T13157] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  829.254599][T13157] RSP: 002b:00007fbf51156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  829.254619][T13157] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eeda7f
[  829.254633][T13157] RDX: 0000000000001017 RSI: 0000200000000480 RDI: 00000000000000c8
[  829.254646][T13157] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  829.254658][T13157] R10: 0000000000001017 R11: 0000000000000293 R12: 0000000000000001
[  829.254671][T13157] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  829.254702][T13157]  </TASK>
[  829.326637][ T5806] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  829.350029][ T5806] usb 3-1: device descriptor read/8, error -71
[  829.606690][ T5806] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  829.633805][ T5806] usb 3-1: device descriptor read/8, error -71
[  829.737147][ T5806] usb usb3-port1: unable to enumerate USB device
[  829.785877][T13163] FAULT_INJECTION: forcing a failure.
[  829.785877][T13163] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  829.785913][T13163] CPU: 1 UID: 0 PID: 13163 Comm: syz.0.2197 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  829.785936][T13163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  829.785948][T13163] Call Trace:
[  829.785956][T13163]  <TASK>
[  829.785965][T13163]  dump_stack_lvl+0x189/0x250
[  829.785997][T13163]  ? __pfx____ratelimit+0x10/0x10
[  829.786020][T13163]  ? __pfx_dump_stack_lvl+0x10/0x10
[  829.786053][T13163]  ? __pfx__printk+0x10/0x10
[  829.786076][T13163]  ? __might_fault+0xb0/0x130
[  829.786112][T13163]  should_fail_ex+0x46c/0x600
[  829.786142][T13163]  _copy_from_iter+0x1de/0x1790
[  829.786172][T13163]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  829.786211][T13163]  ? __pfx__copy_from_iter+0x10/0x10
[  829.786242][T13163]  ? set_page_refcounted+0xa0/0x1e0
[  829.786269][T13163]  ? page_copy_sane+0x4e/0x280
[  829.786289][T13163]  copy_page_from_iter+0xdd/0x170
[  829.786312][T13163]  tun_get_user+0x1d7b/0x3ec0
[  829.786344][T13163]  ? tun_get_user+0x6f6/0x3ec0
[  829.786375][T13163]  ? __might_fault+0xb0/0x130
[  829.786400][T13163]  ? __pfx_tun_get_user+0x10/0x10
[  829.786419][T13163]  ? _parse_integer_limit+0x1ae/0x1f0
[  829.786451][T13163]  ? __lock_acquire+0xab9/0xd20
[  829.786481][T13163]  ? ref_tracker_alloc+0x2fe/0x450
[  829.786504][T13163]  ? __lock_acquire+0xab9/0xd20
[  829.786530][T13163]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  829.786560][T13163]  ? tun_get+0x1c/0x2f0
[  829.786588][T13163]  ? tun_get+0x1c/0x2f0
[  829.786609][T13163]  ? tun_get+0x1c/0x2f0
[  829.786635][T13163]  tun_chr_write_iter+0x119/0x200
[  829.786661][T13163]  vfs_write+0x5d5/0xb40
[  829.786688][T13163]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  829.786711][T13163]  ? __pfx_vfs_write+0x10/0x10
[  829.786743][T13163]  ? __fget_files+0x2a/0x420
[  829.786776][T13163]  ksys_write+0x14b/0x260
[  829.786800][T13163]  ? __pfx_ksys_write+0x10/0x10
[  829.786825][T13163]  ? do_syscall_64+0xbe/0xfa0
[  829.786854][T13163]  do_syscall_64+0xfa/0xfa0
[  829.786875][T13163]  ? lockdep_hardirqs_on+0x9c/0x150
[  829.786898][T13163]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.786917][T13163]  ? clear_bhb_loop+0x60/0xb0
[  829.786939][T13163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.786958][T13163] RIP: 0033:0x7fbf52eeda7f
[  829.786975][T13163] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  829.786991][T13163] RSP: 002b:00007fbf51156000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  829.787010][T13163] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eeda7f
[  829.787025][T13163] RDX: 0000000000000062 RSI: 0000200000000240 RDI: 00000000000000c8
[  829.787043][T13163] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  829.787056][T13163] R10: 0000000000000062 R11: 0000000000000293 R12: 0000000000000001
[  829.787068][T13163] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  829.787098][T13163]  </TASK>
[  830.146560][ T5806] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  830.726628][ T5806] usb 1-1: Using ep0 maxpacket: 8
[  831.009968][ T5806] usb 1-1: config 0 has an invalid interface number: 65 but max is 5
[  831.009997][ T5806] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 6
[  831.010019][ T5806] usb 1-1: config 0 has no interface number 0
[  831.010072][ T5806] usb 1-1: config 0 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  831.010100][ T5806] usb 1-1: config 0 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 32, changing to 9
[  831.010129][ T5806] usb 1-1: config 0 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  831.010172][ T5806] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  831.010195][ T5806] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.015540][ T5806] usb 1-1: config 0 descriptor??
[  831.233205][ T5806] usb 1-1: USB disconnect, device number 63
[  831.269405][ T5894] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  832.236499][ T5894] usb 4-1: Using ep0 maxpacket: 32
[  832.245903][ T5894] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  832.245961][ T5894] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x32, changing to 0x2
[  832.245989][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 108, setting to 64
[  832.246018][ T5894] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  832.250166][ T5894] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  832.250196][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  832.250217][ T5894] usb 4-1: Product: syz
[  832.250232][ T5894] usb 4-1: Manufacturer: syz
[  832.250247][ T5894] usb 4-1: SerialNumber: syz
[  832.339670][ T5894] usb 4-1: config 0 descriptor??
[  832.371696][ T5894] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  833.192526][ T5806] usb 4-1: USB disconnect, device number 54
[  833.216634][   T86] usb 4-1: Failed to submit usb control message: -71
[  833.216672][   T86] usb 4-1: unable to send the bmi data to the device: -71
[  833.216690][   T86] usb 4-1: unable to get target info from device
[  833.216705][   T86] usb 4-1: could not get target info (-71)
[  833.216976][   T86] usb 4-1: could not probe fw (-71)
[  833.455783][T13207] netlink: 'syz.4.2209': attribute type 3 has an invalid length.
[  833.455800][T13207] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2209'.
[  834.741519][T13228] 9pnet_fd: Insufficient options for proto=fd
[  834.976645][  T991] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  837.044142][T13258] FAULT_INJECTION: forcing a failure.
[  837.044142][T13258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  837.044166][T13258] CPU: 0 UID: 0 PID: 13258 Comm: syz.3.2222 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  837.044179][T13258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  837.044187][T13258] Call Trace:
[  837.044192][T13258]  <TASK>
[  837.044198][T13258]  dump_stack_lvl+0x189/0x250
[  837.044221][T13258]  ? __pfx____ratelimit+0x10/0x10
[  837.044236][T13258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  837.044252][T13258]  ? __pfx__printk+0x10/0x10
[  837.044266][T13258]  ? __might_fault+0xb0/0x130
[  837.044290][T13258]  should_fail_ex+0x46c/0x600
[  837.044309][T13258]  _copy_from_user+0x2d/0xb0
[  837.044322][T13258]  sctp_getsockopt_assoc_stats+0xe4/0x560
[  837.044338][T13258]  ? reacquire_held_locks+0x127/0x1d0
[  837.044356][T13258]  ? __pfx_sctp_getsockopt_assoc_stats+0x10/0x10
[  837.044387][T13258]  ? rt_spin_unlock+0x161/0x200
[  837.044399][T13258]  ? lock_sock_nested+0x5f/0x130
[  837.044415][T13258]  ? lock_sock_nested+0xdd/0x130
[  837.044432][T13258]  sctp_getsockopt+0x421/0xb60
[  837.044448][T13258]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  837.044465][T13258]  do_sock_getsockopt+0x372/0x450
[  837.044479][T13258]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  837.044491][T13258]  ? do_syscall_64+0xa0/0xfa0
[  837.044505][T13258]  ? __fget_files+0x2a/0x420
[  837.044519][T13258]  ? __fget_files+0x3a6/0x420
[  837.044533][T13258]  ? __fget_files+0x2a/0x420
[  837.044559][T13258]  __x64_sys_getsockopt+0x1ab/0x250
[  837.044570][T13258]  ? do_syscall_64+0xa0/0xfa0
[  837.044585][T13258]  ? do_syscall_64+0xa0/0xfa0
[  837.044602][T13258]  do_syscall_64+0xfa/0xfa0
[  837.044615][T13258]  ? lockdep_hardirqs_on+0x9c/0x150
[  837.044629][T13258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.044639][T13258]  ? clear_bhb_loop+0x60/0xb0
[  837.044652][T13258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.044663][T13258] RIP: 0033:0x7ff6ab6cefc9
[  837.044673][T13258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  837.044683][T13258] RSP: 002b:00007ff6a992e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  837.044695][T13258] RAX: ffffffffffffffda RBX: 00007ff6ab925fa0 RCX: 00007ff6ab6cefc9
[  837.044703][T13258] RDX: 0000000000000070 RSI: 0000000000000084 RDI: 0000000000000003
[  837.044710][T13258] RBP: 00007ff6a992e090 R08: 0000200000000500 R09: 0000000000000000
[  837.044717][T13258] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000001
[  837.044724][T13258] R13: 00007ff6ab926038 R14: 00007ff6ab925fa0 R15: 00007ffded611a08
[  837.044742][T13258]  </TASK>
[  838.166611][  T991] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  838.326672][ T5894] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  838.329678][  T991] usb 4-1: config 1 has an invalid interface number: 113 but max is 0
[  838.329706][  T991] usb 4-1: config 1 has no interface number 0
[  838.329757][  T991] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  838.329784][  T991] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  838.329809][  T991] usb 4-1: config 1 interface 113 has no altsetting 0
[  838.332920][  T991] usb 4-1: New USB device found, idVendor=04e8, idProduct=662e, bcdDevice=9d.cb
[  838.332950][  T991] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  838.332971][  T991] usb 4-1: Product: syz
[  838.332987][  T991] usb 4-1: Manufacturer: syz
[  838.333002][  T991] usb 4-1: SerialNumber: syz
[  838.339530][T13283] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  838.339667][T13283] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  838.374644][  T991] ipaq 4-1:1.113: PocketPC PDA converter detected
[  838.501070][ T5894] usb 1-1: unable to get BOS descriptor or descriptor too short
[  838.517118][ T5894] usb 1-1: too many configurations: 188, using maximum allowed: 8
[  838.537791][ T5894] usb 1-1: unable to read config index 0 descriptor/start: -61
[  838.537833][ T5894] usb 1-1: can't read configurations, error -61
[  838.563856][  T991] usb 4-1: PocketPC PDA converter now attached to ttyUSB0
[  838.568905][T13295] FAULT_INJECTION: forcing a failure.
[  838.568905][T13295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  838.568938][T13295] CPU: 0 UID: 0 PID: 13295 Comm: syz.4.2236 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  838.568961][T13295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  838.568978][T13295] Call Trace:
[  838.568986][T13295]  <TASK>
[  838.568995][T13295]  dump_stack_lvl+0x189/0x250
[  838.569025][T13295]  ? __pfx____ratelimit+0x10/0x10
[  838.569050][T13295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  838.569076][T13295]  ? __pfx__printk+0x10/0x10
[  838.569113][T13295]  should_fail_ex+0x46c/0x600
[  838.569143][T13295]  _copy_to_user+0x31/0xb0
[  838.569167][T13295]  simple_read_from_buffer+0xe1/0x170
[  838.569206][T13295]  proc_fail_nth_read+0x1b6/0x220
[  838.569230][T13295]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  838.569254][T13295]  ? rw_verify_area+0x2ac/0x4e0
[  838.569276][T13295]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  838.569297][T13295]  vfs_read+0x206/0xa30
[  838.569327][T13295]  ? __pfx_vfs_read+0x10/0x10
[  838.569346][T13295]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  838.569376][T13295]  ? mutex_lock_nested+0x154/0x1d0
[  838.569393][T13295]  ? fdget_pos+0x253/0x320
[  838.569427][T13295]  ksys_read+0x14b/0x260
[  838.569451][T13295]  ? __pfx_ksys_read+0x10/0x10
[  838.569477][T13295]  ? do_syscall_64+0xbe/0xfa0
[  838.569504][T13295]  do_syscall_64+0xfa/0xfa0
[  838.569525][T13295]  ? lockdep_hardirqs_on+0x9c/0x150
[  838.569548][T13295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.569568][T13295]  ? clear_bhb_loop+0x60/0xb0
[  838.569590][T13295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.569608][T13295] RIP: 0033:0x7fdd03dfd9dc
[  838.569625][T13295] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  838.569642][T13295] RSP: 002b:00007fdd02066030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  838.569662][T13295] RAX: ffffffffffffffda RBX: 00007fdd04055fa0 RCX: 00007fdd03dfd9dc
[  838.569677][T13295] RDX: 000000000000000f RSI: 00007fdd020660a0 RDI: 0000000000000004
[  838.569689][T13295] RBP: 00007fdd02066090 R08: 0000000000000000 R09: 0000000000000000
[  838.569700][T13295] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000001
[  838.569712][T13295] R13: 00007fdd04056038 R14: 00007fdd04055fa0 R15: 00007ffccca11888
[  838.569745][T13295]  </TASK>
[  838.841411][ T5894] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  838.860093][ T5130] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  839.335624][ T9880] usb 4-1: USB disconnect, device number 56
[  839.372297][ T9880] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0
[  839.374067][ T9880] ipaq 4-1:1.113: device disconnected
[  839.479219][ T5894] usb 1-1: unable to get BOS descriptor or descriptor too short
[  839.479303][ T5894] usb 1-1: too many configurations: 188, using maximum allowed: 8
[  839.481761][ T5894] usb 1-1: unable to read config index 0 descriptor/start: -61
[  839.481799][ T5894] usb 1-1: can't read configurations, error -61
[  839.482187][ T5894] usb usb1-port1: attempt power cycle
[  839.528447][ T5130] usb 3-1: config 10 has an invalid interface number: 92 but max is 1
[  839.528468][ T5130] usb 3-1: config 10 has an invalid interface number: 48 but max is 1
[  839.528479][ T5130] usb 3-1: config 10 has 3 interfaces, different from the descriptor's value: 2
[  839.528491][ T5130] usb 3-1: config 10 has no interface number 1
[  839.528501][ T5130] usb 3-1: config 10 has no interface number 2
[  839.528544][ T5130] usb 3-1: config 10 interface 92 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  839.528556][ T5130] usb 3-1: too many endpoints for config 10 interface 0 altsetting 255: 56, using maximum allowed: 30
[  839.528578][ T5130] usb 3-1: config 10 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[  839.528593][ T5130] usb 3-1: too many endpoints for config 10 interface 48 altsetting 49: 55, using maximum allowed: 30
[  839.528616][ T5130] usb 3-1: config 10 interface 48 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 55
[  839.528631][ T5130] usb 3-1: config 10 interface 92 has no altsetting 0
[  839.528641][ T5130] usb 3-1: config 10 interface 0 has no altsetting 0
[  839.528652][ T5130] usb 3-1: config 10 interface 48 has no altsetting 0
[  839.528672][ T5130] usb 3-1: New USB device found, idVendor=0763, idProduct=2019, bcdDevice=a0.36
[  839.528685][ T5130] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  839.574535][T13304] IPVS: set_ctl: invalid protocol: 59 100.1.1.0:20003
[  839.832167][ T5130] usb 3-1: string descriptor 0 read error: -71
[  839.836252][ T5130] usb 3-1: selecting invalid altsetting 0
[  839.854981][ T5130] usb 3-1: USB disconnect, device number 70
[  839.913667][T13306] FAULT_INJECTION: forcing a failure.
[  839.913667][T13306] name failslab, interval 1, probability 0, space 0, times 0
[  839.913697][T13306] CPU: 0 UID: 0 PID: 13306 Comm: syz.3.2239 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  839.913712][T13306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  839.913719][T13306] Call Trace:
[  839.913724][T13306]  <TASK>
[  839.913731][T13306]  dump_stack_lvl+0x189/0x250
[  839.913755][T13306]  ? __pfx____ratelimit+0x10/0x10
[  839.913770][T13306]  ? __pfx_dump_stack_lvl+0x10/0x10
[  839.913786][T13306]  ? __pfx__printk+0x10/0x10
[  839.913804][T13306]  ? __pfx___might_resched+0x10/0x10
[  839.913817][T13306]  ? fs_reclaim_acquire+0x7d/0x100
[  839.913836][T13306]  should_fail_ex+0x46c/0x600
[  839.913855][T13306]  ? getname_flags+0xb8/0x540
[  839.913872][T13306]  should_failslab+0xa8/0x100
[  839.913891][T13306]  ? getname_flags+0xb8/0x540
[  839.913912][T13306]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  839.913944][T13306]  getname_flags+0xb8/0x540
[  839.914028][T13306]  user_path_at+0x24/0x60
[  839.914059][T13306]  __se_sys_mount+0x2d4/0x410
[  839.914089][T13306]  ? __pfx___se_sys_mount+0x10/0x10
[  839.914115][T13306]  ? do_syscall_64+0xbe/0xfa0
[  839.914207][T13306]  ? __x64_sys_mount+0x20/0xc0
[  839.914237][T13306]  do_syscall_64+0xfa/0xfa0
[  839.914256][T13306]  ? lockdep_hardirqs_on+0x9c/0x150
[  839.914276][T13306]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  839.914289][T13306]  ? clear_bhb_loop+0x60/0xb0
[  839.914302][T13306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  839.914313][T13306] RIP: 0033:0x7ff6ab6cefc9
[  839.914326][T13306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  839.914336][T13306] RSP: 002b:00007ff6a992e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  839.914349][T13306] RAX: ffffffffffffffda RBX: 00007ff6ab925fa0 RCX: 00007ff6ab6cefc9
[  839.914358][T13306] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000
[  839.914365][T13306] RBP: 00007ff6a992e090 R08: 00002000000004c0 R09: 0000000000000000
[  839.914372][T13306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  839.914379][T13306] R13: 00007ff6ab926038 R14: 00007ff6ab925fa0 R15: 00007ffded611a08
[  839.914396][T13306]  </TASK>
[  840.033683][ T5894] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  840.076504][ T5894] usb 1-1: unable to get BOS descriptor or descriptor too short
[  840.076599][ T5894] usb 1-1: too many configurations: 188, using maximum allowed: 8
[  840.106548][ T5894] usb 1-1: unable to read config index 0 descriptor/start: -61
[  840.106591][ T5894] usb 1-1: can't read configurations, error -61
[  840.286592][ T5894] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  840.309827][ T5894] usb 1-1: unable to get BOS descriptor or descriptor too short
[  840.309906][ T5894] usb 1-1: too many configurations: 188, using maximum allowed: 8
[  840.315164][ T5894] usb 1-1: unable to read config index 0 descriptor/start: -61
[  840.315204][ T5894] usb 1-1: can't read configurations, error -61
[  840.315573][ T5894] usb usb1-port1: unable to enumerate USB device
[  840.589320][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.409639][    C1] vkms_vblank_simulate: vblank timer overrun
[  842.236211][    C1] vkms_vblank_simulate: vblank timer overrun
[  843.089913][    C1] vkms_vblank_simulate: vblank timer overrun
[  843.969007][    C1] vkms_vblank_simulate: vblank timer overrun
[  845.075246][    C1] vkms_vblank_simulate: vblank timer overrun
[  845.088369][ T5894] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  845.516718][T13357] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2254'.
[  845.516811][T13357] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2254'.
[  846.148551][    C1] vkms_vblank_simulate: vblank timer overrun
[  846.151420][ T5803] Bluetooth: hci9: command 0x1003 tx timeout
[  846.152336][ T5817] Bluetooth: hci9: Opcode 0x1003 failed: -110
[  846.270645][    C1] vkms_vblank_simulate: vblank timer overrun
[  846.435097][    C1] vkms_vblank_simulate: vblank timer overrun
[  846.449015][ T5894] usb 4-1: config 1 has an invalid interface number: 113 but max is 0
[  846.449046][ T5894] usb 4-1: config 1 has no interface number 0
[  846.449094][ T5894] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  846.449120][ T5894] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  846.449145][ T5894] usb 4-1: config 1 interface 113 has no altsetting 0
[  846.452163][ T5894] usb 4-1: New USB device found, idVendor=04e8, idProduct=662e, bcdDevice=9d.cb
[  846.452193][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.452214][ T5894] usb 4-1: Product: syz
[  846.452229][ T5894] usb 4-1: Manufacturer: syz
[  846.452244][ T5894] usb 4-1: SerialNumber: syz
[  846.497186][    C1] vkms_vblank_simulate: vblank timer overrun
[  846.517626][T13337] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  846.517767][T13337] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  846.520679][ T5894] ipaq 4-1:1.113: PocketPC PDA converter detected
[  846.740174][ T5894] ipaq 4-1:1.113: probe with driver ipaq failed with error -71
[  846.747893][ T5894] usb 4-1: USB disconnect, device number 57
[  846.962343][T13365] evm: overlay not supported
[  846.967444][T13365] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2257'.
[  847.199312][ T5803] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  847.221223][ T5803] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  847.244206][ T5803] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  847.246209][ T5803] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  847.261370][ T5803] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  847.477527][T13374] lo speed is unknown, defaulting to 1000
[  847.946656][ T9880] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  847.981703][T13389] FAULT_INJECTION: forcing a failure.
[  847.981703][T13389] name failslab, interval 1, probability 0, space 0, times 0
[  847.981739][T13389] CPU: 0 UID: 0 PID: 13389 Comm: syz.0.2264 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  847.981761][T13389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  847.981772][T13389] Call Trace:
[  847.981781][T13389]  <TASK>
[  847.981791][T13389]  dump_stack_lvl+0x189/0x250
[  847.981833][T13389]  ? __pfx____ratelimit+0x10/0x10
[  847.981860][T13389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  847.981888][T13389]  ? __pfx__printk+0x10/0x10
[  847.981917][T13389]  ? __pfx___might_resched+0x10/0x10
[  847.981939][T13389]  ? fs_reclaim_acquire+0x7d/0x100
[  847.981971][T13389]  should_fail_ex+0x46c/0x600
[  847.982004][T13389]  should_failslab+0xa8/0x100
[  847.982034][T13389]  __kmalloc_node_noprof+0xd4/0x7f0
[  847.982060][T13389]  ? alloc_slab_obj_exts+0x3e/0x100
[  847.982088][T13389]  alloc_slab_obj_exts+0x3e/0x100
[  847.982112][T13389]  allocate_slab+0x152/0x350
[  847.982137][T13389]  ___slab_alloc+0xb12/0x13f0
[  847.982163][T13389]  ? seq_read_iter+0x203/0xe20
[  847.982192][T13389]  __slab_alloc+0xc6/0x1f0
[  847.982210][T13389]  ? seq_read_iter+0x203/0xe20
[  847.982234][T13389]  __kvmalloc_node_noprof+0x313/0x920
[  847.982258][T13389]  ? seq_read_iter+0x203/0xe20
[  847.982277][T13389]  ? mutex_lock_nested+0x154/0x1d0
[  847.982304][T13389]  seq_read_iter+0x203/0xe20
[  847.982329][T13389]  ? __lock_acquire+0xab9/0xd20
[  847.982357][T13389]  ? __asan_memset+0x22/0x50
[  847.982385][T13389]  seq_read+0x36c/0x480
[  847.982416][T13389]  ? __pfx_seq_read+0x10/0x10
[  847.982451][T13389]  ? rw_verify_area+0x2ac/0x4e0
[  847.982473][T13389]  ? __lock_acquire+0xab9/0xd20
[  847.982494][T13389]  ? __pfx_seq_read+0x10/0x10
[  847.982515][T13389]  vfs_read+0x206/0xa30
[  847.982553][T13389]  ? __pfx_vfs_read+0x10/0x10
[  847.982575][T13389]  ? __fget_files+0x2a/0x420
[  847.982603][T13389]  ? __fget_files+0x2a/0x420
[  847.982624][T13389]  ? __fget_files+0x3a6/0x420
[  847.982645][T13389]  ? __fget_files+0x2a/0x420
[  847.982678][T13389]  ksys_read+0x14b/0x260
[  847.982702][T13389]  ? __pfx_ksys_read+0x10/0x10
[  847.982727][T13389]  ? do_syscall_64+0xbe/0xfa0
[  847.982755][T13389]  do_syscall_64+0xfa/0xfa0
[  847.982778][T13389]  ? lockdep_hardirqs_on+0x9c/0x150
[  847.982801][T13389]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.982819][T13389]  ? clear_bhb_loop+0x60/0xb0
[  847.982840][T13389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.982857][T13389] RIP: 0033:0x7fbf52eeefc9
[  847.982873][T13389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  847.982888][T13389] RSP: 002b:00007fbf51156038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  847.982908][T13389] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eeefc9
[  847.982920][T13389] RDX: 0000000000000039 RSI: 0000200000000340 RDI: 0000000000000003
[  847.982930][T13389] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  847.982942][T13389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  847.982953][T13389] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  847.982984][T13389]  </TASK>
[  848.166588][ T9880] usb 4-1: Using ep0 maxpacket: 16
[  848.300196][ T9880] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  848.300225][ T9880] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  848.356163][ T9880] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  848.356196][ T9880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.356218][ T9880] usb 4-1: Product: syz
[  848.356234][ T9880] usb 4-1: Manufacturer: syz
[  848.356249][ T9880] usb 4-1: SerialNumber: syz
[  848.952476][ T9880] usb 4-1: cannot find UAC_HEADER
[  848.982342][T13374] chnl_net:caif_netlink_parms(): no params data found
[  849.029927][ T9880] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  849.046130][ T9880] usb 4-1: USB disconnect, device number 58
[  849.167413][T13403] netlink: 'syz.2.2269': attribute type 12 has an invalid length.
[  849.167436][T13403] netlink: 'syz.2.2269': attribute type 29 has an invalid length.
[  849.167451][T13403] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2269'.
[  849.167488][T13403] netlink: 59 bytes leftover after parsing attributes in process `syz.2.2269'.
[  849.306716][ T5817] Bluetooth: hci9: command tx timeout
[  849.750425][T13414] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2271'.
[  850.387587][T13414] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2271'.
[  850.583327][T13374] bridge0: port 1(bridge_slave_0) entered blocking state
[  850.583465][T13374] bridge0: port 1(bridge_slave_0) entered disabled state
[  850.583736][T13374] bridge_slave_0: entered allmulticast mode
[  850.612432][T13374] bridge_slave_0: entered promiscuous mode
[  850.623845][T13374] bridge0: port 2(bridge_slave_1) entered blocking state
[  850.624103][T13374] bridge0: port 2(bridge_slave_1) entered disabled state
[  850.624389][T13374] bridge_slave_1: entered allmulticast mode
[  850.655617][T13374] bridge_slave_1: entered promiscuous mode
[  850.666618][T13416] Bluetooth: hci10: command 0x1003 tx timeout
[  850.666983][ T5803] Bluetooth: hci10: Opcode 0x1003 failed: -110
[  851.740476][ T5803] Bluetooth: hci9: command tx timeout
[  851.976915][ T9880] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[  852.036576][   T10] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  852.134051][ T9880] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  852.134084][ T9880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  852.166326][ T9880] usb 1-1: config 0 descriptor??
[  852.177277][ T9880] cp210x 1-1:0.0: cp210x converter detected
[  852.198881][   T10] usb 5-1: config 1 has an invalid interface number: 113 but max is 0
[  852.198910][   T10] usb 5-1: config 1 has no interface number 0
[  852.199045][   T10] usb 5-1: config 1 interface 113 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  852.199072][   T10] usb 5-1: config 1 interface 113 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  852.199098][   T10] usb 5-1: config 1 interface 113 has no altsetting 0
[  852.264047][   T10] usb 5-1: New USB device found, idVendor=04e8, idProduct=662e, bcdDevice=9d.cb
[  852.264139][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  852.264162][   T10] usb 5-1: Product: syz
[  852.264178][   T10] usb 5-1: Manufacturer: syz
[  852.264194][   T10] usb 5-1: SerialNumber: syz
[  852.324608][T13430] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  852.324993][T13430] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  852.346754][ T5803] Bluetooth: hci7: command 0x0406 tx timeout
[  852.399807][   T10] ipaq 5-1:1.113: PocketPC PDA converter detected
[  852.819159][ T9880] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -71
[  852.819190][ T9880] cp210x 1-1:0.0: querying part number failed
[  853.091391][   T10] usb 5-1: PocketPC PDA converter now attached to ttyUSB0
[  853.165111][T13438] FAULT_INJECTION: forcing a failure.
[  853.165111][T13438] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  853.165142][T13438] CPU: 0 UID: 0 PID: 13438 Comm: syz.2.2277 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  853.165161][T13438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  853.165171][T13438] Call Trace:
[  853.165178][T13438]  <TASK>
[  853.165186][T13438]  dump_stack_lvl+0x189/0x250
[  853.165214][T13438]  ? __pfx____ratelimit+0x10/0x10
[  853.165234][T13438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  853.165254][T13438]  ? __pfx__printk+0x10/0x10
[  853.165274][T13438]  ? fs_reclaim_acquire+0x7d/0x100
[  853.165302][T13438]  should_fail_ex+0x46c/0x600
[  853.165330][T13438]  prepare_alloc_pages+0x213/0x670
[  853.165362][T13438]  __alloc_frozen_pages_noprof+0x123/0x370
[  853.165392][T13438]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  853.165446][T13438]  alloc_pages_bulk_noprof+0x5fa/0x7d0
[  853.165477][T13438]  ? alloc_pages_noprof+0xe4/0x1e0
[  853.165512][T13438]  kasan_populate_vmalloc+0xd1/0x270
[  853.165541][T13438]  alloc_vmap_area+0xd7a/0x14c0
[  853.165581][T13438]  ? __pfx_alloc_vmap_area+0x10/0x10
[  853.165603][T13438]  ? __kasan_kmalloc+0x93/0xb0
[  853.165629][T13438]  ? __kmalloc_cache_node_noprof+0x2a9/0x700
[  853.165654][T13438]  ? __get_vm_area_node+0x172/0x350
[  853.165676][T13438]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  853.165709][T13438]  __get_vm_area_node+0x227/0x350
[  853.165739][T13438]  __vmalloc_node_range_noprof+0x30c/0x12d0
[  853.165765][T13438]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  853.165793][T13438]  ? is_bpf_text_address+0x26/0x2b0
[  853.165835][T13438]  ? __lock_acquire+0xab9/0xd20
[  853.165867][T13438]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  853.165893][T13438]  ? __might_fault+0xb0/0x130
[  853.165927][T13438]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  853.165951][T13438]  __vmalloc_noprof+0xb1/0xf0
[  853.165975][T13438]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  853.166003][T13438]  bpf_prog_alloc_no_stats+0x4a/0x530
[  853.166034][T13438]  bpf_prog_alloc+0x3c/0x1a0
[  853.166062][T13438]  bpf_prog_load+0x735/0x19e0
[  853.166099][T13438]  ? __pfx_bpf_prog_load+0x10/0x10
[  853.166148][T13438]  ? bpf_lsm_bpf+0x9/0x20
[  853.166167][T13438]  ? security_bpf+0x7e/0x300
[  853.166190][T13438]  __sys_bpf+0x507/0x860
[  853.166217][T13438]  ? __pfx___sys_bpf+0x10/0x10
[  853.166239][T13438]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  853.166276][T13438]  ? ksys_write+0x230/0x260
[  853.166302][T13438]  ? __pfx_ksys_write+0x10/0x10
[  853.166330][T13438]  __x64_sys_bpf+0x7c/0x90
[  853.166354][T13438]  do_syscall_64+0xfa/0xfa0
[  853.166377][T13438]  ? lockdep_hardirqs_on+0x9c/0x150
[  853.166403][T13438]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.166419][T13438]  ? clear_bhb_loop+0x60/0xb0
[  853.166439][T13438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.166456][T13438] RIP: 0033:0x7f078279efc9
[  853.166473][T13438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  853.166489][T13438] RSP: 002b:00007f07809fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  853.166508][T13438] RAX: ffffffffffffffda RBX: 00007f07829f5fa0 RCX: 00007f078279efc9
[  853.166521][T13438] RDX: 0000000000000094 RSI: 0000200000000380 RDI: 0000000000000005
[  853.166534][T13438] RBP: 00007f07809fe090 R08: 0000000000000000 R09: 0000000000000000
[  853.166545][T13438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  853.166558][T13438] R13: 00007f07829f6038 R14: 00007f07829f5fa0 R15: 00007fff557cd328
[  853.166590][T13438]  </TASK>
[  853.170624][T13438] syz.2.2277: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  853.170695][T13438] CPU: 1 UID: 0 PID: 13438 Comm: syz.2.2277 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  853.170717][T13438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  853.170728][T13438] Call Trace:
[  853.170737][T13438]  <TASK>
[  853.170745][T13438]  dump_stack_lvl+0x189/0x250
[  853.170780][T13438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  853.170806][T13438]  ? __pfx__printk+0x10/0x10
[  853.170828][T13438]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  853.170851][T13438]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  853.170874][T13438]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  853.170898][T13438]  warn_alloc+0x22e/0x3b0
[  853.170925][T13438]  ? kasan_quarantine_put+0xdd/0x220
[  853.170948][T13438]  ? lockdep_hardirqs_on+0x9c/0x150
[  853.170974][T13438]  ? __pfx_warn_alloc+0x10/0x10
[  853.171000][T13438]  ? __get_vm_area_node+0x240/0x350
[  853.171020][T13438]  ? __get_vm_area_node+0x172/0x350
[  853.171043][T13438]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  853.171070][T13438]  ? __get_vm_area_node+0x240/0x350
[  853.171099][T13438]  __vmalloc_node_range_noprof+0x331/0x12d0
[  853.171125][T13438]  ? is_bpf_text_address+0x26/0x2b0
[  853.171171][T13438]  ? __lock_acquire+0xab9/0xd20
[  853.171202][T13438]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  853.171228][T13438]  ? __might_fault+0xb0/0x130
[  853.171259][T13438]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  853.171283][T13438]  __vmalloc_noprof+0xb1/0xf0
[  853.171305][T13438]  ? bpf_prog_alloc_no_stats+0x4a/0x530
[  853.171333][T13438]  bpf_prog_alloc_no_stats+0x4a/0x530
[  853.171362][T13438]  bpf_prog_alloc+0x3c/0x1a0
[  853.171389][T13438]  bpf_prog_load+0x735/0x19e0
[  853.171425][T13438]  ? __pfx_bpf_prog_load+0x10/0x10
[  853.171472][T13438]  ? bpf_lsm_bpf+0x9/0x20
[  853.171489][T13438]  ? security_bpf+0x7e/0x300
[  853.171512][T13438]  __sys_bpf+0x507/0x860
[  853.171538][T13438]  ? __pfx___sys_bpf+0x10/0x10
[  853.171559][T13438]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  853.171596][T13438]  ? ksys_write+0x230/0x260
[  853.171620][T13438]  ? __pfx_ksys_write+0x10/0x10
[  853.171648][T13438]  __x64_sys_bpf+0x7c/0x90
[  853.171672][T13438]  do_syscall_64+0xfa/0xfa0
[  853.171693][T13438]  ? lockdep_hardirqs_on+0x9c/0x150
[  853.171716][T13438]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.171735][T13438]  ? clear_bhb_loop+0x60/0xb0
[  853.171758][T13438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.171776][T13438] RIP: 0033:0x7f078279efc9
[  853.171793][T13438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  853.171809][T13438] RSP: 002b:00007f07809fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  853.171828][T13438] RAX: ffffffffffffffda RBX: 00007f07829f5fa0 RCX: 00007f078279efc9
[  853.171843][T13438] RDX: 0000000000000094 RSI: 0000200000000380 RDI: 0000000000000005
[  853.171855][T13438] RBP: 00007f07809fe090 R08: 0000000000000000 R09: 0000000000000000
[  853.171867][T13438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  853.171879][T13438] R13: 00007f07829f6038 R14: 00007f07829f5fa0 R15: 00007fff557cd328
[  853.171911][T13438]  </TASK>
[  853.171919][T13438] Mem-Info:
[  853.171928][T13438] active_anon:3124 inactive_anon:7510 isolated_anon:0
[  853.171928][T13438]  active_file:20327 inactive_file:39743 isolated_file:0
[  853.171928][T13438]  unevictable:768 dirty:198 writeback:0
[  853.171928][T13438]  slab_reclaimable:13110 slab_unreclaimable:109683
[  853.171928][T13438]  mapped:47677 shmem:4227 pagetables:1460
[  853.171928][T13438]  sec_pagetables:0 bounce:0
[  853.171928][T13438]  kernel_misc_reclaimable:0
[  853.171928][T13438]  free:1249660 free_pcp:15865 free_cma:0
[  853.171987][T13438] Node 0 active_anon:12496kB inactive_anon:30040kB active_file:81052kB inactive_file:158972kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:190652kB dirty:788kB writeback:0kB shmem:15372kB kernel_stack:13788kB pagetables:5680kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  853.172033][T13438] Node 1 active_anon:0kB inactive_anon:0kB active_file:256kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:56kB dirty:4kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  853.172075][T13438] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  853.172136][T13438] lowmem_reserve[]: 0 2515 2517 2517 2517
[  853.172173][T13438] Node 0 DMA32 free:1081104kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12496kB inactive_anon:30040kB active_file:81052kB inactive_file:158972kB unevictable:1536kB writepending:788kB zspages:0kB present:3129332kB managed:2576092kB mlocked:0kB bounce:0kB free_pcp:63460kB local_pcp:56908kB free_cma:0kB
[  853.172233][T13438] lowmem_reserve[]: 0 0 1 1 1
[  853.172264][T13438] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  853.172317][T13438] lowmem_reserve[]: 0 0 0 0 0
[  853.172347][T13438] Node 1 Normal free:3902176kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:256kB inactive_file:0kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  853.172406][T13438] lowmem_reserve[]: 0 0 0 0 0
[  853.172436][T13438] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  853.172543][T13438] Node 0 DMA32: 714*4kB (UME) 639*8kB (UME) 397*16kB (UM) 265*32kB (UME) 63*64kB (ME) 73*128kB (UM) 10*256kB (ME) 2*512kB (ME) 1*1024kB (M) 4*2048kB (UM) 252*4096kB (UM) = 1081168kB
[  853.172686][T13438] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  853.172884][T13438] Node 1 Normal: 178*4kB (UE) 49*8kB (UE) 33*16kB (UE) 218*32kB (UE) 87*64kB (UME) 29*128kB (UME) 9*256kB (UME) 6*512kB (UME) 2*1024kB (ME) 3*2048kB (UM) 945*4096kB (M) = 3902176kB
[  853.173050][T13438] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  853.173066][T13438] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  853.173082][T13438] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  853.173097][T13438] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  853.173112][T13438] 64293 total pagecache pages
[  853.173120][T13438] 0 pages in swap cache
[  853.173127][T13438] Free swap  = 124996kB
[  853.173134][T13438] Total swap = 124996kB
[  853.173141][T13438] 2097051 pages RAM
[  853.173154][T13438] 0 pages HighMem/MovableOnly
[  853.173161][T13438] 421002 pages reserved
[  853.173168][T13438] 0 pages cma reserved
[  853.220733][T13437] FAULT_INJECTION: forcing a failure.
[  853.220733][T13437] name failslab, interval 1, probability 0, space 0, times 0
[  853.220770][T13437] CPU: 1 UID: 0 PID: 13437 Comm: syz.0.2278 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  853.220792][T13437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  853.220804][T13437] Call Trace:
[  853.220812][T13437]  <TASK>
[  853.220821][T13437]  dump_stack_lvl+0x189/0x250
[  853.220853][T13437]  ? __pfx____ratelimit+0x10/0x10
[  853.220877][T13437]  ? __pfx_dump_stack_lvl+0x10/0x10
[  853.220904][T13437]  ? __pfx__printk+0x10/0x10
[  853.220932][T13437]  ? __pfx___might_resched+0x10/0x10
[  853.220958][T13437]  should_fail_ex+0x46c/0x600
[  853.220987][T13437]  ? fuse_get_req+0x7b9/0x10c0
[  853.221010][T13437]  should_failslab+0xa8/0x100
[  853.221038][T13437]  ? fuse_get_req+0x7b9/0x10c0
[  853.221059][T13437]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  853.221092][T13437]  fuse_get_req+0x7b9/0x10c0
[  853.221129][T13437]  ? __pfx_fuse_get_req+0x10/0x10
[  853.221159][T13437]  ? __kasan_kmalloc+0x93/0xb0
[  853.221182][T13437]  ? __pfx_autoremove_wake_function+0x10/0x10
[  853.221206][T13437]  ? do_mknodat+0x184/0x4d0
[  853.221222][T13437]  ? __x64_sys_mknod+0x8c/0xa0
[  853.221241][T13437]  ? do_syscall_64+0xfa/0xfa0
[  853.221262][T13437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.221293][T13437]  __fuse_simple_request+0x2bb/0x1bb0
[  853.221331][T13437]  ? __pfx___fuse_simple_request+0x10/0x10
[  853.221376][T13437]  ? __kasan_kmalloc+0x93/0xb0
[  853.221400][T13437]  ? __kmalloc_cache_noprof+0x1ef/0x6c0
[  853.221432][T13437]  fuse_lookup_name+0x34c/0x860
[  853.221465][T13437]  ? __pfx_fuse_lookup_name+0x10/0x10
[  853.221483][T13437]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  853.221507][T13437]  ? lockdep_hardirqs_on+0x9c/0x150
[  853.221549][T13437]  ? mutex_lock_nested+0x154/0x1d0
[  853.221567][T13437]  ? fuse_lock_inode+0xd3/0x120
[  853.221593][T13437]  fuse_lookup+0x1d1/0x680
[  853.221621][T13437]  ? __pfx_fuse_lookup+0x10/0x10
[  853.221655][T13437]  ? rt_spin_unlock+0x161/0x200
[  853.221678][T13437]  ? d_alloc+0x144/0x190
[  853.221698][T13437]  lookup_one_qstr_excl+0x131/0x360
[  853.221721][T13437]  filename_create+0x224/0x3c0
[  853.221748][T13437]  ? __pfx_filename_create+0x10/0x10
[  853.221780][T13437]  do_mknodat+0x184/0x4d0
[  853.221805][T13437]  ? __pfx_do_mknodat+0x10/0x10
[  853.221826][T13437]  ? getname_flags+0x1e5/0x540
[  853.221858][T13437]  __x64_sys_mknod+0x8c/0xa0
[  853.221881][T13437]  do_syscall_64+0xfa/0xfa0
[  853.221904][T13437]  ? lockdep_hardirqs_on+0x9c/0x150
[  853.221927][T13437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.221946][T13437]  ? clear_bhb_loop+0x60/0xb0
[  853.221968][T13437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.221986][T13437] RIP: 0033:0x7fbf52eeefc9
[  853.222003][T13437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  853.222019][T13437] RSP: 002b:00007fbf51156038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  853.222040][T13437] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eeefc9
[  853.222054][T13437] RDX: 0000000000000700 RSI: 0000000000000002 RDI: 0000200000000700
[  853.222067][T13437] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  853.222080][T13437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  853.222092][T13437] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  853.222126][T13437]  </TASK>
[  853.250248][ T5969] usb 5-1: USB disconnect, device number 66
[  853.321350][ T5969] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0
[  853.321955][ T5969] ipaq 5-1:1.113: device disconnected
[  853.786812][ T5803] Bluetooth: hci9: command tx timeout
[  853.896715][ T9880] usb 1-1: cp210x converter now attached to ttyUSB1
[  853.917478][T13446] fuse: Bad value for 'fd'
[  854.206607][ T9880] usb 1-1: USB disconnect, device number 68
[  854.511800][T13374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  854.561694][T13374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  854.715293][ T9880] cp210x ttyUSB1: cp210x converter now disconnected from ttyUSB1
[  854.715840][ T9880] cp210x 1-1:0.0: device disconnected
[  854.872888][T11907] Bluetooth: hci10: Frame reassembly failed (-84)
[  854.925163][T13461] FAULT_INJECTION: forcing a failure.
[  854.925163][T13461] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  854.925201][T13461] CPU: 1 UID: 0 PID: 13461 Comm: syz.4.2286 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  854.925224][T13461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  854.925237][T13461] Call Trace:
[  854.925245][T13461]  <TASK>
[  854.925255][T13461]  dump_stack_lvl+0x189/0x250
[  854.925288][T13461]  ? __pfx____ratelimit+0x10/0x10
[  854.925313][T13461]  ? __pfx_dump_stack_lvl+0x10/0x10
[  854.925339][T13461]  ? __pfx__printk+0x10/0x10
[  854.925365][T13461]  ? fs_reclaim_acquire+0x7d/0x100
[  854.925400][T13461]  should_fail_ex+0x46c/0x600
[  854.925437][T13461]  prepare_alloc_pages+0x213/0x670
[  854.925472][T13461]  __alloc_frozen_pages_noprof+0x123/0x370
[  854.925505][T13461]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  854.925551][T13461]  alloc_pages_mpol+0xd1/0x380
[  854.925583][T13461]  alloc_pages_noprof+0xcf/0x1e0
[  854.925612][T13461]  __pud_alloc+0x3f/0x450
[  854.925657][T13461]  handle_mm_fault+0x2149/0x3400
[  854.925682][T13461]  ? mt_find+0x15c/0x5e0
[  854.925712][T13461]  ? __pfx_mt_find+0x10/0x10
[  854.925738][T13461]  ? handle_mm_fault+0xdb/0x3400
[  854.925771][T13461]  ? __pfx_handle_mm_fault+0x10/0x10
[  854.925811][T13461]  ? do_vfs_ioctl+0xbeb/0x1440
[  854.925840][T13461]  ? lock_mm_and_find_vma+0x9c/0x300
[  854.925870][T13461]  do_user_addr_fault+0x764/0x1380
[  854.925912][T13461]  exc_page_fault+0x82/0x100
[  854.925940][T13461]  asm_exc_page_fault+0x26/0x30
[  854.925957][T13461] RIP: 0010:__get_user_4+0x14/0x20
[  854.925981][T13461] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  854.925995][T13461] RSP: 0018:ffffc9000c6a7e28 EFLAGS: 00050287
[  854.926012][T13461] RAX: 0000200000000000 RBX: ffff88805d834000 RCX: 73eba077a7073000
[  854.926026][T13461] RDX: 00007ffffffff000 RSI: ffffffff8cf63f0a RDI: ffffffff8b3ddd60
[  854.926038][T13461] RBP: 0000000040045431 R08: 0000000000000000 R09: ffffffff82095140
[  854.926049][T13461] R10: 0000000000000100 R11: 0000000080045439 R12: 00000000fffffdfd
[  854.926061][T13461] R13: 0000200000000000 R14: 0000200000000000 R15: ffffffff8b4c0380
[  854.926080][T13461]  ? __might_fault+0xb0/0x130
[  854.926118][T13461]  pty_bsd_ioctl+0x1e6/0x420
[  854.926143][T13461]  tty_ioctl+0x92f/0xde0
[  854.926164][T13461]  ? __pfx_tty_ioctl+0x10/0x10
[  854.926184][T13461]  __se_sys_ioctl+0xff/0x170
[  854.926207][T13461]  do_syscall_64+0xfa/0xfa0
[  854.926228][T13461]  ? lockdep_hardirqs_on+0x9c/0x150
[  854.926251][T13461]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.926270][T13461]  ? clear_bhb_loop+0x60/0xb0
[  854.926294][T13461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.926312][T13461] RIP: 0033:0x7fdd03dfefc9
[  854.926328][T13461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.926345][T13461] RSP: 002b:00007fdd02066038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  854.926365][T13461] RAX: ffffffffffffffda RBX: 00007fdd04055fa0 RCX: 00007fdd03dfefc9
[  854.926378][T13461] RDX: 0000200000000000 RSI: 0000000040045431 RDI: 0000000000000003
[  854.926389][T13461] RBP: 00007fdd02066090 R08: 0000000000000000 R09: 0000000000000000
[  854.926400][T13461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.926410][T13461] R13: 00007fdd04056038 R14: 00007fdd04055fa0 R15: 00007ffccca11888
[  854.926442][T13461]  </TASK>
[  854.930525][T13374] team0: Port device team_slave_0 added
[  854.946669][T13374] team0: Port device team_slave_1 added
[  855.319598][T13374] batman_adv: batadv0: Adding interface: batadv_slave_0
[  855.319617][T13374] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  855.319643][T13374] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  855.384429][T13374] batman_adv: batadv0: Adding interface: batadv_slave_1
[  855.384446][T13374] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  855.384473][T13374] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  855.486560][ T5969] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  855.644315][ T5969] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  855.644346][ T5969] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  855.672460][ T5969] usb 3-1: config 0 descriptor??
[  855.687579][ T5969] cp210x 3-1:0.0: cp210x converter detected
[  855.707759][T13374] hsr_slave_0: entered promiscuous mode
[  855.711431][T13374] hsr_slave_1: entered promiscuous mode
[  855.713150][T13374] debugfs: 'hsr0' already exists in 'hsr'
[  855.713178][T13374] Cannot create hsr debugfs directory
[  855.807849][T13476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2291'.
[  855.866689][ T5817] Bluetooth: hci9: command tx timeout
[  856.016608][ T5893] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  856.056544][ T9880] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[  856.224371][ T9880] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  856.236805][ T5893] usb 4-1: config 1 has an invalid interface number: 113 but max is 0
[  856.236837][ T5893] usb 4-1: config 1 has no interface number 0
[  856.252957][ T5893] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  856.253052][ T5893] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  856.253077][ T5893] usb 4-1: config 1 interface 113 has no altsetting 0
[  856.302310][ T9880] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  856.302343][ T9880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  856.302364][ T9880] usb 1-1: Product: syz
[  856.302380][ T9880] usb 1-1: Manufacturer: syz
[  856.302394][ T9880] usb 1-1: SerialNumber: syz
[  856.319565][ T5893] usb 4-1: New USB device found, idVendor=04e8, idProduct=662e, bcdDevice=9d.cb
[  856.319599][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  856.319620][ T5893] usb 4-1: Product: syz
[  856.319635][ T5893] usb 4-1: Manufacturer: syz
[  856.319650][ T5893] usb 4-1: SerialNumber: syz
[  856.577743][ T9880] usb 1-1: config 0 descriptor??
[  856.601807][ T9880] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  856.846631][   T10] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  856.906574][ T5803] Bluetooth: hci10: Opcode 0x1003 failed: -110
[  856.999268][   T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  856.999296][   T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  857.001091][   T10] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  857.001120][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  857.001141][   T10] usb 5-1: SerialNumber: syz
[  857.273495][ T9880] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -2
[  857.285561][T13474] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  857.285685][T13474] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  857.341709][ T5893] ipaq 4-1:1.113: PocketPC PDA converter detected
[  857.404144][ T9880] usb 1-1: USB disconnect, device number 69
[  857.568738][ T5893] usb 4-1: PocketPC PDA converter now attached to ttyUSB0
[  857.650969][   T10] usb 5-1: 0:2 : does not exist
[  857.702305][   T10] usb 5-1: USB disconnect, device number 67
[  857.892553][ T5893] usb 4-1: USB disconnect, device number 59
[  857.942101][ T5893] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0
[  857.944494][ T5893] ipaq 4-1:1.113: device disconnected
[  858.130040][ T9880] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[  858.133183][T13374] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  858.204026][T13374] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  858.229664][T13374] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  858.277731][ T9880] usb 1-1: no configurations
[  858.277755][ T9880] usb 1-1: can't read configurations, error -22
[  858.387092][T13489] FAULT_INJECTION: forcing a failure.
[  858.387092][T13489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  858.387129][T13489] CPU: 0 UID: 0 PID: 13489 Comm: syz.4.2294 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  858.387174][T13489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  858.387199][T13489] Call Trace:
[  858.387214][T13489]  <TASK>
[  858.387233][T13489]  dump_stack_lvl+0x189/0x250
[  858.387274][T13489]  ? __pfx____ratelimit+0x10/0x10
[  858.387298][T13489]  ? __pfx_dump_stack_lvl+0x10/0x10
[  858.387343][T13489]  ? __pfx__printk+0x10/0x10
[  858.387366][T13489]  ? __might_fault+0xb0/0x130
[  858.387402][T13489]  should_fail_ex+0x46c/0x600
[  858.387432][T13489]  _copy_from_user+0x2d/0xb0
[  858.387455][T13489]  btf_new_fd+0x33a/0xcf0
[  858.387481][T13489]  ? safesetid_security_capable+0xa9/0x1a0
[  858.387507][T13489]  ? __pfx_btf_new_fd+0x10/0x10
[  858.387531][T13489]  ? bpf_token_put+0x143/0x160
[  858.387551][T13489]  ? bpf_btf_load+0x126/0x190
[  858.387583][T13489]  __sys_bpf+0x3ed/0x860
[  858.387611][T13489]  ? __pfx___sys_bpf+0x10/0x10
[  858.387633][T13489]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  858.387670][T13489]  ? ksys_write+0x230/0x260
[  858.387694][T13489]  ? __pfx_ksys_write+0x10/0x10
[  858.387722][T13489]  __x64_sys_bpf+0x7c/0x90
[  858.387745][T13489]  do_syscall_64+0xfa/0xfa0
[  858.387768][T13489]  ? lockdep_hardirqs_on+0x9c/0x150
[  858.387792][T13489]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  858.387811][T13489]  ? clear_bhb_loop+0x60/0xb0
[  858.387842][T13489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  858.387861][T13489] RIP: 0033:0x7fdd03dfefc9
[  858.387879][T13489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  858.387895][T13489] RSP: 002b:00007fdd02066038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  858.387916][T13489] RAX: ffffffffffffffda RBX: 00007fdd04055fa0 RCX: 00007fdd03dfefc9
[  858.387931][T13489] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 0000000000000012
[  858.387943][T13489] RBP: 00007fdd02066090 R08: 0000000000000000 R09: 0000000000000000
[  858.387955][T13489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  858.387966][T13489] R13: 00007fdd04056038 R14: 00007fdd04055fa0 R15: 00007ffccca11888
[  858.387998][T13489]  </TASK>
[  858.504190][ T9880] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  859.531471][T13374] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  859.546087][ T9880] usb 1-1: no configurations
[  859.546108][ T9880] usb 1-1: can't read configurations, error -22
[  859.547440][ T9880] usb usb1-port1: attempt power cycle
[  860.352960][ T9880] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[  860.453054][ T9880] usb 1-1: no configurations
[  860.453082][ T9880] usb 1-1: can't read configurations, error -22
[  860.542903][ T5969] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71
[  860.542956][ T5969] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  860.587565][ T9880] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[  860.593720][ T5969] usb 3-1: cp210x converter now attached to ttyUSB0
[  860.613585][ T9880] usb 1-1: no configurations
[  860.613605][ T9880] usb 1-1: can't read configurations, error -22
[  860.614137][ T9880] usb usb1-port1: unable to enumerate USB device
[  860.622114][ T5969] usb 3-1: USB disconnect, device number 71
[  860.651164][ T5969] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  860.651639][ T5969] cp210x 3-1:0.0: device disconnected
[  860.694178][T13374] 8021q: adding VLAN 0 to HW filter on device bond0
[  860.822115][T13374] 8021q: adding VLAN 0 to HW filter on device team0
[  860.837706][T11907] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.837933][T11907] bridge0: port 1(bridge_slave_0) entered forwarding state
[  860.863464][ T1454] bridge0: port 2(bridge_slave_1) entered blocking state
[  860.865498][ T1454] bridge0: port 2(bridge_slave_1) entered forwarding state
[  861.113253][T13515] FAULT_INJECTION: forcing a failure.
[  861.113253][T13515] name failslab, interval 1, probability 0, space 0, times 0
[  861.113288][T13515] CPU: 1 UID: 0 PID: 13515 Comm: syz.4.2302 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  861.113310][T13515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  861.113321][T13515] Call Trace:
[  861.113328][T13515]  <TASK>
[  861.113338][T13515]  dump_stack_lvl+0x189/0x250
[  861.113370][T13515]  ? __pfx____ratelimit+0x10/0x10
[  861.113394][T13515]  ? __pfx_dump_stack_lvl+0x10/0x10
[  861.113420][T13515]  ? __pfx__printk+0x10/0x10
[  861.113450][T13515]  ? __pfx___might_resched+0x10/0x10
[  861.113477][T13515]  should_fail_ex+0x46c/0x600
[  861.113507][T13515]  ? fanotify_handle_event+0x1966/0x3e40
[  861.113530][T13515]  should_failslab+0xa8/0x100
[  861.113557][T13515]  ? fanotify_handle_event+0x1966/0x3e40
[  861.113577][T13515]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  861.113603][T13515]  ? lockdep_unlock+0x89/0x120
[  861.113630][T13515]  fanotify_handle_event+0x1966/0x3e40
[  861.113677][T13515]  ? fanotify_handle_event+0xf30/0x3e40
[  861.113708][T13515]  ? __pfx_fanotify_handle_event+0x10/0x10
[  861.113742][T13515]  ? fsnotify+0x735/0x1aa0
[  861.113773][T13515]  ? __pfx_fanotify_handle_event+0x10/0x10
[  861.113799][T13515]  fsnotify+0x1427/0x1aa0
[  861.113842][T13515]  ? fsnotify+0x735/0x1aa0
[  861.113867][T13515]  ? __pfx_fsnotify+0x10/0x10
[  861.113890][T13515]  ? __io_read+0x99b/0x1520
[  861.113932][T13515]  io_req_io_end+0x486/0x560
[  861.113963][T13515]  kiocb_done+0x3bf/0x9d0
[  861.113999][T13515]  io_read+0x72/0x1c0
[  861.114031][T13515]  __io_issue_sqe+0x181/0x4b0
[  861.114055][T13515]  ? io_file_get_normal+0x104/0x300
[  861.114080][T13515]  io_issue_sqe+0x165/0x1060
[  861.114115][T13515]  io_submit_sqes+0xa54/0x1e60
[  861.114173][T13515]  __se_sys_io_uring_enter+0x2db/0x2b70
[  861.114211][T13515]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  861.114236][T13515]  ? lockdep_hardirqs_on+0x9c/0x150
[  861.114261][T13515]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  861.114286][T13515]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  861.114316][T13515]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  861.114339][T13515]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  861.114364][T13515]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  861.114385][T13515]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  861.114417][T13515]  ? fput+0xa0/0xd0
[  861.114437][T13515]  ? ksys_write+0x230/0x260
[  861.114462][T13515]  ? __pfx_ksys_write+0x10/0x10
[  861.114490][T13515]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  861.114518][T13515]  do_syscall_64+0xfa/0xfa0
[  861.114541][T13515]  ? lockdep_hardirqs_on+0x9c/0x150
[  861.114565][T13515]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.114584][T13515]  ? clear_bhb_loop+0x60/0xb0
[  861.114608][T13515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.114626][T13515] RIP: 0033:0x7fdd03dfefc9
[  861.114645][T13515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.114668][T13515] RSP: 002b:00007fdd02066038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  861.114689][T13515] RAX: ffffffffffffffda RBX: 00007fdd04055fa0 RCX: 00007fdd03dfefc9
[  861.114703][T13515] RDX: 0000000000000000 RSI: 00000000000048e9 RDI: 0000000000000007
[  861.114714][T13515] RBP: 00007fdd02066090 R08: 0000000000000000 R09: 0000000000000000
[  861.114727][T13515] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  861.114739][T13515] R13: 00007fdd04056038 R14: 00007fdd04055fa0 R15: 00007ffccca11888
[  861.114773][T13515]  </TASK>
[  861.126697][ T5969] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  861.277696][ T5969] usb 3-1: Using ep0 maxpacket: 16
[  861.280043][ T5969] usb 3-1: unable to get BOS descriptor or descriptor too short
[  861.304001][ T5969] usb 3-1: config 8 has an invalid interface number: 34 but max is 0
[  861.304033][ T5969] usb 3-1: config 8 has an invalid interface association descriptor of length 2, skipping
[  861.304053][ T5969] usb 3-1: config 8 has no interface number 0
[  861.304104][ T5969] usb 3-1: config 8 interface 34 altsetting 2 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  861.304133][ T5969] usb 3-1: config 8 interface 34 altsetting 2 endpoint 0xD has invalid maxpacket 512, setting to 64
[  861.304160][ T5969] usb 3-1: config 8 interface 34 has no altsetting 0
[  861.310467][ T5969] usb 3-1: New USB device found, idVendor=0424, idProduct=c001, bcdDevice=e2.0c
[  861.310498][ T5969] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  861.310519][ T5969] usb 3-1: Product: syz
[  861.310534][ T5969] usb 3-1: Manufacturer: syz
[  861.310550][ T5969] usb 3-1: SerialNumber: syz
[  861.416680][ T5806] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  861.452917][T13524] genirq: Flags mismatch irq 7. 00202080 (ttyS3) vs. 00202000 (dt2814)
[  861.568958][ T5806] usb 4-1: config 1 has an invalid interface number: 113 but max is 0
[  861.568989][ T5806] usb 4-1: config 1 has no interface number 0
[  861.569039][ T5806] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  861.569065][ T5806] usb 4-1: config 1 interface 113 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  861.569090][ T5806] usb 4-1: config 1 interface 113 has no altsetting 0
[  861.572088][ T5806] usb 4-1: New USB device found, idVendor=04e8, idProduct=662e, bcdDevice=9d.cb
[  861.572118][ T5806] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  861.572138][ T5806] usb 4-1: Product: syz
[  861.572153][ T5806] usb 4-1: Manufacturer: syz
[  861.572169][ T5806] usb 4-1: SerialNumber: syz
[  861.579975][T13520] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  861.581138][T13520] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  861.589766][ T5806] ipaq 4-1:1.113: PocketPC PDA converter detected
[  862.054041][ T5969] usb 3-1: USB disconnect, device number 72
[  862.175592][ T5806] ipaq 4-1:1.113: probe with driver ipaq failed with error -71
[  862.189909][ T5806] usb 4-1: USB disconnect, device number 60
[  862.201958][T13374] 8021q: adding VLAN 0 to HW filter on device batadv0
[  862.804260][T13374] veth0_vlan: entered promiscuous mode
[  862.815401][T13374] veth1_vlan: entered promiscuous mode
[  862.864205][T13556] FAULT_INJECTION: forcing a failure.
[  862.864205][T13556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  862.864240][T13556] CPU: 0 UID: 0 PID: 13556 Comm: syz.0.2313 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  862.864264][T13556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  862.864276][T13556] Call Trace:
[  862.864284][T13556]  <TASK>
[  862.864293][T13556]  dump_stack_lvl+0x189/0x250
[  862.864326][T13556]  ? __pfx____ratelimit+0x10/0x10
[  862.864350][T13556]  ? __pfx_dump_stack_lvl+0x10/0x10
[  862.864378][T13556]  ? __pfx__printk+0x10/0x10
[  862.864418][T13556]  should_fail_ex+0x46c/0x600
[  862.864450][T13556]  _copy_to_user+0x31/0xb0
[  862.864476][T13556]  simple_read_from_buffer+0xe1/0x170
[  862.864506][T13556]  proc_fail_nth_read+0x1b6/0x220
[  862.864531][T13556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  862.864556][T13556]  ? rw_verify_area+0x2ac/0x4e0
[  862.864579][T13556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  862.864602][T13556]  vfs_read+0x206/0xa30
[  862.864634][T13556]  ? __pfx_vfs_read+0x10/0x10
[  862.864653][T13556]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  862.864689][T13556]  ? mutex_lock_nested+0x154/0x1d0
[  862.864709][T13556]  ? fdget_pos+0x253/0x320
[  862.864743][T13556]  ksys_read+0x14b/0x260
[  862.864764][T13556]  ? __fget_files+0x2a/0x420
[  862.864797][T13556]  ? __pfx_ksys_read+0x10/0x10
[  862.864825][T13556]  ? do_syscall_64+0xbe/0xfa0
[  862.864853][T13556]  do_syscall_64+0xfa/0xfa0
[  862.864876][T13556]  ? lockdep_hardirqs_on+0x9c/0x150
[  862.864899][T13556]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.864919][T13556]  ? clear_bhb_loop+0x60/0xb0
[  862.864943][T13556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.864962][T13556] RIP: 0033:0x7fbf52eed9dc
[  862.864980][T13556] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  862.864997][T13556] RSP: 002b:00007fbf51156030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  862.865018][T13556] RAX: ffffffffffffffda RBX: 00007fbf53145fa0 RCX: 00007fbf52eed9dc
[  862.865033][T13556] RDX: 000000000000000f RSI: 00007fbf511560a0 RDI: 0000000000000006
[  862.865046][T13556] RBP: 00007fbf51156090 R08: 0000000000000000 R09: 0000000000000000
[  862.865059][T13556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  862.865072][T13556] R13: 00007fbf53146038 R14: 00007fbf53145fa0 R15: 00007ffc9aea4028
[  862.865107][T13556]  </TASK>
[  862.871164][T13374] veth0_macvtap: entered promiscuous mode
[  862.944275][T13374] veth1_macvtap: entered promiscuous mode
[  862.984790][T13374] batman_adv: batadv0: Interface activated: batadv_slave_0
[  863.165820][   T10] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  863.747608][   T10] usb 4-1: no configurations
[  863.747631][   T10] usb 4-1: can't read configurations, error -22
[  863.790043][T13374] batman_adv: batadv0: Interface activated: batadv_slave_1
[  863.862937][ T1313] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  863.866288][ T1313] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  863.866336][ T1313] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  863.886629][   T10] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  863.899688][ T1313] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  864.042068][   T10] usb 4-1: no configurations
[  864.042090][   T10] usb 4-1: can't read configurations, error -22
[  864.042504][   T10] usb usb4-port1: attempt power cycle
[  864.467085][   T10] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  864.489340][   T10] usb 4-1: no configurations
[  864.489362][   T10] usb 4-1: can't read configurations, error -22
[  864.616563][   T10] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  864.638588][   T10] usb 4-1: no configurations
[  864.638609][   T10] usb 4-1: can't read configurations, error -22
[  864.639013][   T10] usb usb4-port1: unable to enumerate USB device
[  864.705497][   T86] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  864.705518][   T86] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  864.806038][   T86] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  864.806059][   T86] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  864.893850][T13578] lo speed is unknown, defaulting to 1000
[  865.147700][   T38] INFO: task syz-executor:9982 blocked for more than 144 seconds.
[  865.147725][   T38]       Not tainted syzkaller #0
[  865.147736][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  865.147746][   T38] task:syz-executor    state:D stack:20568 pid:9982  tgid:9982  ppid:1      task_flags:0x400140 flags:0x00080002
[  865.147799][   T38] Call Trace:
[  865.147807][   T38]  <TASK>
[  865.147840][   T38]  __schedule+0x16f3/0x4c20
[  865.147900][   T38]  ? __pfx___schedule+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  865.147946][   T38]  rt_mutex_schedule+0x77/0xf0
[  865.147967][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  865.148003][   T38]  ? rt_mutex_slowlock_block+0x351/0x6d0
[  865.148029][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  865.148053][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  865.148075][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  865.148093][   T38]  ? nfsd_shutdown_threads+0x4e/0xd0
[  865.148149][   T38]  ? nfsd_shutdown_threads+0x4e/0xd0
[  865.148172][   T38]  mutex_lock_nested+0x16a/0x1d0
[  865.148199][   T38]  nfsd_shutdown_threads+0x4e/0xd0
[  865.148225][   T38]  nfsd_umount+0x42/0xd0
[  865.148254][   T38]  deactivate_locked_super+0xbc/0x130
[  865.148280][   T38]  cleanup_mnt+0x425/0x4c0
[  865.148301][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  865.148328][   T38]  task_work_run+0x1d4/0x260
[  865.148352][   T38]  ? __pfx_task_work_run+0x10/0x10
[  865.148370][   T38]  ? __x64_sys_umount+0x122/0x160
[  865.148397][   T38]  ? exit_to_user_mode_loop+0x40/0x130
[  865.148428][   T38]  exit_to_user_mode_loop+0xe9/0x130
[  865.148454][   T38]  do_syscall_64+0x2bd/0xfa0
[  865.148478][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  865.148503][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.148523][   T38]  ? clear_bhb_loop+0x60/0xb0
[  865.148547][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.148565][   T38] RIP: 0033:0x7f5b199c02f7
[  865.148582][   T38] RSP: 002b:00007ffed01bbb98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  865.148602][   T38] RAX: 0000000000000000 RBX: 00007f5b19a41d7d RCX: 00007f5b199c02f7
[  865.148616][   T38] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed01bbc50
[  865.148637][   T38] RBP: 00007ffed01bbc50 R08: 0000000000000000 R09: 0000000000000000
[  865.148650][   T38] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed01bcce0
[  865.148664][   T38] R13: 00007f5b19a41d7d R14: 00000000000ac8c9 R15: 00007ffed01bcd20
[  865.148699][   T38]  </TASK>
[  865.148748][   T38] 
[  865.148748][   T38] Showing all locks held in the system:
[  865.148763][   T38] 7 locks held by ktimers/0/16:
[  865.148778][   T38] 1 lock held by khungtaskd/38:
[  865.148789][   T38]  #0: ffffffff8d5aa800 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  865.148841][   T38] 3 locks held by kworker/u8:5/86:
[  865.148852][   T38]  #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  865.148909][   T38]  #1: ffffc9000154fba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  865.148950][   T38]  #2: ffffffff8e856320 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
[  865.149012][   T38] 2 locks held by getty/5561:
[  865.149024][   T38]  #0: ffff88814ddd50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  865.149071][   T38]  #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400
[  865.149131][   T38] 2 locks held by syz.1.1181/9786:
[  865.149143][   T38]  #0: ffffffff8e8c99e0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  865.149190][   T38]  #1: ffffffff8d889ab8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x134/0x1660
[  865.149243][   T38] 3 locks held by kworker/0:0/9880:
[  865.149254][   T38]  #0: ffff88813ff55138 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  865.149302][   T38]  #1: ffffc9001cfffba0 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  865.149351][   T38]  #2: ffff88805d905260 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x224/0x3e0
[  865.149584][   T38] 2 locks held by syz-executor/9982:
[  865.149597][   T38]  #0: ffff8880231420d0 (&type->s_umount_key#85){++++}-{4:4}, at: deactivate_super+0xa9/0xe0
[  865.149647][   T38]  #1: ffffffff8d889ab8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x4e/0xd0
[  865.149709][   T38] 1 lock held by syz.6.2203/13180:
[  865.149723][   T38]  #0: ffff8880231420d0 (&type->s_umount_key#85){++++}-{4:4}, at: super_lock+0x2a9/0x3b0
[  865.149777][   T38] 9 locks held by syz-executor/13374:
[  865.149790][   T38] 4 locks held by syz.2.2321/13578:
[  865.149800][   T38] 1 lock held by syz.4.2324/13586:
[  865.149810][   T38]  #0: ffff8880344ac0e8 (&kvm->slots_lock){+.+.}-{4:4}, at: kvm_vm_ioctl_set_memory_region+0x67/0xe0
[  865.149860][   T38] 
[  865.149865][   T38] =============================================
[  865.149865][   T38] 
[  865.149884][   T38] NMI backtrace for cpu 1
[  865.149898][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  865.149919][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  865.149930][   T38] Call Trace:
[  865.149938][   T38]  <TASK>
[  865.149946][   T38]  dump_stack_lvl+0x189/0x250
[  865.149974][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  865.149999][   T38]  ? __pfx__printk+0x10/0x10
[  865.150034][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  865.150058][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  865.150081][   T38]  ? __pfx__printk+0x10/0x10
[  865.150109][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  865.150133][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  865.150158][   T38]  watchdog+0xf60/0xfa0
[  865.150187][   T38]  ? watchdog+0x1e2/0xfa0
[  865.150217][   T38]  kthread+0x711/0x8a0
[  865.150246][   T38]  ? __pfx_watchdog+0x10/0x10
[  865.150269][   T38]  ? __pfx_kthread+0x10/0x10
[  865.150292][   T38]  ? rt_spin_unlock+0x150/0x200
[  865.150328][   T38]  ? rt_spin_unlock+0x161/0x200
[  865.150346][   T38]  ? __pfx_kthread+0x10/0x10
[  865.150371][   T38]  ret_from_fork+0x4bc/0x870
[  865.150396][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  865.150424][   T38]  ? __switch_to_asm+0x39/0x70
[  865.150443][   T38]  ? __switch_to_asm+0x33/0x70
[  865.150460][   T38]  ? __pfx_kthread+0x10/0x10
[  865.150487][   T38]  ret_from_fork_asm+0x1a/0x30
[  865.150524][   T38]  </TASK>
[  865.150532][   T38] Sending NMI from CPU 1 to CPUs 0:
[  865.150563][    C0] NMI backtrace for cpu 0
[  865.150584][    C0] CPU: 0 UID: 0 PID: 13578 Comm: syz.2.2321 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  865.150604][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  865.150614][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x8/0xa0
[  865.150638][    C0] Code: 89 74 0a 18 48 89 44 0a 20 c3 cc cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 70 a2 91 65 44 8b 05 97 aa e3 0f 41 81 e0 00 00
[  865.150653][    C0] RSP: 0018:ffffc9000596f3d8 EFLAGS: 00000206
[  865.150668][    C0] RAX: ffffffff82272c12 RBX: 840000004011c805 RCX: 0000000000080000
[  865.150682][    C0] RDX: ffffc9000de43000 RSI: 0000000000000005 RDI: 0000000000000005
[  865.150693][    C0] RBP: ffffc9000596f601 R08: 0000000000000000 R09: 0000000000000000
[  865.150704][    C0] R10: dffffc0000000000 R11: fffff940002008e1 R12: 0000000000000000
[  865.150716][    C0] R13: dffffc0000000000 R14: 0000000000000005 R15: 840000004011c805
[  865.150729][    C0] FS:  00007f07809fe6c0(0000) GS:ffff888126df9000(0000) knlGS:0000000000000000
[  865.150743][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  865.150755][    C0] CR2: 0000001b2f422ff8 CR3: 000000007c0e4000 CR4: 00000000003526f0
[  865.150772][    C0] Call Trace:
[  865.150779][    C0]  <TASK>
[  865.150785][    C0]  __page_table_check_pte_clear+0x32/0x70
[  865.150808][    C0]  unmap_page_range+0x2eeb/0x3c10
[  865.150848][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  865.150869][    C0]  ? mas_find+0xb0e/0xd30
[  865.150887][    C0]  ? unmap_vmas+0x144/0x580
[  865.150907][    C0]  unmap_vmas+0x399/0x580
[  865.150927][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  865.150956][    C0]  exit_mmap+0x240/0xb40
[  865.150980][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  865.150998][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  865.151029][    C0]  ? __pfx_exit_aio+0x10/0x10
[  865.151056][    C0]  ? uprobe_clear_state+0x288/0x2a0
[  865.151079][    C0]  ? copy_process+0x2759/0x3ae0
[  865.151100][    C0]  __mmput+0xcb/0x3d0
[  865.151118][    C0]  copy_process+0x2814/0x3ae0
[  865.151143][    C0]  ? copy_process+0x979/0x3ae0
[  865.151168][    C0]  ? __pfx_copy_process+0x10/0x10
[  865.151193][    C0]  kernel_clone+0x224/0x7c0
[  865.151223][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  865.151253][    C0]  __x64_sys_clone+0x18b/0x1e0
[  865.151275][    C0]  ? __pfx___x64_sys_clone+0x10/0x10
[  865.151303][    C0]  ? do_user_addr_fault+0xc85/0x1380
[  865.151323][    C0]  ? do_syscall_64+0xbe/0xfa0
[  865.151344][    C0]  do_syscall_64+0xfa/0xfa0
[  865.151361][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  865.151393][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.151410][    C0]  ? clear_bhb_loop+0x60/0xb0
[  865.151429][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.151445][    C0] RIP: 0033:0x7f078279efc9
[  865.151460][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.151475][    C0] RSP: 002b:00007f07809fdfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  865.151492][    C0] RAX: ffffffffffffffda RBX: 00007f07829f5fa0 RCX: 00007f078279efc9
[  865.151505][    C0] RDX: 0000000000000000 RSI: ffffffffffffff50 RDI: 0000000040001000
[  865.151516][    C0] RBP: 00007f0782821f91 R08: 0000000000000000 R09: 0000000000000000
[  865.151531][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  865.151542][    C0] R13: 00007f07829f6038 R14: 00007f07829f5fa0 R15: 00007fff557cd328
[  865.151563][    C0]  </TASK>
[  865.184259][   T37] kauditd_printk_skb: 133 callbacks suppressed
[  865.184279][   T37] audit: type=1326 audit(1762204599.114:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13583 comm="syz.0.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf52eeefc9 code=0x7fc00000
[  865.655769][   T10] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  865.857173][   T10] usb 5-1: Using ep0 maxpacket: 16
[  865.864252][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  865.893193][   T10] usb 5-1: config 8 has an invalid interface number: 34 but max is 0
[  865.893223][   T10] usb 5-1: config 8 has an invalid interface association descriptor of length 2, skipping
[  865.893241][   T10] usb 5-1: config 8 has no interface number 0
[  865.893294][   T10] usb 5-1: config 8 interface 34 altsetting 2 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  865.893320][   T10] usb 5-1: config 8 interface 34 altsetting 2 endpoint 0xD has invalid maxpacket 512, setting to 64
[  865.893345][   T10] usb 5-1: config 8 interface 34 has no altsetting 0
[  865.982446][   T10] usb 5-1: New USB device found, idVendor=0424, idProduct=c001, bcdDevice=e2.0c
[  865.982478][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  865.982496][   T10] usb 5-1: Product: syz
[  865.982509][   T10] usb 5-1: Manufacturer: syz
[  865.982523][   T10] usb 5-1: SerialNumber: syz
[  869.320476][   T10] usb 5-1: can't set config #8, error -71
[  869.326796][   T10] usb 5-1: USB disconnect, device number 68
[  869.936208][ T4534] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.199870][ T4534] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.273963][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  870.274097][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  870.759575][ T4534] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.098517][ T4534] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  872.187946][ T4534] bridge_slave_1: left allmulticast mode
[  872.188194][ T4534] bridge_slave_1: left promiscuous mode
[  872.196077][ T4534] bridge0: port 2(bridge_slave_1) entered disabled state
[  872.277836][ T4534] bridge_slave_0: left allmulticast mode
[  872.277859][ T4534] bridge_slave_0: left promiscuous mode
[  872.278061][ T4534] bridge0: port 1(bridge_slave_0) entered disabled state
[  874.878150][ T4534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  874.938015][ T4534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  874.960505][ T4534] bond0 (unregistering): Released all slaves
[  875.095813][ T4534] �9: left promiscuous mode