last executing test programs:

12.302705573s ago: executing program 3 (id=2081):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = gettid()
rt_sigqueueinfo(r1, 0x21, &(0x7f0000000100)={0x1f}) (async, rerun: 64)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000001c0)) (rerun: 64)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = getpid()
fcntl$setownex(r2, 0xf, &(0x7f0000000100)={0x2, r3})
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000001c0)=<r4=>0x0)
wait4(r4, 0x0, 0x80000000, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/packet\x00')
lseek(r5, 0x96, 0x1) (async)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x10)

11.977806111s ago: executing program 3 (id=2085):
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x4, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, &(0x7f0000000640)={0x24, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000002fc0), 0x242002, 0x0)
fcntl$setstatus(r4, 0x403, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_buf(r5, 0x29, 0x6, &(0x7f0000000180)="1000000000000000290000003b000000", 0x10)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r3, &(0x7f0000000080)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
socket(0x11, 0x2, 0x0)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0)
r7 = eventfd2(0xff, 0x80801)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f00000000c0)={0x0, r7})
ioctl$VHOST_RESET_OWNER(r6, 0xaf02, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$sierra_net(r2, 0x0, &(0x7f0000000240)={0x10, &(0x7f0000000340)={0x0, 0x1, 0x5, "ff8d51a049"}, 0x0, 0x0})

9.042753432s ago: executing program 1 (id=2100):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8001, 0x0, 0xb, 0x8000000000000000, 0x6, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="12011001000000404e040c120000000000010902240001000010010904000002030002000921fd7f000122eb00090581031800f600009604ef4b84baad4e655067db9f8df4f5c83ccf7401d01b33c7fa39fe9d98511d89ecf9ca78133dffb838a38f4c5a660c9464cd2b59cc6442393cc16d13b0b1d9b82e62c9c664b1be205b4a730c15ece6eef53449bf6812b31eebd09291f2a55e884f2bc240169d820533521adb530d8a8dc9e83fd9fd15217979a70ca7f45c090000005833ef5f5bb9ff01d2"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r3, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
read(r3, &(0x7f0000000200)=""/95, 0x5f)
syz_usb_control_io$hid(r2, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x17, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7f2}}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
writev(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}], 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, 0x0, 0x0)
r5 = syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYRES8=r0, @ANYBLOB="3191841a719548e75f9ec2d2d32d9e3dc4634e225f36901eafcfee5c039f2f632940e4ba0608b2c5f3815bda9a06"], 0x0)
syz_usb_control_io$uac1(r5, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="281406000000f99d5133974f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = socket(0xa, 0x3, 0x3a)
getsockopt$IP_VS_SO_GET_INFO(r6, 0x0, 0x481, 0x0, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={<r8=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000000c0), r8, 0x0, 0x0, 0x1}}, 0x20)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="160000001f0137f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {0x0}], 0x3)
syz_usb_control_io$sierra_net(r5, 0x0, 0x0)
unshare(0x20060400)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x4)

8.8263395s ago: executing program 3 (id=2102):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000140)={@remote}, 0x14)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x9, 0x0, 0x0, 0x0, @tick=0x9, {0x2}, {}, @raw32={[0x400000]}}], 0x1c)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
listen(r3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r4, 0x6, 0x17, 0x0, &(0x7f0000000680)=0x37)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="19"], 0x48)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x2c0, 0x0, 0x700001b, 0x148, 0x150, 0x148, 0x228, 0x206, 0x240, 0x228, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x1ea, 0xf0, 0x150, 0x0, {0x390, 0x8f00}, [@common=@set={{0x41}, {{0x0, [0x5, 0x2, 0x1, 0x4, 0x5, 0xa], 0x3}}}, @common=@set={{0x40}, {{0xffffffffffffffff, [0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x4, 0x1}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 0x7, 0x0, [0x2d, 0x12, 0x2e, 0x40, 0xd, 0x3a, 0x23, 0x2b, 0x103, 0x1c, 0x37, 0x15, 0x19, 0x4, 0x31, 0x1d], 0x1, 0x8, 0x7}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x900, 0x10, 0x8, 'snmp\x00', 'syz0\x00', {0x8000}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x320)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f0000000580)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
recvmmsg(r7, &(0x7f0000005180), 0x400000000000166, 0x1a000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.582299031s ago: executing program 0 (id=2106):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000040)={0xa, @pix_mp={0x3, 0x708, 0x49433553, 0x4, 0x3, [{0x6, 0x1}, {0x0, 0x75f7eb8a}, {0x0, 0x9ea9}, {0x6, 0xffffffff}, {0xffffffdf, 0xffffffff}, {0x5}, {0xe5a9, 0x5}, {0x3e92, 0x3}], 0x1f, 0x3, 0x8, 0x0, 0x3}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x12, 0xf1, 0x3, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182})
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="0600000004000000be7000005c000000000000", @ANYRESOCT, @ANYBLOB='.'], 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x1000000000, 0x800000, 0x43, 0x2000001, 0x0, 0x2004cb, 0x7, 0x1000000, 0x1000000068ff, 0x5, 0x9, 0x3], 0xffffffffffffffff, 0x202})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000380)={0x2, 0x102000, 0x1})
ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000100)={0x7, 0x4})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000000c0)={0x3})
ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000140)={[{0x7, 0x1, 0x2, 0x4, 0x2, 0x4, 0x8, 0x1, 0x7, 0x1, 0x4, 0x3, 0x3}, {0x80, 0x4966, 0xff, 0x0, 0x8, 0x8, 0x40, 0xd6, 0x4, 0x0, 0x2, 0x5, 0x5}, {0x94b5, 0x4, 0x0, 0xc, 0x9, 0x6, 0x1, 0x3, 0x4, 0x5, 0x4, 0x0, 0xa}], 0x3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6.309350045s ago: executing program 2 (id=2107):
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, <r0=>0xffffffffffffffff}}, './file0\x00'})
r1 = socket$kcm(0x2d, 0x2, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES8=r2, @ANYBLOB="0000000000000000000000000000000000001000", @ANYRES32=0x0, @ANYRESOCT=0x0, @ANYRES8=r3], 0x50)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r6, 0x29, 0x4e, &(0x7f0000003980)=0x1, 0x4)
bind$inet6(r6, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}, 0x1c)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r7, @ANYRESOCT=r2, @ANYBLOB="1ef1903d53cca17da0d1eebaf71f8fbca3ec9d0b01009f4a55699ad6af7bbdaeebe51373f0660311f6ca023804d11068c3e63ea4da228828e267fdbc985963e3966ff325d2deaf52ba15c6497f0b2797111687d28fde39047398fd50a23d1c81771718ee605104f04077365a3cc52ba56543197d38f6e9552c6eff9f3c966d256cdd8beca63aa475e26c98b87a2e083ca0ea6d8779db3fd1e13e15d6e360dc59bbce67ca9f0a46dd8155daeeefd8cbf44455bd13b72a47481e55788ef0fc", @ANYRES64, @ANYRES64=r6, @ANYRES32=0x0, @ANYRES16, @ANYRES64=r7, @ANYRES16=r1], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x2000000000000030, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000100000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000100), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r9, 0xc0145608, &(0x7f00000000c0)={0x8, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r9, 0xc04c560f, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r10 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$FUSE_NOTIFY_DELETE(r10, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x2a)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x106}}, 0x20)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000100), &(0x7f0000000140)=@v2={0x2000000, [{0x4, 0x3}, {0x4, 0x4}]}, 0x14, 0x0)
truncate(&(0x7f0000000180)='./cgroup/cgroup.procs\x00', 0x7)

6.246511045s ago: executing program 3 (id=2108):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x1e15c0, 0x183)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x48)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[], 0xa0}, 0x1, 0x20, 0x0, 0x8040}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0x0, 0xffffffff}, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000840), 0xffffffffffffffff)
mmap$IORING_OFF_CQ_RING(&(0x7f00006ef000/0x4000)=nil, 0x4000, 0x9, 0x10, 0xffffffffffffffff, 0x8000000)
setuid(0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000000c0)={0x14, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0xa, "858faffb"}]}}, 0x0}, 0x0)
r4 = socket$inet(0x2, 0x3, 0x9)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000000)=0x7b, 0x4)
shutdown(r4, 0x0)
recvmmsg(r4, &(0x7f0000001800)=[{{0x0, 0x0, 0x0}, 0x3ff}, {{0x0, 0x0, 0x0}, 0x660}], 0x2, 0x10000, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r6, 0x84, 0x1c, 0x0, &(0x7f00000000c0))
syz_open_procfs(0x0, 0x0)
write$cgroup_int(r5, &(0x7f0000000000)=0x800000000001ca, 0x12)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200000)
syz_io_uring_setup(0x24fc, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000000))

6.151669143s ago: executing program 0 (id=2109):
r0 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
clock_gettime(0x6, &(0x7f0000000180))
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0xa, 0x0}}, {0x6, @remote}, 0x4, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 'netpci0\x00'})
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xfffffffffffffccc, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYRESDEC, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000040000000000000000000000000000008a00000000000000000000000000000000000200000000000000000000000000000000000000000000000000002000000000000000000100"/108], 0xb4}, 0x1, 0x0, 0x0, 0x20008010}, 0x4000811)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2566e506bc", 0x12}], 0x1}, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000480))
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r5, 0xc0684113, &(0x7f0000000080)={0x1, 0xfffff800, 0x1, 0xa, 0x8, 0x3, 0x500, 0xe, 0x9, 0x40, 0xffffffff, 0x2})
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x1, 0x40)
process_madvise(r7, &(0x7f00000015c0)=[{0x0, 0xb3c9de750fa141ee}, {&(0x7f0000001600)="7fe370522d6af6625215f1793293827ec1fbafd2669ec71d6ec4f18aaa71edae948611d70900e80e4116a3c114041430f19bd4f37e3c7238ed6e6d46979c2220bde96ffe55c88d2e697fd133e5733e1bbb159ba81a1e8e2fb2e51596", 0x1}, {&(0x7f0000001300)="0454c96113b0da138a30557b0c026d7c7ba28c5cf82e468ed91537d279936ddcf06ef737e0943554457a28db61aea38a154bf19b456388daf4df61c9febcd9b8a2b14929c6f097f4ff11e686a8a37381b9321ae19dd77be474863e35633dec7003568e91eab8e870a93a73b6dea475547a826b25021aecd727c201c9cea0bfba0122b00573c286b821d43d0b4e38ec90b7d08565bf81862bdf5115e75886e742c51e058d0752982da309d53a7c0d320fdbd38bfaa998ff981d15928f783b2728ecc210898685dfc72398e665b7892024c0ab0dcfe9d3fc", 0xd7}, {&(0x7f0000001400)="3e519bc4eb7b0a55b33bdb22cc7ca76aba33506ebcf89e67b16583e68404bbca008b995a73322a4cc7a3c436e94da49121c4f225ccd342612b46beb2f569a7a0423c0cf79f2d94c015b7b47bc11d5fe599214dbe7f92c8a14b6d254a8daa074ece2708f10e912eb72cb22efc14a0d0cc7cea79311ead3200c7aca0e920d83c8d7b92db", 0x83}, {&(0x7f00000017c0)="5b297eb99162bf8668778501ce5385511d7d796a0aed27798b84852b8a9e85799af33e5de7cedbf88498be3b0b5df9f8ef11583a3bc3bdb6a1e5875f7494479905ca1f1feab109950b1be9946ac49c25c786113854b30003b573910a764104358c8b5899a86d2c25b7a2886023cee43b19c199a7c14017514656dcfeca386529d78597365934ca776ce9b8ee9d9e8b6d8c0789555790eaf1c1e6d2707c80f2a1558e720cc345a467af3f378dba06074d8ad43d61a8707a864bf5b7ba049c2b5836366fac540084a1986d713c58a932892237198aef95b616eefe20457d0b28ab35b7e8beefe6990b9bbd1cbb0cda68fd1e20c91a6ccd555cfe9c51d4f7bf082301fc61db5c7afcaa0992098895487418b1e78576e7d8f0989c9f4aff953c2f76c014b559ff40416df4b460e7da2e299bc58c8f83c070a9cfd8e662bdf8e5169baa393b1f2bd2b7bdc7886c3002e81501cc20abbcf665957e1c4a514dd15634a07b5618fbf03d23a93d2829deaeec967fb8f7b05ab4944553e8b96c5700e388e55dc9c60c6948f9382583622a37b7c81dfa5cea56b8e060aac882d0117585e0508c929591a7f0be8dfa96204f7daf90ce74e1891ba5c3ddc17d42cfafc8e12ef4109b5ec4e687389e1f325a6f4325c0eb034306588050973a24d7bf0d0044243cdfd672f4acbc115e81a83170b43a03c713e61c6ba573ea54d59b49b516800d934ae5c48d51551af9ee1f6143f9c4924b842d43208d52e4a34b4ccf167f347608d9c69e3af1a9f5507e35c198be14cff8170c82daa48cea49bbc2db68d8e8bf5752f13ebd80d510799c54d0dbee1792499c71e5db084babf44a431a4728a0f6702b4ad93d1fb5ebfef6a24b1fa057a8511df4c022e818b7af2ec354b47d34653172f75498298f8dc9eca6f478b5f9dc78f7b60401cf27fe9b1eade2d6bf7f50cee7197cd507c2766cc6b2163bd511aaa8d69dcaea44a7f37401faa0979182e51c59cd7b3189d2e8956405a2f27ead1d48b5aa421f04fdd87ef4fb3125a7a84e98719a79608d4bc70424ddc55dab8cb2b144682bca8497add2445319aef1a6db595685f3e0b049da99940d2803bc1ecd976887476cfecbdc66eea6da65e0251cc881f3da972011f37d11bd8828bfb2be9940f2508dcfa8c0e34e9e7a3ea3e7bf04afffca71c03d978507d87ee84241e5dd781c0caa8ad5320f16ed28c89af73a9445fe4c425605f6b58653cbb0909cb9a857b0c0c115104e879e41a2e05ccfcd6866d24ebf622a85ab638eab2ee2a7cf2bbd017a1509d25f65af4f63ed5dcc9586b133d52fd487e4c5238adee5bed4811def93d6723a9d4093b717ffe89209b126feee98bb276851319c2bd94f8327019d130a282fc6cf26d14ed15da2d607937a117bb6ab67fe36fe01562669dd70c649f45cf13240eef58f86f5ef3ae28cdc3e43d9f9d2ba4325a76965a2975e8174503bdfa199a38e0b58db63bcf1e5eb12de33c64b2ef33669fc9949151d8ba011200c884c5be7b84c1754d1ca896ce4ee9d6fb2e6fd4ae106418c800f2f78a7aed2eacb6b70e5aa926d21508e946850d52fc33ca95d00a5ce212e7731228c2d42bfc2881fda943aa8410156694be406a5936ef6ebb26a0a60cdbd5fd960f52bc8e574e9acf24c4d73416d3ef68417a2fe221cfcbffbeb194cfcb9802a5204f01532f8970ede7b7f7b2e093ed20686b545ac67c8d0f628269b373502379f3f3a5bcf1bbf1181d3de177ff5f1e05783e959739468a351bf539913774349129cb27f8a30167d86d2659954ace32de6e92e3fad637031f8f4b75bbb419d30c44c8d35b3db0ec43e7aaeb826a20afd3419439dce1db6112b6c8c236f5d7d563b9f0233c78875e5502cccb45ef8cb6fbcc6da3882ba86e8daa6afbc70f5192e76151e9633069a7d6b94f7b44b95a62f01d554000558deac1bbac044267a4a544ab336e83db60ba9a828dd0cbdc709dd1147a9f5c4b29d1f40eb87b7bafe8a7e29fea3a0e586bf84bb5a2aeeaf6c389e7d48b52f77e53f5b6d30e4d37a19ec2739c6fc80773e29a74ad01d2862e9e249c54a3f845a3045d964e371350282d5ee63a33f5d9d5d2889e60677ad3a78d7e3936f0da3c2a26a7f74ab598a7a0da120c2fe531416750f7dac241fb94962db31a6de323931bd0645510eb72bbddf8ac9ecba6a4b2e4039e36b96354a12d34186c2cefeb434a273c9eba6cbe055527c59815b1ae0b1d845e6d7fa935d7240bb202d42327d45433f214d4e62cbb5b51f354c2d8d232ddeacb829c99c3f4366e4541003f25dda0dff6c38afba9f1eb0383d8d824aa43be4f9784fa9c5181f8a373c3a35c5151b0402399dde92d9a607dc2768b258c9014dfff807f8389f0b8bc913eb0eec400f986dbdce9c616b7b2f7c671625f6881a4350b04117c251f4cba880908a9b2c44b4e886a8f09f3f57da1b04d6f28dfe47e34f1f6d9f8cb23658ec21d36a48d2cc9348dbf4f067446b995138d9bf37f218ab4f5ccbc21f9bf8b904253764fc753113350b69c6701b72c98d2d3697f46431c9cce4c1d089e535fbb1904fa2ff17b3f611300b91316c7f150ae0c6fd2acdcff3b4f49dcabd4ad54632d3dd6ab48e75197c97a52b93a6d5b68acebddfc2bdad5bc0c5f4b2e8b77799e2051e7a6c3a869e0fa5ade0245881e196a9a09d39a638e8d13ee6e667e04128ad6c56d01f18c1f2f624e4dbcd35769de072db3d688d9d91e952666992f0d2717799ee42ebda848735da9fb6b5a99425b940290aa42046a915d952c551ac00215e7d3c6b25fce0f9ef6b6a015be9cb3f1ff234c672d9e34f5d90af85fd5d0660b82d4b7fe851b1e4028f0bf55646b0c0d7161f760a2e598c1703361edf16b0a337cf808eefafd75807bc8caf9599b5e4e13eeb34e574b45bba80dc87eed30555135278751b4f9577a330c832058c680aea14338eff9d74dc7ff736823f6be457f89d50d3a1ec6f3a7228a0f75438587667f4d1307fcb04859728bbc5e4dc08b0e731acef19f37bb3a111d4abdea5960162cfbf89c69a7ac0827a3be22a362bc26759779f516d49acb2bde5b2c6bc32bd822ec771b0d0f106d8cd1e7739407632bd0db40ebaadd0ddb237a0c83448a5f1a6c4c67b6619b930405ea33bf5f80f7979ca431c677f2d46164e890c646f5c385eecff870f61e0da713f15301a7b73027b5927f9db8ddde589fa6f425fa365e38721e0a448ea9fb0dd0988439462d27ad4c3240cb719c6c649e5a0978a5a462c0a4ef4771609f3270848d44f018a655d6571c8876029289de163717cc646ae2159e94505736332e49610d054e43ce5542bbd7f7c61cc30bcb773e79ec6aa05368fd15d88c5b998bf963eebbf934df25d9c9f59cea6b1df3a9000ee2ce057a695de1dc8a1534abc489862e25d9113a14792b271bfa079908bf08d0c6c4eaa4b35a32d56a16c2161fda15087a3fc9c0364915f997c0026ea6d9e7ef9b21d0ef700007aed76cc680990a3a6ea8980ace288f6c53e33b5ecb7c8d5ed3fc79376daa5221a687cc29f67fe85fc34f0eca6970aa4b5bc1ea0d154d7fe551be3659118537557979086791ec737ef6401323114dc7d7664cb7fcc72d48a7cc03ded28888cbafecdc92cfec2dc9f9babf1438b7ba5a947ba1a73f703e293734a2f39cdc9844f99383a604378862d91e86ed9cca7664ea5682d5724473574a206279b95fdbc6a4a3489aabb5847c0ed92c6b4774e3d0510604c379c129f7b23ee80594831d39b88d33e425b0c9aba6c87ddffe6acb9e85693e4f0e8c260786094e7eaf91d8b5cc641715c1455108227104cd8330144d3f300f88edc5bd4264148dcdb55136b596290194804ab82965943dd8e26bfdf31ad6a066a471caaa17752c82e16ad4457b64e05cd30ac3a4310d069fdbf3941ff99b9b9ea0c4c1abb6aaefbad1f6419396c266def91d82ca41dcd5423dbc3d6612a65513e5756d1fed8b8994ad822bba044f1cae538fdb2332eb7b536fca10256fd1a34485944d82a28a71060a0c4da91a8cec97c54d17421a9a365abacd045de779313c83d2901819cd348113eb02f882f49b117f6d4243ffce69a896d0fd27f8f57eca27181a12d60851c21faa3588cfa8777562ac41ae84f73ef0bbea69645630f34686bf8eefd2be84e24ad0705a32d5c064723cd587149b47924cf4e4949dc42a33d8dd10d846ac5d7f6de6a9115307bc6b1269bf2121101db29ceb2af0ab33037ca283f3c828485233435bc9dfcf94ebe51278fb40c83d5e3dcd05e40f7c876ee7e5ebc9dc74f7d1e1449f4dc6f563b26db4b09ed6b430dab97b184f579d2e92693daff76aa9dcfeb631bdbc3514ea131b947e7fa78e86138452c611980df77a6b79d00d2a072f54b2c10a1c41dbe7addd4af58c9d55f1994b6f7aa688f4dc76e9bd02bd0ca3c8d08f6c300459c7508198de70460f1e59e067a261b2da5ecfbc97e89ca5fa1ff3ad3c312f9c9d04d5883ea654d213dd951c8a89d9f4da04614fa6f590d588d337facbdd443f62f7d9e6f78e0f1257fe69ac21bcb1456ab0c5ab32a8f5842fb77704f0e218cb9947e65ec5e96d591fb16317a4e441b6fa1767db363c3c6171601925a245ba14e37def27392d6c2f9a80a628509e0efa5f490dd3fa713870814a06bbfddfa5cbb06383ad303d46e3fc4d89b5552158dc8cf704ec903371f302eb320e801aa1cde570aeb322b3f5c95cfed7b5e1222fa0c71bb550b79d5f18971cab1904ef371b9cfcee444d764d744e270dcf30a6552a15dd67865ea21ca1334845ac7b31b11e3d5b6bab70073fcd0ed9891b1e4ba9a616f01c74671e4b80239a97fe8df9de1bb7196b7e0017b3cfe8d58b570cf641450c7eb82a0dd2f3e784ae4e9b1696c7731f56e10914f40ce2f0231982a588d19216dc29166aca1e272c2532eab01cbfb9c85f5bd72a9ffb4973ee111fabd1ef30b49eb6b085ddf3802f180335375f29da76a29edd3de27deaf6789f09d19caf1e6b146125adf8ac5bf259158863211e692d250962462746cf851c9198f8e2c43a69748db7760d4e2f3a98aaf9233bca7a3f94b36fff09e2a3241308f49b7b45a26918842b65a6a7bde1a5511af94cec0f706bf79a633088afe0c46ae8d61ac33688245bd63a293019e94608ff03cff41c1f798fd54b1f30e35564130f27838108bb6bfdd4e91ffe9a76dbc83f4ccbf7eebb01032808e58de30eb9be1c51440b6619be93d6e7d014ddc7183a4e1817128310e42c9575035f914d76378a0a914d5077ebdddab617a10996b8f398eee59d3b59775dc1e4db102d358615aa9d11cf9a08980be3bfc745f559779b5d40cb6e7c459a16f556eab0175dc4349dcf0143f3dee7f245d2ceb806ce2e636ae725cc0216450b68b3bd0b044a6bf5473524767929e2d03c1b4bab7676fc21928b11ae6d825fc35390d3566dd0adb04fdd74f2c491976fe99c3b6b64133d48ab3a45802920484fcd48c1c6424e97cda1a908373b487e3fe20baba119e9e78058c87bd6739a0bc18c03711d2c67630b5e106cac711324562008bd1243de9762a319c95166896a1f1098ded95b894e91b9516c6ccefa7061cab567fe150fb9c2c30b885fa85307f2d14d35446304d4d77af46d312860887a7b3781b492d98322b2cbbbbf7aabd3974de1e5e4afe31fd401e4989bb42b75ebc4d0306b43c7cd7493a46b2d86b374160bfb63972edae4ce984392007afafdb424d85ad234b59c5f4b248674634acfe10739dfb1a829d7a118f3b8b7e2ee4f5b6622d1d43", 0x1000}, {&(0x7f00000014c0)="6b553f4de4ed875c9fadc16852f54981bcd646a5262fc3900592194638585e3d2e79f074f796720749ddc1a2661dcb2471a47d963fb4d817dfdb5f52dc8ab642030c2c771646051d08609527b36368b80794b8cb63fe817c3379951a047c5026c2e99eae6dc05c6845529fb603666d78c0e1e5f7bca8f1d8584b7409ccaf0da598af64d7bdd2ae21ac4fb4e07dee96a92a8dddecee7ccbede2d0a7d4f2da90dc3eb4ae8895091f05db58a786519f6fc924a465cc46ae6a9b8705de0705b8bab4f10cddc7756c53eadf4aa6e2379fd85e9c5e7bfc", 0xd4}], 0x6, 0x9, 0x0)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000480)={0x2, 0x3, 0x0, 0x9, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x6c, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_x_nat_t_port={0x1, 0x15, 0x4e20}, @sadb_x_nat_t_type={0x1, 0x14, 0x3}]}, 0x60}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCINQ(r9, 0x541b, 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x28}}, 0x2000060)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x200000e, 0x6c033, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)

5.360805368s ago: executing program 1 (id=2111):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x44001)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000140)=ANY=[], 0x4) (fail_nth: 3)

4.693199298s ago: executing program 1 (id=2112):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x4})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r1 = userfaultfd(0x80001)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4000009c, 0x0, 0xeff}]})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x4c)
r6 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
ioctl$I2C_PEC(r6, 0x708, 0x11)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000300)={0x1, 0x0, 0x1, &(0x7f0000000100)={0x0, "fd6d44512b7e1b0420ec2a3ba53b31dd77e7ffffff0300000000000700"}})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r7, 0x0, 0x32, 0x0, &(0x7f0000000300))
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x4, 0x8, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}}, 0x14}}, 0x4)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x3000})

4.68859488s ago: executing program 2 (id=2113):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd2(0x50, 0x80001)
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000080)={0x1, r1})
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000000)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71036000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

4.559585294s ago: executing program 2 (id=2114):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
openat$dma_heap(0xffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000b00)='\\\x00', 0x3)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000b40)={"7d0eb4360187ecf085ba7b5a2ac5dc08db2d6098541a4b6e88f8eba6d7158561"})
r3 = io_uring_setup(0x6f7f, &(0x7f0000000b80)={0x0, 0x1c21, 0x40, 0x2, 0x391})
sendmmsg$unix(r1, &(0x7f000000a280)=[{{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000008c0)=[{&(0x7f0000000200)="ed3fa176b755e78a687f804b4012889e33c08355a49f7cbc2fabf79e3993df168e24fa7cd0f5512f55ec85245b09e56c085e75ade27b5e0782065a2c7d4074015cb73646f5f69fefddceaa0bf1350e8f24e654316fa8", 0x56}, {&(0x7f0000000280)="dc2fe671274173c5c754f36cbcc4265254834f16374d3a92fb1ec2229f34d8ec1421cdf1b6b9aa81a46dd195ee6d9982a0db538e9f6c0fb498e8d49f1190db295ff6e981b7a204af7d637f20e091f17bb7584e89e318ba4200403cb33707d025766c68f28ba9d4ed792d5f78420872a5ab39e6cf3dc67a27aa75387a3d4bee454cc26896f426d207ca101a4c74d2c7fe7178d667b6227307f51a69ffc2d0fed080fe600756adc95f0a94c1e43841954c95e3f0b196b25a0184f4bf2a10d370c41cc86fb8e8a655a62d77e565a9e42b61570eb517ac81fe9f8e4cff276b9d457e", 0xe0}, {&(0x7f0000000380)="aa4a3d9d54c4d5718d8065660b528800c251", 0x12}, {&(0x7f0000000500)="a93ebda42afa8895b2bbce118c36374ca259da9a3ee8ed238adc0f9475056cde9a752b7da9e5cc6eb0130b251bd1e0b5bb7fb85a4d89a8cba330a92af699d155deb39f4a5ca4c5365820044a47a47a3134664e1e7a441b25adf7d49eff458b2d15434333eb400b632d173e7b3b9a2026c582ed651df1658926486a555403996ed0361268ed098b4354f83fe8b0daf467", 0x90}, {&(0x7f00000005c0)="6860050ca596129a2f6ee59709f1454fc6c4b1bee6ab2b5c9bd78ae0c6450c08afbd4238d6190e17c75a5eb23da58d7bc1d51c9d206b5b98a655cdfc92b049a3d24110d0e32200dc3196a5d74300865099aad9ad055499be1ed7e71dc65ba57427d7124c81663b48406d12b13f6104edab4c8351", 0x74}, {&(0x7f00000006c0)="762c1c4588a48c99f6dd79abf439210eff853edca1cc01d5868b2c1ea787df55bf8f8d509e4af8f93b2f6c9c7f9452d27294146d71653058b52c763ef9b43fb492cce00681c040b68d67af438201a3712e4c2c6a0405beca48c1485a522bd56ccff5a607e8c4e01d30551ca68b96d05768aca2541bd2c56b72d81f7d2b0075404aee12e1c4a536f7d6e2cc80c6429fee3772bbd323e925ede2d0e7d06e01ad96b7a93404f24a06e6fd797fd085b5e487f0d0976fb55ea85d425c6fa7cf3fc224722c23ddd93db1bf13", 0xc9}, {&(0x7f00000007c0)="067fb953a8dc9f149cf6e2991e605e37269200ac70889fc849cad39072e1334fae759d7190236bba600014df1edfaed46428de024c51a5c8ae8659e6c4804474f1a14a47a92be79bfee2f21642c181aa541e30bae05464f17cec28a59bbde44c23f2cf84d0f1c4f39ebcc53c1461dd63711d94", 0x73}, {&(0x7f0000000840)="18598e7d75f0dad4b99162f4e6dd311c178ef7aed756a60a9d1c637d6df3c7568b15419a3bdbb06137bf51ee5024e62ad5eb2f40bb04b5ee729ee7a3e196762a59834bdac7d8ff2010341fea73627930adfcdb978e9dfda17517494fe5bf428b033c43", 0x63}], 0x8, 0x0, 0x0, 0x3e7f3f575471ae49}}, {{&(0x7f0000000900)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000003c0)=[{0x0}, {&(0x7f00000009c0)="f37af7314a8f0fc7db89f363b8da170ef6b7f9d6ea079c6a96de2bbc0ecf5433217d7419e307acd222e85651fd319b4722f2e751583ebe28b069e1899a12d674262f9e485e5e4ca64d31772ac995ee81610cb671cc6dfd07a3b022b308b09b6304c4fed5bcf33f6606f0ff1a078080d40f96c38231cfe5552c4979be307e43795382aabdc979909a", 0x88}], 0x2, &(0x7f0000000d80), 0x0, 0x4}}, {{0x0, 0x0, &(0x7f0000002b00)=[{0x0}, {&(0x7f00000025c0)="a4293e274990dd43999d258c10d342dd332e45c69a26318cfb6f9bf0043a898ea70060ea0b5e380e700fb43ecff23709b7b71dd90632c891d8593290b8d23584750e43e5723b7ad11c8f485a27af82cafd79c37aa56e66a2deca088fc360e810e20518443d4f7960a983f63eeb132a18510de98d7bedb1cd35d222cb796de9823381d21417d57f8d", 0x88}, {&(0x7f0000002680)="6eff04bb93a80e7264c53dc54bcbc75f6990851b11d8a563dc2fc3e8301c713ea09db05b49f5bb3049a615c6d404afe10f4bfa7aa4b347367e2c5957c75705d5d0a1f9be3294a9928dc936facfcada729b418fd61614895a43ff177f7caa", 0x5e}, {&(0x7f00000027c0)="9b93d5c91c7d58b0f4", 0x9}, {&(0x7f0000002800)="9dd98c1f6e5bd11528568cafc73eafea1124d489123ab3b954f71d4c4b85ca088ec22c152d9ae27a400b7b40a4778b70920879a38580b7b47021577f13ba4e334d4fe0bb03df32157a645be99a9cbc1b113acba3a73635364cf559b165899e70cb8cf851fabfa04a7ce062708e74f0ee20cb34b925d9b4a49e", 0x79}, {&(0x7f0000002880)="9092c3dd9b68436f36074206fcd387db9620dbac264fd3f061c38cbf46024e6453f936b68fcae288e180f01d059b5604edb73382e6984b91fad7b829c98caca930c07cc4a472727c2dbd740dcc81753973e3d11ca7247218104fe2cace328b8db2e9aed2ed2125422660a754f515eaadd1ae23d26efcaf29fdbb4821e684", 0x7e}, {&(0x7f0000002900)="ee7d21470681ebee0ece509b380da10a1bddae449a53509913c938b70621943f8b9e98fbf429eccd508a2c19fe7a138a3799f421e0cf15a3a98893487601000000e475f3c5894bb89c56364292eab6ee12bf0ac6f55e521fc91df761452bbb532b22d82deae02e7fd7fa1e67696698510239f9b9c048289ba0d4671e818f4380da6f6a92d4126a3852330c6bf6dc444f328c820f2f12d6fcff3d3cd6c7adfa77d7afb1c23ad82d3460da0b3cf0ac690863032a753534e34ad4b93da6683043c04094facda46d36ec1eedbe6c0428b66a80", 0xd1}, {&(0x7f0000002a00)="ed95dd079423aeb0f685877a5d7a0a6517dc79926cf6d5112381ae805d81808ce6195dc65d9f18b013c8f9fe514b3525a46056c118eff43b27106bead5094a6a850bf5ce1e96b627af1fe19ee4e5cef217e4080b31550054aac9060888ea18bddd307e35e9372f0713915944259bdeed2c05842cfcfd349b41b61347f8e075e79bce25df8d6672b49a42dee41a8c5ce35314ccaef1de454eedf5f2f9031634fc0173f26932914f1585b6b11d1b0bc8bce6d675c37d1b157299c133ba0c4b01730c7798ebef06a32dc376efff9d65d9d1efea16b6", 0xd4}], 0x8, &(0x7f0000007200)=[@rights={{0x24, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff, r1, r3, 0xffffffffffffffff]}}, @cred={{0x18, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {0x0, 0xee00, 0xee01}}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r2, r2, r0, r3]}}], 0xe8, 0x4008051}}], 0x3, 0x800)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x0, &(0x7f0000001580)="e30080670000ec67838717bd86dde148f0630962bba3dd44fe42904bcee14db4241544716b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfa1d}, 0x50)
r4 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x28101)
ioctl$FIBMAP(r4, 0x1, &(0x7f0000000040)=0x85)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000003d00010325bd7000fcffffff01"], 0x14}, 0x1, 0x0, 0x0, 0x885}, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r8 = dup3(r6, r5, 0x0)
write$apparmor_current(r8, &(0x7f0000000000)=@hat={'changehat ', 0x1, 0x5e, ['-*&})Q]\x00', ')%#],\x00', '\x00']}, 0x2c)
read$FUSE(r8, &(0x7f0000003100)={0x2020}, 0x2020)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)={0x80, 0x2e, 0x321, 0x70bd2c, 0x25dfdbfd, {0x1}, [@nested={0x6c, 0x131, 0x0, 0x1, [@nested={0x66, 0x1f, 0x0, 0x1, [@typed={0x4, 0x26}, @generic="049323932ac27e29885920e8bb49fb9184e2f8da7a892112d8b0e7529a4f19dbd75f279d46ff7d577d5b076f0a891e3021475b3097e3fd76f6c43ae9d871e3ac021d05cf3ec35df1f57a609ef43f17931b051aedb23364cb15bc2959141d"]}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x15)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r6)
ioctl$XFS_IOC_EXCHANGE_RANGE(r1, 0x40285881, &(0x7f0000000100)={r6, 0x0, 0x0, 0x9, 0x8001, 0x1})

4.417585736s ago: executing program 1 (id=2115):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000040)={0xa, @pix_mp={0x3, 0x708, 0x49433553, 0x4, 0x3, [{0x6, 0x1}, {0x0, 0x75f7eb8a}, {0x0, 0x9ea9}, {0x6, 0xffffffff}, {0xffffffdf, 0xffffffff}, {0x5}, {0xe5a9, 0x5}, {0x3e92, 0x3}], 0x1f, 0x3, 0x8, 0x0, 0x3}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x12, 0xf1, 0x3, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182})
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="0600000004000000be7000005c0000000000", @ANYRESOCT, @ANYBLOB='.'], 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x1000000000, 0x800000, 0x43, 0x2000001, 0x0, 0x2004cb, 0x7, 0x1000000, 0x1000000068ff, 0x5, 0x9, 0x3], 0xffffffffffffffff, 0x202})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000380)={0x2, 0x102000, 0x1})
ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000100)={0x7, 0x4})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000000c0)={0x3})
ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000140)={[{0x7, 0x1, 0x2, 0x4, 0x2, 0x4, 0x8, 0x1, 0x7, 0x1, 0x4, 0x3, 0x3}, {0x80, 0x4966, 0xff, 0x0, 0x8, 0x8, 0x40, 0xd6, 0x4, 0x0, 0x2, 0x5, 0x5}, {0x94b5, 0x4, 0x0, 0xc, 0x9, 0x6, 0x1, 0x3, 0x4, 0x5, 0x4, 0x0, 0xa}], 0x3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.360789117s ago: executing program 4 (id=2116):
fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='system.posix_acl_access\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000016c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f00000017c0)={0x44, r1, 0xf1aad47e89fb45b7, 0x0, 0x8000400, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20044041}, 0x4000040)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0xd)
r2 = openat$vmci(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_GET_CONTEXT_ID(r2, 0x7b3, &(0x7f0000000080))
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x60, @remote, 0x28f}], 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000000340)={@multicast, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)
getsockopt$SO_TIMESTAMP(r4, 0x1, 0x23, 0x0, &(0x7f0000000040))

4.154293057s ago: executing program 4 (id=2117):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x20002, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x20000000ec072, 0xffffffffffffffff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x100, 0xe}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0xfff5, 0x4}, {}, {0x8, 0xc}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x80, 0x1, 0xfffffffc, 0x8}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000480)={0x0, 0xb, 0xd7, 0x9, 0x2, 0x911}, 0x14)
close(r4)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r3, 0xc}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}, {&(0x7f0000000800)="258d6ac381562407cea4d3e5092130c7e922ab9a89bcd856d7f9459fdd10974c51c97e41b980bccc094742796e60ec164f9a91f87da52f71393b2c6d408bdbd8973f8aa5fcad81a8aadebd14adb648485a39ca8a3aac7c3e5537c7d992deaa05b9f2b4642ec73aea7a143bed8469bc2e04d59776e2931b7fe131a2c3cbdc7442415511507cdeec64d381cbf50c08a888c0aedd71e26ba6679daaa11c6ef2956e1212e26638b4587a53d43768a2b4af6af7d23f39537113e06f36c779cd07098435e405d0d140e0c533bd337bfbef60bdba19ca423a6b5056bd53c74a3fc8df316e6822ee9c6ca6dcee234184bfcfa77c63e92aa6", 0xf4}, {&(0x7f00000009c0)="b1435c7b947125b263d85ac30cb7ffc7855292ba72d726851d9fb18d574c4aa8f894cd3602a01f09ba677fa14acb586e07ab13b1a014c9160756617d178a5dbfa122490cc0851b6ca0d5f91e82648608568b1043da588a3c75fd27ebceb994e892e07da952d99bbbcdb5a33c63aa05d3abba5970a9aae7448e356ebfc0bd7944ea9aa53d274367cf71ca1a4f72530e9a11629da0ff33b4d667dff62d", 0x9c}, {&(0x7f0000000ac0)="2bd4c5812005a616b58a605767f6c99ac4038e8661a4ad1fef7ff53a605c0111af3f354bf44a1f38659151648684b12a85fc9859f6aa0eaeb459db0e24616333a4aa01dff64593257b06606b14fed386bd9123ed5a907e565a716479a7409252d80ab3631cea08c6f9b1337a17037dd32aac54e9127f49c321b183592fc9720d9da8eca7c4dc8177b1f9d83e8e68e81f38eead6e4405c11e92aabd8e634bdd88baab2b0c9c15c5047d8fc82c6cdeb8f2f4cf2196602b3e5f256b6a57f5f90a71090b", 0xc2}], 0x5}, 0x4)
r7 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
read$FUSE(r7, &(0x7f00000028c0)={0x2020}, 0x2020)

3.94564877s ago: executing program 4 (id=2118):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000140)={@remote}, 0x14)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x9, 0x0, 0x0, 0x0, @tick=0x9, {0x2}, {}, @raw32={[0x400000]}}], 0x1c)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
listen(r3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r4, 0x6, 0x17, 0x0, &(0x7f0000000680)=0x37)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="19"], 0x48)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x2c0, 0x0, 0x700001b, 0x148, 0x150, 0x148, 0x228, 0x206, 0x240, 0x228, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x1ea, 0xf0, 0x150, 0x0, {0x390, 0x8f00}, [@common=@set={{0x41}, {{0x0, [0x5, 0x2, 0x1, 0x4, 0x5, 0xa], 0x3}}}, @common=@set={{0x40}, {{0xffffffffffffffff, [0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x4, 0x1}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 0x7, 0x0, [0x2d, 0x12, 0x2e, 0x40, 0xd, 0x3a, 0x23, 0x2b, 0x103, 0x1c, 0x37, 0x15, 0x19, 0x4, 0x31, 0x1d], 0x1, 0x8, 0x7}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x900, 0x10, 0x8, 'snmp\x00', 'syz0\x00', {0x8000}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x320)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f0000000580)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
recvmmsg(r7, &(0x7f0000005180), 0x400000000000166, 0x1a000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.583300879s ago: executing program 2 (id=2119):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000140)={@remote}, 0x14)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x9, 0x0, 0x0, 0x0, @tick=0x9, {0x2}, {}, @raw32={[0x400000]}}], 0x1c)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
listen(r3, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r4, 0x6, 0x17, 0x0, &(0x7f0000000680)=0x37)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="19"], 0x48)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x2c0, 0x0, 0x700001b, 0x148, 0x150, 0x148, 0x228, 0x206, 0x240, 0x228, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x1ea, 0xf0, 0x150, 0x0, {0x390, 0x8f00}, [@common=@set={{0x41}, {{0x0, [0x5, 0x2, 0x1, 0x4, 0x5, 0xa], 0x3}}}, @common=@set={{0x40}, {{0xffffffffffffffff, [0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x4, 0x1}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 0x7, 0x0, [0x2d, 0x12, 0x2e, 0x40, 0xd, 0x3a, 0x23, 0x2b, 0x103, 0x1c, 0x37, 0x15, 0x19, 0x4, 0x31, 0x1d], 0x1, 0x8, 0x7}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x900, 0x10, 0x8, 'snmp\x00', 'syz0\x00', {0x8000}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x320)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f0000000580)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
recvmmsg(r7, &(0x7f0000005180), 0x400000000000166, 0x1a000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.120287066s ago: executing program 1 (id=2120):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
preadv2(r1, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x100000000000020a, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0xeb, @remote, 0x4}, 0x1c)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
shutdown(r0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa8}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000001600)="ad56ffc582020000000000000054c7be00000086da0fa750fd53979ec67b428f310000007ffff173a49e994b6979bf0dee5d0ee5fc9a123e9f27882a49b079fb67ed63dd43cc248f820b78121e9a21528bc7514ff254e82257cf02cc30b5c643f1e7504d", 0x64)
r4 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)="f7", 0x1}, {&(0x7f0000000380)="e2bfd6b50b4483b299cdf246cd880aca5e3a7a15a50f8222596c2a1bf91c59", 0x1f}], 0x2, 0x0, 0x0, 0x20000080}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/88}, {&(0x7f0000000600)=""/4096}, {&(0x7f0000000140)=""/152}, {&(0x7f0000000540)=""/68}, {&(0x7f0000000000)=""/59}, {&(0x7f00000002c0)=""/152}], 0x1a1}, 0x40)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000580), 0x3)
syz_emit_ethernet(0x5a, &(0x7f0000000240)={@random="3a4f33a0c478", @random="6ceb822a5fbf", @val={@void, {0x8100, 0x3, 0x1, 0x3}}, {@canfd={0xd, {{0x1, 0x1, 0x1}, 0x28, 0x0, 0x0, 0x0, "e72c6e73461c642358b08c90e430a67f4f7ceb00f94cbd8286b4a086f3bf637296a0ef6d60904566bad6880fdd8872b92bbc1a11159ad7e18816b1fd2cd8ac68"}}}}, &(0x7f00000003c0)={0x1, 0x2, [0x4f4, 0xe72, 0x2d9, 0x861]})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)='n', 0x1}], 0x1}, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0x9, 0x7a8, 0x6}, 0x14)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, '\x00', "6ca0ef44bcdaf33d9060001a65aae2621600f79c1f901d896f9157b1a7166ac1", "abfdff7d", "708958f96700"}, 0x38)
syz_genetlink_get_family_id$fou(&(0x7f00000011c0), r0)

2.965429803s ago: executing program 0 (id=2121):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x3, 0x9}, 0x20)
sendto$l2tp(0xffffffffffffffff, &(0x7f0000000940)="e1b28740e717f6bcfc8ebc7f4554a27e2c3a262c0d86e2f4a2013ed49af8c2d3e8234f46c3aa33986232ae882fa84f12ab0ebb2de3dd3735702f5b0b2faea9f24ac8f4ec9f3c9b7479e7b0f10f7c2ecf08a0d549d6d48e69c4fcfc6c121dddf474c94e9d3397be957f1d67d481dc85f867f7b78d383d8307f710be99c3a30fbf1d5796d26f4c5ed765d7e5276f7851d11a209dca78070febfd3fa4b3b1aaf2ebe285da996cfe27a2819024a566f0ba0fa62f938201ae60cd3bfd358d17a5bbc50f75cf619dde44e6e7b1a24eed4630269cf5d6525c7e1585eca409aa2464693e66a46c9af7a9a7a6c69bf3835af415635225e2125260aac70d3a0cad139657482d31930a90cb5e205ddaa37fd46edf94756a41694a", 0x115, 0x0, 0x0, 0x0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r2, 0x7ff)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f0000000200)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote}, 0x80, 0x0}, 0x5b4}], 0x43, 0x0)

2.713151278s ago: executing program 1 (id=2122):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8001, 0x0, 0xb, 0x8000000000000000, 0x6, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="12011001000000404e040c120000000000010902240001000010010904000002030002000921fd7f000122eb00090581031800f600009604ef4b84baad4e655067db9f8df4f5c83ccf7401d01b33c7fa39fe9d98511d89ecf9ca78133dffb838a38f4c5a660c9464cd2b59cc6442393cc16d13b0b1d9b82e62c9c664b1be205b4a730c15ece6eef53449bf6812b31eebd09291f2a55e884f2bc240169d820533521adb530d8a8dc9e83fd9fd15217979a70ca7f45c090000005833ef5f5bb9ff01d2"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r3, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
read(r3, &(0x7f0000000200)=""/95, 0x5f)
syz_usb_control_io$hid(r2, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x17, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7f2}}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
writev(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}], 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, 0x0, 0x0)
r5 = syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYRES8=r0, @ANYBLOB="3191841a719548e75f9ec2d2d32d9e3dc4634e225f36901eafcfee5c039f2f632940e4ba0608b2c5f3815bda9a06"], 0x0)
syz_usb_control_io$uac1(r5, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="281406000000f99d5133974f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = socket(0xa, 0x3, 0x3a)
getsockopt$IP_VS_SO_GET_INFO(r6, 0x0, 0x481, 0x0, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={<r8=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000000c0), r8, 0x0, 0x0, 0x1}}, 0x20)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="160000001f0137f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0xff}, {0x0}], 0x3)
syz_usb_control_io$sierra_net(r5, 0x0, 0x0)
unshare(0x20060400)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x4)

2.668667679s ago: executing program 3 (id=2123):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3002, 0x6, &(0x7f0000000000)=0xa636, 0x9, 0x0)
mlock(&(0x7f0000fff000/0x1000)=nil, 0x1000)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='westwood', 0x8)
r1 = gettid()
getpriority(0x1, r1)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000005c0)={0x53, 0xffffffffffffffff, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f00000000c0)="930b7633ecb5", 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f00000002c0)={0x0, 'syzkaller0\x00', {0x1}, 0xb5})
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x14, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
preadv(r3, &(0x7f0000000200)=[{&(0x7f0000000140)=""/20, 0x14}], 0x1, 0x81000005, 0x10000)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r7, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00', 0x19})
ioctl$OCFS2_IOC_GROUP_EXTEND(r3, 0x40046f01, &(0x7f00000001c0)=0xd2)
ioctl$UI_DEV_CREATE(r7, 0x5501)
write(r7, 0x0, 0xfffffffffffffe53)
r8 = socket$inet6(0xa, 0x3, 0x20)
bind$inet6(r8, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c)
connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x5}, 0x1c)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
socket$kcm(0x10, 0x2, 0x4)

2.535032766s ago: executing program 0 (id=2124):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r1 = openat$vicodec0(0xffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc0f8565c, &(0x7f0000000540)={0x0, 0x5, 0x4, {0xa, @pix_mp={0xe7, 0x5, 0x32314d54, 0x6, 0x1, [{0x4, 0xa919}, {0x3ff, 0x8}, {0x5a3, 0x9}, {0x400005, 0x5}, {0x9, 0x6}, {0x0, 0x6}, {0x0, 0x8000008}, {0x40, 0x5}], 0x4, 0xf6, 0x4, 0x0, 0x5}}, 0xffeffffd})
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x20080, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRES16=0x0, @ANYRESOCT=r0, @ANYRES32, @ANYRES8=r0, @ANYRESDEC=r0])
read$FUSE(r0, 0x0, 0x0)

1.948505807s ago: executing program 3 (id=2125):
r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022400010700800b0904bb06023ae504000905070020000508ce090503"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080))
sendmsg$nl_xfrm(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=@newsa={0xec, 0x1a, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@loopback, 0x4e20, 0x0, 0x4e21, 0x2}, {@in=@local, 0x4d5, 0x33}, @in=@dev, {0x1, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x20000000}, {0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, {}, 0xfffffffc, 0x0, 0xa, 0x0, 0x0, 0x60}}, 0xec}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000e80)={0x84, &(0x7f0000000140)=ANY=[@ANYBLOB="400d02000000e2"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.67189323s ago: executing program 4 (id=2126):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x4})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r1 = userfaultfd(0x80001)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4000009c, 0x0, 0xeff}]})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x4c)
r6 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
ioctl$I2C_PEC(r6, 0x708, 0x11)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000300)={0x1, 0x0, 0x1, &(0x7f0000000100)={0x0, "fd6d44512b7e1b0420ec2a3ba53b31dd77e7ffffff0300000000000700"}})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r7, 0x0, 0x32, 0x0, &(0x7f0000000300))
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x4, 0x8, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}}, 0x14}}, 0x4)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x3000})

1.51191308s ago: executing program 0 (id=2127):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x3080, 0x8003, 0x25f}, &(0x7f0000000240), &(0x7f0000000200), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x20, 0x0)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0)=0x19)
read$nci(r1, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x8480)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', r2, 0x0, 0x41)
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc018aa06, &(0x7f0000000180)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x1})
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xc)
fchdir(r1)
r4 = userfaultfd(0x80801)
syz_open_dev$audion(&(0x7f0000000140), 0x3c0ebc72, 0x478003)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_UNREGISTER(r4, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffc000/0x3000)=nil, 0x3000})
epoll_create1(0x80000)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000800), 0xfffffffffffffd84}, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESOCT], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300100000000000fbdbdf2500000000000000000000000000000001ac1414bb00000000000000000000000000000004000000000a0060803b000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000400000000000000000000000000000000000000000000000700000000000000fdffffffffffffff02000000000000000000000000000000feffffffffffffff0000000000000000000000000a000000000000000000000006000000c06b6e0000010200"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e0001"], 0xb8}}, 0x20004000)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000020000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)

1.278158579s ago: executing program 4 (id=2128):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x20002, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x20000000ec072, 0xffffffffffffffff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x100, 0xe}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0xfff5, 0x4}, {}, {0x8, 0xc}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x80, 0x1, 0xfffffffc, 0x8}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000480)={0x0, 0xb, 0xd7, 0x9, 0x2, 0x911}, 0x14)
close(r4)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r3, 0xc}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}, {&(0x7f0000000800)="258d6ac381562407cea4d3e5092130c7e922ab9a89bcd856d7f9459fdd10974c51c97e41b980bccc094742796e60ec164f9a91f87da52f71393b2c6d408bdbd8973f8aa5fcad81a8aadebd14adb648485a39ca8a3aac7c3e5537c7d992deaa05b9f2b4642ec73aea7a143bed8469bc2e04d59776e2931b7fe131a2c3cbdc7442415511507cdeec64d381cbf50c08a888c0aedd71e26ba6679daaa11c6ef2956e1212e26638b4587a53d43768a2b4af6af7d23f39537113e06f36c779cd07098435e405d0d140e0c533bd337bfbef60bdba19ca423a6b5056bd53c74a3fc8df316e6822ee9c6ca6dcee234184bfcfa77c63e92aa6", 0xf4}, {&(0x7f00000009c0)="b1435c7b947125b263d85ac30cb7ffc7855292ba72d726851d9fb18d574c4aa8f894cd3602a01f09ba677fa14acb586e07ab13b1a014c9160756617d178a5dbfa122490cc0851b6ca0d5f91e82648608568b1043da588a3c75fd27ebceb994e892e07da952d99bbbcdb5a33c63aa05d3abba5970a9aae7448e356ebfc0bd7944ea9aa53d274367cf71ca1a4f72530e9a11629da0ff33b4d667dff62d", 0x9c}, {&(0x7f0000000ac0)="2bd4c5812005a616b58a605767f6c99ac4038e8661a4ad1fef7ff53a605c0111af3f354bf44a1f38659151648684b12a85fc9859f6aa0eaeb459db0e24616333a4aa01dff64593257b06606b14fed386bd9123ed5a907e565a716479a7409252d80ab3631cea08c6f9b1337a17037dd32aac54e9127f49c321b183592fc9720d9da8eca7c4dc8177b1f9d83e8e68e81f38eead6e4405c11e92aabd8e634bdd88baab2b0c9c15c5047d8fc82c6cdeb8f2f4cf2196602b3e5f256b6a57f5f90a71090b", 0xc2}], 0x5}, 0x4)
r7 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
read$FUSE(r7, &(0x7f00000028c0)={0x2020}, 0x2020)

967.495649ms ago: executing program 2 (id=2129):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
openat$dma_heap(0xffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000b00)='\\\x00', 0x3)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000b40)={"7d0eb4360187ecf085ba7b5a2ac5dc08db2d6098541a4b6e88f8eba6d7158561"})
r3 = io_uring_setup(0x6f7f, &(0x7f0000000b80)={0x0, 0x1c21, 0x40, 0x2, 0x391})
sendmmsg$unix(r1, &(0x7f000000a280)=[{{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000008c0)=[{&(0x7f0000000200)="ed3fa176b755e78a687f804b4012889e33c08355a49f7cbc2fabf79e3993df168e24fa7cd0f5512f55ec85245b09e56c085e75ade27b5e0782065a2c7d4074015cb73646f5f69fefddceaa0bf1350e8f24e654316fa8", 0x56}, {&(0x7f0000000280)="dc2fe671274173c5c754f36cbcc4265254834f16374d3a92fb1ec2229f34d8ec1421cdf1b6b9aa81a46dd195ee6d9982a0db538e9f6c0fb498e8d49f1190db295ff6e981b7a204af7d637f20e091f17bb7584e89e318ba4200403cb33707d025766c68f28ba9d4ed792d5f78420872a5ab39e6cf3dc67a27aa75387a3d4bee454cc26896f426d207ca101a4c74d2c7fe7178d667b6227307f51a69ffc2d0fed080fe600756adc95f0a94c1e43841954c95e3f0b196b25a0184f4bf2a10d370c41cc86fb8e8a655a62d77e565a9e42b61570eb517ac81fe9f8e4cff276b9d457e", 0xe0}, {&(0x7f0000000380)="aa4a3d9d54c4d5718d8065660b528800c251", 0x12}, {&(0x7f0000000500)="a93ebda42afa8895b2bbce118c36374ca259da9a3ee8ed238adc0f9475056cde9a752b7da9e5cc6eb0130b251bd1e0b5bb7fb85a4d89a8cba330a92af699d155deb39f4a5ca4c5365820044a47a47a3134664e1e7a441b25adf7d49eff458b2d15434333eb400b632d173e7b3b9a2026c582ed651df1658926486a555403996ed0361268ed098b4354f83fe8b0daf467", 0x90}, {&(0x7f00000005c0)="6860050ca596129a2f6ee59709f1454fc6c4b1bee6ab2b5c9bd78ae0c6450c08afbd4238d6190e17c75a5eb23da58d7bc1d51c9d206b5b98a655cdfc92b049a3d24110d0e32200dc3196a5d74300865099aad9ad055499be1ed7e71dc65ba57427d7124c81663b48406d12b13f6104edab4c8351", 0x74}, {&(0x7f00000006c0)="762c1c4588a48c99f6dd79abf439210eff853edca1cc01d5868b2c1ea787df55bf8f8d509e4af8f93b2f6c9c7f9452d27294146d71653058b52c763ef9b43fb492cce00681c040b68d67af438201a3712e4c2c6a0405beca48c1485a522bd56ccff5a607e8c4e01d30551ca68b96d05768aca2541bd2c56b72d81f7d2b0075404aee12e1c4a536f7d6e2cc80c6429fee3772bbd323e925ede2d0e7d06e01ad96b7a93404f24a06e6fd797fd085b5e487f0d0976fb55ea85d425c6fa7cf3fc224722c23ddd93db1bf13", 0xc9}, {&(0x7f00000007c0)="067fb953a8dc9f149cf6e2991e605e37269200ac70889fc849cad39072e1334fae759d7190236bba600014df1edfaed46428de024c51a5c8ae8659e6c4804474f1a14a47a92be79bfee2f21642c181aa541e30bae05464f17cec28a59bbde44c23f2cf84d0f1c4f39ebcc53c1461dd63711d94", 0x73}, {&(0x7f0000000840)="18598e7d75f0dad4b99162f4e6dd311c178ef7aed756a60a9d1c637d6df3c7568b15419a3bdbb06137bf51ee5024e62ad5eb2f40bb04b5ee729ee7a3e196762a59834bdac7d8ff2010341fea73627930adfcdb978e9dfda17517494fe5bf428b033c43", 0x63}], 0x8, 0x0, 0x0, 0x3e7f3f575471ae49}}, {{&(0x7f0000000900)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000003c0)=[{0x0}, {&(0x7f00000009c0)="f37af7314a8f0fc7db89f363b8da170ef6b7f9d6ea079c6a96de2bbc0ecf5433217d7419e307acd222e85651fd319b4722f2e751583ebe28b069e1899a12d674262f9e485e5e4ca64d31772ac995ee81610cb671cc6dfd07a3b022b308b09b6304c4fed5bcf33f6606f0ff1a078080d40f96c38231cfe5552c4979be307e43795382aabdc979909a", 0x88}], 0x2, &(0x7f0000000d80), 0x0, 0x4}}, {{0x0, 0x0, &(0x7f0000002b00)=[{0x0}, {&(0x7f00000025c0)="a4293e274990dd43999d258c10d342dd332e45c69a26318cfb6f9bf0043a898ea70060ea0b5e380e700fb43ecff23709b7b71dd90632c891d8593290b8d23584750e43e5723b7ad11c8f485a27af82cafd79c37aa56e66a2deca088fc360e810e20518443d4f7960a983f63eeb132a18510de98d7bedb1cd35d222cb796de9823381d21417d57f8d", 0x88}, {&(0x7f0000002680)="6eff04bb93a80e7264c53dc54bcbc75f6990851b11d8a563dc2fc3e8301c713ea09db05b49f5bb3049a615c6d404afe10f4bfa7aa4b347367e2c5957c75705d5d0a1f9be3294a9928dc936facfcada729b418fd61614895a43ff177f7caa", 0x5e}, {&(0x7f00000027c0)="9b93d5c91c7d58b0f4", 0x9}, {&(0x7f0000002800)="9dd98c1f6e5bd11528568cafc73eafea1124d489123ab3b954f71d4c4b85ca088ec22c152d9ae27a400b7b40a4778b70920879a38580b7b47021577f13ba4e334d4fe0bb03df32157a645be99a9cbc1b113acba3a73635364cf559b165899e70cb8cf851fabfa04a7ce062708e74f0ee20cb34b925d9b4a49e", 0x79}, {&(0x7f0000002880)="9092c3dd9b68436f36074206fcd387db9620dbac264fd3f061c38cbf46024e6453f936b68fcae288e180f01d059b5604edb73382e6984b91fad7b829c98caca930c07cc4a472727c2dbd740dcc81753973e3d11ca7247218104fe2cace328b8db2e9aed2ed2125422660a754f515eaadd1ae23d26efcaf29fdbb4821e684", 0x7e}, {&(0x7f0000002900)="ee7d21470681ebee0ece509b380da10a1bddae449a53509913c938b70621943f8b9e98fbf429eccd508a2c19fe7a138a3799f421e0cf15a3a98893487601000000e475f3c5894bb89c56364292eab6ee12bf0ac6f55e521fc91df761452bbb532b22d82deae02e7fd7fa1e67696698510239f9b9c048289ba0d4671e818f4380da6f6a92d4126a3852330c6bf6dc444f328c820f2f12d6fcff3d3cd6c7adfa77d7afb1c23ad82d3460da0b3cf0ac690863032a753534e34ad4b93da6683043c04094facda46d36ec1eedbe6c0428b66a80", 0xd1}, {&(0x7f0000002a00)="ed95dd079423aeb0f685877a5d7a0a6517dc79926cf6d5112381ae805d81808ce6195dc65d9f18b013c8f9fe514b3525a46056c118eff43b27106bead5094a6a850bf5ce1e96b627af1fe19ee4e5cef217e4080b31550054aac9060888ea18bddd307e35e9372f0713915944259bdeed2c05842cfcfd349b41b61347f8e075e79bce25df8d6672b49a42dee41a8c5ce35314ccaef1de454eedf5f2f9031634fc0173f26932914f1585b6b11d1b0bc8bce6d675c37d1b157299c133ba0c4b01730c7798ebef06a32dc376efff9d65d9d1efea16b6", 0xd4}], 0x8, &(0x7f0000007200)=[@rights={{0x24, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff, r1, r3, 0xffffffffffffffff]}}, @cred={{0x18, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {0x0, 0xee00, 0xee01}}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r2, r2, r0, r3]}}], 0xe8, 0x4008051}}], 0x3, 0x800)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x0, &(0x7f0000001580)="e30080670000ec67838717bd86dde148f0630962bba3dd44fe42904bcee14db4241544716b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfa1d}, 0x50)
r4 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x28101)
ioctl$FIBMAP(r4, 0x1, &(0x7f0000000040)=0x85)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000003d00010325bd7000fcffffff01"], 0x14}, 0x1, 0x0, 0x0, 0x885}, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r8 = dup3(r6, r5, 0x0)
write$apparmor_current(r8, &(0x7f0000000000)=@hat={'changehat ', 0x1, 0x5e, ['-*&})Q]\x00', ')%#],\x00', '\x00']}, 0x2c)
read$FUSE(r8, &(0x7f0000003100)={0x2020}, 0x2020)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)={0x80, 0x2e, 0x321, 0x70bd2c, 0x25dfdbfd, {0x1}, [@nested={0x6c, 0x131, 0x0, 0x1, [@nested={0x66, 0x1f, 0x0, 0x1, [@typed={0x4, 0x26}, @generic="049323932ac27e29885920e8bb49fb9184e2f8da7a892112d8b0e7529a4f19dbd75f279d46ff7d577d5b076f0a891e3021475b3097e3fd76f6c43ae9d871e3ac021d05cf3ec35df1f57a609ef43f17931b051aedb23364cb15bc2959141d"]}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x15)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r6)
ioctl$XFS_IOC_EXCHANGE_RANGE(r1, 0x40285881, &(0x7f0000000100)={r6, 0x0, 0x0, 0x9, 0x8001, 0x1})

902.406524ms ago: executing program 4 (id=2130):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x1e15c0, 0x183)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30e00000000900030073797a32000000002c000000030a01040000000000000000010000010900010073797a3000000000f500030073797a3000000000140000001100010a00"/160], 0xa0}, 0x1, 0x20, 0x0, 0x8040}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0x0, 0xffffffff}, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000840), 0xffffffffffffffff)
mmap$IORING_OFF_CQ_RING(&(0x7f00006ef000/0x4000)=nil, 0x4000, 0x9, 0x10, 0xffffffffffffffff, 0x8000000)
setuid(0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000000c0)={0x14, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0xa, "858faffb"}]}}, 0x0}, 0x0)
r4 = socket$inet(0x2, 0x3, 0x9)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000000)=0x7b, 0x4)
shutdown(r4, 0x0)
recvmmsg(r4, &(0x7f0000001800)=[{{0x0, 0x0, 0x0}, 0x3ff}, {{0x0, 0x0, 0x0}, 0x660}], 0x2, 0x10000, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r6, 0x84, 0x1c, 0x0, &(0x7f00000000c0))
syz_open_procfs(0x0, 0x0)
write$cgroup_int(r5, &(0x7f0000000000)=0x800000000001ca, 0x12)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200000)
syz_io_uring_setup(0x24fc, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000000))

2.824888ms ago: executing program 2 (id=2131):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000140)={@remote}, 0x14)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x9, 0x0, 0x0, 0x0, @tick=0x9, {0x2}, {}, @raw32={[0x400000]}}], 0x1c)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
listen(r3, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r5, 0x6, 0x17, 0x0, &(0x7f0000000680)=0x37)
write$sndseq(r4, &(0x7f0000000200)=[{0x1e, 0x0, 0x8, 0xfd, @time={0x0, 0x9}, {0x4}, {0x0, 0x5}, @result={0x2, 0x7ff}}, {0x6, 0xd7, 0x6, 0x9, @tick, {0x10}, {0x8, 0x6}, @quote={{0x7, 0x8}, 0x0, &(0x7f0000000640)={0x4, 0x1, 0xff, 0xff, @time={0x81, 0xe36}, {0x6, 0x8}, {0x1, 0x5}, @control={0x1, 0x6, 0x13c}}}}, {0x9, 0x4, 0x8, 0x8c, @time={0x5, 0x8000}, {0x6, 0xa}, {0xb, 0x85}, @connect={{0x0, 0x6}, {0x0, 0x1}}}, {0xfc, 0xf, 0x77, 0x7f, @time={0x0, 0x6}, {0x41, 0x7}, {0x36}, @raw8={"b6301bd81330b7a3e7c7474e"}}], 0x70)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="19"], 0x48)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x3, 0x2c0, 0x0, 0x700001b, 0x148, 0x150, 0x148, 0x228, 0x206, 0x240, 0x228, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x1ea, 0xf0, 0x150, 0x0, {0x390, 0x8f00}, [@common=@set={{0x41}, {{0x0, [0x5, 0x2, 0x1, 0x4, 0x5, 0xa], 0x3}}}, @common=@set={{0x40}, {{0xffffffffffffffff, [0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x4, 0x1}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 0x7, 0x0, [0x2d, 0x12, 0x2e, 0x40, 0xd, 0x3a, 0x23, 0x2b, 0x103, 0x1c, 0x37, 0x15, 0x19, 0x4, 0x31, 0x1d], 0x1, 0x8, 0x7}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x900, 0x10, 0x8, 'snmp\x00', 'syz0\x00', {0x8000}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x320)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f0000000580)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
recvmmsg(r7, &(0x7f0000005180), 0x400000000000166, 0x1a000, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

0s ago: executing program 0 (id=2141):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
openat$dma_heap(0xffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000b00)='\\\x00', 0x3)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000b40)={"7d0eb4360187ecf085ba7b5a2ac5dc08db2d6098541a4b6e88f8eba6d7158561"})
r3 = io_uring_setup(0x6f7f, &(0x7f0000000b80)={0x0, 0x1c21, 0x40, 0x2, 0x391})
sendmmsg$unix(r1, &(0x7f000000a280)=[{{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000008c0)=[{&(0x7f0000000200)="ed3fa176b755e78a687f804b4012889e33c08355a49f7cbc2fabf79e3993df168e24fa7cd0f5512f55ec85245b09e56c085e75ade27b5e0782065a2c7d4074015cb73646f5f69fefddceaa0bf1350e8f24e654316fa8", 0x56}, {&(0x7f0000000280)="dc2fe671274173c5c754f36cbcc4265254834f16374d3a92fb1ec2229f34d8ec1421cdf1b6b9aa81a46dd195ee6d9982a0db538e9f6c0fb498e8d49f1190db295ff6e981b7a204af7d637f20e091f17bb7584e89e318ba4200403cb33707d025766c68f28ba9d4ed792d5f78420872a5ab39e6cf3dc67a27aa75387a3d4bee454cc26896f426d207ca101a4c74d2c7fe7178d667b6227307f51a69ffc2d0fed080fe600756adc95f0a94c1e43841954c95e3f0b196b25a0184f4bf2a10d370c41cc86fb8e8a655a62d77e565a9e42b61570eb517ac81fe9f8e4cff276b9d457e", 0xe0}, {&(0x7f0000000380)="aa4a3d9d54c4d5718d8065660b528800c251", 0x12}, {&(0x7f0000000500)="a93ebda42afa8895b2bbce118c36374ca259da9a3ee8ed238adc0f9475056cde9a752b7da9e5cc6eb0130b251bd1e0b5bb7fb85a4d89a8cba330a92af699d155deb39f4a5ca4c5365820044a47a47a3134664e1e7a441b25adf7d49eff458b2d15434333eb400b632d173e7b3b9a2026c582ed651df1658926486a555403996ed0361268ed098b4354f83fe8b0daf467", 0x90}, {&(0x7f00000005c0)="6860050ca596129a2f6ee59709f1454fc6c4b1bee6ab2b5c9bd78ae0c6450c08afbd4238d6190e17c75a5eb23da58d7bc1d51c9d206b5b98a655cdfc92b049a3d24110d0e32200dc3196a5d74300865099aad9ad055499be1ed7e71dc65ba57427d7124c81663b48406d12b13f6104edab4c8351", 0x74}, {&(0x7f00000006c0)="762c1c4588a48c99f6dd79abf439210eff853edca1cc01d5868b2c1ea787df55bf8f8d509e4af8f93b2f6c9c7f9452d27294146d71653058b52c763ef9b43fb492cce00681c040b68d67af438201a3712e4c2c6a0405beca48c1485a522bd56ccff5a607e8c4e01d30551ca68b96d05768aca2541bd2c56b72d81f7d2b0075404aee12e1c4a536f7d6e2cc80c6429fee3772bbd323e925ede2d0e7d06e01ad96b7a93404f24a06e6fd797fd085b5e487f0d0976fb55ea85d425c6fa7cf3fc224722c23ddd93db1bf13", 0xc9}, {&(0x7f00000007c0)="067fb953a8dc9f149cf6e2991e605e37269200ac70889fc849cad39072e1334fae759d7190236bba600014df1edfaed46428de024c51a5c8ae8659e6c4804474f1a14a47a92be79bfee2f21642c181aa541e30bae05464f17cec28a59bbde44c23f2cf84d0f1c4f39ebcc53c1461dd63711d94", 0x73}, {&(0x7f0000000840)="18598e7d75f0dad4b99162f4e6dd311c178ef7aed756a60a9d1c637d6df3c7568b15419a3bdbb06137bf51ee5024e62ad5eb2f40bb04b5ee729ee7a3e196762a59834bdac7d8ff2010341fea73627930adfcdb978e9dfda17517494fe5bf428b033c43", 0x63}], 0x8, 0x0, 0x0, 0x3e7f3f575471ae49}}, {{&(0x7f0000000900)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000003c0)=[{0x0}, {&(0x7f00000009c0)="f37af7314a8f0fc7db89f363b8da170ef6b7f9d6ea079c6a96de2bbc0ecf5433217d7419e307acd222e85651fd319b4722f2e751583ebe28b069e1899a12d674262f9e485e5e4ca64d31772ac995ee81610cb671cc6dfd07a3b022b308b09b6304c4fed5bcf33f6606f0ff1a078080d40f96c38231cfe5552c4979be307e43795382aabdc979909a", 0x88}], 0x2, &(0x7f0000000d80), 0x0, 0x4}}, {{0x0, 0x0, &(0x7f0000002b00)=[{0x0}, {&(0x7f00000025c0)="a4293e274990dd43999d258c10d342dd332e45c69a26318cfb6f9bf0043a898ea70060ea0b5e380e700fb43ecff23709b7b71dd90632c891d8593290b8d23584750e43e5723b7ad11c8f485a27af82cafd79c37aa56e66a2deca088fc360e810e20518443d4f7960a983f63eeb132a18510de98d7bedb1cd35d222cb796de9823381d21417d57f8d", 0x88}, {&(0x7f0000002680)="6eff04bb93a80e7264c53dc54bcbc75f6990851b11d8a563dc2fc3e8301c713ea09db05b49f5bb3049a615c6d404afe10f4bfa7aa4b347367e2c5957c75705d5d0a1f9be3294a9928dc936facfcada729b418fd61614895a43ff177f7caa", 0x5e}, {&(0x7f00000027c0)="9b93d5c91c7d58b0f4", 0x9}, {&(0x7f0000002800)="9dd98c1f6e5bd11528568cafc73eafea1124d489123ab3b954f71d4c4b85ca088ec22c152d9ae27a400b7b40a4778b70920879a38580b7b47021577f13ba4e334d4fe0bb03df32157a645be99a9cbc1b113acba3a73635364cf559b165899e70cb8cf851fabfa04a7ce062708e74f0ee20cb34b925d9b4a49e", 0x79}, {&(0x7f0000002880)="9092c3dd9b68436f36074206fcd387db9620dbac264fd3f061c38cbf46024e6453f936b68fcae288e180f01d059b5604edb73382e6984b91fad7b829c98caca930c07cc4a472727c2dbd740dcc81753973e3d11ca7247218104fe2cace328b8db2e9aed2ed2125422660a754f515eaadd1ae23d26efcaf29fdbb4821e684", 0x7e}, {&(0x7f0000002900)="ee7d21470681ebee0ece509b380da10a1bddae449a53509913c938b70621943f8b9e98fbf429eccd508a2c19fe7a138a3799f421e0cf15a3a98893487601000000e475f3c5894bb89c56364292eab6ee12bf0ac6f55e521fc91df761452bbb532b22d82deae02e7fd7fa1e67696698510239f9b9c048289ba0d4671e818f4380da6f6a92d4126a3852330c6bf6dc444f328c820f2f12d6fcff3d3cd6c7adfa77d7afb1c23ad82d3460da0b3cf0ac690863032a753534e34ad4b93da6683043c04094facda46d36ec1eedbe6c0428b66a80", 0xd1}, {&(0x7f0000002a00)="ed95dd079423aeb0f685877a5d7a0a6517dc79926cf6d5112381ae805d81808ce6195dc65d9f18b013c8f9fe514b3525a46056c118eff43b27106bead5094a6a850bf5ce1e96b627af1fe19ee4e5cef217e4080b31550054aac9060888ea18bddd307e35e9372f0713915944259bdeed2c05842cfcfd349b41b61347f8e075e79bce25df8d6672b49a42dee41a8c5ce35314ccaef1de454eedf5f2f9031634fc0173f26932914f1585b6b11d1b0bc8bce6d675c37d1b157299c133ba0c4b01730c7798ebef06a32dc376efff9d65d9d1efea16b6", 0xd4}], 0x8, &(0x7f0000007200)=[@rights={{0x24, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff, r1, r3, 0xffffffffffffffff]}}, @cred={{0x18, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {0x0, 0xee00, 0xee01}}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r2, r2, r0, r3]}}], 0xe8, 0x4008051}}], 0x3, 0x800)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x0, &(0x7f0000001580)="e30080670000ec67838717bd86dde148f0630962bba3dd44fe42904bcee14db4241544716b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfa1d}, 0x50)
r4 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x28101)
ioctl$FIBMAP(r4, 0x1, &(0x7f0000000040)=0x85)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000003d00010325bd7000fcffffff01"], 0x14}, 0x1, 0x0, 0x0, 0x885}, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r8 = dup3(r6, r5, 0x0)
write$apparmor_current(r8, &(0x7f0000000000)=@hat={'changehat ', 0x1, 0x5e, ['-*&})Q]\x00', ')%#],\x00', '\x00']}, 0x2c)
read$FUSE(r8, &(0x7f0000003100)={0x2020}, 0x2020)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)={0x80, 0x2e, 0x321, 0x70bd2c, 0x25dfdbfd, {0x1}, [@nested={0x6c, 0x131, 0x0, 0x1, [@nested={0x66, 0x1f, 0x0, 0x1, [@typed={0x4, 0x26}, @generic="049323932ac27e29885920e8bb49fb9184e2f8da7a892112d8b0e7529a4f19dbd75f279d46ff7d577d5b076f0a891e3021475b3097e3fd76f6c43ae9d871e3ac021d05cf3ec35df1f57a609ef43f17931b051aedb23364cb15bc2959141d"]}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x15)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r6)
ioctl$XFS_IOC_EXCHANGE_RANGE(r1, 0x40285881, &(0x7f0000000100)={r6, 0x0, 0x0, 0x9, 0x8001, 0x1})

kernel console output (not intermixed with test programs):

: interface not active
[  595.545804][ T6970] hsr_slave_0: left promiscuous mode
[  595.596951][T11647] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  595.644058][ T6970] hsr_slave_1: left promiscuous mode
[  595.657932][T11647] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  595.675148][ T6970] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  595.690360][ T6924] Bluetooth: hci4: command tx timeout
[  595.715352][ T6970] batman_adv: batadv0: Removing interface: batadv_slave_0
[  595.724713][T11647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1631'.
[  595.741997][ T6970] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  595.770395][ T6970] batman_adv: batadv0: Removing interface: batadv_slave_1
[  595.959064][ T6970] veth1_macvtap: left allmulticast mode
[  595.976131][ T6970] veth1_macvtap: left promiscuous mode
[  595.992269][ T6970] veth0_macvtap: left promiscuous mode
[  596.010686][ T6970] veth1_vlan: left promiscuous mode
[  596.025445][ T6970] veth0_vlan: left promiscuous mode
[  596.562001][ T6970] team0 (unregistering): Port device team_slave_1 removed
[  596.602589][ T6970] team0 (unregistering): Port device team_slave_0 removed
[  596.652497][ T5359] usb 5-1: USB disconnect, device number 96
[  596.813562][T11658] program syz.4.1632 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  596.848199][ T5286] 8021q: adding VLAN 0 to HW filter on device eth3
[  596.883767][T11534] hsr_slave_0: entered promiscuous mode
[  596.890356][T11534] hsr_slave_1: entered promiscuous mode
[  596.896581][T11534] debugfs: 'hsr0' already exists in 'hsr'
[  596.930875][ T5627] usb 2-1: USB disconnect, device number 96
[  596.971378][T11534] Cannot create hsr debugfs directory
[  598.515509][ T6970] IPVS: stop unused estimator thread 0...
[  598.645232][T11707] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  598.655797][T11707] syzkaller0: entered promiscuous mode
[  598.668102][ T5723] usb 2-1: new high-speed USB device number 97 using dummy_hcd
[  598.689374][T11707] syzkaller0: entered allmulticast mode
[  598.725036][T11707] tipc: Resetting bearer <eth:syzkaller0>
[  598.731331][T11707] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  598.741413][T11707] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  598.756077][T11706] tipc: Resetting bearer <eth:syzkaller0>
[  598.788500][T11706] tipc: Disabling bearer <eth:syzkaller0>
[  598.878985][ T5723] usb 2-1: Using ep0 maxpacket: 8
[  598.886612][ T5723] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  598.899917][ T5723] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  598.909193][ T5723] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.928431][ T5723] usb 2-1: config 0 descriptor??
[  599.171676][ T5723] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  599.533405][T11534] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  599.599185][T11534] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  599.608681][T11534] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  599.621043][T11534] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  599.637128][T11534] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  599.873428][T11534] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  599.912913][T11534] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  599.954214][T11534] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  600.043613][ T5723] usb 2-1: USB disconnect, device number 97
[  600.720696][T11534] 8021q: adding VLAN 0 to HW filter on device bond0
[  600.769009][T11534] 8021q: adding VLAN 0 to HW filter on device team0
[  600.801143][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.808480][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  601.013386][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[  601.020779][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  601.471968][ T5755] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[  601.517511][T11534] 8021q: adding VLAN 0 to HW filter on device batadv0
[  601.749029][ T5624] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[  601.795486][T11534] veth0_vlan: entered promiscuous mode
[  601.843633][ T5755] usb 2-1: config 0 has an invalid interface number: 49 but max is 0
[  601.853246][T11534] veth1_vlan: entered promiscuous mode
[  601.873565][ T5755] usb 2-1: config 0 has no interface number 0
[  601.879859][ T5755] usb 2-1: too many endpoints for config 0 interface 49 altsetting 50: 56, using maximum allowed: 30
[  601.890829][ T5755] usb 2-1: config 0 interface 49 altsetting 50 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[  601.904302][ T5755] usb 2-1: config 0 interface 49 has no altsetting 0
[  601.948408][T11534] veth0_macvtap: entered promiscuous mode
[  602.052386][T11534] veth1_macvtap: entered promiscuous mode
[  602.189511][ T5624] usb 5-1: Using ep0 maxpacket: 8
[  602.251640][ T5755] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  602.263811][ T5755] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.275750][ T5755] usb 2-1: Product: syz
[  602.287425][ T5755] usb 2-1: Manufacturer: syz
[  602.292132][ T5755] usb 2-1: SerialNumber: syz
[  602.299973][ T5755] usb 2-1: config 0 descriptor??
[  602.303320][T11795] bridge0: port 2(bridge_slave_1) entered disabled state
[  602.312573][T11795] bridge0: port 1(bridge_slave_0) entered disabled state
[  602.748874][T11795] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  602.772336][T11795] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  602.895526][   T13] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 20004 - 0
[  602.904574][   T13] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 6081 - 0
[  602.924271][ T5624] usb 5-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[  602.960175][ T5624] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.973093][   T13] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 20004 - 0
[  602.982459][ T5624] usb 5-1: Product: syz
[  602.986688][ T5624] usb 5-1: Manufacturer: syz
[  602.996272][ T5755] usb 2-1: USB disconnect, device number 98
[  603.002415][   T13] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 6081 - 0
[  603.012255][ T5624] usb 5-1: SerialNumber: syz
[  603.035604][   T13] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 20004 - 0
[  603.055226][   T13] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 6081 - 0
[  603.075894][   T13] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 20004 - 0
[  603.093860][   T13] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 6081 - 0
[  603.112856][T11814] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  603.126520][T11534] batman_adv: batadv0: Interface activated: batadv_slave_0
[  603.157432][T11534] batman_adv: batadv0: Interface activated: batadv_slave_1
[  603.185747][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  603.203754][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  603.219044][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  603.251633][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  603.367937][T11816] syzkaller0: entered promiscuous mode
[  603.380557][T11816] syzkaller0: entered allmulticast mode
[  603.407675][T11816] 0: reclassify loop, rule prio 0, protocol 800
[  603.478722][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  603.487688][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  603.574770][  T143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  603.588220][  T143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  603.684310][   T29] kauditd_printk_skb: 197 callbacks suppressed
[  603.684330][   T29] audit: type=1326 audit(1777611525.342:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11825 comm="syz.1.1659" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc801c code=0x0
[  603.867160][T11829] netlink: 35 bytes leftover after parsing attributes in process `syz.1.1659'.
[  603.876905][T11829] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1659'.
[  604.510899][ T5624] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  604.537641][ T5624] usb 5-1: clock source 0 is not valid, cannot use
[  604.558051][ T5624] usb 5-1: 1:1: cannot get freq (v2/v3): err -71
[  604.578659][ T5624] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  604.591607][ T5624] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  604.616724][ T5624] usb 5-1: clock source 0 is not valid, cannot use
[  604.626916][ T5624] usb 5-1: 2:1: cannot get freq (v2/v3): err -71
[  604.643769][ T5624] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  604.762609][T11837] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1663'.
[  604.773189][T11837] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1663'.
[  604.793269][ T5624] usb 5-1: USB disconnect, device number 97
[  605.024577][T11817] usb 2-1: new full-speed USB device number 99 using dummy_hcd
[  605.045704][T11841] dlm: no locking on control device
[  605.190935][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  605.214009][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  605.227914][T11817] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  605.237851][T11817] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.251997][T11817] usb 2-1: config 0 descriptor??
[  605.610432][    T9] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[  605.673786][T11849] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1666'.
[  605.713991][T11849] FAULT_INJECTION: forcing a failure.
[  605.713991][T11849] name failslab, interval 1, probability 0, space 0, times 0
[  605.714481][T11817] elan 0003:04F3:0755.0031: unknown main item tag 0x0
[  605.767794][T11849] CPU: 1 UID: 0 PID: 11849 Comm: syz.2.1666 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  605.767830][T11849] Tainted: [L]=SOFTLOCKUP
[  605.767838][T11849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  605.767850][T11849] Call Trace:
[  605.767856][T11849]  <TASK>
[  605.767863][T11849]  dump_stack_lvl+0xe8/0x150
[  605.767883][T11849]  should_fail_ex+0x412/0x560
[  605.767901][T11849]  ? __d_alloc+0x37/0x6f0
[  605.767918][T11849]  should_failslab+0xa8/0x100
[  605.767938][T11849]  kmem_cache_alloc_lru_noprof+0x87/0x640
[  605.767960][T11849]  __d_alloc+0x37/0x6f0
[  605.767980][T11849]  d_alloc+0x4b/0x190
[  605.767999][T11849]  ? lookup_one_qstr_excl+0xc4/0x360
[  605.768018][T11849]  lookup_one_qstr_excl+0xd8/0x360
[  605.768034][T11849]  ? lookup_noperm_common+0x245/0x430
[  605.768051][T11849]  start_dirop+0x5c/0x90
[  605.768066][T11849]  simple_start_creating+0xcc/0x110
[  605.768083][T11849]  ? __pfx_simple_start_creating+0x10/0x10
[  605.768100][T11849]  ? do_raw_spin_unlock+0xf5/0x210
[  605.768127][T11849]  ? mntput+0x65/0xc0
[  605.768149][T11849]  debugfs_start_creating+0xdb/0x1a0
[  605.768170][T11849]  __debugfs_create_file+0x6f/0x400
[  605.768191][T11849]  debugfs_create_file_full+0x3f/0x60
[  605.768212][T11849]  ref_tracker_dir_debugfs+0x197/0x360
[  605.768230][T11849]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  605.768272][T11849]  ? __kvmalloc_node_noprof+0x545/0x8a0
[  605.768302][T11849]  ? alloc_netdev_mqs+0xa8/0x1210
[  605.768331][T11849]  ? __raw_spin_lock_init+0x45/0x100
[  605.768350][T11849]  alloc_netdev_mqs+0x274/0x1210
[  605.768367][T11849]  ? __pfx_hsr_dev_setup+0x10/0x10
[  605.768389][T11849]  rtnl_create_link+0x31f/0xd70
[  605.768411][T11849]  rtnl_newlink_create+0x277/0xb70
[  605.768427][T11849]  ? __pfx___nla_validate_parse+0x10/0x10
[  605.768451][T11849]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  605.768469][T11849]  ? __pfx___mutex_lock+0x10/0x10
[  605.768491][T11849]  ? ns_capable+0x89/0xe0
[  605.768506][T11849]  rtnl_newlink+0x166a/0x1bb0
[  605.768524][T11849]  ? unwind_next_frame+0xa6/0x2550
[  605.768547][T11849]  ? __pfx_rtnl_newlink+0x10/0x10
[  605.768564][T11849]  ? __lock_acquire+0x6b5/0x2cf0
[  605.768579][T11849]  ? __lock_acquire+0x6b5/0x2cf0
[  605.768598][T11849]  ? unwind_next_frame+0xa6/0x2550
[  605.768617][T11849]  ? unwind_next_frame+0xa6/0x2550
[  605.768633][T11849]  ? is_bpf_text_address+0x26/0x2b0
[  605.768654][T11849]  ? is_bpf_text_address+0x26/0x2b0
[  605.768670][T11849]  ? __lock_acquire+0x6b5/0x2cf0
[  605.768685][T11849]  ? kernel_text_address+0xa5/0xe0
[  605.768703][T11849]  ? __kernel_text_address+0xd/0x30
[  605.768720][T11849]  ? unwind_get_return_address+0x4d/0x90
[  605.768734][T11849]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  605.768753][T11849]  ? arch_stack_walk+0xfb/0x150
[  605.768784][T11849]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  605.768824][T11849]  ? __pfx_rtnl_newlink+0x10/0x10
[  605.768846][T11849]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  605.768868][T11849]  ? kmem_cache_alloc_node_noprof+0x384/0x690
[  605.768894][T11849]  ? netlink_sendmsg+0x5d4/0xb40
[  605.768922][T11849]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  605.768945][T11849]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  605.768970][T11849]  ? __lock_acquire+0x6b5/0x2cf0
[  605.769004][T11849]  netlink_rcv_skb+0x232/0x4b0
[  605.769032][T11849]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  605.769057][T11849]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  605.769097][T11849]  ? netlink_deliver_tap+0x2e/0x1b0
[  605.769123][T11849]  ? netlink_deliver_tap+0x2e/0x1b0
[  605.769146][T11849]  netlink_unicast+0x75c/0x8e0
[  605.769176][T11849]  netlink_sendmsg+0x813/0xb40
[  605.769212][T11849]  ? __pfx_netlink_sendmsg+0x10/0x10
[  605.769241][T11849]  ? aa_sock_msg_perm+0xf1/0x1b0
[  605.769329][T11849]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  605.769349][T11849]  ____sys_sendmsg+0x972/0x9f0
[  605.769372][T11849]  ? __pfx_____sys_sendmsg+0x10/0x10
[  605.769391][T11849]  ? kstrtoull+0x12f/0x1d0
[  605.769410][T11849]  ___sys_sendmsg+0x2a5/0x360
[  605.769425][T11849]  ? __lock_acquire+0x6b5/0x2cf0
[  605.769441][T11849]  ? __pfx____sys_sendmsg+0x10/0x10
[  605.769458][T11849]  ? get_pid_task+0x20/0x1f0
[  605.769473][T11849]  ? get_pid_task+0x20/0x1f0
[  605.769487][T11849]  ? get_pid_task+0x20/0x1f0
[  605.769524][T11849]  ? __fget_files+0x2a/0x420
[  605.769543][T11849]  ? __fget_files+0x3a0/0x420
[  605.769564][T11849]  __sys_sendmsg+0x183/0x260
[  605.769581][T11849]  ? __pfx___sys_sendmsg+0x10/0x10
[  605.769610][T11849]  __do_fast_syscall_32+0x229/0x6e0
[  605.769627][T11849]  ? do_fast_syscall_32+0x33/0x70
[  605.769641][T11849]  ? lockdep_hardirqs_on+0x7a/0x110
[  605.769655][T11849]  ? asm_int80_emulation+0x1a/0x20
[  605.769667][T11849]  ? do_int80_emulation+0x286/0x530
[  605.769682][T11849]  ? trace_irq_disable+0x3b/0x140
[  605.769702][T11849]  do_fast_syscall_32+0x33/0x70
[  605.769718][T11849]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  605.769733][T11849] RIP: 0023:0xf6fdf01c
[  605.769746][T11849] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  605.769757][T11849] RSP: 002b:00000000f53cd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  605.769772][T11849] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  605.769781][T11849] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[  605.769789][T11849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  605.769796][T11849] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  605.769804][T11849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  605.769822][T11849]  </TASK>
[  606.316995][T11817] elan 0003:04F3:0755.0031: unknown main item tag 0x0
[  606.350112][T11817] elan 0003:04F3:0755.0031: unknown main item tag 0x0
[  606.354444][T11849] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  606.363502][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  606.377641][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  606.391709][T11849] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  606.391789][T11817] elan 0003:04F3:0755.0031: unknown main item tag 0x0
[  606.424239][    T9] usb 5-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  606.436002][T11817] elan 0003:04F3:0755.0031: unknown main item tag 0x0
[  606.444897][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.456740][T11817] elan 0003:04F3:0755.0031: failed to start in urb: -90
[  606.477080][    T9] usb 5-1: config 0 descriptor??
[  606.503139][T11817] elan 0003:04F3:0755.0031: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[  606.568430][T11817] usb 2-1: USB disconnect, device number 99
[  606.958139][T11864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  606.983164][T11864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  607.062533][    T9] hid-alps 0003:044E:120C.0032: unknown main item tag 0x0
[  607.076541][    T9] hid-alps 0003:044E:120C.0032: unexpected long global item
[  607.086224][    T9] hid-alps 0003:044E:120C.0032: parse failed
[  607.098999][    T9] hid-alps 0003:044E:120C.0032: probe with driver hid-alps failed with error -22
[  607.241043][ T5359] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[  607.296907][T11847] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  607.308199][T11847] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  607.408994][ T5359] usb 2-1: Using ep0 maxpacket: 8
[  607.418150][ T5359] usb 2-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[  607.427950][ T5359] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  607.436024][ T5359] usb 2-1: Product: syz
[  607.440402][ T5359] usb 2-1: Manufacturer: syz
[  607.445395][ T5359] usb 2-1: SerialNumber: syz
[  607.945249][T11877] bond4: entered allmulticast mode
[  608.411057][  T808] usb 5-1: USB disconnect, device number 98
[  608.633872][T11891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  608.737199][T11891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  610.064935][ T5359] usb 2-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  610.091128][ T5359] usb 2-1: clock source 0 is not valid, cannot use
[  610.121659][ T5359] usb 2-1: 1:1: cannot get freq (v2/v3): err -71
[  610.136065][ T5359] usb 2-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  610.161236][ T5359] usb 2-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  610.181510][ T5359] usb 2-1: clock source 0 is not valid, cannot use
[  610.199278][ T5359] usb 2-1: 2:1: cannot get freq (v2/v3): err -71
[  610.223206][ T5359] usb 2-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[  610.434925][T11898] FAULT_INJECTION: forcing a failure.
[  610.434925][T11898] name failslab, interval 1, probability 0, space 0, times 0
[  610.484913][ T5359] usb 2-1: USB disconnect, device number 100
[  610.509172][T11898] CPU: 1 UID: 0 PID: 11898 Comm: syz.1.1681 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  610.509207][T11898] Tainted: [L]=SOFTLOCKUP
[  610.509215][T11898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  610.509228][T11898] Call Trace:
[  610.509237][T11898]  <TASK>
[  610.509247][T11898]  dump_stack_lvl+0xe8/0x150
[  610.509278][T11898]  should_fail_ex+0x412/0x560
[  610.509306][T11898]  should_failslab+0xa8/0x100
[  610.509332][T11898]  ? skb_clone+0x212/0x3a0
[  610.509359][T11898]  kmem_cache_alloc_noprof+0x87/0x650
[  610.509388][T11898]  ? __netlink_lookup+0xc6/0x8b0
[  610.509421][T11898]  skb_clone+0x212/0x3a0
[  610.509451][T11898]  __netlink_deliver_tap+0x404/0x850
[  610.509489][T11898]  ? netlink_deliver_tap+0x2e/0x1b0
[  610.509516][T11898]  netlink_deliver_tap+0x19c/0x1b0
[  610.509568][T11898]  netlink_unicast+0x730/0x8e0
[  610.509604][T11898]  netlink_sendmsg+0x813/0xb40
[  610.509639][T11898]  ? __pfx_netlink_sendmsg+0x10/0x10
[  610.509668][T11898]  ? aa_sock_msg_perm+0xf1/0x1b0
[  610.509696][T11898]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  610.509728][T11898]  ____sys_sendmsg+0x972/0x9f0
[  610.509765][T11898]  ? __pfx_____sys_sendmsg+0x10/0x10
[  610.509797][T11898]  ? kstrtoull+0x12f/0x1d0
[  610.509827][T11898]  ___sys_sendmsg+0x2a5/0x360
[  610.509851][T11898]  ? __lock_acquire+0x6b5/0x2cf0
[  610.509879][T11898]  ? __pfx____sys_sendmsg+0x10/0x10
[  610.509906][T11898]  ? get_pid_task+0x20/0x1f0
[  610.509932][T11898]  ? get_pid_task+0x20/0x1f0
[  610.509954][T11898]  ? get_pid_task+0x20/0x1f0
[  610.510008][T11898]  ? __fget_files+0x2a/0x420
[  610.510032][T11898]  ? __fget_files+0x3a0/0x420
[  610.510068][T11898]  __sys_sendmsg+0x183/0x260
[  610.510097][T11898]  ? __pfx___sys_sendmsg+0x10/0x10
[  610.510147][T11898]  __do_fast_syscall_32+0x229/0x6e0
[  610.510174][T11898]  ? do_fast_syscall_32+0x33/0x70
[  610.510202][T11898]  ? lockdep_hardirqs_on+0x7a/0x110
[  610.510224][T11898]  ? asm_int80_emulation+0x1a/0x20
[  610.510242][T11898]  ? do_int80_emulation+0x286/0x530
[  610.510264][T11898]  ? trace_irq_disable+0x3b/0x140
[  610.510295][T11898]  do_fast_syscall_32+0x33/0x70
[  610.510318][T11898]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  610.510338][T11898] RIP: 0023:0xf7fc801c
[  610.510354][T11898] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  610.510369][T11898] RSP: 002b:00000000f548650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  610.510388][T11898] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  610.510401][T11898] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[  610.510412][T11898] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  610.510422][T11898] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  610.510433][T11898] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  610.510461][T11898]  </TASK>
[  610.617165][T11901] ALSA: seq fatal error: cannot create timer (-16)
[  610.779463][ T5765] udevd[5765]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  611.000537][T11900] tipc: Started in network mode
[  611.000573][T11900] tipc: Node identity 40000000000000000000000000000001, cluster identity 4711
[  611.000610][T11900] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  611.968925][ T5359] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[  612.215219][ T5359] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  612.243155][ T5359] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  612.272927][ T5359] usb 5-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  612.303670][ T5359] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.349658][ T5359] usb 5-1: config 0 descriptor??
[  613.010232][ T5359] hid-alps 0003:044E:120C.0033: unknown main item tag 0x0
[  613.029499][ T5359] hid-alps 0003:044E:120C.0033: unexpected long global item
[  613.053779][ T5359] hid-alps 0003:044E:120C.0033: parse failed
[  613.067447][ T5359] hid-alps 0003:044E:120C.0033: probe with driver hid-alps failed with error -22
[  613.108894][  T808] usb 2-1: new low-speed USB device number 101 using dummy_hcd
[  613.291103][  T808] usb 2-1: Invalid ep0 maxpacket: 64
[  613.300374][T11930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  613.360001][T11930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  613.438963][  T808] usb 2-1: new low-speed USB device number 102 using dummy_hcd
[  613.599149][  T808] usb 2-1: Invalid ep0 maxpacket: 64
[  613.607615][  T808] usb usb2-port1: attempt power cycle
[  613.761640][T11937] PKCS7: Unknown OID: [4] 5.25.287.112.81.102.117.87.150326315.2007.15776.1
[  613.771597][T11937] PKCS7: Only support pkcs7_signedData type
[  613.949003][  T808] usb 2-1: new low-speed USB device number 103 using dummy_hcd
[  613.981532][  T808] usb 2-1: Invalid ep0 maxpacket: 64
[  614.030875][T11943] bridge18: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  614.118987][  T808] usb 2-1: new low-speed USB device number 104 using dummy_hcd
[  614.149811][  T808] usb 2-1: Invalid ep0 maxpacket: 64
[  614.155809][  T808] usb usb2-port1: unable to enumerate USB device
[  614.224960][T11946] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1697'.
[  614.859241][T11817] usb 5-1: USB disconnect, device number 99
[  615.024753][T11959] netlink: del zone limit has 4 unknown bytes
[  616.182006][T11986] syz_tun: entered allmulticast mode
[  616.747915][T11981] syz_tun: left allmulticast mode
[  617.089798][    T9] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[  617.296610][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  617.339553][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  617.378712][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1713'.
[  617.390307][    T9] usb 5-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  617.416691][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.438636][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1713'.
[  617.452470][    T9] usb 5-1: config 0 descriptor??
[  617.502836][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1713'.
[  617.536785][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1713'.
[  617.564677][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1713'.
[  617.595427][T12001] ALSA: mixer_oss: invalid OSS volume '�'
[  618.014525][    T9] hid-alps 0003:044E:120C.0034: unknown main item tag 0x0
[  618.041566][    T9] hid-alps 0003:044E:120C.0034: unexpected long global item
[  618.067259][    T9] hid-alps 0003:044E:120C.0034: parse failed
[  618.089715][    T9] hid-alps 0003:044E:120C.0034: probe with driver hid-alps failed with error -22
[  618.340370][T12002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  618.424534][T12002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  618.943437][T12009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1715'.
[  618.954460][T12014] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1717'.
[  618.965043][T12014] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1717'.
[  619.304112][T12025] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1719'.
[  619.487472][T12025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  619.526908][T12025] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  620.113385][  T808] usb 5-1: USB disconnect, device number 100
[  620.266032][T12029] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  620.276832][T12039] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1722'.
[  621.157786][T12057] FAULT_INJECTION: forcing a failure.
[  621.157786][T12057] name failslab, interval 1, probability 0, space 0, times 0
[  621.174096][T12057] CPU: 0 UID: 0 PID: 12057 Comm: syz.0.1729 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  621.174139][T12057] Tainted: [L]=SOFTLOCKUP
[  621.174147][T12057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  621.174159][T12057] Call Trace:
[  621.174169][T12057]  <TASK>
[  621.174178][T12057]  dump_stack_lvl+0xe8/0x150
[  621.174217][T12057]  should_fail_ex+0x412/0x560
[  621.174250][T12057]  should_failslab+0xa8/0x100
[  621.174280][T12057]  ? security_inode_alloc+0x39/0x310
[  621.174308][T12057]  kmem_cache_alloc_noprof+0x87/0x650
[  621.174344][T12057]  security_inode_alloc+0x39/0x310
[  621.174374][T12057]  inode_init_always_gfp+0x9c8/0xda0
[  621.174406][T12057]  ? __pfx_sock_alloc_inode+0x10/0x10
[  621.174426][T12057]  alloc_inode+0x82/0x1b0
[  621.174451][T12057]  __sock_create+0x12d/0x9d0
[  621.174482][T12057]  mptcp_subflow_create_socket+0xfb/0x800
[  621.174513][T12057]  ? ima_match_policy+0x2146/0x21e0
[  621.174539][T12057]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  621.174572][T12057]  ? do_raw_spin_lock+0x12b/0x2f0
[  621.174601][T12057]  ? lock_sock_nested+0x6a/0x100
[  621.174624][T12057]  __mptcp_nmpc_sk+0x155/0x790
[  621.174657][T12057]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  621.174683][T12057]  ? mptcp_getsockopt+0x1030/0x1ed0
[  621.174717][T12057]  ? __local_bh_enable_ip+0xd0/0x130
[  621.174745][T12057]  mptcp_getsockopt+0x106e/0x1ed0
[  621.174776][T12057]  ? up_write+0x1ab/0x410
[  621.174810][T12057]  ? __pfx_mptcp_getsockopt+0x10/0x10
[  621.174837][T12057]  ? process_measurement+0x195e/0x1c80
[  621.174870][T12057]  ? process_measurement+0x2d1/0x1c80
[  621.174914][T12057]  ? __pfx_process_measurement+0x10/0x10
[  621.174946][T12057]  ? tomoyo_check_open_permission+0x38e/0x470
[  621.174977][T12057]  ? __lock_acquire+0x6b5/0x2cf0
[  621.175007][T12057]  ? __lock_acquire+0x6b5/0x2cf0
[  621.175032][T12057]  ? __lock_acquire+0x6b5/0x2cf0
[  621.175065][T12057]  ? unwind_next_frame+0xa6/0x2550
[  621.175100][T12057]  ? __lock_acquire+0x6b5/0x2cf0
[  621.175137][T12057]  ? __lock_acquire+0x6b5/0x2cf0
[  621.175168][T12057]  ? aa_file_perm+0x192/0x15e0
[  621.175195][T12057]  ? aa_label_sk_perm+0x532/0x6e0
[  621.175237][T12057]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  621.175265][T12057]  ? __lock_acquire+0x6b5/0x2cf0
[  621.175291][T12057]  ? _parse_integer_limit+0x1ae/0x1f0
[  621.175322][T12057]  ? kstrtoull+0x12f/0x1d0
[  621.175364][T12057]  ? aa_sk_perm+0x6d5/0x900
[  621.175390][T12057]  ? get_pid_task+0x20/0x1f0
[  621.175416][T12057]  ? get_pid_task+0x20/0x1f0
[  621.175449][T12057]  ? __pfx_aa_sk_perm+0x10/0x10
[  621.175471][T12057]  ? __lock_acquire+0x6b5/0x2cf0
[  621.175498][T12057]  ? aa_sock_opt_perm+0xff/0x1a0
[  621.175526][T12057]  ? sock_common_getsockopt+0x2d/0xb0
[  621.175548][T12057]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  621.175570][T12057]  do_sock_getsockopt+0x51d/0x7e0
[  621.175603][T12057]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  621.175625][T12057]  ? __fget_files+0x2a/0x420
[  621.175667][T12057]  ? __fget_files+0x2a/0x420
[  621.175690][T12057]  ? __fget_files+0x3a0/0x420
[  621.175712][T12057]  ? __fget_files+0x2a/0x420
[  621.175744][T12057]  __ia32_sys_getsockopt+0x1a4/0x240
[  621.175781][T12057]  __do_fast_syscall_32+0x229/0x6e0
[  621.175809][T12057]  ? do_fast_syscall_32+0x33/0x70
[  621.175833][T12057]  ? lockdep_hardirqs_on+0x7a/0x110
[  621.175856][T12057]  ? asm_int80_emulation+0x1a/0x20
[  621.175875][T12057]  ? do_int80_emulation+0x286/0x530
[  621.175898][T12057]  ? trace_irq_disable+0x3b/0x140
[  621.175932][T12057]  do_fast_syscall_32+0x33/0x70
[  621.175957][T12057]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  621.175980][T12057] RIP: 0023:0xf701f01c
[  621.176001][T12057] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  621.176017][T12057] RSP: 002b:00000000f540d50c EFLAGS: 00000206 ORIG_RAX: 000000000000016d
[  621.176040][T12057] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006
[  621.176055][T12057] RDX: 000000000000001a RSI: 0000000000000000 RDI: 00000000800000c0
[  621.176068][T12057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  621.176079][T12057] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  621.176091][T12057] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  621.176122][T12057]  </TASK>
[  621.176275][T12057] socket: no more sockets
[  622.078941][ T5764] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[  622.337924][ T5764] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  622.369845][ T5764] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  622.423480][ T5764] usb 5-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  622.444746][ T5764] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.475578][ T5764] usb 5-1: config 0 descriptor??
[  622.735441][T12086] sctp: [Deprecated]: syz.1.1737 (pid 12086) Use of struct sctp_assoc_value in delayed_ack socket option.
[  622.735441][T12086] Use struct sctp_sack_info instead
[  623.005439][T12085] netlink: 'syz.3.1736': attribute type 13 has an invalid length.
[  623.100029][T11817] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[  623.225906][ T5764] hid-alps 0003:044E:120C.0035: unknown main item tag 0x0
[  623.250413][ T5764] hid-alps 0003:044E:120C.0035: unexpected long global item
[  623.267819][ T5764] hid-alps 0003:044E:120C.0035: parse failed
[  623.309294][T11817] usb 2-1: Using ep0 maxpacket: 32
[  623.317429][ T5764] hid-alps 0003:044E:120C.0035: probe with driver hid-alps failed with error -22
[  623.318159][T11817] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  623.410478][T11817] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  623.433155][T11817] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  623.476349][T11817] usb 2-1: Product: syz
[  623.491595][T11817] usb 2-1: Manufacturer: syz
[  623.503432][T11817] usb 2-1: SerialNumber: syz
[  623.526770][T11817] usb 2-1: config 0 descriptor??
[  623.542649][T12071] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  623.560337][T12087] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  623.567913][T12071] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  623.577399][T11817] hub 2-1:0.0: bad descriptor, ignoring hub
[  623.600410][T11817] hub 2-1:0.0: probe with driver hub failed with error -5
[  624.000964][T11817] usb 2-1: USB disconnect, device number 105
[  624.348999][T11817] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[  624.509954][T11817] usb 2-1: Using ep0 maxpacket: 32
[  624.519599][T11817] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  624.534231][T11817] usb 2-1: string descriptor 0 read error: -22
[  624.540843][T11817] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  624.564921][T11817] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  624.585286][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  624.591810][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  624.635403][T11817] usb 2-1: config 0 descriptor??
[  624.658624][T12086] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  624.677924][T11817] hub 2-1:0.0: bad descriptor, ignoring hub
[  624.697378][T11817] hub 2-1:0.0: probe with driver hub failed with error -5
[  624.956293][ T5764] usb 5-1: USB disconnect, device number 101
[  625.216785][T12094] syz.4.1738 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  626.250046][ T5764] usb 2-1: USB disconnect, device number 106
[  626.693992][T12113] program syz.4.1742 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  626.979056][ T5755] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[  627.143984][ T5755] usb 2-1: Using ep0 maxpacket: 8
[  627.165402][ T5755] usb 2-1: unable to get BOS descriptor or descriptor too short
[  627.184925][ T5755] usb 2-1: config 0 has an invalid interface number: 88 but max is 0
[  627.215684][ T5755] usb 2-1: config 0 has no interface number 0
[  627.266699][ T5755] usb 2-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  627.295622][ T5755] usb 2-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  627.334332][ T5755] usb 2-1: config 0 interface 88 has no altsetting 0
[  627.360026][ T5755] usb 2-1: language id specifier not provided by device, defaulting to English
[  627.378486][ T5755] usb 2-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  627.388961][ T5755] usb 2-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  627.427479][ T5755] usb 2-1: Product: syz
[  627.458458][ T5755] usb 2-1: SerialNumber: syz
[  627.512029][ T5755] usb 2-1: config 0 descriptor??
[  627.600963][T12117] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1743'.
[  630.642704][ T5755] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.88/input/input62
[  630.720547][ T5755] usb 2-1: USB disconnect, device number 107
[  631.163074][   T29] audit: type=1326 audit(1777611552.822:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  631.238523][T12153] netlink: 'syz.2.1752': attribute type 3 has an invalid length.
[  631.260261][   T29] audit: type=1326 audit(1777611552.852:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  631.400017][   T29] audit: type=1326 audit(1777611552.852:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  631.479394][   T29] audit: type=1326 audit(1777611552.852:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  631.619931][   T29] audit: type=1326 audit(1777611552.852:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  631.742650][   T29] audit: type=1326 audit(1777611552.852:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  631.891445][   T29] audit: type=1326 audit(1777611552.852:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  631.967865][   T29] audit: type=1326 audit(1777611552.852:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  632.084821][   T29] audit: type=1326 audit(1777611552.852:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  632.197690][   T29] audit: type=1326 audit(1777611552.852:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12146 comm="syz.1.1753" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc801c code=0x7ffc0000
[  632.399587][  T993] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[  632.573740][  T993] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  632.584075][  T993] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.622370][  T993] usb 2-1: Product: syz
[  632.644997][  T993] usb 2-1: Manufacturer: syz
[  632.656568][  T993] usb 2-1: SerialNumber: syz
[  632.686407][  T993] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  632.704574][ T5755] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  633.024883][T12178] syzkaller0: entered promiscuous mode
[  633.041949][T12178] syzkaller0: entered allmulticast mode
[  633.072133][T12178] 0: reclassify loop, rule prio 0, protocol 800
[  633.697654][T12188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1762'.
[  633.798308][T12189] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1762'.
[  633.847346][T12190] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1762'.
[  633.886702][T12188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1762'.
[  633.929134][ T5755] usb 2-1: Service connection timeout for: 256
[  633.940775][ T5755] ath9k_htc 2-1:1.0: ath9k_htc: Unable to initialize HTC services
[  633.988157][ T5755] ath9k_htc: Failed to initialize the device
[  634.046581][ T5755] usb 2-1: ath9k_htc: USB layer deinitialized
[  634.283971][ T5755] usb 2-1: USB disconnect, device number 108
[  635.398977][ T5764] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[  635.569055][ T5764] usb 5-1: Using ep0 maxpacket: 8
[  635.599094][ T5764] usb 5-1: unable to get BOS descriptor or descriptor too short
[  635.642426][ T5764] usb 5-1: config 0 has an invalid interface number: 88 but max is 0
[  635.670742][ T5764] usb 5-1: config 0 has no interface number 0
[  635.691734][ T5764] usb 5-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  635.718348][ T5764] usb 5-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  635.744245][ T5764] usb 5-1: config 0 interface 88 has no altsetting 0
[  635.767952][ T5764] usb 5-1: language id specifier not provided by device, defaulting to English
[  635.834248][ T5764] usb 5-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  635.856177][ T5764] usb 5-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  635.884898][ T5764] usb 5-1: Product: syz
[  635.898677][ T5764] usb 5-1: SerialNumber: syz
[  635.927601][ T5764] usb 5-1: config 0 descriptor??
[  637.657278][T12221] syzkaller0: entered promiscuous mode
[  637.673521][T12221] syzkaller0: entered allmulticast mode
[  637.704645][T12221] 0: reclassify loop, rule prio 0, protocol 800
[  638.886639][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1773'.
[  638.973590][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1773'.
[  639.004395][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1773'.
[  639.022748][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1773'.
[  639.341099][ T5764] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.88/input/input63
[  639.414257][T12233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  639.441555][T12233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  639.482768][ T5764] usb 5-1: USB disconnect, device number 102
[  639.852697][T12235] batadv_slave_0: entered promiscuous mode
[  640.185608][T12234] batadv_slave_0: left promiscuous mode
[  640.573163][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1778'.
[  640.600594][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1778'.
[  640.613997][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1778'.
[  640.628016][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1778'.
[  641.642529][T12258] program syz.3.1782 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  642.393627][T12263] bridge0: port 3(erspan0) entered blocking state
[  642.422331][T12263] bridge0: port 3(erspan0) entered disabled state
[  642.485885][T12265] bridge0: port 3(erspan0) entered disabled state
[  643.072356][T12271] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.081554][T12271] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.917447][T12281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  643.940190][T12281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  643.966181][T12281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  643.981143][T12281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  644.472511][T12292] FAULT_INJECTION: forcing a failure.
[  644.472511][T12292] name failslab, interval 1, probability 0, space 0, times 0
[  644.511903][T12292] CPU: 1 UID: 0 PID: 12292 Comm: syz.0.1792 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  644.511940][T12292] Tainted: [L]=SOFTLOCKUP
[  644.511948][T12292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  644.511960][T12292] Call Trace:
[  644.511969][T12292]  <TASK>
[  644.511977][T12292]  dump_stack_lvl+0xe8/0x150
[  644.511998][T12292]  should_fail_ex+0x412/0x560
[  644.512018][T12292]  should_failslab+0xa8/0x100
[  644.512038][T12292]  __kmalloc_cache_noprof+0x88/0x660
[  644.512055][T12292]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  644.512071][T12292]  ? sctp_add_bind_addr+0x8c/0x370
[  644.512090][T12292]  sctp_add_bind_addr+0x8c/0x370
[  644.512107][T12292]  sctp_copy_local_addr_list+0x314/0x4f0
[  644.512124][T12292]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  644.512140][T12292]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  644.512156][T12292]  ? sctp_v6_is_any+0x64/0x80
[  644.512172][T12292]  ? sctp_copy_one_addr+0x93/0x360
[  644.512193][T12292]  sctp_bind_addr_copy+0xb3/0x3c0
[  644.512209][T12292]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  644.512229][T12292]  sctp_connect_new_asoc+0x2ff/0x6b0
[  644.512249][T12292]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  644.512268][T12292]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  644.512287][T12292]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  644.512304][T12292]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  644.512322][T12292]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  644.512340][T12292]  ? security_sctp_bind_connect+0x7e/0x2c0
[  644.512355][T12292]  sctp_sendmsg+0x1528/0x2c10
[  644.512382][T12292]  ? __pfx_sctp_sendmsg+0x10/0x10
[  644.512402][T12292]  ? aa_sk_perm+0x6d5/0x900
[  644.512416][T12292]  ? __might_fault+0xaf/0x130
[  644.512434][T12292]  ? __pfx_aa_sk_perm+0x10/0x10
[  644.512458][T12292]  ? sock_rps_record_flow+0x19/0x350
[  644.512478][T12292]  ? inet_sendmsg+0x2f4/0x370
[  644.512494][T12292]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  644.512512][T12292]  ____sys_sendmsg+0x80a/0x9f0
[  644.512534][T12292]  ? __pfx_____sys_sendmsg+0x10/0x10
[  644.512560][T12292]  ___sys_sendmsg+0x2a5/0x360
[  644.512575][T12292]  ? __lock_acquire+0x6b5/0x2cf0
[  644.512592][T12292]  ? __pfx____sys_sendmsg+0x10/0x10
[  644.512610][T12292]  ? kstrtoull+0x12f/0x1d0
[  644.512640][T12292]  ? __fget_files+0x2a/0x420
[  644.512655][T12292]  ? __fget_files+0x3a0/0x420
[  644.512675][T12292]  __sys_sendmmsg+0x2e7/0x4e0
[  644.512694][T12292]  ? __pfx___sys_sendmmsg+0x10/0x10
[  644.512727][T12292]  ? fput+0xa0/0xd0
[  644.512741][T12292]  ? ksys_write+0x242/0x270
[  644.512763][T12292]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  644.512781][T12292]  __do_fast_syscall_32+0x229/0x6e0
[  644.512798][T12292]  ? do_fast_syscall_32+0x33/0x70
[  644.512813][T12292]  ? lockdep_hardirqs_on+0x7a/0x110
[  644.512826][T12292]  ? asm_int80_emulation+0x1a/0x20
[  644.512838][T12292]  ? do_int80_emulation+0x286/0x530
[  644.512852][T12292]  ? trace_irq_disable+0x3b/0x140
[  644.512872][T12292]  do_fast_syscall_32+0x33/0x70
[  644.512888][T12292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  644.512903][T12292] RIP: 0023:0xf701f01c
[  644.512916][T12292] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  644.512926][T12292] RSP: 002b:00000000f540d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  644.512941][T12292] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  644.512950][T12292] RDX: 0000000000000001 RSI: 0000000000008000 RDI: 0000000000000000
[  644.512957][T12292] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  644.512965][T12292] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  644.512972][T12292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  644.512990][T12292]  </TASK>
[  645.358941][ T5359] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[  645.457478][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  645.457497][   T29] audit: type=1326 audit(1777611567.102:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f01c code=0x7ffc0000
[  645.526692][T12312] binder: 12305:12312 ioctl 4018620d 0 returned -22
[  645.534859][ T5359] usb 5-1: Using ep0 maxpacket: 8
[  645.548335][ T5359] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  645.563960][ T5359] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  645.583329][T12314] FAULT_INJECTION: forcing a failure.
[  645.583329][T12314] name failslab, interval 1, probability 0, space 0, times 0
[  645.584668][   T29] audit: type=1326 audit(1777611567.152:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f01c code=0x7ffc0000
[  645.620915][ T5359] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  645.631978][ T5359] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  645.642352][   T29] audit: type=1326 audit(1777611567.152:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf701f01c code=0x7ffc0000
[  645.667431][   T29] audit: type=1326 audit(1777611567.152:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f01c code=0x7ffc0000
[  645.678057][T12312] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1799'.
[  645.700559][T12314] CPU: 1 UID: 0 PID: 12314 Comm: syz.2.1800 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  645.700589][T12314] Tainted: [L]=SOFTLOCKUP
[  645.700602][T12314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  645.700613][T12314] Call Trace:
[  645.700621][T12314]  <TASK>
[  645.700630][T12314]  dump_stack_lvl+0xe8/0x150
[  645.700658][T12314]  should_fail_ex+0x412/0x560
[  645.700686][T12314]  should_failslab+0xa8/0x100
[  645.700715][T12314]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  645.700740][T12314]  ? __alloc_skb+0x186/0x7d0
[  645.700760][T12314]  ? __alloc_skb+0x1d0/0x7d0
[  645.700778][T12314]  ? __local_bh_enable_ip+0xd0/0x130
[  645.700803][T12314]  __alloc_skb+0x1d0/0x7d0
[  645.700827][T12314]  sock_wmalloc+0xb2/0x130
[  645.700854][T12314]  pppol2tp_sendmsg+0x183/0x5f0
[  645.700891][T12314]  ____sys_sendmsg+0x972/0x9f0
[  645.700924][T12314]  ? __pfx_____sys_sendmsg+0x10/0x10
[  645.700954][T12314]  ? kfree+0x4d/0x640
[  645.700981][T12314]  ___sys_sendmsg+0x2a5/0x360
[  645.701003][T12314]  ? __lock_acquire+0x6b5/0x2cf0
[  645.701027][T12314]  ? __pfx____sys_sendmsg+0x10/0x10
[  645.701054][T12314]  ? kstrtoull+0x12f/0x1d0
[  645.701110][T12314]  __sys_sendmmsg+0x2e7/0x4e0
[  645.701138][T12314]  ? __pfx___sys_sendmmsg+0x10/0x10
[  645.701194][T12314]  ? fput+0xa0/0xd0
[  645.701216][T12314]  ? ksys_write+0x242/0x270
[  645.701248][T12314]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  645.701277][T12314]  __do_fast_syscall_32+0x229/0x6e0
[  645.701301][T12314]  ? do_fast_syscall_32+0x33/0x70
[  645.701323][T12314]  ? lockdep_hardirqs_on+0x7a/0x110
[  645.701346][T12314]  ? asm_int80_emulation+0x1a/0x20
[  645.701366][T12314]  ? do_int80_emulation+0x286/0x530
[  645.701389][T12314]  ? trace_irq_disable+0x3b/0x140
[  645.701420][T12314]  do_fast_syscall_32+0x33/0x70
[  645.701446][T12314]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  645.701472][T12314] RIP: 0023:0xf6fdf01c
[  645.701491][T12314] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  645.701511][T12314] RSP: 002b:00000000f53cd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  645.701535][T12314] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000980
[  645.701550][T12314] RDX: 0000000000000003 RSI: 0000000000000004 RDI: 0000000000000000
[  645.701563][T12314] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  645.701575][T12314] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  645.701588][T12314] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  645.701618][T12314]  </TASK>
[  645.701781][ T5359] usb 5-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  645.701813][ T5359] usb 5-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  645.701836][ T5359] usb 5-1: Product: syz
[  645.701853][ T5359] usb 5-1: Manufacturer: syz
[  645.701870][ T5359] usb 5-1: SerialNumber: syz
[  645.706039][ T5359] usb 5-1: config 0 descriptor??
[  646.018879][   T29] audit: type=1326 audit(1777611567.152:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f01c code=0x7ffc0000
[  646.061306][   T29] audit: type=1326 audit(1777611567.152:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf701f01c code=0x7ffc0000
[  646.103353][   T29] audit: type=1326 audit(1777611567.162:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f01c code=0x7ffc0000
[  646.137987][   T29] audit: type=1326 audit(1777611567.162:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf701f01c code=0x7ffc0000
[  646.172730][   T29] audit: type=1326 audit(1777611567.352:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f01c code=0x7ffc0000
[  646.200450][   T29] audit: type=1326 audit(1777611567.352:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12301 comm="syz.0.1797" exe="/root/ci-upstream-kasan-gce-386/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f01c code=0x7ffc0000
[  646.527565][T12327] program syz.2.1802 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  646.540749][ T5359] rc_core: IR keymap rc-imon-rsc not found
[  646.546866][ T5359] Registered IR keymap rc-empty
[  646.574058][ T5359] rc rc0: iMON Station as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  646.619454][ T5359] input: iMON Station as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input64
[  646.634905][T12296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  646.667885][T12296] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  646.676817][ T5359] imon_raw 5-1:0.0: probe with driver imon_raw failed with error -90
[  646.767421][ T5359] usb 5-1: USB disconnect, device number 103
[  647.272753][T12331] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1803'.
[  648.012173][T12349] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1810'.
[  648.109706][T12352] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1811'.
[  648.247403][T12359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1813'.
[  648.272224][T12359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1813'.
[  648.297199][T12359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1813'.
[  648.314611][T12359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1813'.
[  648.418977][ T5359] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[  648.592660][ T5359] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  648.625521][ T5359] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  648.651838][ T5359] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  648.669323][ T5359] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.693957][ T5359] usb 2-1: config 0 descriptor??
[  648.843873][T12364] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1816'.
[  648.849094][T12363] loop7: detected capacity change from 0 to 7
[  648.855292][T12364] FAULT_INJECTION: forcing a failure.
[  648.855292][T12364] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  648.883006][T12364] CPU: 0 UID: 0 PID: 12364 Comm: syz.4.1816 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  648.883043][T12364] Tainted: [L]=SOFTLOCKUP
[  648.883051][T12364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  648.883062][T12364] Call Trace:
[  648.883071][T12364]  <TASK>
[  648.883081][T12364]  dump_stack_lvl+0xe8/0x150
[  648.883113][T12364]  should_fail_ex+0x412/0x560
[  648.883144][T12364]  _copy_from_iter+0x1d3/0x1670
[  648.883173][T12364]  ? rcu_is_watching+0x15/0xb0
[  648.883303][T12364]  ? __pfx__copy_from_iter+0x10/0x10
[  648.883348][T12364]  ? netlink_sendmsg+0x650/0xb40
[  648.883372][T12364]  ? skb_put+0x11b/0x210
[  648.883399][T12364]  netlink_sendmsg+0x6c0/0xb40
[  648.883426][T12364]  ? __might_fault+0xaf/0x130
[  648.883460][T12364]  ? __pfx_netlink_sendmsg+0x10/0x10
[  648.883489][T12364]  ? aa_sock_msg_perm+0xf1/0x1b0
[  648.883517][T12364]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  648.883546][T12364]  ____sys_sendmsg+0x972/0x9f0
[  648.883581][T12364]  ? __pfx_____sys_sendmsg+0x10/0x10
[  648.883613][T12364]  ? kstrtoull+0x12f/0x1d0
[  648.883645][T12364]  ___sys_sendmsg+0x2a5/0x360
[  648.883671][T12364]  ? __lock_acquire+0x6b5/0x2cf0
[  648.883700][T12364]  ? __pfx____sys_sendmsg+0x10/0x10
[  648.883739][T12364]  ? get_pid_task+0x20/0x1f0
[  648.883764][T12364]  ? get_pid_task+0x20/0x1f0
[  648.883787][T12364]  ? get_pid_task+0x20/0x1f0
[  648.883841][T12364]  ? __fget_files+0x2a/0x420
[  648.883867][T12364]  ? __fget_files+0x3a0/0x420
[  648.883900][T12364]  __sys_sendmsg+0x183/0x260
[  648.883929][T12364]  ? __pfx___sys_sendmsg+0x10/0x10
[  648.883977][T12364]  __do_fast_syscall_32+0x229/0x6e0
[  648.884007][T12364]  ? do_fast_syscall_32+0x33/0x70
[  648.884032][T12364]  ? lockdep_hardirqs_on+0x7a/0x110
[  648.884056][T12364]  ? asm_int80_emulation+0x1a/0x20
[  648.884076][T12364]  ? do_int80_emulation+0x286/0x530
[  648.884100][T12364]  ? trace_irq_disable+0x3b/0x140
[  648.884135][T12364]  do_fast_syscall_32+0x33/0x70
[  648.884162][T12364]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  648.884187][T12364] RIP: 0023:0xf7fe801c
[  648.884211][T12364] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  648.884229][T12364] RSP: 002b:00000000f54a650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  648.884252][T12364] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  648.884279][T12364] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  648.884292][T12364] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  648.884305][T12364] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  648.884318][T12364] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  648.884349][T12364]  </TASK>
[  649.248479][T12363] Dev loop7: unable to read RDB block 7
[  649.252491][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  649.254505][T12363]  loop7: unable to read partition table
[  649.263987][    C0] buffer_io_error: 11 callbacks suppressed
[  649.264007][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  649.280124][T12363] loop7: partition table beyond EOD, truncated
[  649.291748][T12363] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  649.297282][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  649.315265][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  649.413132][ T5359] cm6533_jd 0003:0D8C:0022.0036: unbalanced delimiter at end of report description
[  649.431021][ T5359] cm6533_jd 0003:0D8C:0022.0036: parse failed
[  649.449658][ T5359] cm6533_jd 0003:0D8C:0022.0036: probe with driver cm6533_jd failed with error -22
[  650.159569][ T5359] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[  650.319047][ T5359] usb 5-1: Using ep0 maxpacket: 32
[  650.326568][ T5359] usb 5-1: config index 0 descriptor too short (expected 49410, got 36)
[  650.335328][ T5359] usb 5-1: config 12 has too many interfaces: 127, using maximum allowed: 32
[  650.344563][ T5359] usb 5-1: config 12 contains an unexpected descriptor of type 0x2, skipping
[  650.353869][ T5359] usb 5-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config
[  650.364564][ T5359] usb 5-1: config 12 has 0 interfaces, different from the descriptor's value: 127
[  650.375777][ T5359] usb 5-1: config index 1 descriptor too short (expected 49410, got 36)
[  650.384755][ T5359] usb 5-1: config 12 has too many interfaces: 127, using maximum allowed: 32
[  650.393861][ T5359] usb 5-1: config 12 contains an unexpected descriptor of type 0x2, skipping
[  650.403338][ T5359] usb 5-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config
[  650.416907][ T5359] usb 5-1: config 12 has 0 interfaces, different from the descriptor's value: 127
[  650.427899][ T5359] usb 5-1: config index 2 descriptor too short (expected 49410, got 36)
[  650.437002][ T5359] usb 5-1: config 12 has too many interfaces: 127, using maximum allowed: 32
[  650.446021][ T5359] usb 5-1: config 12 contains an unexpected descriptor of type 0x2, skipping
[  650.455807][ T5359] usb 5-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config
[  650.466670][ T5359] usb 5-1: config 12 has 0 interfaces, different from the descriptor's value: 127
[  650.477726][ T5359] usb 5-1: config index 3 descriptor too short (expected 49410, got 36)
[  650.486861][ T5359] usb 5-1: config 12 has too many interfaces: 127, using maximum allowed: 32
[  650.496569][ T5359] usb 5-1: config 12 contains an unexpected descriptor of type 0x2, skipping
[  650.506225][ T5359] usb 5-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config
[  650.516842][ T5359] usb 5-1: config 12 has 0 interfaces, different from the descriptor's value: 127
[  650.529035][ T5359] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice= 0.00
[  650.538471][ T5359] usb 5-1: New USB device strings: Mfr=16, Product=32, SerialNumber=9
[  650.547085][ T5359] usb 5-1: Product: syz
[  650.551582][ T5359] usb 5-1: Manufacturer: syz
[  650.556860][ T5359] usb 5-1: SerialNumber: syz
[  650.787721][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1827'.
[  650.799866][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1827'.
[  650.828021][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1827'.
[  650.844117][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1827'.
[  650.871284][T12392] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1825'.
[  651.037505][ T5755] usb 2-1: USB disconnect, device number 109
[  652.259049][ T5359] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[  652.419707][T12443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1847'.
[  652.430487][T12443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1847'.
[  652.441628][ T5359] usb 2-1: Using ep0 maxpacket: 16
[  652.449706][ T5359] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  652.462069][T12443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1847'.
[  652.468462][ T5359] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  652.473690][T12443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1847'.
[  652.486902][ T5359] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  652.505208][ T5359] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  652.515887][ T5359] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.542970][ T5359] usb 2-1: config 0 descriptor??
[  652.760804][T12428] netlink: 'syz.1.1841': attribute type 4 has an invalid length.
[  652.786604][ T5359] usbhid 2-1:0.0: can't add hid device: -71
[  652.798710][ T5359] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  652.823895][ T5359] usb 2-1: USB disconnect, device number 110
[  652.944502][ T5723] usb 5-1: USB disconnect, device number 104
[  653.131322][T12456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  653.176478][T12456] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  653.492204][T12468] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1855'.
[  653.838953][ T5723] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[  654.032786][ T5723] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  654.046059][ T5723] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  654.059459][ T5723] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  654.073945][ T5723] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.095808][ T5723] usb 5-1: config 0 descriptor??
[  654.524487][ T5723] cm6533_jd 0003:0D8C:0022.0037: unbalanced delimiter at end of report description
[  654.555540][ T5723] cm6533_jd 0003:0D8C:0022.0037: parse failed
[  654.575217][ T5723] cm6533_jd 0003:0D8C:0022.0037: probe with driver cm6533_jd failed with error -22
[  655.917884][T12491] FAULT_INJECTION: forcing a failure.
[  655.917884][T12491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  655.959535][T12491] CPU: 0 UID: 0 PID: 12491 Comm: syz.0.1862 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  655.959561][T12491] Tainted: [L]=SOFTLOCKUP
[  655.959566][T12491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  655.959574][T12491] Call Trace:
[  655.959579][T12491]  <TASK>
[  655.959585][T12491]  dump_stack_lvl+0xe8/0x150
[  655.959605][T12491]  should_fail_ex+0x412/0x560
[  655.959625][T12491]  _copy_from_user+0x2d/0xb0
[  655.959642][T12491]  input_event_from_user+0x100/0x290
[  655.959662][T12491]  ? __pfx_input_event_from_user+0x10/0x10
[  655.959681][T12491]  evdev_write+0x2c7/0x4c0
[  655.959698][T12491]  ? __lock_acquire+0x6b5/0x2cf0
[  655.959715][T12491]  ? __pfx_evdev_write+0x10/0x10
[  655.959734][T12491]  ? bpf_lsm_file_permission+0x9/0x20
[  655.959760][T12491]  ? security_file_permission+0x75/0x260
[  655.959783][T12491]  ? rw_verify_area+0x255/0x4d0
[  655.959810][T12491]  ? __pfx_evdev_write+0x10/0x10
[  655.959841][T12491]  vfs_write+0x29a/0xb90
[  655.959872][T12491]  ? __pfx_vfs_write+0x10/0x10
[  655.959890][T12491]  ? __fget_files+0x2a/0x420
[  655.959906][T12491]  ? __fget_files+0x2a/0x420
[  655.959920][T12491]  ? __fget_files+0x3a0/0x420
[  655.959933][T12491]  ? __fget_files+0x2a/0x420
[  655.959952][T12491]  ksys_write+0x150/0x270
[  655.959971][T12491]  ? __pfx_ksys_write+0x10/0x10
[  655.959993][T12491]  __do_fast_syscall_32+0x229/0x6e0
[  655.960010][T12491]  ? do_fast_syscall_32+0x33/0x70
[  655.960024][T12491]  ? lockdep_hardirqs_on+0x7a/0x110
[  655.960043][T12491]  ? asm_int80_emulation+0x1a/0x20
[  655.960062][T12491]  ? do_int80_emulation+0x286/0x530
[  655.960091][T12491]  do_fast_syscall_32+0x33/0x70
[  655.960118][T12491]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  655.960138][T12491] RIP: 0023:0xf701f01c
[  655.960151][T12491] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  655.960162][T12491] RSP: 002b:00000000f53ec50c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  655.960178][T12491] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  655.960187][T12491] RDX: 0000000000000918 RSI: 0000000000000000 RDI: 0000000000000000
[  655.960194][T12491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  655.960202][T12491] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  655.960209][T12491] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  655.960232][T12491]  </TASK>
[  656.351062][T12495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1863'.
[  656.404439][T12495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1863'.
[  656.449631][ T5359] usb 5-1: USB disconnect, device number 105
[  656.480497][T12496] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1863'.
[  656.500613][T12495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1863'.
[  656.766025][T12498] binder: 12497:12498 ioctl c018620c 800000c0 returned -22
[  656.891641][T12509] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1866'.
[  657.069168][T12510] 8021q: adding VLAN 0 to HW filter on device bond3
[  657.084978][T12510] bond2: (slave bond3): Enslaving as an active interface with an up link
[  657.104897][T12512] bond2 (unregistering): (slave bond3): Releasing backup interface
[  657.155854][T12512] bond2 (unregistering): Released all slaves
[  662.940730][T12571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  662.955849][T12571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  662.966812][T12571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  662.977597][T12573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1881'.
[  662.992340][T12573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1881'.
[  663.003192][T12571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  663.021484][T12573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1881'.
[  663.047655][T12573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1881'.
[  663.063945][T12576] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1885'.
[  663.073272][T12576] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  663.123320][T12576] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  663.827563][T12592] FAULT_INJECTION: forcing a failure.
[  663.827563][T12592] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  663.841262][T12592] CPU: 1 UID: 0 PID: 12592 Comm: syz.1.1890 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  663.841296][T12592] Tainted: [L]=SOFTLOCKUP
[  663.841304][T12592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  663.841316][T12592] Call Trace:
[  663.841326][T12592]  <TASK>
[  663.841335][T12592]  dump_stack_lvl+0xe8/0x150
[  663.841364][T12592]  should_fail_ex+0x412/0x560
[  663.841395][T12592]  prepare_alloc_pages+0x22a/0x650
[  663.841440][T12592]  __alloc_frozen_pages_noprof+0x12f/0x380
[  663.841475][T12592]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  663.841509][T12592]  ? __pfx_policy_nodemask+0x10/0x10
[  663.841536][T12592]  ? process_measurement+0x7ce/0x1c80
[  663.841576][T12592]  alloc_pages_mpol+0x235/0x490
[  663.841608][T12592]  alloc_pages_noprof+0xac/0x2a0
[  663.841641][T12592]  __pmd_alloc+0x3a/0x5c0
[  663.841670][T12592]  handle_mm_fault+0xe96/0x3170
[  663.841712][T12592]  ? handle_mm_fault+0xee/0x3170
[  663.841744][T12592]  ? __pfx_handle_mm_fault+0x10/0x10
[  663.841784][T12592]  ? __lock_acquire+0x6b5/0x2cf0
[  663.841813][T12592]  ? lock_mm_and_find_vma+0xa7/0x340
[  663.841844][T12592]  do_user_addr_fault+0x75b/0x1340
[  663.841884][T12592]  exc_page_fault+0x6a/0xc0
[  663.841910][T12592]  asm_exc_page_fault+0x26/0x30
[  663.841930][T12592] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  663.841966][T12592] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  663.841985][T12592] RSP: 0018:ffffc9000cc4f9d8 EFLAGS: 00050202
[  663.842005][T12592] RAX: 00007ffffffff001 RBX: 0000000000000050 RCX: 0000000000000050
[  663.842020][T12592] RDX: 0000000000000001 RSI: 0000000080000540 RDI: ffffc9000cc4fba0
[  663.842034][T12592] RBP: ffffc9000cc4fdc0 R08: ffffc9000cc4fbef R09: 1ffff92001989f7d
[  663.842049][T12592] R10: dffffc0000000000 R11: fffff52001989f7e R12: ffffc9000cc4fba0
[  663.842063][T12592] R13: f8f8f8f8f8f8f8f8 R14: ffffc9000cc4fba0 R15: 0000000080000540
[  663.842098][T12592]  _copy_from_user+0x7a/0xb0
[  663.842129][T12592]  do_ebt_set_ctl+0x452/0xf50
[  663.842159][T12592]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  663.842183][T12592]  ? ip4_datagram_release_cb+0xa2/0xbe0
[  663.842216][T12592]  ? ip4_datagram_release_cb+0x978/0xbe0
[  663.842249][T12592]  ? __mutex_trylock_common+0x158/0x260
[  663.842279][T12592]  ? __pfx___mutex_trylock_common+0x10/0x10
[  663.842325][T12592]  ? nf_setsockopt+0x221/0x290
[  663.842352][T12592]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  663.842376][T12592]  ? nf_setsockopt+0x3a/0x290
[  663.842394][T12592]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  663.842417][T12592]  ? __pfx___mutex_lock+0x10/0x10
[  663.842452][T12592]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  663.842477][T12592]  ? aa_sk_perm+0x6d5/0x900
[  663.842511][T12592]  ? __pfx_aa_sk_perm+0x10/0x10
[  663.842542][T12592]  nf_setsockopt+0x26f/0x290
[  663.842591][T12592]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  663.842616][T12592]  do_sock_setsockopt+0x17c/0x1b0
[  663.842647][T12592]  __ia32_sys_setsockopt+0x13d/0x1b0
[  663.842680][T12592]  __do_fast_syscall_32+0x229/0x6e0
[  663.842706][T12592]  ? do_fast_syscall_32+0x33/0x70
[  663.842732][T12592]  ? lockdep_hardirqs_on+0x7a/0x110
[  663.842756][T12592]  ? asm_int80_emulation+0x1a/0x20
[  663.842776][T12592]  ? do_int80_emulation+0x286/0x530
[  663.842800][T12592]  ? trace_irq_disable+0x3b/0x140
[  663.842833][T12592]  do_fast_syscall_32+0x33/0x70
[  663.842860][T12592]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  663.842885][T12592] RIP: 0023:0xf7fc801c
[  663.842904][T12592] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  663.842922][T12592] RSP: 002b:00000000f548650c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  663.842943][T12592] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  663.842957][T12592] RDX: 0000000000000081 RSI: 0000000080000540 RDI: 0000000000000060
[  663.842971][T12592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  663.842983][T12592] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  663.842994][T12592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  663.843025][T12592]  </TASK>
[  664.969010][ T5755] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[  665.129262][ T5755] usb 5-1: Using ep0 maxpacket: 8
[  665.141571][ T5755] usb 5-1: unable to get BOS descriptor or descriptor too short
[  665.156676][ T5755] usb 5-1: config 0 has an invalid interface number: 88 but max is 0
[  665.172433][ T5755] usb 5-1: config 0 has no interface number 0
[  665.183715][ T5755] usb 5-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  665.203705][ T5755] usb 5-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  665.221189][ T5755] usb 5-1: config 0 interface 88 has no altsetting 0
[  665.234803][ T5755] usb 5-1: language id specifier not provided by device, defaulting to English
[  665.257098][ T5755] usb 5-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  665.275134][ T5755] usb 5-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  665.290781][ T5755] usb 5-1: Product: syz
[  665.298079][ T5755] usb 5-1: SerialNumber: syz
[  665.313482][ T5755] usb 5-1: config 0 descriptor??
[  665.319087][ T5359] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[  665.490048][ T5359] usb 2-1: Using ep0 maxpacket: 16
[  665.499156][ T5359] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  665.514031][ T5359] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 96
[  665.525261][ T5359] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[  665.536681][ T5359] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  665.555698][ T5359] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  665.568819][ T5359] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  665.581688][ T5359] usb 2-1: SerialNumber: syz
[  665.597979][T12610] raw-gadget.6 gadget.1: fail, usb_ep_enable returned -22
[  665.618234][T12610] raw-gadget.6 gadget.1: fail, usb_ep_enable returned -22
[  665.635315][ T5359] hub 2-1:1.0: bad descriptor, ignoring hub
[  665.641670][ T5359] hub 2-1:1.0: probe with driver hub failed with error -5
[  665.837139][ T5359] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71
[  665.880103][ T5359] usb 2-1: USB disconnect, device number 111
[  666.195954][T12617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1900'.
[  666.206899][T12617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1900'.
[  666.217048][T12617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1900'.
[  666.227526][T12617] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1900'.
[  666.489056][  T993] usb 2-1: new full-speed USB device number 112 using dummy_hcd
[  666.650854][  T993] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  666.673495][  T993] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 96, setting to 64
[  666.685503][  T993] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  666.702818][  T993] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  666.714361][  T993] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  666.722725][  T993] usb 2-1: SerialNumber: syz
[  666.733802][T12610] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  666.744000][  T993] hub 2-1:1.0: bad descriptor, ignoring hub
[  666.752850][  T993] hub 2-1:1.0: probe with driver hub failed with error -5
[  666.956317][  T993] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71
[  666.991762][  T993] usb 2-1: USB disconnect, device number 112
[  667.055948][T12622] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  667.182648][T12624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  667.198393][T12624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  667.208250][T12624] netlink: 'syz.2.1903': attribute type 1 has an invalid length.
[  667.242313][T12624] 8021q: adding VLAN 0 to HW filter on device bond5
[  667.644138][ T5755] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.88/input/input65
[  667.685507][ T5755] usb 5-1: USB disconnect, device number 106
[  668.194752][T12653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1912'.
[  668.215333][T12653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1912'.
[  668.228157][T12653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1912'.
[  668.252609][T12653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1912'.
[  668.379053][ T5359] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[  668.567677][ T5359] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  668.609074][ T5359] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  668.652189][ T5359] usb 5-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  668.682302][ T5359] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.713615][ T5359] usb 5-1: config 0 descriptor??
[  669.416411][ T5359] hid-alps 0003:044E:120C.0038: unknown main item tag 0x0
[  669.452150][ T5359] hid-alps 0003:044E:120C.0038: unexpected long global item
[  669.489225][ T5359] hid-alps 0003:044E:120C.0038: parse failed
[  669.512590][ T5359] hid-alps 0003:044E:120C.0038: probe with driver hid-alps failed with error -22
[  669.576841][T12664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  669.616313][T12664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  669.811976][T12663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  669.852086][T12663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  671.114977][T12677] usb usb9: usbfs: interface 0 claimed by hub while 'syz.1.1920' resets device
[  671.413822][ T5359] usb 5-1: USB disconnect, device number 107
[  671.509293][  T993] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[  671.678879][  T993] usb 2-1: Using ep0 maxpacket: 32
[  671.696609][  T993] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  671.718258][  T993] usb 2-1: config 0 has no interface number 0
[  671.737597][  T993] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  671.754072][  T993] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  671.768147][  T993] usb 2-1: Product: syz
[  671.779096][  T993] usb 2-1: Manufacturer: syz
[  671.789972][  T993] usb 2-1: SerialNumber: syz
[  671.811768][  T993] usb 2-1: config 0 descriptor??
[  672.029426][T12687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1924'.
[  672.063663][T12687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1924'.
[  672.095259][T12687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1924'.
[  672.106598][T12687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1924'.
[  672.256340][  T993] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  672.268277][  T993] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  672.463557][T12696] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1927'.
[  672.478438][T12696] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1927'.
[  672.487768][T12679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  672.490345][T12679] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  672.535485][T12679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  672.545057][T12679] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  672.559684][T12679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  672.577271][T12679] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  672.587287][  T993] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  672.601394][  T993] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -32
[  672.842238][T12707] program syz.2.1930 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  673.483268][T12730] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  673.767100][T12738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  673.800998][T12738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  674.246177][T12738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  674.287270][T12738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  675.017027][T11817] usb 2-1: USB disconnect, device number 113
[  675.038910][T12752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1941'.
[  675.063378][T12752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1941'.
[  675.100634][T12752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1941'.
[  675.146150][T12752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1941'.
[  676.176745][T12766] netlink: 136 bytes leftover after parsing attributes in process `syz.4.1946'.
[  676.191639][T12766] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  676.396661][T12769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  676.429970][T12769] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  676.534145][T12771] syzkaller0: entered promiscuous mode
[  676.540737][T12771] syzkaller0: entered allmulticast mode
[  676.554061][T12771] 0: reclassify loop, rule prio 0, protocol 800
[  676.655586][T12776] input: syz1 as /devices/virtual/input/input66
[  676.797686][T12780] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1951'.
[  677.174841][T12795] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1955'.
[  677.190793][T12795] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1955'.
[  677.200841][T12795] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1955'.
[  677.212574][T12795] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1955'.
[  678.012649][T12807] syzkaller0: entered promiscuous mode
[  678.021540][T12807] syzkaller0: entered allmulticast mode
[  678.043311][T12807] 0: reclassify loop, rule prio 0, protocol 800
[  678.105030][T12809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  678.125497][T12809] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  678.472017][T12817] netlink: 'syz.4.1965': attribute type 13 has an invalid length.
[  680.652952][T12837] syzkaller0: entered promiscuous mode
[  680.658599][T12837] syzkaller0: entered allmulticast mode
[  680.670486][T12837] 0: reclassify loop, rule prio 0, protocol 800
[  681.318974][  T808] usb 5-1: new full-speed USB device number 108 using dummy_hcd
[  681.513189][  T808] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 576, setting to 64
[  681.593737][  T808] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  681.665371][  T808] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.753276][  T808] usb 5-1: Product: syz
[  681.763901][  T808] usb 5-1: Manufacturer: syz
[  681.776957][  T808] usb 5-1: SerialNumber: syz
[  681.803278][T12849] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  682.000764][T12861] FAULT_INJECTION: forcing a failure.
[  682.000764][T12861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.019904][T12861] CPU: 1 UID: 0 PID: 12861 Comm: syz.2.1981 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  682.019939][T12861] Tainted: [L]=SOFTLOCKUP
[  682.019946][T12861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  682.019963][T12861] Call Trace:
[  682.019972][T12861]  <TASK>
[  682.019980][T12861]  dump_stack_lvl+0xe8/0x150
[  682.020010][T12861]  should_fail_ex+0x412/0x560
[  682.020039][T12861]  _copy_to_user+0x31/0xb0
[  682.020070][T12861]  simple_read_from_buffer+0xe1/0x170
[  682.020099][T12861]  proc_fail_nth_read+0x1bb/0x230
[  682.020128][T12861]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  682.020152][T12861]  ? rw_verify_area+0x2a6/0x4d0
[  682.020175][T12861]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  682.020197][T12861]  vfs_read+0x20c/0xa70
[  682.020228][T12861]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  682.020254][T12861]  ? __pfx_vfs_read+0x10/0x10
[  682.020283][T12861]  ? do_sys_openat2+0x14c/0x200
[  682.020303][T12861]  ? kmem_cache_free+0x182/0x650
[  682.020337][T12861]  ? irqentry_exit+0x218/0x730
[  682.020368][T12861]  ksys_read+0x150/0x270
[  682.020406][T12861]  ? __pfx_ksys_read+0x10/0x10
[  682.020444][T12861]  do_int80_emulation+0x181/0x530
[  682.020469][T12861]  ? asm_int80_emulation+0x1a/0x20
[  682.020487][T12861]  ? clear_bhb_loop+0x40/0x90
[  682.020505][T12861]  ? clear_bhb_loop+0x40/0x90
[  682.020529][T12861]  asm_int80_emulation+0x1a/0x20
[  682.020549][T12861] RIP: 0023:0xf711616b
[  682.020567][T12861] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  682.020584][T12861] RSP: 002b:00000000f53cd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  682.020606][T12861] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53cd5d0
[  682.020621][T12861] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  682.020632][T12861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  682.020644][T12861] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  682.020656][T12861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  682.020684][T12861]  </TASK>
[  682.596756][T12871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  682.609486][T12871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  682.626937][T12872] __nla_validate_parse: 5 callbacks suppressed
[  682.626960][T12872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1983'.
[  682.646033][T12872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1983'.
[  682.662859][T12872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1983'.
[  682.673055][T12872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1983'.
[  683.260770][ T5723] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[  683.442734][ T5723] usb 2-1: Using ep0 maxpacket: 16
[  683.462295][ T5723] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  683.472482][ T5723] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  683.481735][ T5723] usb 2-1: Product: syz
[  683.486706][ T5723] usb 2-1: Manufacturer: syz
[  683.491807][ T5723] usb 2-1: SerialNumber: syz
[  683.497506][T12879] syzkaller0: entered promiscuous mode
[  683.503586][T12879] syzkaller0: entered allmulticast mode
[  683.515541][ T5723] usb 2-1: config 0 descriptor??
[  683.533750][T12879] 0: reclassify loop, rule prio 0, protocol 800
[  683.802541][T12886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  683.821855][T12886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  683.973242][ T5723] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  684.015398][ T5723] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  684.065851][ T5723] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  684.110389][ T5723] usb 2-1: media controller created
[  684.136769][  T808] usblp 5-1:1.0: usblp0: USB Bidirectional printer dev 108 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  684.163058][ T5723] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  684.178477][  T808] usb 5-1: USB disconnect, device number 108
[  684.210208][  T808] usblp0: removed
[  684.592177][ T5723] zl10353_read_register: readreg error (reg=127, ret==0)
[  684.620579][ T5723] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  684.639895][ T5723] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  684.665586][ T5723] usb 2-1: USB disconnect, device number 114
[  684.891772][ T5723] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  685.308583][T12909] program syz.1.1997 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  685.499536][T12912] syzkaller0: entered promiscuous mode
[  685.505387][T12912] syzkaller0: entered allmulticast mode
[  685.540031][T12912] 0: reclassify loop, rule prio 0, protocol 800
[  685.659107][T11817] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[  685.799846][T12914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.819905][T11817] usb 2-1: Using ep0 maxpacket: 16
[  685.853058][T11817] usb 2-1: unable to get BOS descriptor or descriptor too short
[  685.870863][T12914] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.894756][T11817] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  685.925371][T11817] usb 2-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[  685.948378][T11817] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  685.963443][T11817] usb 2-1: Product: syz
[  685.975615][T11817] usb 2-1: Manufacturer: syz
[  685.982048][T11817] usb 2-1: SerialNumber: syz
[  686.014456][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  686.021024][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  686.250774][T11817] usb 2-1: Audio class v2/v3 interfaces need an interface association
[  686.286579][T11817] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  686.735515][T12921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  686.753551][T12921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  687.501947][T11817] usb 2-1: USB disconnect, device number 115
[  687.545523][T12932] program syz.2.2005 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  688.197586][T12946] syzkaller0: entered promiscuous mode
[  688.226931][T12946] syzkaller0: entered allmulticast mode
[  688.265010][T12949] 0: reclassify loop, rule prio 0, protocol 800
[  688.549967][ T5755] usb 5-1: new full-speed USB device number 109 using dummy_hcd
[  688.712887][ T5755] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 39, changing to 4
[  688.737440][ T5755] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[  688.783966][ T5755] usb 5-1: config 0 interface 0 has no altsetting 0
[  688.806157][ T5755] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  688.816541][ T5755] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  688.828548][ T5755] usb 5-1: Product: syz
[  688.833963][ T5755] usb 5-1: Manufacturer: syz
[  688.839659][ T5755] usb 5-1: SerialNumber: syz
[  688.849575][ T5755] usb 5-1: config 0 descriptor??
[  688.862329][ T5755] usb 5-1: selecting invalid altsetting 0
[  689.125159][ T5755] usb 5-1: USB disconnect, device number 109
[  689.489527][T11817] usb 2-1: new high-speed USB device number 116 using dummy_hcd
[  689.654397][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  689.687536][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  689.713630][T11817] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  689.736260][T11817] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  689.766516][T11817] usb 2-1: config 0 descriptor??
[  690.230299][T11817] cm6533_jd 0003:0D8C:0022.0039: unbalanced delimiter at end of report description
[  690.264904][T11817] cm6533_jd 0003:0D8C:0022.0039: parse failed
[  690.277302][T11817] cm6533_jd 0003:0D8C:0022.0039: probe with driver cm6533_jd failed with error -22
[  692.346866][T12981] program syz.0.2020 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  692.732251][T12987] FAULT_INJECTION: forcing a failure.
[  692.732251][T12987] name failslab, interval 1, probability 0, space 0, times 0
[  692.748846][T12987] CPU: 0 UID: 0 PID: 12987 Comm: syz.2.2021 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  692.748880][T12987] Tainted: [L]=SOFTLOCKUP
[  692.748888][T12987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  692.748899][T12987] Call Trace:
[  692.748907][T12987]  <TASK>
[  692.748915][T12987]  dump_stack_lvl+0xe8/0x150
[  692.748943][T12987]  should_fail_ex+0x412/0x560
[  692.748971][T12987]  should_failslab+0xa8/0x100
[  692.748999][T12987]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  692.749024][T12987]  ? __alloc_skb+0x186/0x7d0
[  692.749044][T12987]  ? __alloc_skb+0x1d0/0x7d0
[  692.749062][T12987]  ? __local_bh_enable_ip+0xd0/0x130
[  692.749085][T12987]  __alloc_skb+0x1d0/0x7d0
[  692.749105][T12987]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  692.749134][T12987]  netlink_sendmsg+0x5d4/0xb40
[  692.749167][T12987]  ? __pfx_netlink_sendmsg+0x10/0x10
[  692.749193][T12987]  ? aa_sock_msg_perm+0xf1/0x1b0
[  692.749218][T12987]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  692.749244][T12987]  ____sys_sendmsg+0x972/0x9f0
[  692.749277][T12987]  ? __pfx_____sys_sendmsg+0x10/0x10
[  692.749304][T12987]  ? kstrtoull+0x12f/0x1d0
[  692.749333][T12987]  ___sys_sendmsg+0x2a5/0x360
[  692.749354][T12987]  ? __lock_acquire+0x6b5/0x2cf0
[  692.749386][T12987]  ? __pfx____sys_sendmsg+0x10/0x10
[  692.749411][T12987]  ? get_pid_task+0x20/0x1f0
[  692.749434][T12987]  ? get_pid_task+0x20/0x1f0
[  692.749455][T12987]  ? get_pid_task+0x20/0x1f0
[  692.749503][T12987]  ? __fget_files+0x2a/0x420
[  692.749523][T12987]  ? __fget_files+0x3a0/0x420
[  692.749554][T12987]  __sys_sendmsg+0x183/0x260
[  692.749580][T12987]  ? __pfx___sys_sendmsg+0x10/0x10
[  692.749625][T12987]  __do_fast_syscall_32+0x229/0x6e0
[  692.749650][T12987]  ? do_fast_syscall_32+0x33/0x70
[  692.749671][T12987]  ? lockdep_hardirqs_on+0x7a/0x110
[  692.749691][T12987]  ? asm_int80_emulation+0x1a/0x20
[  692.749709][T12987]  ? do_int80_emulation+0x286/0x530
[  692.749730][T12987]  ? trace_irq_disable+0x3b/0x140
[  692.749760][T12987]  do_fast_syscall_32+0x33/0x70
[  692.749782][T12987]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  692.749804][T12987] RIP: 0023:0xf6fdf01c
[  692.749823][T12987] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  692.749839][T12987] RSP: 002b:00000000f53cd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  692.749860][T12987] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  692.749873][T12987] RDX: 0000000024000800 RSI: 0000000000000000 RDI: 0000000000000000
[  692.749885][T12987] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  692.749895][T12987] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  692.749907][T12987] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  692.749935][T12987]  </TASK>
[  693.062517][T11817] usb 2-1: USB disconnect, device number 116
[  693.390260][T12996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  693.416895][T12996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  693.798935][T11817] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[  694.017199][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  694.039825][T11817] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  694.113789][T11817] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  694.134921][T11817] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.285817][T11817] usb 2-1: config 0 descriptor??
[  694.896920][T11817] hid-alps 0003:044E:120C.003A: unknown main item tag 0x0
[  694.941083][T11817] hid-alps 0003:044E:120C.003A: unexpected long global item
[  694.952738][T11817] hid-alps 0003:044E:120C.003A: parse failed
[  694.962539][T11817] hid-alps 0003:044E:120C.003A: probe with driver hid-alps failed with error -22
[  695.331648][T13003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  695.373020][T13003] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  697.243390][  T808] usb 2-1: USB disconnect, device number 117
[  698.778568][T13028] kvm: pic: non byte read
[  698.786650][T13028] kvm: pic: non byte read
[  698.794972][T13028] ALSA: mixer_oss: invalid OSS volume ''
[  698.818658][T13028] ALSA: mixer_oss: invalid OSS volume '��+]OؓOG��e��c���9
bx'�ĮC�'
[  698.830153][T13028] ALSA: mixer_oss: invalid OSS volume '_����*[bYcq�~l�r�<W�|3z�'
[  698.859244][T13028] ALSA: mixer_oss: invalid OSS volume '{۱H��J:'
[  698.865778][T13028] ALSA: mixer_oss: invalid OSS volume '����B}s��둥"f�0����^�C���'
[  698.900166][T13028] ALSA: mixer_oss: invalid OSS volume '�gR�y�
�'���G!���P'
[  698.928458][T13028] ALSA: mixer_oss: invalid OSS volume '��{�����ouD�1*ڦi&qrm���4_Xn�'
[  698.970631][T13028] ALSA: mixer_oss: invalid OSS volume '��/U~d�?"���:9S��'
[  699.000536][T13028] ALSA: mixer_oss: invalid OSS volume '(�8�'
[  699.027851][T13028] ALSA: mixer_oss: invalid OSS volume '���'�)�3lo�X��+iG�9SNW�����'
[  699.057848][T13028] ALSA: mixer_oss: invalid OSS volume '�%�X%����9WsE?%�7�3'
[  699.082468][T13028] ALSA: mixer_oss: invalid OSS volume '��J�i'
[  699.112023][T13028] ALSA: mixer_oss: invalid OSS volume '������Of����S��Җ��[s��x��'
[  699.138966][T13028] ALSA: mixer_oss: invalid OSS volume ':�:IJ�U����TTځA��"B^��Csb;`c'
[  699.170035][T13028] ALSA: mixer_oss: invalid OSS volume 'cۉ�<��S٪3n���F��/���Pf'
[  699.187218][T13028] ALSA: mixer_oss: invalid OSS volume '�9������h�Ĩ�y�����^�7��]�'
[  699.209051][T13028] ALSA: mixer_oss: invalid OSS volume '�?6�<���g�$/����uX���Ad�>=V'
[  699.221938][T13028] ALSA: mixer_oss: invalid OSS volume '+����Ϳ����nU<$��^EKʘ�r�+'
[  699.238943][T13028] ALSA: mixer_oss: invalid OSS volume '+8�iYJz���'
[  699.343440][T12988] Set syz1 is full, maxelem 65536 reached
[  700.561525][T13027] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  700.794789][T13032] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=271111 (542222 ns) > initial count (366 ns). Using initial count to start timer.
[  701.228898][T11817] usb 2-1: new high-speed USB device number 118 using dummy_hcd
[  701.441081][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  701.485527][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  701.551745][T11817] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  701.569511][T13045] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2034'.
[  701.578886][T11817] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.607255][T11817] usb 2-1: config 0 descriptor??
[  701.649397][T13047] netlink: 'syz.4.2034': attribute type 2 has an invalid length.
[  701.688417][T13045] 8021q: adding VLAN 0 to HW filter on device bond1
[  701.831648][T13045] bond1: (slave geneve3): Enslaving as an active interface with an up link
[  702.107747][T13056] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2037'.
[  702.109004][T11817] cm6533_jd 0003:0D8C:0022.003B: unbalanced delimiter at end of report description
[  702.151553][T11817] cm6533_jd 0003:0D8C:0022.003B: parse failed
[  702.172918][T11817] cm6533_jd 0003:0D8C:0022.003B: probe with driver cm6533_jd failed with error -22
[  702.278610][T13054] loop2: detected capacity change from 0 to 7
[  702.581966][T13054] Dev loop2: unable to read RDB block 7
[  702.644685][T13054]  loop2: AHDI p2 p3
[  702.654491][T13054] loop2: partition table partially beyond EOD, truncated
[  703.447832][ T4991] Dev loop2: unable to read RDB block 7
[  703.473092][ T4991]  loop2: AHDI p2 p3
[  703.477369][ T4991] loop2: partition table partially beyond EOD, truncated
[  703.942832][T13072] program syz.3.2038 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  704.144160][ T5723] usb 2-1: USB disconnect, device number 118
[  708.337483][T13097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  708.355621][T13097] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  708.407532][T13101] netlink: 'syz.1.2047': attribute type 1 has an invalid length.
[  708.454307][T13097] bridge0: left promiscuous mode
[  708.460019][T13097] bridge0: left allmulticast mode
[  708.468539][T13097] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  708.489250][T13101] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  710.180544][T13122] program syz.2.2050 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  710.508981][  T808] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[  710.716170][  T808] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  710.759774][  T808] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  710.801720][  T808] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  710.832896][  T808] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  710.892562][  T808] usb 5-1: config 0 descriptor??
[  711.404681][  T808] cm6533_jd 0003:0D8C:0022.003C: unbalanced delimiter at end of report description
[  711.455625][  T808] cm6533_jd 0003:0D8C:0022.003C: parse failed
[  711.464831][  T808] cm6533_jd 0003:0D8C:0022.003C: probe with driver cm6533_jd failed with error -22
[  713.072995][ T5764] usb 5-1: USB disconnect, device number 110
[  713.569058][ T5764] usb 5-1: new high-speed USB device number 111 using dummy_hcd
[  713.716797][ T6924] Bluetooth: hci4: command 0x0406 tx timeout
[  713.744828][ T5764] usb 5-1: Using ep0 maxpacket: 16
[  713.758994][ T5764] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  713.773861][ T5764] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  713.791687][ T5764] usb 5-1: config 0 has no interface number 0
[  713.801929][ T5764] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  713.811745][ T5764] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.820425][ T5764] usb 5-1: Product: syz
[  713.824923][ T5764] usb 5-1: Manufacturer: syz
[  713.846338][ T5764] usb 5-1: SerialNumber: syz
[  713.855067][ T5764] usb 5-1: config 0 descriptor??
[  714.088913][ T5764] uvcvideo 5-1:0.105: Found UVC 0.00 device syz (046d:08f3)
[  714.096781][ T5764] uvcvideo 5-1:0.105: No valid video chain found.
[  714.116336][ T5764] usb 5-1: USB disconnect, device number 111
[  715.113623][T13160] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  715.133015][T13160] syzkaller0: entered promiscuous mode
[  715.146012][T13160] syzkaller0: entered allmulticast mode
[  715.232679][T13160] FAULT_INJECTION: forcing a failure.
[  715.232679][T13160] name failslab, interval 1, probability 0, space 0, times 0
[  715.278083][T13160] CPU: 0 UID: 0 PID: 13160 Comm: syz.2.2060 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  715.278129][T13160] Tainted: [L]=SOFTLOCKUP
[  715.278137][T13160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  715.278150][T13160] Call Trace:
[  715.278159][T13160]  <TASK>
[  715.278168][T13160]  dump_stack_lvl+0xe8/0x150
[  715.278197][T13160]  should_fail_ex+0x412/0x560
[  715.278229][T13160]  should_failslab+0xa8/0x100
[  715.278262][T13160]  __kmalloc_noprof+0xe8/0x760
[  715.278291][T13160]  ? tomoyo_encode+0x28b/0x550
[  715.278325][T13160]  tomoyo_encode+0x28b/0x550
[  715.278358][T13160]  tomoyo_realpath_from_path+0x58d/0x5d0
[  715.278387][T13160]  ? tomoyo_domain+0xd7/0x130
[  715.278419][T13160]  ? tomoyo_path_number_perm+0x219/0x630
[  715.278444][T13160]  tomoyo_path_number_perm+0x246/0x630
[  715.278471][T13160]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  715.278495][T13160]  ? __lock_acquire+0x6b5/0x2cf0
[  715.278557][T13160]  ? __fget_files+0x2a/0x420
[  715.278587][T13160]  ? __fget_files+0x3a0/0x420
[  715.278610][T13160]  ? __fget_files+0x2a/0x420
[  715.278639][T13160]  security_file_ioctl_compat+0xc3/0x2a0
[  715.278663][T13160]  __ia32_compat_sys_ioctl+0x139/0x950
[  715.278696][T13160]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  715.278734][T13160]  ? __fget_files+0x3a0/0x420
[  715.278764][T13160]  ? fput+0xa0/0xd0
[  715.278787][T13160]  ? ksys_write+0x242/0x270
[  715.278827][T13160]  __do_fast_syscall_32+0x229/0x6e0
[  715.278854][T13160]  ? do_fast_syscall_32+0x33/0x70
[  715.278877][T13160]  ? lockdep_hardirqs_on+0x7a/0x110
[  715.278901][T13160]  ? asm_int80_emulation+0x1a/0x20
[  715.278921][T13160]  ? do_int80_emulation+0x286/0x530
[  715.278952][T13160]  do_fast_syscall_32+0x33/0x70
[  715.278979][T13160]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  715.279003][T13160] RIP: 0023:0xf6fdf01c
[  715.279023][T13160] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  715.279041][T13160] RSP: 002b:00000000f53cd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  715.279064][T13160] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000008922
[  715.279078][T13160] RDX: 0000000080002280 RSI: 0000000000000000 RDI: 0000000000000000
[  715.279090][T13160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  715.279111][T13160] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  715.279124][T13160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  715.279154][T13160]  </TASK>
[  715.582600][T13160] ERROR: Out of memory at tomoyo_realpath_from_path.
[  715.593926][T13160] tipc: Resetting bearer <eth:syzkaller0>
[  715.609022][T13159] tipc: Resetting bearer <eth:syzkaller0>
[  715.649916][T13171] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2063'.
[  715.689377][T13171] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2063'.
[  715.735616][T13176] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2064'.
[  715.798872][T13178] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2063'.
[  715.815849][T13159] tipc: Disabling bearer <eth:syzkaller0>
[  715.823514][T13171] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2063'.
[  716.582613][T13189] program syz.1.2067 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  717.188008][T13192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  717.208424][T13192] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  719.285757][T13213] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  722.075605][T13227] FAULT_INJECTION: forcing a failure.
[  722.075605][T13227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  722.092750][T13227] CPU: 0 UID: 0 PID: 13227 Comm: syz.2.2078 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  722.092783][T13227] Tainted: [L]=SOFTLOCKUP
[  722.092792][T13227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  722.092805][T13227] Call Trace:
[  722.092814][T13227]  <TASK>
[  722.092823][T13227]  dump_stack_lvl+0xe8/0x150
[  722.092853][T13227]  should_fail_ex+0x412/0x560
[  722.092885][T13227]  _copy_to_user+0x31/0xb0
[  722.092917][T13227]  simple_read_from_buffer+0xe1/0x170
[  722.092947][T13227]  proc_fail_nth_read+0x1bb/0x230
[  722.092977][T13227]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  722.093007][T13227]  ? rw_verify_area+0x2a6/0x4d0
[  722.093034][T13227]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  722.093063][T13227]  vfs_read+0x20c/0xa70
[  722.093095][T13227]  ? __pfx___mutex_lock+0x10/0x10
[  722.093123][T13227]  ? __pfx_vfs_read+0x10/0x10
[  722.093153][T13227]  ? __fget_files+0x2a/0x420
[  722.093180][T13227]  ? __fget_files+0x3a0/0x420
[  722.093202][T13227]  ? __fget_files+0x2a/0x420
[  722.093234][T13227]  ksys_read+0x150/0x270
[  722.093264][T13227]  ? __pfx_ksys_read+0x10/0x10
[  722.093295][T13227]  ? asm_int80_emulation+0x1a/0x20
[  722.093320][T13227]  do_int80_emulation+0x181/0x530
[  722.093353][T13227]  ? trace_irq_disable+0x3b/0x140
[  722.093380][T13227]  ? asm_int80_emulation+0x1a/0x20
[  722.093400][T13227]  ? clear_bhb_loop+0x40/0x90
[  722.093420][T13227]  ? clear_bhb_loop+0x40/0x90
[  722.093446][T13227]  asm_int80_emulation+0x1a/0x20
[  722.093466][T13227] RIP: 0023:0xf711616b
[  722.093485][T13227] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  722.093514][T13227] RSP: 002b:00000000f53cd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  722.093537][T13227] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53cd5d0
[  722.093552][T13227] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  722.093564][T13227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  722.093576][T13227] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  722.093587][T13227] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  722.093618][T13227]  </TASK>
[  722.104747][T13230] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2077'.
[  722.194863][T13229] input: syz1 as /devices/virtual/input/input67
[  722.236190][T13231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2077'.
[  722.296996][T13231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2077'.
[  722.370260][T13232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2077'.
[  722.450558][T13237] program syz.2.2080 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  722.987513][T13253] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=271111 (542222 ns) > initial count (366 ns). Using initial count to start timer.
[  723.009218][ T5723] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[  723.160192][ T5723] usb 5-1: Using ep0 maxpacket: 16
[  723.171266][ T5723] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  723.185056][ T5723] usb 5-1: config 0 has no interface number 0
[  723.197558][ T5723] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  723.218273][ T5723] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  723.244722][ T5723] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  723.274784][ T5723] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  723.311705][ T5723] usb 5-1: Product: syz
[  723.324876][ T5723] usb 5-1: SerialNumber: syz
[  723.349352][ T5723] usb 5-1: config 0 descriptor??
[  723.362362][ T5723] cm109 5-1:0.8: invalid payload size 0, expected 4
[  723.383438][ T5723] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input68
[  723.594095][T13245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  723.612399][T13245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  723.670714][T13245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  723.710579][T13245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  723.759000][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  723.768310][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  723.776022][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  723.783573][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  723.791258][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  723.798726][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  723.806253][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  723.812250][T11817] usb 5-1: USB disconnect, device number 112
[  723.813294][    C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  723.872179][T11817] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  724.184239][T13268] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.2091'.
[  724.195331][T13268] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2091'.
[  724.475742][T13275] sctp: [Deprecated]: syz.4.2094 (pid 13275) Use of int in max_burst socket option.
[  724.475742][T13275] Use struct sctp_assoc_value instead
[  724.694164][T13280] program syz.2.2096 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  724.773574][T13280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  724.787538][T13280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  724.860643][T13284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2097'.
[  724.885461][T13284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2097'.
[  724.911854][T13284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2097'.
[  724.931828][T13284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2097'.
[  725.124450][T13288] program syz.0.2098 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  725.807982][T13296] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=271111 (542222 ns) > initial count (366 ns). Using initial count to start timer.
[  726.099044][ T5359] usb 2-1: new high-speed USB device number 119 using dummy_hcd
[  726.390969][ T5359] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  726.432077][ T5359] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  726.495256][ T5359] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  726.532195][ T5359] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.614695][ T5359] usb 2-1: config 0 descriptor??
[  727.246855][ T5359] hid-alps 0003:044E:120C.003D: unknown main item tag 0x0
[  727.309034][ T5359] hid-alps 0003:044E:120C.003D: unexpected long global item
[  727.329451][ T5359] hid-alps 0003:044E:120C.003D: parse failed
[  727.342761][ T5359] hid-alps 0003:044E:120C.003D: probe with driver hid-alps failed with error -22
[  727.559182][T13312] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  727.613844][T13312] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  729.282265][ T5755] usb 2-1: USB disconnect, device number 119
[  729.303787][T13336] __nla_validate_parse: 2 callbacks suppressed
[  729.303803][T13336] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2110'.
[  729.384343][T13336] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2110'.
[  729.463840][T13339] FAULT_INJECTION: forcing a failure.
[  729.463840][T13339] name failslab, interval 1, probability 0, space 0, times 0
[  729.467291][T13338] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2110'.
[  729.515800][T13339] CPU: 1 UID: 0 PID: 13339 Comm: syz.1.2111 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  729.515830][T13339] Tainted: [L]=SOFTLOCKUP
[  729.515835][T13339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  729.515843][T13339] Call Trace:
[  729.515849][T13339]  <TASK>
[  729.515855][T13339]  dump_stack_lvl+0xe8/0x150
[  729.515875][T13339]  should_fail_ex+0x412/0x560
[  729.515895][T13339]  should_failslab+0xa8/0x100
[  729.515914][T13339]  ? __pmd_alloc+0xc1/0x5c0
[  729.515929][T13339]  kmem_cache_alloc_noprof+0x87/0x650
[  729.515950][T13339]  __pmd_alloc+0xc1/0x5c0
[  729.515967][T13339]  handle_mm_fault+0xe96/0x3170
[  729.515990][T13339]  ? handle_mm_fault+0xee/0x3170
[  729.516008][T13339]  ? __pfx_handle_mm_fault+0x10/0x10
[  729.516030][T13339]  ? __lock_acquire+0x6b5/0x2cf0
[  729.516046][T13339]  ? lock_mm_and_find_vma+0xa7/0x340
[  729.516065][T13339]  do_user_addr_fault+0x75b/0x1340
[  729.516087][T13339]  exc_page_fault+0x6a/0xc0
[  729.516107][T13339]  asm_exc_page_fault+0x26/0x30
[  729.516126][T13339] RIP: 0010:rep_movs_alternative+0xf/0x90
[  729.516145][T13339] Code: c4 10 e9 54 54 04 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e
[  729.516156][T13339] RSP: 0018:ffffc90013e87c78 EFLAGS: 00050202
[  729.516169][T13339] RAX: 00007ffffffff001 RBX: 0000000000000004 RCX: 0000000000000004
[  729.516178][T13339] RDX: 0000000000000001 RSI: 0000000080000140 RDI: ffffc90013e87d00
[  729.516186][T13339] RBP: ffffc90013e87e18 R08: 0000000000000003 R09: 0000000000000004
[  729.516194][T13339] R10: dffffc0000000000 R11: fffff520027d0fa0 R12: dffffc0000000000
[  729.516203][T13339] R13: 1ffff1100b32cb4b R14: ffffc90013e87d00 R15: 0000000080000140
[  729.516222][T13339]  _copy_from_user+0x7a/0xb0
[  729.516241][T13339]  rds_setsockopt+0x6e1/0xe00
[  729.516264][T13339]  ? __pfx_rds_setsockopt+0x10/0x10
[  729.516281][T13339]  ? aa_sk_perm+0x6d5/0x900
[  729.516295][T13339]  ? __pfx_vfs_write+0x10/0x10
[  729.516314][T13339]  ? kmem_cache_free+0x182/0x650
[  729.516331][T13339]  ? __pfx_aa_sk_perm+0x10/0x10
[  729.516347][T13339]  ? aa_sock_opt_perm+0xff/0x1a0
[  729.516366][T13339]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  729.516394][T13339]  ? __pfx_rds_setsockopt+0x10/0x10
[  729.516426][T13339]  do_sock_setsockopt+0x17c/0x1b0
[  729.516452][T13339]  __ia32_sys_setsockopt+0x13d/0x1b0
[  729.516470][T13339]  __do_fast_syscall_32+0x229/0x6e0
[  729.516486][T13339]  ? do_fast_syscall_32+0x33/0x70
[  729.516501][T13339]  ? lockdep_hardirqs_on+0x7a/0x110
[  729.516514][T13339]  ? asm_int80_emulation+0x1a/0x20
[  729.516526][T13339]  ? do_int80_emulation+0x286/0x530
[  729.516541][T13339]  ? trace_irq_disable+0x3b/0x140
[  729.516560][T13339]  do_fast_syscall_32+0x33/0x70
[  729.516576][T13339]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  729.516590][T13339] RIP: 0023:0xf7fc801c
[  729.516602][T13339] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  729.516612][T13339] RSP: 002b:00000000f548650c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  729.516625][T13339] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[  729.516633][T13339] RDX: 000000000000000a RSI: 0000000080000140 RDI: 0000000000000004
[  729.516641][T13339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  729.516648][T13339] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  729.516655][T13339] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  729.516673][T13339]  </TASK>
[  730.100674][T13336] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2110'.
[  730.381933][T13347] program syz.2.2114 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  730.650801][T13355] syzkaller0: entered promiscuous mode
[  730.657675][T13355] syzkaller0: entered allmulticast mode
[  732.418265][T13373] input: syz1 as /devices/virtual/input/input69
[  732.479183][T11817] usb 2-1: new high-speed USB device number 120 using dummy_hcd
[  732.682741][T11817] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  732.708405][T11817] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  732.792613][T11817] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  732.832954][T11817] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  732.868346][T11817] usb 2-1: config 0 descriptor??
[  733.531012][T13387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2127'.
[  733.563942][T13387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2127'.
[  733.577870][T13387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2127'.
[  733.589780][T11817] hid-alps 0003:044E:120C.003E: unknown main item tag 0x0
[  733.603498][T13386] syzkaller0: entered promiscuous mode
[  733.611046][T11817] hid-alps 0003:044E:120C.003E: unexpected long global item
[  733.620144][T13386] syzkaller0: entered allmulticast mode
[  733.626451][T11817] hid-alps 0003:044E:120C.003E: parse failed
[  733.634354][T13389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2127'.
[  733.647207][T11817] hid-alps 0003:044E:120C.003E: probe with driver hid-alps failed with error -22
[  733.838643][T13388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  733.870696][T13388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  733.952844][T13395] program syz.2.2129 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  733.993588][T13396] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2130'.
[  734.309839][T11817] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[  734.503134][T11817] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  734.521414][T11817] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  734.538380][T11817] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  734.556074][T11817] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  734.574953][T11817] usb 5-1: config 0 descriptor??
[  734.844834][T13402] program syz.0.2141 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  735.165784][T11817] cm6533_jd 0003:0D8C:0022.003F: unbalanced delimiter at end of report description
[  735.192784][T11817] cm6533_jd 0003:0D8C:0022.003F: parse failed
[  735.210704][T11817] cm6533_jd 0003:0D8C:0022.003F: probe with driver cm6533_jd failed with error -22
[  735.289576][   T30] INFO: task kworker/0:1:10 blocked for more than 143 seconds.
[  735.297586][   T30]       Tainted: G             L      syzkaller #0
[  735.315925][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  735.335400][   T30] task:kworker/0:1     state:D stack:22712 pid:10    tgid:10    ppid:2      task_flags:0x4288060 flags:0x00080000
[  735.357984][ T5755] usb 2-1: USB disconnect, device number 120
[  735.384622][   T30] Workqueue: usb_hub_wq hub_event
[  735.416355][   T30] Call Trace:
[  735.433644][   T30]  <TASK>
[  735.452193][   T30]  __schedule+0x17b4/0x5680
[  735.467792][   T30]  ? __pfx___schedule+0x10/0x10
[  735.484579][   T30]  ? schedule+0x90/0x360
[  735.492573][T13394] PM: Image not found (code -22)
[  735.499628][   T30]  schedule+0x164/0x360
[  735.509637][   T30]  schedule_timeout+0xc3/0x2c0
[  735.517407][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  735.527208][   T30]  ? do_raw_spin_lock+0x12b/0x2f0
[  735.536267][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  735.546354][   T30]  ? wait_for_completion+0x274/0x5e0
[  735.558573][   T30]  wait_for_completion+0x2cc/0x5e0
[  735.570883][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  735.576715][   T30]  i2c_del_adapter+0x5c0/0x790
[  735.582858][   T30]  ? __pfx_i2c_del_adapter+0x10/0x10
[  735.590548][   T30]  ? kfree+0x4d/0x640
[  735.594868][   T30]  dvb_usb_i2c_exit+0x64/0xb0
[  735.602561][   T30]  dvb_usb_device_exit+0x1cb/0x360
[  735.610251][   T30]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  735.617306][   T30]  ? usb_disable_interface+0x31d/0x350
[  735.624711][   T30]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  735.633248][   T30]  usb_unbind_interface+0x26e/0x910
[  735.676602][   T30]  ? kernfs_remove_by_name_ns+0x101/0x140
[  735.702021][   T30]  ? __pfx_usb_unbind_interface+0x10/0x10
[  735.714344][   T30]  device_release_driver_internal+0x4d9/0x870
[  735.728040][   T30]  bus_remove_device+0x455/0x570
[  735.737770][   T30]  ? __pfx_bus_remove_device+0x10/0x10
[  735.748421][   T30]  ? kernfs_remove_by_name_ns+0x101/0x140
[  735.759990][   T30]  device_del+0x527/0x8f0
[  735.767685][   T30]  ? __pfx_device_del+0x10/0x10
[  735.778245][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  735.785554][   T30]  usb_disable_device+0x3d4/0x8d0
[  735.794508][   T30]  usb_disconnect+0x32f/0x990
[  735.801588][   T30]  hub_event+0x1cc9/0x4f30
[  735.809955][   T30]  ? __pfx_hub_event+0x10/0x10
[  735.816755][   T30]  ? process_scheduled_works+0xa70/0x1860
[  735.827200][   T30]  ? process_scheduled_works+0xa70/0x1860
[  735.833600][   T30]  ? process_scheduled_works+0xa70/0x1860
[  735.839881][   T30]  process_scheduled_works+0xb5d/0x1860
[  735.845506][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  735.853613][   T30]  ? assign_work+0x3d5/0x5e0
[  735.859417][   T30]  worker_thread+0xa53/0xfc0
[  735.864292][   T30]  kthread+0x388/0x470
[  735.868420][   T30]  ? __pfx_worker_thread+0x10/0x10
[  735.874409][   T30]  ? __pfx_kthread+0x10/0x10
[  735.881003][   T30]  ret_from_fork+0x514/0xb70
[  735.885739][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  735.892304][   T30]  ? __switch_to+0xc79/0x1410
[  735.897245][   T30]  ? __pfx_kthread+0x10/0x10
[  735.903273][   T30]  ret_from_fork_asm+0x1a/0x30
[  735.908251][   T30]  </TASK>
[  735.918078][   T30] 
[  735.918078][   T30] Showing all locks held in the system:
[  735.955659][   T30] 5 locks held by kworker/0:1/10:
[  735.973424][   T30]  #0: ffff888021afed40 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  735.994134][   T30]  #1: ffffc900000f7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  736.012559][   T30]  #2: ffff88802adf51d8 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30
[  736.028237][   T30]  #3: ffff8880266b01d8 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x990
[  736.043453][   T30]  #4: ffff88807a4a71a0 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x870
[  736.060781][   T30] 1 lock held by khungtaskd/30:
[  736.070093][   T30]  #0: ffffffff8e95cd60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  736.090365][   T30] 2 locks held by getty/5378:
[  736.101855][   T30]  #0: ffff8880319700a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  736.122797][   T30]  #1: ffffc9000322b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13a0
[  736.144570][   T30] 1 lock held by syz-executor/5611:
[  736.158871][   T30] 1 lock held by syz.2.2131/13403:
[  736.167390][   T30] 
[  736.174011][   T30] =============================================
[  736.174011][   T30] 
[  736.193779][   T30] NMI backtrace for cpu 0
[  736.193805][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.193823][   T30] Tainted: [L]=SOFTLOCKUP
[  736.193828][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  736.193836][   T30] Call Trace:
[  736.193842][   T30]  <TASK>
[  736.193848][   T30]  dump_stack_lvl+0xe8/0x150
[  736.193868][   T30]  nmi_cpu_backtrace+0x274/0x2d0
[  736.193887][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  736.193902][   T30]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  736.193921][   T30]  sys_info+0x135/0x170
[  736.193938][   T30]  watchdog+0xfd3/0x1030
[  736.193959][   T30]  ? watchdog+0x1c9/0x1030
[  736.193990][   T30]  kthread+0x388/0x470
[  736.194017][   T30]  ? __pfx_watchdog+0x10/0x10
[  736.194042][   T30]  ? __pfx_kthread+0x10/0x10
[  736.194068][   T30]  ret_from_fork+0x514/0xb70
[  736.194094][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  736.194124][   T30]  ? __switch_to+0xc79/0x1410
[  736.194157][   T30]  ? __pfx_kthread+0x10/0x10
[  736.194184][   T30]  ret_from_fork_asm+0x1a/0x30
[  736.194224][   T30]  </TASK>
[  736.194233][   T30] Sending NMI from CPU 0 to CPUs 1:
[  736.312151][    C1] NMI backtrace for cpu 1
[  736.312174][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.312197][    C1] Tainted: [L]=SOFTLOCKUP
[  736.312204][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  736.312214][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  736.312240][    C1] Code: 2b 7e 02 e9 93 f6 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 51 21 00 fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
[  736.312254][    C1] RSP: 0018:ffffc90000197e20 EFLAGS: 00000246
[  736.312271][    C1] RAX: 0000000000e6ebc3 RBX: ffffffff819a815a RCX: 0000000080000001
[  736.312284][    C1] RDX: 0000000000000001 RSI: ffffffff8dfa4f23 RDI: ffffffff8c28abe0
[  736.312296][    C1] RBP: ffffc90000197f10 R08: ffff8880b87339db R09: 1ffff110170e673b
[  736.312308][    C1] R10: dffffc0000000000 R11: ffffed10170e673c R12: 0000000000000001
[  736.312320][    C1] R13: 1ffff11003b5b000 R14: 0000000000000001 R15: 1ffff11003b5b000
[  736.312332][    C1] FS:  0000000000000000(0000) GS:ffff888125390000(0000) knlGS:0000000000000000
[  736.312346][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  736.312358][    C1] CR2: 0000000034600ff8 CR3: 00000000744e2000 CR4: 00000000003526f0
[  736.312383][    C1] Call Trace:
[  736.312392][    C1]  <TASK>
[  736.312399][    C1]  default_idle+0x9/0x20
[  736.312421][    C1]  default_idle_call+0x72/0xb0
[  736.312444][    C1]  do_idle+0x36a/0x5f0
[  736.312466][    C1]  ? __pfx_do_idle+0x10/0x10
[  736.312488][    C1]  cpu_startup_entry+0x43/0x60
[  736.312507][    C1]  start_secondary+0x101/0x110
[  736.312523][    C1]  common_startup_64+0x13e/0x147
[  736.312551][    C1]  </TASK>
[  736.554046][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  736.560967][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.571682][   T30] Tainted: [L]=SOFTLOCKUP
[  736.576047][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  736.586221][   T30] Call Trace:
[  736.589503][   T30]  <TASK>
[  736.592449][   T30]  vpanic+0x56c/0xa60
[  736.596430][   T30]  ? __pfx___schedule+0x10/0x10
[  736.601284][   T30]  ? __pfx_vpanic+0x10/0x10
[  736.605802][   T30]  ? nmi_trigger_cpumask_backtrace+0x1f4/0x300
[  736.611964][   T30]  panic+0xc5/0xd0
[  736.615685][   T30]  ? __pfx_panic+0x10/0x10
[  736.620385][   T30]  ? preempt_schedule_thunk+0x16/0x30
[  736.625758][   T30]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  736.631914][   T30]  watchdog+0x102c/0x1030
[  736.636257][   T30]  ? watchdog+0x1c9/0x1030
[  736.640686][   T30]  kthread+0x388/0x470
[  736.644791][   T30]  ? __pfx_watchdog+0x10/0x10
[  736.649495][   T30]  ? __pfx_kthread+0x10/0x10
[  736.654098][   T30]  ret_from_fork+0x514/0xb70
[  736.658699][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  736.663826][   T30]  ? __switch_to+0xc79/0x1410
[  736.668518][   T30]  ? __pfx_kthread+0x10/0x10
[  736.673161][   T30]  ret_from_fork_asm+0x1a/0x30
[  736.677967][   T30]  </TASK>
[  736.681303][   T30] Kernel Offset: disabled
[  736.685651][   T30] Rebooting in 86400 seconds..