last executing test programs:

36.301123077s ago: executing program 0 (id=602):
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000000)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000000))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000040))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000080))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000000c0)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000000c0))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000100))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000140))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000180))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000001c0))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000200))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000240))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000280))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000002c0)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000002c0))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000300))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000340)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000340))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000380))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000003c0)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000003c0))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000400)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000400))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000440))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000480))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000004c0)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000004c0))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000500)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000500))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000540))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000580)) (async)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000580))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f00000005c0))
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000000600))
r0 = syz_open_dev$usbfs(&(0x7f0000000640), 0x1, 0x80)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000680)={"024b8c22f562788861f3a511394d17ef", <r1=>0x0, 0x0, {0x5, 0x4}, {0x0, 0x4}, 0xffffffffffffffff, [0xbc, 0x7, 0x2, 0x1, 0x8, 0x0, 0x4, 0x0, 0x5, 0x400, 0x87f, 0xcd3, 0x3de, 0xda, 0xf0, 0x8]})
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000780)={<r2=>0x0, "2aee83154b6536f4a977b229b137fa27"})
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000001780)={{}, r1, 0x10, @unused=[0xfffffffffffffffb, 0x0, 0xfffffffffffffff9, 0x5], @devid=r2}) (async)
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000001780)={{}, r1, 0x10, @unused=[0xfffffffffffffffb, 0x0, 0xfffffffffffffff9, 0x5], @devid=r2})
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x4003, &(0x7f0000002780))

35.486475869s ago: executing program 0 (id=603):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async, rerun: 32)
syz_open_dev$video(&(0x7f0000000040), 0xa8, 0x41841) (async, rerun: 32)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x2, 0x5, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x61e5cc96}, 0x94)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0x1}, &(0x7f0000000100), &(0x7f0000000140)=r0}, 0x20)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000003c0)={@private, @private}, &(0x7f0000000400)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 32)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (rerun: 32)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x6f, 0x0, 0x9, 0x0, 0xe999, 0xfa11, 0xffffffff}, 0x0) (async, rerun: 64)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001) (async, rerun: 64)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async)
r5 = syz_open_dev$dri(&(0x7f0000000500), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09) (async)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}}) (async)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc02064b9, &(0x7f0000000480)={&(0x7f0000000240), &(0x7f0000000400), 0x0, 0x0, 0xfbfbfbfb}) (async)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101040)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) (async)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r7=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f0000000240)={r7, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r6, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]}) (async)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r6, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r8, 0xcccccccc}) (async, rerun: 32)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) (rerun: 32)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)

34.855933408s ago: executing program 0 (id=605):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[], 0x20)
write$binfmt_script(r0, &(0x7f0000000000), 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x100)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
flock(r1, 0x5)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000000040)={&(0x7f00000013c0)=[{0x9e52, 0x0, 0x0, 0x0}, {0x81, 0x8000, 0x0, 0x0}], 0x2})
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073667a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000007440000001c0a01020000000000000000010000000900020073797a3200000000180003801400008004060080080003400000000184000b800900010073797a3000000000140000001000010000000000000000000000000a"], 0xd0}}, 0x0)
preadv(r2, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0xe, 0xfff1}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}, @TCA_RATE={0x6, 0x5, {0x5f, 0x5}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000010)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000240)={@remote, @mcast1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1, 0x3ff, 0x7, 0x400, 0x8, 0x20, r7})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r8, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000200)=@urb_type_control={0x2, {0x0, 0x1}, 0x1, 0xc0, &(0x7f0000000080)={0x5, 0x17, 0x0, 0x8, 0x6}, 0x8, 0xff, 0x7, 0x0, 0x0, 0x1, &(0x7f00000000c0)="f4813154ed6d2e84c710516707c2f0319da7b451f5940618b156c84fda9aa175f72df4f22cb5e03645fa281bae011e5d6acf17649585a9addd7214c137b7f039fab928cac0e6a408aba1119fc7a8f2efb6fd75338e27f601686baeca1acc5241b773c87d14ae316a4516440801aa3822dd2b35d957526e92d72c14ab48153668495917502edc332b0761a9301a3f386193a1e9e7aa5457f3a324e67e1c8ed4ffc2e3d5fc47503eac1c91739f7cca2cf12ff4f82a4c49dbfa5b6e50851a823b6a6cfe275b78d9d035eedbecca9462e95ed937081bc8f04bb3"})
setsockopt$inet6_IPV6_HOPOPTS(r8, 0x29, 0x36, &(0x7f0000000280)=ANY=[], 0x8)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x84, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3, 0x4}, 0x20)
r9 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x38)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x38099, 0x20015}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x8}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e22}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8c1}, 0x0)
recvmmsg(r8, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)

28.42501633s ago: executing program 0 (id=612):
r0 = syz_usb_connect$printer(0x5, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000001300)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x37, &(0x7f0000000040)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read(r2, &(0x7f0000000100)=""/138, 0x8a)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(r3, &(0x7f0000000440)={0x2, 0x5}, 0x2)
r4 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000190000404f045db600000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0xfc, 0x2f, 0x62, 0x40, 0x9c4, 0x11, 0x638, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x72, 0x6, 0x10, 0x6, "", [{{0x9, 0x4, 0xf0, 0xe8, 0x2, 0xb5, 0x1c, 0x80, 0x3, [], [{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0xff, 0x10, 0x3}}, {{0x9, 0x5, 0xeb3925d0f91dd4ca, 0x2, 0x10, 0x10, 0x2, 0x81}}]}}]}}]}}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x3, [{0x6b, &(0x7f00000002c0)=@string={0x6b, 0x3, "c0271a5ae6860a996510f8b6a4fd65381f1c970d2225b6efe3c47f334e246fa7926494975cfbdb7b9199d4c8b36caf3baadb9b4c975ba706caed167ff47028b423825b3d1a0f2b18692ffb161e3be60f568ce177fc28edd4c3ae1886173ab3802d7982c0a7dd2cb168"}}, {0x64, &(0x7f0000000340)=@string={0x64, 0x3, "d5b61f600ea168f5dead2dbe6869a209edacb64a312d9a60cc8a8cd57f1feec6b897c3a7a5f840aa105724fcdf08ad5c3ffdd74ed4b40f7b0d0e5a982de810b6f83edf890173d3c59165efd15ce7d3c92bdb478b14dd544bfe4cff8fd97b5cf459ff"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x408}}]})
io_setup(0x2, &(0x7f0000000100)=<r5=>0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0xa2, 0x0)
r6 = eventfd(0x38000)
io_submit(r5, 0x1, &(0x7f0000000200)=[&(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7, r6, 0x0, 0x0, 0x100000002, 0x0, 0x2, r6}])
syz_usb_control_io$hid(r4, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x74, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x44, 0x2, {{0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x10, 0x0, 0x6}}]}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x74}}, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)
r10 = syz_open_dev$vcsa(&(0x7f0000000080), 0x1, 0x40402)
writev(r10, &(0x7f0000000c40)=[{&(0x7f00000005c0)="c2", 0x1}, {0x0, 0x500}], 0x2)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000280)={0x2c, &(0x7f0000000240)=ANY=[@ANYRES64=r6], 0x0, 0x0, 0x0, 0x0})

25.444644446s ago: executing program 3 (id=614):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg(r0, &(0x7f0000000280)=[{{&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0xf275, @loopback={0x102000000000000}, 0x1a, 0xffffffff}, 0x80, &(0x7f0000001440)=[{&(0x7f0000002b40)="f7", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x84, 0x1}], 0x10}}], 0x2, 0x40408c1)

24.782240024s ago: executing program 0 (id=615):
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
close(0xffffffffffffffff)
r0 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000780)=ANY=[], 0x2c2)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000140)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x8000001, @private0, 0x3}, 0x57, &(0x7f00000003c0)=[{&(0x7f00000001c0)="14", 0x1}], 0x1}}, {{&(0x7f0000000300)={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x3a}, 0xc}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000800)='M', 0x1}], 0x1, 0x0, 0x5dc}}], 0x2, 0x931766f6319eed40)

22.832443033s ago: executing program 0 (id=616):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000704000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="00a300000000000008000500", @ANYRES32=0x0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000340)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x34808521, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20, 0x0, 0x0, {0x0, 0x11}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000080000000100000080000000169987d8b13197c286c784ca15c610dc446a33a1b6525d140f"], 0x50)
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r5, &(0x7f00000000c0)='!', 0xffffff49, 0x3000000000000500}])
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
dup3(r5, r2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x2c}, [@ldst={0x0, 0x0, 0x2}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x200000a, 0x191, 0xffffffffffffffff, 0x0)

21.167349404s ago: executing program 3 (id=620):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x6b)
close(r1)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2, &(0x7f0000000040)=0x80000004, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x4, @empty, 0x7}, 0x1c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x530, 0x1d8, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x460, 0xffffffff, 0xffffffff, 0x460, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0xd8010000], [0xffffff00], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x1b0, 0x1d8, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [0xff000000, 0xffffffff, 0xff, 0xffffffff], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xff, 0xffffffff, 0xffffffff], @ipv6=@empty, [0xff000000, 0xff, 0xff, 0xff], @ipv6=@local, [0xffffffff, 0xff000000, 0xff000000, 0xffffff00], 0x80, 0x54, 0x3b, 0x4e20, 0x4e23, 0x4e21, 0x4e23, 0x446, 0x39a}, 0x100, 0x20}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x0, 0xfffffffe, 0xe, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x590)

20.205752316s ago: executing program 1 (id=625):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000140)=0x40, 0x4)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/62, 0x328000, 0x800, 0x9, 0x3}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x2, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r3, 0x0, r2}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x25dfdbff, {0x0, 0x0, 0x29, r6, {0x3, 0xfff1}, {0x4, 0xa}, {0x0, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x4048080}, 0x0)

19.82791182s ago: executing program 3 (id=626):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020bd28940000000000000109022400010000000009040100010300000009210000000122070009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="00220a00000003863523468bb1cece770750070f77958bfac8626db96d6abad9799c36b9f06c500209c8f1006a8161a7bd8ef4c3366ffa133e1190cad0fcb5a73c7c034b6ca832a00657a976477c265fb93916eab4be88db1fdf4afa349284cf962a149804d0", @ANYRES8=r0, @ANYRESOCT=r0], 0x0}, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2710, @hyper}, 0x10)
connect$vsock_stream(r1, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000000)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400f2ff070000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$rds(0x15, 0x5, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0x8, 0x1a7e80)
syz_open_dev$sg(&(0x7f00000001c0), 0x0, 0x101a02)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x40, 0x0, @empty, 0xf0}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r5 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsmount(r5, 0x0, 0x1)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r6, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000ac0)="ee", 0xffffff1f}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb71658bda99b49720fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
recvmsg$kcm(r6, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x202)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x303, 0x36}, "f1ff5ef2fe010017", "9e8ecc7bb5352776725e1047711330ff2bb17b5508000000000000009bc400", "2fec9ec4", "4432dcee51061b01"}, 0x38)
r7 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r7, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x20000000, 0x0, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r8, 0xffffffffffffffff, 0x0)
mmap$snddsp_control(&(0x7f0000003000/0x2000)=nil, 0x1000, 0x1000008, 0x4010, 0xffffffffffffffff, 0x83000000)

19.827385627s ago: executing program 4 (id=627):
syz_emit_ethernet(0x11f, &(0x7f00000009c0)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "180700", 0xe9, 0x3a, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @remote, [{0x27, 0x1a, "683059d2c59bb5135b4b588b486dc9cb1a61691d8869574f82a3acd7e25834746e347bfe0d669c6627318a44b1100722c6fb8851cb521d3671cb2cffdff0f9b785eca9ce4e8108ed7455f740d6df93fe23b3d24768729d71aaa5b7824acae768ff07076321b4e770bc559971bbe28b333661c03f5f7ad1c8ce12ab15b03f5fd47a635853202945e7ddbac7230f018abb1f355bc751c398290328d12e2250581970aeca5b1cf7f38d30a28b4395b03785613536d939dbe9bd6410baf71a6c90de812944d3d9e8201eb2948bd926f33b"}]}}}}}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001040))
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000340), 0xa0042, 0x0)
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380), 0x44000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc018937e, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r7, {0x4}}, './file0\x00'})
sendmsg$NL80211_CMD_SET_POWER_SAVE(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)={0x24, r3, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PS_STATE={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x88c0)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042406024424"], 0x0)
syz_usb_connect$cdc_ecm(0x6, 0x4d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12015002020000082505a1a440000102030109023b000101068004090400dd0202060004052405"], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="020000000400000008000000ff03000080000000", @ANYRES32, @ANYBLOB="00d4c51ab6ffedd29000f5ffffffffffffff00"/28, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r11 = syz_io_uring_setup(0xefc, &(0x7f00000001c0)={0x0, 0x4fbe, 0x100, 0x3, 0xfffffffd}, &(0x7f0000000100), &(0x7f0000000040), &(0x7f0000000180))
socket$igmp6(0xa, 0x3, 0x2)
io_uring_enter(r11, 0x1, 0x135a, 0x0, 0x0, 0x0)
getsockopt$inet_pktinfo(r9, 0x0, 0x8, &(0x7f0000000000)={<r12=>0x0, @initdev, @loopback}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058000000850000003600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x58, '\x00', r12, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$UHID_INPUT(r9, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b6e0987f70e06d038e7ff7fc6e5539b3248298b089b07083458090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006)
r13 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r13, &(0x7f0000000040)={[{0x2b, 'rdma'}, {0x2b, 'cpuset'}]}, 0xe)
socket$nl_generic(0x10, 0x3, 0x10)

18.144618705s ago: executing program 1 (id=628):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x40d82, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000300), 0x94401, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0, {0x10001}}, './file1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001700010324bd7100fcffffff0a000000"], 0x14}, 0x1, 0x0, 0x0, 0x200448d3}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x8042, 0x90)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
fcntl$getownex(r1, 0x10, 0x0)
process_vm_writev(0x0, &(0x7f0000001740)=[{&(0x7f00000001c0)=""/118, 0x76}, {&(0x7f0000000240)=""/133, 0x85}, {&(0x7f0000000300)}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/134, 0x86}, {&(0x7f0000001700)=""/10, 0xa}], 0x6, &(0x7f0000002a00)=[{&(0x7f00000017c0)=""/153, 0x99}, {&(0x7f0000001880)}, {&(0x7f00000018c0)=""/4096, 0x1000}, {&(0x7f00000028c0)=""/47, 0x2f}, {&(0x7f0000002900)=""/200, 0xc8}], 0x5, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002a80)=ANY=[@ANYBLOB="9a0000001300100000000000fbdbdf25fc00000000000000000000000000fc000000000000000000000000000001000000044e2400000a0060203b296528024ab5f0920de8c9f63c04f13981a0f5d30e0a7c14db3eec4b697f2d2cda755c285a2d27b952d7afc9927c3386b5839fb4c86fd704fd87bc54cfd1c1230a45f629cbe3738e997d4b610d9ecd471464abcbab99d58e5f608a450559dc51a179f451d2b312d48ece3828933036e557b8fdc427ba759fc678a1433ca876f98372b12b7d66f687408c46f9063e5764e4aa5f668b6a5667ad231b699f9646b2d7a76783d83cd4b07161c5acb8ff7fa3ae9395371b9483065cabcf8a40ae91852764139f72a35bc8", @ANYRES32=0xee01, @ANYBLOB="00000000000000000400000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000feffffffffffffff00000000000000000000000000000000000000000000000009000000000000000001020000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000001"], 0xb8}, 0x1, 0x0, 0x0, 0x40000000}, 0x4008000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe80, 0x0, &(0x7f0000000280)="61df718305a35997984d4763fcac", 0x0, 0xe697, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = syz_usb_connect(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902240001000010000904b8"], 0x0)
syz_usb_control_io$uac1(r6, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x20a000, 0x0)
syz_open_dev$loop(0x0, 0x8, 0x40)

15.762624166s ago: executing program 3 (id=630):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newlink={0x28, 0x10, 0x40d, 0x70bd27, 0x1ffffff9, {0x0, 0x0, 0x0, r2, 0x60046, 0xa00}, [@IFLA_EVENT={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40088c0}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="30000000100001085f0000000000003a33a9e4fc", @ANYRES32=0x0, @ANYBLOB="00000000e300020008000a00", @ANYRES32=r2, @ANYBLOB="08001b"], 0x30}}, 0x0)

15.080973898s ago: executing program 2 (id=631):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x40c0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000800)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x4, 0xa}, {}, {0xffe0, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x8}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0xfff2, 0x6}}]}}]}, 0x4c}, 0x1, 0xf2ff0000, 0x0, 0x8848}, 0x20004804)

12.649867281s ago: executing program 3 (id=632):
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
poll(&(0x7f0000000100)=[{r1, 0x10}], 0x1, 0x8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x2c, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x63b5, &(0x7f0000006680))
syslog(0x3, &(0x7f0000000240)=""/4096, 0x1000)
keyctl$get_persistent(0x16, 0xffffffffffffffff, 0xfffffffffffffffb)
recvmsg(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f000000c080)=[{&(0x7f000000acc0)=""/4086, 0xff6}, {&(0x7f000000bec0)=""/21, 0x15}], 0x2}, 0x20)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x54, 0x81, 0x0, '\x00', 0x7fffffffffffffff})
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffde1, &(0x7f0000000040)=[{&(0x7f0000000080)="14000b63d25a80648c251bfd07b5e9d100000000", 0xffffff41}], 0x1}, 0x0)

12.490886067s ago: executing program 4 (id=633):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x5, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}, [@btf_id={0x18, 0x3, 0x3, 0x0, 0x4}]}, &(0x7f0000000040)='GPL\x00', 0x4000}, 0x94)

8.508798639s ago: executing program 2 (id=634):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0xffa0}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x18, 0x29, 0x37}}, @ip_tos_u8={{0x38, 0x29, 0x37}}, @ip_pktinfo={{0x1c, 0xffe0, 0x8, {0x0, @empty, @loopback}}}], 0x50}, 0x80fe)

7.538245574s ago: executing program 32 (id=616):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000704000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="00a300000000000008000500", @ANYRES32=0x0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000340)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x34808521, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20, 0x0, 0x0, {0x0, 0x11}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000080000000100000080000000169987d8b13197c286c784ca15c610dc446a33a1b6525d140f"], 0x50)
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r5, &(0x7f00000000c0)='!', 0xffffff49, 0x3000000000000500}])
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
dup3(r5, r2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x2c}, [@ldst={0x0, 0x0, 0x2}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x200000a, 0x191, 0xffffffffffffffff, 0x0)

7.51464351s ago: executing program 4 (id=636):
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x44, 0x0, 0x4b6b9d28c5b9a46b, 0x70bd25, 0x25dfdbfb, {}, [@L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e23}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x7}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @dev={0xac, 0x14, 0x14, 0x31}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x800, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4422}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_virt_wifi\x00'}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="50000000100001040000000000e0000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e000000180002"], 0x50}}, 0x0)

6.42168385s ago: executing program 1 (id=637):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = getuid()
quotactl$Q_GETQUOTA(0xffffffff80000701, &(0x7f0000000180)=@sr0, r3, &(0x7f0000001700))
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
sendmsg$nl_generic(r1, &(0x7f0000000840)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x5)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @time={0x101, 0x8}, {}, {}, @control={0x3, 0x7fa5, 0xffff}}], 0x1c)
r6 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r6, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x40000000, 0x3}, 0x49)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r7, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80)
r8 = dup3(r6, r7, 0x0)
write$P9_RGETATTR(r8, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r9, 0x4048aec9, &(0x7f0000000380)={0x3, 0x0, @ioapic={0xffff1000, 0x8, 0x8, 0x5, 0x0, [{0x89, 0x10, 0x8, '\x00', 0x81}, {0x7, 0x50, 0x1, '\x00', 0xd8}, {0xc, 0x5, 0x8, '\x00', 0x8}, {0x81, 0x81, 0xb, '\x00', 0x81}, {0x40, 0x8, 0x0, '\x00', 0x52}, {0xba, 0x49, 0x7, '\x00', 0x9}, {0x3, 0x2, 0x9, '\x00', 0xfb}, {0x2, 0xd1, 0x7, '\x00', 0x7}, {0x9, 0x4, 0xf8, '\x00', 0xb}, {0x0, 0x6, 0x2, '\x00', 0x9}, {0xfb, 0x0, 0xc, '\x00', 0x6}, {0xd5, 0xec, 0x3, '\x00', 0x5}, {0x67, 0x81, 0x5, '\x00', 0x1}, {0xe3, 0x2, 0x0, '\x00', 0x5}, {0x4, 0x4, 0x6, '\x00', 0x2}, {0x5, 0x3, 0x34, '\x00', 0x3}, {0x5, 0x64, 0x6, '\x00', 0x60}, {0x14, 0x6, 0x5, '\x00', 0x1}, {0xb0, 0x4, 0x5, '\x00', 0x2}, {0x6, 0x7, 0x0, '\x00', 0x3}, {0x8, 0xff, 0x42}, {0xd, 0xef, 0x33, '\x00', 0x9}, {0xf, 0x9, 0x17, '\x00', 0x6}, {0xbe, 0xb2, 0x2, '\x00', 0x8}]}})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c00"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0100001000fba4513f000000000000000003e4e7c1269cbf06d32ed3092e010000444ffb4fe9a627871ffaad37a56a25d110ee47dfa2675f62de555153adc05a27c0dea77efb9b25d08126f459d2f0b50c3d61fe2d3ab8100caf413d4c07c9cce9a616e13e728c50b06672d2f03078e2e5aa871bea53a2d2d812258e1055093016ec51cd16ca22dc5cbead3482dcb6e8af2d21548f1d5abef12e22b93bc6b28b00ce30fc5aca326d4b1fbac4d12a0f551f5db191b3d7e4", @ANYRES32=r2, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800500010006000000"], 0x3c}}, 0x0)
r10 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r10, 0x10e, 0xc, &(0x7f0000000980)={0x9, 0x47, 0xfffffffc, 0x40000}, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x1c, 0x52, 0x1, 0x100, 0x4, {0x2}, [@typed={0x8, 0x1, 0x0, 0x0, @binary="feffffff"}]}, 0x1c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1f00000004000000060000000700000080130000", @ANYRES32, @ANYBLOB="0000000000000000008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000001"], 0x50)
sendmsg$kcm(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
socket$kcm(0x10, 0x2, 0x0)

6.246794971s ago: executing program 2 (id=638):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@ipv4_newrule={0x24, 0x20, 0xf4db158ec847dc81, 0x70bd2b, 0x25dfdbfe, {0x2, 0x0, 0x10, 0x0, 0x55, 0x0, 0x0, 0x7, 0x1f}, [@FRA_SRC={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0xa}}]}, 0x24}, 0x1, 0x0, 0x0, 0xd5}, 0x44004)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x439, 0xfffffff7, 0xff000000, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1313}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @private=0xa010100}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x40008c0)

5.966510829s ago: executing program 4 (id=639):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x3, 0x1, 0x0, 0x5}, 0x20)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$inet6_sctp(0xa, 0x5, 0x84)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
clock_adjtime(0x17, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0xfffffffffffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x8, 0x1, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x100, 0x3, 0x0, 0xe438, 0x0, 0x6, 0xe0})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r3, 0x0, 0x0, 0xf2, 0x207fff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, &(0x7f0000000280))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r7, 0x4068aea3, &(0x7f0000000180)={0xbc, 0x0, 0x1})
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000080)={0x40, 0x17, 0x4, 0x4, 0x0, 0x5ff2, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="3b76210fb6150f209e440f20c0663503000000440f22c00fa2660fc7b2d42af30fa7d0440f20c066350d000000440f22c06767f2caab12bad004ec", 0x3b}], 0x1, 0xd, 0x0, 0x0)

5.442123055s ago: executing program 2 (id=640):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = fsopen(&(0x7f0000000580)='overlay\x00', 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000000080)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r2=>0x0}, {0x0, @struct}})
ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f00000005c0)={r2, "0ab81f775537054993f9351e15186ed8"})
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000000)={{r0}, {@val={r2}, @max}}) (async)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x4001, 0x3, 0x280, 0x130, 0x700001b, 0x148, 0x0, 0x148, 0x1e8, 0x206, 0x240, 0x1e8, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x1ea, 0xd0, 0x130, 0x0, {0x390, 0x8f00}, [@common=@unspec=@quota={{0x38}, {0xfffffffc, 0x0, 0x8, {0x7}}}, @inet=@rpfilter={{0x28}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @empty, 0x5, 0xb, [0x12, 0x36, 0x2a, 0x10, 0x27, 0x11, 0x31, 0x9, 0x16, 0x39, 0x4, 0x34, 0x36, 0x3d, 0x2a, 0x4], 0x2, 0x4, 0x1009}}}, {{@uncond, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@broadcast, 'veth0_vlan\x00', {0x7}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x24, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}}, 0x0) (async)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) (async, rerun: 32)
r5 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="380000005500e50128bd70000000000007000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="770001000000000000000000000000000000000008"], 0x38}}, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000002c0)={0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="c60009"], 0x0, 0x0, 0x0}, 0x0) (async)
syz_usb_control_io(r4, 0x0, 0x0) (async)
syz_usb_control_io$hid(r4, &(0x7f0000001640)={0x24, 0x0, 0x0, &(0x7f0000001bc0)=ANY=[@ANYBLOB="00230100000090"], 0x0}, 0x0) (async)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) (async)
syz_usb_disconnect(r4)

4.74574436s ago: executing program 1 (id=641):
fcntl$lock(0xffffffffffffffff, 0x410, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {}, @result={0x0, 0x1}}], 0x1c)
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0xfe]}}], 0xffc8)

3.192005523s ago: executing program 2 (id=642):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
fsetxattr$security_capability(r0, &(0x7f00000000c0), &(0x7f0000000100)=@v2={0x2000000, [{0x4, 0x7}, {0x1ff, 0x4}]}, 0x14, 0x0)
socket$kcm(0x2, 0x1000000000000002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r2, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x38, 0x1406, 0x200, 0x70bd2a, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x38}}, 0x40080d0)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x4000000, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xffff, 0x5}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xffff12c3}]}, 0x2c}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000006c0)={@fallback, 0xffffffffffffffff, 0x2f, 0x2068, 0x4}, 0x20)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000004b00)={{0x2, 0x4e21, @rand_addr=0x64010103}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0x4, {0x2, 0x4e24, @remote}, 'xfrm0\x00'})
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x400, 0x0)
write$tun(r4, 0x0, 0x318)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[], 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r3, 0x4008941a, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r6, &(0x7f0000000000)={&(0x7f00000001c0)={0xa, 0x4e20, 0x80000, @dev={0xfe, 0x80, '\x00', 0x20}, 0xfffffffe}, 0x1c, 0x0}, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r8, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="050000000300000000000000", @ANYRES64=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRESOCT], 0x48}, 0x1, 0x0, 0x0, 0x4140}, 0x48000)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="4000000010000104000000000300000000000000", @ANYRES32=0x0, @ANYBLOB="10c00000000000001800128008000100677470000c00028008000200", @ANYRES32=r10, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="413afd243e853a9aec814bbe6f325c1eaa6cf46944ba96e95ca68c539ad9c5dce922baaac71a3fc9ae6fc83e34add7ca3d2ed01ebf029ad2ff5ea4cd1ae68f239c07d99b263cc8d274f34d7b219ef55ca9f6b190d38c55c295d1b4f75dd0e6ed1a44172e8c0839f6196d301bb12fe8f7df941c"], 0x40}}, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)

628.020969ms ago: executing program 4 (id=643):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7b7bd934981b9e2bed68101299874a4837cf01ceafaca3ab712cb4aa9e095062a5c3fd104911452e7f79c2bab5c69798bbde12aed4ef483e9b3e3c30dc94af93be6af7daa2fb43e924efe4a0cb2ae61ee6b8ef44486ad0418245d7a311429ed180d1b6fed996a21ea01bc0e3d7e10ec16edb5159852ea9c647a1689cd54ae237342a15dfca4e1874962ed2ec476388379f5e72d53b92968b449e144616c46a418d80a72912d075c7395b18776b577ad033ec2c39c5a1688e3d8c3061b2f7fec41d9ff471c86d9bec2fdb075cec143cedad06f4cc6cbf76ad59827bfe3b020755ba"], 0x30}, 0x1, 0x0, 0x0, 0x2404885c}, 0x0) (async)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, 0x0, &(0x7f0000000100)) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) (async)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="49cae433badd34c1590d1c038f9f1c115eca6521cc6351f83c184dc64df545c505e4e34d905c5959c1073085f29e5fab8752aacf44136b2a2012014c36ab9df672cdc8a0d1bebce1f01e3f00622db09f9cec926060d24ecbebcab98aed656c46dc032bd60646a841d1e05a9ef7f124df15e0c65e275760c54bfb1e4518c5cbc729a64778a2947ba660812ed6de1941aefc3e1703f64e2d6256336daf9fd35eb0cba277b9fbce3cb9184dca0fb35b8b35cf1ee53728b01ecca27bccd79970783c", 0xc0) (async)
r4 = shmget(0x2, 0x3000, 0x78000c00, &(0x7f000044a000/0x3000)=nil) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r6 = socket(0x400000000010, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffe}}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newtfilter={0x5c, 0x2c, 0xf3f, 0x70bd2c, 0x25dfdbbd, {0x0, 0x0, 0x0, r7, {0xc, 0xc}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x1}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x30, 0x86, 0x1}, {0x5, 0x7}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20041090}, 0x4880)
shmat(r4, &(0x7f0000a8f000/0x1000)=nil, 0x5000) (async)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = fcntl$dupfd(r8, 0x406, r3)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r9, 0x6, 0x23, 0x0, &(0x7f0000000180)) (async)
write$binfmt_register(r9, &(0x7f0000000080)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x7, 0x3a, '\x00', 0x3a, 'syzkaller0\x00', 0x3a, './file0', 0x3a, [0x43]}, 0x34) (async)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) (async)
ioctl$VT_OPENQRY(r10, 0x5600, &(0x7f0000000040)) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000680)={'wlan0\x00'}) (async)
r11 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r11, 0x84, 0x64, &(0x7f0000000180), 0x0)

571.169083ms ago: executing program 1 (id=644):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xfff7e002, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}, {0x6, 0xc}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000041}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000840)=@newtfilter={0x5c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x3}, {}, {0x4, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x30, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0xfff1}}, @TCA_U32_SEL={0x24, 0x5, {0xc, 0x6, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0xebd, 0x1, 0x206, 0x7}]}}]}}]}, 0x5c}, 0x1, 0x2c}, 0x24040084)

560.638749ms ago: executing program 3 (id=645):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
r2 = syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
socket(0x1f, 0x3, 0x1ffffe)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8b0f, &(0x7f0000000040)={'geneve1\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r8=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1, 0xb, &(0x7f00000009c0)=ANY=[@ANYRES16=r0, @ANYBLOB="89ef215ca190eeea8ae4a1ca363e16da7dd9254a82e74d0f0f4a9a722070352bf261fb696decccc142decfcb07d230ead06bc2f5b2257e75fa75b51b19178f69784a39a119071ecb36be3f589892dd9770159a7ffab4dfd9deaef2a8d897819c7bd58c25ac2c37f4fd5e031cb41afa14396f71f8ff863c3e9d00"/132, @ANYRESDEC=r1, @ANYRESDEC, @ANYBLOB="c89695db345b5a6184589737c2aa614120ee92781bcdef3dc39531f1bf1b9e4b75384f7eaa6f5ebae8758b13f03a50ddb627319ca1c468ac9776b5a2b05a64ddbbeff670e3f8ee0528759110e47568c5ed73ac1a9a5f4440da0d82dd16d9ff603c85f549f076965bf718509d2a4d998511ff9b8df737657e5e21d97f8d8818aed0900d938df61cc53d644645cbb6eddfa637540c1eefa57afe6614f01af5f54daaaa368274c887e6d1aa7405fa37ed7439304ab81f3c52252ac00ba41e441a76d05d852bcef27d28a995f564d8755d84e509f1fd84d9deee30d781429def726d5df82c54ec100fd1bbd02c8bedee5d5978b02b06f88a104475bf8cbc48b446d6d5eb238e2d358e7a5afb541122f229f5584bcfa617d5f251520b6b6b942e8f03b909b8e4c34f26d3cf67ee6a5e109ff8", @ANYRES16=r8], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x73}, 0x94)
r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r10 = socket$kcm(0x11, 0x2, 0x300)
ioctl$EVIOCGPROP(r10, 0x80404509, &(0x7f0000000180)=""/23)
r11 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)={0xc000, 0x10, 0x3e}, 0x18)
r12 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r11, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYRES16=r12, @ANYBLOB], 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
ioctl$sock_kcm_SIOCKCMUNATTACH(r10, 0x8907, 0x0)
recvmsg$kcm(r11, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x100)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})

397.44038ms ago: executing program 2 (id=646):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x300, 0x8002}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x3c, 0x8016, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @broadcast}, {{0xa200, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xe000}}}}, 0xfdef)

23.699284ms ago: executing program 4 (id=647):
socket(0x10, 0x803, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101901, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="280000001800010000000000000000000200000008000000030000007bfe088008002600", @ANYRES32=0x0, @ANYBLOB="df8de4dda28e7a9c70b9cb2c2b268257cf45f77715d3bcff536635f4edda9c1b82b9cb1c9efcb7a129"], 0x28}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3942, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x7)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x88, 0x4, 0x3, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1a, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x10001, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0x0, 0x54, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x20, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0x80000c74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffe, 0x3fd, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x5, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0xfe, 0x4, 0x40, 0x9, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x3042c26b, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffff0000, 0x7, 0x5, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x63, 0x4, 0x4, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7ffffffb, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e3, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0x2, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0xfffffffa, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0xe, 0x89, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x2, 0x80000004, 0x29, 0x9, 0x0, 0x7, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x5, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x8, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xc, 0x6, 0x7, 0xfffffeff, 0x100, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0xe, 0xfffffff3, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x9, 0x1, 0x2, 0x5, 0x1000, 0x5, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0xb, 0x4, 0x8000005, 0x3, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x0, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x7f, 0x5, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb8, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0b0, 0x9, 0x6, 0x2, 0x80, 0x9, 0x1, 0x81, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0x10000, 0x1, 0x9, 0x1, 0xd, 0x9, 0x4, 0x9, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x8, 0xffffc488, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0x10, 0x0, 0x3, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x0, 0x7f, 0x6, 0x8, 0x40, 0x2, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x2, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa958, 0xff, 0x5, 0x2, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x1c00, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x6, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x5, 0xffff8000, 0xe0, 0xfffffffb, 0x85, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x101, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x8, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x4, 0x1, 0x2, 0xfb4, 0xbf9, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x8, 0x3, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x8, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x0, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0xffffffff, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0x8, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x10001, 0x1, 0x1, 0xfffffff7, 0x0, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0xffffffff, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0x7, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0xb, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x0, 0xfffffffa, 0xa01, 0xf3, 0x65, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x2, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x7, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x8, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x8, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x8, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2250)
close(r3)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000000)={0x0, 0x0, 0x7, 0x0, 0x3a9e9908})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r5, &(0x7f0000000780)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES32=0x0], 0x2c2)
socket$netlink(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_GET_ENDIAN(0x13, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = fsopen(&(0x7f0000000300)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x6, 0x0, 0x0, 0x0)

0s ago: executing program 1 (id=648):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000000)="a6", 0x1, 0x200080c0, &(0x7f00000001c0)={0xa, 0x2, 0xfffffff8, @loopback, 0x9}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='yeah', 0x4)
shutdown(r0, 0x1)

kernel console output (not intermixed with test programs):

.114520][   T24] usb 1-1: config 220 has no interface number 2
[  136.136038][   T24] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  136.168845][   T24] usb 1-1: config 220 interface 0 has no altsetting 0
[  136.183691][   T24] usb 1-1: config 220 interface 76 has no altsetting 0
[  136.198029][   T24] usb 1-1: config 220 interface 1 has no altsetting 0
[  136.223653][   T24] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  136.247183][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.274029][   T24] usb 1-1: Product: syz
[  136.283320][   T24] usb 1-1: Manufacturer: syz
[  136.297198][   T24] usb 1-1: SerialNumber: syz
[  136.487182][ T5630] cdc_ncm 3-1:1.0: bind() failure
[  136.532032][ T5630] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  136.561342][ T5630] cdc_ncm 3-1:1.1: bind() failure
[  136.582218][ T5630] usb 3-1: USB disconnect, device number 9
[  136.707180][   T24] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  136.740275][   T24] uvcvideo 1-1:220.0: No valid video chain found.
[  136.747065][ T6567] netlink: 56 bytes leftover after parsing attributes in process `syz.4.238'.
[  136.761284][   T24] usb 1-1: selecting invalid altsetting 0
[  136.821519][   T24] usb 1-1: selecting invalid altsetting 0
[  136.829230][   T24] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  136.845123][   T24] usb 1-1: USB disconnect, device number 13
[  137.485244][ T6589] bond1: entered promiscuous mode
[  137.613216][ T6593] FAULT_INJECTION: forcing a failure.
[  137.613216][ T6593] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.618273][   T24] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  137.653946][ T6593] CPU: 0 UID: 0 PID: 6593 Comm: syz.3.248 Not tainted syzkaller #0 PREEMPT(full) 
[  137.653969][ T6593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  137.653979][ T6593] Call Trace:
[  137.653987][ T6593]  <TASK>
[  137.653993][ T6593]  dump_stack_lvl+0xe8/0x150
[  137.654020][ T6593]  should_fail_ex+0x412/0x560
[  137.654046][ T6593]  _copy_from_user+0x2d/0xb0
[  137.654075][ T6593]  ___sys_recvmsg+0x175/0x590
[  137.654104][ T6593]  ? __pfx____sys_recvmsg+0x10/0x10
[  137.654133][ T6593]  ? trace_irq_disable+0x3b/0x140
[  137.654182][ T6593]  do_recvmmsg+0x334/0x800
[  137.654216][ T6593]  ? __pfx_do_recvmmsg+0x10/0x10
[  137.654253][ T6593]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.654294][ T6593]  __x64_sys_recvmmsg+0x198/0x250
[  137.654322][ T6593]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  137.654355][ T6593]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.654375][ T6593]  do_syscall_64+0x15f/0xf80
[  137.654397][ T6593]  ? trace_irq_disable+0x3b/0x140
[  137.654422][ T6593]  ? clear_bhb_loop+0x40/0x90
[  137.654444][ T6593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.654462][ T6593] RIP: 0033:0x7f4c3439cdd9
[  137.654478][ T6593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  137.654491][ T6593] RSP: 002b:00007f4c3521f028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  137.654509][ T6593] RAX: ffffffffffffffda RBX: 00007f4c34615fa0 RCX: 00007f4c3439cdd9
[  137.654521][ T6593] RDX: 03ffffffffffff67 RSI: 0000200000002440 RDI: 0000000000000005
[  137.654534][ T6593] RBP: 00007f4c3521f090 R08: 0000000000000000 R09: 0000000000000000
[  137.654544][ T6593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.654554][ T6593] R13: 00007f4c34616038 R14: 00007f4c34615fa0 R15: 00007f4c3473fa48
[  137.654583][ T6593]  </TASK>
[  138.238084][   T24] usb 3-1: Using ep0 maxpacket: 32
[  138.248663][   T24] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  138.266690][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.311658][   T24] usb 3-1: config 0 descriptor??
[  138.336560][   T24] gspca_main: sunplus-2.14.0 probing 041e:400b
[  138.349892][ T6605] xt_hashlimit: size too large, truncated to 1048576
[  138.442130][ T6608] netlink: 'syz.3.253': attribute type 13 has an invalid length.
[  139.198012][ T5682] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  139.268197][   T29] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  139.336818][   T24] gspca_sunplus: reg_w_riv err -71
[  139.342558][   T24] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  139.360423][ T5682] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  139.370538][   T24] usb 3-1: USB disconnect, device number 10
[  139.376517][ T5682] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  139.391433][ T5682] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  139.402315][ T5682] usb 4-1: config 220 has no interface number 2
[  139.410158][ T5682] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  139.423491][ T5682] usb 4-1: config 220 interface 0 has no altsetting 0
[  139.432008][   T29] usb 5-1: Using ep0 maxpacket: 16
[  139.437213][ T5682] usb 4-1: config 220 interface 76 has no altsetting 0
[  139.444338][ T5682] usb 4-1: config 220 interface 1 has no altsetting 0
[  139.453163][   T29] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  139.464720][   T29] usb 5-1: config 0 interface 0 has no altsetting 0
[  139.473349][ T5682] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  139.483060][ T5682] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.491508][   T29] usb 5-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  139.500701][ T5682] usb 4-1: Product: syz
[  139.505024][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.514014][ T5682] usb 4-1: Manufacturer: syz
[  139.521650][ T5682] usb 4-1: SerialNumber: syz
[  139.526346][   T29] usb 5-1: Product: syz
[  139.532270][   T29] usb 5-1: Manufacturer: syz
[  139.538009][   T29] usb 5-1: SerialNumber: syz
[  139.549649][   T29] usb 5-1: config 0 descriptor??
[  139.768509][   T29] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input5
[  139.835066][ T5682] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  139.858806][ T5682] uvcvideo 4-1:220.0: No valid video chain found.
[  139.863105][ T6625] netlink: 36 bytes leftover after parsing attributes in process `syz.0.260'.
[  139.878921][ T5682] usb 4-1: selecting invalid altsetting 0
[  139.886384][ T6625] netlink: 16 bytes leftover after parsing attributes in process `syz.0.260'.
[  139.905827][ T6625] netlink: 36 bytes leftover after parsing attributes in process `syz.0.260'.
[  139.936887][ T5682] usb 4-1: selecting invalid altsetting 0
[  139.944714][ T5682] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  139.983863][ T5682] usb 4-1: USB disconnect, device number 7
[  140.026583][ T6625] netlink: 8 bytes leftover after parsing attributes in process `syz.0.260'.
[  140.075946][ T6625] netlink: 8 bytes leftover after parsing attributes in process `syz.0.260'.
[  140.139207][   T29] rc_core: IR keymap rc-imon-pad not found
[  140.152438][   T29] Registered IR keymap rc-empty
[  140.167197][   T29] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  140.179305][ T6617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.200263][ T6617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.208573][   T29] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  140.252341][   T29] rc rc0: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  140.268539][ T6633] netlink: 'syz.2.263': attribute type 29 has an invalid length.
[  140.293290][   T29] input: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input6
[  140.319976][ T6633] netlink: 'syz.2.263': attribute type 29 has an invalid length.
[  140.337354][   T29] imon 5-1:0.0: iMON device (15c2:0041, intf0) on usb<5:11> initialized
[  140.344307][ T6637] netlink: 4 bytes leftover after parsing attributes in process `syz.0.265'.
[  140.654306][    C1] imon 5-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  140.662063][   T29] usb 5-1: USB disconnect, device number 11
[  141.407840][   T29] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  141.577831][ T5682] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  141.597018][   T29] usb 1-1: Using ep0 maxpacket: 32
[  141.623013][   T29] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  141.660995][   T29] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.687772][   T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  141.708464][   T29] usb 1-1: config 0 descriptor??
[  141.733253][   T29] gspca_main: sunplus-2.14.0 probing 041e:400b
[  141.737849][ T5682] usb 4-1: device descriptor read/64, error -71
[  141.797924][ T5630] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  141.865088][   T24] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  141.900705][   T24] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  141.941375][   T24] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  141.961028][ T5630] usb 2-1: Using ep0 maxpacket: 32
[  141.977779][ T5682] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  141.987214][   T24] usb 5-1: config 220 has no interface number 2
[  142.000445][ T5630] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  142.029354][ T5630] usb 2-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  142.047447][ T5630] usb 2-1: config 0 has no interface number 0
[  142.054794][ T5630] usb 2-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  142.059024][   T24] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  142.098778][ T5630] usb 2-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  142.114874][ T5630] usb 2-1: config 0 interface 184 has no altsetting 0
[  142.123169][   T24] usb 5-1: config 220 interface 0 has no altsetting 0
[  142.131652][   T24] usb 5-1: config 220 interface 76 has no altsetting 0
[  142.138851][ T5682] usb 4-1: device descriptor read/64, error -71
[  142.152460][ T5630] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  142.163864][   T24] usb 5-1: config 220 interface 1 has no altsetting 0
[  142.163869][ T5630] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.163891][ T5630] usb 2-1: Product: syz
[  142.189948][   T24] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  142.199431][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.207659][   T24] usb 5-1: Product: syz
[  142.212044][   T24] usb 5-1: Manufacturer: syz
[  142.214513][ T5630] usb 2-1: Manufacturer: syz
[  142.216781][   T24] usb 5-1: SerialNumber: syz
[  142.234865][ T5630] usb 2-1: SerialNumber: syz
[  142.248254][ T5682] usb usb4-port1: attempt power cycle
[  142.264881][ T5630] usb 2-1: config 0 descriptor??
[  142.408768][  T806] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  142.555604][   T24] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  142.567851][   T24] uvcvideo 5-1:220.0: No valid video chain found.
[  142.580777][  T806] usb 3-1: config 1 interface 0 has no altsetting 0
[  142.588900][   T24] usb 5-1: selecting invalid altsetting 0
[  142.599143][ T5682] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  142.619453][  T806] usb 3-1: string descriptor 0 read error: -22
[  142.632360][  T806] usb 3-1: New USB device found, idVendor=0079, idProduct=1801, bcdDevice= 0.40
[  142.643140][  T806] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.655169][   T24] usb 5-1: selecting invalid altsetting 0
[  142.662531][ T5682] usb 4-1: device descriptor read/8, error -71
[  142.671487][   T24] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  142.710341][   T24] usb 5-1: USB disconnect, device number 12
[  142.753708][   T29] gspca_sunplus: reg_w_riv err -71
[  142.762630][   T29] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  142.794086][   T29] usb 1-1: USB disconnect, device number 14
[  142.918571][ T5682] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  142.938591][ T5682] usb 4-1: device descriptor read/8, error -71
[  143.049102][ T5682] usb usb4-port1: unable to enumerate USB device
[  143.106138][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.127884][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.151905][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.184882][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.203521][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.225160][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.240059][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.258924][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.276117][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.296760][  T806] hid_mf 0003:0079:1801.0004: unknown main item tag 0x0
[  143.459105][ T6679] netlink: 64 bytes leftover after parsing attributes in process `syz.4.281'.
[  143.588156][  T806] hid_mf 0003:0079:1801.0004: hidraw0: USB HID vf.ff Device [HID 0079:1801] on usb-dummy_hcd.2-1/input0
[  143.618263][  T806] hid_mf 0003:0079:1801.0004: Invalid report, this should never happen!
[  143.647882][  T806] hid_mf 0003:0079:1801.0004: Force feedback init failed.
[  143.714431][  T806] usb 3-1: USB disconnect, device number 11
[  143.757745][   T29] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  143.790640][ T6681] fido_id[6681]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  143.921112][   T29] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  143.934429][   T29] usb 5-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[  143.969901][   T29] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  144.003141][   T29] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7
[  144.016922][   T29] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024
[  144.031630][   T29] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  144.041700][   T29] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  144.050748][   T29] usb 5-1: Product: syz
[  144.055242][   T29] usb 5-1: Manufacturer: syz
[  144.082942][   T29] cdc_wdm 5-1:1.0: skipping garbage
[  144.088765][   T29] cdc_wdm 5-1:1.0: skipping garbage
[  144.096595][   T29] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  144.126847][ T6686] netlink: 'syz.2.284': attribute type 30 has an invalid length.
[  144.238753][ T5682] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  144.366400][   T29] usb 5-1: USB disconnect, device number 13
[  144.387719][ T5682] usb 1-1: device descriptor read/64, error -71
[  144.502380][ T5630] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  144.527012][ T6693] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  144.535022][ T6693] IPv6: NLM_F_CREATE should be set when creating new route
[  144.544682][ T5630] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -22
[  144.564658][ T5630] usb 2-1: USB disconnect, device number 12
[  144.573387][ T6693] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  144.697925][ T5682] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[  144.847790][ T5682] usb 1-1: device descriptor read/64, error -71
[  144.958841][ T5682] usb usb1-port1: attempt power cycle
[  144.987894][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  145.008081][  T806] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  145.035942][ T6707] FAULT_INJECTION: forcing a failure.
[  145.035942][ T6707] name failslab, interval 1, probability 0, space 0, times 0
[  145.049612][ T6707] CPU: 0 UID: 0 PID: 6707 Comm: syz.4.293 Not tainted syzkaller #0 PREEMPT(full) 
[  145.049631][ T6707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  145.049640][ T6707] Call Trace:
[  145.049646][ T6707]  <TASK>
[  145.049652][ T6707]  dump_stack_lvl+0xe8/0x150
[  145.049672][ T6707]  should_fail_ex+0x412/0x560
[  145.049694][ T6707]  should_failslab+0xa8/0x100
[  145.049716][ T6707]  ? vm_area_dup+0x2b/0x680
[  145.049736][ T6707]  kmem_cache_alloc_noprof+0x87/0x650
[  145.049761][ T6707]  vm_area_dup+0x2b/0x680
[  145.049785][ T6707]  dup_mmap+0x8b1/0x1d90
[  145.049821][ T6707]  ? __pfx_dup_mmap+0x10/0x10
[  145.049850][ T6707]  ? copy_mm+0x130/0x4a0
[  145.049866][ T6707]  ? copy_mm+0x130/0x4a0
[  145.049892][ T6707]  copy_mm+0x13b/0x4a0
[  145.049909][ T6707]  copy_process+0x1f1c/0x4440
[  145.049924][ T6707]  ? _parse_integer_limit+0x1ae/0x1f0
[  145.049951][ T6707]  ? copy_process+0xd87/0x4440
[  145.049974][ T6707]  ? __pfx_copy_process+0x10/0x10
[  145.049991][ T6707]  ? get_pid_task+0x20/0x1f0
[  145.050008][ T6707]  ? get_pid_task+0x20/0x1f0
[  145.050037][ T6707]  kernel_clone+0x284/0x8f0
[  145.050057][ T6707]  ? __pfx_kernel_clone+0x10/0x10
[  145.050081][ T6707]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  145.050107][ T6707]  __x64_sys_clone+0x1b6/0x230
[  145.050126][ T6707]  ? __pfx___x64_sys_clone+0x10/0x10
[  145.050155][ T6707]  ? __pfx_ksys_write+0x10/0x10
[  145.050194][ T6707]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.050210][ T6707]  do_syscall_64+0x15f/0xf80
[  145.050226][ T6707]  ? trace_irq_disable+0x3b/0x140
[  145.050247][ T6707]  ? clear_bhb_loop+0x40/0x90
[  145.050265][ T6707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.050278][ T6707] RIP: 0033:0x7f1a1a99cdd9
[  145.050291][ T6707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  145.050302][ T6707] RSP: 002b:00007f1a1b875fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  145.050317][ T6707] RAX: ffffffffffffffda RBX: 00007f1a1ac15fa0 RCX: 00007f1a1a99cdd9
[  145.050339][ T6707] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040080000
[  145.050346][ T6707] RBP: 00007f1a1b876090 R08: 0000000000000000 R09: 0000000000000000
[  145.050354][ T6707] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  145.050361][ T6707] R13: 00007f1a1ac16038 R14: 00007f1a1ac15fa0 R15: 00007f1a1ad3fa48
[  145.050382][ T6707]  </TASK>
[  145.301338][ T5630] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  145.360672][ T5682] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  145.402818][ T5682] usb 1-1: device descriptor read/8, error -71
[  145.415113][  T806] usb 4-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[  145.424548][  T806] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.433944][  T806] usb 4-1: Product: syz
[  145.438850][  T806] usb 4-1: Manufacturer: syz
[  145.443556][  T806] usb 4-1: SerialNumber: syz
[  145.451440][  T806] usb 4-1: config 0 descriptor??
[  145.459953][  T806] hub 4-1:0.0: bad descriptor, ignoring hub
[  145.466107][  T806] hub 4-1:0.0: probe with driver hub failed with error -5
[  145.473699][ T5630] usb 2-1: Using ep0 maxpacket: 32
[  145.480378][  T806] f81232 4-1:0.0: f81534a converter detected
[  145.488292][    T9] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  145.498713][    T9] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  145.507704][    T9] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  145.519693][    T9] usb 3-1: config 220 has no interface number 2
[  145.526093][    T9] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  145.539609][    T9] usb 3-1: config 220 interface 0 has no altsetting 0
[  145.546480][    T9] usb 3-1: config 220 interface 76 has no altsetting 0
[  145.555900][ T5630] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  145.565361][    T9] usb 3-1: config 220 interface 1 has no altsetting 0
[  145.572249][ T5630] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.582832][    T9] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  145.595384][ T5630] usb 2-1: config 0 descriptor??
[  145.609967][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.619134][    T9] usb 3-1: Product: syz
[  145.623695][ T5630] gspca_main: sunplus-2.14.0 probing 041e:400b
[  145.634618][    T9] usb 3-1: Manufacturer: syz
[  145.639391][    T9] usb 3-1: SerialNumber: syz
[  145.650198][ T6713] FAULT_INJECTION: forcing a failure.
[  145.650198][ T6713] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  145.667844][ T5682] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  145.674102][ T6713] CPU: 0 UID: 0 PID: 6713 Comm: syz.4.296 Not tainted syzkaller #0 PREEMPT(full) 
[  145.674172][ T6713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  145.674207][ T6713] Call Trace:
[  145.674229][ T6713]  <TASK>
[  145.674252][ T6713]  dump_stack_lvl+0xe8/0x150
[  145.674332][ T6713]  should_fail_ex+0x412/0x560
[  145.674422][ T6713]  prepare_alloc_pages+0x22a/0x650
[  145.674516][ T6713]  __alloc_frozen_pages_noprof+0x12f/0x380
[  145.674622][ T6713]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  145.674722][ T6713]  ? __pfx_policy_nodemask+0x10/0x10
[  145.674831][ T6713]  ? __lock_acquire+0x6b5/0x2cf0
[  145.674909][ T6713]  alloc_pages_mpol+0x235/0x490
[  145.675026][ T6713]  folio_alloc_mpol_noprof+0x39/0x160
[  145.675115][ T6713]  vma_alloc_folio_noprof+0xe1/0x1e0
[  145.675212][ T6713]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  145.675299][ T6713]  ? __pte_offset_map+0x29/0x240
[  145.675374][ T6713]  ? __pte_offset_map+0x29/0x240
[  145.675433][ T6713]  do_pte_missing+0x159d/0x33f0
[  145.675475][ T6713]  ? handle_mm_fault+0xee/0x3170
[  145.675505][ T6713]  handle_mm_fault+0x1bd7/0x3170
[  145.675607][ T6713]  ? handle_mm_fault+0xee/0x3170
[  145.675706][ T6713]  ? __pfx_handle_mm_fault+0x10/0x10
[  145.675820][ T6713]  ? follow_page_pte+0x6b5/0xe50
[  145.675916][ T6713]  ? __pfx_follow_page_pte+0x10/0x10
[  145.675999][ T6713]  __get_user_pages+0x1683/0x2720
[  145.676136][ T6713]  __gup_longterm_locked+0x3db/0x1630
[  145.676255][ T6713]  gup_fast_fallback+0x1d84/0x20d0
[  145.676373][ T6713]  ? __pfx_gup_fast_fallback+0x10/0x10
[  145.676442][ T6713]  ? is_valid_gup_args+0x11f/0x200
[  145.676503][ T6713]  ? pin_user_pages_fast+0x4d/0xb0
[  145.676566][ T6713]  io_pin_pages+0xba/0x1b0
[  145.676630][ T6713]  io_region_pin_pages+0x7d/0x190
[  145.676701][ T6713]  io_create_region+0x38c/0x4a0
[  145.676795][ T6713]  io_allocate_scq_urings+0x220/0x820
[  145.676867][ T6713]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  145.676948][ T6713]  ? __pfx_io_allocate_scq_urings+0x10/0x10
[  145.677005][ T6713]  ? cap_capable+0x123/0x460
[  145.677080][ T6713]  ? security_capable+0xb9/0x2c0
[  145.677169][ T6713]  io_uring_create+0x47d/0x9a0
[  145.677234][ T6713]  __se_sys_io_uring_setup+0x2a8/0x2c0
[  145.677315][ T6713]  ? __pfx___se_sys_io_uring_setup+0x10/0x10
[  145.677419][ T6713]  ? __pfx_ksys_write+0x10/0x10
[  145.677500][ T6713]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.677552][ T6713]  do_syscall_64+0x15f/0xf80
[  145.677615][ T6713]  ? trace_irq_disable+0x3b/0x140
[  145.677679][ T6713]  ? clear_bhb_loop+0x40/0x90
[  145.677743][ T6713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.677804][ T6713] RIP: 0033:0x7f1a1a99cdd9
[  145.677847][ T6713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  145.677887][ T6713] RSP: 002b:00007f1a1b876028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  145.677947][ T6713] RAX: ffffffffffffffda RBX: 00007f1a1ac15fa0 RCX: 00007f1a1a99cdd9
[  145.677979][ T6713] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000185d
[  145.678003][ T6713] RBP: 00007f1a1b876090 R08: 0000000000000000 R09: 0000000000000000
[  145.678028][ T6713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  145.678059][ T6713] R13: 00007f1a1ac16038 R14: 00007f1a1ac15fa0 R15: 00007f1a1ad3fa48
[  145.678133][ T6713]  </TASK>
[  145.924643][  T806] usb 4-1: f81534a converter now attached to ttyUSB0
[  145.989813][ T5682] usb 1-1: device descriptor read/8, error -71
[  146.092587][  T806] usb 4-1: USB disconnect, device number 12
[  146.112352][    T9] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  146.126227][  T806] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0
[  146.152337][    T9] uvcvideo 3-1:220.0: No valid video chain found.
[  146.168368][  T806] f81232 4-1:0.0: device disconnected
[  146.173948][    T9] usb 3-1: selecting invalid altsetting 0
[  146.189214][ T5682] usb usb1-port1: unable to enumerate USB device
[  146.199494][ T6720] netlink: 'syz.4.298': attribute type 7 has an invalid length.
[  146.209343][ T6720] netlink: 'syz.4.298': attribute type 12 has an invalid length.
[  146.217151][ T6720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.298'.
[  146.250934][    T9] usb 3-1: selecting invalid altsetting 0
[  146.258181][    T9] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  146.284069][    T9] usb 3-1: USB disconnect, device number 12
[  146.757776][  T806] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  146.783236][ T5630] gspca_sunplus: reg_w_riv err -71
[  146.788837][ T5630] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  146.813912][ T5630] usb 2-1: USB disconnect, device number 13
[  146.928870][  T806] usb 5-1: Using ep0 maxpacket: 32
[  146.941581][  T806] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  146.952166][  T806] usb 5-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  146.967700][  T806] usb 5-1: config 0 has no interface number 0
[  146.996690][  T806] usb 5-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  147.015519][  T806] usb 5-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  147.032210][  T806] usb 5-1: config 0 interface 184 has no altsetting 0
[  147.094600][  T806] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  147.113354][  T806] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.138099][  T806] usb 5-1: Product: syz
[  147.151773][  T806] usb 5-1: Manufacturer: syz
[  147.169490][  T806] usb 5-1: SerialNumber: syz
[  147.189146][  T806] usb 5-1: config 0 descriptor??
[  147.788879][ T6738] netlink: 28 bytes leftover after parsing attributes in process `syz.1.305'.
[  147.799070][ T6741] FAULT_INJECTION: forcing a failure.
[  147.799070][ T6741] name failslab, interval 1, probability 0, space 0, times 0
[  147.823932][ T6741] CPU: 0 UID: 0 PID: 6741 Comm: syz.0.304 Not tainted syzkaller #0 PREEMPT(full) 
[  147.823972][ T6741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  147.823983][ T6741] Call Trace:
[  147.823991][ T6741]  <TASK>
[  147.823998][ T6741]  dump_stack_lvl+0xe8/0x150
[  147.824025][ T6741]  should_fail_ex+0x412/0x560
[  147.824054][ T6741]  should_failslab+0xa8/0x100
[  147.824085][ T6741]  __kmalloc_cache_noprof+0x88/0x660
[  147.824110][ T6741]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[  147.824137][ T6741]  ? sctp_add_bind_addr+0x8c/0x370
[  147.824167][ T6741]  sctp_add_bind_addr+0x8c/0x370
[  147.824195][ T6741]  sctp_copy_local_addr_list+0x314/0x4f0
[  147.824223][ T6741]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  147.824248][ T6741]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  147.824275][ T6741]  ? sctp_v6_is_any+0x64/0x80
[  147.824301][ T6741]  ? sctp_copy_one_addr+0x93/0x360
[  147.824329][ T6741]  sctp_bind_addr_copy+0xb3/0x3c0
[  147.824354][ T6741]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  147.824380][ T6741]  sctp_connect_new_asoc+0x2ff/0x6b0
[  147.824402][ T6741]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  147.824422][ T6741]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  147.824451][ T6741]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  147.824477][ T6741]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  147.824507][ T6741]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  147.824533][ T6741]  ? security_sctp_bind_connect+0x7e/0x2c0
[  147.824556][ T6741]  sctp_sendmsg+0x1528/0x2c10
[  147.824598][ T6741]  ? __pfx_sctp_sendmsg+0x10/0x10
[  147.824630][ T6741]  ? aa_sk_perm+0x6d5/0x900
[  147.824661][ T6741]  ? __pfx_aa_sk_perm+0x10/0x10
[  147.824686][ T6741]  ? sock_rps_record_flow+0x19/0x350
[  147.824718][ T6741]  ? inet_sendmsg+0x2f4/0x370
[  147.824743][ T6741]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  147.824771][ T6741]  ____sys_sendmsg+0x80a/0x9f0
[  147.824812][ T6741]  ? __pfx_____sys_sendmsg+0x10/0x10
[  147.824847][ T6741]  ? import_iovec+0x73/0xa0
[  147.824876][ T6741]  ___sys_sendmsg+0x2a5/0x360
[  147.824900][ T6741]  ? __lock_acquire+0x6b5/0x2cf0
[  147.824926][ T6741]  ? __pfx____sys_sendmsg+0x10/0x10
[  147.824949][ T6741]  ? __lock_acquire+0x6b5/0x2cf0
[  147.824973][ T6741]  ? kstrtouint+0x6e/0xe0
[  147.825060][ T6741]  __sys_sendmmsg+0x27c/0x4e0
[  147.825095][ T6741]  ? __pfx___sys_sendmmsg+0x10/0x10
[  147.825122][ T6741]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  147.825182][ T6741]  ? ksys_write+0x242/0x270
[  147.825215][ T6741]  ? __pfx_ksys_write+0x10/0x10
[  147.825251][ T6741]  __x64_sys_sendmmsg+0xa0/0xc0
[  147.825280][ T6741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.825302][ T6741]  do_syscall_64+0x15f/0xf80
[  147.825327][ T6741]  ? trace_irq_disable+0x3b/0x140
[  147.825356][ T6741]  ? clear_bhb_loop+0x40/0x90
[  147.825382][ T6741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.825403][ T6741] RIP: 0033:0x7f379bf9cdd9
[  147.825422][ T6741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.825439][ T6741] RSP: 002b:00007f379cf02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  147.825460][ T6741] RAX: ffffffffffffffda RBX: 00007f379c215fa0 RCX: 00007f379bf9cdd9
[  147.825474][ T6741] RDX: 0000000000000002 RSI: 0000200000000140 RDI: 0000000000000003
[  147.825486][ T6741] RBP: 00007f379cf02090 R08: 0000000000000000 R09: 0000000000000000
[  147.825498][ T6741] R10: 931766f6319eed40 R11: 0000000000000246 R12: 0000000000000002
[  147.825510][ T6741] R13: 00007f379c216038 R14: 00007f379c215fa0 R15: 00007f379c33fa48
[  147.825543][ T6741]  </TASK>
[  148.239148][ T6742] netlink: 4 bytes leftover after parsing attributes in process `syz.2.306'.
[  148.248122][ T6742] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.294847][ T6742] batman_adv: batadv0: Removing interface: batadv_slave_1
[  149.297816][ T5737] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  149.390157][  T806] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  149.434203][  T806] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -22
[  149.478593][ T5737] usb 3-1: Using ep0 maxpacket: 32
[  149.494527][  T806] usb 5-1: USB disconnect, device number 14
[  149.515162][ T5737] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  149.536652][ T5737] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.566723][ T5737] usb 3-1: config 0 descriptor??
[  149.601089][ T5737] gspca_main: sunplus-2.14.0 probing 041e:400b
[  149.625029][ T6764] loop9: detected capacity change from 0 to 7
[  149.662194][    C0] blk_print_req_error: 10 callbacks suppressed
[  149.662211][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.677689][    C0] buffer_io_error: 10 callbacks suppressed
[  149.677706][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.694508][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.703785][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.718533][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.727781][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.740622][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.749857][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.772671][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.781910][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.794511][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.803775][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.825968][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.835312][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.843374][ T6764] ldm_validate_partition_table(): Disk read failed.
[  149.851050][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.860318][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.868567][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.877772][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.893608][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  149.902824][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  149.913417][ T6764] Dev loop9: unable to read RDB block 0
[  149.920478][ T6764]  loop9: unable to read partition table
[  149.928820][ T6764] loop9: partition table beyond EOD, truncated
[  149.935364][ T6764] loop_reread_partitions: partition scan of loop9 (úù) failed (rc=-5)
[  150.127532][ T6777] syzkaller1: entered promiscuous mode
[  150.133536][ T6777] syzkaller1: entered allmulticast mode
[  150.148402][ T5682] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  150.192875][ T6779] netlink: 'syz.4.320': attribute type 3 has an invalid length.
[  150.310015][ T5682] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  150.326018][ T5682] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  150.347816][ T5682] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  150.377138][ T5682] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  150.400102][ T5682] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.423239][ T5682] usb 4-1: Product: syz
[  150.432691][ T5682] usb 4-1: Manufacturer: syz
[  150.443147][ T5682] usb 4-1: SerialNumber: syz
[  150.466757][ T5682] usb 4-1: config 0 descriptor??
[  150.478514][ T6768] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  150.489890][ T6768] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  150.516260][ T5682] usb 4-1: ucan: probing device on interface #0
[  150.737715][ T5696] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  150.743794][ T5737] gspca_sunplus: reg_w_riv err -71
[  150.755824][ T5737] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  150.777492][ T5737] usb 3-1: USB disconnect, device number 13
[  150.897774][ T5696] usb 5-1: device descriptor read/64, error -71
[  150.931441][ T5682] usb 4-1: ucan: device reported invalid device info
[  150.939197][  T807] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  150.946933][ T5682] usb 4-1: ucan: probe failed; try to update the device firmware
[  151.097707][  T807] usb 1-1: Using ep0 maxpacket: 32
[  151.113090][  T807] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  151.133786][  T807] usb 1-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  151.147988][ T5696] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  151.174722][   T29] usb 4-1: USB disconnect, device number 13
[  151.185685][  T807] usb 1-1: config 0 has no interface number 0
[  151.211012][  T807] usb 1-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  151.250142][  T807] usb 1-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  151.294602][  T807] usb 1-1: config 0 interface 184 has no altsetting 0
[  151.307956][ T5696] usb 5-1: device descriptor read/64, error -71
[  151.331438][  T807] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  151.340832][  T807] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.352341][  T807] usb 1-1: Product: syz
[  151.356556][  T807] usb 1-1: Manufacturer: syz
[  151.363198][  T807] usb 1-1: SerialNumber: syz
[  151.376920][  T807] usb 1-1: config 0 descriptor??
[  151.438150][ T5696] usb usb5-port1: attempt power cycle
[  151.596024][ T6804] FAULT_INJECTION: forcing a failure.
[  151.596024][ T6804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.639088][ T6804] CPU: 1 UID: 0 PID: 6804 Comm: syz.1.329 Not tainted syzkaller #0 PREEMPT(full) 
[  151.639109][ T6804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  151.639119][ T6804] Call Trace:
[  151.639125][ T6804]  <TASK>
[  151.639132][ T6804]  dump_stack_lvl+0xe8/0x150
[  151.639152][ T6804]  should_fail_ex+0x412/0x560
[  151.639175][ T6804]  _copy_from_user+0x2d/0xb0
[  151.639200][ T6804]  ___sys_recvmsg+0x175/0x590
[  151.639226][ T6804]  ? __pfx____sys_recvmsg+0x10/0x10
[  151.639249][ T6804]  ? __fget_files+0x2a/0x420
[  151.639288][ T6804]  do_recvmmsg+0x334/0x800
[  151.639314][ T6804]  ? __pfx_do_recvmmsg+0x10/0x10
[  151.639343][ T6804]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  151.639375][ T6804]  __x64_sys_recvmmsg+0x198/0x250
[  151.639399][ T6804]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  151.639427][ T6804]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.639442][ T6804]  do_syscall_64+0x15f/0xf80
[  151.639461][ T6804]  ? clear_bhb_loop+0x40/0x90
[  151.639479][ T6804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.639493][ T6804] RIP: 0033:0x7fbc6179cdd9
[  151.639507][ T6804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  151.639519][ T6804] RSP: 002b:00007fbc62707028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  151.639535][ T6804] RAX: ffffffffffffffda RBX: 00007fbc61a15fa0 RCX: 00007fbc6179cdd9
[  151.639551][ T6804] RDX: 03ffffffffffff67 RSI: 0000200000002440 RDI: 0000000000000005
[  151.639561][ T6804] RBP: 00007fbc62707090 R08: 0000000000000000 R09: 0000000000000000
[  151.639570][ T6804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  151.639578][ T6804] R13: 00007fbc61a16038 R14: 00007fbc61a15fa0 R15: 00007fbc61b3fa48
[  151.639601][ T6804]  </TASK>
[  151.907876][ T5696] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  152.027664][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  152.047843][ T5696] usb 5-1: device descriptor read/8, error -71
[  152.327818][ T5696] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  152.358613][ T5696] usb 5-1: device descriptor read/8, error -71
[  152.468929][ T5696] usb usb5-port1: unable to enumerate USB device
[  153.317806][ T5696] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  153.488790][ T5696] usb 2-1: Using ep0 maxpacket: 8
[  153.502125][ T5696] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  153.529311][ T5696] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  153.563126][ T5696] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  153.588522][ T5696] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  153.602154][ T5696] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  153.617114][ T5696] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.625486][   T24] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  153.798071][   T24] usb 3-1: Using ep0 maxpacket: 16
[  153.849374][   T24] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 25
[  153.903602][ T6835] FAULT_INJECTION: forcing a failure.
[  153.903602][ T6835] name failslab, interval 1, probability 0, space 0, times 0
[  153.947013][ T6835] CPU: 0 UID: 0 PID: 6835 Comm: syz.3.340 Not tainted syzkaller #0 PREEMPT(full) 
[  153.947037][ T6835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  153.947055][ T6835] Call Trace:
[  153.947062][ T6835]  <TASK>
[  153.947069][ T6835]  dump_stack_lvl+0xe8/0x150
[  153.947094][ T6835]  should_fail_ex+0x412/0x560
[  153.947121][ T6835]  should_failslab+0xa8/0x100
[  153.947150][ T6835]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  153.947174][ T6835]  ? __alloc_skb+0x186/0x7d0
[  153.947194][ T6835]  ? __alloc_skb+0x1d0/0x7d0
[  153.947213][ T6835]  ? __local_bh_enable_ip+0xd0/0x130
[  153.947235][ T6835]  __alloc_skb+0x1d0/0x7d0
[  153.947259][ T6835]  alloc_skb_with_frags+0xc8/0x760
[  153.947282][ T6835]  ? __lock_acquire+0x6b5/0x2cf0
[  153.947310][ T6835]  sock_alloc_send_pskb+0x878/0x990
[  153.947351][ T6835]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  153.947379][ T6835]  ? sock_def_readable+0xae/0x550
[  153.947400][ T6835]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  153.947430][ T6835]  unix_dgram_sendmsg+0x460/0x18d0
[  153.947471][ T6835]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  153.947494][ T6835]  ? count_memcg_event_mm+0x21/0x260
[  153.947515][ T6835]  ? aa_sock_msg_perm+0xda/0x1b0
[  153.947538][ T6835]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  153.947564][ T6835]  ____sys_sendmsg+0x972/0x9f0
[  153.947588][ T6835]  ? __might_fault+0xaf/0x130
[  153.947617][ T6835]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.947648][ T6835]  ? import_iovec+0x73/0xa0
[  153.947675][ T6835]  ___sys_sendmsg+0x2a5/0x360
[  153.947704][ T6835]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.947725][ T6835]  ? __lock_acquire+0x6b5/0x2cf0
[  153.947786][ T6835]  __sys_sendmmsg+0x27c/0x4e0
[  153.947814][ T6835]  ? __pfx___sys_sendmmsg+0x10/0x10
[  153.947835][ T6835]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  153.947881][ T6835]  ? ksys_write+0x242/0x270
[  153.947908][ T6835]  ? __pfx_ksys_write+0x10/0x10
[  153.947938][ T6835]  __x64_sys_sendmmsg+0xa0/0xc0
[  153.947961][ T6835]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.947980][ T6835]  do_syscall_64+0x15f/0xf80
[  153.948001][ T6835]  ? trace_irq_disable+0x3b/0x140
[  153.948026][ T6835]  ? clear_bhb_loop+0x40/0x90
[  153.948061][ T6835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.948077][ T6835] RIP: 0033:0x7f4c3439cdd9
[  153.948093][ T6835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.948111][ T6835] RSP: 002b:00007f4c3521f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  153.948126][ T6835] RAX: ffffffffffffffda RBX: 00007f4c34615fa0 RCX: 00007f4c3439cdd9
[  153.948135][ T6835] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000004
[  153.948142][ T6835] RBP: 00007f4c3521f090 R08: 0000000000000000 R09: 0000000000000000
[  153.948168][ T6835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  153.948179][ T6835] R13: 00007f4c34616038 R14: 00007f4c34615fa0 R15: 00007f4c3473fa48
[  153.948206][ T6835]  </TASK>
[  153.954873][   T24] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.262911][ T5696] usb 2-1: GET_CAPABILITIES returned 0
[  154.268634][ T5696] usbtmc 2-1:16.0: can't read capabilities
[  154.323452][  T807] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  154.362636][   T24] usb 3-1: New USB device found, idVendor=0b05, idProduct=1822, bcdDevice= 0.00
[  154.386063][  T807] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -22
[  154.398891][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.426908][   T24] usb 3-1: config 0 descriptor??
[  154.444886][  T807] usb 1-1: USB disconnect, device number 19
[  154.864747][   T24] hid_parser_main: 4002 callbacks suppressed
[  154.864771][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  154.925771][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  154.944840][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  154.973080][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  154.989929][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  155.007905][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  155.019932][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  155.036782][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  155.045018][  T807] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  155.076818][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  155.094522][   T24] asus 0003:0B05:1822.0005: unknown main item tag 0x0
[  155.136078][   T24] asus 0003:0B05:1822.0005: hidraw0: USB HID v0.08 Device [HID 0b05:1822] on usb-dummy_hcd.2-1/input0
[  155.204942][ T6853] netlink: 'syz.4.346': attribute type 29 has an invalid length.
[  155.215737][   T24] usb 3-1: USB disconnect, device number 14
[  155.228051][  T807] usb 4-1: Using ep0 maxpacket: 32
[  155.239196][ T6853] netlink: 'syz.4.346': attribute type 29 has an invalid length.
[  155.262219][  T807] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  155.294852][  T807] usb 4-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  155.331801][  T807] usb 4-1: config 0 has no interface number 0
[  155.358855][  T807] usb 4-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  155.393064][ T6854] fido_id[6854]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  155.410416][  T807] usb 4-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  155.445936][  T807] usb 4-1: config 0 interface 184 has no altsetting 0
[  155.448458][ T6853] netlink: 'syz.4.346': attribute type 281 has an invalid length.
[  155.498413][  T807] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  155.534016][  T807] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.572809][  T807] usb 4-1: Product: syz
[  155.586282][  T807] usb 4-1: Manufacturer: syz
[  155.615897][  T807] usb 4-1: SerialNumber: syz
[  155.652820][  T807] usb 4-1: config 0 descriptor??
[  155.843200][ T6859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.348'.
[  155.978211][   T24] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  156.158849][   T24] usb 1-1: Using ep0 maxpacket: 32
[  156.171311][   T24] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  156.186818][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.214016][   T24] usb 1-1: config 0 descriptor??
[  156.234665][   T24] gspca_main: sunplus-2.14.0 probing 041e:400b
[  156.267663][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  156.617371][ T5743] usb 2-1: USB disconnect, device number 14
[  156.870841][ T6874] syzkaller1: entered promiscuous mode
[  156.884304][ T6874] syzkaller1: entered allmulticast mode
[  156.968044][ T5737] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  157.151886][ T5737] usb 3-1: config 0 has no interfaces?
[  157.177172][ T5737] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  157.197084][ T5737] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.205647][ T5737] usb 3-1: Product: syz
[  157.210271][ T5737] usb 3-1: Manufacturer: syz
[  157.215993][ T5737] usb 3-1: SerialNumber: syz
[  157.233816][ T5737] usb 3-1: config 0 descriptor??
[  157.241040][   T24] gspca_sunplus: reg_w_riv err -71
[  157.259418][   T24] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  157.317469][   T24] usb 1-1: USB disconnect, device number 20
[  157.396297][ T6885] kAFS: unable to lookup cell 'ÿ'
[  157.424961][ T6888] kAFS: unable to lookup cell '(,c¾Ì'
[  157.601401][   T24] usb 3-1: USB disconnect, device number 15
[  157.882407][  T807] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  157.942998][  T807] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -22
[  158.011852][  T807] usb 4-1: USB disconnect, device number 14
[  158.305416][ T5737] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  158.480849][ T5737] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[  158.508382][ T5737] usb 1-1: config 0 interface 0 has no altsetting 0
[  158.529070][ T5737] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  158.550351][ T5737] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  158.572214][ T5737] usb 1-1: Product: syz
[  158.591503][ T5737] usb 1-1: Manufacturer: syz
[  158.604093][ T5737] usb 1-1: SerialNumber: syz
[  158.618185][ T5737] usb 1-1: config 0 descriptor??
[  158.641100][ T5737] usb 1-1: selecting invalid altsetting 0
[  159.195117][ T5737] usb 1-1: USB disconnect, device number 21
[  159.323686][ T6906] netlink: 'syz.3.366': attribute type 1 has an invalid length.
[  159.526238][ T6906] 8021q: adding VLAN 0 to HW filter on device bond2
[  159.705936][ T6918] netlink: 'syz.3.371': attribute type 10 has an invalid length.
[  159.777725][  T807] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  159.949909][  T807] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  159.961126][  T807] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.972151][  T807] usb 3-1: config 0 descriptor??
[  159.982403][  T807] cp210x 3-1:0.0: cp210x converter detected
[  160.127769][ T5737] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  160.135480][ T5743] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  160.287897][ T5743] usb 2-1: Using ep0 maxpacket: 32
[  160.294223][ T5737] usb 1-1: not running at top speed; connect to a high speed hub
[  160.305802][ T5737] usb 1-1: config 1 interface 0 altsetting 6 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  160.319036][ T5743] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  160.328179][ T5737] usb 1-1: config 1 interface 0 has no altsetting 0
[  160.334841][ T5743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.345575][ T5737] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  160.356406][ T5743] usb 2-1: config 0 descriptor??
[  160.361615][ T5737] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.370021][ T5737] usb 1-1: Product: 㞴�ᄼ⩔압迆⫩�䨕ꮫ䫄氚ﴂ枆ⶳ铜�ⵌⷹ�鼮�魑��쪟罭鉶執릚嘷캯ᵽ甕⦒㦄畴斻펕䖻�犹ⴌ챑�齾�쉷씚콌ᡩ�⨊䩃⡣ⴇ�椵�必��㵕憃�ヽᩩ꣈졂挧��莤ᗿ缾餛茬ꩥ䭿ᙠ�▤惬⯘뚰�㳸芋惹
[  160.403922][ T5743] gspca_main: sunplus-2.14.0 probing 041e:400b
[  160.410392][ T5737] usb 1-1: Manufacturer: П
[  160.414950][ T5737] usb 1-1: SerialNumber: syz
[  160.429221][ T6925] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  160.452895][  T807] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -121
[  160.670537][  T807] usb 3-1: cp210x converter now attached to ttyUSB0
[  160.854155][ T5737] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 6 proto 1 vid 0x0525 pid 0xA4A8
[  160.859268][ T5737] usb 1-1: USB disconnect, device number 22
[  160.867399][ T5737] usblp0: removed
[  160.957933][  T807] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  161.117700][  T807] usb 5-1: Using ep0 maxpacket: 32
[  161.125053][  T807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.136167][  T807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.145985][  T807] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  161.155167][  T807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.165725][  T807] usb 5-1: config 0 descriptor??
[  161.181266][  T807] hub 5-1:0.0: USB hub found
[  161.385245][  T807] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  161.410988][ T5743] gspca_sunplus: reg_w_riv err -71
[  161.425088][ T5743] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  161.446922][ T5743] usb 2-1: USB disconnect, device number 15
[  161.697762][ T5737] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  161.795641][  T807] hid-generic 0003:046D:C31C.0006: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[  161.864874][ T5737] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.894466][ T5737] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.906755][ T5737] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  161.917570][ T5737] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  161.932325][ T5737] usb 1-1: Manufacturer: syz
[  161.959525][ T5737] usb 1-1: config 0 descriptor??
[  162.040813][ T6951] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  162.337797][ T5630] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  162.414586][ T6937] usb 5-1: reset high-speed USB device number 19 using dummy_hcd
[  162.487723][ T5630] usb 4-1: Using ep0 maxpacket: 8
[  162.495619][ T5630] usb 4-1: unable to get BOS descriptor or descriptor too short
[  162.505069][ T5630] usb 4-1: config 7 has an invalid interface number: 70 but max is 0
[  162.513630][ T5630] usb 4-1: config 7 has no interface number 0
[  162.520156][ T5630] usb 4-1: config 7 interface 70 altsetting 9 endpoint 0x2 has invalid maxpacket 1007, setting to 64
[  162.531441][ T5630] usb 4-1: config 7 interface 70 has no altsetting 0
[  162.543545][ T5630] usb 4-1: string descriptor 0 read error: -22
[  162.552994][ T5630] usb 4-1: New USB device found, idVendor=0af0, idProduct=d157, bcdDevice=fe.05
[  162.562782][ T5630] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.588154][ T5737] uclogic 0003:256C:006D.0007: interface is invalid, ignoring
[  162.597017][   T24] usb 3-1: USB disconnect, device number 16
[  162.617043][ T5630] hso 4-1:7.70: Not our interface
[  162.665267][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  162.720322][   T24] cp210x 3-1:0.0: device disconnected
[  162.781429][ T5630] usb 5-1: USB disconnect, device number 19
[  162.782444][ T6937] usbhid 5-1:0.0: reset_resume error -19
[  163.390046][ T5630] usb 4-1: USB disconnect, device number 15
[  163.867739][   T24] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  164.048778][   T24] usb 5-1: Using ep0 maxpacket: 32
[  164.062578][   T24] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  164.082976][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.099924][   T24] usb 5-1: config 0 descriptor??
[  164.112914][   T24] gspca_main: sunplus-2.14.0 probing 041e:400b
[  164.441627][ T7001] netlink: 16 bytes leftover after parsing attributes in process `syz.2.400'.
[  164.477841][ T5630] usb 1-1: USB disconnect, device number 23
[  164.771858][ T7014] netlink: 'syz.3.404': attribute type 3 has an invalid length.
[  165.121116][   T24] gspca_sunplus: reg_w_riv err -71
[  165.132829][ T7025] syzkaller0: entered promiscuous mode
[  165.138647][   T24] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  165.149260][   T24] usb 5-1: USB disconnect, device number 20
[  165.170149][ T7025] syzkaller0: entered allmulticast mode
[  165.457732][ T5737] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  165.607953][ T5737] usb 4-1: Using ep0 maxpacket: 8
[  165.614965][ T5737] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  165.623413][ T5737] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  165.633533][ T5737] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  165.645017][ T5737] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  165.655189][ T5737] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  165.668478][ T5630] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  165.676276][ T5737] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  165.686650][ T5737] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.767352][ T7039] bond1: entered promiscuous mode
[  165.841430][ T5630] usb 2-1: unable to get BOS descriptor or descriptor too short
[  165.866354][ T5630] usb 2-1: not running at top speed; connect to a high speed hub
[  165.884617][ T5630] usb 2-1: config 12 has an invalid interface number: 231 but max is 0
[  165.893716][ T5630] usb 2-1: config 12 has no interface number 0
[  165.903422][ T5737] usb 4-1: usb_control_msg returned -32
[  165.910471][ T5630] usb 2-1: config 12 interface 231 has no altsetting 0
[  165.917475][ T5737] usbtmc 4-1:16.0: can't read capabilities
[  165.927312][ T5630] usb 2-1: New USB device found, idVendor=2040, idProduct=9941, bcdDevice=93.b7
[  165.942415][ T5630] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.953924][ T5630] usb 2-1: Product: syz
[  165.959611][ T5630] usb 2-1: Manufacturer: syz
[  165.964458][ T5630] usb 2-1: SerialNumber: syz
[  166.102629][ T7046] hsr0: entered promiscuous mode
[  166.106206][ T7048] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993
[  166.121713][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.4.414'.
[  166.219429][ T5630] dvb-usb: found a 'Hauppauge Nova-T 500 Dual DVB-T' in cold state, will try to load a firmware
[  166.260987][ T7050] usbtmc 4-1:16.0: INITIATE_CLEAR returned 0
[  166.283913][ T5630] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  166.301374][ T5630] dib0700: firmware download failed at 7 with -71
[  166.337848][ T5630] usb 2-1: USB disconnect, device number 16
[  166.343735][ T7050] bond3 (unregistering): Released all slaves
[  166.467812][ T5737] usb 4-1: USB disconnect, device number 16
[  166.521416][ T7055] capability: warning: `syz.4.418' uses 32-bit capabilities (legacy support in use)
[  166.847375][ T7059] binder: 7058:7059 ioctl c0306201 2000000003c0 returned -14
[  166.936787][ T7061] FAULT_INJECTION: forcing a failure.
[  166.936787][ T7061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.995182][ T7061] CPU: 0 UID: 0 PID: 7061 Comm: syz.0.420 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  166.995217][ T7061] Tainted: [L]=SOFTLOCKUP
[  166.995224][ T7061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  166.995235][ T7061] Call Trace:
[  166.995243][ T7061]  <TASK>
[  166.995250][ T7061]  dump_stack_lvl+0xe8/0x150
[  166.995284][ T7061]  should_fail_ex+0x412/0x560
[  166.995313][ T7061]  _copy_from_user+0x2d/0xb0
[  166.995340][ T7061]  ___sys_recvmsg+0x175/0x590
[  166.995373][ T7061]  ? __pfx____sys_recvmsg+0x10/0x10
[  166.995404][ T7061]  ? __fget_files+0x2a/0x420
[  166.995453][ T7061]  do_recvmmsg+0x334/0x800
[  166.995487][ T7061]  ? __pfx_do_recvmmsg+0x10/0x10
[  166.995524][ T7061]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  166.995563][ T7061]  __x64_sys_recvmmsg+0x198/0x250
[  166.995592][ T7061]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  166.995619][ T7061]  ? arch_syscall_is_vdso_sigreturn+0x11f/0x1a0
[  166.995645][ T7061]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.995663][ T7061]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.995683][ T7061]  do_syscall_64+0x15f/0xf80
[  166.995704][ T7061]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.995722][ T7061]  ? clear_bhb_loop+0x40/0x90
[  166.995744][ T7061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.995761][ T7061] RIP: 0033:0x7f379bf9cdd9
[  166.995778][ T7061] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  166.995793][ T7061] RSP: 002b:00007f379cf02028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  166.995811][ T7061] RAX: ffffffffffffffda RBX: 00007f379c215fa0 RCX: 00007f379bf9cdd9
[  166.995824][ T7061] RDX: 0000000000000624 RSI: 0000200000002100 RDI: 0000000000000004
[  166.995835][ T7061] RBP: 00007f379cf02090 R08: 0000000000000000 R09: 0000000000000000
[  166.995845][ T7061] R10: 00000000000101c9 R11: 0000000000000246 R12: 0000000000000002
[  166.995856][ T7061] R13: 00007f379c216038 R14: 00007f379c215fa0 R15: 00007f379c33fa48
[  166.995883][ T7061]  </TASK>
[  167.298924][ T7068] netlink: 12 bytes leftover after parsing attributes in process `syz.0.423'.
[  167.597812][   T24] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  167.617719][    T9] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  167.707771][ T5737] usb 3-1: new low-speed USB device number 17 using dummy_hcd
[  167.757815][   T24] usb 1-1: Using ep0 maxpacket: 32
[  167.764819][   T24] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  167.774126][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.782989][    T9] usb 4-1: config 0 has no interfaces?
[  167.790023][   T24] usb 1-1: config 0 descriptor??
[  167.795928][    T9] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  167.811992][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  167.823502][    T9] usb 4-1: Product: syz
[  167.828555][   T24] gspca_main: sunplus-2.14.0 probing 041e:400b
[  167.836986][    T9] usb 4-1: Manufacturer: syz
[  167.843084][    T9] usb 4-1: SerialNumber: syz
[  167.860867][    T9] usb 4-1: config 0 descriptor??
[  167.875050][ T5737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  167.888200][ T5737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  167.899004][ T5737] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  167.912099][ T5737] usb 3-1: New USB device found, idVendor=056e, idProduct=00fd, bcdDevice= 0.00
[  167.921242][ T5737] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.934414][ T5737] usb 3-1: config 0 descriptor??
[  167.945967][ T7078] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  168.032137][ T7082] netlink: 12 bytes leftover after parsing attributes in process `syz.1.429'.
[  168.041229][ T7082] netem: incorrect ge model size
[  168.046269][ T7082] netem: change failed
[  168.094134][ T5630] usb 4-1: USB disconnect, device number 17
[  168.150270][ T7084] netlink: 136 bytes leftover after parsing attributes in process `syz.1.430'.
[  168.168195][ T7084] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  168.265502][ T7086] usb usb8: usbfs: process 7086 (syz.1.431) did not claim interface 0 before use
[  168.388538][ T5737] elecom 0003:056E:00FD.0008: ignoring exceeding usage max
[  168.409333][ T5737] elecom 0003:056E:00FD.0008: item fetching failed at offset 24/38
[  168.420527][ T5737] elecom 0003:056E:00FD.0008: probe with driver elecom failed with error -22
[  168.507134][ T7094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.435'.
[  168.591271][ T5696] usb 3-1: USB disconnect, device number 17
[  168.705279][ T7100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.437'.
[  168.715060][ T7100] netlink: 'syz.3.437': attribute type 25 has an invalid length.
[  168.722903][ T7100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.437'.
[  168.823776][   T24] gspca_sunplus: reg_w_riv err -71
[  168.843035][   T24] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  168.935991][ T7102] xt_hashlimit: size too large, truncated to 1048576
[  168.947870][   T24] usb 1-1: USB disconnect, device number 24
[  169.397845][  T807] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  169.415616][ T7118] FAULT_INJECTION: forcing a failure.
[  169.415616][ T7118] name failslab, interval 1, probability 0, space 0, times 0
[  169.439414][ T7118] CPU: 0 UID: 0 PID: 7118 Comm: syz.0.443 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  169.439448][ T7118] Tainted: [L]=SOFTLOCKUP
[  169.439455][ T7118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  169.439468][ T7118] Call Trace:
[  169.439476][ T7118]  <TASK>
[  169.439485][ T7118]  dump_stack_lvl+0xe8/0x150
[  169.439511][ T7118]  should_fail_ex+0x412/0x560
[  169.439541][ T7118]  should_failslab+0xa8/0x100
[  169.439574][ T7118]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  169.439602][ T7118]  ? __alloc_skb+0x186/0x7d0
[  169.439621][ T7118]  ? __alloc_skb+0x1d0/0x7d0
[  169.439642][ T7118]  ? __local_bh_enable_ip+0xd0/0x130
[  169.439668][ T7118]  __alloc_skb+0x1d0/0x7d0
[  169.439696][ T7118]  alloc_skb_with_frags+0xc8/0x760
[  169.439722][ T7118]  ? __lock_acquire+0x6b5/0x2cf0
[  169.439763][ T7118]  sock_alloc_send_pskb+0x878/0x990
[  169.439811][ T7118]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  169.439845][ T7118]  ? sock_def_readable+0xae/0x550
[  169.439872][ T7118]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  169.439904][ T7118]  unix_dgram_sendmsg+0x460/0x18d0
[  169.439952][ T7118]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  169.439979][ T7118]  ? count_memcg_event_mm+0x21/0x260
[  169.440004][ T7118]  ? aa_sock_msg_perm+0xda/0x1b0
[  169.440033][ T7118]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  169.440063][ T7118]  ____sys_sendmsg+0x972/0x9f0
[  169.440092][ T7118]  ? __might_fault+0xaf/0x130
[  169.440135][ T7118]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.440172][ T7118]  ? import_iovec+0x73/0xa0
[  169.440204][ T7118]  ___sys_sendmsg+0x2a5/0x360
[  169.440246][ T7118]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.440268][ T7118]  ? __lock_acquire+0x6b5/0x2cf0
[  169.440330][ T7118]  __sys_sendmmsg+0x27c/0x4e0
[  169.440360][ T7118]  ? __pfx___sys_sendmmsg+0x10/0x10
[  169.440382][ T7118]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  169.440428][ T7118]  ? ksys_write+0x242/0x270
[  169.440456][ T7118]  ? __pfx_ksys_write+0x10/0x10
[  169.440486][ T7118]  __x64_sys_sendmmsg+0xa0/0xc0
[  169.440511][ T7118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.440529][ T7118]  do_syscall_64+0x15f/0xf80
[  169.440553][ T7118]  ? clear_bhb_loop+0x40/0x90
[  169.440575][ T7118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.440592][ T7118] RIP: 0033:0x7f379bf9cdd9
[  169.440609][ T7118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  169.440624][ T7118] RSP: 002b:00007f379cf02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  169.440642][ T7118] RAX: ffffffffffffffda RBX: 00007f379c215fa0 RCX: 00007f379bf9cdd9
[  169.440655][ T7118] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000004
[  169.440665][ T7118] RBP: 00007f379cf02090 R08: 0000000000000000 R09: 0000000000000000
[  169.440676][ T7118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  169.440686][ T7118] R13: 00007f379c216038 R14: 00007f379c215fa0 R15: 00007f379c33fa48
[  169.440714][ T7118]  </TASK>
[  169.817737][  T807] usb 5-1: Using ep0 maxpacket: 32
[  169.850209][  T807] usb 5-1: config 0 has no interfaces?
[  169.871808][  T807] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=d8.11
[  169.895091][  T807] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.931423][  T807] usb 5-1: Product: syz
[  169.944853][  T807] usb 5-1: Manufacturer: syz
[  169.958516][ T7124] netlink: 20 bytes leftover after parsing attributes in process `syz.2.445'.
[  169.969999][  T807] usb 5-1: SerialNumber: syz
[  169.984178][  T807] usb 5-1: config 0 descriptor??
[  170.150495][  T807] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  170.341235][  T807] usb 1-1: Using ep0 maxpacket: 16
[  170.370002][  T807] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  170.377255][ T7130] netlink: 16 bytes leftover after parsing attributes in process `syz.3.449'.
[  170.396248][ T7130] netlink: 12 bytes leftover after parsing attributes in process `syz.3.449'.
[  170.419691][  T807] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  170.464736][  T807] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  170.485709][  T807] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  170.505932][  T807] usb 1-1: SerialNumber: syz
[  170.576306][ T7133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.621224][  T807] hub 1-1:1.0: bad descriptor, ignoring hub
[  170.644954][  T807] hub 1-1:1.0: probe with driver hub failed with error -5
[  170.679279][ T7133] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.690841][  T807] usb 1-1: No union descriptors
[  170.700355][ T7135] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  170.931362][  T807] usb 1-1: USB disconnect, device number 25
[  171.072300][ T7140] netlink: 12 bytes leftover after parsing attributes in process `syz.2.453'.
[  171.192562][    T9] usb 5-1: USB disconnect, device number 21
[  171.391931][ T5737] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  171.458347][ T7149] netlink: 32 bytes leftover after parsing attributes in process `syz.0.456'.
[  171.557704][ T5737] usb 3-1: Using ep0 maxpacket: 32
[  171.568425][ T5630] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  171.579693][ T5737] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  171.598911][ T5737] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.623748][ T5737] usb 3-1: config 0 descriptor??
[  171.639868][ T5737] gspca_main: sunplus-2.14.0 probing 041e:400b
[  171.656284][ T7150] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 7150 comm: syz.1.455)
[  171.700571][   T30] audit: type=1800 audit(1777739147.489:113): pid=7150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.455" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=17431 res=0 errno=0
[  171.769355][ T5630] usb 4-1: Using ep0 maxpacket: 32
[  171.790742][ T5630] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  171.807324][ T5630] usb 4-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  171.852240][ T5630] usb 4-1: config 0 has no interface number 0
[  171.884992][ T5630] usb 4-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  171.939411][ T5630] usb 4-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  171.996526][ T5630] usb 4-1: config 0 interface 184 has no altsetting 0
[  172.007816][ T5696] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  172.041542][ T5630] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  172.066070][ T5630] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.089073][ T5630] usb 4-1: Product: syz
[  172.097752][ T5630] usb 4-1: Manufacturer: syz
[  172.108886][ T5630] usb 4-1: SerialNumber: syz
[  172.130182][ T5630] usb 4-1: config 0 descriptor??
[  172.178726][ T5696] usb 1-1: too many configurations: 53, using maximum allowed: 8
[  172.207789][ T5696] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  172.237850][ T5696] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.254966][ T5696] usb 1-1: Product: syz
[  172.267910][ T5696] usb 1-1: Manufacturer: syz
[  172.273012][ T5696] usb 1-1: SerialNumber: syz
[  172.646018][ T5737] gspca_sunplus: reg_w_riv err -71
[  172.652235][ T5737] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  172.679280][ T5696] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  172.693519][ T5696] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  172.712500][ T5696] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  172.725864][ T5737] usb 3-1: USB disconnect, device number 18
[  172.735914][ T5696] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  172.763150][ T5696] usb 1-1: USB disconnect, device number 26
[  173.419711][   T30] audit: type=1326 audit(1777739149.209:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  173.515526][   T30] audit: type=1326 audit(1777739149.239:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  173.602850][ T7170] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  173.611870][   T30] audit: type=1326 audit(1777739149.239:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  173.719944][   T30] audit: type=1326 audit(1777739149.239:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  173.832527][   T30] audit: type=1326 audit(1777739149.239:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  173.981177][   T30] audit: type=1326 audit(1777739149.239:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  174.153662][   T30] audit: type=1326 audit(1777739149.239:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  174.257040][   T30] audit: type=1326 audit(1777739149.239:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  174.422303][   T30] audit: type=1326 audit(1777739149.239:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  174.650005][ T5630] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  174.685894][ T5630] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -22
[  174.716239][ T5630] usb 4-1: USB disconnect, device number 18
[  174.841071][ T7177] netlink: 8 bytes leftover after parsing attributes in process `syz.4.465'.
[  175.095845][ T7185] netlink: 'syz.4.466': attribute type 1 has an invalid length.
[  175.119408][ T7185] netlink: 'syz.4.466': attribute type 2 has an invalid length.
[  175.140532][ T7185] netlink: 'syz.4.466': attribute type 1 has an invalid length.
[  175.163860][ T7185] netlink: 16 bytes leftover after parsing attributes in process `syz.4.466'.
[  175.440157][ T7196] netlink: 12 bytes leftover after parsing attributes in process `syz.4.470'.
[  175.456188][ T5696] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  175.499565][ T7198] netlink: 104 bytes leftover after parsing attributes in process `syz.1.471'.
[  175.629669][ T5696] usb 4-1: Using ep0 maxpacket: 32
[  175.642170][ T5696] usb 4-1: config 0 has an invalid interface number: 188 but max is 0
[  175.656559][ T5696] usb 4-1: config 0 has no interface number 0
[  175.667858][ T5696] usb 4-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  175.696314][ T5696] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  175.711540][ T5696] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.723653][ T5696] usb 4-1: Product: syz
[  175.735026][ T5696] usb 4-1: Manufacturer: syz
[  175.742995][ T5696] usb 4-1: SerialNumber: syz
[  175.754977][ T5696] usb 4-1: config 0 descriptor??
[  175.767867][ T7190] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  175.777853][  T807] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  175.787883][ T5630] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  175.927730][ T5630] usb 2-1: device descriptor read/64, error -71
[  175.957712][  T807] usb 5-1: Using ep0 maxpacket: 32
[  175.969218][  T807] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  175.983600][  T807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.005262][ T7190] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  176.024543][  T807] usb 5-1: config 0 descriptor??
[  176.054244][  T807] gspca_main: sunplus-2.14.0 probing 041e:400b
[  176.167729][ T5630] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  176.341834][ T5630] usb 2-1: device descriptor read/64, error -71
[  176.458239][ T5630] usb usb2-port1: attempt power cycle
[  176.524294][ T5696] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  176.610874][ T5696] asix 4-1:0.188: probe with driver asix failed with error -71
[  176.651715][ T5696] usb 4-1: USB disconnect, device number 19
[  176.807808][ T5630] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  176.820687][   T30] kauditd_printk_skb: 69 callbacks suppressed
[  176.820703][   T30] audit: type=1326 audit(1777739152.609:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  176.880350][ T5630] usb 2-1: device descriptor read/8, error -71
[  176.894859][   T30] audit: type=1326 audit(1777739152.609:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.2.460" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  177.091081][  T807] gspca_sunplus: reg_w_riv err -71
[  177.097056][  T807] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  177.117748][ T5630] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  177.124760][  T807] usb 5-1: USB disconnect, device number 22
[  177.148304][ T5630] usb 2-1: device descriptor read/8, error -71
[  177.268188][ T5630] usb usb2-port1: unable to enumerate USB device
[  177.284761][ T7209] SET target dimension over the limit!
[  177.927775][ T5737] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  177.958456][ T5630] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  178.090744][ T5737] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  178.123924][ T5737] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  178.143887][ T5737] usb 3-1: New USB device found, idVendor=0763, idProduct=1033, bcdDevice= 0.40
[  178.153533][ T5630] usb 1-1: Using ep0 maxpacket: 32
[  178.160404][ T5737] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.169622][ T5737] usb 3-1: Product: syz
[  178.174600][ T5737] usb 3-1: Manufacturer: syz
[  178.181166][ T5737] usb 3-1: SerialNumber: syz
[  178.187374][ T5630] usb 1-1: New USB device found, idVendor=0e41, idProduct=4141, bcdDevice= 0.40
[  178.210995][ T5630] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.224220][ T5630] usb 1-1: Product: syz
[  178.241470][ T5630] usb 1-1: Manufacturer: syz
[  178.248179][ T5630] usb 1-1: SerialNumber: syz
[  178.259306][ T7229] netlink: 36 bytes leftover after parsing attributes in process `syz.3.480'.
[  178.283745][ T7229] netlink: 16 bytes leftover after parsing attributes in process `syz.3.480'.
[  178.303960][ T7229] netlink: 36 bytes leftover after parsing attributes in process `syz.3.480'.
[  178.352774][ T7229] netlink: 8 bytes leftover after parsing attributes in process `syz.3.480'.
[  178.376789][ T7229] netlink: 8 bytes leftover after parsing attributes in process `syz.3.480'.
[  178.425350][ T5737] usb 3-1: 0:1 : does not exist
[  178.433888][ T5737] usb 3-1: unit 6 not found!
[  178.438802][ T5737] usb 3-1: unit 0 not found!
[  178.610667][ T5737] usb 3-1: USB disconnect, device number 19
[  179.508779][ T5696] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  179.700153][ T5696] usb 5-1: Using ep0 maxpacket: 16
[  179.727045][ T5696] usb 5-1: New USB device found, idVendor=0582, idProduct=7def, bcdDevice= 0.40
[  179.781900][ T5696] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.815268][ T5696] usb 5-1: Product: syz
[  179.823204][ T5696] usb 5-1: Manufacturer: syz
[  179.829492][ T5696] usb 5-1: SerialNumber: syz
[  180.076977][ T5696] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  180.096894][ T5696] usb 5-1: MIDIStreaming interface descriptor not found
[  180.303289][ T5696] usb 5-1: USB disconnect, device number 23
[  180.448923][ T5764] udevd[5764]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  180.962171][ T7292] xt_hashlimit: size too large, truncated to 1048576
[  181.015892][ T7297] FAULT_INJECTION: forcing a failure.
[  181.015892][ T7297] name failslab, interval 1, probability 0, space 0, times 0
[  181.047835][ T7297] CPU: 1 UID: 0 PID: 7297 Comm: syz.4.504 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  181.047865][ T7297] Tainted: [L]=SOFTLOCKUP
[  181.047872][ T7297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  181.047883][ T7297] Call Trace:
[  181.047889][ T7297]  <TASK>
[  181.047898][ T7297]  dump_stack_lvl+0xe8/0x150
[  181.047923][ T7297]  should_fail_ex+0x412/0x560
[  181.047950][ T7297]  should_failslab+0xa8/0x100
[  181.047979][ T7297]  __kmalloc_noprof+0xe8/0x760
[  181.048003][ T7297]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  181.048034][ T7297]  tomoyo_realpath_from_path+0xe3/0x5d0
[  181.048060][ T7297]  ? tomoyo_domain+0xd7/0x130
[  181.048104][ T7297]  ? tomoyo_path_number_perm+0x219/0x630
[  181.048124][ T7297]  tomoyo_path_number_perm+0x246/0x630
[  181.048146][ T7297]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  181.048164][ T7297]  ? __lock_acquire+0x6b5/0x2cf0
[  181.048209][ T7297]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  181.048248][ T7297]  ? __fget_files+0x2a/0x420
[  181.048272][ T7297]  ? __fget_files+0x2a/0x420
[  181.048292][ T7297]  ? __fget_files+0x3a0/0x420
[  181.048312][ T7297]  ? __fget_files+0x2a/0x420
[  181.048336][ T7297]  security_file_ioctl+0xc3/0x2a0
[  181.048358][ T7297]  __se_sys_ioctl+0x47/0x170
[  181.048384][ T7297]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.048404][ T7297]  do_syscall_64+0x15f/0xf80
[  181.048443][ T7297]  ? trace_irq_disable+0x3b/0x140
[  181.048469][ T7297]  ? clear_bhb_loop+0x40/0x90
[  181.048492][ T7297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.048511][ T7297] RIP: 0033:0x7f1a1a99cdd9
[  181.048528][ T7297] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  181.048542][ T7297] RSP: 002b:00007f1a1b876028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  181.048559][ T7297] RAX: ffffffffffffffda RBX: 00007f1a1ac15fa0 RCX: 00007f1a1a99cdd9
[  181.048571][ T7297] RDX: 0000200000000400 RSI: 0000000040085112 RDI: 0000000000000003
[  181.048582][ T7297] RBP: 00007f1a1b876090 R08: 0000000000000000 R09: 0000000000000000
[  181.048591][ T7297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.048601][ T7297] R13: 00007f1a1ac16038 R14: 00007f1a1ac15fa0 R15: 00007f1a1ad3fa48
[  181.048629][ T7297]  </TASK>
[  181.048637][ T7297] ERROR: Out of memory at tomoyo_realpath_from_path.
[  181.384753][ T7302] netlink: 'syz.2.502': attribute type 1 has an invalid length.
[  181.430100][ T5630] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  181.490027][ T5630] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  181.645564][ T7309] loop9: detected capacity change from 0 to 7
[  181.669805][    C1] blk_print_req_error: 10 callbacks suppressed
[  181.669823][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.685220][    C1] buffer_io_error: 10 callbacks suppressed
[  181.685235][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.700725][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.709977][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.722390][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.731645][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.739769][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.749052][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.757704][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.766985][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.775662][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.784837][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.805091][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.814264][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.822715][ T7309] ldm_validate_partition_table(): Disk read failed.
[  181.836114][  T806] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  181.851403][ T5630] usb 1-1: USB disconnect, device number 27
[  181.853892][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.866497][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.885621][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.894836][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.903434][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  181.912650][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  181.931457][ T7309] Dev loop9: unable to read RDB block 0
[  181.983772][ T7302] bond3: entered promiscuous mode
[  182.011790][ T7302] 8021q: adding VLAN 0 to HW filter on device bond3
[  182.019031][ T7309]  loop9: unable to read partition table
[  182.037941][ T7309] loop9: partition table beyond EOD, truncated
[  182.070995][ T7309] loop_reread_partitions: partition scan of loop9 (úù) failed (rc=-5)
[  182.102073][ T5860] udevd[5860]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  182.218788][  T806] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  182.242207][  T806] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.265733][  T806] usb 3-1: Product: syz
[  182.307355][  T806] usb 3-1: Manufacturer: syz
[  182.327580][  T806] usb 3-1: SerialNumber: syz
[  182.369227][  T806] usb 3-1: config 0 descriptor??
[  182.441758][  T806] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  182.501259][ T7314] xt_hashlimit: size too large, truncated to 1048576
[  183.090581][ T5696] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  183.228311][ T7329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.512'.
[  183.259670][ T5696] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  183.285652][ T5696] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  183.319422][ T5696] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  183.369170][ T7326] input: syz1 as /devices/virtual/input/input7
[  183.376371][ T5696] usb 5-1: config 220 has no interface number 2
[  183.397042][ T5696] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  183.458006][ T5696] usb 5-1: config 220 interface 0 has no altsetting 0
[  183.505767][ T5696] usb 5-1: config 220 interface 76 has no altsetting 0
[  183.537063][ T5696] usb 5-1: config 220 interface 1 has no altsetting 0
[  183.552404][ T5696] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  183.565335][ T5696] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.579482][ T7329] bond3: entered promiscuous mode
[  183.587539][ T7329] bond3: entered allmulticast mode
[  183.627215][ T5696] usb 5-1: Product: syz
[  183.632587][ T5696] usb 5-1: Manufacturer: syz
[  183.648003][ T5696] usb 5-1: SerialNumber: syz
[  183.656952][ T7300] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.690421][ T7300] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.711796][ T7329] 8021q: adding VLAN 0 to HW filter on device bond3
[  183.839214][  T806] gspca_sunplus: reg_w_riv err -110
[  183.845932][ T7292] vlan2: entered allmulticast mode
[  183.857765][ T7292] bond3: entered allmulticast mode
[  183.865713][  T806] sunplus 3-1:0.0: probe with driver sunplus failed with error -110
[  183.975315][ T7295] bond3: (slave bridge1): making interface the new active one
[  183.998889][ T7295] bridge1: entered promiscuous mode
[  184.014016][ T7295] bridge1: entered allmulticast mode
[  184.040369][ T5696] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  184.048975][ T7295] bond3: (slave bridge1): Enslaving as an active interface with an up link
[  184.078346][ T5696] uvcvideo 5-1:220.0: No valid video chain found.
[  184.097407][ T5696] usb 5-1: selecting invalid altsetting 0
[  184.111557][  T806] usb 3-1: USB disconnect, device number 20
[  184.164742][ T7337] syzkaller1: entered promiscuous mode
[  184.176657][ T5696] usb 5-1: selecting invalid altsetting 0
[  184.182842][ T7337] syzkaller1: entered allmulticast mode
[  184.203776][ T5696] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  184.246603][ T5696] usb 5-1: USB disconnect, device number 24
[  184.838249][ T7353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.519'.
[  184.972436][ T7357] netlink: 36 bytes leftover after parsing attributes in process `syz.4.522'.
[  185.002729][ T7357] netlink: 16 bytes leftover after parsing attributes in process `syz.4.522'.
[  185.026821][ T7357] netlink: 36 bytes leftover after parsing attributes in process `syz.4.522'.
[  185.070021][ T7361] netlink: 12 bytes leftover after parsing attributes in process `syz.2.523'.
[  185.084744][ T7357] netlink: 8 bytes leftover after parsing attributes in process `syz.4.522'.
[  185.107741][ T7357] netlink: 8 bytes leftover after parsing attributes in process `syz.4.522'.
[  185.126342][ T7361] netem: incorrect ge model size
[  185.151546][ T7361] netem: change failed
[  185.327878][ T7369] netlink: 164 bytes leftover after parsing attributes in process `syz.2.526'.
[  185.928975][ T7378] xt_hashlimit: size too large, truncated to 1048576
[  186.438061][ T5696] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  186.597754][ T5696] usb 1-1: Using ep0 maxpacket: 32
[  186.605623][ T5696] usb 1-1: config index 0 descriptor too short (expected 63, got 36)
[  186.616077][ T5696] usb 1-1: config 0 has too many interfaces: 193, using maximum allowed: 32
[  186.676420][ T5696] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.712482][ T5696] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 193
[  186.737255][ T5696] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00
[  186.750055][ T5696] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.772613][ T5696] usb 1-1: config 0 descriptor??
[  187.016596][ T5696] usb 1-1: string descriptor 0 read error: -71
[  187.053361][ T5696] usb 1-1: USB disconnect, device number 28
[  187.321292][ T7392] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.333224][ T7392] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.438429][    T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  187.468392][ T7404] netlink: 'syz.4.536': attribute type 8 has an invalid length.
[  187.486319][ T7392] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.521273][ T7404] netlink: 4 bytes leftover after parsing attributes in process `syz.4.536'.
[  187.593039][ T7392] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.625724][    T9] usb 2-1: Using ep0 maxpacket: 8
[  187.640344][    T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  187.679639][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  187.711898][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  187.733197][    T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  187.758130][    T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  187.770084][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.957738][ T5630] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  188.055677][    T9] usb 2-1: GET_CAPABILITIES returned 0
[  188.078287][    T9] usbtmc 2-1:16.0: can't read capabilities
[  188.145292][ T5630] usb 1-1: config 0 interface 0 has no altsetting 0
[  188.187704][ T5630] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  188.218201][ T5630] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.257080][ T5630] usb 1-1: config 0 descriptor??
[  188.657321][ T7420] vlan2: entered promiscuous mode
[  188.723910][ T7420] bridge0: entered promiscuous mode
[  188.805385][ T7420] bridge0: port 3(vlan2) entered blocking state
[  188.877821][ T7420] bridge0: port 3(vlan2) entered disabled state
[  188.920214][ T7420] vlan2: entered allmulticast mode
[  188.965539][ T7420] bridge0: entered allmulticast mode
[  189.077376][ T7420] vlan2: left allmulticast mode
[  189.103489][ T7420] bridge0: left allmulticast mode
[  189.188078][ T5630] video4linux radio48: keene_cmd_set failed (-110)
[  189.210569][ T5630] radio-keene 1-1:0.0: V4L2 device registered as radio48
[  189.259226][ T5630] usb 1-1: USB disconnect, device number 29
[  189.719065][ T7436] netlink: 8 bytes leftover after parsing attributes in process `syz.4.545'.
[  189.987702][ T5630] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  190.181184][ T5630] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  190.213399][ T5630] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  190.242981][ T5630] usb 1-1: too many endpoints for config 1 interface 1 altsetting 1: 248, using maximum allowed: 30
[  190.274248][ T5743] usb 2-1: USB disconnect, device number 21
[  190.283053][ T5630] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 248
[  190.340824][ T5630] usb 1-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice= 0.40
[  190.360872][ T5630] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.384468][ T5630] usb 1-1: Product: syz
[  190.405589][ T5630] usb 1-1: Manufacturer: syz
[  190.422148][ T5630] usb 1-1: SerialNumber: syz
[  190.458024][ T7443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.548'.
[  190.566541][ T7446] netlink: 12 bytes leftover after parsing attributes in process `syz.2.549'.
[  190.599777][ T7445] netlink: 12 bytes leftover after parsing attributes in process `syz.2.549'.
[  190.801810][ T5630] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  190.840225][ T5630] usb 1-1: USB disconnect, device number 30
[  190.904508][ T5861] udevd[5861]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  190.909446][ T5743] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  191.118173][ T5743] usb 3-1: Using ep0 maxpacket: 32
[  191.578268][ T5743] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  191.621777][ T5743] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  191.663864][ T5743] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  191.700663][ T5743] usb 3-1: config 1 has no interface number 0
[  191.933136][ T5743] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  192.178362][ T5743] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  192.254212][ T5743] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  192.324659][ T5743] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.383039][ T5743] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  192.487721][    T9] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  192.610444][ T5743] snd_usb_pod 3-1:1.1: set_interface failed
[  192.626260][ T5743] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  192.646499][ T5743] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -71
[  192.734236][ T5743] usb 3-1: USB disconnect, device number 21
[  192.757523][    T9] usb 1-1: Using ep0 maxpacket: 32
[  192.782263][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.805129][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.815479][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  192.826724][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.974988][ T5696] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  193.102790][    T9] usb 1-1: config 0 descriptor??
[  193.186249][    T9] hub 1-1:0.0: USB hub found
[  193.285933][ T5696] usb 4-1: Using ep0 maxpacket: 32
[  193.332549][    T9] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  193.451077][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  193.493800][    T0] NOHZ tick-stop error: local softirq work is pending, handler #308!!!
[  193.552348][ T5696] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  193.569868][ T5696] usb 4-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  193.606641][ T5696] usb 4-1: config 0 has no interface number 0
[  193.653297][ T5696] usb 4-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  193.739915][ T5696] usb 4-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  193.830848][    T9] hid-generic 0003:046D:C31C.0009: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.0-1/input0
[  193.995303][ T5696] usb 4-1: config 0 interface 184 has no altsetting 0
[  194.108278][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  194.131667][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[  194.326190][ T5696] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  194.361849][ T5696] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.392019][ T5696] usb 4-1: Product: syz
[  194.432275][ T5696] usb 4-1: Manufacturer: syz
[  194.492207][ T5696] usb 4-1: SerialNumber: syz
[  194.555203][ T5696] usb 4-1: config 0 descriptor??
[  194.666646][ T5743] usb 1-1: USB disconnect, device number 31
[  194.678369][    T0] NOHZ tick-stop error: local softirq work is pending, handler #288!!!
[  195.430723][ T5743] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  195.554804][   T30] audit: type=1326 audit(1777739171.329:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.2.563" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x0
[  195.690076][ T5743] usb 1-1: Using ep0 maxpacket: 32
[  195.706342][ T5743] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.745121][ T5743] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.825927][ T5743] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  195.866125][ T5743] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.065463][ T5743] usb 1-1: config 0 descriptor??
[  196.237848][ T5743] usb 1-1: can't set config #0, error -71
[  196.457638][ T5743] usb 1-1: USB disconnect, device number 32
[  197.250092][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.2.568'.
[  197.710214][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  199.903578][ T5696] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  199.929546][ T5696] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -22
[  200.394362][ T5696] usb 4-1: USB disconnect, device number 20
[  200.696912][ T7536] netlink: 28 bytes leftover after parsing attributes in process `syz.1.575'.
[  201.092089][ T7540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.577'.
[  201.139841][ T7540] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.472710][ T7540] batman_adv: batadv0: Removing interface: batadv_slave_1
[  202.237529][ T7550] syzkaller1: entered promiscuous mode
[  202.264358][ T7550] syzkaller1: entered allmulticast mode
[  203.557788][  T806] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  203.746527][  T806] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.889710][  T806] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.074277][  T806] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  204.133919][  T806] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.205277][  T806] usb 3-1: config 0 descriptor??
[  204.564594][ T5623] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  204.967827][ T5623] usb 2-1: Using ep0 maxpacket: 32
[  205.284493][ T5623] usb 2-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[  205.300632][ T5623] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.349778][ T5623] usb 2-1: Product: syz
[  205.362116][ T5623] usb 2-1: Manufacturer: syz
[  205.381025][ T5623] usb 2-1: SerialNumber: syz
[  205.527720][    T9] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  205.580400][ T5623] usb 2-1: config 0 descriptor??
[  205.661370][ T5623] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[  205.714409][ T5623] dvb-usb: bulk message failed: -22 (4/0)
[  205.727941][    T9] usb 1-1: Using ep0 maxpacket: 32
[  205.884197][    T9] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  205.899414][ T5623] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  206.076801][ T5623] dvb-usb: bulk message failed: -22 (5/0)
[  206.192950][    T9] usb 1-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  206.205871][ T5623] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  206.250944][ T7566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.309815][  T806] usbhid 3-1:0.0: can't add hid device: -71
[  206.386864][    T9] usb 1-1: config 0 has no interface number 0
[  206.427045][ T7566] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.475694][  T806] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  206.498034][    T9] usb 1-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  206.524609][ T5623] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  206.600973][  T806] usb 3-1: USB disconnect, device number 22
[  206.651460][ T5623] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[  206.656236][    T9] usb 1-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  206.690329][ T5623] usb 2-1: media controller created
[  207.003555][    T9] usb 1-1: config 0 interface 184 has no altsetting 0
[  207.056761][ T5623] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  207.209836][   T30] audit: type=1326 audit(1777739182.989:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  207.311013][ T5630] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  207.535640][ T5623] usb 2-1: selecting invalid altsetting 3
[  207.566194][ T5623] ttusb2: set interface to alts=3 failed
[  207.626576][   T30] audit: type=1326 audit(1777739182.989:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  207.868576][   T30] audit: type=1326 audit(1777739182.989:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  207.937183][ T7585] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  208.017353][ T7591] ttusb2: i2c wr len=58 too high
[  208.019947][ T5630] usb 5-1: Using ep0 maxpacket: 32
[  208.101413][ T5630] usb 5-1: config 0 has an invalid interface number: 89 but max is 0
[  208.199335][ T5630] usb 5-1: config 0 has no interface number 0
[  208.217983][   T30] audit: type=1326 audit(1777739182.989:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  208.312632][ T5623] DVB: Unable to find symbol tda10086_attach()
[  208.323681][ T5630] usb 5-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  208.323711][ T5630] usb 5-1: config 0 interface 89 has no altsetting 0
[  208.379071][ T5630] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[  208.391882][   T30] audit: type=1326 audit(1777739182.999:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  208.501886][ T5630] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.714200][ T5623] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[  208.772645][ T5623] dvb-usb: bulk message failed: -22 (4/0)
[  208.803395][ T5623] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  208.903358][   T30] audit: type=1326 audit(1777739182.999:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  208.938766][ T5630] usb 5-1: Product: syz
[  208.986397][ T5623] dvb-usb: bulk message failed: -22 (5/0)
[  209.071487][ T5623] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  209.203254][ T5623] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[  209.233051][   T30] audit: type=1326 audit(1777739183.109:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  209.280866][ T5630] usb 5-1: Manufacturer: syz
[  209.334352][ T5630] usb 5-1: SerialNumber: syz
[  209.631733][ T5630] usb 5-1: config 0 descriptor??
[  209.760315][   T30] audit: type=1326 audit(1777739183.109:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  209.941253][ T5630] usb 5-1: can't set config #0, error -71
[  209.981268][  T806] usb 2-1: USB disconnect, device number 22
[  210.210163][ T5630] usb 5-1: USB disconnect, device number 25
[  210.313784][   T30] audit: type=1326 audit(1777739183.109:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  211.073356][   T30] audit: type=1326 audit(1777739183.109:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.591" exe="/root/ci-upstream-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a9c99cdd9 code=0x7ffc0000
[  211.272571][  T806] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[  213.184835][ T7611] syzkaller1: entered promiscuous mode
[  213.436531][ T7611] syzkaller1: entered allmulticast mode
[  213.570983][ T7613] netlink: 'syz.1.597': attribute type 1 has an invalid length.
[  214.055611][    T9] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  214.198261][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.268903][    T9] usb 1-1: Product: syz
[  214.324394][    T9] usb 1-1: Manufacturer: syz
[  214.341707][    T9] usb 1-1: config 0 descriptor??
[  214.357071][    T9] usb 1-1: can't set config #0, error -71
[  214.365199][    T9] usb 1-1: USB disconnect, device number 33
[  214.734963][ T7613] bond1: entered promiscuous mode
[  214.761553][ T7613] 8021q: adding VLAN 0 to HW filter on device bond1
[  215.638706][    T9] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  215.848029][  T806] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  215.967724][    T9] usb 5-1: Using ep0 maxpacket: 32
[  216.158332][    T9] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  216.244686][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.370447][    T9] usb 5-1: config 0 descriptor??
[  216.417834][  T806] usb 4-1: Using ep0 maxpacket: 8
[  216.430910][    T9] gspca_main: sunplus-2.14.0 probing 041e:400b
[  216.619165][  T806] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  216.694731][  T806] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  216.771766][  T806] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  216.794180][  T806] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  216.862205][  T806] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  217.090044][  T806] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.527729][    T9] gspca_sunplus: reg_w_riv err -71
[  217.743005][    T9] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  218.234360][    T9] usb 5-1: USB disconnect, device number 26
[  218.587971][ T5737] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  218.677818][ T7642] fuse: Bad value for 'fd'
[  219.450706][ T5737] usb 1-1: Using ep0 maxpacket: 16
[  219.504714][ T5737] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  219.657309][ T5737] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.757098][ T5737] usb 1-1: Product: syz
[  219.769982][ T5737] usb 1-1: Manufacturer: syz
[  219.801678][ T5737] usb 1-1: SerialNumber: syz
[  219.899431][ T5737] usb 1-1: config 0 descriptor??
[  220.495234][ T5737] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  220.554865][ T5737] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  220.623245][ T5737] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  220.653647][ T5737] usb 1-1: media controller created
[  220.706734][ T7644] dtv5100: wlen = 0, aborting.
[  220.921822][ T7644] netlink: 'syz.0.605': attribute type 3 has an invalid length.
[  220.974055][ T5737] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  222.037806][ T5737] zl10353_read_register: readreg error (reg=127, ret==0)
[  222.063177][ T5737] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  222.089815][ T7662] FAULT_INJECTION: forcing a failure.
[  222.089815][ T7662] name failslab, interval 1, probability 0, space 0, times 0
[  222.150780][ T5737] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  222.183255][ T7662] CPU: 0 UID: 0 PID: 7662 Comm: syz.2.610 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  222.183276][ T7662] Tainted: [L]=SOFTLOCKUP
[  222.183280][ T7662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  222.183288][ T7662] Call Trace:
[  222.183293][ T7662]  <TASK>
[  222.183302][ T7662]  dump_stack_lvl+0xe8/0x150
[  222.183326][ T7662]  should_fail_ex+0x412/0x560
[  222.183346][ T7662]  should_failslab+0xa8/0x100
[  222.183366][ T7662]  ? ptlock_alloc+0x20/0x70
[  222.183381][ T7662]  kmem_cache_alloc_noprof+0x87/0x650
[  222.183397][ T7662]  ? alloc_pages_mpol+0x3c0/0x490
[  222.183421][ T7662]  ptlock_alloc+0x20/0x70
[  222.183436][ T7662]  pte_alloc_one+0x7a/0x370
[  222.183454][ T7662]  __pte_alloc+0x25/0x1a0
[  222.183476][ T7662]  copy_pmd_range+0x5135/0x5970
[  222.183491][ T7662]  ? arch_stack_walk+0xfb/0x150
[  222.183528][ T7662]  ? __pfx_copy_pmd_range+0x10/0x10
[  222.183542][ T7662]  ? kernel_clone+0x284/0x8f0
[  222.183556][ T7662]  ? __x64_sys_clone+0x1b6/0x230
[  222.183576][ T7662]  ? __lock_acquire+0x6b5/0x2cf0
[  222.183594][ T7662]  ? mas_wr_store_type+0xcc2/0x19d0
[  222.183614][ T7662]  copy_page_range+0xbe8/0x11f0
[  222.183647][ T7662]  ? __pfx_copy_page_range+0x10/0x10
[  222.183671][ T7662]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  222.183694][ T7662]  dup_mmap+0xf40/0x1d90
[  222.183725][ T7662]  ? __pfx_dup_mmap+0x10/0x10
[  222.183749][ T7662]  ? copy_mm+0x130/0x4a0
[  222.183762][ T7662]  ? copy_mm+0x130/0x4a0
[  222.183784][ T7662]  copy_mm+0x13b/0x4a0
[  222.183799][ T7662]  copy_process+0x1f1c/0x4440
[  222.183812][ T7662]  ? _parse_integer_limit+0x1ae/0x1f0
[  222.183836][ T7662]  ? copy_process+0xd87/0x4440
[  222.183856][ T7662]  ? __pfx_copy_process+0x10/0x10
[  222.183870][ T7662]  ? get_pid_task+0x20/0x1f0
[  222.183883][ T7662]  ? get_pid_task+0x20/0x1f0
[  222.183903][ T7662]  kernel_clone+0x284/0x8f0
[  222.183921][ T7662]  ? __pfx_kernel_clone+0x10/0x10
[  222.183941][ T7662]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  222.183963][ T7662]  __x64_sys_clone+0x1b6/0x230
[  222.183979][ T7662]  ? __pfx___x64_sys_clone+0x10/0x10
[  222.184004][ T7662]  ? __pfx_ksys_write+0x10/0x10
[  222.184026][ T7662]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.184040][ T7662]  do_syscall_64+0x15f/0xf80
[  222.184072][ T7662]  ? trace_irq_disable+0x3b/0x140
[  222.184091][ T7662]  ? clear_bhb_loop+0x40/0x90
[  222.184108][ T7662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.184121][ T7662] RIP: 0033:0x7f3a9c99cdd9
[  222.184133][ T7662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  222.184145][ T7662] RSP: 002b:00007f3a9d7e4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  222.184158][ T7662] RAX: ffffffffffffffda RBX: 00007f3a9cc15fa0 RCX: 00007f3a9c99cdd9
[  222.184168][ T7662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040080000
[  222.184176][ T7662] RBP: 00007f3a9d7e5090 R08: 0000000000000000 R09: 0000000000000000
[  222.184184][ T7662] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  222.184192][ T7662] R13: 00007f3a9cc16038 R14: 00007f3a9cc15fa0 R15: 00007f3a9cd3fa48
[  222.184213][ T7662]  </TASK>
[  222.858017][ T5737] usb 1-1: USB disconnect, device number 34
[  222.871756][  T806] usb 4-1: can't set config #16, error -110
[  223.607746][ T5743] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  223.642740][ T5737] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  223.858131][ T5743] usb 5-1: Using ep0 maxpacket: 32
[  224.313644][ T5630] usb 4-1: USB disconnect, device number 21
[  224.447982][  T806] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  224.487821][ T5737] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  224.827742][ T5737] usb 1-1: Using ep0 maxpacket: 32
[  224.882766][  T806] usb 3-1: Using ep0 maxpacket: 32
[  224.972097][ T5737] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  224.988607][  T806] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.025072][ T5737] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  225.234824][  T806] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.367521][ T5737] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  225.423996][  T806] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  225.609678][ T5737] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  225.764953][  T806] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.105935][ T5737] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  226.166674][  T806] usb 3-1: config 0 descriptor??
[  226.396563][ T5737] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  226.469805][  T806] hub 3-1:0.0: USB hub found
[  226.637116][ T5737] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  226.671371][  T806] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  226.694159][ T5737] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.882560][ T5737] usb 1-1: config 0 descriptor??
[  227.164985][ T5737] usb 1-1: can't set config #0, error -71
[  227.580422][ T5737] usb 1-1: USB disconnect, device number 35
[  227.740954][  T806] hid-generic 0003:046D:C31C.000A: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.2-1/input0
[  228.947960][ T5743] usb 5-1: device descriptor read/all, error -110
[  229.437728][ T5743] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  229.581004][ T5737] usb 3-1: USB disconnect, device number 23
[  231.413018][ T7694] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  231.913079][ T7698] xt_hashlimit: size too large, truncated to 1048576
[  231.977253][ T7698] xt_hashlimit: overflow, try lower: 3/0
[  232.386730][ T7702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'.
[  233.954901][ T5737] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  234.257679][ T5737] usb 4-1: Using ep0 maxpacket: 32
[  234.269447][ T5737] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  234.329848][ T5737] usb 4-1: config 0 has no interface number 0
[  234.401816][    T9] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  234.433122][ T5737] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.475345][ T5737] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.847221][ T5737] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  234.901286][ T5737] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.936154][    T9] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  234.975351][    T9] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  234.999395][ T5737] usb 4-1: config 0 descriptor??
[  235.069206][    T9] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  235.181490][    T9] usb 5-1: config 220 has no interface number 2
[  235.279064][    T9] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  235.497813][    T9] usb 5-1: config 220 interface 0 has no altsetting 0
[  235.517699][ T5743] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  235.541244][    T9] usb 5-1: config 220 interface 76 has no altsetting 0
[  235.797586][    T9] usb 5-1: config 220 interface 1 has no altsetting 0
[  235.878228][    T9] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  235.931606][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.001409][ T5737] usbhid 4-1:0.1: can't add hid device: -71
[  236.080403][ T5737] usbhid 4-1:0.1: probe with driver usbhid failed with error -71
[  236.091845][    T9] usb 5-1: Product: syz
[  236.124767][    T9] usb 5-1: Manufacturer: syz
[  236.147846][ T5743] usb 2-1: Using ep0 maxpacket: 32
[  236.303226][ T5737] usb 4-1: USB disconnect, device number 22
[  236.310081][    T9] usb 5-1: SerialNumber: syz
[  236.497862][ T5743] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  236.609316][ T5743] usb 2-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[  236.689718][ T5743] usb 2-1: config 0 has no interface number 0
[  237.021084][ T5743] usb 2-1: too many endpoints for config 0 interface 184 altsetting 186: 161, using maximum allowed: 30
[  237.068617][ T5743] usb 2-1: config 0 interface 184 altsetting 186 has 0 endpoint descriptors, different from the interface descriptor's value: 161
[  237.068653][ T5743] usb 2-1: config 0 interface 184 has no altsetting 0
[  237.410048][ T7724] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  237.820777][    T9] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  238.109567][    T9] uvcvideo 5-1:220.0: No valid video chain found.
[  238.153770][    T9] usb 5-1: selecting invalid altsetting 0
[  238.565307][    T9] usb 5-1: selecting invalid altsetting 0
[  238.759418][    T9] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  239.605770][    T9] usb 5-1: USB disconnect, device number 29
[  243.311059][ T5743] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  243.326435][ T5743] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.340930][ T5743] usb 2-1: config 0 descriptor??
[  243.350103][ T5743] usb 2-1: can't set config #0, error -32
[  245.580158][ T5743] usb 2-1: USB disconnect, device number 23
[  245.798181][ T7743] netlink: 8 bytes leftover after parsing attributes in process `syz.4.636'.
[  245.867946][ T7743] netlink: 'syz.4.636': attribute type 25 has an invalid length.
[  245.940156][ T7743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.636'.
[  246.255154][ T5629] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  246.571702][ T5629] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  246.580211][ T5629] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  246.589564][ T5629] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  246.599241][ T5629] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  246.659914][ T5631] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  246.667401][ T5631] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  246.675175][ T5631] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  246.684374][ T5631] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  246.692369][ T5631] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  248.797783][ T5629] Bluetooth: hci5: command tx timeout
[  250.867688][ T5629] Bluetooth: hci5: command tx timeout
[  252.050407][ T7787] syzkaller1: entered promiscuous mode
[  252.075286][ T7787] syzkaller1: entered allmulticast mode
[  252.130335][ T7793] netlink: 12 bytes leftover after parsing attributes in process `syz.4.647'.
[  253.185886][ T5631] Bluetooth: hci5: command tx timeout
[  255.468350][ T5629] Bluetooth: hci5: command tx timeout
[  256.602262][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  256.609637][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[  258.417628][    C1] sched: DL replenish lagged too much
[  317.051118][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  317.058076][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[  365.337565][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  365.337587][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P7796/1:b..l P7794/1:b..l P7792/1:b..l P7798/1:b..l
[  365.338160][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=36449, q=1371 ncpus=2)
[  365.338186][    C0] task:syz.4.647       state:R  running task     stack:28520 pid:7798  tgid:7792  ppid:5641   task_flags:0x400040 flags:0x00080002
[  365.338260][    C0] Call Trace:
[  365.338272][    C0]  <TASK>
[  365.338287][    C0]  __schedule+0x17b4/0x5680
[  365.338329][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[  365.338367][    C0]  ? __pfx___schedule+0x10/0x10
[  365.338407][    C0]  preempt_schedule_irq+0x4d/0xa0
[  365.338441][    C0]  irqentry_exit+0x14f/0x730
[  365.338465][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.338499][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  365.338521][    C0] RIP: 0010:__read_once_word_nocheck+0x3/0x10
[  365.338548][    C0] Code: 00 48 ba 00 00 00 00 00 fc ff df e9 88 fc ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 8b 07 <e9> 48 14 34 0a cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  365.338566][    C0] RSP: 0018:ffffc90003747710 EFLAGS: 00000202
[  365.338584][    C0] RAX: ffffffff81000130 RBX: ffffc90003747f40 RCX: 1ffff920006e8e01
[  365.338599][    C0] RDX: ffffffff916c47fe RSI: 0000000000000002 RDI: ffffc90003747f40
[  365.338614][    C0] RBP: 1ffff920006e8efe R08: 0000000000000001 R09: ffffffff8e95cd60
[  365.338628][    C0] R10: ffffc90003747838 R11: ffffffff81b0d870 R12: ffffc90003748000
[  365.338643][    C0] R13: 1ffff920006e8eff R14: ffffc900037477e8 R15: ffffc90003740000
[  365.338663][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  365.338694][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.338721][    C0]  unwind_next_frame+0xed7/0x2550
[  365.338752][    C0]  ? unwind_next_frame+0xa6/0x2550
[  365.338776][    C0]  ? do_syscall_64+0x15f/0xf80
[  365.338805][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  365.338834][    C0]  arch_stack_walk+0x11b/0x150
[  365.338864][    C0]  ? do_syscall_64+0x15f/0xf80
[  365.338893][    C0]  stack_trace_save+0xa9/0x100
[  365.338921][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  365.338960][    C0]  save_stack+0x122/0x230
[  365.338989][    C0]  ? __pfx_save_stack+0x10/0x10
[  365.339014][    C0]  ? __free_frozen_pages+0xbc7/0xd30
[  365.339040][    C0]  ? __slab_free+0x274/0x2c0
[  365.339064][    C0]  ? qlist_free_all+0x99/0x100
[  365.339087][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[  365.339130][    C0]  ? __kasan_kmalloc+0x22/0xb0
[  365.339158][    C0]  ? __kmalloc_noprof+0x35c/0x760
[  365.339185][    C0]  ? security_sk_alloc+0x52/0x360
[  365.339216][    C0]  ? sk_prot_alloc+0x101/0x210
[  365.339243][    C0]  ? sk_alloc+0x3a/0x390
[  365.339267][    C0]  ? __netlink_create+0x65/0x260
[  365.339291][    C0]  ? netlink_create+0x3ca/0x590
[  365.339319][    C0]  ? __sock_create+0x4b2/0x9d0
[  365.339340][    C0]  ? __sys_socket+0xd6/0x1b0
[  365.339361][    C0]  ? __x64_sys_socket+0x7a/0x90
[  365.339383][    C0]  ? do_syscall_64+0x15f/0xf80
[  365.339429][    C0]  __reset_page_owner+0x71/0x1f0
[  365.339463][    C0]  __free_frozen_pages+0xbc7/0xd30
[  365.339501][    C0]  __slab_free+0x274/0x2c0
[  365.339538][    C0]  ? qlist_free_all+0x8e/0x100
[  365.339570][    C0]  qlist_free_all+0x99/0x100
[  365.339601][    C0]  kasan_quarantine_reduce+0x148/0x160
[  365.339633][    C0]  __kasan_kmalloc+0x22/0xb0
[  365.339664][    C0]  __kmalloc_noprof+0x35c/0x760
[  365.339692][    C0]  ? security_sk_alloc+0x52/0x360
[  365.339720][    C0]  ? __kmalloc_noprof+0x1b8/0x760
[  365.339751][    C0]  security_sk_alloc+0x52/0x360
[  365.339786][    C0]  sk_prot_alloc+0x101/0x210
[  365.339815][    C0]  ? sk_alloc+0x27/0x390
[  365.339836][    C0]  sk_alloc+0x3a/0x390
[  365.339858][    C0]  __netlink_create+0x65/0x260
[  365.339879][    C0]  netlink_create+0x3ca/0x590
[  365.339901][    C0]  ? __pfx_nfnetlink_unbind+0x10/0x10
[  365.339919][    C0]  ? __pfx_nfnetlink_bind+0x10/0x10
[  365.339939][    C0]  __sock_create+0x4b2/0x9d0
[  365.339962][    C0]  __sys_socket+0xd6/0x1b0
[  365.339980][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.339997][    C0]  __x64_sys_socket+0x7a/0x90
[  365.340014][    C0]  do_syscall_64+0x15f/0xf80
[  365.340033][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.340055][    C0]  ? clear_bhb_loop+0x40/0x90
[  365.340074][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.340089][    C0] RIP: 0033:0x7f1a1a99cdd9
[  365.340103][    C0] RSP: 002b:00007f1a1b813028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  365.340120][    C0] RAX: ffffffffffffffda RBX: 00007f1a1ac16270 RCX: 00007f1a1a99cdd9
[  365.340132][    C0] RDX: 000000000000000c RSI: 0000000000000003 RDI: 0000000000000010
[  365.340141][    C0] RBP: 00007f1a1aa32d69 R08: 0000000000000000 R09: 0000000000000000
[  365.340174][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.340188][    C0] R13: 00007f1a1ac16308 R14: 00007f1a1ac16270 R15: 00007f1a1ad3fa48
[  365.340221][    C0]  </TASK>
[  365.340231][    C0] task:syz.4.647       state:R  running task     stack:24408 pid:7792  tgid:7792  ppid:5641   task_flags:0x400040 flags:0x00080002
[  365.340295][    C0] Call Trace:
[  365.340303][    C0]  <TASK>
[  365.340316][    C0]  __schedule+0x17b4/0x5680
[  365.340363][    C0]  ? is_bpf_text_address+0x292/0x2b0
[  365.340394][    C0]  ? unwind_get_return_address+0x4d/0x90
[  365.340428][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[  365.340453][    C0]  ? __pfx___schedule+0x10/0x10
[  365.340482][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  365.340520][    C0]  preempt_schedule_irq+0x4d/0xa0
[  365.340544][    C0]  irqentry_exit+0x14f/0x730
[  365.340569][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.340602][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  365.340623][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70
[  365.340650][    C0] Code: 89 fb e8 23 00 00 00 48 8b 3d f4 a3 60 0c 48 89 de 5b e9 b3 ea 5f 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0d d8 53 73 11 65 8b 15 f9 53 73
[  365.340667][    C0] RSP: 0018:ffffc90003807470 EFLAGS: 00000286
[  365.340685][    C0] RAX: 1ffffffff34976f0 RBX: 0000000000055fd5 RCX: ffff888031991ec0
[  365.340700][    C0] RDX: 0000000000000000 RSI: 0000000000005fd5 RDI: 0000000000000000
[  365.340712][    C0] RBP: dffffc0000000000 R08: ffff88801d5df28f R09: 1ffff11003abbe51
[  365.340727][    C0] R10: dffffc0000000000 R11: ffffed1003abbe52 R12: 0000000000000000
[  365.340741][    C0] R13: 0000000000055fd5 R14: dffffc0000000000 R15: ffff88801d5df290
[  365.340772][    C0]  __page_table_check_zero+0x28e/0x3e0
[  365.340800][    C0]  ? __page_table_check_zero+0x6a/0x3e0
[  365.340832][    C0]  __free_frozen_pages+0xbd7/0xd30
[  365.340867][    C0]  __slab_free+0x274/0x2c0
[  365.340905][    C0]  qlist_free_all+0x99/0x100
[  365.340930][    C0]  ? vm_area_dup+0x2b/0x680
[  365.340958][    C0]  kasan_quarantine_reduce+0x148/0x160
[  365.340986][    C0]  __kasan_slab_alloc+0x22/0x80
[  365.341015][    C0]  kmem_cache_alloc_noprof+0x2bc/0x650
[  365.341040][    C0]  ? vm_area_dup+0x2b/0x680
[  365.341066][    C0]  ? kmem_cache_alloc_noprof+0x15a/0x650
[  365.341094][    C0]  vm_area_dup+0x2b/0x680
[  365.341119][    C0]  __split_vma+0x1dc/0xa40
[  365.341153][    C0]  ? __pfx___split_vma+0x10/0x10
[  365.341194][    C0]  vma_modify+0x88a/0x1e10
[  365.341230][    C0]  vma_modify_flags+0x24b/0x330
[  365.341253][    C0]  ? __pfx_vma_modify_flags+0x10/0x10
[  365.341286][    C0]  ? rcu_is_watching+0x15/0xb0
[  365.341310][    C0]  ? percpu_counter_add_batch+0xea/0x1d0
[  365.341339][    C0]  ? __vm_enough_memory+0x11b/0x380
[  365.341365][    C0]  mprotect_fixup+0x62a/0xb60
[  365.341400][    C0]  ? __pfx_mprotect_fixup+0x10/0x10
[  365.341457][    C0]  ? apparmor_file_mprotect+0x1d0/0x400
[  365.341477][    C0]  ? security_file_mprotect+0x1a/0x290
[  365.341505][    C0]  do_mprotect_pkey+0x8d5/0xd20
[  365.341538][    C0]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  365.341555][    C0]  ? vm_mmap_pgoff+0x373/0x4f0
[  365.341588][    C0]  ? vm_mmap_pgoff+0x3b1/0x4f0
[  365.341617][    C0]  ? __pfx___se_sys_futex+0x10/0x10
[  365.341641][    C0]  ? rcu_is_watching+0x15/0xb0
[  365.341670][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.341692][    C0]  __x64_sys_mprotect+0x80/0x90
[  365.341722][    C0]  do_syscall_64+0x15f/0xf80
[  365.341746][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.341774][    C0]  ? clear_bhb_loop+0x40/0x90
[  365.341798][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.341818][    C0] RIP: 0033:0x7f1a1a99cbd7
[  365.341835][    C0] RSP: 002b:00007f1a1ad3f9e8 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  365.341855][    C0] RAX: ffffffffffffffda RBX: 00007f1a1b7f26c0 RCX: 00007f1a1a99cbd7
[  365.341870][    C0] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007f1a1b7d3000
[  365.341883][    C0] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[  365.341895][    C0] R10: 0000000000021000 R11: 0000000000000206 R12: 00007f1a1ad3fb40
[  365.341909][    C0] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[  365.341939][    C0]  </TASK>
[  365.341948][    C0] task:syz.4.647       state:R  running task     stack:26984 pid:7794  tgid:7792  ppid:5641   task_flags:0x40044c flags:0x00080002
[  365.342009][    C0] Call Trace:
[  365.342016][    C0]  <TASK>
[  365.342028][    C0]  __schedule+0x17b4/0x5680
[  365.342086][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[  365.342108][    C0]  ? __pfx___schedule+0x10/0x10
[  365.342132][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[  365.342161][    C0]  preempt_schedule_irq+0x4d/0xa0
[  365.342184][    C0]  irqentry_exit+0x14f/0x730
[  365.342207][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.342238][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  365.342258][    C0] RIP: 0010:lock_release+0x2d7/0x3c0
[  365.342277][    C0] Code: 73 97 11 00 00 00 00 eb b5 e8 55 63 06 0a f7 c3 00 02 00 00 74 b9 65 48 8b 05 45 2e 97 11 48 3b 44 24 28 75 44 fb 48 83 c4 30 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d c2 2f 92
[  365.342293][    C0] RSP: 0018:ffffc900037c74c0 EFLAGS: 00000286
[  365.342310][    C0] RAX: d97b3316e4b23800 RBX: 0000000000000202 RCX: 0000000000000046
[  365.342322][    C0] RDX: 0000000000000001 RSI: ffffffff8e2189d3 RDI: ffffffff8c28ac60
[  365.342335][    C0] RBP: ffff888029c3c938 R08: ffffc900037c7a80 R09: 0000000000000000
[  365.342348][    C0] R10: ffffc900037c7618 R11: fffff520006f8ec5 R12: 0000000000000001
[  365.342361][    C0] R13: 0000000000000001 R14: ffffffff8e95cd60 R15: ffff888029c3bd80
[  365.342392][    C0]  ? unwind_next_frame+0xa6/0x2550
[  365.342422][    C0]  unwind_next_frame+0x1bba/0x2550
[  365.342451][    C0]  ? unwind_next_frame+0xa6/0x2550
[  365.342473][    C0]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[  365.342500][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  365.342528][    C0]  arch_stack_walk+0x11b/0x150
[  365.342556][    C0]  ? taskstats_exit+0x14a/0xa70
[  365.342585][    C0]  stack_trace_save+0xa9/0x100
[  365.342611][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  365.342647][    C0]  save_stack+0x122/0x230
[  365.342675][    C0]  ? __pfx_save_stack+0x10/0x10
[  365.342698][    C0]  ? __free_frozen_pages+0xbc7/0xd30
[  365.342721][    C0]  ? __slab_free+0x274/0x2c0
[  365.342744][    C0]  ? qlist_free_all+0x99/0x100
[  365.342765][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[  365.342787][    C0]  ? __kasan_slab_alloc+0x22/0x80
[  365.342810][    C0]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[  365.342844][    C0]  ? page_ext_put+0x97/0xc0
[  365.342873][    C0]  __reset_page_owner+0x71/0x1f0
[  365.342900][    C0]  __free_frozen_pages+0xbc7/0xd30
[  365.342933][    C0]  __slab_free+0x274/0x2c0
[  365.342963][    C0]  ? qlist_free_all+0x8e/0x100
[  365.342990][    C0]  qlist_free_all+0x99/0x100
[  365.343012][    C0]  ? taskstats_exit+0x14a/0xa70
[  365.343038][    C0]  kasan_quarantine_reduce+0x148/0x160
[  365.343064][    C0]  __kasan_slab_alloc+0x22/0x80
[  365.343091][    C0]  kmem_cache_alloc_noprof+0x2bc/0x650
[  365.343114][    C0]  ? taskstats_exit+0x14a/0xa70
[  365.343138][    C0]  ? kmem_cache_alloc_noprof+0x15a/0x650
[  365.343165][    C0]  taskstats_exit+0x14a/0xa70
[  365.343193][    C0]  ? seccomp_filter_release+0x18a/0x2d0
[  365.343216][    C0]  do_exit+0x682/0x22c0
[  365.343248][    C0]  ? __pfx_do_exit+0x10/0x10
[  365.343275][    C0]  ? do_raw_spin_lock+0x12b/0x2f0
[  365.343310][    C0]  do_group_exit+0x21b/0x2d0
[  365.343334][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  365.343359][    C0]  get_signal+0x1284/0x1330
[  365.343396][    C0]  arch_do_signal_or_restart+0xbc/0x830
[  365.343433][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  365.343476][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.343497][    C0]  exit_to_user_mode_loop+0x86/0x480
[  365.343515][    C0]  ? rcu_is_watching+0x15/0xb0
[  365.343538][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.343558][    C0]  do_syscall_64+0x33e/0xf80
[  365.343581][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.343607][    C0]  ? clear_bhb_loop+0x40/0x90
[  365.343630][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.343648][    C0] RIP: 0033:0x7f1a1a99cdd9
[  365.343664][    C0] RSP: 002b:00007f1a1b855028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  365.343683][    C0] RAX: 000000000000000b RBX: 00007f1a1ac16090 RCX: 00007f1a1a99cdd9
[  365.343696][    C0] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000009
[  365.343709][    C0] RBP: 00007f1a1aa32d69 R08: 0000000000000000 R09: 0000000000000000
[  365.343721][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.343732][    C0] R13: 00007f1a1ac16128 R14: 00007f1a1ac16090 R15: 00007f1a1ad3fa48
[  365.343762][    C0]  </TASK>
[  365.343769][    C0] task:syz.4.647       state:R  running task     stack:26360 pid:7796  tgid:7792  ppid:5641   task_flags:0x40044c flags:0x00080002
[  365.343825][    C0] Call Trace:
[  365.343832][    C0]  <TASK>
[  365.343843][    C0]  __schedule+0x17b4/0x5680
[  365.343892][    C0]  ? __pfx___schedule+0x10/0x10
[  365.343915][    C0]  ? irqentry_exit+0x218/0x730
[  365.343938][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.343974][    C0]  preempt_schedule_notrace+0x57/0x90
[  365.343996][    C0]  preempt_schedule_notrace_thunk+0x16/0x30
[  365.344025][    C0]  ? unwind_next_frame+0xa6/0x2550
[  365.344050][    C0]  rcu_is_watching+0x7f/0xb0
[  365.344070][    C0]  ? __unwind_start+0xf7/0x760
[  365.344092][    C0]  ? unwind_next_frame+0xa6/0x2550
[  365.344112][    C0]  unwind_next_frame+0xd5/0x2550
[  365.344140][    C0]  ? is_bpf_text_address+0x26/0x2b0
[  365.344160][    C0]  ? get_stack_info_noinstr+0x1b/0x130
[  365.344185][    C0]  __unwind_start+0x5b8/0x760
[  365.344211][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  365.344239][    C0]  arch_stack_walk+0xe3/0x150
[  365.344266][    C0]  ? __unwind_start+0xf7/0x760
[  365.344292][    C0]  stack_trace_save+0xa9/0x100
[  365.344319][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  365.344355][    C0]  save_stack+0x122/0x230
[  365.344382][    C0]  ? __pfx_save_stack+0x10/0x10
[  365.344426][    C0]  ? page_ext_put+0x97/0xc0
[  365.344455][    C0]  __reset_page_owner+0x71/0x1f0
[  365.344501][    C0]  __free_frozen_pages+0xbc7/0xd30
[  365.344536][    C0]  __slab_free+0x274/0x2c0
[  365.344569][    C0]  ? qlist_free_all+0x8e/0x100
[  365.344597][    C0]  qlist_free_all+0x99/0x100
[  365.344621][    C0]  ? taskstats_exit+0x14a/0xa70
[  365.344648][    C0]  kasan_quarantine_reduce+0x148/0x160
[  365.344677][    C0]  __kasan_slab_alloc+0x22/0x80
[  365.344705][    C0]  kmem_cache_alloc_noprof+0x2bc/0x650
[  365.344729][    C0]  ? taskstats_exit+0x14a/0xa70
[  365.344755][    C0]  ? kmem_cache_alloc_noprof+0x15a/0x650
[  365.344785][    C0]  taskstats_exit+0x14a/0xa70
[  365.344814][    C0]  ? seccomp_filter_release+0x18a/0x2d0
[  365.344838][    C0]  do_exit+0x682/0x22c0
[  365.344883][    C0]  ? __pfx_do_exit+0x10/0x10
[  365.344910][    C0]  ? do_raw_spin_lock+0x12b/0x2f0
[  365.344945][    C0]  do_group_exit+0x21b/0x2d0
[  365.344968][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  365.344992][    C0]  get_signal+0x1284/0x1330
[  365.345029][    C0]  arch_do_signal_or_restart+0xbc/0x830
[  365.345060][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  365.345102][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.345123][    C0]  exit_to_user_mode_loop+0x86/0x480
[  365.345141][    C0]  ? rcu_is_watching+0x15/0xb0
[  365.345164][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.345184][    C0]  do_syscall_64+0x33e/0xf80
[  365.345207][    C0]  ? trace_irq_disable+0x3b/0x140
[  365.345233][    C0]  ? clear_bhb_loop+0x40/0x90
[  365.345256][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.345274][    C0] RIP: 0033:0x7f1a1a99cdd9
[  365.345289][    C0] RSP: 002b:00007f1a1b8340e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  365.345308][    C0] RAX: fffffffffffffe00 RBX: 00007f1a1ac16188 RCX: 00007f1a1a99cdd9
[  365.345322][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1a1ac16188
[  365.345334][    C0] RBP: 00007f1a1ac16180 R08: 0000000000000000 R09: 0000000000000000
[  365.345346][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.345374][    C0] R13: 00007f1a1ac16218 R14: 00007f1a1ad3f960 R15: 00007f1a1ad3fa48
[  365.345406][    C0]  </TASK>
[  365.345421][    C0] rcu: rcu_preempt kthread starved for 4424 jiffies! g36449 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  365.345443][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  365.345454][    C0] rcu: RCU grace-period kthread stack dump:
[  365.345461][    C0] task:rcu_preempt     state:R  running task     stack:27544 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  365.345521][    C0] Call Trace:
[  365.345528][    C0]  <TASK>
[  365.345540][    C0]  __schedule+0x17b4/0x5680
[  365.345592][    C0]  ? __pfx___schedule+0x10/0x10
[  365.345624][    C0]  ? schedule+0x90/0x360
[  365.345650][    C0]  schedule+0x164/0x360
[  365.345686][    C0]  schedule_timeout+0x158/0x2c0
[  365.345708][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  365.345728][    C0]  ? __pfx_process_timeout+0x10/0x10
[  365.345758][    C0]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  365.345780][    C0]  ? prepare_to_swait_event+0x340/0x370
[  365.345812][    C0]  rcu_gp_fqs_loop+0x312/0x11d0
[  365.345843][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  365.345864][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  365.345882][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  365.345907][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  365.345933][    C0]  rcu_gp_kthread+0x9e/0x2b0
[  365.345955][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  365.345972][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  365.345995][    C0]  ? __kthread_parkme+0x7a/0x1f0
[  365.346016][    C0]  ? __kthread_parkme+0x19c/0x1f0
[  365.346042][    C0]  kthread+0x388/0x470
[  365.346066][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  365.346084][    C0]  ? __pfx_kthread+0x10/0x10
[  365.346108][    C0]  ret_from_fork+0x514/0xb70
[  365.346130][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  365.346150][    C0]  ? __switch_to+0xc79/0x1410
[  365.346179][    C0]  ? __pfx_kthread+0x10/0x10
[  365.346203][    C0]  ret_from_fork_asm+0x1a/0x30
[  365.346240][    C0]  </TASK>
[  365.346247][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  365.346263][    C0] Sending NMI from CPU 0 to CPUs 1:
[  365.346286][    C1] NMI backtrace for cpu 1
[  365.346324][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  365.346355][    C1] Tainted: [L]=SOFTLOCKUP
[  365.346362][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  365.346376][    C1] RIP: 0010:0xffffffffa00037e4
[  365.346394][    C1] Code: e3 cc 41 ff e3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 41 ff e3 cc <41> ff e3 cc 41 ff e3 cc 41 ff e3 cc 41 ff e3 cc 41 ff e3 cc 41 ff
[  365.346407][    C1] RSP: 0018:ffffc90000a07f60 EFLAGS: 00000286
[  365.346421][    C1] RAX: ffffffff82259842 RBX: ffffc90000a08020 RCX: 0000000080000100
[  365.346432][    C1] RDX: 0000000000000001 RSI: ffffffff82259842 RDI: ffffc90000a08020
[  365.346443][    C1] RBP: ffffc90000a07ff0 R08: ffffc90000a08310 R09: 0000000000000000
[  365.346454][    C1] R10: ffffc90000a07fb8 R11: ffffffff81b0d870 R12: ffff88801dad8000
[  365.346465][    C1] R13: 0000000000000000 R14: ffffffff81b0d870 R15: ffffc90000a07f68
[  365.346476][    C1] FS:  0000000000000000(0000) GS:ffff888125390000(0000) knlGS:0000000000000000
[  365.346489][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  365.346499][    C1] CR2: 00007f7dd4e41412 CR3: 00000000774f2000 CR4: 00000000003526f0
[  365.346514][    C1] Call Trace:
[  365.346520][    C1]  <IRQ>
[  365.346525][    C1]  ? arch_stack_walk+0x10f/0x150
[  365.346546][    C1]  ? kmem_cache_free+0x182/0x650
[  365.346569][    C1]  stack_trace_save+0xa9/0x100
[  365.346602][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  365.346622][    C1]  ? kfree+0x1c5/0x640
[  365.346637][    C1]  ? nft_synproxy_do_eval+0x3ce/0x580
[  365.346664][    C1]  ? nft_do_chain+0x467/0x19f0
[  365.346678][    C1]  ? nft_do_chain_inet+0x360/0x4b0
[  365.346691][    C1]  ? nf_hook_slow+0xc5/0x220
[  365.346712][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  365.346727][    C1]  kasan_save_track+0x3e/0x80
[  365.346745][    C1]  ? kasan_save_track+0x3e/0x80
[  365.346763][    C1]  ? kasan_save_free_info+0x46/0x50
[  365.346777][    C1]  ? __kasan_slab_free+0x5c/0x80
[  365.346819][    C1]  ? nft_synproxy_eval_v6+0x352/0x4e0
[  365.346840][    C1]  kasan_save_free_info+0x46/0x50
[  365.346855][    C1]  __kasan_slab_free+0x5c/0x80
[  365.346875][    C1]  kmem_cache_free+0x182/0x650
[  365.346897][    C1]  nft_synproxy_eval_v6+0x352/0x4e0
[  365.346922][    C1]  ? __pfx_nft_synproxy_eval_v6+0x10/0x10
[  365.346942][    C1]  ? do_raw_spin_lock+0x12b/0x2f0
[  365.346963][    C1]  ? nf_ip_checksum+0x13c/0x510
[  365.346980][    C1]  nft_synproxy_do_eval+0x3ce/0x580
[  365.347000][    C1]  ? lock_acquire+0x106/0x350
[  365.347017][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  365.347059][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  365.347079][    C1]  nft_do_chain+0x467/0x19f0
[  365.347095][    C1]  ? lockdep_hardirqs_on+0x7a/0x110
[  365.347113][    C1]  ? ip6t_do_table+0x1df/0x1560
[  365.347128][    C1]  ? __local_bh_enable_ip+0xd0/0x130
[  365.347148][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  365.347184][    C1]  nft_do_chain_inet+0x360/0x4b0
[  365.347200][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  365.347214][    C1]  ? nf_nat_ipv6_local_in+0x157/0x660
[  365.347236][    C1]  ? __pfx_nf_nat_ipv6_local_in+0x10/0x10
[  365.347255][    C1]  ? lock_acquire+0x106/0x350
[  365.347271][    C1]  ? NF_HOOK+0x9e/0x3c0
[  365.347291][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  365.347318][    C1]  nf_hook_slow+0xc5/0x220
[  365.347340][    C1]  NF_HOOK+0x21f/0x3c0
[  365.347360][    C1]  ? __pfx_ip6_input_finish+0x10/0x10
[  365.347379][    C1]  ? NF_HOOK+0x9e/0x3c0
[  365.347397][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  365.347418][    C1]  ? __pfx_ip6_input_finish+0x10/0x10
[  365.347444][    C1]  ip6_input+0x16a/0x270
[  365.347462][    C1]  ? ip6_input+0x23/0x270
[  365.347482][    C1]  NF_HOOK+0x336/0x3c0
[  365.347502][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  365.347521][    C1]  ? NF_HOOK+0x9e/0x3c0
[  365.347539][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  365.347559][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  365.347583][    C1]  ? process_backlog+0x3eb/0x1950
[  365.347599][    C1]  process_backlog+0x7dd/0x1950
[  365.347624][    C1]  __napi_poll+0xae/0x340
[  365.347637][    C1]  ? skb_defer_free_flush+0x233/0x260
[  365.347654][    C1]  net_rx_action+0x627/0xf70
[  365.347678][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  365.347701][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  365.347730][    C1]  handle_softirqs+0x22a/0x840
[  365.347746][    C1]  ? __irq_exit_rcu+0xca/0x220
[  365.347764][    C1]  __irq_exit_rcu+0xca/0x220
[  365.347778][    C1]  irq_exit_rcu+0x9/0x30
[  365.347791][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  365.347808][    C1]  </IRQ>
[  365.347812][    C1]  <TASK>
[  365.347818][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  365.347833][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  365.347850][    C1] Code: 1b 7e 02 e9 93 f6 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 31 21 00 fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
[  365.347862][    C1] RSP: 0018:ffffc90000197e20 EFLAGS: 00000242
[  365.347874][    C1] RAX: 0000000002166a7f RBX: ffffffff819a814a RCX: 0000000080000001
[  365.347884][    C1] RDX: 0000000000000001 RSI: ffffffff8dfa5add RDI: ffffffff8c28ac60
[  365.347894][    C1] RBP: ffffc90000197f10 R08: ffff8880b87339db R09: 1ffff110170e673b
[  365.347904][    C1] R10: dffffc0000000000 R11: ffffed10170e673c R12: 0000000000000001
[  365.347914][    C1] R13: 1ffff11003b5b000 R14: 0000000000000001 R15: 1ffff11003b5b000
[  365.347926][    C1]  ? do_idle+0x36a/0x5f0
[  365.347946][    C1]  default_idle+0x9/0x20
[  365.347965][    C1]  default_idle_call+0x72/0xb0
[  365.347985][    C1]  do_idle+0x36a/0x5f0
[  365.348017][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  365.348036][    C1]  ? __pfx_do_idle+0x10/0x10
[  365.348058][    C1]  cpu_startup_entry+0x43/0x60
[  365.348075][    C1]  start_secondary+0x101/0x110
[  365.348089][    C1]  common_startup_64+0x13e/0x147
[  365.348117][    C1]  </TASK>
[  378.492718][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  378.499588][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[  381.164521][ T5629] Bluetooth: hci5: command tx timeout
[  419.417742][   T31] INFO: task kworker/u8:4:57 blocked for more than 160 seconds.
[  419.417771][   T31]       Tainted: G             L      syzkaller #0
[  419.417784][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  419.417794][   T31] task:kworker/u8:4    state:D stack:23256 pid:57    tgid:57    ppid:2      task_flags:0x4208060 flags:0x00080000
[  419.417851][   T31] Workqueue: ipv6_addrconf addrconf_dad_work
[  419.417879][   T31] Call Trace:
[  419.417887][   T31]  <TASK>
[  419.417901][   T31]  __schedule+0x17b4/0x5680
[  419.417957][   T31]  ? __pfx___schedule+0x10/0x10
[  419.417990][   T31]  ? schedule+0x90/0x360
[  419.418017][   T31]  schedule+0x164/0x360
[  419.418050][   T31]  schedule_preempt_disabled+0x13/0x30
[  419.418075][   T31]  __mutex_lock+0x7f7/0x1550
[  419.418100][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  419.418128][   T31]  ? __mutex_lock+0x608/0x1550
[  419.418157][   T31]  ? addrconf_dad_work+0x11e/0x14c0
[  419.418264][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  419.418310][   T31]  addrconf_dad_work+0x11e/0x14c0
[  419.418332][   T31]  ? lock_acquire+0x106/0x350
[  419.418351][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  419.418378][   T31]  ? __pfx_addrconf_dad_work+0x10/0x10
[  419.418397][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.418419][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.418434][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.418452][   T31]  process_scheduled_works+0xb5d/0x1860
[  419.418489][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  419.418510][   T31]  ? assign_work+0x3d5/0x5e0
[  419.418530][   T31]  worker_thread+0xa53/0xfc0
[  419.418573][   T31]  kthread+0x388/0x470
[  419.418612][   T31]  ? __pfx_worker_thread+0x10/0x10
[  419.418646][   T31]  ? __pfx_kthread+0x10/0x10
[  419.418669][   T31]  ret_from_fork+0x514/0xb70
[  419.418690][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  419.418709][   T31]  ? __switch_to+0xc79/0x1410
[  419.418737][   T31]  ? __pfx_kthread+0x10/0x10
[  419.418760][   T31]  ret_from_fork_asm+0x1a/0x30
[  419.418797][   T31]  </TASK>
[  419.418828][   T31] INFO: task kworker/u8:6:1037 blocked for more than 160 seconds.
[  419.418844][   T31]       Tainted: G             L      syzkaller #0
[  419.418855][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  419.418863][   T31] task:kworker/u8:6    state:D stack:22528 pid:1037  tgid:1037  ppid:2      task_flags:0x4208060 flags:0x00080000
[  419.418912][   T31] Workqueue: events_unbound linkwatch_event
[  419.418940][   T31] Call Trace:
[  419.418946][   T31]  <TASK>
[  419.418957][   T31]  __schedule+0x17b4/0x5680
[  419.419005][   T31]  ? __pfx___schedule+0x10/0x10
[  419.419042][   T31]  ? schedule+0x90/0x360
[  419.419068][   T31]  schedule+0x164/0x360
[  419.419092][   T31]  schedule_preempt_disabled+0x13/0x30
[  419.419114][   T31]  __mutex_lock+0x7f7/0x1550
[  419.419145][   T31]  ? __mutex_lock+0x608/0x1550
[  419.419177][   T31]  ? linkwatch_event+0xe/0x60
[  419.419204][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  419.419239][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.419257][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.419277][   T31]  linkwatch_event+0xe/0x60
[  419.419302][   T31]  process_scheduled_works+0xb5d/0x1860
[  419.419354][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  419.419384][   T31]  ? assign_work+0x3d5/0x5e0
[  419.419412][   T31]  worker_thread+0xa53/0xfc0
[  419.419463][   T31]  kthread+0x388/0x470
[  419.419492][   T31]  ? __pfx_worker_thread+0x10/0x10
[  419.419513][   T31]  ? __pfx_kthread+0x10/0x10
[  419.419542][   T31]  ret_from_fork+0x514/0xb70
[  419.419569][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  419.419593][   T31]  ? __switch_to+0xc79/0x1410
[  419.419628][   T31]  ? __pfx_kthread+0x10/0x10
[  419.419658][   T31]  ret_from_fork_asm+0x1a/0x30
[  419.419702][   T31]  </TASK>
[  419.419800][   T31] INFO: task kworker/1:3:5623 blocked for more than 160 seconds.
[  419.419821][   T31]       Tainted: G             L      syzkaller #0
[  419.419835][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  419.419845][   T31] task:kworker/1:3     state:D stack:22280 pid:5623  tgid:5623  ppid:2      task_flags:0x4208060 flags:0x00080000
[  419.419905][   T31] Workqueue: events drm_fb_helper_damage_work
[  419.419940][   T31] Call Trace:
[  419.419949][   T31]  <TASK>
[  419.419962][   T31]  __schedule+0x17b4/0x5680
[  419.420022][   T31]  ? __pfx___schedule+0x10/0x10
[  419.420067][   T31]  ? schedule+0x90/0x360
[  419.420096][   T31]  schedule+0x164/0x360
[  419.420124][   T31]  schedule_preempt_disabled+0x13/0x30
[  419.420150][   T31]  __mutex_lock+0x7f7/0x1550
[  419.420177][   T31]  ? __kasan_slab_free+0x5c/0x80
[  419.420205][   T31]  ? kfree+0x1c5/0x640
[  419.420229][   T31]  ? process_scheduled_works+0xb5d/0x1860
[  419.420258][   T31]  ? __mutex_lock+0x608/0x1550
[  419.420290][   T31]  ? drm_fb_helper_damage_work+0x125/0x750
[  419.420326][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  419.420369][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  419.420399][   T31]  ? lock_acquire+0x106/0x350
[  419.420425][   T31]  drm_fb_helper_damage_work+0x125/0x750
[  419.420466][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.420490][   T31]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  419.420529][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.420551][   T31]  ? process_scheduled_works+0xa70/0x1860
[  419.420576][   T31]  process_scheduled_works+0xb5d/0x1860
[  419.420633][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  419.420664][   T31]  ? assign_work+0x3d5/0x5e0
[  419.420693][   T31]  worker_thread+0xa53/0xfc0
[  419.420746][   T31]  kthread+0x388/0x470
[  419.420774][   T31]  ? __pfx_worker_thread+0x10/0x10
[  419.420797][   T31]  ? __pfx_kthread+0x10/0x10
[  419.420826][   T31]  ret_from_fork+0x514/0xb70
[  419.420853][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  419.420877][   T31]  ? __switch_to+0xc79/0x1410
[  419.420912][   T31]  ? __pfx_kthread+0x10/0x10
[  419.420941][   T31]  ret_from_fork_asm+0x1a/0x30
[  419.420985][   T31]  </TASK>
[  419.421040][   T31] INFO: task syz-executor:7759 blocked for more than 160 seconds.
[  419.421059][   T31]       Tainted: G             L      syzkaller #0
[  419.421072][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  419.421082][   T31] task:syz-executor    state:D stack:23304 pid:7759  tgid:7759  ppid:7738   task_flags:0x400140 flags:0x00080000
[  419.421141][   T31] Call Trace:
[  419.421150][   T31]  <TASK>
[  419.421164][   T31]  __schedule+0x17b4/0x5680
[  419.421213][   T31]  ? stack_depot_save_flags+0x33/0x810
[  419.421249][   T31]  ? __pfx___schedule+0x10/0x10
[  419.421285][   T31]  ? schedule+0x90/0x360
[  419.421315][   T31]  schedule+0x164/0x360
[  419.421343][   T31]  schedule_preempt_disabled+0x13/0x30
[  419.421369][   T31]  __mutex_lock+0x7f7/0x1550
[  419.421397][   T31]  ? __pfx___nla_validate_parse+0x10/0x10
[  419.421434][   T31]  ? __mutex_lock+0x608/0x1550
[  419.421466][   T31]  ? rtnl_newlink+0x883/0x1bb0
[  419.421506][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  419.421545][   T31]  ? ns_capable+0x89/0xe0
[  419.421574][   T31]  rtnl_newlink+0x883/0x1bb0
[  419.421614][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  419.421645][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  419.421671][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  419.421704][   T31]  ? unwind_next_frame+0xa6/0x2550
[  419.421737][   T31]  ? unwind_next_frame+0xa6/0x2550
[  419.421766][   T31]  ? is_bpf_text_address+0x26/0x2b0
[  419.421802][   T31]  ? is_bpf_text_address+0x26/0x2b0
[  419.421829][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  419.421856][   T31]  ? kernel_text_address+0xa5/0xe0
[  419.421887][   T31]  ? __kernel_text_address+0xd/0x30
[  419.421916][   T31]  ? unwind_get_return_address+0x4d/0x90
[  419.421942][   T31]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  419.421974][   T31]  ? arch_stack_walk+0xfb/0x150
[  419.422011][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  419.422060][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  419.422085][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  419.422110][   T31]  ? kmem_cache_alloc_node_noprof+0x384/0x690
[  419.422138][   T31]  ? netlink_sendmsg+0x5d4/0xb40
[  419.422168][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  419.422193][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  419.422221][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  419.422257][   T31]  netlink_rcv_skb+0x232/0x4b0
[  419.422286][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  419.422315][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  419.422356][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  419.422383][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  419.422429][   T31]  netlink_unicast+0x75c/0x8e0
[  419.422462][   T31]  netlink_sendmsg+0x813/0xb40
[  419.422498][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.422528][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  419.422555][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  419.422582][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.422609][   T31]  __sys_sendto+0x672/0x710
[  419.422637][   T31]  ? __pfx___sys_sendto+0x10/0x10
[  419.422691][   T31]  ? rcu_is_watching+0x15/0xb0
[  419.422722][   T31]  __x64_sys_sendto+0xde/0x100
[  419.422748][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.422770][   T31]  do_syscall_64+0x15f/0xf80
[  419.422795][   T31]  ? trace_irq_disable+0x3b/0x140
[  419.422823][   T31]  ? clear_bhb_loop+0x40/0x90
[  419.422848][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.422869][   T31] RIP: 0033:0x7f8f01b5d60e
[  419.422887][   T31] RSP: 002b:00007f8f01f3f688 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  419.422909][   T31] RAX: ffffffffffffffda RBX: 000055558588a500 RCX: 00007f8f01b5d60e
[  419.422924][   T31] RDX: 000000000000004c RSI: 00007f8f02944670 RDI: 0000000000000003
[  419.422938][   T31] RBP: 0000000000000001 R08: 00007f8f01f3f704 R09: 000000000000000c
[  419.422951][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  419.422963][   T31] R13: 0000000000000000 R14: 00007f8f02944670 R15: 0000000000000000
[  419.422994][   T31]  </TASK>
[  419.423004][   T31] INFO: task syz.2.646:7786 blocked for more than 160 seconds.
[  419.423021][   T31]       Tainted: G             L      syzkaller #0
[  419.423040][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  419.423050][   T31] task:syz.2.646       state:D stack:25592 pid:7786  tgid:7786  ppid:5642   task_flags:0x400040 flags:0x00080002
[  419.423103][   T31] Call Trace:
[  419.423111][   T31]  <TASK>
[  419.423123][   T31]  __schedule+0x17b4/0x5680
[  419.423178][   T31]  ? __pfx___schedule+0x10/0x10
[  419.423210][   T31]  ? schedule+0x90/0x360
[  419.423237][   T31]  schedule+0x164/0x360
[  419.423263][   T31]  schedule_preempt_disabled+0x13/0x30
[  419.423286][   T31]  __mutex_lock+0x7f7/0x1550
[  419.423312][   T31]  ? __pfx_locks_remove_file+0x10/0x10
[  419.423345][   T31]  ? __mutex_lock+0x608/0x1550
[  419.423374][   T31]  ? tun_chr_close+0x3e/0x1c0
[  419.423400][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  419.423443][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  419.423467][   T31]  tun_chr_close+0x3e/0x1c0
[  419.423493][   T31]  __fput+0x44f/0xa60
[  419.423528][   T31]  task_work_run+0x1d9/0x270
[  419.423559][   T31]  ? __pfx_task_work_run+0x10/0x10
[  419.423593][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.423615][   T31]  exit_to_user_mode_loop+0xed/0x480
[  419.423635][   T31]  ? rcu_is_watching+0x15/0xb0
[  419.423660][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.423682][   T31]  do_syscall_64+0x33e/0xf80
[  419.423706][   T31]  ? trace_irq_disable+0x3b/0x140
[  419.423734][   T31]  ? clear_bhb_loop+0x40/0x90
[  419.423759][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.423779][   T31] RIP: 0033:0x7f3a9c99cdd9
[  419.423796][   T31] RSP: 002b:00007f3a9cd3fba8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  419.423817][   T31] RAX: 0000000000000000 RBX: 00007f3a9cc17da0 RCX: 00007f3a9c99cdd9
[  419.423831][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  419.423844][   T31] RBP: 00007f3a9cc17da0 R08: 00007f3a9cc16038 R09: 0000000000000000
[  419.423857][   T31] R10: 00000000005f2b54 R11: 0000000000000246 R12: 000000000003dab6
[  419.423871][   T31] R13: 00007f3a9cc1609c R14: 000000000003d8c1 R15: 00007f3a9cc16090
[  419.423902][   T31]  </TASK>
[  419.423912][   T31] INFO: task syz.4.647:7793 blocked for more than 160 seconds.
[  419.423928][   T31]       Tainted: G             L      syzkaller #0
[  419.423939][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  419.423949][   T31] task:syz.4.647       state:D stack:26248 pid:7793  tgid:7792  ppid:5641   task_flags:0x400140 flags:0x00080002
[  419.424003][   T31] Call Trace:
[  419.424011][   T31]  <TASK>
[  419.424023][   T31]  __schedule+0x17b4/0x5680
[  419.424073][   T31]  ? ___sys_sendmsg+0x2a5/0x360
[  419.424099][   T31]  ? do_syscall_64+0x15f/0xf80
[  419.424132][   T31]  ? __pfx___schedule+0x10/0x10
[  419.424164][   T31]  ? schedule+0x90/0x360
[  419.424191][   T31]  schedule+0x164/0x360
[  419.424217][   T31]  schedule_preempt_disabled+0x13/0x30
[  419.424240][   T31]  __mutex_lock+0x7f7/0x1550
[  419.424273][   T31]  ? __mutex_lock+0x608/0x1550
[  419.424302][   T31]  ? inet_rtm_newroute+0x12b/0x250
[  419.424334][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  419.424358][   T31]  ? rtm_to_fib_config+0x107f/0x13c0
[  419.424406][   T31]  inet_rtm_newroute+0x12b/0x250
[  419.424434][   T31]  ? __local_bh_enable_ip+0xd0/0x130
[  419.424454][   T31]  ? __dev_queue_xmit+0x2b6/0x3950
[  419.424484][   T31]  ? __pfx_inet_rtm_newroute+0x10/0x10
[  419.424534][   T31]  ? __pfx_inet_rtm_newroute+0x10/0x10
[  419.424562][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  419.424590][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  419.424614][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  419.424636][   T31]  ? ref_tracker_free+0x693/0x840
[  419.424666][   T31]  ? __pfx_ref_tracker_free+0x10/0x10
[  419.424691][   T31]  ? __asan_memcpy+0x40/0x70
[  419.424714][   T31]  ? __skb_clone+0x63/0x7a0
[  419.424748][   T31]  netlink_rcv_skb+0x232/0x4b0
[  419.424775][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  419.424802][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  419.424840][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  419.424866][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  419.424897][   T31]  netlink_unicast+0x75c/0x8e0
[  419.424932][   T31]  netlink_sendmsg+0x813/0xb40
[  419.424967][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.424997][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  419.425030][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  419.425060][   T31]  ____sys_sendmsg+0x972/0x9f0
[  419.425086][   T31]  ? __might_fault+0xaf/0x130
[  419.425118][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  419.425155][   T31]  ? import_iovec+0x73/0xa0
[  419.425187][   T31]  ___sys_sendmsg+0x2a5/0x360
[  419.425213][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  419.425239][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  419.425273][   T31]  ? futex_wait+0x2a2/0x390
[  419.425326][   T31]  ? __fget_files+0x2a/0x420
[  419.425350][   T31]  ? __fget_files+0x3a0/0x420
[  419.425388][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  419.425419][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  419.425475][   T31]  ? rcu_is_watching+0x15/0xb0
[  419.425512][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.425536][   T31]  do_syscall_64+0x15f/0xf80
[  419.425563][   T31]  ? trace_irq_disable+0x3b/0x140
[  419.425594][   T31]  ? clear_bhb_loop+0x40/0x90
[  419.425622][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.425645][   T31] RIP: 0033:0x7f1a1a99cdd9
[  419.425663][   T31] RSP: 002b:00007f1a1b876028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  419.425686][   T31] RAX: ffffffffffffffda RBX: 00007f1a1ac15fa0 RCX: 00007f1a1a99cdd9
[  419.425702][   T31] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  419.425717][   T31] RBP: 00007f1a1aa32d69 R08: 0000000000000000 R09: 0000000000000000
[  419.425731][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  419.425745][   T31] R13: 00007f1a1ac16038 R14: 00007f1a1ac15fa0 R15: 00007f1a1ad3fa48
[  419.425780][   T31]  </TASK>
[  419.425803][   T31] 
[  419.425803][   T31] Showing all locks held in the system:
[  419.425813][   T31] 2 locks held by kthreadd/2:
[  419.425830][   T31] 4 locks held by kworker/u8:0/12:
[  419.425843][   T31] 4 locks held by kworker/u8:1/13:
[  419.425857][   T31] 5 locks held by kworker/1:0/24:
[  419.425871][   T31] 1 lock held by khungtaskd/31:
[  419.425884][   T31]  #0: ffffffff8e95cd60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  419.425948][   T31] 4 locks held by kcompactd0/34:
[  419.425961][   T31] 3 locks held by kworker/u8:2/36:
[  419.425976][   T31] 4 locks held by kworker/u8:3/48:
[  419.425990][   T31] 3 locks held by kworker/u8:4/57:
[  419.426002][   T31]  #0: ffff888032a07140 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  419.426068][   T31]  #1: ffffc900015e7c40 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  419.426128][   T31]  #2: ffffffff8fdcf640 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x11e/0x14c0
[  419.426188][   T31] 3 locks held by kswapd0/85:
[  419.426204][   T31] 10 locks held by kworker/1:2/807:
[  419.426219][   T31] 3 locks held by kworker/u8:6/1037:
[  419.426232][   T31]  #0: ffff88801ae84140 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  419.426290][   T31]  #1: ffffc9000524fc40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  419.426347][   T31]  #2: ffffffff8fdcf640 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  419.426414][   T31] 6 locks held by kworker/u8:7/1161:
[  419.426441][   T31] 2 locks held by kworker/R-bat_e/3227:
[  419.426455][   T31] 2 locks held by kworker/u8:8/3283:
[  419.426467][   T31]  #0: ffff88801ae84140 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  419.426525][   T31]  #1: ffffc9000e68fc40 ((work_completion)(&pool->idle_cull_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  419.426585][   T31] 1 lock held by klogd/4980:
[  419.426598][   T31] 3 locks held by udevd/4991:
[  419.426611][   T31] 2 locks held by dhcpcd/5285:
[  419.426635][   T31] 1 lock held by crond/5363:
[  419.426648][   T31] 2 locks held by getty/5379:
[  419.426660][   T31]  #0: ffff8880373900a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  419.426722][   T31]  #1: ffffc9000322b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13a0
[  419.426783][   T31] 3 locks held by kworker/1:3/5623:
[  419.426796][   T31]  #0: ffff88813fe43140 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  419.426851][   T31]  #1: ffffc90003f17c40 ((work_completion)(&helper->damage_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  419.426908][   T31]  #2: ffff88801ff27a70 (&helper->lock){+.+.}-{4:4}, at: drm_fb_helper_damage_work+0x125/0x750
[  419.426973][   T31] 2 locks held by kworker/0:3/5630:
[  419.426986][   T31] 4 locks held by kworker/u9:5/5631:
[  419.426998][   T31]  #0: ffff888036039140 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  419.427062][   T31]  #1: ffffc90004427c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  419.427119][   T31]  #2: ffff8880539f0ea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  419.427180][   T31]  #3: ffff8880539f00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  419.427236][   T31] 3 locks held by syz-executor/5640:
[  419.427249][   T31] 2 locks held by syz-executor/5641:
[  419.427262][   T31] 1 lock held by syz-executor/5643:
[  419.427278][   T31] 3 locks held by kworker/1:4/5682:
[  419.427290][   T31]  #0: ffff88813fe43140 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  419.427346][   T31]  #1: ffffc900049a7c40 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  419.427401][   T31]  #2: ffffffff8fdcf640 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  419.427464][   T31] 3 locks held by kworker/1:5/5696:
[  419.427476][   T31]  #0: ffff88813fe41d40 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  432.375800][   T31]  #1: ffffc90004a77c40 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  432.375853][   T31]  #2: ffffffff8fdcf640 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0xab/0x1090
[  432.375918][   T31] 2 locks held by syz-executor/7759:
[  432.375929][   T31]  #0: ffffffff9030e450 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  432.375997][   T31]  #1: ffffffff8fdcf640 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0
[  432.376048][   T31] 2 locks held by syz.3.645/7791:
[  432.376060][   T31] 1 lock held by syz.2.646/7786:
[  432.376071][   T31]  #0: ffffffff8fdcf640 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  432.376122][   T31] 1 lock held by syz.4.647/7793:
[  432.376132][   T31]  #0: ffffffff8fdcf640 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newroute+0x12b/0x250
[  432.376189][   T31] 1 lock held by syz.4.647/7798:
[  432.376202][   T31] 
[  432.376208][   T31] =============================================
[  432.376208][   T31] 
[  432.376217][   T31] NMI backtrace for cpu 0
[  432.376232][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.376255][   T31] Tainted: [L]=SOFTLOCKUP
[  432.376261][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  432.376272][   T31] Call Trace:
[  432.376279][   T31]  <TASK>
[  432.376286][   T31]  dump_stack_lvl+0xe8/0x150
[  432.376307][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[  432.376334][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  432.376355][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  432.376385][   T31]  sys_info+0x135/0x170
[  432.376409][   T31]  watchdog+0xfd3/0x1030
[  432.376440][   T31]  ? watchdog+0x1c9/0x1030
[  432.376470][   T31]  kthread+0x388/0x470
[  432.376493][   T31]  ? __pfx_watchdog+0x10/0x10
[  432.376515][   T31]  ? __pfx_kthread+0x10/0x10
[  432.376539][   T31]  ret_from_fork+0x514/0xb70
[  432.376559][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  432.376578][   T31]  ? __switch_to+0xc79/0x1410
[  432.376605][   T31]  ? __pfx_kthread+0x10/0x10
[  432.376628][   T31]  ret_from_fork_asm+0x1a/0x30
[  432.376663][   T31]  </TASK>
[  432.376669][   T31] Sending NMI from CPU 0 to CPUs 1:
[  432.376698][    C1] NMI backtrace for cpu 1
[  432.376711][    C1] CPU: 1 UID: 0 PID: 3227 Comm: kworker/R-bat_e Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.376731][    C1] Tainted: [L]=SOFTLOCKUP
[  432.376736][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  432.376747][    C1] Workqueue: bat_events batadv_tt_purge
[  432.376763][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp2+0x17/0x90
[  432.376785][    C1] Code: 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 15 38 50 73 11 65 8b 0d 59 50 73 11 <81> e1 00 01 ff 00 74 11 81 f9 00 01 00 00 75 5b 83 ba cc 16 00 00
[  432.376797][    C1] RSP: 0018:ffffc90000a07b98 EFLAGS: 00000246
[  432.376809][    C1] RAX: ffffffff897c9f0c RBX: dffffc0000000000 RCX: 0000000080000301
[  432.376820][    C1] RDX: ffff888032d8dc40 RSI: 000000000000dd86 RDI: 0000000000000000
[  432.376830][    C1] RBP: 000000000000dd86 R08: ffff888032d8dc40 R09: 0000000000000002
[  432.376839][    C1] R10: 000000000000a888 R11: 0000000000000100 R12: 000000000000dd86
[  432.376848][    C1] R13: 0000000000000000 R14: ffff888049245a00 R15: 0000000000000000
[  432.376858][    C1] FS:  0000000000000000(0000) GS:ffff888125390000(0000) knlGS:0000000000000000
[  432.376870][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  432.376880][    C1] CR2: 00007f7dd4f6de21 CR3: 000000005f4ac000 CR4: 00000000003526f0
[  432.376894][    C1] Call Trace:
[  432.376899][    C1]  <IRQ>
[  432.376903][    C1]  skb_network_protocol+0x19c/0x400
[  432.376927][    C1]  netif_skb_features+0xceb/0x1480
[  432.376954][    C1]  ? __pfx_netif_skb_features+0x10/0x10
[  432.376980][    C1]  validate_xmit_skb+0xa0/0x14a0
[  432.377003][    C1]  ? synproxy_pernet+0x23/0x240
[  432.377027][    C1]  __dev_queue_xmit+0xb2f/0x3950
[  432.377051][    C1]  ? __dev_queue_xmit+0x2b6/0x3950
[  432.377074][    C1]  ? __pfx_nf_confirm+0x10/0x10
[  432.377097][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  432.377123][    C1]  ? ip6_output+0x340/0x550
[  432.377139][    C1]  ? lock_acquire+0x106/0x350
[  432.377154][    C1]  ? ip6_output+0x340/0x550
[  432.377173][    C1]  ? ip6_finish_output2+0xb38/0x13e0
[  432.377192][    C1]  ? __asan_memcpy+0x40/0x70
[  432.377210][    C1]  ? ip6_finish_output2+0xd39/0x13e0
[  432.377233][    C1]  ? ip6_output+0x126/0x550
[  432.377248][    C1]  ip6_output+0x340/0x550
[  432.377267][    C1]  synproxy_send_tcp_ipv6+0x52f/0x6d0
[  432.377291][    C1]  ? __pfx_synproxy_send_tcp_ipv6+0x10/0x10
[  432.377314][    C1]  ? trace_kmem_cache_alloc+0x29/0xe0
[  432.377339][    C1]  ? synproxy_send_client_synack_ipv6+0x355/0xcb0
[  432.377361][    C1]  ? skb_put+0x11b/0x210
[  432.377380][    C1]  synproxy_send_client_synack_ipv6+0x814/0xcb0
[  432.377409][    C1]  ? __pfx_synproxy_send_client_synack_ipv6+0x10/0x10
[  432.377431][    C1]  ? nft_socket_init+0x374/0x3c0
[  432.377451][    C1]  ? synproxy_pernet+0x45/0x270
[  432.377492][    C1]  nft_synproxy_eval_v6+0x34a/0x4e0
[  432.377519][    C1]  ? __pfx_nft_synproxy_eval_v6+0x10/0x10
[  432.377545][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  432.377563][    C1]  ? nf_ip_checksum+0x13c/0x510
[  432.377583][    C1]  nft_synproxy_do_eval+0x3ce/0x580
[  432.377612][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  432.377640][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  432.377665][    C1]  nft_do_chain+0x467/0x19f0
[  432.377685][    C1]  ? lockdep_hardirqs_on+0x7a/0x110
[  432.377713][    C1]  ? ip6t_do_table+0x1df/0x1560
[  432.377731][    C1]  ? __local_bh_enable_ip+0xd0/0x130
[  432.377755][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  432.377794][    C1]  nft_do_chain_inet+0x360/0x4b0
[  432.377814][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  432.377830][    C1]  ? nf_nat_ipv6_local_in+0x157/0x660
[  432.377856][    C1]  ? __pfx_nf_nat_ipv6_local_in+0x10/0x10
[  432.377879][    C1]  ? lock_acquire+0x106/0x350
[  432.377897][    C1]  ? NF_HOOK+0x9e/0x3c0
[  432.377921][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  432.377939][    C1]  nf_hook_slow+0xc5/0x220
[  432.377968][    C1]  NF_HOOK+0x21f/0x3c0
[  432.377992][    C1]  ? __pfx_ip6_input_finish+0x10/0x10
[  432.378017][    C1]  ? NF_HOOK+0x9e/0x3c0
[  432.378040][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  432.378065][    C1]  ? __pfx_ip6_input_finish+0x10/0x10
[  432.378097][    C1]  ip6_input+0x16a/0x270
[  432.378120][    C1]  ? ip6_input+0x23/0x270
[  432.378145][    C1]  NF_HOOK+0x336/0x3c0
[  432.378170][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  432.378194][    C1]  ? NF_HOOK+0x9e/0x3c0
[  432.378216][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  432.378241][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  432.378271][    C1]  ? process_backlog+0x3eb/0x1950
[  432.378292][    C1]  process_backlog+0x7dd/0x1950
[  432.378323][    C1]  __napi_poll+0xae/0x340
[  432.378339][    C1]  ? skb_defer_free_flush+0x233/0x260
[  432.378360][    C1]  net_rx_action+0x627/0xf70
[  432.378389][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  432.378415][    C1]  ? do_raw_spin_unlock+0xf5/0x210
[  432.378443][    C1]  ? try_to_wake_up+0x7f2/0x1380
[  432.378474][    C1]  handle_softirqs+0x22a/0x840
[  432.378494][    C1]  ? do_softirq+0x76/0xd0
[  432.378514][    C1]  ? batadv_tt_purge+0x4d1/0x9e0
[  432.378531][    C1]  do_softirq+0x76/0xd0
[  432.378547][    C1]  </IRQ>
[  432.378554][    C1]  <TASK>
[  432.378560][    C1]  __local_bh_enable_ip+0xf8/0x130
[  432.378578][    C1]  batadv_tt_purge+0x4d1/0x9e0
[  432.378599][    C1]  ? process_scheduled_works+0xa70/0x1860
[  432.378618][    C1]  process_scheduled_works+0xb5d/0x1860
[  432.378654][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  432.378671][    C1]  ? do_raw_spin_lock+0x12b/0x2f0
[  432.378710][    C1]  rescuer_thread+0x827/0x1130
[  432.378737][    C1]  ? rescuer_thread+0xbb/0x1130
[  432.378768][    C1]  kthread+0x388/0x470
[  432.378790][    C1]  ? __pfx_rescuer_thread+0x10/0x10
[  432.378809][    C1]  ? __pfx_kthread+0x10/0x10
[  432.378832][    C1]  ret_from_fork+0x514/0xb70
[  432.378852][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  432.378870][    C1]  ? __switch_to+0xc79/0x1410
[  432.378897][    C1]  ? __pfx_kthread+0x10/0x10
[  432.378920][    C1]  ret_from_fork_asm+0x1a/0x30
[  432.378950][    C1]  </TASK>
[  432.384796][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  432.384819][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.384845][   T31] Tainted: [L]=SOFTLOCKUP
[  432.384853][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  432.384865][   T31] Call Trace:
[  432.384873][   T31]  <TASK>
[  432.384881][   T31]  vpanic+0x56c/0xa60
[  432.384908][   T31]  ? __pfx_vpanic+0x10/0x10
[  432.384931][   T31]  ? __down_trylock_console_sem+0x6b/0x110
[  432.384971][   T31]  panic+0xc5/0xd0
[  432.384992][   T31]  ? __pfx_panic+0x10/0x10
[  432.385015][   T31]  ? delay_tsc+0x5b/0xc0
[  432.385037][   T31]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[  432.385071][   T31]  watchdog+0x102c/0x1030
[  432.385105][   T31]  ? watchdog+0x1c9/0x1030
[  432.385138][   T31]  kthread+0x388/0x470
[  432.385163][   T31]  ? __pfx_watchdog+0x10/0x10
[  432.385187][   T31]  ? __pfx_kthread+0x10/0x10
[  432.385213][   T31]  ret_from_fork+0x514/0xb70
[  432.385236][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  432.385256][   T31]  ? __switch_to+0xc79/0x1410
[  432.385286][   T31]  ? __pfx_kthread+0x10/0x10
[  432.385312][   T31]  ret_from_fork_asm+0x1a/0x30
[  432.385349][   T31]  </TASK>
[  432.386078][   T31] Kernel Offset: disabled