last executing test programs:

38.881766099s ago: executing program 0 (id=1581):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f00000000c0)={r0, r0, 0x206, 0x0, 0x0, 0x2, 0x72, 0x1, 0x4, 0x2, 0x0, 0xa, 'syz1\x00'})

38.669402246s ago: executing program 0 (id=1588):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000003c0)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000380)='[', 0x1, 0x8812, 0x0, 0x46)
recvmmsg(0xffffffffffffffff, &(0x7f0000000e00)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f00000002c0)=""/131, 0x83}], 0x1}, 0x2}], 0x1, 0x10122, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000100)="0fff6d045123705c03f121d9b9affb56a96fca493f5d55a64554928ed06c7704937b9d0ee909cc2fd19aea8bb15ddf3a1f58977d9f19bfbd4c14737cdf2edf9eb60dac50e2de0e0204dc89445c7cacef5675e72a", 0x54}, {&(0x7f00000001c0)="c861e3c162394ca77ecf2e480f161a3d28b3cfc1c427f5618fbf9ea1c3c35aed5c7fb5dd8ddc198061d3e7570e127912a9222d8c9255919eb49719026f8a26bf4964c53565d7e9b9e5c3a2564fb3fdaca0d2a0d7e197b65051cb6dd2854dabc718edd3bc4df82c6dc39e8028fcacdfeb13b993e5680c2fe45d34bf8589b837e3c9effdba2d465c1d1fa12b82664985d14678f6abdd6165ba42f339efd17ec437897a74cc725d9667586cea50c3", 0xad}, {&(0x7f0000000400)="64847935f2c8039d5bee301b69a32772ed356b59e2139d17bd3c1f1ebc9f758340edad7040d4babf27a2e5db6c89b6c41830b6d081161a40cdc401fcbc9f7cbcf69a6ee840e05d9a59ecbde1e8d24b8aed", 0x51}, {&(0x7f0000000480)="7f7d39201be3b2f13a9a8dfa8c78bd1c6bdefc52b7fd5cd9bd13b60654a07aca12a76d698f11efef30fbd8d3beab", 0x2e}], 0x4, &(0x7f0000000940)=ANY=[], 0x168}, 0x4000011)
shutdown(0xffffffffffffffff, 0x0)

38.508231837s ago: executing program 0 (id=1593):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r1)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x38, r2, 0x1, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40000)

38.414200684s ago: executing program 0 (id=1596):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xa0}}, 0x0)

38.311562478s ago: executing program 0 (id=1600):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="85e39a2f2cd6b8ccc7658ddf897accc1", 0x10)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6", 0x10)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000000)="0a000000010003", 0x7)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000003d40)=ANY=[@ANYRESHEX=r1, @ANYRES32, @ANYBLOB="000000001a000000000000be42e2220b0c5b1e2c24e7ec1df53a2bcb8930daac33957b3aaad8a12ef5788b4d870c4024a9488c2ccca1f9261b2ec4df1c662a3a1566a35b23f08b507f3835658143a7a0aac1e7e0fae7fbec5b57558b5c8304dbada088f5d27361e9530607a4a43db71489ece166cae5b461313f10b452039f32d5526aa26f55e25cc3c72094a9c90000000000000000000000000000140eff37c5f85763ceca46e8fba94a347bf8cdd3530c2e4c6a3b9914ea440701b2defbc491df23cc11663d718766f614d0ce3984ea1746c5ddfd0ff8465b0e9263059ceeced49b7c31d01bbbc30e9574442a96ce2f0a4d6bf9e7c314b181bddc575dcdbc810a1d41b32139619d6139df035cca69ef5116a87040f40f04bf1b523190efd7fcd72617ed226fda982aef41a308a6222941613d37530d130dd3979b3a442ff6744d9b982604db814c7dfc69cb7a753e0e26941b9b225d806a693c69b271129996d59a04e09241472631eae9d0b719018a32953e79470000000000000000", @ANYRES32=0x0, @ANYBLOB="6c0927637dd9877c9b037d29e60b5095b70829ea01d3b26fdd440f01b313a5505f75ace3a76ef45c1589768db92d9e345f38e48ef6515824ce94157d7c99eb36e890dfb8da7dc288b484a11468db44da3e9cad41d6325e0ae3d96ae15e0e6833de4263af806c158c1e97a03bddb74170af0baab0f051be95e0ee93f290a1c6486d97f6808e788d7a2bf53816b7f30ad09ec8e614e10e278aa806a3e29fbdfc02f6a8a3ec9e964b520409a65954950a5127b95bd295b6d3ca0f2969f1008670c9edbc97e1ec822aacfad6f268f7e46b1f417616aff8e05a76e2ce29020321aec8b25ba3f2fbcb952a6cdfd3cd2857814095e70587c835299e8262c8a5ac36c1adddd5e8cdff8889a4ba55e267d81341af39e2872a6d6157a2e9f76664a753a416031cfa6e3d2570eece0370e5960e790921b60f74b8bec52f0a866f1d6512e1bee01a7c85c250e3c915bf83ff70a0e20b11f72459da896cff56ad02b09072a6a6eb522c345009fae726b27702094f3527f011a974dcb4f0b8bcfe257e02a4a24d9bd501f5af7001769b51656ca29b3f8ce9d729948ecd4f81b95906bf5f86b475cc28d6a31daf71222fcd557c7556344c3f4b0d696ec1664c517232e97b37793252f3e09993165b021fd2dc28a3d20caeafec26b41c22208be1c97ddee4032db978ea344c2cffcdb951f020cf97c105a27ebe42475266322cf7fd672899a9f217bd4bb7eb5c4e4f8b0ccd73c555bb36837e3a34e125ab5cc055712ade382011eb816ff9a87392532f3fd437d98bb871a601e970fdd3309a4f181504f70e1a7f2a80bdece8835872259687c92e2eb47f48c9c08e8dde9eb406c452e8a59ffafd4e14385aa23361060702d4d7e9bce1085eaf143d2e070379d72b35b32b15ae9f949c9cf551e3d0100641328cdeaba1d801857f63f7460795cf0ab0cee2068dd1271dc9900312505504055a6e6e9ba460f3127a69acd57bb954fc99afb38add8a138ea3fa8dd5844d85e3f1ae10a0bca8293dfca4d1eb51ab3cf0b2c46cc9691a7945a66cb42daa9d4c811ae034d1eed4cc825efe165b548a76bff5d2c08c93c4fb4a22aae0dd9db837359e56bbbda3fa19d0181e4da12f185eb576be734bc685243f161c21635057579747da21c3a33f5361981ff189ce0935fd68d63bfb3a802401a5dc6bc9695b062eece32c4f905b15128645b51dadf6f5885e2c7665ef625d1eb18d8d1567436f5ca7bac0b8e1a937309b63c8038b04efff68397e3d60f70b7aa9827b5478f248db9c1a49398eb8c04bab11ad0fa8ff1b8db050f1f18d60b81c0105264829d0aa8e8db03e83e899e21e42226a8d7e50acb2080bffe1424b4c453faebab6d062df06739cb803c0057a243717d642c63c0a830870b0b4430944fe3ef25342ecc7478d561e670708f604516f3afa827d2c56a687d940ba8664a0f558021bc5cc76b94315714817c0df0446588b19a244e90aa96887d1f237d54c0db1b2b163fd313831919f62455774351066ca384384db38211425bf25f15cb73d96e44bf056875a251e386dfd00dcffe244ed2ed2fb95520395147cd541a71861c971a1036c3903c2fb2481319b72e1975392b339712798e18686f2e0cacd2ba62943d65a57ba43c43742c436ae07f8f5eba756abeec80a5ddf932963b9b9387e3794940682ce96a256de7ea670d62a78aa8ee3c5fd3095fc763350398036ad1a79e456cb9485528189f1c7e0e9a1fa60836db6bd2fa88e15ba9fb267a355a2171988faa752cd7d3d10e71c528c448ec46236385bd7bbd2f75c3925f5d83013cee1724d4bd88131b014f675e41b79771b5e05d7967f217353f2c9fc26a1d46ea741e5619df0c9cdfc5779288e9b601349b1829d020f3922eaf6fe68cb60d1badc7d1af8e3e1d15c530149f7adf9bedf163cac409f7acc474ff8dfc401c1fc27218d24cbcc8b33cbf05a50d220cf5a77317f1712d11ccbee7a816e6f47b7c0b2f7b474f60390c8bee0bba74995201e2fc3c61bcca5648cb8ac9b723effb6d3099dd25770c006f5f7f7410be3b9becfcbbfc3edb241fc7756f5cecd446e09cdf4db0637a34a086d8c3db637ec31e3b867487d42e8e1cf8384bbba072e28d7f51ba4e3fec22faf77832b3003d8401f64a04e28c798a2a66e5a2e8e01d8a9b2456090c9887e622c814a60a89abc0d8eba4f56f04b00cb9b84333abb13d7b73067bfb6c918bca7f95f28e6efabcdbc2b1bf8a6be182827dafa4dd56c082d6b97df5f513b05c489ca56c779095d0571c265222917789d750f3777e42c41037d129ab3381857720d1634105cc140f685e1c5437fada6c70fb595dd34782c4309f51b6828e4307a0f0254fc7f19e3b4c6bbecd118c2ecb87bdfc9e9d3067bcd3af2d75cc5a8110b232cbeb2d6e409703edcb6b64d8b00296c5558f88d0cbde02461d730953065f01f7a003951194ffedfe1ea65486eb9701572a14e13c3a918b6ff0e5f908c549d3f9c1348bcfe7f3ddd2fd0eb064b3aaab0f8bad562bf5a6692fa58e2d8e2bdcd1a703d10b10d0ca8497fdcbd0b1eac4d7c93c27ec193f8d43d443bd5c83a46179451ee06bc2b83f3c1582ac8432480d6ec508875e285a1137011ce32122fb9bf7bf458385dbd885abaaf26a4c28874609c459c4e23b32e52dea1d633039c64c375f741e88bdaa2261ef789b5113df0eef22e89870326bd669759506c84640e43b7d9829134ada0badf6a086519ab81338948253ef37e82af149775c84e33bad0994d3c1ceb1cfd28c6f8d1ee9871e8b086f0730eaab6a90a313a03d8437256cdb49f214953dededdb07fd809afac43360cea697ababf8897b6a094e119bd65bd01dd31820abb0c3e38d42ed225ab59f901cc54c0e32f3c7ff4b1386ebd5dbcfab0a5efb1166da2132561c617a6c594ffca91c732df7e517bb11774b8c442c2f756e91fff35f87f2ab7f5ab84520a2328e718d6aac1c45aabcbb774ceac41e6b08563d3b3a6e55ee232d4b21c5bdac85b66e94f86c65f95310dff10b76d4a07d68d1e8ffdf6be6f3ce099f02c244e9c2f5ffa2a7ba39fb2595686b73f7f2afa98e851567077aef37a92b352f62b9c8d351eb22758fd3dda0b52bfca5aa01f700bfedf109f485084f3717aba9edfc6d12fe0d1c420492c207b3a61ab0906f0e4f5c7ba00d0cfeaac2eebf67d8285e9396582497c55c27f21e8d3cbe701ede027523960e7e8939e744f52a271aca30675e19ccac70588858847311031f37b36b77c26bf7e2ba4ec9f7b5bab6786f9be872850099e7cbdd44ec674fd925b480bb5b47acbcb184c2f7d315c9b7cbc277eb3d769f73833c2de103529c5543c10a7a763c4fa6092a8400238da9ca37b1ae6ec96a840393572004cf1dc8bb68bff18a8e2cca3fa0093d307dfb1eabd1bd5199883694f9c5190ee92ad801b6fb9676b6631814e00e7a7279374b2814efa640001e6e870c738f619c2638c60e56526e45c082a76ea8415869895bb78638ce215800c519b2d335277a2629547adbd3b438a462621b950fbeb533f73c416bd47f6dfd624504203f78d5144873b6202e7942df13f05dbb10262390153dc3100ad6f13b09b5f9fda67164d88e7c86bbfe05dd70f2ed8e7b22186ae4f4002fec96563e73e6c99cd28e14df6d0b55e83aaf84f8c3bc87153f15a9cb2fe454d0641088b41c29ee34585d8d5c633d1f07d96798d3bb5b59b7943eecf1d490a579879e869a0a82f19ba43c1e5c0f7e9130a61d8d6e19c3c97f250a315147253a2a35d509417737494d6d97fe54eb9f625a3815e9810ef6d894fd2490f1849a22c9fc2c38a934d4957f8c1ac02d25f2b2650fb3c4bb0864abb246d1d55fbf5373e7d403fee40c2f179fcb1e4abb7a694cb2fd0d7e9eb0d2ae19823f1c2b482fc8673d20cd773e940519d5defad45a9c52a0496e8428ec7277ac1b9b2ea07e3f7da328e9e74ca4ba3665ed8efdd6e8bc11d37d21f1d7a1190abfee82aeb09bf03a1674b86b18db7e0f2f931df4102e9b0ec0c04ba4959aef96d6a9d138e7ce2c633e1099432b50e8545c615707c8486ca2c4ff3222fdd7b2286ccd9244c2519d6429d219def6ed7807da002c976164e5a3c4b13b0a0e6c668ad445f3060601ba25099042060ff31a6da14b024f2db896fe5feeb680648913e3fac2308fc16ab5473e1caff12707ae7a5bc12b15a45420ff768b0696bed5848aae9a102ae3aacfbcea16ae128e158c783f1976d6a46d880eec97c59e8d00d66eb799084ec8a699051e705ea706d555dc7322812846f349e6b40da3d7209f437413945848321f72b14246896e9287638efb3b7d3744e9443dd3f5872fb7cf4c18eeb735e87722a0424aa19e79f2accacbddf515fcd4d9f07b05fa28f10f8b3d99a42f41d328075adc6a954fb991f7eff3b71612a64d2041d2935c89dc123f51460f7c978aa7ed862fb2dfc6235e079dac26033ef72d50ce141027e7e74fe9db06830c18877c557515805b07797de536035d626ad2631157a26fa9254ac9bc8a3f9cb6f4cd7f121d775270776aac9e77484c585f8cf30e79cd2095b583bc7251561e9abe1cfa4509aa771501a0a131d7103eeab86c2a523c0062f7a41c3c41ef0b9d394ac81dc9a7b234b1a11715b44a13dc5f975d3a5808e34d3459efa5fdadeac9a7c382bcd12603e2d0465d1c0534c3002e54856e24d1e7b0f60b3467072325c5cd10dcf6a86d2c01e7e47b2bd6e6dbd3fcf1f162d07f633f58203d2ad54ad45e1d11413504a267a836c7a02f9380577f732a162dc469fb15c9296896047f9c0f5234c3247c9de50b7d43d670cc65b7239e6a7e7353ff699ce4d1add477025d9aa8b1ef931d8ae498c88300c2bdf90a99910038b6075435e5dbffad146d8c0cbd2e9b42a08f7495b2f8ec409bb210e690f3cecd15dbb4e266949375425eb6d405ee9d21de8062a39f3a64ac61347a3b563b222f81dfe8ce5bb21f000d07bcbb6621e0ce7dd4874590a50da41f56bf80569f887880b4b7f7a0fb42159039a844e60cef58b7ff9f370fed2570e7447809bbe4bd77e6ddc0ac9ef966f532a08fd35d205938203dd1bbfe5f189959f37f623f3ca3b54a8ea749c3d776617c0245ae74ec4bcaa7fbe58dd39dff270270a1cdf6df4558448efb56655c0de83f7317a3ebd7bb5c35a075ac41af27cbf009837ac78c9989ac68ba61da82acfb95bce5547e6986e19113963a0b3b5ed44a9f42e042a09586c9938890eec1c9928c00579d39eb64384000e3cedb258581a4f4514312dfc4e872e26217e23cd50e7fecf82053387e66aa9bfb77b23cb7f17cd00aece744d5ba82aca472db7721b4964c3b0d377ec2ae74f6f56929632b9cf5331b1a1dd10453dfd586e6eeb5efc76099864c474b6cf78a9e2c1a782855eea41781e49d3589d25731bccfdcb560e1f338aa869469f1a7bcf07847b1909a083709b0bece159c739a6c3e34b3a26b44eb38ff1c9b7a04c18ee230ec0b74ee9c25c616120e0c398612b0ef22c23d7da524b06b6b65ca6202296a92de36abb929fd743627c2305d2971078826924cd39ec3132f5937d85980321994cc59cf0dc8d28c98c941706ae9c21086d5923b6889a98563910d53f1da9b6bfb30c7a661e9261c57c710540191fca9fbf997f49e2b96248060a55792e96510c76d85260355dae5a42bbebda6e1ba9a05986c93da9c688f2d9585992478d80d814d4b6e77e4729f46d49e37b778a5d92cdb452910300a714fc848b923a4e3446b39dfdb068b7981702730161872d34f7082af0b9", @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001800010000000000000000000200000000000006000000000c00090008000000", @ANYRES32, @ANYBLOB="08000400", @ANYRES32, @ANYBLOB="080005"], 0x38}}, 0x0)

37.740417015s ago: executing program 0 (id=1608):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x3, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x0, 0x3, {0x5, 0x2, 0x6}}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000880)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0xc}, {}, {0xa, 0x1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x0, 0x62b9, 0x5, 0xfffffff7, 0x5, 0x3, 0xe1cb, 0x5, 0x1, 0x3, 0x0, 0xfffffffd, 0x2, 0x6, 0xacd, 0x0, 0x362, 0x1, 0x2, 0xffffff44, 0x3, 0x2, 0x8, 0x3, 0x6, 0xffffffc0, 0x9, 0x688, 0xffff, 0x2, 0x2, 0xfffffeff, 0x0, 0xb, 0x5, 0x0, 0x5, 0xffffadc0, 0x8401, 0xf, 0x1, 0x8d2a00, 0x8, 0xf, 0x4ba, 0x1, 0x80, 0xffff, 0x1, 0x7, 0x0, 0x400, 0xe5, 0x7, 0x2, 0x45a5, 0x8, 0x6, 0x4, 0x0, 0x57, 0x3, 0x80, 0x9, 0x5, 0x9, 0x5, 0x3, 0x9, 0x2, 0x3, 0x4, 0x7f, 0x101, 0xde, 0xe4f, 0x7, 0x9, 0x7f, 0xff, 0x6, 0x9, 0xf3, 0x5, 0x2, 0x81, 0x0, 0x800006, 0x7, 0x5, 0x437, 0x6, 0x3, 0x2, 0x7000000, 0x5, 0x9, 0xecc, 0x6, 0x4, 0x8, 0x400, 0x7a5, 0x9, 0x9, 0x0, 0x9, 0x8, 0x0, 0x3, 0x7ff, 0x5, 0x6, 0x4, 0x7, 0x10, 0x4001d1da, 0x6, 0xbdb, 0x1, 0x8, 0x8001, 0xe3c8, 0xffffffff, 0xd, 0xa, 0x4, 0x9, 0x7fffffff, 0x3, 0xb8b4, 0x723, 0x15, 0x9367, 0x81, 0x400000, 0x9, 0x6, 0x75, 0x203, 0xc695, 0x4, 0xf, 0x7, 0x3, 0x0, 0x3ff, 0x8000, 0xff, 0x4, 0x0, 0x6496, 0x7f, 0x3, 0x0, 0x1000, 0x6, 0x7ffffffe, 0x6, 0x157b, 0x7, 0x40, 0x1, 0xfffffffc, 0x3, 0x9, 0x2, 0x98de, 0x2450, 0x20086d, 0x2, 0x7, 0x7, 0xfffffffa, 0x800, 0xfffffffb, 0x4, 0xb6, 0x5, 0x7fff, 0x9f4c, 0x1, 0x8, 0xe, 0x11d, 0x7fff, 0xf, 0x8, 0x3, 0xa, 0x9, 0x9, 0x2, 0x4, 0x2, 0x8, 0x5, 0x5, 0x401, 0x9, 0x4b8, 0xa78, 0xec8, 0x1, 0xfffffffa, 0x80020000, 0x0, 0x0, 0x7f, 0x8c1, 0x5, 0xfffffffa, 0x6, 0x175b, 0x7fffffff, 0x4, 0x1, 0x9, 0x8001, 0xffff, 0x5, 0x3a1838ea, 0x401, 0x5, 0x10, 0x7fff, 0xffffff00, 0x3, 0x8, 0x9268, 0x80000000, 0x400002, 0x7, 0x4, 0x3, 0x4, 0xced, 0x5, 0xa524, 0x7, 0x81f, 0x3, 0x10, 0x80, 0x1ff, 0x1109, 0x9, 0x1, 0x0, 0x2, 0x0, 0x8, 0x3, 0x3, 0x6, 0x4]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x2004009c}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$kcm(0x11, 0x3, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x204001, 0x0)
close(r9)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r8, &(0x7f0000000440)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3c}, 0x80, &(0x7f0000000080)=[{&(0x7f00000005c0)='\'', 0x1}], 0x1}, 0x804)

37.660803537s ago: executing program 2 (id=1610):
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@local, @random="5d3ec70048e8", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x18, 0x2c, 0x0, @remote, @local, {[@routing={0x73, 0x2, 0x2, 0xc, 0x0, [@empty]}]}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000180)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5, 0x1}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x20, 0x2c, 0x0, @remote, @local, {[@hopopts={0x0, 0x2, '\x00', [@generic={0x0, 0x14, "f91dc7702728eda1f8fdfd046bdf40f7dbeb523d"}]}]}}}}}, 0x0)

37.580222332s ago: executing program 2 (id=1612):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95, 0x10, 0x0, 0xfffffffffffffffa}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmmsg$inet(r2, &(0x7f00000028c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000340)="be177d", 0x3}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000001800)=[{0x0}], 0x1}}], 0x2, 0x40)

37.531800784s ago: executing program 2 (id=1613):
r0 = socket(0x2b, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f64e40992f79ecf0", "53c272d8b763f690b35605dff8a4a8d2", "021000", "7cf56f776d00"}, 0x28)
listen(r2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r5, 0x14)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r7, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e", 0x78}], 0x1}, 0x4040)

37.472616854s ago: executing program 2 (id=1614):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendmmsg$inet(r1, &(0x7f0000001480), 0x0, 0x2000c044)
sendto$inet(r1, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0)

37.368602426s ago: executing program 2 (id=1616):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x200280d0}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELSET={0x2c, 0xb, 0xa, 0x301, 0x0, 0x0, {0x92258420943190a, 0x0, 0x3}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELSET={0x2c, 0xb, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x80}, 0x1, 0x0, 0x0, 0x40091}, 0x40)

37.306016875s ago: executing program 2 (id=1618):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40040, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$unix(0x1, 0x1, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd0a, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {0xffff, 0xffff}, {0xfff2, 0xfff1}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x1, 0x8, 0x40}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0xb}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x3, 0x8000, 0x20000000, 0x6, 0x77}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20040894}, 0x0)

22.543572772s ago: executing program 32 (id=1608):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x3, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x0, 0x3, {0x5, 0x2, 0x6}}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000880)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0xc}, {}, {0xa, 0x1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x0, 0x62b9, 0x5, 0xfffffff7, 0x5, 0x3, 0xe1cb, 0x5, 0x1, 0x3, 0x0, 0xfffffffd, 0x2, 0x6, 0xacd, 0x0, 0x362, 0x1, 0x2, 0xffffff44, 0x3, 0x2, 0x8, 0x3, 0x6, 0xffffffc0, 0x9, 0x688, 0xffff, 0x2, 0x2, 0xfffffeff, 0x0, 0xb, 0x5, 0x0, 0x5, 0xffffadc0, 0x8401, 0xf, 0x1, 0x8d2a00, 0x8, 0xf, 0x4ba, 0x1, 0x80, 0xffff, 0x1, 0x7, 0x0, 0x400, 0xe5, 0x7, 0x2, 0x45a5, 0x8, 0x6, 0x4, 0x0, 0x57, 0x3, 0x80, 0x9, 0x5, 0x9, 0x5, 0x3, 0x9, 0x2, 0x3, 0x4, 0x7f, 0x101, 0xde, 0xe4f, 0x7, 0x9, 0x7f, 0xff, 0x6, 0x9, 0xf3, 0x5, 0x2, 0x81, 0x0, 0x800006, 0x7, 0x5, 0x437, 0x6, 0x3, 0x2, 0x7000000, 0x5, 0x9, 0xecc, 0x6, 0x4, 0x8, 0x400, 0x7a5, 0x9, 0x9, 0x0, 0x9, 0x8, 0x0, 0x3, 0x7ff, 0x5, 0x6, 0x4, 0x7, 0x10, 0x4001d1da, 0x6, 0xbdb, 0x1, 0x8, 0x8001, 0xe3c8, 0xffffffff, 0xd, 0xa, 0x4, 0x9, 0x7fffffff, 0x3, 0xb8b4, 0x723, 0x15, 0x9367, 0x81, 0x400000, 0x9, 0x6, 0x75, 0x203, 0xc695, 0x4, 0xf, 0x7, 0x3, 0x0, 0x3ff, 0x8000, 0xff, 0x4, 0x0, 0x6496, 0x7f, 0x3, 0x0, 0x1000, 0x6, 0x7ffffffe, 0x6, 0x157b, 0x7, 0x40, 0x1, 0xfffffffc, 0x3, 0x9, 0x2, 0x98de, 0x2450, 0x20086d, 0x2, 0x7, 0x7, 0xfffffffa, 0x800, 0xfffffffb, 0x4, 0xb6, 0x5, 0x7fff, 0x9f4c, 0x1, 0x8, 0xe, 0x11d, 0x7fff, 0xf, 0x8, 0x3, 0xa, 0x9, 0x9, 0x2, 0x4, 0x2, 0x8, 0x5, 0x5, 0x401, 0x9, 0x4b8, 0xa78, 0xec8, 0x1, 0xfffffffa, 0x80020000, 0x0, 0x0, 0x7f, 0x8c1, 0x5, 0xfffffffa, 0x6, 0x175b, 0x7fffffff, 0x4, 0x1, 0x9, 0x8001, 0xffff, 0x5, 0x3a1838ea, 0x401, 0x5, 0x10, 0x7fff, 0xffffff00, 0x3, 0x8, 0x9268, 0x80000000, 0x400002, 0x7, 0x4, 0x3, 0x4, 0xced, 0x5, 0xa524, 0x7, 0x81f, 0x3, 0x10, 0x80, 0x1ff, 0x1109, 0x9, 0x1, 0x0, 0x2, 0x0, 0x8, 0x3, 0x3, 0x6, 0x4]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x2004009c}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$kcm(0x11, 0x3, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x204001, 0x0)
close(r9)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r8, &(0x7f0000000440)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3c}, 0x80, &(0x7f0000000080)=[{&(0x7f00000005c0)='\'', 0x1}], 0x1}, 0x804)

21.547706726s ago: executing program 33 (id=1618):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40040, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$unix(0x1, 0x1, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd0a, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {0xffff, 0xffff}, {0xfff2, 0xfff1}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x1, 0x8, 0x40}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0xb}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x3, 0x8000, 0x20000000, 0x6, 0x77}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20040894}, 0x0)

10.791840259s ago: executing program 1 (id=1722):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r1)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000480)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x30, r2, 0x1, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x40000)

10.680263261s ago: executing program 1 (id=1724):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESOCT], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x10, 0x0, 0x25dfdbfb, {{@in6=@loopback, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x0, 0x7, 0xfffffffffffffffd, 0x2}, {0xfffffffffffffffe}, 0x6, 0x6e6bc0, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000"], 0xb8}}, 0x20004000)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="b80000001300e9990500000000000000fc000000000000000000000000000000fc00000000000000000000000000000000000000000000000a0030"], 0xb8}}, 0x4000)

10.548704138s ago: executing program 1 (id=1726):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

9.988420438s ago: executing program 1 (id=1731):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="180200000000000000000000000000001800000001000000000000000700001495"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000440), &(0x7f0000000040)=@udp=r0}, 0x20)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmsg(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000780)=""/4096, 0x1000}], 0x1}, 0x60000001)

9.572663962s ago: executing program 3 (id=1734):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newtfilter={0x84, 0x2c, 0xd2f, 0x10b52c, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0xfff5, 0x10}, {}, {0x8, 0xd}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x10002, 0x40, 0x20000000, 0x7, 0xffffffff}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x24008084}, 0x20000000)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x40000, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r9=>0x0})
close(r7)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r9, 0x42}, 0x80, &(0x7f0000000700)=[{&(0x7f00000001c0)="27030200dc0f14000e000f00fdc6c1020000ff8407c2fb7fe0406e52534b4f6b3d327db412f40000000003000000", 0x2e}], 0x1}, 0x4005)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r12, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

9.117645823s ago: executing program 1 (id=1735):
r0 = socket(0x10, 0x803, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newlink={0x40, 0x10, 0x439, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x20005}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @remote}, @IFLA_GRE_LINK={0x8}]}}}]}, 0x40}}, 0x0)

9.113247193s ago: executing program 4 (id=1736):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, 0x0, 0x4040010)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x20000000)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32=r2, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040)

1.06243149s ago: executing program 3 (id=1737):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x18, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)

1.024588965s ago: executing program 3 (id=1738):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000640)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x4)

852.895909ms ago: executing program 1 (id=1739):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
pselect6(0x40, &(0x7f0000000040)={0x7, 0xfffffffd, 0x7, 0x8001, 0xfdb1, 0xc, 0x200, 0x3}, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

837.79939ms ago: executing program 4 (id=1740):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b00)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000b40)={0x1c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8084)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

803.1597ms ago: executing program 3 (id=1741):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001300010000000000ffdbdf2507000000", @ANYRES32=r1, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)

740.707362ms ago: executing program 4 (id=1742):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.idle_time\x00', 0x26e1, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd63"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040033, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000001100000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0)

633.347222ms ago: executing program 3 (id=1743):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x2, 0x9c, 0x0, @val=0x80}}}}}}}, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="180200000000000000000000000000001800000001000000000000000700001495"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000440), &(0x7f0000000040)=@udp=r0}, 0x20)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmsg(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000780)=""/4096, 0x1000}], 0x1}, 0x60000001)

117.395155ms ago: executing program 4 (id=1744):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000f80)={0x6c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="3a9c52ce4551"}, @NL80211_ATTR_PMKID={0x14, 0x55, "78777ef461281aa490c8255911380260"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="c50125cc7cad"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x52}, @NL80211_ATTR_MAC={0xa, 0x6, @random="41e8ef88afb5"}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xc}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x47}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40000}, 0x20000840)

80.238764ms ago: executing program 4 (id=1745):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff, 0x53, 0x0, 0x0, 0x9, 0x7, 0x15c2, 0x440, 0xc336, 0x7, 0x8, 'syz0\x00'})

24.570051ms ago: executing program 4 (id=1746):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r3, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000002500)=[{&(0x7f0000000440)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x15, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32], 0x1c}}, 0x840)
write$nci(r0, &(0x7f00000006c0)=ANY=[@ANYBLOB="710509"], 0x11)

0s ago: executing program 3 (id=1747):
r0 = socket(0x10, 0x803, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newlink={0x40, 0x10, 0x439, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x20005}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @remote}, @IFLA_GRE_LINK={0x8}]}}}]}, 0x40}}, 0x0)

kernel console output (not intermixed with test programs):

T6850]  do_syscall_64+0x174/0x580
[  129.640110][ T6850]  ? trace_irq_disable+0x3b/0x140
[  129.640135][ T6850]  ? clear_bhb_loop+0x40/0x90
[  129.640159][ T6850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.640181][ T6850] RIP: 0033:0x7fbeea57ce59
[  129.640201][ T6850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  129.640221][ T6850] RSP: 002b:00007fbee87ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  129.640244][ T6850] RAX: ffffffffffffffda RBX: 00007fbeea7f5fa0 RCX: 00007fbeea57ce59
[  129.640261][ T6850] RDX: 0000200000000000 RSI: 0000000000008b18 RDI: 0000000000000003
[  129.640275][ T6850] RBP: 00007fbee87ce090 R08: 0000000000000000 R09: 0000000000000000
[  129.640289][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.640302][ T6850] R13: 00007fbeea7f6038 R14: 00007fbeea7f5fa0 R15: 00007fff6f0d5e78
[  129.640327][ T6850]  </TASK>
[  129.818015][ T5601] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  129.952379][ T6852] netlink: 'syz.1.410': attribute type 1 has an invalid length.
[  129.987763][ T5601] usb 4-1: Using ep0 maxpacket: 16
[  129.989767][ T5601] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  129.989794][ T5601] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  129.991562][ T5601] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  129.991592][ T5601] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.991613][ T5601] usb 4-1: Product: syz
[  129.991630][ T5601] usb 4-1: Manufacturer: syz
[  129.991645][ T5601] usb 4-1: SerialNumber: syz
[  130.036652][ T5601] usb 4-1: 0:2 : does not exist
[  130.112800][ T6852] gtp0: entered allmulticast mode
[  130.521085][ T6849] netlink: 822 bytes leftover after parsing attributes in process `syz.3.409'.
[  130.718936][ T6874] 9p: Bad value for 'dfltuid'
[  130.718958][ T6874] 9p: Bad value for 'dfltuid'
[  131.085881][ T5601] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  131.204177][ T5601] usb 4-1: USB disconnect, device number 15
[  131.361441][ T6899] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.361769][ T6899] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.401794][ T6911] FAULT_INJECTION: forcing a failure.
[  131.401794][ T6911] name failslab, interval 1, probability 0, space 0, times 0
[  131.401840][ T6911] CPU: 0 UID: 0 PID: 6911 Comm: syz.3.431 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  131.401871][ T6911] Tainted: [L]=SOFTLOCKUP
[  131.401880][ T6911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  131.401897][ T6911] Call Trace:
[  131.401905][ T6911]  <TASK>
[  131.401914][ T6911]  dump_stack_lvl+0xe8/0x150
[  131.401943][ T6911]  should_fail_ex+0x467/0x600
[  131.401979][ T6911]  should_failslab+0xa8/0x100
[  131.402009][ T6911]  kmem_cache_alloc_noprof+0x87/0x680
[  131.402035][ T6911]  ? alloc_empty_file+0x5b/0x1d0
[  131.402062][ T6911]  alloc_empty_file+0x5b/0x1d0
[  131.402087][ T6911]  alloc_file_pseudo+0x115/0x1e0
[  131.402114][ T6911]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  131.402147][ T6911]  anon_inode_getfile+0xc5/0x1a0
[  131.402170][ T6911]  sync_file_create+0x76/0x1d0
[  131.402204][ T6911]  sw_sync_ioctl+0xd2f/0x1110
[  131.402242][ T6911]  ? __pfx_sw_sync_ioctl+0x10/0x10
[  131.402293][ T6911]  ? __fget_files+0x3a8/0x420
[  131.402319][ T6911]  ? __fget_files+0x2a/0x420
[  131.402346][ T6911]  ? bpf_lsm_file_ioctl+0x9/0x20
[  131.402371][ T6911]  ? __pfx_sw_sync_ioctl+0x10/0x10
[  131.402404][ T6911]  __se_sys_ioctl+0xff/0x170
[  131.402435][ T6911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.402458][ T6911]  do_syscall_64+0x174/0x580
[  131.402479][ T6911]  ? trace_irq_disable+0x3b/0x140
[  131.402504][ T6911]  ? clear_bhb_loop+0x40/0x90
[  131.402528][ T6911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.402550][ T6911] RIP: 0033:0x7f50c4ebce59
[  131.402568][ T6911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  131.402586][ T6911] RSP: 002b:00007f50c310e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.402609][ T6911] RAX: ffffffffffffffda RBX: 00007f50c5135fa0 RCX: 00007f50c4ebce59
[  131.402626][ T6911] RDX: 0000200000000100 RSI: 00000000c0285700 RDI: 0000000000000003
[  131.402640][ T6911] RBP: 00007f50c310e090 R08: 0000000000000000 R09: 0000000000000000
[  131.402653][ T6911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.402667][ T6911] R13: 00007f50c5136038 R14: 00007f50c5135fa0 R15: 00007ffc845ef8f8
[  131.402695][ T6911]  </TASK>
[  131.446457][ T5612] udevd[5612]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  131.510688][ T5704] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  131.598029][ T5690] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  131.727795][ T5704] usb 3-1: Using ep0 maxpacket: 16
[  131.730555][ T5704] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  131.733593][ T5704] usb 3-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=82.8f
[  131.733625][ T5704] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.734146][ T5704] usb 3-1: Product: syz
[  131.734166][ T5704] usb 3-1: Manufacturer: syz
[  131.734184][ T5704] usb 3-1: SerialNumber: syz
[  131.761115][ T5690] usb 1-1: Using ep0 maxpacket: 16
[  131.782280][ T5690] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  131.782306][ T5690] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  131.782327][ T5690] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  131.819677][ T5704] usb 3-1: config 0 descriptor??
[  131.821877][ T5690] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  131.821909][ T5690] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.821931][ T5690] usb 1-1: Product: syz
[  131.821946][ T5690] usb 1-1: Manufacturer: syz
[  131.821962][ T5690] usb 1-1: SerialNumber: syz
[  131.823103][ T5704] kobil_sct 3-1:0.0: required endpoints missing
[  131.889559][ T5690] usb 1-1: 0:2 : does not exist
[  132.028269][ T5704] usb 3-1: USB disconnect, device number 11
[  132.115197][ T5690] usb 1-1: 1:0: cannot get min/max values for control 4 (id 1)
[  132.179451][ T5690] usb 1-1: USB disconnect, device number 19
[  132.206863][ T5612] udevd[5612]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  132.929318][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  132.930270][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[  132.930318][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  133.451238][ T6958] FAULT_INJECTION: forcing a failure.
[  133.451238][ T6958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.451277][ T6958] CPU: 0 UID: 0 PID: 6958 Comm: syz.1.446 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  133.451306][ T6958] Tainted: [L]=SOFTLOCKUP
[  133.451313][ T6958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  133.451326][ T6958] Call Trace:
[  133.451333][ T6958]  <TASK>
[  133.451342][ T6958]  dump_stack_lvl+0xe8/0x150
[  133.451372][ T6958]  should_fail_ex+0x467/0x600
[  133.451406][ T6958]  _copy_from_iter+0x3b0/0x1660
[  133.451433][ T6958]  ? __pfx__copy_from_iter+0x10/0x10
[  133.451454][ T6958]  ? alloc_pages_noprof+0x161/0x2f0
[  133.451487][ T6958]  ? skb_page_frag_refill+0x119/0x460
[  133.451523][ T6958]  kcm_sendmsg+0xe38/0x2ad0
[  133.451569][ T6958]  ? __pfx_kcm_sendmsg+0x10/0x10
[  133.451594][ T6958]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  133.451625][ T6958]  ? lock_release+0x4b/0x3c0
[  133.451651][ T6958]  ? __might_fault+0xaf/0x130
[  133.451679][ T6958]  ? __pfx_kcm_sendmsg+0x10/0x10
[  133.451701][ T6958]  sock_sendmsg_nosec+0x13a/0x180
[  133.451734][ T6958]  ____sys_sendmsg+0x565/0x870
[  133.451765][ T6958]  ? __pfx_____sys_sendmsg+0x10/0x10
[  133.451795][ T6958]  ? import_iovec+0x73/0xa0
[  133.451821][ T6958]  ___sys_sendmsg+0x2a5/0x360
[  133.451845][ T6958]  ? _parse_integer_limit+0x1ae/0x1f0
[  133.451878][ T6958]  ? __pfx____sys_sendmsg+0x10/0x10
[  133.451907][ T6958]  ? kstrtouint+0x6e/0xe0
[  133.451961][ T6958]  ? __fget_files+0x2a/0x420
[  133.451987][ T6958]  ? __fget_files+0x3a8/0x420
[  133.452018][ T6958]  __sys_sendmmsg+0x279/0x4d0
[  133.452047][ T6958]  ? __pfx___sys_sendmmsg+0x10/0x10
[  133.452078][ T6958]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  133.452115][ T6958]  ? ksys_write+0x248/0x270
[  133.452147][ T6958]  ? __pfx_ksys_write+0x10/0x10
[  133.452181][ T6958]  __x64_sys_sendmmsg+0xa0/0xc0
[  133.452206][ T6958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.452228][ T6958]  do_syscall_64+0x174/0x580
[  133.452249][ T6958]  ? trace_irq_disable+0x3b/0x140
[  133.452284][ T6958]  ? clear_bhb_loop+0x40/0x90
[  133.452309][ T6958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.452331][ T6958] RIP: 0033:0x7fd27e76ce59
[  133.452350][ T6958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  133.452369][ T6958] RSP: 002b:00007fd27c9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  133.452392][ T6958] RAX: ffffffffffffffda RBX: 00007fd27e9e5fa0 RCX: 00007fd27e76ce59
[  133.452409][ T6958] RDX: 0000000000000002 RSI: 0000200000001500 RDI: 0000000000000005
[  133.452422][ T6958] RBP: 00007fd27c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  133.452436][ T6958] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  133.452449][ T6958] R13: 00007fd27e9e6038 R14: 00007fd27e9e5fa0 R15: 00007ffeada80d58
[  133.452475][ T6958]  </TASK>
[  134.206219][ T6978] 9p: Bad value for 'rfdno'
[  134.693685][ T6974] syzkaller1: entered promiscuous mode
[  134.693702][ T6974] syzkaller1: entered allmulticast mode
[  134.837773][ T5690] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  134.987804][ T5690] usb 1-1: Using ep0 maxpacket: 8
[  134.989091][ T5690] usb 1-1: config index 0 descriptor too short (expected 29551, got 111)
[  134.989110][ T5690] usb 1-1: config 1 has too many interfaces: 106, using maximum allowed: 32
[  134.989125][ T5690] usb 1-1: config 1 has an invalid interface descriptor of length 2, skipping
[  134.989138][ T5690] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  134.989151][ T5690] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 106
[  134.990849][ T5690] usb 1-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice= 0.40
[  134.990869][ T5690] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.990884][ T5690] usb 1-1: Product: syz
[  134.990895][ T5690] usb 1-1: Manufacturer: syz
[  134.990905][ T5690] usb 1-1: SerialNumber: syz
[  135.137809][ T5601] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  135.167152][ T7001] vxcan1: tx drop: invalid sa for name 0x0000000000000002
[  135.204855][ T5690] usb 1-1: USB disconnect, device number 20
[  135.293888][ T5601] usb 5-1: config 0 interface 0 altsetting 255 endpoint 0x9 has invalid wMaxPacketSize 0
[  135.293922][ T5601] usb 5-1: config 0 interface 0 has no altsetting 0
[  135.297378][ T5601] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  135.297406][ T5601] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  135.297429][ T5601] usb 5-1: Product: syz
[  135.297443][ T5601] usb 5-1: Manufacturer: syz
[  135.297458][ T5601] usb 5-1: SerialNumber: syz
[  135.347952][ T5601] usb 5-1: config 0 descriptor??
[  135.363635][ T5601] usb 5-1: selecting invalid altsetting 0
[  135.519001][ T7007] FAULT_INJECTION: forcing a failure.
[  135.519001][ T7007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.524741][ T7007] CPU: 0 UID: 0 PID: 7007 Comm: syz.3.468 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  135.524783][ T7007] Tainted: [L]=SOFTLOCKUP
[  135.524791][ T7007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  135.524804][ T7007] Call Trace:
[  135.524812][ T7007]  <TASK>
[  135.524821][ T7007]  dump_stack_lvl+0xe8/0x150
[  135.524852][ T7007]  should_fail_ex+0x467/0x600
[  135.524885][ T7007]  _copy_to_user+0x31/0xb0
[  135.524910][ T7007]  simple_read_from_buffer+0xe1/0x170
[  135.524938][ T7007]  proc_fail_nth_read+0x1be/0x230
[  135.524966][ T7007]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  135.524994][ T7007]  ? rw_verify_area+0x250/0x4d0
[  135.525025][ T7007]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  135.525050][ T7007]  vfs_read+0x219/0xa90
[  135.525082][ T7007]  ? __pfx_vfs_read+0x10/0x10
[  135.525112][ T7007]  ? rcu_is_watching+0x15/0xb0
[  135.525141][ T7007]  ? trace_irq_enable+0x3b/0x140
[  135.525167][ T7007]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  135.525202][ T7007]  ? mutex_lock_nested+0x152/0x1d0
[  135.525228][ T7007]  ? fdget_pos+0x252/0x320
[  135.525257][ T7007]  ksys_read+0x156/0x270
[  135.525288][ T7007]  ? __pfx_ksys_read+0x10/0x10
[  135.525318][ T7007]  ? rcu_is_watching+0x15/0xb0
[  135.525349][ T7007]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.525372][ T7007]  do_syscall_64+0x174/0x580
[  135.525391][ T7007]  ? trace_irq_disable+0x3b/0x140
[  135.525416][ T7007]  ? clear_bhb_loop+0x40/0x90
[  135.525440][ T7007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.525466][ T7007] RIP: 0033:0x7f50c4e7d68e
[  135.525484][ T7007] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  135.525503][ T7007] RSP: 002b:00007f50c310dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  135.525526][ T7007] RAX: ffffffffffffffda RBX: 00007f50c310e6c0 RCX: 00007f50c4e7d68e
[  135.525541][ T7007] RDX: 000000000000000f RSI: 00007f50c310e0a0 RDI: 0000000000000004
[  135.525554][ T7007] RBP: 00007f50c310e090 R08: 0000000000000000 R09: 0000000000000000
[  135.525567][ T7007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.525580][ T7007] R13: 00007f50c5136038 R14: 00007f50c5135fa0 R15: 00007ffc845ef8f8
[  135.525604][ T7007]  </TASK>
[  135.572871][ T6998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.579602][ T6998] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.618101][   T37] kauditd_printk_skb: 4 callbacks suppressed
[  135.618160][   T37] audit: type=1326 audit(135.176:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.623974][   T37] audit: type=1326 audit(135.196:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.624102][   T37] audit: type=1326 audit(135.196:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.630431][   T37] audit: type=1326 audit(135.206:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.630561][   T37] audit: type=1326 audit(135.206:36): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.635411][   T37] audit: type=1326 audit(135.206:37): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.648560][   T37] audit: type=1326 audit(135.226:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.648677][   T37] audit: type=1326 audit(135.226:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.649007][   T37] audit: type=1326 audit(135.216:38): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  135.649648][   T37] audit: type=1326 audit(135.226:41): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.4.464" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbeea57ce59 code=0x7ffc0000
[  136.012984][ T5601] usb 5-1: USB disconnect, device number 6
[  136.224868][ T7017] netlink: 36 bytes leftover after parsing attributes in process `syz.0.472'.
[  136.290395][ T7024] netlink: 12 bytes leftover after parsing attributes in process `syz.0.475'.
[  136.538134][ T7034] vxcan1: tx drop: invalid sa for name 0x0000000000000002
[  136.602212][ T7037] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  137.268768][ T7060] netlink: 44 bytes leftover after parsing attributes in process `syz.3.485'.
[  137.416169][ T7064] FAULT_INJECTION: forcing a failure.
[  137.416169][ T7064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.416206][ T7064] CPU: 1 UID: 0 PID: 7064 Comm: syz.1.488 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  137.416231][ T7064] Tainted: [L]=SOFTLOCKUP
[  137.416237][ T7064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  137.416248][ T7064] Call Trace:
[  137.416253][ T7064]  <TASK>
[  137.416260][ T7064]  dump_stack_lvl+0xe8/0x150
[  137.416284][ T7064]  should_fail_ex+0x467/0x600
[  137.416311][ T7064]  _copy_to_user+0x31/0xb0
[  137.416330][ T7064]  simple_read_from_buffer+0xe1/0x170
[  137.416354][ T7064]  proc_fail_nth_read+0x1be/0x230
[  137.416376][ T7064]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.416398][ T7064]  ? rw_verify_area+0x250/0x4d0
[  137.416422][ T7064]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.416442][ T7064]  vfs_read+0x219/0xa90
[  137.416467][ T7064]  ? __pfx_vfs_read+0x10/0x10
[  137.416490][ T7064]  ? rcu_is_watching+0x15/0xb0
[  137.416515][ T7064]  ? trace_irq_enable+0x3b/0x140
[  137.416535][ T7064]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  137.416564][ T7064]  ? mutex_lock_nested+0x152/0x1d0
[  137.416584][ T7064]  ? fdget_pos+0x252/0x320
[  137.416619][ T7064]  ksys_read+0x156/0x270
[  137.416644][ T7064]  ? __pfx_ksys_read+0x10/0x10
[  137.416668][ T7064]  ? rcu_is_watching+0x15/0xb0
[  137.416693][ T7064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.416712][ T7064]  do_syscall_64+0x174/0x580
[  137.416728][ T7064]  ? trace_irq_disable+0x3b/0x140
[  137.416747][ T7064]  ? clear_bhb_loop+0x40/0x90
[  137.416766][ T7064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.416783][ T7064] RIP: 0033:0x7fd27e72d68e
[  137.416797][ T7064] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  137.416812][ T7064] RSP: 002b:00007fd27c9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  137.416831][ T7064] RAX: ffffffffffffffda RBX: 00007fd27c9c66c0 RCX: 00007fd27e72d68e
[  137.416844][ T7064] RDX: 000000000000000f RSI: 00007fd27c9c60a0 RDI: 0000000000000006
[  137.416856][ T7064] RBP: 00007fd27c9c6090 R08: 0000000000000000 R09: 0000000000000000
[  137.416866][ T7064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.416876][ T7064] R13: 00007fd27e9e6038 R14: 00007fd27e9e5fa0 R15: 00007ffeada80d58
[  137.416896][ T7064]  </TASK>
[  137.555147][ T7067] vxcan1: tx drop: invalid sa for name 0x0000000000000002
[  137.989276][ T7091] netlink: 44 bytes leftover after parsing attributes in process `syz.0.499'.
[  138.220034][ T7098] binder: 7094:7098 ioctl c0306201 0 returned -14
[  139.626156][ T7129] vxcan1: tx drop: invalid sa for name 0x0000000000000002
[  139.832527][ T7133] FAULT_INJECTION: forcing a failure.
[  139.832527][ T7133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.832568][ T7133] CPU: 0 UID: 0 PID: 7133 Comm: syz.4.517 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  139.832599][ T7133] Tainted: [L]=SOFTLOCKUP
[  139.832607][ T7133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  139.832621][ T7133] Call Trace:
[  139.832629][ T7133]  <TASK>
[  139.832637][ T7133]  dump_stack_lvl+0xe8/0x150
[  139.832668][ T7133]  should_fail_ex+0x467/0x600
[  139.832703][ T7133]  _copy_from_user+0x2d/0xb0
[  139.832728][ T7133]  ___sys_sendmsg+0x1c6/0x360
[  139.832754][ T7133]  ? rcu_is_watching+0x15/0xb0
[  139.832784][ T7133]  ? get_pid_task+0x20/0x1f0
[  139.832808][ T7133]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.832839][ T7133]  ? rcu_is_watching+0x15/0xb0
[  139.832886][ T7133]  ? __fget_files+0x2a/0x420
[  139.832912][ T7133]  ? __fget_files+0x3a8/0x420
[  139.832946][ T7133]  __x64_sys_sendmsg+0x1b7/0x290
[  139.832975][ T7133]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  139.833010][ T7133]  ? rcu_is_watching+0x15/0xb0
[  139.833044][ T7133]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.833068][ T7133]  do_syscall_64+0x174/0x580
[  139.833090][ T7133]  ? trace_irq_disable+0x3b/0x140
[  139.833117][ T7133]  ? clear_bhb_loop+0x40/0x90
[  139.833143][ T7133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.833166][ T7133] RIP: 0033:0x7fbeea57ce59
[  139.833185][ T7133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  139.833204][ T7133] RSP: 002b:00007fbee87ce028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.833229][ T7133] RAX: ffffffffffffffda RBX: 00007fbeea7f5fa0 RCX: 00007fbeea57ce59
[  139.833246][ T7133] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  139.833260][ T7133] RBP: 00007fbee87ce090 R08: 0000000000000000 R09: 0000000000000000
[  139.833276][ T7133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.833289][ T7133] R13: 00007fbeea7f6038 R14: 00007fbeea7f5fa0 R15: 00007fff6f0d5e78
[  139.833316][ T7133]  </TASK>
[  141.018569][ T7179] netlink: 8 bytes leftover after parsing attributes in process `syz.2.539'.
[  141.107829][ T5601] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  141.161206][ T5801] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  141.188718][ T5690] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  141.268370][ T5601] usb 2-1: Using ep0 maxpacket: 8
[  141.270607][ T5601] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[  141.272131][ T5601] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.272163][ T5601] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  141.272204][ T5601] usb 2-1: New USB device found, idVendor=06cb, idProduct=73f4, bcdDevice= 0.00
[  141.272230][ T5601] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.336886][ T5601] usb 2-1: config 0 descriptor??
[  141.349095][ T5801] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  141.349125][ T5801] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.349145][ T5801] usb 4-1: Product: syz
[  141.349160][ T5801] usb 4-1: Manufacturer: syz
[  141.349183][ T5801] usb 4-1: SerialNumber: syz
[  141.353700][ T5601] usbhid 2-1:0.0: fixing wrong optional hid class descriptors count
[  141.353719][ T5601] usbhid 2-1:0.0: can't add hid device: -22
[  141.353793][ T5601] usbhid 2-1:0.0: probe with driver usbhid failed with error -22
[  141.357971][ T5690] usb 1-1: Using ep0 maxpacket: 8
[  141.367876][ T5690] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  141.367908][ T5690] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  141.367934][ T5690] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  141.367960][ T5690] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  141.367999][ T5690] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  141.368024][ T5690] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.447531][ T5801] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  141.564324][ T5704] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  141.581362][ T7166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.582490][ T7166] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.714484][ T5690] usb 1-1: GET_CAPABILITIES returned 0
[  141.714524][ T5690] usbtmc 1-1:16.0: can't read capabilities
[  141.768743][ T5801] usb 2-1: USB disconnect, device number 12
[  141.922306][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922345][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922374][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922402][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922430][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922666][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922707][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922734][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922761][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.922788][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.923047][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.923077][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.923106][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.923133][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.923160][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  142.083258][ T5801] usb 1-1: USB disconnect, device number 21
[  142.224996][ T7174] netlink: 8 bytes leftover after parsing attributes in process `syz.3.536'.
[  142.384378][ T7210] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.384696][ T7210] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.591663][ T7216] vxcan1: tx drop: invalid sa for name 0x0000000000000002
[  142.598553][ T5801] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  142.628154][ T5601] usb 4-1: USB disconnect, device number 16
[  142.760351][ T5801] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.760388][ T5801] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.760423][ T5801] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  142.760447][ T5801] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.763098][ T5801] usb 5-1: config 0 descriptor??
[  142.847848][ T5704] usb 4-1: Service connection timeout for: 256
[  142.847872][ T5704] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[  142.938036][ T5704] ath9k_htc: Failed to initialize the device
[  142.938281][ T5601] usb 4-1: ath9k_htc: USB layer deinitialized
[  143.137768][ T3860] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  143.298601][ T3860] usb 3-1: Using ep0 maxpacket: 16
[  143.300838][ T3860] usb 3-1: unable to get BOS descriptor or descriptor too short
[  143.304065][ T3860] usb 3-1: config 1 has an invalid descriptor of length 138, skipping remainder of the config
[  143.304093][ T3860] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  143.304133][ T3860] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 210, changing to 7
[  143.304174][ T3860] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58594, setting to 1024
[  143.365577][ T3860] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  143.365608][ T3860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.365629][ T3860] usb 3-1: Product: 䰊
[  143.365645][ T3860] usb 3-1: SerialNumber: 㐁
[  143.604246][ T5801] hid-led 0003:27B8:01ED.0002: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.4-1/input0
[  143.629795][ T5801] hid-led 0003:27B8:01ED.0002: ThingM blink(1) initialized
[  143.814569][ T5601] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  143.846194][    T9] usb 5-1: USB disconnect, device number 7
[  143.984016][ T5601] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.984047][ T5601] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  143.984080][ T5601] usb 4-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  143.984615][ T5601] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  143.987542][ T5601] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  143.987570][ T5601] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  143.987592][ T5601] usb 4-1: SerialNumber: syz
[  144.118848][ T7242] fido_id[7242]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  144.515407][ T5601] usb 4-1: 0:2 : does not exist
[  144.515469][ T5601] usb 4-1: unit 5 not found!
[  144.656533][ T5601] usb 4-1: USB disconnect, device number 17
[  144.814621][ T6161] udevd[6161]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  145.222729][ T7263] FAULT_INJECTION: forcing a failure.
[  145.222729][ T7263] name failslab, interval 1, probability 0, space 0, times 0
[  145.222770][ T7263] CPU: 0 UID: 0 PID: 7263 Comm: syz.0.565 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  145.222801][ T7263] Tainted: [L]=SOFTLOCKUP
[  145.222809][ T7263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  145.222825][ T7263] Call Trace:
[  145.222834][ T7263]  <TASK>
[  145.222842][ T7263]  dump_stack_lvl+0xe8/0x150
[  145.222872][ T7263]  should_fail_ex+0x467/0x600
[  145.222907][ T7263]  should_failslab+0xa8/0x100
[  145.222939][ T7263]  __kmalloc_noprof+0xdf/0x7a0
[  145.222988][ T7263]  ? vb2_core_reqbufs+0x931/0x1470
[  145.223018][ T7263]  ? vb2_core_reqbufs+0x8c4/0x1470
[  145.223051][ T7263]  vb2_core_reqbufs+0x931/0x1470
[  145.223091][ T7263]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  145.223126][ T7263]  ? __kmalloc_cache_noprof+0x3a2/0x690
[  145.223154][ T7263]  ? _parse_integer_limit+0x1ae/0x1f0
[  145.223185][ T7263]  ? __vb2_init_fileio+0x1e2/0x1040
[  145.223222][ T7263]  __vb2_init_fileio+0x310/0x1040
[  145.223255][ T7263]  ? kstrtoull+0x12f/0x1d0
[  145.223300][ T7263]  __vb2_perform_fileio+0x287/0x1660
[  145.223337][ T7263]  ? trace_irq_enable+0x3b/0x140
[  145.223364][ T7263]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  145.223403][ T7263]  ? vb2_fop_read+0xfb/0x370
[  145.223436][ T7263]  vb2_fop_read+0x28b/0x370
[  145.223473][ T7263]  v4l2_read+0x19f/0x2c0
[  145.223507][ T7263]  ? __pfx_v4l2_read+0x10/0x10
[  145.223539][ T7263]  vfs_read+0x219/0xa90
[  145.223574][ T7263]  ? __pfx_vfs_read+0x10/0x10
[  145.223603][ T7263]  ? lock_release+0x4b/0x3c0
[  145.223629][ T7263]  ? rt_mutex_slowunlock+0x219/0x460
[  145.223660][ T7263]  ? __fget_files+0x2a/0x420
[  145.223686][ T7263]  ? __fget_files+0x3a8/0x420
[  145.223712][ T7263]  ? __fget_files+0x2a/0x420
[  145.223749][ T7263]  ksys_read+0x156/0x270
[  145.223782][ T7263]  ? __pfx_ksys_read+0x10/0x10
[  145.223815][ T7263]  ? rcu_is_watching+0x15/0xb0
[  145.223848][ T7263]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.223872][ T7263]  do_syscall_64+0x174/0x580
[  145.223893][ T7263]  ? trace_irq_disable+0x3b/0x140
[  145.223918][ T7263]  ? clear_bhb_loop+0x40/0x90
[  145.223944][ T7263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.223966][ T7263] RIP: 0033:0x7fb9d13cce59
[  145.223984][ T7263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  145.224004][ T7263] RSP: 002b:00007fb9cf61e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  145.224028][ T7263] RAX: ffffffffffffffda RBX: 00007fb9d1645fa0 RCX: 00007fb9d13cce59
[  145.224045][ T7263] RDX: 0000000000002020 RSI: 000020000000ae80 RDI: 0000000000000003
[  145.224059][ T7263] RBP: 00007fb9cf61e090 R08: 0000000000000000 R09: 0000000000000000
[  145.224074][ T7263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.224088][ T7263] R13: 00007fb9d1646038 R14: 00007fb9d1645fa0 R15: 00007ffe8f4f76d8
[  145.224114][ T7263]  </TASK>
[  145.528607][    T9] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  145.737922][    T9] usb 4-1: Using ep0 maxpacket: 32
[  145.741743][    T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  145.741801][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  145.745979][    T9] usb 4-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice= 0.40
[  145.746010][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.746032][    T9] usb 4-1: Product: syz
[  145.746239][    T9] usb 4-1: Manufacturer: syz
[  145.746257][    T9] usb 4-1: SerialNumber: syz
[  145.833141][    T9] snd-ua101 4-1:1.1: sample format descriptor not found
[  145.833533][    T9] snd-ua101 4-1:1.0: invalid num_altsetting
[  146.064438][    T9] usb 4-1: USB disconnect, device number 18
[  146.119822][ T3860] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  146.119861][ T3860] cdc_ncm 3-1:1.0: bind() failure
[  146.160225][ T3860] usb 3-1: USB disconnect, device number 12
[  146.364508][ T7291] ieee802154 phy0 wpan0: encryption failed: -22
[  146.364594][ T7291] ieee802154 phy0 wpan0: encryption failed: -22
[  146.407754][   T37] kauditd_printk_skb: 79 callbacks suppressed
[  146.407773][   T37] audit: type=1326 audit(145.976:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7290 comm="syz.2.579" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe4172ece59 code=0x0
[  146.622334][ T7295] netlink: 36 bytes leftover after parsing attributes in process `syz.1.577'.
[  147.572956][ T7310] FAULT_INJECTION: forcing a failure.
[  147.572956][ T7310] name failslab, interval 1, probability 0, space 0, times 0
[  147.572988][ T7310] CPU: 1 UID: 0 PID: 7310 Comm: syz.4.585 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  147.573011][ T7310] Tainted: [L]=SOFTLOCKUP
[  147.573017][ T7310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  147.573027][ T7310] Call Trace:
[  147.573032][ T7310]  <TASK>
[  147.573038][ T7310]  dump_stack_lvl+0xe8/0x150
[  147.573090][ T7310]  should_fail_ex+0x467/0x600
[  147.573128][ T7310]  should_failslab+0xa8/0x100
[  147.573150][ T7310]  __kmalloc_cache_node_noprof+0x8a/0x6f0
[  147.573173][ T7310]  ? page_pool_create_percpu+0x73/0xc90
[  147.573196][ T7310]  ? __kvmalloc_node_noprof+0x3e0/0x900
[  147.573221][ T7310]  page_pool_create_percpu+0x73/0xc90
[  147.573244][ T7310]  ? page_pool_create+0xd/0x20
[  147.573266][ T7310]  bpf_test_run_xdp_live+0x23a/0x1c20
[  147.573287][ T7310]  ? rcu_is_watching+0x15/0xb0
[  147.573310][ T7310]  ? trace_irq_enable+0x3b/0x140
[  147.573330][ T7310]  ? rt_mutex_slowunlock+0x219/0x460
[  147.573376][ T7310]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  147.573406][ T7310]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  147.573434][ T7310]  ? 0xffffffffa02057c0
[  147.573483][ T7310]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  147.573518][ T7310]  ? _copy_from_user+0x94/0xb0
[  147.573545][ T7310]  ? bpf_test_init+0x113/0x150
[  147.573570][ T7310]  ? xdp_convert_md_to_buff+0x5b/0x330
[  147.573600][ T7310]  bpf_prog_test_run_xdp+0x7d8/0x11d0
[  147.573628][ T7310]  ? kstrtoull+0x12f/0x1d0
[  147.573665][ T7310]  ? rcu_is_watching+0x15/0xb0
[  147.573698][ T7310]  ? lock_release+0x4b/0x3c0
[  147.573726][ T7310]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.573755][ T7310]  ? __fget_files+0x2a/0x420
[  147.573788][ T7310]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  147.573808][ T7310]  bpf_prog_test_run+0x2cb/0x340
[  147.573831][ T7310]  __sys_bpf+0xa22/0xd90
[  147.573852][ T7310]  ? rcu_needs_cpu+0x90/0xb0
[  147.573874][ T7310]  ? __pfx___sys_bpf+0x10/0x10
[  147.573893][ T7310]  ? trace_irq_enable+0x3b/0x140
[  147.573913][ T7310]  ? rt_mutex_slowunlock+0x219/0x460
[  147.573941][ T7310]  ? ksys_write+0x248/0x270
[  147.573964][ T7310]  ? __pfx_ksys_write+0x10/0x10
[  147.573988][ T7310]  __x64_sys_bpf+0xba/0xd0
[  147.574005][ T7310]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.574021][ T7310]  do_syscall_64+0x174/0x580
[  147.574035][ T7310]  ? trace_irq_disable+0x3b/0x140
[  147.574061][ T7310]  ? clear_bhb_loop+0x40/0x90
[  147.574079][ T7310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.574095][ T7310] RIP: 0033:0x7fbeea57ce59
[  147.574108][ T7310] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.574122][ T7310] RSP: 002b:00007fbee87ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.574138][ T7310] RAX: ffffffffffffffda RBX: 00007fbeea7f5fa0 RCX: 00007fbeea57ce59
[  147.574150][ T7310] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  147.574160][ T7310] RBP: 00007fbee87ce090 R08: 0000000000000000 R09: 0000000000000000
[  147.574169][ T7310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.574179][ T7310] R13: 00007fbeea7f6038 R14: 00007fbeea7f5fa0 R15: 00007fff6f0d5e78
[  147.574197][ T7310]  </TASK>
[  148.024238][ T7314] FAULT_INJECTION: forcing a failure.
[  148.024238][ T7314] name failslab, interval 1, probability 0, space 0, times 0
[  148.024277][ T7314] CPU: 1 UID: 0 PID: 7314 Comm: syz.4.586 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  148.024300][ T7314] Tainted: [L]=SOFTLOCKUP
[  148.024306][ T7314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  148.024316][ T7314] Call Trace:
[  148.024321][ T7314]  <TASK>
[  148.024327][ T7314]  dump_stack_lvl+0xe8/0x150
[  148.024349][ T7314]  should_fail_ex+0x467/0x600
[  148.024375][ T7314]  should_failslab+0xa8/0x100
[  148.024397][ T7314]  __kmalloc_cache_noprof+0x84/0x690
[  148.024418][ T7314]  ? nbd_alloc_and_init_config+0x87/0x260
[  148.024437][ T7314]  nbd_alloc_and_init_config+0x87/0x260
[  148.024455][ T7314]  nbd_genl_connect+0xa43/0x1c00
[  148.024475][ T7314]  ? __pfx_nbd_genl_connect+0x10/0x10
[  148.024494][ T7314]  ? rcu_is_watching+0x15/0xb0
[  148.024524][ T7314]  ? trace_kmalloc+0x2a/0xf0
[  148.024544][ T7314]  ? __nla_parse+0x40/0x60
[  148.024560][ T7314]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[  148.024586][ T7314]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[  148.024614][ T7314]  genl_family_rcv_msg_doit+0x233/0x340
[  148.024641][ T7314]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  148.024670][ T7314]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  148.024699][ T7314]  genl_rcv_msg+0x614/0x7a0
[  148.024724][ T7314]  ? __pfx_genl_rcv_msg+0x10/0x10
[  148.024746][ T7314]  ? do_syscall_64+0x174/0x580
[  148.024761][ T7314]  ? __pfx_nbd_genl_connect+0x10/0x10
[  148.024777][ T7314]  ? __netlink_lookup+0xc6/0x8b0
[  148.024796][ T7314]  ? rcu_is_watching+0x15/0xb0
[  148.024821][ T7314]  netlink_rcv_skb+0x226/0x4a0
[  148.024855][ T7314]  ? __pfx_genl_rcv_msg+0x10/0x10
[  148.024878][ T7314]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  148.024899][ T7314]  ? net_generic+0x1e/0x240
[  148.024912][ T7314]  ? netlink_deliver_tap+0x2e/0x1b0
[  148.024931][ T7314]  genl_rcv+0x28/0x40
[  148.024951][ T7314]  netlink_unicast+0x7f5/0x990
[  148.024970][ T7314]  netlink_sendmsg+0x813/0xb40
[  148.024987][ T7314]  ? lock_release+0x4b/0x3c0
[  148.025005][ T7314]  ? lock_release+0x4b/0x3c0
[  148.025028][ T7314]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.025046][ T7314]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  148.025069][ T7314]  ? __kernel_text_address+0xd/0x30
[  148.025087][ T7314]  ? unwind_get_return_address+0x4d/0x90
[  148.025108][ T7314]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.025126][ T7314]  sock_sendmsg_nosec+0x13a/0x180
[  148.025150][ T7314]  ____sys_sendmsg+0x565/0x870
[  148.025170][ T7314]  ? __pfx_____sys_sendmsg+0x10/0x10
[  148.025188][ T7314]  ? lock_release+0x4b/0x3c0
[  148.025208][ T7314]  ? import_iovec+0x73/0xa0
[  148.025226][ T7314]  ___sys_sendmsg+0x2a5/0x360
[  148.025243][ T7314]  ? rcu_is_watching+0x15/0xb0
[  148.025263][ T7314]  ? get_pid_task+0x20/0x1f0
[  148.025279][ T7314]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.025299][ T7314]  ? rcu_is_watching+0x15/0xb0
[  148.025330][ T7314]  ? __fget_files+0x2a/0x420
[  148.025347][ T7314]  ? __fget_files+0x3a8/0x420
[  148.025368][ T7314]  __x64_sys_sendmsg+0x1b7/0x290
[  148.025387][ T7314]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  148.025410][ T7314]  ? rcu_is_watching+0x15/0xb0
[  148.025432][ T7314]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.025448][ T7314]  do_syscall_64+0x174/0x580
[  148.025461][ T7314]  ? trace_irq_disable+0x3b/0x140
[  148.025479][ T7314]  ? clear_bhb_loop+0x40/0x90
[  148.025496][ T7314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.025515][ T7314] RIP: 0033:0x7fbeea57ce59
[  148.025529][ T7314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  148.025542][ T7314] RSP: 002b:00007fbee87ce028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  148.025558][ T7314] RAX: ffffffffffffffda RBX: 00007fbeea7f5fa0 RCX: 00007fbeea57ce59
[  148.025570][ T7314] RDX: 0000000000000000 RSI: 0000200000001c40 RDI: 0000000000000004
[  148.025579][ T7314] RBP: 00007fbee87ce090 R08: 0000000000000000 R09: 0000000000000000
[  148.025589][ T7314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.025598][ T7314] R13: 00007fbeea7f6038 R14: 00007fbeea7f5fa0 R15: 00007fff6f0d5e78
[  148.025615][ T7314]  </TASK>
[  148.049425][ T7314] nbd: couldn't allocate config
[  148.849170][ T7329] netlink: 4 bytes leftover after parsing attributes in process `syz.0.593'.
[  148.854382][ T7329] netlink: 12 bytes leftover after parsing attributes in process `syz.0.593'.
[  148.967776][ T5601] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  149.117880][ T5601] usb 2-1: Using ep0 maxpacket: 8
[  149.120012][ T5601] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[  149.120056][ T5601] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.120086][ T5601] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  149.120125][ T5601] usb 2-1: New USB device found, idVendor=06cb, idProduct=73f4, bcdDevice= 0.00
[  149.120149][ T5601] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.147934][ T5704] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  149.193159][ T5601] usb 2-1: config 0 descriptor??
[  149.208281][ T5601] usbhid 2-1:0.0: fixing wrong optional hid class descriptors count
[  149.208305][ T5601] usbhid 2-1:0.0: can't add hid device: -22
[  149.208389][ T5601] usbhid 2-1:0.0: probe with driver usbhid failed with error -22
[  149.297970][ T5704] usb 1-1: Using ep0 maxpacket: 32
[  149.300748][ T5704] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  149.300783][ T5704] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  149.300811][ T5704] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  149.300846][ T5704] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  149.300871][ T5704] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.339474][ T5704] usb 1-1: config 0 descriptor??
[  149.379099][ T5704] hub 1-1:0.0: USB hub found
[  149.404241][ T7323] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.405078][ T7323] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.517879][ T5601] usb 2-1: USB disconnect, device number 13
[  149.550170][ T5704] hub 1-1:0.0: 1 port detected
[  150.017786][ T5691] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  150.164978][ T5801] hub 1-1:0.0: activate --> -90
[  150.167800][ T5691] usb 5-1: Using ep0 maxpacket: 32
[  150.179736][ T5691] usb 5-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  150.179781][ T5691] usb 5-1: config 0 interface 0 has no altsetting 0
[  150.180328][ T5691] usb 5-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  150.180356][ T5691] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.233937][ T5691] usb 5-1: config 0 descriptor??
[  150.308130][ T7363] fuse: Bad value for 'user_id'
[  150.308150][ T7363] fuse: Bad value for 'user_id'
[  150.946284][ T5801] usb 1-1-port1: config error
[  150.947421][ T5704] usb 1-1: USB disconnect, device number 22
[  150.948561][ T5801] hub 1-1:0.0: hub_ext_port_status failed (err = -71)
[  150.949252][ T5801] usb 1-1-port1: connect-debounce failed
[  151.006003][ T5691] usbhid 5-1:0.0: can't add hid device: -71
[  151.006100][ T5691] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  151.035674][ T5691] usb 5-1: USB disconnect, device number 8
[  151.097818][   T31] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  151.337798][   T31] usb 3-1: Using ep0 maxpacket: 32
[  151.338484][   T31] usb 3-1: no configurations
[  151.338496][   T31] usb 3-1: can't read configurations, error -22
[  151.477157][ T7384] netlink: 36 bytes leftover after parsing attributes in process `syz.1.614'.
[  152.007892][   T31] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  152.292400][ T7391] veth0: entered promiscuous mode
[  152.294018][ T7391] veth0: left promiscuous mode
[  152.857819][   T31] usb 3-1: Using ep0 maxpacket: 32
[  152.858350][   T31] usb 3-1: no configurations
[  152.858367][   T31] usb 3-1: can't read configurations, error -22
[  152.858629][   T31] usb usb3-port1: attempt power cycle
[  153.097760][ T7393] netlink: 32 bytes leftover after parsing attributes in process `syz.1.617'.
[  153.294147][ T7408] vxcan1: tx drop: invalid sa for name 0x0000000000000002
[  153.307817][   T31] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  153.329406][   T31] usb 3-1: Using ep0 maxpacket: 32
[  153.330126][   T31] usb 3-1: no configurations
[  153.330143][   T31] usb 3-1: can't read configurations, error -22
[  153.457797][   T31] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  153.482368][   T31] usb 3-1: Using ep0 maxpacket: 32
[  153.482907][   T31] usb 3-1: no configurations
[  153.482924][   T31] usb 3-1: can't read configurations, error -22
[  153.484757][   T31] usb usb3-port1: unable to enumerate USB device
[  153.621786][ T7416] evm: overlay not supported
[  153.626647][   T37] audit: type=1326 audit(153.196:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.629" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4172ece59 code=0x7ffc0000
[  153.627023][   T37] audit: type=1326 audit(153.196:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.629" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7fe4172ece59 code=0x7ffc0000
[  153.643408][   T37] audit: type=1326 audit(153.206:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.629" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4172ece59 code=0x7ffc0000
[  153.643458][   T37] audit: type=1326 audit(153.216:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.2.629" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4172ece59 code=0x7ffc0000
[  154.608460][ T7434] netlink: 36 bytes leftover after parsing attributes in process `syz.1.627'.
[  154.627832][ T5704] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  154.778708][ T5704] usb 4-1: Using ep0 maxpacket: 8
[  154.781589][ T5704] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  154.781632][ T5704] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.781662][ T5704] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  154.781701][ T5704] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f4, bcdDevice= 0.00
[  154.781735][ T5704] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.826357][ T5704] usb 4-1: config 0 descriptor??
[  154.853017][ T5704] usbhid 4-1:0.0: fixing wrong optional hid class descriptors count
[  154.853042][ T5704] usbhid 4-1:0.0: can't add hid device: -22
[  154.853121][ T5704] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[  155.312052][ T7420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.314113][ T7420] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.436037][ T5704] usb 4-1: USB disconnect, device number 19
[  155.439678][ T7452] 9p: Bad value for 'rfdno'
[  155.907834][ T5704] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  156.037898][ T5704] usb 1-1: device descriptor read/64, error -71
[  156.278110][ T5704] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  156.308860][ T1010] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  156.407918][ T5704] usb 1-1: device descriptor read/64, error -71
[  156.457762][ T1010] usb 4-1: Using ep0 maxpacket: 8
[  156.459426][ T1010] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  156.459468][ T1010] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.459497][ T1010] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  156.459536][ T1010] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f4, bcdDevice= 0.00
[  156.459560][ T1010] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.466533][ T1010] usb 4-1: config 0 descriptor??
[  156.529356][ T5704] usb usb1-port1: attempt power cycle
[  156.531947][ T1010] usbhid 4-1:0.0: fixing wrong optional hid class descriptors count
[  156.531969][ T1010] usbhid 4-1:0.0: can't add hid device: -22
[  156.532053][ T1010] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[  156.702966][ T7488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.703207][ T7488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.788408][ T5801] usb 4-1: USB disconnect, device number 20
[  156.867938][ T5704] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  156.888379][ T5704] usb 1-1: device descriptor read/8, error -71
[  156.898480][ T1010] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  157.057806][ T1010] usb 2-1: Using ep0 maxpacket: 8
[  157.059597][ T1010] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  157.059633][ T1010] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  157.059657][ T1010] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  157.059683][ T1010] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  157.059712][ T1010] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  157.059748][ T1010] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  157.059773][ T1010] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.063830][ T1010] usb 2-1: config 0 descriptor??
[  157.065369][ T7500] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  157.159041][ T5704] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  157.179300][ T5704] usb 1-1: device descriptor read/8, error -71
[  157.288564][ T5704] usb usb1-port1: unable to enumerate USB device
[  157.476826][ T7520] netlink: 44 bytes leftover after parsing attributes in process `syz.3.673'.
[  157.482839][ T7522] FAULT_INJECTION: forcing a failure.
[  157.482839][ T7522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.482886][ T7522] CPU: 0 UID: 0 PID: 7522 Comm: syz.4.674 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  157.482940][ T7522] Tainted: [L]=SOFTLOCKUP
[  157.482948][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  157.482962][ T7522] Call Trace:
[  157.482970][ T7522]  <TASK>
[  157.482978][ T7522]  dump_stack_lvl+0xe8/0x150
[  157.483017][ T7522]  should_fail_ex+0x467/0x600
[  157.483118][ T7522]  _copy_from_user+0x2d/0xb0
[  157.483145][ T7522]  ___sys_recvmsg+0x173/0x5a0
[  157.483176][ T7522]  ? __pfx____sys_recvmsg+0x10/0x10
[  157.483207][ T7522]  ? __fget_files+0x2a/0x420
[  157.483268][ T7522]  ? rcu_is_watching+0x15/0xb0
[  157.483329][ T7522]  ? __fget_files+0x3a8/0x420
[  157.483361][ T7522]  do_recvmmsg+0x320/0x7f0
[  157.483394][ T7522]  ? __pfx_do_recvmmsg+0x10/0x10
[  157.483420][ T7522]  ? trace_irq_enable+0x3b/0x140
[  157.483480][ T7522]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  157.483516][ T7522]  __x64_sys_recvmmsg+0x198/0x250
[  157.483547][ T7522]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  157.483577][ T7522]  ? rcu_is_watching+0x15/0xb0
[  157.483631][ T7522]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.483682][ T7522]  do_syscall_64+0x174/0x580
[  157.483703][ T7522]  ? clear_bhb_loop+0x40/0x90
[  157.483729][ T7522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.483752][ T7522] RIP: 0033:0x7fbeea57ce59
[  157.483771][ T7522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  157.483798][ T7522] RSP: 002b:00007fbee87ce028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  157.483855][ T7522] RAX: ffffffffffffffda RBX: 00007fbeea7f5fa0 RCX: 00007fbeea57ce59
[  157.483879][ T7522] RDX: 0000000000000001 RSI: 000020000000c4c0 RDI: 0000000000000004
[  157.483894][ T7522] RBP: 00007fbee87ce090 R08: 0000000000000000 R09: 0000000000000000
[  157.483908][ T7522] R10: 00000000400101c3 R11: 0000000000000246 R12: 0000000000000001
[  157.483923][ T7522] R13: 00007fbeea7f6038 R14: 00007fbeea7f5fa0 R15: 00007fff6f0d5e78
[  157.483949][ T7522]  </TASK>
[  157.539078][ T7524] batadv_slave_1: entered promiscuous mode
[  157.683724][ T5592] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[  157.684003][    C1] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  157.701800][ T5601] usb 2-1: USB disconnect, device number 14
[  157.940874][ T7519] batadv_slave_1: left promiscuous mode
[  158.131733][ T7542] netlink: 16 bytes leftover after parsing attributes in process `syz.3.680'.
[  158.207860][ T1010] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  158.307632][ T7555] netlink: 27 bytes leftover after parsing attributes in process `syz.3.684'.
[  158.337795][ T1010] usb 3-1: device descriptor read/64, error -71
[  158.627795][ T1010] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  158.719164][ T7573] FAULT_INJECTION: forcing a failure.
[  158.719164][ T7573] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.719205][ T7573] CPU: 1 UID: 0 PID: 7573 Comm: syz.0.695 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  158.719239][ T7573] Tainted: [L]=SOFTLOCKUP
[  158.719247][ T7573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  158.719261][ T7573] Call Trace:
[  158.719269][ T7573]  <TASK>
[  158.719278][ T7573]  dump_stack_lvl+0xe8/0x150
[  158.719309][ T7573]  should_fail_ex+0x467/0x600
[  158.719345][ T7573]  _copy_from_user+0x2d/0xb0
[  158.719370][ T7573]  __sys_bpf+0x2e7/0xd90
[  158.719406][ T7573]  ? rcu_is_watching+0x15/0xb0
[  158.719441][ T7573]  ? rcu_needs_cpu+0x90/0xb0
[  158.719473][ T7573]  ? __pfx___sys_bpf+0x10/0x10
[  158.719501][ T7573]  ? trace_irq_enable+0x3b/0x140
[  158.719529][ T7573]  ? rt_mutex_slowunlock+0x219/0x460
[  158.719568][ T7573]  ? ksys_write+0x248/0x270
[  158.719600][ T7573]  ? __pfx_ksys_write+0x10/0x10
[  158.719634][ T7573]  __x64_sys_bpf+0xba/0xd0
[  158.719657][ T7573]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.719680][ T7573]  do_syscall_64+0x174/0x580
[  158.719701][ T7573]  ? trace_irq_disable+0x3b/0x140
[  158.719727][ T7573]  ? clear_bhb_loop+0x40/0x90
[  158.719752][ T7573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.719774][ T7573] RIP: 0033:0x7fb9d13cce59
[  158.719793][ T7573] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  158.719812][ T7573] RSP: 002b:00007fb9cf61e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  158.719835][ T7573] RAX: ffffffffffffffda RBX: 00007fb9d1645fa0 RCX: 00007fb9d13cce59
[  158.719852][ T7573] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[  158.719866][ T7573] RBP: 00007fb9cf61e090 R08: 0000000000000000 R09: 0000000000000000
[  158.719881][ T7573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.719894][ T7573] R13: 00007fb9d1646038 R14: 00007fb9d1645fa0 R15: 00007ffe8f4f76d8
[  158.719920][ T7573]  </TASK>
[  158.757763][ T1010] usb 3-1: device descriptor read/64, error -71
[  158.881722][ T1010] usb usb3-port1: attempt power cycle
[  159.128621][   T14] workqueue: work func io_tctx_fallback_work enqueued on deprecated workqueue. Use system_{percpu|dfl}_wq instead.
[  159.227782][ T1010] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  159.248889][ T1010] usb 3-1: device descriptor read/8, error -71
[  159.501223][ T1010] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  159.551698][ T1010] usb 3-1: device descriptor read/8, error -71
[  159.663040][ T1010] usb usb3-port1: unable to enumerate USB device
[  160.014063][ T7599] process 'syz.0.702' launched '/dev/fd/3/./file2' with NULL argv: empty string added
[  160.499977][ T7617] netlink: 4 bytes leftover after parsing attributes in process `syz.4.713'.
[  160.500137][ T7617] FAULT_INJECTION: forcing a failure.
[  160.500137][ T7617] name failslab, interval 1, probability 0, space 0, times 0
[  160.500171][ T7617] CPU: 0 UID: 0 PID: 7617 Comm: syz.4.713 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  160.500202][ T7617] Tainted: [L]=SOFTLOCKUP
[  160.500210][ T7617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  160.500224][ T7617] Call Trace:
[  160.500232][ T7617]  <TASK>
[  160.500240][ T7617]  dump_stack_lvl+0xe8/0x150
[  160.500271][ T7617]  should_fail_ex+0x467/0x600
[  160.500305][ T7617]  should_failslab+0xa8/0x100
[  160.500336][ T7617]  __kvmalloc_node_noprof+0x16a/0x900
[  160.500365][ T7617]  ? nf_hook_entries_grow+0x287/0x740
[  160.500394][ T7617]  ? rcu_is_watching+0x15/0xb0
[  160.500433][ T7617]  nf_hook_entries_grow+0x287/0x740
[  160.500462][ T7617]  ? trace_irq_enable+0x3b/0x140
[  160.500488][ T7617]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  160.500523][ T7617]  ? mutex_lock_nested+0x152/0x1d0
[  160.500550][ T7617]  ? __nf_register_net_hook+0x232/0x930
[  160.500583][ T7617]  __nf_register_net_hook+0x2c9/0x930
[  160.500619][ T7617]  nf_register_net_hook+0xb2/0x190
[  160.500650][ T7617]  nf_register_net_hooks+0x44/0x1b0
[  160.500681][ T7617]  nf_ct_netns_do_get+0x3bf/0x5c0
[  160.500715][ T7617]  ? rcu_is_watching+0x15/0xb0
[  160.500745][ T7617]  ? __pfx_nf_ct_netns_do_get+0x10/0x10
[  160.500777][ T7617]  ? lock_release+0x4b/0x3c0
[  160.500803][ T7617]  ? rcu_is_watching+0x15/0xb0
[  160.500846][ T7617]  ? nf_ct_netns_get+0xe9/0x320
[  160.500879][ T7617]  nft_synproxy_do_init+0x1d1/0x4c0
[  160.500916][ T7617]  nft_obj_init+0x21f/0x360
[  160.500948][ T7617]  nf_tables_newobj+0xa8f/0x1c70
[  160.500978][ T7617]  ? __pfx_nf_tables_newobj+0x10/0x10
[  160.501004][ T7617]  ? __nla_parse+0x40/0x60
[  160.501028][ T7617]  nfnetlink_rcv+0x1291/0x28d0
[  160.501068][ T7617]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  160.501099][ T7617]  ? ref_tracker_free+0x668/0x820
[  160.501146][ T7617]  ? skb_clone+0x246/0x3a0
[  160.501175][ T7617]  ? __netlink_deliver_tap+0x811/0x860
[  160.501202][ T7617]  ? rcu_is_watching+0x15/0xb0
[  160.501238][ T7617]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.501263][ T7617]  ? lock_release+0x4b/0x3c0
[  160.501290][ T7617]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.501319][ T7617]  netlink_unicast+0x7f5/0x990
[  160.501346][ T7617]  netlink_sendmsg+0x813/0xb40
[  160.501371][ T7617]  ? lock_release+0x4b/0x3c0
[  160.501411][ T7617]  ? lock_release+0x4b/0x3c0
[  160.501440][ T7617]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.501467][ T7617]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  160.501499][ T7617]  ? __kernel_text_address+0xd/0x30
[  160.501526][ T7617]  ? unwind_get_return_address+0x4d/0x90
[  160.501558][ T7617]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.501585][ T7617]  sock_sendmsg_nosec+0x13a/0x180
[  160.501619][ T7617]  ____sys_sendmsg+0x565/0x870
[  160.501650][ T7617]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.501677][ T7617]  ? lock_release+0x4b/0x3c0
[  160.501705][ T7617]  ? import_iovec+0x73/0xa0
[  160.501731][ T7617]  ___sys_sendmsg+0x2a5/0x360
[  160.501756][ T7617]  ? rcu_is_watching+0x15/0xb0
[  160.501786][ T7617]  ? get_pid_task+0x20/0x1f0
[  160.501810][ T7617]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.501846][ T7617]  ? rcu_is_watching+0x15/0xb0
[  160.501892][ T7617]  ? __fget_files+0x2a/0x420
[  160.501919][ T7617]  ? __fget_files+0x3a8/0x420
[  160.501949][ T7617]  __x64_sys_sendmsg+0x1b7/0x290
[  160.501977][ T7617]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  160.502011][ T7617]  ? rcu_is_watching+0x15/0xb0
[  160.502044][ T7617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.502067][ T7617]  do_syscall_64+0x174/0x580
[  160.502088][ T7617]  ? trace_irq_disable+0x3b/0x140
[  160.502113][ T7617]  ? clear_bhb_loop+0x40/0x90
[  160.502138][ T7617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.502160][ T7617] RIP: 0033:0x7fbeea57ce59
[  160.502179][ T7617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  160.502198][ T7617] RSP: 002b:00007fbee87ce028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.502222][ T7617] RAX: ffffffffffffffda RBX: 00007fbeea7f5fa0 RCX: 00007fbeea57ce59
[  160.502239][ T7617] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[  160.502254][ T7617] RBP: 00007fbee87ce090 R08: 0000000000000000 R09: 0000000000000000
[  160.502268][ T7617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.502281][ T7617] R13: 00007fbeea7f6038 R14: 00007fbeea7f5fa0 R15: 00007fff6f0d5e78
[  160.502307][ T7617]  </TASK>
[  161.599347][ T7636] netlink: 'syz.2.718': attribute type 17 has an invalid length.
[  161.599369][ T7636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.718'.
[  161.599396][ T7636] bond0: option all_slaves_active: invalid value (4)
[  162.270435][ T7658] netlink: 8 bytes leftover after parsing attributes in process `syz.3.727'.
[  162.279352][ T7658] netlink: 24 bytes leftover after parsing attributes in process `syz.3.727'.
[  162.279930][ T7658] netlink: 24 bytes leftover after parsing attributes in process `syz.3.727'.
[  163.367642][   T37] audit: type=1326 audit(162.936:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7667 comm="syz.2.732" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4172ece59 code=0x7fc00000
[  163.661686][ T7716] FAULT_INJECTION: forcing a failure.
[  163.661686][ T7716] name failslab, interval 1, probability 0, space 0, times 0
[  163.661727][ T7716] CPU: 1 UID: 0 PID: 7716 Comm: syz.1.747 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  163.661757][ T7716] Tainted: [L]=SOFTLOCKUP
[  163.661766][ T7716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  163.661778][ T7716] Call Trace:
[  163.661786][ T7716]  <TASK>
[  163.661796][ T7716]  dump_stack_lvl+0xe8/0x150
[  163.661830][ T7716]  should_fail_ex+0x467/0x600
[  163.661877][ T7716]  should_failslab+0xa8/0x100
[  163.661908][ T7716]  __kmalloc_noprof+0xdf/0x7a0
[  163.661936][ T7716]  ? tomoyo_encode+0x2ad/0x570
[  163.661973][ T7716]  ? __get_fs_type+0x21/0x280
[  163.662011][ T7716]  ? __get_fs_type+0x21/0x280
[  163.662042][ T7716]  tomoyo_encode+0x2ad/0x570
[  163.662073][ T7716]  tomoyo_mount_permission+0x50d/0x9e0
[  163.662100][ T7716]  ? tomoyo_mount_permission+0x2b5/0x9e0
[  163.662130][ T7716]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  163.662157][ T7716]  ? kasan_save_track+0x4f/0x80
[  163.662207][ T7716]  ? trace_irq_enable+0x3b/0x140
[  163.662234][ T7716]  security_sb_mount+0xe4/0x320
[  163.662266][ T7716]  path_mount+0xbc/0x1040
[  163.662292][ T7716]  ? user_path_at+0xd4/0x160
[  163.662321][ T7716]  __se_sys_mount+0x31d/0x420
[  163.662350][ T7716]  ? __pfx___se_sys_mount+0x10/0x10
[  163.662402][ T7716]  ? rcu_is_watching+0x15/0xb0
[  163.662434][ T7716]  ? __x64_sys_mount+0x20/0xc0
[  163.662459][ T7716]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.662482][ T7716]  do_syscall_64+0x174/0x580
[  163.662504][ T7716]  ? clear_bhb_loop+0x40/0x90
[  163.662530][ T7716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.662553][ T7716] RIP: 0033:0x7fd27e76ce59
[  163.662571][ T7716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  163.662590][ T7716] RSP: 002b:00007fd27c9c6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  163.662614][ T7716] RAX: ffffffffffffffda RBX: 00007fd27e9e5fa0 RCX: 00007fd27e76ce59
[  163.662631][ T7716] RDX: 0000200000000280 RSI: 0000200000000140 RDI: 0000000000000000
[  163.662646][ T7716] RBP: 00007fd27c9c6090 R08: 0000200000000740 R09: 0000000000000000
[  163.662662][ T7716] R10: 0000000003000c11 R11: 0000000000000246 R12: 0000000000000002
[  163.662676][ T7716] R13: 00007fd27e9e6038 R14: 00007fd27e9e5fa0 R15: 00007ffeada80d58
[  163.662702][ T7716]  </TASK>
[  163.857939][ T3860] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  164.017818][ T3860] usb 1-1: Using ep0 maxpacket: 32
[  164.019936][ T3860] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  164.019964][ T3860] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  164.019987][ T3860] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  164.020010][ T3860] usb 1-1: config 1 has no interface number 0
[  164.020051][ T3860] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  164.020080][ T3860] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  164.020119][ T3860] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  164.020143][ T3860] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.075890][ T3860] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  164.212030][ T7727] netlink: 4 bytes leftover after parsing attributes in process `syz.4.755'.
[  164.212065][ T7727] netlink: 'syz.4.755': attribute type 6 has an invalid length.
[  164.212080][ T7727] netlink: 'syz.4.755': attribute type 5 has an invalid length.
[  164.257842][ T1010] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  164.271202][ T3860] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[  164.412565][ T1010] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  164.412598][ T1010] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  164.412619][ T1010] usb 2-1: Product: syz
[  164.412635][ T1010] usb 2-1: SerialNumber: syz
[  164.434481][ T1010] usb 2-1: config 0 descriptor??
[  164.722830][ T7713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.724443][ T7713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.727517][ T1010] usb 1-1: USB disconnect, device number 27
[  164.754684][ T1010] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  164.900412][ T5601] usb 2-1: USB disconnect, device number 15
[  164.927792][ T7748] 9p: Bad value for 'aname'
[  165.082174][ T7756] netlink: 76 bytes leftover after parsing attributes in process `syz.3.765'.
[  165.082202][ T7756] netlink: 76 bytes leftover after parsing attributes in process `syz.3.765'.
[  165.396118][ T7786] FAULT_INJECTION: forcing a failure.
[  165.396118][ T7786] name failslab, interval 1, probability 0, space 0, times 0
[  165.396158][ T7786] CPU: 1 UID: 0 PID: 7786 Comm: syz.3.777 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  165.396190][ T7786] Tainted: [L]=SOFTLOCKUP
[  165.396198][ T7786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  165.396212][ T7786] Call Trace:
[  165.396220][ T7786]  <TASK>
[  165.396229][ T7786]  dump_stack_lvl+0xe8/0x150
[  165.396260][ T7786]  should_fail_ex+0x467/0x600
[  165.396296][ T7786]  should_failslab+0xa8/0x100
[  165.396326][ T7786]  __kmalloc_cache_noprof+0x84/0x690
[  165.396354][ T7786]  ? alloc_fs_context+0x66/0xd00
[  165.396390][ T7786]  alloc_fs_context+0x66/0xd00
[  165.396420][ T7786]  ? __get_fs_type+0x267/0x280
[  165.396449][ T7786]  ? __get_fs_type+0x21/0x280
[  165.396483][ T7786]  do_new_mount+0x17f/0xdc0
[  165.396507][ T7786]  ? cap_capable+0x123/0x460
[  165.396532][ T7786]  ? __pfx_do_new_mount+0x10/0x10
[  165.396559][ T7786]  ? ns_capable+0x89/0xe0
[  165.396591][ T7786]  ? path_mount+0x647/0x1040
[  165.396618][ T7786]  ? user_path_at+0xd4/0x160
[  165.396647][ T7786]  __se_sys_mount+0x31d/0x420
[  165.396677][ T7786]  ? __pfx___se_sys_mount+0x10/0x10
[  165.396714][ T7786]  ? rcu_is_watching+0x15/0xb0
[  165.396744][ T7786]  ? __x64_sys_mount+0x20/0xc0
[  165.396770][ T7786]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.396794][ T7786]  do_syscall_64+0x174/0x580
[  165.396816][ T7786]  ? trace_irq_disable+0x3b/0x140
[  165.396842][ T7786]  ? clear_bhb_loop+0x40/0x90
[  165.396868][ T7786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.396891][ T7786] RIP: 0033:0x7f50c4ebce59
[  165.396910][ T7786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  165.396929][ T7786] RSP: 002b:00007f50c310e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  165.396953][ T7786] RAX: ffffffffffffffda RBX: 00007f50c5135fa0 RCX: 00007f50c4ebce59
[  165.396970][ T7786] RDX: 0000200000000280 RSI: 0000200000000080 RDI: 0000000000000000
[  165.396985][ T7786] RBP: 00007f50c310e090 R08: 0000200000000180 R09: 0000000000000000
[  165.397001][ T7786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  165.397015][ T7786] R13: 00007f50c5136038 R14: 00007f50c5135fa0 R15: 00007ffc845ef8f8
[  165.397040][ T7786]  </TASK>
[  165.592577][ T3860] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  165.738506][ T5601] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  165.758394][ T3860] usb 5-1: config 0 has no interfaces?
[  165.761938][ T3860] usb 5-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47
[  165.761969][ T3860] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.761991][ T3860] usb 5-1: Product: syz
[  165.762006][ T3860] usb 5-1: Manufacturer: syz
[  165.762022][ T3860] usb 5-1: SerialNumber: syz
[  165.805265][ T3860] usb 5-1: config 0 descriptor??
[  165.887851][ T5601] usb 1-1: Using ep0 maxpacket: 8
[  165.889561][ T5601] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  165.889588][ T5601] usb 1-1: config 179 has no interface number 0
[  165.889625][ T5601] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  165.889662][ T5601] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  165.889683][ T5601] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  165.889702][ T5601] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  165.889721][ T5601] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  165.889749][ T5601] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  165.889766][ T5601] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.893604][ T7785] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  166.028215][ T5705] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  166.199749][ T5705] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.200289][ T5705] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.200328][ T5705] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  166.200353][ T5705] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.334084][ T5705] usb 3-1: config 0 descriptor??
[  166.411993][ T7781] netlink: 112 bytes leftover after parsing attributes in process `syz.0.775'.
[  166.459796][ T5801] usb 5-1: USB disconnect, device number 9
[  166.928903][ T5601] usb 1-1: USB disconnect, device number 28
[  166.928967][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  166.929012][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  166.967258][ T5705] usbhid 3-1:0.0: can't add hid device: -71
[  166.967346][ T5705] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  167.002830][ T5705] usb 3-1: USB disconnect, device number 21
[  168.558706][ T7864] FAULT_INJECTION: forcing a failure.
[  168.558706][ T7864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.558766][ T7864] CPU: 0 UID: 0 PID: 7864 Comm: syz.4.803 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  168.558840][ T7864] Tainted: [L]=SOFTLOCKUP
[  168.558846][ T7864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  168.558856][ T7864] Call Trace:
[  168.558861][ T7864]  <TASK>
[  168.558867][ T7864]  dump_stack_lvl+0xe8/0x150
[  168.558891][ T7864]  should_fail_ex+0x467/0x600
[  168.558917][ T7864]  _copy_to_user+0x31/0xb0
[  168.558935][ T7864]  simple_read_from_buffer+0xe1/0x170
[  168.558957][ T7864]  proc_fail_nth_read+0x1be/0x230
[  168.558977][ T7864]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.558997][ T7864]  ? rw_verify_area+0x250/0x4d0
[  168.559020][ T7864]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.559038][ T7864]  vfs_read+0x219/0xa90
[  168.559061][ T7864]  ? trace_irq_enable+0x3b/0x140
[  168.559081][ T7864]  ? __pfx_vfs_read+0x10/0x10
[  168.559110][ T7864]  ksys_read+0x156/0x270
[  168.559132][ T7864]  ? __pfx_ksys_read+0x10/0x10
[  168.559153][ T7864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.559171][ T7864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.559187][ T7864]  do_syscall_64+0x174/0x580
[  168.559203][ T7864]  ? clear_bhb_loop+0x40/0x90
[  168.559220][ T7864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.559236][ T7864] RIP: 0033:0x7fbeea53d68e
[  168.559250][ T7864] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  168.559264][ T7864] RSP: 002b:00007fbee878bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  168.559280][ T7864] RAX: ffffffffffffffda RBX: 00007fbee878c6c0 RCX: 00007fbeea53d68e
[  168.559292][ T7864] RDX: 000000000000000f RSI: 00007fbee878c0a0 RDI: 0000000000000004
[  168.559305][ T7864] RBP: 00007fbee878c090 R08: 0000000000000000 R09: 0000000000000000
[  168.559314][ T7864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.559324][ T7864] R13: 00007fbeea7f6218 R14: 00007fbeea7f6180 R15: 00007fff6f0d5e78
[  168.559342][ T7864]  </TASK>
[  169.527755][ T7871] FAULT_INJECTION: forcing a failure.
[  169.527755][ T7871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.527798][ T7871] CPU: 1 UID: 0 PID: 7871 Comm: syz.4.806 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  169.527819][ T7871] Tainted: [L]=SOFTLOCKUP
[  169.527825][ T7871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  169.527834][ T7871] Call Trace:
[  169.527839][ T7871]  <TASK>
[  169.527845][ T7871]  dump_stack_lvl+0xe8/0x150
[  169.527867][ T7871]  should_fail_ex+0x467/0x600
[  169.527891][ T7871]  _copy_to_user+0x31/0xb0
[  169.527915][ T7871]  simple_read_from_buffer+0xe1/0x170
[  169.527936][ T7871]  proc_fail_nth_read+0x1be/0x230
[  169.527955][ T7871]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  169.527975][ T7871]  ? rw_verify_area+0x250/0x4d0
[  169.527996][ T7871]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  169.528014][ T7871]  vfs_read+0x219/0xa90
[  169.528038][ T7871]  ? __pfx_vfs_read+0x10/0x10
[  169.528057][ T7871]  ? rcu_is_watching+0x15/0xb0
[  169.528081][ T7871]  ? trace_irq_enable+0x3b/0x140
[  169.528100][ T7871]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  169.528143][ T7871]  ? mutex_lock_nested+0x152/0x1d0
[  169.528162][ T7871]  ? fdget_pos+0x252/0x320
[  169.528184][ T7871]  ksys_read+0x156/0x270
[  169.528206][ T7871]  ? __pfx_ksys_read+0x10/0x10
[  169.528228][ T7871]  ? __pfx_tty_ioctl+0x10/0x10
[  169.528246][ T7871]  ? rcu_is_watching+0x15/0xb0
[  169.528270][ T7871]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.528286][ T7871]  do_syscall_64+0x174/0x580
[  169.528301][ T7871]  ? trace_irq_disable+0x3b/0x140
[  169.528318][ T7871]  ? clear_bhb_loop+0x40/0x90
[  169.528336][ T7871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.528351][ T7871] RIP: 0033:0x7fbeea53d68e
[  169.528365][ T7871] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  169.528378][ T7871] RSP: 002b:00007fbee87cdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  169.528395][ T7871] RAX: ffffffffffffffda RBX: 00007fbee87ce6c0 RCX: 00007fbeea53d68e
[  169.528409][ T7871] RDX: 000000000000000f RSI: 00007fbee87ce0a0 RDI: 0000000000000008
[  169.528419][ T7871] RBP: 00007fbee87ce090 R08: 0000000000000000 R09: 0000000000000000
[  169.528429][ T7871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.528438][ T7871] R13: 00007fbeea7f6038 R14: 00007fbeea7f5fa0 R15: 00007fff6f0d5e78
[  169.528456][ T7871]  </TASK>
[  169.808303][ T5704] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[  169.962454][ T5704] usb 1-1: unable to get BOS descriptor or descriptor too short
[  169.963411][ T5704] usb 1-1: not running at top speed; connect to a high speed hub
[  169.965537][ T5704] usb 1-1: config 1 has an invalid descriptor of length 91, skipping remainder of the config
[  169.965565][ T5704] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  169.984805][ T5704] usb 1-1: New USB device found, idVendor=200c, idProduct=1018, bcdDevice= 0.40
[  169.984899][ T5704] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.984994][ T5704] usb 1-1: Product: syz
[  169.985043][ T5704] usb 1-1: Manufacturer: syz
[  169.985093][ T5704] usb 1-1: SerialNumber: syz
[  170.274568][ T5704] usb 1-1: 3:0: failed to get current value for ch 0 (-71)
[  170.291614][ T5704] usb 1-1: 3:0: cannot get min/max values for control 2 (id 3)
[  170.291648][ T5704] usb 1-1: Warning! Unlikely small volume range (=1), linear volume or custom curve?
[  170.291667][ T5704] usb 1-1: [3] FU [LFE Playback Volume] ch = 1, val = 0/1/1
[  170.294615][ T5704] usb 1-1: 3:0: cannot get min/max values for control 2 (id 3)
[  170.294645][ T5704] usb 1-1: Warning! Unlikely small volume range (=1), linear volume or custom curve?
[  170.294665][ T5704] usb 1-1: [3] FU [LFE Playback Volume] ch = 1, val = 0/1/1
[  170.296826][ T5704] usb 1-1: 3:0: cannot get min/max values for control 3 (id 3)
[  170.302973][ T5704] usb 1-1: 3:0: cannot get min/max values for control 4 (id 3)
[  170.315474][ T5704] usb 1-1: 3:0: cannot get min/max values for control 5 (id 3)
[  170.321562][ T5704] usb 1-1: 3:0: cannot get min/max values for control 5 (id 3)
[  170.326628][ T5704] usb 1-1: 3:0: failed to get current value for ch 1 (-71)
[  170.348600][ T5704] usb 1-1: 3:0: failed to get current value for ch 2 (-71)
[  170.388065][ T5704] usb 1-1: 3:0: failed to get current value for ch 0 (-71)
[  170.406828][ T5704] usb 1-1: 3:0: cannot get min/max values for control 8 (id 3)
[  170.409734][ T5704] usb 1-1: 3:0: cannot get min/max values for control 8 (id 3)
[  170.420183][ T5704] usb 1-1: 3:0: failed to get current value for ch 1 (-71)
[  170.432659][ T5704] usb 1-1: 3:0: failed to get current value for ch 0 (-71)
[  170.447817][ T5704] usb 1-1: 3:0: failed to get current value for ch 1 (-71)
[  170.471809][ T5704] usb 1-1: 3:0: failed to get current value for ch 0 (-71)
[  170.490069][ T5704] usb 1-1: 3:0: cannot get min/max values for control 11 (id 3)
[  170.501883][ T5704] usb 1-1: 3:0: cannot get min/max values for control 11 (id 3)
[  170.511859][ T5704] usb 1-1: 3:0: cannot get min/max values for control 12 (id 3)
[  170.521589][ T5704] usb 1-1: 3:0: cannot get min/max values for control 12 (id 3)
[  170.523709][ T5704] usb 1-1: 3:0: failed to get current value for ch 1 (-71)
[  170.525417][ T5704] usb 1-1: 3:0: failed to get current value for ch 2 (-71)
[  170.534189][ T5704] usb 1-1: 3:0: failed to get current value for ch 0 (-71)
[  170.599482][ T5704] usb 1-1: 3:0: cannot get min/max values for control 3 (id 3)
[  170.606919][ T5704] usb 1-1: 3:0: cannot get min/max values for control 5 (id 3)
[  170.679375][ T5704] usb 1-1: USB disconnect, device number 29
[  170.750171][ T6161] udevd[6161]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  170.917801][ T1010] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  171.279973][ T1010] usb 4-1: config 0 has no interfaces?
[  171.288174][ T1010] usb 4-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47
[  171.288259][ T1010] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.288316][ T1010] usb 4-1: Product: syz
[  171.288358][ T1010] usb 4-1: Manufacturer: syz
[  171.288400][ T1010] usb 4-1: SerialNumber: syz
[  171.308078][ T7893] FAULT_INJECTION: forcing a failure.
[  171.308078][ T7893] name failslab, interval 1, probability 0, space 0, times 0
[  171.308106][ T7893] CPU: 1 UID: 0 PID: 7893 Comm: syz.4.815 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  171.308128][ T7893] Tainted: [L]=SOFTLOCKUP
[  171.308133][ T7893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  171.308143][ T7893] Call Trace:
[  171.308148][ T7893]  <TASK>
[  171.308154][ T7893]  dump_stack_lvl+0xe8/0x150
[  171.308176][ T7893]  should_fail_ex+0x467/0x600
[  171.308201][ T7893]  should_failslab+0xa8/0x100
[  171.308224][ T7893]  kmem_cache_alloc_noprof+0x87/0x680
[  171.308242][ T7893]  ? do_getname+0x2e/0x250
[  171.308259][ T7893]  do_getname+0x2e/0x250
[  171.308274][ T7893]  ? __se_sys_renameat+0x25/0x2c0
[  171.308292][ T7893]  __se_sys_renameat+0x31/0x2c0
[  171.308308][ T7893]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.308325][ T7893]  do_syscall_64+0x174/0x580
[  171.308340][ T7893]  ? clear_bhb_loop+0x40/0x90
[  171.308358][ T7893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.308373][ T7893] RIP: 0033:0x7fbeea57ce59
[  171.308386][ T7893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  171.308400][ T7893] RSP: 002b:00007fbee87ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000108
[  171.308417][ T7893] RAX: ffffffffffffffda RBX: 00007fbeea7f6090 RCX: 00007fbeea57ce59
[  171.308428][ T7893] RDX: 0000000000000004 RSI: 00002000000004c0 RDI: 0000000000000004
[  171.308438][ T7893] RBP: 00007fbee87ad090 R08: 0000000000000000 R09: 0000000000000000
[  171.308448][ T7893] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[  171.308458][ T7893] R13: 00007fbeea7f6128 R14: 00007fbeea7f6090 R15: 00007fff6f0d5e78
[  171.308478][ T7893]  </TASK>
[  171.338819][ T1010] usb 4-1: config 0 descriptor??
[  171.962085][ T3860] usb 4-1: USB disconnect, device number 21
[  174.359139][   T14] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.579168][   T14] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.799328][   T14] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.009234][   T14] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.338186][   T14] bridge_slave_1: left allmulticast mode
[  175.338227][   T14] bridge_slave_1: left promiscuous mode
[  175.338483][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.498576][   T14] bridge_slave_0: left allmulticast mode
[  175.498603][   T14] bridge_slave_0: left promiscuous mode
[  175.498806][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.198212][   T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.278249][   T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.338820][   T14] bond0 (unregistering): Released all slaves
[  176.358755][   T14] bond1 (unregistering): (slave veth3): Releasing active interface
[  176.419157][   T14] bond1 (unregistering): Released all slaves
[  176.458856][ T5257] 8021q: adding VLAN 0 to HW filter on device eth1
[  176.979685][ T5257] 8021q: adding VLAN 0 to HW filter on device eth2
[  177.421206][ T5257] 8021q: adding VLAN 0 to HW filter on device eth3
[  177.678545][   T14] hsr_slave_0: left promiscuous mode
[  177.718265][   T14] hsr_slave_1: left promiscuous mode
[  177.718866][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.718883][   T14] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.778406][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.778423][   T14] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.858129][   T14] veth1_macvtap: left promiscuous mode
[  177.858178][   T14] veth0_macvtap: left promiscuous mode
[  177.858273][   T14] veth1_vlan: left promiscuous mode
[  177.858339][   T14] veth0_vlan: left promiscuous mode
[  178.388699][   T14] team0 (unregistering): Port device team_slave_1 removed
[  178.428850][   T14] team0 (unregistering): Port device team_slave_0 removed
[  178.519099][ T5257] 8021q: adding VLAN 0 to HW filter on device eth4
[  191.327858][ T5606] Bluetooth: hci2: command 0x0406 tx timeout
[  191.327912][ T5606] Bluetooth: hci0: command 0x0406 tx timeout
[  194.370706][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  194.371580][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[  194.371629][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  235.046879][ T8044] 9p: Bad value for 'wfdno'
[  235.064207][ T5603] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  235.065267][ T5603] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  235.065625][ T5603] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  235.067227][ T5603] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  235.072946][ T5603] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  235.167816][ T5601] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  235.307917][ T5601] usb 1-1: device descriptor read/64, error -71
[  235.398960][ T8052] syz.2.825 (8052) used greatest stack depth: 19288 bytes left
[  235.547727][ T5601] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  235.677731][ T5601] usb 1-1: device descriptor read/64, error -71
[  235.790013][ T5601] usb usb1-port1: attempt power cycle
[  236.009875][ T8045] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.010012][ T8045] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.010336][ T8045] bridge_slave_0: entered allmulticast mode
[  236.011900][ T8045] bridge_slave_0: entered promiscuous mode
[  236.014224][ T8045] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.014360][ T8045] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.014489][ T8045] bridge_slave_1: entered allmulticast mode
[  236.016041][ T8045] bridge_slave_1: entered promiscuous mode
[  236.077014][ T8045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.086403][ T8045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.122090][ T8045] team0: Port device team_slave_0 added
[  236.124788][ T8045] team0: Port device team_slave_1 added
[  236.139614][ T5601] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  236.158154][ T5601] usb 1-1: device descriptor read/8, error -71
[  236.177621][ T8045] batman_adv: batadv0: Adding interface: batadv_slave_0
[  236.177879][ T8045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  236.177923][ T8045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  236.179682][ T8045] batman_adv: batadv0: Adding interface: batadv_slave_1
[  236.179697][ T8045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  236.179725][ T8045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.301534][ T8045] hsr_slave_0: entered promiscuous mode
[  236.302402][ T8045] hsr_slave_1: entered promiscuous mode
[  236.302983][ T8045] debugfs: 'hsr0' already exists in 'hsr'
[  236.303003][ T8045] Cannot create hsr debugfs directory
[  236.398081][ T5601] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  236.418387][ T5601] usb 1-1: device descriptor read/8, error -71
[  236.528405][ T5601] usb usb1-port1: unable to enumerate USB device
[  237.087796][ T5592] Bluetooth: hci1: command tx timeout
[  238.449361][ T8064] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  238.454517][ T8045] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  238.532150][ T8045] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  238.534484][ T8045] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  238.572599][ T8045] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  238.573827][ T8045] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  238.625494][ T8045] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  238.626399][ T8045] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  238.673673][ T8045] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  238.823478][ T8045] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.845449][ T8045] 8021q: adding VLAN 0 to HW filter on device team0
[  238.863519][ T7691] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.863595][ T7691] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.890745][   T66] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.890819][   T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.171700][ T5603] Bluetooth: hci1: command tx timeout
[  240.043943][ T8381] syzkaller0: entered promiscuous mode
[  240.043971][ T8381] syzkaller0: entered allmulticast mode
[  240.081890][ T8045] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.247934][ T5592] Bluetooth: hci1: command tx timeout
[  242.081952][ T8332] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  243.327751][ T5592] Bluetooth: hci1: command tx timeout
[  248.841462][ T8045] veth0_vlan: entered promiscuous mode
[  248.881213][ T8045] veth1_vlan: entered promiscuous mode
[  249.003903][ T8045] veth0_macvtap: entered promiscuous mode
[  249.029749][ T8045] veth1_macvtap: entered promiscuous mode
[  249.084803][ T8045] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.106443][ T8045] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.140107][ T1143] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.140253][ T1143] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.140288][ T1143] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.140321][ T1143] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.459240][ T7732] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.459262][ T7732] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.551508][ T7732] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.551530][ T7732] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.957135][ T9189] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1307'.
[  250.338824][ T5603] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  250.340086][ T5603] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  250.340345][ T5603] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  250.342628][ T5603] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  250.343142][ T5603] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  251.299920][ T1143] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.549460][ T1143] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.830047][ T1143] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.109561][ T1143] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.149563][ T9206] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.149696][ T9206] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.149896][ T9206] bridge_slave_0: entered allmulticast mode
[  252.151542][ T9206] bridge_slave_0: entered promiscuous mode
[  252.154004][ T9206] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.154151][ T9206] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.154305][ T9206] bridge_slave_1: entered allmulticast mode
[  252.156416][ T9206] bridge_slave_1: entered promiscuous mode
[  252.224243][ T9206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  252.227077][ T9206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  252.266180][ T9206] team0: Port device team_slave_0 added
[  252.275286][ T9206] team0: Port device team_slave_1 added
[  252.304493][ T9206] batman_adv: batadv0: Adding interface: batadv_slave_0
[  252.304511][ T9206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  252.304541][ T9206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  252.305981][ T9206] batman_adv: batadv0: Adding interface: batadv_slave_1
[  252.305996][ T9206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  252.306026][ T9206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  252.403293][ T9206] hsr_slave_0: entered promiscuous mode
[  252.404193][ T9206] hsr_slave_1: entered promiscuous mode
[  252.404846][ T9206] debugfs: 'hsr0' already exists in 'hsr'
[  252.404865][ T9206] Cannot create hsr debugfs directory
[  252.447824][ T5592] Bluetooth: hci5: command tx timeout
[  252.688639][ T1143] bridge_slave_1: left allmulticast mode
[  252.688661][ T1143] bridge_slave_1: left promiscuous mode
[  252.688788][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.788735][ T1143] bridge_slave_0: left allmulticast mode
[  252.788757][ T1143] bridge_slave_0: left promiscuous mode
[  252.788875][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.508200][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  253.568481][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  253.580681][ T9222] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  253.627436][ T1143] bond0 (unregistering): Released all slaves
[  254.419044][ T9330] syzkaller0: entered promiscuous mode
[  254.419072][ T9330] syzkaller0: entered allmulticast mode
[  254.498217][ T9344] syzkaller0: entered promiscuous mode
[  254.498248][ T9344] syzkaller0: entered allmulticast mode
[  254.528067][ T5592] Bluetooth: hci5: command tx timeout
[  254.558302][ T5257] 8021q: adding VLAN 0 to HW filter on device eth1
[  255.819514][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[  255.819565][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  256.607799][ T5592] Bluetooth: hci5: command tx timeout
[  258.687734][ T5592] Bluetooth: hci5: command tx timeout
[  262.931225][ T9371] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1336'.
[  263.237974][ T9360] tipc: Started in network mode
[  263.238008][ T9360] tipc: Node identity 46cdce62d312, cluster identity 4711
[  263.238189][ T9360] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  263.238962][ T9358] syzkaller0: entered promiscuous mode
[  263.238984][ T9358] syzkaller0: entered allmulticast mode
[  263.241877][ T9364] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) !
[  263.373304][ T9383] netlink: 'syz.3.1338': attribute type 1 has an invalid length.
[  263.825987][ T9397] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1346'.
[  263.920027][ T9366] tipc: Resetting bearer <eth:syzkaller0>
[  263.958318][ T9357] tipc: Resetting bearer <eth:syzkaller0>
[  264.120246][ T9357] tipc: Disabling bearer <eth:syzkaller0>
[  264.358378][ T9383] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  264.361388][ T9388] 
: renamed from dummy0
[  264.459610][ T9418] netlink: 'syz.1.1355': attribute type 12 has an invalid length.
[  264.459633][ T9418] netlink: 'syz.1.1355': attribute type 29 has an invalid length.
[  264.459647][ T9418] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1355'.
[  264.459670][ T9418] netlink: 'syz.1.1355': attribute type 3 has an invalid length.
[  264.459683][ T9418] netlink: 'syz.1.1355': attribute type 2 has an invalid length.
[  264.459696][ T9418] netlink: 35 bytes leftover after parsing attributes in process `syz.1.1355'.
[  264.523420][ T9424] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1358'.
[  264.878591][ T1143] hsr_slave_0: left promiscuous mode
[  264.912761][ T9452] netlink: 'syz.3.1367': attribute type 1 has an invalid length.
[  264.920416][ T1143] hsr_slave_1: left promiscuous mode
[  264.923807][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.923862][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.960973][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.960998][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  265.070291][ T1143] veth1_macvtap: left promiscuous mode
[  265.070355][ T1143] veth0_macvtap: left promiscuous mode
[  265.070494][ T1143] veth1_vlan: left promiscuous mode
[  265.070605][ T1143] veth0_vlan: left promiscuous mode
[  265.729064][ T1143] team0 (unregistering): Port device team_slave_1 removed
[  265.769815][ T1143] team0 (unregistering): Port device team_slave_0 removed
[  265.880515][ T9446] syzkaller0: entered promiscuous mode
[  265.880535][ T9446] syzkaller0: entered allmulticast mode
[  265.882201][ T9452] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  266.579008][ T9206] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  266.654022][ T9206] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  266.668824][ T9206] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  266.723459][ T9206] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  267.098237][ T9206] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  267.143936][ T9206] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  267.192038][ T9206] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  267.229063][ T9206] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  267.421064][ T9550] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1398'.
[  267.421089][ T9550] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1398'.
[  267.660644][ T9206] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.746646][ T9206] 8021q: adding VLAN 0 to HW filter on device team0
[  267.765540][  T235] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.767203][  T235] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.794882][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.794965][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.080372][ T9598] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1412'.
[  268.113932][ T9600] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1413'.
[  268.113955][ T9600] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1413'.
[  268.592697][ T9622] netlink: 'syz.0.1420': attribute type 1 has an invalid length.
[  268.668402][ T9622] 8021q: adding VLAN 0 to HW filter on device bond1
[  268.699416][ T9206] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.732923][ T9622] bond1: (slave geneve2): making interface the new active one
[  268.734519][ T9622] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  269.339741][ T9659] netlink: 'syz.3.1432': attribute type 12 has an invalid length.
[  269.339762][ T9659] netlink: 'syz.3.1432': attribute type 29 has an invalid length.
[  269.339776][ T9659] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1432'.
[  269.339795][ T9659] netlink: 59 bytes leftover after parsing attributes in process `syz.3.1432'.
[  269.602468][ T9206] veth0_vlan: entered promiscuous mode
[  269.634865][ T9206] veth1_vlan: entered promiscuous mode
[  269.645433][ T9673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1438'.
[  269.645457][ T9673] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1438'.
[  269.724066][ T9206] veth0_macvtap: entered promiscuous mode
[  269.740673][ T9206] veth1_macvtap: entered promiscuous mode
[  269.771327][ T9206] batman_adv: batadv0: Interface activated: batadv_slave_0
[  269.796004][ T9679] netlink: 'syz.1.1442': attribute type 12 has an invalid length.
[  269.796027][ T9679] netlink: 'syz.1.1442': attribute type 29 has an invalid length.
[  269.796042][ T9679] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1442'.
[  269.796061][ T9679] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1442'.
[  269.835960][ T9206] batman_adv: batadv0: Interface activated: batadv_slave_1
[  269.867433][ T7732] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.879234][ T7732] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.880774][ T7456] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.886777][ T7456] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.347867][ T7456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.347889][ T7456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.442638][ T5812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.442661][ T5812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.469728][ T9710] netlink: 'syz.3.1456': attribute type 12 has an invalid length.
[  270.469752][ T9710] netlink: 'syz.3.1456': attribute type 29 has an invalid length.
[  270.469767][ T9710] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1456'.
[  270.853012][ T9737] netlink: 'syz.1.1466': attribute type 1 has an invalid length.
[  271.104376][ T9737] 8021q: adding VLAN 0 to HW filter on device bond1
[  271.165546][ T9736] syzkaller0: entered promiscuous mode
[  271.165574][ T9736] syzkaller0: entered allmulticast mode
[  271.750573][ T9792] netlink: 'syz.2.1485': attribute type 1 has an invalid length.
[  279.684400][ T9792] 8021q: adding VLAN 0 to HW filter on device bond1
[  280.035577][ T9833] 
: renamed from dummy0
[  280.103135][ T9844] __nla_validate_parse: 3 callbacks suppressed
[  280.103154][ T9844] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1500'.
[  280.214854][ T9848] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1503'.
[  280.245583][ T9851] netlink: 'syz.3.1504': attribute type 1 has an invalid length.
[  281.054918][ T9863] xt_policy: too many policy elements
[  281.089500][ T9863] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1506'.
[  288.369628][ T9851] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  288.370975][ T9852] syzkaller0: entered promiscuous mode
[  288.371000][ T9852] syzkaller0: entered allmulticast mode
[  288.374396][ T9860] netlink: 1508 bytes leftover after parsing attributes in process `syz.2.1506'.
[  288.681522][ T9889] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1514'.
[  288.849326][ T9895] 
: renamed from dummy0
[  288.917088][ T9894] syzkaller0: entered promiscuous mode
[  288.917114][ T9894] syzkaller0: entered allmulticast mode
[  288.968081][ T9902] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1518'.
[  289.248263][ T9906] netlink: 'syz.0.1520': attribute type 1 has an invalid length.
[  289.921511][ T9924] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1526'.
[  297.690006][ T9906] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  297.796181][ T9935] netlink: 'syz.3.1529': attribute type 12 has an invalid length.
[  297.796206][ T9935] netlink: 'syz.3.1529': attribute type 29 has an invalid length.
[  297.796220][ T9935] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1529'.
[  297.796240][ T9935] netlink: 'syz.3.1529': attribute type 3 has an invalid length.
[  297.796253][ T9935] netlink: 'syz.3.1529': attribute type 2 has an invalid length.
[  297.796266][ T9935] netlink: 35 bytes leftover after parsing attributes in process `syz.3.1529'.
[  298.245972][ T9970] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1542'.
[  298.594213][ T9981] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1546'.
[  298.675509][ T9986] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1547'.
[  299.605609][T10028] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1559'.
[  299.737860][T10020] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.886392][T10042] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1569'.
[  299.972397][T10050] bridge_slave_1: default FDB implementation only supports local addresses
[  300.163212][T10059] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1577'.
[  300.163256][T10059] netlink: 'syz.1.1577': attribute type 1 has an invalid length.
[  300.163272][T10059] netlink: 'syz.1.1577': attribute type 2 has an invalid length.
[  300.351825][T10073] netlink: 'syz.2.1582': attribute type 12 has an invalid length.
[  300.351848][T10073] netlink: 'syz.2.1582': attribute type 29 has an invalid length.
[  300.351863][T10073] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1582'.
[  300.351883][T10073] netlink: 'syz.2.1582': attribute type 3 has an invalid length.
[  300.351897][T10073] netlink: 'syz.2.1582': attribute type 2 has an invalid length.
[  300.351910][T10073] netlink: 35 bytes leftover after parsing attributes in process `syz.2.1582'.
[  300.714806][T10092] syzkaller0: entered promiscuous mode
[  300.714830][T10092] syzkaller0: entered allmulticast mode
[  301.373470][T10122] syzkaller0: entered promiscuous mode
[  301.373498][T10122] syzkaller0: entered allmulticast mode
[  309.709735][T10135] syzkaller0: entered promiscuous mode
[  309.709764][T10135] syzkaller0: entered allmulticast mode
[  309.759919][T10171] __nla_validate_parse: 1 callbacks suppressed
[  309.759940][T10171] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1619'.
[  309.814845][T10174] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1622'.
[  312.128728][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  316.624520][ T5603] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  316.624835][ T5603] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  316.625110][ T5603] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  316.625828][ T5603] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  316.626324][ T5603] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  317.250147][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  317.614887][ T5603] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  317.615203][ T5603] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  317.615498][ T5603] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  317.616199][ T5603] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  317.616749][ T5603] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  318.294238][T10174] ip6gretap0: entered promiscuous mode
[  318.294398][T10174] vlan2: entered promiscuous mode
[  318.418954][T10198] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1627'.
[  318.576494][T10204] tipc: Started in network mode
[  318.576529][T10204] tipc: Node identity f61422829641, cluster identity 4711
[  318.576647][T10204] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  318.589158][T10204] syzkaller0: entered promiscuous mode
[  318.589235][T10204] syzkaller0: entered allmulticast mode
[  318.611687][T10204] tipc: Resetting bearer <eth:syzkaller0>
[  318.687705][ T5603] Bluetooth: hci3: command tx timeout
[  318.867801][T10202] tipc: Resetting bearer <eth:syzkaller0>
[  318.908467][T10211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1632'.
[  319.041328][T10202] tipc: Disabling bearer <eth:syzkaller0>
[  319.657733][ T5603] Bluetooth: hci6: command tx timeout
[  319.687878][T10229] netlink: 'syz.1.1637': attribute type 12 has an invalid length.
[  319.687902][T10229] netlink: 'syz.1.1637': attribute type 29 has an invalid length.
[  319.687916][T10229] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1637'.
[  319.687936][T10229] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1637'.
[  320.072691][  T235] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.331785][T10273] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1651'.
[  320.659928][  T235] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.767787][ T5603] Bluetooth: hci3: command tx timeout
[  321.139216][  T235] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.241524][T10305] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1658'.
[  321.459827][  T235] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.554146][T10316] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1663'.
[  321.554171][T10316] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1663'.
[  321.727848][ T5603] Bluetooth: hci6: command tx timeout
[  322.007467][T10342] netlink: 'syz.3.1671': attribute type 1 has an invalid length.
[  322.055868][T10189] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.056017][T10189] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.056163][T10189] bridge_slave_0: entered allmulticast mode
[  322.071228][T10189] bridge_slave_0: entered promiscuous mode
[  322.097328][T10189] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.097413][T10189] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.097553][T10189] bridge_slave_1: entered allmulticast mode
[  322.101616][T10189] bridge_slave_1: entered promiscuous mode
[  322.187981][T10181] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.188063][T10181] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.188993][T10181] bridge_slave_0: entered allmulticast mode
[  322.194901][T10181] bridge_slave_0: entered promiscuous mode
[  322.258550][T10181] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.258641][T10181] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.258779][T10181] bridge_slave_1: entered allmulticast mode
[  322.262716][T10181] bridge_slave_1: entered promiscuous mode
[  322.265650][T10355] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1674'.
[  322.265675][T10355] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1674'.
[  322.409082][  T235] bridge_slave_1: left allmulticast mode
[  322.409113][  T235] bridge_slave_1: left promiscuous mode
[  322.409308][  T235] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.578296][  T235] bridge_slave_0: left allmulticast mode
[  322.578319][  T235] bridge_slave_0: left promiscuous mode
[  322.578459][  T235] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.847750][ T5603] Bluetooth: hci3: command tx timeout
[  323.068589][  T235] bond1 (unregistering): (slave geneve2): Releasing active interface
[  323.429060][  T235] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  323.508271][  T235] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  323.529042][  T235] bond0 (unregistering): Released all slaves
[  323.588137][  T235] bond1 (unregistering): Released all slaves
[  323.630474][T10189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.726015][T10189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.782584][T10181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.807768][ T5603] Bluetooth: hci6: command tx timeout
[  323.939073][T10181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.943746][T10189] team0: Port device team_slave_0 added
[  323.995933][T10189] team0: Port device team_slave_1 added
[  324.287894][ T5704] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.380570][T10181] team0: Port device team_slave_0 added
[  324.579529][T10181] team0: Port device team_slave_1 added
[  324.580161][T10189] batman_adv: batadv0: Adding interface: batadv_slave_0
[  324.580172][T10189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  324.580204][T10189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  324.580477][T10393] netlink: 'syz.3.1687': attribute type 4 has an invalid length.
[  324.701744][T10400] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1690'.
[  324.757284][T10404] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.757444][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.762285][T10404] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.766663][ T7456] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.767349][T10403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.772632][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.922275][T10189] batman_adv: batadv0: Adding interface: batadv_slave_1
[  324.922294][T10189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  324.922325][T10189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.924780][T10400] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1690'.
[  324.928482][ T5603] Bluetooth: hci3: command tx timeout
[  325.021306][T10412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1694'.
[  325.270443][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805ec96800: rx timeout, send abort
[  325.327865][ T5704] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  325.479744][T10181] batman_adv: batadv0: Adding interface: batadv_slave_0
[  325.479765][T10181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.481509][T10181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  325.498815][T10181] batman_adv: batadv0: Adding interface: batadv_slave_1
[  325.498885][T10181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.498973][T10181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  325.633450][T10433] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1697'.
[  325.698997][T10437] netlink: 'syz.1.1699': attribute type 1 has an invalid length.
[  325.718778][  T235] hsr_slave_0: left promiscuous mode
[  325.758450][  T235] hsr_slave_1: left promiscuous mode
[  325.758935][  T235] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  325.758950][  T235] batman_adv: batadv0: Removing interface: batadv_slave_0
[  325.798333][  T235] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  325.798354][  T235] batman_adv: batadv0: Removing interface: batadv_slave_1
[  325.887724][ T5603] Bluetooth: hci6: command tx timeout
[  325.888817][  T235] veth1_macvtap: left promiscuous mode
[  325.888880][  T235] veth0_macvtap: left promiscuous mode
[  325.889016][  T235] veth1_vlan: left promiscuous mode
[  325.889179][  T235] veth0_vlan: left promiscuous mode
[  326.367855][ T1010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.429847][  T235] team0 (unregistering): Port device team_slave_1 removed
[  326.468199][  T235] team0 (unregistering): Port device team_slave_0 removed
[  326.703015][ T5257] 8021q: adding VLAN 0 to HW filter on device eth1
[  326.703279][T10433] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1697'.
[  326.704063][T10437] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  326.726784][T10442] 
: renamed from dummy0
[  326.767827][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.821487][T10189] hsr_slave_0: entered promiscuous mode
[  326.822386][T10189] hsr_slave_1: entered promiscuous mode
[  326.914667][T10181] hsr_slave_0: entered promiscuous mode
[  326.927490][T10181] hsr_slave_1: entered promiscuous mode
[  326.937199][T10181] debugfs: 'hsr0' already exists in 'hsr'
[  326.937220][T10181] Cannot create hsr debugfs directory
[  327.283435][T10467] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1708'.
[  327.316030][T10471] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1710'.
[  327.356861][T10473] netlink: 'syz.3.1711': attribute type 1 has an invalid length.
[  327.456689][T10471] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1710'.
[  327.529281][T10473] 8021q: adding VLAN 0 to HW filter on device bond1
[  327.924183][T10501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1715'.
[  327.924208][T10501] netlink: 26 bytes leftover after parsing attributes in process `syz.3.1715'.
[  327.991873][ T5257] 8021q: adding VLAN 0 to HW filter on device eth2
[  327.997127][T10189] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  328.043846][T10189] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  328.048113][T10189] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  328.241078][T10189] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  328.243594][T10189] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  328.303875][T10189] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  328.359172][T10189] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  328.402697][T10524] netlink: 'syz.4.1723': attribute type 1 has an invalid length.
[  328.403815][T10189] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  328.491545][T10524] 8021q: adding VLAN 0 to HW filter on device bond1
[  328.670840][  T235] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.759449][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805ebfe800: rx timeout, send abort
[  328.794563][T10181] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  328.832495][T10181] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  329.230185][  T235] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.259519][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805ebfe800: abort rx timeout. Force session deactivation
[  329.259604][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805ebfd800: rx timeout, send abort
[  329.287183][T10181] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  329.322158][T10181] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  329.359504][ T5257] 8021q: adding VLAN 0 to HW filter on device eth3
[  329.360549][T10181] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  329.430081][T10181] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  329.431957][T10181] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  329.471403][T10181] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  329.487807][ T5704] net_ratelimit: 3 callbacks suppressed
[  329.487825][ T5704] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  329.632948][  T235] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.721967][T10574] syzkaller0: entered promiscuous mode
[  329.721989][T10574] syzkaller0: entered allmulticast mode
[  329.725968][T10579] syzkaller0: entered promiscuous mode
[  329.725992][T10579] syzkaller0: entered allmulticast mode
[  329.759650][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805ebfd800: abort rx timeout. Force session deactivation
[  329.807878][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  330.003776][T10591] __nla_validate_parse: 2 callbacks suppressed
[  330.003796][T10591] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1736'.
[  330.527815][ T1010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  331.567933][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  332.609921][ T5704] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  332.848557][ T3860] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  333.647867][ T5704] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.687915][ T5704] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  335.727832][ T5704] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  335.887896][ T5705] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.448333][ T5705] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.767850][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.807863][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.118996][  T235] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.192445][T10591] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1736'.
[  338.460974][T10189] 8021q: adding VLAN 0 to HW filter on device bond0
[  338.847902][ T5801] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.927895][ T5705] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.092144][  T235] bridge_slave_1: left allmulticast mode
[  339.092171][  T235] bridge_slave_1: left promiscuous mode
[  339.092334][  T235] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.169752][   T28] ------------[ cut here ]------------
[  339.169766][   T28] sk->sk_forward_alloc
[  339.169778][   T28] WARNING: net/ipv4/af_inet.c:162 at inet_sock_destruct+0x62b/0x740, CPU#1: rcuc/1/28
[  339.169826][   T28] Modules linked in:
[  339.169854][   T28] CPU: 1 UID: 0 PID: 28 Comm: rcuc/1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  339.169882][   T28] Tainted: [L]=SOFTLOCKUP
[  339.169890][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  339.169903][   T28] RIP: 0010:inet_sock_destruct+0x62b/0x740
[  339.169936][   T28] Code: 0f 0b 90 e9 58 fe ff ff e8 02 f9 22 f8 90 0f 0b 90 e9 8b fe ff ff e8 f4 f8 22 f8 90 0f 0b 90 e9 b1 fe ff ff e8 e6 f8 22 f8 90 <0f> 0b 90 e9 d7 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 95 fc
[  339.169955][   T28] RSP: 0018:ffffc90000a2fb48 EFLAGS: 00010293
[  339.169973][   T28] RAX: ffffffff89a2024a RBX: dffffc0000000000 RCX: ffff88801d6bdd00
[  339.169990][   T28] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  339.170004][   T28] RBP: 0000000000000f70 R08: 0000000000000000 R09: 0000000000000000
[  339.170017][   T28] R10: dffffc0000000000 R11: ffffed1004a6f47c R12: ffff88802537a040
[  339.170033][   T28] R13: ffff88802537a718 R14: ffff88802537a3c4 R15: ffffffff8f440000
[  339.170051][   T28] FS:  0000000000000000(0000) GS:ffff888126244000(0000) knlGS:0000000000000000
[  339.170069][   T28] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  339.170084][   T28] CR2: 0000200000000080 CR3: 000000003a63e000 CR4: 00000000003526f0
[  339.170120][   T28] Call Trace:
[  339.170128][   T28]  <TASK>
[  339.170138][   T28]  ? __pfx_udp_destruct_sock+0x10/0x10
[  339.170166][   T28]  __sk_destruct+0x89/0x9e0
[  339.170190][   T28]  ? __pfx___sk_destruct+0x10/0x10
[  339.170233][   T28]  rcu_cpu_kthread+0x950/0x1480
[  339.170263][   T28]  ? rcu_is_watching+0x15/0xb0
[  339.170298][   T28]  ? rcu_cpu_kthread+0x20b/0x1480
[  339.170333][   T28]  ? __pfx_rcu_cpu_kthread+0x10/0x10
[  339.170369][   T28]  smpboot_thread_fn+0x57c/0xa80
[  339.170405][   T28]  ? smpboot_thread_fn+0x4e/0xa80
[  339.170444][   T28]  kthread+0x388/0x470
[  339.170467][   T28]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  339.170499][   T28]  ? __pfx_kthread+0x10/0x10
[  339.170522][   T28]  ret_from_fork+0x514/0xb70
[  339.170547][   T28]  ? __pfx_ret_from_fork+0x10/0x10
[  339.170572][   T28]  ? __switch_to+0xc89/0x1420
[  339.170607][   T28]  ? __pfx_kthread+0x10/0x10
[  339.170630][   T28]  ret_from_fork_asm+0x1a/0x30
[  339.170664][   T28]  </TASK>
[  339.170683][   T28] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  339.170710][   T28] CPU: 1 UID: 0 PID: 28 Comm: rcuc/1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  339.170739][   T28] Tainted: [L]=SOFTLOCKUP
[  339.170746][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  339.170759][   T28] Call Trace:
[  339.170767][   T28]  <TASK>
[  339.170775][   T28]  vpanic+0x56c/0xa60
[  339.170802][   T28]  ? __pfx__printk+0x10/0x10
[  339.170835][   T28]  ? __pfx_vpanic+0x10/0x10
[  339.170861][   T28]  ? is_bpf_text_address+0x292/0x2b0
[  339.170891][   T28]  ? is_bpf_text_address+0x26/0x2b0
[  339.170925][   T28]  panic+0xc5/0xd0
[  339.170950][   T28]  ? __pfx_panic+0x10/0x10
[  339.170981][   T28]  ? ret_from_fork_asm+0x1a/0x30
[  339.171012][   T28]  __warn+0x315/0x4c0
[  339.171037][   T28]  ? inet_sock_destruct+0x62b/0x740
[  339.171068][   T28]  ? inet_sock_destruct+0x62b/0x740
[  339.171097][   T28]  __report_bug+0x331/0x530
[  339.171118][   T28]  ? kasan_save_track+0x3e/0x80
[  339.171143][   T28]  ? kasan_save_free_info+0x40/0x50
[  339.171176][   T28]  ? __kasan_slab_free+0x5c/0x80
[  339.171204][   T28]  ? inet_sock_destruct+0x62b/0x740
[  339.171237][   T28]  ? __pfx___report_bug+0x10/0x10
[  339.171267][   T28]  ? inet_sock_destruct+0x62b/0x740
[  339.171302][   T28]  report_bug+0x16a/0x220
[  339.171323][   T28]  ? inet_sock_destruct+0x62b/0x740
[  339.171353][   T28]  ? inet_sock_destruct+0x62d/0x740
[  339.171383][   T28]  handle_bug+0x9c/0x200
[  339.171408][   T28]  exc_invalid_op+0x1a/0x50
[  339.171431][   T28]  asm_exc_invalid_op+0x1a/0x20
[  339.171453][   T28] RIP: 0010:inet_sock_destruct+0x62b/0x740
[  339.171484][   T28] Code: 0f 0b 90 e9 58 fe ff ff e8 02 f9 22 f8 90 0f 0b 90 e9 8b fe ff ff e8 f4 f8 22 f8 90 0f 0b 90 e9 b1 fe ff ff e8 e6 f8 22 f8 90 <0f> 0b 90 e9 d7 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 95 fc
[  339.171503][   T28] RSP: 0018:ffffc90000a2fb48 EFLAGS: 00010293
[  339.171523][   T28] RAX: ffffffff89a2024a RBX: dffffc0000000000 RCX: ffff88801d6bdd00
[  339.171541][   T28] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  339.171555][   T28] RBP: 0000000000000f70 R08: 0000000000000000 R09: 0000000000000000
[  339.171568][   T28] R10: dffffc0000000000 R11: ffffed1004a6f47c R12: ffff88802537a040
[  339.171585][   T28] R13: ffff88802537a718 R14: ffff88802537a3c4 R15: ffffffff8f440000
[  339.171606][   T28]  ? inet_sock_destruct+0x62a/0x740
[  339.171639][   T28]  ? inet_sock_destruct+0x62a/0x740
[  339.171669][   T28]  ? __pfx_udp_destruct_sock+0x10/0x10
[  339.171698][   T28]  __sk_destruct+0x89/0x9e0
[  339.171729][   T28]  ? __pfx___sk_destruct+0x10/0x10
[  339.171755][   T28]  rcu_cpu_kthread+0x950/0x1480
[  339.171784][   T28]  ? rcu_is_watching+0x15/0xb0
[  339.171820][   T28]  ? rcu_cpu_kthread+0x20b/0x1480
[  339.171855][   T28]  ? __pfx_rcu_cpu_kthread+0x10/0x10
[  339.171892][   T28]  smpboot_thread_fn+0x57c/0xa80
[  339.171928][   T28]  ? smpboot_thread_fn+0x4e/0xa80
[  339.171967][   T28]  kthread+0x388/0x470
[  339.171990][   T28]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  339.172025][   T28]  ? __pfx_kthread+0x10/0x10
[  339.172049][   T28]  ret_from_fork+0x514/0xb70
[  339.172074][   T28]  ? __pfx_ret_from_fork+0x10/0x10
[  339.172098][   T28]  ? __switch_to+0xc89/0x1420
[  339.172134][   T28]  ? __pfx_kthread+0x10/0x10
[  339.172158][   T28]  ret_from_fork_asm+0x1a/0x30
[  339.172194][   T28]  </TASK>
[  339.172361][   T28] Kernel Offset: disabled