last executing test programs:

13m19.151347864s ago: executing program 2 (id=3):
socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x67)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="110200000000000000000100000030000180060005004e21000014000400000000000000000000000000000000010800060001000000060001000a0000009bc8a3d0e8da39b17993ff43ad778013978839ed10c4d05be78a46f2db36edeef6a3a781c46a9fce73d48e6bf738c89ef2ae19dc8b0a1f95c5883fa8d6bbb319f3907e0ae3dd2264386fbe7c683de00a16ca4e829acbba52c7473a8723bcc1cbe786f7e7db0886506cfd7f6305aa7481c9c916cd31e3c10a70d3ec1182eb95ad3e5fcfb8cc36ecfed1604887e0b4e8bb"], 0x44}}, 0x0)

13m17.262605371s ago: executing program 2 (id=7):
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000080)={0x4, [0xd3, 0x7fff, 0x1, 0x400, 0x3, 0x6, 0x81a7, 0xc5, 0x29, 0x8ca8, 0x3, 0x2, 0x8, 0x8fb, 0xd43, 0xf001, 0x1ff, 0x309, 0x3, 0x5, 0xffff, 0x7, 0xc5, 0x2, 0x6, 0x32c, 0xfff9, 0x1, 0x7, 0x10, 0x3, 0xfffe, 0xe, 0xc, 0x13, 0x1800, 0x400, 0x5, 0x2, 0x0, 0x100, 0x382, 0xbdd6, 0x1, 0x7fbf, 0x1000, 0x2, 0x7], 0x7})
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
flock(0xffffffffffffffff, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
getxattr(0x0, &(0x7f0000000140)=@known='system.posix_acl_access\x00', 0x0, 0x0)
fanotify_init(0x8, 0x1)
connect$unix(r1, &(0x7f00000027c0)=@file={0x0, './file0\x00'}, 0x6e)
recvfrom$unix(r1, 0x0, 0x0, 0x40010020, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fanotify_init(0x10, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x26)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000000)={'\x00', 0x100, 0xe, 0x8001, 0x5, 0x10})
r7 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r7, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10)

13m12.992503393s ago: executing program 2 (id=9):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})
r3 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x430})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000800000/0x800000)=nil, &(0x7f000022a000/0x4000)=nil, 0x800000})

13m2.547345427s ago: executing program 3 (id=4):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000140)={[{@grpquota}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$int_in(r0, 0x40000000af01, 0x0)

12m59.553180547s ago: executing program 3 (id=13):
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000080)={0x4, [0xd3, 0x7fff, 0x1, 0x400, 0x3, 0x6, 0x81a7, 0xc5, 0x29, 0x8ca8, 0x3, 0x2, 0x8, 0x8fb, 0xd43, 0xf001, 0x1ff, 0x309, 0x3, 0x5, 0xffff, 0x7, 0xc5, 0x2, 0x6, 0x32c, 0xfff9, 0x1, 0x7, 0x10, 0x3, 0xfffe, 0xe, 0xc, 0x13, 0x1800, 0x400, 0x5, 0x2, 0x0, 0x100, 0x382, 0xbdd6, 0x1, 0x7fbf, 0x1000, 0x2, 0x7], 0x7})
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
flock(0xffffffffffffffff, 0x2)
fanotify_init(0x8, 0x1)
connect$unix(r1, &(0x7f00000027c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x2d, 0x20040040)
recvfrom$unix(r1, 0x0, 0x0, 0x40010020, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fanotify_init(0x10, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x26)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000000)={'\x00', 0x100, 0xe, 0x8001, 0x5, 0x10})
r8 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r8, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10)

12m56.078876478s ago: executing program 32 (id=9):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})
r3 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x430})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000800000/0x800000)=nil, &(0x7f000022a000/0x4000)=nil, 0x800000})

12m55.931629995s ago: executing program 3 (id=15):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xe26)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x800000000002, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="02000000040000000800000001000000800000", @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000058000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000409500000000000000b7020000000000007b9af8ff00000000b5090000010000007baaf0ff00000000bf2700000000000007080000fffdffffbfa400000000000007040000f0ffffff740200000800000018090000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff760000007ea0000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

12m55.213006016s ago: executing program 4 (id=5):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000001d00), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x2000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@setlink={0x3c, 0x13, 0x1, 0x2000000, 0x25dfdbff, {}, [@IFLA_CARRIER={0x5}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e04f20b20"], 0x7)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd1, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}}, 0x10)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000000c0)="06e805e6395a6c66a6996be0265cd970a5158a659cf2852fad57cf022e57839880a1250ad46810f49a3c91ff7f000000000000883fe20a85b685c5228b03dc7d02fa9635737721d3cb860235aa911818452364db46a67005f839eeb7db6bdf0901de2fe74002896fc2a0fbb859a3654f467c669dd9bd3f858a577517079548ae867ed3a08e285e5ca909abd85b1e1e4c7f183f4f3bf0613032e8a8a4dba29c4ebbd5e2a1610f33096e9c319ba23103fe5f07", 0x48}]}, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x14, 0x21, 0x9, 0x2, 0x25dfdbff, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
writev(r4, &(0x7f0000000040), 0x2)
read$FUSE(r0, 0x0, 0x0)

12m36.616142996s ago: executing program 33 (id=15):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xe26)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x800000000002, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="02000000040000000800000001000000800000", @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000058000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000409500000000000000b7020000000000007b9af8ff00000000b5090000010000007baaf0ff00000000bf2700000000000007080000fffdffffbfa400000000000007040000f0ffffff740200000800000018090000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff760000007ea0000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

12m36.394314324s ago: executing program 34 (id=5):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000001d00), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x2000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@setlink={0x3c, 0x13, 0x1, 0x2000000, 0x25dfdbff, {}, [@IFLA_CARRIER={0x5}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e04f20b20"], 0x7)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd1, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}}, 0x10)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000000c0)="06e805e6395a6c66a6996be0265cd970a5158a659cf2852fad57cf022e57839880a1250ad46810f49a3c91ff7f000000000000883fe20a85b685c5228b03dc7d02fa9635737721d3cb860235aa911818452364db46a67005f839eeb7db6bdf0901de2fe74002896fc2a0fbb859a3654f467c669dd9bd3f858a577517079548ae867ed3a08e285e5ca909abd85b1e1e4c7f183f4f3bf0613032e8a8a4dba29c4ebbd5e2a1610f33096e9c319ba23103fe5f07", 0x48}]}, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x14, 0x21, 0x9, 0x2, 0x25dfdbff, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
writev(r4, &(0x7f0000000040), 0x2)
read$FUSE(r0, 0x0, 0x0)

10.33557405s ago: executing program 0 (id=1058):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
r2 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
memfd_secret(0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f00000000c0)=0x17)
read$dsp(r2, &(0x7f0000000100)=""/134, 0x86)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000400)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x4, @loopback, 0x5}, {0xa, 0x4e20, 0x3, @mcast2, 0x7ff}, r1, 0x8d4}}, 0x48)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000000)={0x7, 0x8, 0xfa00, {r1, 0x4}}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB="05000000030000000080000008"], 0x50)
close(0x3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRES32=r2], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r4}, 0x38)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000780)={r3, &(0x7f00000006c0), 0xf0107ff0780000}, 0x20)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r5, 0x0)
unshare(0x24060400)
r6 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000140)={0x84, @rand_addr=0x64010105, 0x4e22, 0x3, 'lblcr\x00', 0x0, 0x80005, 0x6f}, 0x2c)
fcntl$setstatus(r2, 0x4, 0x800)

9.746391521s ago: executing program 0 (id=1060):
r0 = socket$netlink(0x10, 0x3, 0x2)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xe0}, 0x9, 0x0, 0x0, 0x4000000}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xffff}, 0x50)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000100000000000000801800009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x94)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1a, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8792}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x3a, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1, r3, 0x0, 0x0, 0x0, 0x10, 0x4a6}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101040)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000200000040b804020240000102030109021b0001017e4045090400000007010000090501020000000000"], 0x0)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x480801, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000100)={'ip6gre0\x00', <r6=>0x0, 0x2f, 0x9, 0x0, 0x10001, 0x40, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, 0x80, 0x20, 0x4, 0x3}})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r5, r6, 0x25, 0x8, @void}, 0x10)

8.273672314s ago: executing program 0 (id=1067):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x800, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x104, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3, 0x0, 0x0, 0x7}, {{@in6=@mcast2, 0x0, 0x3c}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x1}]}]}, 0x1bc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x800, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x104, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3, 0x0, 0x0, 0x7}, {{@in6=@mcast2, 0x0, 0x3c}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x1}]}]}, 0x1bc}}, 0x0) (async)

8.035157431s ago: executing program 0 (id=1069):
r0 = socket$kcm(0x10, 0x2, 0x4)
r1 = socket$inet6(0xa, 0x802, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(0x0, 0x5, 0x0, 0x0, 0x0, 0xb0024000)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000038000102010100000000000000002a000006"], 0x14}}, 0x20008000)
r6 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9\rw2/\x02\x00\x00\x00\x00\x00\x00\x00\x00\xfc\f@\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\x8f\xd8\xdf\x91\xfbz\x94/\xd0\x00\x00\x00\x00;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xb6\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\xdb\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8\xd6@\xb5\x81j\xd3\xf2Gih\xa5%(\xc5#\x00z8\xe2\xd2}\xf5\xe4\x9f5\x9b\x01\x00'/150, 0x1)
fsetxattr$security_ima(r6, &(0x7f0000000080), &(0x7f0000001240)=ANY=[@ANYBLOB="0302c5"], 0xa, 0x0)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000002940), 0x40000000000017d, 0x888)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000001c0)='vegas', 0x5)
getsockopt$IP_SET_OP_VERSION(r7, 0x1, 0x53, &(0x7f0000000000), &(0x7f0000000180)=0x8)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030005000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b31007a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947e", 0x75}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x4000000)

3.749431156s ago: executing program 0 (id=1072):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100))
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x4, &(0x7f0000002500)=""/4105, 0x0, 0x68}, 0x94)

1.912356473s ago: executing program 0 (id=1075):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x88002, 0x0)
ioctl$TIOCEXCL(r0, 0x540c)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010c30000000003000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608000000000000180000000000000000000000000010009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)

813.328186ms ago: executing program 1 (id=1081):
r0 = getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x8000000000001, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000140)=0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
rt_sigsuspend(&(0x7f0000000100)={[0x2]}, 0x8)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_emit_ethernet(0x6e, &(0x7f0000000040)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x4, 0x6, 0x0, 0x0, '\x00', {0x0, 0x6, "277382", 0x0, 0x2c, 0x0, @dev={0xfe, 0x80, '\x00', 0x13}, @loopback, [@dstopts={0x2c}]}}}}}}}, 0x0)
connect$bt_sco(r4, &(0x7f0000000200)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0xaa}}, 0x8)

641.98489ms ago: executing program 1 (id=1082):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = getpgrp(0x0)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x51, 0xc8}}}, 0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x5)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000440)={0x0, 0x3}, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x800000000002, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r5, &(0x7f0000000580)=ANY=[@ANYBLOB="1300000002"], 0x8)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x1008002, &(0x7f0000000d00)={[{@grpjquota}]}, 0x3, 0x5ee, &(0x7f0000000280)="$eJzs3c1vVFUbAPDnTj9oKXk7kDcqLqSJMZAoLS1gGuMCtoY0+BE3urDSgkiBhtZo0YSS4MbEuDHGxJUL8b9QIltWunLhxpUhIWpYmjjmztxbOu1Mv2jnEu7vlwxz7zlze86lfeace+acOwGU1lD6TyVif0TMJhGDyeJSXndkmUON193/+5Mz6SOJWu31P5NIsrT89Un2PJAd3BcRP/+UxL6u1eXOLVy9MDkzM30l2x+Zvzg7Mrdw9fD5i5Pnps9NXxp7cWz8+LHj46NHtnRe11qknbrx/oeDn0289d03/ySj3/82kcSJeCV74fLz2C5DMVT/P0lWZw2Mb3dhBenK/k5qtVotT0u6i60TG5f//noi4skYjK548MsbjE9fLbRywI6qJY33bqCMEvEPJZX3A/Jr+5XXwZVCeiVAJ9w72RgAWB3/3Y2xweirjw3svp/E8mGdJCK2NjLXbE9E3Lk9cePs7YkbsUPjcEBri9cj4qlW8Z/U478afVGtx3+lKf7TfsHp7DlNf22L5a8cKhb/0DmN+O9bM/6jTfy/kz5fa8Twu1ssv/pg873+pvjv3+opAQAAAAAAQGndOhkRL7T6/L+yNP8nWsz/GYiIE9tQ/tCK/dWf/1fubkMxQAv3Tka83HL+byWf/VvtWraEtRo9ydnzM9NHIuJ/EXEoenal+6NrlHH4831ft8sbyub/5Y+0/DvZXMCsHne7dzUfMzU5P/kQpwxk7l2PeLrl/N9kqf1PWrT/6TvD7AbL2PfczdPt8taPf2Cn1L6NONiy/X9w14pk7ftzjNT7AyN5r2C1Zz7+4od25W81/t1iAh5e2v7vXjv+q8ny+/XMbb6MowvdtXZ5W+3/9yZv1O8q1JulfTQ5P39lNKI3OdWVpjalj22+zvA4yuMhj5c0/g89u/b4X6v+f39ELK742clfzWuKc0/8O/B7u/ro/0Nx0vif2lT7v/mNsZvVH9uVv7H2/1i9rT+UpRj/g4av8jDtbU5vEY7drbI6XV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBxUImJPJJXhpe1KZXg4YiAi/h+7KzOX5+afP3v5g0tTaV79+/8r+Tf9Djb2k/z7/6vL9sdW7B+NiL0R8WVXf31/+MzlmamiTx4AAAAAAAAAAAAAAAAAAAAeEQNt1v+n/ugqunbAjusuugJAYVrE/y9F1APoPO0/lJf4h/IS/1Be4h/KS/xDea0d/2+Pd6wiQMdp/6G8xD8AAAAAADxW9h649WsSEYsv9dcfqd4sr6fQmgE7rVJ0BYDCuMUPlJepP1BervGBZJ38vrYHrXfkWmbPPMTBAAAAAAAAAAAAAFA6B/db/w9lZf0/lJf1/1Be+fr/AwXXA+g81/hArLOSv+X6/3WPAgAAAAAAAAAAAAC209zC1QuTMzPTV2y8+WhUo5MbtVrtWvpX8KjUZ/s3kmyGekcKzafCd/5Mezdygvlav4395OLekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGb/BQAA//8wviV5")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
socket$nl_route(0x10, 0x3, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)

533.809169ms ago: executing program 1 (id=1083):
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2000)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r3, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x1e1730a30afb6559, 0x8014)
connect$llc(r3, &(0x7f00000000c0)={0x1a, 0x321, 0x40, 0x6, 0x81, 0x3, @random="3050e9ae9a3c"}, 0x10)
r4 = socket$kcm(0x2, 0x3, 0x2)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r6=>0x0})
sendmsg$inet(r4, &(0x7f0000000000)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=r6, @ANYBLOB="ac141410e000000100d53ea1cc44d4ea73d68a36000000100000e800bdc645dc569cd130351423567287b402f655ce0758175de852daec06833dabc53b38f10e600f1701ca1b05ebf0a4c2414369dfbc86a15796cc9b455d87c4bbd40d122990a280c7bb5334bf9ac2474c12d6270110fe1b532c4fd1a830d098b5f0f3d6"], 0x30}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff3000/0x6000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20)
r7 = io_uring_setup(0x100007f6, &(0x7f0000000040)={0x0, 0xc8e3, 0xfc00, 0xa, 0x1b9})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x300, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1, 0x4}, {0xfff1, 0xfff3}, {0xe, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x20040000)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r7, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_usb_connect(0x5, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12015002d48b86105e0468049cb20102030109022400010340207f09044a0102b5efe4090905c302000201010809050d020800fc400945be825ea3b80d7587771b1cf97191c256bfdc4b032c1943d5bc8fed3aeb32b0507fc4fab21a215d83639df56977a0bc5735503ef242562fe345c15f94c86bb55246e8400586e4583f10b7aed4838e940122fd4bb53cbf6699fb4277"], &(0x7f0000002500)={0x0, 0x0, 0x0, 0x0})

343.959866ms ago: executing program 1 (id=1084):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000000c0)=0x9, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @loopback, 0xbf}, 0x1c)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r5, 0x6, 0x21, &(0x7f00000001c0)="0c463471a2c906bdea29e9fbdae9c0ae", 0x20)

282.418338ms ago: executing program 1 (id=1085):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan4\x00'})
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, 0x0) (async)
syz_emit_ethernet(0x2a, &(0x7f00000002c0)={@local, @random, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3e, 0x1c, 0x0, 0x2, 0x2, 0x11, 0x0, @empty, @empty}, {0x4ea3, 0x0, 0x8}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000180)={@broadcast, @random="67eaa8fce250", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0x0, 0x24, 0x0, 0xe024, 0x3, 0x11, 0x0, @empty, @empty}, {0x4, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0x42}}}}}}}, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file2\x00', 0x0, &(0x7f0000002cc0)={[{@gid}, {@barrier}, {@nls={'nls', 0x3d, 'cp936'}}, {@gid}, {@type={'type', 0x3d, "e481e91c"}}, {@gid}, {@nobarrier}, {@nobarrier}]}, 0xfe, 0x5e5, &(0x7f0000000680)="$eJzs3UFvHGcZB/D/bGLHDlK6SZOmICSscgA1IrG9kQkSElAKslCFKnHp1Uo2tZVNGtlb5PYAAXFuv0I5mDMHTihIOXDmKxj1iODum9HMzno3ydZZJ8a7Cb+fNPs+s+/MO8/7aHYys1a0Af5vrX6QmUfzyeqV97bL9d2dVmd3p3W3Hyc5k6SRzCUpyrf/kuTL5EF6S77e7xhqn1J8vnpz/eFnl3trc/VSbV8ctt94DnJp9nKt2uMab/mFxxvMcCHJhbqFidvv++fI7hf8XAIA06xITo16v5mcrW/Wy+eA3l1x7x77pfZg0gkAAADACXhtL3vZzrlJ5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvk/r3/4t6afTjhRT93/+frd9LHb/UHk06AQAAAAAAAAA4Bt/ay162c66/vl9Uf/N/q1q5WL1+LR9nK+1s5mq2s5ZuutnMUpLm0ECz22vd7ubSGHsuj9xz+WTmCwAAAAAAAACvqN9ndfD3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmAZFcqrXVMvFftxM43SSuSSz5XYPkof9+GX2aNIJAAAAwAl4bS972c65/vp+UT3zv1E998/l49xLNxvpppN2blXfBfSe+hu7O63O7k7rbrk8Pe5P/nOkNKoR0/vuYfSRF6stLh3ssZqf51e5koW8n81s5NdZSzftLOTdKlpLkWb97UWzn+fofH/82Nr7z8r1zSqT+dzORpXb1dzMR+nkVhrVHKptDj/i78rqFD+qjVmjW3VbzugXdTsdmlVFZg4qsljXvqzG+cMrccTz5MkjLaVx8B3UxeOr+Zl+cLZuy1q/O801n1keOvveOLwSyeLyv++vd+7dWb+9dWV6pvScnjwnWkOVuHzkSuzv7//2xKdwTGbravSuoke7Wr5V7XsuG/llPsqttHMji7mRlVxPKyv5QVaG6nppjM9a42jXt29/tw5mkvysbqdDWdfzQ3UdvtI1q77hdwZVunD8/wqc/kYdlCfrO1N3RTr/xLW5X4nXD6/EH/fL163OvTub62v3xzzed+q2rMBPn68Sp4++yzjK8+XCwfCPnx1l3+sj+5aqvosHfY2n+i4d9D3rkzpb38M9PdJy1Xd5ZF+r6ntzqG/UXQ4AU+/s22dn5/81/4/5L+b/ML8+/97cO2dunPnmbGb+fvqvp/7c+FPjh8Xb+SK/GTz/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz2/rk0/vrHU67U2BYPLBXJJxN+7/7tOkc35FgwlfmID/uWvdu/evbX3y6fc27q592P6wfe/60sry9euLK9+/ce32Rqe92HuddJoAwDEa3PRPOhMAAAAAAAAAAAAAAOCrnMR/J570HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFfb6geZeZQiS4tXF8v13Z1Wp1z68WDLuSRFGfwtyZfJg/SWNIeGK77qOMXnqzfXH352eTDWXH/74rD9xvNYLo0ncnrR8ZZfeLzBDBeSXKhbmLj/BgAA//9gDAG4")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2b1245d, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) (async, rerun: 64)
mount$bind(0x0, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x12d091, 0x0) (async, rerun: 64)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000001a40)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0xee, 0x20, 0x7, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x0, 0xa5, 0x5}, {0x6, 0x24, 0x1a, 0x4, 0x7}}, {{0x9, 0x5, 0x81, 0x3, 0x7f7, 0x7, 0x3, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x7, 0x6b, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x8, 0xf, 0xf}}}}}}}]}}, &(0x7f0000001f80)={0x0, 0x0, 0x25, &(0x7f0000001b00)={0x5, 0xf, 0x25, 0x2, [@generic={0x14, 0x10, 0x4, "01b7eea3f4deb7904b42543fb4ea3c2e84"}, @ssp_cap={0xc, 0x10, 0xa, 0x2, 0x0, 0xfff, 0x7800, 0x6}]}, 0x1, [{0x0, 0x0}]}) (async)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x20008030) (async)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_STOP_AP(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)=ANY=[@ANYBLOB="14000000", @ANYBLOB="544bb7"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x44800) (async)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000d88000/0x1000)=nil, &(0x7f00007f2000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24058041) (async)
r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x2, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x1c, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) (async)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x22}}, 0x6}, 0x1c) (async)
connect$inet6(r4, &(0x7f0000000280)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x9}, 0x1c)
read$FUSE(r1, &(0x7f0000001fc0)={0x2020}, 0x2020)

0s ago: executing program 1 (id=1086):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xb8, 0x1, 0x2, 0x101, 0x0, 0x0, {0x3}, [@CTA_EXPECT_FN={0xa, 0xb, 'Q.931\x00'}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x2}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x2}, @CTA_EXPECT_NAT={0x20, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0xc, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x2}, @CTA_EXPECT_MASTER={0x58, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x8080}, 0x240040c0)
sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="6802000001050101000000000000000000000008540201"], 0x268}, 0x1, 0x0, 0x0, 0x40000}, 0x18)

kernel console output (not intermixed with test programs):

2, using maximum allowed: 32
[  781.331770][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  781.331787][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  781.331807][    T9] usb 2-1: config 1 has no interface number 0
[  781.331846][    T9] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  781.331866][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  781.559296][    T9] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  781.723313][    T9] snd_usb_pod 2-1:1.1: endpoint not available, using fallback values
[  781.723746][    T9] snd_usb_pod 2-1:1.1: invalid control EP
[  781.723764][    T9] snd_usb_pod 2-1:1.1: cannot start listening: -22
[  781.724073][    T9] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  781.724670][    T9] snd_usb_pod 2-1:1.1: probe with driver snd_usb_pod failed with error -22
[  781.729511][ T9076] bridge0: port 1(bridge_slave_0) entered blocking state
[  781.780562][ T9076] bridge0: port 1(bridge_slave_0) entered disabled state
[  781.781326][ T9076] bridge_slave_0: entered allmulticast mode
[  781.797098][ T9076] bridge_slave_0: entered promiscuous mode
[  781.833835][ T9076] bridge0: port 2(bridge_slave_1) entered blocking state
[  781.834234][ T9076] bridge0: port 2(bridge_slave_1) entered disabled state
[  781.837985][ T9076] bridge_slave_1: entered allmulticast mode
[  781.866029][ T9076] bridge_slave_1: entered promiscuous mode
[  781.950036][ T9159] fuse: Unknown parameter '0x0000000000000005'
[  782.146872][ T5618] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  782.179252][ T5618] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  782.193655][ T5618] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  782.195720][ T5618] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  782.196701][ T5618] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  782.615928][ T9076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  782.793827][ T9076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  783.210733][ T9076] team0: Port device team_slave_0 added
[  783.286107][ T9076] team0: Port device team_slave_1 added
[  783.557367][ T5618] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  783.610322][ T5618] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  783.616791][ T5618] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  783.653858][ T5618] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  783.654760][ T5618] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  783.841741][   T32] usb 2-1: USB disconnect, device number 13
[  784.035994][ T7359] bridge_slave_1: left allmulticast mode
[  784.036034][ T7359] bridge_slave_1: left promiscuous mode
[  784.036340][ T7359] bridge0: port 2(bridge_slave_1) entered disabled state
[  784.240014][ T7359] bridge_slave_0: left allmulticast mode
[  784.240042][ T7359] bridge_slave_0: left promiscuous mode
[  784.240242][ T7359] bridge0: port 1(bridge_slave_0) entered disabled state
[  784.439963][ T5625] Bluetooth: hci3: command tx timeout
[  784.503690][ T7359] bridge_slave_1: left allmulticast mode
[  784.503719][ T7359] bridge_slave_1: left promiscuous mode
[  784.503938][ T7359] bridge0: port 2(bridge_slave_1) entered disabled state
[  786.084641][ T5625] Bluetooth: hci4: command tx timeout
[  786.187208][ T7359] bridge_slave_0: left allmulticast mode
[  786.187250][ T7359] bridge_slave_0: left promiscuous mode
[  786.187555][ T7359] bridge0: port 1(bridge_slave_0) entered disabled state
[  786.519708][ T5618] Bluetooth: hci3: command tx timeout
[  787.075160][ T7359] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  787.210787][ T7359] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  787.376833][ T7359] bond0 (unregistering): Released all slaves
[  788.031886][ T7359] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  788.119844][ T5618] Bluetooth: hci4: command tx timeout
[  788.221912][ T7359] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  788.341942][ T7359] bond0 (unregistering): Released all slaves
[  788.401174][ T9076] batman_adv: batadv0: Adding interface: batadv_slave_0
[  788.401193][ T9076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  788.401230][ T9076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  788.601732][ T5618] Bluetooth: hci3: command tx timeout
[  789.066912][ T9076] batman_adv: batadv0: Adding interface: batadv_slave_1
[  789.066927][ T9076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  789.066949][ T9076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  789.169995][   T32] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  789.321861][   T32] usb 2-1: Using ep0 maxpacket: 8
[  789.324409][   T32] usb 2-1: unable to get BOS descriptor or descriptor too short
[  789.326231][   T32] usb 2-1: config 64 has an invalid interface number: 239 but max is 0
[  789.326262][   T32] usb 2-1: config 64 has no interface number 0
[  789.328658][   T32] usb 2-1: New USB device found, idVendor=05ac, idProduct=0273, bcdDevice=c2.ab
[  789.328689][   T32] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.328713][   T32] usb 2-1: Product: syz
[  789.328729][   T32] usb 2-1: Manufacturer: syz
[  789.328743][   T32] usb 2-1: SerialNumber: syz
[  789.444887][ T7359] hsr_slave_0: left promiscuous mode
[  789.520015][ T9239] fuse: Unknown parameter '0x0000000000000005'
[  789.522568][ T7359] hsr_slave_1: left promiscuous mode
[  789.524036][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_0
[  789.561333][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_1
[  789.601623][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_0
[  789.641463][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_1
[  789.724168][ T9232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  789.724715][ T9232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  789.871278][   T32] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:64.239/input/input7
[  789.933215][ T4961] bcm5974 2-1:64.239: could not read from device
[  790.008456][   T32] usb 2-1: USB disconnect, device number 14
[  790.016713][ T4961] bcm5974 2-1:64.239: could not read from device
[  790.217715][ T5618] Bluetooth: hci4: command tx timeout
[  790.513827][ T9247] FAULT_INJECTION: forcing a failure.
[  790.513827][ T9247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  790.513858][ T9247] CPU: 0 UID: 0 PID: 9247 Comm: syz.1.584 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  790.513883][ T9247] Tainted: [L]=SOFTLOCKUP
[  790.513889][ T9247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  790.513899][ T9247] Call Trace:
[  790.513905][ T9247]  <TASK>
[  790.513912][ T9247]  dump_stack_lvl+0xe8/0x150
[  790.513939][ T9247]  should_fail_ex+0x46b/0x600
[  790.513964][ T9247]  _copy_from_user+0x2d/0xb0
[  790.513991][ T9247]  kstrtouint_from_user+0xd6/0x180
[  790.514015][ T9247]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  790.514049][ T9247]  proc_fail_nth_write+0x8e/0x210
[  790.514071][ T9247]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  790.514097][ T9247]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  790.514120][ T9247]  vfs_write+0x2a3/0xba0
[  790.514152][ T9247]  ? __pfx_vfs_write+0x10/0x10
[  790.514179][ T9247]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  790.514206][ T9247]  ? lockdep_hardirqs_on+0x7a/0x110
[  790.514221][ T9247]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  790.514248][ T9247]  ? mutex_lock_nested+0x152/0x1d0
[  790.514315][ T9247]  ? fdget_pos+0x252/0x320
[  790.514344][ T9247]  ksys_write+0x156/0x270
[  790.514371][ T9247]  ? __pfx_ksys_write+0x10/0x10
[  790.514402][ T9247]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.514419][ T9247]  do_syscall_64+0x174/0x580
[  790.514435][ T9247]  ? trace_irq_disable+0x3b/0x140
[  790.514455][ T9247]  ? clear_bhb_loop+0x40/0x90
[  790.514475][ T9247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.514491][ T9247] RIP: 0033:0x7f038a4ad68e
[  790.514514][ T9247] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  790.514528][ T9247] RSP: 002b:00007f0388724fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  790.514545][ T9247] RAX: ffffffffffffffda RBX: 00007f03887256c0 RCX: 00007f038a4ad68e
[  790.514556][ T9247] RDX: 0000000000000001 RSI: 00007f03887250a0 RDI: 0000000000000003
[  790.514566][ T9247] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  790.514576][ T9247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  790.514585][ T9247] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  790.514611][ T9247]  </TASK>
[  790.689797][ T5618] Bluetooth: hci3: command tx timeout
[  791.183968][ T7359] team0 (unregistering): Port device team_slave_1 removed
[  791.304624][ T7359] team0 (unregistering): Port device team_slave_0 removed
[  791.644716][ T9262] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.590'.
[  791.647855][ T9262] FAULT_INJECTION: forcing a failure.
[  791.647855][ T9262] name failslab, interval 1, probability 0, space 0, times 0
[  791.647883][ T9262] CPU: 0 UID: 0 PID: 9262 Comm: syz.1.590 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  791.647907][ T9262] Tainted: [L]=SOFTLOCKUP
[  791.647912][ T9262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  791.647922][ T9262] Call Trace:
[  791.647928][ T9262]  <TASK>
[  791.647934][ T9262]  dump_stack_lvl+0xe8/0x150
[  791.647958][ T9262]  should_fail_ex+0x46b/0x600
[  791.647982][ T9262]  should_failslab+0xa8/0x100
[  791.648015][ T9262]  kmem_cache_alloc_noprof+0x87/0x680
[  791.648036][ T9262]  ? skb_clone+0x212/0x3a0
[  791.648057][ T9262]  skb_clone+0x212/0x3a0
[  791.648077][ T9262]  __netlink_deliver_tap+0x424/0x8b0
[  791.648103][ T9262]  ? netlink_deliver_tap+0x2e/0x1b0
[  791.648121][ T9262]  netlink_deliver_tap+0x19c/0x1b0
[  791.648139][ T9262]  netlink_unicast+0x754/0x920
[  791.648171][ T9262]  netlink_sendmsg+0x813/0xb40
[  791.648195][ T9262]  ? __pfx_netlink_sendmsg+0x10/0x10
[  791.648214][ T9262]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  791.648242][ T9262]  ? aa_sock_msg_perm+0x122/0x200
[  791.648264][ T9262]  ? __pfx_netlink_sendmsg+0x10/0x10
[  791.648281][ T9262]  sock_sendmsg_nosec+0x13a/0x180
[  791.648304][ T9262]  sock_write_iter+0x308/0x410
[  791.648325][ T9262]  ? __pfx_sock_write_iter+0x10/0x10
[  791.648361][ T9262]  do_iter_readv_writev+0x62b/0x8d0
[  791.648380][ T9262]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  791.648403][ T9262]  ? rw_verify_area+0x25b/0x4e0
[  791.648429][ T9262]  vfs_writev+0x345/0x9a0
[  791.648455][ T9262]  ? __pfx_vfs_writev+0x10/0x10
[  791.648485][ T9262]  ? __fget_files+0x2a/0x420
[  791.648512][ T9262]  ? __fget_files+0x3a6/0x420
[  791.648532][ T9262]  ? __fget_files+0x2a/0x420
[  791.648559][ T9262]  do_writev+0x15a/0x2e0
[  791.648580][ T9262]  ? __pfx_do_writev+0x10/0x10
[  791.648604][ T9262]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.648622][ T9262]  do_syscall_64+0x174/0x580
[  791.648638][ T9262]  ? trace_irq_disable+0x3b/0x140
[  791.648659][ T9262]  ? clear_bhb_loop+0x40/0x90
[  791.648679][ T9262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.648695][ T9262] RIP: 0033:0x7f038a4ece59
[  791.648710][ T9262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  791.648724][ T9262] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  791.648741][ T9262] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  791.648753][ T9262] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000006
[  791.648764][ T9262] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  791.648776][ T9262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  791.648786][ T9262] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  791.648814][ T9262]  </TASK>
[  791.648860][ T9262] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.590'.
[  792.333330][ T5618] Bluetooth: hci4: command tx timeout
[  792.536411][ T7359] team0 (unregistering): Port device team_slave_1 removed
[  792.611945][ T7359] team0 (unregistering): Port device team_slave_0 removed
[  795.215111][ T9076] hsr_slave_0: entered promiscuous mode
[  795.217759][ T9076] hsr_slave_1: entered promiscuous mode
[  795.228161][ T9076] debugfs: 'hsr0' already exists in 'hsr'
[  795.228243][ T9076] Cannot create hsr debugfs directory
[  795.882555][ T8246] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  796.050454][ T8246] usb 2-1: Using ep0 maxpacket: 8
[  796.052493][ T8246] usb 2-1: too many endpoints for config 0 interface 0 altsetting 8: 253, using maximum allowed: 30
[  796.052546][ T8246] usb 2-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  796.052567][ T8246] usb 2-1: config 0 interface 0 has no altsetting 0
[  796.052598][ T8246] usb 2-1: New USB device found, idVendor=172f, idProduct=0502, bcdDevice= 0.00
[  796.052615][ T8246] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.114039][ T8246] usb 2-1: config 0 descriptor??
[  796.392114][ T8246] usbhid 2-1:0.0: can't add hid device: -71
[  796.392206][ T8246] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  796.429199][ T8246] usb 2-1: USB disconnect, device number 15
[  797.381850][ T9316] cgroup: Name too long
[  800.188489][ T9160] bridge0: port 1(bridge_slave_0) entered blocking state
[  800.188925][ T9160] bridge0: port 1(bridge_slave_0) entered disabled state
[  800.189278][ T9160] bridge_slave_0: entered allmulticast mode
[  800.235756][ T9160] bridge_slave_0: entered promiscuous mode
[  800.273345][ T9160] bridge0: port 2(bridge_slave_1) entered blocking state
[  800.273716][ T9160] bridge0: port 2(bridge_slave_1) entered disabled state
[  800.274046][ T9160] bridge_slave_1: entered allmulticast mode
[  800.302177][ T9160] bridge_slave_1: entered promiscuous mode
[  800.855163][ T9174] bridge0: port 1(bridge_slave_0) entered blocking state
[  800.855602][ T9174] bridge0: port 1(bridge_slave_0) entered disabled state
[  800.855952][ T9174] bridge_slave_0: entered allmulticast mode
[  800.882625][ T9174] bridge_slave_0: entered promiscuous mode
[  800.917133][ T9160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  802.223293][ T9370] FAULT_INJECTION: forcing a failure.
[  802.223293][ T9370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  802.223337][ T9370] CPU: 0 UID: 0 PID: 9370 Comm: syz.1.628 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  802.223368][ T9370] Tainted: [L]=SOFTLOCKUP
[  802.223376][ T9370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  802.223390][ T9370] Call Trace:
[  802.223398][ T9370]  <TASK>
[  802.223408][ T9370]  dump_stack_lvl+0xe8/0x150
[  802.223443][ T9370]  should_fail_ex+0x46b/0x600
[  802.223478][ T9370]  _copy_to_user+0x31/0xb0
[  802.223515][ T9370]  drm_ioctl+0x6e0/0xb80
[  802.223546][ T9370]  ? __pfx_drm_mode_getconnector+0x10/0x10
[  802.223574][ T9370]  ? __pfx_drm_ioctl+0x10/0x10
[  802.223620][ T9370]  ? __fget_files+0x2a/0x420
[  802.223663][ T9370]  ? bpf_lsm_file_ioctl+0x9/0x20
[  802.223686][ T9370]  ? __pfx_drm_ioctl+0x10/0x10
[  802.223714][ T9370]  __se_sys_ioctl+0xff/0x170
[  802.223733][ T9370]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.223750][ T9370]  do_syscall_64+0x174/0x580
[  802.223766][ T9370]  ? trace_irq_disable+0x3b/0x140
[  802.223787][ T9370]  ? clear_bhb_loop+0x40/0x90
[  802.223806][ T9370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.223822][ T9370] RIP: 0033:0x7f038a4ece59
[  802.223838][ T9370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  802.223852][ T9370] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  802.223869][ T9370] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  802.223881][ T9370] RDX: 0000200000000900 RSI: 00000000c05064a7 RDI: 0000000000000003
[  802.223891][ T9370] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  802.223901][ T9370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.223911][ T9370] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  802.223947][ T9370]  </TASK>
[  803.162731][ T9174] bridge0: port 2(bridge_slave_1) entered blocking state
[  803.163117][ T9174] bridge0: port 2(bridge_slave_1) entered disabled state
[  803.163501][ T9174] bridge_slave_1: entered allmulticast mode
[  803.190999][ T9174] bridge_slave_1: entered promiscuous mode
[  803.245678][ T9160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  803.623591][ T9381] FAULT_INJECTION: forcing a failure.
[  803.623591][ T9381] name failslab, interval 1, probability 0, space 0, times 0
[  803.623627][ T9381] CPU: 1 UID: 0 PID: 9381 Comm: syz.1.633 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  803.623653][ T9381] Tainted: [L]=SOFTLOCKUP
[  803.623659][ T9381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  803.623669][ T9381] Call Trace:
[  803.623676][ T9381]  <TASK>
[  803.623683][ T9381]  dump_stack_lvl+0xe8/0x150
[  803.623712][ T9381]  should_fail_ex+0x46b/0x600
[  803.623738][ T9381]  should_failslab+0xa8/0x100
[  803.623766][ T9381]  __kmalloc_noprof+0xdf/0x7b0
[  803.623790][ T9381]  ? tomoyo_encode+0x28b/0x550
[  803.623819][ T9381]  tomoyo_encode+0x28b/0x550
[  803.623848][ T9381]  tomoyo_realpath_from_path+0x58d/0x5d0
[  803.623882][ T9381]  ? tomoyo_path_number_perm+0x219/0x630
[  803.623904][ T9381]  tomoyo_path_number_perm+0x246/0x630
[  803.623937][ T9381]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  803.623958][ T9381]  ? __lock_acquire+0x6b5/0x2d10
[  803.623984][ T9381]  ? do_raw_spin_lock+0x12b/0x2f0
[  803.624030][ T9381]  ? __fget_files+0x2a/0x420
[  803.624057][ T9381]  ? __fget_files+0x2a/0x420
[  803.624079][ T9381]  ? __fget_files+0x3a6/0x420
[  803.624101][ T9381]  ? __fget_files+0x2a/0x420
[  803.624127][ T9381]  security_file_ioctl+0xc3/0x2a0
[  803.624152][ T9381]  __se_sys_ioctl+0x47/0x170
[  803.624170][ T9381]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.624190][ T9381]  do_syscall_64+0x174/0x580
[  803.624208][ T9381]  ? trace_irq_disable+0x3b/0x140
[  803.624231][ T9381]  ? clear_bhb_loop+0x40/0x90
[  803.624264][ T9381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.624283][ T9381] RIP: 0033:0x7f038a4ece59
[  803.624301][ T9381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  803.624317][ T9381] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  803.624337][ T9381] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  803.624351][ T9381] RDX: 0000200000000740 RSI: 00000000c0189436 RDI: 0000000000000003
[  803.624363][ T9381] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  803.624374][ T9381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.624385][ T9381] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  803.624414][ T9381]  </TASK>
[  803.636247][ T9381] ERROR: Out of memory at tomoyo_realpath_from_path.
[  803.864810][ T9076] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  804.120527][ T9076] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  804.319403][ T9174] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  804.352690][ T9160] team0: Port device team_slave_0 added
[  804.353118][ T9076] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  804.434131][ T9076] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  804.488526][ T9385] capability: warning: `syz.0.629' uses deprecated v2 capabilities in a way that may be insecure
[  804.522641][ T9174] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  804.536977][ T9160] team0: Port device team_slave_1 added
[  804.539678][ T9076] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  804.562221][ T9393] FAULT_INJECTION: forcing a failure.
[  804.562221][ T9393] name failslab, interval 1, probability 0, space 0, times 0
[  804.562267][ T9393] CPU: 0 UID: 0 PID: 9393 Comm: syz.1.637 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  804.562366][ T9393] Tainted: [L]=SOFTLOCKUP
[  804.562405][ T9393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  804.562420][ T9393] Call Trace:
[  804.562430][ T9393]  <TASK>
[  804.562440][ T9393]  dump_stack_lvl+0xe8/0x150
[  804.562476][ T9393]  should_fail_ex+0x46b/0x600
[  804.562511][ T9393]  should_failslab+0xa8/0x100
[  804.562546][ T9393]  kmem_cache_alloc_noprof+0x87/0x680
[  804.562576][ T9393]  ? skb_clone+0x212/0x3a0
[  804.562606][ T9393]  skb_clone+0x212/0x3a0
[  804.562635][ T9393]  __netlink_deliver_tap+0x424/0x8b0
[  804.562672][ T9393]  ? netlink_deliver_tap+0x2e/0x1b0
[  804.562699][ T9393]  netlink_deliver_tap+0x19c/0x1b0
[  804.562725][ T9393]  netlink_unicast+0x754/0x920
[  804.562782][ T9393]  netlink_sendmsg+0x813/0xb40
[  804.562935][ T9393]  ? __pfx_netlink_sendmsg+0x10/0x10
[  804.562985][ T9393]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  804.563025][ T9393]  ? aa_sock_msg_perm+0x122/0x200
[  804.563056][ T9393]  ? __pfx_netlink_sendmsg+0x10/0x10
[  804.563085][ T9393]  sock_sendmsg_nosec+0x13a/0x180
[  804.563149][ T9393]  ____sys_sendmsg+0x55c/0x870
[  804.563180][ T9393]  ? __pfx_____sys_sendmsg+0x10/0x10
[  804.563214][ T9393]  ? import_iovec+0x73/0xa0
[  804.563252][ T9393]  ___sys_sendmsg+0x2a5/0x360
[  804.563274][ T9393]  ? __lock_acquire+0x6b5/0x2d10
[  804.563309][ T9393]  ? __pfx____sys_sendmsg+0x10/0x10
[  804.563371][ T9393]  ? __fget_files+0x2a/0x420
[  804.563400][ T9393]  ? __fget_files+0x3a6/0x420
[  804.563442][ T9393]  __x64_sys_sendmsg+0x1c3/0x2a0
[  804.563471][ T9393]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  804.563506][ T9393]  ? __pfx_ksys_write+0x10/0x10
[  804.563553][ T9393]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.563580][ T9393]  do_syscall_64+0x174/0x580
[  804.563602][ T9393]  ? trace_irq_disable+0x3b/0x140
[  804.563629][ T9393]  ? clear_bhb_loop+0x40/0x90
[  804.563654][ T9393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.563677][ T9393] RIP: 0033:0x7f038a4ece59
[  804.563707][ T9393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  804.563732][ T9393] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  804.563756][ T9393] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  804.563773][ T9393] RDX: 0000000000000040 RSI: 0000200000000440 RDI: 0000000000000003
[  804.563787][ T9393] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  804.563801][ T9393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  804.563814][ T9393] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  804.563849][ T9393]  </TASK>
[  804.870309][ T9076] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  804.954039][ T9076] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  804.996953][ T9076] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  805.188548][ T9174] team0: Port device team_slave_0 added
[  805.208326][ T9160] batman_adv: batadv0: Adding interface: batadv_slave_0
[  805.208343][ T9160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  805.208369][ T9160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  805.334957][ T9174] team0: Port device team_slave_1 added
[  805.337676][ T9160] batman_adv: batadv0: Adding interface: batadv_slave_1
[  805.337695][ T9160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  805.337740][ T9160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  805.735958][ T9419] FAULT_INJECTION: forcing a failure.
[  805.735958][ T9419] name failslab, interval 1, probability 0, space 0, times 0
[  805.735996][ T9419] CPU: 0 UID: 0 PID: 9419 Comm: syz.1.645 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  805.736019][ T9419] Tainted: [L]=SOFTLOCKUP
[  805.736025][ T9419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  805.736035][ T9419] Call Trace:
[  805.736042][ T9419]  <TASK>
[  805.736049][ T9419]  dump_stack_lvl+0xe8/0x150
[  805.736076][ T9419]  should_fail_ex+0x46b/0x600
[  805.736100][ T9419]  should_failslab+0xa8/0x100
[  805.736126][ T9419]  __kmalloc_noprof+0xdf/0x7b0
[  805.736148][ T9419]  ? bpf_test_init+0x9f/0x150
[  805.736169][ T9419]  bpf_test_init+0x9f/0x150
[  805.736189][ T9419]  bpf_prog_test_run_flow_dissector+0x209/0x610
[  805.736217][ T9419]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[  805.736238][ T9419]  ? __fget_files+0x2a/0x420
[  805.736262][ T9419]  ? __fget_files+0x2a/0x420
[  805.736282][ T9419]  ? __fget_files+0x3a6/0x420
[  805.736302][ T9419]  ? __fget_files+0x2a/0x420
[  805.736326][ T9419]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[  805.736346][ T9419]  bpf_prog_test_run+0x2cd/0x340
[  805.736372][ T9419]  __sys_bpf+0xa20/0xd90
[  805.736399][ T9419]  ? __pfx___sys_bpf+0x10/0x10
[  805.736426][ T9419]  ? lockdep_hardirqs_on+0x7a/0x110
[  805.736442][ T9419]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  805.736482][ T9419]  ? ksys_write+0x248/0x270
[  805.736512][ T9419]  ? __pfx_ksys_write+0x10/0x10
[  805.736539][ T9419]  __x64_sys_bpf+0xba/0xd0
[  805.736557][ T9419]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.736575][ T9419]  do_syscall_64+0x174/0x580
[  805.736589][ T9419]  ? trace_irq_disable+0x3b/0x140
[  805.736609][ T9419]  ? clear_bhb_loop+0x40/0x90
[  805.736628][ T9419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.736643][ T9419] RIP: 0033:0x7f038a4ece59
[  805.736658][ T9419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  805.736672][ T9419] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  805.736688][ T9419] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  805.736701][ T9419] RDX: 000000000000004c RSI: 0000200000000640 RDI: 000000000000000a
[  805.736711][ T9419] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  805.736721][ T9419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  805.736731][ T9419] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  805.736755][ T9419]  </TASK>
[  806.106468][ T9421] program syz.1.646 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  806.106509][ T9421] FAULT_INJECTION: forcing a failure.
[  806.106509][ T9421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  806.106534][ T9421] CPU: 1 UID: 0 PID: 9421 Comm: syz.1.646 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  806.106564][ T9421] Tainted: [L]=SOFTLOCKUP
[  806.106570][ T9421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  806.106580][ T9421] Call Trace:
[  806.106586][ T9421]  <TASK>
[  806.106592][ T9421]  dump_stack_lvl+0xe8/0x150
[  806.106619][ T9421]  should_fail_ex+0x46b/0x600
[  806.106643][ T9421]  _copy_from_user+0x2d/0xb0
[  806.106670][ T9421]  scsi_ioctl+0x189a/0x2190
[  806.106693][ T9421]  ? __pfx_scsi_ioctl+0x10/0x10
[  806.106735][ T9421]  ? kasan_quarantine_put+0xbb/0x1f0
[  806.106762][ T9421]  ? tomoyo_path_number_perm+0x219/0x630
[  806.106782][ T9421]  ? tomoyo_path_number_perm+0x219/0x630
[  806.106803][ T9421]  ? do_vfs_ioctl+0x117b/0x1540
[  806.106821][ T9421]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  806.106857][ T9421]  sg_ioctl+0x1600/0x21a0
[  806.106881][ T9421]  ? __pfx_sg_ioctl+0x10/0x10
[  806.106898][ T9421]  ? __fget_files+0x2a/0x420
[  806.106921][ T9421]  ? __fget_files+0x2a/0x420
[  806.106941][ T9421]  ? __fget_files+0x3a6/0x420
[  806.106961][ T9421]  ? __fget_files+0x2a/0x420
[  806.106984][ T9421]  ? bpf_lsm_file_ioctl+0x9/0x20
[  806.107000][ T9421]  ? __pfx_sg_ioctl+0x10/0x10
[  806.107016][ T9421]  __se_sys_ioctl+0xff/0x170
[  806.107031][ T9421]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.107052][ T9421]  do_syscall_64+0x174/0x580
[  806.107072][ T9421]  ? clear_bhb_loop+0x40/0x90
[  806.107091][ T9421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.107106][ T9421] RIP: 0033:0x7f038a4ece59
[  806.107121][ T9421] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  806.107135][ T9421] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  806.107152][ T9421] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  806.107164][ T9421] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000000000000003
[  806.107174][ T9421] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  806.107184][ T9421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  806.107194][ T9421] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  806.107218][ T9421]  </TASK>
[  808.013069][ T9174] batman_adv: batadv0: Adding interface: batadv_slave_0
[  808.013083][ T9174] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  808.013106][ T9174] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  808.063863][ T9174] batman_adv: batadv0: Adding interface: batadv_slave_1
[  808.063882][ T9174] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  808.063910][ T9174] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  808.402903][ T9160] hsr_slave_0: entered promiscuous mode
[  808.407824][ T9160] hsr_slave_1: entered promiscuous mode
[  808.418923][ T9160] debugfs: 'hsr0' already exists in 'hsr'
[  808.419005][ T9160] Cannot create hsr debugfs directory
[  808.821317][ T9174] hsr_slave_0: entered promiscuous mode
[  808.838787][ T9174] hsr_slave_1: entered promiscuous mode
[  808.850305][ T9174] debugfs: 'hsr0' already exists in 'hsr'
[  808.850326][ T9174] Cannot create hsr debugfs directory
[  809.796457][ T9452] program syz.1.659 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  810.820861][ T7359] bridge_slave_1: left allmulticast mode
[  810.820908][ T7359] bridge_slave_1: left promiscuous mode
[  810.821244][ T7359] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.074682][ T7359] bridge_slave_0: left allmulticast mode
[  811.074719][ T7359] bridge_slave_0: left promiscuous mode
[  811.075026][ T7359] bridge0: port 1(bridge_slave_0) entered disabled state
[  811.141738][ T9473] FAULT_INJECTION: forcing a failure.
[  811.141738][ T9473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  811.144503][ T9473] CPU: 0 UID: 0 PID: 9473 Comm: syz.1.668 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  811.144545][ T9473] Tainted: [L]=SOFTLOCKUP
[  811.144554][ T9473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  811.144567][ T9473] Call Trace:
[  811.144578][ T9473]  <TASK>
[  811.144587][ T9473]  dump_stack_lvl+0xe8/0x150
[  811.144624][ T9473]  should_fail_ex+0x46b/0x600
[  811.144658][ T9473]  _copy_from_iter+0x1d3/0x1670
[  811.144688][ T9473]  ? lruvec_stat_mod_folio+0x6e/0x3e0
[  811.144709][ T9473]  ? lruvec_stat_mod_folio+0x6e/0x3e0
[  811.144740][ T9473]  ? __pfx__copy_from_iter+0x10/0x10
[  811.144771][ T9473]  ? trace_kmalloc+0x2a/0xf0
[  811.144815][ T9473]  ? __kmalloc_noprof+0x408/0x7b0
[  811.144854][ T9473]  bcm_tx_setup+0x6e1/0x1bf0
[  811.144906][ T9473]  bcm_sendmsg+0x46e/0x6c0
[  811.144942][ T9473]  ? __pfx_bcm_sendmsg+0x10/0x10
[  811.144978][ T9473]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  811.145017][ T9473]  ? aa_sock_msg_perm+0x122/0x200
[  811.145048][ T9473]  ? __pfx_bcm_sendmsg+0x10/0x10
[  811.145078][ T9473]  sock_sendmsg_nosec+0x13a/0x180
[  811.145113][ T9473]  ____sys_sendmsg+0x55c/0x870
[  811.145144][ T9473]  ? __pfx_____sys_sendmsg+0x10/0x10
[  811.145179][ T9473]  ? import_iovec+0x73/0xa0
[  811.145218][ T9473]  ___sys_sendmsg+0x2a5/0x360
[  811.145265][ T9473]  ? __lock_acquire+0x6b5/0x2d10
[  811.145301][ T9473]  ? __pfx____sys_sendmsg+0x10/0x10
[  811.145364][ T9473]  ? __fget_files+0x2a/0x420
[  811.145395][ T9473]  ? __fget_files+0x3a6/0x420
[  811.145436][ T9473]  __x64_sys_sendmsg+0x1c3/0x2a0
[  811.145464][ T9473]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  811.145500][ T9473]  ? __pfx_ksys_write+0x10/0x10
[  811.145550][ T9473]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.145576][ T9473]  do_syscall_64+0x174/0x580
[  811.145598][ T9473]  ? trace_irq_disable+0x3b/0x140
[  811.145626][ T9473]  ? clear_bhb_loop+0x40/0x90
[  811.145656][ T9473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.145679][ T9473] RIP: 0033:0x7f038a4ece59
[  811.145702][ T9473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  811.145722][ T9473] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  811.145746][ T9473] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  811.145764][ T9473] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000004
[  811.145779][ T9473] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  811.145793][ T9473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  811.145807][ T9473] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  811.145843][ T9473]  </TASK>
[  812.110837][ T7359] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  813.232661][ T7359] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  813.320051][ T7359] bond0 (unregistering): Released all slaves
[  815.971615][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  815.971733][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  816.032046][ T7359] hsr_slave_0: left promiscuous mode
[  816.069811][ T7359] hsr_slave_1: left promiscuous mode
[  816.070995][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_0
[  816.126564][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_1
[  817.091456][ T7359] team0 (unregistering): Port device team_slave_1 removed
[  817.213080][ T7359] team0 (unregistering): Port device team_slave_0 removed
[  818.876903][ T9076] 8021q: adding VLAN 0 to HW filter on device bond0
[  819.234760][ T9160] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  820.985335][ T9160] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  821.052851][ T9160] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  821.208173][ T9160] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  821.740190][ T9076] 8021q: adding VLAN 0 to HW filter on device team0
[  821.741412][ T9160] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  821.798456][ T9160] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  821.842155][ T9160] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  821.915276][ T9160] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  822.025016][ T5272] 8021q: adding VLAN 0 to HW filter on device eth9
[  822.092557][ T2179] bridge0: port 1(bridge_slave_0) entered blocking state
[  822.092791][ T2179] bridge0: port 1(bridge_slave_0) entered forwarding state
[  822.427061][ T2179] bridge0: port 2(bridge_slave_1) entered blocking state
[  822.444078][ T2179] bridge0: port 2(bridge_slave_1) entered forwarding state
[  822.561714][ T9602] FAULT_INJECTION: forcing a failure.
[  822.561714][ T9602] name failslab, interval 1, probability 0, space 0, times 0
[  822.561756][ T9602] CPU: 0 UID: 0 PID: 9602 Comm: syz.1.715 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  822.561788][ T9602] Tainted: [L]=SOFTLOCKUP
[  822.561796][ T9602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  822.561809][ T9602] Call Trace:
[  822.561818][ T9602]  <TASK>
[  822.561827][ T9602]  dump_stack_lvl+0xe8/0x150
[  822.561861][ T9602]  should_fail_ex+0x46b/0x600
[  822.561896][ T9602]  should_failslab+0xa8/0x100
[  822.561940][ T9602]  __kmalloc_noprof+0xdf/0x7b0
[  822.561972][ T9602]  ? security_sk_alloc+0x52/0x360
[  822.562014][ T9602]  security_sk_alloc+0x52/0x360
[  822.562061][ T9602]  sk_prot_alloc+0x101/0x210
[  822.562081][ T9602]  ? sk_alloc+0x27/0x390
[  822.562105][ T9602]  sk_alloc+0x3a/0x390
[  822.562131][ T9602]  bpf_prog_test_run_skb+0x415/0x2260
[  822.562179][ T9602]  ? __fget_files+0x3a6/0x420
[  822.562209][ T9602]  ? __fget_files+0x2a/0x420
[  822.562245][ T9602]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  822.562271][ T9602]  bpf_prog_test_run+0x2cd/0x340
[  822.562307][ T9602]  __sys_bpf+0xa20/0xd90
[  822.562345][ T9602]  ? __pfx___sys_bpf+0x10/0x10
[  822.562384][ T9602]  ? lockdep_hardirqs_on+0x7a/0x110
[  822.562406][ T9602]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  822.562466][ T9602]  ? ksys_write+0x248/0x270
[  822.562503][ T9602]  ? __pfx_ksys_write+0x10/0x10
[  822.562543][ T9602]  __x64_sys_bpf+0xba/0xd0
[  822.562568][ T9602]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.562592][ T9602]  do_syscall_64+0x174/0x580
[  822.562614][ T9602]  ? trace_irq_disable+0x3b/0x140
[  822.562642][ T9602]  ? clear_bhb_loop+0x40/0x90
[  822.562669][ T9602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.562692][ T9602] RIP: 0033:0x7f038a4ece59
[  822.562713][ T9602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  822.562734][ T9602] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  822.562759][ T9602] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  822.562776][ T9602] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  822.562792][ T9602] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  822.562805][ T9602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  822.562818][ T9602] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  822.562853][ T9602]  </TASK>
[  825.033748][ T9160] 8021q: adding VLAN 0 to HW filter on device bond0
[  825.183214][ T9160] 8021q: adding VLAN 0 to HW filter on device team0
[  825.274982][ T1449] bridge0: port 1(bridge_slave_0) entered blocking state
[  825.281579][ T1449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  825.408919][ T1449] bridge0: port 2(bridge_slave_1) entered blocking state
[  825.409111][ T1449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  826.066899][ T5625] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  826.137564][ T5625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  826.139142][ T5625] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  826.157075][ T5625] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  826.187795][ T5625] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  826.765575][ T9663] netlink: 12 bytes leftover after parsing attributes in process `syz.0.731'.
[  827.427061][ T9687] FAULT_INJECTION: forcing a failure.
[  827.427061][ T9687] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  827.427100][ T9687] CPU: 1 UID: 0 PID: 9687 Comm: syz.0.741 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  827.427125][ T9687] Tainted: [L]=SOFTLOCKUP
[  827.427131][ T9687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  827.427142][ T9687] Call Trace:
[  827.427148][ T9687]  <TASK>
[  827.427155][ T9687]  dump_stack_lvl+0xe8/0x150
[  827.427186][ T9687]  should_fail_ex+0x46b/0x600
[  827.427213][ T9687]  _copy_from_user+0x2d/0xb0
[  827.427244][ T9687]  kvm_vm_ioctl+0x85a/0xd50
[  827.427275][ T9687]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  827.427318][ T9687]  ? kasan_quarantine_put+0xbb/0x1f0
[  827.427351][ T9687]  ? tomoyo_path_number_perm+0x219/0x630
[  827.427398][ T9687]  ? do_vfs_ioctl+0x117b/0x1540
[  827.427422][ T9687]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  827.427476][ T9687]  ? __fget_files+0x2a/0x420
[  827.427512][ T9687]  ? __fget_files+0x2a/0x420
[  827.427539][ T9687]  ? __fget_files+0x3a6/0x420
[  827.427567][ T9687]  ? __fget_files+0x2a/0x420
[  827.427600][ T9687]  ? bpf_lsm_file_ioctl+0x9/0x20
[  827.427622][ T9687]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  827.427653][ T9687]  __se_sys_ioctl+0xff/0x170
[  827.427674][ T9687]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.427700][ T9687]  do_syscall_64+0x174/0x580
[  827.427722][ T9687]  ? trace_irq_disable+0x3b/0x140
[  827.427751][ T9687]  ? clear_bhb_loop+0x40/0x90
[  827.427779][ T9687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.427802][ T9687] RIP: 0033:0x7fc7860dce59
[  827.427823][ T9687] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  827.427844][ T9687] RSP: 002b:00007fc784336028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  827.427875][ T9687] RAX: ffffffffffffffda RBX: 00007fc786355fa0 RCX: 00007fc7860dce59
[  827.427892][ T9687] RDX: 00002000000002c0 RSI: 000000004010ae42 RDI: 0000000000000004
[  827.427908][ T9687] RBP: 00007fc784336090 R08: 0000000000000000 R09: 0000000000000000
[  827.427922][ T9687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.427943][ T9687] R13: 00007fc786356038 R14: 00007fc786355fa0 R15: 00007ffdcd110028
[  827.427978][ T9687]  </TASK>
[  827.837050][ T9174] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  827.943632][ T9174] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  827.949407][ T9174] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  828.091361][ T9174] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  828.186815][ T9174] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  828.254944][ T9174] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  828.307332][ T9174] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  828.359987][ T5625] Bluetooth: hci0: command tx timeout
[  828.414852][ T9174] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  830.441841][ T5625] Bluetooth: hci0: command tx timeout
[  831.551716][ T9738] FAULT_INJECTION: forcing a failure.
[  831.551716][ T9738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  831.551757][ T9738] CPU: 0 UID: 0 PID: 9738 Comm: syz.0.759 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  831.551796][ T9738] Tainted: [L]=SOFTLOCKUP
[  831.551805][ T9738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  831.551819][ T9738] Call Trace:
[  831.551827][ T9738]  <TASK>
[  831.551836][ T9738]  dump_stack_lvl+0xe8/0x150
[  831.551872][ T9738]  should_fail_ex+0x46b/0x600
[  831.551906][ T9738]  _copy_from_iter+0x1d3/0x1670
[  831.551954][ T9738]  ? trace_kmem_cache_alloc+0x29/0xe0
[  831.551983][ T9738]  ? __alloc_skb+0x27d/0x7d0
[  831.552017][ T9738]  ? __pfx__copy_from_iter+0x10/0x10
[  831.552047][ T9738]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  831.552077][ T9738]  ? __alloc_skb+0x27d/0x7d0
[  831.552117][ T9738]  ? netlink_sendmsg+0x650/0xb40
[  831.552140][ T9738]  ? skb_put+0x11b/0x210
[  831.552177][ T9738]  netlink_sendmsg+0x6c0/0xb40
[  831.552216][ T9738]  ? __pfx_netlink_sendmsg+0x10/0x10
[  831.552243][ T9738]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  831.552283][ T9738]  ? aa_sock_msg_perm+0x122/0x200
[  831.552315][ T9738]  ? __pfx_netlink_sendmsg+0x10/0x10
[  831.552338][ T9738]  sock_sendmsg_nosec+0x13a/0x180
[  831.552373][ T9738]  ____sys_sendmsg+0x55c/0x870
[  831.552403][ T9738]  ? __pfx_____sys_sendmsg+0x10/0x10
[  831.552437][ T9738]  ? import_iovec+0x73/0xa0
[  831.552474][ T9738]  ___sys_sendmsg+0x2a5/0x360
[  831.552496][ T9738]  ? __lock_acquire+0x6b5/0x2d10
[  831.552531][ T9738]  ? __pfx____sys_sendmsg+0x10/0x10
[  831.552593][ T9738]  ? __fget_files+0x2a/0x420
[  831.552622][ T9738]  ? __fget_files+0x3a6/0x420
[  831.552662][ T9738]  __x64_sys_sendmsg+0x1c3/0x2a0
[  831.552690][ T9738]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  831.552724][ T9738]  ? __pfx_ksys_write+0x10/0x10
[  831.552767][ T9738]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.552793][ T9738]  do_syscall_64+0x174/0x580
[  831.552812][ T9738]  ? trace_irq_disable+0x3b/0x140
[  831.552834][ T9738]  ? clear_bhb_loop+0x40/0x90
[  831.552856][ T9738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.552873][ T9738] RIP: 0033:0x7fc7860dce59
[  831.552890][ T9738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  831.552906][ T9738] RSP: 002b:00007fc784336028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  831.552924][ T9738] RAX: ffffffffffffffda RBX: 00007fc786355fa0 RCX: 00007fc7860dce59
[  831.552937][ T9738] RDX: 0000000004000084 RSI: 0000200000000000 RDI: 0000000000000003
[  831.552955][ T9738] RBP: 00007fc784336090 R08: 0000000000000000 R09: 0000000000000000
[  831.552966][ T9738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  831.552976][ T9738] R13: 00007fc786356038 R14: 00007fc786355fa0 R15: 00007ffdcd110028
[  831.553002][ T9738]  </TASK>
[  832.524519][ T5625] Bluetooth: hci0: command tx timeout
[  833.918507][ T9644] bridge0: port 1(bridge_slave_0) entered blocking state
[  833.932860][ T9644] bridge0: port 1(bridge_slave_0) entered disabled state
[  833.933248][ T9644] bridge_slave_0: entered allmulticast mode
[  833.953970][ T9644] bridge_slave_0: entered promiscuous mode
[  833.993015][ T9174] 8021q: adding VLAN 0 to HW filter on device bond0
[  834.017836][ T9644] bridge0: port 2(bridge_slave_1) entered blocking state
[  834.018098][ T9644] bridge0: port 2(bridge_slave_1) entered disabled state
[  834.018389][ T9644] bridge_slave_1: entered allmulticast mode
[  834.043004][ T9644] bridge_slave_1: entered promiscuous mode
[  834.061792][ T9160] 8021q: adding VLAN 0 to HW filter on device batadv0
[  834.329864][   T13] bridge_slave_1: left allmulticast mode
[  834.329908][   T13] bridge_slave_1: left promiscuous mode
[  834.330219][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  834.525725][   T13] bridge_slave_0: left allmulticast mode
[  834.525765][   T13] bridge_slave_0: left promiscuous mode
[  834.526042][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  834.599840][ T5625] Bluetooth: hci0: command tx timeout
[  835.324578][ T9831] FAULT_INJECTION: forcing a failure.
[  835.324578][ T9831] name failslab, interval 1, probability 0, space 0, times 0
[  835.324683][ T9831] CPU: 0 UID: 0 PID: 9831 Comm: syz.1.787 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  835.324716][ T9831] Tainted: [L]=SOFTLOCKUP
[  835.324724][ T9831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  835.324741][ T9831] Call Trace:
[  835.324749][ T9831]  <TASK>
[  835.324756][ T9831]  dump_stack_lvl+0xe8/0x150
[  835.324788][ T9831]  should_fail_ex+0x46b/0x600
[  835.324813][ T9831]  should_failslab+0xa8/0x100
[  835.324838][ T9831]  __kmalloc_noprof+0xdf/0x7b0
[  835.324876][ T9831]  ? kfree+0x4d/0x6c0
[  835.324895][ T9831]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  835.324943][ T9831]  tomoyo_realpath_from_path+0xe3/0x5d0
[  835.324966][ T9831]  ? tomoyo_path_number_perm+0x219/0x630
[  835.324992][ T9831]  ? tomoyo_path_number_perm+0x219/0x630
[  835.325020][ T9831]  tomoyo_path_number_perm+0x246/0x630
[  835.325041][ T9831]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  835.325067][ T9831]  ? __pfx___schedule+0x10/0x10
[  835.325120][ T9831]  ? security_file_ioctl+0x246/0x2a0
[  835.325148][ T9831]  security_file_ioctl+0xc3/0x2a0
[  835.325172][ T9831]  __se_sys_ioctl+0x47/0x170
[  835.325189][ T9831]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.325207][ T9831]  do_syscall_64+0x174/0x580
[  835.325225][ T9831]  ? clear_bhb_loop+0x40/0x90
[  835.325245][ T9831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.325261][ T9831] RIP: 0033:0x7f038a4ece59
[  835.325276][ T9831] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  835.325290][ T9831] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  835.325307][ T9831] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  835.325320][ T9831] RDX: 0000000000000000 RSI: 0000000000007040 RDI: 0000000000000004
[  835.325330][ T9831] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  835.325340][ T9831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  835.325350][ T9831] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  835.325375][ T9831]  </TASK>
[  835.325424][ T9831] ERROR: Out of memory at tomoyo_realpath_from_path.
[  839.160556][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  839.240888][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  839.285453][   T13] bond0 (unregistering): Released all slaves
[  839.334908][ T9837] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  839.472830][ T9644] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  839.676863][ T9644] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  839.926869][ T9644] team0: Port device team_slave_0 added
[  839.959395][ T9174] 8021q: adding VLAN 0 to HW filter on device team0
[  840.029752][ T9644] team0: Port device team_slave_1 added
[  840.291938][   T13] hsr_slave_0: left promiscuous mode
[  840.336598][   T13] hsr_slave_1: left promiscuous mode
[  840.338601][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  840.370876][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  841.327453][ T9886] FAULT_INJECTION: forcing a failure.
[  841.327453][ T9886] name failslab, interval 1, probability 0, space 0, times 0
[  841.327520][ T9886] CPU: 0 UID: 0 PID: 9886 Comm: syz.1.809 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  841.327554][ T9886] Tainted: [L]=SOFTLOCKUP
[  841.327564][ T9886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  841.327582][ T9886] Call Trace:
[  841.327588][ T9886]  <TASK>
[  841.327595][ T9886]  dump_stack_lvl+0xe8/0x150
[  841.327622][ T9886]  should_fail_ex+0x46b/0x600
[  841.327647][ T9886]  should_failslab+0xa8/0x100
[  841.327672][ T9886]  __kmalloc_noprof+0xdf/0x7b0
[  841.327699][ T9886]  ? kfree+0x4d/0x6c0
[  841.327717][ T9886]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  841.327746][ T9886]  tomoyo_realpath_from_path+0xe3/0x5d0
[  841.327779][ T9886]  tomoyo_mount_permission+0x3e8/0x9d0
[  841.327804][ T9886]  ? tomoyo_mount_permission+0x2b3/0x9d0
[  841.327825][ T9886]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  841.327887][ T9886]  security_sb_mount+0xe4/0x320
[  841.327912][ T9886]  path_mount+0xbc/0x10e0
[  841.327932][ T9886]  ? user_path_at+0xd4/0x160
[  841.327963][ T9886]  ? user_path_at+0xd4/0x160
[  841.327988][ T9886]  __se_sys_mount+0x31d/0x420
[  841.328013][ T9886]  ? __pfx___se_sys_mount+0x10/0x10
[  841.328033][ T9886]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.328055][ T9886]  ? __x64_sys_mount+0x20/0xc0
[  841.328075][ T9886]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.328092][ T9886]  do_syscall_64+0x174/0x580
[  841.328109][ T9886]  ? clear_bhb_loop+0x40/0x90
[  841.328129][ T9886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.328145][ T9886] RIP: 0033:0x7f038a4ece59
[  841.328160][ T9886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  841.328174][ T9886] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  841.328191][ T9886] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  841.328203][ T9886] RDX: 00002000000006c0 RSI: 0000200000000680 RDI: 0000000000000000
[  841.328214][ T9886] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  841.328223][ T9886] R10: 0000000000400008 R11: 0000000000000246 R12: 0000000000000001
[  841.328233][ T9886] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  841.328258][ T9886]  </TASK>
[  841.328304][ T9886] ERROR: Out of memory at tomoyo_realpath_from_path.
[  843.211466][   T13] team0 (unregistering): Port device team_slave_1 removed
[  843.273300][   T13] team0 (unregistering): Port device team_slave_0 removed
[  843.723123][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  843.723562][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  843.769057][ T9644] batman_adv: batadv0: Adding interface: batadv_slave_0
[  843.769077][ T9644] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  843.769108][ T9644] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  843.858392][ T9644] batman_adv: batadv0: Adding interface: batadv_slave_1
[  843.858411][ T9644] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  843.858452][ T9644] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  843.943225][ T1469] bridge0: port 2(bridge_slave_1) entered blocking state
[  843.946534][ T1469] bridge0: port 2(bridge_slave_1) entered forwarding state
[  845.325360][ T9644] hsr_slave_0: entered promiscuous mode
[  845.409390][ T5618] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  845.461966][ T9644] hsr_slave_1: entered promiscuous mode
[  845.475563][ T9644] debugfs: 'hsr0' already exists in 'hsr'
[  845.475591][ T9644] Cannot create hsr debugfs directory
[  845.498632][ T5618] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  845.504240][ T5618] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  845.516711][ T5618] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  845.523219][ T5618] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  847.723469][ T5625] Bluetooth: hci5: command tx timeout
[  848.081081][ T9923] FAULT_INJECTION: forcing a failure.
[  848.081081][ T9923] name failslab, interval 1, probability 0, space 0, times 0
[  848.081122][ T9923] CPU: 0 UID: 0 PID: 9923 Comm: syz.1.816 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  848.081154][ T9923] Tainted: [L]=SOFTLOCKUP
[  848.081162][ T9923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  848.081177][ T9923] Call Trace:
[  848.081189][ T9923]  <TASK>
[  848.081199][ T9923]  dump_stack_lvl+0xe8/0x150
[  848.081234][ T9923]  should_fail_ex+0x46b/0x600
[  848.081268][ T9923]  should_failslab+0xa8/0x100
[  848.081304][ T9923]  __kmalloc_noprof+0xdf/0x7b0
[  848.081344][ T9923]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  848.081385][ T9923]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  848.081428][ T9923]  genl_family_rcv_msg_doit+0xd9/0x330
[  848.081475][ T9923]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  848.081517][ T9923]  ? apparmor_capable+0x126/0x170
[  848.081556][ T9923]  ? bpf_lsm_capable+0x9/0x20
[  848.081580][ T9923]  ? security_capable+0x7e/0x2c0
[  848.081616][ T9923]  genl_rcv_msg+0x61c/0x7a0
[  848.081653][ T9923]  ? __pfx_genl_rcv_msg+0x10/0x10
[  848.081680][ T9923]  ? ref_tracker_free+0x673/0x820
[  848.081710][ T9923]  ? __pfx_l2tp_nl_cmd_tunnel_delete+0x10/0x10
[  848.081743][ T9923]  ? ____sys_sendmsg+0x55c/0x870
[  848.081764][ T9923]  ? ___sys_sendmsg+0x2a5/0x360
[  848.081786][ T9923]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  848.081808][ T9923]  ? do_syscall_64+0x174/0x580
[  848.081829][ T9923]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.081863][ T9923]  netlink_rcv_skb+0x232/0x4b0
[  848.081888][ T9923]  ? __pfx_genl_rcv_msg+0x10/0x10
[  848.081921][ T9923]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  848.081959][ T9923]  ? netlink_deliver_tap+0x2e/0x1b0
[  848.081984][ T9923]  ? netlink_deliver_tap+0x2e/0x1b0
[  848.082013][ T9923]  genl_rcv+0x28/0x40
[  848.082041][ T9923]  netlink_unicast+0x780/0x920
[  848.082087][ T9923]  netlink_sendmsg+0x813/0xb40
[  848.082123][ T9923]  ? __pfx_netlink_sendmsg+0x10/0x10
[  848.082151][ T9923]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  848.082189][ T9923]  ? aa_sock_msg_perm+0x122/0x200
[  848.082219][ T9923]  ? __pfx_netlink_sendmsg+0x10/0x10
[  848.082242][ T9923]  sock_sendmsg_nosec+0x13a/0x180
[  848.082275][ T9923]  ____sys_sendmsg+0x55c/0x870
[  848.082306][ T9923]  ? __pfx_____sys_sendmsg+0x10/0x10
[  848.082346][ T9923]  ? import_iovec+0x73/0xa0
[  848.082386][ T9923]  ___sys_sendmsg+0x2a5/0x360
[  848.082409][ T9923]  ? __lock_acquire+0x6b5/0x2d10
[  848.082445][ T9923]  ? __pfx____sys_sendmsg+0x10/0x10
[  848.082509][ T9923]  ? __fget_files+0x2a/0x420
[  848.082538][ T9923]  ? __fget_files+0x3a6/0x420
[  848.082582][ T9923]  __x64_sys_sendmsg+0x1c3/0x2a0
[  848.082610][ T9923]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  848.082646][ T9923]  ? __pfx_ksys_write+0x10/0x10
[  848.082691][ T9923]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.082716][ T9923]  do_syscall_64+0x174/0x580
[  848.082738][ T9923]  ? trace_irq_disable+0x3b/0x140
[  848.082766][ T9923]  ? clear_bhb_loop+0x40/0x90
[  848.082794][ T9923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.082818][ T9923] RIP: 0033:0x7f038a4ece59
[  848.082840][ T9923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  848.082861][ T9923] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  848.082884][ T9923] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  848.082900][ T9923] RDX: 0000000000000040 RSI: 0000200000000440 RDI: 0000000000000003
[  848.082914][ T9923] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  848.082928][ T9923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  848.082941][ T9923] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  848.082977][ T9923]  </TASK>
[  848.712926][ T5618] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  848.780024][ T5618] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  848.783413][ T5618] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  848.822630][ T5618] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  848.842976][ T5618] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  849.827938][ T5618] Bluetooth: hci5: command tx timeout
[  849.828742][ T5272] 8021q: adding VLAN 0 to HW filter on device eth9
[  851.064449][ T5618] Bluetooth: hci3: command tx timeout
[  851.879791][ T5618] Bluetooth: hci5: command tx timeout
[  852.094560][ T9956] FAULT_INJECTION: forcing a failure.
[  852.094560][ T9956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  852.094602][ T9956] CPU: 1 UID: 0 PID: 9956 Comm: syz.1.823 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  852.094634][ T9956] Tainted: [L]=SOFTLOCKUP
[  852.094643][ T9956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  852.094656][ T9956] Call Trace:
[  852.094664][ T9956]  <TASK>
[  852.094674][ T9956]  dump_stack_lvl+0xe8/0x150
[  852.094711][ T9956]  should_fail_ex+0x46b/0x600
[  852.094747][ T9956]  _copy_to_user+0x31/0xb0
[  852.094784][ T9956]  simple_read_from_buffer+0xe1/0x170
[  852.094821][ T9956]  proc_fail_nth_read+0x1be/0x230
[  852.094866][ T9956]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  852.094901][ T9956]  ? rw_verify_area+0x2ac/0x4e0
[  852.094933][ T9956]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  852.094965][ T9956]  vfs_read+0x212/0xa80
[  852.095008][ T9956]  ? __pfx_vfs_read+0x10/0x10
[  852.095046][ T9956]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  852.095089][ T9956]  ? lockdep_hardirqs_on+0x7a/0x110
[  852.095111][ T9956]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  852.095148][ T9956]  ? mutex_lock_nested+0x152/0x1d0
[  852.095175][ T9956]  ? fdget_pos+0x252/0x320
[  852.095215][ T9956]  ksys_read+0x156/0x270
[  852.095252][ T9956]  ? __pfx_ksys_read+0x10/0x10
[  852.095296][ T9956]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.095321][ T9956]  do_syscall_64+0x174/0x580
[  852.095342][ T9956]  ? trace_irq_disable+0x3b/0x140
[  852.095372][ T9956]  ? clear_bhb_loop+0x40/0x90
[  852.095400][ T9956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.095433][ T9956] RIP: 0033:0x7f038a4ad68e
[  852.095454][ T9956] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  852.095473][ T9956] RSP: 002b:00007f0388745fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  852.095497][ T9956] RAX: ffffffffffffffda RBX: 00007f03887466c0 RCX: 00007f038a4ad68e
[  852.095513][ T9956] RDX: 000000000000000f RSI: 00007f03887460a0 RDI: 0000000000000004
[  852.095529][ T9956] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  852.095543][ T9956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  852.095557][ T9956] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  852.095592][ T9956]  </TASK>
[  852.795238][ T9978] FAULT_INJECTION: forcing a failure.
[  852.795238][ T9978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  852.795280][ T9978] CPU: 0 UID: 0 PID: 9978 Comm: syz.1.826 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  852.795312][ T9978] Tainted: [L]=SOFTLOCKUP
[  852.795320][ T9978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  852.795335][ T9978] Call Trace:
[  852.795344][ T9978]  <TASK>
[  852.795353][ T9978]  dump_stack_lvl+0xe8/0x150
[  852.795389][ T9978]  should_fail_ex+0x46b/0x600
[  852.795424][ T9978]  _copy_from_user+0x2d/0xb0
[  852.795460][ T9978]  ___sys_recvmsg+0x175/0x590
[  852.795484][ T9978]  ? get_pid_task+0x20/0x1f0
[  852.795510][ T9978]  ? get_pid_task+0x20/0x1f0
[  852.795542][ T9978]  ? __pfx____sys_recvmsg+0x10/0x10
[  852.795571][ T9978]  ? __fget_files+0x2a/0x420
[  852.795620][ T9978]  ? __fget_files+0x3a6/0x420
[  852.795659][ T9978]  __x64_sys_recvmsg+0x1c0/0x2a0
[  852.795686][ T9978]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  852.795725][ T9978]  ? __pfx_ksys_write+0x10/0x10
[  852.795775][ T9978]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.795800][ T9978]  do_syscall_64+0x174/0x580
[  852.795821][ T9978]  ? trace_irq_disable+0x3b/0x140
[  852.795849][ T9978]  ? clear_bhb_loop+0x40/0x90
[  852.795876][ T9978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.795898][ T9978] RIP: 0033:0x7f038a4ece59
[  852.795919][ T9978] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  852.795938][ T9978] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  852.795961][ T9978] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  852.795977][ T9978] RDX: 0000000000010150 RSI: 00002000000000c0 RDI: 0000000000000004
[  852.795991][ T9978] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  852.796004][ T9978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  852.796018][ T9978] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  852.796052][ T9978]  </TASK>
[  853.079630][ T5618] Bluetooth: hci3: command tx timeout
[  853.972294][ T5618] Bluetooth: hci5: command tx timeout
[  855.620651][ T5618] Bluetooth: hci3: command tx timeout
[  856.031043][ T5272] 8021q: adding VLAN 0 to HW filter on device eth10
[  857.641494][ T5618] Bluetooth: hci3: command tx timeout
[  858.010545][  T823] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  858.174592][  T823] usb 1-1: config 0 has an invalid interface number: 191 but max is 0
[  858.174623][  T823] usb 1-1: config 0 has no interface number 0
[  858.174656][  T823] usb 1-1: too many endpoints for config 0 interface 191 altsetting 240: 211, using maximum allowed: 30
[  858.174696][  T823] usb 1-1: config 0 interface 191 altsetting 240 has 0 endpoint descriptors, different from the interface descriptor's value: 211
[  858.174736][  T823] usb 1-1: config 0 interface 191 has no altsetting 0
[  858.174767][  T823] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  858.174792][  T823] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  858.188591][  T823] usb 1-1: config 0 descriptor??
[  858.467833][T10078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  858.484941][T10078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  858.563049][  T823] usb 1-1: string descriptor 0 read error: -71
[  858.569110][  T823] cp210x 1-1:0.191: cp210x converter detected
[  858.646803][  T823] cp210x 1-1:0.191: failed to get vendor val 0x370b size 1: -71
[  858.646859][  T823] cp210x 1-1:0.191: querying part number failed
[  858.746520][  T823] usb 1-1: cp210x converter now attached to ttyUSB0
[  858.772479][  T823] usb 1-1: USB disconnect, device number 11
[  858.806456][  T823] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  858.809196][  T823] cp210x 1-1:0.191: device disconnected
[  860.902594][ T9905] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.903015][ T9905] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.903457][ T9905] bridge_slave_0: entered allmulticast mode
[  860.907722][ T9905] bridge_slave_0: entered promiscuous mode
[  861.101315][ T9905] bridge0: port 2(bridge_slave_1) entered blocking state
[  861.101558][ T9905] bridge0: port 2(bridge_slave_1) entered disabled state
[  861.101935][ T9905] bridge_slave_1: entered allmulticast mode
[  861.104742][ T9905] bridge_slave_1: entered promiscuous mode
[  861.575014][T10160] FAULT_INJECTION: forcing a failure.
[  861.575014][T10160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  861.575056][T10160] CPU: 0 UID: 0 PID: 10160 Comm: syz.0.894 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  861.575087][T10160] Tainted: [L]=SOFTLOCKUP
[  861.575095][T10160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  861.575109][T10160] Call Trace:
[  861.575117][T10160]  <TASK>
[  861.575127][T10160]  dump_stack_lvl+0xe8/0x150
[  861.575162][T10160]  should_fail_ex+0x46b/0x600
[  861.575197][T10160]  _copy_from_user+0x2d/0xb0
[  861.575233][T10160]  kstrtouint_from_user+0xd6/0x180
[  861.575267][T10160]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  861.575317][T10160]  proc_fail_nth_write+0x8e/0x210
[  861.575348][T10160]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  861.575384][T10160]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  861.575418][T10160]  vfs_write+0x2a3/0xba0
[  861.575463][T10160]  ? __pfx_vfs_write+0x10/0x10
[  861.575503][T10160]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  861.575542][T10160]  ? lockdep_hardirqs_on+0x7a/0x110
[  861.575565][T10160]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  861.575602][T10160]  ? mutex_lock_nested+0x152/0x1d0
[  861.575630][T10160]  ? fdget_pos+0x252/0x320
[  861.575669][T10160]  ksys_write+0x156/0x270
[  861.575709][T10160]  ? __pfx_ksys_write+0x10/0x10
[  861.575744][T10160]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  861.575782][T10160]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.575807][T10160]  do_syscall_64+0x174/0x580
[  861.575828][T10160]  ? trace_irq_disable+0x3b/0x140
[  861.575860][T10160]  ? clear_bhb_loop+0x40/0x90
[  861.575896][T10160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.575918][T10160] RIP: 0033:0x7fc78609d68e
[  861.575939][T10160] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  861.575959][T10160] RSP: 002b:00007fc784335fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  861.575982][T10160] RAX: ffffffffffffffda RBX: 00007fc7843366c0 RCX: 00007fc78609d68e
[  861.575997][T10160] RDX: 0000000000000001 RSI: 00007fc7843360a0 RDI: 0000000000000005
[  861.576012][T10160] RBP: 00007fc784336090 R08: 0000000000000000 R09: 0000000000000000
[  861.576025][T10160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.576038][T10160] R13: 00007fc786356038 R14: 00007fc786355fa0 R15: 00007ffdcd110028
[  861.576073][T10160]  </TASK>
[  862.106167][ T9927] bridge0: port 1(bridge_slave_0) entered blocking state
[  862.106603][ T9927] bridge0: port 1(bridge_slave_0) entered disabled state
[  862.106952][ T9927] bridge_slave_0: entered allmulticast mode
[  862.114411][ T9927] bridge_slave_0: entered promiscuous mode
[  862.151652][ T9905] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  862.452698][ T9927] bridge0: port 2(bridge_slave_1) entered blocking state
[  862.453048][ T9927] bridge0: port 2(bridge_slave_1) entered disabled state
[  862.462320][ T9927] bridge_slave_1: entered allmulticast mode
[  862.497404][ T9927] bridge_slave_1: entered promiscuous mode
[  862.621516][ T9905] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  862.685434][ T9644] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  864.795633][ T9644] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  865.246538][ T9644] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  865.406379][ T9644] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  865.479723][ T9927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  865.499968][ T9644] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  865.564111][ T9644] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  865.569432][ T9905] team0: Port device team_slave_0 added
[  865.593160][ T9927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  865.665619][ T9644] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  865.795207][ T9644] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  865.854698][ T9905] team0: Port device team_slave_1 added
[  866.949154][ T9927] team0: Port device team_slave_0 added
[  867.063447][ T9905] batman_adv: batadv0: Adding interface: batadv_slave_0
[  867.063467][ T9905] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  867.063594][ T9905] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  867.099194][ T9927] team0: Port device team_slave_1 added
[  867.129473][ T9905] batman_adv: batadv0: Adding interface: batadv_slave_1
[  867.129717][ T9905] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  867.129752][ T9905] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  867.563580][T10252] FAULT_INJECTION: forcing a failure.
[  867.563580][T10252] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  867.563622][T10252] CPU: 0 UID: 0 PID: 10252 Comm: syz.1.911 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  867.563655][T10252] Tainted: [L]=SOFTLOCKUP
[  867.563663][T10252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  867.563678][T10252] Call Trace:
[  867.563686][T10252]  <TASK>
[  867.563695][T10252]  dump_stack_lvl+0xe8/0x150
[  867.563733][T10252]  should_fail_ex+0x46b/0x600
[  867.563767][T10252]  _copy_from_user+0x2d/0xb0
[  867.563803][T10252]  video_usercopy+0x36f/0x1450
[  867.563844][T10252]  ? __pfx___video_do_ioctl+0x10/0x10
[  867.563877][T10252]  ? __pfx_video_usercopy+0x10/0x10
[  867.563922][T10252]  ? __fget_files+0x2a/0x420
[  867.563955][T10252]  ? __fget_files+0x2a/0x420
[  867.563982][T10252]  ? __fget_files+0x3a6/0x420
[  867.564015][T10252]  v4l2_ioctl+0x190/0x1e0
[  867.564046][T10252]  ? __pfx_v4l2_ioctl+0x10/0x10
[  867.564081][T10252]  __se_sys_ioctl+0xff/0x170
[  867.564104][T10252]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  867.564128][T10252]  do_syscall_64+0x174/0x580
[  867.564149][T10252]  ? trace_irq_disable+0x3b/0x140
[  867.564178][T10252]  ? clear_bhb_loop+0x40/0x90
[  867.564214][T10252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  867.564238][T10252] RIP: 0033:0x7f038a4ece59
[  867.564259][T10252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  867.564279][T10252] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  867.564304][T10252] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  867.564322][T10252] RDX: 0000200000000400 RSI: 00000000c0d05605 RDI: 0000000000000003
[  867.564337][T10252] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  867.564352][T10252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  867.564366][T10252] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  867.564401][T10252]  </TASK>
[  867.878784][ T9927] batman_adv: batadv0: Adding interface: batadv_slave_0
[  867.878805][ T9927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  867.878855][ T9927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  867.952844][ T9927] batman_adv: batadv0: Adding interface: batadv_slave_1
[  867.952864][ T9927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  867.952897][ T9927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  868.151582][ T9905] hsr_slave_0: entered promiscuous mode
[  868.154277][ T9905] hsr_slave_1: entered promiscuous mode
[  868.156424][ T9905] debugfs: 'hsr0' already exists in 'hsr'
[  868.156452][ T9905] Cannot create hsr debugfs directory
[  868.954910][ T9927] hsr_slave_0: entered promiscuous mode
[  868.959035][ T9927] hsr_slave_1: entered promiscuous mode
[  868.969600][ T9927] debugfs: 'hsr0' already exists in 'hsr'
[  868.969629][ T9927] Cannot create hsr debugfs directory
[  870.029681][   T32] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  870.094056][ T5272] 8021q: adding VLAN 0 to HW filter on device eth9
[  870.181795][   T32] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  870.181831][   T32] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  870.182964][   T32] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  870.182993][   T32] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  870.183014][   T32] usb 2-1: Manufacturer: syz
[  870.295575][   T32] usb 2-1: config 0 descriptor??
[  870.711808][   T32] usbhid 2-1:0.0: can't add hid device: -71
[  870.711962][   T32] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  870.747018][   T32] usb 2-1: USB disconnect, device number 16
[  871.022238][T10312] netlink: 596 bytes leftover after parsing attributes in process `syz.0.928'.
[  871.240824][   T13] bridge_slave_1: left allmulticast mode
[  871.240852][   T13] bridge_slave_1: left promiscuous mode
[  871.241080][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  871.402923][   T13] bridge_slave_0: left allmulticast mode
[  871.402959][   T13] bridge_slave_0: left promiscuous mode
[  871.403302][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  871.588158][T10324] FAULT_INJECTION: forcing a failure.
[  871.588158][T10324] name failslab, interval 1, probability 0, space 0, times 0
[  871.588200][T10324] CPU: 0 UID: 0 PID: 10324 Comm: syz.1.934 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  871.588232][T10324] Tainted: [L]=SOFTLOCKUP
[  871.588240][T10324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  871.588255][T10324] Call Trace:
[  871.588264][T10324]  <TASK>
[  871.588273][T10324]  dump_stack_lvl+0xe8/0x150
[  871.588308][T10324]  should_fail_ex+0x46b/0x600
[  871.588344][T10324]  should_failslab+0xa8/0x100
[  871.588381][T10324]  __kmalloc_cache_noprof+0x84/0x690
[  871.588412][T10324]  ? nf_tables_newtable+0x435/0x1910
[  871.588455][T10324]  ? nla_strcmp+0x106/0x140
[  871.588513][T10324]  nf_tables_newtable+0x435/0x1910
[  871.588569][T10324]  nfnetlink_rcv+0x1247/0x27b0
[  871.588643][T10324]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  871.588697][T10324]  ? __pfx_save_netdev_trace_buffer+0x10/0x10
[  871.588724][T10324]  ? ref_tracker_free+0x673/0x820
[  871.588785][T10324]  ? __netlink_deliver_tap+0x866/0x8b0
[  871.588827][T10324]  ? netlink_deliver_tap+0x2e/0x1b0
[  871.588851][T10324]  ? netlink_deliver_tap+0x2e/0x1b0
[  871.588888][T10324]  netlink_unicast+0x780/0x920
[  871.588936][T10324]  netlink_sendmsg+0x813/0xb40
[  871.588972][T10324]  ? __pfx_netlink_sendmsg+0x10/0x10
[  871.589000][T10324]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  871.589039][T10324]  ? aa_sock_msg_perm+0x122/0x200
[  871.589070][T10324]  ? __pfx_netlink_sendmsg+0x10/0x10
[  871.589095][T10324]  sock_sendmsg_nosec+0x13a/0x180
[  871.589128][T10324]  ____sys_sendmsg+0x55c/0x870
[  871.589157][T10324]  ? __pfx_____sys_sendmsg+0x10/0x10
[  871.589193][T10324]  ? import_iovec+0x73/0xa0
[  871.589231][T10324]  ___sys_sendmsg+0x2a5/0x360
[  871.589254][T10324]  ? __lock_acquire+0x6b5/0x2d10
[  871.589290][T10324]  ? __pfx____sys_sendmsg+0x10/0x10
[  871.589355][T10324]  ? __fget_files+0x2a/0x420
[  871.589386][T10324]  ? __fget_files+0x3a6/0x420
[  871.589428][T10324]  __x64_sys_sendmsg+0x1c3/0x2a0
[  871.589465][T10324]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  871.589501][T10324]  ? __pfx_ksys_write+0x10/0x10
[  871.589543][T10324]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.589567][T10324]  do_syscall_64+0x174/0x580
[  871.589589][T10324]  ? trace_irq_disable+0x3b/0x140
[  871.589617][T10324]  ? clear_bhb_loop+0x40/0x90
[  871.589643][T10324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.589666][T10324] RIP: 0033:0x7f038a4ece59
[  871.589686][T10324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  871.589706][T10324] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  871.589729][T10324] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  871.589746][T10324] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  871.589760][T10324] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  871.589775][T10324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  871.589788][T10324] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  871.589825][T10324]  </TASK>
[  871.972125][   T13] bridge_slave_1: left allmulticast mode
[  871.972163][   T13] bridge_slave_1: left promiscuous mode
[  871.972454][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  872.135242][   T13] bridge_slave_0: left allmulticast mode
[  872.135284][   T13] bridge_slave_0: left promiscuous mode
[  872.135588][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  875.541389][T10364] netlink: 512 bytes leftover after parsing attributes in process `syz.0.952'.
[  875.770990][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  875.890612][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  875.974430][   T13] bond0 (unregistering): Released all slaves
[  876.378456][T10390] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.964'.
[  876.379342][T10390] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.964'.
[  876.379416][T10390] FAULT_INJECTION: forcing a failure.
[  876.379416][T10390] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  876.379441][T10390] CPU: 0 UID: 0 PID: 10390 Comm: syz.1.964 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  876.379463][T10390] Tainted: [L]=SOFTLOCKUP
[  876.379469][T10390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  876.379527][T10390] Call Trace:
[  876.379535][T10390]  <TASK>
[  876.379545][T10390]  dump_stack_lvl+0xe8/0x150
[  876.379577][T10390]  should_fail_ex+0x46b/0x600
[  876.379609][T10390]  _copy_to_user+0x31/0xb0
[  876.379651][T10390]  simple_read_from_buffer+0xe1/0x170
[  876.379688][T10390]  proc_fail_nth_read+0x1be/0x230
[  876.379722][T10390]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  876.379769][T10390]  ? rw_verify_area+0x2ac/0x4e0
[  876.379807][T10390]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  876.379838][T10390]  vfs_read+0x212/0xa80
[  876.379885][T10390]  ? __pfx_vfs_read+0x10/0x10
[  876.380060][T10390]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  876.380097][T10390]  ? lockdep_hardirqs_on+0x7a/0x110
[  876.380113][T10390]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  876.380140][T10390]  ? mutex_lock_nested+0x152/0x1d0
[  876.380167][T10390]  ? fdget_pos+0x252/0x320
[  876.380195][T10390]  ksys_read+0x156/0x270
[  876.380224][T10390]  ? __pfx_ksys_read+0x10/0x10
[  876.380255][T10390]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.380273][T10390]  do_syscall_64+0x174/0x580
[  876.380289][T10390]  ? trace_irq_disable+0x3b/0x140
[  876.380310][T10390]  ? clear_bhb_loop+0x40/0x90
[  876.380330][T10390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.380348][T10390] RIP: 0033:0x7f038a4ad68e
[  876.380417][T10390] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  876.380432][T10390] RSP: 002b:00007f0388724fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  876.380450][T10390] RAX: ffffffffffffffda RBX: 00007f03887256c0 RCX: 00007f038a4ad68e
[  876.380462][T10390] RDX: 000000000000000f RSI: 00007f03887250a0 RDI: 0000000000000007
[  876.380472][T10390] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  876.380482][T10390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  876.380491][T10390] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  876.380517][T10390]  </TASK>
[  876.832130][T10394] FAULT_INJECTION: forcing a failure.
[  876.832130][T10394] name failslab, interval 1, probability 0, space 0, times 0
[  876.832171][T10394] CPU: 0 UID: 0 PID: 10394 Comm: syz.1.966 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  876.832209][T10394] Tainted: [L]=SOFTLOCKUP
[  876.832217][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  876.832231][T10394] Call Trace:
[  876.832240][T10394]  <TASK>
[  876.832250][T10394]  dump_stack_lvl+0xe8/0x150
[  876.832286][T10394]  should_fail_ex+0x46b/0x600
[  876.832320][T10394]  should_failslab+0xa8/0x100
[  876.832356][T10394]  kmem_cache_alloc_noprof+0x87/0x680
[  876.832386][T10394]  ? rcu_is_watching+0x15/0xb0
[  876.832419][T10394]  ? security_file_alloc+0x34/0x310
[  876.832447][T10394]  security_file_alloc+0x34/0x310
[  876.832472][T10394]  init_file+0x96/0x2d0
[  876.832503][T10394]  alloc_empty_file+0x74/0x1d0
[  876.832533][T10394]  alloc_file_pseudo+0x155/0x240
[  876.832565][T10394]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  876.832594][T10394]  ? __pfx_shmem_get_inode+0x10/0x10
[  876.832628][T10394]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  876.832673][T10394]  __shmem_file_setup+0x2e9/0x370
[  876.832700][T10394]  ? rt_spin_lock+0x1e0/0x400
[  876.832730][T10394]  ? __pfx___shmem_file_setup+0x10/0x10
[  876.832762][T10394]  ? rt_spin_unlock+0x14f/0x200
[  876.832797][T10394]  memfd_alloc_file+0x99/0x570
[  876.832828][T10394]  ? __pfx_memfd_alloc_file+0x10/0x10
[  876.832870][T10394]  __se_sys_memfd_create+0x329/0x420
[  876.832903][T10394]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.832927][T10394]  do_syscall_64+0x174/0x580
[  876.832957][T10394]  ? trace_irq_disable+0x3b/0x140
[  876.832986][T10394]  ? clear_bhb_loop+0x40/0x90
[  876.833012][T10394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.833034][T10394] RIP: 0033:0x7f038a4ece59
[  876.833055][T10394] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  876.833075][T10394] RSP: 002b:00007f0388745e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  876.833099][T10394] RAX: ffffffffffffffda RBX: 0000000000000187 RCX: 00007f038a4ece59
[  876.833114][T10394] RDX: 00007f0388745ee0 RSI: 0000000000000000 RDI: 00007f038a582f4f
[  876.833130][T10394] RBP: 00002000000001c0 R08: 00000000ffffffff R09: 0000000000000000
[  876.833144][T10394] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000380
[  876.833158][T10394] R13: 00007f0388745ee0 R14: 00007f0388745ea0 R15: 00002000000003c0
[  876.833195][T10394]  </TASK>
[  877.966814][T10407] FAULT_INJECTION: forcing a failure.
[  877.966814][T10407] name failslab, interval 1, probability 0, space 0, times 0
[  877.966883][T10407] CPU: 0 UID: 0 PID: 10407 Comm: syz.1.972 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  877.966916][T10407] Tainted: [L]=SOFTLOCKUP
[  877.966924][T10407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  877.966937][T10407] Call Trace:
[  877.966946][T10407]  <TASK>
[  877.966959][T10407]  dump_stack_lvl+0xe8/0x150
[  877.966989][T10407]  should_fail_ex+0x46b/0x600
[  877.967014][T10407]  should_failslab+0xa8/0x100
[  877.967040][T10407]  __kmalloc_noprof+0xdf/0x7b0
[  877.967062][T10407]  ? tomoyo_encode+0x28b/0x550
[  877.967089][T10407]  tomoyo_encode+0x28b/0x550
[  877.967116][T10407]  tomoyo_realpath_from_path+0x58d/0x5d0
[  877.967149][T10407]  tomoyo_mount_permission+0x3e8/0x9d0
[  877.967176][T10407]  ? tomoyo_mount_permission+0x2b3/0x9d0
[  877.967197][T10407]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  877.967259][T10407]  security_sb_mount+0xe4/0x320
[  877.967284][T10407]  path_mount+0xbc/0x10e0
[  877.967305][T10407]  ? user_path_at+0xd4/0x160
[  877.967331][T10407]  ? user_path_at+0xd4/0x160
[  877.967355][T10407]  __se_sys_mount+0x31d/0x420
[  877.967380][T10407]  ? __pfx___se_sys_mount+0x10/0x10
[  877.967412][T10407]  ? __x64_sys_mount+0x20/0xc0
[  877.967432][T10407]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.967450][T10407]  do_syscall_64+0x174/0x580
[  877.967467][T10407]  ? clear_bhb_loop+0x40/0x90
[  877.967487][T10407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.967503][T10407] RIP: 0033:0x7f038a4ece59
[  877.967519][T10407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  877.967532][T10407] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  877.967550][T10407] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  877.967562][T10407] RDX: 00002000000006c0 RSI: 0000200000000680 RDI: 0000000000000000
[  877.967573][T10407] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  877.967583][T10407] R10: 0000000000400008 R11: 0000000000000246 R12: 0000000000000001
[  877.967593][T10407] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  877.967618][T10407]  </TASK>
[  877.968231][T10407] ERROR: Out of memory at tomoyo_realpath_from_path.
[  879.431559][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  879.516670][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  879.553923][   T13] bond0 (unregistering): Released all slaves
[  879.690146][ T9644] 8021q: adding VLAN 0 to HW filter on device bond0
[  880.264070][T10411] FAULT_INJECTION: forcing a failure.
[  880.264070][T10411] name failslab, interval 1, probability 0, space 0, times 0
[  880.264138][T10411] CPU: 0 UID: 0 PID: 10411 Comm: syz.0.974 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  880.264172][T10411] Tainted: [L]=SOFTLOCKUP
[  880.264179][T10411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  880.264191][T10411] Call Trace:
[  880.264201][T10411]  <TASK>
[  880.264217][T10411]  dump_stack_lvl+0xe8/0x150
[  880.264244][T10411]  should_fail_ex+0x46b/0x600
[  880.264269][T10411]  should_failslab+0xa8/0x100
[  880.264296][T10411]  __kmalloc_noprof+0xdf/0x7b0
[  880.264317][T10411]  ? kfree+0x4d/0x6c0
[  880.264335][T10411]  ? tomoyo_path_number_perm+0x219/0x630
[  880.264353][T10411]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  880.264381][T10411]  tomoyo_realpath_from_path+0xe3/0x5d0
[  880.264407][T10411]  ? __srcu_check_read_flavor+0x60/0x250
[  880.264438][T10411]  ? tomoyo_path_number_perm+0x219/0x630
[  880.264457][T10411]  tomoyo_path_number_perm+0x246/0x630
[  880.264479][T10411]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  880.264503][T10411]  ? __pfx___schedule+0x10/0x10
[  880.264553][T10411]  ? tomoyo_file_ioctl+0x11/0x30
[  880.264580][T10411]  ? tomoyo_path_number_perm+0x5/0x630
[  880.264600][T10411]  security_file_ioctl+0xc3/0x2a0
[  880.264621][T10411]  __se_sys_ioctl+0x47/0x170
[  880.264637][T10411]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.264655][T10411]  do_syscall_64+0x174/0x580
[  880.264672][T10411]  ? clear_bhb_loop+0x40/0x90
[  880.264692][T10411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.264709][T10411] RIP: 0033:0x7fc7860dce59
[  880.264724][T10411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  880.264738][T10411] RSP: 002b:00007fc784315028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  880.264755][T10411] RAX: ffffffffffffffda RBX: 00007fc786356090 RCX: 00007fc7860dce59
[  880.264767][T10411] RDX: 00002000000013c0 RSI: 0000000000004b72 RDI: 0000000000000003
[  880.264777][T10411] RBP: 00007fc784315090 R08: 0000000000000000 R09: 0000000000000000
[  880.264786][T10411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  880.264796][T10411] R13: 00007fc786356128 R14: 00007fc786356090 R15: 00007ffdcd110028
[  880.264821][T10411]  </TASK>
[  880.264872][T10411] ERROR: Out of memory at tomoyo_realpath_from_path.
[  881.638239][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  881.638376][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  882.880336][   T13] hsr_slave_0: left promiscuous mode
[  882.921229][   T13] hsr_slave_1: left promiscuous mode
[  882.923305][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  882.983263][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  883.179893][   T13] hsr_slave_0: left promiscuous mode
[  883.221810][   T13] hsr_slave_1: left promiscuous mode
[  883.223106][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  883.261377][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  885.279983][T10449] FAULT_INJECTION: forcing a failure.
[  885.279983][T10449] name failslab, interval 1, probability 0, space 0, times 0
[  885.280076][T10449] CPU: 0 UID: 0 PID: 10449 Comm: syz.1.989 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  885.280110][T10449] Tainted: [L]=SOFTLOCKUP
[  885.280118][T10449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  885.280132][T10449] Call Trace:
[  885.280140][T10449]  <TASK>
[  885.280149][T10449]  dump_stack_lvl+0xe8/0x150
[  885.280182][T10449]  should_fail_ex+0x46b/0x600
[  885.280214][T10449]  should_failslab+0xa8/0x100
[  885.280245][T10449]  __kmalloc_cache_noprof+0x84/0x690
[  885.280274][T10449]  ? tcp_fastopen_reset_cipher+0x5e/0x3a0
[  885.280301][T10449]  tcp_fastopen_reset_cipher+0x5e/0x3a0
[  885.280335][T10449]  do_tcp_setsockopt+0x59e/0x2060
[  885.280365][T10449]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  885.280394][T10449]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  885.280425][T10449]  ? __pfx_tcp_setsockopt+0x10/0x10
[  885.280452][T10449]  ? tcp_setsockopt+0x3d/0xe0
[  885.280477][T10449]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  885.280505][T10449]  smc_setsockopt+0x224/0xad0
[  885.280546][T10449]  ? __pfx_smc_setsockopt+0x10/0x10
[  885.280592][T10449]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  885.280621][T10449]  ? __pfx_smc_setsockopt+0x10/0x10
[  885.280655][T10449]  do_sock_setsockopt+0x17c/0x1b0
[  885.280681][T10449]  __x64_sys_setsockopt+0x143/0x1b0
[  885.280705][T10449]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.280729][T10449]  do_syscall_64+0x174/0x580
[  885.280752][T10449]  ? clear_bhb_loop+0x40/0x90
[  885.280780][T10449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.280802][T10449] RIP: 0033:0x7f038a4ece59
[  885.280823][T10449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  885.280851][T10449] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  885.280874][T10449] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  885.280895][T10449] RDX: 0000000000000021 RSI: 0000000000000006 RDI: 0000000000000006
[  885.280912][T10449] RBP: 00007f0388725090 R08: 0000000000000020 R09: 0000000000000000
[  885.280927][T10449] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  885.280946][T10449] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  885.280981][T10449]  </TASK>
[  886.191980][   T13] team0 (unregistering): Port device team_slave_1 removed
[  886.251026][   T13] team0 (unregistering): Port device team_slave_0 removed
[  886.880699][   T13] team0 (unregistering): Port device team_slave_1 removed
[  886.930505][   T13] team0 (unregistering): Port device team_slave_0 removed
[  887.394602][T10424] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  887.397137][ T5623] team_slave_0: entered promiscuous mode
[  887.397200][ T5623] team_slave_1: entered promiscuous mode
[  887.587003][ T5625] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  887.638644][ T5625] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  887.649229][ T5625] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  887.674175][ T5625] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  887.678354][ T5625] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  890.173728][ T5618] Bluetooth: hci4: command tx timeout
[  892.208215][ T5618] Bluetooth: hci4: command tx timeout
[  892.962609][T10524] FAULT_INJECTION: forcing a failure.
[  892.962609][T10524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  892.962742][T10524] CPU: 0 UID: 0 PID: 10524 Comm: syz.1.1010 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  892.962775][T10524] Tainted: [L]=SOFTLOCKUP
[  892.962790][T10524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  892.962800][T10524] Call Trace:
[  892.962806][T10524]  <TASK>
[  892.962813][T10524]  dump_stack_lvl+0xe8/0x150
[  892.962839][T10524]  should_fail_ex+0x46b/0x600
[  892.962864][T10524]  _copy_from_iter+0x1d3/0x1670
[  892.962895][T10524]  ? __pfx__copy_from_iter+0x10/0x10
[  892.962923][T10524]  ? skb_put+0x11b/0x210
[  892.962950][T10524]  hci_sock_sendmsg+0x426/0xf40
[  892.962975][T10524]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  892.962999][T10524]  ? aa_sock_msg_perm+0x122/0x200
[  892.963021][T10524]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  892.963040][T10524]  sock_sendmsg_nosec+0x13a/0x180
[  892.963063][T10524]  sock_write_iter+0x308/0x410
[  892.963084][T10524]  ? __pfx_sock_write_iter+0x10/0x10
[  892.963110][T10524]  ? __pfx_sock_write_iter+0x10/0x10
[  892.963135][T10524]  vfs_write+0x629/0xba0
[  892.963168][T10524]  ? __pfx_vfs_write+0x10/0x10
[  892.963199][T10524]  ? __fget_files+0x2a/0x420
[  892.963226][T10524]  ksys_write+0x156/0x270
[  892.963251][T10524]  ? __pfx_ksys_write+0x10/0x10
[  892.963273][T10524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  892.963295][T10524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  892.963311][T10524]  do_syscall_64+0x174/0x580
[  892.963328][T10524]  ? clear_bhb_loop+0x40/0x90
[  892.963347][T10524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  892.963363][T10524] RIP: 0033:0x7f038a4ece59
[  892.963378][T10524] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  892.963393][T10524] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  892.963410][T10524] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  892.963422][T10524] RDX: 0000000000000008 RSI: 0000200000000580 RDI: 0000000000000005
[  892.963433][T10524] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  892.963443][T10524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  892.963452][T10524] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  892.963477][T10524]  </TASK>
[  894.280068][ T5618] Bluetooth: hci4: command tx timeout
[  894.536786][ T5272] 8021q: adding VLAN 0 to HW filter on device eth10
[  895.523675][T10539] FAULT_INJECTION: forcing a failure.
[  895.523675][T10539] name failslab, interval 1, probability 0, space 0, times 0
[  895.523717][T10539] CPU: 0 UID: 0 PID: 10539 Comm: syz.0.1014 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  895.523749][T10539] Tainted: [L]=SOFTLOCKUP
[  895.523757][T10539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  895.523770][T10539] Call Trace:
[  895.523779][T10539]  <TASK>
[  895.523789][T10539]  dump_stack_lvl+0xe8/0x150
[  895.523831][T10539]  should_fail_ex+0x46b/0x600
[  895.523866][T10539]  should_failslab+0xa8/0x100
[  895.523900][T10539]  kmem_cache_alloc_noprof+0x87/0x680
[  895.523931][T10539]  ? skb_clone+0x212/0x3a0
[  895.523960][T10539]  skb_clone+0x212/0x3a0
[  895.523989][T10539]  __netlink_deliver_tap+0x424/0x8b0
[  895.524027][T10539]  ? netlink_deliver_tap+0x2e/0x1b0
[  895.524054][T10539]  netlink_deliver_tap+0x19c/0x1b0
[  895.524080][T10539]  netlink_unicast+0x754/0x920
[  895.524125][T10539]  netlink_sendmsg+0x813/0xb40
[  895.524160][T10539]  ? __pfx_netlink_sendmsg+0x10/0x10
[  895.524188][T10539]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  895.524232][T10539]  ? aa_sock_msg_perm+0x122/0x200
[  895.524264][T10539]  ? __pfx_netlink_sendmsg+0x10/0x10
[  895.524288][T10539]  sock_sendmsg_nosec+0x13a/0x180
[  895.524320][T10539]  ____sys_sendmsg+0x55c/0x870
[  895.524351][T10539]  ? __pfx_____sys_sendmsg+0x10/0x10
[  895.524385][T10539]  ? import_iovec+0x73/0xa0
[  895.524425][T10539]  ___sys_sendmsg+0x2a5/0x360
[  895.524448][T10539]  ? __lock_acquire+0x6b5/0x2d10
[  895.524484][T10539]  ? __pfx____sys_sendmsg+0x10/0x10
[  895.524549][T10539]  ? __fget_files+0x2a/0x420
[  895.524578][T10539]  ? __fget_files+0x3a6/0x420
[  895.524621][T10539]  __x64_sys_sendmsg+0x1c3/0x2a0
[  895.524650][T10539]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  895.524686][T10539]  ? __pfx_ksys_write+0x10/0x10
[  895.524730][T10539]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  895.524755][T10539]  do_syscall_64+0x174/0x580
[  895.524777][T10539]  ? trace_irq_disable+0x3b/0x140
[  895.524815][T10539]  ? clear_bhb_loop+0x40/0x90
[  895.524843][T10539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  895.524866][T10539] RIP: 0033:0x7fc7860dce59
[  895.524887][T10539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  895.524905][T10539] RSP: 002b:00007fc784336028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  895.524929][T10539] RAX: ffffffffffffffda RBX: 00007fc786355fa0 RCX: 00007fc7860dce59
[  895.524945][T10539] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000006
[  895.524959][T10539] RBP: 00007fc784336090 R08: 0000000000000000 R09: 0000000000000000
[  895.524973][T10539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  895.524985][T10539] R13: 00007fc786356038 R14: 00007fc786355fa0 R15: 00007ffdcd110028
[  895.525020][T10539]  </TASK>
[  896.540408][ T5618] Bluetooth: hci4: command tx timeout
[  899.888248][T10594] FAULT_INJECTION: forcing a failure.
[  899.888248][T10594] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  899.888368][T10594] CPU: 0 UID: 0 PID: 10594 Comm: syz.1.1027 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  899.888411][T10594] Tainted: [L]=SOFTLOCKUP
[  899.888417][T10594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  899.888428][T10594] Call Trace:
[  899.888434][T10594]  <TASK>
[  899.888441][T10594]  dump_stack_lvl+0xe8/0x150
[  899.888468][T10594]  should_fail_ex+0x46b/0x600
[  899.888493][T10594]  prepare_alloc_pages+0x22a/0x6b0
[  899.888525][T10594]  __alloc_frozen_pages_noprof+0x12f/0x380
[  899.888553][T10594]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  899.888582][T10594]  ? __pfx_policy_nodemask+0x10/0x10
[  899.888616][T10594]  alloc_pages_mpol+0xd1/0x380
[  899.888644][T10594]  ___kmalloc_large_node+0x4e/0x120
[  899.888669][T10594]  __kmalloc_large_noprof+0x1a/0x90
[  899.888693][T10594]  vhost_dev_set_owner+0x1c7/0xaf0
[  899.888723][T10594]  vhost_net_ioctl+0x8f9/0x17d0
[  899.888748][T10594]  ? irqentry_exit+0x218/0x8b0
[  899.888765][T10594]  ? __pfx_vhost_net_ioctl+0x10/0x10
[  899.888788][T10594]  ? irqentry_exit+0x218/0x8b0
[  899.888815][T10594]  ? __se_sys_ioctl+0x52/0x170
[  899.888833][T10594]  ? __pfx_vhost_net_ioctl+0x10/0x10
[  899.888852][T10594]  __se_sys_ioctl+0xff/0x170
[  899.888868][T10594]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.888886][T10594]  do_syscall_64+0x174/0x580
[  899.888905][T10594]  ? clear_bhb_loop+0x40/0x90
[  899.888925][T10594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.888941][T10594] RIP: 0033:0x7f038a4ece59
[  899.888957][T10594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  899.888970][T10594] RSP: 002b:00007f0388725028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  899.888988][T10594] RAX: ffffffffffffffda RBX: 00007f038a766090 RCX: 00007f038a4ece59
[  899.889000][T10594] RDX: 0000000000000000 RSI: 000040000000af01 RDI: 0000000000000003
[  899.889010][T10594] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  899.889020][T10594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  899.889030][T10594] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  899.889054][T10594]  </TASK>
[  902.151271][T10607] FAULT_INJECTION: forcing a failure.
[  902.151271][T10607] name failslab, interval 1, probability 0, space 0, times 0
[  902.151311][T10607] CPU: 1 UID: 0 PID: 10607 Comm: syz.1.1032 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  902.151370][T10607] Tainted: [L]=SOFTLOCKUP
[  902.151379][T10607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  902.151392][T10607] Call Trace:
[  902.151401][T10607]  <TASK>
[  902.151411][T10607]  dump_stack_lvl+0xe8/0x150
[  902.151447][T10607]  should_fail_ex+0x46b/0x600
[  902.151482][T10607]  should_failslab+0xa8/0x100
[  902.151517][T10607]  __kvmalloc_node_noprof+0x170/0x8e0
[  902.151551][T10607]  ? __v4l2_ctrl_modify_dimensions+0x440/0xb40
[  902.151595][T10607]  __v4l2_ctrl_modify_dimensions+0x440/0xb40
[  902.151633][T10607]  ? vivid_update_format_cap+0xf6e/0x1ab0
[  902.151667][T10607]  vivid_update_format_cap+0xf7e/0x1ab0
[  902.151710][T10607]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  902.151741][T10607]  ? vivid_get_format+0x2ad/0x2e0
[  902.151773][T10607]  vivid_s_fmt_vid_cap+0x28a5/0x5990
[  902.151812][T10607]  ? __lock_acquire+0x6b5/0x2d10
[  902.151853][T10607]  ? __asan_memset+0x22/0x50
[  902.151886][T10607]  fmt_sp2mp_func+0x10c/0x470
[  902.151911][T10607]  ? __pfx_vivid_s_fmt_vid_cap+0x10/0x10
[  902.151939][T10607]  ? __pfx_fmt_sp2mp_func+0x10/0x10
[  902.151990][T10607]  ? v4l_sanitize_format+0x5d6/0x9f0
[  902.152023][T10607]  ? vidioc_s_fmt_vid_cap+0x8c/0xc0
[  902.152054][T10607]  v4l_s_fmt+0x631/0xbd0
[  902.152093][T10607]  __video_do_ioctl+0xade/0xca0
[  902.152136][T10607]  ? __pfx___video_do_ioctl+0x10/0x10
[  902.152183][T10607]  video_usercopy+0x876/0x1450
[  902.152224][T10607]  ? __pfx___video_do_ioctl+0x10/0x10
[  902.152259][T10607]  ? __pfx_video_usercopy+0x10/0x10
[  902.152304][T10607]  ? __fget_files+0x2a/0x420
[  902.152344][T10607]  ? __fget_files+0x2a/0x420
[  902.152374][T10607]  ? __fget_files+0x3a6/0x420
[  902.152408][T10607]  v4l2_ioctl+0x190/0x1e0
[  902.152440][T10607]  ? __pfx_v4l2_ioctl+0x10/0x10
[  902.152470][T10607]  __se_sys_ioctl+0xff/0x170
[  902.152492][T10607]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.152517][T10607]  do_syscall_64+0x174/0x580
[  902.152538][T10607]  ? trace_irq_disable+0x3b/0x140
[  902.152566][T10607]  ? clear_bhb_loop+0x40/0x90
[  902.152594][T10607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.152616][T10607] RIP: 0033:0x7f038a4ece59
[  902.152637][T10607] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  902.152658][T10607] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  902.152682][T10607] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  902.152698][T10607] RDX: 0000200000000400 RSI: 00000000c0d05605 RDI: 0000000000000003
[  902.152719][T10607] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  902.152733][T10607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  902.152747][T10607] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  902.152784][T10607]  </TASK>
[  902.181201][T10608] syz.0.1031 uses obsolete (PF_INET,SOCK_PACKET)
[  903.250525][T10462] bridge0: port 1(bridge_slave_0) entered blocking state
[  903.250869][T10462] bridge0: port 1(bridge_slave_0) entered disabled state
[  903.251195][T10462] bridge_slave_0: entered allmulticast mode
[  903.254608][T10462] bridge_slave_0: entered promiscuous mode
[  903.291423][T10462] bridge0: port 2(bridge_slave_1) entered blocking state
[  903.293044][T10462] bridge0: port 2(bridge_slave_1) entered disabled state
[  903.293331][T10462] bridge_slave_1: entered allmulticast mode
[  903.297597][T10462] bridge_slave_1: entered promiscuous mode
[  906.948979][T10462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  907.421405][ T5625] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  907.456289][T10462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  907.468820][ T5625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  907.500505][ T5625] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  907.523965][ T5625] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  907.544262][ T5625] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  908.124656][T10462] team0: Port device team_slave_0 added
[  908.145472][T10462] team0: Port device team_slave_1 added
[  908.330902][T10462] batman_adv: batadv0: Adding interface: batadv_slave_0
[  908.330922][T10462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  908.330954][T10462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  908.336855][T10462] batman_adv: batadv0: Adding interface: batadv_slave_1
[  908.336874][T10462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  908.336905][T10462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  908.742706][ T9927] netdevsim netdevsim7: probe with driver netdevsim failed with error -12
[  908.845595][T10462] hsr_slave_0: entered promiscuous mode
[  908.847942][T10462] hsr_slave_1: entered promiscuous mode
[  908.890725][T10462] debugfs: 'hsr0' already exists in 'hsr'
[  908.890758][T10462] Cannot create hsr debugfs directory
[  909.138916][ T5625] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  909.206966][ T5625] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  909.218097][ T5625] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  909.233672][ T5625] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  909.256563][ T5625] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  909.739726][ T5625] Bluetooth: hci0: command tx timeout
[  911.320886][ T5618] Bluetooth: hci6: command tx timeout
[  911.564089][T10721] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  911.799704][ T5618] Bluetooth: hci0: command tx timeout
[  912.250860][ T5623] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  912.414941][ T5623] usb 1-1: unable to read config index 0 descriptor/start: -71
[  912.414986][ T5623] usb 1-1: can't read configurations, error -71
[  912.685526][T10762] FAULT_INJECTION: forcing a failure.
[  912.685526][T10762] name failslab, interval 1, probability 0, space 0, times 0
[  912.685569][T10762] CPU: 1 UID: 0 PID: 10762 Comm: syz.1.1065 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  912.685609][T10762] Tainted: [L]=SOFTLOCKUP
[  912.685617][T10762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  912.685631][T10762] Call Trace:
[  912.685640][T10762]  <TASK>
[  912.685650][T10762]  dump_stack_lvl+0xe8/0x150
[  912.685684][T10762]  should_fail_ex+0x46b/0x600
[  912.685718][T10762]  should_failslab+0xa8/0x100
[  912.685758][T10762]  __kmalloc_cache_noprof+0x84/0x690
[  912.685790][T10762]  ? rtnl_newlink+0x136/0x1bb0
[  912.685827][T10762]  rtnl_newlink+0x136/0x1bb0
[  912.685876][T10762]  ? __pfx_rtnl_newlink+0x10/0x10
[  912.685910][T10762]  ? __lock_acquire+0x6b5/0x2d10
[  912.685948][T10762]  ? __lock_acquire+0x6b5/0x2d10
[  912.685985][T10762]  ? __lock_acquire+0x6b5/0x2d10
[  912.686014][T10762]  ? sock_sendmsg_nosec+0x13a/0x180
[  912.686045][T10762]  ? pointer+0x6fd/0x11f0
[  912.686083][T10762]  ? __pfx_pointer+0x10/0x10
[  912.686137][T10762]  ? vsnprintf+0xe42/0xef0
[  912.686180][T10762]  ? __lock_acquire+0x6b5/0x2d10
[  912.686212][T10762]  ? sock_sendmsg_nosec+0x13a/0x180
[  912.686242][T10762]  ? __pfx_snprintf+0x10/0x10
[  912.686275][T10762]  ? unwind_get_return_address+0x4d/0x90
[  912.686309][T10762]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  912.686348][T10762]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  912.686400][T10762]  ? __pfx_rtnl_newlink+0x10/0x10
[  912.686434][T10762]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  912.686472][T10762]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  912.686506][T10762]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  912.686539][T10762]  ? ref_tracker_free+0x673/0x820
[  912.686567][T10762]  ? __netlink_deliver_tap+0x636/0x8b0
[  912.686589][T10762]  ? netlink_deliver_tap+0x19c/0x1b0
[  912.686611][T10762]  ? netlink_unicast+0x754/0x920
[  912.686644][T10762]  ? netlink_sendmsg+0x813/0xb40
[  912.686666][T10762]  ? sock_sendmsg_nosec+0x13a/0x180
[  912.686693][T10762]  ? ____sys_sendmsg+0x55c/0x870
[  912.686714][T10762]  ? ___sys_sendmsg+0x2a5/0x360
[  912.686736][T10762]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  912.686765][T10762]  ? do_syscall_64+0x174/0x580
[  912.686786][T10762]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.686823][T10762]  netlink_rcv_skb+0x232/0x4b0
[  912.686847][T10762]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  912.686881][T10762]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  912.686916][T10762]  ? netlink_deliver_tap+0x2e/0x1b0
[  912.686938][T10762]  ? netlink_deliver_tap+0x2e/0x1b0
[  912.686968][T10762]  netlink_unicast+0x780/0x920
[  912.687014][T10762]  netlink_sendmsg+0x813/0xb40
[  912.687049][T10762]  ? __pfx_netlink_sendmsg+0x10/0x10
[  912.687075][T10762]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  912.687125][T10762]  ? aa_sock_msg_perm+0x122/0x200
[  912.687156][T10762]  ? __pfx_netlink_sendmsg+0x10/0x10
[  912.687179][T10762]  sock_sendmsg_nosec+0x13a/0x180
[  912.687212][T10762]  ____sys_sendmsg+0x55c/0x870
[  912.687240][T10762]  ? __pfx_____sys_sendmsg+0x10/0x10
[  912.687273][T10762]  ? import_iovec+0x73/0xa0
[  912.687312][T10762]  ___sys_sendmsg+0x2a5/0x360
[  912.687334][T10762]  ? __lock_acquire+0x6b5/0x2d10
[  912.687368][T10762]  ? __pfx____sys_sendmsg+0x10/0x10
[  912.687430][T10762]  ? __fget_files+0x2a/0x420
[  912.687459][T10762]  ? __fget_files+0x3a6/0x420
[  912.687500][T10762]  __x64_sys_sendmsg+0x1c3/0x2a0
[  912.687528][T10762]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  912.687563][T10762]  ? rcu_is_watching+0x15/0xb0
[  912.687609][T10762]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.687635][T10762]  do_syscall_64+0x174/0x580
[  912.687657][T10762]  ? trace_irq_disable+0x3b/0x140
[  912.687686][T10762]  ? clear_bhb_loop+0x40/0x90
[  912.687715][T10762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.687739][T10762] RIP: 0033:0x7f038a4ece59
[  912.687761][T10762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  912.687781][T10762] RSP: 002b:00007f0388746028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  912.687805][T10762] RAX: ffffffffffffffda RBX: 00007f038a765fa0 RCX: 00007f038a4ece59
[  912.687821][T10762] RDX: 0000000004000010 RSI: 0000200000000040 RDI: 0000000000000003
[  912.687837][T10762] RBP: 00007f0388746090 R08: 0000000000000000 R09: 0000000000000000
[  912.687852][T10762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  912.687866][T10762] R13: 00007f038a766038 R14: 00007f038a765fa0 R15: 00007ffea920f978
[  912.687902][T10762]  </TASK>
[  913.340354][   T13] bridge_slave_1: left allmulticast mode
[  913.340394][   T13] bridge_slave_1: left promiscuous mode
[  913.340688][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  913.400565][ T5618] Bluetooth: hci6: command tx timeout
[  913.542706][   T13] bridge_slave_0: left allmulticast mode
[  913.542746][   T13] bridge_slave_0: left promiscuous mode
[  913.543061][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  914.110424][T10780] FAULT_INJECTION: forcing a failure.
[  914.110424][T10780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  914.110489][T10780] CPU: 0 UID: 0 PID: 10780 Comm: syz.1.1070 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  914.110521][T10780] Tainted: [L]=SOFTLOCKUP
[  914.110530][T10780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  914.110542][T10780] Call Trace:
[  914.110551][T10780]  <TASK>
[  914.110568][T10780]  dump_stack_lvl+0xe8/0x150
[  914.110602][T10780]  should_fail_ex+0x46b/0x600
[  914.110627][T10780]  _copy_to_user+0x31/0xb0
[  914.110654][T10780]  simple_read_from_buffer+0xe1/0x170
[  914.110681][T10780]  proc_fail_nth_read+0x1be/0x230
[  914.110705][T10780]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  914.110731][T10780]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  914.110753][T10780]  vfs_read+0x212/0xa80
[  914.110784][T10780]  ? __pfx_vfs_read+0x10/0x10
[  914.110810][T10780]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  914.110838][T10780]  ? lockdep_hardirqs_on+0x7a/0x110
[  914.110853][T10780]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  914.110878][T10780]  ? mutex_lock_nested+0x152/0x1d0
[  914.110898][T10780]  ? fdget_pos+0x252/0x320
[  914.110926][T10780]  ksys_read+0x156/0x270
[  914.110952][T10780]  ? __pfx_ksys_read+0x10/0x10
[  914.110974][T10780]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  914.110997][T10780]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  914.111014][T10780]  do_syscall_64+0x174/0x580
[  914.111031][T10780]  ? clear_bhb_loop+0x40/0x90
[  914.111051][T10780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  914.111067][T10780] RIP: 0033:0x7f038a4ad68e
[  914.111083][T10780] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  914.111097][T10780] RSP: 002b:00007f0388724fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  914.111114][T10780] RAX: ffffffffffffffda RBX: 00007f03887256c0 RCX: 00007f038a4ad68e
[  914.111126][T10780] RDX: 000000000000000f RSI: 00007f03887250a0 RDI: 0000000000000005
[  914.111135][T10780] RBP: 00007f0388725090 R08: 0000000000000000 R09: 0000000000000000
[  914.111145][T10780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  914.111154][T10780] R13: 00007f038a766128 R14: 00007f038a766090 R15: 00007ffea920f978
[  914.111179][T10780]  </TASK>
[  915.272964][ T5625] Bluetooth: hci0: command tx timeout
[  917.418418][ T5625] Bluetooth: hci0: command tx timeout
[  917.418577][ T5618] Bluetooth: hci6: command tx timeout
[  919.238042][T10807] FAULT_INJECTION: forcing a failure.
[  919.238042][T10807] name failslab, interval 1, probability 0, space 0, times 0
[  919.238081][T10807] CPU: 1 UID: 0 PID: 10807 Comm: syz.1.1074 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  919.238109][T10807] Tainted: [L]=SOFTLOCKUP
[  919.238115][T10807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  919.238126][T10807] Call Trace:
[  919.238134][T10807]  <TASK>
[  919.238141][T10807]  dump_stack_lvl+0xe8/0x150
[  919.238170][T10807]  should_fail_ex+0x46b/0x600
[  919.238197][T10807]  should_failslab+0xa8/0x100
[  919.238226][T10807]  kmem_cache_alloc_noprof+0x87/0x680
[  919.238250][T10807]  ? vm_area_alloc+0x24/0x140
[  919.238281][T10807]  vm_area_alloc+0x24/0x140
[  919.238315][T10807]  mmap_region+0x1262/0x2220
[  919.238346][T10807]  ? is_bpf_text_address+0x26/0x2b0
[  919.238375][T10807]  ? __pfx_mmap_region+0x10/0x10
[  919.238394][T10807]  ? is_bpf_text_address+0x292/0x2b0
[  919.238419][T10807]  ? is_bpf_text_address+0x26/0x2b0
[  919.238445][T10807]  ? mas_ascend+0x304/0x890
[  919.238475][T10807]  ? mas_prev_node+0xbe8/0xe50
[  919.238545][T10807]  ? kernel_text_address+0xa5/0xe0
[  919.238581][T10807]  ? __lock_acquire+0x6b5/0x2d10
[  919.238619][T10807]  ? cap_mmap_addr+0xaf/0x100
[  919.238639][T10807]  ? bpf_lsm_mmap_addr+0x9/0x50
[  919.238655][T10807]  ? security_mmap_addr+0x71/0x240
[  919.238681][T10807]  do_mmap+0xc2f/0x10c0
[  919.238708][T10807]  ? lockdep_hardirqs_on+0x7a/0x110
[  919.238725][T10807]  ? __pfx_do_mmap+0x10/0x10
[  919.238744][T10807]  ? rwbase_write_lock+0x568/0x730
[  919.238774][T10807]  vm_mmap_pgoff+0x2cc/0x4f0
[  919.238802][T10807]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  919.238824][T10807]  ? kfree+0x1c5/0x6c0
[  919.238843][T10807]  ? fd_install+0x97/0x3e0
[  919.238863][T10807]  ? __se_sys_memfd_create+0x2ec/0x420
[  919.238902][T10807]  ? __x64_sys_mmap+0x7f/0x140
[  919.238926][T10807]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.238946][T10807]  do_syscall_64+0x174/0x580
[  919.238963][T10807]  ? trace_irq_disable+0x3b/0x140
[  919.238986][T10807]  ? clear_bhb_loop+0x40/0x90
[  919.239007][T10807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.239025][T10807] RIP: 0033:0x7f038a4ecbc2
[  919.239042][T10807] Code: 4f 01 00 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 89 cd 53 48 89 fb 48 85 ff 74 3b 41 89 ea 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 6e 5b 5d c3 0f 1f 00 48 c7 c0 e8 ff ff ff 64
[  919.239058][T10807] RSP: 002b:00007f0388745df8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  919.239078][T10807] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f038a4ecbc2
[  919.239091][T10807] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  919.239102][T10807] RBP: 0000000000000022 R08: 00000000ffffffff R09: 0000000000000000
[  919.239113][T10807] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  919.239123][T10807] R13: 00007f0388745ee0 R14: 00007f0388745ea0 R15: 00002000000003c0
[  919.239150][T10807]  </TASK>
[  919.482711][ T5618] Bluetooth: hci6: command tx timeout
[  919.593308][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  919.608347][T10810] FAULT_INJECTION: forcing a failure.
[  919.608347][T10810] name failslab, interval 1, probability 0, space 0, times 0
[  919.608472][T10810] CPU: 0 UID: 0 PID: 10810 Comm: syz.1.1076 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  919.608547][T10810] Tainted: [L]=SOFTLOCKUP
[  919.608567][T10810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  919.608599][T10810] Call Trace:
[  919.608629][T10810]  <TASK>
[  919.608651][T10810]  dump_stack_lvl+0xe8/0x150
[  919.608746][T10810]  should_fail_ex+0x46b/0x600
[  919.608832][T10810]  should_failslab+0xa8/0x100
[  919.608931][T10810]  kmem_cache_alloc_noprof+0x87/0x680
[  919.609013][T10810]  ? vm_area_alloc+0x24/0x140
[  919.609117][T10810]  vm_area_alloc+0x24/0x140
[  919.609204][T10810]  mmap_region+0x1262/0x2220
[  919.609308][T10810]  ? is_bpf_text_address+0x26/0x2b0
[  919.609413][T10810]  ? __pfx_mmap_region+0x10/0x10
[  919.609477][T10810]  ? is_bpf_text_address+0x292/0x2b0
[  919.609507][T10810]  ? is_bpf_text_address+0x26/0x2b0
[  919.609540][T10810]  ? mas_ascend+0x304/0x890
[  919.609576][T10810]  ? mas_prev_node+0xbe8/0xe50
[  919.609685][T10810]  ? kernel_text_address+0xa5/0xe0
[  919.609732][T10810]  ? __lock_acquire+0x6b5/0x2d10
[  919.609782][T10810]  ? cap_mmap_addr+0xaf/0x100
[  919.609806][T10810]  ? bpf_lsm_mmap_addr+0x9/0x50
[  919.609827][T10810]  ? security_mmap_addr+0x71/0x240
[  919.609860][T10810]  do_mmap+0xc2f/0x10c0
[  919.609894][T10810]  ? lockdep_hardirqs_on+0x7a/0x110
[  919.609918][T10810]  ? __pfx_do_mmap+0x10/0x10
[  919.609944][T10810]  ? rwbase_write_lock+0x568/0x730
[  919.609983][T10810]  vm_mmap_pgoff+0x2cc/0x4f0
[  919.610019][T10810]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  919.610050][T10810]  ? kfree+0x1c5/0x6c0
[  919.610075][T10810]  ? fd_install+0x97/0x3e0
[  919.610101][T10810]  ? __se_sys_memfd_create+0x2ec/0x420
[  919.610135][T10810]  ? __x64_sys_mmap+0x7f/0x140
[  919.610165][T10810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.610190][T10810]  do_syscall_64+0x174/0x580
[  919.610211][T10810]  ? trace_irq_disable+0x3b/0x140
[  919.610239][T10810]  ? clear_bhb_loop+0x40/0x90
[  919.610266][T10810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.610287][T10810] RIP: 0033:0x7f038a4ecbc2
[  919.610307][T10810] Code: 4f 01 00 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 89 cd 53 48 89 fb 48 85 ff 74 3b 41 89 ea 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 6e 5b 5d c3 0f 1f 00 48 c7 c0 e8 ff ff ff 64
[  919.610327][T10810] RSP: 002b:00007f0388745df8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  919.610351][T10810] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f038a4ecbc2
[  919.610367][T10810] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  919.610381][T10810] RBP: 0000000000000022 R08: 00000000ffffffff R09: 0000000000000000
[  919.610402][T10810] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  919.610416][T10810] R13: 00007f0388745ee0 R14: 00007f0388745ea0 R15: 0000200000000500
[  919.610453][T10810]  </TASK>
[  919.738792][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  920.011699][   T13] bond0 (unregistering): Released all slaves
[  920.146203][T10822] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1080'.
[  920.221120][ T5743] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  920.431040][ T5743] usb 1-1: Using ep0 maxpacket: 32
[  920.434537][ T5743] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  920.434621][ T5743] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  920.434678][ T5743] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  920.434741][ T5743] usb 1-1: config 1 has no interface number 0
[  920.434917][ T5743] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  920.435001][ T5743] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  920.435118][ T5743] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  920.435202][ T5743] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.525313][ T5743] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  920.773702][ T5743] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[  921.011055][   T37] usb 1-1: USB disconnect, device number 14
[  921.013939][   T37] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  921.510695][   T37] BUG: kernel NULL pointer dereference, address: 0000000000000010
[  921.510716][   T37] #PF: supervisor read access in kernel mode
[  921.510728][   T37] #PF: error_code(0x0000) - not-present page
[  921.510740][   T37] PGD 800000003d216067 P4D 800000003d216067 PUD 0 
[  921.510789][   T37] Oops: Oops: 0000 [#1] SMP KASAN PTI
[  921.510814][   T37] CPU: 1 UID: 0 PID: 37 Comm: kworker/1:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  921.510844][   T37] Tainted: [L]=SOFTLOCKUP
[  921.510853][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  921.510868][   T37] Workqueue: usb_hub_wq hub_event
[  921.510895][   T37] RIP: 0010:kcov_remote_start+0x2a1/0x710
[  921.510922][   T37] Code: 8f 8d 4c 8b b8 c8 c2 75 92 bd 00 00 04 00 eb 4f 41 8b ae a4 00 00 00 49 c7 c7 e0 8c 02 8e 4d 8b 3f 49 81 ff e0 8c 02 8e 74 4c <41> 39 6f 10 75 ee 4c 89 ff e8 91 8b f4 02 84 c0 74 0e 49 8b 07 49
[  921.510943][   T37] RSP: 0018:ffffc90000ae7828 EFLAGS: 00010203
[  921.510961][   T37] RAX: 0000000000000000 RBX: ffff88801e2c9f00 RCX: 0000000000000000
[  921.510977][   T37] RDX: 00000000aa10f700 RSI: 0000000000000001 RDI: ffffffff8baa2920
[  921.510992][   T37] RBP: 0000000000100000 R08: ffffffff8b325a20 R09: ffffffff8dfcac60
[  921.511007][   T37] R10: dffffc0000000000 R11: fffffbfff1f1a07f R12: 0000000000000002
[  921.511023][   T37] R13: 0000000000000001 R14: ffff88802b021200 R15: 0000000000000000
[  921.511037][   T37] FS:  0000000000000000(0000) GS:ffff888125fcd000(0000) knlGS:0000000000000000
[  921.511055][   T37] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  921.511071][   T37] CR2: 0000000000000010 CR3: 000000001ea84000 CR4: 00000000003526f0
[  921.511091][   T37] Call Trace:
[  921.511099][   T37]  <TASK>
[  921.511110][   T37]  hub_event+0x150/0x4f60
[  921.511138][   T37]  ? __lock_acquire+0x6b5/0x2d10
[  921.511166][   T37]  ? look_up_lock_class+0x57/0x110
[  921.511191][   T37]  ? __lock_acquire+0x6b5/0x2d10
[  921.511239][   T37]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  921.511265][   T37]  ? __pfx_hub_event+0x10/0x10
[  921.511289][   T37]  ? process_one_work+0x8be/0x1630
[  921.511329][   T37]  ? process_one_work+0x8be/0x1630
[  921.511362][   T37]  process_one_work+0x98b/0x1630
[  921.511405][   T37]  ? __pfx_process_one_work+0x10/0x10
[  921.511438][   T37]  ? do_raw_spin_lock+0x12b/0x2f0
[  921.511468][   T37]  worker_thread+0xb49/0x1140
[  921.511501][   T37]  kthread+0x388/0x470
[  921.511543][   T37]  ? __pfx_worker_thread+0x10/0x10
[  921.511561][   T37]  ? __pfx_kthread+0x10/0x10
[  921.511588][   T37]  ret_from_fork+0x514/0xb70
[  921.511616][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  921.511645][   T37]  ? __switch_to+0xc79/0x1410
[  921.511684][   T37]  ? __pfx_kthread+0x10/0x10
[  921.511711][   T37]  ret_from_fork_asm+0x1a/0x30
[  921.511751][   T37]  </TASK>
[  921.511768][   T37] Modules linked in:
[  921.511793][   T37] CR2: 0000000000000010
[  921.511812][   T37] ---[ end trace 0000000000000000 ]---
[  921.511832][   T37] RIP: 0010:kcov_remote_start+0x2a1/0x710
[  921.511858][   T37] Code: 8f 8d 4c 8b b8 c8 c2 75 92 bd 00 00 04 00 eb 4f 41 8b ae a4 00 00 00 49 c7 c7 e0 8c 02 8e 4d 8b 3f 49 81 ff e0 8c 02 8e 74 4c <41> 39 6f 10 75 ee 4c 89 ff e8 91 8b f4 02 84 c0 74 0e 49 8b 07 49
[  921.511877][   T37] RSP: 0018:ffffc90000ae7828 EFLAGS: 00010203
[  921.511895][   T37] RAX: 0000000000000000 RBX: ffff88801e2c9f00 RCX: 0000000000000000
[  921.511909][   T37] RDX: 00000000aa10f700 RSI: 0000000000000001 RDI: ffffffff8baa2920
[  921.511924][   T37] RBP: 0000000000100000 R08: ffffffff8b325a20 R09: ffffffff8dfcac60
[  921.511940][   T37] R10: dffffc0000000000 R11: fffffbfff1f1a07f R12: 0000000000000002
[  921.511956][   T37] R13: 0000000000000001 R14: ffff88802b021200 R15: 0000000000000000
[  921.511971][   T37] FS:  0000000000000000(0000) GS:ffff888125fcd000(0000) knlGS:0000000000000000
[  921.512006][   T37] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  921.512026][   T37] CR2: 0000000000000010 CR3: 000000001ea84000 CR4: 00000000003526f0
[  921.512057][   T37] Kernel panic - not syncing: Fatal exception
[  921.512682][   T37] Kernel Offset: disabled