last executing test programs:

7m56.117816704s ago: executing program 0 (id=144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000240), 0xa7c, r0}, 0x38)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000440)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c)
ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000180)={0x50, 0x0, r3, {0x7, 0x29, 0x1000, 0xffffffff85000014, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}}, 0x50)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r2, &(0x7f00000067c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
getdents(r4, &(0x7f0000000700)=""/90, 0x5a)

7m54.880580348s ago: executing program 0 (id=148):
ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0xc, 0x3000, 0x7, 0x84800, <r0=>0xffffffffffffffff})
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000040)={0x0, 0x0, 0x1, [0x3, 0x3, 0x4, 0x3ff, 0x7], [0x47, 0x0, 0x8, 0xd, 0x7fffffffffffffff, 0x8cae, 0x8000, 0x100000001, 0x100000000, 0x276, 0xb, 0x60, 0x8, 0x6, 0x2, 0x10001, 0x5, 0x0, 0x7, 0x2, 0x80000001, 0x60, 0x1, 0x87a, 0x2, 0xfffffffffffffffc, 0x8, 0x6, 0x6, 0x396, 0x929e, 0x7fffffffffffffff, 0x7, 0x2, 0x4ced, 0x9, 0xd, 0x2, 0x4f, 0xfffffffffffffff4, 0x9e, 0x8, 0x4, 0x5, 0x4, 0x0, 0xfffffffffffffff9, 0x276b, 0x5, 0x5, 0x6, 0xffffffff, 0x3, 0x198, 0x9, 0x0, 0x800, 0x3, 0x0, 0xfff, 0x2, 0xff, 0x1000, 0x1000, 0x2, 0xb8, 0xffffffffffffffff, 0x7, 0x2, 0x200, 0x80000000, 0x2, 0x8, 0xef, 0x3, 0x9ab, 0x4, 0x2, 0x1, 0x1, 0xdfc6, 0x8, 0x0, 0x100, 0xa, 0x4, 0xa2, 0x492, 0x4, 0x82d, 0x8, 0x8001, 0x2, 0x10, 0x100000001, 0x401, 0xe603, 0x4, 0x5, 0x8000000000000000, 0x80000000, 0x6, 0xf4, 0x4, 0x7ff, 0x1, 0x6, 0xffffffffffffffff, 0x1, 0x921c, 0xa, 0x59, 0x4, 0xb181, 0x81, 0x101, 0x3, 0x1, 0x200, 0x2, 0x8]}) (async)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000040)={0x0, 0x0, 0x1, [0x3, 0x3, 0x4, 0x3ff, 0x7], [0x47, 0x0, 0x8, 0xd, 0x7fffffffffffffff, 0x8cae, 0x8000, 0x100000001, 0x100000000, 0x276, 0xb, 0x60, 0x8, 0x6, 0x2, 0x10001, 0x5, 0x0, 0x7, 0x2, 0x80000001, 0x60, 0x1, 0x87a, 0x2, 0xfffffffffffffffc, 0x8, 0x6, 0x6, 0x396, 0x929e, 0x7fffffffffffffff, 0x7, 0x2, 0x4ced, 0x9, 0xd, 0x2, 0x4f, 0xfffffffffffffff4, 0x9e, 0x8, 0x4, 0x5, 0x4, 0x0, 0xfffffffffffffff9, 0x276b, 0x5, 0x5, 0x6, 0xffffffff, 0x3, 0x198, 0x9, 0x0, 0x800, 0x3, 0x0, 0xfff, 0x2, 0xff, 0x1000, 0x1000, 0x2, 0xb8, 0xffffffffffffffff, 0x7, 0x2, 0x200, 0x80000000, 0x2, 0x8, 0xef, 0x3, 0x9ab, 0x4, 0x2, 0x1, 0x1, 0xdfc6, 0x8, 0x0, 0x100, 0xa, 0x4, 0xa2, 0x492, 0x4, 0x82d, 0x8, 0x8001, 0x2, 0x10, 0x100000001, 0x401, 0xe603, 0x4, 0x5, 0x8000000000000000, 0x80000000, 0x6, 0xf4, 0x4, 0x7ff, 0x1, 0x6, 0xffffffffffffffff, 0x1, 0x921c, 0xa, 0x59, 0x4, 0xb181, 0x81, 0x101, 0x3, 0x1, 0x200, 0x2, 0x8]})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000480)={{0x1, 0x1, 0x18, <r1=>r0, {0x8000}}, './file0\x00'})
sendmsg$nl_route(r1, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@getneightbl={0x14, 0x42, 0x400, 0x70bd26, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040040}, 0x4044090) (async)
sendmsg$nl_route(r1, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@getneightbl={0x14, 0x42, 0x400, 0x70bd26, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040040}, 0x4044090)
write$binfmt_elf32(r1, &(0x7f00000005c0)={{0x7f, 0x45, 0x4c, 0x46, 0xe, 0xff, 0xc, 0x40, 0x0, 0x4, 0x3e, 0xfffffbff, 0x2dc, 0x34, 0x12a, 0xa, 0x5, 0x20, 0x2, 0x80, 0x8, 0x1}, [{0x70000000, 0xffff8000, 0x8, 0xf396, 0x81, 0xffffffff, 0xfffffffe, 0x7fff}, {0x1, 0x8, 0x8, 0xf0000000, 0x5, 0x54b, 0x7, 0x1}], "6587de3ebc2235fde524fd9f1dec5e4a2dfba7656c0618f5d040eb8c50f54d0a0d8d2da544fb17559ca5cacbe8c5ede277414ca790db57aaf0ab373069ad41f033c3494ca3deb21d016790010fbdf78dc65ffc27865797ca6dec1821095d59fdc60b90c24092cf85637caceabab1240756fd1f2c1d7e01ea8eeb7d3175a5c521799200de863d57b75890a0bc512e24618bc80265f3eb7966a81df6492bf70b9a54a83558d177e5375946f3f6dd3828c5dbd0b65c32171e18b4a89c48e783c499febed67f6c355ef8e82fbe8fa2a3ad1797b31008a064244be84c15d49713ac8048be3fe0a275f1ab521c1fa4c107cb654d3efd7e2228638fd731d20ec841a7dcb9edf2e8772b6866bed913fbf67fb7ea3059aa4f88c12384af72031e217038b5a9d797e0c2cb751b21d2a6948f6a5956fe369a44748e069379517b1b09803fa0e02087276360baa24d6bcec847b2204207c87a92ca0b5600883eb69a2651025dad790dbba9d8106a510482e432c84abce8a4e8a26dbe54343840acabda39126efffef18abc7962c6d7850357eaef5ee420723b8c275c767db641dd753dd6bd8a382dc50de602812af543e86f311697f906236f4a381a5870c29069e6cfeba443fe264250e8eeaa779d6b079aec369934c99d86f7f00ce17d2c397fbf92b4b759bb279df0e8059543e9b7b732264cf0429ef589d4c6790126f24a4a10d5d6163ae03c211c94cf30dfb1625e2fb71e370a43706c4a6530ab50fa448131f0b2861735c254c9e2086dbe19987c109f8a3416bf8554bbaf265b09bd165f283de65eb33240cb00111a8b51ba756d5f0dd267930d2498457c3bbfef386d40528b226985c9e60636b4ff093b2486ddd387849b2f5854de79c2c1cde0ab3c90d3da80d3584a15492d9e8513f1da020b9571c71b89af4ba68166142452710fb56c042cdf91a76abedf6ada7a77e54643ed33356383e935554b657dcdef170d65f1cd8a135d0596e6b0dd08a0bbec6e7b2398f4f2fb401e5260ceead938631a9c7d3fb15712c7ca7b0c3448c4390ecdf5d0edb7154321be8d90dc616c3d60df00e32932e745ead34e5a4bacb05b6ce6412849fe9bf10a97985434b3e8e4884dab45b37bb735c819efd880c328947fb8d423d49ec91dca45cbf42d0654560a2f6d14234c0b7dd4ff65f730a1d2ad26dcba2030084cacf230bfee2975aa62838c8336a1b5af2180ff0c0f70e5a27dc94c6936d1430d99df74358ff8d884b8ae27a4ff43c03a4407f034a04537dcefb251d01f3e34d6d18ee45abebba5188c42551e1516b068fba9377309e220b672bd40d7fc1f256ee65a21fc89eac1da02b69be0693e359211fcf7f1fe2475e81ef399f198b91746fc01ee39546e313cd8fb991a555daa63f1fa31a90fda30b0b0bd6672876c9d9578840256a369abc57a7aec4233a6aa414d70e7cc73935d8c6180484f31fac12ced695a1e8675a31c73ebd6cd1013ed419a174de78143de2a854f90e8977c4cb081d24e11e0e5614054cdff7767d78bf885456735b3fac24a3d0dc2629461148ea9725ed32c7032c7c5f871ed8ff646432de8144c53be59555bc5e2bc3b54d8bff292ed49713f1c369dc24a7d5ae9585a425c343d179866969d512a37448a78d6f9ca5cabe4c7a0419a05127a0d069de709125ae56cd847f6d301b0b52be87d437520427cf045a20feedffe92631f88ab38cc6158b089f3fdff88936e68eed965eb65da70b3bff256945a836dcc188d6f91124b1bd8d9812316db072e8b1d7833123da0b31023fe8322c073d277b34c2f3de243e1c17de323aac1bdd975680a2d2b83c63331f1604ca36ee63a1cbb0e1e3184500afb8f155f09e166fa650506e882b96aaeb56b1c178d9feb0e2848d45e774c4e5b4528aa9a4f22c3d0641feccf1a43d3f811156600aa1d0da68bc64959797dc1b91ed9218d34ab3999378d92374dc481688006a63ddea970286fb70c0d880c81c5ca3568b0b655966d51f8b376248828296b1eecbca1cdbe3f5b9095f6abf83053dc85994d6777bf32aa165349da39d2480ee183a9795f85e656e0979fc4742c52edd5e81fd93a483464a62d228aac01f151880dabab262d93b228281e6cdc9a7bb5ea9ce109e62aa3ab00ef5ffe756c0ad77df10d666bf91d443c8674dd49b1aa9630da7040629870f29c21328a5edfcccc8258e6d945a22717abfa1b2a2274c457a6da7e403d607ef434020a201fbda4782dcbed5ba3fcbc570f68f8e3b4637a88e61ccdd5f412727bc6de4ce379a2f1c5f1ee25153b65f6770f613a3f010f468b6fa1c881f36c3fa04df337c2d39c482ec1f694790a784aad25cf2c4f9bab02ac5f312b8c6e9207a4bc678ee0d61e62ab2b75bd7eb5cdfe45ddf138bc8cbedb232e682aca642f53a06f1f3f690acb5cc40e4d5e46d8644f29f0598031ee8626066837df6e5c1cc03b2ea08a31b1be9e91090c85e123b8a31ebc01707ebee91989b71fabfcd65e711d2bff21e8c8877e42562c36e61b6038aa49e8f872585bd8e31e74c50e16212505c27ffb941fc6a1f03840c9503ff4fb907a4859ffecb79055bf7f576f6db40a15f110e681049327844afc6ed8c4aa2d9681a3931d6c3b967dfa51e2c863d187dad0437a358468739e876a3e8d48c78926c7f61b2f265b646fa81498e6d315da5e813c8cbd05354038ecbc4536672d88faae6b24bb13de98d74321ff76e005dd4fb30e52e6ba49616dc976bfcb787dba50781bdeda2f32648a55c6c5df4186311d31ac0b7b8f84d0f08a2e1347d80abb1ae9c998bd2ac3ea35e59c81097f729cddbc28a744b256072dada61588df848c77473c2897b37788d3fabac2da78900a9cd13325f8a6e755387674c178bb15ba02b321aa1a181c6304dba493ada64e0b4ffd92c23244a16aba66c8ee2594fd77069c614470c171b377d8581904997458a2bd9dd30601de0818636b2b7e9c0067323e107cc21b804912202c06550368562d86e0a2098a7612136f07b74ec28016c4604521c4e62efea478f7aba026b8b92647fa807a0ef227e6c78fedde88fb2c85599d66af32ca8ce7126afc8297e621bdfdb98c4479b757c5a2317ca2729c5cedb7acf1064934d14889964bb3ddebf8802ec5fe587d20f755797adc014438fe417e6cec0d8ad6103f9252af06b317ab080d208c6c5972f2ac2b7a168b82ca20c1ade97743efb503675fd833841be62848dfd61dffb51522b349b73878a877d6e88d09efb1b6820b83a0a13e25a80eb62921f38ab5e675e0725139ea6c12f677fca97ec4b0b96ba8d2f245364a415439a5a72792f52e6003bd835d3a3dbc3c9215a32d1c92f01a67c0380e6701dc0e1e92315ff945499ac29f3f571321b53b129f167e52fb65625930873416ce6fe886d9445bda408a871f37e54148ea942149346ea1f96d329e48e7661ffe5a9392101e963f1e6b425a4ed7e48143c12dc47da36090d7f87f0f34511685fadf74fa762d3032e1756ebdd258b2c824947a6711bf7749f425b4e18fa0691161af161f96807e0b2af242cb0efcfbd78917333c125a7432dc9f4bf24935cd2bf0f6905f19d4cfffcf318c5122ccdd1ea4ab01d536a163beb14c3119a0787a0f967affda94079499847e36867395b2b3e8162f63299ff3bab0b478d0abc60ed3436adfaed4342450c27707c098567907ce16cececc80e2cfbe456cb633fe774538b2cec6d86348c925c37a4552de34f98723179711d2b3dc7a1262ad9f9e43d305b96fc08b1032d8b1979dcf1dbff87559aacce6ef223b88cc9bb23efef78fff45e15eedc306d141a7fa4b3ab7ab52919d9b5bfac54f2e12013aeb8b6d6f03ead6462984f20383039a616f9223a459ced3bd608bbfd77351f6c7a46d614a505d684a4d338d58baf7c40318dcc8573057f0e9ab43a5ef1de4ba5cbdcfb22166f85a20fd55f90f1301765556a2b7ec6749ce6392ed4dd180c10619665e99ac6329d28296f956656662162f6c296e19f35610dbb2fd1b137481a60f5446c606e862ba9c2edb6c36c07f270a266a7cd740245fc534ff70811d9b94b22c0a27f72fac8be9fcf616ab57ffce735b8f6a7db5b0bee02aa4ae656c387bdc4585c9f37f721f2f32cec033c53e916087421ff1d82e3f17b0e7bc348ef6896a0245a20f052fc09bff058c964acd7dfafcb6fb8255ca3c011df0026733edd39715b3fbf0baba937aaa7a8cf7af27584bd4ae2aacc6160c8c823c230882d6feffc4c9c2abd96f9d42a5e66403324d92814fc3a5468c9948fd6c9668fbfab365f6a261c42f772eb2837cbc613b2f3c50fcb70ba696a3a9b987e57af85aa0ebfaf6658bf3ce716129435e091b7d03613675d638b74b7587bd4de9a8b9cdaf5b88cb11fccad82b540626fa487d991e9e74e9da6342c2dd7179eed84035e1689c1f72fc70a04a03311bef254ed34081eccd20034fd60516d3588dbf33977a69084b008dfb07e48c4b2abdbabeab43fef1b7b163b91b7ba768894f935b6eb4ee76f20a3133092ec41c981fc6851be185516d912b9a9c1b17d3458e69cb866e650813eab130b573c88e7d0ac8f5544b3059b14ddd68912fea41ddab11bb4c40d32939baf9734d6e7fccd07b4d0d4c56e1336d9bcee188bb21331a692994089f8bfee945c04eba3546d17aa6eb309c393da2aeb0315a0c16c014ca0d7d420b904e31763c87247baa817af0e20bd77d7c5d3a4c6989892f4d9d451e89cf1de08fcffa29dae2388308a9ddd20a81760174c5735ea0a8d954fa2f1b3eb1699f389a7ed8fb31b88d85a9ba37927643d14f49e2dff27615b45c0793d294addd721f53018705337f9cfc3a2ee955ef871698fedd8037b82afc15fa3a9c27dcbad6d21fc5a5000cf829bf03dd6104b82aff912e3415801975ae0a495323e1cc1e3607387d19039a9b5392cbc8a3bd42858076dd6d347c6f791bad6a23866fa7ae775bc083ac35f7d3a65b11a209700f79d2ef127e658ac1fd1964259cbfe481630a41db4d6b9e6fe171f08eebe1ce196eb52b526d09f9e5fcbcd010ff82d39897ee98cf27113ac3632c4ac6d1548f75880a39bab8a67d4bebb2d042c08d07721e2fe0ff525b3910324c3409bd3a88c46f332013dc617c789d887e0fa1f1db3fa0e972fb272a6a01016c08cb29e19eba6dcbdb67d6ced5b23c5f24285374bf77f03c2cef34dcd657010983ce69bd15f3b7f9f022b537fcdc6c36e871c2eb363e9741e34759654b49b4f4d4404f41c32125386ff0be398edb6f3aeb9d75574fdcf85fe0facb53887d8a15f80e7b6e13071af27688254a3a06e97259a89e20307c751cfbdfe6b835096b81003ab64d442a655abb59b23b5d99b0ee2202792c59046ae886dd887170bcf40647294134deaa067febc62cbbfcc90a7d8d0762307038e5f424905b81f4aa15b12f989f7c8c9c8eeb39c929d95f172bf55c3408ae00a131d54a0ce3f16176bf38214f0e910954806b85c133bff708f2bb07563cd7a3b15878d3ac12c6a73cc758bdc4e11c98c66f3c23af9ed5db9b5b0e83c9dff4ef1cfc785b29994d0b5dd6b809a5a34357ca4f6db8892a80455fe0315621138746e4109888bf1dde12df14ef3f924f94f6b8b498b5a9bab806f32208ef045b8df22dc15ed2edc9b96a4668f5e4a6d407cd93ae48a8c3dabdc99d31e71d8ce00f1cf17a3a46780f2b7eb9a3e5ad8792f40fb7920d1ad95f1e715f05807c3bd6dd2afe00387a80ffb34755c370f200647ee48304fc16bbf2098be56aff509a4c2301fde10db868e0305598", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x1874)
ioctl$NILFS_IOCTL_GET_CPSTAT(r0, 0x80186e83, &(0x7f0000001e40))
fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000001e80)=0x4)
ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000001ec0)={{r1}, {@void, @actul_num={@void, 0x7, 0x70}}}) (async)
ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f0000001ec0)={{r1}, {@void, @actul_num={@void, 0x7, 0x70}}})
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r1)
r2 = openat$vcsa(0xffffff9c, &(0x7f0000001f00), 0x204080, 0x0)
openat$dma_heap(0xffffff9c, &(0x7f0000001f40), 0x82, 0x0)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000002100)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000020c0)={&(0x7f0000001fc0)={0xfc, 0x0, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x5c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffc4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc75}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffff8}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "398995ce435ef8d2f88021e18a812b977d2962fafd703a"}}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x100}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}]}, 0xfc}}, 0x800) (async)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000002100)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000020c0)={&(0x7f0000001fc0)={0xfc, 0x0, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x5c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffc4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc75}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc6}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffff8}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "398995ce435ef8d2f88021e18a812b977d2962fafd703a"}}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x100}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}]}, 0xfc}}, 0x800)
ioctl$SNDCTL_MIDI_PRETIME(r1, 0xc0046d00, &(0x7f0000002140)=0xc)
sendto$unix(r2, &(0x7f0000002180)="f0a0cbdc6c8333b36b76ebff4da42eecddbe2bc8d61f082558e1fd1cf143d2c5d632b2afc01416e3f5b40cd51745d853c55ff7c8fb425faf32c17a725ece2b8864625de411f5fdfcd6c90e90da136c732a7adac1eb1cd9301da5046981e740ae200f2c459f8a2e43de1d596fc7c0ad095df2f124d4f7ab7455e26f24470925", 0x7f, 0x44, &(0x7f0000002200)=@file={0x0, './file0\x00'}, 0x6e)
r3 = openat$vcsa(0xffffff9c, &(0x7f0000002280), 0x80000, 0x0)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, &(0x7f00000022c0)={@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback}, 0xc)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000002340), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000002400)={&(0x7f0000002300)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000023c0)={&(0x7f0000002380)={0x34, r4, 0x400, 0x70bd25, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x1f, 0xf, @l2={'ib', 0x3a, 'ip6_vti0\x00'}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x484c)
mknodat$null(r2, &(0x7f0000002440)='./file0\x00', 0x200, 0x103)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f00000024c0), r2)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f0000002700)={&(0x7f0000002480)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000026c0)={&(0x7f0000002500)={0x194, r6, 0x0, 0x70bd26, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5410}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xe}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8}}]}, 0x194}, 0x1, 0x0, 0x0, 0x24000804}, 0x20000005) (async)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f0000002700)={&(0x7f0000002480)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000026c0)={&(0x7f0000002500)={0x194, r6, 0x0, 0x70bd26, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5410}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xe}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8}}]}, 0x194}, 0x1, 0x0, 0x0, 0x24000804}, 0x20000005)
r7 = socket$caif_seqpacket(0x25, 0x5, 0x0)
setsockopt$CAIFSO_LINK_SELECT(r7, 0x116, 0x7f, &(0x7f0000002740)=0xe93, 0x4) (async)
setsockopt$CAIFSO_LINK_SELECT(r7, 0x116, 0x7f, &(0x7f0000002740)=0xe93, 0x4)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000002780)={0x0, 0xfffffffa, 0xe9c, 0xa1, 0x64}) (async)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000002780)={0x0, 0xfffffffa, 0xe9c, 0xa1, 0x64})
sendmsg$NFT_BATCH(r3, &(0x7f0000002900)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000028c0)={&(0x7f0000002800)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELCHAIN={0x24, 0x5, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x801, 0x0, 0x0, {0xa}, @NFT_OBJECT_CT_EXPECT=@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}}, @NFT_MSG_DELCHAIN={0x3c, 0x5, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x5}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0xa8}, 0x1, 0x0, 0x0, 0x20004000}, 0x80000)
io_uring_enter(r3, 0x7597, 0xec7f, 0x40, &(0x7f0000002940)={[0x0, 0x3]}, 0x8)
r8 = syz_open_dev$vcsn(&(0x7f0000002980), 0x0, 0x200)
sendmsg$nl_netfilter(r8, &(0x7f0000002d40)={&(0x7f00000029c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002d00)={&(0x7f0000002a00)={0x2e0, 0xa, 0x4, 0x3, 0x70bd28, 0x25dfdbff, {0x1, 0x0, 0x7}, [@nested={0x10d, 0xdc, 0x0, 0x1, [@typed={0x8, 0xd1, 0x0, 0x0, @u32=0x8}, @generic="da40004970f25674b14043258a7b228a3b9786a31b4127139db51c19c0ac9f936f86913cbf7c0f4faa05dc878eaac6c6a101ae3493fc8b82d8dbfab36406ab66174acbbc2ecff9141e17233bc02ede5ddee5b8ed66bc", @generic="e6d5f525301e585ddd96755486c4ecfdb85b43a27690ece3622780", @nested={0x4, 0xd3}, @typed={0x8c, 0x63, 0x0, 0x0, @binary="4f112da90cdbf4c8df72de8e0b52b78de8092937e064f58c5ca6648dfff1227643b3f067781c38b872fd84c72c370c9ab82b4b1955f20ff0821e22d5e88049218fd56be679bd61bc9405a9de91bbbb2619c42d86c7a79306859159538b9b2c8f2e6ae68915e1b21fae2de949045e85aec6c92bcbb7fd041b660aed0eff03fb362348d3f700132b97"}]}, @generic="00690628ec492efb35dd494d69b1cbab119ce0d77bb564f4cc021a4a22367416ce274a3cb5fc0fc9513c7035b826717d297344f109507c5d55cb1fca9699d5efff23668b7da8724dc794c7485ec5d02c59231891765df55172b65df1e81ac4a8ce8afa6977026e0bdc03458dcbbc80030dabf6db7d2d47f7396d2d949d6d9892fc75909ae1b90a7319d0c8ced05b7d979254112c3f4cb8724f037caba6452196762728faf39f85daa13fe6725444b6f719fcfa3851bdc8bb530a977b0fd967850c005343bc072a1a8630b488ea98d6ff27dc46b7a0ebfa2df29f0ef4681ce7981b", @generic="d7ec1b876025675a8ef2036316e4eba696e5727f1985a65639a493c0a8ecefed57de5952f3d126b96d0c5e13b9cce0e730fdfb6578bc648b8b1da2a97a17c0d1db56fa683693bda9fd841cf42a1c8c1e7073f2da05a65edfcdb0458dea03a49bcc4950c5cd4721937cd7dcfb7a7b46f0c7152e156908bcdae513e2eaec06c3ab00fdef3211eec5ac9cedf74c367951c00a78b0a39ed88ec866a7b7346814565df3c8f90326086641b2b491d3522b54ee79c771f7dad59536eab63073bcc272698a1de32dc6d6c868a95ea06539edb814dd55c7056df72662aaf1"]}, 0x2e0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
sendmsg$nl_netfilter(r8, &(0x7f0000002d40)={&(0x7f00000029c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002d00)={&(0x7f0000002a00)={0x2e0, 0xa, 0x4, 0x3, 0x70bd28, 0x25dfdbff, {0x1, 0x0, 0x7}, [@nested={0x10d, 0xdc, 0x0, 0x1, [@typed={0x8, 0xd1, 0x0, 0x0, @u32=0x8}, @generic="da40004970f25674b14043258a7b228a3b9786a31b4127139db51c19c0ac9f936f86913cbf7c0f4faa05dc878eaac6c6a101ae3493fc8b82d8dbfab36406ab66174acbbc2ecff9141e17233bc02ede5ddee5b8ed66bc", @generic="e6d5f525301e585ddd96755486c4ecfdb85b43a27690ece3622780", @nested={0x4, 0xd3}, @typed={0x8c, 0x63, 0x0, 0x0, @binary="4f112da90cdbf4c8df72de8e0b52b78de8092937e064f58c5ca6648dfff1227643b3f067781c38b872fd84c72c370c9ab82b4b1955f20ff0821e22d5e88049218fd56be679bd61bc9405a9de91bbbb2619c42d86c7a79306859159538b9b2c8f2e6ae68915e1b21fae2de949045e85aec6c92bcbb7fd041b660aed0eff03fb362348d3f700132b97"}]}, @generic="00690628ec492efb35dd494d69b1cbab119ce0d77bb564f4cc021a4a22367416ce274a3cb5fc0fc9513c7035b826717d297344f109507c5d55cb1fca9699d5efff23668b7da8724dc794c7485ec5d02c59231891765df55172b65df1e81ac4a8ce8afa6977026e0bdc03458dcbbc80030dabf6db7d2d47f7396d2d949d6d9892fc75909ae1b90a7319d0c8ced05b7d979254112c3f4cb8724f037caba6452196762728faf39f85daa13fe6725444b6f719fcfa3851bdc8bb530a977b0fd967850c005343bc072a1a8630b488ea98d6ff27dc46b7a0ebfa2df29f0ef4681ce7981b", @generic="d7ec1b876025675a8ef2036316e4eba696e5727f1985a65639a493c0a8ecefed57de5952f3d126b96d0c5e13b9cce0e730fdfb6578bc648b8b1da2a97a17c0d1db56fa683693bda9fd841cf42a1c8c1e7073f2da05a65edfcdb0458dea03a49bcc4950c5cd4721937cd7dcfb7a7b46f0c7152e156908bcdae513e2eaec06c3ab00fdef3211eec5ac9cedf74c367951c00a78b0a39ed88ec866a7b7346814565df3c8f90326086641b2b491d3522b54ee79c771f7dad59536eab63073bcc272698a1de32dc6d6c868a95ea06539edb814dd55c7056df72662aaf1"]}, 0x2e0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000002d80)={'veth1\x00', @broadcast}) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000002d80)={'veth1\x00', @broadcast})

7m54.582373766s ago: executing program 0 (id=154):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$kcm(0x11, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
close(0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x100, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {0xffff, 0xe}, {0xfff2}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_BACKLOG_LIMIT={0x8, 0x1, 0x6}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
select(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x2100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[<r5=>0x0], 0x1})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000680)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000640)={&(0x7f00000008c0)={0x1410, 0x41, 0x400, 0x70bd2a, 0x25dfdbfd, {0xb}, [@nested={0x160, 0x103, 0x0, 0x1, [@generic="11e2a2f150dbb66693e9d873710250ae43f9779cd49184aaa21311787d79020d4a9b6cd87101a343d4b3061c1cefacd6de72378ea809aabb824bc1aa577476bc8b2ed4e2edf6b7fe5dce83471bd6ca8aef60af3b18fa9ffabd0ae8622627749d1af3e77d7b007672c1f304903a0c", @generic="df19cf7f1392a7f59607685a2349fee651183786c540d85da3dcd20f965d0c851da1d80354613e6365510eba44d33a90ebb40d4c313953120dc7269e84d654c84e7deaabb166c71dc6809a43e124d3281942bef33090d3af9729292521f247ff8202c1511fc58730c13c354a9ac2bfa20fc7f1e41981e95a62b2648ee6ac9b4cacac3122f44b029642336c3d02d063307525c4dc87340a16818103", @typed={0x8, 0x43, 0x0, 0x0, @pid}, @typed={0x29, 0x13, 0x0, 0x0, @binary="2cd20e3f4fb17582259c00b0a6f50666725274aa6347dfc8f52adc90c536f98c1d4828618a"}, @nested={0x4, 0x60}, @generic="33544473f9e107a2b81168cf45aa1c63c3199f", @typed={0x8, 0xf0, 0x0, 0x0, @fd=r0}]}, @nested={0x9f, 0xfe, 0x0, 0x1, [@nested={0x4, 0x109}, @generic="276ead354210cb9063b9439d550499f03f61548f708d573dd2105a4e08320a716b13df866ec66c80b128da40d7d6d58d07457d0bcbd077b9f68cdf1dc70457d30e6ae870ed06817089f640912efd1047df93bb0e80055b5b58edce1cd65765a9bff71a0f0b8d86e9549232435508021609faa981e0f3562a9b6cb0da5f3a079e2430640bd7f52c1a797d2874721108f6111f56590bcd81"]}, @nested={0x88, 0x2a, 0x0, 0x1, [@generic="1d9d153008e6ec86df6d3db5f1ab981b2c6b7b9d8c75f5bb9963da19d70ed1206f684c26e83f7774a2da65b55ecec11de4fb844b776c1784eb3457f24136502e86cf03d76aa0571afe9d41c64d825e495a116c430e579996c0c420b85346881bbcb16b62972ad7098aa6fb35416195b3bd11420325ac472e8f110f59db406e5eefa0e9e5"]}, @generic="536f5264f8bdf48cad590eccb612e76d32998c621ee4cf24d8f759f1312b81492a0d9e559c7d3a37bac39c0408b8cd81e79ca8e239f82cb6c22376b44eb61939897de8115ccdffbe17bd03295c6c7a2af55d097cab4332121bb2cb2eed10a9d4c95dc63f2bfcbb0ead03d4e0dad800f8b5915dcc028a2dc2cd7947c19dc3e19442e48da60c0360a4d21f478a67f034581b456facac803c8b3a6d8c85204af4b782af0f8e3b02fb9ca9a3dccda47c21b8b6c330e2093afcd63eaa77497a57d49da9d918dd3601d57bd6694abc15017d457d09bb775fef0e900bf960577ffb212b583512d7e15fe238f697c7944f386c32ba2e8986d48f94c5b4fa148e7b8cd9ac74d3727b1e34b60b883e7a374d8c816c18a8f9b9d013723a3d35705d72a46816d118736c07d4b036fff8e6ff56b0b2197098bbd498ad49cb9b74063a590d52bdc148f03752c64f6a88d27dc5bc81c18aa59c5c6f8023397f6f40974401334108313ada15487cbaeb08a791e8f5f1677ce33446362d317e2b98a444650fd8e848d8484d6c4d08e6881bbb476497f5298b543afe9cb29a8a4af865528ae06ff24a6116eff18d9fd76626a71e66e45a5293dbb2131b66302e151627cc503fb68517c9d61a89edd7bc7286bd14cfee0cc956fadbc15761539eeaabdf4f3743f46ebafb6fb554938c5b8a2e976f5612185efb453043e3f750c72f5eded73e09f113d1e718fd4ba4b98a19102c662c1267c1309fb509c2a9a404bae2f2dfd2514c29c232652b57022b25df7d4c8c0af4336989cf255ffb87c3861b989723bd09e056ad4fb2f9518755bf8bcec0204d68e91e61169c885f964267384f5079e07c1ed714faf701542d75afe6d97e0c4e56e8a074a2be9df8f917a193e36299c214773a928a828ae2b4676939ef34a94c1ddc59cfe4802a86647abfa8ac916f961bb12eb2093c4c5b69b159a107fc8eaff75a99e7a76b929a34c0b1f218f2d60b778e2f1cf1a2f23f17223edc19ea07a72840af3aa927a21d131b9989ecce7fb292d0a00c3a8782ce5bc2f7710af269b627774c8a006b1c61d5cf1796f7ba1d8fa107cfe0aa55be7ee5f2ed71d23bac7bbb2aa9c99518fb0785a08fc9c38775e183e7056a0ab7923fc47e20da232daff4d3ce92a7cceedc8a4710bb30d9dea30b05155ec1bfe1fc405a6afc7db3602b72f6751310dbd938cee01c1a7486e24e9cda419692358817a7934d4ef077ca87c76cfd8bf0bdf3b0d1689fafec1c4adb7ff3bffe728d152aa4cda94da08cc962ef72c691ab2a4556228ffd3305adf56e035a6f991a17d5b87d4db4e4487b29562b18dc3bd34e65accd7ea331c9e19f408fe23862cb218280db17efacba99aadacbfddf0a135137d81f70964ed7815d50167f11898883f694f025faa4b445343216a7bc5bf44639243468e50cf0d65d7d4a2619c2aea0ef5caa00ac363e3d152101eaf49aab93be7025af140803989f8bec324142739fafa1e8de41131687d85664ee4d3d0046cb0ff4926369ccb97364f2e942898d1681436f16a29ae9c84834b6236411a3f202c5f39122995b5b8a9e35630946fb29d924dc886b352ba0ec0f61049c7235483e4bc14c970731e2569dd81395c0be55e84bb2fd8e7f2d39a854cfb25c49cd97ed10b16853c5e638af866bd0c974e15d2497dd784e8801c5cd43d7ed78d1afb7a0344ec0b4ed3498f50ad24aeff136cb4fbad9422e8a0a47eeee977883ad0489bf7a7af2b8838f1c336def4338719595db198c87dacf3d0c2aaa6ef2d9e16e08ae7df96ae4a25045b4ca4ec8d66e643193948ee5c28714ed640c74a4c0006a19338a916ab29e4f301321988f19108b4d85fd8847eef121eea046b42ce27beb9b42ccb50477cbffe5068ae9348e597888c8996ab68ad474bf232a8b6a35cc8af933e2183f2e3892a3e5d7d5bdf345bbf8b081abe57e936c9608065a5f0cd3db1324e0aa7d1835f9b216ce934909067ceddb7e0f406c722b5e924b70a7a53d8dad327392c3b8be580bdcb45ae4101e08af942e6b1b64d0794663227de0e3da50ba95f377f993c30ee414691e19830b0638ce47c89b0ea564ff1fbc76d0d6e0ae297c212379f21aa655236de15776f63a1ab463472440590f587e22dfb6d5e39cdbebfea98abae07c327a2d04de8cf3f843c12ccaad4e2c1e7a9ce0e22a03aabdcadd601231178b68b32ef4efad078b22ec9a0ea180166c38f90bdf1e779a2d62c226a56e1e95c5727f3eb6c5c5b66affe12f33f1afa82b1034181d32a590839fb1acfc0250c37baad13c6d50a52ce36d7956dde3c4756d76a7c5e6c1c9579ed87a68d631bfee822c0b21f4399ba17f728ab50dbeeb912fbcd1097abce087094d48fccf1072a9382c9ec28434b33133540ff0a289355da286a04092d7bef6b4100b7487bf8db5bf2c03e599858626df0329de727ce32fbe63fbf3766eba8bb8534583909360a23f88bb9cf8cf0c91943596742e1eb1f820534fa9f2203da0448d272a65cc9ae92691bfdfe9f2a92ab640c172c876f813bca54976521b7daf3bab99780fec7f9b83c513846f2bd21b3a760c85b7a340bc22d257a1c56c735a0c15e16614015a04a5886b66fa2256e930c23ddcb32d49edd2d19d2aada99ea62473ad5e289dd652f871c5fe66e50913f5b532453ae2c4d7d7680fdeb11210a596fda104e7479563c49d89c85d76dbdae3ec5e78f11d1fb01071cc52d5211b178d1ab5576a1136b79115c35cf2af4b39ff9115e167869b471df84fc84eee697fbb2c87f108e1b86def466c781550cb03b2adc18d1f6d3e212155340a3ff8925901f2270989f09418287179ca87bf77c008a62ec393d000d2cd9e1a060da074491e41680907f1d770512b300403d7305ca8f421569681306b636df5e15cc9d6837a70d6b5e9c20abb21a0bab3946b9e89b67379e140aafb24ff82e4cffa3f01b2c963f22ea930955b6377f6c5831ce3699526c945ae3841b314fe078e46b0f739850bad3c853de72969054ccb2f8b35929f6734d929d5ec0370720ea5e190e9b4d1c09393586cf94f408b9604ce5e199cc88397b0a6685d019cbea869e7d511083da51204e60fb3e52390af82189bd786166e4ae84919b962c8c52de18f983fced9b03e12e4b74916f2ef35bd18f31b4ded358264d5cd5725e3970b523adfa76adc2c1697bedf5bc04d2d772843db9a12cc8ca734c87481c4d4fa7af3866746810e51a2fdd3057939fe6b609e3ac0d1a79d2d310a933c4f7af7f16bc3dcc2cee56cb368a9152437f09766528e67e3efb586a44f4931cdf1c91e1d9430224ef757dcfbf70975a04d3bacba1edd9e06d195e860d8214d5b28b5afb320e9e5c0bd28f7bd512f1149226844d3ddf081efdaae7a477d76b37d50a4cfb37b9fe6ad3b713d39df44c6a8716fc883f67dd1b4ac232add464a3699291c22982d5c7142b926b1aaeaabb1006d038a0824a28b3dbe41cb7a81c5312ffc86b7c0ba5d2cb641fbf9c3cd72851f6bb2d38dc494c698ac35830bf679f5a88e217f01cde6cf2999b24a8e396aab6a301bc36d6069c916ba8a563ba407b5de8f6b31197f4c495ff2272d81e31245fe2c12d998576da2d1a0451323330a836f4c97314e34af8da4408cd3241f39ec4caa3ec0636a8113a7c580922d40881653455846cb709287f93df1a8aeadd839c6e51a3a97e71bf0990f00fd0bbe8ada75731ad9c6c12b7d134ff0d6506ae01325cb79e1dfb724c1161c651c1913e7b042b485d53ab53aba5773551e51fc6739bd38724489670f0a8436f1e5b71a20eec2cd70f2ad53f0bdd26675871c0cef7accf48c93185db07854ac4e4c7af098e3f2b4810191966b538377444c78b707021959668c048beae86249e1632e9df6487223dc24e133a525b04c7df5179f4ee5eff8ceac16069c45e9c56135e23ee0d3096cccd96bd6473eda1ff730683f8b1668c3b2fbe19c97e821e5089677692d2cff60f5d80779e605e2a079f6513617c2cd863e86670b4ca2a8f22dc15688f50743728ed6ccb6a461bb11a2aca9c4ff6772139385bdf3b46d220b097d50e2764dbb8aba15b58b6d83361b1d51a009929053af72863a65fcec4ebbed1d085bfd1c629fc26b4da393e68ffc891985c2280ce8334beb28c81d1daa0df9f96d9a2d342a86578fd9ba895d02dc12eddcc190c03bfd792b118af2f78e674fd6603d5a4aa281a43fb4024371367da30b9da901e1055bf955df82175b2e31f18bcaef6a8453bd281907a3729723d3871a4372649fb9e2eb5f1b5e0459d1d4765b3b61d5e70e0b1b67da7277defe0f770c1f8df0e1400cf7d5fe0e6284fd1bea72b22e70ba13ef7b73b63ec94e2a1cdfcc64e9ef4d98b134829c9b407fb1172485ecca2bc050ee0540544ddb763c5b3dbcfbc0345f375f35fb36367fba1c4667dd51b079ddf6de45ad050a3d13604a388b6163287479ce64526c222e3f247c2f4185ab8d02ddebe1c0bae9f3a12cdb8f123d41474ac7a16025d6ceb63aac0f8fb65a0dd97c524079175cba50165b9bb5a7a746d4f41a45c1ef76f5aa236c03d91eab679b053456d740ec3d0805477e3ea04040507f161c6384f6d8c35a8e9b99bd1f855a44968b30330b193d6fce83504288322828bdc502b18117aef7cd14b83f356361266c2ad498b20c1cd7c0475c93672bdba1dc9b9e34c48aebcc8a4d5cf1fcb771e395c10e886b6a62e6fb41686329b9318913797b80ffa0262b970b800e6a5b32617074d616b641c0f1cb2e0d3b253bb01ab91f9b1b47f093c53c9e901ffbdb943dcc0439a0d27d745ad91376d01ddcc7e2a1a9da26499cf25ef969e0aff58e8f28d46ea66bcb522810df9d7281779c6d5a881c7148cc078c9c93599de59a32498bbc55772ddc7a30714c4ebb387a59744c90e5c6360b112872216519068a1d93907ed45a767ae478e03f8a547a273ef7efb5a6dd11a5e82957c0349c46fb3e5db21fd888b0278abe525717b51e8047924277e27758fc2837e77cc87dbeddb56753af1554db6c0a75b1d3e0019501c5249d24e655e623a403aa3f101dbcd0c2757e2380db523608fb21492e59fa9bfe99773e8e16ed0b83c69018edcd3252943d84463c93822371384aff1f26c380cffaeb435bd3f274bb9b91c54289499cfa23bf25d586768ebecf92d4b3aaafadebbcd44ac3d938af34027275c48628fe8d97dad11c1c916513ea1c7bd8354599e4db27d909f143060cd1da2804235f4ca25dbd498e5dc696a87ec8f7d01699a6cf9280eaf150ad635b354cb7b32c0ce9f4366b2bd593cb41482489bc5af07b69b3910d5ee326c699a8239c5d6ecbda25b440d4da966798fb998955334f46da88438824537ffe5e7fddc46a61e6cd0f2c59c4e483f0f9d3134c3e928332702404b1a981987004cbd0162ee2b4adfeadfc9dcb58f4fb2642232caa4b287db05dfd21418c9b8605d22af9638abde3eb7880f6422f026ec2220748f39413682f55657bbcfb4a48ee159ad268055eb75e5c26e2f6671518f486fe90935cd921d5f174779c005bc3094b00798b59df30a5a6671ecf5296594c45a2111afeb3de27b0e13017aa544c9c1b318b3e8228fbe7a0a0cb464c9bb01fa884c7fd9d08363f499bfcbc17dde5aaa4b6296dba6787f011753a0d5f852392222bd8b50f602d844ae9b0d6d81405fcdd6833a71ef29d09e50af8db667c054ef219c2b9033acfef4277920fc9f14cde34a087351dafd035e10dd1ce447acbaddad9af4e10b91d1e4869a0a654ca492704e53cbe60f89d39fb41", @generic="55f3e77eaf48f76d6c092726ecf48c80ffd10dcc2b4c836a7fc5c4ac9c5bd4606423372c5ce94bba", @generic="6bc0", @nested={0x10, 0xcd, 0x0, 0x1, [@nested={0x4, 0x17}, @typed={0x8, 0x38, 0x0, 0x0, @uid}]}, @nested={0x122, 0x11b, 0x0, 0x1, [@generic="89472e86c4cea0905a7adfdae9d2f8e9b87f28e8695f442dcb6bd35b45582a5d981263dfac69f2b57050e7a3dc61ff9c5ba091f9c73582ef9f7c3f31fff23591482cec525c09ce6b7a750fd2d17cde2e2eb3549ebf30eeaca145886b0ed295ee2268700738771c3c6d4b4f9950b422ded81e527f6856eddcc18cf72d7e0d314bcf357bc434e4289ef634e8c27b38770efce48ecd99f83de8b03e6c83fe0f300bdba2c0752dbe2f827df38b4af3c4fe7a565d39ea1db7d274d06c29917d3edc9679940c3217", @generic="950f4163c6b4c917662fe21b49f6251f1d9c217ff3b8e7d5b96200037734e6a77bce6cb16ee9f17f4798baf97942c518d95215d821812b9373257975e5beb97805a618158339d812720feea87cbb247eef", @typed={0x8, 0x3f, 0x0, 0x0, @u32}]}, @nested={0x14, 0xe8, 0x0, 0x1, [@typed={0xf, 0xae, 0x0, 0x0, @str='syzkaller0\x00'}]}]}, 0x1410}, 0x1, 0x0, 0x0, 0x50}, 0x8a0)
recvmmsg(r7, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/229, 0xe5}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000000400)=""/115, 0x73}, {&(0x7f00000000c0)=""/33, 0x21}, {&(0x7f00000004c0)=""/21, 0x15}], 0x11}}], 0x2, 0x60, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r5, <r8=>0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000200)={r5, r8, r9, 0x80000007, 0x800, 0xffffffff, 0x0, 0x200, 0x3, 0xe, 0x2000000, 0x31e})
r10 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r10, &(0x7f00000000c0), 0x10)
close(0x3)
r11 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x42242, 0x73)
pwritev(r11, &(0x7f0000000400)=[{&(0x7f0000000040)='9', 0x1}, {0x0}], 0x2, 0xffffff01, 0xa)

7m54.457238117s ago: executing program 0 (id=156):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x34, r3, 0x1, 0x70bd2e, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x8000}]}, 0x34}, 0x1, 0x0, 0x0, 0x10104}, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x88000, 0x0)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0xa)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="0eddad537a3e4cb4b4a7d055988f6431cc6fc50a13ba060e29c93e16b62343e20209c85a5ced9219562fc10d83b43e24786cc3d8c8c70b4edc7d361466f6190db2acd091211e2907462a94cb77a0a93cfcfa647c8b0f8e668b", @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f00000000c0)=[{&(0x7f00000001c0)="c7", 0x1}], 0x1}, 0x0)
recvmmsg(r6, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000640)=""/189, 0xbd}], 0x1, &(0x7f0000000a00)=""/71, 0x47}}], 0x1, 0x40012000, 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r7 = socket(0x15, 0x5, 0x0)
getpeername$unix(r7, 0x0, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="0200000001000000000e0000207903878c43108d8dfcc4c83c199b24040000000000000010000000000013002000000000000000"], 0xc, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r11, 0x4138ae84, &(0x7f0000000100)={{0xffff0000, 0x0, 0x0, 0x0, 0x7f, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {0xffff1000, 0xddccb000, 0xa, 0xfc, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {0x5000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x81, 0x9, 0x44, 0xe, 0x0, 0x2}, {0x10b002, 0x2000, 0xc, 0xfd, 0x80, 0x6, 0x2}, {0x1000, 0x0, 0x0, 0x0, 0x0, 0x80, 0xfd, 0x0, 0x2, 0xfc, 0x1a, 0xa8}, {0x10000, 0xd000, 0x0, 0x0, 0x80, 0x8f, 0x0, 0x0, 0x0, 0xfc, 0x84, 0xfe}, {0xeeee8000, 0x80a0000, 0x0, 0x1, 0x0, 0x6, 0x0, 0x80, 0x0, 0x4}, {0xd000, 0xd000, 0x0, 0x82, 0x0, 0x10, 0x4, 0xe, 0x2}, {0x6000}, {0x1, 0xff4d}, 0x60000021, 0x0, 0x0, 0x10, 0x14000000c, 0x0, 0x7000, [0x0, 0x0, 0x10000, 0x3]})
ioctl$KVM_SET_MSRS(r11, 0x4140aecd, &(0x7f0000000100))
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x24000, 0x0)

7m53.486874959s ago: executing program 0 (id=160):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_open_procfs$pagemap(0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2042, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000b80)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a40000000000000400b3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459ba9dcf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b22eaf0afc", 0x93}], 0x1, &(0x7f0000000380)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)=""/100, 0x64}, {&(0x7f0000000200)=""/83, 0x53}, {&(0x7f0000000140)=""/101, 0x65}], 0x3}, 0x80000002)

7m53.177184344s ago: executing program 0 (id=167):
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = syz_open_dev$ptys(0xc, 0x3, 0x0)
pipe2(&(0x7f0000000040), 0x0)
ioctl$TIOCMBIC(r0, 0x5417, 0x0)
syz_usb_connect(0x3, 0x64, &(0x7f0000000000)=ANY=[@ANYBLOB="120100e89f8be7406d04230848390102030109025200010000000009044000001e030100000a240608", @ANYRESHEX=0x0], 0x0)

7m52.943977782s ago: executing program 32 (id=167):
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = syz_open_dev$ptys(0xc, 0x3, 0x0)
pipe2(&(0x7f0000000040), 0x0)
ioctl$TIOCMBIC(r0, 0x5417, 0x0)
syz_usb_connect(0x3, 0x64, &(0x7f0000000000)=ANY=[@ANYBLOB="120100e89f8be7406d04230848390102030109025200010000000009044000001e030100000a240608", @ANYRESHEX=0x0], 0x0)

9.130754341s ago: executing program 4 (id=2237):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x6, 0x200)
ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, 0x0, 0x20040010)
r4 = bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2c0c2, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xe)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r4, 0x0, 0x20000023892)
syz_genetlink_get_family_id$batadv(0x0, r0)
r6 = syz_open_procfs(0x0, 0x0)
readlinkat(r6, 0x0, &(0x7f0000000180)=""/10, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x4}, [@FRA_FLOW={0x8, 0xb, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40480d4}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0x28}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0xc0580, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0x8801)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$USBDEVFS_RELEASE_PORT(r8, 0x80045519, &(0x7f0000001680)=0x7)

7.995980746s ago: executing program 4 (id=2243):
socket$packet(0x11, 0x3, 0x300)
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x8802, 0x0, 0x2}, 0x18, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
vmsplice(r1, &(0x7f0000000200)=[{&(0x7f0000000480)='\x00', 0x1}, {&(0x7f0000000880)="9f", 0x1}, {&(0x7f0000002d80)='\x00', 0x1}], 0x3, 0x9)
landlock_restrict_self(r0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_emit_ethernet(0xbe, &(0x7f0000000300)={@multicast, @local, @void, {@llc_tr={0x11, {@llc={0xf0, 0x42, "f5c5", "d209653e46fe018abfa21acbd65625abbe119b2dac41557c507511121ff64b8e8154d1ee765189a55ebf82bbf2bc27ec4ca32368379aa047d38f29483239ff1254601277949c564f7d7d6b1dfc37f624ed4bb76be30f39750b36074a12930a9ce2ad58427a4541902e5bc0fd89db7fe8116fba8e4616ce72b9fd96b490505837b8a9b09a7cfb8890ae2813466af0005559713e43848c1bb1141ed3b1915f461b805690c3d04ec1709d9fafe4"}}}}}, 0x0)

7.669615941s ago: executing program 4 (id=2245):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x8, 0x920)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r2, 0x40045731, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r3, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x1, 0xdd9f83, 0x1, 0x2f, 0xf3, 0x2, 0x8, 0x722, 0x6, 0x7, 0x7f, 0x27, 0x20, {0x0, 0x6fd8e84b}, 0x3, 0xed}})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_pid(r5, &(0x7f0000000040), 0x12)
r7 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010c410cf8a00000000000109022d00010000000009040000020300000009210000000122050009058103"], 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000100)={0x0, 0x0, 0x4, "24c8c8c5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io(r7, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

7.619271554s ago: executing program 1 (id=2247):
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0x5)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000021c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f00000010c0)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}], 0x1, 0x0)
recvfrom$inet(r1, 0x0, 0x0, 0x2102, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="030000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000002e50c000004000018110000", @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0xfffffc01, 0x3f, &(0x7f0000000140)=""/63, 0x40f00, 0xd, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0xd, 0x1, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f0000000240), &(0x7f00000002c0)=[{0x4, 0x2, 0x9, 0x1}, {0x2, 0x3, 0xd, 0x7}, {0x0, 0x3, 0x4, 0x4}, {0x3, 0x4, 0x0, 0x5}], 0x10, 0xb9}, 0x94)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001e80)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x80000000}, 0x10}, 0x94)
write$P9_RSETATTR(0xffffffffffffffff, &(0x7f00000005c0)={0x7, 0x1b, 0x1}, 0x7)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000f1401000000000000000000c82597800c00450072646d61"], 0x1c}}, 0x0)
r5 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000000040)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000140)={{}, {0x0, 0x989680}}, 0x0)
timer_gettime(r6, &(0x7f0000000080))
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
unshare(0x6a040000)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000000)=""/149, &(0x7f00000000c0)=0x210)

7.618476776s ago: executing program 2 (id=2248):
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket(0x2b, 0x3, 0x1)
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000200), 0x0, 0x80800, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
ioctl$DRM_IOCTL_MODE_GETENCODER(r6, 0xc01464a6, &(0x7f0000000180)={r7})
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000100)=0x8, 0x4)
getsockopt$bt_hci(r1, 0x0, 0x1, 0x0, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000140)={0xfffffffe, 0xab000000, 0x3})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="4800000010000104000000000101000000000000", @ANYRES32=0x0, @ANYBLOB="0900000000000000200012800e0001006970366772657461700000000c00028008000100", @ANYRESOCT=r6, @ANYRES16, @ANYRES32=r2, @ANYBLOB="9de7e600da8f33421c8c0f6d1ed6163ca07930bdb838fec4d78f1f9c02bd3bb01f542cbea21bfaf89929812e60888ddd115d79ee617692650e20b83237c8343ba8c5e6a465bc7def8c011d90202479da1ac5ad10f65379986bfa474f07a2379ad00ba9b9ecb6070ec863cada9a35a61256308783a2de90927b0ad7a808a0d406aa37fd4cd4524a6bc764b20a9024e63517d2809911f5870e9e00f7286d73e6fba058a890bc3342ddc7205e3f0543ea96d11728e3269931a0f32e9ad5b917eab9b16d93eb23afe558da2dc01f13af0052c77fc7fa7e661b6c57933302fc9507fc9f788c9437edeba8ba21ca901c46c56111c11949"], 0x48}}, 0x0)

5.664899785s ago: executing program 2 (id=2250):
unshare(0x6a040000)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000), &(0x7f0000000100)=0x4)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x3)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'pim6reg0\x00', 0xc201})
write$tun(r3, &(0x7f0000000840)=ANY=[@ANYBLOB="0800080006000601000014000000a80223"], 0x11)
setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000100)=0x8, 0x4)
mmap(&(0x7f00003b8000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x1ab7a000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@x86={0x5, 0x5, 0x17, 0x0, 0x4004003, 0xfc, 0x2, 0xc, 0xff, 0x8, 0x6, 0x1, 0x0, 0x7, 0x5, 0x4, 0x72, 0x6, 0xfa, '\x00', 0x3, 0x3})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
socket(0x10, 0x80002, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)

5.129017827s ago: executing program 3 (id=2254):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket(0x2b, 0x1, 0x1)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x5)
socket$can_raw(0x1d, 0x3, 0x1)
accept4$vsock_stream(r1, 0x0, 0x0, 0x80800)

4.936296853s ago: executing program 1 (id=2255):
socket$packet(0x11, 0x3, 0x300)
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x8802, 0x0, 0x2}, 0x18, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
vmsplice(r1, &(0x7f0000000200)=[{&(0x7f0000000480)='\x00', 0x1}, {&(0x7f0000000880)="9f", 0x1}, {&(0x7f0000002d80)='\x00', 0x1}], 0x3, 0x9)
landlock_restrict_self(r0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_emit_ethernet(0xbe, &(0x7f0000000300)={@multicast, @local, @void, {@llc_tr={0x11, {@llc={0xf0, 0x42, "f5c5", "d209653e46fe018abfa21acbd65625abbe119b2dac41557c507511121ff64b8e8154d1ee765189a55ebf82bbf2bc27ec4ca32368379aa047d38f29483239ff1254601277949c564f7d7d6b1dfc37f624ed4bb76be30f39750b36074a12930a9ce2ad58427a4541902e5bc0fd89db7fe8116fba8e4616ce72b9fd96b490505837b8a9b09a7cfb8890ae2813466af0005559713e43848c1bb1141ed3b1915f461b805690c3d04ec1709d9fafe4"}}}}}, 0x0)

4.884809694s ago: executing program 1 (id=2256):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0x8, 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x10, 0x803, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x6000801)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0xffffffff, 0x1000, 0x0, 0xffffffffffffffff, 0x4000000}, 0x50)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
r7 = syz_open_procfs(0x0, &(0x7f0000000240)='net/dev_mcast\x00')
read$FUSE(r7, &(0x7f0000000580)={0x2020}, 0x2020)
pread64(r7, &(0x7f0000000480)=""/209, 0xd1, 0x2)
read$FUSE(r7, &(0x7f0000002c40)={0x2020}, 0x2020)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r6, 0x0, 0x11203}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x20}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0xfffffffffffffe8e)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0xfffa, @empty}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @random="ea6576681159", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @multicast1, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)

4.658392646s ago: executing program 2 (id=2257):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket(0x2b, 0x1, 0x1)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x5)
socket$can_raw(0x1d, 0x3, 0x1)
accept4$vsock_stream(r1, 0x0, 0x0, 0x80800)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40c0, &(0x7f0000000140)={0xa, 0x4e24, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000100)={0x7, 0x84, 0x2, 0x5, 0x5, 0xfd, 0x0, 0x0, 0xfd, 0x2, 0x3, 0x0, 0x2}, 0xe)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESOCT=r1, @ANYRES32, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYRESHEX=r1, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000001680)=@base={0xc, 0x4, 0x4, 0xfffffc01, 0x0, r3, 0xfffffffe}, 0x50)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x850}, 0x0)
close(0x3)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfe6e, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010700e5ffffffffffff66000000000001000200000000000300", @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x4)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r5, 0x8, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", ""]}, 0x14}}, 0x20000014)
r6 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002)
ioctl$FE_SET_PROPERTY(r6, 0x40106f52, &(0x7f00000001c0)={0x28, 0x0})

4.614393645s ago: executing program 5 (id=2259):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
syz_io_uring_setup(0x4e2d, &(0x7f0000000140)={0x0, 0x7301, 0x800, 0x1, 0x329}, 0x0, 0x0)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x6, 0x0, 0x4, "36df218512b3be71048955f6f876b2ff"})
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r0, r0, r0}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})

4.481910133s ago: executing program 2 (id=2260):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @broadcast, @void, {@generic={0x806, "925dda8b4603961253bd16eac4a8f5e99fdb4b22438ca4101564336e"}}}, 0x0)

4.341963273s ago: executing program 2 (id=2261):
sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000028c0)={0x0, 0x28}}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket(0x2b, 0x3, 0x1)
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000200), 0x0, 0x80800, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
ioctl$DRM_IOCTL_MODE_GETENCODER(r6, 0xc01464a6, &(0x7f0000000180)={r7})
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000100)=0x8, 0x4)
getsockopt$bt_hci(r1, 0x0, 0x1, 0x0, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000140)={0xfffffffe, 0xab000000, 0x3})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="4800000010000104000000000101000000000000", @ANYRES32=0x0, @ANYBLOB="0900000000000000200012800e0001006970366772657461700000000c00028008000100", @ANYRESOCT=r6, @ANYRES16, @ANYRES32=r2, @ANYBLOB="9de7e600da8f33421c8c0f6d1ed6163ca07930bdb838fec4d78f1f9c02bd3bb01f542cbea21bfaf89929812e60888ddd115d79ee617692650e20b83237c8343ba8c5e6a465bc7def8c011d90202479da1ac5ad10f65379986bfa474f07a2379ad00ba9b9ecb6070ec863cada9a35a61256308783a2de90927b0ad7a808a0d406aa37fd4cd4524a6bc764b20a9024e63517d2809911f5870e9e00f7286d73e6fba058a890bc3342ddc7205e3f0543ea96d11728e3269931a0f32e9ad5b917eab9b16d93eb23afe558da2dc01f13af0052c77fc7fa7e661b6c57933302fc9507fc9f788c9437edeba8ba21ca901c46c56111c11949"], 0x48}}, 0x0)

4.27146298s ago: executing program 5 (id=2262):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffff9c, &(0x7f0000000000), 0x82001, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_open_dev$vcsa(0x0, 0xa40d, 0x2a8102)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
inotify_init()
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
r4 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x0, r4})
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000000)={0x0, r4})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000e00)={0xe62b, 0x80000000000000, 0x309, 0x0, 0x8000, 0x9f69, 0x0, 0x200000000002000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x30, 0x80000001, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff})

4.024089614s ago: executing program 3 (id=2263):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000a40)=""/284, 0x11c}, {&(0x7f0000001d00)=""/4067, 0xfe3}, {&(0x7f0000000180)=""/205, 0xcd}, {&(0x7f0000000940)=""/200, 0xc8}, {&(0x7f0000000280)=""/204, 0xcc}, {&(0x7f0000000d00)=""/236, 0xec}, {&(0x7f0000000480)=""/170, 0xaa}, {&(0x7f00000000c0)=""/178, 0xb2}], 0x8}, 0x0)

3.791821134s ago: executing program 5 (id=2264):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket(0x2b, 0x1, 0x1)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x5)
socket$can_raw(0x1d, 0x3, 0x1)
accept4$vsock_stream(r1, 0x0, 0x0, 0x80800)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40c0, &(0x7f0000000140)={0xa, 0x4e24, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000100)={0x7, 0x84, 0x2, 0x5, 0x5, 0xfd, 0x0, 0x0, 0xfd, 0x2, 0x3, 0x0, 0x2}, 0xe)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESOCT=r1, @ANYRES32, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYRESHEX=r1, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000001680)=@base={0xc, 0x4, 0x4, 0xfffffc01, 0x0, r3, 0xfffffffe}, 0x50)
close(0x3)

3.737816998s ago: executing program 4 (id=2265):
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0x5)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000021c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f00000010c0)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}], 0x1, 0x0)
recvfrom$inet(r1, 0x0, 0x0, 0x2102, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="030000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000002e50c000004000018110000", @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0xfffffc01, 0x3f, &(0x7f0000000140)=""/63, 0x40f00, 0xd, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0xd, 0x1, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f0000000240), &(0x7f00000002c0)=[{0x4, 0x2, 0x9, 0x1}, {0x2, 0x3, 0xd, 0x7}, {0x0, 0x3, 0x4, 0x4}, {0x3, 0x4, 0x0, 0x5}], 0x10, 0xb9}, 0x94)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001e80)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x80000000}, 0x10}, 0x94)
write$P9_RSETATTR(0xffffffffffffffff, &(0x7f00000005c0)={0x7, 0x1b, 0x1}, 0x7)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000f1401000000000000000000c82597800c00450072646d61"], 0x1c}}, 0x0)
r5 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000000040)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000140)={{}, {0x0, 0x989680}}, 0x0)
timer_gettime(r6, &(0x7f0000000080))
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
unshare(0x6a040000)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000000)=""/149, &(0x7f00000000c0)=0x210)

3.439712488s ago: executing program 5 (id=2266):
socket$packet(0x11, 0x3, 0x300)
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x8802, 0x0, 0x2}, 0x18, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
vmsplice(r1, &(0x7f0000000200)=[{&(0x7f0000000480)='\x00', 0x1}, {&(0x7f0000000880)="9f", 0x1}, {&(0x7f0000002d80)='\x00', 0x1}], 0x3, 0x9)
landlock_restrict_self(r0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_emit_ethernet(0xbe, &(0x7f0000000300)={@multicast, @local, @void, {@llc_tr={0x11, {@llc={0xf0, 0x42, "f5c5", "d209653e46fe018abfa21acbd65625abbe119b2dac41557c507511121ff64b8e8154d1ee765189a55ebf82bbf2bc27ec4ca32368379aa047d38f29483239ff1254601277949c564f7d7d6b1dfc37f624ed4bb76be30f39750b36074a12930a9ce2ad58427a4541902e5bc0fd89db7fe8116fba8e4616ce72b9fd96b490505837b8a9b09a7cfb8890ae2813466af0005559713e43848c1bb1141ed3b1915f461b805690c3d04ec1709d9fafe4"}}}}}, 0x0)

3.101659273s ago: executing program 1 (id=2267):
openat$nvram(0xffffffffffffff9c, &(0x7f00000014c0), 0x40280, 0x0)

3.082776583s ago: executing program 3 (id=2268):
syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@generic={0x7, 0x3, "f4"}, @timestamp_addr={0x44, 0x14, 0x9, 0x1, 0x0, [{@empty}, {}]}, @cipso={0x86, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) (fail_nth: 2)

3.024976495s ago: executing program 1 (id=2269):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$unix(r1, &(0x7f0000003cc0)={0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f00000008c0)="e2", 0x1}], 0x1, &(0x7f0000003c80)=[@cred={{0x18}}], 0x18, 0x20008004}, 0x0)

2.680763196s ago: executing program 1 (id=2270):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
unshare(0x22020600)
getsockopt$inet6_tcp_int(r1, 0x6, 0x2b, &(0x7f0000000c00), 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000780)={'pim6reg0\x00', 0x400})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r3 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r6, 0x303, 0x4000, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8050}, 0x4000)
syz_genetlink_get_family_id$ethtool(0x0, r4)
r7 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r7, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x90}, 0x1c)
r8 = socket$kcm(0x2b, 0x1, 0x0)
close(r7)
r9 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r9, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c0c5)
setsockopt$sock_attach_bpf(r9, 0x1, 0x9, &(0x7f0000000040), 0x4)
close(r8)
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000200)={'erspan0\x00'})
socket$inet_tcp(0x2, 0x1, 0x0)

2.60644542s ago: executing program 2 (id=2271):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$kcm(0x11, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x2}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x44, 0x2, [@TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1}, @TCA_FQ_FLOW_REFILL_DELAY={0x8}, @TCA_FQ_ORPHAN_MASK={0x8, 0xa, 0xb}, @TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x6}, @TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x2}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x1}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20008001}, 0x2000400)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x8, r4, 0x2e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000940)='2', 0x1}], 0x1}, 0x4)

2.473463678s ago: executing program 3 (id=2272):
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000580)={0x6, 0x1, 0x8003, 0x7, 0x4, 0x0, 0x81}, &(0x7f00000005c0)=0x20)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)
read$eventfd(0xffffffffffffffff, 0x0, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000840)=@filter={'filter\x00', 0x4, 0x4, 0x360, 0xffffffff, 0x1d0, 0xc8, 0x0, 0xfeffffff, 0xffffffff, 0x298, 0x298, 0x298, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x8}}}, {{@ipv6={@mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, [0xff, 0x0, 0xff000000, 0x1000000fe], [0xff, 0xffffffff, 0xffffff00, 0xff000000], 'nicvf0\x00', 'wlan0\x00', {0xf36f1a56c3b5bd55}, {}, 0x89, 0x2, 0x0, 0x4}, 0x0, 0xc8, 0x108, 0x0, {}, [@common=@ipv6header={{0x24}, {0x1, 0x8, 0x1}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x6, 0x21, "778623ae116adc1ec4ce23f8b22c902b607fa4fb3b9151e372d859d3fa35"}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0xe}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3bc)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r3, 0x890b, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="050000000600000008000000ad00000000000000", @ANYRES32, @ANYBLOB="0000000400000000080000000000001c00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000300"/28], 0x50)

2.450607857s ago: executing program 5 (id=2273):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)={0x0, <r3=>0x0})
sched_setattr(r3, &(0x7f0000000240)={0x38, 0x6, 0x23, 0x5, 0x0, 0x1, 0x4, 0x3, 0x0, 0x2}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockname(r5, &(0x7f00000014c0)=@ll={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000002c0)=0x80)
sendmsg$nl_route_sched(r4, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000009380)={&(0x7f000000c300)=@deltfilter={0x34, 0x2d, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r6, {}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200480c4}, 0x0)
ioctl$DVB_DVR_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000080)={0x534, 0x80000, <r7=>r2})
ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r7, 0xc008aec1, &(0x7f00000003c0)={0x4, 0x0, [{0xb, 0x3, 0x6, 0x7, 0xff, 0x2, 0x800}, {0x80000008, 0x8, 0x5, 0x6, 0xe49, 0x86e79a7, 0x340}, {0x80000008, 0xe, 0x4, 0x3, 0x6, 0xf39, 0x6}, {0xc000000d, 0x10, 0x0, 0x9, 0x9, 0xa28, 0x346}]})
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x58}}, 0x10)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x4e24, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0xa, @in6=@remote, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r8, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r8, 0x1, 0x6, &(0x7f0000000140)=0x8, 0x4)
connect$inet(r8, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r8, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

2.394718781s ago: executing program 4 (id=2274):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f00000000c0)={0x0, 0x989680}, 0x0, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000380)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0xfffc, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x2, "e5410e86db87a41f716be8e1fa0fe2fb143899778cc5c15c1337404bb397c0fc", "0c17d7b032591c2a7eb609eb8d2d9d15", {"28cbbe8b3bc8849d1e6124e7e5913283", "0080200000002000d300000000000400"}}}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="e904a200", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x4}}}}}}}, 0x0)

2.116299303s ago: executing program 4 (id=2275):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r2)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r5=>0x0})
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000240)=0x4000, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x24000010}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)=@generic={0x0, 0x0, 0x20}, 0x18)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0xa, 0x8, 0x5}, 0x0)
unshare(0x26020480)
unshare(0x22020400)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file2\x00', 0x1000, 0x0)
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
capset(&(0x7f0000000980)={0x20071026}, &(0x7f0000000200)={0x200002, 0x200003, 0x9, 0x8000004, 0x7, 0x4})
unshare(0x28000600)
r7 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000002980)={0x4002000, 0x0, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, &(0x7f0000002940)=[r7], 0x1}, 0x58)

1.033001063s ago: executing program 3 (id=2276):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000200)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket(0x22, 0x2, 0x3)
getsockopt$packet_buf(r4, 0x107, 0x1, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x3c, r5, 0x1, 0x0, 0x0, {0x54}, [{{@nsim={{0xe, 0x2}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1b, 0x3, &(0x7f0000000100)=ANY=[@ANYRES32=r4], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xc, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$netlink(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r7, 0x10e, 0x2, &(0x7f0000000000)=0x3, 0x4)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000380)={0x84, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x3c, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x37}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xed}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x101}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x4}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xffffffff}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x7}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x84}}, 0x0)
r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x141100, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000140)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r9=>0xffffffffffffffff})
fsopen(&(0x7f00000000c0)='gfs2meta\x00', 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r9, <r10=>0xffffffffffffffff})
ppoll(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
close_range(r3, r10, 0x0)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_inet6_SIOCADDRT(r11, 0x890b, &(0x7f0000000580)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1c}}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, 0x2000000, 0x0, 0x7d, 0x700, 0x6, 0x9b0311})
ioctl$sock_inet6_SIOCADDRT(r11, 0x890b, &(0x7f0000000200)={@private0={0xfc, 0x0, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, @private1, 0x6, 0x0, 0x6, 0x0, 0x4000000000000009, 0x4000200})
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000029c0)=@updpolicy={0xf8, 0x19, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, @in=@empty, 0x0, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, [@tmpl={0x44, 0x5, [{{@in6=@local, 0x0, 0x3c}, 0x8, @in=@broadcast, 0x0, 0x4, 0x0, 0x4}]}]}, 0xf8}}, 0x0)

929.696318ms ago: executing program 5 (id=2277):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x6, 0x200)
ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, 0x0, 0x20040010)
r4 = bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2c0c2, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xe)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r4, 0x0, 0x20000023892)
syz_genetlink_get_family_id$batadv(0x0, r0)
r6 = syz_open_procfs(0x0, 0x0)
readlinkat(r6, 0x0, &(0x7f0000000180)=""/10, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x4}, [@FRA_FLOW={0x8, 0xb, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40480d4}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0x28}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0xc0580, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0x8801)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$USBDEVFS_RELEASE_PORT(r8, 0x80045519, &(0x7f0000001680)=0x7)

0s ago: executing program 3 (id=2278):
socket$netlink(0x10, 0x3, 0xc)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r2, &(0x7f0000001400)=""/4076, 0xfffffeea)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)

kernel console output (not intermixed with test programs):

 499.029568][T12432]  ? finish_task_switch+0x240/0x920
[  499.029585][T12432]  ? lockdep_hardirqs_on+0x7a/0x110
[  499.029612][T12432]  ? __pfx_get_compat_msghdr+0x10/0x10
[  499.029631][T12432]  ? __schedule+0x15f3/0x52d0
[  499.029651][T12432]  ___sys_sendmsg+0x201/0x360
[  499.029671][T12432]  ? __pfx____sys_sendmsg+0x10/0x10
[  499.029688][T12432]  ? kstrtoull+0x12f/0x1d0
[  499.029727][T12432]  ? __fget_files+0x2a/0x420
[  499.029749][T12432]  ? __fget_files+0x3a0/0x420
[  499.029777][T12432]  __sys_sendmmsg+0x2e7/0x4e0
[  499.029799][T12432]  ? __pfx___sys_sendmmsg+0x10/0x10
[  499.029838][T12432]  ? fput+0xa0/0xd0
[  499.029859][T12432]  ? ksys_write+0x242/0x270
[  499.029881][T12432]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  499.029899][T12432]  __do_fast_syscall_32+0x20d/0x640
[  499.029918][T12432]  ? do_fast_syscall_32+0x33/0x70
[  499.029932][T12432]  ? asm_int80_emulation+0x1a/0x20
[  499.029946][T12432]  ? do_int80_emulation+0x274/0x4d0
[  499.029961][T12432]  ? trace_irq_disable+0x3b/0x150
[  499.029986][T12432]  do_fast_syscall_32+0x33/0x70
[  499.030003][T12432]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  499.030020][T12432] RIP: 0023:0xf7f02f6c
[  499.030035][T12432] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  499.030047][T12432] RSP: 002b:00000000f53c650c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  499.030064][T12432] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  499.030074][T12432] RDX: 0000000092492627 RSI: 0000000000000000 RDI: 0000000000000000
[  499.030084][T12432] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  499.030092][T12432] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  499.030101][T12432] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  499.030123][T12432]  </TASK>
[  500.008726][T12446] trusted_key: encrypted_key: insufficient parameters specified
[  500.165529][T12444] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1740'.
[  500.308335][T12448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1742'.
[  500.323363][T12448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1742'.
[  500.338905][T12448] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1742'.
[  500.360486][T12448] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1742'.
[  500.493880][T10689] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  500.704608][T10689] usb 5-1: Using ep0 maxpacket: 8
[  500.827618][T10689] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  500.840976][T10689] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  500.883757][T10689] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  500.898987][T10689] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  500.910423][T10689] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.959554][T10689] hub 5-1:1.0: bad descriptor, ignoring hub
[  500.990631][T10689] hub 5-1:1.0: probe with driver hub failed with error -5
[  501.039840][T10689] cdc_wdm 5-1:1.0: skipping garbage
[  501.055278][T10689] cdc_wdm 5-1:1.0: skipping garbage
[  501.080626][T10689] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  501.404774][ T5908] usb 5-1: USB disconnect, device number 58
[  501.436279][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.465226][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  501.743913][ T5908] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  501.923864][ T5908] usb 5-1: Using ep0 maxpacket: 8
[  502.205828][ T5908] usb 5-1: config 1 has an invalid descriptor of length 128, skipping remainder of the config
[  502.273769][ T5908] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  502.374203][ T5908] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  502.480953][ T5908] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  502.520461][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.542468][ T5908] hub 5-1:1.0: bad descriptor, ignoring hub
[  502.571168][ T5908] hub 5-1:1.0: probe with driver hub failed with error -5
[  502.589028][ T5908] cdc_wdm 5-1:1.0: skipping garbage
[  502.598736][ T5908] cdc_wdm 5-1:1.0: skipping garbage
[  502.619023][ T5908] cdc_wdm 5-1:1.0: invalid descriptor buffer length
[  502.642036][ T5908] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  502.833311][T12477] "syz.2.1751" (12477) uses obsolete ecb(arc4) skcipher
[  502.854018][T10691] usb 5-1: USB disconnect, device number 59
[  502.978537][T12485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1754'.
[  503.953768][ T5908] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  504.083981][ T5908] usb 6-1: device descriptor read/64, error -71
[  504.177024][T12511] binder: 12510:12511 ioctl c0306201 80000640 returned -22
[  504.323827][ T5908] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  504.463889][ T5908] usb 6-1: device descriptor read/64, error -71
[  504.576601][ T5908] usb usb6-port1: attempt power cycle
[  504.763869][ T5902] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  504.873157][T12522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1768'.
[  504.894849][T12522] netlink: 'syz.3.1768': attribute type 5 has an invalid length.
[  504.908603][T12522] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1768'.
[  504.923785][ T5908] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  504.924280][T12522] geneve3: entered promiscuous mode
[  504.936678][T12522] geneve3: entered allmulticast mode
[  504.943254][   T49] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  504.952281][ T5902] usb 2-1: Using ep0 maxpacket: 32
[  504.959302][   T49] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  504.969694][ T5908] usb 6-1: device descriptor read/8, error -71
[  504.981564][   T49] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  504.990480][ T5902] usb 2-1: config 0 has an invalid descriptor of length 140, skipping remainder of the config
[  505.001173][   T49] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  505.011879][ T5902] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  505.025560][ T5902] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.034492][ T5902] usb 2-1: Product: syz
[  505.038671][ T5902] usb 2-1: Manufacturer: syz
[  505.043300][ T5902] usb 2-1: SerialNumber: syz
[  505.051193][ T5902] usb 2-1: config 0 descriptor??
[  505.059166][ T5902] cdc_ether 2-1:0.0: skipping garbage
[  505.066365][ T5902] usb 2-1: bad CDC descriptors
[  505.072359][ T5902] usb 2-1: unsupported MDLM descriptors
[  505.214034][ T5908] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  505.227531][T12529] binder: 12526:12529 ioctl 4018620d 0 returned -22
[  505.234853][ T5908] usb 6-1: device descriptor read/8, error -71
[  505.266786][T10691] usb 2-1: USB disconnect, device number 45
[  505.372440][ T5908] usb usb6-port1: unable to enumerate USB device
[  507.184423][T12555] program syz.1.1777 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  507.709531][T12555] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1777'.
[  507.762941][T12564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  507.777013][T12564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  508.402506][T12572] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1781'.
[  508.633924][   T10] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[  508.802041][   T10] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  508.824740][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.844907][   T10] usb 2-1: config 0 has no interface number 0
[  508.863547][   T10] usb 2-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  508.880838][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.918585][   T10] usb 2-1: Product: syz
[  508.926769][   T10] usb 2-1: Manufacturer: syz
[  508.935528][   T10] usb 2-1: SerialNumber: syz
[  508.952197][   T10] usb 2-1: config 0 descriptor??
[  508.958314][T12587] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  508.981309][   T10] cx231xx 2-1:0.1: New device syz syz @ 12 Mbps (0572:58a5) with 1 interfaces
[  508.995485][   T10] cx231xx 2-1:0.1: Not found matching IAD interface
[  509.019129][T12587] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  509.029142][T12587] tipc: Enabled bearer <udp:syz0>, priority 10
[  509.199219][   T10] usb 2-1: USB disconnect, device number 46
[  509.468702][T12594] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.482734][T12594] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.916153][T12601] "syz.3.1790" (12601) uses obsolete ecb(arc4) skcipher
[  510.209438][T12606] FAULT_INJECTION: forcing a failure.
[  510.209438][T12606] name failslab, interval 1, probability 0, space 0, times 0
[  510.227777][T12606] CPU: 0 UID: 0 PID: 12606 Comm: syz.4.1792 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  510.227802][T12606] Tainted: [L]=SOFTLOCKUP
[  510.227806][T12606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  510.227813][T12606] Call Trace:
[  510.227817][T12606]  <TASK>
[  510.227822][T12606]  dump_stack_lvl+0xe8/0x150
[  510.227840][T12606]  should_fail_ex+0x412/0x560
[  510.227857][T12606]  should_failslab+0xa8/0x100
[  510.227871][T12606]  __kmalloc_noprof+0xe8/0x760
[  510.227882][T12606]  ? tomoyo_encode+0x28b/0x550
[  510.227901][T12606]  tomoyo_encode+0x28b/0x550
[  510.227918][T12606]  tomoyo_realpath_from_path+0x58d/0x5d0
[  510.227937][T12606]  ? tomoyo_path_number_perm+0x219/0x630
[  510.227949][T12606]  tomoyo_path_number_perm+0x246/0x630
[  510.227962][T12606]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  510.227976][T12606]  ? __lock_acquire+0x6b5/0x2cf0
[  510.228005][T12606]  ? __fget_files+0x2a/0x420
[  510.228021][T12606]  ? __fget_files+0x3a0/0x420
[  510.228033][T12606]  ? __fget_files+0x2a/0x420
[  510.228048][T12606]  security_file_ioctl_compat+0xc3/0x2a0
[  510.228062][T12606]  __ia32_compat_sys_ioctl+0x139/0x950
[  510.228075][T12606]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  510.228094][T12606]  ? __fget_files+0x3a0/0x420
[  510.228111][T12606]  ? fput+0xa0/0xd0
[  510.228125][T12606]  ? ksys_write+0x242/0x270
[  510.228142][T12606]  __do_fast_syscall_32+0x20d/0x640
[  510.228154][T12606]  ? do_fast_syscall_32+0x33/0x70
[  510.228165][T12606]  ? asm_int80_emulation+0x1a/0x20
[  510.228174][T12606]  ? do_int80_emulation+0x274/0x4d0
[  510.228184][T12606]  ? trace_irq_disable+0x3b/0x150
[  510.228200][T12606]  do_fast_syscall_32+0x33/0x70
[  510.228211][T12606]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  510.228222][T12606] RIP: 0023:0xf7ff4f6c
[  510.228232][T12606] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  510.228240][T12606] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  510.228251][T12606] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c02064b2
[  510.228258][T12606] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  510.228264][T12606] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  510.228269][T12606] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  510.228275][T12606] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  510.228288][T12606]  </TASK>
[  510.228301][T12606] ERROR: Out of memory at tomoyo_realpath_from_path.
[  510.563369][T12609] netlink: 'syz.5.1794': attribute type 4 has an invalid length.
[  510.592601][T12609] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1794'.
[  511.036677][T12624] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1798'.
[  511.047571][T12624] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  511.162630][T12628] IPVS: length: 528 != 8
[  512.735496][T12655] FAULT_INJECTION: forcing a failure.
[  512.735496][T12655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  512.748782][T12655] CPU: 0 UID: 0 PID: 12655 Comm: syz.3.1808 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  512.748800][T12655] Tainted: [L]=SOFTLOCKUP
[  512.748804][T12655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  512.748810][T12655] Call Trace:
[  512.748815][T12655]  <TASK>
[  512.748820][T12655]  dump_stack_lvl+0xe8/0x150
[  512.748837][T12655]  should_fail_ex+0x412/0x560
[  512.748855][T12655]  _copy_from_iter+0x1d3/0x1670
[  512.748872][T12655]  ? rcu_is_watching+0x15/0xb0
[  512.748888][T12655]  ? __pfx__copy_from_iter+0x10/0x10
[  512.748906][T12655]  ? netlink_sendmsg+0x650/0xb40
[  512.748920][T12655]  ? skb_put+0x11b/0x210
[  512.748931][T12655]  netlink_sendmsg+0x6c0/0xb40
[  512.748949][T12655]  ? __pfx_netlink_sendmsg+0x10/0x10
[  512.748964][T12655]  ? aa_sock_msg_perm+0xf1/0x1b0
[  512.748980][T12655]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  512.748994][T12655]  ____sys_sendmsg+0x972/0x9f0
[  512.749009][T12655]  ? __pfx_____sys_sendmsg+0x10/0x10
[  512.749021][T12655]  ? kstrtoull+0x12f/0x1d0
[  512.749038][T12655]  ___sys_sendmsg+0x2a5/0x360
[  512.749050][T12655]  ? __pfx____sys_sendmsg+0x10/0x10
[  512.749062][T12655]  ? get_pid_task+0x20/0x1f0
[  512.749071][T12655]  ? get_pid_task+0x20/0x1f0
[  512.749078][T12655]  ? get_pid_task+0x20/0x1f0
[  512.749098][T12655]  ? __fget_files+0x2a/0x420
[  512.749112][T12655]  ? __fget_files+0x3a0/0x420
[  512.749129][T12655]  __sys_sendmsg+0x183/0x260
[  512.749141][T12655]  ? __pfx___sys_sendmsg+0x10/0x10
[  512.749161][T12655]  __do_fast_syscall_32+0x20d/0x640
[  512.749174][T12655]  ? do_fast_syscall_32+0x33/0x70
[  512.749184][T12655]  ? asm_int80_emulation+0x1a/0x20
[  512.749193][T12655]  ? do_int80_emulation+0x274/0x4d0
[  512.749203][T12655]  ? trace_irq_disable+0x3b/0x150
[  512.749219][T12655]  do_fast_syscall_32+0x33/0x70
[  512.749230][T12655]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  512.749242][T12655] RIP: 0023:0xf701ef6c
[  512.749251][T12655] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  512.749259][T12655] RSP: 002b:00000000f540d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  512.749271][T12655] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040
[  512.749278][T12655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  512.749284][T12655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  512.749290][T12655] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  512.749295][T12655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  512.749308][T12655]  </TASK>
[  513.134102][T12657] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1805'.
[  513.227547][T12659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1807'.
[  513.396560][T12668] fuse: Bad value for 'fd'
[  513.410902][T12668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1810'.
[  513.426988][T12668] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1810'.
[  513.466212][T12668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1810'.
[  514.394077][T12685] FAULT_INJECTION: forcing a failure.
[  514.394077][T12685] name failslab, interval 1, probability 0, space 0, times 0
[  514.439942][T12675] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1812'.
[  514.486157][T12685] CPU: 1 UID: 0 PID: 12685 Comm: syz.2.1816 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  514.486184][T12685] Tainted: [L]=SOFTLOCKUP
[  514.486191][T12685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  514.486200][T12685] Call Trace:
[  514.486208][T12685]  <TASK>
[  514.486215][T12685]  dump_stack_lvl+0xe8/0x150
[  514.486243][T12685]  should_fail_ex+0x412/0x560
[  514.486270][T12685]  should_failslab+0xa8/0x100
[  514.486292][T12685]  __kmalloc_noprof+0xe8/0x760
[  514.486311][T12685]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  514.486340][T12685]  tomoyo_realpath_from_path+0xe3/0x5d0
[  514.486371][T12685]  ? tomoyo_path_number_perm+0x219/0x630
[  514.486392][T12685]  tomoyo_path_number_perm+0x246/0x630
[  514.486414][T12685]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  514.486438][T12685]  ? __lock_acquire+0x6b5/0x2cf0
[  514.486486][T12685]  ? __fget_files+0x2a/0x420
[  514.486512][T12685]  ? __fget_files+0x3a0/0x420
[  514.486533][T12685]  ? __fget_files+0x2a/0x420
[  514.486558][T12685]  security_file_ioctl_compat+0xc3/0x2a0
[  514.486579][T12685]  __ia32_compat_sys_ioctl+0x139/0x950
[  514.486602][T12685]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  514.486624][T12685]  ? __fget_files+0x3a0/0x420
[  514.486650][T12685]  ? fput+0xa0/0xd0
[  514.486672][T12685]  ? ksys_write+0x242/0x270
[  514.486700][T12685]  __do_fast_syscall_32+0x20d/0x640
[  514.486722][T12685]  ? do_fast_syscall_32+0x33/0x70
[  514.486738][T12685]  ? asm_int80_emulation+0x1a/0x20
[  514.486753][T12685]  ? do_int80_emulation+0x274/0x4d0
[  514.486770][T12685]  ? trace_irq_disable+0x3b/0x150
[  514.486811][T12685]  do_fast_syscall_32+0x33/0x70
[  514.486830][T12685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  514.486848][T12685] RIP: 0023:0xf7f44f6c
[  514.486864][T12685] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  514.486878][T12685] RSP: 002b:00000000f540650c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  514.486895][T12685] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000007a8
[  514.486907][T12685] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  514.486917][T12685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  514.486926][T12685] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  514.486936][T12685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  514.486961][T12685]  </TASK>
[  514.488254][T12685] ERROR: Out of memory at tomoyo_realpath_from_path.
[  514.847481][T12691] FAULT_INJECTION: forcing a failure.
[  514.847481][T12691] name failslab, interval 1, probability 0, space 0, times 0
[  514.863306][T12691] CPU: 0 UID: 0 PID: 12691 Comm: syz.2.1819 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  514.863332][T12691] Tainted: [L]=SOFTLOCKUP
[  514.863339][T12691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  514.863349][T12691] Call Trace:
[  514.863356][T12691]  <TASK>
[  514.863364][T12691]  dump_stack_lvl+0xe8/0x150
[  514.863395][T12691]  should_fail_ex+0x412/0x560
[  514.863425][T12691]  should_failslab+0xa8/0x100
[  514.863447][T12691]  __kmalloc_cache_noprof+0x88/0x660
[  514.863468][T12691]  ? __hw_addr_add_ex+0x1dc/0x650
[  514.863492][T12691]  __hw_addr_add_ex+0x1dc/0x650
[  514.863510][T12691]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  514.863535][T12691]  dev_addr_init+0x15e/0x240
[  514.863557][T12691]  ? __pfx_dev_addr_init+0x10/0x10
[  514.863578][T12691]  ? alloc_netdev_mqs+0xa6/0x11b0
[  514.863606][T12691]  alloc_netdev_mqs+0x2b1/0x11b0
[  514.863625][T12691]  ? __pfx_vlan_setup+0x10/0x10
[  514.863716][T12691]  rtnl_create_link+0x31f/0xd70
[  514.863740][T12691]  rtnl_newlink_create+0x277/0xb70
[  514.863758][T12691]  ? __pfx___nla_validate_parse+0x10/0x10
[  514.863783][T12691]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  514.863803][T12691]  ? __pfx___mutex_lock+0x10/0x10
[  514.863829][T12691]  ? ns_capable+0x89/0xe0
[  514.863852][T12691]  rtnl_newlink+0x1666/0x1be0
[  514.863890][T12691]  ? __pfx_rtnl_newlink+0x10/0x10
[  514.863908][T12691]  ? do_fast_syscall_32+0x33/0x70
[  514.863924][T12691]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  514.863974][T12691]  ? kasan_quarantine_put+0xbb/0x1f0
[  514.863992][T12691]  ? lockdep_hardirqs_on+0x7a/0x110
[  514.864014][T12691]  ? kmem_cache_free+0x187/0x630
[  514.864031][T12691]  ? nlmon_xmit+0xb0/0x100
[  514.864119][T12691]  ? __lock_acquire+0x6b5/0x2cf0
[  514.864143][T12691]  ? __local_bh_enable_ip+0xd0/0x130
[  514.864163][T12691]  ? lockdep_hardirqs_on+0x7a/0x110
[  514.864178][T12691]  ? __dev_queue_xmit+0x277/0x3890
[  514.864196][T12691]  ? __local_bh_enable_ip+0xd0/0x130
[  514.864213][T12691]  ? __dev_queue_xmit+0x277/0x3890
[  514.864262][T12691]  ? __pfx_rtnl_newlink+0x10/0x10
[  514.864283][T12691]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  514.864308][T12691]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  514.864329][T12691]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  514.864349][T12691]  ? ref_tracker_free+0x693/0x840
[  514.864368][T12691]  ? __copy_skb_header+0xa3/0x4a0
[  514.864387][T12691]  ? __pfx_ref_tracker_free+0x10/0x10
[  514.864407][T12691]  ? __skb_clone+0x63/0x7a0
[  514.864431][T12691]  netlink_rcv_skb+0x232/0x4b0
[  514.864456][T12691]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  514.864481][T12691]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  514.864513][T12691]  ? netlink_deliver_tap+0x2e/0x1b0
[  514.864541][T12691]  netlink_unicast+0x80f/0x9b0
[  514.864570][T12691]  ? __pfx_netlink_unicast+0x10/0x10
[  514.864592][T12691]  ? netlink_sendmsg+0x650/0xb40
[  514.864612][T12691]  ? skb_put+0x11b/0x210
[  514.864631][T12691]  netlink_sendmsg+0x813/0xb40
[  514.864661][T12691]  ? __pfx_netlink_sendmsg+0x10/0x10
[  514.864686][T12691]  ? aa_sock_msg_perm+0xf1/0x1b0
[  514.864710][T12691]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  514.864731][T12691]  ____sys_sendmsg+0x972/0x9f0
[  514.864758][T12691]  ? __pfx_____sys_sendmsg+0x10/0x10
[  514.864780][T12691]  ? kstrtoull+0x12f/0x1d0
[  514.864809][T12691]  ___sys_sendmsg+0x2a5/0x360
[  514.864832][T12691]  ? __pfx____sys_sendmsg+0x10/0x10
[  514.864853][T12691]  ? get_pid_task+0x20/0x1f0
[  514.864868][T12691]  ? get_pid_task+0x20/0x1f0
[  514.864881][T12691]  ? get_pid_task+0x20/0x1f0
[  514.864919][T12691]  ? __fget_files+0x2a/0x420
[  514.864940][T12691]  ? __fget_files+0x3a0/0x420
[  514.864969][T12691]  __sys_sendmsg+0x183/0x260
[  514.864989][T12691]  ? __pfx___sys_sendmsg+0x10/0x10
[  514.865026][T12691]  __do_fast_syscall_32+0x20d/0x640
[  514.865046][T12691]  ? do_fast_syscall_32+0x33/0x70
[  514.865062][T12691]  ? asm_int80_emulation+0x1a/0x20
[  514.865077][T12691]  ? do_int80_emulation+0x274/0x4d0
[  514.865093][T12691]  ? trace_irq_disable+0x3b/0x150
[  514.865117][T12691]  do_fast_syscall_32+0x33/0x70
[  514.865136][T12691]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  514.865154][T12691] RIP: 0023:0xf7f44f6c
[  514.865170][T12691] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  514.865184][T12691] RSP: 002b:00000000f540650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  514.865201][T12691] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  514.865212][T12691] RDX: 0000000008000002 RSI: 0000000000000000 RDI: 0000000000000000
[  514.865222][T12691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  514.865231][T12691] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  514.865248][T12691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  514.865271][T12691]  </TASK>
[  515.676905][T12711] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1825'.
[  515.816827][T12722] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1828'.
[  515.871395][T12728] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1829'.
[  515.997652][T12732] netlink: 'syz.1.1831': attribute type 1 has an invalid length.
[  516.009984][T12730] syzkaller1: tun_chr_ioctl cmd 1074025677
[  516.020205][T12730] syzkaller1: Linktype set failed because interface is up
[  516.033992][ T5902] syzkaller1: tun_net_xmit 90
[  516.036770][T12732] FAULT_INJECTION: forcing a failure.
[  516.036770][T12732] name failslab, interval 1, probability 0, space 0, times 0
[  516.073748][T12732] CPU: 1 UID: 0 PID: 12732 Comm: syz.1.1831 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  516.073773][T12732] Tainted: [L]=SOFTLOCKUP
[  516.073779][T12732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  516.073789][T12732] Call Trace:
[  516.073797][T12732]  <TASK>
[  516.073804][T12732]  dump_stack_lvl+0xe8/0x150
[  516.073831][T12732]  should_fail_ex+0x412/0x560
[  516.073854][T12732]  should_failslab+0xa8/0x100
[  516.073867][T12732]  ? skb_clone+0x212/0x3a0
[  516.073879][T12732]  kmem_cache_alloc_noprof+0x87/0x650
[  516.073893][T12732]  skb_clone+0x212/0x3a0
[  516.073906][T12732]  pfkey_sendmsg+0x4a3/0x1120
[  516.073991][T12732]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  516.074002][T12732]  ? __lock_acquire+0x6b5/0x2cf0
[  516.074025][T12732]  ? __import_iovec+0x5d4/0x7e0
[  516.074035][T12732]  ? aa_sock_msg_perm+0xf1/0x1b0
[  516.074051][T12732]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  516.074064][T12732]  ____sys_sendmsg+0x972/0x9f0
[  516.074079][T12732]  ? __pfx_____sys_sendmsg+0x10/0x10
[  516.074092][T12732]  ? kstrtoull+0x12f/0x1d0
[  516.074108][T12732]  ___sys_sendmsg+0x2a5/0x360
[  516.074122][T12732]  ? __pfx____sys_sendmsg+0x10/0x10
[  516.074133][T12732]  ? get_pid_task+0x20/0x1f0
[  516.074142][T12732]  ? get_pid_task+0x20/0x1f0
[  516.074150][T12732]  ? get_pid_task+0x20/0x1f0
[  516.074170][T12732]  ? __fget_files+0x2a/0x420
[  516.074184][T12732]  ? __fget_files+0x3a0/0x420
[  516.074202][T12732]  __sys_sendmsg+0x183/0x260
[  516.074214][T12732]  ? __pfx___sys_sendmsg+0x10/0x10
[  516.074235][T12732]  __do_fast_syscall_32+0x20d/0x640
[  516.074247][T12732]  ? do_fast_syscall_32+0x33/0x70
[  516.074257][T12732]  ? asm_int80_emulation+0x1a/0x20
[  516.074267][T12732]  ? do_int80_emulation+0x274/0x4d0
[  516.074277][T12732]  ? trace_irq_disable+0x3b/0x150
[  516.074293][T12732]  do_fast_syscall_32+0x33/0x70
[  516.074304][T12732]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  516.074315][T12732] RIP: 0023:0xf7f67f6c
[  516.074325][T12732] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  516.074333][T12732] RSP: 002b:00000000f542650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  516.074345][T12732] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800001c0
[  516.074352][T12732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  516.074357][T12732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  516.074363][T12732] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  516.074369][T12732] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  516.074383][T12732]  </TASK>
[  516.347278][T12734] netlink: 'syz.5.1827': attribute type 27 has an invalid length.
[  516.361039][T12734] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1827'.
[  516.987594][T12753] FAULT_INJECTION: forcing a failure.
[  516.987594][T12753] name failslab, interval 1, probability 0, space 0, times 0
[  517.034132][T12753] CPU: 1 UID: 0 PID: 12753 Comm: syz.4.1839 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  517.034161][T12753] Tainted: [L]=SOFTLOCKUP
[  517.034167][T12753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  517.034177][T12753] Call Trace:
[  517.034185][T12753]  <TASK>
[  517.034193][T12753]  dump_stack_lvl+0xe8/0x150
[  517.034217][T12753]  should_fail_ex+0x412/0x560
[  517.034235][T12753]  should_failslab+0xa8/0x100
[  517.034249][T12753]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  517.034260][T12753]  ? __alloc_skb+0x186/0x7d0
[  517.034270][T12753]  ? __alloc_skb+0x1d0/0x7d0
[  517.034277][T12753]  ? __local_bh_enable_ip+0xd0/0x130
[  517.034292][T12753]  __alloc_skb+0x1d0/0x7d0
[  517.034303][T12753]  netlink_sendmsg+0x5d4/0xb40
[  517.034323][T12753]  ? __pfx_netlink_sendmsg+0x10/0x10
[  517.034344][T12753]  ? aa_sock_msg_perm+0xf1/0x1b0
[  517.034359][T12753]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  517.034373][T12753]  ____sys_sendmsg+0x972/0x9f0
[  517.034388][T12753]  ? __pfx_____sys_sendmsg+0x10/0x10
[  517.034400][T12753]  ? kstrtoull+0x12f/0x1d0
[  517.034418][T12753]  ___sys_sendmsg+0x2a5/0x360
[  517.034430][T12753]  ? __pfx____sys_sendmsg+0x10/0x10
[  517.034442][T12753]  ? get_pid_task+0x20/0x1f0
[  517.034451][T12753]  ? get_pid_task+0x20/0x1f0
[  517.034458][T12753]  ? get_pid_task+0x20/0x1f0
[  517.034478][T12753]  ? __fget_files+0x2a/0x420
[  517.034492][T12753]  ? __fget_files+0x3a0/0x420
[  517.034509][T12753]  __sys_sendmsg+0x183/0x260
[  517.034521][T12753]  ? __pfx___sys_sendmsg+0x10/0x10
[  517.034540][T12753]  __do_fast_syscall_32+0x20d/0x640
[  517.034553][T12753]  ? do_fast_syscall_32+0x33/0x70
[  517.034563][T12753]  ? asm_int80_emulation+0x1a/0x20
[  517.034572][T12753]  ? do_int80_emulation+0x274/0x4d0
[  517.034582][T12753]  ? trace_irq_disable+0x3b/0x150
[  517.034598][T12753]  do_fast_syscall_32+0x33/0x70
[  517.034609][T12753]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  517.034620][T12753] RIP: 0023:0xf7ff4f6c
[  517.034630][T12753] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  517.034638][T12753] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  517.034648][T12753] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  517.034655][T12753] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  517.034660][T12753] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  517.034666][T12753] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  517.034671][T12753] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  517.034684][T12753]  </TASK>
[  517.627348][T12765] FAULT_INJECTION: forcing a failure.
[  517.627348][T12765] name failslab, interval 1, probability 0, space 0, times 0
[  517.654655][T12765] CPU: 0 UID: 0 PID: 12765 Comm: syz.4.1844 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  517.654681][T12765] Tainted: [L]=SOFTLOCKUP
[  517.654687][T12765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  517.654696][T12765] Call Trace:
[  517.654703][T12765]  <TASK>
[  517.654710][T12765]  dump_stack_lvl+0xe8/0x150
[  517.654735][T12765]  should_fail_ex+0x412/0x560
[  517.654758][T12765]  should_failslab+0xa8/0x100
[  517.654779][T12765]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  517.654794][T12765]  ? __alloc_skb+0x186/0x7d0
[  517.654809][T12765]  ? __alloc_skb+0x1d0/0x7d0
[  517.654820][T12765]  ? __local_bh_enable_ip+0xd0/0x130
[  517.654842][T12765]  __alloc_skb+0x1d0/0x7d0
[  517.654856][T12765]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  517.654877][T12765]  netlink_sendmsg+0x5d4/0xb40
[  517.654905][T12765]  ? __pfx_netlink_sendmsg+0x10/0x10
[  517.654926][T12765]  ? aa_sock_msg_perm+0xf1/0x1b0
[  517.654946][T12765]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  517.654964][T12765]  ____sys_sendmsg+0x972/0x9f0
[  517.654987][T12765]  ? __pfx_____sys_sendmsg+0x10/0x10
[  517.655006][T12765]  ? kstrtoull+0x12f/0x1d0
[  517.655033][T12765]  ___sys_sendmsg+0x2a5/0x360
[  517.655054][T12765]  ? __pfx____sys_sendmsg+0x10/0x10
[  517.655072][T12765]  ? get_pid_task+0x20/0x1f0
[  517.655086][T12765]  ? get_pid_task+0x20/0x1f0
[  517.655099][T12765]  ? get_pid_task+0x20/0x1f0
[  517.655133][T12765]  ? __fget_files+0x2a/0x420
[  517.655152][T12765]  ? __fget_files+0x3a0/0x420
[  517.655181][T12765]  __sys_sendmsg+0x183/0x260
[  517.655200][T12765]  ? __pfx___sys_sendmsg+0x10/0x10
[  517.655233][T12765]  __do_fast_syscall_32+0x20d/0x640
[  517.655253][T12765]  ? do_fast_syscall_32+0x33/0x70
[  517.655276][T12765]  ? asm_int80_emulation+0x1a/0x20
[  517.655291][T12765]  ? do_int80_emulation+0x274/0x4d0
[  517.655305][T12765]  ? trace_irq_disable+0x3b/0x150
[  517.655329][T12765]  do_fast_syscall_32+0x33/0x70
[  517.655346][T12765]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  517.655364][T12765] RIP: 0023:0xf7ff4f6c
[  517.655379][T12765] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  517.655392][T12765] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  517.655409][T12765] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  517.655419][T12765] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  517.655429][T12765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  517.655438][T12765] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  517.655447][T12765] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  517.655472][T12765]  </TASK>
[  517.940511][T10691] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  518.173240][T12770] FAULT_INJECTION: forcing a failure.
[  518.173240][T12770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.212672][T12770] CPU: 1 UID: 0 PID: 12770 Comm: syz.2.1845 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  518.212698][T12770] Tainted: [L]=SOFTLOCKUP
[  518.212713][T12770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  518.212722][T12770] Call Trace:
[  518.212730][T12770]  <TASK>
[  518.212738][T12770]  dump_stack_lvl+0xe8/0x150
[  518.212765][T12770]  should_fail_ex+0x412/0x560
[  518.212792][T12770]  _copy_from_iter+0x1d3/0x1670
[  518.212816][T12770]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  518.212840][T12770]  ? __pfx_policy_nodemask+0x10/0x10
[  518.212863][T12770]  ? __pfx__copy_from_iter+0x10/0x10
[  518.212890][T12770]  ? set_page_refcounted+0xa0/0x1e0
[  518.212910][T12770]  ? page_copy_sane+0x4e/0x270
[  518.212934][T12770]  copy_page_from_iter+0xdd/0x170
[  518.212961][T12770]  tun_get_user+0x1d4b/0x3dd0
[  518.212977][T12770]  ? tun_get_user+0x6ff/0x3dd0
[  518.213008][T12770]  ? aa_file_perm+0x50e/0x15e0
[  518.213032][T12770]  ? __pfx_tun_get_user+0x10/0x10
[  518.213046][T12770]  ? aa_file_perm+0x192/0x15e0
[  518.213080][T12770]  ? ref_tracker_alloc+0x35c/0x4c0
[  518.213103][T12770]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  518.213128][T12770]  ? tun_get+0x1c/0x2f0
[  518.213149][T12770]  ? tun_get+0x1c/0x2f0
[  518.213164][T12770]  ? tun_get+0x1c/0x2f0
[  518.213184][T12770]  tun_chr_write_iter+0x113/0x200
[  518.213202][T12770]  vfs_write+0x61d/0xb90
[  518.213222][T12770]  ? __pfx_vfs_write+0x10/0x10
[  518.213248][T12770]  ? __fget_files+0x2a/0x420
[  518.213278][T12770]  ksys_write+0x150/0x270
[  518.213296][T12770]  ? __pfx_ksys_write+0x10/0x10
[  518.213317][T12770]  ? asm_int80_emulation+0x1a/0x20
[  518.213336][T12770]  do_int80_emulation+0x173/0x4d0
[  518.213353][T12770]  ? trace_irq_disable+0x3b/0x150
[  518.213374][T12770]  ? asm_int80_emulation+0x1a/0x20
[  518.213388][T12770]  ? clear_bhb_loop+0x40/0x90
[  518.213403][T12770]  ? clear_bhb_loop+0x40/0x90
[  518.213422][T12770]  asm_int80_emulation+0x1a/0x20
[  518.213437][T12770] RIP: 0023:0xf7145cab
[  518.213451][T12770] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  518.213465][T12770] RSP: 002b:00000000f540644c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  518.213482][T12770] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000200
[  518.213493][T12770] RDX: 0000000000000036 RSI: 0000000000000000 RDI: 0000000000000000
[  518.213502][T12770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  518.213511][T12770] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  518.213520][T12770] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  518.213545][T12770]  </TASK>
[  518.493937][T10691] usb 4-1: Using ep0 maxpacket: 32
[  518.882049][T10691] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  518.890269][T10691] usb 4-1: config 0 has no interface number 0
[  518.900916][T12775] 
€Â: renamed from lo (while UP)
[  518.906056][T10691] usb 4-1: config 0 interface 12 altsetting 2 endpoint 0x82 has invalid maxpacket 26726, setting to 1024
[  518.930462][T10691] usb 4-1: config 0 interface 12 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 1024
[  518.964217][T10691] usb 4-1: config 0 interface 12 has no altsetting 0
[  519.279505][T10691] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=70.40
[  519.288846][T10691] usb 4-1: New USB device strings: Mfr=231, Product=2, SerialNumber=3
[  519.301135][T10691] usb 4-1: Product: syz
[  519.305891][T10691] usb 4-1: Manufacturer: syz
[  519.310707][T10691] usb 4-1: SerialNumber: syz
[  519.328297][T10691] usb 4-1: config 0 descriptor??
[  519.351286][T12759] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  519.362503][T10691] f81534 4-1:0.12: unsupported endpoint max packet size
[  519.479902][T12788] netlink: 'syz.2.1850': attribute type 5 has an invalid length.
[  519.548470][T12792] loop5: detected capacity change from 0 to 7
[  519.555306][T12792]  loop5: [POWERTEC] p1 p2 p3 p4
[  519.560763][T12792] loop5: p1 size 1680801792 extends beyond EOD, truncated
[  519.571404][T12792] loop5: p2 start 1642070016 is beyond EOD, truncated
[  519.600944][T12792] loop5: p3 start 3696083513 is beyond EOD, truncated
[  519.642655][T12772] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  519.654542][T12772] Cannot find add_set index 0 as target
[  519.667749][T12792] loop5: p4 start 3968532779 is beyond EOD, truncated
[  519.732078][T12792] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  519.817404][T12792] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  520.089746][T12805] FAULT_INJECTION: forcing a failure.
[  520.089746][T12805] name failslab, interval 1, probability 0, space 0, times 0
[  520.102656][T12805] CPU: 0 UID: 0 PID: 12805 Comm: syz.1.1856 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  520.102681][T12805] Tainted: [L]=SOFTLOCKUP
[  520.102687][T12805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  520.102697][T12805] Call Trace:
[  520.102703][T12805]  <TASK>
[  520.102711][T12805]  dump_stack_lvl+0xe8/0x150
[  520.102738][T12805]  should_fail_ex+0x412/0x560
[  520.102764][T12805]  should_failslab+0xa8/0x100
[  520.102785][T12805]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  520.102803][T12805]  ? __alloc_skb+0x186/0x7d0
[  520.102818][T12805]  ? __alloc_skb+0x1d0/0x7d0
[  520.102832][T12805]  ? __local_bh_enable_ip+0xd0/0x130
[  520.102855][T12805]  __alloc_skb+0x1d0/0x7d0
[  520.102875][T12805]  netlink_sendmsg+0x5d4/0xb40
[  520.102905][T12805]  ? __pfx_netlink_sendmsg+0x10/0x10
[  520.102930][T12805]  ? aa_sock_msg_perm+0xf1/0x1b0
[  520.102953][T12805]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  520.102975][T12805]  ____sys_sendmsg+0x972/0x9f0
[  520.103000][T12805]  ? __pfx_____sys_sendmsg+0x10/0x10
[  520.103022][T12805]  ? kstrtoull+0x12f/0x1d0
[  520.103049][T12805]  ___sys_sendmsg+0x2a5/0x360
[  520.103072][T12805]  ? __pfx____sys_sendmsg+0x10/0x10
[  520.103092][T12805]  ? get_pid_task+0x20/0x1f0
[  520.103106][T12805]  ? get_pid_task+0x20/0x1f0
[  520.103119][T12805]  ? get_pid_task+0x20/0x1f0
[  520.103157][T12805]  ? __fget_files+0x2a/0x420
[  520.103178][T12805]  ? __fget_files+0x3a0/0x420
[  520.103208][T12805]  __sys_sendmsg+0x183/0x260
[  520.103227][T12805]  ? __pfx___sys_sendmsg+0x10/0x10
[  520.103264][T12805]  __do_fast_syscall_32+0x20d/0x640
[  520.103284][T12805]  ? do_fast_syscall_32+0x33/0x70
[  520.103301][T12805]  ? asm_int80_emulation+0x1a/0x20
[  520.103316][T12805]  ? do_int80_emulation+0x274/0x4d0
[  520.103333][T12805]  ? trace_irq_disable+0x3b/0x150
[  520.103357][T12805]  do_fast_syscall_32+0x33/0x70
[  520.103375][T12805]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  520.103394][T12805] RIP: 0023:0xf7f67f6c
[  520.103409][T12805] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  520.103423][T12805] RSP: 002b:00000000f542650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  520.103441][T12805] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080003e00
[  520.103453][T12805] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  520.103463][T12805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  520.103472][T12805] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  520.103482][T12805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  520.103512][T12805]  </TASK>
[  520.382076][   T24] usb 4-1: USB disconnect, device number 35
[  520.521932][T12811] FAULT_INJECTION: forcing a failure.
[  520.521932][T12811] name failslab, interval 1, probability 0, space 0, times 0
[  520.538389][T12810] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3918892086 (125404546752 ns) > initial count (95458267904 ns). Using initial count to start timer.
[  520.557983][T12810] FAULT_INJECTION: forcing a failure.
[  520.557983][T12810] name failslab, interval 1, probability 0, space 0, times 0
[  520.570642][T12810] CPU: 0 UID: 0 PID: 12810 Comm: syz.4.1857 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  520.570666][T12810] Tainted: [L]=SOFTLOCKUP
[  520.570671][T12810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  520.570678][T12810] Call Trace:
[  520.570685][T12810]  <TASK>
[  520.570691][T12810]  dump_stack_lvl+0xe8/0x150
[  520.570716][T12810]  should_fail_ex+0x412/0x560
[  520.570741][T12810]  should_failslab+0xa8/0x100
[  520.570762][T12810]  __kmalloc_noprof+0xe8/0x760
[  520.570779][T12810]  ? tomoyo_encode+0x28b/0x550
[  520.570803][T12810]  tomoyo_encode+0x28b/0x550
[  520.570828][T12810]  tomoyo_realpath_from_path+0x58d/0x5d0
[  520.570859][T12810]  ? tomoyo_path_number_perm+0x219/0x630
[  520.570879][T12810]  tomoyo_path_number_perm+0x246/0x630
[  520.570902][T12810]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  520.570924][T12810]  ? __lock_acquire+0x6b5/0x2cf0
[  520.570974][T12810]  ? __fget_files+0x2a/0x420
[  520.570999][T12810]  ? __fget_files+0x3a0/0x420
[  520.571019][T12810]  ? __fget_files+0x2a/0x420
[  520.571057][T12810]  security_file_ioctl_compat+0xc3/0x2a0
[  520.571080][T12810]  __ia32_compat_sys_ioctl+0x139/0x950
[  520.571103][T12810]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  520.571125][T12810]  ? __fget_files+0x3a0/0x420
[  520.571152][T12810]  ? fput+0xa0/0xd0
[  520.571173][T12810]  ? ksys_write+0x242/0x270
[  520.571199][T12810]  __do_fast_syscall_32+0x20d/0x640
[  520.571221][T12810]  ? do_fast_syscall_32+0x33/0x70
[  520.571238][T12810]  ? asm_int80_emulation+0x1a/0x20
[  520.571253][T12810]  ? do_int80_emulation+0x274/0x4d0
[  520.571269][T12810]  ? trace_irq_disable+0x3b/0x150
[  520.571295][T12810]  do_fast_syscall_32+0x33/0x70
[  520.571314][T12810]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  520.571334][T12810] RIP: 0023:0xf7ff4f6c
[  520.571350][T12810] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  520.571363][T12810] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  520.571381][T12810] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000008400ae8e
[  520.571392][T12810] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[  520.571402][T12810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  520.571412][T12810] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  520.571421][T12810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  520.571445][T12810]  </TASK>
[  520.571464][T12810] ERROR: Out of memory at tomoyo_realpath_from_path.
[  520.594920][T12811] CPU: 1 UID: 0 PID: 12811 Comm: syz.3.1859 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  520.594947][T12811] Tainted: [L]=SOFTLOCKUP
[  520.594953][T12811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  520.594964][T12811] Call Trace:
[  520.594971][T12811]  <TASK>
[  520.594978][T12811]  dump_stack_lvl+0xe8/0x150
[  520.595006][T12811]  should_fail_ex+0x412/0x560
[  520.595032][T12811]  should_failslab+0xa8/0x100
[  520.595054][T12811]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  520.595072][T12811]  ? __alloc_skb+0x186/0x7d0
[  520.595086][T12811]  ? __alloc_skb+0x1d0/0x7d0
[  520.595100][T12811]  ? __local_bh_enable_ip+0xd0/0x130
[  520.595123][T12811]  __alloc_skb+0x1d0/0x7d0
[  520.595142][T12811]  netlink_sendmsg+0x5d4/0xb40
[  520.595172][T12811]  ? __pfx_netlink_sendmsg+0x10/0x10
[  520.595196][T12811]  ? aa_sock_msg_perm+0xf1/0x1b0
[  520.595220][T12811]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  520.595240][T12811]  ____sys_sendmsg+0x972/0x9f0
[  520.595265][T12811]  ? __pfx_____sys_sendmsg+0x10/0x10
[  520.595285][T12811]  ? kstrtoull+0x12f/0x1d0
[  520.595312][T12811]  ___sys_sendmsg+0x2a5/0x360
[  520.595333][T12811]  ? __pfx____sys_sendmsg+0x10/0x10
[  520.595353][T12811]  ? get_pid_task+0x20/0x1f0
[  520.595368][T12811]  ? get_pid_task+0x20/0x1f0
[  520.595380][T12811]  ? get_pid_task+0x20/0x1f0
[  520.595416][T12811]  ? __fget_files+0x2a/0x420
[  520.595437][T12811]  ? __fget_files+0x3a0/0x420
[  520.595466][T12811]  __sys_sendmsg+0x183/0x260
[  520.595486][T12811]  ? __pfx___sys_sendmsg+0x10/0x10
[  520.595521][T12811]  __do_fast_syscall_32+0x20d/0x640
[  520.595548][T12811]  ? do_fast_syscall_32+0x33/0x70
[  520.595564][T12811]  ? asm_int80_emulation+0x1a/0x20
[  520.595579][T12811]  ? do_int80_emulation+0x274/0x4d0
[  520.595596][T12811]  ? trace_irq_disable+0x3b/0x150
[  520.595620][T12811]  do_fast_syscall_32+0x33/0x70
[  520.595638][T12811]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  520.595657][T12811] RIP: 0023:0xf701ef6c
[  520.595671][T12811] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  520.595684][T12811] RSP: 002b:00000000f540d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  520.595701][T12811] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003740
[  520.595712][T12811] RDX: 000000002c048010 RSI: 0000000000000000 RDI: 0000000000000000
[  520.595722][T12811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  520.595732][T12811] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  520.595742][T12811] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  520.595765][T12811]  </TASK>
[  520.723751][   T24] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  521.203804][ T5193]  loop5: [POWERTEC] p1 p2 p3 p4
[  521.208942][ T5193] loop5: p1 size 1680801792 extends beyond EOD, truncated
[  521.260495][ T5193] loop5: p2 start 1642070016 is beyond EOD, truncated
[  521.273781][   T24] usb 2-1: Using ep0 maxpacket: 32
[  521.279400][T12817] FAULT_INJECTION: forcing a failure.
[  521.279400][T12817] name failslab, interval 1, probability 0, space 0, times 0
[  521.297934][ T5193] loop5: p3 start 3696083513 is beyond EOD, truncated
[  521.310061][ T5193] loop5: p4 start 3968532779 is beyond EOD, truncated
[  521.327594][T12818] netlink: 'syz.3.1860': attribute type 2 has an invalid length.
[  521.468666][   T24] usb 2-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  521.483839][   T24] usb 2-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  521.496652][T12817] CPU: 0 UID: 0 PID: 12817 Comm: syz.5.1861 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  521.496677][T12817] Tainted: [L]=SOFTLOCKUP
[  521.496683][T12817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  521.496692][T12817] Call Trace:
[  521.496699][T12817]  <TASK>
[  521.496707][T12817]  dump_stack_lvl+0xe8/0x150
[  521.496732][T12817]  should_fail_ex+0x412/0x560
[  521.496757][T12817]  should_failslab+0xa8/0x100
[  521.496778][T12817]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  521.496797][T12817]  ? __alloc_skb+0x1d0/0x7d0
[  521.496811][T12817]  ? __local_bh_enable_ip+0xd0/0x130
[  521.496834][T12817]  __alloc_skb+0x1d0/0x7d0
[  521.496848][T12817]  ? atomic_notifier_call_chain+0x26/0x180
[  521.496866][T12817]  ? atomic_notifier_call_chain+0x26/0x180
[  521.496889][T12817]  mroute_netlink_event+0xb6/0x190
[  521.496977][T12817]  mroute_clean_tables+0x11d4/0x1950
[  521.497013][T12817]  ? mroute_clean_tables+0x576/0x1950
[  521.497040][T12817]  ? __pfx_mroute_clean_tables+0x10/0x10
[  521.497069][T12817]  ? _copy_from_user+0x94/0xb0
[  521.497089][T12817]  ip_mroute_setsockopt+0xb0e/0xff0
[  521.497110][T12817]  ? kstrtouint+0x6e/0xe0
[  521.497133][T12817]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  521.497172][T12817]  do_ip_setsockopt+0xf1e/0x2ea0
[  521.497200][T12817]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  521.497222][T12817]  ? aa_sk_perm+0x6d5/0x900
[  521.497248][T12817]  ? __pfx_aa_sk_perm+0x10/0x10
[  521.497269][T12817]  ? aa_sock_opt_perm+0xff/0x1a0
[  521.497292][T12817]  ip_setsockopt+0x66/0x110
[  521.497309][T12817]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  521.497330][T12817]  do_sock_setsockopt+0x17c/0x1b0
[  521.497351][T12817]  __ia32_sys_setsockopt+0x13d/0x1b0
[  521.497372][T12817]  __do_fast_syscall_32+0x20d/0x640
[  521.497390][T12817]  ? do_fast_syscall_32+0x33/0x70
[  521.497428][T12817]  ? asm_int80_emulation+0x1a/0x20
[  521.497442][T12817]  ? do_int80_emulation+0x274/0x4d0
[  521.497458][T12817]  ? trace_irq_disable+0x3b/0x150
[  521.497483][T12817]  do_fast_syscall_32+0x33/0x70
[  521.497501][T12817]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  521.497519][T12817] RIP: 0023:0xf7f02f6c
[  521.497534][T12817] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  521.497548][T12817] RSP: 002b:00000000f53c650c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  521.497565][T12817] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  521.497576][T12817] RDX: 00000000000000d4 RSI: 00000000800003c0 RDI: 0000000000000004
[  521.497586][T12817] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  521.497594][T12817] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  521.497604][T12817] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  521.497629][T12817]  </TASK>
[  521.783882][   T24] usb 2-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  521.795092][   T24] usb 2-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  521.810441][T12818] : entered promiscuous mode
[  521.838162][   T24] usb 2-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  521.847476][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.873795][ T5193]  loop5: [POWERTEC] p1 p2 p3 p4
[  521.878903][ T5193] loop5: p1 size 1680801792 extends beyond EOD, truncated
[  521.888729][   T24] usb 2-1: Product: syz
[  521.892898][   T24] usb 2-1: Manufacturer: syz
[  521.916268][ T5193] loop5: p2 start 1642070016 is beyond EOD, truncated
[  521.927382][   T24] usb 2-1: SerialNumber: syz
[  521.944824][ T5193] loop5: p3 start 3696083513 is beyond EOD, truncated
[  521.973154][    C1] imon 2-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  521.994116][T12822] FAULT_INJECTION: forcing a failure.
[  521.994116][T12822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.007249][ T5193] loop5: p4 start 3968532779 is beyond EOD, truncated
[  522.028560][   T24] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:155.0/input/input28
[  522.049642][T12822] CPU: 1 UID: 0 PID: 12822 Comm: syz.5.1863 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  522.049660][T12822] Tainted: [L]=SOFTLOCKUP
[  522.049663][T12822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  522.049670][T12822] Call Trace:
[  522.049674][T12822]  <TASK>
[  522.049679][T12822]  dump_stack_lvl+0xe8/0x150
[  522.049697][T12822]  should_fail_ex+0x412/0x560
[  522.049715][T12822]  _copy_to_user+0x31/0xb0
[  522.049727][T12822]  simple_read_from_buffer+0xe1/0x170
[  522.049744][T12822]  proc_fail_nth_read+0x1bb/0x230
[  522.049761][T12822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  522.049776][T12822]  ? rw_verify_area+0x2a6/0x4d0
[  522.049786][T12822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  522.049800][T12822]  vfs_read+0x20c/0xa70
[  522.049809][T12822]  ? fdget_pos+0x246/0x320
[  522.049826][T12822]  ? __pfx___mutex_lock+0x10/0x10
[  522.049844][T12822]  ? __pfx_vfs_read+0x10/0x10
[  522.049855][T12822]  ? __fget_files+0x2a/0x420
[  522.049870][T12822]  ? __fget_files+0x3a0/0x420
[  522.049883][T12822]  ? __fget_files+0x2a/0x420
[  522.049900][T12822]  ksys_read+0x150/0x270
[  522.049911][T12822]  ? __pfx_ksys_read+0x10/0x10
[  522.049924][T12822]  ? asm_int80_emulation+0x1a/0x20
[  522.049936][T12822]  do_int80_emulation+0x173/0x4d0
[  522.049947][T12822]  ? trace_irq_disable+0x3b/0x150
[  522.049961][T12822]  ? asm_int80_emulation+0x1a/0x20
[  522.049969][T12822]  ? clear_bhb_loop+0x40/0x90
[  522.049979][T12822]  ? clear_bhb_loop+0x40/0x90
[  522.049990][T12822]  asm_int80_emulation+0x1a/0x20
[  522.049999][T12822] RIP: 0023:0xf7105cab
[  522.050009][T12822] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  522.050017][T12822] RSP: 002b:00000000f53c64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  522.050028][T12822] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53c65d0
[  522.050035][T12822] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  522.050040][T12822] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  522.050046][T12822] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  522.050051][T12822] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  522.050065][T12822]  </TASK>
[  522.363774][   T24] imon 2-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  522.372124][   T24]  (id 0x00)
[  522.387272][ T5193]  loop5: [POWERTEC] p1 p2 p3 p4
[  522.392372][ T5193] loop5: p1 size 1680801792 extends beyond EOD, truncated
[  522.400887][ T5193] loop5: p2 start 1642070016 is beyond EOD, truncated
[  522.408895][ T5193] loop5: p3 start 3696083513 is beyond EOD, truncated
[  522.415945][ T5193] loop5: p4 start 3968532779 is beyond EOD, truncated
[  522.493940][   T24] rc_core: IR keymap rc-imon-pad not found
[  522.500191][   T24] Registered IR keymap rc-empty
[  522.505357][   T24] imon 2-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  522.524264][   T24] imon 2-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  522.571252][   T24] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:155.0/rc/rc0
[  522.586806][   T24] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:155.0/rc/rc0/input29
[  522.632312][   T24] imon 2-1:155.0: iMON device (15c2:ffdc, intf0) on usb<2:47> initialized
[  522.656588][ T7352] udevd[7352]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  522.830175][   T24] usb 2-1: USB disconnect, device number 47
[  523.085215][ T5902] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  523.210146][T12853] __nla_validate_parse: 3 callbacks suppressed
[  523.210163][T12853] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1874'.
[  523.265627][ T5902] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  523.275501][ T5902] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.294128][ T5902] usb 6-1: config 0 descriptor??
[  523.319059][ T5902] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  523.350183][T12855] netlink: 324 bytes leftover after parsing attributes in process `syz.2.1875'.
[  523.663833][   T10] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  523.814245][   T10] usb 4-1: Using ep0 maxpacket: 16
[  523.831861][   T10] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  523.870215][   T10] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  523.893362][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  523.940665][   T10] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  523.959225][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.993640][   T10] usb 4-1: config 0 descriptor??
[  524.124719][T12871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1881'.
[  524.145219][ T5902] gspca_stv06xx: I2C: Read error writing address: -71
[  524.150910][T12872] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan1, syncid = 0, id = 0
[  524.158037][ T5902] usb 6-1: USB disconnect, device number 48
[  524.352206][   T24] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  524.416283][   T10] usbhid 4-1:0.0: can't add hid device: -71
[  524.422334][   T10] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  524.437049][   T10] usb 4-1: USB disconnect, device number 36
[  524.450889][T12874] FAULT_INJECTION: forcing a failure.
[  524.450889][T12874] name failslab, interval 1, probability 0, space 0, times 0
[  524.470249][T12874] CPU: 0 UID: 0 PID: 12874 Comm: syz.1.1882 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  524.470277][T12874] Tainted: [L]=SOFTLOCKUP
[  524.470283][T12874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  524.470293][T12874] Call Trace:
[  524.470300][T12874]  <TASK>
[  524.470309][T12874]  dump_stack_lvl+0xe8/0x150
[  524.470336][T12874]  should_fail_ex+0x412/0x560
[  524.470362][T12874]  should_failslab+0xa8/0x100
[  524.470382][T12874]  ? proc_reg_open+0x1f4/0x540
[  524.470398][T12874]  kmem_cache_alloc_noprof+0x87/0x650
[  524.470423][T12874]  proc_reg_open+0x1f4/0x540
[  524.470440][T12874]  ? __pfx_proc_reg_open+0x10/0x10
[  524.470455][T12874]  do_dentry_open+0x785/0x14e0
[  524.470488][T12874]  vfs_open+0x3b/0x340
[  524.470506][T12874]  ? path_openat+0x2df0/0x3860
[  524.470525][T12874]  path_openat+0x2e08/0x3860
[  524.470580][T12874]  ? __pfx_path_openat+0x10/0x10
[  524.470595][T12874]  ? __ia32_compat_sys_openat+0x131/0x160
[  524.470626][T12874]  ? __lock_acquire+0x6b5/0x2cf0
[  524.470651][T12874]  do_file_open+0x23e/0x4a0
[  524.470673][T12874]  ? __pfx_do_file_open+0x10/0x10
[  524.470698][T12874]  ? __pfx_kfree_link+0x10/0x10
[  524.470726][T12874]  ? _raw_spin_unlock+0x28/0x50
[  524.470752][T12874]  ? alloc_fd+0x64b/0x6c0
[  524.470782][T12874]  do_sys_openat2+0x113/0x200
[  524.470805][T12874]  ? __pfx_do_sys_openat2+0x10/0x10
[  524.470828][T12874]  ? ksys_write+0x242/0x270
[  524.470846][T12874]  ? __pfx_ksys_write+0x10/0x10
[  524.470866][T12874]  __ia32_compat_sys_openat+0x131/0x160
[  524.470893][T12874]  do_int80_emulation+0x173/0x4d0
[  524.470910][T12874]  ? trace_irq_disable+0x3b/0x150
[  524.470931][T12874]  ? asm_int80_emulation+0x1a/0x20
[  524.470946][T12874]  ? clear_bhb_loop+0x40/0x90
[  524.470961][T12874]  ? clear_bhb_loop+0x40/0x90
[  524.470980][T12874]  asm_int80_emulation+0x1a/0x20
[  524.470995][T12874] RIP: 0023:0xf7165cab
[  524.471010][T12874] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  524.471023][T12874] RSP: 002b:00000000f54263cc EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  524.471042][T12874] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5426490
[  524.471053][T12874] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  524.471063][T12874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  524.471072][T12874] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  524.471081][T12874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  524.471105][T12874]  </TASK>
[  524.743744][   T24] usb 5-1: Using ep0 maxpacket: 16
[  524.750370][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  524.761805][   T24] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  524.782757][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.847670][   T24] usb 5-1: config 0 descriptor??
[  525.049294][T12885] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1884'.
[  525.414573][   T24] mcp2221 0003:04D8:00DD.0007: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  525.571563][   T24] usb 5-1: USB disconnect, device number 60
[  525.578454][T12890] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  525.707117][T12880] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1885'.
[  526.437746][T12900] loop5: detected capacity change from 0 to 3
[  526.447443][ T7352] Dev loop5: unable to read RDB block 3
[  526.455729][ T7352]  loop5: unable to read partition table
[  526.753802][   T10] usb 5-1: new full-speed USB device number 61 using dummy_hcd
[  526.893840][   T10] usb 5-1: device descriptor read/64, error -71
[  526.909982][ T7352] loop5: partition table beyond EOD, truncated
[  526.922617][T12900] Dev loop5: unable to read RDB block 3
[  526.928361][T12900]  loop5: unable to read partition table
[  526.934670][T12900] loop5: partition table beyond EOD, truncated
[  526.940983][T12900] loop_reread_partitions: partition scan of loop5 (ūčĸĢxü—ŸŅā– ) failed (rc=-5)
[  527.133816][   T10] usb 5-1: new full-speed USB device number 62 using dummy_hcd
[  527.274597][   T10] usb 5-1: device descriptor read/64, error -71
[  527.411000][   T10] usb usb5-port1: attempt power cycle
[  527.774589][   T10] usb 5-1: new full-speed USB device number 63 using dummy_hcd
[  527.794945][   T10] usb 5-1: device descriptor read/8, error -71
[  528.033765][   T10] usb 5-1: new full-speed USB device number 64 using dummy_hcd
[  528.079599][   T10] usb 5-1: device descriptor read/8, error -71
[  528.090252][T10691] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  528.354185][   T10] usb usb5-port1: unable to enumerate USB device
[  528.354483][T10691] usb 2-1: unable to get BOS descriptor or descriptor too short
[  528.388694][T10691] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  528.409059][T10691] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9
[  528.429374][T10691] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  528.453716][T10691] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  528.481193][T10691] usb 2-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  528.491970][T10691] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.500284][T10691] usb 2-1: Product: syz
[  528.506999][T10691] usb 2-1: Manufacturer: syz
[  528.511602][T10691] usb 2-1: SerialNumber: syz
[  528.519524][T10691] usb 2-1: config 0 descriptor??
[  528.613297][T12920] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  528.641406][    C1] usb 2-1: NFC: Urb failure (status -71)
[  528.652886][T10691] usb 2-1: NFC: Unable to get FW version
[  528.661366][T10691] pn533_usb 2-1:0.0: probe with driver pn533_usb failed with error -90
[  528.837290][T12932] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  528.848711][T12920] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  528.865866][T10691] usb 2-1: USB disconnect, device number 48
[  529.170424][T12947] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  529.457360][T12948] netlink: 'syz.5.1903': attribute type 27 has an invalid length.
[  530.791867][T12969] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=6 (12 ns) > initial count (2 ns). Using initial count to start timer.
[  531.259189][T12983] syzkaller0: entered promiscuous mode
[  531.274408][T12983] syzkaller0: entered allmulticast mode
[  531.573761][   T24] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  531.595058][T13005] tipc: Can't bind to reserved service type 2
[  531.608085][T13005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1921'.
[  531.659668][T13009] netlink: 'syz.2.1919': attribute type 27 has an invalid length.
[  531.725665][   T24] usb 6-1: Using ep0 maxpacket: 16
[  531.740890][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  531.765380][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  531.780827][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  531.803284][   T24] usb 6-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  531.818475][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.929026][T13014] batman_adv: batadv0: Removing interface: batadv_slave_0
[  531.967083][T13014] batman_adv: batadv0: Removing interface: batadv_slave_1
[  531.997741][   T24] usb 6-1: config 0 descriptor??
[  532.832312][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  532.839706][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  532.868143][   T24] usb 6-1: USB disconnect, device number 49
[  532.984800][T13024] syzkaller0: entered promiscuous mode
[  532.990386][T13024] syzkaller0: entered allmulticast mode
[  534.680048][T13054] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1936'.
[  534.703835][ T1597] usb 5-1: new full-speed USB device number 65 using dummy_hcd
[  534.865788][ T1597] usb 5-1: config 0 has no interfaces?
[  534.871312][ T1597] usb 5-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[  534.893165][ T1597] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.956922][ T1597] usb 5-1: config 0 descriptor??
[  535.978621][T13085] FAULT_INJECTION: forcing a failure.
[  535.978621][T13085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  536.041001][T13085] CPU: 1 UID: 0 PID: 13085 Comm: syz.5.1946 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  536.041029][T13085] Tainted: [L]=SOFTLOCKUP
[  536.041035][T13085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  536.041045][T13085] Call Trace:
[  536.041053][T13085]  <TASK>
[  536.041060][T13085]  dump_stack_lvl+0xe8/0x150
[  536.041086][T13085]  should_fail_ex+0x412/0x560
[  536.041116][T13085]  _copy_to_user+0x31/0xb0
[  536.041134][T13085]  simple_read_from_buffer+0xe1/0x170
[  536.041161][T13085]  proc_fail_nth_read+0x1bb/0x230
[  536.041189][T13085]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  536.041206][T13085]  ? rw_verify_area+0x2a6/0x4d0
[  536.041216][T13085]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  536.041230][T13085]  vfs_read+0x20c/0xa70
[  536.041239][T13085]  ? __fget_files+0x2a/0x420
[  536.041252][T13085]  ? fdget_pos+0x246/0x320
[  536.041267][T13085]  ? __pfx___mutex_lock+0x10/0x10
[  536.041279][T13085]  ? __pfx_vfs_read+0x10/0x10
[  536.041290][T13085]  ? __fget_files+0x2a/0x420
[  536.041305][T13085]  ? __fget_files+0x3a0/0x420
[  536.041318][T13085]  ? __fget_files+0x2a/0x420
[  536.041336][T13085]  ksys_read+0x150/0x270
[  536.041347][T13085]  ? __pfx_ksys_read+0x10/0x10
[  536.041359][T13085]  ? asm_int80_emulation+0x1a/0x20
[  536.041371][T13085]  do_int80_emulation+0x173/0x4d0
[  536.041383][T13085]  ? trace_irq_disable+0x3b/0x150
[  536.041396][T13085]  ? asm_int80_emulation+0x1a/0x20
[  536.041405][T13085]  ? clear_bhb_loop+0x40/0x90
[  536.041414][T13085]  ? clear_bhb_loop+0x40/0x90
[  536.041426][T13085]  asm_int80_emulation+0x1a/0x20
[  536.041437][T13085] RIP: 0023:0xf7105cab
[  536.041447][T13085] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  536.041456][T13085] RSP: 002b:00000000f53c64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  536.041467][T13085] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53c65d0
[  536.041474][T13085] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  536.041479][T13085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  536.041485][T13085] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  536.041491][T13085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  536.041505][T13085]  </TASK>
[  536.450772][T13086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1945'.
[  536.636724][T13093] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1949'.
[  536.661564][T13091] binder: BINDER_SET_CONTEXT_MGR already set
[  536.668175][T13091] binder: 13090:13091 ioctl 4018620d 80000040 returned -16
[  536.680897][T13093] bridge2: entered promiscuous mode
[  536.687890][T13093] bridge2: left promiscuous mode
[  537.163793][ T5888] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  537.317921][ T5888] usb 6-1: unable to get BOS descriptor or descriptor too short
[  537.326798][ T5888] usb 6-1: config 9 has an invalid interface number: 242 but max is 0
[  537.335348][ T5888] usb 6-1: config 9 has no interface number 0
[  537.341597][ T5888] usb 6-1: config 9 interface 242 has no altsetting 0
[  537.350374][ T5888] usb 6-1: New USB device found, idVendor=0af0, idProduct=7041, bcdDevice=d0.f9
[  537.360087][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  537.368313][ T5888] usb 6-1: Product: syz
[  537.372538][ T5888] usb 6-1: Manufacturer: syz
[  537.377506][ T5888] usb 6-1: SerialNumber: syz
[  537.430796][ T5902] usb 5-1: USB disconnect, device number 65
[  537.533173][T13116] program syz.2.1956 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  537.631439][ T5888] usb 6-1: USB disconnect, device number 50
[  537.666991][T13121] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1957'.
[  537.676369][T13121] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1957'.
[  537.878743][T13126] xt_nat: multiple ranges no longer supported
[  538.297599][T13143] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1964'.
[  538.386420][T13144] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1963'.
[  539.033786][ T1597] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  539.198134][ T1597] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  539.207518][ T1597] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  539.244656][ T1597] usb 4-1: Product: syz
[  539.273780][ T1597] usb 4-1: SerialNumber: syz
[  539.282328][ T1597] usb 4-1: config 0 descriptor??
[  539.299262][ T1597] hso 4-1:0.0: Not our interface
[  539.341569][T13162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  539.354002][T13162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  539.420486][T13162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  539.431584][T13162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  539.443285][T13162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  539.456427][T13162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  539.500126][T13153] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  539.515625][T13153] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  539.532848][ T1597] usb 4-1: USB disconnect, device number 37
[  539.712345][T13185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1980'.
[  539.847137][T13189] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1981'.
[  540.608682][   T10] usb 4-1: new low-speed USB device number 38 using dummy_hcd
[  540.775559][   T10] usb 4-1: device descriptor read/64, error -71
[  540.840372][T13194] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1983'.
[  541.084132][   T10] usb 4-1: new low-speed USB device number 39 using dummy_hcd
[  541.093846][T13211] syzkaller0: entered promiscuous mode
[  541.103845][T13211] syzkaller0: entered allmulticast mode
[  541.243796][   T10] usb 4-1: device descriptor read/64, error -71
[  541.355689][   T10] usb usb4-port1: attempt power cycle
[  541.403228][T13223] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1993'.
[  541.714150][   T10] usb 4-1: new low-speed USB device number 40 using dummy_hcd
[  542.369058][   T10] usb 4-1: device descriptor read/8, error -71
[  542.670164][T13246] FAULT_INJECTION: forcing a failure.
[  542.670164][T13246] name failslab, interval 1, probability 0, space 0, times 0
[  542.670209][T13246] CPU: 1 UID: 0 PID: 13246 Comm: syz.4.1999 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  542.670232][T13246] Tainted: [L]=SOFTLOCKUP
[  542.670238][T13246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  542.670248][T13246] Call Trace:
[  542.670255][T13246]  <TASK>
[  542.670263][T13246]  dump_stack_lvl+0xe8/0x150
[  542.670289][T13246]  should_fail_ex+0x412/0x560
[  542.670317][T13246]  should_failslab+0xa8/0x100
[  542.670338][T13246]  __kmalloc_noprof+0xe8/0x760
[  542.670357][T13246]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  542.670385][T13246]  tomoyo_realpath_from_path+0xe3/0x5d0
[  542.670416][T13246]  ? tomoyo_path_number_perm+0x219/0x630
[  542.670436][T13246]  tomoyo_path_number_perm+0x246/0x630
[  542.670459][T13246]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  542.670482][T13246]  ? __lock_acquire+0x6b5/0x2cf0
[  542.670532][T13246]  ? __fget_files+0x2a/0x420
[  542.670558][T13246]  ? __fget_files+0x3a0/0x420
[  542.670578][T13246]  ? __fget_files+0x2a/0x420
[  542.670603][T13246]  security_file_ioctl_compat+0xc3/0x2a0
[  542.670625][T13246]  __ia32_compat_sys_ioctl+0x139/0x950
[  542.670648][T13246]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  542.670670][T13246]  ? __fget_files+0x3a0/0x420
[  542.670695][T13246]  ? fput+0xa0/0xd0
[  542.670718][T13246]  ? ksys_write+0x242/0x270
[  542.670747][T13246]  __do_fast_syscall_32+0x20d/0x640
[  542.670775][T13246]  ? do_fast_syscall_32+0x33/0x70
[  542.670792][T13246]  ? asm_int80_emulation+0x1a/0x20
[  542.670808][T13246]  ? do_int80_emulation+0x274/0x4d0
[  542.670825][T13246]  ? trace_irq_disable+0x3b/0x150
[  542.670850][T13246]  do_fast_syscall_32+0x33/0x70
[  542.670869][T13246]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  542.670888][T13246] RIP: 0023:0xf7ff4f6c
[  542.670904][T13246] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  542.670918][T13246] RSP: 002b:00000000f54b650c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  542.670936][T13246] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c1105517
[  542.670947][T13246] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000
[  542.670957][T13246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  542.670967][T13246] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  542.670977][T13246] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  542.671002][T13246]  </TASK>
[  542.671010][T13246] ERROR: Out of memory at tomoyo_realpath_from_path.
[  542.724057][   T10] usb 4-1: new low-speed USB device number 41 using dummy_hcd
[  542.744439][   T10] usb 4-1: device descriptor read/8, error -71
[  542.865470][   T10] usb usb4-port1: unable to enumerate USB device
[  543.097692][T13264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2005'.
[  543.184856][T13266] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2007'.
[  543.188742][T13266] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  544.133765][ T5888] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  544.343846][ T5888] usb 2-1: Using ep0 maxpacket: 8
[  544.356207][ T5888] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  544.356246][ T5888] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  544.356259][ T5888] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  544.356271][ T5888] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  544.356283][ T5888] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  544.356306][ T5888] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  544.356317][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.641055][ T5888] usb 2-1: GET_CAPABILITIES returned 35
[  544.641086][ T5888] usbtmc 2-1:16.0: can't read capabilities
[  544.863098][T13282] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  544.863572][T13282] syzkaller0: entered promiscuous mode
[  544.863585][T13282] syzkaller0: entered allmulticast mode
[  544.883045][T13282] tipc: Resetting bearer <eth:syzkaller0>
[  544.892464][T13282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  544.892803][T13282] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  545.139968][T13298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2018'.
[  545.857005][T10689] tipc: Node number set to 938077966
[  546.261037][T13321] fuse: Bad value for 'fd'
[  546.911921][T13281] tipc: Resetting bearer <eth:syzkaller0>
[  547.085052][T13281] tipc: Disabling bearer <eth:syzkaller0>
[  547.129276][T13334] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2028'.
[  547.315689][ T1597] usb 2-1: USB disconnect, device number 49
[  547.698573][   T30] kauditd_printk_skb: 45 callbacks suppressed
[  547.698596][   T30] audit: type=1326 audit(1773779059.844:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  547.824226][   T30] audit: type=1326 audit(1773779059.844:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  547.919673][   T30] audit: type=1326 audit(1773779059.844:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  548.172134][T13347] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  548.229367][   T30] audit: type=1326 audit(1773779059.844:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  548.264061][   T30] audit: type=1326 audit(1773779059.844:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  548.287333][   T30] audit: type=1326 audit(1773779059.844:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  548.334015][   T30] audit: type=1326 audit(1773779059.844:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  548.383757][T13349] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2034'.
[  548.466105][   T30] audit: type=1326 audit(1773779059.844:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  548.587256][   T30] audit: type=1326 audit(1773779059.844:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  548.667355][   T30] audit: type=1326 audit(1773779059.844:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13341 comm="syz.1.2031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67f6c code=0x7ffc0000
[  549.047423][T13366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2037'.
[  549.090123][T13366] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2037'.
[  550.624071][T13394] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2044'.
[  552.417236][T13429] FAULT_INJECTION: forcing a failure.
[  552.417236][T13429] name failslab, interval 1, probability 0, space 0, times 0
[  552.431083][T13429] CPU: 0 UID: 0 PID: 13429 Comm: syz.1.2052 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  552.431100][T13429] Tainted: [L]=SOFTLOCKUP
[  552.431104][T13429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  552.431110][T13429] Call Trace:
[  552.431115][T13429]  <TASK>
[  552.431119][T13429]  dump_stack_lvl+0xe8/0x150
[  552.431137][T13429]  should_fail_ex+0x412/0x560
[  552.431158][T13429]  should_failslab+0xa8/0x100
[  552.431179][T13429]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  552.431196][T13429]  ? __alloc_skb+0x186/0x7d0
[  552.431211][T13429]  ? __alloc_skb+0x1d0/0x7d0
[  552.431224][T13429]  ? __local_bh_enable_ip+0xd0/0x130
[  552.431248][T13429]  __alloc_skb+0x1d0/0x7d0
[  552.431261][T13429]  netlink_sendmsg+0x5d4/0xb40
[  552.431280][T13429]  ? __pfx_netlink_sendmsg+0x10/0x10
[  552.431302][T13429]  ? aa_sock_msg_perm+0xf1/0x1b0
[  552.431317][T13429]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  552.431330][T13429]  ____sys_sendmsg+0x972/0x9f0
[  552.431345][T13429]  ? __pfx_____sys_sendmsg+0x10/0x10
[  552.431357][T13429]  ? kstrtoull+0x12f/0x1d0
[  552.431374][T13429]  ___sys_sendmsg+0x2a5/0x360
[  552.431388][T13429]  ? __pfx____sys_sendmsg+0x10/0x10
[  552.431403][T13429]  ? get_pid_task+0x20/0x1f0
[  552.431417][T13429]  ? get_pid_task+0x20/0x1f0
[  552.431430][T13429]  ? get_pid_task+0x20/0x1f0
[  552.431464][T13429]  ? __fget_files+0x2a/0x420
[  552.431485][T13429]  ? __fget_files+0x3a0/0x420
[  552.431515][T13429]  __sys_sendmsg+0x183/0x260
[  552.431532][T13429]  ? __pfx___sys_sendmsg+0x10/0x10
[  552.431552][T13429]  __do_fast_syscall_32+0x20d/0x640
[  552.431564][T13429]  ? do_fast_syscall_32+0x33/0x70
[  552.431574][T13429]  ? asm_int80_emulation+0x1a/0x20
[  552.431583][T13429]  ? do_int80_emulation+0x274/0x4d0
[  552.431593][T13429]  ? trace_irq_disable+0x3b/0x150
[  552.431609][T13429]  do_fast_syscall_32+0x33/0x70
[  552.431620][T13429]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  552.431631][T13429] RIP: 0023:0xf7f67f6c
[  552.431641][T13429] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  552.431649][T13429] RSP: 002b:00000000f542650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  552.431661][T13429] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  552.431667][T13429] RDX: 0000000006008040 RSI: 0000000000000000 RDI: 0000000000000000
[  552.431673][T13429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  552.431678][T13429] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  552.431684][T13429] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  552.431697][T13429]  </TASK>
[  552.748264][T13431] dlm: non-version read from control device 4096
[  552.757073][T13431] binder: BINDER_SET_CONTEXT_MGR already set
[  552.763051][T13431] binder: 13430:13431 ioctl 4018620d 80001000 returned -16
[  552.942559][T13437] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2056'.
[  553.275347][T13446] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2059'.
[  553.493477][   T24] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  553.528612][T13449] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2060'.
[  553.663763][   T24] usb 2-1: Using ep0 maxpacket: 32
[  553.670826][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  553.680392][   T24] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 65, changing to 7
[  553.692059][   T24] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 254, changing to 7
[  553.713077][   T24] usb 2-1: New USB device found, idVendor=0499, idProduct=105d, bcdDevice= 0.40
[  553.723302][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  553.732536][   T24] usb 2-1: Product: syz
[  553.736950][   T24] usb 2-1: SerialNumber: syz
[  554.036003][   T24] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  554.044680][   T24] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -2
[  554.072962][   T24] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  554.142530][   T24] snd-usb-audio 2-1:1.1: probe with driver snd-usb-audio failed with error -2
[  554.186916][   T24] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  554.585791][T10689] IPVS: starting estimator thread 0...
[  554.593142][T13471] netlink: 'syz.2.2065': attribute type 25 has an invalid length.
[  554.678316][   T24] snd-usb-audio 2-1:1.2: probe with driver snd-usb-audio failed with error -2
[  554.683921][T13473] IPVS: using max 33 ests per chain, 79200 per kthread
[  554.717743][T13475] netlink: 'syz.4.2064': attribute type 27 has an invalid length.
[  554.789515][   T24] usb 2-1: USB disconnect, device number 50
[  555.249042][T13483] FAULT_INJECTION: forcing a failure.
[  555.249042][T13483] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  555.297398][T13478] netlink: 'syz.1.2066': attribute type 1 has an invalid length.
[  555.314956][T13483] CPU: 1 UID: 0 PID: 13483 Comm: syz.3.2068 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  555.314984][T13483] Tainted: [L]=SOFTLOCKUP
[  555.314996][T13483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  555.315007][T13483] Call Trace:
[  555.315014][T13483]  <TASK>
[  555.315022][T13483]  dump_stack_lvl+0xe8/0x150
[  555.315048][T13483]  should_fail_ex+0x412/0x560
[  555.315075][T13483]  _copy_to_user+0x31/0xb0
[  555.315095][T13483]  simple_read_from_buffer+0xe1/0x170
[  555.315121][T13483]  proc_fail_nth_read+0x1bb/0x230
[  555.315145][T13483]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  555.315169][T13483]  ? rw_verify_area+0x2a6/0x4d0
[  555.315186][T13483]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  555.315208][T13483]  vfs_read+0x20c/0xa70
[  555.315232][T13483]  ? __pfx_vfs_read+0x10/0x10
[  555.315247][T13483]  ? bpf_lsm_socket_getsockopt+0x9/0x20
[  555.315265][T13483]  ? __pfx_raw_getsockopt+0x10/0x10
[  555.315383][T13483]  ? do_sock_getsockopt+0x2d3/0x3f0
[  555.315399][T13483]  ? fd_install+0x94/0x3d0
[  555.315422][T13483]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  555.315447][T13483]  ksys_read+0x150/0x270
[  555.315467][T13483]  ? __pfx_ksys_read+0x10/0x10
[  555.315487][T13483]  ? asm_int80_emulation+0x1a/0x20
[  555.315507][T13483]  do_int80_emulation+0x173/0x4d0
[  555.315525][T13483]  ? trace_irq_disable+0x3b/0x150
[  555.315545][T13483]  ? asm_int80_emulation+0x1a/0x20
[  555.315560][T13483]  ? clear_bhb_loop+0x40/0x90
[  555.315576][T13483]  ? clear_bhb_loop+0x40/0x90
[  555.315595][T13483]  asm_int80_emulation+0x1a/0x20
[  555.315611][T13483] RIP: 0023:0xf7155cab
[  555.315627][T13483] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  555.315641][T13483] RSP: 002b:00000000f540d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  555.315658][T13483] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f540d5d0
[  555.315670][T13483] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  555.315680][T13483] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  555.315689][T13483] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  555.315699][T13483] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  555.315723][T13483]  </TASK>
[  555.698902][T13489] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.709871][T13489] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.734229][T13489] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.747627][T13489] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.818718][T13495] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2070'.
[  555.830437][T13480] bond4: (slave bridge1): making interface the new active one
[  555.841581][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  555.841877][   T30] audit: type=1326 audit(1773779068.004:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  555.894483][T13480] bond4: (slave bridge1): Enslaving as an active interface with an up link
[  555.933960][   T30] audit: type=1326 audit(1773779068.004:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  555.973737][   T30] audit: type=1326 audit(1773779068.004:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7105cab code=0x7ffc0000
[  556.003772][   T30] audit: type=1326 audit(1773779068.004:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  556.026603][   T30] audit: type=1326 audit(1773779068.004:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  556.053732][   T30] audit: type=1326 audit(1773779068.014:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  556.095228][   T30] audit: type=1326 audit(1773779068.014:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  556.118776][   T24] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  556.127511][   T30] audit: type=1326 audit(1773779068.124:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  556.157223][   T30] audit: type=1326 audit(1773779068.204:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  556.180025][   T30] audit: type=1326 audit(1773779068.304:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.5.2072" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  556.481676][T13506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2074'.
[  556.583942][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.597985][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  556.620200][   T24] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  556.633907][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.838284][T13511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  556.854623][T13511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  556.865549][   T24] usb 6-1: config 0 descriptor??
[  556.969038][T13515] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  556.980467][T13515] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  557.199031][T13519] FAULT_INJECTION: forcing a failure.
[  557.199031][T13519] name failslab, interval 1, probability 0, space 0, times 0
[  557.254594][T13519] CPU: 0 UID: 0 PID: 13519 Comm: syz.2.2078 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  557.254623][T13519] Tainted: [L]=SOFTLOCKUP
[  557.254630][T13519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  557.254640][T13519] Call Trace:
[  557.254647][T13519]  <TASK>
[  557.254655][T13519]  dump_stack_lvl+0xe8/0x150
[  557.254682][T13519]  should_fail_ex+0x412/0x560
[  557.254709][T13519]  should_failslab+0xa8/0x100
[  557.254732][T13519]  __kmalloc_cache_noprof+0x88/0x660
[  557.254753][T13519]  ? ovs_ct_limit_cmd_set+0x2f7/0xb00
[  557.254871][T13519]  ? __kmalloc_cache_noprof+0x15b/0x660
[  557.254894][T13519]  ovs_ct_limit_cmd_set+0x2f7/0xb00
[  557.254927][T13519]  genl_family_rcv_msg_doit+0x22a/0x330
[  557.254954][T13519]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  557.254984][T13519]  ? bpf_lsm_capable+0x9/0x20
[  557.255005][T13519]  ? security_capable+0x7e/0x2c0
[  557.255066][T13519]  genl_rcv_msg+0x61c/0x7a0
[  557.255089][T13519]  ? __pfx_genl_rcv_msg+0x10/0x10
[  557.255106][T13519]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  557.255125][T13519]  ? __lock_acquire+0x6b5/0x2cf0
[  557.255154][T13519]  netlink_rcv_skb+0x232/0x4b0
[  557.255178][T13519]  ? __pfx_genl_rcv_msg+0x10/0x10
[  557.255198][T13519]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  557.255236][T13519]  ? down_read+0x272/0x2e0
[  557.255254][T13519]  ? genl_rcv+0xd/0x40
[  557.255273][T13519]  genl_rcv+0x28/0x40
[  557.255290][T13519]  netlink_unicast+0x80f/0x9b0
[  557.255326][T13519]  ? __pfx_netlink_unicast+0x10/0x10
[  557.255349][T13519]  ? netlink_sendmsg+0x650/0xb40
[  557.255372][T13519]  ? skb_put+0x11b/0x210
[  557.255393][T13519]  netlink_sendmsg+0x813/0xb40
[  557.255424][T13519]  ? __pfx_netlink_sendmsg+0x10/0x10
[  557.255450][T13519]  ? aa_sock_msg_perm+0xf1/0x1b0
[  557.255474][T13519]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  557.255495][T13519]  ____sys_sendmsg+0x972/0x9f0
[  557.255522][T13519]  ? __pfx_____sys_sendmsg+0x10/0x10
[  557.255544][T13519]  ? kstrtoull+0x12f/0x1d0
[  557.255573][T13519]  ___sys_sendmsg+0x2a5/0x360
[  557.255597][T13519]  ? __pfx____sys_sendmsg+0x10/0x10
[  557.255617][T13519]  ? get_pid_task+0x20/0x1f0
[  557.255633][T13519]  ? get_pid_task+0x20/0x1f0
[  557.255646][T13519]  ? get_pid_task+0x20/0x1f0
[  557.255684][T13519]  ? __fget_files+0x2a/0x420
[  557.255705][T13519]  ? __fget_files+0x3a0/0x420
[  557.255736][T13519]  __sys_sendmsg+0x183/0x260
[  557.255756][T13519]  ? __pfx___sys_sendmsg+0x10/0x10
[  557.255795][T13519]  __do_fast_syscall_32+0x20d/0x640
[  557.255815][T13519]  ? do_fast_syscall_32+0x33/0x70
[  557.255832][T13519]  ? asm_int80_emulation+0x1a/0x20
[  557.255848][T13519]  ? do_int80_emulation+0x274/0x4d0
[  557.255865][T13519]  ? trace_irq_disable+0x3b/0x150
[  557.255891][T13519]  do_fast_syscall_32+0x33/0x70
[  557.255910][T13519]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  557.255929][T13519] RIP: 0023:0xf7f44f6c
[  557.255945][T13519] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[  557.255960][T13519] RSP: 002b:00000000f540650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  557.255978][T13519] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  557.255990][T13519] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[  557.256001][T13519] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  557.256010][T13519] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  557.256020][T13519] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  557.256046][T13519]  </TASK>
[  557.669144][T13523] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2080'.
[  557.844426][   T24] usbhid 6-1:0.0: can't add hid device: -32
[  557.850451][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[  557.885714][T13523] l2tp_ppp: sess 2/0: no socket in recv
[  557.925958][T13523] tipc: Bearer <udp:s>: already 2 bearers with priority 10
[  557.933260][T13523] tipc: Bearer <udp:s>: trying with adjusted priority
[  557.940504][T13523] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2080'.
[  557.949731][T13523] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  558.026935][T10689] usb 6-1: USB disconnect, device number 51
[  558.196816][T13544] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  558.249851][T13543] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  558.836604][T13560] netlink: 'syz.4.2089': attribute type 2 has an invalid length.
[  558.871162][T13559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2090'.
[  558.907257][T13560] h[Ac(sēj(: entered promiscuous mode
[  558.953911][   T24] usb 6-1: new full-speed USB device number 52 using dummy_hcd
[  559.072330][T13564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  559.089813][T13564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  559.097917][   T24] usb 6-1: device descriptor read/64, error -71
[  559.353849][   T24] usb 6-1: new full-speed USB device number 53 using dummy_hcd
[  559.503765][   T24] usb 6-1: device descriptor read/64, error -71
[  559.613997][   T24] usb usb6-port1: attempt power cycle
[  560.156182][T10689] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  560.164071][   T24] usb 6-1: new full-speed USB device number 54 using dummy_hcd
[  560.357162][   T24] usb 6-1: device descriptor read/8, error -71
[  560.547801][T13582] netlink: zone id is out of range
[  560.553134][T13582] netlink: zone id is out of range
[  560.559336][T13582] netlink: zone id is out of range
[  560.565324][T13582] netlink: zone id is out of range
[  560.592859][T10689] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.640177][   T24] usb 6-1: new full-speed USB device number 55 using dummy_hcd
[  560.654994][T13582] netlink: set zone limit has 4 unknown bytes
[  560.664204][T10689] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  560.683133][   T24] usb 6-1: device descriptor read/8, error -71
[  560.732768][T10689] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  560.758452][T10689] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.785178][T10689] usb 2-1: config 0 descriptor??
[  560.814100][   T24] usb usb6-port1: unable to enumerate USB device
[  560.833250][T10689] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  561.104745][T10689] usb 2-1: USB disconnect, device number 51
[  561.671701][T13598] netlink: 'syz.3.2100': attribute type 2 has an invalid length.
[  561.827930][T13600] netlink: 'syz.4.2102': attribute type 4 has an invalid length.
[  561.950545][T13608] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2103'.
[  562.127529][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880258ee000: rx timeout, send abort
[  562.465285][T13611] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2105'.
[  562.480833][T13607] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2400480786 (153630770304 ns) > initial count (137169231808 ns). Using initial count to start timer.
[  562.628211][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880258ef800: rx timeout, send abort
[  562.643861][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880258ee000: abort rx timeout. Force session deactivation
[  562.877152][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  562.884071][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  563.103788][ T1597] usb 6-1: new full-speed USB device number 56 using dummy_hcd
[  563.136795][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880258ef800: abort rx timeout. Force session deactivation
[  563.246540][T13641] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2114'.
[  563.267129][ T1597] usb 6-1: device descriptor read/64, error -71
[  563.505701][T13655] netlink: 'syz.1.2116': attribute type 27 has an invalid length.
[  563.515476][T13655] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2116'.
[  563.563951][ T1597] usb 6-1: new full-speed USB device number 57 using dummy_hcd
[  563.770179][ T1597] usb 6-1: device descriptor read/64, error -71
[  563.885808][ T1597] usb usb6-port1: attempt power cycle
[  563.960001][T13661] FAULT_INJECTION: forcing a failure.
[  563.960001][T13661] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  564.008084][T13661] CPU: 0 UID: 0 PID: 13661 Comm: syz.2.2122 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  564.008111][T13661] Tainted: [L]=SOFTLOCKUP
[  564.008118][T13661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  564.008128][T13661] Call Trace:
[  564.008135][T13661]  <TASK>
[  564.008143][T13661]  dump_stack_lvl+0xe8/0x150
[  564.008170][T13661]  should_fail_ex+0x412/0x560
[  564.008198][T13661]  _copy_to_user+0x31/0xb0
[  564.008218][T13661]  simple_read_from_buffer+0xe1/0x170
[  564.008244][T13661]  proc_fail_nth_read+0x1bb/0x230
[  564.008269][T13661]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  564.008302][T13661]  ? rw_verify_area+0x2a6/0x4d0
[  564.008319][T13661]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  564.008341][T13661]  vfs_read+0x20c/0xa70
[  564.008357][T13661]  ? fdget_pos+0x246/0x320
[  564.008379][T13661]  ? rcu_preempt_deferred_qs_irqrestore+0x7b9/0xbc0
[  564.008403][T13661]  ? __pfx___mutex_lock+0x10/0x10
[  564.008423][T13661]  ? __pfx_vfs_read+0x10/0x10
[  564.008444][T13661]  ? __rcu_read_unlock+0x83/0xe0
[  564.008463][T13661]  ? __fget_files+0x3a0/0x420
[  564.008484][T13661]  ? __fget_files+0x2a/0x420
[  564.008513][T13661]  ksys_read+0x150/0x270
[  564.008532][T13661]  ? __pfx_ksys_read+0x10/0x10
[  564.008554][T13661]  ? asm_int80_emulation+0x1a/0x20
[  564.008576][T13661]  do_int80_emulation+0x173/0x4d0
[  564.008595][T13661]  ? trace_irq_disable+0x3b/0x150
[  564.008616][T13661]  ? asm_int80_emulation+0x1a/0x20
[  564.008631][T13661]  ? clear_bhb_loop+0x40/0x90
[  564.008647][T13661]  ? clear_bhb_loop+0x40/0x90
[  564.008667][T13661]  asm_int80_emulation+0x1a/0x20
[  564.008682][T13661] RIP: 0023:0xf7145cab
[  564.008697][T13661] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  564.008712][T13661] RSP: 002b:00000000f54064bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  564.008729][T13661] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54065d0
[  564.008740][T13661] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  564.008752][T13661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  564.008761][T13661] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  564.008771][T13661] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  564.008796][T13661]  </TASK>
[  564.275780][T13662] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2121'.
[  564.431394][T13665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2123'.
[  564.443794][ T1597] usb 6-1: new full-speed USB device number 58 using dummy_hcd
[  564.464427][ T1597] usb 6-1: device descriptor read/8, error -71
[  564.699673][T13671] dlm: plock device version mismatch: kernel (1.2.0), user (1.33554432.4294901762)
[  564.714011][ T1597] usb 6-1: new full-speed USB device number 59 using dummy_hcd
[  564.736250][ T1597] usb 6-1: device descriptor read/8, error -71
[  564.832371][T13675] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2128'.
[  564.848816][ T1597] usb usb6-port1: unable to enumerate USB device
[  564.934711][T13675] syzkaller0: entered promiscuous mode
[  564.947213][T13675] syzkaller0: entered allmulticast mode
[  565.125770][T13685] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2129'.
[  565.924821][T13706] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2137'.
[  566.934607][T13726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2145'.
[  567.171438][T13739] FAULT_INJECTION: forcing a failure.
[  567.171438][T13739] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  567.189483][T13739] CPU: 0 UID: 0 PID: 13739 Comm: syz.2.2149 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  567.189511][T13739] Tainted: [L]=SOFTLOCKUP
[  567.189518][T13739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  567.189528][T13739] Call Trace:
[  567.189536][T13739]  <TASK>
[  567.189543][T13739]  dump_stack_lvl+0xe8/0x150
[  567.189570][T13739]  should_fail_ex+0x412/0x560
[  567.189598][T13739]  _copy_to_iter+0x404/0x17d0
[  567.189633][T13739]  ? rcu_preempt_deferred_qs_irqrestore+0x7b9/0xbc0
[  567.189653][T13739]  ? __pfx__copy_to_iter+0x10/0x10
[  567.189690][T13739]  seq_read_iter+0xbf5/0xe10
[  567.189728][T13739]  seq_read+0x367/0x480
[  567.189756][T13739]  ? __pfx_seq_read+0x10/0x10
[  567.189781][T13739]  ? apparmor_file_permission+0x1f4/0x300
[  567.189807][T13739]  ? __pfx_seq_read+0x10/0x10
[  567.189831][T13739]  proc_reg_read+0x1e9/0x2e0
[  567.189848][T13739]  ? __pfx_proc_reg_read+0x10/0x10
[  567.189865][T13739]  vfs_read+0x20c/0xa70
[  567.189881][T13739]  ? fdget_pos+0x246/0x320
[  567.189901][T13739]  ? ksys_write+0x1e6/0x270
[  567.189921][T13739]  ? __pfx___mutex_lock+0x10/0x10
[  567.189940][T13739]  ? __pfx_vfs_read+0x10/0x10
[  567.189958][T13739]  ? __fget_files+0x2a/0x420
[  567.189984][T13739]  ? __fget_files+0x3a0/0x420
[  567.190005][T13739]  ? __fget_files+0x2a/0x420
[  567.190038][T13739]  ksys_read+0x150/0x270
[  567.190057][T13739]  ? __pfx_ksys_read+0x10/0x10
[  567.190079][T13739]  ? asm_int80_emulation+0x1a/0x20
[  567.190101][T13739]  do_int80_emulation+0x173/0x4d0
[  567.190120][T13739]  ? trace_irq_disable+0x3b/0x150
[  567.190141][T13739]  ? asm_int80_emulation+0x1a/0x20
[  567.190155][T13739]  ? clear_bhb_loop+0x40/0x90
[  567.190171][T13739]  ? clear_bhb_loop+0x40/0x90
[  567.190190][T13739]  asm_int80_emulation+0x1a/0x20
[  567.190206][T13739] RIP: 0023:0xf7145cab
[  567.190221][T13739] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  567.190235][T13739] RSP: 002b:00000000f540642c EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  567.190253][T13739] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000cc0
[  567.190264][T13739] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 0000000000000000
[  567.190274][T13739] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  567.190284][T13739] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  567.190294][T13739] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  567.190320][T13739]  </TASK>
[  568.168893][T13753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2151'.
[  568.184542][T13753] tipc: Failed to remove unknown binding: 66,1,1/954207513:3642366564/3642366566
[  568.195675][T13753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  568.419476][T13753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  568.738483][T13761] syzkaller0: tun_chr_ioctl cmd 2147767506
[  569.345443][T13771] syzkaller0: tun_chr_ioctl cmd 2147767506
[  569.547043][T13773] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2158'.
[  570.708163][T13787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  570.717501][T13787] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  570.957430][   T24] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  571.001209][T13796] gtp0: entered allmulticast mode
[  571.116821][   T24] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[  571.125205][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  571.140935][   T24] usb 4-1: config 0 has no interface number 0
[  571.154853][   T24] usb 4-1: config 0 interface 49 altsetting 242 bulk endpoint 0x6 has invalid maxpacket 255
[  571.170192][   T24] usb 4-1: config 0 interface 49 has no altsetting 0
[  571.187508][   T24] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=2d.ad
[  571.200030][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.225290][T13801] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  571.246641][   T24] usb 4-1: config 0 descriptor??
[  571.256470][T13801] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  571.264840][T13786] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  571.275447][   T24] xbox_remote_probe: Unexpected endpoint_in
[  571.546596][T10689] usb 4-1: USB disconnect, device number 42
[  571.575750][T13810] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2168'.
[  572.221978][T13819] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2171'.
[  572.743734][T10691] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  572.845527][T13830] netlink: 'syz.5.2175': attribute type 1 has an invalid length.
[  572.874797][T13830] 8021q: adding VLAN 0 to HW filter on device bond1
[  572.893012][T13830] ipvlan3: entered promiscuous mode
[  572.898386][T13830] ipvlan3: entered allmulticast mode
[  572.903848][T13830] bond1: entered allmulticast mode
[  572.925005][T10691] usb 4-1: Using ep0 maxpacket: 32
[  572.947146][T10691] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  572.982305][T10691] usb 4-1: config 0 has no interface number 0
[  573.017778][T10691] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  573.093001][T10691] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.124843][T10691] usb 4-1: Product: syz
[  573.129040][T10691] usb 4-1: Manufacturer: syz
[  573.134039][T10691] usb 4-1: SerialNumber: syz
[  573.141945][T10691] usb 4-1: config 0 descriptor??
[  573.156689][T10691] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  573.414096][T10691] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  573.456500][T10691] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  573.587010][    C1] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 48
[  573.748895][T13852] netlink: 460 bytes leftover after parsing attributes in process `syz.4.2180'.
[  573.774640][T13852] netlink: 460 bytes leftover after parsing attributes in process `syz.4.2180'.
[  574.372754][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  574.381392][   T24] usb 4-1: USB disconnect, device number 43
[  574.393287][   T24] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  574.415558][   T24] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  574.439190][T13856] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2181'.
[  574.455589][   T24] quatech2 4-1:0.51: device disconnected
[  574.759845][T13864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2184'.
[  576.092575][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  576.092592][   T30] audit: type=1326 audit(1773779088.234:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  576.301014][   T30] audit: type=1326 audit(1773779088.234:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  576.343864][   T30] audit: type=1326 audit(1773779088.234:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  576.366288][   T30] audit: type=1326 audit(1773779088.234:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  576.392819][   T30] audit: type=1326 audit(1773779088.234:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  576.630387][   T30] audit: type=1326 audit(1773779088.234:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  576.719686][   T30] audit: type=1326 audit(1773779088.234:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  576.911035][T13901] netlink: 'syz.2.2190': attribute type 27 has an invalid length.
[  576.960804][T13888] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  577.043975][   T30] audit: type=1326 audit(1773779088.234:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  577.068070][   T30] audit: type=1326 audit(1773779088.234:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  577.110975][   T30] audit: type=1326 audit(1773779088.234:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13885 comm="syz.5.2188" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f02f6c code=0x7ffc0000
[  577.163741][T13893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2189'.
[  577.241327][T13900] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2190'.
[  577.350595][T13907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2191'.
[  577.591055][T13907] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  578.038510][T13910] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.046227][T13910] bridge0: port 1(bridge_slave_0) entered disabled state
[  578.226126][T13920] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2195'.
[  578.426018][ T5827] Bluetooth: hci0: command 0x040f tx timeout
[  578.676786][T13924] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.685481][T13924] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  579.103099][T13937] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2201'.
[  579.148243][T13937] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2201'.
[  579.855886][T13948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  579.918685][ T1597] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  579.950997][T13948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  580.121055][ T1597] usb 2-1: Using ep0 maxpacket: 16
[  580.146442][ T1597] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  580.158211][ T1597] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  580.168867][ T1597] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  580.184230][ T1597] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  580.238457][ T1597] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.259032][ T1597] usb 2-1: Product: syz
[  580.263433][ T1597] usb 2-1: Manufacturer: syz
[  580.268538][ T1597] usb 2-1: SerialNumber: syz
[  580.716600][T13960] netlink: 'syz.5.2207': attribute type 27 has an invalid length.
[  580.726442][T13960] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2207'.
[  580.793981][ T1597] usb 2-1: 0:2 : does not exist
[  581.008546][T13962] syzkaller1: entered promiscuous mode
[  581.019248][T13962] syzkaller1: entered allmulticast mode
[  581.042092][T13962] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2208'.
[  581.290000][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880569c7000: rx timeout, send abort
[  581.521514][T13968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2209'.
[  581.805851][   T24] usb 2-1: USB disconnect, device number 52
[  582.156965][T13982] dlm: no locking on control device
[  582.187117][T13982] binder: 13980:13982 ioctl 8008662c 80000180 returned -22
[  582.250387][T13984] netlink: 'syz.5.2215': attribute type 1 has an invalid length.
[  582.302370][T13984] 8021q: adding VLAN 0 to HW filter on device bond2
[  582.361628][T13986] ipvlan4: entered promiscuous mode
[  582.368846][T13986] ipvlan4: entered allmulticast mode
[  582.503799][T13986] bond2: entered allmulticast mode
[  583.739603][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  583.739618][   T30] audit: type=1326 audit(1773779095.894:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  583.899103][   T30] audit: type=1326 audit(1773779095.924:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  583.926033][T14006] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2220'.
[  583.952378][   T30] audit: type=1326 audit(1773779095.944:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  583.977916][T14009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  584.002531][T14009] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  584.063605][   T30] audit: type=1326 audit(1773779095.944:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  584.093758][   T30] audit: type=1326 audit(1773779095.974:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  584.123758][   T30] audit: type=1326 audit(1773779095.974:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  584.123801][   T30] audit: type=1326 audit(1773779095.974:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  584.123832][   T30] audit: type=1326 audit(1773779096.024:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  584.417960][   T30] audit: type=1326 audit(1773779096.024:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  584.513010][   T30] audit: type=1326 audit(1773779096.024:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14001 comm="syz.3.2220" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  585.328518][T14033] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2228'.
[  587.654585][T14071] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2240'.
[  588.705659][T14097] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2248'.
[  588.783159][T14101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2247'.
[  588.794401][T14101] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  588.887204][T14102] netlink: 'syz.5.2246': attribute type 27 has an invalid length.
[  588.921482][T14103] IPVS: length: 528 != 8
[  589.786282][T14102] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2246'.
[  589.903786][ T5908] usb 5-1: new full-speed USB device number 66 using dummy_hcd
[  590.122788][ T5908] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  590.143217][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  590.206388][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  590.233799][ T5908] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  590.273775][ T5908] usb 5-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  590.302305][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.335881][ T5908] usb 5-1: config 0 descriptor??
[  590.743263][T14118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2253'.
[  590.792400][T14119] kvm: emulating exchange as write
[  590.902280][ T5908] hid (null): unknown global tag 0xc
[  590.911814][ T5908] hid-u2fzero 0003:10C4:8ACF.0008: unknown global tag 0xc
[  590.927255][ T5908] hid-u2fzero 0003:10C4:8ACF.0008: item 0 1 1 12 parsing failed
[  590.937073][ T5908] hid-u2fzero 0003:10C4:8ACF.0008: probe with driver hid-u2fzero failed with error -22
[  591.375502][T14131] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  592.166349][T10689] usb 5-1: USB disconnect, device number 66
[  592.290010][T14145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2261'.
[  592.548676][T14158] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2265'.
[  592.559325][T14158] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  592.727243][T14159] IPVS: length: 528 != 8
[  592.885701][T14164] FAULT_INJECTION: forcing a failure.
[  592.885701][T14164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  592.899030][T14164] CPU: 0 UID: 0 PID: 14164 Comm: syz.3.2268 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  592.899055][T14164] Tainted: [L]=SOFTLOCKUP
[  592.899060][T14164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  592.899070][T14164] Call Trace:
[  592.899077][T14164]  <TASK>
[  592.899085][T14164]  dump_stack_lvl+0xe8/0x150
[  592.899111][T14164]  should_fail_ex+0x412/0x560
[  592.899138][T14164]  _copy_from_iter+0x1d3/0x1670
[  592.899160][T14164]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  592.899183][T14164]  ? __pfx_policy_nodemask+0x10/0x10
[  592.899206][T14164]  ? __pfx__copy_from_iter+0x10/0x10
[  592.899229][T14164]  ? set_page_refcounted+0xa0/0x1e0
[  592.899246][T14164]  ? page_copy_sane+0x4e/0x270
[  592.899277][T14164]  copy_page_from_iter+0xdd/0x170
[  592.899303][T14164]  tun_get_user+0x1d4b/0x3dd0
[  592.899319][T14164]  ? tun_get_user+0x6ff/0x3dd0
[  592.899347][T14164]  ? aa_file_perm+0x50e/0x15e0
[  592.899370][T14164]  ? __pfx_tun_get_user+0x10/0x10
[  592.899383][T14164]  ? aa_file_perm+0x192/0x15e0
[  592.899419][T14164]  ? ref_tracker_alloc+0x35c/0x4c0
[  592.899441][T14164]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  592.899466][T14164]  ? tun_get+0x1c/0x2f0
[  592.899486][T14164]  ? tun_get+0x1c/0x2f0
[  592.899500][T14164]  ? tun_get+0x1c/0x2f0
[  592.899520][T14164]  tun_chr_write_iter+0x113/0x200
[  592.899538][T14164]  vfs_write+0x61d/0xb90
[  592.899563][T14164]  ? __pfx_vfs_write+0x10/0x10
[  592.899587][T14164]  ? __fget_files+0x2a/0x420
[  592.899616][T14164]  ksys_write+0x150/0x270
[  592.899635][T14164]  ? __pfx_ksys_write+0x10/0x10
[  592.899655][T14164]  ? asm_int80_emulation+0x1a/0x20
[  592.899674][T14164]  do_int80_emulation+0x173/0x4d0
[  592.899692][T14164]  ? trace_irq_disable+0x3b/0x150
[  592.899712][T14164]  ? asm_int80_emulation+0x1a/0x20
[  592.899726][T14164]  ? clear_bhb_loop+0x40/0x90
[  592.899742][T14164]  ? clear_bhb_loop+0x40/0x90
[  592.899760][T14164]  asm_int80_emulation+0x1a/0x20
[  592.899774][T14164] RIP: 0023:0xf7155cab
[  592.899789][T14164] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  592.899802][T14164] RSP: 002b:00000000f540d44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  592.899819][T14164] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800000c0
[  592.899830][T14164] RDX: 0000000000000056 RSI: 0000000000000000 RDI: 0000000000000000
[  592.899840][T14164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  592.899848][T14164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  592.899857][T14164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  592.899880][T14164]  </TASK>
[  593.512674][T14173] syzkaller0: entered promiscuous mode
[  593.633760][T14173] syzkaller0: entered allmulticast mode
[  593.750670][T14188] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2273'.
[  596.410673][T14209] syz.3.2278 (14209): drop_caches: 2
[  596.796059][   T31] INFO: task kworker/0:4:5874 blocked for more than 163 seconds.
[  596.803954][   T31]       Tainted: G             L      syzkaller #0
[  596.811327][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  596.820353][   T31] task:kworker/0:4     state:D stack:20424 pid:5874  tgid:5874  ppid:2      task_flags:0x4208060 flags:0x00080000
[  596.832484][   T31] Workqueue: usb_hub_wq hub_event
[  596.838268][   T31] Call Trace:
[  596.842588][   T31]  <TASK>
[  596.845583][   T31]  __schedule+0x15dd/0x52d0
[  596.852482][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  596.861125][   T31]  ? bus_for_each_drv+0x258/0x2f0
[  596.866370][   T31]  ? usb_probe_device+0x1c4/0x3b0
[  596.871527][   T31]  ? driver_probe_device+0x4f/0x240
[  596.877036][   T31]  ? device_add+0x7b6/0xb70
[  596.881706][   T31]  ? usb_new_device+0xa08/0x16f0
[  596.886695][   T31]  ? hub_event+0x2a1c/0x4f30
[  596.891286][   T31]  ? process_scheduled_works+0xb6e/0x18c0
[  596.897191][   T31]  ? worker_thread+0xa53/0xfc0
[  596.901973][   T31]  ? __pfx___schedule+0x10/0x10
[  596.906907][   T31]  ? schedule+0x90/0x360
[  596.911226][   T31]  schedule+0x164/0x360
[  596.915514][   T31]  schedule_timeout+0xc3/0x2c0
[  596.920293][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  596.925639][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  596.931054][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  596.936270][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  596.941476][   T31]  ? wait_for_completion+0x274/0x5e0
[  596.946916][   T31]  wait_for_completion+0x2cc/0x5e0
[  596.952040][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  596.957907][   T31]  i2c_del_adapter+0x5c0/0x790
[  596.962793][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  596.968400][   T31]  ? kfree+0x4d/0x630
[  596.972401][   T31]  dvb_usb_i2c_exit+0x64/0xb0
[  596.977253][   T31]  dvb_usb_device_exit+0x1cb/0x360
[  596.982411][   T31]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  596.988115][   T31]  cxusb_probe+0x60f/0x710
[  596.992591][   T31]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  596.998510][   T31]  ? __pfx_cxusb_probe+0x10/0x10
[  597.003455][   T31]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  597.009320][   T31]  ? __pm_runtime_set_status+0x9d4/0xcd0
[  597.015056][   T31]  usb_probe_interface+0x668/0xc90
[  597.020166][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  597.025858][   T31]  really_probe+0x267/0xaf0
[  597.030403][   T31]  __driver_probe_device+0x18c/0x320
[  597.035862][   T31]  driver_probe_device+0x4f/0x240
[  597.040903][   T31]  __device_attach_driver+0x279/0x430
[  597.046461][   T31]  bus_for_each_drv+0x258/0x2f0
[  597.051388][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  597.057408][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  597.062795][   T31]  ? lockdep_hardirqs_on+0x7a/0x110
[  597.068069][   T31]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  597.074071][   T31]  __device_attach+0x2c5/0x450
[  597.078856][   T31]  ? __pfx___device_attach+0x10/0x10
[  597.084195][   T31]  ? _raw_spin_unlock+0x28/0x50
[  597.089055][   T31]  device_initial_probe+0xa1/0xd0
[  597.094186][   T31]  bus_probe_device+0x12a/0x220
[  597.099059][   T31]  ? device_add+0x726/0xb70
[  597.103552][   T31]  device_add+0x7b6/0xb70
[  597.107986][   T31]  usb_set_configuration+0x1a87/0x2110
[  597.113486][   T31]  usb_generic_driver_probe+0x8d/0x150
[  597.119191][   T31]  usb_probe_device+0x1c4/0x3b0
[  597.124185][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  597.129568][   T31]  really_probe+0x267/0xaf0
[  597.134217][   T31]  __driver_probe_device+0x18c/0x320
[  597.139515][   T31]  driver_probe_device+0x4f/0x240
[  597.144588][   T31]  __device_attach_driver+0x279/0x430
[  597.149989][   T31]  bus_for_each_drv+0x258/0x2f0
[  597.154950][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  597.160850][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  597.166303][   T31]  ? lockdep_hardirqs_on+0x7a/0x110
[  597.171516][   T31]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  597.177467][   T31]  __device_attach+0x2c5/0x450
[  597.182262][   T31]  ? __pfx___device_attach+0x10/0x10
[  597.187788][   T31]  ? _raw_spin_unlock+0x28/0x50
[  597.192644][   T31]  device_initial_probe+0xa1/0xd0
[  597.197793][   T31]  bus_probe_device+0x12a/0x220
[  597.202668][   T31]  ? device_add+0x726/0xb70
[  597.207207][   T31]  device_add+0x7b6/0xb70
[  597.211545][   T31]  usb_new_device+0xa08/0x16f0
[  597.216432][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  597.221639][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  597.226884][   T31]  hub_event+0x2a1c/0x4f30
[  597.231330][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  597.236459][   T31]  ? __pfx_hub_event+0x10/0x10
[  597.241241][   T31]  ? process_scheduled_works+0xa8d/0x18c0
[  597.247029][   T31]  ? process_scheduled_works+0xa8d/0x18c0
[  597.252755][   T31]  process_scheduled_works+0xb6e/0x18c0
[  597.258535][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  597.264603][   T31]  ? assign_work+0x3d5/0x5e0
[  597.269189][   T31]  worker_thread+0xa53/0xfc0
[  597.274228][   T31]  kthread+0x388/0x470
[  597.278304][   T31]  ? __pfx_worker_thread+0x10/0x10
[  597.283513][   T31]  ? __pfx_kthread+0x10/0x10
[  597.288164][   T31]  ret_from_fork+0x51e/0xb90
[  597.292762][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  597.298167][   T31]  ? __switch_to+0xc7d/0x1450
[  597.302864][   T31]  ? __pfx_kthread+0x10/0x10
[  597.307516][   T31]  ret_from_fork_asm+0x1a/0x30
[  597.312305][   T31]  </TASK>
[  597.315570][   T31] 
[  597.315570][   T31] Showing all locks held in the system:
[  597.323303][   T31] 1 lock held by khungtaskd/31:
[  597.335491][   T31]  #0: ffffffff8e75e520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  597.345460][   T31] 3 locks held by kworker/u8:2/36:
[  597.350585][   T31]  #0: ffff8880316ee948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  597.362271][   T31]  #1: ffffc90000ac7c40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  597.376063][   T31]  #2: ffffffff8fbcd9c8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  597.385663][   T31] 3 locks held by kworker/u8:3/49:
[  597.390765][   T31]  #0: ffff88813fe4c148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  597.402562][   T31]  #1: ffffc90000b97c40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  597.413818][   T31]  #2: ffffffff8fbcd9c8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  597.422795][   T31] 4 locks held by kworker/u8:8/3536:
[  597.428116][   T31]  #0: ffff88801b6de948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  597.439743][   T31]  #1: ffffc9000d4ffc40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  597.450486][   T31]  #2: ffffffff8fbbf230 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[  597.459972][   T31]  #3: ffffffff8fbcd9c8 (rtnl_mutex){+.+.}-{4:4}, at: cfg80211_pernet_exit+0x19/0x120
[  597.469817][   T31] 2 locks held by getty/5583:
[  597.474598][   T31]  #0: ffff8880323590a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  597.484511][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[  597.494707][   T31] 4 locks held by udevd/5832:
[  597.499399][   T31]  #0: ffff88802b0f18b8 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb7/0xe10
[  597.508200][   T31]  #1: ffff88805540b488 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x5c/0x420
[  597.517744][   T31]  #2: ffff888057f75878 (kn->active#26){++++}-{0:0}, at: kernfs_seq_start+0xb2/0x420
[  597.527530][   T31]  #3: ffff88806a77e198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  597.537169][   T31] 5 locks held by kworker/0:4/5874:
[  597.542348][   T31]  #0: ffff888021aae548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  597.553777][   T31]  #1: ffffc90003ea7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  597.565666][   T31]  #2: ffff888029ca0198 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30
[  597.574661][   T31]  #3: ffff88806a77e198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[  597.583968][   T31]  #4: ffff888035e16160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[  597.593217][   T31] 5 locks held by kworker/u8:6/12095:
[  597.598717][   T31]  #0: ffff8880b863ade0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb6/0x150
[  597.608703][   T31]  #1: ffff8880b8724588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  597.617749][   T31]  #2: ffff8880b8726118 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x1ae/0xf30
[  597.626787][   T31]  #3: ffffffff9a544420 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x83/0x580
[  597.637340][   T31]  #4: ffffffff8e602e68 (text_mutex){+.+.}-{4:4}, at: arch_jump_label_transform_apply+0x17/0x30
[  597.647845][   T31] 1 lock held by syz.1.2270/14170:
[  597.652956][   T31]  #0: ffffffff8fbcd9c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  597.662030][   T31] 2 locks held by syz.2.2271/14172:
[  597.667269][   T31]  #0: ffffffff8fbcd9c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  597.676454][   T31]  #1: ffffffff8e7647b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2d0/0x770
[  597.687507][   T31] 1 lock held by syz.4.2275/14192:
[  597.692618][   T31]  #0: ffffffff8fbcd9c8 (rtnl_mutex){+.+.}-{4:4}, at: xsk_bind+0x156/0x1020
[  597.701964][   T31] 1 lock held by syz.5.2277/14204:
[  597.707111][   T31]  #0: ffffffff8fbcd9c8 (rtnl_mutex){+.+.}-{4:4}, at: fib_newrule+0x4b6/0x1030
[  597.716252][   T31] 5 locks held by kworker/u8:7/14211:
[  597.721652][   T31] 
[  597.731730][   T31] =============================================
[  597.731730][   T31] 
[  597.740355][   T31] NMI backtrace for cpu 0
[  597.740372][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  597.740392][   T31] Tainted: [L]=SOFTLOCKUP
[  597.740398][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  597.740407][   T31] Call Trace:
[  597.740415][   T31]  <TASK>
[  597.740422][   T31]  dump_stack_lvl+0xe8/0x150
[  597.740449][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[  597.740471][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  597.740494][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  597.740517][   T31]  sys_info+0x135/0x170
[  597.740536][   T31]  watchdog+0xfd9/0x1030
[  597.740562][   T31]  ? watchdog+0x21a/0x1030
[  597.740590][   T31]  kthread+0x388/0x470
[  597.740606][   T31]  ? __pfx_watchdog+0x10/0x10
[  597.740626][   T31]  ? __pfx_kthread+0x10/0x10
[  597.740643][   T31]  ret_from_fork+0x51e/0xb90
[  597.740665][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  597.740684][   T31]  ? __switch_to+0xc7d/0x1450
[  597.740706][   T31]  ? __pfx_kthread+0x10/0x10
[  597.740724][   T31]  ret_from_fork_asm+0x1a/0x30
[  597.740759][   T31]  </TASK>
[  597.740766][   T31] Sending NMI from CPU 0 to CPUs 1:
[  597.856279][    C1] NMI backtrace for cpu 1
[  597.856298][    C1] CPU: 1 UID: 0 PID: 5806 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  597.856321][    C1] Tainted: [L]=SOFTLOCKUP
[  597.856327][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  597.856337][    C1] RIP: 0010:entry_SYSENTER_compat+0x1b/0x2d
[  597.856361][    C1] Code: cc cc cc cc 0f ae e8 5d c3 cc cc cc cc cc cc f3 0f 1e fa 0f 01 f8 50 66 90 0f 20 d8 0f 1f 44 00 00 48 25 ff e7 ff ff 0f 22 d8 <58> 65 48 8b 25 fc e1 1b 12 6a 2b 6a 00 9c 6a 23 6a 00 89 c0 50 57
[  597.856375][    C1] RSP: 0018:fffffe0000049ff8 EFLAGS: 00000006
[  597.856390][    C1] RAX: 000000007c99e000 RBX: 0000000000000003 RCX: 00000000ffb5847c
[  597.856402][    C1] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  597.856411][    C1] RBP: 00000000ffb583a0 R08: 0000000000000000 R09: 0000000000000000
[  597.856422][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  597.856431][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  597.856441][    C1] FS:  0000000000000000(0000) GS:ffff888125560000(0063) knlGS:00000000569f34c0
[  597.856460][    C1] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  597.856472][    C1] CR2: 0000000056bd2470 CR3: 000000007c99e000 CR4: 00000000003526f0
[  597.856486][    C1] Call Trace:
[  597.856493][    C1]  <ENTRY_TRAMPOLINE>
[  597.856501][    C1]  </ENTRY_TRAMPOLINE>
[  597.993679][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  598.000548][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  598.011220][   T31] Tainted: [L]=SOFTLOCKUP
[  598.015530][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  598.025569][   T31] Call Trace:
[  598.028835][   T31]  <TASK>
[  598.031753][   T31]  vpanic+0x56c/0xa60
[  598.035729][   T31]  ? __pfx___schedule+0x10/0x10
[  598.040564][   T31]  ? __pfx_vpanic+0x10/0x10
[  598.045055][   T31]  ? irqentry_exit+0x59e/0x620
[  598.049809][   T31]  panic+0xc5/0xd0
[  598.053516][   T31]  ? __pfx_panic+0x10/0x10
[  598.057936][   T31]  watchdog+0x1023/0x1030
[  598.062257][   T31]  ? watchdog+0x21a/0x1030
[  598.066664][   T31]  kthread+0x388/0x470
[  598.070716][   T31]  ? __pfx_watchdog+0x10/0x10
[  598.075377][   T31]  ? __pfx_kthread+0x10/0x10
[  598.079964][   T31]  ret_from_fork+0x51e/0xb90
[  598.084541][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  598.089640][   T31]  ? __switch_to+0xc7d/0x1450
[  598.094311][   T31]  ? __pfx_kthread+0x10/0x10
[  598.098898][   T31]  ret_from_fork_asm+0x1a/0x30
[  598.103689][   T31]  </TASK>
[  598.106956][   T31] Kernel Offset: disabled
[  598.111262][   T31] Rebooting in 86400 seconds..