last executing test programs:

17m42.604353804s ago: executing program 32 (id=736):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000001fc0)={&(0x7f0000000200)={0xd8, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'pim6reg1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vcan0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'team0\x00'}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x10}, 0x24040000)

17m1.582260298s ago: executing program 1 (id=1043):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x102)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa0}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x1000002, @empty, 0x186}, 0x1c)
listen(r3, 0x1)
mount$9p_tcp(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x400, &(0x7f00000004c0)={'trans=tcp,', {'port', 0x3d, 0x4e22}})
close_range(r1, 0xffffffffffffffff, 0x0)

17m0.477267343s ago: executing program 1 (id=1049):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x1)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmmsg$inet(r1, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000500)="0c1874268c0000bd3f4c2ee4c3e4fdfea05e8e04a1a42a60557fb65e7388442bcb546079b365311561bb95fb1aff7128184ea4ca0f437142f62b8f3200e2eb47d44e67968ef5a2b24506d380fd62fac61aa99133d75de2774168ed1224dee2e650791e490c7c3f514a1b39c61d40894d45c2205a1d988b31cd6dc9ba0908fb6e4cd35d064b5085cd470e8282240c64159ba4b6b084446629f37ec8700db7d6dea32c10c93f7f19f2de78816ca02e67b7ab59f59fdf2bea3156f5938df17892e404e8ae", 0x6e}], 0x1, 0x0, 0x0, 0x2000000}}], 0x800000000000369, 0x44000)

17m0.332079386s ago: executing program 2 (id=1050):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2})
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

16m59.157207003s ago: executing program 1 (id=1052):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x520b0ae3829b2f9}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x5}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)

16m58.186232765s ago: executing program 2 (id=1053):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)

16m54.810645335s ago: executing program 2 (id=1055):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x38, 0x400, 0x70bd2d, 0x25dfdbfc, {0xc}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
socket$nl_netfilter(0x10, 0x3, 0xc)
setxattr$system_posix_acl(&(0x7f0000000340)='./cgroup\x00', &(0x7f0000000380)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
setrlimit(0x2, &(0x7f00000002c0)={0x2, 0xfffffffe})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000000306050000000000000000000100000405000100070000008c2ec55ec1122f793daa102713e755f91ae90a55fb6c6bd7667955cfa63cfe48f6176da7f78b6700563854aefe222f79780443baff5aee53c832699e8b32d7d52b8c94d986fac89c99a8e4f403867b88f9f506fcd56a5f428ed603cb307fd24735af7b488c3f07cd288bc1450d11dbb5de6bfc4a3dca527d1188b88fd779d71067204392c8e46f74ffadc1cb75ced1ac1d1855515c836c95cd6cb45a0fa66f7fbbe7fdc2b4633112ca0ceef7e0c67477e6694151"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)

16m54.750902617s ago: executing program 1 (id=1056):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r1 = socket$kcm(0x2, 0x5, 0x84)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@cgroup, 0x24, 0x1, 0x10, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0], <r5=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)={@map=r0, r2, 0x29, 0x4, 0x0, @void, @value=r2, @void, @void, r5}, 0x20)
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x6e, &(0x7f0000000000)=r6, 0x10)
r7 = socket$packet(0x11, 0x2, 0x300)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0x7, 0xc, 0xffffffff, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000009060000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000004007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fd}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000180)=r9, 0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r10 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r10, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000)

16m53.080345595s ago: executing program 2 (id=1061):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000059770c40c009030243d30000000109021200"], 0x0)

16m52.863428235s ago: executing program 1 (id=1064):
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0)
memfd_create(&(0x7f0000000180)='\x8a\'\x0e\xda4N\x0e\xea\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\x01\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc0\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5%\xdd\x19\x03K\x98\xf5`\xcb\x1e\x99\x83\xcd\b\xd1\x02R\xae\x80z\xc4]V\xfa\xdc\x1f\xf9\x15\n8Z\xd2}\xf5\xe4\x9f5\x9b7\xaf\xb7o\x01\xf9', 0x1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)={'full'}, 0xfffffdef)
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, 0x0, &(0x7f0000000380))

16m50.357606409s ago: executing program 1 (id=1066):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a54000000030a0fdb00000000000000000a0060050900030073797a30000000000900010073797a310000000014000480080002403cb140bb08000140000000030a000700726f757465000000080005400000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000009c0)="d80000001c0081064e81f782db44b9040a1d080404000000000081a1180002000600142603600e1208000f000000000100001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e40ae8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccc29e00360db70100000d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e7834", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x8000800)

16m49.509382506s ago: executing program 2 (id=1070):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40000c0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100000700000000044000000000000000071400000011000100"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

16m49.121625373s ago: executing program 2 (id=1073):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0xff91, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = syz_open_dev$sg(0x0, 0x0, 0x8002)
r3 = fcntl$dupfd(r1, 0x406, r2)
ioctl$SG_GET_REQUEST_TABLE(r3, 0x2275, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$PPPIOCUNBRIDGECHAN(r1, 0x7434)

16m46.455091818s ago: executing program 33 (id=1042):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x14, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x86}]}]}]}}]}, 0x44}}, 0x0)

16m35.020334229s ago: executing program 34 (id=1066):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a54000000030a0fdb00000000000000000a0060050900030073797a30000000000900010073797a310000000014000480080002403cb140bb08000140000000030a000700726f757465000000080005400000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000009c0)="d80000001c0081064e81f782db44b9040a1d080404000000000081a1180002000600142603600e1208000f000000000100001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e40ae8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccc29e00360db70100000d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e7834", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x8000800)

16m33.936637717s ago: executing program 35 (id=1073):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0xff91, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = syz_open_dev$sg(0x0, 0x0, 0x8002)
r3 = fcntl$dupfd(r1, 0x406, r2)
ioctl$SG_GET_REQUEST_TABLE(r3, 0x2275, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$PPPIOCUNBRIDGECHAN(r1, 0x7434)

13m3.488776095s ago: executing program 5 (id=1542):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
unshare(0x20000400)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f0000002000))

13m3.14631995s ago: executing program 5 (id=1543):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a30000000001400078008000840000028590800064000000000050005000000400005000100060000000d000300686173683a6d"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000000306050000000000000000000100000405000100070000008c2ec55ec1122f793daa102713e755f91ae90a55fb6c6bd7667955cfa63cfe48f6176da7f78b6700563854aefe222f79780443baff5aee53c832699e8b32d7d52b8c94d986fac89c99a8e4f403867b88f9f506fcd56a5f428ed603cb307fd24735af7b488c3f07cd288bc1450d11dbb5de6bfc4a3dca527d1188b88fd779d71067204392c8e46f74ffadc1cb75ced1ac1d1855515c836c95cd6cb45a0fa66f7fbbe7fdc2b4633112ca0ceef7e0c67477e6694151"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)

13m2.748850556s ago: executing program 5 (id=1545):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x6, <r1=>0x0}, 0x8)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000001c0)=r1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x20040055}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

13m2.458053591s ago: executing program 5 (id=1547):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x8, r2, 0x0, 0x0, 0x96495, 0x0, &(0x7f0000000c80), 0x10000})

13m2.159073781s ago: executing program 5 (id=1549):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, 0x0})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0x6)

13m1.842693435s ago: executing program 5 (id=1550):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8801}, 0x20008850)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000c00)=@newtfilter={0x44, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

12m46.735180533s ago: executing program 36 (id=1550):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8801}, 0x20008850)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000c00)=@newtfilter={0x44, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

9m16.038437941s ago: executing program 8 (id=2008):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x1070bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x20048884)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x87c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x84c, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x7, 0x2, 0xd, 0x11f4, 0xf, 0x100, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x4, 0xa0000, 0x80, 0xc, 0x0, 0x6, 0xf290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x400, 0x7a, 0x7, 0x1, 0x3, 0x4050732b, 0x1, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0xfffffff5, 0xbf2, 0x10001, 0x2, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0x294, 0x7a, 0x11dc294f, 0x7, 0x8, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0x2, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x8, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x5, 0x6, 0x4, 0x1, 0x3, 0x0, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0x8, 0x4, 0x89, 0x8, 0x100e, 0x7, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x1, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x0, 0x4, 0x8, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0xaa, 0x2, 0xedd5, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x34, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0x2, 0x5ca0, 0x3, 0x1000, 0x4, 0x9, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x4, 0x2, 0x0, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x2, 0x1000, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0xffff, 0x66c, 0x7ff, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x6, 0x9, 0x2823, 0x8, 0xffffffff, 0x400, 0xffffffff, 0x8001, 0x0, 0x9, 0x1, 0x1, 0x9, 0x5, 0x1ff, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x20000000, 0x7, 0x7, 0x7, {0x4, 0x2, 0xfe00, 0xfe42, 0x4, 0x7}, {0x3, 0x1, 0xcf, 0x1, 0x800, 0x2}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x0, 0x7, 0xfffff7f1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x9, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x0, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0x9, 0xffffffff, 0x2, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x0, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0x4b, 0x2, 0x5, 0x1f, 0x7, 0x6, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x3, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x8001, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x7, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x1, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x7fff, 0x9, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdfb, 0x7, 0x9, 0x223ec3e7, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0xf, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x1, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0x80000000, 0x4, 0x38, 0x401, 0x2, 0x800010, 0x3, 0x3, 0xbd, 0x4, 0x4, 0x5, 0x5, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0x1, 0xea58, 0x29dc6e7b, 0x9b, 0x7, 0xd77, 0xff, 0x8, 0x5, 0x0, 0x0, 0x12, 0x0, 0xf, 0xbb4f, 0x8, 0x1, 0xbcba, 0x80, 0x8, 0xc6, 0x0, 0x81, 0x10000, 0x70, 0x3, 0x4, 0x4, 0x3, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0x73da, 0x401, 0x7, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)

9m12.45048401s ago: executing program 8 (id=2015):
unshare(0x8040600)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, 0x0)

9m12.062140157s ago: executing program 8 (id=2017):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x200002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$pppl2tp(0x18, 0x1, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r2 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f0000000200)={0x100, r3}, 0x0)

9m10.864422338s ago: executing program 8 (id=2018):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)={0x54, 0x0, 0x1, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCAN_SSIDS={0x38, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0x28, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0x4}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x22004000)

9m10.393912741s ago: executing program 8 (id=2020):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x4040, 0x0)
stat(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
lchown(&(0x7f0000000180)='./file1\x00', r0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000100), 0x1001000, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x6, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x400, 0x7ff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x6, 0x3}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)

9m9.111681519s ago: executing program 8 (id=2024):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x1070bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x20048884)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x87c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x84c, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x7, 0x2, 0xd, 0x11f4, 0xf, 0x100, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x4, 0xa0000, 0x80, 0xc, 0x0, 0x6, 0xf290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x400, 0x7a, 0x7, 0x1, 0x3, 0x4050732b, 0x1, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0xfffffff5, 0xbf2, 0x10001, 0x2, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0x294, 0x7a, 0x11dc294f, 0x7, 0x8, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0x2, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x8, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x5, 0x6, 0x4, 0x1, 0x3, 0x0, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0x8, 0x4, 0x89, 0x8, 0x100e, 0x7, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x1, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x0, 0x4, 0x8, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0xaa, 0x2, 0xedd5, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x34, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0x2, 0x5ca0, 0x3, 0x1000, 0x4, 0x9, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x4, 0x2, 0x0, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x2, 0x1000, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0xffff, 0x66c, 0x7ff, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x6, 0x9, 0x2823, 0x8, 0xffffffff, 0x400, 0xffffffff, 0x8001, 0x0, 0x9, 0x1, 0x1, 0x9, 0x5, 0x1ff, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x20000000, 0x7, 0x7, 0x7, {0x4, 0x2, 0xfe00, 0xfe42, 0x4, 0x7}, {0x3, 0x1, 0xcf, 0x1, 0x800, 0x2}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x0, 0x7, 0xfffff7f1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x9, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x0, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0x9, 0xffffffff, 0x2, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x0, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0x4b, 0x2, 0x5, 0x1f, 0x7, 0x6, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x3, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x8001, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x7, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x1, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x7fff, 0x9, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdfb, 0x7, 0x9, 0x223ec3e7, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0xf, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x1, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0x80000000, 0x4, 0x38, 0x401, 0x2, 0x800010, 0x3, 0x3, 0xbd, 0x4, 0x4, 0x5, 0x5, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0x1, 0xea58, 0x29dc6e7b, 0x9b, 0x7, 0xd77, 0xff, 0x8, 0x5, 0x0, 0x0, 0x12, 0x0, 0xf, 0xbb4f, 0x8, 0x1, 0xbcba, 0x80, 0x8, 0xc6, 0x0, 0x81, 0x10000, 0x70, 0x3, 0x4, 0x4, 0x3, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0x73da, 0x401, 0x7, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)

8m53.492454624s ago: executing program 37 (id=2024):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x1070bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x20048884)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x87c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x84c, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x7, 0x2, 0xd, 0x11f4, 0xf, 0x100, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x4, 0xa0000, 0x80, 0xc, 0x0, 0x6, 0xf290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x400, 0x7a, 0x7, 0x1, 0x3, 0x4050732b, 0x1, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0xfffffff5, 0xbf2, 0x10001, 0x2, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0x294, 0x7a, 0x11dc294f, 0x7, 0x8, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0x2, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x8, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x5, 0x6, 0x4, 0x1, 0x3, 0x0, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0x8, 0x4, 0x89, 0x8, 0x100e, 0x7, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x1, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x0, 0x4, 0x8, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0xaa, 0x2, 0xedd5, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x34, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0x2, 0x5ca0, 0x3, 0x1000, 0x4, 0x9, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x4, 0x2, 0x0, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x2, 0x1000, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0xffff, 0x66c, 0x7ff, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x6, 0x9, 0x2823, 0x8, 0xffffffff, 0x400, 0xffffffff, 0x8001, 0x0, 0x9, 0x1, 0x1, 0x9, 0x5, 0x1ff, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x20000000, 0x7, 0x7, 0x7, {0x4, 0x2, 0xfe00, 0xfe42, 0x4, 0x7}, {0x3, 0x1, 0xcf, 0x1, 0x800, 0x2}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x0, 0x7, 0xfffff7f1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x9, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x0, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0x9, 0xffffffff, 0x2, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x0, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0x4b, 0x2, 0x5, 0x1f, 0x7, 0x6, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x3, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x8001, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x7, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x1, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x7fff, 0x9, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdfb, 0x7, 0x9, 0x223ec3e7, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0xf, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x1, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0x80000000, 0x4, 0x38, 0x401, 0x2, 0x800010, 0x3, 0x3, 0xbd, 0x4, 0x4, 0x5, 0x5, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0x1, 0xea58, 0x29dc6e7b, 0x9b, 0x7, 0xd77, 0xff, 0x8, 0x5, 0x0, 0x0, 0x12, 0x0, 0xf, 0xbb4f, 0x8, 0x1, 0xbcba, 0x80, 0x8, 0xc6, 0x0, 0x81, 0x10000, 0x70, 0x3, 0x4, 0x4, 0x3, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0x73da, 0x401, 0x7, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)

4m53.898817105s ago: executing program 3 (id=2744):
socket(0x2000000000000021, 0x2, 0x10000000000002)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(0xffffffffffffffff, 0x8, &(0x7f0000000540)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000040)={0x7ff})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r4, 0x7ab, &(0x7f00000001c0)={&(0x7f0000000540)={{@host, 0x380}, {@hyper, 0x2}, 0x400, "d49e0b1f09a3e05cb898cd1464441748655937bb34d22f02362479246bb6372d891a3b5dafa58a6abc5a678d6874fc8fb5f8a529c6e30103484f2667c174fb6cda19ea0a9301bc3238eb816e9c3882f243bcd4bd7115b26dacf5923f060498d471cb4f789562fcda119739dd1a5b0e4e1a4a64dbd7b398bd4e7a247d81f968f2e945f293fc3860bf11f0424193fce743067d27f0ac187b44b1f73d8c35d3c2bd8b51bbc9a31123f773be89e109cc71b8ec29a539083c0cba15b0899c7181ba154c28b3c4e2ebe360ac44f942a703b9a3a37fbbefe9ae0de04a32336a6eba07b2fb6ad426d56e17291bb1a9d1fcdaa939378bab6dd2eac37b369ef163c9e0fc8039352c24d8147fcc2e2559b47066abd21a3a5f83f239a2227d17d4ca90f60ed9acc243ed38818e3883a985106b54dc157b67022525a74e8f9cb99852760359278d5d22294a70433ba4cec5147fbb09b1d0008b276257f1c5af6b8d6bf3bcfd5a468a566a4e98fe5f264f2663b72cb421c90d8b780000fb5749b27a3e146f9d8438706fea61b07c6e064446337439b9d5a5dc82f6c63c57d6ba0e709b7c1b15fa8367f8e6df2cf59b0b30740ef47c5cccffce5911569591ce4ab62275964cd1477a30cc6e71f7e40e161997cdbadcfbfb6c54e0289ac137508b7b5339414e4ab7afcc420148e37d49b664cc07c8178a3b50f566c5bdd3aa9217ef909805972bd63ee1d729b282cd866c183744b20da3227f9d43843236b571c8d3237408c266e08d0699ebd30e0820362664ab323b15d3ae9896d6120aae6ef9085f53a2b39cc31238b031476c86e6b16d7703fcbacc7269ce8622eab1cfdf82a364209ec4ac912db924bb76bc3eddf8d0e7a3abf0d08a48c07be47303b59653d9409f14dc59ac33cae5e010466f54d86772e43e3680863bb9bffa1dcc6e6a731e601d7fcdbb91d7146e7834d89059ad522d70398c2bacf113ed791e32f933dfa23f5d6d11bfc9d9e0f04a34b0eddd99d16cd9712485e0a5c9aaf1ebf3f14d00005f8960b6145cbb7d4522692ebe1f9491f87a29ed67c5fb60f5e69b040000000000000086a2dbf6199977e9b446691bf9f95d0abd84557c77ea13356c977d0f098ab9fec85acbd6447f2e6893e2fa6a0a7b272dab66e69b7def48f8b3583a53a09455e5542a7fa8d56e05ee3b265f17ca0439fcdcea276f7f0a9bf4c2a324d7143658007cf4019e8da69ba1b7dff4383714cbcb71dfe6f1b1ac5d5e99394cb2c360ddb1889d92cd36f8fc72ac865f1c6445957b2a57c1af59ef8d2e9fe328ec2bde763d65c4dea965042f544515bf2f879d1b26309ebc1d7f76c569fa88fbe61845e96e930c351c2cd260024f59495943596c128fdacc545263ce458bf99f57d7e5dc77f65cf650902b5b6d5af9359334759843365bf0dfb244817a40e8cc903000"}, 0x418, 0x8})
socket$rds(0x15, 0x5, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="02000000040000000800000001000000800000008c13fa02ed197ef8a91fb1d4f240761b1f9afd6a886ec0054fa9f8f02e9c474efa8c8d573b86c037dc", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r5}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000fe0000ff00000000010000008500000027000000b7080000000000007b8af8ff008af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41100}, 0x94)
socket(0x18, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x404, &(0x7f0000002140)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, &(0x7f00000000c0)=0x81, 0x8, 0x1)
r7 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00')
pread64(r7, &(0x7f0000001300)=""/4118, 0x1016, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x2, &(0x7f0000000980)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000140000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69643d82c264ab2808be8e7a152fa4f7b8378896c6d68e8909959f39d60edb37bd6727161f432e00558463db65d4dd16787cd8a0e76f8a8dc921b71b7180a7841491b711190a645df4811545b2d7435bbe0caa24691680a32fc4498e50962431149c69103ea17675f881e187ed1a4b58a7c4eb7df78275be50d60f9fac3160c30028b2af87d6af13057ae3a31b4740118fd47041a0dcd85ea8aabc4534c7289033549cb790fa23b52a2978b4d4f28b600c0c6002ae598de483e7b5637b2b29cf9bb1d7870b066263e029f9f1d0181e9555290191a89da0cd4fb5352c39279936ae8dfafa26dbbc7fe7a997ba0000000000000000000000000000000eda02bc2ee2c9b0fb7d51f001507ab3e33f2c63fad074965005bd3e4fa7bd66e39a7ee86ddec2524ec027b75778b325b54100ed6e1736a2dba9dbad8e2931f767a1c20d6557722d45eb0f517153c22ab54e1cf9ee9d0245eb842654bed39e61227c1fd633beea6ec047871666d95566092ec748dcb04e826cbb9294fa6890827fcf872e4bc6e4a8cfca7023b533b8ad6822ce394ec2f132fc79f7269881767b2c1482b2e5fedc122e7bdd4827920e948b000000", @ANYRESDEC=0x0, @ANYBLOB='<\x00'])

4m50.258729808s ago: executing program 3 (id=2747):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)

4m45.618812703s ago: executing program 3 (id=2764):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000240)={0x548}, 0x18, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYBLOB="814c8d"], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x1, 0x1}}, 0x40)

4m45.294222393s ago: executing program 3 (id=2765):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a001fffffffff7f000000008000", @ANYRES32=0x0, @ANYRES32=r0], 0x24}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r1 = syz_clone(0x80008000, 0x0, 0xffffffffffffff0d, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa8100200086dd63041d2800042f01fe8000000000000000000000000000aafe8000000000000000000000000000aa0c2022eb"], 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r2, 0xffffffffffffffff, 0x2)
memfd_create(&(0x7f0000000140)='-\t:\xfd\xff\xff\xff\xff\xff\a\x00\x00\x00SP\xb3\xc9\x9c\x9d\xd2\x1f,\xc6\xea/\x9d\x0f0KR\xc8\xe3,<$P\x91\x1fj_\xa35\x86\xe5\xechCGz\'\xa9\xb3\x86\r&\"\xff\xc8\x13\xc3e\xdf\x1bh\x031\xda\x1bNG\xac\xf3O\x02\x83\x96\x00\xfc\x00\x00\x00\x00\x00', 0x8)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r2}, 0x68)
move_pages(r1, 0xffffffffffffff3d, 0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111, 0x8}}, 0x20)
r4 = syz_open_dev$vim2m(&(0x7f00000009c0), 0x2000004007, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000000c0)={0x2, @pix_mp={0x0, 0x154a, 0x43353039, 0x0, 0x6, [{0x7, 0x7}, {0x4, 0xa}, {0x1, 0x2}, {0x6, 0x10001}, {0x7, 0xfffffffb}, {0x6f46, 0x6174}, {0x2, 0x1}], 0xf, 0x40, 0x7, 0x1, 0x6}})

4m44.876455556s ago: executing program 3 (id=2767):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x8, <r1=>0x0}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xc, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002e00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
close(0x3)
bpf$ENABLE_STATS(0x20, &(0x7f0000000000), 0x4)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@empty, @dev, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @broadcast, @empty, @multicast, @private=0x2}}}}, 0x0)
syz_emit_ethernet(0x5d5, &(0x7f0000000b80)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, @random="3f9bcce8e039", @void, {@mpls_uc={0x8847, {[], @ipv6=@gre_packet={0x7, 0x6, "eba9a1", 0x59f, 0x2f, 0xff, @mcast2, @empty, {[@hopopts={0x0, 0x28, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @multicast1}}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x0, 0x2, 0x3, 0x1, [0x9]}}, @pad1, @generic={0x74, 0xf8, "623d613971a6dbee59cf453be6c9a7a37763de29c18fa6bad4e9d73ca5b02375c409dd4db0cce9c6df5ba0884289567ff88fb974c43342ede26a031761b494c95f4362b1241e18817b51c750598ba5d9c9b5420a90291fe0a7e1dbfe63abaa8707794dbae673e6c62d353c8b2240f3e347b514b3aa4739b7b276022ba34f0f4db8950248dee4c649f42ce6cab811e8568f396b50af7da8e28cd6687db8ec0597e8664dd53c9d22973d332ebf35869587a34af5e26fcf074deb64c245abb7136d5ab61f31e2296cc0e985e5d2b79c060aaffb8b81fa099a5e3bd62f1624dbd649f9ee132ede916457f37cca28c31e742140e9ea1b507c24bb"}, @generic={0x71, 0x13, "588547742f2c7bcb6475cf34510d7832eb6b34"}, @jumbo={0xc2, 0x4, 0x8}]}, @fragment={0x2b, 0x0, 0x8, 0x1, 0x0, 0x6, 0x65}, @fragment={0x29, 0x0, 0x0, 0x1, 0x0, 0x4, 0x68}, @hopopts={0x0, 0x0, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}]}, @dstopts={0x16, 0x2, '\x00', [@enc_lim={0x4, 0x1, 0xf7}, @hao={0xc9, 0x10, @mcast2}]}, @fragment={0x2f, 0x0, 0xf9, 0x1, 0x0, 0x0, 0x67}], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0xdf, 0x2, [], "2256f1cc2050ab484269e98db0193a99ef1d229837f5438ee1a64e16a076624fd4e11cffb0b1217e8e330a6de0e4d0e4a86db962d21a0e3865ece940b5facaab1a74afe133b0461cbe63612602ce630b8971187885c93ae6d859dc379b34290c5488b00a70571428eecf30bee3ccae8a1174e1452157cc4ea7b244aaedd2b404806d8bebdbc12113d3523c8f71b763ae071394bf1b7ac921f291aa1afc9b507275adfd359abd554a77bd5a4e77121cedfaadb9041d0c47a23cb7a564102889f71a6dbfddd2f262ac29737855f96975dfe0b60905f723b762745f50645953ae"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0xc1d], "36ef0dd0c0726baccbfd4c278ae625077207952a63876f4c76d274012ca9abed1370942967f57f6303e9c66d31cfb02299325d568a16f91b1bd3b226b44d22de42572575e618c38c330356fe00d8f077d540d0ef661b5b971d916d0a19c3d4ab68f90f691c39482794b0b5b9f8fa1c5fee63dbe6290c7c2490fef5d41a5ad3a5e29d189aebdf6d3ae0a12ea63d9e0643b84f5ae95e35ff8908e926b1f03738ae29858860ca918d9977ecb29844f1e41005cc5be5866bc2f2d1b83def44c18092cda48f8a6ba1356edde580e870bd717009b3dc4213f42b9690381e3230a59cbec855f22caaed7e10e599257657131a"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x86dd, [], "e7ceaec2f364802a0c4092b3d241880d9e2117cc7a87575b25ee1bbd6a34b6d789789e4b498aeaba6fafb199d0dbd59a825c417c4d614fc06c725a80fd7e961fc8be303058ead3567c7e7b1e67efef478cd0b5e6bc74cc3f5e09c6ecca7da51e434a614dce88724c643de218535c2dbd38191249020b566ac0cca5f947daa16b758fda3e35feee982341af1652a98dde13c281e97f944c279db3bc3ddfa38bf0846e49259579aaae6b3c9a6dceaf9a9ad52c54eb6b5403a511fdb6ed7f1c4bc148a10185f2daf473fc411052173290b050b1703d157c1617b3fe3c4c37176fb61bf78591479461b7826bfa3f4604f8d84d3a0d55dbb20113d00113ee"}, {0x8, 0x88be, 0x4, {{0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0xff}, 0x1, {0x8}}}, {0x8, 0x22eb, 0x3, {{0x8, 0x2, 0x6, 0x1, 0x0, 0x2, 0x2, 0x9}, 0x2, {0x101, 0x1ff, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1}}}, {0x8, 0x6558, 0x4, "fc3b9dd2e664542e19096cd56764647487d036393868014220802af3b1bc16cf1b6130555daf40f011c740d946b431a25a0393e4957024b37b9755c6b6aee89b7b392523872b916efe8572f2162bacebd8724e694b5c1d83b7f7b8e2a57aeb3e5b270575e1e3c7461e6aa0a91deb767fb3215dd69ad8e7684b78ff839957df7c5aaa91495b65ea76cf522904f13fe358fd830ddaea4c6ce55cee1eaf12bc96c67f02e24ef15d95ef2b854f56291023065270841fb08c00a93b268de4dd2a7c1619b46a2d1e16c225b391d096e23163d1cc3d83bb2a664cf8488a1334731f692a177d474e661bfdb083468558699b8489c70e90c425bd4e"}}}}}}}}, 0x0)
r3 = syz_clone(0x49179480, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x29031, 0xffffffffffffffff, 0x0)
setpgid(r3, r3)
setpgid(0x0, r3)
wait4(r3, 0x0, 0x2, 0x0)
syz_pidfd_open(r3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast=0xe0000001}, {0x0, 0xe21, 0x8}}}}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setxattr$system_posix_acl(&(0x7f0000000340)='./cgroup\x00', &(0x7f0000000380)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000200)={0x0, 0x2, 0x40}, 0xc)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000000, 0x10, r0, 0x602b9000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)

4m39.15947872s ago: executing program 3 (id=2785):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x840000000002, 0x3, 0xfa)
getsockname$inet(r2, 0x0, &(0x7f0000002280))
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x22)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r5 = dup3(r4, r3, 0x0)
read$FUSE(r5, &(0x7f0000003100)={0x2020}, 0x2020)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000300)={0x6, 0x2, 0x4})
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rfc1337\x00', 0x2, 0x0)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902"], 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newlink={0x28, 0x10, 0x1, 0x70bd28, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
socket$nl_route(0x10, 0x3, 0x0)

4m23.841536692s ago: executing program 38 (id=2785):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x840000000002, 0x3, 0xfa)
getsockname$inet(r2, 0x0, &(0x7f0000002280))
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x22)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r5 = dup3(r4, r3, 0x0)
read$FUSE(r5, &(0x7f0000003100)={0x2020}, 0x2020)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000300)={0x6, 0x2, 0x4})
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rfc1337\x00', 0x2, 0x0)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902"], 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newlink={0x28, 0x10, 0x1, 0x70bd28, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
socket$nl_route(0x10, 0x3, 0x0)

27.696854371s ago: executing program 7 (id=3341):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80)
r3 = epoll_create1(0x0)
r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r5, 0x2e, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000180), 0x8)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'lo\x00', <r7=>0x0})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@ifindex=r7, r5, 0x11, 0x0, r4}, 0x20)
socket(0x25, 0x6, 0x100)
r8 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, 0x29, 0x107, 0x70bd27, 0xffffffff, {0x2, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x10004040)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r8, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSBRKP(r10, 0x5425, 0x0)
r11 = landlock_create_ruleset(&(0x7f0000000140)={0x4000, 0x3, 0x2}, 0x18, 0x0)
landlock_restrict_self(r11, 0x9)

26.483795154s ago: executing program 7 (id=3345):
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, 0x0)
r1 = syz_usb_connect(0x5, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000ffd26f10cb060600eb9a0102030109022400010000000009040001020a16d10009050700000000000009058973"], 0x0)
accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2711, @local}, 0x10, 0x800)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x200000000000, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect(0x3, 0x24, &(0x7f0000000540)={{0x12, 0x1, 0x300, 0x30, 0x5a, 0xbd, 0x40, 0x22b8, 0x6425, 0x8ae, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xae, 0x5, 0x10, 0x2, [{{0x9, 0x4, 0xb2, 0x8, 0x0, 0x2, 0xa, 0x0, 0x6}}]}}]}}, 0x0)
ioctl$EVIOCRMFF(r2, 0xc0085508, &(0x7f0000000040)=0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)

23.165139163s ago: executing program 0 (id=3352):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$inet6(0xa, 0x80002, 0x0)
pipe(&(0x7f00000000c0))
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6(0xa, 0x80002, 0x0)
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

22.169418608s ago: executing program 0 (id=3353):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x679a, 0x80, 0x4, 0x3cc}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r5, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x2000000, 0x2, 0x0, 0x0)

20.493783242s ago: executing program 7 (id=3356):
r0 = socket$inet6(0xa, 0x3, 0x6)
socket$kcm(0x29, 0x5, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
preadv(r1, &(0x7f0000000100)=[{&(0x7f0000000000)=""/250, 0xfa}], 0x1, 0x185, 0x0)
socket$netlink(0x10, 0x3, 0x14)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000440)=ANY=[], 0x8)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)
socket$inet6(0xa, 0x3, 0x6) (async)
socket$kcm(0x29, 0x5, 0x0) (async)
socket$kcm(0x29, 0x5, 0x0) (async)
socket$kcm(0x29, 0x2, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00') (async)
preadv(r1, &(0x7f0000000100)=[{&(0x7f0000000000)=""/250, 0xfa}], 0x1, 0x185, 0x0) (async)
socket$netlink(0x10, 0x3, 0x14) (async)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18) (async)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c) (async)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000440)=ANY=[], 0x8) (async)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0) (async)

18.782299506s ago: executing program 9 (id=3359):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1000430, &(0x7f0000000780)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYBLOB="58e1a192964f91b2b2b082e5b2d36bfb79aa692b33c0fe4f45accc6a979fe95b1d5b4e22a06662895c4d17a476b57a481d5cf05900646a29378be685539c12c562299679a0b283bb57257a03de500c90b4f9c738ba49abcf815137ce1b502040ec2b298001c1061f5d63c5d718", @ANYRES64=r0, @ANYRESDEC=r0])
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x9, {0x101, 0xb, 0x0, {0x1, 0x0, 0xbdd6, 0x400, 0x10000, 0x5, 0x9d1f, 0x4, 0x8, 0x4000, 0x7, 0x0, 0xffffffffffffffff, 0x7ffffff7, 0xc877}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$alg(0x26, 0x5, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000640)=ANY=[@ANYBLOB="736563757216ae2c697479000000000000000000000000000000000000000000000000040000000d"], 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="2c235aa9c5", 0x5)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_usb_control_io$cdc_ecm(r3, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r3, 0x82, 0xc38, &(0x7f0000000dc0)=ANY=[])

18.400261187s ago: executing program 7 (id=3360):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x100)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x402)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0x5, 0x3, 0x0, 0x3, [], [0x4, 0x7, 0x7b], [0x7, 0xffff, 0x2, 0x10000], [0x0, 0x0, 0x1, 0xfff]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)

17.043091765s ago: executing program 7 (id=3363):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$inet6(0xa, 0x80002, 0x0)
pipe(&(0x7f00000000c0))
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6(0xa, 0x80002, 0x0)
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

16.602285264s ago: executing program 4 (id=3364):
socket$kcm(0x2, 0xa, 0x2)
socket$kcm(0x2, 0x0, 0x73)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
socket$kcm(0x2, 0xa, 0x73)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4, @private=0xa010102}, 0x6)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r2, 0x6, 0x3, &(0x7f0000000e00)=0x20, 0x4)
prctl$PR_GET_THP_DISABLE(0x2a)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r4, 0x0, 0x14, &(0x7f0000000040)=0x48182ce9, 0x4)
setsockopt$inet_int(r4, 0x0, 0x12, &(0x7f0000000100)=0x42000000, 0x4)
recvmmsg(r4, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
fsetxattr$security_capability(r3, &(0x7f0000000280), &(0x7f00000002c0)=@v2={0x2000000, [{0x9, 0xffff}, {0x6, 0x8}]}, 0x14, 0x2)
r5 = socket$inet6_sctp(0xa, 0x3f6efe5c6c1dde8, 0x84)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000040)=0x5, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

16.537569678s ago: executing program 7 (id=3365):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1002}]})
pipe2$watch_queue(&(0x7f0000000300), 0x80)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x9, 0x0, 0x7fff0000}]})
r2 = shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)
shmctl$IPC_RMID(r2, 0x0)
r3 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x0, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r3, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
syz_open_procfs(0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000005d0d3087d07aa04d85b0102030109021b000f000000000904000001dbcc7a0009057697"], 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xdfc, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000140)='net/arp\x00')
lseek(r5, 0xa3d2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="600000000206030000000006000000000500000a092c5dff93929db745314e24c9a746360091df1202000600000000f2ac21a23b0000000500010007c469d61367cf28e0001300560749740800124000ee00000500050002000000050004000100000014000300686173683a69702c706f72742c"], 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x2000004007, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x8, 0x6, 0x2, 0x6, 0xfeedcafe, 0x0, 0x4, 0x1, 0x5}})
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x4c0480, 0x0)

15.352138783s ago: executing program 9 (id=3366):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x6, <r1=>0x0}, 0x8)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000001c0)=r1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x20040055}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1de0000080003400000000114000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000) (fail_nth: 5)

14.358522849s ago: executing program 9 (id=3368):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, 0x0, 0x0)

14.300931445s ago: executing program 4 (id=3369):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x34, 0x70, 0x9d, 0x40, 0x55f, 0xc230, 0xb6ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf2, 0xa7, 0xcc}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000dc0)={0x2c, &(0x7f0000000080)={0x0, 0x8, 0x1, "af"}, 0x0, 0x0, 0x0, 0x0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x2, 0xffffffffffffffff, 0x10000}, 0x50)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r2, r1}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r3, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x20, 0x1, 0x9, 0x801, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000001)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000880)={0x44, &(0x7f00000005c0)={0x20, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000000)={0x44, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000001800)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCSETA(0xffffffffffffffff, 0x560a, &(0x7f0000001040)={0x0, 0x9, 0x21, 0x3, 0xf, "20ffffffff00"})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000200)={0x0, 0x12}, 0x0, 0x0})

12.378200114s ago: executing program 0 (id=3371):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x4040, 0x0)
stat(0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
lchown(&(0x7f0000000180)='./file1\x00', r0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000100), 0x1001000, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x6, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x400, 0x7ff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x6, 0x3}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)

10.615250041s ago: executing program 0 (id=3372):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a40000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a310000000014000480080002403cb140bb080001400000000314000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x8, @mcast1, 0x3, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000200)="f4000900062b2c25fe80000000000000dc8b850f23", 0x15}], 0x1}, 0x20008060)

10.454860843s ago: executing program 6 (id=3373):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x100)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x402)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0x5, 0x3, 0x0, 0x3, [], [0x4, 0x7, 0x7b], [0x7, 0xffff, 0x2, 0x10000], [0x0, 0x0, 0x1, 0xfff]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)

9.676985032s ago: executing program 0 (id=3374):
r0 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)}, 0x20000006)
r1 = socket$kcm(0xf, 0x3, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000070000000000000003000000791908000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x28}, 0x94)
unshare(0x20000400)
r2 = socket(0x10, 0x3, 0x0)
ioctl$DVB_DVR_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000200)={0x6, 0x80000, <r3=>r2})
fgetxattr(r3, &(0x7f0000000240)=@known='system.sockprotoname\x00', &(0x7f0000001300)=""/4096, 0x1000)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@getlink={0x28, 0x12, 0x1, 0x70bd25, 0x0, {0x7}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x10000003}]}, 0x28}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000140), &(0x7f00000001c0)=0x4)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x15, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x26)
setsockopt$sock_attach_bpf(r5, 0x1, 0x34, &(0x7f00000012c0)=r6, 0x4)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x12, 0x0, 0x31)
sendmsg$inet(r1, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="020a030002000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)

9.630276472s ago: executing program 4 (id=3375):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$inet6(0xa, 0x80002, 0x0)
pipe(&(0x7f00000000c0))
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6(0xa, 0x80002, 0x0)
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

8.514750032s ago: executing program 6 (id=3376):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_END_FF_ERASE(r3, 0x400c55cb, &(0x7f0000000180)={0x1, 0x500, 0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x25, &(0x7f00000000c0))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r5, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8})
socket$xdp(0x2c, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x400000000000004)
socket$xdp(0x2c, 0x3, 0x0)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000240)="480000001400190d09004beafd0d8c562c84ed7a80ffe05e959126dda8900db462060f000000000000a2bc5603ca00000f7f8900000ec00000000101ff0000000309ff5bffff00c7", 0x48}], 0x1)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r7, 0x26, &(0x7f0000000300)={0x1, 0x0, 0x1, 0xffffffffffffffff})
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$UI_GET_VERSION(r3, 0x8004552d, &(0x7f0000000280))
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x4, 0x0, 0xf000, 0x0, 0x7f, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0xddccb000, 0xa, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80}, {0xdddd0000, 0x0, 0x0, 0x8, 0x2, 0x0, 0x81, 0x0, 0x44, 0xe, 0x0, 0x3}, {0x10b002, 0x2000, 0xe, 0xfd, 0x80, 0x0, 0x3}, {0x1000, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x1a, 0xa8}, {0x10000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0xfc, 0x86, 0xfe}, {0xeeee8000, 0x80a0000, 0xb, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x4}, {0xd000, 0x80a0000, 0x10, 0x82, 0xff, 0x10, 0xd, 0xe}, {0x6000}, {0x1, 0xfffe}, 0x60000000, 0x0, 0x7b25db2f070c01a1, 0x10, 0x1, 0x0, 0x900, [0x0, 0x1, 0x10000, 0x3]})
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x6011, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x6000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x6, 0x40}, {0xffff1000, 0x10000, 0xc, 0x0, 0x2, 0x4, 0x0, 0x0, 0x7, 0xff}, {0xeeee0000, 0x1000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x48, 0x3, 0x0, 0xfc}, {0x1, 0xeeee8000, 0x9, 0x0, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0xbf}, {0x1000, 0xffff1000, 0xc, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x3c}, {0x100000, 0x0, 0x0, 0x78, 0x5, 0x0, 0x2, 0x0, 0x0, 0xff, 0x5}, {0x0, 0xeeee8000, 0xa, 0x4, 0x0, 0x0, 0xa1, 0x20}, {0x0, 0x6000, 0xc, 0x0, 0x0, 0x7, 0x8, 0x43, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0x3}, {0xdddd1000}, 0x0, 0x0, 0x0, 0x100, 0x0, 0xf801, 0x8000000, [0x79327378, 0x0, 0x1, 0x400000]})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r9, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x7)

8.070595289s ago: executing program 0 (id=3377):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/180, 0xb4}, {0x0}, {&(0x7f00000019c0)=""/254, 0xfe}, {&(0x7f0000000740)=""/257, 0x101}, {&(0x7f0000000000)=""/37, 0x25}], 0x5)
personality(0x0)
sched_setattr(0x0, 0x0, 0x0)
creat(0x0, 0x122)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/custom1\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f00000034c0)={0x2020}, 0xcac)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010028bd7040010000000f00000005002e000000000008000300", @ANYRES32=r9, @ANYBLOB="05002ff90000"], 0x2c}}, 0x18)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x5, 0x4, 0x3f0, 0x110, 0x110, 0x110, 0x308, 0x308, 0x220, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @mac=@random="7af7f2182e96", @private, @empty}}}, {{@arp={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffff00, 0xffffff00, 0xd, 0x7, {@empty, {[0x0, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0xff, 0x0, 0xff]}}, 0x3ff, 0x6, 0x40, 0x6, 0x0, 0x5, 'team_slave_1\x00', 'gre0\x00', {}, {0xff}, 0x0, 0x6}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @private}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)

8.012759973s ago: executing program 4 (id=3378):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000007280), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, &(0x7f0000007540)={0x0, 0x0, &(0x7f0000007500)={&(0x7f0000000600)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100"], 0x38}, 0x1, 0x0, 0x0, 0x24010040}, 0x8000)
capset(0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
inotify_init()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x4c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}]}], {0x14}}, 0xe8}}, 0x0)
r4 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb)
pipe2$watch_queue(0x0, 0x80)
keyctl$revoke(0x3, r4)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}})
write$tun(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="1c0000f5"], 0xfdef)

6.327946938s ago: executing program 6 (id=3379):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$xdp(0x2c, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket(0x10, 0x3, 0x0)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

5.64623849s ago: executing program 4 (id=3380):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80)
r3 = epoll_create1(0x0)
r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r5, 0x2e, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000180), 0x8)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'lo\x00', <r7=>0x0})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@ifindex=r7, r5, 0x11, 0x0, r4}, 0x20)
socket(0x25, 0x6, 0x100)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, 0x29, 0x107, 0x70bd27, 0xffffffff, {0x2, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x10004040)
r9 = landlock_create_ruleset(&(0x7f0000000140)={0x4000, 0x3, 0x2}, 0x18, 0x0)
landlock_restrict_self(r9, 0x9)

5.461548137s ago: executing program 6 (id=3381):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0xe4, &(0x7f0000000080)={&(0x7f0000000280)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0xc, 0x4}, {0x0, 0x9}, {0x10, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8848}, @TCA_FLOWER_KEY_MPLS_OPTS={0x8, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x4}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x20040054)

4.441483147s ago: executing program 4 (id=3382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xf, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x2000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
syz_io_uring_setup(0xf00, 0x0, &(0x7f0000000100), 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000005c0)={[0x5836, 0x8, 0x7, 0x4000000000000e52, 0x1, 0x5479, 0x1043, 0x200000000006, 0x0, 0x1, 0xfffffffffffffffe, 0x100000000, 0x9ca6, 0x1, 0x8000000000005, 0x5c], 0x8080000, 0x42590})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r4, 0xae78, 0x0)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000c80)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2c, 0x2, 0x3, 0x301, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x3f}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1d}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x6000048}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'macvlan0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=@newlink={0x34, 0x10, 0x401, 0xfffefffc, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, 0x1e23}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TX_RATE={0xc, 0x3, {0x9, 0x6}}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004d808}, 0x24000804)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f0000000300)={&(0x7f0000000280)=""/67, 0x43, <r8=>0x0, &(0x7f0000000540)=""/142, 0x8e}}, 0x10)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/unix\x00')
lseek(r9, 0x8, 0x1)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000700)=@bpf_lsm={0x1d, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0xe}, [@call={0x85, 0x0, 0x0, 0x57}, @map_idx={0x18, 0x6}, @map_fd={0x18, 0x6, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x9c}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x10}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0x6a, &(0x7f0000000180)=""/106, 0x41100, 0x1, '\x00', r7, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x2, 0x9, 0x7, 0x9}, 0x10, r8, 0x0, 0x7, &(0x7f0000000640)=[r0, r0, r0, r9], &(0x7f0000000680)=[{0x1, 0x4, 0xf, 0x1}, {0x3, 0x4, 0x10}, {0x0, 0x2, 0x0, 0xa}, {0x3, 0x3, 0xa, 0x1}, {0x0, 0x4, 0x2, 0x8}, {0x5, 0x3, 0x5, 0x3}, {0x3, 0x1, 0x6, 0x1}], 0x10, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.762275665s ago: executing program 9 (id=3383):
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000003740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=""/39, 0x27}}], 0x1, 0x10000, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4a, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000006080)={'wlan1\x00'})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe7e7}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x20004015)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.658370626s ago: executing program 6 (id=3384):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a40000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a310000000014000480080002403cb140bb080001400000000314000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x8, @mcast1, 0x3, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000200)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6f", 0x20}], 0x1}, 0x20008060)

3.021932099s ago: executing program 6 (id=3385):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x34, 0x70, 0x9d, 0x40, 0x55f, 0xc230, 0xb6ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf2, 0xa7, 0xcc}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000dc0)={0x2c, &(0x7f0000000080)={0x0, 0x8, 0x1, "af"}, 0x0, 0x0, 0x0, 0x0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x2, 0xffffffffffffffff, 0x10000}, 0x50)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r2, r1}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r3, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x20, 0x1, 0x9, 0x801, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000001)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000880)={0x44, &(0x7f00000005c0)={0x20, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000001c0)={0x14, &(0x7f0000000100)={0x20, 0x9, 0x68, {0x68, 0x5, "27fe7510b02bdaebf3f08f3f24c5e2a73065af96d2eb3f9c556e1683f9ab967a93b88a0c82429f9528370446ed03b8aab8ba91563475f4085fa196bc268e668cd167d1aeb09b6368b974a75c6b74860f6cf0e6e44f6fb84a34745a8f966e8366c27e5917b4f3"}}, &(0x7f0000000180)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000440)={0x1c, &(0x7f0000000240)=ANY=[@ANYBLOB="2001d2000000a97ef0dfba20c17594a1620f46c36b35b1824bc1d881530d3048c49799e9fbfcc6202d97b1e27f6d18f942a73a5353c3b7472a64c11a124a0a10c0711d26ff25037e7e74d171c64fac3da619c22c95e153e20057847cc1e43212321e41dd64d5eb3e0f8f22908117dde3d13072d9aa851174af9c2deaa9e0c5041fd7b17e19255168a0a66a1a96fd365670926c3072f603f3ed1163308327a343935c39264852ef3bf5ea6c2413ce535e467b54c7b2ce07ea8b3206133e49bde047f141c7038124192f2189a9c7750f7ef3cf14b72091a721"], &(0x7f0000000380)={0x0, 0xa, 0x1}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x8e}})
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000001800)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TCSETA(0xffffffffffffffff, 0x560a, &(0x7f0000001040)={0x0, 0x9, 0x21, 0x3, 0xf, "20ffffffff00"})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000200)={0x0, 0x12}, 0x0, 0x0})

2.649523394s ago: executing program 9 (id=3386):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xbb6, @loopback, 0x5}, 0x28)
connect$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x9, @loopback, 0x106}, 0x1c)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
sendmmsg$unix(r1, &(0x7f0000005a40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000e00)="f6debb016479bbdfe28ae6b90bf3259a1d51dd8ad823fd0ccdf24c5797d8d245422324ce052a9fc2a6ad1b627b86486f134c06fbe2bb525de3f57362ff335ee7163a4f532fdae30bcacf3657474467a49c3530dbdc6a02105000b9a0adbddc1d97bc88ba619b2fcf5666c29354bd452fdf3b17502cba980410889b48e6c29da4fc330792086c4ce0857bb303e68aeca8c50f7024a86a2ada3d1ac268efcd305f2b01da5e9cb6d12d76f406f5a0f6ba00aa071f6394fe7ebac06e282b12916597a5d44015e6c6b4183989d085a8f0f4aaed0bb8bc30235b1ab87d3b9511a46d04f1c191b4e068d8799b6c6aeb72bc6cf568b66e6a1f45d26fd548f098ac43fe232903b277ebf82b7ed57dc200af6b20ced93886c2b8e027894a123a8737b0a6553b890bbbdc0e1e1853adda2eb2de137c80308d44d2f04c9772c0316689f9524b645296e3f675080a707d067ce35030a4419e1434527dda4910ca88f3f112dcf025c94ded3b4b3dcb35a020fefba1cf75cbc14fbbd876c30bacd7e290b1d025c1ba56c5cf637e3a02f35e77e4c32edd8362487211257f2a2af803746cfc4baba95b666ee1810f614686a46844e127046c8ee162a2f9205b3b0987f8aef17fc7ff50b4b6fc2fbfbc8000e0e3569718bac09afb166d1bfa3abf104b35aa8aaba0a7b065aa8a1d70afd07d4c41c22a9015c7e4e06c5fe2264526c47c19ab74b52ca94d43c315fb7b959c5d3f81a80f1a0d9933903e5b1ad449ff351d0426db0876082c148a3f4352f6692973ff3c87edf4a4b1597b8502933e05d03603bf8f438aa2c6cb27b07c363cc0777be366ae5e9d433ad8742ee8326bfd22152f52ae4f882783fca079ae0d5cbcd3f78494e716acfa420354261138570bbe82f8b8d6cde71199ef8f55e6783869b9c7395e16fa3f390dc152a78ab6db1ef767c076172216f4bdb29ca1ec098af5f92e5abcb163ef48de8b414a4c841fb24640451602bd459c29169bc33d28efb2a2cb1b4c6c37afa73a6805e3b6c7c3cc099b29ca1834bcb7f3a18e1ed968dabf3ac34e1b34765465b7208a52f4484aeceb40b5308f5bf040c9be3f0816b453bc1bca72baa12fb6d7b16da757147a36550a856a943a74b2b36e73a62421cfec838905a2ad17cfb36314e5d0bb629e6daee690c7d163a62ad0c7430d5beddb0cda713b21767cfc38f359343546f54fa61208681490a9ac82c746ec50602713b0417ae515debece1d625f09bf595ad596a7cf0e7ebb448d6ce7834ebe31352f51abb998b0aa96ea4a6842263461453310ab29ea2ec2576845958ba4a5491d93c14c9cfee4a4c748c65792d1e6ee1fc6529bbf82224bce8d5415112c797d958a4f5553673e40b7d133105d79d2743900349c89855ccc1d92f96afdff376961f1c9b72b8080edf8f6b71fff66b3b49e0492d3c3af304a66e01fafcb26020b62568ed1915385965894c77f212b61392872ef5d441379643a692e068b6869d616d0fa3636eedb01acf5344daf84e0c11f5c8ffdcebeb02c58b77764c8bf6fee2b116eeafb2752f262786e0fb134a3f0823301d0578ae6952ba9a585371c4a31c28beb03518a1123abb745b55885486a347013e65e7e0bf0e734d74976ea4902ab513fecd98fccb8e023941e40fed3c1c4733422e2bc5840ed218d113369d6b09882f387260d50dc21f5ac807b00d28d7b8891e461cb5092f34f704954334b94fc7b832692431609627a88961866538ab6ed950ed74b1f150e9fe3cc00edceb9ec7269ed64c2e372c65ccb062b50a7c21f3d10c11eebf7980f0fea74d19b089fbe29f98b021d6be1ae5628fe3a0d704e908209d511d66987549e30f196bdee9f62182492285f60e59ce910686f914b1f9eda9d04d25fb8f43669ac28ef3da3b929fa1cc9c11dd9e5a3ac1d2f855312643676fe592bb058e14d52b937cef03dbaa4d6ef1c9bca4587c5e28057f2de745fabf8e0f688bc1e4c975d6bb429feaa", 0x583}], 0x1, 0x0, 0x0, 0x811}}], 0x1, 0x4880)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1, &(0x7f0000000000)=0x82b, 0x4) (fail_nth: 5)

230.71856ms ago: executing program 39 (id=3365):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1002}]})
pipe2$watch_queue(&(0x7f0000000300), 0x80)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x9, 0x0, 0x7fff0000}]})
r2 = shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)
shmctl$IPC_RMID(r2, 0x0)
r3 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x0, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r3, 0x20, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
syz_open_procfs(0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000005d0d3087d07aa04d85b0102030109021b000f000000000904000001dbcc7a0009057697"], 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xdfc, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000140)='net/arp\x00')
lseek(r5, 0xa3d2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="600000000206030000000006000000000500000a092c5dff93929db745314e24c9a746360091df1202000600000000f2ac21a23b0000000500010007c469d61367cf28e0001300560749740800124000ee00000500050002000000050004000100000014000300686173683a69702c706f72742c"], 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x2000004007, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x8, 0x6, 0x2, 0x6, 0xfeedcafe, 0x0, 0x4, 0x1, 0x5}})
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x4c0480, 0x0)

0s ago: executing program 9 (id=3388):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$inet6(0xa, 0x80002, 0x0)
pipe(&(0x7f00000000c0))
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6(0xa, 0x80002, 0x0)
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

kernel console output (not intermixed with test programs):

01 48
[ 1124.209079][T17735] RSP: 002b:00007f2c76ba6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1124.209099][T17735] RAX: ffffffffffffffda RBX: 00007f2c78bc5fa0 RCX: 00007f2c7894bf79
[ 1124.209114][T17735] RDX: 0000200000001500 RSI: 00000000c0046d00 RDI: 0000000000000003
[ 1124.209127][T17735] RBP: 00007f2c76ba6090 R08: 0000000000000000 R09: 0000000000000000
[ 1124.209139][T17735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1124.209150][T17735] R13: 00007f2c78bc6038 R14: 00007f2c78bc5fa0 R15: 00007ffc38b4be48
[ 1124.209177][T17735]  </TASK>
[ 1124.215586][T17735] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1124.393511][T14229] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000098. ret = -EPROTO
[ 1124.393637][T14229] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO
[ 1124.398460][T14229] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 1124.398519][T14229] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1124.400689][T14229] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1124.583822][T14229] lan78xx 10-1:1.0: probe with driver lan78xx failed with error -71
[ 1124.695880][T14229] usb 10-1: USB disconnect, device number 24
[ 1124.748252][T17679] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1124.748277][T17679] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1124.834124][T17740] loop8: detected capacity change from 0 to 7
[ 1124.907917][T17740] Dev loop8: unable to read RDB block 7
[ 1124.907990][T17740]  loop8: unable to read partition table
[ 1124.908241][T17740] loop8: partition table beyond EOD, truncated
[ 1124.908276][T17740] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1124.914267][T17742] netlink: 'syz.7.3063': attribute type 9 has an invalid length.
[ 1125.269810][T17748] loop5: detected capacity change from 0 to 7
[ 1125.290352][T17748] Dev loop5: unable to read RDB block 7
[ 1125.290400][T17748]  loop5: unable to read partition table
[ 1125.290738][T17748] loop5: partition table beyond EOD, truncated
[ 1125.290778][T17748] loop_reread_partitions: partition scan of loop5 (�被x������ ) failed (rc=-5)
[ 1125.538965][T17754] FAULT_INJECTION: forcing a failure.
[ 1125.538965][T17754] name failslab, interval 1, probability 0, space 0, times 0
[ 1125.539006][T17754] CPU: 0 UID: 0 PID: 17754 Comm: syz.6.3067 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1125.539039][T17754] Tainted: [L]=SOFTLOCKUP
[ 1125.539047][T17754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1125.539061][T17754] Call Trace:
[ 1125.539070][T17754]  <TASK>
[ 1125.539081][T17754]  dump_stack_lvl+0xe8/0x150
[ 1125.539119][T17754]  should_fail_ex+0x46b/0x600
[ 1125.539152][T17754]  should_failslab+0xa8/0x100
[ 1125.539189][T17754]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[ 1125.539213][T17754]  ? __alloc_skb+0x1d7/0x390
[ 1125.539244][T17754]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1125.539275][T17754]  ? __alloc_skb+0x193/0x390
[ 1125.539308][T17754]  __alloc_skb+0x1d7/0x390
[ 1125.539351][T17754]  netlink_sendmsg+0x5d4/0xb40
[ 1125.539392][T17754]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1125.539433][T17754]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1125.539462][T17754]  ____sys_sendmsg+0xa4e/0xac0
[ 1125.539485][T17754]  ? __might_fault+0xaf/0x130
[ 1125.539517][T17754]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1125.539549][T17754]  ? import_iovec+0x73/0xa0
[ 1125.539585][T17754]  ___sys_sendmsg+0x2a5/0x360
[ 1125.539607][T17754]  ? __lock_acquire+0x6b5/0x2cf0
[ 1125.539643][T17754]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1125.539706][T17754]  ? __fget_files+0x2a/0x420
[ 1125.539736][T17754]  ? __fget_files+0x3a6/0x420
[ 1125.539779][T17754]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1125.539805][T17754]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1125.539839][T17754]  ? __pfx_ksys_write+0x10/0x10
[ 1125.539875][T17754]  do_syscall_64+0x14d/0xf80
[ 1125.539905][T17754]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.539926][T17754]  ? trace_irq_disable+0x37/0x100
[ 1125.539947][T17754]  ? clear_bhb_loop+0x40/0x90
[ 1125.539975][T17754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.539996][T17754] RIP: 0033:0x7f2c7894bf79
[ 1125.540017][T17754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1125.540037][T17754] RSP: 002b:00007f2c76ba6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1125.540061][T17754] RAX: ffffffffffffffda RBX: 00007f2c78bc5fa0 RCX: 00007f2c7894bf79
[ 1125.540078][T17754] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[ 1125.540094][T17754] RBP: 00007f2c76ba6090 R08: 0000000000000000 R09: 0000000000000000
[ 1125.540108][T17754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1125.540123][T17754] R13: 00007f2c78bc6038 R14: 00007f2c78bc5fa0 R15: 00007ffc38b4be48
[ 1125.540160][T17754]  </TASK>
[ 1126.174675][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1126.174697][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1126.269794][T17765] FAULT_INJECTION: forcing a failure.
[ 1126.269794][T17765] name failslab, interval 1, probability 0, space 0, times 0
[ 1126.269836][T17765] CPU: 0 UID: 0 PID: 17765 Comm: syz.9.3069 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1126.269867][T17765] Tainted: [L]=SOFTLOCKUP
[ 1126.269875][T17765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1126.269890][T17765] Call Trace:
[ 1126.269899][T17765]  <TASK>
[ 1126.269909][T17765]  dump_stack_lvl+0xe8/0x150
[ 1126.269947][T17765]  should_fail_ex+0x46b/0x600
[ 1126.269981][T17765]  should_failslab+0xa8/0x100
[ 1126.270010][T17765]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[ 1126.270034][T17765]  ? __pfx_tcp_current_mss+0x10/0x10
[ 1126.270059][T17765]  ? __alloc_skb+0x1d7/0x390
[ 1126.270108][T17765]  __alloc_skb+0x1d7/0x390
[ 1126.270146][T17765]  tcp_stream_alloc_skb+0x3d/0x350
[ 1126.270182][T17765]  tcp_sendmsg_locked+0x1af7/0x55b0
[ 1126.270271][T17765]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1126.270317][T17765]  ? __local_bh_enable_ip+0x1ae/0x2b0
[ 1126.270346][T17765]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1126.270381][T17765]  tcp_sendmsg+0x2f/0x50
[ 1126.270414][T17765]  __sys_sendto+0x643/0x7d0
[ 1126.270458][T17765]  ? __pfx___sys_sendto+0x10/0x10
[ 1126.270522][T17765]  ? ksys_write+0x248/0x270
[ 1126.270548][T17765]  ? __pfx_ksys_write+0x10/0x10
[ 1126.270576][T17765]  __x64_sys_sendto+0xde/0x100
[ 1126.270617][T17765]  do_syscall_64+0x14d/0xf80
[ 1126.270647][T17765]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1126.270669][T17765]  ? trace_irq_disable+0x37/0x100
[ 1126.270690][T17765]  ? clear_bhb_loop+0x40/0x90
[ 1126.270717][T17765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1126.270740][T17765] RIP: 0033:0x7fc84741bf79
[ 1126.270760][T17765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1126.270781][T17765] RSP: 002b:00007fc845676028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1126.270807][T17765] RAX: ffffffffffffffda RBX: 00007fc847695fa0 RCX: 00007fc84741bf79
[ 1126.270824][T17765] RDX: 0000000000000381 RSI: 00002000000004c0 RDI: 0000000000000003
[ 1126.270840][T17765] RBP: 00007fc845676090 R08: 0000000000000000 R09: 0000000000000000
[ 1126.270855][T17765] R10: 0000000000000805 R11: 0000000000000246 R12: 0000000000000001
[ 1126.270870][T17765] R13: 00007fc847696038 R14: 00007fc847695fa0 R15: 00007ffde9f0a968
[ 1126.270907][T17765]  </TASK>
[ 1130.933658][T17821] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3082'.
[ 1132.497324][T17836] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3084'.
[ 1132.497366][T17836] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3084'.
[ 1132.497378][T17836] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3084'.
[ 1133.590902][T17857] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3088'.
[ 1133.592673][T17857] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3088'.
[ 1134.259135][T17878] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1134.509598][T14029] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[ 1134.688603][T14029] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1134.688637][T14029] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1134.688664][T14029] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1134.688720][T14029] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49152, setting to 64
[ 1134.694446][T14029] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1134.694579][T14029] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1134.694604][T14029] usb 5-1: Product: syz
[ 1134.694620][T14029] usb 5-1: Manufacturer: syz
[ 1135.762440][T14029] cdc_wdm 5-1:1.0: skipping garbage
[ 1135.762465][T14029] cdc_wdm 5-1:1.0: skipping garbage
[ 1135.766269][T14029] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1135.871566][T17901] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1135.931991][T17901] VFS: Can't find a romfs filesystem on dev nullb0.
[ 1135.931991][T17901] 
[ 1136.687819][T14229] usb 5-1: USB disconnect, device number 36
[ 1136.779541][T17907] FAULT_INJECTION: forcing a failure.
[ 1136.779541][T17907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1136.779588][T17907] CPU: 1 UID: 0 PID: 17907 Comm: syz.7.3105 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1136.779620][T17907] Tainted: [L]=SOFTLOCKUP
[ 1136.779628][T17907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1136.779643][T17907] Call Trace:
[ 1136.779651][T17907]  <TASK>
[ 1136.779662][T17907]  dump_stack_lvl+0xe8/0x150
[ 1136.779699][T17907]  should_fail_ex+0x46b/0x600
[ 1136.779733][T17907]  _copy_from_user+0x2d/0xb0
[ 1136.779766][T17907]  userfaultfd_ioctl+0xa64/0x54d0
[ 1136.779796][T17907]  ? kasan_save_track+0x4f/0x80
[ 1136.779817][T17907]  ? kasan_save_track+0x3e/0x80
[ 1136.779837][T17907]  ? kfree+0x1c1/0x690
[ 1136.779856][T17907]  ? tomoyo_path_number_perm+0x501/0x630
[ 1136.779889][T17907]  ? security_file_ioctl+0xc3/0x2a0
[ 1136.779922][T17907]  ? __se_sys_ioctl+0x47/0x170
[ 1136.779945][T17907]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1136.779979][T17907]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1136.780040][T17907]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1136.780087][T17907]  ? tomoyo_path_number_perm+0x219/0x630
[ 1136.780123][T17907]  ? tomoyo_path_number_perm+0x219/0x630
[ 1136.780169][T17907]  ? do_vfs_ioctl+0x117b/0x1540
[ 1136.780196][T17907]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1136.780221][T17907]  ? __pfx_smack_log+0x10/0x10
[ 1136.780249][T17907]  ? smk_access+0x14c/0x4e0
[ 1136.780282][T17907]  ? smk_tskacc+0x311/0x3a0
[ 1136.780314][T17907]  ? smack_file_ioctl+0x2c2/0x360
[ 1136.780347][T17907]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1136.780389][T17907]  ? __fget_files+0x2a/0x420
[ 1136.780418][T17907]  ? __fget_files+0x3a6/0x420
[ 1136.780447][T17907]  ? __fget_files+0x2a/0x420
[ 1136.780482][T17907]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1136.780511][T17907]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1136.780542][T17907]  __se_sys_ioctl+0xff/0x170
[ 1136.780568][T17907]  do_syscall_64+0x14d/0xf80
[ 1136.780598][T17907]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1136.780621][T17907]  ? trace_irq_disable+0x37/0x100
[ 1136.780642][T17907]  ? clear_bhb_loop+0x40/0x90
[ 1136.780670][T17907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1136.780691][T17907] RIP: 0033:0x7f0b42d4bf79
[ 1136.780712][T17907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1136.780732][T17907] RSP: 002b:00007f0b40fa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1136.780757][T17907] RAX: ffffffffffffffda RBX: 00007f0b42fc5fa0 RCX: 00007f0b42d4bf79
[ 1136.780774][T17907] RDX: 0000200000000080 RSI: 00000000c028aa03 RDI: 0000000000000003
[ 1136.780789][T17907] RBP: 00007f0b40fa6090 R08: 0000000000000000 R09: 0000000000000000
[ 1136.780803][T17907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1136.780816][T17907] R13: 00007f0b42fc6038 R14: 00007f0b42fc5fa0 R15: 00007ffeda14bb98
[ 1136.780850][T17907]  </TASK>
[ 1136.902522][ T5809] usb 7-1: new full-speed USB device number 31 using dummy_hcd
[ 1137.066166][ T5889] usb 10-1: new full-speed USB device number 25 using dummy_hcd
[ 1137.119476][ T5809] usb 7-1: config 0 has an invalid interface number: 253 but max is 0
[ 1137.119504][ T5809] usb 7-1: config 0 has no interface number 0
[ 1137.119536][ T5809] usb 7-1: too many endpoints for config 0 interface 253 altsetting 84: 241, using maximum allowed: 30
[ 1137.119579][ T5809] usb 7-1: config 0 interface 253 altsetting 84 has 0 endpoint descriptors, different from the interface descriptor's value: 241
[ 1137.119610][ T5809] usb 7-1: config 0 interface 253 has no altsetting 0
[ 1137.122054][ T5809] usb 7-1: New USB device found, idVendor=0403, idProduct=bca4, bcdDevice=d7.23
[ 1137.122083][ T5809] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1137.122119][ T5809] usb 7-1: Product: syz
[ 1137.122135][ T5809] usb 7-1: Manufacturer: syz
[ 1137.122152][ T5809] usb 7-1: SerialNumber: syz
[ 1137.239449][ T5809] usb 7-1: config 0 descriptor??
[ 1137.300392][ T5889] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1137.300489][ T5889] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1137.304974][ T5889] usb 10-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1137.305008][ T5889] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1137.305031][ T5889] usb 10-1: Product: syz
[ 1137.305101][ T5889] usb 10-1: Manufacturer: syz
[ 1137.305119][ T5889] usb 10-1: SerialNumber: syz
[ 1137.445670][ T5889] usb 10-1: config 0 descriptor??
[ 1137.471701][ T5809] ftdi_sio 7-1:0.253: FTDI USB Serial Device converter detected
[ 1137.473593][ T5809] ftdi_sio ttyUSB0: unknown device type: 0xd723
[ 1137.535838][ T5889] streamzap 10-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[ 1137.567819][ T5809] usb 7-1: USB disconnect, device number 31
[ 1137.593541][ T5809] ftdi_sio 7-1:0.253: device disconnected
[ 1137.689926][ T5953] usb 10-1: USB disconnect, device number 25
[ 1137.743992][T17914] FAULT_INJECTION: forcing a failure.
[ 1137.743992][T17914] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1137.744029][T17914] CPU: 1 UID: 0 PID: 17914 Comm: syz.0.3106 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1137.744057][T17914] Tainted: [L]=SOFTLOCKUP
[ 1137.744066][T17914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1137.744078][T17914] Call Trace:
[ 1137.744087][T17914]  <TASK>
[ 1137.744096][T17914]  dump_stack_lvl+0xe8/0x150
[ 1137.744138][T17914]  should_fail_ex+0x46b/0x600
[ 1137.744168][T17914]  prepare_alloc_pages+0x22a/0x6b0
[ 1137.744202][T17914]  __alloc_frozen_pages_noprof+0x12f/0x380
[ 1137.744237][T17914]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1137.744266][T17914]  ? __pfx_policy_nodemask+0x10/0x10
[ 1137.744299][T17914]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1137.744327][T17914]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1137.744358][T17914]  alloc_pages_mpol+0xd1/0x380
[ 1137.744385][T17914]  alloc_pages_noprof+0xce/0x1e0
[ 1137.744429][T17914]  get_free_pages_noprof+0xf/0x80
[ 1137.744457][T17914]  __kasan_populate_vmalloc+0x38/0x1d0
[ 1137.744493][T17914]  ? rt_spin_unlock+0x160/0x200
[ 1137.744518][T17914]  alloc_vmap_area+0xdbc/0x14a0
[ 1137.744559][T17914]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1137.744584][T17914]  ? __kmalloc_cache_node_noprof+0x27d/0x6c0
[ 1137.744610][T17914]  ? __get_vm_area_node+0x171/0x350
[ 1137.744631][T17914]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.744655][T17914]  __get_vm_area_node+0x226/0x350
[ 1137.744684][T17914]  __vmalloc_node_range_noprof+0x372/0x1730
[ 1137.744709][T17914]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.744756][T17914]  ? kernel_text_address+0xa5/0xe0
[ 1137.744782][T17914]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1137.744819][T17914]  ? __lock_acquire+0x6b5/0x2cf0
[ 1137.744856][T17914]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.744876][T17914]  __vmalloc_noprof+0xd2/0x120
[ 1137.744900][T17914]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.744925][T17914]  bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.744952][T17914]  bpf_prog_alloc+0x3c/0x1a0
[ 1137.744977][T17914]  bpf_prog_load+0x7ba/0x1ae0
[ 1137.745014][T17914]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1137.745035][T17914]  ? __might_fault+0xaf/0x130
[ 1137.745079][T17914]  ? bpf_lsm_bpf+0x9/0x20
[ 1137.745106][T17914]  ? security_bpf+0x7e/0x2d0
[ 1137.745132][T17914]  __sys_bpf+0x618/0x950
[ 1137.745169][T17914]  ? __pfx___sys_bpf+0x10/0x10
[ 1137.745200][T17914]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 1137.745239][T17914]  ? ksys_write+0x248/0x270
[ 1137.745264][T17914]  ? __pfx_ksys_write+0x10/0x10
[ 1137.745292][T17914]  __x64_sys_bpf+0x7c/0x90
[ 1137.745325][T17914]  do_syscall_64+0x14d/0xf80
[ 1137.745353][T17914]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1137.745376][T17914]  ? trace_irq_disable+0x37/0x100
[ 1137.745394][T17914]  ? clear_bhb_loop+0x40/0x90
[ 1137.745420][T17914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1137.745442][T17914] RIP: 0033:0x7f1c7cbabf79
[ 1137.745462][T17914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1137.745481][T17914] RSP: 002b:00007f1c7adfe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1137.745505][T17914] RAX: ffffffffffffffda RBX: 00007f1c7ce25fa0 RCX: 00007f1c7cbabf79
[ 1137.745559][T17914] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005
[ 1137.745574][T17914] RBP: 00007f1c7adfe090 R08: 0000000000000000 R09: 0000000000000000
[ 1137.745588][T17914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1137.745602][T17914] R13: 00007f1c7ce26038 R14: 00007f1c7ce25fa0 R15: 00007ffc0b0594d8
[ 1137.745638][T17914]  </TASK>
[ 1137.805317][T17914] warn_alloc: 1 callbacks suppressed
[ 1137.805369][T17914] syz.0.3106: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1137.805503][T17914] CPU: 1 UID: 0 PID: 17914 Comm: syz.0.3106 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1137.805533][T17914] Tainted: [L]=SOFTLOCKUP
[ 1137.805542][T17914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1137.805564][T17914] Call Trace:
[ 1137.805588][T17914]  <TASK>
[ 1137.805611][T17914]  dump_stack_lvl+0xe8/0x150
[ 1137.805716][T17914]  warn_alloc+0x263/0x3e0
[ 1137.805794][T17914]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1137.805899][T17914]  ? __pfx_warn_alloc+0x10/0x10
[ 1137.805975][T17914]  ? __get_vm_area_node+0x23f/0x350
[ 1137.806029][T17914]  ? __get_vm_area_node+0x171/0x350
[ 1137.806102][T17914]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.806167][T17914]  ? __get_vm_area_node+0x23f/0x350
[ 1137.806270][T17914]  __vmalloc_node_range_noprof+0x397/0x1730
[ 1137.806421][T17914]  ? kernel_text_address+0xa5/0xe0
[ 1137.806475][T17914]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1137.806508][T17914]  ? __lock_acquire+0x6b5/0x2cf0
[ 1137.806545][T17914]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.806594][T17914]  __vmalloc_noprof+0xd2/0x120
[ 1137.806644][T17914]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.806710][T17914]  bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1137.806784][T17914]  bpf_prog_alloc+0x3c/0x1a0
[ 1137.806855][T17914]  bpf_prog_load+0x7ba/0x1ae0
[ 1137.806953][T17914]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1137.807018][T17914]  ? __might_fault+0xaf/0x130
[ 1137.807094][T17914]  ? bpf_lsm_bpf+0x9/0x20
[ 1137.807170][T17914]  ? security_bpf+0x7e/0x2d0
[ 1137.807236][T17914]  __sys_bpf+0x618/0x950
[ 1137.807319][T17914]  ? __pfx___sys_bpf+0x10/0x10
[ 1137.807404][T17914]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 1137.807479][T17914]  ? ksys_write+0x248/0x270
[ 1137.807505][T17914]  ? __pfx_ksys_write+0x10/0x10
[ 1137.807536][T17914]  __x64_sys_bpf+0x7c/0x90
[ 1137.807595][T17914]  do_syscall_64+0x14d/0xf80
[ 1137.807678][T17914]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1137.807748][T17914]  ? trace_irq_disable+0x37/0x100
[ 1137.807795][T17914]  ? clear_bhb_loop+0x40/0x90
[ 1137.807873][T17914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1137.807929][T17914] RIP: 0033:0x7f1c7cbabf79
[ 1137.807983][T17914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1137.808036][T17914] RSP: 002b:00007f1c7adfe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1137.808097][T17914] RAX: ffffffffffffffda RBX: 00007f1c7ce25fa0 RCX: 00007f1c7cbabf79
[ 1137.808141][T17914] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005
[ 1137.808182][T17914] RBP: 00007f1c7adfe090 R08: 0000000000000000 R09: 0000000000000000
[ 1137.808229][T17914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1137.808263][T17914] R13: 00007f1c7ce26038 R14: 00007f1c7ce25fa0 R15: 00007ffc0b0594d8
[ 1137.808345][T17914]  </TASK>
[ 1137.841818][T17914] Mem-Info:
[ 1137.841856][T17914] active_anon:281 inactive_anon:11330 isolated_anon:0
[ 1137.841856][T17914]  active_file:25280 inactive_file:35741 isolated_file:0
[ 1137.841856][T17914]  unevictable:768 dirty:438 writeback:0
[ 1137.841856][T17914]  slab_reclaimable:9683 slab_unreclaimable:107899
[ 1137.841856][T17914]  mapped:33233 shmem:4723 pagetables:2133
[ 1137.841856][T17914]  sec_pagetables:3 bounce:0
[ 1137.841856][T17914]  kernel_misc_reclaimable:0
[ 1137.841856][T17914]  free:1099756 free_pcp:9310 free_cma:0
[ 1137.842010][T17914] Node 0 active_anon:1124kB inactive_anon:43936kB active_file:100604kB inactive_file:142964kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:112452kB dirty:1752kB writeback:0kB shmem:17356kB kernel_stack:14356kB pagetables:8164kB sec_pagetables:12kB all_unreclaimable? no Balloon:0kB
[ 1137.842164][T17914] Node 1 active_anon:0kB inactive_anon:1384kB active_file:516kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20480kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:96kB pagetables:368kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1137.842311][T17914] Node 0 DMA free:11252kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[ 1137.842468][T17914] lowmem_reserve[]: 0 2507 2508 2508 2508
[ 1137.842508][T17914] Node 0 DMA32 free:669776kB boost:0kB min:3936kB low:6476kB high:9016kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1124kB inactive_anon:43936kB active_file:100604kB inactive_file:142964kB unevictable:1536kB writepending:1752kB zspages:0kB present:3129332kB managed:2567896kB mlocked:0kB bounce:0kB free_pcp:37196kB local_pcp:5116kB free_cma:0kB
[ 1137.842625][T17914] lowmem_reserve[]: 0 0 0 0 0
[ 1137.842722][T17914] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:720kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB
[ 1137.842892][T17914] lowmem_reserve[]: 0 0 0 0 0
[ 1137.843003][T17914] Node 1 Normal free:3717996kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:1384kB active_file:516kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:0kB free_cma:0kB
[ 1137.861915][T17914] lowmem_reserve[]: 0 0 0 0 0
[ 1137.862044][T17914] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 11252kB
[ 1137.862470][T17914] Node 0 DMA32: 355*4kB (UME) 214*8kB (UME) 788*16kB (UME) 607*32kB (UME) 443*64kB (UME) 332*128kB (UME) 413*256kB (UME) 306*512kB (UME) 186*1024kB (UME) 46*2048kB (UME) 4*4096kB (U) = 669468kB
[ 1137.862821][T17914] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1137.863135][T17914] Node 1 Normal: 171*4kB (UM) 112*8kB (UME) 80*16kB (UME) 82*32kB (UME) 48*64kB (UME) 34*128kB (UM) 23*256kB (UM) 17*512kB (UM) 16*1024kB (UME) 12*2048kB (UME) 891*4096kB (UM) = 3717996kB
[ 1137.863526][T17914] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1137.863546][T17914] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB
[ 1137.863572][T17914] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1137.863617][T17914] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1137.863669][T17914] 65736 total pagecache pages
[ 1137.863694][T17914] 0 pages in swap cache
[ 1137.863715][T17914] Free swap  = 124996kB
[ 1137.863743][T17914] Total swap = 124996kB
[ 1137.863765][T17914] 2097051 pages RAM
[ 1137.863786][T17914] 0 pages HighMem/MovableOnly
[ 1137.863808][T17914] 423282 pages reserved
[ 1137.863821][T17914] 0 pages cma reserved
[ 1139.082590][T17926] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3109'.
[ 1139.356726][T17938] netlink: 'syz.6.3113': attribute type 21 has an invalid length.
[ 1139.356755][T17938] netlink: 128 bytes leftover after parsing attributes in process `syz.6.3113'.
[ 1139.356863][T17938] netlink: 'syz.6.3113': attribute type 5 has an invalid length.
[ 1139.356896][T17938] netlink: 'syz.6.3113': attribute type 6 has an invalid length.
[ 1139.356923][T17938] netlink: 3 bytes leftover after parsing attributes in process `syz.6.3113'.
[ 1139.775836][T17954] IPv6: Can't replace route, no match found
[ 1140.197382][ T5889] usb 7-1: new full-speed USB device number 32 using dummy_hcd
[ 1140.199556][T17969] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3125'.
[ 1140.354191][ T5889] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1140.354228][ T5889] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1140.371537][ T5889] usb 7-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1140.371627][ T5889] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1140.371697][ T5889] usb 7-1: Product: syz
[ 1140.371739][ T5889] usb 7-1: Manufacturer: syz
[ 1140.371782][ T5889] usb 7-1: SerialNumber: syz
[ 1140.450843][ T5889] usb 7-1: config 0 descriptor??
[ 1140.496857][ T5889] streamzap 7-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[ 1140.842717][ T5953] usb 7-1: USB disconnect, device number 32
[ 1141.523365][T17995] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1142.355307][T18006] FAULT_INJECTION: forcing a failure.
[ 1142.355307][T18006] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1142.355350][T18006] CPU: 1 UID: 0 PID: 18006 Comm: syz.6.3133 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1142.355382][T18006] Tainted: [L]=SOFTLOCKUP
[ 1142.355391][T18006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1142.355406][T18006] Call Trace:
[ 1142.355415][T18006]  <TASK>
[ 1142.355426][T18006]  dump_stack_lvl+0xe8/0x150
[ 1142.355467][T18006]  should_fail_ex+0x46b/0x600
[ 1142.355500][T18006]  _copy_from_iter+0x1d3/0x1670
[ 1142.355534][T18006]  ? rcu_is_watching+0x15/0xb0
[ 1142.355575][T18006]  ? __pfx__copy_from_iter+0x10/0x10
[ 1142.355605][T18006]  ? __build_skb_around+0x22d/0x3c0
[ 1142.355642][T18006]  ? __alloc_skb+0x193/0x390
[ 1142.355675][T18006]  ? netlink_sendmsg+0x650/0xb40
[ 1142.355705][T18006]  ? skb_put+0x11b/0x210
[ 1142.355749][T18006]  netlink_sendmsg+0x6c0/0xb40
[ 1142.355787][T18006]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1142.355815][T18006]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1142.355856][T18006]  ____sys_sendmsg+0xa4e/0xac0
[ 1142.355881][T18006]  ? __might_fault+0xaf/0x130
[ 1142.355913][T18006]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1142.355946][T18006]  ? import_iovec+0x73/0xa0
[ 1142.355985][T18006]  ___sys_sendmsg+0x2a5/0x360
[ 1142.356001][T18006]  ? __lock_acquire+0x6b5/0x2cf0
[ 1142.356026][T18006]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1142.356108][T18006]  ? __fget_files+0x2a/0x420
[ 1142.356138][T18006]  ? __fget_files+0x3a6/0x420
[ 1142.356178][T18006]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1142.356202][T18006]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1142.356225][T18006]  ? __pfx_ksys_write+0x10/0x10
[ 1142.356274][T18006]  do_syscall_64+0x14d/0xf80
[ 1142.356305][T18006]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.356328][T18006]  ? trace_irq_disable+0x37/0x100
[ 1142.356347][T18006]  ? clear_bhb_loop+0x40/0x90
[ 1142.356380][T18006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.356402][T18006] RIP: 0033:0x7f2c7894bf79
[ 1142.356422][T18006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1142.356442][T18006] RSP: 002b:00007f2c76ba6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1142.356464][T18006] RAX: ffffffffffffffda RBX: 00007f2c78bc5fa0 RCX: 00007f2c7894bf79
[ 1142.356481][T18006] RDX: 000000000000c004 RSI: 0000200000000180 RDI: 0000000000000003
[ 1142.356496][T18006] RBP: 00007f2c76ba6090 R08: 0000000000000000 R09: 0000000000000000
[ 1142.356510][T18006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1142.356523][T18006] R13: 00007f2c78bc6038 R14: 00007f2c78bc5fa0 R15: 00007ffc38b4be48
[ 1142.356558][T18006]  </TASK>
[ 1142.859069][T18008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3134'.
[ 1143.454510][T18018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3136'.
[ 1143.454537][T18018] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3136'.
[ 1143.651041][T18018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3136'.
[ 1143.651060][T18018] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3136'.
[ 1143.651109][ T3571] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1143.655709][ T3571] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1143.655762][ T3571] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1143.655804][ T3571] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1148.011865][T18064] [U] V�3��Fپ"S��/��4:�XTZ�W�T��LW��=
[ 1148.045154][T18064] [U] J"�E:��"


[ 1148.045201][T18064] FAULT_INJECTION: forcing a failure.
[ 1148.045201][T18064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1148.045227][T18064] CPU: 1 UID: 0 PID: 18064 Comm: syz.0.3148 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1148.045250][T18064] Tainted: [L]=SOFTLOCKUP
[ 1148.045256][T18064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1148.045266][T18064] Call Trace:
[ 1148.045273][T18064]  <TASK>
[ 1148.045281][T18064]  dump_stack_lvl+0xe8/0x150
[ 1148.045309][T18064]  should_fail_ex+0x46b/0x600
[ 1148.045332][T18064]  _copy_to_user+0x31/0xb0
[ 1148.045357][T18064]  simple_read_from_buffer+0xe1/0x170
[ 1148.045383][T18064]  proc_fail_nth_read+0x1be/0x230
[ 1148.045403][T18064]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1148.045423][T18064]  ? rw_verify_area+0x2ac/0x4e0
[ 1148.045448][T18064]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1148.045496][T18064]  vfs_read+0x212/0xa70
[ 1148.045529][T18064]  ? __pfx_vfs_read+0x10/0x10
[ 1148.045554][T18064]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1148.045593][T18064]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1148.045614][T18064]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1148.045635][T18064]  ? mutex_lock_nested+0x152/0x1d0
[ 1148.045650][T18064]  ? fdget_pos+0x252/0x320
[ 1148.045679][T18064]  ksys_read+0x156/0x270
[ 1148.045696][T18064]  ? __pfx_ksys_read+0x10/0x10
[ 1148.045720][T18064]  do_syscall_64+0x14d/0xf80
[ 1148.045741][T18064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1148.045757][T18064]  ? trace_irq_disable+0x37/0x100
[ 1148.045772][T18064]  ? clear_bhb_loop+0x40/0x90
[ 1148.045791][T18064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1148.045807][T18064] RIP: 0033:0x7f1c7cb6c84e
[ 1148.045822][T18064] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1148.045836][T18064] RSP: 002b:00007f1c7adfdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1148.045854][T18064] RAX: ffffffffffffffda RBX: 00007f1c7adfe6c0 RCX: 00007f1c7cb6c84e
[ 1148.045866][T18064] RDX: 000000000000000f RSI: 00007f1c7adfe0a0 RDI: 0000000000000004
[ 1148.045877][T18064] RBP: 00007f1c7adfe090 R08: 0000000000000000 R09: 0000000000000000
[ 1148.045887][T18064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1148.045897][T18064] R13: 00007f1c7ce26038 R14: 00007f1c7ce25fa0 R15: 00007ffc0b0594d8
[ 1148.045922][T18064]  </TASK>
[ 1149.953604][   T10] IPVS: starting estimator thread 0...
[ 1150.037817][T18092] IPVS: using max 11 ests per chain, 26400 per kthread
[ 1151.920094][T18110] FAULT_INJECTION: forcing a failure.
[ 1151.920094][T18110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1151.920124][T18110] CPU: 0 UID: 0 PID: 18110 Comm: syz.0.3157 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1151.920147][T18110] Tainted: [L]=SOFTLOCKUP
[ 1151.920153][T18110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1151.920164][T18110] Call Trace:
[ 1151.920170][T18110]  <TASK>
[ 1151.920178][T18110]  dump_stack_lvl+0xe8/0x150
[ 1151.920206][T18110]  should_fail_ex+0x46b/0x600
[ 1151.920229][T18110]  _copy_to_user+0x31/0xb0
[ 1151.920255][T18110]  simple_read_from_buffer+0xe1/0x170
[ 1151.920281][T18110]  proc_fail_nth_read+0x1be/0x230
[ 1151.920301][T18110]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1151.920321][T18110]  ? rw_verify_area+0x2ac/0x4e0
[ 1151.920346][T18110]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1151.920364][T18110]  vfs_read+0x212/0xa70
[ 1151.920385][T18110]  ? __pfx_vfs_read+0x10/0x10
[ 1151.920402][T18110]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1151.920426][T18110]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1151.920450][T18110]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1151.920471][T18110]  ? mutex_lock_nested+0x152/0x1d0
[ 1151.920486][T18110]  ? fdget_pos+0x252/0x320
[ 1151.920515][T18110]  ksys_read+0x156/0x270
[ 1151.920532][T18110]  ? __pfx_ksys_read+0x10/0x10
[ 1151.920556][T18110]  do_syscall_64+0x14d/0xf80
[ 1151.920577][T18110]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1151.920592][T18110]  ? trace_irq_disable+0x37/0x100
[ 1151.920607][T18110]  ? clear_bhb_loop+0x40/0x90
[ 1151.920626][T18110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1151.920642][T18110] RIP: 0033:0x7f1c7cb6c84e
[ 1151.920656][T18110] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1151.920671][T18110] RSP: 002b:00007f1c7addcfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1151.920688][T18110] RAX: ffffffffffffffda RBX: 00007f1c7addd6c0 RCX: 00007f1c7cb6c84e
[ 1151.920701][T18110] RDX: 000000000000000f RSI: 00007f1c7addd0a0 RDI: 0000000000000005
[ 1151.920711][T18110] RBP: 00007f1c7addd090 R08: 0000000000000000 R09: 0000000000000000
[ 1151.920722][T18110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1151.920732][T18110] R13: 00007f1c7ce26128 R14: 00007f1c7ce26090 R15: 00007ffc0b0594d8
[ 1151.920757][T18110]  </TASK>
[ 1153.036748][T18122] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3161'.
[ 1155.687255][T18148] netlink: 'syz.7.3164': attribute type 21 has an invalid length.
[ 1155.694953][T18150] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3166'.
[ 1156.017604][   T10] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[ 1156.308833][   T10] usb 10-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[ 1156.308864][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1156.308883][   T10] usb 10-1: Product: syz
[ 1156.308896][   T10] usb 10-1: Manufacturer: syz
[ 1156.308910][   T10] usb 10-1: SerialNumber: syz
[ 1156.378082][   T10] usb 10-1: config 0 descriptor??
[ 1156.723320][   T10] usb 10-1: ignoring: probably an ADSL modem
[ 1160.615060][   T10] cxacru 10-1:0.0: usbatm_usb_probe: bind failed: -19!
[ 1160.769656][   T10] usb 10-1: USB disconnect, device number 26
[ 1161.143453][T18172] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3169'.
[ 1161.227581][T18166] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3171'.
[ 1161.566904][T18184] hub 8-0:1.0: USB hub found
[ 1161.580868][T18184] hub 8-0:1.0: 1 port detected
[ 1162.069307][T18189] FAULT_INJECTION: forcing a failure.
[ 1162.069307][T18189] name failslab, interval 1, probability 0, space 0, times 0
[ 1162.069348][T18189] CPU: 0 UID: 0 PID: 18189 Comm: syz.9.3173 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1162.069380][T18189] Tainted: [L]=SOFTLOCKUP
[ 1162.069390][T18189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1162.069404][T18189] Call Trace:
[ 1162.069413][T18189]  <TASK>
[ 1162.069424][T18189]  dump_stack_lvl+0xe8/0x150
[ 1162.069467][T18189]  should_fail_ex+0x46b/0x600
[ 1162.069501][T18189]  should_failslab+0xa8/0x100
[ 1162.069530][T18189]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[ 1162.069556][T18189]  ? __alloc_skb+0x1d7/0x390
[ 1162.069596][T18189]  __alloc_skb+0x1d7/0x390
[ 1162.069634][T18189]  tipc_msg_reverse+0x231/0x8f0
[ 1162.069663][T18189]  ? net_generic+0x1e/0x240
[ 1162.069706][T18189]  tipc_sk_filter_rcv+0x1972/0x32b0
[ 1162.069797][T18189]  ? __pfx_tipc_sk_filter_rcv+0x10/0x10
[ 1162.069821][T18189]  ? __lock_acquire+0x6b5/0x2cf0
[ 1162.069876][T18189]  ? __lock_acquire+0x6b5/0x2cf0
[ 1162.069921][T18189]  tipc_sk_backlog_rcv+0x161/0x290
[ 1162.069951][T18189]  ? __pfx_tipc_sk_backlog_rcv+0x10/0x10
[ 1162.070000][T18189]  ? __local_bh_enable_ip+0x1ae/0x2b0
[ 1162.070030][T18189]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1162.070064][T18189]  ? __pfx_tipc_sk_backlog_rcv+0x10/0x10
[ 1162.070089][T18189]  __release_sock+0x2a9/0x3d0
[ 1162.070118][T18189]  ? __release_sock+0xa4/0x3d0
[ 1162.070147][T18189]  release_sock+0x75/0x210
[ 1162.070178][T18189]  ? release_sock+0x2f/0x210
[ 1162.070211][T18189]  ? tipc_release+0xb88/0x2590
[ 1162.070234][T18189]  tipc_release+0x1af8/0x2590
[ 1162.070266][T18189]  ? tipc_release+0xb88/0x2590
[ 1162.070296][T18189]  ? __pfx_tipc_release+0x10/0x10
[ 1162.070320][T18189]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1162.070352][T18189]  ? rwbase_write_lock+0x568/0x730
[ 1162.070400][T18189]  sock_close+0xc3/0x240
[ 1162.070429][T18189]  ? __pfx_sock_close+0x10/0x10
[ 1162.070457][T18189]  __fput+0x45e/0xa80
[ 1162.070500][T18189]  fput_close_sync+0x11f/0x240
[ 1162.070531][T18189]  ? __pfx_fput_close_sync+0x10/0x10
[ 1162.070577][T18189]  __x64_sys_close+0x7e/0x110
[ 1162.070611][T18189]  do_syscall_64+0x14d/0xf80
[ 1162.070641][T18189]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1162.070664][T18189]  ? trace_irq_disable+0x37/0x100
[ 1162.070684][T18189]  ? clear_bhb_loop+0x40/0x90
[ 1162.070712][T18189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1162.070734][T18189] RIP: 0033:0x7fc84741bf79
[ 1162.070756][T18189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1162.070777][T18189] RSP: 002b:00007fc845676028 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1162.070808][T18189] RAX: ffffffffffffffda RBX: 00007fc847695fa0 RCX: 00007fc84741bf79
[ 1162.070826][T18189] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1162.070841][T18189] RBP: 00007fc845676090 R08: 0000000000000000 R09: 0000000000000000
[ 1162.070856][T18189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1162.070871][T18189] R13: 00007fc847696038 R14: 00007fc847695fa0 R15: 00007ffde9f0a968
[ 1162.070908][T18189]  </TASK>
[ 1162.835647][ T5116] Bluetooth: hci4: unexpected cc 0x0c23 length: 1 < 4
[ 1162.835692][ T5116] Bluetooth: hci4: unexpected event for opcode 0x0c23
[ 1167.321185][T18235] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3183'.
[ 1167.321214][T18235] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3183'.
[ 1167.322135][T18235] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3183'.
[ 1167.322158][T18235] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3183'.
[ 1167.808344][T18242] netlink: 'syz.6.3185': attribute type 16 has an invalid length.
[ 1167.808372][T18242] netlink: 64138 bytes leftover after parsing attributes in process `syz.6.3185'.
[ 1168.268975][T18248] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3188'.
[ 1168.269002][T18248] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3188'.
[ 1168.269342][T18248] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3188'.
[ 1168.269360][T18248] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3188'.
[ 1168.587261][ T5889] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1168.752799][ T5889] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1168.752864][ T5889] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1168.752891][ T5889] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.809437][ T5889] usb 7-1: config 0 descriptor??
[ 1168.862252][T18257] FAULT_INJECTION: forcing a failure.
[ 1168.862252][T18257] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1168.862293][T18257] CPU: 0 UID: 0 PID: 18257 Comm: syz.0.3190 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1168.862325][T18257] Tainted: [L]=SOFTLOCKUP
[ 1168.862334][T18257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1168.862348][T18257] Call Trace:
[ 1168.862356][T18257]  <TASK>
[ 1168.862367][T18257]  dump_stack_lvl+0xe8/0x150
[ 1168.862404][T18257]  should_fail_ex+0x46b/0x600
[ 1168.862441][T18257]  _copy_from_iter+0x1d3/0x1670
[ 1168.862483][T18257]  ? __pfx__copy_from_iter+0x10/0x10
[ 1168.862514][T18257]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[ 1168.862539][T18257]  ? __lock_acquire+0x6b5/0x2cf0
[ 1168.862575][T18257]  ? _parse_integer_limit+0x1ae/0x1f0
[ 1168.862598][T18257]  ? skb_put+0x11b/0x210
[ 1168.862635][T18257]  hci_sock_sendmsg+0x426/0xf40
[ 1168.862672][T18257]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[ 1168.862707][T18257]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1168.862738][T18257]  sock_write_iter+0x509/0x550
[ 1168.862766][T18257]  ? __pfx_sock_write_iter+0x10/0x10
[ 1168.862818][T18257]  vfs_write+0x629/0xba0
[ 1168.862850][T18257]  ? __pfx_vfs_write+0x10/0x10
[ 1168.862882][T18257]  ? __fget_files+0x2a/0x420
[ 1168.862923][T18257]  ksys_write+0x156/0x270
[ 1168.862947][T18257]  ? __pfx_ksys_write+0x10/0x10
[ 1168.862982][T18257]  do_syscall_64+0x14d/0xf80
[ 1168.863012][T18257]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1168.863035][T18257]  ? clear_bhb_loop+0x40/0x90
[ 1168.863063][T18257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1168.863088][T18257] RIP: 0033:0x7f1c7cbabf79
[ 1168.863108][T18257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1168.863128][T18257] RSP: 002b:00007f1c7adfe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1168.863152][T18257] RAX: ffffffffffffffda RBX: 00007f1c7ce25fa0 RCX: 00007f1c7cbabf79
[ 1168.863169][T18257] RDX: 0000000000000006 RSI: 0000200000000000 RDI: 0000000000000004
[ 1168.863182][T18257] RBP: 00007f1c7adfe090 R08: 0000000000000000 R09: 0000000000000000
[ 1168.863197][T18257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1168.863211][T18257] R13: 00007f1c7ce26038 R14: 00007f1c7ce25fa0 R15: 00007ffc0b0594d8
[ 1168.863255][T18257]  </TASK>
[ 1168.929516][ T5889] pwc: Askey VC010 type 2 USB webcam detected.
[ 1169.177365][ T5889] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1169.264850][ T5889] pwc: recv_control_msg error -32 req 02 val 2700
[ 1169.280384][ T5889] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1169.281136][ T5889] pwc: recv_control_msg error -32 req 04 val 1000
[ 1169.281891][ T5889] pwc: recv_control_msg error -32 req 04 val 1300
[ 1169.282766][ T5889] pwc: recv_control_msg error -32 req 04 val 1400
[ 1169.328038][ T5889] pwc: recv_control_msg error -32 req 02 val 2000
[ 1169.375526][ T5889] pwc: recv_control_msg error -32 req 02 val 2100
[ 1169.665753][ T5889] pwc: recv_control_msg error -71 req 04 val 1500
[ 1169.666204][ T5889] pwc: recv_control_msg error -71 req 02 val 2500
[ 1169.666612][ T5889] pwc: recv_control_msg error -71 req 02 val 2400
[ 1169.667979][ T5889] pwc: recv_control_msg error -71 req 02 val 2600
[ 1169.668504][ T5889] pwc: recv_control_msg error -71 req 02 val 2900
[ 1169.671340][ T5889] pwc: recv_control_msg error -71 req 02 val 2800
[ 1169.687328][ T5889] pwc: recv_control_msg error -71 req 04 val 1100
[ 1169.691354][ T5889] pwc: recv_control_msg error -71 req 04 val 1200
[ 1169.827622][ T5889] pwc: Registered as video103.
[ 1169.850485][ T5889] input: PWC snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/input/input27
[ 1169.968784][ T5889] usb 7-1: USB disconnect, device number 33
[ 1170.288109][T18274] FAULT_INJECTION: forcing a failure.
[ 1170.288109][T18274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1170.288150][T18274] CPU: 0 UID: 0 PID: 18274 Comm: syz.6.3192 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1170.288182][T18274] Tainted: [L]=SOFTLOCKUP
[ 1170.288191][T18274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1170.288205][T18274] Call Trace:
[ 1170.288214][T18274]  <TASK>
[ 1170.288225][T18274]  dump_stack_lvl+0xe8/0x150
[ 1170.288263][T18274]  should_fail_ex+0x46b/0x600
[ 1170.288298][T18274]  _copy_from_user+0x2d/0xb0
[ 1170.288331][T18274]  kstrtouint_from_user+0xd6/0x180
[ 1170.288362][T18274]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1170.288408][T18274]  proc_fail_nth_write+0x8e/0x210
[ 1170.288435][T18274]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1170.288471][T18274]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1170.288499][T18274]  vfs_write+0x2a3/0xba0
[ 1170.288531][T18274]  ? __pfx_vfs_write+0x10/0x10
[ 1170.288558][T18274]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1170.288590][T18274]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1170.288619][T18274]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1170.288649][T18274]  ? mutex_lock_nested+0x152/0x1d0
[ 1170.288671][T18274]  ? fdget_pos+0x252/0x320
[ 1170.288713][T18274]  ksys_write+0x156/0x270
[ 1170.288739][T18274]  ? __pfx_ksys_write+0x10/0x10
[ 1170.288774][T18274]  do_syscall_64+0x14d/0xf80
[ 1170.288803][T18274]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.288826][T18274]  ? trace_irq_disable+0x37/0x100
[ 1170.288847][T18274]  ? clear_bhb_loop+0x40/0x90
[ 1170.288875][T18274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.288899][T18274] RIP: 0033:0x7f2c7890c84e
[ 1170.288919][T18274] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1170.288941][T18274] RSP: 002b:00007f2c76ba5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1170.288966][T18274] RAX: ffffffffffffffda RBX: 00007f2c76ba66c0 RCX: 00007f2c7890c84e
[ 1170.288984][T18274] RDX: 0000000000000001 RSI: 00007f2c76ba60a0 RDI: 0000000000000003
[ 1170.288999][T18274] RBP: 00007f2c76ba6090 R08: 0000000000000000 R09: 0000000000000000
[ 1170.289015][T18274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1170.289035][T18274] R13: 00007f2c78bc6038 R14: 00007f2c78bc5fa0 R15: 00007ffc38b4be48
[ 1170.289073][T18274]  </TASK>
[ 1172.751431][T18289] FAULT_INJECTION: forcing a failure.
[ 1172.751431][T18289] name failslab, interval 1, probability 0, space 0, times 0
[ 1172.751538][T18289] CPU: 0 UID: 0 PID: 18289 Comm: syz.4.3184 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1172.751562][T18289] Tainted: [L]=SOFTLOCKUP
[ 1172.751568][T18289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1172.751578][T18289] Call Trace:
[ 1172.751585][T18289]  <TASK>
[ 1172.751592][T18289]  dump_stack_lvl+0xe8/0x150
[ 1172.751620][T18289]  should_fail_ex+0x46b/0x600
[ 1172.751643][T18289]  should_failslab+0xa8/0x100
[ 1172.751664][T18289]  __kmalloc_cache_noprof+0x84/0x690
[ 1172.751683][T18289]  ? snd_pcm_oss_change_params_locked+0x175/0x3e00
[ 1172.751711][T18289]  snd_pcm_oss_change_params_locked+0x175/0x3e00
[ 1172.751735][T18289]  ? __lock_acquire+0x6b5/0x2cf0
[ 1172.751776][T18289]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1172.751977][T18289]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1172.752001][T18289]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1172.752023][T18289]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1172.752045][T18289]  ? mutex_lock_interruptible_nested+0x152/0x1d0
[ 1172.752064][T18289]  ? snd_pcm_oss_post+0x106/0x3d0
[ 1172.752091][T18289]  snd_pcm_oss_post+0x165/0x3d0
[ 1172.752119][T18289]  snd_pcm_oss_ioctl+0x834/0xe00
[ 1172.752143][T18289]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 1172.752165][T18289]  __se_sys_ioctl+0xff/0x170
[ 1172.752186][T18289]  do_syscall_64+0x14d/0xf80
[ 1172.752208][T18289]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.752224][T18289]  ? trace_irq_disable+0x37/0x100
[ 1172.752238][T18289]  ? clear_bhb_loop+0x40/0x90
[ 1172.752258][T18289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.752275][T18289] RIP: 0033:0x7f039393bf79
[ 1172.752290][T18289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1172.752304][T18289] RSP: 002b:00007f0391b8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1172.752322][T18289] RAX: ffffffffffffffda RBX: 00007f0393bb5fa0 RCX: 00007f039393bf79
[ 1172.752334][T18289] RDX: 0000000000000000 RSI: 0000000000005008 RDI: 0000000000000003
[ 1172.752344][T18289] RBP: 00007f0391b8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1172.752355][T18289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1172.752365][T18289] R13: 00007f0393bb6038 R14: 00007f0393bb5fa0 R15: 00007ffd997f1ec8
[ 1172.752390][T18289]  </TASK>
[ 1173.897795][ T9716] usb 7-1: new full-speed USB device number 34 using dummy_hcd
[ 1174.051351][ T9716] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1174.051391][ T9716] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1174.109531][ T9716] usb 7-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1174.109569][ T9716] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1174.109585][ T9716] usb 7-1: Product: syz
[ 1174.109597][ T9716] usb 7-1: Manufacturer: syz
[ 1174.109608][ T9716] usb 7-1: SerialNumber: syz
[ 1174.134169][ T9716] usb 7-1: config 0 descriptor??
[ 1174.290367][ T9716] streamzap 7-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[ 1174.677921][ T9716] usb 7-1: USB disconnect, device number 34
[ 1175.183994][T18336] 9p: Bad value for 'rfdno'
[ 1177.005134][T18357] FAULT_INJECTION: forcing a failure.
[ 1177.005134][T18357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1177.005174][T18357] CPU: 0 UID: 0 PID: 18357 Comm: syz.0.3208 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1177.005206][T18357] Tainted: [L]=SOFTLOCKUP
[ 1177.005214][T18357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1177.005228][T18357] Call Trace:
[ 1177.005237][T18357]  <TASK>
[ 1177.005248][T18357]  dump_stack_lvl+0xe8/0x150
[ 1177.005284][T18357]  should_fail_ex+0x46b/0x600
[ 1177.005317][T18357]  _copy_from_user+0x2d/0xb0
[ 1177.005350][T18357]  ? __pfx_drm_mode_destroy_dumb_ioctl+0x10/0x10
[ 1177.005381][T18357]  drm_ioctl+0x5d0/0xb80
[ 1177.005406][T18357]  ? smk_tskacc+0x311/0x3a0
[ 1177.005446][T18357]  ? __pfx_drm_mode_destroy_dumb_ioctl+0x10/0x10
[ 1177.005483][T18357]  ? __pfx_drm_ioctl+0x10/0x10
[ 1177.005519][T18357]  ? __fget_files+0x2a/0x420
[ 1177.005553][T18357]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1177.005580][T18357]  ? __pfx_drm_ioctl+0x10/0x10
[ 1177.005606][T18357]  __se_sys_ioctl+0xff/0x170
[ 1177.005633][T18357]  do_syscall_64+0x14d/0xf80
[ 1177.005665][T18357]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1177.005687][T18357]  ? trace_irq_disable+0x37/0x100
[ 1177.005706][T18357]  ? clear_bhb_loop+0x40/0x90
[ 1177.005743][T18357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1177.005764][T18357] RIP: 0033:0x7f1c7cbabf79
[ 1177.005784][T18357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1177.005804][T18357] RSP: 002b:00007f1c7addd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1177.005827][T18357] RAX: ffffffffffffffda RBX: 00007f1c7ce26090 RCX: 00007f1c7cbabf79
[ 1177.005844][T18357] RDX: 0000200000000180 RSI: 00000000c00464b4 RDI: 0000000000000003
[ 1177.005860][T18357] RBP: 00007f1c7addd090 R08: 0000000000000000 R09: 0000000000000000
[ 1177.005875][T18357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1177.005889][T18357] R13: 00007f1c7ce26128 R14: 00007f1c7ce26090 R15: 00007ffc0b0594d8
[ 1177.005925][T18357]  </TASK>
[ 1177.609590][ T9703] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1177.989029][ T9703] usb 7-1: Using ep0 maxpacket: 16
[ 1178.130121][ T9703] usb 7-1: config 0 has no interfaces?
[ 1178.274620][ T9703] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1178.274647][ T9703] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1178.274663][ T9703] usb 7-1: Manufacturer: syz
[ 1178.319120][ T9703] usb 7-1: config 0 descriptor??
[ 1181.185941][T18391] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3216'.
[ 1181.200352][T18391] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3216'.
[ 1182.367266][ T9703] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[ 1182.526294][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1182.526372][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1182.581801][ T9703] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1182.581831][ T9703] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 1182.581872][ T9703] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1182.581898][ T9703] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1185.745945][ T5889] usb 5-1: USB disconnect, device number 37
[ 1186.432309][T18437] FAULT_INJECTION: forcing a failure.
[ 1186.432309][T18437] name failslab, interval 1, probability 0, space 0, times 0
[ 1186.432352][T18437] CPU: 0 UID: 0 PID: 18437 Comm: syz.0.3229 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1186.432383][T18437] Tainted: [L]=SOFTLOCKUP
[ 1186.432392][T18437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1186.432406][T18437] Call Trace:
[ 1186.432415][T18437]  <TASK>
[ 1186.432425][T18437]  dump_stack_lvl+0xe8/0x150
[ 1186.432468][T18437]  should_fail_ex+0x46b/0x600
[ 1186.432501][T18437]  should_failslab+0xa8/0x100
[ 1186.432529][T18437]  __kmalloc_noprof+0xdf/0x7b0
[ 1186.432554][T18437]  ? iter_file_splice_write+0x1d7/0x1100
[ 1186.432591][T18437]  iter_file_splice_write+0x1d7/0x1100
[ 1186.432622][T18437]  ? __lock_acquire+0x6b5/0x2cf0
[ 1186.432665][T18437]  ? atime_needs_update+0x3ac/0x6d0
[ 1186.432711][T18437]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1186.432743][T18437]  ? direct_splice_actor+0x49/0x160
[ 1186.432774][T18437]  ? direct_splice_actor+0x49/0x160
[ 1186.432822][T18437]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1186.432856][T18437]  direct_splice_actor+0x104/0x160
[ 1186.432900][T18437]  splice_direct_to_actor+0x545/0xc80
[ 1186.432944][T18437]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1186.432984][T18437]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1186.433027][T18437]  do_splice_direct+0x19b/0x2a0
[ 1186.433057][T18437]  ? vfs_copy_file_range+0x9bb/0x1390
[ 1186.433089][T18437]  ? __pfx_do_splice_direct+0x10/0x10
[ 1186.433121][T18437]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1186.433168][T18437]  vfs_copy_file_range+0xb20/0x1390
[ 1186.433214][T18437]  ? __pfx_vfs_copy_file_range+0x10/0x10
[ 1186.433259][T18437]  __se_sys_copy_file_range+0x2fb/0x480
[ 1186.433288][T18437]  ? fput+0xa0/0xd0
[ 1186.433329][T18437]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[ 1186.433360][T18437]  ? __pfx_ksys_write+0x10/0x10
[ 1186.433389][T18437]  ? __x64_sys_copy_file_range+0x21/0xf0
[ 1186.433420][T18437]  do_syscall_64+0x14d/0xf80
[ 1186.433451][T18437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1186.433473][T18437]  ? trace_irq_disable+0x37/0x100
[ 1186.433493][T18437]  ? clear_bhb_loop+0x40/0x90
[ 1186.433522][T18437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1186.433545][T18437] RIP: 0033:0x7f1c7cbabf79
[ 1186.433566][T18437] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1186.433587][T18437] RSP: 002b:00007f1c7adfe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[ 1186.433612][T18437] RAX: ffffffffffffffda RBX: 00007f1c7ce25fa0 RCX: 00007f1c7cbabf79
[ 1186.433629][T18437] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003
[ 1186.433644][T18437] RBP: 00007f1c7adfe090 R08: 0000000000000007 R09: 0000000000000000
[ 1186.433659][T18437] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[ 1186.433675][T18437] R13: 00007f1c7ce26038 R14: 00007f1c7ce25fa0 R15: 00007ffc0b0594d8
[ 1186.433718][T18437]  </TASK>
[ 1186.784645][T18439] loop5: detected capacity change from 0 to 7
[ 1186.855799][T18439] Dev loop5: unable to read RDB block 7
[ 1186.855859][T18439]  loop5: unable to read partition table
[ 1186.856087][T18439] loop5: partition table beyond EOD, truncated
[ 1186.856132][T18439] loop_reread_partitions: partition scan of loop5 (�被x������ ) failed (rc=-5)
[ 1187.117380][T18442] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1187.146945][T18443] iommufd_mock iommufd_mock0: Adding to iommu group 1
[ 1187.256339][T18448] FAULT_INJECTION: forcing a failure.
[ 1187.256339][T18448] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1187.256378][T18448] CPU: 0 UID: 0 PID: 18448 Comm: syz.4.3232 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1187.256409][T18448] Tainted: [L]=SOFTLOCKUP
[ 1187.256417][T18448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1187.256433][T18448] Call Trace:
[ 1187.256447][T18448]  <TASK>
[ 1187.256457][T18448]  dump_stack_lvl+0xe8/0x150
[ 1187.256494][T18448]  should_fail_ex+0x46b/0x600
[ 1187.256527][T18448]  _copy_from_user+0x2d/0xb0
[ 1187.256559][T18448]  ip6gre_tunnel_siocdevprivate+0x1fb/0x720
[ 1187.256603][T18448]  ? __pfx_ip6gre_tunnel_siocdevprivate+0x10/0x10
[ 1187.256662][T18448]  ? full_name_hash+0x92/0xe0
[ 1187.256701][T18448]  dev_ifsioc+0xba6/0x1280
[ 1187.256740][T18448]  dev_ioctl+0x84c/0x1150
[ 1187.256793][T18448]  sock_ioctl+0x762/0x7f0
[ 1187.256824][T18448]  ? __pfx_sock_ioctl+0x10/0x10
[ 1187.256860][T18448]  ? __fget_files+0x3a6/0x420
[ 1187.256890][T18448]  ? __fget_files+0x2a/0x420
[ 1187.256927][T18448]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1187.256956][T18448]  ? __pfx_sock_ioctl+0x10/0x10
[ 1187.256983][T18448]  __se_sys_ioctl+0xff/0x170
[ 1187.257009][T18448]  do_syscall_64+0x14d/0xf80
[ 1187.257037][T18448]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.257058][T18448]  ? trace_irq_disable+0x37/0x100
[ 1187.257078][T18448]  ? clear_bhb_loop+0x40/0x90
[ 1187.257105][T18448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.257127][T18448] RIP: 0033:0x7f039393bf79
[ 1187.257146][T18448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1187.257165][T18448] RSP: 002b:00007f0391b8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1187.257189][T18448] RAX: ffffffffffffffda RBX: 00007f0393bb5fa0 RCX: 00007f039393bf79
[ 1187.257206][T18448] RDX: 0000200000000000 RSI: 00000000000089f1 RDI: 0000000000000003
[ 1187.257222][T18448] RBP: 00007f0391b8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1187.257237][T18448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1187.257251][T18448] R13: 00007f0393bb6038 R14: 00007f0393bb5fa0 R15: 00007ffd997f1ec8
[ 1187.257288][T18448]  </TASK>
[ 1187.527639][ T5889] usb 7-1: USB disconnect, device number 35
[ 1188.000020][T18461] usb usb8: usbfs: process 18461 (syz.7.3235) did not claim interface 0 before use
[ 1188.412904][T18462] binder: BINDER_SET_CONTEXT_MGR already set
[ 1188.412923][T18462] binder: 18457:18462 ioctl 4018620d 200000004a80 returned -16
[ 1195.255646][   T10] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[ 1195.437226][   T10] usb 8-1: device descriptor read/64, error -71
[ 1195.697271][   T10] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[ 1195.847262][   T10] usb 8-1: device descriptor read/64, error -71
[ 1195.958065][   T10] usb usb8-port1: attempt power cycle
[ 1196.837812][ T9703] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[ 1196.992163][ T9703] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1196.992201][ T9703] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1196.993533][ T9703] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1196.993564][ T9703] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1196.993586][ T9703] usb 7-1: Manufacturer: syz
[ 1197.044959][ T9703] usb 7-1: config 0 descriptor??
[ 1197.107205][   T10] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[ 1197.134259][   T10] usb 8-1: Using ep0 maxpacket: 16
[ 1197.155820][   T10] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1197.155855][   T10] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1197.155941][   T10] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1197.190184][   T10] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 1197.190598][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1197.190623][   T10] usb 8-1: Product: syz
[ 1197.190640][   T10] usb 8-1: Manufacturer: syz
[ 1197.190656][   T10] usb 8-1: SerialNumber: syz
[ 1197.251537][   T10] usb 8-1: config 0 descriptor??
[ 1197.281016][T18524] FAULT_INJECTION: forcing a failure.
[ 1197.281016][T18524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1197.281060][T18524] CPU: 1 UID: 0 PID: 18524 Comm: syz.9.3248 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1197.281092][T18524] Tainted: [L]=SOFTLOCKUP
[ 1197.281101][T18524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1197.281116][T18524] Call Trace:
[ 1197.281125][T18524]  <TASK>
[ 1197.281136][T18524]  dump_stack_lvl+0xe8/0x150
[ 1197.281176][T18524]  should_fail_ex+0x46b/0x600
[ 1197.281210][T18524]  _copy_from_user+0x2d/0xb0
[ 1197.281245][T18524]  __copy_msghdr+0x3c5/0x5b0
[ 1197.281273][T18524]  ___sys_sendmsg+0x213/0x360
[ 1197.281293][T18524]  ? __lock_acquire+0x6b5/0x2cf0
[ 1197.281352][T18524]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1197.281414][T18524]  ? __fget_files+0x2a/0x420
[ 1197.281447][T18524]  ? __fget_files+0x3a6/0x420
[ 1197.281490][T18524]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1197.281517][T18524]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1197.281552][T18524]  ? __pfx_ksys_write+0x10/0x10
[ 1197.281586][T18524]  do_syscall_64+0x14d/0xf80
[ 1197.281619][T18524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.281635][T18524]  ? trace_irq_disable+0x37/0x100
[ 1197.281650][T18524]  ? clear_bhb_loop+0x40/0x90
[ 1197.281692][T18524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.281716][T18524] RIP: 0033:0x7fc84741bf79
[ 1197.281737][T18524] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1197.281756][T18524] RSP: 002b:00007fc845676028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1197.281778][T18524] RAX: ffffffffffffffda RBX: 00007fc847695fa0 RCX: 00007fc84741bf79
[ 1197.281801][T18524] RDX: 0000000020008060 RSI: 0000200000000000 RDI: 0000000000000004
[ 1197.281812][T18524] RBP: 00007fc845676090 R08: 0000000000000000 R09: 0000000000000000
[ 1197.281822][T18524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1197.281849][T18524] R13: 00007fc847696038 R14: 00007fc847695fa0 R15: 00007ffde9f0a968
[ 1197.281886][T18524]  </TASK>
[ 1197.510208][T18527] FAULT_INJECTION: forcing a failure.
[ 1197.510208][T18527] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1197.510249][T18527] CPU: 1 UID: 0 PID: 18527 Comm: syz.0.3249 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1197.510281][T18527] Tainted: [L]=SOFTLOCKUP
[ 1197.510290][T18527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1197.510305][T18527] Call Trace:
[ 1197.510315][T18527]  <TASK>
[ 1197.510325][T18527]  dump_stack_lvl+0xe8/0x150
[ 1197.510362][T18527]  should_fail_ex+0x46b/0x600
[ 1197.510395][T18527]  _copy_from_iter+0x1d3/0x1670
[ 1197.510428][T18527]  ? rcu_is_watching+0x15/0xb0
[ 1197.510470][T18527]  ? __pfx__copy_from_iter+0x10/0x10
[ 1197.510500][T18527]  ? __build_skb_around+0x22d/0x3c0
[ 1197.510538][T18527]  ? __alloc_skb+0x193/0x390
[ 1197.510572][T18527]  ? netlink_sendmsg+0x650/0xb40
[ 1197.510601][T18527]  ? skb_put+0x11b/0x210
[ 1197.510637][T18527]  netlink_sendmsg+0x6c0/0xb40
[ 1197.510676][T18527]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1197.510718][T18527]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1197.510748][T18527]  ____sys_sendmsg+0xa4e/0xac0
[ 1197.510772][T18527]  ? __might_fault+0xaf/0x130
[ 1197.510804][T18527]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1197.510837][T18527]  ? import_iovec+0x73/0xa0
[ 1197.510873][T18527]  ___sys_sendmsg+0x2a5/0x360
[ 1197.510895][T18527]  ? __lock_acquire+0x6b5/0x2cf0
[ 1197.510946][T18527]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1197.511013][T18527]  ? __fget_files+0x2a/0x420
[ 1197.511044][T18527]  ? __fget_files+0x3a6/0x420
[ 1197.511088][T18527]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1197.511115][T18527]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1197.511150][T18527]  ? __pfx_ksys_write+0x10/0x10
[ 1197.511187][T18527]  do_syscall_64+0x14d/0xf80
[ 1197.511217][T18527]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.511240][T18527]  ? trace_irq_disable+0x37/0x100
[ 1197.511260][T18527]  ? clear_bhb_loop+0x40/0x90
[ 1197.511287][T18527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.511309][T18527] RIP: 0033:0x7f1c7cbabf79
[ 1197.511330][T18527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1197.511350][T18527] RSP: 002b:00007f1c7adfe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1197.511376][T18527] RAX: ffffffffffffffda RBX: 00007f1c7ce25fa0 RCX: 00007f1c7cbabf79
[ 1197.511392][T18527] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1197.511408][T18527] RBP: 00007f1c7adfe090 R08: 0000000000000000 R09: 0000000000000000
[ 1197.511423][T18527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1197.511437][T18527] R13: 00007f1c7ce26038 R14: 00007f1c7ce25fa0 R15: 00007ffc0b0594d8
[ 1197.511474][T18527]  </TASK>
[ 1197.800168][   T10] usb 8-1: USB disconnect, device number 35
[ 1199.487848][ T9703] input: syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.001C/input/input28
[ 1200.472417][T18530] Bluetooth: hci1: command 0x0406 tx timeout
[ 1200.601422][ T9703] input: syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.001C/input/input29
[ 1200.697526][T14229] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[ 1200.754042][T18540] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3254'.
[ 1200.801210][ T9703] input: syz Touch Strip as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.001C/input/input30
[ 1200.850980][T14229] usb 8-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1200.851013][T14229] usb 8-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 1200.851053][T14229] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1200.851079][T14229] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1200.957287][ T9703] input: syz Dial as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.001C/input/input31
[ 1201.165979][ T9703] uclogic 0003:256C:006D.001C: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.6-1/input0
[ 1201.216524][ T9703] usb 7-1: USB disconnect, device number 36
[ 1202.459706][T18554] CUSE: unknown device info "�x�KJ+��ۤ2Lh��nL�1���8���0���(�3նi�"
[ 1202.459730][T18554] CUSE: unknown device info "ٮ,��
�<�_e�F��"
[ 1202.459742][T18554] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1202.459753][T18554] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4��\N���4��"
[ 1202.459768][T18554] CUSE: unknown device info "��
[ 1202.459768][T18554] f����z��X�S!
[ 1202.459768][T18554] �A�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�dY0��|M?2J��I�v�^
R�@��"
[ 1202.459784][T18554] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M��_��@�/��V�����{���"
[ 1202.459800][T18554] CUSE: unknown device info "��wlU~���V�߶�ݸFs�X�,x�k��q��/�Q]�3��H"
[ 1202.459813][T18554] CUSE: zero length info key specified
[ 1203.098550][T18552] fido_id[18552]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/7-1/report_descriptor': No such file or directory
[ 1203.358818][T14229] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[ 1203.580196][T14229] usb 5-1: Using ep0 maxpacket: 8
[ 1203.580526][ T5889] usb 8-1: USB disconnect, device number 36
[ 1203.599554][T14229] usb 5-1: config index 0 descriptor too short (expected 30, got 18)
[ 1203.615625][T14229] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1203.615659][T14229] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1203.615682][T14229] usb 5-1: Product: syz
[ 1203.615699][T14229] usb 5-1: Manufacturer: syz
[ 1203.615715][T14229] usb 5-1: SerialNumber: syz
[ 1203.774915][T14229] usb 5-1: config 0 descriptor??
[ 1203.906766][T14229] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1203.906833][T14229] usb 5-1: setting power ON
[ 1203.934440][T14229] dvb-usb: bulk message failed: -22 (2/0)
[ 1204.094645][T14229] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1204.113037][T14229] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1204.113103][T14229] usb 5-1: media controller created
[ 1204.155282][T18579] mmap: syz.7.3261 (18579) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1204.341890][T14229] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1204.490564][T14229] usb 5-1: selecting invalid altsetting 6
[ 1204.490590][T14229] usb 5-1: digital interface selection failed (-22)
[ 1204.490609][T14229] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1204.524036][T14229] usb 5-1: setting power OFF
[ 1204.524460][T14229] dvb-usb: bulk message failed: -22 (2/0)
[ 1204.524485][T14229] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1204.524501][T14229] (NULL device *): no alternate interface
[ 1204.813576][T14229] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 1204.859884][T14229] usb 5-1: USB disconnect, device number 38
[ 1205.548851][T18600] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1208.330390][T18619] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1209.184347][T18628] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3255'.
[ 1210.148351][T18639] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3271'.
[ 1211.032709][T18656] kAFS: unable to lookup cell ''
[ 1214.023925][T18679] FAULT_INJECTION: forcing a failure.
[ 1214.023925][T18679] name failslab, interval 1, probability 0, space 0, times 0
[ 1214.023968][T18679] CPU: 1 UID: 0 PID: 18679 Comm: syz.9.3279 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1214.023998][T18679] Tainted: [L]=SOFTLOCKUP
[ 1214.024007][T18679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1214.024021][T18679] Call Trace:
[ 1214.024031][T18679]  <TASK>
[ 1214.024042][T18679]  dump_stack_lvl+0xe8/0x150
[ 1214.024080][T18679]  should_fail_ex+0x46b/0x600
[ 1214.024113][T18679]  should_failslab+0xa8/0x100
[ 1214.024139][T18679]  kmem_cache_alloc_noprof+0x87/0x680
[ 1214.024163][T18679]  ? skb_clone+0x212/0x3a0
[ 1214.024192][T18679]  skb_clone+0x212/0x3a0
[ 1214.024220][T18679]  __netlink_deliver_tap+0x404/0x850
[ 1214.024265][T18679]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1214.024296][T18679]  netlink_deliver_tap+0x19c/0x1b0
[ 1214.024327][T18679]  netlink_unicast+0x805/0x9f0
[ 1214.024364][T18679]  ? __pfx_netlink_unicast+0x10/0x10
[ 1214.024388][T18679]  ? __alloc_skb+0x193/0x390
[ 1214.024420][T18679]  ? netlink_sendmsg+0x650/0xb40
[ 1214.024447][T18679]  ? skb_put+0x11b/0x210
[ 1214.024483][T18679]  netlink_sendmsg+0x813/0xb40
[ 1214.024521][T18679]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1214.024567][T18679]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1214.024596][T18679]  ____sys_sendmsg+0xa4e/0xac0
[ 1214.024619][T18679]  ? __might_fault+0xaf/0x130
[ 1214.024650][T18679]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1214.024683][T18679]  ? import_iovec+0x73/0xa0
[ 1214.024717][T18679]  ___sys_sendmsg+0x2a5/0x360
[ 1214.024738][T18679]  ? __lock_acquire+0x6b5/0x2cf0
[ 1214.024773][T18679]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1214.024834][T18679]  ? __fget_files+0x2a/0x420
[ 1214.024864][T18679]  ? __fget_files+0x3a6/0x420
[ 1214.024906][T18679]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1214.024932][T18679]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1214.024966][T18679]  ? __pfx_ksys_write+0x10/0x10
[ 1214.025001][T18679]  do_syscall_64+0x14d/0xf80
[ 1214.025030][T18679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.025051][T18679]  ? trace_irq_disable+0x37/0x100
[ 1214.025071][T18679]  ? clear_bhb_loop+0x40/0x90
[ 1214.025098][T18679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.025120][T18679] RIP: 0033:0x7fc84741bf79
[ 1214.025141][T18679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1214.025160][T18679] RSP: 002b:00007fc845655028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1214.025184][T18679] RAX: ffffffffffffffda RBX: 00007fc847696090 RCX: 00007fc84741bf79
[ 1214.025200][T18679] RDX: 0000000004000080 RSI: 00002000000000c0 RDI: 0000000000000005
[ 1214.025217][T18679] RBP: 00007fc845655090 R08: 0000000000000000 R09: 0000000000000000
[ 1214.025231][T18679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1214.025246][T18679] R13: 00007fc847696128 R14: 00007fc847696090 R15: 00007ffde9f0a968
[ 1214.025281][T18679]  </TASK>
[ 1214.682211][T18686] FAULT_INJECTION: forcing a failure.
[ 1214.682211][T18686] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1214.682253][T18686] CPU: 1 UID: 0 PID: 18686 Comm: syz.7.3282 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1214.682285][T18686] Tainted: [L]=SOFTLOCKUP
[ 1214.682294][T18686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1214.682308][T18686] Call Trace:
[ 1214.682317][T18686]  <TASK>
[ 1214.682328][T18686]  dump_stack_lvl+0xe8/0x150
[ 1214.682367][T18686]  should_fail_ex+0x46b/0x600
[ 1214.682401][T18686]  _copy_from_iter+0x1d3/0x1670
[ 1214.682436][T18686]  ? rcu_is_watching+0x15/0xb0
[ 1214.682476][T18686]  ? __pfx__copy_from_iter+0x10/0x10
[ 1214.682513][T18686]  ? __build_skb_around+0x22d/0x3c0
[ 1214.682550][T18686]  ? __alloc_skb+0x193/0x390
[ 1214.682584][T18686]  ? netlink_sendmsg+0x650/0xb40
[ 1214.682614][T18686]  ? skb_put+0x11b/0x210
[ 1214.682653][T18686]  netlink_sendmsg+0x6c0/0xb40
[ 1214.682703][T18686]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1214.682743][T18686]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1214.682774][T18686]  ____sys_sendmsg+0xa4e/0xac0
[ 1214.682797][T18686]  ? __might_fault+0xaf/0x130
[ 1214.682831][T18686]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1214.682865][T18686]  ? import_iovec+0x73/0xa0
[ 1214.682902][T18686]  ___sys_sendmsg+0x2a5/0x360
[ 1214.682923][T18686]  ? __lock_acquire+0x6b5/0x2cf0
[ 1214.682965][T18686]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1214.683027][T18686]  ? __fget_files+0x2a/0x420
[ 1214.683057][T18686]  ? __fget_files+0x3a6/0x420
[ 1214.683101][T18686]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1214.683128][T18686]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1214.683162][T18686]  ? __pfx_ksys_write+0x10/0x10
[ 1214.683198][T18686]  do_syscall_64+0x14d/0xf80
[ 1214.683228][T18686]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.683251][T18686]  ? trace_irq_disable+0x37/0x100
[ 1214.683272][T18686]  ? clear_bhb_loop+0x40/0x90
[ 1214.683300][T18686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.683323][T18686] RIP: 0033:0x7f0b42d4bf79
[ 1214.683344][T18686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1214.683366][T18686] RSP: 002b:00007f0b40fa6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1214.683391][T18686] RAX: ffffffffffffffda RBX: 00007f0b42fc5fa0 RCX: 00007f0b42d4bf79
[ 1214.683410][T18686] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[ 1214.683425][T18686] RBP: 00007f0b40fa6090 R08: 0000000000000000 R09: 0000000000000000
[ 1214.683441][T18686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1214.683456][T18686] R13: 00007f0b42fc6038 R14: 00007f0b42fc5fa0 R15: 00007ffeda14bb98
[ 1214.683500][T18686]  </TASK>
[ 1214.793753][T18677] Can't find ip_set type hash:m
[ 1215.553503][T18699] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1215.587202][T18558] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[ 1215.737311][T18558] usb 8-1: Using ep0 maxpacket: 32
[ 1215.740910][T18558] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1215.740953][T18558] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 1215.741001][T18558] usb 8-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[ 1215.742043][T18558] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1215.819034][T18558] usb 8-1: config 0 descriptor??
[ 1216.291276][T18558] magicmouse 0003:05AC:0269.001D: unbalanced collection at end of report description
[ 1216.295244][T18558] magicmouse 0003:05AC:0269.001D: magicmouse hid parse failed
[ 1216.295372][T18558] magicmouse 0003:05AC:0269.001D: probe with driver magicmouse failed with error -22
[ 1216.719080][ T5889] usb 8-1: USB disconnect, device number 37
[ 1217.347389][T18558] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1218.384881][T18558] usb 10-1: device descriptor read/64, error -71
[ 1218.705550][ T9703] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[ 1219.239305][T18558] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[ 1220.104691][ T9703] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1220.255419][T18737] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1221.089592][ T9703] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1221.089627][ T9703] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1221.243645][ T9703] usb 5-1: can't set config #1, error -71
[ 1221.257727][ T9703] usb 5-1: USB disconnect, device number 39
[ 1221.265600][T18583] udevd[18583]: setting mode of /dev/bus/usb/005/039 to 020664 failed: No such file or directory
[ 1221.265739][T18583] udevd[18583]: setting owner of /dev/bus/usb/005/039 to uid=0, gid=0 failed: No such file or directory
[ 1222.213823][T18763] netlink: 'syz.6.3299': attribute type 1 has an invalid length.
[ 1222.213885][T18763] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3299'.
[ 1225.146923][T18784] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1225.709322][T18787] ieee802154 phy0 wpan0: encryption failed: -22
[ 1229.390007][T14229] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[ 1229.558670][T14229] usb 10-1: Using ep0 maxpacket: 16
[ 1229.564595][T14229] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1229.564664][T14229] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1229.564697][T14229] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1229.564721][T14229] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1229.564747][T14229] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1229.612205][T14229] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1229.612311][T14229] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1229.612376][T14229] usb 10-1: Manufacturer: syz
[ 1229.675424][T14229] usb 10-1: config 0 descriptor??
[ 1229.702945][T18818] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3297'.
[ 1230.127119][T14229] rc_core: IR keymap rc-hauppauge not found
[ 1230.127141][T14229] Registered IR keymap rc-empty
[ 1230.127304][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.147909][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.172610][T14229] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0
[ 1230.176040][T14229] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input33
[ 1230.219681][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.244323][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.267813][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.287300][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.307352][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.327347][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.347382][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.367327][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.397401][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.417352][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1230.481148][T14229] mceusb 10-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1230.481177][T14229] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1230.529109][T14229] usb 10-1: USB disconnect, device number 29
[ 1232.409233][T18839] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1236.957190][T18855] vlan0: entered promiscuous mode
[ 1237.288227][T18866] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1238.625632][T18872] FAULT_INJECTION: forcing a failure.
[ 1238.625632][T18872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1238.625674][T18872] CPU: 1 UID: 0 PID: 18872 Comm: syz.4.3321 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1238.625705][T18872] Tainted: [L]=SOFTLOCKUP
[ 1238.625713][T18872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1238.625726][T18872] Call Trace:
[ 1238.625735][T18872]  <TASK>
[ 1238.625747][T18872]  dump_stack_lvl+0xe8/0x150
[ 1238.625784][T18872]  should_fail_ex+0x46b/0x600
[ 1238.625817][T18872]  _copy_from_user+0x2d/0xb0
[ 1238.625850][T18872]  binder_ioctl_write_read+0xadd/0xa3c0
[ 1238.625890][T18872]  ? is_bpf_text_address+0x26/0x2b0
[ 1238.625932][T18872]  ? __kernel_text_address+0xd/0x30
[ 1238.625974][T18872]  ? __pfx_binder_ioctl_write_read+0x10/0x10
[ 1238.626013][T18872]  ? stack_depot_save_flags+0x33/0x810
[ 1238.626051][T18872]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1238.626101][T18872]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1238.626127][T18872]  ? reacquire_held_locks+0x104/0x190
[ 1238.626161][T18872]  ? rt_spin_lock+0x1e0/0x400
[ 1238.626186][T18872]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1238.626214][T18872]  ? rt_spin_unlock+0x14f/0x200
[ 1238.626247][T18872]  ? binder_get_thread+0x177/0x6d0
[ 1238.626295][T18872]  binder_ioctl+0x420/0x1ab0
[ 1238.626331][T18872]  ? tomoyo_path_number_perm+0x219/0x630
[ 1238.626388][T18872]  ? do_vfs_ioctl+0x117b/0x1540
[ 1238.626413][T18872]  ? __pfx_binder_ioctl+0x10/0x10
[ 1238.626445][T18872]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1238.626469][T18872]  ? __pfx_smack_log+0x10/0x10
[ 1238.626496][T18872]  ? smk_access+0x14c/0x4e0
[ 1238.626528][T18872]  ? smk_tskacc+0x311/0x3a0
[ 1238.626559][T18872]  ? smack_file_ioctl+0x2c2/0x360
[ 1238.626592][T18872]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1238.626632][T18872]  ? __fget_files+0x2a/0x420
[ 1238.626661][T18872]  ? __fget_files+0x3a6/0x420
[ 1238.626689][T18872]  ? __fget_files+0x2a/0x420
[ 1238.626721][T18872]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1238.626748][T18872]  ? __pfx_binder_ioctl+0x10/0x10
[ 1238.626780][T18872]  __se_sys_ioctl+0xff/0x170
[ 1238.626806][T18872]  do_syscall_64+0x14d/0xf80
[ 1238.626834][T18872]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.626854][T18872]  ? trace_irq_disable+0x37/0x100
[ 1238.626874][T18872]  ? clear_bhb_loop+0x40/0x90
[ 1238.626899][T18872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.626921][T18872] RIP: 0033:0x7f039393bf79
[ 1238.626941][T18872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1238.626959][T18872] RSP: 002b:00007f0391b8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1238.626986][T18872] RAX: ffffffffffffffda RBX: 00007f0393bb5fa0 RCX: 00007f039393bf79
[ 1238.627001][T18872] RDX: 0000200000004a40 RSI: 00000000c0306201 RDI: 0000000000000005
[ 1238.627016][T18872] RBP: 00007f0391b8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1238.627030][T18872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1238.627043][T18872] R13: 00007f0393bb6038 R14: 00007f0393bb5fa0 R15: 00007ffd997f1ec8
[ 1238.627078][T18872]  </TASK>
[ 1238.657789][T18872] binder: 18871:18872 ioctl c0306201 200000004a40 returned -14
[ 1241.578575][ T5889] usb 7-1: new low-speed USB device number 37 using dummy_hcd
[ 1241.996303][T18906] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1242.079773][ T5889] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 1242.079838][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1242.079879][ T5889] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1242.079908][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1242.079938][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1242.081713][ T5889] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 1242.081769][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1242.081800][ T5889] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1242.081828][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1242.081866][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1242.085184][ T5889] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 1242.085240][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1242.085271][ T5889] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1242.085300][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1242.085330][ T5889] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1242.096265][ T5889] usb 7-1: string descriptor 0 read error: -22
[ 1242.096417][ T5889] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1242.096445][ T5889] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1242.699968][ T5889] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1244.038083][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1244.038160][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1244.689460][ T5889] usb 7-1: USB disconnect, device number 37
[ 1244.828002][T18900] mkiss: ax0: crc mode is auto.
[ 1245.347268][ T5889] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[ 1245.507236][ T5889] usb 7-1: Using ep0 maxpacket: 32
[ 1245.512937][ T5889] usb 7-1: config 0 has an invalid interface number: 219 but max is 0
[ 1245.512966][ T5889] usb 7-1: config 0 has no interface number 0
[ 1245.516351][ T5889] usb 7-1: New USB device found, idVendor=1b3d, idProduct=0166, bcdDevice=67.fc
[ 1245.516381][ T5889] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1245.516404][ T5889] usb 7-1: Product: syz
[ 1245.516420][ T5889] usb 7-1: Manufacturer: syz
[ 1245.516436][ T5889] usb 7-1: SerialNumber: syz
[ 1245.586132][ T5889] usb 7-1: config 0 descriptor??
[ 1245.600101][ T5889] ftdi_sio 7-1:0.219: FTDI USB Serial Device converter detected
[ 1245.617851][ T5889] ftdi_sio ttyUSB0: unknown device type: 0x67fc
[ 1247.790144][T18970] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1248.314968][T18976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3343'.
[ 1248.533873][T18975] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 1248.550672][    T9] usb 7-1: USB disconnect, device number 38
[ 1248.609673][    T9] ftdi_sio 7-1:0.219: device disconnected
[ 1248.764274][T18975] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1248.764818][T18983] FAULT_INJECTION: forcing a failure.
[ 1248.764818][T18983] name failslab, interval 1, probability 0, space 0, times 0
[ 1248.764855][T18983] CPU: 0 UID: 0 PID: 18983 Comm: syz.4.3346 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1248.764885][T18983] Tainted: [L]=SOFTLOCKUP
[ 1248.764894][T18983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1248.764909][T18983] Call Trace:
[ 1248.764918][T18983]  <TASK>
[ 1248.764928][T18983]  dump_stack_lvl+0xe8/0x150
[ 1248.764966][T18983]  should_fail_ex+0x46b/0x600
[ 1248.765000][T18983]  should_failslab+0xa8/0x100
[ 1248.765025][T18983]  kmem_cache_alloc_noprof+0x87/0x680
[ 1248.765050][T18983]  ? skb_clone+0x212/0x3a0
[ 1248.765076][T18983]  skb_clone+0x212/0x3a0
[ 1248.765104][T18983]  __netlink_deliver_tap+0x404/0x850
[ 1248.765145][T18983]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1248.765177][T18983]  netlink_deliver_tap+0x19c/0x1b0
[ 1248.765208][T18983]  netlink_unicast+0x805/0x9f0
[ 1248.765254][T18983]  ? __pfx_netlink_unicast+0x10/0x10
[ 1248.765290][T18983]  ? __alloc_skb+0x193/0x390
[ 1248.765323][T18983]  ? netlink_sendmsg+0x650/0xb40
[ 1248.765352][T18983]  ? skb_put+0x11b/0x210
[ 1248.765390][T18983]  netlink_sendmsg+0x813/0xb40
[ 1248.765437][T18983]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1248.765476][T18983]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1248.765506][T18983]  ____sys_sendmsg+0xa4e/0xac0
[ 1248.765529][T18983]  ? __might_fault+0xaf/0x130
[ 1248.765561][T18983]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1248.765596][T18983]  ? import_iovec+0x73/0xa0
[ 1248.765633][T18983]  ___sys_sendmsg+0x2a5/0x360
[ 1248.765655][T18983]  ? __lock_acquire+0x6b5/0x2cf0
[ 1248.765692][T18983]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1248.765766][T18983]  ? __fget_files+0x2a/0x420
[ 1248.765796][T18983]  ? __fget_files+0x3a6/0x420
[ 1248.765840][T18983]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1248.765867][T18983]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1248.765903][T18983]  ? __pfx_ksys_write+0x10/0x10
[ 1248.765938][T18983]  do_syscall_64+0x14d/0xf80
[ 1248.765970][T18983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1248.765992][T18983]  ? trace_irq_disable+0x37/0x100
[ 1248.766012][T18983]  ? clear_bhb_loop+0x40/0x90
[ 1248.766040][T18983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1248.766063][T18983] RIP: 0033:0x7f039393bf79
[ 1248.766082][T18983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1248.766098][T18983] RSP: 002b:00007f0391b8e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1248.766120][T18983] RAX: ffffffffffffffda RBX: 00007f0393bb5fa0 RCX: 00007f039393bf79
[ 1248.766133][T18983] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[ 1248.766144][T18983] RBP: 00007f0391b8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1248.766157][T18983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1248.766168][T18983] R13: 00007f0393bb6038 R14: 00007f0393bb5fa0 R15: 00007ffd997f1ec8
[ 1248.766196][T18983]  </TASK>
[ 1248.766953][T18983] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3346'.
[ 1249.207262][    T9] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[ 1250.460246][   T10] usb 10-1: new full-speed USB device number 30 using dummy_hcd
[ 1250.505120][    T9] usb 8-1: Using ep0 maxpacket: 16
[ 1250.518771][    T9] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1250.518805][    T9] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7
[ 1250.518835][    T9] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1250.518860][    T9] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1250.524660][    T9] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 1250.524691][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1250.524714][    T9] usb 8-1: Product: syz
[ 1250.524989][    T9] usb 8-1: Manufacturer: syz
[ 1250.525010][    T9] usb 8-1: SerialNumber: syz
[ 1250.621115][    T9] usb 8-1: config 0 descriptor??
[ 1250.685027][   T10] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1250.685840][   T10] usb 10-1: not running at top speed; connect to a high speed hub
[ 1250.721330][   T10] usb 10-1: config 129 has an invalid interface number: 135 but max is 0
[ 1250.721354][   T10] usb 10-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[ 1250.721372][   T10] usb 10-1: config 129 has no interface number 1
[ 1250.721498][   T10] usb 10-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1250.721521][   T10] usb 10-1: config 129 interface 135 has no altsetting 0
[ 1251.240138][   T10] usb 10-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[ 1251.240163][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1251.240179][   T10] usb 10-1: Product: syz
[ 1251.240231][   T10] usb 10-1: Manufacturer: syz
[ 1251.240243][   T10] usb 10-1: SerialNumber: syz
[ 1251.578576][T19000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1251.579086][T19000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1251.686488][    T9] input: syz syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input34
[ 1251.714727][ T5151] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[ 1251.879245][ T5151] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[ 1252.107778][ T5151] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[ 1252.178064][    T9] usb 8-1: USB disconnect, device number 38
[ 1252.247849][ T5151] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -19
[ 1252.906293][   T10] au0828: au0828: Device initialization failed.
[ 1252.906310][   T10] au0828: au0828: Device must be connected to a high-speed USB 2.0 port.
[ 1253.076580][   T10] usb 10-1: USB disconnect, device number 30
[ 1253.088707][T19011] FAULT_INJECTION: forcing a failure.
[ 1253.088707][T19011] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1253.088747][T19011] CPU: 1 UID: 0 PID: 19011 Comm: syz.9.3354 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1253.088778][T19011] Tainted: [L]=SOFTLOCKUP
[ 1253.088786][T19011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1253.088800][T19011] Call Trace:
[ 1253.088809][T19011]  <TASK>
[ 1253.088819][T19011]  dump_stack_lvl+0xe8/0x150
[ 1253.088855][T19011]  should_fail_ex+0x46b/0x600
[ 1253.088888][T19011]  prepare_alloc_pages+0x22a/0x6b0
[ 1253.088926][T19011]  __alloc_frozen_pages_noprof+0x12f/0x380
[ 1253.088960][T19011]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1253.088994][T19011]  ? __pfx_policy_nodemask+0x10/0x10
[ 1253.089023][T19011]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1253.089058][T19011]  alloc_pages_bulk_noprof+0x5f1/0x7d0
[ 1253.089093][T19011]  ? alloc_pages_noprof+0xe3/0x1e0
[ 1253.089124][T19011]  __kasan_populate_vmalloc+0xc1/0x1d0
[ 1253.089160][T19011]  ? rt_spin_unlock+0x160/0x200
[ 1253.089186][T19011]  alloc_vmap_area+0xdbc/0x14a0
[ 1253.089238][T19011]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1253.089263][T19011]  ? __kmalloc_cache_node_noprof+0x27d/0x6c0
[ 1253.089290][T19011]  ? __get_vm_area_node+0x171/0x350
[ 1253.089311][T19011]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.089337][T19011]  __get_vm_area_node+0x226/0x350
[ 1253.089366][T19011]  __vmalloc_node_range_noprof+0x372/0x1730
[ 1253.089391][T19011]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.089439][T19011]  ? kernel_text_address+0xa5/0xe0
[ 1253.089466][T19011]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1253.089498][T19011]  ? __lock_acquire+0x6b5/0x2cf0
[ 1253.089534][T19011]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.089553][T19011]  __vmalloc_noprof+0xd2/0x120
[ 1253.089577][T19011]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.089603][T19011]  bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.089632][T19011]  bpf_prog_alloc+0x3c/0x1a0
[ 1253.089656][T19011]  bpf_prog_load+0x7ba/0x1ae0
[ 1253.089694][T19011]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1253.089716][T19011]  ? __might_fault+0xaf/0x130
[ 1253.089762][T19011]  ? bpf_lsm_bpf+0x9/0x20
[ 1253.089789][T19011]  ? security_bpf+0x7e/0x2d0
[ 1253.089815][T19011]  __sys_bpf+0x618/0x950
[ 1253.089852][T19011]  ? __pfx___sys_bpf+0x10/0x10
[ 1253.089883][T19011]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 1253.089924][T19011]  ? ksys_write+0x248/0x270
[ 1253.089949][T19011]  ? __pfx_ksys_write+0x10/0x10
[ 1253.089980][T19011]  __x64_sys_bpf+0x7c/0x90
[ 1253.090011][T19011]  do_syscall_64+0x14d/0xf80
[ 1253.090040][T19011]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1253.090062][T19011]  ? trace_irq_disable+0x37/0x100
[ 1253.090081][T19011]  ? clear_bhb_loop+0x40/0x90
[ 1253.090108][T19011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1253.090130][T19011] RIP: 0033:0x7fc84741bf79
[ 1253.090150][T19011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1253.090171][T19011] RSP: 002b:00007fc845676028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1253.090203][T19011] RAX: ffffffffffffffda RBX: 00007fc847695fa0 RCX: 00007fc84741bf79
[ 1253.090221][T19011] RDX: 0000000000000022 RSI: 0000200000000640 RDI: 0000000000000005
[ 1253.090236][T19011] RBP: 00007fc845676090 R08: 0000000000000000 R09: 0000000000000000
[ 1253.090251][T19011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1253.090265][T19011] R13: 00007fc847696038 R14: 00007fc847695fa0 R15: 00007ffde9f0a968
[ 1253.090302][T19011]  </TASK>
[ 1253.090357][T19011] syz.9.3354: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1253.090427][T19011] CPU: 1 UID: 0 PID: 19011 Comm: syz.9.3354 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1253.090458][T19011] Tainted: [L]=SOFTLOCKUP
[ 1253.090466][T19011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1253.090478][T19011] Call Trace:
[ 1253.090487][T19011]  <TASK>
[ 1253.090496][T19011]  dump_stack_lvl+0xe8/0x150
[ 1253.090528][T19011]  warn_alloc+0x263/0x3e0
[ 1253.090556][T19011]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1253.090592][T19011]  ? __pfx_warn_alloc+0x10/0x10
[ 1253.090621][T19011]  ? __get_vm_area_node+0x23f/0x350
[ 1253.090642][T19011]  ? __get_vm_area_node+0x171/0x350
[ 1253.090664][T19011]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.090688][T19011]  ? __get_vm_area_node+0x23f/0x350
[ 1253.090718][T19011]  __vmalloc_node_range_noprof+0x397/0x1730
[ 1253.090772][T19011]  ? kernel_text_address+0xa5/0xe0
[ 1253.090800][T19011]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1253.090832][T19011]  ? __lock_acquire+0x6b5/0x2cf0
[ 1253.090868][T19011]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.090889][T19011]  __vmalloc_noprof+0xd2/0x120
[ 1253.090913][T19011]  ? bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.090939][T19011]  bpf_prog_alloc_no_stats+0x4a/0x4f0
[ 1253.090985][T19011]  bpf_prog_alloc+0x3c/0x1a0
[ 1253.091011][T19011]  bpf_prog_load+0x7ba/0x1ae0
[ 1253.091050][T19011]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1253.091072][T19011]  ? __might_fault+0xaf/0x130
[ 1253.091116][T19011]  ? bpf_lsm_bpf+0x9/0x20
[ 1253.091136][T19011]  ? security_bpf+0x7e/0x2d0
[ 1253.091153][T19011]  __sys_bpf+0x618/0x950
[ 1253.091179][T19011]  ? __pfx___sys_bpf+0x10/0x10
[ 1253.091207][T19011]  ? rt_mutex_slowunlock+0x1cb/0x300
[ 1253.091236][T19011]  ? ksys_write+0x248/0x270
[ 1253.091253][T19011]  ? __pfx_ksys_write+0x10/0x10
[ 1253.091275][T19011]  __x64_sys_bpf+0x7c/0x90
[ 1253.091298][T19011]  do_syscall_64+0x14d/0xf80
[ 1253.091319][T19011]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1253.091335][T19011]  ? trace_irq_disable+0x37/0x100
[ 1253.091348][T19011]  ? clear_bhb_loop+0x40/0x90
[ 1253.091367][T19011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1253.091383][T19011] RIP: 0033:0x7fc84741bf79
[ 1253.091397][T19011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1253.091439][T19011] RSP: 002b:00007fc845676028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1253.091463][T19011] RAX: ffffffffffffffda RBX: 00007fc847695fa0 RCX: 00007fc84741bf79
[ 1253.091479][T19011] RDX: 0000000000000022 RSI: 0000200000000640 RDI: 0000000000000005
[ 1253.091495][T19011] RBP: 00007fc845676090 R08: 0000000000000000 R09: 0000000000000000
[ 1253.091509][T19011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1253.091522][T19011] R13: 00007fc847696038 R14: 00007fc847695fa0 R15: 00007ffde9f0a968
[ 1253.091559][T19011]  </TASK>
[ 1253.094790][T19011] Mem-Info:
[ 1253.094804][T19011] active_anon:279 inactive_anon:8845 isolated_anon:0
[ 1253.094804][T19011]  active_file:25464 inactive_file:35613 isolated_file:0
[ 1253.094804][T19011]  unevictable:777 dirty:27 writeback:0
[ 1253.094804][T19011]  slab_reclaimable:9738 slab_unreclaimable:107380
[ 1253.094804][T19011]  mapped:31747 shmem:1383 pagetables:2289
[ 1253.094804][T19011]  sec_pagetables:0 bounce:0
[ 1253.094804][T19011]  kernel_misc_reclaimable:0
[ 1253.094804][T19011]  free:1104342 free_pcp:6405 free_cma:0
[ 1253.094864][T19011] Node 0 active_anon:1116kB inactive_anon:33996kB active_file:101340kB inactive_file:142452kB unevictable:1572kB isolated(anon):0kB isolated(file):0kB mapped:106508kB dirty:108kB writeback:0kB shmem:3996kB kernel_stack:14900kB pagetables:8788kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1253.094915][T19011] Node 1 active_anon:0kB inactive_anon:1384kB active_file:516kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20480kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:96kB pagetables:368kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1253.094965][T19011] Node 0 DMA free:11248kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB
[ 1253.095030][T19011] lowmem_reserve[]: 0 2507 2508 2508 2508
[ 1253.095068][T19011] Node 0 DMA32 free:688120kB boost:0kB min:3936kB low:6476kB high:9016kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1116kB inactive_anon:33996kB active_file:101340kB inactive_file:142452kB unevictable:1572kB writepending:108kB zspages:0kB present:3129332kB managed:2567896kB mlocked:36kB bounce:0kB free_pcp:25540kB local_pcp:19236kB free_cma:0kB
[ 1253.095136][T19011] lowmem_reserve[]: 0 0 0 0 0
[ 1253.095172][T19011] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:720kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB
[ 1253.095485][T19011] lowmem_reserve[]: 0 0 0 0 0
[ 1253.095589][T19011] Node 1 Normal free:3718000kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:1384kB active_file:516kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:64kB local_pcp:0kB free_cma:0kB
[ 1253.095656][T19011] lowmem_reserve[]: 0 0 0 0 0
[ 1253.095691][T19011] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 11248kB
[ 1253.095842][T19011] Node 0 DMA32: 2613*4kB (UME) 1893*8kB (UME) 1053*16kB (UME) 615*32kB (UME) 555*64kB (UME) 619*128kB (UME) 493*256kB (UME) 324*512kB (UME) 206*1024kB (UME) 4*2048kB (M) 0*4096kB = 688108kB
[ 1253.096003][T19011] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1253.140018][T19011] Node 1 Normal: 170*4kB (UM) 113*8kB (UME) 80*16kB (UME) 82*32kB (UME) 48*64kB (UME) 34*128kB (UM) 23*256kB (UM) 17*512kB (UM) 16*1024kB (UME) 12*2048kB (UME) 891*4096kB (UM) = 3718000kB
[ 1254.027217][T19011] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1254.028029][T19011] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB
[ 1254.028115][T19011] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1254.028166][T19011] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1254.028211][T19011] 62448 total pagecache pages
[ 1254.028240][T19011] 0 pages in swap cache
[ 1254.028261][T19011] Free swap  = 124996kB
[ 1254.028283][T19011] Total swap = 124996kB
[ 1254.028325][T19011] 2097051 pages RAM
[ 1254.028347][T19011] 0 pages HighMem/MovableOnly
[ 1254.028377][T19011] 423282 pages reserved
[ 1254.028399][T19011] 0 pages cma reserved
[ 1254.898209][T19020] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1255.534055][T19027] FAULT_INJECTION: forcing a failure.
[ 1255.534055][T19027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1255.534086][T19027] CPU: 0 UID: 0 PID: 19027 Comm: syz.9.3357 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1255.534108][T19027] Tainted: [L]=SOFTLOCKUP
[ 1255.534114][T19027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1255.534124][T19027] Call Trace:
[ 1255.534131][T19027]  <TASK>
[ 1255.534138][T19027]  dump_stack_lvl+0xe8/0x150
[ 1255.534166][T19027]  should_fail_ex+0x46b/0x600
[ 1255.534190][T19027]  _copy_from_user+0x2d/0xb0
[ 1255.534215][T19027]  iopt_pages_rw_access+0x521/0x8d0
[ 1255.534245][T19027]  ? __pfx_iopt_pages_rw_access+0x10/0x10
[ 1255.534265][T19027]  ? interval_tree_iter_first+0x1d0/0x1f0
[ 1255.534285][T19027]  ? iopt_area_contig_init+0x17c/0x220
[ 1255.534310][T19027]  iommufd_access_rw+0x332/0x4e0
[ 1255.534337][T19027]  ? __pfx_iommufd_access_rw+0x10/0x10
[ 1255.534368][T19027]  iommufd_test+0x480c/0x5d10
[ 1255.534397][T19027]  ? __lock_acquire+0x6b5/0x2cf0
[ 1255.534428][T19027]  ? __pfx_iommufd_test+0x10/0x10
[ 1255.534459][T19027]  ? tomoyo_path_number_perm+0x219/0x630
[ 1255.534485][T19027]  ? tomoyo_path_number_perm+0x219/0x630
[ 1255.534514][T19027]  ? __might_fault+0xaf/0x130
[ 1255.534533][T19027]  ? __might_fault+0xaf/0x130
[ 1255.534569][T19027]  iommufd_fops_ioctl+0x4b8/0x5d0
[ 1255.534589][T19027]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1255.534618][T19027]  ? __fget_files+0x2a/0x420
[ 1255.534645][T19027]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1255.534665][T19027]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 1255.534691][T19027]  __se_sys_ioctl+0xff/0x170
[ 1255.534710][T19027]  do_syscall_64+0x14d/0xf80
[ 1255.534731][T19027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1255.534747][T19027]  ? trace_irq_disable+0x37/0x100
[ 1255.534761][T19027]  ? clear_bhb_loop+0x40/0x90
[ 1255.534780][T19027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1255.534796][T19027] RIP: 0033:0x7fc84741bf79
[ 1255.534811][T19027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1255.534825][T19027] RSP: 002b:00007fc845676028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1255.534843][T19027] RAX: ffffffffffffffda RBX: 00007fc847695fa0 RCX: 00007fc84741bf79
[ 1255.534855][T19027] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000005
[ 1255.534866][T19027] RBP: 00007fc845676090 R08: 0000000000000000 R09: 0000000000000000
[ 1255.534876][T19027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1255.534886][T19027] R13: 00007fc847696038 R14: 00007fc847695fa0 R15: 00007ffde9f0a968
[ 1255.534913][T19027]  </TASK>
[ 1256.192403][T19029] FAULT_INJECTION: forcing a failure.
[ 1256.192403][T19029] name failslab, interval 1, probability 0, space 0, times 0
[ 1256.192459][T19029] CPU: 1 UID: 0 PID: 19029 Comm: syz.4.3358 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1256.192490][T19029] Tainted: [L]=SOFTLOCKUP
[ 1256.192499][T19029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1256.192513][T19029] Call Trace:
[ 1256.192521][T19029]  <TASK>
[ 1256.192532][T19029]  dump_stack_lvl+0xe8/0x150
[ 1256.192566][T19029]  should_fail_ex+0x46b/0x600
[ 1256.192590][T19029]  should_failslab+0xa8/0x100
[ 1256.192614][T19029]  kmem_cache_alloc_noprof+0x87/0x680
[ 1256.192631][T19029]  ? skb_clone+0x212/0x3a0
[ 1256.192653][T19029]  skb_clone+0x212/0x3a0
[ 1256.192672][T19029]  __netlink_deliver_tap+0x404/0x850
[ 1256.192703][T19029]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1256.192724][T19029]  netlink_deliver_tap+0x19c/0x1b0
[ 1256.192745][T19029]  netlink_unicast+0x805/0x9f0
[ 1256.192770][T19029]  ? __pfx_netlink_unicast+0x10/0x10
[ 1256.192787][T19029]  ? __alloc_skb+0x193/0x390
[ 1256.192811][T19029]  ? netlink_sendmsg+0x650/0xb40
[ 1256.192830][T19029]  ? skb_put+0x11b/0x210
[ 1256.192856][T19029]  netlink_sendmsg+0x813/0xb40
[ 1256.192886][T19029]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1256.192912][T19029]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1256.192933][T19029]  ____sys_sendmsg+0xa4e/0xac0
[ 1256.192948][T19029]  ? __might_fault+0xaf/0x130
[ 1256.192971][T19029]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1256.192993][T19029]  ? import_iovec+0x73/0xa0
[ 1256.193018][T19029]  ___sys_sendmsg+0x2a5/0x360
[ 1256.193033][T19029]  ? __lock_acquire+0x6b5/0x2cf0
[ 1256.193058][T19029]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1256.193101][T19029]  ? __fget_files+0x2a/0x420
[ 1256.193121][T19029]  ? __fget_files+0x3a6/0x420
[ 1256.193150][T19029]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1256.193168][T19029]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1256.193191][T19029]  ? __pfx_ksys_write+0x10/0x10
[ 1256.193216][T19029]  do_syscall_64+0x14d/0xf80
[ 1256.193237][T19029]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1256.193252][T19029]  ? trace_irq_disable+0x37/0x100
[ 1256.193266][T19029]  ? clear_bhb_loop+0x40/0x90
[ 1256.193285][T19029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1256.193301][T19029] RIP: 0033:0x7f039393bf79
[ 1256.193315][T19029] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1256.193328][T19029] RSP: 002b:00007f0391b8e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1256.193345][T19029] RAX: ffffffffffffffda RBX: 00007f0393bb5fa0 RCX: 00007f039393bf79
[ 1256.193357][T19029] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1256.193368][T19029] RBP: 00007f0391b8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1256.193378][T19029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1256.193388][T19029] R13: 00007f0393bb6038 R14: 00007f0393bb5fa0 R15: 00007ffd997f1ec8
[ 1256.193431][T19029]  </TASK>
[ 1257.777725][T14229] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[ 1258.017137][T14229] usb 10-1: Using ep0 maxpacket: 16
[ 1258.020498][T14229] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1258.020573][T14229] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1258.020595][T14229] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1258.020612][T14229] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1258.020631][T14229] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1258.023334][T14229] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1258.023357][T14229] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1258.023373][T14229] usb 10-1: Manufacturer: syz
[ 1258.131116][T14229] usb 10-1: config 0 descriptor??
[ 1258.489490][T14229] rc_core: IR keymap rc-hauppauge not found
[ 1258.489516][T14229] Registered IR keymap rc-empty
[ 1258.489669][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.515866][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.533212][T14229] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0
[ 1258.561404][T14229] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input35
[ 1258.589655][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.607308][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.627295][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.647179][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.667361][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.691507][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.708192][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.727147][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.747654][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.767162][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.790670][T14229] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[ 1258.823336][T14229] mceusb 10-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1258.823379][T14229] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1258.865539][   T37] audit: type=1326 audit(1771210760.157:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1258.895032][T14229] usb 10-1: USB disconnect, device number 31
[ 1259.025846][   T37] audit: type=1326 audit(1771210760.187:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1259.026239][   T37] audit: type=1326 audit(1771210760.317:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1259.070629][   T37] audit: type=1326 audit(1771210760.317:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1259.177530][   T37] audit: type=1326 audit(1771210760.367:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1259.189668][   T37] audit: type=1326 audit(1771210760.477:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1259.466587][   T37] audit: type=1326 audit(1771210760.737:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1259.507263][   T37] audit: type=1326 audit(1771210760.777:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b42d4bf79 code=0x7ffc0000
[ 1259.644600][   T37] audit: type=1326 audit(1771210760.927:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b42d0c84e code=0x7ffc0000
[ 1259.644656][   T37] audit: type=1326 audit(1771210760.927:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19046 comm="syz.7.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b42d0c84e code=0x7ffc0000
[ 1259.874487][T19059] FAULT_INJECTION: forcing a failure.
[ 1259.874487][T19059] name failslab, interval 1, probability 0, space 0, times 0
[ 1259.874536][T19059] CPU: 1 UID: 0 PID: 19059 Comm: syz.9.3366 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1259.874561][T19059] Tainted: [L]=SOFTLOCKUP
[ 1259.874568][T19059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1259.874578][T19059] Call Trace:
[ 1259.874585][T19059]  <TASK>
[ 1259.874592][T19059]  dump_stack_lvl+0xe8/0x150
[ 1259.874621][T19059]  should_fail_ex+0x46b/0x600
[ 1259.874646][T19059]  should_failslab+0xa8/0x100
[ 1259.874666][T19059]  kmem_cache_alloc_noprof+0x87/0x680
[ 1259.874684][T19059]  ? skb_clone+0x212/0x3a0
[ 1259.874705][T19059]  skb_clone+0x212/0x3a0
[ 1259.874725][T19059]  __netlink_deliver_tap+0x404/0x850
[ 1259.874757][T19059]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1259.874779][T19059]  netlink_deliver_tap+0x19c/0x1b0
[ 1259.874801][T19059]  netlink_unicast+0x805/0x9f0
[ 1259.874827][T19059]  ? __pfx_netlink_unicast+0x10/0x10
[ 1259.874851][T19059]  ? __alloc_skb+0x193/0x390
[ 1259.874875][T19059]  ? netlink_sendmsg+0x650/0xb40
[ 1259.874895][T19059]  ? skb_put+0x11b/0x210
[ 1259.874926][T19059]  netlink_sendmsg+0x813/0xb40
[ 1259.874955][T19059]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1259.874983][T19059]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1259.875004][T19059]  ____sys_sendmsg+0xa4e/0xac0
[ 1259.875024][T19059]  ? __might_fault+0xaf/0x130
[ 1259.875048][T19059]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1259.875071][T19059]  ? import_iovec+0x73/0xa0
[ 1259.875097][T19059]  ___sys_sendmsg+0x2a5/0x360
[ 1259.875112][T19059]  ? __lock_acquire+0x6b5/0x2cf0
[ 1259.875138][T19059]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1259.875188][T19059]  ? __fget_files+0x2a/0x420
[ 1259.875210][T19059]  ? __fget_files+0x3a6/0x420
[ 1259.875240][T19059]  __x64_sys_sendmsg+0x1c3/0x2a0
[ 1259.875259][T19059]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1259.875283][T19059]  ? __pfx_ksys_write+0x10/0x10
[ 1259.875320][T19059]  do_syscall_64+0x14d/0xf80
[ 1259.875341][T19059]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1259.875357][T19059]  ? trace_irq_disable+0x37/0x100
[ 1259.875371][T19059]  ? clear_bhb_loop+0x40/0x90
[ 1259.875391][T19059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1259.875427][T19059] RIP: 0033:0x7fc84741bf79
[ 1259.875449][T19059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1259.875469][T19059] RSP: 002b:00007fc845676028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1259.875494][T19059] RAX: ffffffffffffffda RBX: 00007fc847695fa0 RCX: 00007fc84741bf79
[ 1259.875511][T19059] RDX: 0000000000008000 RSI: 00002000000002c0 RDI: 0000000000000004
[ 1259.875526][T19059] RBP: 00007fc845676090 R08: 0000000000000000 R09: 0000000000000000
[ 1259.875539][T19059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1259.875554][T19059] R13: 00007fc847696038 R14: 00007fc847695fa0 R15: 00007ffde9f0a968
[ 1259.875593][T19059]  </TASK>
[ 1259.927119][T14229] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[ 1260.337350][T14229] usb 8-1: Using ep0 maxpacket: 8
[ 1261.127361][T19068] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1262.067134][    T9] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[ 1262.160843][T19073] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3370'.
[ 1262.166647][T19073] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3370'.
[ 1262.259382][    T9] usb 5-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 1262.259793][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1262.259819][    T9] usb 5-1: Product: syz
[ 1262.259836][    T9] usb 5-1: Manufacturer: syz
[ 1262.259851][    T9] usb 5-1: SerialNumber: syz
[ 1262.372051][    T9] usb 5-1: config 0 descriptor??
[ 1262.446487][    T9] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 1264.500917][    T9] gspca_sunplus: reg_r err -71
[ 1264.501020][    T9] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[ 1264.563340][    T9] usb 5-1: USB disconnect, device number 40
[ 1265.641697][T14229] usb 8-1: unable to read config index 0 descriptor/start: -110
[ 1265.641876][T14229] usb 8-1: can't read configurations, error -110
[ 1266.529762][T14229] usb 8-1: new high-speed USB device number 40 using dummy_hcd
[ 1268.020611][T19096] syzkaller1: entered allmulticast mode
[ 1270.344199][T19105] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1271.455267][T19115] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3383'.
[ 1271.477216][ T5889] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[ 1271.542983][T19115] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3383'.
[ 1271.657163][ T5889] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1271.657198][ T5889] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1271.657220][ T5889] usb 5-1: Product: syz
[ 1271.657236][ T5889] usb 5-1: Manufacturer: syz
[ 1271.657253][ T5889] usb 5-1: SerialNumber: syz
[ 1271.687165][T14229] usb 8-1: device descriptor read/64, error -110
[ 1271.729388][ T5889] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1271.800658][T14229] usb usb8-port1: attempt power cycle
[ 1271.929844][ T9716] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1272.147311][T14229] usb 8-1: new high-speed USB device number 41 using dummy_hcd
[ 1272.167540][T14229] usb 8-1: device descriptor read/8, error -32
[ 1272.334642][T19112] macvlan0: entered allmulticast mode
[ 1272.334801][T19112] veth1_vlan: entered allmulticast mode
[ 1272.407198][T14229] usb 8-1: new high-speed USB device number 42 using dummy_hcd
[ 1272.428315][T14229] usb 8-1: device descriptor read/8, error -32
[ 1272.508229][    T9] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[ 1273.462878][ T9716] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 1273.463602][ T9716] ath9k_htc: Failed to initialize the device
[ 1273.479634][T14229] usb usb8-port1: unable to enumerate USB device
[ 1274.586834][ T5953] usb 5-1: USB disconnect, device number 41
[ 1274.626014][    T9] usb 7-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 1274.626049][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1274.626065][    T9] usb 7-1: Product: syz
[ 1274.626076][    T9] usb 7-1: Manufacturer: syz
[ 1274.626087][    T9] usb 7-1: SerialNumber: syz
[ 1274.874161][ T5953] usb 5-1: ath9k_htc: USB layer deinitialized
[ 1274.875581][    T9] usb 7-1: config 0 descriptor??
[ 1274.934979][    T9] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 1275.157548][ T5953] ==================================================================
[ 1275.157566][ T5953] BUG: KASAN: vmalloc-out-of-bounds in __list_add_valid_or_report+0x4e/0x130
[ 1275.157592][ T5953] Read of size 8 at addr ffffc9001fdc5008 by task kworker/0:6/5953
[ 1275.157607][ T5953] 
[ 1275.157619][ T5953] CPU: 0 UID: 0 PID: 5953 Comm: kworker/0:6 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1275.157642][ T5953] Tainted: [L]=SOFTLOCKUP
[ 1275.157648][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1275.157660][ T5953] Workqueue: usb_hub_wq hub_event
[ 1275.157684][ T5953] Call Trace:
[ 1275.157691][ T5953]  <TASK>
[ 1275.157699][ T5953]  dump_stack_lvl+0xe8/0x150
[ 1275.157723][ T5953]  print_report+0xba/0x230
[ 1275.157743][ T5953]  ? __list_add_valid_or_report+0x4e/0x130
[ 1275.157760][ T5953]  kasan_report+0x117/0x150
[ 1275.157779][ T5953]  ? __list_add_valid_or_report+0x4e/0x130
[ 1275.157800][ T5953]  __list_add_valid_or_report+0x4e/0x130
[ 1275.157820][ T5953]  kcov_remote_stop+0x457/0x680
[ 1275.157848][ T5953]  hub_event+0x49d8/0x4f60
[ 1275.157874][ T5953]  ? __lock_acquire+0x6b5/0x2cf0
[ 1275.157898][ T5953]  ? update_load_avg+0x1b0/0x1e70
[ 1275.157928][ T5953]  ? finish_task_switch+0x161/0x920
[ 1275.157959][ T5953]  ? __pfx_hub_event+0x10/0x10
[ 1275.157981][ T5953]  ? process_scheduled_works+0xa0f/0x17a0
[ 1275.158004][ T5953]  ? process_scheduled_works+0xa0f/0x17a0
[ 1275.158022][ T5953]  ? process_scheduled_works+0xa0f/0x17a0
[ 1275.158041][ T5953]  process_scheduled_works+0xaec/0x17a0
[ 1275.158074][ T5953]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1275.158096][ T5953]  ? assign_work+0x3d5/0x5e0
[ 1275.158116][ T5953]  worker_thread+0xa50/0xfc0
[ 1275.158148][ T5953]  kthread+0x388/0x470
[ 1275.158171][ T5953]  ? __pfx_worker_thread+0x10/0x10
[ 1275.158189][ T5953]  ? __pfx_kthread+0x10/0x10
[ 1275.158212][ T5953]  ret_from_fork+0x51e/0xb90
[ 1275.158234][ T5953]  ? __pfx_ret_from_fork+0x10/0x10
[ 1275.158253][ T5953]  ? __switch_to+0xc7d/0x1400
[ 1275.158271][ T5953]  ? __pfx_kthread+0x10/0x10
[ 1275.158294][ T5953]  ret_from_fork_asm+0x1a/0x30
[ 1275.158333][ T5953]  </TASK>
[ 1275.158338][ T5953] 
[ 1275.158343][ T5953] The buggy address belongs to a vmalloc virtual mapping
[ 1275.158356][ T5953] Memory state around the buggy address:
[ 1275.158366][ T5953]  ffffc9001fdc4f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 1275.158377][ T5953]  ffffc9001fdc4f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 1275.158388][ T5953] >ffffc9001fdc5000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 1275.158400][ T5953]                       ^
[ 1275.158409][ T5953]  ffffc9001fdc5080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 1275.158420][ T5953]  ffffc9001fdc5100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 1275.158428][ T5953] ==================================================================
[ 1275.159525][ T5953] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1275.159548][ T5953] CPU: 0 UID: 0 PID: 5953 Comm: kworker/0:6 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1275.159574][ T5953] Tainted: [L]=SOFTLOCKUP
[ 1275.159583][ T5953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1275.159598][ T5953] Workqueue: usb_hub_wq hub_event
[ 1275.159630][ T5953] Call Trace:
[ 1275.159639][ T5953]  <TASK>
[ 1275.159649][ T5953]  vpanic+0x1e0/0x670
[ 1275.159684][ T5953]  panic+0xc5/0xd0
[ 1275.159715][ T5953]  ? __pfx_panic+0x10/0x10
[ 1275.159748][ T5953]  ? preempt_schedule_thunk+0x16/0x30
[ 1275.159775][ T5953]  ? __list_add_valid_or_report+0x4e/0x130
[ 1275.159800][ T5953]  ? preempt_schedule_thunk+0x16/0x30
[ 1275.159825][ T5953]  ? __list_add_valid_or_report+0x4e/0x130
[ 1275.159848][ T5953]  check_panic_on_warn+0x89/0xb0
[ 1275.159871][ T5953]  ? __list_add_valid_or_report+0x4e/0x130
[ 1275.159895][ T5953]  end_report+0x6f/0x140
[ 1275.159920][ T5953]  kasan_report+0x128/0x150
[ 1275.159947][ T5953]  ? __list_add_valid_or_report+0x4e/0x130
[ 1275.159977][ T5953]  __list_add_valid_or_report+0x4e/0x130
[ 1275.160006][ T5953]  kcov_remote_stop+0x457/0x680
[ 1275.160044][ T5953]  hub_event+0x49d8/0x4f60
[ 1275.160082][ T5953]  ? __lock_acquire+0x6b5/0x2cf0
[ 1275.160114][ T5953]  ? update_load_avg+0x1b0/0x1e70
[ 1275.160155][ T5953]  ? finish_task_switch+0x161/0x920
[ 1275.160196][ T5953]  ? __pfx_hub_event+0x10/0x10
[ 1275.160225][ T5953]  ? process_scheduled_works+0xa0f/0x17a0
[ 1275.160255][ T5953]  ? process_scheduled_works+0xa0f/0x17a0
[ 1275.160281][ T5953]  ? process_scheduled_works+0xa0f/0x17a0
[ 1275.160316][ T5953]  process_scheduled_works+0xaec/0x17a0
[ 1275.160360][ T5953]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1275.160394][ T5953]  ? assign_work+0x3d5/0x5e0
[ 1275.160424][ T5953]  worker_thread+0xa50/0xfc0
[ 1275.160466][ T5953]  kthread+0x388/0x470
[ 1275.160496][ T5953]  ? __pfx_worker_thread+0x10/0x10
[ 1275.160523][ T5953]  ? __pfx_kthread+0x10/0x10
[ 1275.160557][ T5953]  ret_from_fork+0x51e/0xb90
[ 1275.160587][ T5953]  ? __pfx_ret_from_fork+0x10/0x10
[ 1275.160613][ T5953]  ? __switch_to+0xc7d/0x1400
[ 1275.160639][ T5953]  ? __pfx_kthread+0x10/0x10
[ 1275.160673][ T5953]  ret_from_fork_asm+0x1a/0x30
[ 1275.160717][ T5953]  </TASK>
[ 1275.161314][ T5953] Kernel Offset: disabled