last executing test programs:

7.286392498s ago: executing program 2 (id=4552):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r3, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0x6000, 0x1a000})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000140)={0x0, 0x240, 0x0, &(0x7f0000000180)=[0x6bd1a311, 0xec66, 0xff, 0x8, 0x98bd, 0x80000000000000c, 0x400009, 0x4, 0x401, 0x466c, 0x89004, 0x2, 0x4e, 0x400009, 0x2, 0x49, 0x100000000003, 0x5, 0x400000000002, 0x7fffffff, 0x8, 0x7, 0xc1, 0x8, 0xfffffffffffff000, 0xffffffffffffffff, 0x6, 0x7f, 0x96, 0xffffffff, 0xff, 0xfffffffffffffffc, 0x4, 0x4, 0x2, 0x3, 0x4000009, 0x8892, 0x1, 0x43dd1007, 0x46, 0x2001, 0xfffffffffffffff8, 0xa3de, 0x2cc0000000000000, 0x8, 0x5, 0x400, 0x6, 0xffffffffffffffb7, 0xfffffffffffffffa, 0x2, 0xe, 0xfffffffffffff068, 0x4, 0xe7, 0x6, 0x2, 0xd, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x3, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x18, 0xcdc, 0x100004000000007, 0x2, 0x3, 0x2, 0x10000, 0x9, 0x6, 0x4, 0x1, 0x81, 0x100, 0x4, 0x0, 0xffffffffffffff81, 0xb, 0xff, 0x6, 0x28000000, 0x80000005, 0x8061d, 0x8, 0x7, 0xf6, 0x4, 0x5, 0x204, 0x7, 0xe53e, 0x4, 0x8, 0x2293332d, 0x6, 0x5, 0x7, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x80000001, 0x7, 0xdfd4, 0xfff9, 0x20000000000013, 0x2, 0x8, 0x1, 0x6, 0x200eb4, 0x3, 0x1, 0xb68e, 0x1, 0x8, 0x1000003]})
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r5, 0x802c550a, &(0x7f0000000280)=@urb_type_bulk={0x3, {0x3}, 0x9, 0x1, 0xfffffffffffffffe, 0x0, 0x9, 0xfdac, 0xfffffffd, 0x0, 0x0, 0x0})
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000001e40)=""/174, 0xae}, {&(0x7f0000000840)=""/144, 0x82}], 0x2, &(0x7f0000001fc0)=""/65, 0xfffffffffffffe76}, 0x1}], 0x1, 0x40002122, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000680)={'syztnl2\x00', &(0x7f00000005c0)={'syztnl1\x00', <r6=>0x0, 0x80, 0x10, 0x23e8, 0x9, {{0x23, 0x4, 0x2, 0x3d, 0x8c, 0x68, 0x0, 0x4, 0x29, 0x0, @local, @private=0xa010100, {[@cipso={0x86, 0x21, 0x3, [{0x0, 0xc, "63b1e700e484e0bf3d8e"}, {0x0, 0xf, "5104497417da4c8ee0e7003168"}]}, @generic={0x88, 0x4, "c6af"}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x2c, 0x2d, 0x1, 0x3, [{@private=0xa010101, 0x7f}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9fe}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}, {@multicast2, 0xc5}, {@multicast1, 0x3}]}, @noop, @rr={0x7, 0xf, 0x26, [@private=0xa010101, @broadcast, @multicast1]}, @ssrr={0x89, 0x13, 0x75, [@broadcast, @rand_addr=0x64010100, @loopback, @loopback]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000740)={'syztnl2\x00', &(0x7f00000006c0)={'syztnl2\x00', r6, 0x4, 0x7, 0x0, 0xfffffff7, 0x10, @private1, @private0, 0x700, 0x8000, 0x7, 0x1}})

6.656098894s ago: executing program 1 (id=4556):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x2c, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x16}, 0x4003}]}, &(0x7f00000002c0)=0x10) (fail_nth: 4)

6.304153088s ago: executing program 1 (id=4559):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000680)='/sys/power/disk', 0x2, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f00000000c0)="fc", 0x7}])
syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), r0)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x4000000)
r2 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x30c02, 0x0)
ioctl$DVB_DVR_DMX_EXPBUF(r0, 0xc00c6f3e, &(0x7f00000001c0)={0x4, 0x80000, r2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x400, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=@delqdisc={0xe0, 0x25, 0x2, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xd, 0xd}, {0xfff1, 0x1}, {0xffe2, 0xd}}, [@TCA_STAB={0xb4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x8, 0x2f0, 0xa1, 0x1, 0x0, 0x9, 0xa}}, {0x18, 0x2, [0x6dce, 0x6, 0x7, 0x9, 0x6, 0x8, 0x8, 0x8, 0x7, 0x1]}}, {{0x1c, 0x1, {0x94, 0x7, 0x8, 0xea55, 0x1, 0xe, 0xeb0, 0x6}}, {0x10, 0x2, [0xb, 0xffff, 0x2, 0x8, 0xfff9, 0x4a7]}}, {{0x1c, 0x1, {0x5, 0x8, 0x1, 0x6, 0x0, 0x8, 0x5, 0x2}}, {0x8, 0x2, [0x1, 0x7]}}, {{0x1c, 0x1, {0xfb, 0x0, 0xf51, 0x1, 0x2, 0x7, 0xfff, 0x5}}, {0xe, 0x2, [0x10, 0x4, 0x36c, 0x4, 0x13]}}]}, @qdisc_kind_options=@q_mq={0x7}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4010}, 0x20004801)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r9)
sendmsg$TIPC_CMD_ENABLE_BEARER(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000240)={'syzkaller0\x00', @broadcast})
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r11)
r12 = socket$unix(0x1, 0x5, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r14, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x5, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2e, 0x25dfdbfb, {0x0, 0x0, 0x0, r14, {0x0, 0x1}, {0x3, 0xb}, {0xffe0, 0x6}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0x2}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x200c840)
ioctl$SIOCSIFHWADDR(r11, 0x8922, &(0x7f0000002280)={'veth0_to_bond\x00', @random="2b0100004ec6"})

6.186390362s ago: executing program 1 (id=4562):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x84, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3e, 0xe, {{{}, {}, @broadcast}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x0, 0xb1, 0x1, 0x1}}, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x1, 0x2b, 0x6}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x101}]]}, 0x84}}, 0x0) (fail_nth: 4)

5.822317571s ago: executing program 1 (id=4563):
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000024917720042322023f77010203010902120001000010000904"], 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r5)
syz_usb_connect$printer(0x4, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000300000040256b425f944be1e849d7bafdfd05a8a440000102030109021b00010108100109040040020701030409050102400005041a"], 0x0)
ioctl$EVIOCRMFF(r5, 0x40085503, &(0x7f00000000c0)=0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macvlan0\x00'})
r7 = syz_open_dev$loop(&(0x7f0000000080), 0x4, 0x80000)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f00000001c0)={0x5, 0x1, 0x0, "eee98fa706178749cb4dfd93e33c9b6b7bd152f35ed734fc70157dcb4f1891e2", 0x43353039})
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000000)={'\x00', 0x2, 0x4, 0x1, 0x5, 0xffffffff})
ioctl$BLKTRACETEARDOWN(r7, 0x1276, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
close(r0)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')

5.82174496s ago: executing program 2 (id=4564):
syz_usb_connect$midi(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x133e, 0x815, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x9, 0x10, 0x4, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0xb}}}}}]}}, 0x0)
socket$alg(0x26, 0x5, 0x0)
pipe(&(0x7f0000000200))
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80600, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
io_uring_setup(0x2e31, &(0x7f0000000100)={0x0, 0xca87, 0x400, 0x0, 0x8000319})
inotify_init1(0x800)
close(0x3)
socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
r4 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r4], 0x20)

5.502689887s ago: executing program 0 (id=4569):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000009f40)={0xf00001, 0xffffbfff, '\x00', @p_u32=0x0}})
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e000000000000000900400008"], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000100)=@in6={0xa, 0x2, 0x11, @loopback={0xfec0ffff00000000}, 0x20}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000000)="99", 0x1}], 0x1}, 0x40844)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket(0x1e, 0x4, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff})
fsopen(&(0x7f0000000140)='fuseblk\x00', 0x0)
memfd_create(&(0x7f0000000d40)='[\v\xdbX\xae[\x1a\x02\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91\x05||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbduu\xc3\xf8\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDf\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\xa0 \xadA\xe3\xee\x8f$\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\a\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%iC}n\rSF\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe28\xc0\xf4\xee\x19\xce\xedX\x8d\rmq\t\xb5$\xef\xa6N\x9e\x0f@\xdfo\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82~\xb7\xb1<\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6\x00\xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a6\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff\xd23\xe5\xd4#t\x89\xa2)\x7f\x16\x99\xe9>\xb69\xd3\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb92Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83D\x99\xf3j\xaf\xd0Fd\x81\xbe\xbf\by\x7f\xd8X?\n\xf8P&!\x9d0F\x8dp\xf9:?1\xe8T\x13\xfb\x89\xac\\\xd4\xa9\xa3\xac\x80\xddd\xed\xb1I\xfcz\x9aQ\x03\xcdO\xdfn^\xb4\x97\xd1\x8a%\x8d\xce\xafg\xa2W|v\xc2\x99\x97X\xd7\x8b\x82Z\xa7\xac\xa4\xb1P\x8c\xfd^\xb8=\xd6Q\xdb\x05\x8a\xe2\xed\xaaR\xd9\x1a\xd8\x92\xc8\x1b\xe6f\xd6\xb7rp\x8e\xd7I\xd0lN\xbd\x89\xac&)<\x9d\x8b\xcb\x93p\x90a\xef\xd0?\x02\x93\x83\xb9\xe4b\xfc1@\xde\xd8&\xd0\x8f\xa6G\xe0\xc9\xe9Z\xb4PG\xcf\xed\xf5\x94\x89\x9a\xa8\xd7\x02\xac\x9d\x1b\x9am\x82L\a,;\xcd\x11,\xf9\xe6\xe1\fa\xfe\xdc\xc0A\xc3\xda\x8f$\x87<\xef\xe2\xc2xP\xfc\xd4\xefX\x8doK\x8aa\x98.\x82!\xf9\rS\x04\xd2\xb4I\x1d=\xf9<\xb0?l\xa5\t\xd1j\"\x1e\xe5\xe0\xad\x14\x97\xde\xa3\x97\x9a\x9bq\'\xd4\xbc4\xf2\x9a\xa9\xa5\xb5\x8f\xdfD\xdf\xf9\xdc\xc3\xce\x90\f\xd9_y_\xda\x13p0\x02I\\~aT\xd4\x91\xa2\xb3\xb4\xa9\xdc\x90)\xac\xc6\x01\xf3\x98\x8e\xe2\xc2\f\xa0Yv\xb4\xa9\x99\x85\xd9t\xb9\x9ax@11\b\xba\xc0\xf1/\x1b\xfc\x93\xd8y\x89\xc6bO=w\xd5?C\x01e\x02z\xed[\x12\xd0{\xbc9\xd2Xm\xbe3h\x10\x00\xdfP\xfc\x01\xa19\xea\xae+c\xea\x1a.\x9ap\x0f<+t\x81\x84\xc3r\xcd\xdb\xa6\x84\x8a;l\x018\xda?\x90\xdd#\xaaM\xdcEV(u\xe1\x15\x8b\x88>\x06\x03\xb0\x18\xf6\x86\x88\xf7b\xc1C\xd4\xb3/\tf1\xdbr\xe4\xef\xe9\xa0\xdfht\xa7?\xc1\x13\xee\xa8d=@dN\x83\xbal\xc5\xb9\xbe\x80+y\xf5\xf3WH\x8fg\x00'/1641, 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
io_uring_setup(0x1efe, &(0x7f00000002c0)={0x0, 0x4354, 0x10000, 0x23, 0x34a})
getsockopt$inet_mptcp_buf(r4, 0x11c, 0x1, &(0x7f0000000340)=""/233, &(0x7f0000000440)=0xe9)
r5 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000002100010000002000000000000a0000000000000000000000080010000200"], 0x24}}, 0x0)
pipe(&(0x7f0000000240)={<r7=>0xffffffffffffffff})
r8 = socket$netlink(0x10, 0x3, 0x0)
splice(r7, 0x0, r8, 0x0, 0x10d00, 0xf)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r7, 0xc02054a5, &(0x7f0000000480)={0x7fffffff, r2, 'id0\x00'})
r9 = openat$binfmt(0xffffffffffffff9c, r5, 0x42, 0x1ff)
write$binfmt_script(r9, &(0x7f0000000080)={'#! ', './file1', [{}]}, 0x2)
write$binfmt_elf64(r9, &(0x7f0000000200)=ANY=[], 0x1cb)
close(r9)
execveat$binfmt(0xffffffffffffff9c, r5, 0x0, 0x0, 0x0)

5.336335323s ago: executing program 0 (id=4570):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)

5.15430313s ago: executing program 0 (id=4571):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x300, &(0x7f0000000040)={&(0x7f00000002c0)={0x2c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x2c}}, 0x0)

5.035281248s ago: executing program 0 (id=4572):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000680)='/sys/power/disk', 0x2, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f00000000c0)="fc", 0x7}])
syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), r0)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000006c0)=ANY=[], 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x4000000)
r2 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x30c02, 0x0)
ioctl$DVB_DVR_DMX_EXPBUF(r0, 0xc00c6f3e, &(0x7f00000001c0)={0x4, 0x80000, r2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x400, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=@delqdisc={0xe0, 0x25, 0x2, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xd, 0xd}, {0xfff1, 0x1}, {0xffe2, 0xd}}, [@TCA_STAB={0xb4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x8, 0x2f0, 0xa1, 0x1, 0x0, 0x9, 0xa}}, {0x18, 0x2, [0x6dce, 0x6, 0x7, 0x9, 0x6, 0x8, 0x8, 0x8, 0x7, 0x1]}}, {{0x1c, 0x1, {0x94, 0x7, 0x8, 0xea55, 0x1, 0xe, 0xeb0, 0x6}}, {0x10, 0x2, [0xb, 0xffff, 0x2, 0x8, 0xfff9, 0x4a7]}}, {{0x1c, 0x1, {0x5, 0x8, 0x1, 0x6, 0x0, 0x8, 0x5, 0x2}}, {0x8, 0x2, [0x1, 0x7]}}, {{0x1c, 0x1, {0xfb, 0x0, 0xf51, 0x1, 0x2, 0x7, 0xfff, 0x5}}, {0xe, 0x2, [0x10, 0x4, 0x36c, 0x4, 0x13]}}]}, @qdisc_kind_options=@q_mq={0x7}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4010}, 0x20004801)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r9)
sendmsg$TIPC_CMD_ENABLE_BEARER(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000240)={'syzkaller0\x00', @broadcast})
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r11)
r12 = socket$unix(0x1, 0x5, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r14, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x5, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2e, 0x25dfdbfb, {0x0, 0x0, 0x0, r14, {0x0, 0x1}, {0x3, 0xb}, {0xffe0, 0x6}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0x2}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x200c840)
ioctl$SIOCSIFHWADDR(r11, 0x8922, &(0x7f0000002280)={'veth0_to_bond\x00', @random="2b0100004ec6"})

4.503657893s ago: executing program 3 (id=4573):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
unshare(0x2040400)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0) (fail_nth: 3)

4.083873272s ago: executing program 3 (id=4574):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
r1 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000040)=ANY=[@ANYBLOB=' \x00'], 0x6)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x8000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0xd0, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_EXPRESSIONS={0x6c, 0x12, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_LAST_MSECS={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_LAST_MSECS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LAST_SET={0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8c}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xf8}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r6 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ppoll(&(0x7f0000000100)=[{r6, 0x708}], 0x1, 0x0, 0x0, 0x0)
ioctl$XFS_IOC_FD_TO_HANDLE(r4, 0xc038586a, &(0x7f0000000380)={<r7=>r3, &(0x7f0000000140)='/dev/dsp1\x00', 0x442600, &(0x7f0000000180)={@align=0x3, {0x8, 0x6, 0x6, 0x9}}, 0x10, &(0x7f00000001c0), &(0x7f0000000200)=0xffffffff})
ioctl$KVM_KVMCLOCK_CTRL(r7, 0xaead)
write$dsp(r0, &(0x7f0000002200)="44e211a385424bf02640ba0d3a219de1033222bea86d14dc6bc540f652f0873cec4d2b540364b6e4ff506bf40b976a8485725d9cfab14bb4c91a5fd888b8b983ef960999942529696b90b853c1f1a3b01af9b0cdc6a605c13de44b58eaf66b597768a5a9bccdb34c1aa1c48b2484cf0f1d68f8b5c1d9f6179459a466a2e865c2a66274717ef95f59fcf4d5b05c4540a35bb64a8fab9af3ad51f3c648121e933ea77809f3901ca59ed3e990ff80d87a814eb6fb68e3305fd9420d4a163ad5654ce60386346b6d1154ecef0f4a782c4459c0a8ca7278655e6f806c4bc2e870000bfcb1346232b0ccce39ee18152165cf3f85e87ae23c4113586cf300b39d7589b28372e554f7d748b618bca2a4298d82864e0d8212f4fbd80fd854691ccac21279bb85aacac8a3301ad2ece3d6061dbcc63e4af0fefc68fab6e5319f6d9e6a2708e41e60b2673d62ec952bae35b854fe7e87bc78e2d1a56cc383e5a1783ce35eaa20868d97eb1198ecae2d6375d7cd6992883aa3bbbdcb93b92b6eca3d6cde5baa92a6adda4540d5fce6d4772e5711b3744210587c05833966b300da0a378787ad06e9d5cba6e569b14c013b8428dad38eb6d2bc547615dac42aca90ac891e6db4d1dd029fe628170433f9229a286a814d39afd5a019db11c185b72c34e01ea5e82a5008a059e6791c9b807c4aab4e9807a5a7896a4c5bfa42f15284c1481618461ce3501cf24a722e74923d01bd7d586eec5d5ccba03eee1c8fc83bc5d73675a11eaaebdcd25fb806155f5e669ed8af3267b214f7d23cf8600ab7e909e7347783b94f235ea797d2c1bd83c7f499c04532f2b63a55b336fa9e5305a4a22cdde74360995ffd241c9592043df3dc99dac462dd43443604ffed04b1ee23b6665e0955e0b38fa71f73af930a9762d6d4d762e11df043a78b90f49f1645acffe61094a20b4caaeca22feca5f66c549cfcda38a1a7b6b79b71aba7a696975a257a94344bf65b7b79212a61f465ee55b530582e8b1dc993c379dd40ab5dd860c5828e2c27afae20539978340db55a68897920c1019e75e0b43b4c93cb1061c98f683f8d407fae9b1a87f2f9cd2b8252059ac39766fc174c344c5224b43bbea978d722c93e727292c738b293da0b9f12b4f11c8f354ae91d644131ce3873612146d79fe3ace49c1446a79e0a324f23cc0b6fb673fc6c34315fa0baf03fb5bd36656a2272c9a4d80a312dfbec125af5aacd2faf633650e3ab54f9fd2c6ee76d5abd9fac547fe7880d0dd9341ac0f095c529d3232447a0d1b28c101a2a95c4a9040041fbdf47ff7da3abe4ee7d8acac57b6553e58f1c5f832e7b920ef3708b98e4917f5b855928344da2ad0a9755d3f90d31f3e427bc869a163844b5e38c62302cc2938b03c132caa4d8044ed92680d406b7d635026f38082b26d6d3dfe80e8f659f1101cec8ea74418699a4fedfcd4ce6f2693cce43123c03122f61b62497bc2fdc2307786943feb7325d645657ae5e58d1e2587003ed4712aba34973199238d3f3d29704ba86538a764abb4d69b9efabcd956fa688536e0661a2a2e0fc84d3e4152187fd90dfbd5023aa12e964d1f3bff4e2c2915f2600a3ab701b177bda95ba8203a45182e03cc07db3b20342cd45d4f8954edebb32fb7fdf49d1952477da9ead5d4ba6de96c42f5923e3dce7188b9e9ec1862dd2fd39d256e1de8cd0906f67a8423b29f0b5bf81539828a1f8ae7e747e6b43bd639c6d6a52a29a0e4944f6b07390fc390770154135acf448ed23c507009af66d20b175723069f8eef06c2cd3edc86bd80ebbe2f5cd56c379d655632b62794aa3757ea10fb232414a9477277261879e88c49e8eb5253c91551c13ed725f3551939533d7c131109d10b4300e24db600f8020b10e9aac24d8572873fac24d149398a3306707c5c3de875eca837e140d23b02637ef888d539b6f0c7fd6d97fd8b9edf9a82bf19d75cec625237a6b9716ac0003d1b8c8db5d04f5231bed4aac9e93da9b6bfea002af81eb77a3ef8cab9878fac2574742277e5403e44844e50e64d1471213c724cf14142291a44ff108c1334fd2aa086aff52cdf1e7c53a3c9757a6717ad360137a50c4968865083c132abfc3a5eba97a4387bd5affdf091f8396b443dad822a15150d68a0d9728c548fb793e6c9d5420561fe683b8b5e89227d357873891e95d87db4a33056f3af5aabdffa3cbaacc44bdbcca971d8e84586545ae5b0e5eb5c7fada201db84c3faf06eb3812c560d7b0c680e9c4908837c5fb10627eb828dc34718004c066b8d999d34fe25b831771eda169c2bd54aab176e851db66c2623a01b8ef09c006c9aeb2fc87502231f75f5e4e01cc2674847c4c4eef86afee4ae3646b25d11d885befe01c43a34d60eff675eabefceba4664fbc211b3f014e315ea8e4c95f5088b82c590695616127cf63ebcee2fd78f3856443d3cb529376d34db3db1a6949cb7c80bc403ba92952b694dec72c540763ce3901d262087bf5a16a89c4151ce2d2d97eb77dce3d93d99e087bc5352cbda39935c686cf294c3ba66fab0135acb713281c90d562fc473df7133df5af7d42e183e4b860ee7b624038141ee757cb14db143ef8e8617eb6cb24a0eb73ef230e417d543f4afc5858c43ad20819bf6eda31bd5c258e66e9703a9b1daa8b34f9db16cae43b131ef258da25272320e2b357357b1d12fd87d9a00551185f3d494426d3f33b0ee84e1ae65508b9916fec12805783a857ac5d70a661fce59088437cf991821d3cf5b0db477dc8f6bb38c8455bb628e563ca45cb65383db9ecfc80386cd05f92ab32bf825a0953c101609ca8239b6ef1fb5a7fcc55642f9b2911df108d64b8c72c5bd31645955056968d4917cbab525ae5994b5dcbd33de392081819012a16be8c1b4f164fa6a1c2d88fd957bd62f28a3e87ba1ffcf644116ffdcf26937d4e64b4e87bd4771b9e0a8d8eba4605a8eac0f8e320b1204eeab358a5a5b2caf3e534c28f9da5598fedc5f13b4a7930a569439c3bc43ac5f5195a29280042278f194f84f8e5ee210223f8a486d568fe4a51bf8ef813c1bd02a669e4e0ea79d1e6bad48257ace2e7feba18123a5e67fd7212a341f92061df472db87f1158b0a2088e48a3680edc29ce3d3156108c04e3b16a1cf18cd70c5f5eeeb59824fb869906679eceb4a6ab8ec8733e72db06403f357e128e3383e2b35269b20f032cc21da717ba3febe02fba9f4893074ee2fd98e85499e36ffe2077348bc541548a34bc32fa0f7c00d84cabfd31e5c75b6769a1ba5770c5217cb03d1f0a8c91ba8d524b42c7365e09d94d95cf43f7ec896718f210fd0ba4ef91a5262daf7cd2bae3c2aad3e2eb925bec9ca7c1b874776dc28784a3719cb191cc317ff897698b2667081cc9db30c96c6510766b65c55c5fd4b8564faca924e6f52c2b181561ee5403184a822f0a207d747602f616c5513cabfe55e525b2bce4d662ae0b9ea68c015d6ca87bc752ed3e527826191a36d23e8032e15f65b3d60a517f16c4ece8bc8b09681bad96a5300f7e30e6848612d67ad853bc1523799c568e46b1dfe0d37cbc202c1332718cfadd4d6938bc0bfb21fc15ad19a0506f669d5c8790b685d81c4acbdb8e1b06918e934b459e3f2b46fe0999e6eae4185edac1cb3e85e8b61de24794d339014c03a285a3d7ba91e00bed2d63b0edb933c290ddd62fb1c56b6d08cb99f47dabd72a667805d63a7784450a1bd1af6dfc2ec785ddb8b86fe4a44a7c8f86c4b19a61fdb701a81bd720bb70f8657e256b0f531ab7848b6206ba7cd4c32b866735a4b46091a0bb6c47c923a3efa99a09c0344228ed412f94c4eca96e6bf6ee75f23a1ae8415a892ff19bd190e1d67b8e1212be638eb179176e4074435ed381a7c2faaee9acbcf873823abd906e92f308b36c6c259e43d13b328ded6bf3c1f4a93a76e9a6d0483875456cf8f30eda231d9f26d6b3861a3f2db165758b0d7aacb7b5a8e9f4d775798556cee8dbe8a94fae8df837f71d66a0aaa48df5c36afa9033ec5283e713806d5a07f82729f9e888d309b713db36256757292443f00f1af08058057373ae710d90cefa5872bbeac931ddd145ba9a64997c0bc53cc59a954f8ee2670caac75e2a63b5a1ca6ca6e3f9287f080b271f34b2e63be2ad4c2b85b7c9683245b12491d221314ab2685e2a44787733af58502245e19af646f65dd26b44dda320d583d9ddd6567d6021dc2d7d731963d6cc790d8b082889045cb749de9857ee4388d0f3c2ef83d405d0a2328bd7f76fa4d3d0a2e8238c979babe572ab3e8ae2768ca212bad33249523fa89fc0498f5f29a68aa7aae681e41284f46b47cc996679c4f1d9936647cb9b47ca8dac8e161b5cc0ff29f48f4a42b6a567f1116a5c239e67069b96862e2ba0cb3d424d4c4810cc1f3da1c61f39e7cca3e519159c057a440db9838f9f14351f64ec24c70a21a874da100af89d4753d274bd87c6574de363d44ee5aa37bb360b3acf347b3a72fac5e66c939daf4c6cbfacb43ab73229cc0badacc30b6c771bee9a7a8e36a5839cf5d68ffac084e69cb7bb34f71fc2244e5d16d056f97f581e3c50112e81d8410b6aa6b33b924cbafbc8dcb163f22f0e7b618ecd22296328e3fafdc2366e49a7ab08fa0d5b55c8aaffa8c9fc2899c07cabcf35748b0f30edb03a8a55807b6c73cd0b64cdd1a77ec0dcb8be359715b284a9476a0013d69c825274f45b6ffa59df58ca07756af102a6bb0efa1b4b356f89c504097cf79c76ca07d325375bfac4d7c8483cabd8d7c9141c96948c32ec87c231b69d6776160b8b31dada7e0837b4c2dc2ecb28f9b0400589c12cde99dc7db30a9d4c4f8a904f6b2f2fba1d0c36544f84db803bef904ec5b1f976345f67688df6e2d866d9eda4a87395b8953c0dc1e93ca742d2141b3591bb0bfdb56a0f8eabf710a3479d8b8f7e3f0e73a6fd29fc946909f77a6ad3044495e4d6e661bc633f4eb63204dd9f47ee85676ec0aa8b713819a280c27f086445d62f258379ffd77ced5d2c8cdf7d87135d6806f340a111f42b042058b96daa2633a6975dc0c5580f93a38e3daba8fdfb21fd94ebb30a2e165a75c1788c1cfe2687af2c3d3908514722e19afb385a74d6ac8cb12ca6232cde2e99d4ac651b280e65b3b897e39984a64d55eb4f65ab0912675c3f334d7c7ce6ecd84044125d98ef9eb6cf46c5d5d01b3ba01fa4bb5ff70ba1d18cba8b28f3980fca9c75441ada9122d497ac2e779277edece11bd175bf79657c37b982acb078591520792cf8278b75177ad1aad8133b2e4a61c561b42f6ab11ff8227d75303720d121ad3f3ad2e350b4cbfb6c5476e0f73e58dd25a18f3b50d0b30a629b2f5e053422c5a18decb3ad311ca978dcb53d44c64f43ceec7f803370a9b4b91e837371c4ed274d636423cb189cfe1302c6605142d5765239c6c86384b7c6de980764793956cacff762f8c4feaef7dee318a977e942e3a2ef45e220857162ac83b0fd4f1deef6510005737e7588dac6679fd8ae630d60bb9509d848f00939134f0c52b2b122bcf7e46ce5ca2592d649ff00252e57d9541bafdfeb6492113f401eb428e543168a96bd06b31a9becd8f0fbb2b89d19479411bbe4e265480cf2a6f34e5bc02a98b9f29b8adc10f9096aa5096fe12ef67d9690388459664f9583095f9bef69f9725a76a2bab82cdefe92fefa283ad56c21ab3e8ea602130ad2d831c0a4fbbb7779476e74674034c6051272ca292540de9bfcb34536604865c759b639c6f1e58699635e037d3a8c", 0x1000)
read$dsp(r6, &(0x7f0000004000)=""/4096, 0x1000)

3.783405323s ago: executing program 0 (id=4576):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f00000001c0)={0x0, @in={{0xa, 0x4, @rand_addr=0x64010102}}, 0xffff, 0x4}, 0x90)
r1 = socket(0x2000000015, 0x80005, 0x0)
socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x3, 0x271d, &(0x7f000001a200)=""/102400, &(0x7f0000000000)=0x19000)
timer_create(0xfffffffc, 0x0, &(0x7f00000011c0))
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000040)={0x48, 0x2, r3, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r2, 0x3ba0, &(0x7f0000000180)={0x48, 0x14, r4})
close(0x3)
timer_create(0xfffffffc, 0x0, &(0x7f0000000180)=<r5=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, 0x9}}, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r6=>0x0, <r7=>0x0})
timer_settime(r5, 0x1, &(0x7f0000000380)={{}, {r6, r7+60000000}}, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0), 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
io_setup(0x4, &(0x7f0000000340))

3.668218659s ago: executing program 2 (id=4577):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x2}, 0x50)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001580)=@newtfilter={0x38, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3, 0xffe0}, {}, {0x5, 0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8848}, 0x4000010)
listen(r1, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x5, 0x400, 0x0, 0x40, r0, 0xd, '\x00', r3, 0xffffffffffffffff, 0x4, 0x1, 0x4, 0x4}, 0x50)
r4 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d240701060000fd80000000e80924030000000001"], 0x0)
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000540)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x20, 0x83, 0x2, 'W7'}, 0x0, 0x0})
syz_usb_control_io(r4, 0x0, &(0x7f0000000c40)={0x84, &(0x7f0000000740)={0x20, 0x3, 0x2, "b23b"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r4, 0x0, &(0x7f0000000f00)={0x84, &(0x7f0000000b00)=ANY=[@ANYBLOB="200603"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.514118359s ago: executing program 3 (id=4578):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x38, 0x2, 0x2, "d569e8e1dd191ae97e4f58f458000000006d346dba216b1e8ac11e00000200", 0x3436324d}) (fail_nth: 4)

3.22641617s ago: executing program 3 (id=4579):
syz_emit_ethernet(0x32, &(0x7f0000000e00)=ANY=[@ANYBLOB="e90c610faca20000086100feee22cd00"/27], 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0xa2040, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0x100, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r2 = syz_open_pts(r1, 0x141601)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x2185)
fcntl$setstatus(r2, 0x4, 0x102800)
close_range(r0, r1, 0x0)
keyctl$clear(0x3, 0xfffffffffffffffd)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdx:De', 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000003540)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000003500)={&(0x7f0000002000)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELSETELEM={0x13b4, 0xe, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x137c, 0x3, 0x0, 0x1, [{0xc4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0xac, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}, {0x54, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x1ff}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x4}, @NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x2}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x2}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x80}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_QUEUE_FLAGS={0x6}, @NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x2}]}}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}, {0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0xa62d4d2f48b9de48}, @NFTA_XFRM_DIR={0x5}]}}}]}, @NFTA_SET_ELEM_EXPR={0xc, 0x7, 0x0, 0x1, @dup={{0x8}, @void}}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0x12b4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @range={{0xa}, @void}}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_DATA={0x1298, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6d, 0x1, "9bb1f205ac55c19208feb92d58596ad2c1b0f236ab40deb32f3b5da03d62d950031ce52aeeb0af8d1cc8714b303447f0d2f216ab5f267103f8e4249b4f98fb5aa6313cf4a4ed69c737f5a3d3400aabaef499cd9f6488642e54f1ff8bd2fb9b0ce6a4f8e77891739731"}, @NFTA_DATA_VALUE={0x1004, 0x1, "b88a93f26100ee95bcc9f3aefb650408dbbfc3913b3990c5c94da67a5c49761707b3bb9e0a98ef456d895b9d496056b6818efad07a0f134732d557b239fb399a075100a275212b1712e1f20092941308666d348288361860025af576823cbf14bac52ec63155c16a9e3060217a5de670b50536bdb51b0fd8be44361e1ad9eca6671f7a0be9e71e3f7f343ac46ee1848f83debfa0a1fc649934794e1471503db4d5b955dbc16d4a1b1717c6c47eaea529c59c288ed284c9cf68a0f9ccfa50bdd2bdabfb94b66a4356e18fc0fcdf9bc3b082002914b99e5c96c5fc52213869db1b495226bd8e9f272346040c3bc04a27c2af58c8f96271a12eebf8977d0bd3a8f7e2bf4d4c468aa2a366f5beba8e778bed5caf0383ae9fc43b9c91053769736e3516749dcd2316c5c7716fce11514baf4c428807dfcedb1eb2081615acadbe9ef548f897856e86c038116344c18fd7fca10097d45ce85042f524477c273d8c0aab1f15ddb6defeb7944baf92b9d50b4d623e8851aa7a0ccf1228d4f3d13b422a706876f3ba20c03b4299ed832b919b46ede11cbc048cce207cc5864d981b166fa4d37c9cd1cbbd9a058c25132ea39b673d7fec5ad20680d410cd54204a5ea0a534d2dc8593dc752beeec93e7fb47f4ff860f7832c590d0af638f8e6be118a62bf41effec8fa70eca54dcb51d1c8dd31ace21f5a7e850979de0519e5d770d82fa1af85b99a7ad91acfecf295b70cd0eef8e21d16ffdd9625213ef972905ab616aa198bbd67586a684e8d7eb29019210a5aa2abb6207945a0c689bb17a79c046e57ceca6106b0d23cc1d3ddb11b0b8936397ddc18a0b1ca0badcd933e71a4cf35bb52b948a355cd7e5ffbe18f5778c4294e66ae2a719f06fc380e1f12aef034c225416f9265b4269523d9b84723c3192f9acfe63466eca33086e18f0a0bc26ca354e3ee2be3125b7e5325db886df2c2f1ed51107ff2507e31d9d60829c966b62af2102adb38c27c7eb73402d759aa745115a3a09993aaeeb4de93222b102d4349a66a68a831cadae0f2f97ca53d9c29c35afd2dda08e8c0ba7ffcd2aca8f6ccb88ef8876d069559bb2b5f71863dc25b2abc0b721e96b2c7660159fc8f556c18be1ad391c6525681db933a2b09309a16e11eca1c2d09013e23c49e4290c616a6d2beefc5079f0a6bc7e536da7ec3bc4e70894d5b5a072ddae52b816d5581c83618b45562a0dd195bf4420d198ee7592d7e0b8642f1738d521128190c44f5feafb77ab5a08afca30b63635f0b0027b3ab29965dd1ed8f437601b5b53b0301ffad08742a596e8b5f48a6b19d15cb22f94236c36e5133ea78168ac0a7ad9dfc46c37db3debefbede23bf78684df23c72a1b8c5eda954582d99f7d9134733feb0ddd2b57ad02ec3bafbea2ee6d7b64d429e1b217c83628e10eace2ad4b5e4626ff03141092b6fae6b4c27103425e1596d2ad40808dce249d7e929ab7f091763c27dcae77e9c3cb4c6e157654ca887c43d4ac012f0256ce2f6f5188048c20e91acafcd632fec8e52779ede3619ff02469a35853b4ce4a439c988449cd0f2cb1ff9bdbf0200ef6e5d4d038aad21e17246262b73efad17c527e634e7d334b7fb9e99d7fc7879733ba49ede5a09e96db9c5e26f8fa5a267bc0f44253c1fd2e66b2ac3c11f2f850bed8ae617047e59366561e8b35d6765032fa10556af66454db977fe22f0d997ca6f499b7e67676b2370516c06011e46209308af4de740595977e13fbec30ddce7d0af9a96eb357498b9703043d77fb4dd179c8eed035846d77772740dd369605e4293b4c7d001888d3cc48f9f0e0753112a94b64f6ac470b6c177c4d0d9f60ab58f6e719ed59decad7fb20b088e252287367663b22e41986f59899871e527b87aa98890a40547181316e75448e57c350d8c1dde8246dd0444ca91b365be74c3c3b50d8e643bf994e855a744ac697fb922d9da89c4649f4cead6c807b10c2029ca7cea8f04ed1b76e54b054008e9e81a3c44cbb8811ba4ee13791b304f9b7ea1f2e0adb600a38f8c79d3a6eeaacab4053aab5f679569bc952e8f81e44a3ea3bd8f100036c59bcf38de3b2e09d503a93ec6e1a81ebc90e8f72f73d03b687dac784ecf5d3966841c310a5cf31cf25728eafac0c4e7fbb2478925c8d96a00ca19244ac6cd9118581d2aa389a607977a0a4e749ce9151c74da7b626c0030c77a4cf243cf09b876c7d31163f234197d96c7a05f0ebc076878e9e420ab3090ddbd09f6514bf0714de114194ebc9c28b39361ab1a08b9725ecfdafcfd7685d7858aeea8a5bcf76a05937a02e59d37bb886ec650a50c8cf7b810ba03ac4c17240f94e81cf5d69fbbe129b147d3ae1413c8c3fc4695ad72e0a78536de8476f7b40d6b19d5a98ebb6997b834a4f05a1351b58ae862462baa35fa9d74815898cd64aeadcba47397f963f1428b9e0774b5ac5839ecba82b7f7341e98d087347cd505064e7c1c796b7f8779c57a55b1f55540cb0d1f14355e1483758556039c341fb53c22dd34d884a6dceb7a0b7dee86b18cc867301d54ebcc23407f9d6ae31b88c8f87011d4bebd37687c83dffeecb3d90631e5c16c854c7f56a0b6202d894532f2dd8b72ae700ea953f39eed819e90dc73685d72e70dedd9dd75a628ec90c131aafc1cf4c0eeaebc81435f576738c10625e68dddffd23a7346d4c90431c45c6207957e797ce0147d2bcc55fc68825f571fb335b670526c3951ea23c120a15d4685f8f07c76ef1e3d17e6ef9d49f46ccb40998aa12661c76c3eb075bc796e810d790f2a4eab1753ba0e70f3315dd7ffdd7ace2d66ed7d4e21bdc8908f7575d07c66b97963b6376d47fc213a0eb5d339bddeeeef69b861442401a21db38dcfcd26a4db49af12f5e21415260512d0d74223ca7ff02717e037ec3b46a8103a0d706bfbcb6b24c02e542291bf10b77ca612255ecca1aed8b667dcf3f9657b0e71bcee4184de5e103ce385e5dbbce82a897c61254a06756c6f35f6a5063a27134a77fadc3e8281bcaddb7ff23692d1cb7537c8c824066b685cd8c4d8f51edbb9d438f2cd9f327f21cfdcf3ea0da7db6724f875df9d5c1fd88a9d1ce6a4b63a1c14b3f035ddbc2b07bb42de8732ff3c10dd3d85fa19599b977fa9919ce6c0eb9abf7a4450cb883247e3583172d22b78a116a53d96e7d67bf4b7a34a721e2bf7dda9ef24ec0eb6495cc31c0a02e779d8622389e3442ab5bff963aa4eef815718932ccbedcb4908c412471daebbb9d7c1a3e7e31fdc2fc3abf53e9f180eb29a876a69a4a7d1774a959bafda9bdd7ed14617afc21cc335b825a778268941298f98ebf87c182bac48be274436ee55b973bb2d04c6fcba4fa3f3936e5066fb6b31c0845fa9319e47273a4df11512e11f12b81699fb04c3446e9fd5a879ffbf71d4fdb5e7fdffc03935da2a259440405cd41cc76cae3f24b3619e056d4e3293a12ed465ac56eb536a100b8fe733f10f849138d8adf026589250a339f59520532e5aebccd10ee881170d1989453b2ad4fb3d28245cc59f2adda9870581579f053cd65c3dfe79add21461525b0835cf17c81b937a3d000fd721c5279cc8fc6ef425a99a7ac06a0fdb34a62caf17a1c134de1ea10dfff70c8755eb2e25dab35c5e3075502f25f55c2f067d6fc348f9ae8902e4f75e6a461f75ffde3712ead097636e0d46bce82b29d53d986e5c15bf22ab7b38456b25b65a071a16011f6c683790726c008afa2a6ad804feb6e87683668d007d0297c78274b08e6f3f1b85dd51588a2f4cc58605f7d02e692fcd2aca0abecf2950a3c70c5bcb62e80e9091018839a5d8e38d845bf0c3031271dbe9f2330d4f89595ee10e7c3559e07d7ac5ddd8f74aaca48250a8cd65da130c5114748756e6ff26610399d70c8782767661091420f2d7f7fc5d4e933f5d5dca57e17541adad183e803574584b2f3439dcf9241b73ce0238a82d2d35ed944dcde2dfa784a1f461b978b846642935d03dab58a83da8f5cab860874348d70f8832127e0b262e89a91767d5628b440582712667936cccb5fac2a04d8e332d2c493afa2ff4d37fdd47706945cb6f538bfc92d20763afa40393cb71371281a30fdf29483c1a24f0683410e86e1a069a9bb0f4f5878f92182888e86b3c6e53ecfb240aeef521bbcf2ad147fc88a3c92c885311a7f3b30b344e6815491fe0380814201052c67f5641ac6105e85381163f67f6a6df2b4fed9e3f100db90812acc45d942e6e90d7bff80902c23e7e556b12d479e9b4ca1334f92be3b50e5f035a114262ad9b0ba24a71f40e9f64aa9c7247a0fb6337a51408e2dc827dead721c7c35b3ac3200fea349f0506dbe5985485c73d3786c278fffbb2fcdf2e8a87a0c87b364f5983e7837c39e61dee1426276d2580978db46a1e106205e5e615e08234a0a557de7a5c36ab34e84974ffa15c6655f253e503f79ee9f92878c130d455a7a4fab7aba974c8978dc2a4a0cb69449ad78f3e0403fc98785565b96336ddca490d170b733dee351994fd1fe653b25be353ca3236f4bf8d852add708d3027b17806c5f7b02667165f866d93d43aff79e7531f163f7cbbfd10c9aeadeb0012be591a3e1dde1c6392ddee1c41a8d43b7dc33b339cafb44ce12f492756c848437525997b0347137fd5d204227b877d1bbbcfbdf950f23f9d93dbf049d89c24bf9a5f755912d74c29d922586b36e15ef9535620a4d8b589fde8e17e4ca9882b8d65b960db49889b37ff56e1b2234031245eac50feacc6bb8dfba36e10dd194b63ba66ca834bee6f29abcbbd7a43661b8939ce64d4df33d79f77aa793720f1a12cd649faa2bf36c4ab7c3fdd5ae1f17977387edd7438630451b1708c577b05280eb11baa5fc150830e22c701fe7d203998690f4e908932dad15b02ce8ebfc034e2e589109c052d65e9930c63714ddad3fb9705040357cab78916ba621a39050b4d801df632485e7c97dfee79fdbf955a1a1958f5ca331366acf5ab057605ace5438f69be5f3e8ba5d508b1591a6f5251eb0ca2aeed8daa3bc78a0a206c38c4a65d53c3e4dd0aa3b9bff3d588514ec0efa5d5dac66bfff2039c1778616879efe971a517b3b4d3474560bde0eb810ee70680f8778dd9c4fe53ae6cf881c567319f357f70eeb2ac48d15ed86d987db041c4e7d60107c6e6829483318ea840f72d3d3d51fd299e98ff43c1d317af7f120589f6b19e86322982aec4a62e3bbc886c78193fb4b52dcebc4a88cdeb56a946902c4f7cd79c42ed76bba11f84cce7e49201bbcd09b5a56e038e117c8fea1803be6291483b7c6381092403d28c34db337eae28a33b00bcaf013e8021a37d07bb046e4fe757ac34374b5a150f34543261f57324632770003d70029bc58aa8255d585f4026e234f195334a325b338ecaa79f7a03641368a69eb31151271177b44072c32044a6e2fa1d875eb7d0bd84353d4ed3aeffef19e44a1c5595790595a2104e2a6634e14a5064879427900608414a562b7ca692f39121d87d2980701bfd4ce44c5a043c693ea5ebe56439c8b67019d4015e464c5b199d33ac6da589fade215526909471a1025321fd2ba3516358083e93efb01179d0bbc4baae1b88e15efdba91d7c58fb361f3894a462b3cfc34c391f4e6b6475be7305ca0666dddff0f4d001c3a8931de94d945a205bbf6c70b09a5ea38db43de3c9a46b4a043b0e716ccacf5e7a681b0391fb352f0f1aefbf90de313206b91b76e85ba5a7ddc1132d1539a8edc34b1b7f93218415d9e941867e5913a44ca377e391efb1c"}, @NFTA_DATA_VALUE={0xa9, 0x1, "7b9b11086816c070563d270c892bb0b94cbf443e3bd82b589a1e3ea549bb44cb9769ed07f5b94cf7b0c94a407e7c9a4ff591bad0f34089db095d9dd9ea2177949b42381e557f803c5c9f0733a0dd53c1f3419f1ee81a74e25faad93ac21904310979d7390db85b0ba0cfc3e607f274cd0bc7cca84826754a9981ba0b8ed372400ebf8c673eeb3dce0f7326a79d4d48909cef1047b4425faac4e722b3c4baac768779cae8be"}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x3d, 0x1, "3390f708d3a4e5405c7902a8f8176354565ce6e95725fdc129beec89ad1b2648228380469b004243ffef6a739ad85a53a33f4d0925c5c1afd6"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0x8b, 0x1, "fb1d344daec719aa541ec68513864601e237fb41167a97bef8575305b779c752f10278613648c97baa03c2f871fcadf3988afddec012c114d01dc86c8b651e5bcf0d164b38f397c39a9a2ddcf7f44db1f3e84a8f2921ea6a34d38077e6c01644d7ac751632855bf0f43e4c631bd1ded9b523989248aac781c37e18a4834bae503231cc79f727e2"}, @NFTA_DATA_VALUE={0x20, 0x1, "8cc54ebda2083fb1675dd87c1bd47e20e9d853f0040185a7ca5601b7"}]}]}]}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x68, 0x3, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_CHAIN_COUNTERS={0x34, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x6}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x8000000000000001}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWOBJ={0x44, 0x12, 0xa, 0x104, 0x0, 0x0, {0xa, 0x0, 0x6}, @NFT_OBJECT_SECMARK=@NFTA_OBJ_DATA={0x30, 0x4, 0x0, 0x1, [@NFTA_SECMARK_CTX={0x2a, 0x1, 'system_u:object_r:semanage_store_t:s0\x00'}]}}, @NFT_MSG_DELSET={0x34, 0xb, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_EXPR={0x18, 0x11, 0x0, 0x1, @cmp={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFT_MSG_NEWCHAIN={0x44, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x6}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffb}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x1500}, 0x1, 0x0, 0x0, 0x4004}, 0x4040004)
ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f0000000080))
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r7 = dup(r6)
r8 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@initdev={0xac, 0x1e, 0x4, 0x0}, 0x4e24, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x800000003, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x1, 0x0, 0x1}}, 0xb8}}, 0x50)
ftruncate(r8, 0x200004)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x10000, 0x0, 0x0, 0xffffffffffffffff}, {0xfffffffffffffffd, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0xffffffef, 0x0, 0x1, 0x0, 0x6}}, 0xb8}}, 0x0)
sendfile(r7, r8, 0x0, 0x80001d00c0d1)
syz_usb_control_io$hid(r5, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r11 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r11, 0x400c4808, &(0x7f0000000000)={0x3, 0x200, 0x1c4})
syz_emit_ethernet(0x9f, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x8e}, @void, {@mpls_mc={0x8848, {[{0x0, 0x0, 0x1}, {0xfd46b}, {0xf}], @ipv6=@dccp_packet={0x1, 0x6, "0c9328", 0x5d, 0x21, 0x0, @dev={0xfe, 0x80, '\x00', 0x2e}, @mcast1, {[@fragment={0x87, 0x0, 0xba, 0x0, 0x0, 0x0, 0x67}, @fragment={0x33, 0x0, 0x9, 0x1, 0x0, 0x2, 0x64}, @srh={0x8, 0x2, 0x4, 0x1, 0x9, 0x50, 0x8000, [@mcast2]}], {{0x4e20, 0x6e23, 0x4, 0x1, 0x6, 0x0, 0x0, 0x2, 0x1, "35171f", 0x4, "50621c"}, "3a15011792c069c9f3ad5223b595d144078108235185d11923c64f2e6babb812195d996c24"}}}}}}}, 0x0)

2.962992035s ago: executing program 0 (id=4580):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={'rmd160-generic\x00'}})
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000680)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000bc0)=@newtfilter={0x34, 0x28, 0x575ac7824d421509, 0x8070bd29, 0x4, {0x0, 0x0, 0x0, r5, {0x9}, {0xffff}, {0x0, 0x5}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x40)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x4, 0x0, 0x3, 0x9, 0xbffc}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'virt_wifi0\x00', <r9=>0x0})
setsockopt$inet6_mreq(r8, 0x29, 0x1b, &(0x7f0000000000)={@remote, r9}, 0x14)
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0xd27, 0x2000, 0x0, {0x0, 0x0, 0x74, r9, {}, {0xafabc05531515610, 0xfff3}, {0xf, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x1c005}, 0x4008054)
syz_usb_connect(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a8230800090400bc6435fb4d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

2.588397s ago: executing program 4 (id=4582):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="021804080c0000002cbd7000fcdbdf25030007"], 0x60}, 0x1, 0x7}, 0x0) (fail_nth: 4)

2.096039281s ago: executing program 4 (id=4583):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000001c0)="b9800000c00f3235000400000f30440f20c03508000000440f22c036646665f36526f20f22a5430f01c566ba4000edc4a39979250b00000008b9800000c00f3235010000000f30f245ab48b800000000000000800f23c00f21f83500000b000f23f8c481e57dcd", 0x67}], 0x1, 0x10, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x9d, 0x5, 0x0, 0x5}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

2.073105713s ago: executing program 1 (id=4584):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.procs\x00', &(0x7f0000000040)={0x474082, 0x5c, 0x8}, 0x18)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000000)={@host})
r0 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0xfac7, 0x0, 0x80, 0xfffffffe})
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3000003, 0x20010, 0xffffffffffffffff, 0xb80a7000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000003c0)='ns/uts\x00')
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000100)=""/92, &(0x7f0000000180)=0x5c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x49, r2, {0x1}}, './file0\x00'})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

1.59162308s ago: executing program 4 (id=4585):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0x10003)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000002c0)={0x40002001})
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000180), 0x4) (fail_nth: 2)

1.26891909s ago: executing program 2 (id=4586):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='cdg', 0x3)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r2, 0x80045017, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f0000002600)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r4, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x2, 0xffffffff, 0x3, 0x22}, 0x4005})
close(0x3)
ioctl$USBDEVFS_ALLOW_SUSPEND(r3, 0x5522)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_INPUT(r5, &(0x7f00000016c0)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd52a44fec4f6f1a6f65158bb6911c295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2971f29d9364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7d9f455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b80d8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e807df4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48610ee39fb4171103df2e09d7cfdb0c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681a03007e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fb9bbcd92d47098ae27a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee4c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22f3bb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7c5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7f87030000000000008992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cf8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46070039116694765658bae64b312715a8216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a1626dffe49d0c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d5807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c949ca930e7a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4bc700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
ioctl$USBDEVFS_SETINTERFACE(r3, 0x80045510, &(0x7f0000000040)={0x0, 0x200000})
r7 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r7, 0x4112, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000000))
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
close(0x3)

1.076294176s ago: executing program 4 (id=4587):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e4000000000000000805000400030000000900020073797a3100000000050005000200000014000300686173683a69702c706f72742c6970000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x20044095}, 0x8042)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) (fail_nth: 4)

497.055908ms ago: executing program 4 (id=4588):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0x10003)
r1 = epoll_create1(0x80000)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x7012}}}, 0xd)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000002c0)={0x40002001})
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000180), 0x4)

439.92661ms ago: executing program 3 (id=4589):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x1, 0xdd9f83, 0x1, 0x2f, 0xf3, 0x2, 0x8, 0x722, 0x7fffffff, 0x7, 0x7f, 0x27, 0x20, {0x0, 0x6fd8e84b}, 0x3, 0xed}})

428.3688ms ago: executing program 2 (id=4590):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000300000000000000000004002d0000000000000095", @ANYRES16=r0], &(0x7f0000000000)='GPL\x00'}, 0x94)
r1 = userfaultfd(0x801)
r2 = dup2(r0, 0xffffffffffffffff)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000020c0)={0xaa, 0x2ef})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
r3 = socket$netlink(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000001c0)={0x4, &(0x7f0000000080)=[{}, {<r4=>0x0}, {}, {}]})
ioctl$DRM_IOCTL_GET_SAREA_CTX(r2, 0xc010641d, &(0x7f0000000240)={r4, &(0x7f0000000200)=""/35})
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
r5 = syz_open_dev$evdev(&(0x7f0000000180), 0x4, 0x862b01)
ioctl$EVIOCSFF(r5, 0x40304580, &(0x7f00000003c0)={0x57, 0x0, 0x7ff, {0xffff, 0x1}, {0x45, 0xfffe}, @cond=[{0x8, 0x5388, 0x4, 0x7980, 0x80cb, 0x9}, {0x81, 0x1, 0x1, 0x7, 0x27, 0x1}]})
write$char_usb(r5, &(0x7f0000000040)="e2", 0x2250)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCMBIC(r7, 0x5417, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000280)={0x20000000, 0x7ff, 0x100000000})
sendmsg$inet(r6, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x810, @empty}, 0x10, &(0x7f0000000300)=[{0x0, 0xe0}, {&(0x7f00000000c0)='G', 0x1}], 0x2}, 0x40890)

296.185997ms ago: executing program 4 (id=4591):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r3, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0x6000, 0x1a000})
ioctl$KVM_CLEAR_DIRTY_LOG(r3, 0xc018aec0, &(0x7f0000000140)={0x0, 0x240, 0x0, &(0x7f0000000180)=[0x6bd1a311, 0xec66, 0xff, 0x8, 0x98bd, 0x80000000000000c, 0x400009, 0x4, 0x401, 0x466c, 0x89004, 0x2, 0x4e, 0x400009, 0x2, 0x49, 0x100000000003, 0x5, 0x400000000002, 0x7fffffff, 0x8, 0x7, 0xc1, 0x8, 0xfffffffffffff000, 0xffffffffffffffff, 0x6, 0x7f, 0x96, 0xffffffff, 0xff, 0xfffffffffffffffc, 0x4, 0x4, 0x2, 0x3, 0x4000009, 0x8892, 0x1, 0x43dd1007, 0x46, 0x2001, 0xfffffffffffffff8, 0xa3de, 0x2cc0000000000000, 0x8, 0x5, 0x400, 0x6, 0xffffffffffffffb7, 0xfffffffffffffffa, 0x2, 0xe, 0xfffffffffffff068, 0x4, 0xe7, 0x6, 0x2, 0xd, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x3, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x18, 0xcdc, 0x100004000000007, 0x2, 0x3, 0x2, 0x10000, 0x9, 0x6, 0x4, 0x1, 0x81, 0x100, 0x4, 0x0, 0xffffffffffffff81, 0xb, 0xff, 0x6, 0x28000000, 0x80000005, 0x8061d, 0x8, 0x7, 0xf6, 0x4, 0x5, 0x204, 0x7, 0xe53e, 0x4, 0x8, 0x2293332d, 0x6, 0x5, 0x7, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x80000001, 0x7, 0xdfd4, 0xfff9, 0x20000000000013, 0x2, 0x8, 0x1, 0x6, 0x200eb4, 0x3, 0x1, 0xb68e, 0x1, 0x8, 0x1000003]})
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000001e40)=""/174, 0xae}, {&(0x7f0000000840)=""/144, 0x82}], 0x2, &(0x7f0000001fc0)=""/65, 0xfffffffffffffe76}, 0x1}], 0x1, 0x40002122, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000680)={'syztnl2\x00', &(0x7f00000005c0)={'syztnl1\x00', <r5=>0x0, 0x80, 0x10, 0x23e8, 0x9, {{0x23, 0x4, 0x2, 0x3d, 0x8c, 0x68, 0x0, 0x4, 0x29, 0x0, @local, @private=0xa010100, {[@cipso={0x86, 0x21, 0x3, [{0x0, 0xc, "63b1e700e484e0bf3d8e"}, {0x0, 0xf, "5104497417da4c8ee0e7003168"}]}, @generic={0x88, 0x4, "c6af"}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x2c, 0x2d, 0x1, 0x3, [{@private=0xa010101, 0x7f}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9fe}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}, {@multicast2, 0xc5}, {@multicast1, 0x3}]}, @noop, @rr={0x7, 0xf, 0x26, [@private=0xa010101, @broadcast, @multicast1]}, @ssrr={0x89, 0x13, 0x75, [@broadcast, @rand_addr=0x64010100, @loopback, @loopback]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000740)={'syztnl2\x00', &(0x7f00000006c0)={'syztnl2\x00', r5, 0x4, 0x7, 0x0, 0xfffffff7, 0x10, @private1, @private0, 0x700, 0x8000, 0x7, 0x1}})

266.11167ms ago: executing program 2 (id=4592):
socket(0x10, 0x803, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x1)
socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x100, 0xe}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd2c, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0xfff5, 0x9}, {}, {0x8, 0xd}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x80, 0x2, 0x4, 0x80000000}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x24040810}, 0x20000000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r4)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'veth0_to_team\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}})
r5 = socket$kcm(0x11, 0x5, 0x0)
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r3, 0xe}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x4)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x10000)
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r9, 0x0, r10, 0x0, 0xf3a, 0x0)
write(r7, &(0x7f0000000240)="94", 0x1)
tee(r6, r10, 0x8f5, 0x100000000000000)
write(r8, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x4000)
mbind(&(0x7f0000a74000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x2, 0x1)
futex(&(0x7f0000000000), 0x8c, 0x1, 0x0, 0x0, 0x0)
getpeername$packet(r7, 0x0, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000001c0)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000000c0)={{@host, 0xffffffff}, @hyper, 0x5, 0x0, 0x100001, 0x0, 0xffffffffffffffff, 0x0, 0x407})

208.416517ms ago: executing program 3 (id=4593):
epoll_create(0x6)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
gettid()
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x200040, 0x0)
r3 = syz_open_dev$swradio(&(0x7f0000000180), 0x0, 0x2)
ioctl$VIDIOC_QUERYCTRL(r3, 0xc0445624, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='comm\x00')
write$binfmt_script(r4, &(0x7f0000000040)={'#! ', './cgroup'}, 0xc)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r5, 0x0, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="02dd2d3e19f9179567100000000000000020000000000000000000000000000000000001"], 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000074000000060a010400000000e5000000010000004c000480240001800b00010072656a656374000014000280080001400000000005000200fc000000240001800b000100736f636b6574000014000280080002400000000a080001400000000208000b40000000000900010073797a300000000014000000110001"], 0xfc}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
rmdir(&(0x7f0000000280)='./bus\x00')

0s ago: executing program 1 (id=4594):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89e, 0xc000, 0xb, 0x10b})
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='/', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x78}, 0x1, 0x0, 0x0, 0x840}, 0x20000080)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r7=>0xffffffffffffffff})
r8 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000280)={0x0, &(0x7f0000000040)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000300)={0x0, 0x0, r9, <r10=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB(r7, 0xc01c64ad, &(0x7f0000000040)={r10})
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f00000001c0)={r10, 0xff7fffff, 0x1ff, 0x9, 0x3, [], [0x40000c0, 0xe8, 0x7, 0x19], [0x8, 0x4, 0x53cc, 0x35], [0x3ff, 0x8, 0x7, 0x7fff]})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000100)=[0x0, r10], 0x2, 0x80000})

kernel console output (not intermixed with test programs):

6] usb 2-1: Manufacturer: syz
[  978.600626][ T8736] usb 2-1: SerialNumber: syz
[  978.612641][ T8736] usb 2-1: config 0 descriptor??
[  978.636753][   T10] usb 3-1: Using ep0 maxpacket: 32
[  978.646093][ T8736] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[  978.657449][ T8736] pctv452e: pctv452e_power_ctrl: 1
[  978.657449][ T8736] 
[  978.664992][ T8736] usb 2-1: selecting invalid altsetting 3
[  978.671342][ T8736] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  978.671342][ T8736] 
[  978.682151][ T8736] dvb-usb: bulk message failed: -22 (5/0)
[  978.697928][ T8736] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  978.708405][ T8736] dvbdev: DVB: registering new adapter (Technotrend TT Connect S2-3600)
[  978.717295][ T8736] usb 2-1: media controller created
[  978.727188][   T10] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  978.737067][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  978.737463][ T8736] dvb-usb: bulk message failed: -22 (8/0)
[  978.751544][ T8736] pctv452e: I2C error -22; AA 01  A0 01 14 -> aa 01 31 04 a0 01 14
[  978.761828][ T8736] dvb-usb: MAC address reading failed.
[  978.765070][   T10] usb 3-1: config 0 descriptor??
[  978.792628][ T8736] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  978.833008][T19996] dvb-usb: bulk message failed: -22 (7/0)
[  978.839069][T19996] pctv452e: I2C error -22; AA 02  00 00 00 -> aa 02 31 03 00 00 00
[  978.858943][T19721] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  978.885306][ T5720] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  978.923063][ T8736] DVB: Unable to find symbol stb0899_attach()
[  978.934302][ T8736] dvb-usb: no frontend was attached by 'Technotrend TT Connect S2-3600'
[  978.942907][   T29] tipc: Node number set to 1241805072
[  979.014262][   T10] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  979.027519][ T8736] rc_core: IR keymap rc-tt-1500 not found
[  979.037882][ T8736] Registered IR keymap rc-empty
[  979.049063][ T8736] rc rc0: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0
[  979.072344][ T5720] usb 5-1: unable to get BOS descriptor or descriptor too short
[  979.078599][ T8736] input: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input127
[  979.106597][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  979.123303][ T8736] dvb-usb: schedule remote query interval to 100 msecs.
[  979.126364][ T5720] usb 5-1: config 63 has an invalid interface number: 66 but max is 0
[  979.153398][   T10] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  979.156643][ T8736] pctv452e: pctv452e_power_ctrl: 0
[  979.156643][ T8736] 
[  979.173745][ T8736] dvb-usb: Technotrend TT Connect S2-3600 successfully initialized and connected.
[  979.174288][ T5720] usb 5-1: config 63 contains an unexpected descriptor of type 0x2, skipping
[  979.198868][   T10] usb 3-1: media controller created
[  979.200175][ T8736] usb 2-1: USB disconnect, device number 106
[  979.228159][T19992] dvb-usb: bulk message failed: -22 (7/0)
[  979.238324][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  979.248107][ T5720] usb 5-1: config 63 has an invalid descriptor of length 9, skipping remainder of the config
[  979.264728][T19992] pctv452e: I2C error -22; AA 03  114 00 00 -> aa 03 31 03 14 00 00
[  979.265610][   T29] dvb-usb: bulk message failed: -22 (4/0)
[  979.299120][   T29] dvb-usb: error -22 while querying for an remote control event.
[  979.300954][ T5720] usb 5-1: config 63 has no interface number 0
[  979.356815][ T5720] usb 5-1: config 63 interface 66 has no altsetting 0
[  979.382695][ T5720] usb 5-1: New USB device found, idVendor=174f, idProduct=8acf, bcdDevice=39.f4
[  979.385720][ T8734] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[  979.435004][ T5720] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  979.464104][ T5720] usb 5-1: Product: syz
[  979.481378][ T5720] usb 5-1: Manufacturer: syz
[  979.498495][ T5720] usb 5-1: SerialNumber: syz
[  979.505925][   T10] DVB: Unable to find symbol dib7000p_attach()
[  979.536596][   T10] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  979.591815][ T8734] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice= 0.40
[  979.616831][ T8734] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  979.657330][ T8734] usb 4-1: Product: syz
[  979.671179][ T8734] usb 4-1: Manufacturer: syz
[  979.681112][ T8734] usb 4-1: SerialNumber: syz
[  979.700328][   T10] rc_core: IR keymap rc-dib0700-rc5 not found
[  979.715051][   T10] Registered IR keymap rc-empty
[  979.722373][   T10] dvb-usb: could not initialize remote control.
[  979.746272][   T10] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  979.987356][ T8734] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  980.049183][ T8734] usb 4-1: USB disconnect, device number 114
[  980.106390][ T5720] uvcvideo 5-1:63.66: Found UVC 0.07 device syz (174f:8acf)
[  980.120521][ T5720] uvcvideo 5-1:63.66: No valid video chain found.
[  980.160218][ T5720] usb 5-1: USB disconnect, device number 75
[  980.598537][T20027] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  980.614119][T20027] syzkaller0: entered promiscuous mode
[  980.631820][T20027] syzkaller0: entered allmulticast mode
[  980.694845][T20026] tipc: Resetting bearer <eth:syzkaller0>
[  980.786579][T20026] tipc: Disabling bearer <eth:syzkaller0>
[  981.345666][   T10] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[  981.381618][ T5720] usb 3-1: USB disconnect, device number 90
[  981.388027][ T8736] dvb-usb: Technotrend TT Connect S2-3600 successfully deinitialized and disconnected.
[  981.506391][   T10] usb 4-1: Using ep0 maxpacket: 8
[  981.518481][ T5720] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  981.542887][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[  981.576050][   T10] usb 4-1: config 4 interface 0 has no altsetting 0
[  981.590517][   T10] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  981.604753][   T10] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  981.628172][T20041] input: syz0 as /devices/virtual/input/input129
[  981.635790][   T10] usb 4-1: Manufacturer: syz
[  981.635815][   T10] usb 4-1: SerialNumber: syz
[  981.755578][ T8736] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[  981.891253][   T10] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  981.913534][ T8736] usb 2-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  981.940314][ T8736] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  981.972847][ T8736] usb 2-1: New USB device found, idVendor=08b7, idProduct=8000, bcdDevice= 0.00
[  981.993451][   T10] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  982.019835][ T8736] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  982.033949][   T10] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  982.048493][   T10] usb 4-1: media controller created
[  982.063395][ T8736] usb 2-1: SerialNumber: syz
[  982.111040][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  982.206853][T12857] IPVS: wlc: UDP 127.0.0.1:20002 - no destination available
[  982.214753][   T10] zl10353_read_register: readreg error (reg=127, ret==0)
[  982.294646][T20022] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4367'.
[  982.374946][   T10] usb 4-1: USB disconnect, device number 115
[  982.413370][T20022] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4367'.
[  982.500232][ T8736] usb 2-1: 0:2 : does not exist
[  982.541022][ T8736] usb 2-1: unit 255 not found!
[  982.793665][ T8736] usb 2-1: USB disconnect, device number 107
[  982.936633][ T7079] udevd[7079]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  982.962113][T20046] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 20046 comm: syz.2.4375)
[  983.098491][T20052] fuse: Bad value for 'group_id'
[  983.129312][T20060] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  983.151999][T20060] syzkaller0: entered promiscuous mode
[  983.173423][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  983.173439][   T30] audit: type=1800 audit(1778102258.808:1453): pid=20046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4375" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=105257 res=0 errno=0
[  983.184968][T20060] syzkaller0: entered allmulticast mode
[  983.226716][T20052] fuse: Bad value for 'group_id'
[  983.457921][T20059] tipc: Resetting bearer <eth:syzkaller0>
[  983.537039][T20059] tipc: Disabling bearer <eth:syzkaller0>
[  983.742734][T20075] syz_tun: entered allmulticast mode
[  983.762113][T20075] dvmrp6: entered allmulticast mode
[  983.787214][T20075] pimreg: entered allmulticast mode
[  983.792904][T20077] FAULT_INJECTION: forcing a failure.
[  983.792904][T20077] name failslab, interval 1, probability 0, space 0, times 0
[  983.857296][T20077] CPU: 1 UID: 0 PID: 20077 Comm: syz.1.4384 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  983.857325][T20077] Tainted: [L]=SOFTLOCKUP
[  983.857330][T20077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  983.857338][T20077] Call Trace:
[  983.857344][T20077]  <TASK>
[  983.857350][T20077]  dump_stack_lvl+0xe8/0x150
[  983.857371][T20077]  should_fail_ex+0x412/0x560
[  983.857391][T20077]  should_failslab+0xa8/0x100
[  983.857410][T20077]  ? dst_alloc+0x105/0x170
[  983.857422][T20077]  kmem_cache_alloc_noprof+0x87/0x650
[  983.857438][T20077]  ? __pfx_find_exception+0x10/0x10
[  983.857456][T20077]  ? fib_lookup+0x76/0x440
[  983.857474][T20077]  dst_alloc+0x105/0x170
[  983.857488][T20077]  ip_route_output_key_hash_rcu+0x14d0/0x25d0
[  983.857512][T20077]  ? ip_route_output_key_hash+0xd8/0x2a0
[  983.857531][T20077]  ip_route_output_key_hash+0x18d/0x2a0
[  983.857552][T20077]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  983.857579][T20077]  ip_route_output_flow+0x2a/0x150
[  983.857595][T20077]  ? security_sk_classify_flow+0x6d/0x150
[  983.857616][T20077]  udp_sendmsg+0x141a/0x21a0
[  983.857632][T20077]  ? string+0x279/0x2b0
[  983.857650][T20077]  ? __pfx_udp_sendmsg+0x10/0x10
[  983.857666][T20077]  ? format_decode+0x5a3/0xe10
[  983.857677][T20077]  ? look_up_lock_class+0x57/0x110
[  983.857697][T20077]  ? __lock_acquire+0x6b5/0x2cf0
[  983.857716][T20077]  ? get_random_u32+0x497/0x8b0
[  983.857730][T20077]  ? lockdep_hardirqs_on+0x7a/0x110
[  983.857747][T20077]  ? get_random_u32+0x13a/0x8b0
[  983.857760][T20077]  ? get_random_u32+0x4ce/0x8b0
[  983.857779][T20077]  udpv6_sendmsg+0x996/0x25c0
[  983.857803][T20077]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  983.857816][T20077]  ? udp_lib_get_port+0x177a/0x1c60
[  983.857840][T20077]  ? ip6_datagram_release_cb+0x7c/0x550
[  983.857865][T20077]  ? inet_send_prepare+0x1b9/0x270
[  983.857883][T20077]  ? inet_send_prepare+0x1b9/0x270
[  983.857903][T20077]  ? inet_send_prepare+0x1b9/0x270
[  983.857920][T20077]  ? __local_bh_enable_ip+0xd0/0x130
[  983.857937][T20077]  ? inet6_sendmsg+0xe4/0x120
[  983.857951][T20077]  ____sys_sendmsg+0x5c7/0x9f0
[  983.857973][T20077]  ? __pfx_____sys_sendmsg+0x10/0x10
[  983.858002][T20077]  ? import_iovec+0x73/0xa0
[  983.858030][T20077]  ___sys_sendmsg+0x2a5/0x360
[  983.858055][T20077]  ? __lock_acquire+0x6b5/0x2cf0
[  983.858082][T20077]  ? __pfx____sys_sendmsg+0x10/0x10
[  983.858153][T20077]  ? __fget_files+0x2a/0x420
[  983.858179][T20077]  ? __fget_files+0x3a0/0x420
[  983.858216][T20077]  __x64_sys_sendmsg+0x1bd/0x2a0
[  983.858248][T20077]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  983.858288][T20077]  ? __pfx_ksys_write+0x10/0x10
[  983.858326][T20077]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  983.858349][T20077]  do_syscall_64+0x15f/0xf80
[  983.858373][T20077]  ? trace_irq_disable+0x3b/0x140
[  983.858403][T20077]  ? clear_bhb_loop+0x40/0x90
[  983.858429][T20077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  983.858451][T20077] RIP: 0033:0x7f8eee19cdd9
[  983.858472][T20077] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  983.858490][T20077] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  983.858514][T20077] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[  983.858530][T20077] RDX: 0000000004004000 RSI: 0000200000000780 RDI: 0000000000000003
[  983.858545][T20077] RBP: 00007f8eef013090 R08: 0000000000000000 R09: 0000000000000000
[  983.858558][T20077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  983.858571][T20077] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[  983.858605][T20077]  </TASK>
[  983.862822][T20075] pimreg: left allmulticast mode
[  984.545742][   T10] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[  984.715617][   T10] usb 2-1: Using ep0 maxpacket: 16
[  984.725066][   T10] usb 2-1: config 1 has an invalid interface number: 73 but max is 0
[  984.733516][   T10] usb 2-1: config 1 has no interface number 0
[  984.744961][   T10] usb 2-1: config 1 interface 73 altsetting 83 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  984.756588][   T10] usb 2-1: config 1 interface 73 has no altsetting 0
[  984.766813][   T10] usb 2-1: string descriptor 0 read error: -22
[  984.773362][   T10] usb 2-1: New USB device found, idVendor=0424, idProduct=274e, bcdDevice=1e.18
[  984.782804][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  985.038160][T20079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  985.058043][T20079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  985.103257][ T8734] usb 2-1: USB disconnect, device number 108
[  985.175565][ T8736] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  985.327463][ T8736] usb 3-1: unable to get BOS descriptor or descriptor too short
[  985.340507][T20103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4395'.
[  985.356087][ T8736] usb 3-1: config 66 has an invalid descriptor of length 11, skipping remainder of the config
[  985.387232][ T8736] usb 3-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=a4.95
[  985.410352][ T8736] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  985.429336][ T8736] usb 3-1: Product: syz
[  985.438388][ T8736] usb 3-1: Manufacturer: syz
[  985.447796][ T8736] usb 3-1: SerialNumber: syz
[  986.048828][T20115] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  986.055407][T20115] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  986.073017][T20115] vhci_hcd vhci_hcd.0: Device attached
[  986.305311][   T10] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  986.347831][T14633] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[  986.366524][ T8736] ati_remote2 3-1:66.0: ati_remote2_probe(): interface 0 must have an endpoint
[  986.395562][ T8736] usb 3-1: USB disconnect, device number 91
[  986.505750][T14633] usb 4-1: Using ep0 maxpacket: 8
[  986.521380][T14633] usb 4-1: config 0 has no interfaces?
[  986.532439][T14633] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  986.565114][T14633] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  986.581956][T14633] usb 4-1: config 0 descriptor??
[  986.592227][T20133] netlink: 'syz.0.4406': attribute type 21 has an invalid length.
[  986.600829][T20133] IPv6: NLM_F_CREATE should be specified when creating new route
[  986.619655][T20133] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  986.627393][T20133] IPv6: NLM_F_CREATE should be set when creating new route
[  986.634797][T20133] IPv6: NLM_F_CREATE should be set when creating new route
[  986.642104][T20133] IPv6: NLM_F_CREATE should be set when creating new route
[  986.646743][T20137] FAULT_INJECTION: forcing a failure.
[  986.646743][T20137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  986.663223][T20137] CPU: 1 UID: 0 PID: 20137 Comm: syz.1.4408 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  986.663256][T20137] Tainted: [L]=SOFTLOCKUP
[  986.663264][T20137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  986.663276][T20137] Call Trace:
[  986.663285][T20137]  <TASK>
[  986.663294][T20137]  dump_stack_lvl+0xe8/0x150
[  986.663331][T20137]  should_fail_ex+0x412/0x560
[  986.663364][T20137]  _copy_from_iter+0x1d3/0x1670
[  986.663394][T20137]  ? rcu_is_watching+0x15/0xb0
[  986.663426][T20137]  ? __pfx__copy_from_iter+0x10/0x10
[  986.663459][T20137]  ? netlink_sendmsg+0x650/0xb40
[  986.663484][T20137]  ? skb_put+0x11b/0x210
[  986.663513][T20137]  netlink_sendmsg+0x6c0/0xb40
[  986.663548][T20137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  986.663580][T20137]  ? aa_sock_msg_perm+0xf1/0x1b0
[  986.663609][T20137]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  986.663640][T20137]  ____sys_sendmsg+0x972/0x9f0
[  986.663668][T20137]  ? __might_fault+0xaf/0x130
[  986.663699][T20137]  ? __pfx_____sys_sendmsg+0x10/0x10
[  986.663745][T20137]  ? import_iovec+0x73/0xa0
[  986.663778][T20137]  ___sys_sendmsg+0x2a5/0x360
[  986.663805][T20137]  ? __lock_acquire+0x6b5/0x2cf0
[  986.663833][T20137]  ? __pfx____sys_sendmsg+0x10/0x10
[  986.663896][T20137]  ? __fget_files+0x2a/0x420
[  986.663920][T20137]  ? __fget_files+0x3a0/0x420
[  986.663956][T20137]  __x64_sys_sendmsg+0x1bd/0x2a0
[  986.663988][T20137]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  986.664026][T20137]  ? __pfx_ksys_write+0x10/0x10
[  986.664064][T20137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  986.664086][T20137]  do_syscall_64+0x15f/0xf80
[  986.664111][T20137]  ? trace_irq_disable+0x3b/0x140
[  986.664142][T20137]  ? clear_bhb_loop+0x40/0x90
[  986.664168][T20137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  986.664189][T20137] RIP: 0033:0x7f8eee19cdd9
[  986.664210][T20137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  986.664228][T20137] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  986.664253][T20137] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[  986.664268][T20137] RDX: 0000000000040000 RSI: 0000200000000400 RDI: 0000000000000007
[  986.664282][T20137] RBP: 00007f8eef013090 R08: 0000000000000000 R09: 0000000000000000
[  986.664296][T20137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  986.664309][T20137] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[  986.664343][T20137]  </TASK>
[  986.938177][ T8734] usb 4-1: USB disconnect, device number 116
[  986.949427][T20118] vhci_hcd: connection closed
[  986.963914][T12858] vhci_hcd vhci_hcd.3: stop threads
[  986.973989][T12858] vhci_hcd vhci_hcd.3: release socket
[  986.982870][T12858] vhci_hcd vhci_hcd.3: disconnect device
[  986.997727][ T8736] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[  987.018015][   T10] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  987.076488][T20143] FAULT_INJECTION: forcing a failure.
[  987.076488][T20143] name failslab, interval 1, probability 0, space 0, times 0
[  987.091808][T20144] FAULT_INJECTION: forcing a failure.
[  987.091808][T20144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  987.105623][T20143] CPU: 0 UID: 0 PID: 20143 Comm: syz.4.4409 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  987.105657][T20143] Tainted: [L]=SOFTLOCKUP
[  987.105665][T20143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  987.105676][T20143] Call Trace:
[  987.105685][T20143]  <TASK>
[  987.105694][T20143]  dump_stack_lvl+0xe8/0x150
[  987.105723][T20143]  should_fail_ex+0x412/0x560
[  987.105754][T20143]  should_failslab+0xa8/0x100
[  987.105787][T20143]  __kmalloc_noprof+0xe8/0x760
[  987.105816][T20143]  ? tomoyo_encode+0x28b/0x550
[  987.105850][T20143]  tomoyo_encode+0x28b/0x550
[  987.105882][T20143]  tomoyo_realpath_from_path+0x58d/0x5d0
[  987.105924][T20143]  ? tomoyo_domain+0xd7/0x130
[  987.105958][T20143]  ? tomoyo_path_number_perm+0x219/0x630
[  987.105983][T20143]  tomoyo_path_number_perm+0x246/0x630
[  987.106010][T20143]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  987.106032][T20143]  ? __lock_acquire+0x6b5/0x2cf0
[  987.106072][T20143]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  987.106124][T20143]  ? __fget_files+0x2a/0x420
[  987.106153][T20143]  ? __fget_files+0x2a/0x420
[  987.106175][T20143]  ? __fget_files+0x3a0/0x420
[  987.106197][T20143]  ? __fget_files+0x2a/0x420
[  987.106224][T20143]  security_file_ioctl+0xc3/0x2a0
[  987.106248][T20143]  __se_sys_ioctl+0x47/0x170
[  987.106277][T20143]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.106301][T20143]  do_syscall_64+0x15f/0xf80
[  987.106326][T20143]  ? trace_irq_disable+0x3b/0x140
[  987.106356][T20143]  ? clear_bhb_loop+0x40/0x90
[  987.106381][T20143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.106401][T20143] RIP: 0033:0x7ff39e39cdd9
[  987.106421][T20143] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  987.106438][T20143] RSP: 002b:00007ff39f243028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  987.106460][T20143] RAX: ffffffffffffffda RBX: 00007ff39e616090 RCX: 00007ff39e39cdd9
[  987.106473][T20143] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  987.106483][T20143] RBP: 00007ff39f243090 R08: 0000000000000000 R09: 0000000000000000
[  987.106494][T20143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  987.106504][T20143] R13: 00007ff39e616128 R14: 00007ff39e616090 R15: 00007ff39e73fa48
[  987.106537][T20143]  </TASK>
[  987.106551][T20144] CPU: 1 UID: 0 PID: 20144 Comm: syz.1.4410 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  987.106581][T20144] Tainted: [L]=SOFTLOCKUP
[  987.106586][T20143] ERROR: Out of memory at tomoyo_realpath_from_path.
[  987.106588][T20144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  987.106600][T20144] Call Trace:
[  987.106609][T20144]  <TASK>
[  987.106617][T20144]  dump_stack_lvl+0xe8/0x150
[  987.106639][T20144]  should_fail_ex+0x412/0x560
[  987.106676][T20144]  _copy_from_user+0x2d/0xb0
[  987.106703][T20144]  ____sys_sendmsg+0x308/0x9f0
[  987.106737][T20144]  ? __pfx_____sys_sendmsg+0x10/0x10
[  987.106771][T20144]  ? import_iovec+0x73/0xa0
[  987.106800][T20144]  ___sys_sendmsg+0x2a5/0x360
[  987.106824][T20144]  ? __lock_acquire+0x6b5/0x2cf0
[  987.106848][T20144]  ? __pfx____sys_sendmsg+0x10/0x10
[  987.106906][T20144]  ? __fget_files+0x2a/0x420
[  987.106927][T20144]  ? __fget_files+0x3a0/0x420
[  987.106958][T20144]  __x64_sys_sendmsg+0x1bd/0x2a0
[  987.106986][T20144]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  987.107027][T20144]  ? __pfx_ksys_write+0x10/0x10
[  987.107062][T20144]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.107082][T20144]  do_syscall_64+0x15f/0xf80
[  987.107104][T20144]  ? trace_irq_disable+0x3b/0x140
[  987.107130][T20144]  ? clear_bhb_loop+0x40/0x90
[  987.107153][T20144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.107171][T20144] RIP: 0033:0x7f8eee19cdd9
[  987.107188][T20144] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  987.107204][T20144] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  987.107223][T20144] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[  987.107236][T20144] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  987.107248][T20144] RBP: 00007f8eef013090 R08: 0000000000000000 R09: 0000000000000000
[  987.107260][T20144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  987.107271][T20144] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[  987.107300][T20144]  </TASK>
[  987.190703][ T8736] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice= 0.40
[  987.339621][T12851] IPVS: wlc: UDP 127.0.0.1:20002 - no destination available
[  987.358669][ T8736] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.664065][ T8736] usb 3-1: Product: syz
[  987.676504][T20153] FAULT_INJECTION: forcing a failure.
[  987.676504][T20153] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  987.692917][ T8736] usb 3-1: Manufacturer: syz
[  987.709384][ T8736] usb 3-1: SerialNumber: syz
[  987.710010][T20153] CPU: 0 UID: 0 PID: 20153 Comm: syz.3.4412 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  987.710040][T20153] Tainted: [L]=SOFTLOCKUP
[  987.710048][T20153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  987.710060][T20153] Call Trace:
[  987.710068][T20153]  <TASK>
[  987.710076][T20153]  dump_stack_lvl+0xe8/0x150
[  987.710104][T20153]  should_fail_ex+0x412/0x560
[  987.710133][T20153]  _copy_from_iter+0x1d3/0x1670
[  987.710161][T20153]  ? rcu_is_watching+0x15/0xb0
[  987.710189][T20153]  ? __pfx__copy_from_iter+0x10/0x10
[  987.710220][T20153]  ? netlink_sendmsg+0x650/0xb40
[  987.710243][T20153]  ? skb_put+0x11b/0x210
[  987.710271][T20153]  netlink_sendmsg+0x6c0/0xb40
[  987.710304][T20153]  ? __pfx_netlink_sendmsg+0x10/0x10
[  987.710332][T20153]  ? aa_sock_msg_perm+0xf1/0x1b0
[  987.710358][T20153]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  987.710387][T20153]  ____sys_sendmsg+0x972/0x9f0
[  987.710412][T20153]  ? __might_fault+0xaf/0x130
[  987.710442][T20153]  ? __pfx_____sys_sendmsg+0x10/0x10
[  987.710475][T20153]  ? import_iovec+0x73/0xa0
[  987.710504][T20153]  ___sys_sendmsg+0x2a5/0x360
[  987.710528][T20153]  ? __lock_acquire+0x6b5/0x2cf0
[  987.710553][T20153]  ? __pfx____sys_sendmsg+0x10/0x10
[  987.710609][T20153]  ? __fget_files+0x2a/0x420
[  987.710638][T20153]  ? __fget_files+0x3a0/0x420
[  987.710670][T20153]  __x64_sys_sendmsg+0x1bd/0x2a0
[  987.710698][T20153]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  987.710731][T20153]  ? __pfx_ksys_write+0x10/0x10
[  987.710765][T20153]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.710786][T20153]  do_syscall_64+0x15f/0xf80
[  987.710810][T20153]  ? trace_irq_disable+0x3b/0x140
[  987.710836][T20153]  ? clear_bhb_loop+0x40/0x90
[  987.710859][T20153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.710878][T20153] RIP: 0033:0x7f2178d9cdd9
[  987.710896][T20153] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  987.710917][T20153] RSP: 002b:00007f2179c93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  987.710938][T20153] RAX: ffffffffffffffda RBX: 00007f2179015fa0 RCX: 00007f2178d9cdd9
[  987.710952][T20153] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[  987.710964][T20153] RBP: 00007f2179c93090 R08: 0000000000000000 R09: 0000000000000000
[  987.710977][T20153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  987.710988][T20153] R13: 00007f2179016038 R14: 00007f2179015fa0 R15: 00007f217913fa48
[  987.711017][T20153]  </TASK>
[  988.239685][ T8736] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  988.286367][ T8736] usb 3-1: USB disconnect, device number 92
[  988.333658][T20162] FAULT_INJECTION: forcing a failure.
[  988.333658][T20162] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  988.373881][T20162] CPU: 0 UID: 0 PID: 20162 Comm: syz.4.4417 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  988.373917][T20162] Tainted: [L]=SOFTLOCKUP
[  988.373925][T20162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  988.373938][T20162] Call Trace:
[  988.373947][T20162]  <TASK>
[  988.373956][T20162]  dump_stack_lvl+0xe8/0x150
[  988.373978][T20162]  should_fail_ex+0x412/0x560
[  988.373998][T20162]  _copy_from_iter+0x1d3/0x1670
[  988.374016][T20162]  ? rcu_is_watching+0x15/0xb0
[  988.374035][T20162]  ? __pfx__copy_from_iter+0x10/0x10
[  988.374055][T20162]  ? netlink_sendmsg+0x650/0xb40
[  988.374072][T20162]  ? skb_put+0x11b/0x210
[  988.374089][T20162]  netlink_sendmsg+0x6c0/0xb40
[  988.374111][T20162]  ? __pfx_netlink_sendmsg+0x10/0x10
[  988.374129][T20162]  ? aa_sock_msg_perm+0xf1/0x1b0
[  988.374146][T20162]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  988.374165][T20162]  ____sys_sendmsg+0x972/0x9f0
[  988.374182][T20162]  ? __might_fault+0xaf/0x130
[  988.374202][T20162]  ? __pfx_____sys_sendmsg+0x10/0x10
[  988.374224][T20162]  ? import_iovec+0x73/0xa0
[  988.374244][T20162]  ___sys_sendmsg+0x2a5/0x360
[  988.374260][T20162]  ? __lock_acquire+0x6b5/0x2cf0
[  988.374276][T20162]  ? __pfx____sys_sendmsg+0x10/0x10
[  988.374320][T20162]  ? __fget_files+0x2a/0x420
[  988.374345][T20162]  ? __fget_files+0x3a0/0x420
[  988.374379][T20162]  __x64_sys_sendmsg+0x1bd/0x2a0
[  988.374410][T20162]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  988.374439][T20162]  ? __pfx_ksys_write+0x10/0x10
[  988.374462][T20162]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.374476][T20162]  do_syscall_64+0x15f/0xf80
[  988.374492][T20162]  ? trace_irq_disable+0x3b/0x140
[  988.374510][T20162]  ? clear_bhb_loop+0x40/0x90
[  988.374525][T20162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.374537][T20162] RIP: 0033:0x7ff39e39cdd9
[  988.374550][T20162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  988.374562][T20162] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  988.374577][T20162] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[  988.374586][T20162] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  988.374595][T20162] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[  988.374602][T20162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  988.374610][T20162] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[  988.374629][T20162]  </TASK>
[  989.053321][T20172] FAULT_INJECTION: forcing a failure.
[  989.053321][T20172] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  989.066931][T20172] CPU: 0 UID: 0 PID: 20172 Comm: syz.1.4420 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  989.066954][T20172] Tainted: [L]=SOFTLOCKUP
[  989.066959][T20172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  989.066967][T20172] Call Trace:
[  989.066973][T20172]  <TASK>
[  989.066979][T20172]  dump_stack_lvl+0xe8/0x150
[  989.067000][T20172]  should_fail_ex+0x412/0x560
[  989.067020][T20172]  _copy_from_user+0x2d/0xb0
[  989.067039][T20172]  video_usercopy+0x36f/0x1450
[  989.067058][T20172]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  989.067078][T20172]  ? __pfx___video_do_ioctl+0x10/0x10
[  989.067096][T20172]  ? __pfx_video_usercopy+0x10/0x10
[  989.067118][T20172]  ? __fget_files+0x2a/0x420
[  989.067135][T20172]  ? __fget_files+0x2a/0x420
[  989.067149][T20172]  ? __fget_files+0x3a0/0x420
[  989.067165][T20172]  v4l2_ioctl+0x18d/0x1e0
[  989.067182][T20172]  ? __pfx_v4l2_ioctl+0x10/0x10
[  989.067198][T20172]  __se_sys_ioctl+0xfc/0x170
[  989.067217][T20172]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.067230][T20172]  do_syscall_64+0x15f/0xf80
[  989.067245][T20172]  ? trace_irq_disable+0x3b/0x140
[  989.067264][T20172]  ? clear_bhb_loop+0x40/0x90
[  989.067279][T20172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.067291][T20172] RIP: 0033:0x7f8eee19cdd9
[  989.067304][T20172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  989.067315][T20172] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  989.067330][T20172] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[  989.067340][T20172] RDX: 00002000000000c0 RSI: 00000000c0d05605 RDI: 0000000000000003
[  989.067348][T20172] RBP: 00007f8eef013090 R08: 0000000000000000 R09: 0000000000000000
[  989.067356][T20172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  989.067364][T20172] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[  989.067382][T20172]  </TASK>
[  989.533688][T20185] FAULT_INJECTION: forcing a failure.
[  989.533688][T20185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  989.559142][T20185] CPU: 1 UID: 0 PID: 20185 Comm: syz.1.4422 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  989.559177][T20185] Tainted: [L]=SOFTLOCKUP
[  989.559186][T20185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  989.559198][T20185] Call Trace:
[  989.559207][T20185]  <TASK>
[  989.559216][T20185]  dump_stack_lvl+0xe8/0x150
[  989.559247][T20185]  should_fail_ex+0x412/0x560
[  989.559279][T20185]  _copy_from_iter+0x1d3/0x1670
[  989.559325][T20185]  ? rcu_is_watching+0x15/0xb0
[  989.559356][T20185]  ? __pfx__copy_from_iter+0x10/0x10
[  989.559390][T20185]  ? netlink_sendmsg+0x650/0xb40
[  989.559417][T20185]  ? skb_put+0x11b/0x210
[  989.559446][T20185]  netlink_sendmsg+0x6c0/0xb40
[  989.559481][T20185]  ? __pfx_netlink_sendmsg+0x10/0x10
[  989.559512][T20185]  ? aa_sock_msg_perm+0xf1/0x1b0
[  989.559541][T20185]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  989.559572][T20185]  ____sys_sendmsg+0x972/0x9f0
[  989.559600][T20185]  ? __might_fault+0xaf/0x130
[  989.559649][T20185]  ? __pfx_____sys_sendmsg+0x10/0x10
[  989.559687][T20185]  ? import_iovec+0x73/0xa0
[  989.559724][T20185]  ___sys_sendmsg+0x2a5/0x360
[  989.559751][T20185]  ? __lock_acquire+0x6b5/0x2cf0
[  989.559779][T20185]  ? __pfx____sys_sendmsg+0x10/0x10
[  989.559812][T20185]  ? kstrtouint+0x6e/0xe0
[  989.559870][T20185]  ? __fget_files+0x2a/0x420
[  989.559894][T20185]  ? __fget_files+0x3a0/0x420
[  989.559928][T20185]  __sys_sendmmsg+0x27c/0x4e0
[  989.559962][T20185]  ? __pfx___sys_sendmmsg+0x10/0x10
[  989.559987][T20185]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  989.560040][T20185]  ? ksys_write+0x242/0x270
[  989.560071][T20185]  ? __pfx_ksys_write+0x10/0x10
[  989.560104][T20185]  __x64_sys_sendmmsg+0xa0/0xc0
[  989.560129][T20185]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.560152][T20185]  do_syscall_64+0x15f/0xf80
[  989.560177][T20185]  ? trace_irq_disable+0x3b/0x140
[  989.560206][T20185]  ? clear_bhb_loop+0x40/0x90
[  989.560230][T20185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.560250][T20185] RIP: 0033:0x7f8eee19cdd9
[  989.560271][T20185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  989.560288][T20185] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  989.560310][T20185] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[  989.560326][T20185] RDX: 0492492492492627 RSI: 00002000000000c0 RDI: 0000000000000003
[  989.560340][T20185] RBP: 00007f8eef013090 R08: 0000000000000000 R09: 0000000000000000
[  989.560353][T20185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  989.560366][T20185] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[  989.560398][T20185]  </TASK>
[  990.007397][T20193] syz.1.4425 (20193): attempted to duplicate a private mapping with mremap.  This is not supported.
[  990.373080][T20211] FAULT_INJECTION: forcing a failure.
[  990.373080][T20211] name failslab, interval 1, probability 0, space 0, times 0
[  990.504765][T20211] CPU: 1 UID: 0 PID: 20211 Comm: syz.4.4428 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  990.504801][T20211] Tainted: [L]=SOFTLOCKUP
[  990.504815][T20211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  990.504829][T20211] Call Trace:
[  990.504838][T20211]  <TASK>
[  990.504847][T20211]  dump_stack_lvl+0xe8/0x150
[  990.504878][T20211]  should_fail_ex+0x412/0x560
[  990.504911][T20211]  should_failslab+0xa8/0x100
[  990.504942][T20211]  ? vm_area_alloc+0x24/0x140
[  990.504969][T20211]  kmem_cache_alloc_noprof+0x87/0x650
[  990.504996][T20211]  ? __pfx_vma_merge_new_range+0x10/0x10
[  990.505025][T20211]  vm_area_alloc+0x24/0x140
[  990.505054][T20211]  mmap_region+0x11c6/0x22a0
[  990.505077][T20211]  ? __lock_acquire+0x6b5/0x2cf0
[  990.505115][T20211]  ? mas_ascend+0x304/0x890
[  990.505145][T20211]  ? __pfx_mmap_region+0x10/0x10
[  990.505173][T20211]  ? mas_prev_node+0xbe2/0xe50
[  990.505273][T20211]  ? rcu_is_watching+0x15/0xb0
[  990.505300][T20211]  ? vm_unmapped_area+0xde/0x230
[  990.505341][T20211]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[  990.505389][T20211]  ? cap_mmap_addr+0xaf/0x100
[  990.505413][T20211]  ? bpf_lsm_mmap_addr+0x9/0x50
[  990.505456][T20211]  do_mmap+0xc39/0x10c0
[  990.505494][T20211]  ? __pfx_do_mmap+0x10/0x10
[  990.505515][T20211]  ? down_write_killable+0x180/0x240
[  990.505549][T20211]  ? __pfx_down_write_killable+0x10/0x10
[  990.505576][T20211]  ? lock_vma_under_rcu+0x45a/0x500
[  990.505613][T20211]  ? apparmor_mmap_file+0x197/0x3e0
[  990.505633][T20211]  ? security_mmap_file+0x4df/0xa20
[  990.505661][T20211]  vm_mmap_pgoff+0x2c9/0x4f0
[  990.505693][T20211]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  990.505713][T20211]  ? exc_page_fault+0x6a/0xc0
[  990.505748][T20211]  ? ksys_mmap_pgoff+0xf3/0x760
[  990.505773][T20211]  ? __x64_sys_mmap+0x7f/0x140
[  990.505796][T20211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.505820][T20211]  do_syscall_64+0x15f/0xf80
[  990.505845][T20211]  ? trace_irq_disable+0x3b/0x140
[  990.505875][T20211]  ? clear_bhb_loop+0x40/0x90
[  990.505902][T20211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.505923][T20211] RIP: 0033:0x7ff39e39cb42
[  990.505943][T20211] Code: 4f 01 00 0f 1f 44 00 00 41 f7 c1 ff 0f 00 00 75 27 55 89 cd 53 48 89 fb 48 85 ff 74 3b 41 89 ea 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 6e 5b 5d c3 0f 1f 00 48 c7 c0 e8 ff ff ff 64
[  990.505962][T20211] RSP: 002b:00007ff39f262d08 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  990.505986][T20211] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff39e39cb42
[  990.506002][T20211] RDX: 0000000000000000 RSI: 0000000008000000 RDI: 0000000000000000
[  990.506016][T20211] RBP: 0000000000000022 R08: 00000000ffffffff R09: 0000000000000000
[  990.506029][T20211] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000004000000
[  990.506042][T20211] R13: 0000000000001000 R14: 0000000000000022 R15: 00007ff39e44ff51
[  990.506075][T20211]  </TASK>
[  990.839589][T20217] FAULT_INJECTION: forcing a failure.
[  990.839589][T20217] name failslab, interval 1, probability 0, space 0, times 0
[  990.875769][T20217] CPU: 0 UID: 0 PID: 20217 Comm: syz.2.4431 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  990.875804][T20217] Tainted: [L]=SOFTLOCKUP
[  990.875812][T20217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  990.875825][T20217] Call Trace:
[  990.875833][T20217]  <TASK>
[  990.875850][T20217]  dump_stack_lvl+0xe8/0x150
[  990.875881][T20217]  should_fail_ex+0x412/0x560
[  990.875914][T20217]  should_failslab+0xa8/0x100
[  990.875948][T20217]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  990.875979][T20217]  ? __alloc_skb+0x1d0/0x7d0
[  990.876003][T20217]  ? __local_bh_enable_ip+0xd0/0x130
[  990.876031][T20217]  __alloc_skb+0x1d0/0x7d0
[  990.876062][T20217]  kcm_sendmsg+0x2524/0x29f0
[  990.876095][T20217]  ? __lock_acquire+0x6b5/0x2cf0
[  990.876144][T20217]  ? aa_sk_perm+0x6d5/0x900
[  990.876169][T20217]  ? __might_fault+0xaf/0x130
[  990.876200][T20217]  ? __pfx_aa_sk_perm+0x10/0x10
[  990.876225][T20217]  ? __pfx_kcm_sendmsg+0x10/0x10
[  990.876260][T20217]  ? aa_sock_msg_perm+0xf1/0x1b0
[  990.876290][T20217]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  990.876322][T20217]  ____sys_sendmsg+0x972/0x9f0
[  990.876350][T20217]  ? __might_fault+0xaf/0x130
[  990.876384][T20217]  ? __pfx_____sys_sendmsg+0x10/0x10
[  990.876423][T20217]  ? import_iovec+0x73/0xa0
[  990.876457][T20217]  ___sys_sendmsg+0x2a5/0x360
[  990.876484][T20217]  ? __lock_acquire+0x6b5/0x2cf0
[  990.876512][T20217]  ? __pfx____sys_sendmsg+0x10/0x10
[  990.876547][T20217]  ? kstrtouint+0x6e/0xe0
[  990.876600][T20217]  ? __fget_files+0x2a/0x420
[  990.876626][T20217]  ? __fget_files+0x3a0/0x420
[  990.876663][T20217]  __sys_sendmmsg+0x27c/0x4e0
[  990.876699][T20217]  ? __pfx___sys_sendmmsg+0x10/0x10
[  990.876726][T20217]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  990.876783][T20217]  ? ksys_write+0x242/0x270
[  990.876816][T20217]  ? __pfx_ksys_write+0x10/0x10
[  990.876862][T20217]  __x64_sys_sendmmsg+0xa0/0xc0
[  990.876891][T20217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.876914][T20217]  do_syscall_64+0x15f/0xf80
[  990.876940][T20217]  ? trace_irq_disable+0x3b/0x140
[  990.876971][T20217]  ? clear_bhb_loop+0x40/0x90
[  990.876997][T20217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.877019][T20217] RIP: 0033:0x7ff91bb9cdd9
[  990.877039][T20217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  990.877058][T20217] RSP: 002b:00007ff91ca39028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  990.877081][T20217] RAX: ffffffffffffffda RBX: 00007ff91be15fa0 RCX: 00007ff91bb9cdd9
[  990.877097][T20217] RDX: 0000000000000002 RSI: 0000200000001500 RDI: 0000000000000005
[  990.877111][T20217] RBP: 00007ff91ca39090 R08: 0000000000000000 R09: 0000000000000000
[  990.877125][T20217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  990.877137][T20217] R13: 00007ff91be16038 R14: 00007ff91be15fa0 R15: 00007ff91bf3fa48
[  990.877173][T20217]  </TASK>
[  990.883037][T20220] netlink: 5 bytes leftover after parsing attributes in process `syz.1.4432'.
[  990.904209][T20222] FAULT_INJECTION: forcing a failure.
[  990.904209][T20222] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  991.065246][T14633] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[  991.067597][T20222] CPU: 1 UID: 0 PID: 20222 Comm: syz.4.4433 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  991.067627][T20222] Tainted: [L]=SOFTLOCKUP
[  991.067635][T20222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  991.067646][T20222] Call Trace:
[  991.067656][T20222]  <TASK>
[  991.067674][T20222]  dump_stack_lvl+0xe8/0x150
[  991.067702][T20222]  should_fail_ex+0x412/0x560
[  991.067731][T20222]  _copy_from_iter+0x1d3/0x1670
[  991.067759][T20222]  ? rcu_is_watching+0x15/0xb0
[  991.067787][T20222]  ? __pfx__copy_from_iter+0x10/0x10
[  991.067819][T20222]  ? netlink_sendmsg+0x650/0xb40
[  991.067843][T20222]  ? skb_put+0x11b/0x210
[  991.067870][T20222]  netlink_sendmsg+0x6c0/0xb40
[  991.067903][T20222]  ? __pfx_netlink_sendmsg+0x10/0x10
[  991.067930][T20222]  ? aa_sock_msg_perm+0xf1/0x1b0
[  991.067955][T20222]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  991.067983][T20222]  ____sys_sendmsg+0x972/0x9f0
[  991.068009][T20222]  ? __might_fault+0xaf/0x130
[  991.068038][T20222]  ? __pfx_____sys_sendmsg+0x10/0x10
[  991.068072][T20222]  ? import_iovec+0x73/0xa0
[  991.068101][T20222]  ___sys_sendmsg+0x2a5/0x360
[  991.068125][T20222]  ? __lock_acquire+0x6b5/0x2cf0
[  991.068150][T20222]  ? __pfx____sys_sendmsg+0x10/0x10
[  991.068206][T20222]  ? __fget_files+0x2a/0x420
[  991.068228][T20222]  ? __fget_files+0x3a0/0x420
[  991.068259][T20222]  __x64_sys_sendmsg+0x1bd/0x2a0
[  991.068287][T20222]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  991.068321][T20222]  ? __pfx_ksys_write+0x10/0x10
[  991.068355][T20222]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  991.068375][T20222]  do_syscall_64+0x15f/0xf80
[  991.068399][T20222]  ? trace_irq_disable+0x3b/0x140
[  991.068426][T20222]  ? clear_bhb_loop+0x40/0x90
[  991.068449][T20222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  991.068481][T20222] RIP: 0033:0x7ff39e39cdd9
[  991.068500][T20222] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  991.068516][T20222] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  991.068537][T20222] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[  991.068550][T20222] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  991.068563][T20222] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[  991.068575][T20222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  991.068587][T20222] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[  991.068616][T20222]  </TASK>
[  991.192802][T20225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4434'.
[  991.202823][T20226] loop9: detected capacity change from 0 to 7
[  991.496972][ T7079] buffer_io_error: 11 callbacks suppressed
[  991.496986][ T7079] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.513264][ T7079] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.537034][T20226] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.555102][ T7079] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.567427][T20226] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.586541][ T7079] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.594890][ T7079] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.607330][T20226] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.615573][T14633] usb 4-1: Using ep0 maxpacket: 32
[  991.622775][T14633] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  991.633587][T14633] usb 4-1: config 0 has no interfaces?
[  991.643204][T14633] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  991.653334][T14633] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  991.663800][T20226] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.673735][T14633] usb 4-1: Product: syz
[  991.678570][T14633] usb 4-1: Manufacturer: syz
[  991.684666][T14633] usb 4-1: SerialNumber: syz
[  991.690911][T20226] Buffer I/O error on dev loop9, logical block 0, async page read
[  991.702220][T14633] usb 4-1: config 0 descriptor??
[  991.744508][T20226] ldm_validate_partition_table(): Disk read failed.
[  991.761251][T20226] Dev loop9: unable to read RDB block 0
[  991.784020][T20229] FAULT_INJECTION: forcing a failure.
[  991.784020][T20229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  991.788499][T20226]  loop9: unable to read partition table
[  991.803183][T20226] loop9: partition table beyond EOD, truncated
[  991.811292][T20226] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  991.811292][T20226] 
) failed (rc=-5)
[  991.875264][T20229] CPU: 0 UID: 0 PID: 20229 Comm: syz.2.4435 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  991.875295][T20229] Tainted: [L]=SOFTLOCKUP
[  991.875301][T20229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  991.875312][T20229] Call Trace:
[  991.875320][T20229]  <TASK>
[  991.875328][T20229]  dump_stack_lvl+0xe8/0x150
[  991.875353][T20229]  should_fail_ex+0x412/0x560
[  991.875380][T20229]  _copy_from_iter+0x1d3/0x1670
[  991.875406][T20229]  ? rcu_is_watching+0x15/0xb0
[  991.875433][T20229]  ? __pfx__copy_from_iter+0x10/0x10
[  991.875462][T20229]  ? netlink_sendmsg+0x650/0xb40
[  991.875483][T20229]  ? skb_put+0x11b/0x210
[  991.875508][T20229]  netlink_sendmsg+0x6c0/0xb40
[  991.875539][T20229]  ? __pfx_netlink_sendmsg+0x10/0x10
[  991.875565][T20229]  ? aa_sock_msg_perm+0xf1/0x1b0
[  991.875590][T20229]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  991.875617][T20229]  ____sys_sendmsg+0x972/0x9f0
[  991.875642][T20229]  ? __might_fault+0xaf/0x130
[  991.875669][T20229]  ? __pfx_____sys_sendmsg+0x10/0x10
[  991.875700][T20229]  ? import_iovec+0x73/0xa0
[  991.875727][T20229]  ___sys_sendmsg+0x2a5/0x360
[  991.875750][T20229]  ? __lock_acquire+0x6b5/0x2cf0
[  991.875774][T20229]  ? __pfx____sys_sendmsg+0x10/0x10
[  991.875840][T20229]  ? __fget_files+0x2a/0x420
[  991.875862][T20229]  ? __fget_files+0x3a0/0x420
[  991.875892][T20229]  __x64_sys_sendmsg+0x1bd/0x2a0
[  991.875922][T20229]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  991.875959][T20229]  ? __pfx_ksys_write+0x10/0x10
[  991.875994][T20229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  991.876017][T20229]  do_syscall_64+0x15f/0xf80
[  991.876048][T20229]  ? trace_irq_disable+0x3b/0x140
[  991.876078][T20229]  ? clear_bhb_loop+0x40/0x90
[  991.876104][T20229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  991.876125][T20229] RIP: 0033:0x7ff91bb9cdd9
[  991.876145][T20229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  991.876163][T20229] RSP: 002b:00007ff91ca39028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  991.876186][T20229] RAX: ffffffffffffffda RBX: 00007ff91be15fa0 RCX: 00007ff91bb9cdd9
[  991.876202][T20229] RDX: 0000000000000080 RSI: 0000200000000000 RDI: 0000000000000003
[  991.876215][T20229] RBP: 00007ff91ca39090 R08: 0000000000000000 R09: 0000000000000000
[  991.876229][T20229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  991.876242][T20229] R13: 00007ff91be16038 R14: 00007ff91be15fa0 R15: 00007ff91bf3fa48
[  991.876275][T20229]  </TASK>
[  992.147127][T20230] netlink: 'syz.4.4434': attribute type 11 has an invalid length.
[  992.154980][T20230] netlink: 199828 bytes leftover after parsing attributes in process `syz.4.4434'.
[  992.234394][T14633] usb 4-1: USB disconnect, device number 117
[  992.446828][T19643] IPVS: wlc: UDP 127.0.0.1:20002 - no destination available
[  992.891462][T20244] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  992.975312][T20246] FAULT_INJECTION: forcing a failure.
[  992.975312][T20246] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  992.991555][T20246] CPU: 1 UID: 0 PID: 20246 Comm: syz.4.4440 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  992.991589][T20246] Tainted: [L]=SOFTLOCKUP
[  992.991605][T20246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  992.991618][T20246] Call Trace:
[  992.991627][T20246]  <TASK>
[  992.991637][T20246]  dump_stack_lvl+0xe8/0x150
[  992.991669][T20246]  should_fail_ex+0x412/0x560
[  992.991701][T20246]  _copy_from_iter+0x1d3/0x1670
[  992.991731][T20246]  ? rcu_is_watching+0x15/0xb0
[  992.991764][T20246]  ? __pfx__copy_from_iter+0x10/0x10
[  992.991799][T20246]  ? netlink_sendmsg+0x650/0xb40
[  992.991825][T20246]  ? skb_put+0x11b/0x210
[  992.991853][T20246]  netlink_sendmsg+0x6c0/0xb40
[  992.991889][T20246]  ? __pfx_netlink_sendmsg+0x10/0x10
[  992.991919][T20246]  ? aa_sock_msg_perm+0xf1/0x1b0
[  992.991949][T20246]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  992.991980][T20246]  ____sys_sendmsg+0x972/0x9f0
[  992.992009][T20246]  ? __might_fault+0xaf/0x130
[  992.992041][T20246]  ? __pfx_____sys_sendmsg+0x10/0x10
[  992.992079][T20246]  ? import_iovec+0x73/0xa0
[  992.992112][T20246]  ___sys_sendmsg+0x2a5/0x360
[  992.992139][T20246]  ? __lock_acquire+0x6b5/0x2cf0
[  992.992166][T20246]  ? __pfx____sys_sendmsg+0x10/0x10
[  992.992229][T20246]  ? __fget_files+0x2a/0x420
[  992.992252][T20246]  ? __fget_files+0x3a0/0x420
[  992.992286][T20246]  __x64_sys_sendmsg+0x1bd/0x2a0
[  992.992317][T20246]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  992.992355][T20246]  ? __pfx_ksys_write+0x10/0x10
[  992.992400][T20246]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.992423][T20246]  do_syscall_64+0x15f/0xf80
[  992.992447][T20246]  ? trace_irq_disable+0x3b/0x140
[  992.992477][T20246]  ? clear_bhb_loop+0x40/0x90
[  992.992501][T20246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.992521][T20246] RIP: 0033:0x7ff39e39cdd9
[  992.992541][T20246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  992.992559][T20246] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  992.992583][T20246] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[  992.992606][T20246] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  992.992620][T20246] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[  992.992633][T20246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  992.992646][T20246] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[  992.992679][T20246]  </TASK>
[  993.280149][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  993.286575][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  993.474147][T20259] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4445'.
[  993.498669][T20259] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4445'.
[  993.526585][T20261] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  993.533915][T20261] IPv6: NLM_F_CREATE should be set when creating new route
[  993.541262][T20261] IPv6: NLM_F_CREATE should be set when creating new route
[  993.555659][T14633] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[  993.569181][T20262] PKCS7: Unknown OID: [4] 5.25.287.112.81.102.117.87.150326315.2007.15776.1
[  993.591458][T20262] PKCS7: Only support pkcs7_signedData type
[  993.665708][ T5720] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  993.721168][T14633] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  993.731498][T14633] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  993.744896][T14633] usb 4-1: config 0 descriptor??
[  993.758630][T14633] cp210x 4-1:0.0: cp210x converter detected
[  993.832903][ T5720] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  993.852610][ T5720] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  993.878341][ T5720] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  993.905940][ T5720] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  993.937167][ T5720] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  993.947535][ T5720] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  993.956349][ T5720] usb 5-1: Manufacturer: syz
[  993.980675][ T5720] usb 5-1: config 0 descriptor??
[  994.135332][T20276] fuse: Bad value for 'fd'
[  994.164906][T20270] bond0: option resend_igmp: invalid value (14377)
[  994.175183][T14633] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -121
[  994.188008][T20270] bond0: option resend_igmp: allowed values 0 - 255
[  994.410963][T14633] usb 4-1: cp210x converter now attached to ttyUSB0
[  994.461772][ T5720] appleir 0003:05AC:8243.006D: unknown main item tag 0x0
[  994.509286][ T5720] appleir 0003:05AC:8243.006D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  994.617059][ T8736] usb 4-1: USB disconnect, device number 118
[  994.644689][ T8736] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  994.723986][ T8736] cp210x 4-1:0.0: device disconnected
[  994.738745][ T8734] usb 5-1: USB disconnect, device number 76
[  994.828653][T20289] fido_id[20289]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  995.046245][T20293] binder: 20292:20293 ioctl c0306201 200000000680 returned -14
[  995.416302][T20304] FAULT_INJECTION: forcing a failure.
[  995.416302][T20304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  995.461390][T20304] CPU: 0 UID: 0 PID: 20304 Comm: syz.4.4460 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  995.461425][T20304] Tainted: [L]=SOFTLOCKUP
[  995.461433][T20304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  995.461446][T20304] Call Trace:
[  995.461455][T20304]  <TASK>
[  995.461465][T20304]  dump_stack_lvl+0xe8/0x150
[  995.461495][T20304]  should_fail_ex+0x412/0x560
[  995.461528][T20304]  _copy_from_iter+0x1d3/0x1670
[  995.461560][T20304]  ? rcu_is_watching+0x15/0xb0
[  995.461598][T20304]  ? __pfx__copy_from_iter+0x10/0x10
[  995.461631][T20304]  ? netlink_sendmsg+0x650/0xb40
[  995.461658][T20304]  ? skb_put+0x11b/0x210
[  995.461688][T20304]  netlink_sendmsg+0x6c0/0xb40
[  995.461726][T20304]  ? __pfx_netlink_sendmsg+0x10/0x10
[  995.461757][T20304]  ? aa_sock_msg_perm+0xf1/0x1b0
[  995.461786][T20304]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  995.461818][T20304]  ____sys_sendmsg+0x972/0x9f0
[  995.461847][T20304]  ? __might_fault+0xaf/0x130
[  995.461888][T20304]  ? __pfx_____sys_sendmsg+0x10/0x10
[  995.461926][T20304]  ? import_iovec+0x73/0xa0
[  995.461959][T20304]  ___sys_sendmsg+0x2a5/0x360
[  995.461986][T20304]  ? __lock_acquire+0x6b5/0x2cf0
[  995.462013][T20304]  ? __pfx____sys_sendmsg+0x10/0x10
[  995.462078][T20304]  ? __fget_files+0x2a/0x420
[  995.462103][T20304]  ? __fget_files+0x3a0/0x420
[  995.462138][T20304]  __x64_sys_sendmsg+0x1bd/0x2a0
[  995.462170][T20304]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  995.462208][T20304]  ? __pfx_ksys_write+0x10/0x10
[  995.462246][T20304]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  995.462269][T20304]  do_syscall_64+0x15f/0xf80
[  995.462295][T20304]  ? trace_irq_disable+0x3b/0x140
[  995.462326][T20304]  ? clear_bhb_loop+0x40/0x90
[  995.462353][T20304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  995.462374][T20304] RIP: 0033:0x7ff39e39cdd9
[  995.462394][T20304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  995.462413][T20304] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  995.462436][T20304] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[  995.462452][T20304] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  995.462466][T20304] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[  995.462478][T20304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  995.462491][T20304] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[  995.462522][T20304]  </TASK>
[  996.015448][ T8734] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[  996.171596][ T8734] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  996.188943][ T8734] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  996.226148][ T8734] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  996.237886][ T8734] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  996.254998][ T8734] usb 3-1: SerialNumber: syz
[  996.494737][ T8734] usb 3-1: 0:2 : does not exist
[  996.620454][ T8734] usb 3-1: USB disconnect, device number 93
[  996.925618][ T5720] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  997.030089][T20352] netlink: 'syz.3.4475': attribute type 1 has an invalid length.
[  997.087459][T20352] 8021q: adding VLAN 0 to HW filter on device bond1
[  997.105474][ T5720] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  997.117452][ T5720] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  997.127434][ T5720] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  997.136823][ T5720] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  997.172063][T20354] bond1: (slave dummy0): making interface the new active one
[  997.182630][ T5720] usb 5-1: config 0 descriptor??
[  997.204925][T20354] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  997.233607][T20352] bond1: entered promiscuous mode
[  997.252106][T20352] dummy0: entered promiscuous mode
[  997.612622][T20346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  997.642140][T20346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  997.792433][ T5720] usbhid 5-1:0.0: can't add hid device: -71
[  997.808448][ T5720] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  997.855556][ T5720] usb 5-1: USB disconnect, device number 77
[  998.212656][T12858] IPVS: wlc: UDP 127.0.0.1:20002 - no destination available
[  998.425695][ T8732] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[  998.587992][ T8732] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  998.597397][ T8732] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  998.610192][ T8732] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  998.629239][ T8732] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 110, changing to 10
[  998.655394][ T8732] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26111, setting to 1024
[  998.680171][ T8732] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  998.690104][ T8732] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  998.706152][ T8732] usb 3-1: Product: syz
[  998.713330][ T8732] usb 3-1: Manufacturer: syz
[  998.734657][T20370] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  998.746331][ T8732] cdc_wdm 3-1:1.0: skipping garbage
[  998.752461][ T8732] cdc_wdm 3-1:1.0: skipping garbage
[  998.764130][ T8732] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  998.780592][ T8732] cdc_wdm 3-1:1.0: Unknown control protocol
[  998.978441][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  998.985329][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  998.991788][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  998.998409][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.004691][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.011306][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.017767][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.024363][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.030691][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.037320][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.043722][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.050343][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.057033][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.063646][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.069931][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.076520][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.082954][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.089557][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.095846][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  999.102476][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  999.158642][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  999.170787][ T5720] usb 3-1: USB disconnect, device number 94
[  999.680452][   T30] audit: type=1326 audit(1778102275.328:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.724473][   T30] audit: type=1326 audit(1778102275.328:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.751911][   T30] audit: type=1326 audit(1778102275.368:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.778862][   T30] audit: type=1326 audit(1778102275.398:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.805329][T20385] netlink: 'syz.3.4484': attribute type 7 has an invalid length.
[  999.824508][T20385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4484'.
[  999.835641][   T30] audit: type=1326 audit(1778102275.398:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.864122][   T30] audit: type=1326 audit(1778102275.448:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.896074][   T30] audit: type=1326 audit(1778102275.448:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.924531][   T30] audit: type=1326 audit(1778102275.448:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.955596][   T30] audit: type=1326 audit(1778102275.448:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[  999.955646][ T5720] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  999.987822][   T30] audit: type=1326 audit(1778102275.468:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20383 comm="syz.3.4484" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2178d9cdd9 code=0x7ffc0000
[ 1000.116665][T20394] FAULT_INJECTION: forcing a failure.
[ 1000.116665][T20394] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.167166][T20394] CPU: 1 UID: 0 PID: 20394 Comm: syz.0.4488 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1000.167209][T20394] Tainted: [L]=SOFTLOCKUP
[ 1000.167217][T20394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1000.167230][T20394] Call Trace:
[ 1000.167240][T20394]  <TASK>
[ 1000.167249][T20394]  dump_stack_lvl+0xe8/0x150
[ 1000.167281][T20394]  should_fail_ex+0x412/0x560
[ 1000.167312][T20394]  should_failslab+0xa8/0x100
[ 1000.167342][T20394]  ? skb_clone+0x212/0x3a0
[ 1000.167369][T20394]  kmem_cache_alloc_noprof+0x87/0x650
[ 1000.167396][T20394]  ? __netlink_lookup+0xc6/0x8b0
[ 1000.167430][T20394]  skb_clone+0x212/0x3a0
[ 1000.167464][T20394]  __netlink_deliver_tap+0x404/0x850
[ 1000.167511][T20394]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1000.167541][T20394]  netlink_deliver_tap+0x19c/0x1b0
[ 1000.167570][T20394]  netlink_unicast+0x730/0x8e0
[ 1000.167608][T20394]  netlink_sendmsg+0x813/0xb40
[ 1000.167646][T20394]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1000.167678][T20394]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1000.167708][T20394]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1000.167740][T20394]  ____sys_sendmsg+0x972/0x9f0
[ 1000.167767][T20394]  ? __might_fault+0xaf/0x130
[ 1000.167801][T20394]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1000.167840][T20394]  ? import_iovec+0x73/0xa0
[ 1000.167874][T20394]  ___sys_sendmsg+0x2a5/0x360
[ 1000.167901][T20394]  ? __lock_acquire+0x6b5/0x2cf0
[ 1000.167929][T20394]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1000.167997][T20394]  ? __fget_files+0x2a/0x420
[ 1000.168021][T20394]  ? __fget_files+0x3a0/0x420
[ 1000.168058][T20394]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1000.168090][T20394]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1000.168128][T20394]  ? __pfx_ksys_write+0x10/0x10
[ 1000.168167][T20394]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1000.168191][T20394]  do_syscall_64+0x15f/0xf80
[ 1000.168217][T20394]  ? trace_irq_disable+0x3b/0x140
[ 1000.168237][T20394]  ? clear_bhb_loop+0x40/0x90
[ 1000.168252][T20394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1000.168264][T20394] RIP: 0033:0x7f234d79cdd9
[ 1000.168277][T20394] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1000.168289][T20394] RSP: 002b:00007f234e6bc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1000.168304][T20394] RAX: ffffffffffffffda RBX: 00007f234da15fa0 RCX: 00007f234d79cdd9
[ 1000.168313][T20394] RDX: 0000000000000000 RSI: 0000200000000800 RDI: 0000000000000003
[ 1000.168322][T20394] RBP: 00007f234e6bc090 R08: 0000000000000000 R09: 0000000000000000
[ 1000.168330][T20394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1000.168337][T20394] R13: 00007f234da16038 R14: 00007f234da15fa0 R15: 00007f234db3fa48
[ 1000.168356][T20394]  </TASK>
[ 1000.176586][ T5720] usb 5-1: Using ep0 maxpacket: 32
[ 1000.501524][ T5720] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1000.575442][ T5720] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.593285][ T5720] usb 5-1: config 0 descriptor??
[ 1000.801849][ T5720] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1000.822507][ T5720] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1000.833648][ T5720] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1000.844114][ T5720] usb 5-1: media controller created
[ 1000.862129][ T5720] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1000.905876][ T8734] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 1001.038437][T20414] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4494'.
[ 1001.077316][ T8734] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1001.098320][ T8734] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1001.116613][ T5720] az6027: usb out operation failed. (-71)
[ 1001.126947][ T8734] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1001.130744][ T5720] az6027: usb out operation failed. (-71)
[ 1001.150998][ T8734] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1001.164003][ T5720] stb0899_attach: Driver disabled by Kconfig
[ 1001.164022][ T5720] az6027: no front-end attached
[ 1001.164022][ T5720] 
[ 1001.165071][ T5720] az6027: usb out operation failed. (-71)
[ 1001.190186][ T8734] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1001.195278][ T5720] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1001.205202][ T8734] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1001.224856][ T8734] usb 4-1: Manufacturer: syz
[ 1001.228225][ T5720] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input130
[ 1001.239279][ T8734] usb 4-1: config 0 descriptor??
[ 1001.257447][ T5720] dvb-usb: schedule remote query interval to 400 msecs.
[ 1001.275024][ T5720] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1001.281279][T19721] Bluetooth: hci2: unexpected event for opcode 0x041b
[ 1001.309837][T20419] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4496'.
[ 1001.337871][ T5720] usb 5-1: USB disconnect, device number 78
[ 1001.448969][ T5720] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1001.490346][T20425] FAULT_INJECTION: forcing a failure.
[ 1001.490346][T20425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1001.503515][T20425] CPU: 0 UID: 0 PID: 20425 Comm: syz.2.4498 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1001.503536][T20425] Tainted: [L]=SOFTLOCKUP
[ 1001.503541][T20425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1001.503549][T20425] Call Trace:
[ 1001.503557][T20425]  <TASK>
[ 1001.503566][T20425]  dump_stack_lvl+0xe8/0x150
[ 1001.503596][T20425]  should_fail_ex+0x412/0x560
[ 1001.503627][T20425]  _copy_to_user+0x31/0xb0
[ 1001.503656][T20425]  vhost_net_ioctl+0x52c/0x17c0
[ 1001.503676][T20425]  ? __pfx_vhost_net_ioctl+0x10/0x10
[ 1001.503693][T20425]  ? __fget_files+0x2a/0x420
[ 1001.503710][T20425]  ? __fget_files+0x2a/0x420
[ 1001.503731][T20425]  ? __fget_files+0x3a0/0x420
[ 1001.503754][T20425]  ? __fget_files+0x2a/0x420
[ 1001.503787][T20425]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1001.503815][T20425]  ? __pfx_vhost_net_ioctl+0x10/0x10
[ 1001.503829][T20425]  __se_sys_ioctl+0xfc/0x170
[ 1001.503847][T20425]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1001.503861][T20425]  do_syscall_64+0x15f/0xf80
[ 1001.503882][T20425]  ? trace_irq_disable+0x3b/0x140
[ 1001.503910][T20425]  ? clear_bhb_loop+0x40/0x90
[ 1001.503934][T20425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1001.503953][T20425] RIP: 0033:0x7ff91bb9cdd9
[ 1001.503972][T20425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1001.503983][T20425] RSP: 002b:00007ff91ca39028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1001.503997][T20425] RAX: ffffffffffffffda RBX: 00007ff91be15fa0 RCX: 00007ff91bb9cdd9
[ 1001.504007][T20425] RDX: 0000200000000080 RSI: 000000008008af83 RDI: 0000000000000005
[ 1001.504015][T20425] RBP: 00007ff91ca39090 R08: 0000000000000000 R09: 0000000000000000
[ 1001.504023][T20425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1001.504034][T20425] R13: 00007ff91be16038 R14: 00007ff91be15fa0 R15: 00007ff91bf3fa48
[ 1001.504065][T20425]  </TASK>
[ 1001.758284][ T8734] appleir 0003:05AC:8243.006E: unknown main item tag 0x0
[ 1001.803717][ T8734] appleir 0003:05AC:8243.006E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[ 1001.826451][T20432] FAULT_INJECTION: forcing a failure.
[ 1001.826451][T20432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1001.829230][T20431] input: syz0 as /devices/virtual/input/input131
[ 1001.839840][T20432] CPU: 0 UID: 0 PID: 20432 Comm: syz.1.4499 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1001.839870][T20432] Tainted: [L]=SOFTLOCKUP
[ 1001.839878][T20432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1001.839889][T20432] Call Trace:
[ 1001.839898][T20432]  <TASK>
[ 1001.839906][T20432]  dump_stack_lvl+0xe8/0x150
[ 1001.839933][T20432]  should_fail_ex+0x412/0x560
[ 1001.839963][T20432]  _copy_from_iter+0x1d3/0x1670
[ 1001.839990][T20432]  ? rcu_is_watching+0x15/0xb0
[ 1001.840020][T20432]  ? __pfx__copy_from_iter+0x10/0x10
[ 1001.840051][T20432]  ? netlink_sendmsg+0x650/0xb40
[ 1001.840074][T20432]  ? skb_put+0x11b/0x210
[ 1001.840102][T20432]  netlink_sendmsg+0x6c0/0xb40
[ 1001.840135][T20432]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1001.840163][T20432]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1001.840189][T20432]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1001.840217][T20432]  ____sys_sendmsg+0x972/0x9f0
[ 1001.840242][T20432]  ? __might_fault+0xaf/0x130
[ 1001.840272][T20432]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1001.840305][T20432]  ? import_iovec+0x73/0xa0
[ 1001.840335][T20432]  ___sys_sendmsg+0x2a5/0x360
[ 1001.840359][T20432]  ? __lock_acquire+0x6b5/0x2cf0
[ 1001.840384][T20432]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1001.840441][T20432]  ? __fget_files+0x2a/0x420
[ 1001.840463][T20432]  ? __fget_files+0x3a0/0x420
[ 1001.840494][T20432]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1001.840522][T20432]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1001.840556][T20432]  ? __pfx_ksys_write+0x10/0x10
[ 1001.840590][T20432]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1001.840611][T20432]  do_syscall_64+0x15f/0xf80
[ 1001.840634][T20432]  ? trace_irq_disable+0x3b/0x140
[ 1001.840661][T20432]  ? clear_bhb_loop+0x40/0x90
[ 1001.840684][T20432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1001.840703][T20432] RIP: 0033:0x7f8eee19cdd9
[ 1001.840720][T20432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1001.840744][T20432] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1001.840765][T20432] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[ 1001.840779][T20432] RDX: 0000000000044000 RSI: 0000200000000540 RDI: 0000000000000003
[ 1001.840791][T20432] RBP: 00007f8eef013090 R08: 0000000000000000 R09: 0000000000000000
[ 1001.840803][T20432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1001.840814][T20432] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[ 1001.840844][T20432]  </TASK>
[ 1002.119741][ T8734] usb 4-1: USB disconnect, device number 119
[ 1002.278072][T20439] fido_id[20439]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1002.455621][ T8732] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[ 1002.615761][ T8732] usb 2-1: Using ep0 maxpacket: 32
[ 1002.630958][ T8732] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1002.678923][ T8732] usb 2-1: config 86 has an invalid interface number: 175 but max is 0
[ 1002.689102][ T8732] usb 2-1: config 86 has no interface number 0
[ 1002.715933][ T8732] usb 2-1: config 86 interface 175 has no altsetting 0
[ 1002.731868][ T8732] usb 2-1: New USB device found, idVendor=05ac, idProduct=0273, bcdDevice=a4.be
[ 1002.759659][ T8732] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1002.777312][ T8732] usb 2-1: Product: syz
[ 1002.790561][ T8732] usb 2-1: Manufacturer: syz
[ 1002.805310][ T8732] usb 2-1: SerialNumber: syz
[ 1002.866932][T20462] FAULT_INJECTION: forcing a failure.
[ 1002.866932][T20462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1002.882276][T20462] CPU: 0 UID: 0 PID: 20462 Comm: syz.3.4511 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1002.882311][T20462] Tainted: [L]=SOFTLOCKUP
[ 1002.882319][T20462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1002.882332][T20462] Call Trace:
[ 1002.882347][T20462]  <TASK>
[ 1002.882356][T20462]  dump_stack_lvl+0xe8/0x150
[ 1002.882387][T20462]  should_fail_ex+0x412/0x560
[ 1002.882418][T20462]  _copy_from_user+0x2d/0xb0
[ 1002.882448][T20462]  vti6_siocdevprivate+0x1f2/0x7a0
[ 1002.882476][T20462]  ? __pfx_vti6_siocdevprivate+0x10/0x10
[ 1002.882520][T20462]  ? full_name_hash+0xb0/0xe0
[ 1002.882550][T20462]  dev_ifsioc+0xb6b/0x1330
[ 1002.882577][T20462]  ? dev_load+0x21/0x1f0
[ 1002.882612][T20462]  dev_ioctl+0x84c/0x1150
[ 1002.882639][T20462]  sock_ioctl+0x75f/0x7f0
[ 1002.882661][T20462]  ? __pfx_sock_ioctl+0x10/0x10
[ 1002.882682][T20462]  ? __fget_files+0x3a0/0x420
[ 1002.882705][T20462]  ? __fget_files+0x2a/0x420
[ 1002.882732][T20462]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1002.882761][T20462]  ? __pfx_sock_ioctl+0x10/0x10
[ 1002.882780][T20462]  __se_sys_ioctl+0xfc/0x170
[ 1002.882808][T20462]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1002.882830][T20462]  do_syscall_64+0x15f/0xf80
[ 1002.882856][T20462]  ? trace_irq_disable+0x3b/0x140
[ 1002.882886][T20462]  ? clear_bhb_loop+0x40/0x90
[ 1002.882910][T20462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1002.882931][T20462] RIP: 0033:0x7f2178d9cdd9
[ 1002.882951][T20462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1002.882969][T20462] RSP: 002b:00007f2179c93028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1002.882992][T20462] RAX: ffffffffffffffda RBX: 00007f2179015fa0 RCX: 00007f2178d9cdd9
[ 1002.883007][T20462] RDX: 0000200000000440 RSI: 00000000000089f1 RDI: 0000000000000003
[ 1002.883021][T20462] RBP: 00007f2179c93090 R08: 0000000000000000 R09: 0000000000000000
[ 1002.883034][T20462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1002.883046][T20462] R13: 00007f2179016038 R14: 00007f2179015fa0 R15: 00007f217913fa48
[ 1002.883079][T20462]  </TASK>
[ 1002.920722][T20464] netlink: 'syz.2.4512': attribute type 1 has an invalid length.
[ 1003.123303][ T8732] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:86.175/input/input132
[ 1003.147120][ T4977] bcm5974 2-1:86.175: could not read from device
[ 1003.174660][ T4977] bcm5974 2-1:86.175: could not read from device
[ 1003.217294][ T8732] usb 2-1: USB disconnect, device number 109
[ 1003.242791][ T4977] bcm5974 2-1:86.175: could not read from device
[ 1003.263110][T20469] could not allocate digest TFM handle crc32-pclmul
[ 1003.296622][T20465] libceph: resolve '0..' (ret=-3): failed
[ 1003.331075][T19643] IPVS: wlc: UDP 127.0.0.1:20002 - no destination available
[ 1003.386035][T20464] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1003.430429][T20466] bond2 (unregistering): Released all slaves
[ 1003.915749][   T10] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1003.985117][T20494] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.4521'.
[ 1004.097115][   T10] usb 4-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1004.115499][   T10] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1004.136973][   T10] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1004.165338][   T10] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1004.174749][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1004.191000][T20482] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1004.456647][T20508] FAULT_INJECTION: forcing a failure.
[ 1004.456647][T20508] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1004.486082][T20508] CPU: 0 UID: 0 PID: 20508 Comm: syz.4.4526 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1004.486118][T20508] Tainted: [L]=SOFTLOCKUP
[ 1004.486126][T20508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1004.486139][T20508] Call Trace:
[ 1004.486147][T20508]  <TASK>
[ 1004.486161][T20508]  dump_stack_lvl+0xe8/0x150
[ 1004.486191][T20508]  should_fail_ex+0x412/0x560
[ 1004.486224][T20508]  _copy_from_iter+0x1d3/0x1670
[ 1004.486256][T20508]  ? rcu_is_watching+0x15/0xb0
[ 1004.486286][T20508]  ? __pfx__copy_from_iter+0x10/0x10
[ 1004.486321][T20508]  ? netlink_sendmsg+0x650/0xb40
[ 1004.486348][T20508]  ? skb_put+0x11b/0x210
[ 1004.486377][T20508]  netlink_sendmsg+0x6c0/0xb40
[ 1004.486415][T20508]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1004.486445][T20508]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1004.486472][T20508]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1004.486503][T20508]  ____sys_sendmsg+0x972/0x9f0
[ 1004.486531][T20508]  ? __might_fault+0xaf/0x130
[ 1004.486564][T20508]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1004.486602][T20508]  ? import_iovec+0x73/0xa0
[ 1004.486634][T20508]  ___sys_sendmsg+0x2a5/0x360
[ 1004.486660][T20508]  ? __lock_acquire+0x6b5/0x2cf0
[ 1004.486688][T20508]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1004.486760][T20508]  ? __fget_files+0x2a/0x420
[ 1004.486783][T20508]  ? __fget_files+0x3a0/0x420
[ 1004.486818][T20508]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1004.486849][T20508]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1004.486883][T20508]  ? __pfx_ksys_write+0x10/0x10
[ 1004.486917][T20508]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.486939][T20508]  do_syscall_64+0x15f/0xf80
[ 1004.486964][T20508]  ? trace_irq_disable+0x3b/0x140
[ 1004.486993][T20508]  ? clear_bhb_loop+0x40/0x90
[ 1004.487017][T20508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.487036][T20508] RIP: 0033:0x7ff39e39cdd9
[ 1004.487055][T20508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1004.487071][T20508] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1004.487095][T20508] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[ 1004.487110][T20508] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[ 1004.487122][T20508] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[ 1004.487135][T20508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1004.487147][T20508] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[ 1004.487177][T20508]  </TASK>
[ 1004.951884][T20520] FAULT_INJECTION: forcing a failure.
[ 1004.951884][T20520] name failslab, interval 1, probability 0, space 0, times 0
[ 1004.980337][T20520] CPU: 1 UID: 0 PID: 20520 Comm: syz.4.4530 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1004.980361][T20520] Tainted: [L]=SOFTLOCKUP
[ 1004.980366][T20520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1004.980374][T20520] Call Trace:
[ 1004.980380][T20520]  <TASK>
[ 1004.980386][T20520]  dump_stack_lvl+0xe8/0x150
[ 1004.980406][T20520]  should_fail_ex+0x412/0x560
[ 1004.980426][T20520]  should_failslab+0xa8/0x100
[ 1004.980446][T20520]  __kmalloc_node_noprof+0xf0/0x7c0
[ 1004.980472][T20520]  ? lock_acquire+0x106/0x350
[ 1004.980486][T20520]  ? qdisc_alloc+0x92/0x9e0
[ 1004.980504][T20520]  qdisc_alloc+0x92/0x9e0
[ 1004.980524][T20520]  qdisc_create+0x12c/0xf20
[ 1004.980540][T20520]  ? nla_strcmp+0xe6/0x140
[ 1004.980559][T20520]  tc_modify_qdisc+0x16f0/0x2290
[ 1004.980572][T20520]  ? rcu_is_watching+0x15/0xb0
[ 1004.980595][T20520]  ? __pfx_tc_modify_qdisc+0x10/0x10
[ 1004.980625][T20520]  ? __pfx_tc_modify_qdisc+0x10/0x10
[ 1004.980637][T20520]  rtnetlink_rcv_msg+0x77e/0xbe0
[ 1004.980652][T20520]  ? kmem_cache_alloc_node_noprof+0x384/0x690
[ 1004.980668][T20520]  ? netlink_sendmsg+0x5d4/0xb40
[ 1004.980685][T20520]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1004.980700][T20520]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1004.980716][T20520]  ? __lock_acquire+0x6b5/0x2cf0
[ 1004.980736][T20520]  netlink_rcv_skb+0x232/0x4b0
[ 1004.980753][T20520]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1004.980769][T20520]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1004.980792][T20520]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1004.980808][T20520]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1004.980831][T20520]  netlink_unicast+0x75c/0x8e0
[ 1004.980852][T20520]  netlink_sendmsg+0x813/0xb40
[ 1004.980874][T20520]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1004.980892][T20520]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1004.980909][T20520]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1004.980928][T20520]  ____sys_sendmsg+0x972/0x9f0
[ 1004.980946][T20520]  ? __might_fault+0xaf/0x130
[ 1004.980965][T20520]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1004.980987][T20520]  ? import_iovec+0x73/0xa0
[ 1004.981007][T20520]  ___sys_sendmsg+0x2a5/0x360
[ 1004.981023][T20520]  ? __lock_acquire+0x6b5/0x2cf0
[ 1004.981038][T20520]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1004.981058][T20520]  ? kstrtouint+0x6e/0xe0
[ 1004.981087][T20520]  ? __fget_files+0x2a/0x420
[ 1004.981102][T20520]  ? __fget_files+0x3a0/0x420
[ 1004.981122][T20520]  __sys_sendmmsg+0x27c/0x4e0
[ 1004.981143][T20520]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1004.981158][T20520]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1004.981189][T20520]  ? ksys_write+0x242/0x270
[ 1004.981208][T20520]  ? __pfx_ksys_write+0x10/0x10
[ 1004.981228][T20520]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1004.981245][T20520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.981259][T20520]  do_syscall_64+0x15f/0xf80
[ 1004.981273][T20520]  ? trace_irq_disable+0x3b/0x140
[ 1004.981299][T20520]  ? clear_bhb_loop+0x40/0x90
[ 1004.981314][T20520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.981327][T20520] RIP: 0033:0x7ff39e39cdd9
[ 1004.981340][T20520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1004.981351][T20520] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1004.981366][T20520] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[ 1004.981375][T20520] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[ 1004.981384][T20520] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[ 1004.981392][T20520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1004.981400][T20520] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[ 1004.981418][T20520]  </TASK>
[ 1005.418931][T20523] xt_hashlimit: size too large, truncated to 1048576
[ 1005.478021][T20525] fuse: Unknown parameter 'group_è_'
[ 1005.581003][T20482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1005.592521][T20482] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1005.775925][   T10] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[ 1005.784661][   T10] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input133
[ 1005.865112][   T10] usb 4-1: USB disconnect, device number 120
[ 1005.865277][    C0] aiptek 4-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[ 1006.240226][T20533] FAULT_INJECTION: forcing a failure.
[ 1006.240226][T20533] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.253235][T20533] CPU: 1 UID: 0 PID: 20533 Comm: syz.3.4533 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1006.253266][T20533] Tainted: [L]=SOFTLOCKUP
[ 1006.253272][T20533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1006.253283][T20533] Call Trace:
[ 1006.253290][T20533]  <TASK>
[ 1006.253297][T20533]  dump_stack_lvl+0xe8/0x150
[ 1006.253322][T20533]  should_fail_ex+0x412/0x560
[ 1006.253349][T20533]  should_failslab+0xa8/0x100
[ 1006.253374][T20533]  ? skb_clone+0x212/0x3a0
[ 1006.253398][T20533]  kmem_cache_alloc_noprof+0x87/0x650
[ 1006.253421][T20533]  ? __netlink_lookup+0xc6/0x8b0
[ 1006.253449][T20533]  skb_clone+0x212/0x3a0
[ 1006.253475][T20533]  __netlink_deliver_tap+0x404/0x850
[ 1006.253508][T20533]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1006.253531][T20533]  netlink_deliver_tap+0x19c/0x1b0
[ 1006.253554][T20533]  netlink_unicast+0x730/0x8e0
[ 1006.253582][T20533]  netlink_sendmsg+0x813/0xb40
[ 1006.253612][T20533]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1006.253638][T20533]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1006.253661][T20533]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1006.253686][T20533]  ____sys_sendmsg+0x972/0x9f0
[ 1006.253709][T20533]  ? __might_fault+0xaf/0x130
[ 1006.253742][T20533]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1006.253773][T20533]  ? import_iovec+0x73/0xa0
[ 1006.253805][T20533]  ___sys_sendmsg+0x2a5/0x360
[ 1006.253827][T20533]  ? __lock_acquire+0x6b5/0x2cf0
[ 1006.253849][T20533]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1006.253902][T20533]  ? __fget_files+0x2a/0x420
[ 1006.253921][T20533]  ? __fget_files+0x3a0/0x420
[ 1006.253949][T20533]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1006.253974][T20533]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1006.254005][T20533]  ? __pfx_ksys_write+0x10/0x10
[ 1006.254036][T20533]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1006.254054][T20533]  do_syscall_64+0x15f/0xf80
[ 1006.254075][T20533]  ? trace_irq_disable+0x3b/0x140
[ 1006.254100][T20533]  ? clear_bhb_loop+0x40/0x90
[ 1006.254121][T20533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1006.254137][T20533] RIP: 0033:0x7f2178d9cdd9
[ 1006.254153][T20533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1006.254168][T20533] RSP: 002b:00007f2179c93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1006.254187][T20533] RAX: ffffffffffffffda RBX: 00007f2179015fa0 RCX: 00007f2178d9cdd9
[ 1006.254199][T20533] RDX: 0000000000008044 RSI: 0000200000000400 RDI: 0000000000000003
[ 1006.254210][T20533] RBP: 00007f2179c93090 R08: 0000000000000000 R09: 0000000000000000
[ 1006.254220][T20533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.254230][T20533] R13: 00007f2179016038 R14: 00007f2179015fa0 R15: 00007f217913fa48
[ 1006.254256][T20533]  </TASK>
[ 1006.572432][T20533] macvtap0: entered allmulticast mode
[ 1006.581512][T20533] veth0_macvtap: entered allmulticast mode
[ 1006.975990][T20547] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4538'.
[ 1007.265844][   T10] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1007.325544][ T5720] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 1007.415400][   T10] usb 3-1: Using ep0 maxpacket: 16
[ 1007.422214][   T10] usb 3-1: config 8 has an invalid interface number: 39 but max is 0
[ 1007.430536][   T10] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 1007.441273][   T10] usb 3-1: config 8 has no interface number 0
[ 1007.447794][   T10] usb 3-1: config 8 interface 39 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1007.461181][   T10] usb 3-1: config 8 interface 39 has no altsetting 0
[ 1007.468126][ T5720] usb 5-1: device descriptor read/64, error -71
[ 1007.479666][   T10] usb 3-1: New USB device found, idVendor=05ac, idProduct=c6e7, bcdDevice=62.77
[ 1007.489058][   T10] usb 3-1: New USB device strings: Mfr=19, Product=2, SerialNumber=3
[ 1007.497446][   T10] usb 3-1: Product: syz
[ 1007.501660][   T10] usb 3-1: Manufacturer: syz
[ 1007.506493][   T10] usb 3-1: SerialNumber: syz
[ 1007.574141][T20557] syzkaller0: entered promiscuous mode
[ 1007.579892][T20557] syzkaller0: entered allmulticast mode
[ 1007.593889][T20557] input: syz1 as /devices/virtual/input/input134
[ 1007.705396][ T5720] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1007.757230][   T10] ipheth 3-1:8.39: Unable to find endpoints
[ 1007.811530][   T10] usb 3-1: USB disconnect, device number 95
[ 1007.846085][ T5720] usb 5-1: device descriptor read/64, error -71
[ 1007.899015][T20563] tipc: Started in network mode
[ 1007.907116][T20563] tipc: Node identity 7ac647016a38, cluster identity 4711
[ 1007.925549][T20563] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1007.939561][T20563] syzkaller0: entered promiscuous mode
[ 1007.959601][T20563] syzkaller0: entered allmulticast mode
[ 1007.967801][ T5720] usb usb5-port1: attempt power cycle
[ 1008.009338][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1008.009358][   T30] audit: type=1800 audit(1778102283.658:1474): pid=20570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4543" name="bus" dev="tmpfs" ino=1734 res=0 errno=0
[ 1008.063954][T20573] netdevsim netdevsim0: Firmware load for '../file0/../file0/../file0' refused, path contains '..' component
[ 1008.089743][T20560] tipc: Resetting bearer <eth:syzkaller0>
[ 1008.144080][T20560] tipc: Disabling bearer <eth:syzkaller0>
[ 1008.224318][T20580] FAULT_INJECTION: forcing a failure.
[ 1008.224318][T20580] name failslab, interval 1, probability 0, space 0, times 0
[ 1008.250561][T20580] CPU: 0 UID: 0 PID: 20580 Comm: syz.1.4548 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1008.250598][T20580] Tainted: [L]=SOFTLOCKUP
[ 1008.250606][T20580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1008.250618][T20580] Call Trace:
[ 1008.250626][T20580]  <TASK>
[ 1008.250636][T20580]  dump_stack_lvl+0xe8/0x150
[ 1008.250665][T20580]  should_fail_ex+0x412/0x560
[ 1008.250695][T20580]  should_failslab+0xa8/0x100
[ 1008.250728][T20580]  __kvmalloc_node_noprof+0x178/0x8a0
[ 1008.250758][T20580]  ? xt_alloc_table_info+0x40/0xb0
[ 1008.250776][T20580]  ? do_ipt_set_ctl+0x903/0xe00
[ 1008.250796][T20580]  ? translate_table+0x1b5/0x2110
[ 1008.250827][T20580]  translate_table+0x1b5/0x2110
[ 1008.250870][T20580]  ? __pfx_translate_table+0x10/0x10
[ 1008.250890][T20580]  ? __might_fault+0xaf/0x130
[ 1008.250918][T20580]  ? __might_fault+0xaf/0x130
[ 1008.250968][T20580]  ? _copy_from_user+0x94/0xb0
[ 1008.251001][T20580]  do_ipt_set_ctl+0x9f5/0xe00
[ 1008.251025][T20580]  ? rcu_is_watching+0x15/0xb0
[ 1008.251049][T20580]  ? trace_contention_end+0x3d/0x140
[ 1008.251079][T20580]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[ 1008.251110][T20580]  ? __pfx_do_ip_setsockopt+0x10/0x10
[ 1008.251124][T20580]  ? __pfx___mutex_lock+0x10/0x10
[ 1008.251141][T20580]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1008.251161][T20580]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1008.251180][T20580]  nf_setsockopt+0x26f/0x290
[ 1008.251195][T20580]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1008.251210][T20580]  do_sock_setsockopt+0x17c/0x1b0
[ 1008.251230][T20580]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1008.251247][T20580]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.251262][T20580]  do_syscall_64+0x15f/0xf80
[ 1008.251277][T20580]  ? trace_irq_disable+0x3b/0x140
[ 1008.251296][T20580]  ? clear_bhb_loop+0x40/0x90
[ 1008.251314][T20580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.251335][T20580] RIP: 0033:0x7f8eee19cdd9
[ 1008.251356][T20580] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1008.251368][T20580] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1008.251383][T20580] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[ 1008.251393][T20580] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[ 1008.251401][T20580] RBP: 00007f8eef013090 R08: 00000000000003a8 R09: 0000000000000000
[ 1008.251409][T20580] R10: 0000200000000c00 R11: 0000000000000246 R12: 0000000000000001
[ 1008.251424][T20580] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[ 1008.251443][T20580]  </TASK>
[ 1008.468535][T12855] IPVS: wlc: UDP 127.0.0.1:20002 - no destination available
[ 1008.535360][ T5720] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 1008.575992][ T5720] usb 5-1: device descriptor read/8, error -71
[ 1008.766466][T20582] fuse: Unknown parameter 'geoup_—d'
[ 1008.825500][ T5720] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1008.845967][ T5720] usb 5-1: device descriptor read/8, error -71
[ 1008.975640][ T5720] usb usb5-port1: unable to enumerate USB device
[ 1008.998517][T20587] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1009.126545][T20589] xt_hashlimit: size too large, truncated to 1048576
[ 1009.188743][T20591] fuse: Unknown parameter 'group_è_'
[ 1009.636057][T20597] FAULT_INJECTION: forcing a failure.
[ 1009.636057][T20597] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1009.651272][T20597] CPU: 1 UID: 0 PID: 20597 Comm: syz.3.4553 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1009.651297][T20597] Tainted: [L]=SOFTLOCKUP
[ 1009.651303][T20597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1009.651310][T20597] Call Trace:
[ 1009.651318][T20597]  <TASK>
[ 1009.651324][T20597]  dump_stack_lvl+0xe8/0x150
[ 1009.651344][T20597]  should_fail_ex+0x412/0x560
[ 1009.651364][T20597]  _copy_from_iter+0x3b0/0x1670
[ 1009.651387][T20597]  ? __pfx__copy_from_iter+0x10/0x10
[ 1009.651417][T20597]  ? __lock_acquire+0x6b5/0x2cf0
[ 1009.651436][T20597]  bcm_rx_setup+0x177e/0x1f20
[ 1009.651462][T20597]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1009.651478][T20597]  ? lock_sock_nested+0x6a/0x100
[ 1009.651503][T20597]  ? __pfx_bcm_rx_setup+0x10/0x10
[ 1009.651535][T20597]  ? bcm_sendmsg+0x210/0x6c0
[ 1009.651565][T20597]  ? __local_bh_enable_ip+0xd0/0x130
[ 1009.651592][T20597]  bcm_sendmsg+0x267/0x6c0
[ 1009.651624][T20597]  ? __pfx_bcm_sendmsg+0x10/0x10
[ 1009.651655][T20597]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1009.651684][T20597]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1009.651715][T20597]  ____sys_sendmsg+0x972/0x9f0
[ 1009.651752][T20597]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1009.651799][T20597]  ? import_iovec+0x73/0xa0
[ 1009.651821][T20597]  ___sys_sendmsg+0x2a5/0x360
[ 1009.651837][T20597]  ? __lock_acquire+0x6b5/0x2cf0
[ 1009.651853][T20597]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1009.651889][T20597]  ? __fget_files+0x2a/0x420
[ 1009.651904][T20597]  ? __fget_files+0x3a0/0x420
[ 1009.651924][T20597]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1009.651943][T20597]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1009.651965][T20597]  ? __pfx_ksys_write+0x10/0x10
[ 1009.651992][T20597]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.652006][T20597]  do_syscall_64+0x15f/0xf80
[ 1009.652022][T20597]  ? trace_irq_disable+0x3b/0x140
[ 1009.652040][T20597]  ? clear_bhb_loop+0x40/0x90
[ 1009.652055][T20597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.652068][T20597] RIP: 0033:0x7f2178d9cdd9
[ 1009.652082][T20597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1009.652092][T20597] RSP: 002b:00007f2179c93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1009.652107][T20597] RAX: ffffffffffffffda RBX: 00007f2179015fa0 RCX: 00007f2178d9cdd9
[ 1009.652117][T20597] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1009.652125][T20597] RBP: 00007f2179c93090 R08: 0000000000000000 R09: 0000000000000000
[ 1009.652132][T20597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1009.652140][T20597] R13: 00007f2179016038 R14: 00007f2179015fa0 R15: 00007f217913fa48
[ 1009.652158][T20597]  </TASK>
[ 1010.073107][T20603] FAULT_INJECTION: forcing a failure.
[ 1010.073107][T20603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1010.100422][T20603] CPU: 0 UID: 0 PID: 20603 Comm: syz.1.4556 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1010.100458][T20603] Tainted: [L]=SOFTLOCKUP
[ 1010.100466][T20603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1010.100478][T20603] Call Trace:
[ 1010.100486][T20603]  <TASK>
[ 1010.100496][T20603]  dump_stack_lvl+0xe8/0x150
[ 1010.100527][T20603]  should_fail_ex+0x412/0x560
[ 1010.100560][T20603]  _copy_from_user+0x2d/0xb0
[ 1010.100590][T20603]  memdup_user+0x5e/0xd0
[ 1010.100613][T20603]  sctp_getsockopt_connectx3+0x1f7/0x360
[ 1010.100640][T20603]  ? lock_sock_nested+0x6a/0x100
[ 1010.100664][T20603]  ? __pfx_sctp_getsockopt_connectx3+0x10/0x10
[ 1010.100696][T20603]  ? sctp_getsockopt+0x12f/0xb90
[ 1010.100731][T20603]  ? __local_bh_enable_ip+0xd0/0x130
[ 1010.100760][T20603]  sctp_getsockopt+0x984/0xb90
[ 1010.100791][T20603]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1010.100815][T20603]  do_sock_getsockopt+0x51d/0x7e0
[ 1010.100849][T20603]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1010.100895][T20603]  ? __fget_files+0x3a0/0x420
[ 1010.100920][T20603]  ? __fget_files+0x2a/0x420
[ 1010.100952][T20603]  __x64_sys_getsockopt+0x1a4/0x240
[ 1010.100988][T20603]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1010.101011][T20603]  do_syscall_64+0x15f/0xf80
[ 1010.101036][T20603]  ? trace_irq_disable+0x3b/0x140
[ 1010.101066][T20603]  ? clear_bhb_loop+0x40/0x90
[ 1010.101092][T20603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1010.101113][T20603] RIP: 0033:0x7f8eee19cdd9
[ 1010.101135][T20603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1010.101152][T20603] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1010.101176][T20603] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[ 1010.101191][T20603] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[ 1010.101204][T20603] RBP: 00007f8eef013090 R08: 00002000000002c0 R09: 0000000000000000
[ 1010.101218][T20603] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[ 1010.101231][T20603] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[ 1010.101266][T20603]  </TASK>
[ 1010.443341][T20609] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1010.590657][T20615] FAULT_INJECTION: forcing a failure.
[ 1010.590657][T20615] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1010.605022][T20615] CPU: 0 UID: 0 PID: 20615 Comm: syz.1.4562 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1010.605057][T20615] Tainted: [L]=SOFTLOCKUP
[ 1010.605065][T20615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1010.605079][T20615] Call Trace:
[ 1010.605087][T20615]  <TASK>
[ 1010.605097][T20615]  dump_stack_lvl+0xe8/0x150
[ 1010.605128][T20615]  should_fail_ex+0x412/0x560
[ 1010.605167][T20615]  _copy_from_iter+0x1d3/0x1670
[ 1010.605198][T20615]  ? rcu_is_watching+0x15/0xb0
[ 1010.605229][T20615]  ? __pfx__copy_from_iter+0x10/0x10
[ 1010.605264][T20615]  ? netlink_sendmsg+0x650/0xb40
[ 1010.605290][T20615]  ? skb_put+0x11b/0x210
[ 1010.605320][T20615]  netlink_sendmsg+0x6c0/0xb40
[ 1010.605357][T20615]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1010.605388][T20615]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1010.605417][T20615]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1010.605457][T20615]  ____sys_sendmsg+0x972/0x9f0
[ 1010.605485][T20615]  ? __might_fault+0xaf/0x130
[ 1010.605519][T20615]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1010.605556][T20615]  ? import_iovec+0x73/0xa0
[ 1010.605589][T20615]  ___sys_sendmsg+0x2a5/0x360
[ 1010.605615][T20615]  ? __lock_acquire+0x6b5/0x2cf0
[ 1010.605643][T20615]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1010.605706][T20615]  ? __fget_files+0x2a/0x420
[ 1010.605730][T20615]  ? __fget_files+0x3a0/0x420
[ 1010.605766][T20615]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1010.605797][T20615]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1010.605836][T20615]  ? __pfx_ksys_write+0x10/0x10
[ 1010.605874][T20615]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1010.605897][T20615]  do_syscall_64+0x15f/0xf80
[ 1010.605923][T20615]  ? trace_irq_disable+0x3b/0x140
[ 1010.605953][T20615]  ? clear_bhb_loop+0x40/0x90
[ 1010.605979][T20615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1010.606000][T20615] RIP: 0033:0x7f8eee19cdd9
[ 1010.606020][T20615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1010.606040][T20615] RSP: 002b:00007f8eef013028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1010.606064][T20615] RAX: ffffffffffffffda RBX: 00007f8eee415fa0 RCX: 00007f8eee19cdd9
[ 1010.606080][T20615] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[ 1010.606094][T20615] RBP: 00007f8eef013090 R08: 0000000000000000 R09: 0000000000000000
[ 1010.606107][T20615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1010.606120][T20615] R13: 00007f8eee416038 R14: 00007f8eee415fa0 R15: 00007f8eee53fa48
[ 1010.606153][T20615]  </TASK>
[ 1010.986443][ T8736] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1011.165256][ T8736] usb 4-1: Using ep0 maxpacket: 32
[ 1011.174135][ T8736] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1011.182014][ T8734] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[ 1011.194492][ T8736] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1011.206395][ T8736] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1011.215603][ T8732] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1011.249078][ T8736] usb 4-1: New USB device found, idVendor=041e, idProduct=3010, bcdDevice= 0.40
[ 1011.259924][ T8736] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1011.268521][ T8736] usb 4-1: Product: syz
[ 1011.272967][ T8736] usb 4-1: Manufacturer: syz
[ 1011.292632][ T8736] usb 4-1: SerialNumber: syz
[ 1011.330830][T20638] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4568'.
[ 1011.341341][ T8734] usb 2-1: Using ep0 maxpacket: 32
[ 1011.359579][ T8734] usb 2-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[ 1011.369586][ T8734] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1011.400830][ T8734] usb 2-1: Product: syz
[ 1011.400987][ T8732] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice= 0.40
[ 1011.414965][ T8734] usb 2-1: Manufacturer: syz
[ 1011.419949][ T8732] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1011.430850][ T8734] usb 2-1: SerialNumber: syz
[ 1011.438011][ T8732] usb 3-1: Product: syz
[ 1011.444630][ T8734] usb 2-1: config 0 descriptor??
[ 1011.450003][ T8732] usb 3-1: Manufacturer: syz
[ 1011.461924][ T8732] usb 3-1: SerialNumber: syz
[ 1011.467413][ T8734] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[ 1011.489065][ T8734] dvb-usb: bulk message failed: -22 (4/0)
[ 1011.494939][ T8734] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1011.513044][ T8734] dvb-usb: bulk message failed: -22 (5/0)
[ 1011.521000][ T8734] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1011.532336][T20613] netlink: 'syz.3.4560': attribute type 2 has an invalid length.
[ 1011.540735][ T8734] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1011.555467][ T8734] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[ 1011.568893][T20613] netlink: 'syz.3.4560': attribute type 2 has an invalid length.
[ 1011.611269][ T8734] usb 2-1: media controller created
[ 1011.625274][ T8736] usb 4-1: unit 2 not found!
[ 1011.639658][ T8736] usb 4-1: unit 1 not found!
[ 1011.723026][ T8734] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1011.751113][ T8732] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1011.802594][ T8732] usb 3-1: USB disconnect, device number 96
[ 1011.822621][ T8734] usb 2-1: selecting invalid altsetting 3
[ 1011.845619][ T8734] ttusb2: set interface to alts=3 failed
[ 1011.887130][ T8736] usb 4-1: USB disconnect, device number 121
[ 1011.958462][T20645] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1011.994759][T20645] syzkaller0: entered promiscuous mode
[ 1012.022490][ T8734] DVB: Unable to find symbol tda10086_attach()
[ 1012.023920][T20645] syzkaller0: entered allmulticast mode
[ 1012.067252][ T8734] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[ 1012.094671][ T8734] dvb-usb: bulk message failed: -22 (4/0)
[ 1012.102369][ T7079] udevd[7079]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1012.121723][ T8734] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1012.196558][ T8734] dvb-usb: bulk message failed: -22 (5/0)
[ 1012.240523][ T8734] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1012.262371][T20644] tipc: Resetting bearer <eth:syzkaller0>
[ 1012.295103][ T8734] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[ 1012.313020][T20653] FAULT_INJECTION: forcing a failure.
[ 1012.313020][T20653] name failslab, interval 1, probability 0, space 0, times 0
[ 1012.346066][T20644] tipc: Disabling bearer <eth:syzkaller0>
[ 1012.398338][T20653] CPU: 1 UID: 0 PID: 20653 Comm: syz.3.4573 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1012.398362][T20653] Tainted: [L]=SOFTLOCKUP
[ 1012.398367][T20653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1012.398377][T20653] Call Trace:
[ 1012.398383][T20653]  <TASK>
[ 1012.398389][T20653]  dump_stack_lvl+0xe8/0x150
[ 1012.398414][T20653]  should_fail_ex+0x412/0x560
[ 1012.398434][T20653]  should_failslab+0xa8/0x100
[ 1012.398455][T20653]  __kmalloc_cache_noprof+0x88/0x660
[ 1012.398472][T20653]  ? snd_pcm_oss_change_params_locked+0x175/0x3e00
[ 1012.398491][T20653]  snd_pcm_oss_change_params_locked+0x175/0x3e00
[ 1012.398506][T20653]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1012.398525][T20653]  ? rcu_is_watching+0x15/0xb0
[ 1012.398540][T20653]  ? trace_contention_end+0x3d/0x140
[ 1012.398557][T20653]  ? __mutex_lock+0x319/0x1550
[ 1012.398576][T20653]  ? vfs_write+0x9bc/0xb90
[ 1012.398596][T20653]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1012.398610][T20653]  ? snd_pcm_oss_post+0x106/0x3d0
[ 1012.398632][T20653]  ? __pfx___mutex_lock+0x10/0x10
[ 1012.398661][T20653]  snd_pcm_oss_post+0x165/0x3d0
[ 1012.398678][T20653]  snd_pcm_oss_ioctl+0x831/0xdf0
[ 1012.398692][T20653]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 1012.398706][T20653]  __se_sys_ioctl+0xfc/0x170
[ 1012.398724][T20653]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1012.398738][T20653]  do_syscall_64+0x15f/0xf80
[ 1012.398754][T20653]  ? trace_irq_disable+0x3b/0x140
[ 1012.398772][T20653]  ? clear_bhb_loop+0x40/0x90
[ 1012.398788][T20653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1012.398801][T20653] RIP: 0033:0x7f2178d9cdd9
[ 1012.398813][T20653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1012.398824][T20653] RSP: 002b:00007f2179c93028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1012.398839][T20653] RAX: ffffffffffffffda RBX: 00007f2179015fa0 RCX: 00007f2178d9cdd9
[ 1012.398848][T20653] RDX: 0000000000000000 RSI: 0000000000005008 RDI: 0000000000000003
[ 1012.398856][T20653] RBP: 00007f2179c93090 R08: 0000000000000000 R09: 0000000000000000
[ 1012.398864][T20653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1012.398872][T20653] R13: 00007f2179016038 R14: 00007f2179015fa0 R15: 00007f217913fa48
[ 1012.398892][T20653]  </TASK>
[ 1013.044771][T20660] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1013.072106][T20660] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1013.266423][T20665] FAULT_INJECTION: forcing a failure.
[ 1013.266423][T20665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1013.296336][T20665] CPU: 0 UID: 0 PID: 20665 Comm: syz.3.4578 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1013.296373][T20665] Tainted: [L]=SOFTLOCKUP
[ 1013.296382][T20665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1013.296395][T20665] Call Trace:
[ 1013.296404][T20665]  <TASK>
[ 1013.296414][T20665]  dump_stack_lvl+0xe8/0x150
[ 1013.296445][T20665]  should_fail_ex+0x412/0x560
[ 1013.296487][T20665]  _copy_to_user+0x31/0xb0
[ 1013.296519][T20665]  video_usercopy+0xe0a/0x1450
[ 1013.296558][T20665]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1013.296589][T20665]  ? __pfx_video_usercopy+0x10/0x10
[ 1013.296630][T20665]  ? __fget_files+0x2a/0x420
[ 1013.296659][T20665]  ? __fget_files+0x2a/0x420
[ 1013.296683][T20665]  ? __fget_files+0x3a0/0x420
[ 1013.296712][T20665]  v4l2_ioctl+0x18d/0x1e0
[ 1013.296740][T20665]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1013.296767][T20665]  __se_sys_ioctl+0xfc/0x170
[ 1013.296798][T20665]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1013.296821][T20665]  do_syscall_64+0x15f/0xf80
[ 1013.296847][T20665]  ? trace_irq_disable+0x3b/0x140
[ 1013.296877][T20665]  ? clear_bhb_loop+0x40/0x90
[ 1013.296903][T20665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1013.296924][T20665] RIP: 0033:0x7f2178d9cdd9
[ 1013.296945][T20665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1013.296968][T20665] RSP: 002b:00007f2179c93028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1013.296993][T20665] RAX: ffffffffffffffda RBX: 00007f2179015fa0 RCX: 00007f2178d9cdd9
[ 1013.297009][T20665] RDX: 0000200000000040 RSI: 00000000c0405602 RDI: 0000000000000003
[ 1013.297024][T20665] RBP: 00007f2179c93090 R08: 0000000000000000 R09: 0000000000000000
[ 1013.297038][T20665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1013.297052][T20665] R13: 00007f2179016038 R14: 00007f2179015fa0 R15: 00007f217913fa48
[ 1013.297085][T20665]  </TASK>
[ 1013.505990][   T10] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1013.575541][T12851] IPVS: wlc: UDP 127.0.0.1:20002 - no destination available
[ 1013.678959][   T10] usb 3-1: Using ep0 maxpacket: 16
[ 1013.697694][   T10] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1013.707444][   T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1013.718169][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1013.730073][   T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1013.739362][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1013.747876][   T10] usb 3-1: Product: syz
[ 1013.752070][   T10] usb 3-1: Manufacturer: syz
[ 1013.761825][   T10] usb 3-1: SerialNumber: syz
[ 1013.804721][   T10] usb 3-1: 0:2 : does not exist
[ 1013.915303][ T8734] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 1014.023099][T20672] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4580'.
[ 1014.090375][ T8734] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1014.110362][ T8734] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1014.150849][ T8734] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1014.172766][ T8734] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1014.222340][ T8734] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1014.236719][T20678] FAULT_INJECTION: forcing a failure.
[ 1014.236719][T20678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1014.250641][ T8734] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1014.266824][T20678] CPU: 0 UID: 0 PID: 20678 Comm: syz.4.4582 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1014.266847][T20678] Tainted: [L]=SOFTLOCKUP
[ 1014.266852][T20678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1014.266860][T20678] Call Trace:
[ 1014.266865][T20678]  <TASK>
[ 1014.266871][T20678]  dump_stack_lvl+0xe8/0x150
[ 1014.266891][T20678]  should_fail_ex+0x412/0x560
[ 1014.266916][T20678]  _copy_from_iter+0x1d3/0x1670
[ 1014.266935][T20678]  ? rcu_is_watching+0x15/0xb0
[ 1014.266953][T20678]  ? __pfx__copy_from_iter+0x10/0x10
[ 1014.266973][T20678]  ? __alloc_skb+0x4e5/0x7d0
[ 1014.266987][T20678]  ? skb_put+0x11b/0x210
[ 1014.267004][T20678]  pfkey_sendmsg+0x265/0x1120
[ 1014.267021][T20678]  ? unwind_next_frame+0xa6/0x2550
[ 1014.267044][T20678]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1014.267064][T20678]  ? aa_sk_perm+0x6d5/0x900
[ 1014.267084][T20678]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1014.267097][T20678]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[ 1014.267117][T20678]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1014.267134][T20678]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1014.267153][T20678]  ____sys_sendmsg+0x972/0x9f0
[ 1014.267170][T20678]  ? __might_fault+0xaf/0x130
[ 1014.267189][T20678]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1014.267211][T20678]  ? import_iovec+0x73/0xa0
[ 1014.267230][T20678]  ___sys_sendmsg+0x2a5/0x360
[ 1014.267246][T20678]  ? __lock_acquire+0x6b5/0x2cf0
[ 1014.267262][T20678]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1014.267299][T20678]  ? __fget_files+0x2a/0x420
[ 1014.267313][T20678]  ? __fget_files+0x3a0/0x420
[ 1014.267333][T20678]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1014.267352][T20678]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1014.267374][T20678]  ? __pfx_ksys_write+0x10/0x10
[ 1014.267391][T20678]  ? handle_softirqs+0x715/0x840
[ 1014.267408][T20678]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1014.267422][T20678]  do_syscall_64+0x15f/0xf80
[ 1014.267438][T20678]  ? clear_bhb_loop+0x40/0x90
[ 1014.267453][T20678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1014.267465][T20678] RIP: 0033:0x7ff39e39cdd9
[ 1014.267478][T20678] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1014.267489][T20678] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1014.267504][T20678] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[ 1014.267514][T20678] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1014.267522][T20678] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[ 1014.267530][T20678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1014.267537][T20678] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[ 1014.267556][T20678]  </TASK>
[ 1014.269222][ T8734] usb 4-1: Manufacturer: syz
[ 1014.563941][ T8734] usb 4-1: config 0 descriptor??
[ 1014.648766][ T8732] usb 2-1: USB disconnect, device number 110
[ 1014.723740][ T8732] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[ 1014.793676][   T10] usb 3-1: 1:0: failed to get current value for ch 0 (-22)
[ 1014.865823][T20675] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4580'.
[ 1014.967511][   T10] usb 3-1: USB disconnect, device number 97
[ 1014.996538][ T8734] appleir 0003:05AC:8243.006F: unknown main item tag 0x0
[ 1015.093673][ T8734] appleir 0003:05AC:8243.006F: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[ 1015.265778][T20689] FAULT_INJECTION: forcing a failure.
[ 1015.265778][T20689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1015.281245][ T8734] usb 4-1: USB disconnect, device number 122
[ 1015.335489][T20689] CPU: 0 UID: 0 PID: 20689 Comm: syz.4.4585 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1015.335525][T20689] Tainted: [L]=SOFTLOCKUP
[ 1015.335533][T20689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1015.335545][T20689] Call Trace:
[ 1015.335555][T20689]  <TASK>
[ 1015.335564][T20689]  dump_stack_lvl+0xe8/0x150
[ 1015.335595][T20689]  should_fail_ex+0x412/0x560
[ 1015.335628][T20689]  _copy_to_user+0x31/0xb0
[ 1015.335660][T20689]  simple_read_from_buffer+0xe1/0x170
[ 1015.335691][T20689]  proc_fail_nth_read+0x1bb/0x230
[ 1015.335713][T20689]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1015.335731][T20689]  ? rw_verify_area+0x2a6/0x4d0
[ 1015.335748][T20689]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1015.335764][T20689]  vfs_read+0x20c/0xa70
[ 1015.335784][T20689]  ? __pfx___mutex_lock+0x10/0x10
[ 1015.335801][T20689]  ? __pfx_vfs_read+0x10/0x10
[ 1015.335819][T20689]  ? __fget_files+0x2a/0x420
[ 1015.335836][T20689]  ? __fget_files+0x3a0/0x420
[ 1015.335850][T20689]  ? __fget_files+0x2a/0x420
[ 1015.335869][T20689]  ksys_read+0x150/0x270
[ 1015.335888][T20689]  ? __pfx_ksys_read+0x10/0x10
[ 1015.335910][T20689]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1015.335924][T20689]  do_syscall_64+0x15f/0xf80
[ 1015.335939][T20689]  ? trace_irq_disable+0x3b/0x140
[ 1015.335958][T20689]  ? clear_bhb_loop+0x40/0x90
[ 1015.335974][T20689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1015.335986][T20689] RIP: 0033:0x7ff39e35d60e
[ 1015.335999][T20689] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1015.336010][T20689] RSP: 002b:00007ff39f263fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1015.336026][T20689] RAX: ffffffffffffffda RBX: 00007ff39f2646c0 RCX: 00007ff39e35d60e
[ 1015.336035][T20689] RDX: 000000000000000f RSI: 00007ff39f2640a0 RDI: 0000000000000005
[ 1015.336043][T20689] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[ 1015.336051][T20689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1015.336059][T20689] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[ 1015.336078][T20689]  </TASK>
[ 1015.340788][T20687] fido_id[20687]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1015.704412][T20693] FAULT_INJECTION: forcing a failure.
[ 1015.704412][T20693] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1015.718387][T20693] CPU: 1 UID: 0 PID: 20693 Comm: syz.4.4587 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1015.718421][T20693] Tainted: [L]=SOFTLOCKUP
[ 1015.718430][T20693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1015.718442][T20693] Call Trace:
[ 1015.718451][T20693]  <TASK>
[ 1015.718460][T20693]  dump_stack_lvl+0xe8/0x150
[ 1015.718492][T20693]  should_fail_ex+0x412/0x560
[ 1015.718524][T20693]  _copy_from_iter+0x1d3/0x1670
[ 1015.718555][T20693]  ? rcu_is_watching+0x15/0xb0
[ 1015.718587][T20693]  ? __pfx__copy_from_iter+0x10/0x10
[ 1015.718623][T20693]  ? netlink_sendmsg+0x650/0xb40
[ 1015.718658][T20693]  ? skb_put+0x11b/0x210
[ 1015.718690][T20693]  netlink_sendmsg+0x6c0/0xb40
[ 1015.718727][T20693]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1015.718759][T20693]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1015.718788][T20693]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1015.718821][T20693]  ____sys_sendmsg+0x972/0x9f0
[ 1015.718849][T20693]  ? __might_fault+0xaf/0x130
[ 1015.718883][T20693]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1015.718922][T20693]  ? import_iovec+0x73/0xa0
[ 1015.718955][T20693]  ___sys_sendmsg+0x2a5/0x360
[ 1015.718983][T20693]  ? __lock_acquire+0x6b5/0x2cf0
[ 1015.719011][T20693]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1015.719075][T20693]  ? __fget_files+0x2a/0x420
[ 1015.719100][T20693]  ? __fget_files+0x3a0/0x420
[ 1015.719135][T20693]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1015.719168][T20693]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1015.719206][T20693]  ? __pfx_ksys_write+0x10/0x10
[ 1015.719244][T20693]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1015.719268][T20693]  do_syscall_64+0x15f/0xf80
[ 1015.719295][T20693]  ? trace_irq_disable+0x3b/0x140
[ 1015.719326][T20693]  ? clear_bhb_loop+0x40/0x90
[ 1015.719352][T20693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1015.719374][T20693] RIP: 0033:0x7ff39e39cdd9
[ 1015.719394][T20693] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1015.719413][T20693] RSP: 002b:00007ff39f264028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1015.719438][T20693] RAX: ffffffffffffffda RBX: 00007ff39e615fa0 RCX: 00007ff39e39cdd9
[ 1015.719454][T20693] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000004
[ 1015.719468][T20693] RBP: 00007ff39f264090 R08: 0000000000000000 R09: 0000000000000000
[ 1015.719482][T20693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1015.719495][T20693] R13: 00007ff39e616038 R14: 00007ff39e615fa0 R15: 00007ff39e73fa48
[ 1015.719535][T20693]  </TASK>
[ 1016.700395][T20709] veth0_to_team: entered allmulticast mode
[ 1017.159982][T20671] ==================================================================
[ 1017.168094][T20671] BUG: KASAN: slab-use-after-free in __ipv6_dev_ac_dec+0x4c2/0x690
[ 1017.175988][T20671] Write of size 8 at addr ffff8880227da420 by task syz.0.4580/20671
[ 1017.183953][T20671] 
[ 1017.186273][T20671] CPU: 1 UID: 0 PID: 20671 Comm: syz.0.4580 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1017.186292][T20671] Tainted: [L]=SOFTLOCKUP
[ 1017.186297][T20671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1017.186305][T20671] Call Trace:
[ 1017.186312][T20671]  <TASK>
[ 1017.186317][T20671]  dump_stack_lvl+0xe8/0x150
[ 1017.186334][T20671]  print_address_description+0x55/0x1e0
[ 1017.186347][T20671]  ? __ipv6_dev_ac_dec+0x4c2/0x690
[ 1017.186361][T20671]  print_report+0x58/0x70
[ 1017.186371][T20671]  kasan_report+0x117/0x150
[ 1017.186390][T20671]  ? __ipv6_dev_ac_dec+0x4c2/0x690
[ 1017.186405][T20671]  __ipv6_dev_ac_dec+0x4c2/0x690
[ 1017.186424][T20671]  ? in6_dev_get+0x1a/0x290
[ 1017.186437][T20671]  __ipv6_sock_ac_close+0x24e/0x430
[ 1017.186452][T20671]  inet6_release+0x4f/0x70
[ 1017.186463][T20671]  sock_close+0xc3/0x240
[ 1017.186475][T20671]  ? __pfx_sock_close+0x10/0x10
[ 1017.186486][T20671]  __fput+0x44f/0xa60
[ 1017.186503][T20671]  task_work_run+0x1d9/0x270
[ 1017.186521][T20671]  ? __pfx_task_work_run+0x10/0x10
[ 1017.186537][T20671]  ? do_raw_spin_unlock+0xf5/0x210
[ 1017.186556][T20671]  do_exit+0x70f/0x22c0
[ 1017.186572][T20671]  ? __might_fault+0xaf/0x130
[ 1017.186588][T20671]  ? __might_fault+0xaf/0x130
[ 1017.186602][T20671]  ? __pfx_do_exit+0x10/0x10
[ 1017.186617][T20671]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1017.186636][T20671]  do_group_exit+0x21b/0x2d0
[ 1017.186651][T20671]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1017.186667][T20671]  get_signal+0x1284/0x1330
[ 1017.186685][T20671]  arch_do_signal_or_restart+0xbc/0x830
[ 1017.186704][T20671]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1017.186724][T20671]  ? __x64_sys_recvmmsg+0x198/0x250
[ 1017.186742][T20671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.186755][T20671]  exit_to_user_mode_loop+0x86/0x480
[ 1017.186767][T20671]  ? rcu_is_watching+0x15/0xb0
[ 1017.186782][T20671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.186794][T20671]  do_syscall_64+0x33e/0xf80
[ 1017.186809][T20671]  ? trace_irq_disable+0x3b/0x140
[ 1017.186827][T20671]  ? clear_bhb_loop+0x40/0x90
[ 1017.186841][T20671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.186853][T20671] RIP: 0033:0x7f234d79cdd9
[ 1017.186864][T20671] Code: Unable to access opcode bytes at 0x7f234d79cdaf.
[ 1017.186871][T20671] RSP: 002b:00007f234e69b028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1017.186886][T20671] RAX: 0000000000010106 RBX: 00007f234da16090 RCX: 00007f234d79cdd9
[ 1017.186895][T20671] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000006
[ 1017.186904][T20671] RBP: 00007f234d832d69 R08: 0000000000000000 R09: 0000000000000000
[ 1017.186912][T20671] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1017.186919][T20671] R13: 00007f234da16128 R14: 00007f234da16090 R15: 00007f234db3fa48
[ 1017.186932][T20671]  </TASK>
[ 1017.186937][T20671] 
[ 1017.455219][T20671] Allocated by task 20672:
[ 1017.459640][T20671]  kasan_save_track+0x3e/0x80
[ 1017.464325][T20671]  __kasan_kmalloc+0x93/0xb0
[ 1017.468930][T20671]  __kmalloc_cache_noprof+0x31c/0x660
[ 1017.474302][T20671]  __ipv6_dev_ac_inc+0x37f/0xaf0
[ 1017.479231][T20671]  ipv6_sock_ac_join+0x6a8/0x880
[ 1017.484162][T20671]  do_ipv6_setsockopt+0x203a/0x3150
[ 1017.489383][T20671]  ipv6_setsockopt+0x59/0x170
[ 1017.494060][T20671]  do_sock_setsockopt+0x17c/0x1b0
[ 1017.499080][T20671]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1017.504284][T20671]  do_syscall_64+0x15f/0xf80
[ 1017.508905][T20671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.514822][T20671] 
[ 1017.517161][T20671] Freed by task 23:
[ 1017.520983][T20671]  kasan_save_track+0x3e/0x80
[ 1017.525691][T20671]  kasan_save_free_info+0x46/0x50
[ 1017.530741][T20671]  __kasan_slab_free+0x5c/0x80
[ 1017.535534][T20671]  kfree+0x1c5/0x640
[ 1017.539540][T20671]  rcu_core+0x7cd/0x1070
[ 1017.543776][T20671]  handle_softirqs+0x22a/0x840
[ 1017.548528][T20671]  run_ksoftirqd+0x36/0x60
[ 1017.552935][T20671]  smpboot_thread_fn+0x541/0xa50
[ 1017.557861][T20671]  kthread+0x388/0x470
[ 1017.561923][T20671]  ret_from_fork+0x514/0xb70
[ 1017.566513][T20671]  ret_from_fork_asm+0x1a/0x30
[ 1017.571280][T20671] 
[ 1017.573608][T20671] Last potentially related work creation:
[ 1017.579307][T20671]  kasan_save_stack+0x3e/0x60
[ 1017.583976][T20671]  kasan_record_aux_stack+0xbd/0xd0
[ 1017.589161][T20671]  call_rcu+0xee/0x890
[ 1017.593655][T20671]  __ipv6_dev_ac_inc+0x8e0/0xaf0
[ 1017.598581][T20671]  ipv6_sock_ac_join+0x6a8/0x880
[ 1017.603520][T20671]  do_ipv6_setsockopt+0x203a/0x3150
[ 1017.608708][T20671]  ipv6_setsockopt+0x59/0x170
[ 1017.613377][T20671]  do_sock_setsockopt+0x17c/0x1b0
[ 1017.618501][T20671]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1017.623692][T20671]  do_syscall_64+0x15f/0xf80
[ 1017.628276][T20671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.634161][T20671] 
[ 1017.636477][T20671] The buggy address belongs to the object at ffff8880227da400
[ 1017.636477][T20671]  which belongs to the cache kmalloc-96 of size 96
[ 1017.650344][T20671] The buggy address is located 32 bytes inside of
[ 1017.650344][T20671]  freed 96-byte region [ffff8880227da400, ffff8880227da460)
[ 1017.663952][T20671] 
[ 1017.666271][T20671] The buggy address belongs to the physical page:
[ 1017.672668][T20671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x227da
[ 1017.681419][T20671] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1017.688516][T20671] page_type: f5(slab)
[ 1017.692488][T20671] raw: 00fff00000000000 ffff88813fe19280 dead000000000100 dead000000000122
[ 1017.701059][T20671] raw: 0000000000000000 0000000800200020 00000000f5000000 0000000000000000
[ 1017.709627][T20671] page dumped because: kasan: bad access detected
[ 1017.716026][T20671] page_owner tracks the page as allocated
[ 1017.721729][T20671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 57, tgid 57 (kworker/u8:4), ts 95690583368, free_ts 95636416997
[ 1017.742131][T20671]  post_alloc_hook+0x231/0x280
[ 1017.746917][T20671]  get_page_from_freelist+0x24ba/0x2540
[ 1017.752469][T20671]  __alloc_frozen_pages_noprof+0x18d/0x380
[ 1017.758286][T20671]  allocate_slab+0x77/0x660
[ 1017.762791][T20671]  refill_objects+0x339/0x3d0
[ 1017.767457][T20671]  __pcs_replace_empty_main+0x321/0x720
[ 1017.772995][T20671]  __kmalloc_cache_noprof+0x392/0x660
[ 1017.778368][T20671]  dst_cow_metrics_generic+0x56/0x1c0
[ 1017.783729][T20671]  icmp6_dst_alloc+0x265/0x440
[ 1017.788483][T20671]  mld_sendpack+0x6ba/0xe40
[ 1017.792981][T20671]  ipv6_mc_dad_complete+0x88/0x540
[ 1017.798080][T20671]  addrconf_dad_completed+0x8a7/0xe60
[ 1017.803445][T20671]  addrconf_dad_work+0xc5e/0x14c0
[ 1017.808465][T20671]  process_scheduled_works+0xb5d/0x1860
[ 1017.814003][T20671]  worker_thread+0xa53/0xfc0
[ 1017.818581][T20671]  kthread+0x388/0x470
[ 1017.822644][T20671] page last free pid 5647 tgid 5647 stack trace:
[ 1017.828973][T20671]  __free_frozen_pages+0xbc7/0xd30
[ 1017.834079][T20671]  tlb_remove_table_rcu+0x85/0x100
[ 1017.839184][T20671]  rcu_core+0x7cd/0x1070
[ 1017.843419][T20671]  handle_softirqs+0x22a/0x840
[ 1017.848171][T20671]  __irq_exit_rcu+0xca/0x220
[ 1017.852763][T20671]  irq_exit_rcu+0x9/0x30
[ 1017.856993][T20671]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1017.862622][T20671]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1017.868599][T20671] 
[ 1017.870914][T20671] Memory state around the buggy address:
[ 1017.876533][T20671]  ffff8880227da300: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[ 1017.884581][T20671]  ffff8880227da380: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1017.892639][T20671] >ffff8880227da400: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1017.900684][T20671]                                ^
[ 1017.905786][T20671]  ffff8880227da480: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1017.913834][T20671]  ffff8880227da500: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1017.921877][T20671] ==================================================================
[ 1017.930884][T20671] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1017.938094][T20671] CPU: 1 UID: 0 PID: 20671 Comm: syz.0.4580 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1017.949054][T20671] Tainted: [L]=SOFTLOCKUP
[ 1017.953400][T20671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1017.963479][T20671] Call Trace:
[ 1017.966774][T20671]  <TASK>
[ 1017.969712][T20671]  vpanic+0x56c/0xa60
[ 1017.973710][T20671]  ? __pfx_vpanic+0x10/0x10
[ 1017.978221][T20671]  panic+0xc5/0xd0
[ 1017.981945][T20671]  ? __pfx_panic+0x10/0x10
[ 1017.986371][T20671]  ? __ipv6_dev_ac_dec+0x4c2/0x690
[ 1017.991499][T20671]  ? __ipv6_dev_ac_dec+0x4c2/0x690
[ 1017.996642][T20671]  check_panic_on_warn+0x89/0xb0
[ 1018.001603][T20671]  ? __ipv6_dev_ac_dec+0x4c2/0x690
[ 1018.006731][T20671]  end_report+0x73/0x170
[ 1018.010997][T20671]  ? __ipv6_dev_ac_dec+0x4c2/0x690
[ 1018.016117][T20671]  kasan_report+0x128/0x150
[ 1018.020637][T20671]  ? __ipv6_dev_ac_dec+0x4c2/0x690
[ 1018.025761][T20671]  __ipv6_dev_ac_dec+0x4c2/0x690
[ 1018.030711][T20671]  ? in6_dev_get+0x1a/0x290
[ 1018.035229][T20671]  __ipv6_sock_ac_close+0x24e/0x430
[ 1018.040437][T20671]  inet6_release+0x4f/0x70
[ 1018.044863][T20671]  sock_close+0xc3/0x240
[ 1018.049117][T20671]  ? __pfx_sock_close+0x10/0x10
[ 1018.053973][T20671]  __fput+0x44f/0xa60
[ 1018.057974][T20671]  task_work_run+0x1d9/0x270
[ 1018.062575][T20671]  ? __pfx_task_work_run+0x10/0x10
[ 1018.067694][T20671]  ? do_raw_spin_unlock+0xf5/0x210
[ 1018.072819][T20671]  do_exit+0x70f/0x22c0
[ 1018.076985][T20671]  ? __might_fault+0xaf/0x130
[ 1018.081678][T20671]  ? __might_fault+0xaf/0x130
[ 1018.086361][T20671]  ? __pfx_do_exit+0x10/0x10
[ 1018.090964][T20671]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1018.096002][T20671]  do_group_exit+0x21b/0x2d0
[ 1018.100605][T20671]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1018.105818][T20671]  get_signal+0x1284/0x1330
[ 1018.110334][T20671]  arch_do_signal_or_restart+0xbc/0x830
[ 1018.115896][T20671]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1018.122077][T20671]  ? __x64_sys_recvmmsg+0x198/0x250
[ 1018.127304][T20671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1018.133381][T20671]  exit_to_user_mode_loop+0x86/0x480
[ 1018.138672][T20671]  ? rcu_is_watching+0x15/0xb0
[ 1018.143454][T20671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1018.149527][T20671]  do_syscall_64+0x33e/0xf80
[ 1018.154139][T20671]  ? trace_irq_disable+0x3b/0x140
[ 1018.159181][T20671]  ? clear_bhb_loop+0x40/0x90
[ 1018.163865][T20671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1018.169772][T20671] RIP: 0033:0x7f234d79cdd9
[ 1018.174199][T20671] Code: Unable to access opcode bytes at 0x7f234d79cdaf.
[ 1018.181220][T20671] RSP: 002b:00007f234e69b028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1018.189644][T20671] RAX: 0000000000010106 RBX: 00007f234da16090 RCX: 00007f234d79cdd9
[ 1018.197620][T20671] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000006
[ 1018.205596][T20671] RBP: 00007f234d832d69 R08: 0000000000000000 R09: 0000000000000000
[ 1018.213577][T20671] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1018.221549][T20671] R13: 00007f234da16128 R14: 00007f234da16090 R15: 00007f234db3fa48
[ 1018.229542][T20671]  </TASK>
[ 1018.233118][T20671] Kernel Offset: disabled
[ 1018.237441][T20671] Rebooting in 86400 seconds..