last executing test programs:

13m42.928702029s ago: executing program 32 (id=57):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=r0, 0x4)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x15)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$TCSETS(r1, 0x40204706, &(0x7f0000000040)={0x1, 0x0, 0x5, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"})

4m41.754347609s ago: executing program 1 (id=1689):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c0c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000180)={0x0, 0x0, 0xfffffffffffffffe, 0x80000000})
r3 = userfaultfd(0x1)
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

4m41.248057368s ago: executing program 1 (id=1692):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0)
socket$alg(0x26, 0x5, 0x0)
stat(&(0x7f000000a700)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000180), 0x3}, 0x38)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x34, 0x24, 0xd0f, 0x70bd25, 0x4, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)

4m40.557822664s ago: executing program 1 (id=1695):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}]}, 0x30}}, 0x20000000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10008000}, 0x40095)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4m39.777437992s ago: executing program 1 (id=1704):
socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x28, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000010000000400000008"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x98}, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x3e8, 0xf, 0x0, &(0x7f0000000000)="c1df07000000d30a298ee68888a887", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

4m39.066421739s ago: executing program 1 (id=1709):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)

4m38.514170601s ago: executing program 1 (id=1712):
syz_open_procfs(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
setrlimit(0xb, &(0x7f0000000280)={0x3, 0x3})
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x20000)

4m23.392780933s ago: executing program 33 (id=1712):
syz_open_procfs(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
setrlimit(0xb, &(0x7f0000000280)={0x3, 0x3})
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x20000)

3m58.653046076s ago: executing program 5 (id=1898):
kexec_load(0x3, 0x3, &(0x7f00000005c0)=[{&(0x7f0000000000)="6509534a17aa723cba21a9d63c6a556b30b910a580cb50d65e9fab1ed59a7eb00a7109e4a355bed417bce60d6a5baab4bbecc5b2faaf2eba28c331345b612f1f4cbfdfa7bcb9bd2a0fbc8d7786bb68cff61167b98ef0adfbb79545bbb2c409be3adb3b54846920f1b194db5258279e8d06b863d51c0f90cd79ecb1f5ed3c44eb6353c0b451fe3f9b118422addd3f936d8cd5562d6ce55bf378ee8c0d0fc5", 0x9e, 0x5, 0xff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f695131fe4fc01630cb7751927628d8d7ec59d998200794f89eea832f53f0f9aa4c91322544bc7f07e8cdf4598c9879e4af2de4daca6cf629d11f9c6ebdccfeca156899a", 0x78, 0x5, 0x4}, {0x0, 0x0, 0x7, 0x2}], 0x0)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}], 0x2}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002840)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x20}, 0x1c, 0x0}}], 0x1, 0x14018891)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8db43", 0xb}, {0x0}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f88b56489e54d47307371d68817c7eca00a16b", 0x93}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3m56.313718021s ago: executing program 5 (id=1912):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
close(r1)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x118)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
write$cgroup_devices(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b23000d"], 0xffdd)

3m55.647579113s ago: executing program 5 (id=1919):
fcntl$setsig(0xffffffffffffffff, 0xa, 0x29)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e1f}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ff81000000000000000000be"], 0x1c}}, 0x40000)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0400000000000000000000000000000d000000000000000000000010040000000000000000000009030000000000000061"], 0x0, 0x52}, 0x28)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, r3, 0x1, 0x3}, 0x5f)

3m54.13583072s ago: executing program 5 (id=1923):
r0 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/access2\x00', 0x2, 0x0)
write$smackfs_access(r0, 0x0, 0x0)
readv(r0, 0x0, 0x0)

3m53.581831768s ago: executing program 5 (id=1928):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x44802)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000002c0)=0x20)

3m51.262631693s ago: executing program 5 (id=1931):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd0}, 0x51)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000008c0)=ANY=[@ANYRESDEC, @ANYRES8=r2, @ANYRES32, @ANYBLOB="400001801400020070696d36726567300000", @ANYRES8, @ANYRES8=r1], 0x17c}, 0x1, 0x0, 0x0, 0x4008004}, 0x20000080)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3be", 0x6)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

3m36.455630767s ago: executing program 6 (id=2006):
kexec_load(0x3, 0x3, &(0x7f00000005c0)=[{&(0x7f0000000000)="6509534a17aa723cba21a9d63c6a556b30b910a580cb50d65e9fab1ed59a7eb00a7109e4a355bed417bce60d6a5baab4bbecc5b2faaf2eba28c331345b612f1f4cbfdfa7bcb9bd2a0fbc8d7786bb68cff61167b98ef0adfbb79545bbb2c409be3adb3b54846920f1b194db5258279e8d06b863d51c0f90cd79ecb1f5ed3c44eb6353c0b451fe3f9b118422addd3f936d8cd5562d6ce55bf378ee8c0d0fc5", 0x9e, 0x5, 0xff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f695131fe4fc01630cb7751927628d8d7ec59d998200794f89eea832f53f0f9aa4c91322544bc7f07e8cdf4598c9879e4af2de4daca6cf629d11f9c6ebdccfeca156899a", 0x78, 0x5, 0x4}, {0x0, 0x0, 0x7, 0x2}], 0x0)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002840), 0x0, 0x14018891)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8db43", 0xb}, {0x0}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f88b56489e54d47307371d68817c7eca00a16b", 0x93}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3m36.057313682s ago: executing program 34 (id=1931):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd0}, 0x51)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000008c0)=ANY=[@ANYRESDEC, @ANYRES8=r2, @ANYRES32, @ANYBLOB="400001801400020070696d36726567300000", @ANYRES8, @ANYRES8=r1], 0x17c}, 0x1, 0x0, 0x0, 0x4008004}, 0x20000080)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3be", 0x6)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

3m35.142025297s ago: executing program 6 (id=2015):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440))
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7040010000000f00000005002e000000000008000300", @ANYBLOB="05002f"], 0x2c}}, 0x18)

3m33.552412325s ago: executing program 6 (id=2020):
mmap(&(0x7f0000017000/0x1000)=nil, 0x1000, 0x0, 0x8010, 0xffffffffffffffff, 0xfe0f1000)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040), 0x20)
r0 = socket$inet6(0xa, 0x2, 0x0)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x14, 0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x61f0, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002602000000dbdf25160040"], 0x14}, 0x1, 0x0, 0x0, 0x40095}, 0x52fd794718c63698)
mmap$xdp(&(0x7f0000ad9000/0x2000)=nil, 0x2000, 0x1000000, 0x810, r2, 0x100000000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
setsockopt$inet6_buf(r2, 0x29, 0x2c, &(0x7f0000000380)="ac1a5ba4c0ee8a30bf6ff2d548e4dc1e0dce3627060afb80d6631b55724b53f943e84a3f6bbf09cb7b6bd03286be20f8b887f673346c04a318380775645773d89ff91e05fb5372f0acf6efa604a4092074a6565c1b679f594d1d693469f5c1c0a8511d277c9c653de267a2de27ce6b5681c0b13f", 0x74)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000580)=ANY=[@ANYRES64, @ANYRESOCT=r2, @ANYRESDEC=r3, @ANYRESDEC=r1], &(0x7f0000000340)='GPL\x00', 0xd, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e23, 0x3, @loopback, 0x2}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="03000000000000000000000000fc", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000680090000000002e039534367400"/34], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000002f000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x478, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3e0, 0x3c8, 0x3c8, 0x3e0, 0x3c8, 0x3, 0x0, {[{{@ip={@remote, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {0x5c00000000000000}, [@common=@unspec=@bpf1={{0x230}, @fd={0x2, 0x0, r7}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, '\x00', {0x4}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x4, [0x5, 0x1, 0x6, 0x1, 0x7, 0x2], 0x6, 0x7}, {0xffffffffffffffff, [0x4, 0x4, 0x2, 0x5, 0x8], 0x6, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4d8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r8, &(0x7f0000000080), 0x2, 0x0)

3m31.697312626s ago: executing program 6 (id=2031):
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448dd, &(0x7f0000001980))
sendmsg$qrtr(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000540)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000100), 0x120)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000011000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40880000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200000000000000000006e6e6c696d69740000000c000280080001400000000014000180090001006c617374000000000400028008000340000001"], 0xe4}, 0x1, 0x0, 0x0, 0x880}, 0x40800)

3m28.658888939s ago: executing program 6 (id=2035):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x44802)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000002c0)=0x20)

3m25.73796704s ago: executing program 6 (id=2041):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010028bd7040010000000f00000005002e000000000008000300", @ANYRES32=r4, @ANYBLOB="05002f"], 0x2c}}, 0x18)

3m10.532230255s ago: executing program 35 (id=2041):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010028bd7040010000000f00000005002e000000000008000300", @ANYRES32=r4, @ANYBLOB="05002f"], 0x2c}}, 0x18)

3m9.315785514s ago: executing program 3 (id=2107):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x4000000)

3m8.872712834s ago: executing program 3 (id=2110):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c0001"], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

3m8.229956749s ago: executing program 3 (id=2112):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10008000}, 0x40095)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m6.186516916s ago: executing program 3 (id=2118):
mmap(&(0x7f0000017000/0x1000)=nil, 0x1000, 0x0, 0x8010, 0xffffffffffffffff, 0xfe0f1000)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040), 0x20)
r0 = socket$inet6(0xa, 0x2, 0x0)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x14, 0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x61f0, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002602000000dbdf25160040"], 0x14}, 0x1, 0x0, 0x0, 0x40095}, 0x52fd794718c63698)
mmap$xdp(&(0x7f0000ad9000/0x2000)=nil, 0x2000, 0x1000000, 0x810, r2, 0x100000000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
setsockopt$inet6_buf(r2, 0x29, 0x2c, &(0x7f0000000380)="ac1a5ba4c0ee8a30bf6ff2d548e4dc1e0dce3627060afb80d6631b55724b53f943e84a3f6bbf09cb7b6bd03286be20f8b887f673346c04a318380775645773d89ff91e05fb5372f0acf6efa604a4092074a6565c1b679f594d1d693469f5c1c0a8511d277c9c653de267a2de27ce6b5681c0b13f", 0x74)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000580)=ANY=[@ANYRES64, @ANYRESOCT=r2, @ANYRESDEC=r1, @ANYRES16=r1], &(0x7f0000000340)='GPL\x00', 0xd, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e23, 0x3, @loopback, 0x2}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="03000000000000000000000000fc", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000680090000000002e039534367400"/34], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000002f000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x478, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3e0, 0x3c8, 0x3c8, 0x3e0, 0x3c8, 0x3, 0x0, {[{{@ip={@remote, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {0x5c00000000000000}, [@common=@unspec=@bpf1={{0x230}, @fd={0x2, 0x0, r7}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, '\x00', {0x4}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x4, [0x5, 0x1, 0x6, 0x1, 0x7, 0x2], 0x6, 0x7}, {0xffffffffffffffff, [0x4, 0x4, 0x2, 0x5, 0x8], 0x6, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4d8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r8, &(0x7f0000000080), 0x2, 0x0)

3m4.511621598s ago: executing program 3 (id=2125):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x44802)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x0, 0x0)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)

3m2.913503251s ago: executing program 3 (id=2128):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf250100000004"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0xac}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f00000018c0)=""/4108, 0x100c}, {&(0x7f0000001680)=""/109, 0x6d}, {&(0x7f0000001740)=""/72, 0x48}, {&(0x7f00000005c0)=""/61, 0x3d}], 0x4}, 0x7}, {{0x0, 0x0, 0x0}, 0xd3a7}], 0x4, 0x2000, 0x0)

2m47.790868682s ago: executing program 36 (id=2128):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf250100000004"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0xac}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f00000018c0)=""/4108, 0x100c}, {&(0x7f0000001680)=""/109, 0x6d}, {&(0x7f0000001740)=""/72, 0x48}, {&(0x7f00000005c0)=""/61, 0x3d}], 0x4}, 0x7}, {{0x0, 0x0, 0x0}, 0xd3a7}], 0x4, 0x2000, 0x0)

2m18.904316966s ago: executing program 8 (id=2266):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x70bd2a, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0)
ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000080)={0x5, 0x1, 0x609152b0, 0x2, 0x2e, "53ccd200"})

2m18.055808378s ago: executing program 8 (id=2270):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000bc0)="4490137c227c56ee66c372f3105eb186dd8062fad2d5b5bfb0ba068e74a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9afda48e71255a747b6d03097385fb05cf8db24609f02d34e76992c9df9fe6888c6c9a4825c6223be6ac539985bac8624c50b527c68b0ff250261953f2da79a78104c2d0000000086b124945aa9ab7581ebd385fb61210c410d799168ffc4b64677af924affd442035db81e18c2d2462d0bb25fff9d3b1ce903597992b2a4d59e5ac2d704fa2595b5d36400d0b2d119796726a223f5739e45568cfdbdb3064d01bf9cd033e5e0907b", 0xd9}], 0x1}}, {{0x0, 0x0, &(0x7f0000002580)=[{&(0x7f00000025c0)="24acadd7f04daaa04e88680351d9ce53f67fd2afefe557d4bd561f02df2570f175951d4bdd97ec433ec583c79fa668922a61c8662e0890ce06996f5ba401e582dfb5197822bee50c6cd4b3a6f9d14f1fde9b1698ad6847d4fde0458282ece396a1e212cd02e6fb62599df5ecb5984843ee04e96eb26fa2a8100a0b7b2d032fff965485ded83b39d6c9835416a8db5414a6c54101693e6b05e652b49fceaf4a0cc2b7898034ff0eb5150b3e85b9ff5658ba346d0b6b5a3a71eb084311606cf6b8ccf7c45a79b319a201e9c5ae9f0aab5c4dd7a77de7f5ae2edb307892dbfa8377446d8cabb9302b27250c66ddaeb3988933df044b6ae4570671cf861484b9124827dbe78a0388eecac9e6ad371287ca014fa658c6f1308b046b2fc0cc3d5b8ba48f3b1319d5976bb45f3c630f01c77b93f07fe2b304a98383258a37791da00145e24f619c5dd07939c39212ca7d8421dcf50ab703f86dacf4a4159a123d25a7a9ad2319a876af43da4cf86b0f6a7f261562e1b10681a71d941a5e90031452e37f4a616b85fe6b48803cbca2369565be720ef5fd1e6326234c34f6e13ba39f9460acc68e15eef508e402b29e452883c90b50b04d66ad07cb689d31426147a965dd4691519d844bfc83d830b8c5a679c41fbdcc2d16b3dcecc1f5be156f96fa2a315c68bfd1ebba95e9de0e3cdf7ad8e93b92cda3c4643ca88fcd710c1a24d0d62b54d937f2fbe7aa09ba34c71a17eefa0dba2d4752ae91850d734be15b1f2f5e36856786f5cf0afec24a46634f8d5aec6008c1ace1e404af77c8f4d37283847349ac22f6703d44fb66cec0ceb9390cf2f878d8390ecd8fbeb82a6ccd966bca4c4689a2e2a850a30dfa7c0c19ecec0c799e2880d2088ece8401306bfa4b34da709caa802c8f9d6deb5b599d262faa7de40de113c89a8e8e3a4f19ac1847387be89e27286e20dd49339021e79ddb0cf3bf72fcc25f3b7d35ca05c4473521320b1a6bee637e4f4da9692506931df8f990ed54e23000030d26f30c8ee3ace6c9d5795b7443aa0651ecb2b64549d4bd4bea0ed0f69e69291057bf7c3b92ad0a8ec4e5acf31c4ed8c372f1bd9b0bf6c51a7a29915fc2e5a24c36599612fd4527870ea6", 0x31f}], 0x1}}], 0x2, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

2m16.254795147s ago: executing program 8 (id=2277):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
process_mrelease(0xffffffffffffffff, 0x0) (fail_nth: 1)

2m11.386463614s ago: executing program 8 (id=2290):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x2c, r1, 0x1, 0x123, 0x233, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0xa6}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x72}]}, 0x2c}}, 0x0)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000000140), 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0x401, 0x80000)
ioctl$VIDIOC_QUERYMENU(r2, 0xc02c5625, &(0x7f0000000100)={0xf0f000, 0x4e, @name="0c3901800000010000000000000000d4ffd14e01a265cb6c8595d9438bf54b00"})
r3 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000280)={0x0, "c683faa6825f1a25af3b6191facc8751ba3d8a447a0f359cf181bb0d58924dd9d9b34837a9ef3a3f72c925bbd42a07f3b2f9b25d4e7c08909985c4a4734ae2bd"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r3, 0x0, 0x0, 0x1)
keyctl$dh_compute(0x17, &(0x7f00000000c0)={0x0, r3}, &(0x7f00000001c0)=""/28, 0x1c, &(0x7f00000002c0)={&(0x7f0000000240)={'blake2s-224\x00'}, &(0x7f0000000280)})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101c02, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0xb}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000ff80850000000400000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r7}, 0xc)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003580)={0x14, 0x24, 0x107, 0x70bd2e, 0x25dfdbfb, {0x2, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x34, 0x0, 0x8}]})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r10)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x2c, r11, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x7}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x9}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40810}, 0x40000080)

2m10.12935417s ago: executing program 8 (id=2295):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x44802)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x12a, 0x80004100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)

2m6.9933956s ago: executing program 8 (id=2300):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r1, 0x2, &(0x7f0000000100)={0x2}, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000080)={0x10}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
r3 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r3, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)

1m51.718645174s ago: executing program 37 (id=2300):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r1, 0x2, &(0x7f0000000100)={0x2}, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000080)={0x10}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
r3 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r3, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)

18.508830628s ago: executing program 2 (id=2586):
r0 = socket$kcm(0x29, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x5}}, './file0\x00'})
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={0xffffffffffffffff, r1})
ioctl$OCFS2_IOC_RESVSP64(r1, 0x4030582a, &(0x7f0000000080)={0x2, 0x2, 0xbd9, 0x80, 0x3, 0x3})
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), r1)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x78, r2, 0xc0c, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x38, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x12}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x11}]}]}, 0x78}, 0x1, 0x0, 0x0, 0xa60682a07042f969}, 0x4040046)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
syz_open_dev$sg(&(0x7f0000000300), 0x4, 0x109000)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), r1)
sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000000700)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000006c0)={&(0x7f00000003c0)={0x2f8, r5, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x200}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xff}]}, @TIPC_NLA_SOCK={0x88, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7632}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xc}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xe}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffff}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xf}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2b}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x40}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}]}]}, @TIPC_NLA_BEARER={0x8c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x0, @mcast1, 0x153}}, {0x14, 0x2, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x12}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x5, @private0, 0x8}}}}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER={0x17c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e22, @empty}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6f}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @local}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e24, @multicast1}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7fe00000}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x4, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0xa}, 0xfffffffe}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x523}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @loopback}}, {0x14, 0x2, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2c}}}}}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x2f8}, 0x1, 0x0, 0x0, 0x40041}, 0x80)
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f00000008c0)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000780)={0xf4, r5, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0xbc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xdb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xad67}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffff96a6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}]}]}, 0xf4}}, 0x8080)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000940), r1)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000b80)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000b40)={&(0x7f0000000980)={0x184, r6, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x4}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xa2c2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xcd}]}, @TIPC_NLA_BEARER={0xa8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'xfrm0\x00'}}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xd}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffff75}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_BEARER_PROP={0x4}]}, @TIPC_NLA_BEARER={0x60, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0xd}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_SOCK={0x30, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x184}, 0x1, 0x0, 0x0, 0xc000}, 0x1)
r7 = userfaultfd(0x0)
ioctl$XFS_IOC_GOINGDOWN(r7, 0x8004587d, &(0x7f0000000bc0)=0x8)
epoll_create(0x7d)
r8 = syz_open_dev$vcsa(&(0x7f0000000c00), 0x2, 0x2000)
ioctl$sock_SIOCGIFBR(r8, 0x8940, &(0x7f0000000c40)=@generic={0x1, 0x7fffffffffffffff, 0xd})
timer_create(0x7, &(0x7f0000000c80)={0x0, 0x16, 0x4, @tid=0xffffffffffffffff}, &(0x7f0000000cc0)=<r9=>0x0)
timer_settime(r9, 0x1, &(0x7f0000000d00)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
write$P9_RWALK(r8, &(0x7f0000000d40)={0x8b, 0x6f, 0x2, {0xa, [{0x20, 0x0, 0x1}, {0x40, 0x4, 0x3}, {0x80255c610667939e, 0x4, 0x2}, {0xf6, 0x0, 0x1}, {0x4, 0x2, 0x8}, {0x8, 0x4, 0x1}, {0x0, 0x4, 0x3}, {0x4, 0x0, 0x1}, {0x40, 0x3, 0x8}, {0x2, 0x2, 0x6}]}}, 0x8b)
r11 = socket$inet_mptcp(0x2, 0x1, 0x106)
fcntl$getownex(r10, 0x10, &(0x7f0000000e00)={0x0, <r12=>0x0})
ioctl$sock_SIOCSPGRP(r11, 0x8902, &(0x7f0000000e40)=r12)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ec0), r1)
sendmsg$NL80211_CMD_SET_WDS_PEER(r1, &(0x7f0000000fc0)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f00)={0x5c, r13, 0x20, 0x7fffffff, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x4, 0x7d}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="c632973adb84"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="cf89f1737201"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="8c4daccb0394"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4008004}, 0x2000080)
ioctl$TIOCGWINSZ(r8, 0x5413, &(0x7f0000001000))

13.623013107s ago: executing program 2 (id=2598):
socket$kcm(0x10, 0x2, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000002e00090027bd70000000ca62d5aa0000"], 0x14}, 0x1, 0x0, 0x0, 0x42804}, 0x80000)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_IMPORTANCE(r5, 0x10f, 0x89, 0x0, &(0x7f00000001c0))
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1)

12.268477734s ago: executing program 2 (id=2602):
r0 = syz_usb_connect$uac3(0x0, 0x80, &(0x7f0000000100)=ANY=[@ANYBLOB="1201010200000040b421810040000102030109026e0003017f0006080b0002012230230904000000010130000a2401100a00090000000904014cbcda4430000904010101010230000905010960"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_usb_control_io$uac3(r0, 0x0, &(0x7f00000002c0)={0x44, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac3(r0, 0x0, &(0x7f0000000840)={0x44, &(0x7f00000004c0)={0x20, 0x1, 0x5, "2fc724b562"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x4070bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x2c}}, 0x4000018)
syz_usb_control_io$uac3(r0, 0x0, &(0x7f00000007c0)={0x44, &(0x7f0000000040)={0x40}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001440)={0x84, &(0x7f0000000f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

9.566842992s ago: executing program 9 (id=2608):
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448dd, &(0x7f0000001980))
sendmsg$qrtr(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000540)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000100), 0x120)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udp(0x2, 0x2, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000011000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40880000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200000000000000000006e6e6c696d69740000000c000280080001400000000014000180090001006c617374000000000400028008000340000001"], 0xe4}, 0x1, 0x0, 0x0, 0x880}, 0x40800)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)

7.921596902s ago: executing program 7 (id=2611):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/power/sync_on_suspend', 0x202, 0x54)
write$RDMA_USER_CM_CMD_BIND_IP(r0, 0x0, 0x0)

6.659299407s ago: executing program 0 (id=2613):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)={{0x14}, [@NFT_MSG_NEWRULE={0x80, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x38, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}, @NFTA_NAT_FLAGS={0x8}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_REG_ADDR_MAX={0x8, 0x4, 0x1, 0x0, 0x15}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa8}, 0x1, 0x0, 0x0, 0x850}, 0x4040080)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x26c, r3, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x9c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x44, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x68, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x555d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x848a411}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9dbc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf19a}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d2d5b85}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe05d931}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3a1f}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc41}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x39b4fd59}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3caa962c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_TAGLST={0x1f, 0x4, 0x0, 0x1, [{0x5}, {0x5}, {0x5}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x26c}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r4)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000000)={0x40, r6, 0x1, 0xffffffff, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}]}, 0x40}}, 0x0)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000640)={'wg2\x00', <r8=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="280400001a72672972c59c9256fc450e0d619f4ee91844c880baff5fe72369267aa3a0c08879e55128043c20a60145a0667655bc663df2023f81e282d6406d4919db5bff7a1b84ad5e634be7a4e28df47651d49fa669310bbfbef5141568a34559ee612559468d4898b00310274651f0181d5fa91907d408b8967f9612437e78039e27f6fb1385e1a676aef6192f9003b9fb57cc42135fc030171ff6875771ee7633b9ea29b4ac832189f2d909eaf4fb7bc970a6f73a54b811ec8f4e8c96ded779f7648a96ccb9c0f66806003568f42593f7ec37b4987bf3e3067bf39d70864e59caca7919d1c08d00"/251, @ANYBLOB="6af4b7a784e9", @ANYRES32=0x0, @ANYRESHEX=r8, @ANYRESDEC=r0, @ANYRESOCT=r7, @ANYRES64=r0, @ANYRES16, @ANYRES16=r7, @ANYRESHEX=r8, @ANYRES64=r8, @ANYRES64=r0], 0x428}, 0x1, 0x0, 0x0, 0x4000}, 0x4000040)

6.64087681s ago: executing program 2 (id=2614):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0xb89046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) (fail_nth: 1)

5.166733741s ago: executing program 7 (id=2615):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0x23, 0x5, 0x0)
listen(r1, 0x800)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000200)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a7ef595105ea1698fa51f60a64c9f408000000e786a6d0bdbdc3d44bd70011b6c0504bb9189d9193e9bd00"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x240040c4)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r3, &(0x7f0000000040)={0x23, 0x0, 0x58}, 0x10)
r4 = fcntl$dupfd(r3, 0x0, r3)
write$tun(r4, 0x0, 0x3db)
accept4(r1, 0x0, 0x0, 0x80000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r2, 0xc0096616, &(0x7f0000000080))
socket$netlink(0x10, 0x3, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf25030000001800018014020073797a5f74756e000000000500020000000000"], 0x34}}, 0x4000080)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r6}, './file0\x00'})
syz_clone(0x126400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x10}, 0x94)

4.970963811s ago: executing program 2 (id=2616):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)=r1}, 0x20)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f7", 0x81}], 0x1, 0x0, 0x0, 0x4880}], 0x1, 0x150)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000500)=0x2000000, &(0x7f0000000540)=r1}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r3, &(0x7f0000000440), 0x0}, 0x20)

4.381562904s ago: executing program 0 (id=2618):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)={0x8c, 0x1f, 0x1, 0x0, 0x0, "", [@nested={0x7c, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x4}, @typed={0x8, 0x96, 0x0, 0x0, @fd=r0}, @nested={0x59, 0x7a, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @fd}, @generic="741194f25eec40f4e2ba2a00d51d6b66e9d985c86f6af8d238212a3fde4b46e23817e54664da29c4693e5eb2b5492c0a116d51211a8c40bf30dcd91e7d481e5a467f1ef9da", @typed={0x8, 0x108, 0x0, 0x0, @u32=0x180000}]}, @typed={0x8, 0xc3, 0x0, 0x0, @fd}]}]}, 0x8c}], 0x1, 0x0, 0x0, 0x20000080}, 0x0)

4.285575288s ago: executing program 9 (id=2619):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x8100, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x4)
r2 = userfaultfd(0x80001)
syz_open_dev$sndmidi(&(0x7f00000001c0), 0x1, 0x410002)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0xc})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00004bd000/0x3000)=nil, 0x3000}})
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x2c, r3, 0x400, 0x0, 0x25dfdbfe, {0x3}, [@TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7f}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xa706}]}]}, 0x2c}}, 0x40000000)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r3, 0x200, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x8000000)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, 0x0, 0x0, 0x2})

4.00351521s ago: executing program 4 (id=2620):
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000680)={{{@in6=@empty, @in=@initdev}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f0000000780)=0xe8)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000380)={0x5, 0x1, 0x0, "eee98fa706178749cb4dfd93e33c9b6b7bd152f35ed734fc70157dcb4f1891e2", 0x43353039})
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='&'], 0x10)

3.795127427s ago: executing program 0 (id=2621):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000002740)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000002700), 0x2, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000002680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x111, 0x9}}, 0x20)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="06010000246837f73199aee6fd1c291b3091ec1a06000000975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b9174", 0xf01}], 0x3)

3.598902943s ago: executing program 4 (id=2622):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)}], 0x1}, 0x48043)
dup(r0)
pipe2$9p(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r2, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r1, 0x0, r0, 0x0, 0x34000, 0x2)

3.571967123s ago: executing program 7 (id=2623):
r0 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
recvfrom$rxrpc(0xffffffffffffffff, &(0x7f0000000080)=""/240, 0xf0, 0x40000000, &(0x7f0000000180)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1a}}}, 0x24)

3.448244084s ago: executing program 0 (id=2624):
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x6, 0x800)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_EDITDEST(r5, 0x0, 0x489, &(0x7f0000000080)={{0x8, @loopback, 0x4e22, 0x1, 'lblcr\x00', 0x3, 0x5, 0x3f}, {@local, 0x4e20, 0x4, 0x5, 0x3, 0x800}}, 0x44)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000040)={0x0, 0x0, 0x1})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000007c0)={[0x5, 0x2, 0x991, 0x3, 0xf, 0x9, 0x2, 0x10, 0x7, 0x5, 0x2, 0x6, 0x8, 0x800, 0x3, 0x9], 0x30000, 0x40000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
pread64(r2, &(0x7f00000002c0)=""/75, 0x4b, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0xb174, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f00000000c0)={0x44, 0x2, 0x1, "b49e1b6230c84749af087c17e6e724ae01b9424f5ab23870ec00", 0x3136564e})
r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r8, &(0x7f0000000000)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0102}}}, 0x14)

3.122922787s ago: executing program 4 (id=2625):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0xe9503, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r0 = syz_io_uring_setup(0x34b9, &(0x7f0000000540)={0x0, 0x69ee, 0xc00, 0x5, 0x50}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r1, r2, r3, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x0, 0x6000, @fd_index=0x7, 0x8, 0x0, 0x0, 0x14})
io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0) (fail_nth: 1)

3.02473738s ago: executing program 2 (id=2626):
r0 = socket(0x400000000010, 0x3, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="99d42737", @ANYRES16=r2, @ANYBLOB="07000000000000000000050000000c0003800800020009000004180001801400020073797a5f74756e000000000000000000"], 0x38}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond_slave_0\x00', <r3=>0x0})
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x54, 0x8, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x81}, 0x8015) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0xffffffffffffffff}, {0xffff, 0xffff}, {0xffe0, 0xe}}}, 0x24}}, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x4008, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0) (async)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0) (async)
r5 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3, 0x2}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0) (async, rerun: 32)
landlock_restrict_self(r5, 0x0) (rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x120) (async)
r6 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0) (async)
landlock_restrict_self(r4, 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1200000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async, rerun: 64)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00'}, 0x94) (rerun: 64)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="00000000000000db3bc200b509ffa7000000bc23dedb3d5648e3f0ac24cbb229c43828", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffd}]})
close_range(r9, 0xffffffffffffffff, 0x0)
landlock_restrict_self(r6, 0x0) (async)
r10 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_restrict_self(r10, 0xe) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x1c0) (async)
r11 = landlock_create_ruleset(&(0x7f0000000200)={0x7070, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r11, 0x0) (async)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x2)

2.978683485s ago: executing program 7 (id=2627):
socket$kcm(0x10, 0x2, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000002e00090027bd70000000ca62d5aa0000"], 0x14}, 0x1, 0x0, 0x0, 0x42804}, 0x80000)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_IMPORTANCE(r5, 0x10f, 0x89, 0x0, &(0x7f00000001c0))
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1)

2.224111403s ago: executing program 38 (id=2626):
r0 = socket(0x400000000010, 0x3, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="99d42737", @ANYRES16=r2, @ANYBLOB="07000000000000000000050000000c0003800800020009000004180001801400020073797a5f74756e000000000000000000"], 0x38}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond_slave_0\x00', <r3=>0x0})
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x54, 0x8, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x81}, 0x8015) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0xffffffffffffffff}, {0xffff, 0xffff}, {0xffe0, 0xe}}}, 0x24}}, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x4008, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0) (async)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0) (async)
r5 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3, 0x2}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0) (async, rerun: 32)
landlock_restrict_self(r5, 0x0) (rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x120) (async)
r6 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0) (async)
landlock_restrict_self(r4, 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1200000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async, rerun: 64)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00'}, 0x94) (rerun: 64)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="00000000000000db3bc200b509ffa7000000bc23dedb3d5648e3f0ac24cbb229c43828", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffd}]})
close_range(r9, 0xffffffffffffffff, 0x0)
landlock_restrict_self(r6, 0x0) (async)
r10 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_restrict_self(r10, 0xe) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x1c0) (async)
r11 = landlock_create_ruleset(&(0x7f0000000200)={0x7070, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r11, 0x0) (async)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x2)

2.208313122s ago: executing program 0 (id=2629):
r0 = syz_open_dev$usbmon(&(0x7f0000000240), 0x8, 0x1c1300)
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x49cdee)

2.207509599s ago: executing program 4 (id=2630):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r3=>0x0, 0x0], &(0x7f0000000040), 0x2, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000580)={0x600, 0x1, &(0x7f0000000180)=[r2], &(0x7f00000000c0)=[0x3], &(0x7f0000000640)=[r3, r3], &(0x7f0000000340), 0x0, 0xffffffffffffffff})

2.02618904s ago: executing program 9 (id=2631):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)={0x8c, 0x1f, 0x1, 0x0, 0x0, "", [@nested={0x7c, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x4}, @typed={0x8, 0x96, 0x0, 0x0, @fd=r0}, @nested={0x59, 0x7a, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @fd}, @generic="741194f25eec40f4e2ba2a00d51d6b66e9d985c86f6af8d238212a3fde4b46e23817e54664da29c4693e5eb2b5492c0a116d51211a8c40bf30dcd91e7d481e5a467f1ef9da", @typed={0x8, 0x108, 0x0, 0x0, @u32=0x180000}]}, @typed={0x8, 0xc3, 0x0, 0x0, @fd}]}]}, 0x8c}], 0x1, 0x0, 0x0, 0x20000080}, 0x0)

1.634020946s ago: executing program 4 (id=2632):
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000380)={0x5, 0x1, 0x0, "eee98fa706178749cb4dfd93e33c9b6b7bd152f35ed734fc70157dcb4f1891e2", 0x43353039})
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='&'], 0x10)

1.448379908s ago: executing program 7 (id=2633):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001800010a00000000ffffffff021000100000fe0800"], 0x2c}}, 0x4040818)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xc, 0x15, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x30000}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x15}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}]}, &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000600)={@fallback, 0x0, 0x1, 0x2634, &(0x7f0000000500)=[0x0], 0x1, 0x0, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000680)={@fallback=r2, r2, 0x6, 0x4, r2, @void, @value=r2, @void, @void, r3}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="7d0600000020f800009ba66a88ca", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000024002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x10000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
rt_sigqueueinfo(0x0, 0x21, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f00000004c0)=@gcm_128={{0x303}, "7cb0d5366e7eef81", "d1d210691c98f36ec1f75f22c218772c", "5c16f810", "1b69b5bd8ae5419b"}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000042c0000000e0a010400000000000000000a0000ff0900020073797a31000000000900010073797a3100000000140000001100010000000000000000000100000a"], 0x98}, 0x1, 0x0, 0x0, 0x4000850}, 0x20004090)

1.420718227s ago: executing program 9 (id=2634):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000002740)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000002700), 0x2, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000002680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x111, 0x9}}, 0x20)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="06010000246837f73199aee6fd1c291b3091ec1a06000000975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b9174", 0xf01}], 0x3)

1.388441867s ago: executing program 0 (id=2635):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x8200, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000640)={{0x12, 0x1, 0x200, 0x37, 0xe5, 0xb5, 0x8, 0xb62, 0x59, 0x389c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x2, 0x7, 0xb, 0x20, 0x2, "", [{{0x9, 0x4, 0xa2, 0x3, 0x0, 0x46, 0xa1, 0x9f, 0x7}}, {{0x9, 0x4, 0x17, 0x30, 0x0, 0xde, 0x9d, 0xcc, 0x1}}]}}]}}, 0x0)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000040)={0xc000003, 0xf, &(0x7f0000000080)=[0x1389, 0x9, 0x2, 0x4, 0x8, 0xffffdff6, 0x2d7b, 0x0, 0x5d, 0x4, 0xfffffffa, 0xb, 0x6, 0x880e, 0x5], 0x0, 0x400000a})

355.012168ms ago: executing program 9 (id=2636):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)=r1}, 0x20)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f7", 0x81}], 0x1, 0x0, 0x0, 0x4880}], 0x1, 0x150)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000500)=0x2000000, &(0x7f0000000540)=r1}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r3, &(0x7f0000000440), 0x0}, 0x20)

354.427711ms ago: executing program 4 (id=2637):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000001a80)=0x5, 0x4) (async)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x3) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'veth0_vlan\x00', <r3=>0x0})
msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6)
syz_usb_connect(0x0, 0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000092df5510ac05269289b201020301090222000100000000090400000103e900000905", @ANYRES64], 0x0) (async)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0xfffffff9)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5}) (async)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f00000001c0)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
getdents(r6, 0x0, 0x0)
r7 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000100)=<r8=>0xffffffffffffffff)
ioctl$VIDIOC_DQBUF(r7, 0xc0585611, &(0x7f0000000180)=@overlay={0x1, 0xd, 0x4, 0x800, 0xffffffff, {}, {0x5, 0x2, 0x0, 0x19, 0x1, 0xd, "0cf3374a"}, 0x6, 0x3, {}, 0x89a, 0x0, r8})
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000000)={@private2, 0x0, r3}) (async)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_mreq(r9, 0x29, 0x1b, &(0x7f0000000040)={@private2, r3}, 0x14)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, 0x0, 0x0) (async)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
r12 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r12, 0xc0045540, &(0x7f0000000080)=0x2)
bind$inet(r11, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
r13 = syz_usb_connect(0x3, 0x64, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000cb8be7406d04230848390102030109025200010000000009044000000e0100000a240608000b020102000600040007000300390c2402050302", @ANYRESOCT=0x0], 0x0)
syz_usb_control_io$uac2(r13, &(0x7f00000003c0)={0x14, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x85, @string={0x85, 0x3, "fb89342772e5c7010454574408fd7265a39f25a43a9b672c8cdb732047577c47d0d194e4b723e1e81bde08686416cf4aba717cd606540fe51f3ea7af46379a70140d5790bf5f50aaf4c851de24654ea62bec9b0c075d5f6e6106924c93b1070ea155131af0ed752b8181e485bf3bb80d172787f5dd4ce29085acaa344a51e09ea1b2d8"}}}, &(0x7f0000000640)={0x44, 0x0, 0x0, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000500)={0x20, 0x81, 0x2, "04db"}, &(0x7f0000000540)={0x20, 0x82, 0x2, "ddda"}, &(0x7f0000000580)={0x20, 0x83, 0x3, 's{\b'}, &(0x7f00000005c0)={0x20, 0x84, 0x4, "82a4608f"}, &(0x7f0000000600)={0x20, 0x85, 0x3, "aedbd0"}})

161.700587ms ago: executing program 7 (id=2638):
select(0x28, 0x0, &(0x7f0000000080)={0x3}, &(0x7f00000000c0), 0x0) (fail_nth: 1)

0s ago: executing program 9 (id=2639):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="000000000980ffff", 0x8)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000140))
r1 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\x8f\xd8\xdf\x91\xfbz\x94/C\xb3\x86\xe2+Op\xd0\x00\x00\x00\x00;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xb6\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8\xd6@\xb5\x81j\xd3\xf2Gih\xa5%)\xc5#\x80z8\xe2\xd2}\xf5\xe4\x9f5\x9b\x01\x00'/146, 0x3)
fsetxattr$security_ima(r1, &(0x7f0000000080), &(0x7f0000000040)=ANY=[@ANYRES32=r1], 0xa, 0x0)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x24, r4, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e21}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000800}, 0x0)
getsockopt$WPAN_SECURITY_LEVEL(r2, 0x0, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

kernel console output (not intermixed with test programs):

descriptors, different from the interface descriptor's value: 10
[  806.505050][ T5824] usb 8-1: config 8 interface 59 has no altsetting 0
[  806.557508][ T5824] usb 8-1: string descriptor 0 read error: -22
[  806.557655][ T5824] usb 8-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=73.88
[  806.557681][ T5824] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.692607][ T5824] ttusbir 8-1:8.59: cannot find expected altsetting
[  806.879106][T12380] FAULT_INJECTION: forcing a failure.
[  806.879106][T12380] name failslab, interval 1, probability 0, space 0, times 0
[  806.879169][T12380] CPU: 1 UID: 0 PID: 12380 Comm: syz.4.2184 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  806.879198][T12380] Tainted: [L]=SOFTLOCKUP
[  806.879206][T12380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  806.879218][T12380] Call Trace:
[  806.879227][T12380]  <TASK>
[  806.879236][T12380]  dump_stack_lvl+0xe8/0x150
[  806.879266][T12380]  should_fail_ex+0x46b/0x600
[  806.879304][T12380]  should_failslab+0xa8/0x100
[  806.879334][T12380]  __kmalloc_cache_noprof+0x84/0x690
[  806.879361][T12380]  ? resv_map_alloc+0x51/0x2e0
[  806.879386][T12380]  resv_map_alloc+0x51/0x2e0
[  806.879423][T12380]  hugetlbfs_get_inode+0x5d/0x650
[  806.879452][T12380]  hugetlb_file_setup+0x21d/0x630
[  806.879480][T12380]  ksys_mmap_pgoff+0x22e/0x720
[  806.879499][T12380]  ? __x64_sys_mmap+0x7f/0x140
[  806.879518][T12380]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.879535][T12380]  do_syscall_64+0x174/0x580
[  806.879560][T12380]  ? clear_bhb_loop+0x40/0x90
[  806.879580][T12380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.879595][T12380] RIP: 0033:0x7f9b7ccece59
[  806.879609][T12380] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  806.879623][T12380] RSP: 002b:00007f9b7af04028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  806.879640][T12380] RAX: ffffffffffffffda RBX: 00007f9b7cf66180 RCX: 00007f9b7ccece59
[  806.879652][T12380] RDX: 0000000000000002 RSI: 0000000000ff5000 RDI: 0000200000000000
[  806.879662][T12380] RBP: 00007f9b7af04090 R08: ffffffffffffffff R09: 0000000000000000
[  806.879673][T12380] R10: 000000000004c831 R11: 0000000000000246 R12: 0000000000000001
[  806.879683][T12380] R13: 00007f9b7cf66218 R14: 00007f9b7cf66180 R15: 00007fff8282bfc8
[  806.879706][T12380]  </TASK>
[  807.756668][   T59] Bluetooth: hci5: command tx timeout
[  807.800685][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  808.288074][T12392] FAULT_INJECTION: forcing a failure.
[  808.288074][T12392] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  808.288137][T12392] CPU: 0 UID: 0 PID: 12392 Comm: syz.2.2185 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  808.288165][T12392] Tainted: [L]=SOFTLOCKUP
[  808.288172][T12392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  808.288183][T12392] Call Trace:
[  808.288192][T12392]  <TASK>
[  808.288200][T12392]  dump_stack_lvl+0xe8/0x150
[  808.288230][T12392]  should_fail_ex+0x46b/0x600
[  808.288265][T12392]  _copy_from_user+0x2d/0xb0
[  808.288286][T12392]  __sys_bpf+0x229/0x950
[  808.288313][T12392]  ? __pfx___sys_bpf+0x10/0x10
[  808.288372][T12392]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.288414][T12392]  __x64_sys_bpf+0x7c/0x90
[  808.288440][T12392]  do_syscall_64+0x174/0x580
[  808.288474][T12392]  ? clear_bhb_loop+0x40/0x90
[  808.288502][T12392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.288524][T12392] RIP: 0033:0x7f7ffe9cce59
[  808.288544][T12392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  808.288563][T12392] RSP: 002b:00007f7ffcbdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  808.288585][T12392] RAX: ffffffffffffffda RBX: 00007f7ffec46180 RCX: 00007f7ffe9cce59
[  808.288600][T12392] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 0000000000000000
[  808.288613][T12392] RBP: 00007f7ffcbdc090 R08: 0000000000000000 R09: 0000000000000000
[  808.288626][T12392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  808.288638][T12392] R13: 00007f7ffec46218 R14: 00007f7ffec46180 R15: 00007ffc6b75bf48
[  808.288670][T12392]  </TASK>
[  808.743084][T11331] usb 8-1: USB disconnect, device number 3
[  809.315328][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  809.552346][T12025] veth0_vlan: entered promiscuous mode
[  809.583546][T12025] veth1_vlan: entered promiscuous mode
[  809.836285][   T59] Bluetooth: hci5: command tx timeout
[  809.839167][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.078168][T12412] syzkaller0: entered promiscuous mode
[  810.078193][T12412] syzkaller0: entered allmulticast mode
[  810.119987][T12412] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  810.201503][T12421] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  810.368393][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.862485][T12025] veth0_macvtap: entered promiscuous mode
[  810.998008][T12025] veth1_macvtap: entered promiscuous mode
[  811.306075][T12025] batman_adv: batadv0: Interface activated: batadv_slave_0
[  812.204988][T12454] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2198'.
[  812.553755][   T59] Bluetooth: hci5: command tx timeout
[  813.127545][T12025] batman_adv: batadv0: Interface activated: batadv_slave_1
[  813.409831][  T151] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  813.457542][  T151] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  813.598606][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[  813.598659][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  813.795183][   T12] bridge_slave_1: left allmulticast mode
[  813.795217][   T12] bridge_slave_1: left promiscuous mode
[  813.795477][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.983601][   T12] bridge_slave_0: left allmulticast mode
[  813.983638][   T12] bridge_slave_0: left promiscuous mode
[  813.983875][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  814.210411][   T36] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  814.354855][   T36] usb 5-1: Using ep0 maxpacket: 16
[  814.360863][   T36] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  814.360889][   T36] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  814.360909][   T36] usb 5-1: Product: syz
[  814.360922][   T36] usb 5-1: Manufacturer: syz
[  814.360936][   T36] usb 5-1: SerialNumber: syz
[  814.419179][   T36] r8152-cfgselector 5-1: Unknown version 0x0000
[  814.419207][   T36] r8152-cfgselector 5-1: config 0 descriptor??
[  814.554837][   T59] Bluetooth: hci5: command tx timeout
[  815.755935][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  815.816769][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  815.865104][   T12] bond0 (unregistering): Released all slaves
[  815.873422][   T12] bond1 (unregistering): Released all slaves
[  815.896546][   T12] bond2 (unregistering): Released all slaves
[  815.914447][   T12] bond3 (unregistering): Released all slaves
[  815.943370][   T12] bond4 (unregistering): Released all slaves
[  815.963667][   T12] bond5 (unregistering): Released all slaves
[  815.986236][   T12] bond6 (unregistering): Released all slaves
[  816.007326][   T12] bond7 (unregistering): Released all slaves
[  816.028463][   T12] bond8 (unregistering): Released all slaves
[  816.086112][  T151] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  816.112597][T12495] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  816.113965][T12492] syzkaller0: entered promiscuous mode
[  816.113999][T12492] syzkaller0: entered allmulticast mode
[  816.141080][  T151] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  816.225929][T11330] r8152-cfgselector 5-1: USB disconnect, device number 73
[  816.606071][   T12] tipc: Left network mode
[  816.849530][   T12] rxrpc: Call ffff88805d72cec0 still in use (1,Complete,1489,0)!
[  817.407410][T12343] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.407535][T12343] bridge0: port 1(bridge_slave_0) entered disabled state
[  817.407757][T12343] bridge_slave_0: entered allmulticast mode
[  817.433478][T12343] bridge_slave_0: entered promiscuous mode
[  817.467975][T12343] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.468081][T12343] bridge0: port 2(bridge_slave_1) entered disabled state
[  817.468253][T12343] bridge_slave_1: entered allmulticast mode
[  817.536773][T12343] bridge_slave_1: entered promiscuous mode
[  817.694436][T12343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  817.704568][ T3321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  817.704620][ T3321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  817.731750][T12343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  817.954078][T12531] FAULT_INJECTION: forcing a failure.
[  817.954078][T12531] name failslab, interval 1, probability 0, space 0, times 0
[  817.954132][T12531] CPU: 1 UID: 0 PID: 12531 Comm: syz.4.2218 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  817.954166][T12531] Tainted: [L]=SOFTLOCKUP
[  817.954173][T12531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  817.954186][T12531] Call Trace:
[  817.954193][T12531]  <TASK>
[  817.954201][T12531]  dump_stack_lvl+0xe8/0x150
[  817.954231][T12531]  should_fail_ex+0x46b/0x600
[  817.954265][T12531]  should_failslab+0xa8/0x100
[  817.954294][T12531]  __kmalloc_noprof+0xdf/0x7b0
[  817.954324][T12531]  ? kfree+0x4d/0x6c0
[  817.954343][T12531]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  817.954373][T12531]  tomoyo_realpath_from_path+0xe3/0x5d0
[  817.954400][T12531]  ? tomoyo_domain+0xd7/0x130
[  817.954429][T12531]  ? tomoyo_path_number_perm+0x219/0x630
[  817.954459][T12531]  tomoyo_path_number_perm+0x246/0x630
[  817.954494][T12531]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  817.954524][T12531]  ? __lock_acquire+0x6b5/0x2cf0
[  817.954555][T12531]  ? do_raw_spin_lock+0x12b/0x2f0
[  817.954611][T12531]  ? __fget_files+0x2a/0x420
[  817.954634][T12531]  ? __fget_files+0x2a/0x420
[  817.954652][T12531]  ? __fget_files+0x3a6/0x420
[  817.954671][T12531]  ? __fget_files+0x2a/0x420
[  817.954693][T12531]  security_file_ioctl+0xc3/0x2a0
[  817.954728][T12531]  __se_sys_ioctl+0x47/0x170
[  817.954753][T12531]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.954776][T12531]  do_syscall_64+0x174/0x580
[  817.954807][T12531]  ? trace_irq_disable+0x3b/0x140
[  817.954831][T12531]  ? clear_bhb_loop+0x40/0x90
[  817.954856][T12531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.954877][T12531] RIP: 0033:0x7f9b7ccece59
[  817.954895][T12531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  817.954914][T12531] RSP: 002b:00007f9b7af25028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  817.954934][T12531] RAX: ffffffffffffffda RBX: 00007f9b7cf66090 RCX: 00007f9b7ccece59
[  817.954949][T12531] RDX: 00002000000000c0 RSI: 000000004020aed2 RDI: 0000000000000004
[  817.954963][T12531] RBP: 00007f9b7af25090 R08: 0000000000000000 R09: 0000000000000000
[  817.954976][T12531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  817.954988][T12531] R13: 00007f9b7cf66128 R14: 00007f9b7cf66090 R15: 00007fff8282bfc8
[  817.955022][T12531]  </TASK>
[  817.974991][T12531] ERROR: Out of memory at tomoyo_realpath_from_path.
[  818.210457][T12343] team0: Port device team_slave_0 added
[  818.246275][T12343] team0: Port device team_slave_1 added
[  818.480152][T12343] batman_adv: batadv0: Adding interface: batadv_slave_0
[  818.480169][T12343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  818.480198][T12343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  818.534563][  T162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  818.534583][  T162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.552154][T12343] batman_adv: batadv0: Adding interface: batadv_slave_1
[  818.552169][T12343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  818.552198][T12343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  818.833477][T12343] hsr_slave_0: entered promiscuous mode
[  818.844066][T12544] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  818.855483][T12343] hsr_slave_1: entered promiscuous mode
[  818.858765][T12343] debugfs: 'hsr0' already exists in 'hsr'
[  818.858783][T12343] Cannot create hsr debugfs directory
[  819.353405][ T5269] 8021q: adding VLAN 0 to HW filter on device eth17
[  819.685950][T12566] FAULT_INJECTION: forcing a failure.
[  819.685950][T12566] name failslab, interval 1, probability 0, space 0, times 0
[  819.685990][T12566] CPU: 0 UID: 0 PID: 12566 Comm: syz.2.2226 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  819.686019][T12566] Tainted: [L]=SOFTLOCKUP
[  819.686028][T12566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  819.686048][T12566] Call Trace:
[  819.686056][T12566]  <TASK>
[  819.686066][T12566]  dump_stack_lvl+0xe8/0x150
[  819.686098][T12566]  should_fail_ex+0x46b/0x600
[  819.686136][T12566]  should_failslab+0xa8/0x100
[  819.686171][T12566]  __kmalloc_noprof+0xdf/0x7b0
[  819.686196][T12566]  ? kfree+0x4d/0x6c0
[  819.686217][T12566]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  819.686251][T12566]  tomoyo_realpath_from_path+0xe3/0x5d0
[  819.686280][T12566]  ? tomoyo_domain+0xd7/0x130
[  819.686312][T12566]  ? tomoyo_path_number_perm+0x219/0x630
[  819.686354][T12566]  tomoyo_path_number_perm+0x246/0x630
[  819.686392][T12566]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  819.686427][T12566]  ? __lock_acquire+0x6b5/0x2cf0
[  819.686461][T12566]  ? do_raw_spin_lock+0x12b/0x2f0
[  819.686520][T12566]  ? __fget_files+0x2a/0x420
[  819.686547][T12566]  ? __fget_files+0x2a/0x420
[  819.686568][T12566]  ? __fget_files+0x3a6/0x420
[  819.686589][T12566]  ? __fget_files+0x2a/0x420
[  819.686614][T12566]  security_file_ioctl+0xc3/0x2a0
[  819.686651][T12566]  __se_sys_ioctl+0x47/0x170
[  819.686680][T12566]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.686705][T12566]  do_syscall_64+0x174/0x580
[  819.686737][T12566]  ? trace_irq_disable+0x3b/0x140
[  819.686763][T12566]  ? clear_bhb_loop+0x40/0x90
[  819.686793][T12566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.686816][T12566] RIP: 0033:0x7f7ffe9cce59
[  819.686837][T12566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  819.686857][T12566] RSP: 002b:00007f7ffcc1e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  819.686881][T12566] RAX: ffffffffffffffda RBX: 00007f7ffec45fa0 RCX: 00007f7ffe9cce59
[  819.686898][T12566] RDX: 0000200000000180 RSI: 00000000c0205648 RDI: 0000000000000003
[  819.686912][T12566] RBP: 00007f7ffcc1e090 R08: 0000000000000000 R09: 0000000000000000
[  819.686926][T12566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  819.686940][T12566] R13: 00007f7ffec46038 R14: 00007f7ffec45fa0 R15: 00007ffc6b75bf48
[  819.686975][T12566]  </TASK>
[  819.689253][T12566] ERROR: Out of memory at tomoyo_realpath_from_path.
[  821.844118][T12343] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  821.879968][T12343] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  821.940865][T12343] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  821.986572][T12595] FAULT_INJECTION: forcing a failure.
[  821.986572][T12595] name failslab, interval 1, probability 0, space 0, times 0
[  821.986610][T12595] CPU: 1 UID: 0 PID: 12595 Comm: syz.8.2234 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  821.986640][T12595] Tainted: [L]=SOFTLOCKUP
[  821.986647][T12595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  821.986661][T12595] Call Trace:
[  821.986669][T12595]  <TASK>
[  821.986678][T12595]  dump_stack_lvl+0xe8/0x150
[  821.986708][T12595]  should_fail_ex+0x46b/0x600
[  821.986745][T12595]  should_failslab+0xa8/0x100
[  821.986774][T12595]  __kmalloc_noprof+0xdf/0x7b0
[  821.986800][T12595]  ? kfree+0x4d/0x6c0
[  821.986821][T12595]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  821.986853][T12595]  tomoyo_realpath_from_path+0xe3/0x5d0
[  821.986891][T12595]  ? tomoyo_domain+0xd7/0x130
[  821.986940][T12595]  ? tomoyo_path_number_perm+0x219/0x630
[  821.986976][T12595]  tomoyo_path_number_perm+0x246/0x630
[  821.987015][T12595]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  821.987049][T12595]  ? __lock_acquire+0x6b5/0x2cf0
[  821.987083][T12595]  ? do_raw_spin_lock+0x12b/0x2f0
[  821.987145][T12595]  ? __fget_files+0x2a/0x420
[  821.987170][T12595]  ? __fget_files+0x2a/0x420
[  821.987191][T12595]  ? __fget_files+0x3a6/0x420
[  821.987215][T12595]  ? __fget_files+0x2a/0x420
[  821.987241][T12595]  security_file_ioctl+0xc3/0x2a0
[  821.987278][T12595]  __se_sys_ioctl+0x47/0x170
[  821.987307][T12595]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.987332][T12595]  do_syscall_64+0x174/0x580
[  821.987366][T12595]  ? trace_irq_disable+0x3b/0x140
[  821.987392][T12595]  ? clear_bhb_loop+0x40/0x90
[  821.987420][T12595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.987443][T12595] RIP: 0033:0x7fead1e5ce59
[  821.987464][T12595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  821.987484][T12595] RSP: 002b:00007fead00ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  821.987508][T12595] RAX: ffffffffffffffda RBX: 00007fead20d5fa0 RCX: 00007fead1e5ce59
[  821.987524][T12595] RDX: 0000200000000380 RSI: 00000000c0845657 RDI: 0000000000000003
[  821.987539][T12595] RBP: 00007fead00ae090 R08: 0000000000000000 R09: 0000000000000000
[  821.987553][T12595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  821.987567][T12595] R13: 00007fead20d6038 R14: 00007fead20d5fa0 R15: 00007ffc34532d68
[  821.987604][T12595]  </TASK>
[  822.003645][T12595] ERROR: Out of memory at tomoyo_realpath_from_path.
[  822.263299][T12343] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  822.293087][T12343] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  822.341559][T12343] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  822.351851][T12343] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  822.400269][T12343] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  825.238861][T12343] 8021q: adding VLAN 0 to HW filter on device bond0
[  825.320443][T12343] 8021q: adding VLAN 0 to HW filter on device team0
[  825.405641][  T162] bridge0: port 1(bridge_slave_0) entered blocking state
[  825.405772][  T162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  825.478430][ T1318] bridge0: port 2(bridge_slave_1) entered blocking state
[  825.478554][ T1318] bridge0: port 2(bridge_slave_1) entered forwarding state
[  826.369950][T12649] netlink: 152868 bytes leftover after parsing attributes in process `syz.8.2243'.
[  826.370454][T12649] netlink: Unknown conntrack attr (type=6322, max=9)
[  826.694835][   T31] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  826.740361][ T5823] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  826.850195][   T31] usb 9-1: unable to get BOS descriptor or descriptor too short
[  826.851963][   T31] usb 9-1: config 138 has an invalid interface number: 120 but max is 2
[  826.851981][   T31] usb 9-1: config 138 has an invalid interface number: 105 but max is 2
[  826.851994][   T31] usb 9-1: config 138 has an invalid interface number: 59 but max is 2
[  826.852008][   T31] usb 9-1: config 138 has no interface number 0
[  826.852019][   T31] usb 9-1: config 138 has no interface number 1
[  826.852040][   T31] usb 9-1: config 138 has no interface number 2
[  826.852075][   T31] usb 9-1: config 138 interface 120 has no altsetting 0
[  826.852087][   T31] usb 9-1: config 138 interface 105 has no altsetting 0
[  826.852099][   T31] usb 9-1: config 138 interface 59 has no altsetting 0
[  826.933001][ T5823] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  826.933056][ T5823] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  826.933126][ T5823] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  826.933145][ T5823] usb 8-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  827.000261][ T5823] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  827.000294][ T5823] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  827.000307][ T5823] usb 8-1: Product: syz
[  827.000317][ T5823] usb 8-1: Manufacturer: syz
[  827.000327][ T5823] usb 8-1: SerialNumber: syz
[  827.003841][   T31] usb 9-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=c5.e4
[  827.003860][   T31] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  827.003874][   T31] usb 9-1: Product: syz
[  827.003885][   T31] usb 9-1: Manufacturer: syz
[  827.003895][   T31] usb 9-1: SerialNumber: syz
[  827.278854][ T5269] 8021q: adding VLAN 0 to HW filter on device eth18
[  827.405546][   T31] rndis_host 9-1:138.120: rndis: master #0/0000000000000000 slave #1/0000000000000000
[  827.406221][   T31] cdc_acm 9-1:138.120: Zero length descriptor references
[  827.406249][   T31] cdc_acm 9-1:138.120: probe with driver cdc_acm failed with error -22
[  827.772207][   T31] usb 9-1: USB disconnect, device number 2
[  828.891979][T12684] FAULT_INJECTION: forcing a failure.
[  828.891979][T12684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  828.892017][T12684] CPU: 1 UID: 0 PID: 12684 Comm: syz.2.2251 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  828.892046][T12684] Tainted: [L]=SOFTLOCKUP
[  828.892054][T12684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  828.892067][T12684] Call Trace:
[  828.892075][T12684]  <TASK>
[  828.892084][T12684]  dump_stack_lvl+0xe8/0x150
[  828.892115][T12684]  should_fail_ex+0x46b/0x600
[  828.892151][T12684]  _copy_from_user+0x2d/0xb0
[  828.892173][T12684]  __sys_bind+0x1cc/0x410
[  828.892204][T12684]  ? __pfx___sys_bind+0x10/0x10
[  828.892244][T12684]  ? __pfx_ksys_write+0x10/0x10
[  828.892275][T12684]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.892300][T12684]  __x64_sys_bind+0x7a/0x90
[  828.892328][T12684]  do_syscall_64+0x174/0x580
[  828.892359][T12684]  ? trace_irq_disable+0x3b/0x140
[  828.892383][T12684]  ? clear_bhb_loop+0x40/0x90
[  828.892410][T12684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.892432][T12684] RIP: 0033:0x7f7ffe9cce59
[  828.892451][T12684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  828.892469][T12684] RSP: 002b:00007f7ffcc1e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  828.892492][T12684] RAX: ffffffffffffffda RBX: 00007f7ffec45fa0 RCX: 00007f7ffe9cce59
[  828.892509][T12684] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000004
[  828.892523][T12684] RBP: 00007f7ffcc1e090 R08: 0000000000000000 R09: 0000000000000000
[  828.892544][T12684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  828.892557][T12684] R13: 00007f7ffec46038 R14: 00007f7ffec45fa0 R15: 00007ffc6b75bf48
[  828.892594][T12684]  </TASK>
[  829.121449][ T5823] cdc_ncm 8-1:1.0: bind() failure
[  829.209513][ T5823] cdc_ncm 8-1:1.1: probe with driver cdc_ncm failed with error -71
[  829.216826][ T5823] cdc_mbim 8-1:1.1: probe with driver cdc_mbim failed with error -71
[  829.240058][ T5823] usbtest 8-1:1.1: probe with driver usbtest failed with error -71
[  829.351920][ T5823] usb 8-1: USB disconnect, device number 4
[  829.906325][T12343] 8021q: adding VLAN 0 to HW filter on device batadv0
[  830.106335][   T10] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  830.275660][   T10] usb 9-1: Using ep0 maxpacket: 32
[  830.312702][   T10] usb 9-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[  830.312731][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  830.312751][   T10] usb 9-1: Product: syz
[  830.312765][   T10] usb 9-1: Manufacturer: syz
[  830.314432][   T10] usb 9-1: SerialNumber: syz
[  830.370281][   T10] usb 9-1: config 0 descriptor??
[  830.389352][   T10] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[  830.389781][   T10] dvb-usb: bulk message failed: -22 (4/0)
[  830.389799][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  830.389914][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  830.389927][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  830.500573][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  830.503181][   T10] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[  830.503270][   T10] usb 9-1: media controller created
[  830.554372][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  830.597869][T12698] ttusb2: i2c wr len=60 too high
[  830.647194][   T10] usb 9-1: selecting invalid altsetting 3
[  830.647212][   T10] ttusb2: set interface to alts=3 failed
[  830.760069][   T10] DVB: Unable to find symbol tda10086_attach()
[  830.760080][   T10] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[  830.760871][   T10] dvb-usb: bulk message failed: -22 (4/0)
[  830.760884][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  830.761052][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  830.761061][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  830.761101][   T10] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[  831.224962][   T31] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  831.396246][ T5815] usb 9-1: USB disconnect, device number 3
[  831.399407][   T31] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  831.399430][   T31] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  831.399449][   T31] usb 8-1: config 1 has no interface number 0
[  831.399511][   T31] usb 8-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  831.460942][   T31] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  831.460963][   T31] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  831.460978][   T31] usb 8-1: Product: syz
[  831.460988][   T31] usb 8-1: Manufacturer: syz
[  831.460998][   T31] usb 8-1: SerialNumber: syz
[  831.612232][   T31] usb 8-1: selecting invalid altsetting 1
[  831.826634][   T31] cdc_ncm 8-1:1.1: bind() failure
[  831.884964][T12343] veth0_vlan: entered promiscuous mode
[  831.912076][   T31] usb 8-1: USB disconnect, device number 5
[  831.973388][T12343] veth1_vlan: entered promiscuous mode
[  832.193195][ T5815] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[  832.239412][T12343] veth0_macvtap: entered promiscuous mode
[  832.262794][T12343] veth1_macvtap: entered promiscuous mode
[  832.352382][T12343] batman_adv: batadv0: Interface activated: batadv_slave_0
[  832.543699][T12343] batman_adv: batadv0: Interface activated: batadv_slave_1
[  832.601311][   T13] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  832.604304][   T13] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  832.624530][   T13] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  832.653734][ T1027] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  833.708022][ T1037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  833.708042][ T1037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  833.771656][T12760] FAULT_INJECTION: forcing a failure.
[  833.771656][T12760] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  833.771694][T12760] CPU: 0 UID: 0 PID: 12760 Comm: syz.2.2271 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  833.771722][T12760] Tainted: [L]=SOFTLOCKUP
[  833.771730][T12760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  833.771742][T12760] Call Trace:
[  833.771750][T12760]  <TASK>
[  833.771759][T12760]  dump_stack_lvl+0xe8/0x150
[  833.771789][T12760]  should_fail_ex+0x46b/0x600
[  833.771833][T12760]  _copy_from_iter+0x1d3/0x1670
[  833.771870][T12760]  ? txopt_get+0x79/0x3f0
[  833.771893][T12760]  ? txopt_get+0x79/0x3f0
[  833.771913][T12760]  ? txopt_get+0x79/0x3f0
[  833.771936][T12760]  ? __pfx__copy_from_iter+0x10/0x10
[  833.771965][T12760]  ? txopt_get+0x343/0x3f0
[  833.771988][T12760]  ? __kernel_text_address+0xd/0x30
[  833.772020][T12760]  ? txopt_get+0x79/0x3f0
[  833.772043][T12760]  ? __pfx_txopt_get+0x10/0x10
[  833.772077][T12760]  rawv6_sendmsg+0xbbd/0x18e0
[  833.772114][T12760]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  833.772144][T12760]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  833.772191][T12760]  ? __fget_files+0x3a6/0x420
[  833.772211][T12760]  ? sock_rps_record_flow+0x19/0x350
[  833.772242][T12760]  ? __pfx_inet_sendmsg+0x10/0x10
[  833.772273][T12760]  ? inet_sendmsg+0x2f4/0x370
[  833.772304][T12760]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  833.772327][T12760]  ? __pfx_inet_sendmsg+0x10/0x10
[  833.772361][T12760]  __sys_sendto+0x5f1/0x710
[  833.772395][T12760]  ? __pfx___sys_sendto+0x10/0x10
[  833.772451][T12760]  ? ksys_write+0x248/0x270
[  833.772478][T12760]  ? __pfx_ksys_write+0x10/0x10
[  833.772509][T12760]  __x64_sys_sendto+0xde/0x100
[  833.772539][T12760]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  833.772563][T12760]  do_syscall_64+0x174/0x580
[  833.772593][T12760]  ? trace_irq_disable+0x3b/0x140
[  833.772618][T12760]  ? clear_bhb_loop+0x40/0x90
[  833.772645][T12760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  833.772666][T12760] RIP: 0033:0x7f7ffe9cce59
[  833.772686][T12760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  833.772704][T12760] RSP: 002b:00007f7ffcc1e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  833.772726][T12760] RAX: ffffffffffffffda RBX: 00007f7ffec45fa0 RCX: 00007f7ffe9cce59
[  833.772752][T12760] RDX: 0000000000000018 RSI: 0000200000000000 RDI: 0000000000000003
[  833.772767][T12760] RBP: 00007f7ffcc1e090 R08: 0000000000000000 R09: 0000000000000000
[  833.772780][T12760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  833.772792][T12760] R13: 00007f7ffec46038 R14: 00007f7ffec45fa0 R15: 00007ffc6b75bf48
[  833.772831][T12760]  </TASK>
[  834.217789][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  834.217808][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  834.314509][T12768] FAULT_INJECTION: forcing a failure.
[  834.314509][T12768] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  834.314542][T12768] CPU: 1 UID: 0 PID: 12768 Comm: syz.7.2273 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  834.314565][T12768] Tainted: [L]=SOFTLOCKUP
[  834.314571][T12768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  834.314582][T12768] Call Trace:
[  834.314588][T12768]  <TASK>
[  834.314596][T12768]  dump_stack_lvl+0xe8/0x150
[  834.314637][T12768]  should_fail_ex+0x46b/0x600
[  834.314665][T12768]  _copy_from_user+0x2d/0xb0
[  834.314682][T12768]  ___sys_sendmsg+0x1c6/0x360
[  834.314714][T12768]  ? __lock_acquire+0x6b5/0x2cf0
[  834.314740][T12768]  ? __pfx____sys_sendmsg+0x10/0x10
[  834.314805][T12768]  ? __fget_files+0x2a/0x420
[  834.314823][T12768]  ? __fget_files+0x3a6/0x420
[  834.314866][T12768]  __x64_sys_sendmsg+0x1c3/0x2a0
[  834.314898][T12768]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  834.314948][T12768]  ? __pfx_ksys_write+0x10/0x10
[  834.314982][T12768]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.315004][T12768]  do_syscall_64+0x174/0x580
[  834.315031][T12768]  ? trace_irq_disable+0x3b/0x140
[  834.315054][T12768]  ? clear_bhb_loop+0x40/0x90
[  834.315077][T12768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.315097][T12768] RIP: 0033:0x7fcbd3eece59
[  834.315112][T12768] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  834.315126][T12768] RSP: 002b:00007fcbd213e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  834.315143][T12768] RAX: ffffffffffffffda RBX: 00007fcbd4165fa0 RCX: 00007fcbd3eece59
[  834.315155][T12768] RDX: 000000000404c080 RSI: 0000200000000040 RDI: 0000000000000003
[  834.315166][T12768] RBP: 00007fcbd213e090 R08: 0000000000000000 R09: 0000000000000000
[  834.315176][T12768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  834.315186][T12768] R13: 00007fcbd4166038 R14: 00007fcbd4165fa0 R15: 00007ffc9fcacbc8
[  834.315228][T12768]  </TASK>
[  834.943981][T12778] FAULT_INJECTION: forcing a failure.
[  834.943981][T12778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  834.944023][T12778] CPU: 1 UID: 0 PID: 12778 Comm: syz.7.2275 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  834.944050][T12778] Tainted: [L]=SOFTLOCKUP
[  834.944056][T12778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  834.944066][T12778] Call Trace:
[  834.944073][T12778]  <TASK>
[  834.944093][T12778]  dump_stack_lvl+0xe8/0x150
[  834.944116][T12778]  should_fail_ex+0x46b/0x600
[  834.944144][T12778]  _copy_from_user+0x2d/0xb0
[  834.944162][T12778]  ___sys_sendmsg+0x1c6/0x360
[  834.944186][T12778]  ? __lock_acquire+0x6b5/0x2cf0
[  834.944226][T12778]  ? __pfx____sys_sendmsg+0x10/0x10
[  834.944252][T12778]  ? kstrtouint+0x6e/0xe0
[  834.944289][T12778]  ? __fget_files+0x2a/0x420
[  834.944304][T12778]  ? __fget_files+0x3a6/0x420
[  834.944327][T12778]  __sys_sendmmsg+0x282/0x4e0
[  834.944357][T12778]  ? __pfx___sys_sendmmsg+0x10/0x10
[  834.944390][T12778]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  834.944422][T12778]  ? ksys_write+0x248/0x270
[  834.944444][T12778]  ? __pfx_ksys_write+0x10/0x10
[  834.944471][T12778]  __x64_sys_sendmmsg+0xa0/0xc0
[  834.944494][T12778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.944510][T12778]  do_syscall_64+0x174/0x580
[  834.944532][T12778]  ? trace_irq_disable+0x3b/0x140
[  834.944550][T12778]  ? clear_bhb_loop+0x40/0x90
[  834.944569][T12778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.944584][T12778] RIP: 0033:0x7fcbd3eece59
[  834.944599][T12778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  834.944613][T12778] RSP: 002b:00007fcbd213e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  834.944630][T12778] RAX: ffffffffffffffda RBX: 00007fcbd4165fa0 RCX: 00007fcbd3eece59
[  834.944642][T12778] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000003
[  834.944652][T12778] RBP: 00007fcbd213e090 R08: 0000000000000000 R09: 0000000000000000
[  834.944663][T12778] R10: 0000000024080058 R11: 0000000000000246 R12: 0000000000000001
[  834.944673][T12778] R13: 00007fcbd4166038 R14: 00007fcbd4165fa0 R15: 00007ffc9fcacbc8
[  834.944698][T12778]  </TASK>
[  836.764139][ T5618] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  836.817418][ T5618] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  836.840600][T12809] FAULT_INJECTION: forcing a failure.
[  836.840600][T12809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  836.840634][T12809] CPU: 1 UID: 0 PID: 12809 Comm: syz.9.2283 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  836.840662][T12809] Tainted: [L]=SOFTLOCKUP
[  836.840669][T12809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  836.840681][T12809] Call Trace:
[  836.840687][T12809]  <TASK>
[  836.840693][T12809]  dump_stack_lvl+0xe8/0x150
[  836.840716][T12809]  should_fail_ex+0x46b/0x600
[  836.840743][T12809]  _copy_from_user+0x2d/0xb0
[  836.840760][T12809]  ___sys_sendmsg+0x1c6/0x360
[  836.840787][T12809]  ? __lock_acquire+0x6b5/0x2cf0
[  836.840820][T12809]  ? __pfx____sys_sendmsg+0x10/0x10
[  836.840867][T12809]  ? __fget_files+0x2a/0x420
[  836.840882][T12809]  ? __fget_files+0x3a6/0x420
[  836.840908][T12809]  __x64_sys_sendmsg+0x1c3/0x2a0
[  836.840934][T12809]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  836.840985][T12809]  ? __pfx_ksys_write+0x10/0x10
[  836.841013][T12809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.841032][T12809]  do_syscall_64+0x174/0x580
[  836.841058][T12809]  ? trace_irq_disable+0x3b/0x140
[  836.841078][T12809]  ? clear_bhb_loop+0x40/0x90
[  836.841100][T12809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.841117][T12809] RIP: 0033:0x7f34dcf6ce59
[  836.841132][T12809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  836.841148][T12809] RSP: 002b:00007f34db1c6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  836.841168][T12809] RAX: ffffffffffffffda RBX: 00007f34dd1e5fa0 RCX: 00007f34dcf6ce59
[  836.841181][T12809] RDX: 0000000000040010 RSI: 0000200000000500 RDI: 0000000000000003
[  836.841193][T12809] RBP: 00007f34db1c6090 R08: 0000000000000000 R09: 0000000000000000
[  836.841203][T12809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  836.841214][T12809] R13: 00007f34dd1e6038 R14: 00007f34dd1e5fa0 R15: 00007ffed98c32e8
[  836.841240][T12809]  </TASK>
[  836.841924][ T5618] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  836.920549][ T5618] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  836.993752][ T5618] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  838.683079][T12787] FAULT_INJECTION: forcing a failure.
[  838.683079][T12787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  838.683116][T12787] CPU: 0 UID: 0 PID: 12787 Comm: syz.8.2277 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  838.683144][T12787] Tainted: [L]=SOFTLOCKUP
[  838.683153][T12787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  838.683165][T12787] Call Trace:
[  838.683173][T12787]  <TASK>
[  838.683182][T12787]  dump_stack_lvl+0xe8/0x150
[  838.683214][T12787]  should_fail_ex+0x46b/0x600
[  838.683251][T12787]  _copy_to_user+0x31/0xb0
[  838.683276][T12787]  simple_read_from_buffer+0xe1/0x170
[  838.683316][T12787]  proc_fail_nth_read+0x1be/0x230
[  838.683349][T12787]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  838.683392][T12787]  ? rw_verify_area+0x2ac/0x4e0
[  838.683415][T12787]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  838.683438][T12787]  vfs_read+0x212/0xa80
[  838.683473][T12787]  ? __pfx_vfs_read+0x10/0x10
[  838.683501][T12787]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  838.683536][T12787]  ? lockdep_hardirqs_on+0x7a/0x110
[  838.683578][T12787]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  838.683610][T12787]  ? mutex_lock_nested+0x152/0x1d0
[  838.683634][T12787]  ? fdget_pos+0x252/0x320
[  838.683672][T12787]  ksys_read+0x156/0x270
[  838.683701][T12787]  ? __pfx_ksys_read+0x10/0x10
[  838.683732][T12787]  ? arch_syscall_is_vdso_sigreturn+0x11f/0x1a0
[  838.683765][T12787]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.683789][T12787]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.683814][T12787]  do_syscall_64+0x174/0x580
[  838.683846][T12787]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.683869][T12787]  ? clear_bhb_loop+0x40/0x90
[  838.683899][T12787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.683922][T12787] RIP: 0033:0x7fead1e1d68e
[  838.683943][T12787] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  838.683962][T12787] RSP: 002b:00007fead00adfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  838.683985][T12787] RAX: ffffffffffffffda RBX: 00007fead00ae6c0 RCX: 00007fead1e1d68e
[  838.684001][T12787] RDX: 000000000000000f RSI: 00007fead00ae0a0 RDI: 0000000000000003
[  838.684014][T12787] RBP: 00007fead00ae090 R08: 0000000000000000 R09: 0000000000000000
[  838.684027][T12787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.684040][T12787] R13: 00007fead20d6038 R14: 00007fead20d5fa0 R15: 00007ffc34532d68
[  838.684076][T12787]  </TASK>
[  839.038054][T12822] lo speed is unknown, defaulting to 1000
[  839.038786][T12822] lo speed is unknown, defaulting to 1000
[  839.047552][T12822] lo speed is unknown, defaulting to 1000
[  839.051339][T12822] smbdirect: ib_dev[syz0]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  839.051385][T12822] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  839.051428][T12822] smbdirect: ib_dev[syz0]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  839.056382][T12822] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  839.071129][T12822] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  839.214974][ T5618] Bluetooth: hci2: command tx timeout
[  839.237182][T12822] lo speed is unknown, defaulting to 1000
[  839.256071][T12816] fjî: entered promiscuous mode
[  839.261370][T12822] lo speed is unknown, defaulting to 1000
[  839.268655][T12822] lo speed is unknown, defaulting to 1000
[  839.273379][T12822] lo speed is unknown, defaulting to 1000
[  839.277060][T12822] lo speed is unknown, defaulting to 1000
[  839.279418][T12822] lo speed is unknown, defaulting to 1000
[  839.371309][ T5269] 8021q: adding VLAN 0 to HW filter on device eth19
[  839.815743][T12841] syz_tun: entered allmulticast mode
[  839.847467][T12843] FAULT_INJECTION: forcing a failure.
[  839.847467][T12843] name failslab, interval 1, probability 0, space 0, times 0
[  839.847504][T12843] CPU: 1 UID: 0 PID: 12843 Comm: syz.4.2289 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  839.847534][T12843] Tainted: [L]=SOFTLOCKUP
[  839.847541][T12843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  839.847554][T12843] Call Trace:
[  839.847562][T12843]  <TASK>
[  839.847578][T12843]  dump_stack_lvl+0xe8/0x150
[  839.847608][T12843]  should_fail_ex+0x46b/0x600
[  839.847646][T12843]  should_failslab+0xa8/0x100
[  839.847676][T12843]  kmem_cache_alloc_noprof+0x87/0x680
[  839.847702][T12843]  ? do_getname+0x2e/0x250
[  839.847738][T12843]  do_getname+0x2e/0x250
[  839.847767][T12843]  ? getname_uflags+0x11/0x30
[  839.847801][T12843]  do_fchownat+0xe3/0x250
[  839.847835][T12843]  ? __pfx_do_fchownat+0x10/0x10
[  839.847866][T12843]  ? __pfx_ksys_write+0x10/0x10
[  839.847898][T12843]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  839.847922][T12843]  __x64_sys_chown+0x82/0xa0
[  839.847956][T12843]  do_syscall_64+0x174/0x580
[  839.847991][T12843]  ? clear_bhb_loop+0x40/0x90
[  839.848019][T12843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  839.848041][T12843] RIP: 0033:0x7f9b7ccece59
[  839.848061][T12843] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  839.848079][T12843] RSP: 002b:00007f9b7af46028 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
[  839.848103][T12843] RAX: ffffffffffffffda RBX: 00007f9b7cf65fa0 RCX: 00007f9b7ccece59
[  839.848119][T12843] RDX: 0000000000000000 RSI: 000000000000ee00 RDI: 0000200000000680
[  839.848132][T12843] RBP: 00007f9b7af46090 R08: 0000000000000000 R09: 0000000000000000
[  839.848147][T12843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  839.848160][T12843] R13: 00007f9b7cf66038 R14: 00007f9b7cf65fa0 R15: 00007fff8282bfc8
[  839.848193][T12843]  </TASK>
[  840.024489][T12841] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2288'.
[  840.024591][T12841] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2288'.
[  840.377326][T12841] syz_tun (unregistering): left allmulticast mode
[  840.551715][T12854] could not allocate digest TFM handle blake2s-224
[  840.663485][T12805] lo speed is unknown, defaulting to 1000
[  841.493404][ T5618] Bluetooth: hci2: command tx timeout
[  843.514849][ T5618] Bluetooth: hci2: command tx timeout
[  844.044949][T12805] bridge0: port 1(bridge_slave_0) entered blocking state
[  844.045067][T12805] bridge0: port 1(bridge_slave_0) entered disabled state
[  844.045269][T12805] bridge_slave_0: entered allmulticast mode
[  844.053178][T12805] bridge_slave_0: entered promiscuous mode
[  844.081706][T12805] bridge0: port 2(bridge_slave_1) entered blocking state
[  844.081819][T12805] bridge0: port 2(bridge_slave_1) entered disabled state
[  844.082024][T12805] bridge_slave_1: entered allmulticast mode
[  844.108548][T12805] bridge_slave_1: entered promiscuous mode
[  844.232739][T12909] FAULT_INJECTION: forcing a failure.
[  844.232739][T12909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  844.232775][T12909] CPU: 1 UID: 0 PID: 12909 Comm: syz.4.2298 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  844.232806][T12909] Tainted: [L]=SOFTLOCKUP
[  844.232814][T12909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  844.232827][T12909] Call Trace:
[  844.232839][T12909]  <TASK>
[  844.232848][T12909]  dump_stack_lvl+0xe8/0x150
[  844.232878][T12909]  should_fail_ex+0x46b/0x600
[  844.232915][T12909]  _copy_from_user+0x2d/0xb0
[  844.232938][T12909]  ___sys_sendmsg+0x1c6/0x360
[  844.232971][T12909]  ? __lock_acquire+0x6b5/0x2cf0
[  844.233005][T12909]  ? __pfx____sys_sendmsg+0x10/0x10
[  844.233042][T12909]  ? kstrtouint+0x6e/0xe0
[  844.233095][T12909]  ? __fget_files+0x2a/0x420
[  844.233116][T12909]  ? __fget_files+0x3a6/0x420
[  844.233146][T12909]  __sys_sendmmsg+0x282/0x4e0
[  844.233192][T12909]  ? __pfx___sys_sendmmsg+0x10/0x10
[  844.233234][T12909]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  844.233276][T12909]  ? ksys_write+0x248/0x270
[  844.233305][T12909]  ? __pfx_ksys_write+0x10/0x10
[  844.233336][T12909]  __x64_sys_sendmmsg+0xa0/0xc0
[  844.233368][T12909]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.233390][T12909]  do_syscall_64+0x174/0x580
[  844.233424][T12909]  ? clear_bhb_loop+0x40/0x90
[  844.233450][T12909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.233472][T12909] RIP: 0033:0x7f9b7ccece59
[  844.233492][T12909] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  844.233510][T12909] RSP: 002b:00007f9b7af46028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  844.233531][T12909] RAX: ffffffffffffffda RBX: 00007f9b7cf65fa0 RCX: 00007f9b7ccece59
[  844.233547][T12909] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000006
[  844.233560][T12909] RBP: 00007f9b7af46090 R08: 0000000000000000 R09: 0000000000000000
[  844.233572][T12909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  844.233584][T12909] R13: 00007f9b7cf66038 R14: 00007f9b7cf65fa0 R15: 00007fff8282bfc8
[  844.233617][T12909]  </TASK>
[  844.504604][T12908] Bluetooth: MGMT ver 1.23
[  844.764412][T12805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  844.790576][T12805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  844.917719][T12805] team0: Port device team_slave_0 added
[  844.937669][T12805] team0: Port device team_slave_1 added
[  844.988627][T12805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  844.988644][T12805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  844.988667][T12805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  844.990788][T12805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  844.990802][T12805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  844.990828][T12805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  845.175359][ T5269] 8021q: adding VLAN 0 to HW filter on device eth20
[  845.203962][T12805] hsr_slave_0: entered promiscuous mode
[  845.216666][T12805] hsr_slave_1: entered promiscuous mode
[  845.219163][T12805] debugfs: 'hsr0' already exists in 'hsr'
[  845.219187][T12805] Cannot create hsr debugfs directory
[  845.599124][ T5618] Bluetooth: hci2: command tx timeout
[  845.914963][T12927] FAULT_INJECTION: forcing a failure.
[  845.914963][T12927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  845.914999][T12927] CPU: 1 UID: 0 PID: 12927 Comm: syz.4.2304 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  845.915033][T12927] Tainted: [L]=SOFTLOCKUP
[  845.915040][T12927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  845.915052][T12927] Call Trace:
[  845.915060][T12927]  <TASK>
[  845.915068][T12927]  dump_stack_lvl+0xe8/0x150
[  845.915097][T12927]  should_fail_ex+0x46b/0x600
[  845.915131][T12927]  _copy_from_user+0x2d/0xb0
[  845.915152][T12927]  ___sys_sendmsg+0x1c6/0x360
[  845.915183][T12927]  ? __lock_acquire+0x6b5/0x2cf0
[  845.915215][T12927]  ? __pfx____sys_sendmsg+0x10/0x10
[  845.915251][T12927]  ? kstrtouint+0x6e/0xe0
[  845.915300][T12927]  ? __fget_files+0x2a/0x420
[  845.915319][T12927]  ? __fget_files+0x3a6/0x420
[  845.915349][T12927]  __sys_sendmmsg+0x282/0x4e0
[  845.915386][T12927]  ? __pfx___sys_sendmmsg+0x10/0x10
[  845.915426][T12927]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  845.915464][T12927]  ? ksys_write+0x248/0x270
[  845.915491][T12927]  ? __pfx_ksys_write+0x10/0x10
[  845.915522][T12927]  __x64_sys_sendmmsg+0xa0/0xc0
[  845.915553][T12927]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.915575][T12927]  do_syscall_64+0x174/0x580
[  845.915604][T12927]  ? trace_irq_disable+0x3b/0x140
[  845.915627][T12927]  ? clear_bhb_loop+0x40/0x90
[  845.915656][T12927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.915677][T12927] RIP: 0033:0x7f9b7ccece59
[  845.915696][T12927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  845.915714][T12927] RSP: 002b:00007f9b7af46028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  845.915734][T12927] RAX: ffffffffffffffda RBX: 00007f9b7cf65fa0 RCX: 00007f9b7ccece59
[  845.915749][T12927] RDX: 0000000000000001 RSI: 00002000000005c0 RDI: 0000000000000003
[  845.915762][T12927] RBP: 00007f9b7af46090 R08: 0000000000000000 R09: 0000000000000000
[  845.915773][T12927] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  845.915785][T12927] R13: 00007f9b7cf66038 R14: 00007f9b7cf65fa0 R15: 00007fff8282bfc8
[  845.915816][T12927]  </TASK>
[  847.709568][T12805] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  848.642235][T12805] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  848.878462][T12957] FAULT_INJECTION: forcing a failure.
[  848.878462][T12957] name failslab, interval 1, probability 0, space 0, times 0
[  848.878497][T12957] CPU: 0 UID: 0 PID: 12957 Comm: syz.4.2312 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  848.878525][T12957] Tainted: [L]=SOFTLOCKUP
[  848.878532][T12957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  848.878563][T12957] Call Trace:
[  848.878572][T12957]  <TASK>
[  848.878581][T12957]  dump_stack_lvl+0xe8/0x150
[  848.878611][T12957]  should_fail_ex+0x46b/0x600
[  848.878648][T12957]  should_failslab+0xa8/0x100
[  848.878680][T12957]  __kmalloc_noprof+0xdf/0x7b0
[  848.878704][T12957]  ? kfree+0x4d/0x6c0
[  848.878725][T12957]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  848.878766][T12957]  tomoyo_realpath_from_path+0xe3/0x5d0
[  848.878795][T12957]  ? tomoyo_domain+0xd7/0x130
[  848.878826][T12957]  ? tomoyo_path_number_perm+0x219/0x630
[  848.878862][T12957]  tomoyo_path_number_perm+0x246/0x630
[  848.878899][T12957]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  848.878932][T12957]  ? __lock_acquire+0x6b5/0x2cf0
[  848.878965][T12957]  ? do_raw_spin_lock+0x12b/0x2f0
[  848.879024][T12957]  ? __fget_files+0x2a/0x420
[  848.879050][T12957]  ? __fget_files+0x2a/0x420
[  848.879070][T12957]  ? __fget_files+0x3a6/0x420
[  848.879090][T12957]  ? __fget_files+0x2a/0x420
[  848.879115][T12957]  security_file_ioctl+0xc3/0x2a0
[  848.879153][T12957]  __se_sys_ioctl+0x47/0x170
[  848.879182][T12957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.879206][T12957]  do_syscall_64+0x174/0x580
[  848.879239][T12957]  ? trace_irq_disable+0x3b/0x140
[  848.879265][T12957]  ? clear_bhb_loop+0x40/0x90
[  848.879293][T12957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.879315][T12957] RIP: 0033:0x7f9b7ccece59
[  848.879336][T12957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  848.879355][T12957] RSP: 002b:00007f9b7af46028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  848.879392][T12957] RAX: ffffffffffffffda RBX: 00007f9b7cf65fa0 RCX: 00007f9b7ccece59
[  848.879407][T12957] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  848.879420][T12957] RBP: 00007f9b7af46090 R08: 0000000000000000 R09: 0000000000000000
[  848.879432][T12957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  848.879445][T12957] R13: 00007f9b7cf66038 R14: 00007f9b7cf65fa0 R15: 00007fff8282bfc8
[  848.879477][T12957]  </TASK>
[  848.879486][T12957] ERROR: Out of memory at tomoyo_realpath_from_path.
[  849.353521][T12805] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  849.977310][T12805] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  852.164528][T12805] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  852.948217][T12805] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  852.951447][T12805] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  853.010363][T12805] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  853.011436][T12805] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  853.055971][T12805] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  853.131835][T12805] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  853.207809][T12805] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  854.004716][T12805] 8021q: adding VLAN 0 to HW filter on device bond0
[  854.174036][T12805] 8021q: adding VLAN 0 to HW filter on device team0
[  854.208158][ T1037] bridge0: port 1(bridge_slave_0) entered blocking state
[  854.209019][ T1037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  854.281359][ T3386] bridge0: port 2(bridge_slave_1) entered blocking state
[  854.281489][ T3386] bridge0: port 2(bridge_slave_1) entered forwarding state
[  855.941278][T12805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  856.153809][T12805] veth0_vlan: entered promiscuous mode
[  856.190008][T12805] veth1_vlan: entered promiscuous mode
[  856.294454][T13090] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2335'.
[  856.294478][T13090] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2335'.
[  856.393369][T12805] veth0_macvtap: entered promiscuous mode
[  856.406636][T12805] veth1_macvtap: entered promiscuous mode
[  856.449977][T12805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  856.482062][T12805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  856.515410][ T1037] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  856.516295][ T1037] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  856.516520][ T1037] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  856.516617][ T1037] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  857.922568][T12729] kernel write not supported for file /uinput (pid: 12729 comm: kworker/1:10)
[  858.736570][ T3397] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  858.736590][ T3397] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  859.053979][ T3373] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  859.054001][ T3373] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  859.708472][T13136] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2348'.
[  859.708494][T13136] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2348'.
[  859.732833][T12729] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  859.904233][T12729] usb 3-1: Using ep0 maxpacket: 32
[  859.912434][T12729] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  859.912458][T12729] usb 3-1: config 0 has no interface number 0
[  859.940293][T12729] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  859.940320][T12729] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  859.940339][T12729] usb 3-1: Product: syz
[  859.940352][T12729] usb 3-1: Manufacturer: syz
[  859.940366][T12729] usb 3-1: SerialNumber: syz
[  859.978776][T12729] usb 3-1: config 0 descriptor??
[  860.033559][ T5618] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  860.082660][ T5618] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  860.093747][ T5618] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  860.102300][ T5618] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  860.103758][ T5618] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  860.886964][   T31] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  862.154882][ T5618] Bluetooth: hci3: command tx timeout
[  862.175392][   T31] usb 8-1: Using ep0 maxpacket: 8
[  862.177591][   T31] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  862.177644][   T31] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  862.177725][   T31] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  862.177749][   T31] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  862.177773][   T31] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  862.177814][   T31] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  862.177892][   T31] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  862.260217][T12729] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -61
[  862.260247][T12729] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  862.457116][T12729] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  862.457825][T12729] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  862.497677][   T31] usb 8-1: GET_CAPABILITIES returned 0
[  862.497723][   T31] usbtmc 8-1:16.0: can't read capabilities
[  862.537881][T12729] usb 3-1: USB disconnect, device number 23
[  862.699547][T13148] FAULT_INJECTION: forcing a failure.
[  862.699547][T13148] name failslab, interval 1, probability 0, space 0, times 0
[  862.699587][T13148] CPU: 0 UID: 0 PID: 13148 Comm: syz.7.2351 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  862.699616][T13148] Tainted: [L]=SOFTLOCKUP
[  862.699623][T13148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  862.699636][T13148] Call Trace:
[  862.699644][T13148]  <TASK>
[  862.699652][T13148]  dump_stack_lvl+0xe8/0x150
[  862.699682][T13148]  should_fail_ex+0x46b/0x600
[  862.699718][T13148]  should_failslab+0xa8/0x100
[  862.699748][T13148]  __kmalloc_noprof+0xdf/0x7b0
[  862.699772][T13148]  ? kfree+0x4d/0x6c0
[  862.699793][T13148]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  862.699824][T13148]  tomoyo_realpath_from_path+0xe3/0x5d0
[  862.699851][T13148]  ? tomoyo_domain+0xd7/0x130
[  862.699883][T13148]  ? tomoyo_path_number_perm+0x219/0x630
[  862.699916][T13148]  tomoyo_path_number_perm+0x246/0x630
[  862.699952][T13148]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  862.699985][T13148]  ? __lock_acquire+0x6b5/0x2cf0
[  862.700028][T13148]  ? do_raw_spin_lock+0x12b/0x2f0
[  862.700078][T13148]  ? __fget_files+0x2a/0x420
[  862.700101][T13148]  ? __fget_files+0x2a/0x420
[  862.700119][T13148]  ? __fget_files+0x3a6/0x420
[  862.700137][T13148]  ? __fget_files+0x2a/0x420
[  862.700161][T13148]  security_file_ioctl+0xc3/0x2a0
[  862.700196][T13148]  __se_sys_ioctl+0x47/0x170
[  862.700225][T13148]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.700248][T13148]  do_syscall_64+0x174/0x580
[  862.700276][T13148]  ? trace_irq_disable+0x3b/0x140
[  862.700307][T13148]  ? clear_bhb_loop+0x40/0x90
[  862.700333][T13148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.700353][T13148] RIP: 0033:0x7fcbd3eece59
[  862.700372][T13148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  862.700389][T13148] RSP: 002b:00007fcbd213e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  862.700410][T13148] RAX: ffffffffffffffda RBX: 00007fcbd4165fa0 RCX: 00007fcbd3eece59
[  862.700424][T13148] RDX: 0000000000000000 RSI: 0000000080045b10 RDI: 0000000000000004
[  862.700436][T13148] RBP: 00007fcbd213e090 R08: 0000000000000000 R09: 0000000000000000
[  862.700448][T13148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  862.700459][T13148] R13: 00007fcbd4166038 R14: 00007fcbd4165fa0 R15: 00007ffc9fcacbc8
[  862.700490][T13148]  </TASK>
[  862.700521][T13148] ERROR: Out of memory at tomoyo_realpath_from_path.
[  862.994549][T11330] usb 8-1: USB disconnect, device number 6
[  863.208590][T13137] lo speed is unknown, defaulting to 1000
[  864.127155][T13188] process 'syz.7.2358' launched './file0' with NULL argv: empty string added
[  864.133025][T13192] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2360'.
[  864.133046][T13192] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2360'.
[  864.244893][ T5618] Bluetooth: hci3: command tx timeout
[  865.181185][T13137] bridge0: port 1(bridge_slave_0) entered blocking state
[  865.192170][T13137] bridge0: port 1(bridge_slave_0) entered disabled state
[  865.192386][T13137] bridge_slave_0: entered allmulticast mode
[  865.240663][T13137] bridge_slave_0: entered promiscuous mode
[  865.244412][T13137] bridge0: port 2(bridge_slave_1) entered blocking state
[  865.244584][T13137] bridge0: port 2(bridge_slave_1) entered disabled state
[  865.266288][T13137] bridge_slave_1: entered allmulticast mode
[  865.269271][T13137] bridge_slave_1: entered promiscuous mode
[  865.474373][T13137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  865.513081][T13137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  865.593270][T13137] team0: Port device team_slave_0 added
[  865.603224][T13137] team0: Port device team_slave_1 added
[  865.634903][T11330] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  865.692754][T13137] batman_adv: batadv0: Adding interface: batadv_slave_0
[  865.692769][T13137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  865.692795][T13137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  865.710301][T13137] batman_adv: batadv0: Adding interface: batadv_slave_1
[  865.710340][T13137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  865.710407][T13137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  866.844853][ T5618] Bluetooth: hci3: command tx timeout
[  867.035773][T13137] hsr_slave_0: entered promiscuous mode
[  867.037548][T13137] hsr_slave_1: entered promiscuous mode
[  867.038880][T13137] debugfs: 'hsr0' already exists in 'hsr'
[  867.038942][T13137] Cannot create hsr debugfs directory
[  867.271253][T13236] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2372'.
[  867.271507][T13236] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2372'.
[  868.877212][   T59] Bluetooth: hci3: command tx timeout
[  869.387377][T11330] usb 8-1: unable to get BOS descriptor or descriptor too short
[  869.389377][T11330] usb 8-1: unable to read config index 0 descriptor/start: -71
[  869.389410][T11330] usb 8-1: can't read configurations, error -71
[  869.756529][T12729] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  869.915035][T12729] usb 3-1: Using ep0 maxpacket: 8
[  869.917843][T12729] usb 3-1: config index 0 descriptor too short (expected 6427, got 27)
[  869.917867][T12729] usb 3-1: config 0 has an invalid interface number: 21 but max is 0
[  869.917894][T12729] usb 3-1: config 0 has no interface number 0
[  869.917936][T12729] usb 3-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  869.917962][T12729] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  869.917988][T12729] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  869.918023][T12729] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  869.918044][T12729] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  870.022231][T12729] usb 3-1: config 0 descriptor??
[  870.289174][T13258] FAULT_INJECTION: forcing a failure.
[  870.289174][T13258] name failslab, interval 1, probability 0, space 0, times 0
[  870.289211][T13258] CPU: 0 UID: 0 PID: 13258 Comm: syz.7.2379 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  870.289241][T13258] Tainted: [L]=SOFTLOCKUP
[  870.289248][T13258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  870.289261][T13258] Call Trace:
[  870.289269][T13258]  <TASK>
[  870.289277][T13258]  dump_stack_lvl+0xe8/0x150
[  870.289306][T13258]  should_fail_ex+0x46b/0x600
[  870.289342][T13258]  should_failslab+0xa8/0x100
[  870.289371][T13258]  __kmalloc_noprof+0xdf/0x7b0
[  870.289394][T13258]  ? kfree+0x4d/0x6c0
[  870.289415][T13258]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  870.289446][T13258]  tomoyo_realpath_from_path+0xe3/0x5d0
[  870.289472][T13258]  ? tomoyo_domain+0xd7/0x130
[  870.289506][T13258]  ? tomoyo_path_number_perm+0x219/0x630
[  870.289539][T13258]  tomoyo_path_number_perm+0x246/0x630
[  870.289574][T13258]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  870.289603][T13258]  ? __lock_acquire+0x6b5/0x2cf0
[  870.289632][T13258]  ? do_raw_spin_lock+0x12b/0x2f0
[  870.289687][T13258]  ? __fget_files+0x2a/0x420
[  870.289710][T13258]  ? __fget_files+0x2a/0x420
[  870.289730][T13258]  ? __fget_files+0x3a6/0x420
[  870.289748][T13258]  ? __fget_files+0x2a/0x420
[  870.289771][T13258]  security_file_ioctl+0xc3/0x2a0
[  870.289807][T13258]  __se_sys_ioctl+0x47/0x170
[  870.289833][T13258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.289979][T13258]  do_syscall_64+0x174/0x580
[  870.290013][T13258]  ? trace_irq_disable+0x3b/0x140
[  870.290040][T13258]  ? clear_bhb_loop+0x40/0x90
[  870.290067][T13258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.290090][T13258] RIP: 0033:0x7fcbd3eece59
[  870.290109][T13258] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  870.290127][T13258] RSP: 002b:00007fcbd213e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  870.290149][T13258] RAX: ffffffffffffffda RBX: 00007fcbd4165fa0 RCX: 00007fcbd3eece59
[  870.290174][T13258] RDX: 0000200000000100 RSI: 000000000000541c RDI: 0000000000000003
[  870.290186][T13258] RBP: 00007fcbd213e090 R08: 0000000000000000 R09: 0000000000000000
[  870.290198][T13258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  870.290210][T13258] R13: 00007fcbd4166038 R14: 00007fcbd4165fa0 R15: 00007ffc9fcacbc8
[  870.290240][T13258]  </TASK>
[  870.292773][T13259] FAULT_INJECTION: forcing a failure.
[  870.292773][T13259] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  870.292804][T13259] CPU: 0 UID: 0 PID: 13259 Comm: syz.4.2378 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  870.292829][T13259] Tainted: [L]=SOFTLOCKUP
[  870.292837][T13259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  870.292855][T13259] Call Trace:
[  870.292863][T13259]  <TASK>
[  870.292871][T13259]  dump_stack_lvl+0xe8/0x150
[  870.292896][T13259]  should_fail_ex+0x46b/0x600
[  870.292933][T13259]  _copy_to_user+0x31/0xb0
[  870.292953][T13259]  simple_read_from_buffer+0xe1/0x170
[  870.292988][T13259]  proc_fail_nth_read+0x1be/0x230
[  870.293011][T13259]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  870.293035][T13259]  ? rw_verify_area+0x2ac/0x4e0
[  870.293056][T13259]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  870.293078][T13259]  vfs_read+0x212/0xa80
[  870.293107][T13259]  ? __pfx_vfs_read+0x10/0x10
[  870.293131][T13259]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  870.293161][T13259]  ? lockdep_hardirqs_on+0x7a/0x110
[  870.293188][T13259]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  870.293216][T13259]  ? mutex_lock_nested+0x152/0x1d0
[  870.293237][T13259]  ? fdget_pos+0x252/0x320
[  870.293264][T13259]  ksys_read+0x156/0x270
[  870.293289][T13259]  ? __pfx_ksys_read+0x10/0x10
[  870.293319][T13259]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.293340][T13259]  do_syscall_64+0x174/0x580
[  870.293369][T13259]  ? trace_irq_disable+0x3b/0x140
[  870.293392][T13259]  ? clear_bhb_loop+0x40/0x90
[  870.293415][T13259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.293434][T13259] RIP: 0033:0x7f9b7ccad68e
[  870.293452][T13259] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  870.293468][T13259] RSP: 002b:00007f9b7af24fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  870.293487][T13259] RAX: ffffffffffffffda RBX: 00007f9b7af256c0 RCX: 00007f9b7ccad68e
[  870.293500][T13259] RDX: 000000000000000f RSI: 00007f9b7af250a0 RDI: 0000000000000004
[  870.293511][T13259] RBP: 00007f9b7af25090 R08: 0000000000000000 R09: 0000000000000000
[  870.293540][T13259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  870.293552][T13259] R13: 00007f9b7cf66128 R14: 00007f9b7cf66090 R15: 00007fff8282bfc8
[  870.293583][T13259]  </TASK>
[  870.308551][T13255] random: crng reseeded on system resumption
[  870.330093][T13258] ERROR: Out of memory at tomoyo_realpath_from_path.
[  870.882403][T13245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  870.883213][T13245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  870.929923][T12729] usb 3-1: USB disconnect, device number 24
[  872.152435][T13289] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2385'.
[  872.152463][T13289] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2385'.
[  872.580600][T13302] FAULT_INJECTION: forcing a failure.
[  872.580600][T13302] name failslab, interval 1, probability 0, space 0, times 0
[  872.580638][T13302] CPU: 1 UID: 0 PID: 13302 Comm: syz.7.2389 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  872.580674][T13302] Tainted: [L]=SOFTLOCKUP
[  872.580681][T13302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  872.580693][T13302] Call Trace:
[  872.580701][T13302]  <TASK>
[  872.580709][T13302]  dump_stack_lvl+0xe8/0x150
[  872.580739][T13302]  should_fail_ex+0x46b/0x600
[  872.580775][T13302]  should_failslab+0xa8/0x100
[  872.580803][T13302]  __kvmalloc_node_noprof+0x170/0x8e0
[  872.580830][T13302]  ? file_tty_write+0x2ec/0xa10
[  872.580849][T13302]  ? _mutex_trylock_nest_lock+0x128/0x180
[  872.580880][T13302]  file_tty_write+0x2ec/0xa10
[  872.580909][T13302]  vfs_write+0x629/0xba0
[  872.580941][T13302]  ? __pfx_vfs_write+0x10/0x10
[  872.580975][T13302]  ? __fget_files+0x2a/0x420
[  872.581004][T13302]  ksys_write+0x156/0x270
[  872.581030][T13302]  ? __pfx_ksys_write+0x10/0x10
[  872.581062][T13302]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.581085][T13302]  do_syscall_64+0x174/0x580
[  872.581115][T13302]  ? trace_irq_disable+0x3b/0x140
[  872.581138][T13302]  ? clear_bhb_loop+0x40/0x90
[  872.581163][T13302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.581182][T13302] RIP: 0033:0x7fcbd3eece59
[  872.581199][T13302] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  872.581216][T13302] RSP: 002b:00007fcbd213e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  872.581236][T13302] RAX: ffffffffffffffda RBX: 00007fcbd4165fa0 RCX: 00007fcbd3eece59
[  872.581252][T13302] RDX: 0000000000001006 RSI: 0000200000002080 RDI: 0000000000000004
[  872.581265][T13302] RBP: 00007fcbd213e090 R08: 0000000000000000 R09: 0000000000000000
[  872.581278][T13302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  872.581289][T13302] R13: 00007fcbd4166038 R14: 00007fcbd4165fa0 R15: 00007ffc9fcacbc8
[  872.581319][T13302]  </TASK>
[  872.824841][T11329] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  875.070357][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[  875.070434][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  875.216108][T13316] netlink: 'syz.9.2392': attribute type 1 has an invalid length.
[  875.216148][T13316] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  875.626160][T13317] loop7: detected capacity change from 0 to 16384
[  875.725239][T13323] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2392'.
[  875.770438][T11329] usb 3-1: unable to get BOS descriptor or descriptor too short
[  875.772496][T11329] usb 3-1: unable to read config index 0 descriptor/start: -71
[  875.772530][T11329] usb 3-1: can't read configurations, error -71
[  875.813060][T13317] 9p: Bad value for 'wfdno'
[  875.888714][T13320] loop7: detected capacity change from 16384 to 0
[  876.754229][T13341] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2398'.
[  876.754260][T13341] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2398'.
[  877.068381][T13137] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  877.102345][T13137] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  877.103570][T13137] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  877.147073][T13137] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  877.153197][T13137] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  877.268507][T13351] random: crng reseeded on system resumption
[  877.308995][T13357] FAULT_INJECTION: forcing a failure.
[  877.308995][T13357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  877.310209][T13357] CPU: 0 UID: 0 PID: 13357 Comm: syz.4.2401 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  877.310241][T13357] Tainted: [L]=SOFTLOCKUP
[  877.310249][T13357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  877.310262][T13357] Call Trace:
[  877.310270][T13357]  <TASK>
[  877.310279][T13357]  dump_stack_lvl+0xe8/0x150
[  877.310310][T13357]  should_fail_ex+0x46b/0x600
[  877.310353][T13357]  _copy_from_user+0x2d/0xb0
[  877.310375][T13357]  do_sock_getsockopt+0x200/0x7e0
[  877.310415][T13357]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  877.310462][T13357]  ? __fget_files+0x3a6/0x420
[  877.310482][T13357]  ? __fget_files+0x2a/0x420
[  877.310510][T13357]  __x64_sys_getsockopt+0x1aa/0x250
[  877.310557][T13357]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.310581][T13357]  do_syscall_64+0x174/0x580
[  877.310608][T13357]  ? trace_irq_disable+0x3b/0x140
[  877.310632][T13357]  ? clear_bhb_loop+0x40/0x90
[  877.310657][T13357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.310676][T13357] RIP: 0033:0x7f9b7ccece59
[  877.310695][T13357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  877.310713][T13357] RSP: 002b:00007f9b7af25028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  877.310734][T13357] RAX: ffffffffffffffda RBX: 00007f9b7cf66090 RCX: 00007f9b7ccece59
[  877.310749][T13357] RDX: 000000000000000f RSI: 0000000000000084 RDI: 0000000000000003
[  877.310760][T13357] RBP: 00007f9b7af25090 R08: 0000200000004480 R09: 0000000000000000
[  877.310774][T13357] R10: 00002000000043c0 R11: 0000000000000246 R12: 0000000000000001
[  877.310787][T13357] R13: 00007f9b7cf66128 R14: 00007f9b7cf66090 R15: 00007fff8282bfc8
[  877.310818][T13357]  </TASK>
[  877.589501][T13137] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  877.590979][T13137] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  877.648720][T13137] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  878.123389][T13137] 8021q: adding VLAN 0 to HW filter on device bond0
[  878.156457][T13137] 8021q: adding VLAN 0 to HW filter on device team0
[  878.174395][ T3428] bridge0: port 1(bridge_slave_0) entered blocking state
[  878.174573][ T3428] bridge0: port 1(bridge_slave_0) entered forwarding state
[  878.220873][ T9177] bridge0: port 2(bridge_slave_1) entered blocking state
[  878.221074][ T9177] bridge0: port 2(bridge_slave_1) entered forwarding state
[  878.624963][T12727] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[  881.248992][T13137] 8021q: adding VLAN 0 to HW filter on device batadv0
[  881.925473][T13137] veth0_vlan: entered promiscuous mode
[  882.036403][T13137] veth1_vlan: entered promiscuous mode
[  882.321385][ T5618] Bluetooth: hci1: command 0x0406 tx timeout
[  882.514854][   T31] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  882.675940][   T31] usb 10-1: Using ep0 maxpacket: 32
[  882.680035][   T31] usb 10-1: unable to get BOS descriptor or descriptor too short
[  882.680200][   T31] usb 10-1: too many configurations: 64, using maximum allowed: 8
[  882.684639][   T31] usb 10-1: unable to read config index 0 descriptor/start: -61
[  882.713804][   T31] usb 10-1: can't read configurations, error -61
[  882.957111][   T31] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  883.035288][T13137] veth0_macvtap: entered promiscuous mode
[  883.069044][T13137] veth1_macvtap: entered promiscuous mode
[  883.104808][   T31] usb 10-1: Using ep0 maxpacket: 32
[  883.108415][   T31] usb 10-1: unable to get BOS descriptor or descriptor too short
[  883.108582][   T31] usb 10-1: too many configurations: 64, using maximum allowed: 8
[  883.110757][   T31] usb 10-1: unable to read config index 0 descriptor/start: -61
[  883.110791][   T31] usb 10-1: can't read configurations, error -61
[  883.111835][   T31] usb usb10-port1: attempt power cycle
[  883.171002][T13137] batman_adv: batadv0: Interface activated: batadv_slave_0
[  883.227575][T13137] batman_adv: batadv0: Interface activated: batadv_slave_1
[  883.326486][ T3428] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  883.327001][ T3428] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  883.327391][ T3428] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  883.327604][ T3428] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  883.494834][   T31] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  883.517321][   T31] usb 10-1: Using ep0 maxpacket: 32
[  883.520144][   T31] usb 10-1: unable to get BOS descriptor or descriptor too short
[  883.520275][   T31] usb 10-1: too many configurations: 64, using maximum allowed: 8
[  883.559664][   T31] usb 10-1: unable to read config index 0 descriptor/start: -61
[  883.559701][   T31] usb 10-1: can't read configurations, error -61
[  883.587023][T13446] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2416'.
[  883.714985][   T31] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  883.735437][   T31] usb 10-1: Using ep0 maxpacket: 32
[  883.737955][   T31] usb 10-1: unable to get BOS descriptor or descriptor too short
[  883.738101][   T31] usb 10-1: too many configurations: 64, using maximum allowed: 8
[  883.770629][   T31] usb 10-1: unable to read config index 0 descriptor/start: -61
[  883.770667][   T31] usb 10-1: can't read configurations, error -61
[  883.771505][   T31] usb usb10-port1: unable to enumerate USB device
[  883.851471][T12727] usb 8-1: unable to get BOS descriptor or descriptor too short
[  883.864171][T12727] usb 8-1: unable to read config index 0 descriptor/start: -32
[  883.864194][T12727] usb 8-1: chopping to 0 config(s)
[  883.864217][T12727] usb 8-1: can't read configurations, error -32
[  884.014872][T12727] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  884.787296][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  884.787317][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  884.923450][ T1027] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  884.923471][ T1027] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  885.571834][T13465] smbdirect: ib_dev[syz0] removed
[  886.106446][T11330] usb 3-1: new low-speed USB device number 27 using dummy_hcd
[  886.286405][T11330] usb 3-1: Invalid ep0 maxpacket: 32
[  888.539728][T11330] usb 3-1: new low-speed USB device number 28 using dummy_hcd
[  888.827138][T11330] usb 3-1: Invalid ep0 maxpacket: 32
[  888.827471][T11330] usb usb3-port1: attempt power cycle
[  890.025390][   T31] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  890.177283][   T31] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  890.177315][   T31] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  890.183522][   T31] usb 10-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  890.183551][   T31] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  890.183572][   T31] usb 10-1: Product: syz
[  890.183587][   T31] usb 10-1: Manufacturer: syz
[  890.183601][   T31] usb 10-1: SerialNumber: syz
[  890.248847][   T31] usb 10-1: config 0 descriptor??
[  890.262075][T13531] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  890.262787][T13531] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  890.998692][T13552] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  890.998826][T13552] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  891.565321][T13557] netlink: 180 bytes leftover after parsing attributes in process `syz.7.2436'.
[  894.258693][   T31] Error reading MAC address
[  894.283889][   T31] usb 10-1: USB disconnect, device number 6
[  899.165792][T13612] FAULT_INJECTION: forcing a failure.
[  899.165792][T13612] name failslab, interval 1, probability 0, space 0, times 0
[  899.165832][T13612] CPU: 1 UID: 0 PID: 13612 Comm: syz.9.2448 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  899.165862][T13612] Tainted: [L]=SOFTLOCKUP
[  899.165870][T13612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  899.165884][T13612] Call Trace:
[  899.165892][T13612]  <TASK>
[  899.165902][T13612]  dump_stack_lvl+0xe8/0x150
[  899.165932][T13612]  should_fail_ex+0x46b/0x600
[  899.165970][T13612]  should_failslab+0xa8/0x100
[  899.165998][T13612]  __kmalloc_noprof+0xdf/0x7b0
[  899.166023][T13612]  ? iovec_from_user+0x87/0x250
[  899.166068][T13612]  iovec_from_user+0x87/0x250
[  899.166105][T13612]  __import_iovec+0x163/0x7e0
[  899.166143][T13612]  ? __lock_acquire+0x6b5/0x2cf0
[  899.166175][T13612]  import_iovec+0x73/0xa0
[  899.166212][T13612]  vfs_writev+0x1d2/0x9a0
[  899.166253][T13612]  ? __pfx_vfs_writev+0x10/0x10
[  899.166302][T13612]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  899.166347][T13612]  ? mutex_lock_nested+0x152/0x1d0
[  899.166372][T13612]  ? fdget_pos+0x252/0x320
[  899.166404][T13612]  do_writev+0x15a/0x2e0
[  899.166439][T13612]  ? __pfx_do_writev+0x10/0x10
[  899.166480][T13612]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.166505][T13612]  do_syscall_64+0x174/0x580
[  899.166537][T13612]  ? trace_irq_disable+0x3b/0x140
[  899.166563][T13612]  ? clear_bhb_loop+0x40/0x90
[  899.166590][T13612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.166612][T13612] RIP: 0033:0x7f34dcf6ce59
[  899.166632][T13612] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  899.166650][T13612] RSP: 002b:00007f34db1c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  899.166672][T13612] RAX: ffffffffffffffda RBX: 00007f34dd1e5fa0 RCX: 00007f34dcf6ce59
[  899.166687][T13612] RDX: 0000000000000009 RSI: 0000200000000100 RDI: 0000000000000003
[  899.166699][T13612] RBP: 00007f34db1c6090 R08: 0000000000000000 R09: 0000000000000000
[  899.166712][T13612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  899.166723][T13612] R13: 00007f34dd1e6038 R14: 00007f34dd1e5fa0 R15: 00007ffed98c32e8
[  899.166756][T13612]  </TASK>
[  899.879526][T13627] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2450'.
[  900.111284][   T31] usb 5-1: new full-speed USB device number 74 using dummy_hcd
[  904.810061][   T31] usb 5-1: unable to get BOS descriptor or descriptor too short
[  904.824853][   T31] usb 5-1: unable to read config index 0 descriptor/start: -71
[  904.824892][   T31] usb 5-1: can't read configurations, error -71
[  906.270566][T13662] netlink: 104 bytes leftover after parsing attributes in process `syz.7.2457'.
[  906.896197][T13676] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2459'.
[  907.240218][T13684] syzkaller0: entered promiscuous mode
[  907.240246][T13684] syzkaller0: entered allmulticast mode
[  907.950866][T13690] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  907.950898][T13690] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  908.045613][T13690] vhci_hcd vhci_hcd.0: Device attached
[  908.159451][T13699] vhci_hcd: connection closed
[  908.173862][  T151] vhci_hcd vhci_hcd.2: stop threads
[  908.200318][  T151] vhci_hcd vhci_hcd.2: release socket
[  908.200447][  T151] vhci_hcd vhci_hcd.2: disconnect device
[  908.694774][T13684] tipc: Started in network mode
[  908.694808][T13684] tipc: Node identity b26086ec2e5e, cluster identity 4711
[  908.695217][T13684] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  908.737407][T13683] tipc: Resetting bearer <eth:syzkaller0>
[  908.972007][T13708] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2464'.
[  908.986786][T13683] tipc: Disabling bearer <eth:syzkaller0>
[  909.505052][ T5823] usb 5-1: new full-speed USB device number 76 using dummy_hcd
[  909.771431][T13726] kvm: kvm [13724]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x10000003c
[  909.784402][T13726] kvm: kvm [13724]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x70b3
[  909.797638][T13726] kvm_intel: kvm [13724]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x6261
[  909.967333][ T5823] usb 5-1: unable to get BOS descriptor or descriptor too short
[  909.972344][ T5823] usb 5-1: unable to read config index 0 descriptor/start: -71
[  909.972382][ T5823] usb 5-1: can't read configurations, error -71
[  911.640367][T13756] netdevsim netdevsim9 netdevsim0: entered allmulticast mode
[  911.640550][T13756] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  911.923741][T13763] geneve2: entered promiscuous mode
[  911.971088][T13767] overlayfs: failed to resolve './bus': -2
[  912.005182][T13763] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2478'.
[  913.897813][T13791] netlink: 212336 bytes leftover after parsing attributes in process `syz.2.2481'.
[  913.991304][T13795] netlink: 572 bytes leftover after parsing attributes in process `syz.0.2483'.
[  913.991328][T13795] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2483'.
[  914.091536][T13798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2483'.
[  914.452948][T13798] team0: Port device team_slave_0 removed
[  914.471257][T13805] Invalid argument reading file caps for ./file0
[  915.916491][T13826] FAULT_INJECTION: forcing a failure.
[  915.916491][T13826] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  915.916517][T13826] CPU: 1 UID: 0 PID: 13826 Comm: syz.0.2489 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  915.916535][T13826] Tainted: [L]=SOFTLOCKUP
[  915.916540][T13826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  915.916548][T13826] Call Trace:
[  915.916553][T13826]  <TASK>
[  915.916559][T13826]  dump_stack_lvl+0xe8/0x150
[  915.916580][T13826]  should_fail_ex+0x46b/0x600
[  915.916604][T13826]  _copy_from_user+0x2d/0xb0
[  915.916618][T13826]  ocfs2_control_write+0x18e/0xb10
[  915.916641][T13826]  ? __pfx_ocfs2_control_write+0x10/0x10
[  915.916665][T13826]  ? __asan_memset+0x22/0x50
[  915.916678][T13826]  ? __import_iovec+0x40e/0x7e0
[  915.916703][T13826]  ? rw_verify_area+0x25b/0x4e0
[  915.916720][T13826]  vfs_writev+0x4c6/0x9a0
[  915.916739][T13826]  ? __pfx_ocfs2_control_write+0x10/0x10
[  915.916762][T13826]  ? __pfx_vfs_writev+0x10/0x10
[  915.916789][T13826]  ? __fget_files+0x2a/0x420
[  915.916804][T13826]  ? __fget_files+0x3a6/0x420
[  915.916815][T13826]  ? __fget_files+0x2a/0x420
[  915.916838][T13826]  do_writev+0x15a/0x2e0
[  915.916859][T13826]  ? __pfx_do_writev+0x10/0x10
[  915.916883][T13826]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.916898][T13826]  do_syscall_64+0x174/0x580
[  915.916918][T13826]  ? trace_irq_disable+0x3b/0x140
[  915.916934][T13826]  ? clear_bhb_loop+0x40/0x90
[  915.916950][T13826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.916963][T13826] RIP: 0033:0x7f0d8d61ce59
[  915.916975][T13826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  915.916987][T13826] RSP: 002b:00007f0d8b86e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  915.917000][T13826] RAX: ffffffffffffffda RBX: 00007f0d8d895fa0 RCX: 00007f0d8d61ce59
[  915.917010][T13826] RDX: 0000000000000002 RSI: 0000200000002140 RDI: 0000000000000003
[  915.917019][T13826] RBP: 00007f0d8b86e090 R08: 0000000000000000 R09: 0000000000000000
[  915.917027][T13826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  915.917035][T13826] R13: 00007f0d8d896038 R14: 00007f0d8d895fa0 R15: 00007ffe55d43c98
[  915.917058][T13826]  </TASK>
[  918.396821][T13832] No control pipe specified
[  920.794444][T13855] netlink: 228 bytes leftover after parsing attributes in process `syz.9.2498'.
[  922.305813][T13876] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  922.634834][ T5824] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  922.776940][ T5824] usb 8-1: device descriptor read/64, error -71
[  923.025063][ T5824] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  923.257215][ T5824] usb 8-1: device descriptor read/64, error -71
[  923.365291][ T5824] usb usb8-port1: attempt power cycle
[  923.482824][T13904] openvswitch: netlink: Unexpected mask (mask=20840, allowed=10048)
[  923.581022][T13907] FAULT_INJECTION: forcing a failure.
[  923.581022][T13907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  923.581052][T13907] CPU: 0 UID: 0 PID: 13907 Comm: syz.0.2516 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  923.581073][T13907] Tainted: [L]=SOFTLOCKUP
[  923.581079][T13907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  923.581088][T13907] Call Trace:
[  923.581094][T13907]  <TASK>
[  923.581101][T13907]  dump_stack_lvl+0xe8/0x150
[  923.581124][T13907]  should_fail_ex+0x46b/0x600
[  923.581150][T13907]  _copy_from_user+0x2d/0xb0
[  923.581168][T13907]  ___sys_sendmsg+0x1c6/0x360
[  923.581197][T13907]  ? __lock_acquire+0x6b5/0x2cf0
[  923.581222][T13907]  ? __pfx____sys_sendmsg+0x10/0x10
[  923.581271][T13907]  ? __fget_files+0x2a/0x420
[  923.581285][T13907]  ? __fget_files+0x3a6/0x420
[  923.581311][T13907]  __x64_sys_sendmsg+0x1c3/0x2a0
[  923.581337][T13907]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  923.581368][T13907]  ? __pfx_ksys_write+0x10/0x10
[  923.581405][T13907]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  923.581421][T13907]  do_syscall_64+0x174/0x580
[  923.581445][T13907]  ? trace_irq_disable+0x3b/0x140
[  923.581463][T13907]  ? clear_bhb_loop+0x40/0x90
[  923.581482][T13907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  923.581497][T13907] RIP: 0033:0x7f0d8d61ce59
[  923.581510][T13907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  923.581523][T13907] RSP: 002b:00007f0d8b86e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  923.581539][T13907] RAX: ffffffffffffffda RBX: 00007f0d8d895fa0 RCX: 00007f0d8d61ce59
[  923.581551][T13907] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000008
[  923.581560][T13907] RBP: 00007f0d8b86e090 R08: 0000000000000000 R09: 0000000000000000
[  923.581570][T13907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  923.581578][T13907] R13: 00007f0d8d896038 R14: 00007f0d8d895fa0 R15: 00007ffe55d43c98
[  923.581601][T13907]  </TASK>
[  923.854859][ T5824] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  923.875549][ T5824] usb 8-1: device descriptor read/8, error -71
[  924.114815][ T5824] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  924.135701][ T5824] usb 8-1: device descriptor read/8, error -71
[  925.872784][ T5824] usb usb8-port1: unable to enumerate USB device
[  926.077549][T13922] FAULT_INJECTION: forcing a failure.
[  926.077549][T13922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  926.077587][T13922] CPU: 0 UID: 0 PID: 13922 Comm: syz.4.2522 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  926.077605][T13922] Tainted: [L]=SOFTLOCKUP
[  926.077610][T13922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  926.077618][T13922] Call Trace:
[  926.077623][T13922]  <TASK>
[  926.077628][T13922]  dump_stack_lvl+0xe8/0x150
[  926.077647][T13922]  should_fail_ex+0x46b/0x600
[  926.077670][T13922]  strncpy_from_user+0x36/0x2b0
[  926.077693][T13922]  __se_sys_add_key+0xdb/0x420
[  926.077716][T13922]  ? __pfx___se_sys_add_key+0x10/0x10
[  926.077741][T13922]  ? __x64_sys_add_key+0x20/0xc0
[  926.077760][T13922]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.077774][T13922]  do_syscall_64+0x174/0x580
[  926.077795][T13922]  ? trace_irq_disable+0x3b/0x140
[  926.077811][T13922]  ? clear_bhb_loop+0x40/0x90
[  926.077827][T13922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.077840][T13922] RIP: 0033:0x7f9b7ccece59
[  926.077852][T13922] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  926.077864][T13922] RSP: 002b:00007f9b7af46028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  926.077878][T13922] RAX: ffffffffffffffda RBX: 00007f9b7cf65fa0 RCX: 00007f9b7ccece59
[  926.077888][T13922] RDX: 0000200000000100 RSI: 0000200000000180 RDI: 0000200000000140
[  926.077898][T13922] RBP: 00007f9b7af46090 R08: fffffffffffffffe R09: 0000000000000000
[  926.077907][T13922] R10: 00000000000000ca R11: 0000000000000246 R12: 0000000000000001
[  926.077915][T13922] R13: 00007f9b7cf66038 R14: 00007f9b7cf65fa0 R15: 00007fff8282bfc8
[  926.077946][T13922]  </TASK>
[  926.493020][T13925] syzkaller0: entered promiscuous mode
[  926.493044][T13925] syzkaller0: entered allmulticast mode
[  927.415119][T12727] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  927.762679][T11330] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  928.488771][   T59] Bluetooth: hci5: command 0x0406 tx timeout
[  928.497809][T12727] usb 5-1: Using ep0 maxpacket: 32
[  928.568352][T12727] usb 5-1: New USB device found, idVendor=041e, idProduct=3237, bcdDevice= 0.40
[  928.568385][T12727] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  928.568405][T12727] usb 5-1: Product: syz
[  928.568425][T12727] usb 5-1: Manufacturer: syz
[  928.568436][T12727] usb 5-1: SerialNumber: syz
[  928.917975][T12727] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  929.491422][T12727] usb 5-1: USB disconnect, device number 78
[  929.511248][T13950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  931.944879][T11323] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  931.964768][ T5815] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  932.098856][T11323] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  932.098890][T11323] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  932.098927][T11323] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  932.098948][T11323] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  932.148268][ T5815] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  932.148324][ T5815] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice= 0.03
[  932.148350][ T5815] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  932.149511][T13977] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  932.217743][T11323] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  932.252606][ T5815] usb 10-1: config 0 descriptor??
[  932.383710][ T5815] pwc: Askey VC010 type 2 USB webcam detected.
[  933.241206][ T5815] pwc: recv_control_msg error -32 req 02 val 2b00
[  936.542656][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[  936.554470][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  938.410534][T13992] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  938.476729][ T5815] pwc: recv_control_msg error -110 req 02 val 2c00
[  938.478272][ T5815] pwc: recv_control_msg error -32 req 04 val 1000
[  938.479608][ T5815] pwc: recv_control_msg error -32 req 04 val 1300
[  938.482531][ T5815] pwc: recv_control_msg error -32 req 04 val 1400
[  938.483852][ T5815] pwc: recv_control_msg error -32 req 02 val 2000
[  938.485559][ T5815] pwc: recv_control_msg error -32 req 02 val 2100
[  938.488069][ T5815] pwc: recv_control_msg error -32 req 04 val 1500
[  938.503387][ T5815] pwc: recv_control_msg error -32 req 02 val 2500
[  938.505462][ T5815] pwc: recv_control_msg error -32 req 02 val 2400
[  938.513905][ T5815] pwc: recv_control_msg error -32 req 02 val 2600
[  938.527485][ T5815] pwc: recv_control_msg error -32 req 02 val 2900
[  938.544470][ T5815] pwc: recv_control_msg error -32 req 02 val 2800
[  938.860246][ T5815] pwc: recv_control_msg error -32 req 04 val 1100
[  938.873210][ T5815] pwc: recv_control_msg error -32 req 04 val 1200
[  941.759244][ T5815] pwc: Registered as video103.
[  941.826928][T11323] usb 3-1: USB disconnect, device number 30
[  941.847534][ T5815] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input12
[  941.982571][ T5815] usb 10-1: USB disconnect, device number 7
[  942.168769][T14015] FAULT_INJECTION: forcing a failure.
[  942.168769][T14015] name failslab, interval 1, probability 0, space 0, times 0
[  942.168806][T14015] CPU: 0 UID: 0 PID: 14015 Comm: syz.4.2548 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  942.168833][T14015] Tainted: [L]=SOFTLOCKUP
[  942.168840][T14015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  942.168852][T14015] Call Trace:
[  942.168860][T14015]  <TASK>
[  942.168868][T14015]  dump_stack_lvl+0xe8/0x150
[  942.168896][T14015]  should_fail_ex+0x46b/0x600
[  942.168931][T14015]  should_failslab+0xa8/0x100
[  942.168959][T14015]  __kmalloc_noprof+0xdf/0x7b0
[  942.168981][T14015]  ? kfree+0x4d/0x6c0
[  942.169001][T14015]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  942.169032][T14015]  tomoyo_realpath_from_path+0xe3/0x5d0
[  942.169057][T14015]  ? tomoyo_domain+0xd7/0x130
[  942.169087][T14015]  ? tomoyo_path_number_perm+0x219/0x630
[  942.169118][T14015]  tomoyo_path_number_perm+0x246/0x630
[  942.169152][T14015]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  942.169182][T14015]  ? __lock_acquire+0x6b5/0x2cf0
[  942.169212][T14015]  ? do_raw_spin_lock+0x12b/0x2f0
[  942.169275][T14015]  ? __fget_files+0x2a/0x420
[  942.169297][T14015]  ? __fget_files+0x2a/0x420
[  942.169324][T14015]  ? __fget_files+0x3a6/0x420
[  942.169343][T14015]  ? __fget_files+0x2a/0x420
[  942.169366][T14015]  security_file_ioctl+0xc3/0x2a0
[  942.169400][T14015]  __se_sys_ioctl+0x47/0x170
[  942.169424][T14015]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.169447][T14015]  do_syscall_64+0x174/0x580
[  942.169476][T14015]  ? trace_irq_disable+0x3b/0x140
[  942.169498][T14015]  ? clear_bhb_loop+0x40/0x90
[  942.169524][T14015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.169544][T14015] RIP: 0033:0x7f9b7ccece59
[  942.169563][T14015] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  942.169579][T14015] RSP: 002b:00007f9b7af46028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  942.169600][T14015] RAX: ffffffffffffffda RBX: 00007f9b7cf65fa0 RCX: 00007f9b7ccece59
[  942.169615][T14015] RDX: 0000200000000480 RSI: 000000004068aea3 RDI: 0000000000000004
[  942.169629][T14015] RBP: 00007f9b7af46090 R08: 0000000000000000 R09: 0000000000000000
[  942.169642][T14015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  942.169653][T14015] R13: 00007f9b7cf66038 R14: 00007f9b7cf65fa0 R15: 00007fff8282bfc8
[  942.169686][T14015]  </TASK>
[  942.169707][T14015] ERROR: Out of memory at tomoyo_realpath_from_path.
[  942.889839][T14022] FAULT_INJECTION: forcing a failure.
[  942.889839][T14022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  942.889898][T14022] CPU: 1 UID: 0 PID: 14022 Comm: syz.9.2550 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  942.889926][T14022] Tainted: [L]=SOFTLOCKUP
[  942.889933][T14022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  942.889945][T14022] Call Trace:
[  942.889953][T14022]  <TASK>
[  942.889962][T14022]  dump_stack_lvl+0xe8/0x150
[  942.889992][T14022]  should_fail_ex+0x46b/0x600
[  942.890026][T14022]  _copy_from_user+0x2d/0xb0
[  942.890047][T14022]  __sys_bpf+0x229/0x950
[  942.890075][T14022]  ? __pfx___sys_bpf+0x10/0x10
[  942.890116][T14022]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.890147][T14022]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.890170][T14022]  __x64_sys_bpf+0x7c/0x90
[  942.890194][T14022]  do_syscall_64+0x174/0x580
[  942.890232][T14022]  ? clear_bhb_loop+0x40/0x90
[  942.890258][T14022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.890280][T14022] RIP: 0033:0x7f34dcf6ce59
[  942.890299][T14022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  942.890316][T14022] RSP: 002b:00007f34db184028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  942.890338][T14022] RAX: ffffffffffffffda RBX: 00007f34dd1e6180 RCX: 00007f34dcf6ce59
[  942.890352][T14022] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  942.890366][T14022] RBP: 00007f34db184090 R08: 0000000000000000 R09: 0000000000000000
[  942.890379][T14022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  942.890391][T14022] R13: 00007f34dd1e6218 R14: 00007f34dd1e6180 R15: 00007ffed98c32e8
[  942.890422][T14022]  </TASK>
[  946.062123][T14045] netlink: 'syz.2.2556': attribute type 10 has an invalid length.
[  946.109775][T14045] syz_tun: entered promiscuous mode
[  946.152998][T14045] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  946.712298][T14059] FAULT_INJECTION: forcing a failure.
[  946.712298][T14059] name failslab, interval 1, probability 0, space 0, times 0
[  946.712335][T14059] CPU: 1 UID: 0 PID: 14059 Comm: syz.2.2560 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  946.712362][T14059] Tainted: [L]=SOFTLOCKUP
[  946.712370][T14059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  946.712382][T14059] Call Trace:
[  946.712389][T14059]  <TASK>
[  946.712398][T14059]  dump_stack_lvl+0xe8/0x150
[  946.712427][T14059]  should_fail_ex+0x46b/0x600
[  946.712461][T14059]  should_failslab+0xa8/0x100
[  946.712490][T14059]  __kmalloc_noprof+0xdf/0x7b0
[  946.712512][T14059]  ? kfree+0x4d/0x6c0
[  946.712532][T14059]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  946.712562][T14059]  tomoyo_realpath_from_path+0xe3/0x5d0
[  946.712588][T14059]  ? tomoyo_domain+0xd7/0x130
[  946.712618][T14059]  ? tomoyo_path_number_perm+0x219/0x630
[  946.712651][T14059]  tomoyo_path_number_perm+0x246/0x630
[  946.712686][T14059]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  946.712718][T14059]  ? __lock_acquire+0x6b5/0x2cf0
[  946.712747][T14059]  ? do_raw_spin_lock+0x12b/0x2f0
[  946.712799][T14059]  ? __fget_files+0x2a/0x420
[  946.712821][T14059]  ? __fget_files+0x2a/0x420
[  946.712839][T14059]  ? __fget_files+0x3a6/0x420
[  946.712857][T14059]  ? __fget_files+0x2a/0x420
[  946.712881][T14059]  security_file_ioctl+0xc3/0x2a0
[  946.712916][T14059]  __se_sys_ioctl+0x47/0x170
[  946.712941][T14059]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.712964][T14059]  do_syscall_64+0x174/0x580
[  946.712993][T14059]  ? trace_irq_disable+0x3b/0x140
[  946.713030][T14059]  ? clear_bhb_loop+0x40/0x90
[  946.713053][T14059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.713072][T14059] RIP: 0033:0x7f0d4012ce59
[  946.713090][T14059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  946.713112][T14059] RSP: 002b:00007f0d3e386028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  946.713133][T14059] RAX: ffffffffffffffda RBX: 00007f0d403a5fa0 RCX: 00007f0d4012ce59
[  946.713152][T14059] RDX: 0000200000000140 RSI: 00000000c0405668 RDI: 0000000000000003
[  946.713165][T14059] RBP: 00007f0d3e386090 R08: 0000000000000000 R09: 0000000000000000
[  946.713177][T14059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  946.713189][T14059] R13: 00007f0d403a6038 R14: 00007f0d403a5fa0 R15: 00007ffd190077e8
[  946.713219][T14059]  </TASK>
[  946.732285][T14059] ERROR: Out of memory at tomoyo_realpath_from_path.
[  947.908834][T14088] FAULT_INJECTION: forcing a failure.
[  947.908834][T14088] name failslab, interval 1, probability 0, space 0, times 0
[  947.908894][T14088] CPU: 1 UID: 0 PID: 14088 Comm: syz.0.2568 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  947.908926][T14088] Tainted: [L]=SOFTLOCKUP
[  947.908933][T14088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  947.908946][T14088] Call Trace:
[  947.908953][T14088]  <TASK>
[  947.908961][T14088]  dump_stack_lvl+0xe8/0x150
[  947.908990][T14088]  should_fail_ex+0x46b/0x600
[  947.909026][T14088]  should_failslab+0xa8/0x100
[  947.909059][T14088]  kmem_cache_alloc_noprof+0x87/0x680
[  947.909076][T14088]  ? lockdep_hardirqs_on+0x7a/0x110
[  947.909097][T14088]  ? do_getname+0x2e/0x250
[  947.909121][T14088]  do_getname+0x2e/0x250
[  947.909139][T14088]  ? getname_flags+0x11/0x20
[  947.909161][T14088]  do_sys_openat2+0xca/0x200
[  947.909185][T14088]  ? __pfx_do_sys_openat2+0x10/0x10
[  947.909227][T14088]  ? ksys_write+0x248/0x270
[  947.909271][T14088]  ? __pfx_ksys_write+0x10/0x10
[  947.909299][T14088]  __x64_sys_openat+0x138/0x170
[  947.909322][T14088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.909344][T14088]  do_syscall_64+0x174/0x580
[  947.909374][T14088]  ? trace_irq_disable+0x3b/0x140
[  947.909400][T14088]  ? clear_bhb_loop+0x40/0x90
[  947.909425][T14088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.909447][T14088] RIP: 0033:0x7f0d8d61ce59
[  947.909467][T14088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  947.909486][T14088] RSP: 002b:00007f0d8b84d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  947.909507][T14088] RAX: ffffffffffffffda RBX: 00007f0d8d896090 RCX: 00007f0d8d61ce59
[  947.909523][T14088] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  947.909536][T14088] RBP: 00007f0d8b84d090 R08: 0000000000000000 R09: 0000000000000000
[  947.909549][T14088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  947.909561][T14088] R13: 00007f0d8d896128 R14: 00007f0d8d896090 R15: 00007ffe55d43c98
[  947.909593][T14088]  </TASK>
[  949.713101][T14101] Can't find a SQUASHFS superblock on nullb0
[  949.776815][T14104] FAULT_INJECTION: forcing a failure.
[  949.776815][T14104] name failslab, interval 1, probability 0, space 0, times 0
[  949.776843][T14104] CPU: 0 UID: 0 PID: 14104 Comm: syz.0.2573 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  949.776874][T14104] Tainted: [L]=SOFTLOCKUP
[  949.776879][T14104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  949.776888][T14104] Call Trace:
[  949.776893][T14104]  <TASK>
[  949.776900][T14104]  dump_stack_lvl+0xe8/0x150
[  949.776922][T14104]  should_fail_ex+0x46b/0x600
[  949.776947][T14104]  should_failslab+0xa8/0x100
[  949.776967][T14104]  __kmalloc_noprof+0xdf/0x7b0
[  949.776983][T14104]  ? kfree+0x4d/0x6c0
[  949.776996][T14104]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  949.777017][T14104]  tomoyo_realpath_from_path+0xe3/0x5d0
[  949.777035][T14104]  ? tomoyo_domain+0xd7/0x130
[  949.777056][T14104]  ? tomoyo_path_number_perm+0x219/0x630
[  949.777078][T14104]  tomoyo_path_number_perm+0x246/0x630
[  949.777102][T14104]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  949.777124][T14104]  ? __lock_acquire+0x6b5/0x2cf0
[  949.777145][T14104]  ? do_raw_spin_lock+0x12b/0x2f0
[  949.777183][T14104]  ? __fget_files+0x2a/0x420
[  949.777198][T14104]  ? __fget_files+0x2a/0x420
[  949.777211][T14104]  ? __fget_files+0x3a6/0x420
[  949.777224][T14104]  ? __fget_files+0x2a/0x420
[  949.777240][T14104]  security_file_ioctl+0xc3/0x2a0
[  949.777264][T14104]  __se_sys_ioctl+0x47/0x170
[  949.777282][T14104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.777298][T14104]  do_syscall_64+0x174/0x580
[  949.777319][T14104]  ? trace_irq_disable+0x3b/0x140
[  949.777336][T14104]  ? clear_bhb_loop+0x40/0x90
[  949.777381][T14104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.777402][T14104] RIP: 0033:0x7f0d8d61ce59
[  949.777421][T14104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  949.777439][T14104] RSP: 002b:00007f0d8b86e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  949.777460][T14104] RAX: ffffffffffffffda RBX: 00007f0d8d895fa0 RCX: 00007f0d8d61ce59
[  949.777479][T14104] RDX: 0000200000000080 RSI: 00000000c0286405 RDI: 0000000000000003
[  949.777488][T14104] RBP: 00007f0d8b86e090 R08: 0000000000000000 R09: 0000000000000000
[  949.777497][T14104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  949.777506][T14104] R13: 00007f0d8d896038 R14: 00007f0d8d895fa0 R15: 00007ffe55d43c98
[  949.777528][T14104]  </TASK>
[  949.777534][T14104] ERROR: Out of memory at tomoyo_realpath_from_path.
[  950.521936][T14122] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  952.503753][T14131] FAULT_INJECTION: forcing a failure.
[  952.503753][T14131] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  952.503792][T14131] CPU: 1 UID: 0 PID: 14131 Comm: syz.9.2582 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  952.503821][T14131] Tainted: [L]=SOFTLOCKUP
[  952.503828][T14131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  952.503840][T14131] Call Trace:
[  952.503848][T14131]  <TASK>
[  952.503857][T14131]  dump_stack_lvl+0xe8/0x150
[  952.503888][T14131]  should_fail_ex+0x46b/0x600
[  952.503925][T14131]  _copy_from_user+0x2d/0xb0
[  952.503948][T14131]  ___sys_sendmsg+0x1c6/0x360
[  952.503980][T14131]  ? __lock_acquire+0x6b5/0x2cf0
[  952.504025][T14131]  ? __pfx____sys_sendmsg+0x10/0x10
[  952.504089][T14131]  ? __fget_files+0x2a/0x420
[  952.504108][T14131]  ? __fget_files+0x3a6/0x420
[  952.504137][T14131]  __x64_sys_sendmsg+0x1c3/0x2a0
[  952.504170][T14131]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  952.504214][T14131]  ? __pfx_ksys_write+0x10/0x10
[  952.504246][T14131]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  952.504269][T14131]  do_syscall_64+0x174/0x580
[  952.504298][T14131]  ? trace_irq_disable+0x3b/0x140
[  952.504321][T14131]  ? clear_bhb_loop+0x40/0x90
[  952.504346][T14131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  952.504368][T14131] RIP: 0033:0x7f34dcf6ce59
[  952.504385][T14131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  952.504404][T14131] RSP: 002b:00007f34db1a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  952.504424][T14131] RAX: ffffffffffffffda RBX: 00007f34dd1e6090 RCX: 00007f34dcf6ce59
[  952.504438][T14131] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  952.504449][T14131] RBP: 00007f34db1a5090 R08: 0000000000000000 R09: 0000000000000000
[  952.504461][T14131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  952.504472][T14131] R13: 00007f34dd1e6128 R14: 00007f34dd1e6090 R15: 00007ffed98c32e8
[  952.504502][T14131]  </TASK>
[  952.983833][ T5618] Bluetooth: hci1: ACL packet for unknown connection handle 16
[  954.424753][T12728] usb 8-1: new full-speed USB device number 16 using dummy_hcd
[  955.127435][T12728] usb 8-1: unable to get BOS descriptor or descriptor too short
[  955.128177][T12728] usb 8-1: not running at top speed; connect to a high speed hub
[  955.129456][T12728] usb 8-1: config 1 has an invalid interface number: 9 but max is 2
[  955.129480][T12728] usb 8-1: config 1 has an invalid descriptor of length 241, skipping remainder of the config
[  955.129500][T12728] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  955.129520][T12728] usb 8-1: config 1 has no interface number 0
[  955.154860][T12728] usb 8-1: New USB device found, idVendor=0b05, idProduct=1743, bcdDevice= 0.40
[  955.154887][T12728] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  955.154905][T12728] usb 8-1: Product: syz
[  955.154918][T12728] usb 8-1: Manufacturer: syz
[  955.154930][T12728] usb 8-1: SerialNumber: syz
[  955.951463][T12728] usb 8-1: USB disconnect, device number 16
[  956.625531][T11323] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  956.799608][T11323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  956.799658][T11323] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  956.799681][T11323] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  956.844025][T11323] usb 5-1: config 0 descriptor??
[  957.064857][T11323] usbhid 5-1:0.0: can't add hid device: -71
[  957.064968][T11323] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  957.098472][T11323] usb 5-1: USB disconnect, device number 79
[  957.634890][T11323] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  958.306357][T11323] usb 5-1: Using ep0 maxpacket: 32
[  958.503770][T11323] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  958.503818][T11323] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  958.503849][T11323] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  958.582455][T11323] usb 5-1: config 0 descriptor??
[  958.592710][T11323] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  958.616733][T11323] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  960.538208][ T5824] usb 5-1: USB disconnect, device number 80
[  960.975145][ T5824] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  961.156451][ T5815] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  961.156652][ T5816] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  961.331645][ T5816] usb 3-1: unable to get BOS descriptor or descriptor too short
[  961.343259][ T5816] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  961.343286][ T5816] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  961.343335][ T5816] usb 3-1: too many endpoints for config 1 interface 1 altsetting 76: 188, using maximum allowed: 30
[  961.344090][ T5816] usb 3-1: config 1 interface 1 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 188
[  961.344136][ T5816] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  961.344163][ T5816] usb 3-1: config 1 interface 1 has no altsetting 0
[  961.350271][ T5815] usb 8-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  961.351658][ T5815] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  961.352752][ T5815] usb 8-1: Product: syz
[  961.352806][ T5815] usb 8-1: Manufacturer: syz
[  961.353835][ T5815] usb 8-1: SerialNumber: syz
[  961.463696][ T5816] usb 3-1: string descriptor 0 read error: -22
[  961.463827][ T5816] usb 3-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[  961.463845][ T5816] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  962.163698][ T5815] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  962.163822][ T5815] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO
[  962.164392][ T5815] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  962.168701][ T5815] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  962.226129][ T5815] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  962.329330][ T5815] lan78xx 8-1:1.0: probe with driver lan78xx failed with error -71
[  962.512269][ T5815] usb 8-1: USB disconnect, device number 17
[  962.781136][ T5816] usb 3-1: 2:0: failed to get current value for ch 1 (-71)
[  962.797192][ T5816] usb 3-1: Warning! Unlikely small volume range (=98), linear volume or custom curve?
[  962.797215][ T5816] usb 3-1: [2] FU [Speaker Playback Volume] ch = 1, val = 0/98/1
[  963.049320][ T5816] usb 3-1: USB disconnect, device number 31
[  964.213353][ T5618] Bluetooth: hci2: command 0x0406 tx timeout
[  965.295007][T14214] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2608'.
[  965.856312][T14220] FAULT_INJECTION: forcing a failure.
[  965.856312][T14220] name failslab, interval 1, probability 0, space 0, times 0
[  965.856349][T14220] CPU: 1 UID: 0 PID: 14220 Comm: syz.2.2614 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  965.856379][T14220] Tainted: [L]=SOFTLOCKUP
[  965.856386][T14220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  965.856396][T14220] Call Trace:
[  965.856403][T14220]  <TASK>
[  965.856413][T14220]  dump_stack_lvl+0xe8/0x150
[  965.856444][T14220]  should_fail_ex+0x46b/0x600
[  965.856480][T14220]  should_failslab+0xa8/0x100
[  965.856510][T14220]  kmem_cache_alloc_noprof+0x87/0x680
[  965.856535][T14220]  ? do_getname+0x2e/0x250
[  965.856565][T14220]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  965.856602][T14220]  do_getname+0x2e/0x250
[  965.856630][T14220]  ? user_path_at+0x1e/0x160
[  965.856656][T14220]  user_path_at+0x2a/0x160
[  965.856683][T14220]  __se_sys_mount+0x2dc/0x420
[  965.856710][T14220]  ? __pfx___se_sys_mount+0x10/0x10
[  965.856737][T14220]  ? __x64_sys_mount+0x20/0xc0
[  965.856756][T14220]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.856779][T14220]  do_syscall_64+0x174/0x580
[  965.856810][T14220]  ? trace_irq_disable+0x3b/0x140
[  965.856834][T14220]  ? clear_bhb_loop+0x40/0x90
[  965.856861][T14220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.856882][T14220] RIP: 0033:0x7f0d4012ce59
[  965.856900][T14220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  965.856923][T14220] RSP: 002b:00007f0d3e386028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  965.856946][T14220] RAX: ffffffffffffffda RBX: 00007f0d403a5fa0 RCX: 00007f0d4012ce59
[  965.856962][T14220] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000
[  965.856976][T14220] RBP: 00007f0d3e386090 R08: 0000000000000000 R09: 0000000000000000
[  965.856989][T14220] R10: 0000000000084000 R11: 0000000000000246 R12: 0000000000000001
[  965.857002][T14220] R13: 00007f0d403a6038 R14: 00007f0d403a5fa0 R15: 00007ffd190077e8
[  965.857036][T14220]  </TASK>
[  966.454854][T14224] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2613'.
[  966.454908][T14224] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2613'.
[  966.584289][T14226] netlink: 'syz.7.2615': attribute type 2 has an invalid length.
[  966.840954][T14229] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2615'.
[  967.085589][T12805] bond0: (slave syz_tun): Releasing backup interface
[  968.016127][T14246] IPVS: set_ctl: invalid protocol: 8 127.0.0.1:20002
[  968.238109][T14253] FAULT_INJECTION: forcing a failure.
[  968.238109][T14253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  968.238144][T14253] CPU: 1 UID: 0 PID: 14253 Comm: syz.4.2625 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  968.238172][T14253] Tainted: [L]=SOFTLOCKUP
[  968.238179][T14253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  968.238192][T14253] Call Trace:
[  968.238199][T14253]  <TASK>
[  968.238207][T14253]  dump_stack_lvl+0xe8/0x150
[  968.238244][T14253]  should_fail_ex+0x46b/0x600
[  968.238279][T14253]  _copy_to_user+0x31/0xb0
[  968.238301][T14253]  simple_read_from_buffer+0xe1/0x170
[  968.238338][T14253]  proc_fail_nth_read+0x1be/0x230
[  968.238363][T14253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  968.238387][T14253]  ? rw_verify_area+0x2ac/0x4e0
[  968.238410][T14253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  968.238433][T14253]  vfs_read+0x212/0xa80
[  968.238465][T14253]  ? __pfx_vfs_read+0x10/0x10
[  968.238490][T14253]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  968.238522][T14253]  ? lockdep_hardirqs_on+0x7a/0x110
[  968.238551][T14253]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  968.238582][T14253]  ? mutex_lock_nested+0x152/0x1d0
[  968.238605][T14253]  ? fdget_pos+0x252/0x320
[  968.238633][T14253]  ksys_read+0x156/0x270
[  968.238660][T14253]  ? __pfx_ksys_read+0x10/0x10
[  968.238692][T14253]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  968.238713][T14253]  do_syscall_64+0x174/0x580
[  968.238741][T14253]  ? trace_irq_disable+0x3b/0x140
[  968.238765][T14253]  ? clear_bhb_loop+0x40/0x90
[  968.238790][T14253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  968.238810][T14253] RIP: 0033:0x7f9b7ccad68e
[  968.238828][T14253] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  968.238845][T14253] RSP: 002b:00007f9b7ac13fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  968.238866][T14253] RAX: ffffffffffffffda RBX: 00007f9b7ac146c0 RCX: 00007f9b7ccad68e
[  968.238881][T14253] RDX: 000000000000000f RSI: 00007f9b7ac140a0 RDI: 0000000000000009
[  968.238895][T14253] RBP: 00007f9b7ac14090 R08: 0000000000000000 R09: 0000000000000000
[  968.238907][T14253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  968.238919][T14253] R13: 00007f9b7cf66128 R14: 00007f9b7cf66090 R15: 00007fff8282bfc8
[  968.238951][T14253]  </TASK>
[  969.059947][ T5618] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  969.128895][ T5618] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  969.140501][ T5618] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  969.148249][ T5618] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  969.151860][ T5618] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  969.863242][T14278] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2633'.
[  971.036774][   T38] INFO: task kworker/u8:0:12 blocked for more than 144 seconds.
[  971.036961][   T38]       Tainted: G             L      syzkaller #0
[  971.036975][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  971.036985][   T38] task:kworker/u8:0    state:D stack:21536 pid:12    tgid:12    ppid:2      task_flags:0x4208060 flags:0x00080000
[  971.037045][   T38] Workqueue: netns cleanup_net
[  971.037079][   T38] Call Trace:
[  971.037087][   T38]  <TASK>
[  971.037102][   T38]  __schedule+0x16ec/0x5620
[  971.037155][   T38]  ? lockdep_hardirqs_on+0x7a/0x110
[  971.037196][   T38]  ? rt_spin_lock+0x1e0/0x400
[  971.037225][   T38]  ? __pfx___schedule+0x10/0x10
[  971.037265][   T38]  ? schedule+0x90/0x360
[  971.037300][   T38]  schedule+0x164/0x360
[  971.037334][   T38]  rxrpc_destroy_all_calls+0x44e/0x570
[  971.037494][   T38]  ? __pfx_rxrpc_destroy_all_calls+0x10/0x10
[  971.037532][   T38]  ? __pfx_var_wake_function+0x10/0x10
[  971.037562][   T38]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  971.037594][   T38]  ? __timer_delete_sync+0x53e/0x610
[  971.037628][   T38]  rxrpc_exit_net+0x6f/0xc0
[  971.037662][   T38]  ops_undo_list+0x49f/0x940
[  971.037696][   T38]  ? rt_spin_unlock+0x200/0x200
[  971.037723][   T38]  ? __pfx_ops_undo_list+0x10/0x10
[  971.037759][   T38]  ? rt_spin_unlock+0x14f/0x200
[  971.037787][   T38]  ? idr_destroy+0x21b/0x2a0
[  971.037816][ [  971.037816][   T38]  ? rt_spin_unlock+0x160/0x200
[  971.037846][   T38]  cleanup_net+0x56e/0x800
[  971.037878][   T38]  ? __pfx_cleanup_net+0x10/0x10
[  971.037915][   T38]  ? process_scheduled_works+0xa70/0x1860
[  971.037937][   T38]  ? process_scheduled_works+0xa70/0x1860
[  971.037963][   T38]  process_scheduled_works+0xb5d/0x1860
[  971.038020][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  971.038051][   T38]  ? assign_work+0x3d5/0x5e0
[  971.038080][   T38]  worker_thread+0xa53/0xfc0
[  971.038130][   T38]  kthread+0x388/0x470
[  971.038159][   T38]  ? __pfx_worker_thread+0x10/0x10
[  971.038181][   T38]  ? __pfx_kthread+0x10/0x10
[  971.038212][   T38]  ret_from_fork+0x514/0xb70
[  971.038239][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  971.038264][   T38]  ? __switch_to+0xc79/0x1410
[  971.038298][   T38]  ? __pfx_kthread+0x10/0x10
[  971.038328][   T38]  ret_from_fork_asm+0x1a/0x30
[  971.038372][   T38]  </TASK>
[  971.038617][   T38] 
[  971.038617][   T38] Showing all locks held in the system:
[  971.038627][   T38] 3 locks held by kworker/u8:0/12:
[  971.038639][   T38]  #0: ffff88801b290938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  971.038698][   T38]  #1: ffffc90000117c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  971.038774][   T38]  #2: ffffffff8f3407e0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[  971.038836][   T38] 1 lock held by khungtaskd/38:
[  971.040422][   T38]  #0: ffffffff8dfc8080 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  971.040494][   T38] 3 locks held by kworker/u8:3/56:
[  971.040509][   T38] 5 locks held by kworker/u8:4/66:
[  971.040541][   T38] 8 locks held by kworker/u8:15/3386:
[  971.040556][   T38] 2 locks held by getty/5362:
[  971.040568][   T38]  #0: ffff888036d3e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  971.040618][   T38]  #1: ffffc90003cbe2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0
[  971.040698][   T38] 3 locks held by kworker/0:4/11323:
[  971.040710][   T38]  #0: ffff88801a036938 ((wq_completion)events_freezable){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  971.040770][   T38]  #1: ffffc9000775fc40 ((work_completion)(&hcd->wakeup_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  971.040824][   T38]  #2: ffff888029f7e210 (&dev->mutex){....}-{4:4}, at: usb_remote_wakeup+0x23/0x120
[  971.040884][   T38] 1 lock held by syz-executor/11737:
[  971.040896][   T38]  #0: ffff888054082480 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  971.040959][   T38] 1 lock held by syz-executor/12343:
[  971.040971][   T38]  #0: ffff88805dcd8480 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  971.041035][   T38] 1 lock held by udevd/14003:
[  971.041047][   T38]  #0: ffff8880377ba480 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  971.041107][   T38] 1 lock held by udevd/14024:
[  971.041120][   T38]  #0: ffff8880377ba480 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  971.041179][   T38] 6 locks held by syz.4.2610/14206:
[  971.041191][   T38] 3 locks held by syz-executor/14262:
[  971.041203][   T38] 1 lock held by syz.4.2637/14291:
[  971.041215][   T38] 3 locks held by syz.4.2637/14292:
[  971.041227][   T38] 3 locks held by vhost-14292/14293:
[  971.041240][   T38]  #0: ffff88803d932cd8 (&vtsk->exit_mutex){+.+.}-{4:4}, at: vhost_task_fn+0x395/0x4a0
[  971.041299][   T38]  #1: ffff88803e476770 (&worker->mutex){+.+.}-{4:4}, at: vhost_worker_killed+0x57/0x390
[  971.041358][   T38]  #2: ffff88807d2c4d08 (&vq->mutex){+.+.}-{4:4}, at: vhost_worker_killed+0x12b/0x390
[  971.041418][   T38] 1 lock held by syz.4.2637/14294:
[  971.041430][   T38]  #0: ffff88801e7c8058 (&sighand->siglock){+.+.}-{3:3}, at: get_signal+0x238/0x1330
[  971.041483][   T38] 
[  971.041488][   T38] =============================================
[  971.041488][   T38] 
[  971.041506][   T38] NMI backtrace for cpu 1
[  971.041524][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  971.041552][   T38] Tainted: [L]=SOFTLOCKUP
[  971.041559][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  971.041572][   T38] Call Trace:
[  971.041580][   T38]  <TASK>
[  971.041589][   T38]  dump_stack_lvl+0xe8/0x150
[  971.041615][   T38]  nmi_cpu_backtrace+0x274/0x2d0
[  971.041640][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  971.041665][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  971.041693][   T38]  sys_info+0x135/0x170
[  971.041713][   T38]  watchdog+0xfd3/0x1030
[  971.041753][   T38]  ? watchdog+0x1c9/0x1030
[  971.041783][   T38]  kthread+0x388/0x470
[  971.041812][   T38]  ? __pfx_watchdog+0x10/0x10
[  971.041833][   T38]  ? __pfx_kthread+0x10/0x10
[  971.041864][   T38]  ret_from_fork+0x514/0xb70
[  971.041892][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  971.041919][   T38]  ? __switch_to+0xc79/0x1410
[  971.041955][   T38]  ? __pfx_kthread+0x10/0x10
[  971.041985][   T38]  ret_from_fork_asm+0x1a/0x30
[  971.042029][   T38]  </TASK>
[  971.042053][   T38] Sending NMI from CPU 1 to CPUs 0:
[  971.042082][    C0] NMI backtrace for cpu 0
[  971.042103][    C0] CPU: 0 UID: 0 PID: 56 Comm: kworker/u8:3 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  971.042127][    C0] Tainted: [L]=SOFTLOCKUP
[  971.042134][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  971.042145][    C0] Workqueue: bat_events batadv_tt_purge
[  971.042179][    C0] RIP: 0010:rcu_is_watching+0x44/0xb0
[  971.042205][    C0] Code: 73 65 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd 90 87 8a 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8c 25 82 00 <48> c7 c3 98 de 6a 92 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38
[  971.042220][    C0] RSP: 0018:ffffc9000122f8f8 EFLAGS: 00000246
[  971.042234][    C0] RAX: 1ffffffff1b150f2 RBX: 0000000000000000 RCX: 0000000080000001
[  971.042246][    C0] RDX: 00000000e17b9311 RSI: ffffffff8ba75940 RDI: ffffffff8ba75900
[  971.042259][    C0] RBP: 0000000000000001 R08: ffffffff8b1dbac0 R09: ffffffff8dfc8080
[  971.042270][    C0] R10: 0000000000000000 R11: fffffbfff1f10b9f R12: 1ffff11003577848
[  971.042282][    C0] R13: ffffffff8b1dc64f R14: ffffffff8d8a8790 R15: dffffc0000000000
[  971.042295][    C0] FS:  0000000000000000(0000) GS:ffff888126186000(0000) knlGS:0000000000000000
[  971.042308][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  971.042320][    C0] CR2: 0000000000000000 CR3: 0000000051a1c000 CR4: 00000000003526f0
[  971.042334][    C0] Call Trace:
[  971.042340][    C0]  <TASK>
[  971.042347][    C0]  lock_release+0x4b/0x3c0
[  971.042370][    C0]  ? batadv_tt_local_purge+0x2ed/0x380
[  971.042391][    C0]  rt_spin_unlock+0x15b/0x200
[  971.042413][    C0]  batadv_tt_local_purge+0x2ed/0x380
[  971.042432][    C0]  ? batadv_tt_local_purge+0x98/0x380
[  971.042455][    C0]  batadv_tt_purge+0x35/0xa10
[  971.042476][    C0]  ? process_scheduled_works+0xa70/0x1860
[  971.042493][    C0]  ? process_scheduled_works+0xa70/0x1860
[  971.042510][    C0]  process_scheduled_works+0xb5d/0x1860
[  971.042542][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  971.042562][    C0]  ? assign_work+0x3d5/0x5e0
[  971.042581][    C0]  worker_thread+0xa53/0xfc0
[  971.042612][    C0]  kthread+0x388/0x470
[  971.042633][    C0]  ? __pfx_worker_thread+0x10/0x10
[  971.042649][    C0]  ? __pfx_kthread+0x10/0x10
[  971.042671][    C0]  ret_from_fork+0x514/0xb70
[  971.042690][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  971.042707][    C0]  ? __switch_to+0xc79/0x1410
[  971.042733][    C0]  ? __pfx_kthread+0x10/0x10
[  971.042755][    C0]  ret_from_fork_asm+0x1a/0x30
[  971.042783][    C0]  </TASK>
[  971.182009][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  971.182032][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  971.182059][   T38] Tainted: [L]=SOFTLOCKUP
[  971.182066][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  971.182079][   T38] Call Trace:
[  971.182087][   T38]  <TASK>
[  971.182095][   T38]  vpanic+0x56c/0xa60
[  971.182126][   T38]  ? __pfx___schedule+0x10/0x10
[  971.182155][   T38]  ? __pfx_vpanic+0x10/0x10
[  971.182188][   T38]  panic+0xc5/0xd0
[  971.182211][   T38]  ? __pfx_panic+0x10/0x10
[  971.182237][   T38]  ? preempt_schedule_thunk+0x16/0x30
[  971.182274][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  971.182303][   T38]  watchdog+0x102c/0x1030
[  971.182334][   T38]  ? watchdog+0x1c9/0x1030
[  971.182362][   T38]  kthread+0x388/0x470
[  971.182395][   T38]  ? __pfx_watchdog+0x10/0x10
[  971.182416][   T38]  ? __pfx_kthread+0x10/0x10
[  971.182445][   T38]  ret_from_fork+0x514/0xb70
[  971.182470][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  971.182492][   T38]  ? __switch_to+0xc79/0x1410
[  971.182525][   T38]  ? __pfx_kthread+0x10/0x10
[  971.182552][   T38]  ret_from_fork_asm+0x1a/0x30
[  971.182591][   T38]  </TASK>
[  971.183179][   T38] Kernel Offset: disabled