last executing test programs:

10.007012726s ago: executing program 0 (id=962):
gettid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a", @ANYRES32, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r3, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r4 = getpid()
inotify_init()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x58, r1, 0x8, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x9}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xe}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0x200000c0}, 0x81)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r7, 0x0)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)
connect$unix(r5, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r8 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f00000001c0)={0x2, 0x0, &(0x7f0000000100)=[<r9=>0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000600)={&(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, <r10=>0x0, 0x0, 0x0], &(0x7f0000000440)=[{}, {}], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0], 0x2, 0x6, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r8, 0xc01864c6, &(0x7f00000006c0)={&(0x7f0000000680)=[r9, r10], 0x2, 0x800})
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r11, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001740)=ANY=[@ANYBLOB="300000000d0635358245ca6e8fda3530010200000000000000000000000005000100070000"], 0x30}}, 0x0)

8.641659404s ago: executing program 3 (id=965):
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r1, 0x4b72, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r2 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000100)=@IORING_OP_FADVISE={0x18, 0x40, 0x0, @fd_index=0x2, 0xc0f, 0x0, 0x8})
io_uring_enter(r2, 0x133d, 0x0, 0x8, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f0000001801ffff636c012500000000000000007b1af85be741f4880007010000f8ffff018000000000000000b7030000000600000095000000000000006fa31b2443ef2e66c5a0e8ba8cf7325e08bf8c6fd75befbc7be4eb1fcac660e0de264bb9084e87dfdf88d26409598de5466602a70a6364390ab9c774ec503f0e91a18e3edd2aec22aec7bc3280bd0aac5c823735c2fd408a26cbe75ac26f832de53bd3b03011f2f7fdbe210df282647b61eb97bf0cd2bdd5b950669c8258158bd8f5bfa4193d31116194fc159be3f29c9a56d11accde0e934da78c6c5096fcfcdd56a0"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB, @ANYRES64=r3, @ANYRES64, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r5}, 0x10)
getpid()
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket(0x11, 0x3, 0x4000000)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000880)={'ip6gretap0\x00', <r8=>0x0})
bind$packet(r7, &(0x7f0000000180)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @remote}, 0x14)

8.636588494s ago: executing program 0 (id=966):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
open(0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000eb03010000000000000010000a00000a"], 0x28}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x42, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

7.621201848s ago: executing program 2 (id=969):
openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="080086dd0001110004600000a60c6eec00be06383cfffe8000000000400000000000000000aaff020000000000000000000000000001", @ANYRES16=r1], 0xfdef)

7.114716892s ago: executing program 3 (id=972):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$rds(0x15, 0x5, 0x0)
getpgrp(0xffffffffffffffff)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a7c002400060a030400000000000000000a0000050900010073797a3100000000500004804c0001800b00010074617267657400003c00028024000300733900000455afb9fdd672bad09dfb78c7699c74e891a0c7000000000000000008000240000000000c00010052415445455354000900020073797a32"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}, 0x1, 0x7a00}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}}, 0x84)

6.983285482s ago: executing program 4 (id=973):
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r2 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x4000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
tkill(r2, 0xb)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000019080)=@req3={0x6, 0x101, 0x101, 0xffffffff, 0x3, 0x5, 0x8}, 0x1c)
syz_clone3(0x0, 0x0)
mq_notify(0xffffffffffffffff, 0x0)
socket$key(0xf, 0x3, 0x2)

5.99994464s ago: executing program 2 (id=974):
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x48000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_dev$MSR(&(0x7f0000000040), 0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b80)=@migrate={0xa0, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0xfffc, 0x0, 0x0, 0x0, 0xa, 0xe0, 0x80}, 0x2}, [@migrate={0x50, 0x11, [{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, @in6=@empty, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x8}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x42000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newtaction={0x7c, 0x30, 0x1, 0x0, 0x0, {}, [{0x68, 0x1, [@m_vlan={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5}]}, {0xffffffffffffff95}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fadvise64(r3, 0x7f, 0xffffffffffffffc0, 0x5)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x4e20, 0x7d4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r6=>0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r7}, 0x38)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f00000002c0)={@private1={0xfc, 0x1, '\x00', 0xfd}, @mcast1, @dev={0xfe, 0x80, '\x00', 0x21}, 0x3, 0xb, 0x0, 0x100, 0x8000000000020001, 0x0, r6})
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r8, &(0x7f0000000340)=[{{&(0x7f0000000300)={0xa, 0x4e3a, 0x1, @private2, 0x9}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000040)="06", 0x1}], 0x1}}, {{&(0x7f0000000000)={0xa, 0x4e20, 0x5a0, @private1}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000480)="a4", 0x1}], 0x1}}], 0x2, 0x4058040)
r9 = socket$netlink(0x10, 0x3, 0x4)
writev(r9, &(0x7f0000000080)=[{&(0x7f0000000e40)="480000001400190d09004beafd0d36020a8447000b4e230f00004e20a2bc560119d7004f19dfb7f393d7359031033f817f00000000000000000101ff05c00e030002000000ffff01", 0x48}], 0x1)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000002c0)={@private0, @empty, @private0, 0x0, 0x6, 0x0, 0x0, 0x6, 0x150042, r6})

5.895246629s ago: executing program 4 (id=976):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
setreuid(0x0, 0xee00)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@empty}}, &(0x7f0000000080)=0xe8)
quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, r2, &(0x7f0000000200))
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000300)="390000fa461a6683ec19d3e48489bffa5602001300111200000f0000ff3f21000000170a001700e0da8979d2fc6ca9e48270faf047145bc79e0b9971bcbedac0eead49dbecf96e", 0x47}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r0])

5.301268041s ago: executing program 3 (id=977):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000200)={[{0x5, 0x0, 0xa5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1e)
fanotify_mark(0xffffffffffffffff, 0x22, 0x800101b, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)=')\x00', 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r4 = syz_open_dev$usbmon(&(0x7f0000000040), 0x3, 0x0)
r5 = fcntl$dupfd(r3, 0x406, r3)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000300)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
readv(r4, &(0x7f0000000880), 0x0)

5.275935427s ago: executing program 4 (id=978):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@ipv6_newrule={0x1c, 0x20, 0x100, 0x70bd28, 0x0, {0xa, 0x14, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10017}}, 0x1c}}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000000114000200fc02"], 0x5c}}, 0x0)
getsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4)

4.817061715s ago: executing program 2 (id=979):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
syz_io_uring_setup(0x315b, 0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080045"], 0x0)
r2 = syz_io_uring_setup(0x891, &(0x7f0000000140)={0x0, 0x8c36, 0x80, 0x2, 0xbfdffdfc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000f40)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/146, 0x92}], 0x1, &(0x7f0000000280)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r5=>0x0}}}, @cred={{0x1c}}, @rights={{0x10}}], 0xe8}}, {{&(0x7f0000000340), 0x6e, &(0x7f0000000440)=[{&(0x7f00000003c0)=""/111, 0x6f}], 0x1, &(0x7f0000001100)=[@rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}], 0x188}}, {{&(0x7f0000000540)=@abs, 0x6e, &(0x7f00000006c0), 0x0, &(0x7f0000000700)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x88}}, {{&(0x7f0000000780), 0x6e, &(0x7f0000000e00), 0x0, &(0x7f0000000e80)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}], 0xa0}}], 0x4, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x90, &(0x7f0000001040)=ANY=[@ANYBLOB="8a00488925632edb9a03003d05719968004ed622b16669bd978281cc6330820d03f0a56727015de24f9028bba7dcce25ca846a3024fef2a9bc71b47c5c486673922038923e53fadc99ff7b53eebce4ce3b1688ca1b8996381ca214dc42e482d58c6f35257871e477b97473d573a7d62b3e96d782d441c380191fa11b3b59d2dda6129b78593b69adb98397c6"])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
quotactl_fd$Q_QUOTAON(r6, 0xffffffff80000201, r5, &(0x7f0000000040)='./file0\x00')
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x5, 0x2, 0x1})
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x2)

4.595178682s ago: executing program 0 (id=981):
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000040)={0x0, <r0=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000080)={r0})
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x4}}, './file0\x00'})
r4 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x1501)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x3, 0x44, &(0x7f00000001c0)={0x1f, 0x3, 0x17, 0x1}, 0x50, 0x20, 0x3, 0x0, 0x4bf, 0x404, 0x0})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$USBDEVFS_REAPURB(r4, 0x4008550c, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6}, 0x94)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)=@newtfilter={0x2c, 0x2c, 0x400, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xd, 0xffff}, {0x7, 0xfff1}, {0x0, 0xf}}, [@TCA_CHAIN={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x8c)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000300)={0x0, 0x0, r2, <r7=>0x0})
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000080)=0x2)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0x19)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000280)={r7, 0x0, 0x3, 0x3, 0x1, [], [0xfffffffe, 0x9, 0xfffe], [0x4, 0x4, 0x6], [0xffffffefffffffff, 0xe, 0x40000000c, 0xfffffffffffffffd]})
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
pipe(0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
close(0xffffffffffffffff)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r9}, 0x18)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
close(r10)
socket$nl_generic(0x10, 0x3, 0x10)

4.594481154s ago: executing program 4 (id=982):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="050000", 0x3)
writev(r0, &(0x7f0000000640)=[{0x0}, {&(0x7f00000003c0)="9e26d91653d47390a2f3d5bbf427088ec475be4e410fe43a080c9b4911d561ed6da4c9b56bb4783d2e6ba812504e6ff45adb11653e40a199077be178976183be841781e91588d0a96429e2464a3a73fdb4e9139a6be827ecb3a24f41476a285299a205a09163ac786544415529ca080ccbe610c80d1d91fcc00ab9ae195c394d8c9f3b4b161972ff2a100a668d2844e54ca25463dfe4dcb527bb020f77173cf280e4a61ab5fb36945abdd9236d217b4e651253647bc3b616882cb322a9967d3263f471c681fb21f381fa2e47c12458f1c78382604e7d2459e3269c192d377ed9988a307ab38e2c3dac56", 0xea}, {0x0}], 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet(0x2, 0x2, 0x0)
socket$kcm(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xd94, 0xfffffffffffffff4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
symlink(&(0x7f00000005c0)='./file1\x00', &(0x7f0000000600)='./file0\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200), &(0x7f00000002c0)=@v3={0x3000000, [{0x2, 0x9}, {0x3, 0x3ff}]}, 0x18, 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
lchown(0x0, 0x0, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@delchain={0x1ccc, 0x65, 0x4, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xc, 0x10}, {0x10}, {0x2}}, [@TCA_RATE={0x6, 0x5, {0x8e, 0x2}}, @filter_kind_options=@f_basic={{0xa}, {0x1c, 0x2, [@TCA_BASIC_POLICE={0x10, 0x4, [@TCA_POLICE_RATE64={0xc, 0x8, 0x8000000000000001}]}, @TCA_BASIC_CLASSID={0x8, 0x1, {0x0, 0x3}}]}}, @TCA_RATE={0x6, 0x5, {0x3, 0xa6}}, @filter_kind_options=@f_basic={{0xa}, {0x1c64, 0x2, [@TCA_BASIC_POLICE={0x480, 0x4, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x0, 0x1ff, 0x8, 0x3, 0x4, 0xffffffff, 0x0, 0xa0a, 0x8, 0x80, 0x5, 0x1, 0xdb, 0x7, 0x2, 0x4, 0x9, 0x1, 0x7, 0x80000001, 0x4, 0x8, 0x8, 0x1, 0xfffffff7, 0x10001, 0x3, 0x1000, 0x8001, 0x101, 0x1, 0x4, 0xc34d, 0x8c, 0x0, 0x1000, 0x2, 0x7, 0x0, 0x4, 0x9b, 0xc, 0xfff, 0x3, 0x7, 0x80, 0x9, 0x4, 0x9, 0xe, 0x8, 0xb9, 0x0, 0x5, 0x71, 0x10001, 0x7, 0xf, 0x1, 0x0, 0x7ff, 0x8, 0x1, 0x9, 0x1, 0x2, 0x7, 0x5, 0x6, 0xffffffff, 0x9, 0x58, 0xa0000000, 0x8, 0x859c, 0x9, 0x10001, 0x4, 0x0, 0x6, 0xfffffff0, 0x1, 0x6, 0x2, 0x1, 0x400, 0x0, 0x100, 0x7, 0xfffffff7, 0x10000, 0x5, 0x5, 0x480, 0x3, 0xfffff96c, 0x2095a66, 0x9, 0x1, 0x7, 0x8b, 0x7, 0x9, 0x3, 0x9, 0x7, 0x3, 0x8, 0x0, 0x2, 0x3, 0xd, 0xa, 0x1, 0x81, 0x26e, 0x6, 0x0, 0x20000, 0x7, 0x2, 0x7, 0x100, 0x6, 0x2, 0x1ff, 0x9, 0x23b, 0x7ff, 0x9, 0x8008, 0x10000, 0x8, 0x9, 0x6, 0x4, 0x5, 0x2, 0x7f, 0x2, 0xe483, 0x1, 0x4, 0xffffffff, 0x14ec, 0x4, 0x5, 0xa, 0x8, 0xfffffff7, 0x10000, 0x2, 0x51f5, 0xbdb3, 0xf, 0x2, 0x5, 0x400, 0x5, 0x6, 0x9, 0x3, 0x10000, 0x7, 0x5, 0x3, 0x5, 0x101, 0xc009, 0xc, 0x7, 0x1, 0x2, 0x1, 0x4000800, 0xf, 0x3, 0x5, 0x1, 0xfffffff7, 0x4, 0x8001, 0x4, 0x7, 0xaa, 0x0, 0x8, 0x400, 0x101, 0x1, 0x2, 0x9, 0x7fff, 0x1, 0x7f, 0xfffffffe, 0x0, 0x7, 0x77dd, 0x1, 0x2, 0x6, 0x9, 0x81, 0x7, 0x10001, 0x5, 0xc8a, 0x6, 0x800, 0x8, 0x5, 0xb, 0xa, 0xff800000, 0xf, 0x401, 0x7fffffff, 0x2, 0x8, 0x6, 0x9, 0x6, 0x8, 0x2, 0xd, 0x0, 0x683, 0x3, 0x6, 0x3, 0x2, 0x9, 0xffffffc0, 0x8, 0xff, 0x5, 0x5b9, 0x7, 0x1, 0x3, 0xffff, 0x6, 0x4, 0x1b6, 0x1, 0x40, 0x7, 0x9, 0x2, 0x5, 0x2, 0x7, 0x7, 0x2]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x8, 0x2, 0x600000, 0xb950, {0x1, 0x1, 0x83f, 0x9, 0x7ff, 0xba}, {0x3, 0x1, 0x3ff, 0x40, 0x0, 0x7}, 0x7fffffff, 0x800, 0x5f}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x6, 0x7fffffff, 0x81, 0x8, {0x2, 0x1, 0xb5a, 0x81, 0x7, 0x40}, {0x78, 0x2, 0x5235, 0x1, 0x2, 0x2}, 0x2, 0x5, 0x8}}]}, @TCA_BASIC_POLICE={0x24, 0x4, [@TCA_POLICE_RATE64={0xc, 0x8, 0x1}, @TCA_POLICE_RATE64={0xc, 0x8, 0xff}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}]}, @TCA_BASIC_EMATCHES={0x13ec, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}, @TCA_EMATCH_TREE_LIST={0x11a8, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xe4, 0x1, 0x0, 0x0, {{0xffff, 0x0, 0x6}, "8c06ec7d1bd203f82727b6a94d6cc38b0cf254440e63095a01907b255c4f15dc97855403d07773815739120af19598c70997fe8329c45db079659decf3e926a54e8023fc4b5bcd2180420a0eca12d7bf2dc1997df4c73f822e05791d52c5b653423637d6393fc6b75e5dae58ccb3d7fbe37ee941a1717bf574f2a0ee7a41a80175e99c476065596964d9be50fca191d8f3bc8437efb18c3bc20b3876430e8c37f89d1e8da7074d9f6bdb88360dc811b583579af01b103c8cd682062737a23ae5495630ba9b93dbe1ae6fb56cdb6a27a96057753d0cda80"}}, @TCF_EM_CONTAINER={0x74, 0x2, 0x0, 0x0, {{0x10, 0x0, 0x9}, "8465aee4f02d4ab2dd05fbed21d94e87cef81d09364a93b476868192b4af0be23af2fee7c28c188c29db40be638e7de5a6234dac462285c66dcba0fa8c938868325e90cccbdecb9f73f9754afd295bf0f53d7851c2613c58bf4f3da4aafdce3e1e2ce1886a68"}}, @TCF_EM_CONTAINER={0x100c, 0x3, 0x0, 0x0, {{0x5, 0x0, 0xb}, "1e12bfbd17736c13f2d7c28932d91a6dd49c51d514dbd6e70c0fef623b50b95606a38b6261cce33472a6d1f4257a923ff23d08aa22d7e0fd413a85cd5f47663619dc402619d3842f33f9df9ad1b98efc3fd5416c2810d2fc0ce276c2826631838a1f1d274401248f4e226e1e8361977a49e8ce1a0f0b71cd2c543dad3e8eedb486719f270d03278cfb107caef68c5cf2fb6d8c6834b89c5a445bbabf8535f32e5197d4cc642fa48ea2f11feb5de7b20e1c6a4f185b1b26de8bc419e3312c7abf3021aa15728582640b60ff044c8ae318ea91c83aac60b144f40d14c1fca7a6de9f0a54937d7492da97a47475473f8a62878f96a6ca25185fa43d6c11a7329778a598b9ae9e3df0198c7f767d1af704099d6e289c549dc76fe4694a44e06beb245e693519dfacd95910d06c9fdca0eda64af0ca30b0e2f0e080ce74f3746784a0090414c8d8e3715df1097907fc64c18489df929368500a5b6973bf97f82e67e7c8f2ad3c4fa7f9149d7e5e6b37750620fdcbc81f9c2d9e6bf0b37bd8825d20e777eb79a70dcb8fa8bcdee0786f4ac764f795fed61fab22b434035e1c19d2149200c37f42eb8b538d7554974796073c1a65f3d1ba15ba605f2936cd019acd9c1fe98791f879b39064ea6645e79a24b43a0f4652007eedb86994ed29a115347926d60cf84da05a45a2723ebff1c6f794c7b7ee91238b9a7ec8252a59ebfcc8d13f119271d198c90ddbecbcca95ede7f0fa06237e5fd2ebe9373c1146e349baf2909d26d75afae569924eaf09be3e56b6e94eb95a2a5657fe9cbb4c292cee194598a3192ee85d916a5a48994e7fd343bfaf962d965f64ae628ccb1522e090e1a5df97499caa07d564fd322bfcf170129b3c841ac8c118258e05238ce199bcf0cc0dc4892d29ec80621012c2a7a052149c122580959c7feec9d0e242ac40bfd680e04138bb18a9a4db55ae149d2fd5a8ce5468412fa752bd875f6fec161aadc88bc739831a16bc3a4aae81985450633248e607b8a1a103eb80bcb82713847588d83bacae6d5f04a67ab479119c1f2d7226759462742c063cb589fd2cfe4427b926e65f8bbbf6522f2920ba4516b6d2aed6eea961abcdecbea7989f059ffbc267a7211bb138f1e55450f5983c16926d2dd3dd22666083bbac295da062700565e43456f3a34cd79ee832954130c2706b797ccc283abff90e75f10e98b4abf5b26abb644750dc349d54c7ee0c42933cd794eb424dbfe5f147ce4448667d70dd5d5c37faa5b933a76df27f9ed6902cbd3aaa9717fd8ebadd0cdc60e2df87b51c07d6b4a6173a486d7ff04cbada5b4aa9a4815a09c0d4cc2469b4ff44c86dab965e3c909646157e7f4f4cd224dece584d8fb4e8889201a2b7435ba63b61fc70d6ae841abfd18060af6d92933d9b98a082ce3cedcfd1ab848d0b265aafb7d82db5f24204273813a55fb859c92bde9573944c64d48bd93146d1b1b28e53568746b0846fcdc0763b5924807c2292fee5ed391f76a2b6686eb2b6df9ebde4e3c1dd2cc6e753a9e91ab300de014e9b9c605437fdfaacec4585c6d7721db158c09a1cbe393db98e5e990b58c21b51ddcb624998dda364c287c5afaf20878c04005225dcf7ca258968251ae0d6b16192f76f3bae33134586b300e489ff6b8e3beb00bc1bd77f423a302b77176f7637a97c2d06885fc7864bd4ae9aac1be27d17d0fc3cda8a4a60f1525c7ed3f9cdb13270c55f1ca8fa7815b10fd696a4dd52f5b1bf67143e5cc1ad11c02b8e38a66cb9fd099dc3eb4a963f3f671cdf9d3663768047d860584e1d2e088cc42d31e67b09c35508025ec0966d6968bbf81d3fb93917f5af215cd72b0e0ff447020bfb6010ebabd7aae3cc55d47917dc5d0f0139daba116962c2f8b24f64d5ceb65c595237f57fe10b9eed5ce70c5e46b93d938b4bc89aa47cf123e00b77007b18079c3d6b9dd651ee6c102c62ef0a66f7166ab4f0e36a5d0bff85c48074bfb79503717c244016e49309caa747efc9a8d58c000e01f56875a1936869392900d882723201cf6bad712895534b6a75f024868d6185cf5d2722b8f31a2bcd9bb0e33700e3d08a596338146f758caeb1384ec6a23d1618afe0a2bc79e0f41ecfe4b74489247c2885de7da1bed573be3ccb9e376b98884b40b225a499a0f1ae7987d59cd0eaf13dd2caf07de1b358dd03d4b12de2312a44776eeb673eee57dd82e8e70a44ef64970770433fd64560bd10b1ab8b5db236c20c5c82852efd8b2755d9c74af0a33fd5735a94379fafc883fae963d9ddb7080a102234d34da31595fbb1befe1206bf69e13c2ef1e0c5afba3cbed12cca96ef94f2e487d55d3ad1a29e492ee77439fcb2d6d0a47d82a23c2dee26769634c1555fe51e43ab7b5d739162a2ca87d7da9cab61499f729b3f54afbfefd84aa0238ac16a876caa654ee2aa048048e7a1de3e5031a7bf005c57dcb2934b5f03be8de8d0dc7f3f2fde95fff5d3cb18257804d00d88eb8fd6d0bf66a81fb36eb7b0175f672942fa54200110a4eab3e30daea3420578473b856b1febc55c1433f17e4e01c1390ea57bc741a4ab3a82a8aafa93639a09d68b9461b70408ec597f8ce896e515576e85819b98f2717e3c40e331c96c33cba91f6dd0c53dcb8f72b86580541abf1c4cbaec86bdded010be1695bf58c0cc5f18249393e4107efeb6a9db3ecc3fd75f905e8bc90bd3beae83c0dd282ba6db3fca8e6ba2b30f4aba7ba63ee8ae14b6c43f33667535f1a102bcddd2ef86f94bdec729e199d8457fefa85c071b6226654506c591967c4bccaf3a08dfe7de8e2898bb76d8bb92b1d1b46b785f5155cf21ba8fb3bf8520d851724be063753ab129e7c11349fa86dceebf7ca1a4258706c676fd8c233e3af890a8f736e0e9b1e7cb159a6a8fa86c6c85940f3a706e33729f2c9b002e9f97ed86753f4b34d54fd85b24722214f154f056e388484be810ab137bac93047456d6d3eda39e08b164bf6bf4d40f44570f562e3d1c74ac7cba14ace6f14eb90dc173b752640e884f7191ed890dc99c9fdf9be1a5c2ecf8c6e99d373a4a806382ebc19366e5c1eecba2634647a2d034d029c9e4705a0e1e8f5eedb338c150bd682eda642382c596e1278388105877d2163eb8ec8a6696ba8af891096e139a7785ae6d4131ada76f0ddacc07a174f8a6564536878a8067d276d672810c2091d4138c354f1ae352ed994e08a5f15f0d3661c14dc777e8e11525ca9a97482a6c8ea76d173e918903787fc232680f1570286392e9b7808142d603747351538145d0de8a177106ddf6db4ead83a446ec9b5c867c4a81d2d5430ac1be1fb4da64a201a9f04ac322fbadc050b91e33fe0a8264c3dbfff6865b5a4e2011cce8adee29304568b341e2202a224fbebf8df32176bad9f987d0cb86568dd75133cbfc2e8891dd448ad5634e6ce78c2a84a70ec6dfe21b86f3aeece572aa84b1b8bbb4cd236cccc29b4720b13e40e7fc92b95d572f2082a6f969d6dbe746eafce7a0d4cb44fe90f40ec9aaa1fc55134bc4f12293a62e5c952d6cf7db89e63b4db12b98ffffc1b12a04e50b4b5e90fe1cb2b24b9b8b338722d6efcbc1213b9bae04cce524c5836b5262508355bbd19b1f16785e720c0666eced07e7ed911edba528776ed5a706a5ae5e98f2886129b4929c0c0dc95a0062905cccdc7f3d48311ece3e33faab217d5ecebcccb339b84573e70776eead9c8786de093fc3a0d347567f94318b2ec09ebc6ba8eebc3b440007dce282177ed29db2ee48501c909956c15eeb28f4501651c780fd1017bb2bdcafac573e1e437ae6ce9a6e5eac9a55f8383dff53a1ca5338f259e0528aed230f441cad90c4117b7b23f1d864945dbbfafca879aaab113de2f65d4ccee56436b77ce970ad9e67e4dd2bd5b48b9799c33fb183ff3ba2f629191e299351b9c955899f93f8cd6934cfeb7b0f743f1a69eeeeebd0ea749b58f4616286f971905803631f3615255df7dcc1243eedb71a0f45c92d28848cf9e991b4d42e1fb58f5c9ff8a8adc9ec677cfe4cdb36e9195a5bd7002713a82c9e9d6d8d97e077af2f6cd6963ac3c09d41300de2cb2546a4adc85f83df0a2f32e27c550a9fc56f93433c1f967abe8faaa1b491538773ec2930933fb873592f64c7e85d5db423f52546f8df46da66a5d7c350d6939b4852d254217de9fc6487bbe020ed6a3091bc690c6cea0e166b3c0ad5058e2f38e8e03cadd90d35dc2dca9bb9f557e42f64d3f88eb7ac7ab9899c9b2066ea3669c629d225723b87eb48e59f3630452868013803f87e26edc35891c61b8412af0dcc1679c4634e07415a48c6f1d5019286c32f257e5a51ea81a52d41a3bcda9a5acc5dd559d642004abf0ae16a5b88d0d0ede98eb36f23908e1e4b1733284627e14025fa3f7598eca9d446c9eb292e2850c1423477ea59f4b2da5e43b8d1258f6387ab38d16b07849b07a9e563c49b5f451ca99b5f7e647e9a5868a13ee9e342f7a7ad5d246118c5bef22d6551a75940b22066748a5a47d1557f67f9bec84aedb980ff74638f29fd15199a9f83e4cd35615815050c0c67f0d103da75697ca8734939d18009dfb4408eab9dc73896a44a9be0d69c77f2d91511beafe21a8c9209d277b5ef88280d6ed8a5b190eb37b8b1b666d7408e514eeb34428604e2b01613c3d65fe49d4d765e2ac3ab33906ebd0409ee1fa167e8729224eeea0cd76d5124835e27c38339554d92fb4fd952e09fd0f8a79a423a8f8ebfeabb6da9494e39b3a68479802776afd4138e5aee0e5c4164507592dfc495fe377fa2a1affebb14a938c5015d9d65d945c49c4efa9bac3387165df93c90d5cf26bbb12c06dd4085bf9e32d3c3aba54891a71ee4628bd09db870175d3cb9c35ac07388de94e14ff335769b3ac0cf615b6ee4fdac05972c55e2cd30302fe0392664c1d6b6dbd090c7985aa7fcc3cd6b9046fa0135bdf2be864739b8cc14bc29762efe1d563e7ccae92cbd870a072fb6aa4d6f412377ca77e9472dc89cfce7686ee7d47e7c75e0c2ca54fa08392b620b3b4b50bbfe6625cf1b46a580406b51875c8cca67ce81391e9ef6ede92acc7a751d4fbfee8aa4022e5180895656b67b2fb30ed72f9670403d170897227abfb576177907cf5aa3d98f77a2b4de8871fe4e64732ca5547573200b4f3066ef5743129c4091c7689385ff4d9b6c67eb7fb8ee505beaf1def2b676478e5374335312d3d51ae6c6939662651055ad88c08733ce35d7aff236178ad1f87ff996119cb251af0394b952cabe0f7844f6b9cfb1aa29550d48434164d7bcbcb96a7969019ae8bec26b6bbb1a9f6bf00db504425c4232e92a9e63a274a6d6017eefe616f176d4ee35212c83a7e6d50a9c4c24fb9462778800cdd63be2401465a3c72d3c008b116584006e1e005aaef72bac0f0e4638c9fb0c4e2b3168e3cd42648077004a4b06c7eb38672f0717dd6939d7c486a2be548b2f0d6fd0a530943824f73f46dfde889d8cb388c082a7f8eecd6f6e63081003624bbc8dd43c54f0a23b7913c325bf75ac8e36d8d8e5e43125153d5007563fb6a4c02f7cd44001d624d0f9932b6eb80d3ce3563acb31d355474035eeb66de2a192bfd5536fdce59c18b6da2609e8fee3a349650ae14473cc3549f58c75d532b1892fa636685085d2b9b109f7166d17836f1aaa973edd100a44d31664b5f9d6690e7a749871995a242b8e3f88c8ee018bc3904983c62e44448e71954c23cfb5d09561bdffc164f7d90a813786e4cbf6bde66cfd79dcd20e95f733d4f75c"}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x1, 0x7, 0x5}, {{0x2, 0x1, 0x1}, {0x4, 0x1, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0x0, 0x0, 0x6}}}, @TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0x8, 0x0, 0x6}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0xf72, 0x7, 0x7}, {{0x0, 0x0, 0x1}, {0x3, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x200}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x25}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfe}}, @TCA_EMATCH_TREE_LIST={0x210, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xbc, 0x2, 0x0, 0x0, {{0xbbe, 0x9, 0x6}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x7d}, @TCA_EM_IPT_NFPROTO={0x5}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x81}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x7}, @TCA_EM_IPT_NFPROTO={0x5}, @TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_DATA={0x67, 0x5, "c13875963d9b545a1aa8cf48ac2ed46eea691f4fe0ce985579ed3c8a21b47302f6fe094426cfe5e94406bfda399938f2ee238e22e7f100e307ef4b58103d706e38161b57534d224178695e00bd0cc1b31703a1c0831d6a326be36dabc451913b6ac581"}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x1}]}}, @TCF_EM_CONTAINER={0xc, 0x3, 0x0, 0x0, {{0x2, 0x0, 0x2}}}, @TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xfff7, 0x3, 0xfff9}, {0xffffffff, 0x75d, 0x2, 0x7ff}}}, @TCF_EM_CONTAINER={0x28, 0x3, 0x0, 0x0, {{0x1, 0x0, 0xf02d}, "a095129a67ef212362335517e57e5123519bcc5a47224955b955"}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x3, 0x8, 0x80}, {0xffffffffffffffff, 0x2, 0x2}}}, @TCF_EM_META={0x2c, 0x1, 0x0, 0x0, {{0x9, 0x4, 0x9}, [@TCA_EM_META_RVALUE={0xa, 0x3, [@TCF_META_TYPE_VAR="8334", @TCF_META_TYPE_INT=0x7]}, @TCA_EM_META_LVALUE={0x12, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="2eee"]}]}}, @TCF_EM_CONTAINER={0xc4, 0x1, 0x0, 0x0, {{0x6, 0x0, 0x5}, "8c271dbc81bae5c5d270ee8b8d928ca1f2bda1294d25601055a2a34e4c80b1bf93bdf26311787fe7d1da517a898309893c79ce347da500e882399f7bf4094440038ec50c3c4c874a08e44f80bc8ddcc691f3d77ee64d0b68302ff184457ac7da5daf898e205a0a830411710f7e2368df5f2932daf8dafc7751108c07df5a1e117f4750c3f0d0cbebf8c63c9fa2950e3d896c0211de32f18236632ac4ea2c96bb4fcb98df6322f20c10952899ca108e290f2bbf46b66bf9"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x815}}]}, @TCA_BASIC_ACT={0x10c, 0x3, [@m_connmark={0x108, 0xe, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x6, 0x5, 0x8, 0x100}, 0xffff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x80000001, 0x3, 0xffffffffffffffff, 0x7c77, 0x7}}}]}, {0x9e, 0x6, "90a30ed48f199818cc76db7b63a1b70a2332188f2a4db419b43c238a3cd256b550322322554454b7c0ebcfedc2f81c38a779045d4df0abfeb15fc9676dcc262f543a2f3580ef3f3335ae5c5151c74e188b8c8c43a8b56572d7f63a13fd1ab00251356e0765ea8bca973bf7516f1e97cb6a09bd001a5ca523bc646609ce609f0a531af7798b5ffe1e90f0e275f24191a3d36dd381cee19bc20ddc"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, @TCA_BASIC_ACT={0x100, 0x3, [@m_police={0x44, 0x9, 0x0, 0x0, {{0xb}, {0x18, 0x2, 0x0, 0x1, [[@TCA_POLICE_RESULT={0x8, 0x5, 0x1f}, @TCA_POLICE_RATE64={0xc, 0x8, 0x4}]]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_police={0xb8, 0x9, 0x0, 0x0, {{0xb}, {0x4}, {0x8c, 0x6, "6d78867adb28dd8913bb7cfef21fd80956bd828df1b285bce8470e6ccbdab48d9c64e4420259fab24e03a13f19cff1910a5699d2c43719f4ad84f4ace7daedb081bb87399f44762dd14b8b4010a9ba4698df9eeb475a043938f54d7d29fec03d99d4074eeea73159cbdaec4553df5be4fa7254397d5eb08d56198855b12e4c4878383721f2970bbc"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_BASIC_ACT={0x7c, 0x3, [@m_ife={0x78, 0xd, 0x0, 0x0, {{0x8}, {0x4}, {0x50, 0x6, "601663f4e19f43070383099d7ae335a21a48f1d643853ddf30589106b3b081b0cac13211e2bbc07fc1ab3454fc3d4cf927efa9f2182f1571c9479e759d8036808d01b4ec094131b8db686c41"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, @TCA_BASIC_EMATCHES={0x148, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x110, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x2, 0x0, 0x0, {{0x5, 0x2, 0x3}, {0x6, 0x0, 0x1}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x8dc3, 0x1, 0x200}, {0x1, 0x8, 0x6, 0x1, 0x5, 0x1}}}, @TCF_EM_CONTAINER={0xa8, 0x2, 0x0, 0x0, {{0x1, 0x0, 0xff}, "6a85a67ef8188e1fbc6fda155e0f56a5da6d149a58a243d316c8802150f81213a728c294cbd7236c10be27290a9471b95b19ea61c8508adb6fc3650b60523d737eb72649244a30a809129a6aacb480260256fbe6a0fa20e5e92bcfd2317856d487caec57a8294bcfe1b608da1fdd70a492ffe29de7c0edd588072f8689fbfe821f0686089a1017a98f3b5d298de961d0cb942649b1113a4026c0"}}, @TCF_EM_NBYTE={0x10, 0x9, 0x0, 0x0, {{0x2, 0x2, 0x75f0}, {0x8, 0x0, 0x1}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x0, 0x7, 0xff}, {{0x2, 0x1, 0x1, 0x1}, {0x2, 0x1, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xf, 0x1, 0xda}, {0x80000001, 0x4, 0xfb6, 0x5, 0x0, 0x2, 0x3}}}]}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x3ff, 0x7, 0xb}, {{0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0xfac1, 0x7, 0x9}, {{0x2}, {0x4, 0x1, 0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x800}}]}]}}]}, 0x1ccc}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="180000000003000000000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(r4, 0x80044dff, &(0x7f00000003c0))

3.533334705s ago: executing program 2 (id=983):
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22}, 0x50)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf00020106500009"], 0x0)
syz_usb_connect(0x5, 0x64, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002ffa9400819151300000102030109025200010000000009040000042513bf000a2401000000020102052404"], 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000140))
syz_emit_ethernet(0x39, &(0x7f0000000040)={@multicast, @multicast, @void, {@llc_tr={0x11, {@snap={0x154, 0xa8, "a0", "4eee1c", 0x88fb, "c4e33541bf1e3d7e088d816fb86b7525db41fc1b9a03638224feac52eceb45f8a9d800"}}}}}, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000080)={'ip6tnl0\x00', 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f00000004c0)=""/243, 0x0, 0x80a0000})
r3 = dup2(r1, r0)
write$vhost_msg_v2(r3, &(0x7f0000000600)={0x2, 0x0, {&(0x7f0000000400)=""/141, 0x8d, 0x0, 0x3, 0x2}}, 0x48)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000300)=0x1)

3.431216652s ago: executing program 4 (id=985):
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000000000)="c65a697dc193404fa0e2f58f60b4a27b59b6ba2ced2a80952f4742cd184015cfff3ea1491931aa", 0x27}], 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001680)=@base={0x10, 0x4, 0x4, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000080), 0x1}, 0x20)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201100153a42908f00a71729188010203010902240001060000000904020002ffffff000905"], 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
chmod(&(0x7f0000000100)='./cgroup\x00', 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x6, 0x5, 0x2)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000080)={0x3, 0x7f, "6ac437", 0x1, 0x1})

3.430186837s ago: executing program 0 (id=986):
r0 = userfaultfd(0x80001)
fsopen(0x0, 0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
exit(0x7)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r1 = socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x204081)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f00000004c0)={[{@fat=@gid}, {@dots}, {@fat=@time_offset={'time_offset', 0x3d, 0x32}}, {@nodots}, {@fat=@codepage={'codepage', 0x3d, '860'}}]}, 0xfe, 0x1e2, &(0x7f0000000280)="$eJzs3D9rE28AB/Cnf36/aKWlk6CLD7roErSzgyIVxICiRvwDwpVeNSQmJZchEYfMTr4GRxFd3ITiG+i7cCtC6aKTJ5q0sVrrYE3Efj5Lvsk3xz0PBw/Hc3BrZ58+rC5lxaWkFcYLY2H8XOh+yPN8NoyHTd1w6tWtjSfXb9+5fL5Umi/0f44xzhxbufv4xfG3rUM3X8+8KYTV2Xtr63PvVg+vHln7dONBJYuVLNYbrZjEhUajlSzU0rhYyarFGK/W0iRLY6Wepc1t/VKtsbzciUl9cXpquZlmWUzqnVhNO7HViK1mJyb3k0o9FovFOD0V+B3l5x/zPKzneZ4XuiHP81EPiCFz/fe3zUX9WowHQnjfbZfb5d5nr794qTR/On41Ozhqo90uT2z1Z3p93N7/F6b6/dyO/f/h5Ile/6W7cKX0XX8wLP756QMAAAAAwD+pGLf8uL8/1v+6Y99L3zwf6O3fP1vp95Ph6OQwZwIAAAD8TNZ5VE1qtbS5S5gIIfzqP3seJsPwziUIow4vw18xjEEY9coEAADstcFN/6hHAgAAAAAAAAAAAAAAAAAAAPvXMF4nNuo5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs5nMAAAD//3cQb74=")
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000340)={0x0, 0x304000, 0x800, 0xa6, 0x1}, 0x20)
syz_open_dev$media(0x0, 0x103, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f00000003c0)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x900})

3.129758966s ago: executing program 3 (id=988):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioperm(0x9, 0x9, 0x7)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r2, 0x3b87, &(0x7f0000000140)={0x18, 0x1, 0x0, 0x0, r3, 0x1})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r4, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
shutdown(r4, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

2.000299778s ago: executing program 3 (id=990):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000100)={'veth0_vlan\x00', 0x8a})
r1 = syz_open_dev$vim2m(&(0x7f0000000180), 0x8009, 0x2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0xfffffffc}]}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x15, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2003}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_int(r4, 0x29, 0x5, 0x0, &(0x7f0000000240))
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4, 0x8], 0x0, 0x0, 0x12, 0x1}}, 0x40)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xb)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000, 0x6, &(0x7f0000ffd000/0x3000)=nil)
ioctl$DRM_IOCTL_ADD_MAP(r2, 0xc0286415, &(0x7f0000000180)={&(0x7f0000a93000/0x3000)=nil, 0x7fff, 0x2, 0x1})
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x4002, &(0x7f0000000200)=0x2001000000000002, 0xdf, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000000000", @ANYRES32, @ANYBLOB="00000000000000008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r8 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r8, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r8, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000240)={0x2, 0x1, 0x3, "7e0dfe3287fda55aab25000000000882b200", 0x41564e57})
openat$incfs(0xffffffffffffffff, &(0x7f0000000000)='.pending_reads\x00', 0x80482, 0x0)

1.762068947s ago: executing program 1 (id=991):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x38}]}, @NFT_MSG_NEWSETELEM={0x11e4, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x84}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x11b8, 0x3, 0x0, 0x1, [{0x11b4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x4}, @NFTA_SET_ELEM_DATA={0x11a4, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x32, 0x1, "f41c35682185bac4fa348577506b852e744a35b8a75a79fe7f0f76a6e0b9986c29b3b0cf6848e93e2024521a3d6e"}, @NFTA_DATA_VALUE={0x34, 0x1, "f129cce3300869a76bfa3dd9396c28005a81373c9a0e5c694d9284bc9a0bb739ece7454e63a34af6d45e2acc6b86649a"}, @NFTA_DATA_VALUE={0x1004, 0x1, "ed814301ac66123eb4c2648c6eb2e1dba22a6cdee04176e99c2492ccc261c2a757796670fc898855aa45dc97271784d9bf5be47ca8bb4e908b50ee0ccf5e51b44632ee62d0a5efb7e819ec505acd5dd253002b6efcc0d61a79267bf7cb98d980f8231d92e5f8825ac2fdb4faff8660211d59b52fd00c1db37198395d0789e4d8df12b1064223d9dd1a09da80c02704bb17e0970118570dd718dbd18a0420a7062fbf2816fa0b70d37be42b09b45a893466d8fa60ec39743c161930b7f3750a9a656f1bc4a275c50f31a98c737cd4484405e24888395ee701b08349d0be8070f0f1d1fbe1e7772e00055512843fe97674971142a058163573be6f361f2fa2d9e3c1c0e205163b511f87867e0da8833da228d593310604806354bc1fcfebabf978869f4f7257c8002fc4b45ab3d9c5b4dd55b6954823800c1391747a4ec109816ad865b832cba0f95eda9284b022e39c20988db787ac09c0f46f1ca579c461c53702b87dab984583fb8f700f3156a29e9db42fd741e2195dd99ca20ce89c43dc575e0cbb93e15eebea776cf9d5ddbcc01a48f7b7451dcffa2b3177949d926dbc9e258af835c63a7dbaf93d41e71dd2a623a170514b1ef92ba77b82ebb6bd3bd3a195368562abcda05a929fa99aa7177aa2a8ef036560ec9ea368310fbbdf7e5be6ab336f5a0b2f82ad05223d8c9c1da13e835f20520fdb93646827dacc49391dfb1a77cada0c81c9e64227b7205d4fc72bfdff2f1dd10cab958d1f3d3f4a59b33e0326f0e7e2b98e1b9346e5ecb21bb3621ff1998d4b903429301e3592f074d31146a3481a04bd8bc44c7d5bbf9d24accc61adc4e2fe37265df8dd37cc84afbf8aa1dc8e63eebe4874b6d3a8142ca63d67616e965ded0e2e201f223cd293194af6171aa0d4ca6a6f071e793933ff211c9cb34388634f30ef763a6679c8342e71064d365a88eb0c87e3451ec8ef6af03f109e51f8f5f69d55f6e074350d80f7529e46bf033643a054eda42f7deb3c1e5cf1fa4b66566ec88112f3cbfcb1248cef5ab45af646893acab8ac43b2cfe3e33a73c6423487b219079a88d6ad42ac4424d1feac761a5d80ae0e4994318e27d36e83d315d8b71481bee0ff72deab9568ea2d9a19c3d192971cdd3e1993b914939db9204caf2a46c9bb3e9edc16a46d220ba5331bd381047a913a7e43a3757b66e86a228943a0303a304a33839c8a6176086e8c43b2da1e5056aee377eae04fc252e760340d95676f219d30d6a394bf251ec307b1e1ee26ed3ef3d47ad5169747f6a0acac62c355d77d007c98c7fb3c818cf5026b755404488ec908be169bacd14e0a9404be0692ac00f6ffeb988d50302842c91bfc903a7998e566efa68baf1f9506ce1e01e650a179f090b017192e1976bbfdb5de48b45ab3f87eeca1da6de5a638516ca013158365fb2f41e1453ca08160fdbf78fbc22fd300d8cabeca155367c5414ff7941488272991344aefcafb7404ba59788384b5db507fa80d86c3100a931c9e7e24bd303a850e4ed57238707948ed8fa6bb5ac877c061dc69b3c10f618f04546de25c97def962590fedae996103e2ed635022fa207271eba3fada29a2056ebc6084e7cae5e3ce20b635390300550e501cf04ff68ab5e316c355af73883eb5a13e2d7f5b176f110a0dc68a6a583d43f4c66780e19bca7ed758641fe94deda3c64e738b2aa587a6408b9a4b6b5befe62268adc4da20b7caa8ffc4338d988ab15f79e99f699ab807a3c13aa4fa15ac216ef3cb50bfa99869cae4173b4bb52afe86192d78a3d0ee5ef7b5d509dfebf46eabf48b1f9d67ab19f7304b357cb01fb1f6b56e981825b3750dd73fc267f1ae8545863a346876cb590e20860e27ed6f4f21afe64c06c7ce1c7b593112b36bbeed12e4085e88e8e7c8c01db85572e4408b221758d4626300970f1f16f7e5e05f3b7a6eca620ba6288d94e837c01d1d3519bba478d1e0da20e450963962c5563d1f318df31c03a724fc61dacbc8d7bc21a2be7b62ba0a352992faba3178bb18bc59882242a7109596b2b57f882c73d57ac68694f7a1b02bcf4d1a62b9db2857da3055a06dc3e1d989fe9121da5d9d53bb24f3b7d01ce677518e6d3dbfea52519f3b924e9fd7dd5c6f33ddba58819b9ac259833148a2cec0253131c52098c740b79574da1d76076cd9ac759261a657e97ff92db2863720936796b184807b5ebe793aad86f0e831fe8ca31c98875e576ebfcc862bd6dcae59067c70284ea084e2ea252e69644100ff46bbbd56c716b9ebbd2b8d25fa8cc4831828aa065a58d7d2e200031dda87a8633bca56da34695fab21af330f83538935385dd783b2333522d88e913f292dad315ac8f1d6594a6d5872dc9d564b235789b672d1d4123b4220aab14879d62b31cb9706fbae7c40da4b1d10c66a7eda8609f8efc2a32e228d77b8672ad6b7f2c2229cbaf1143de37e2dc59691da8837a9c5a7aab5c75ade5df3610c40e406c7a79b5b6752c3ec337290064079bfcdfaef4d6e7a40a445c3d9d9ddb620ebb1293e983efc8995e50ae5b5e37ee4e765481c8e131a3810decd0247d0a262da776158d75e109576b80e14e870d9b497255982e9063064563d817403902dbf527c958547c2d16087639a55aee0703e5ce10711ee5e3d71925fa702ad59691f194597f36f9d0f59f53bd709f683d8b672b5f2ad5bd948a1969c9c5b0d3167356e44ebc9558e467d5e91d920a472f93e788c2ff47c4dd52223e80cb62c4684c1a6b4d40c3e5276908a29841f83abccc8a14e388f3162a62612a662203a87987f91cd8a80af978cd7fa644c3fc390730ca2a897cde207ec502b770239bb4df72484f68cdfcdc108848090319a7f951f88a39e10fcd12d5622833ca84b2fea8f62bc67de9085ff23f9c9d0b99854a0644b178d61540de6585f43710d62bfe5391e51ab4721a58da53b136d7b20bd6bc35a32f75dd9aa66cc4d55600a5fb3230228536f03b5f21de3eabdd8d91b365c145e08f44a56aa79f396811f2bdb0d44554b5cd2e874eb9bd3d0d339b69082a7871ba650652b5a054e94da719a968331315ea65ae6f13afff5e129f5f30b1bdab8920c4af344d0d2ff6fccfe16bb0bc9a162a2b98c2f3b380a2bea3aa1f87357d3aabb3278572566fc7ceae301570284afe9a329f69bcafbb9805a7c050d42e9baa702e457c0b90c6f0f8a2d996e175122b335d055c927abf9c3aa75e45bab98ea4e70a84d15954093dc97bcd2524430de995ececfdb94d729049ec316f3693fb0fae196eee78875c1c728eb5e3051bbcb3b02094f84f1c7d76d9c26ef3b27567714a789550cc850436c96f1cb6e82caaca761f99ff93412b88f3a88d39b66f39dc2f64e5e50236c5d883080b1b2f9ed7cff103133e394a702897b8b05e0bf8b293cb0a4ee778805d3e3afa03bfe602509629307a93d896a9bc54ce88582065de5c88400ddd0f76a634c1eaa69f79b48990a0ea2cf3a07a13387d36654c49c7c08fd44aacb7a8d79a99d8b913d4f52dd76ecf05325e8f434c0f2b8c1ecf7dada3a229e96d75274139d4f1cf7d7133fa91f28eceeadad4fff89cda1634e3ee1118f9b3f65c5d216fdce1dabb72c10a13059910244b58c670bd01e061cdc56fd11f980e8975e013e3afe3baa00e4507a01be41c76c179d7f154cbb2b742b21c1c4c86ee39ad6328cde1803e59e60ab881f7afb0b336822ced1d5c3fcc88b4a03a2524f4671f670268a343bcce2d40285f556592ad4dee44f47662758e91806535d39948c718641c9ed0646fb89edc5c6f8aa7be8f8c694042e40e6502ac1f96a247f3c59f0e053a356b8f025574839a60986393887b6d0eddb552025f7c6a054afa7a2ff58f879b3fb38b4a7fe416209f1c764d02d1fb615604a7cd74222c0f6d9f91c3d557f80ed43c99a63525770290c39e07d858711516af4c6441002f2edf73b2c72df327e7f4e6f55ccb71f590882743254cb94000a2129b9584daf9f6775db14c37b9cdaf36388ba010773dedaadfa9ca9df3328fdf8bb58b7b00e263a34a9c1261f2cd0aaee25d7e9c5e34373e478fd3e3963fede85a1c378caf90c43736deba45848fd6362ae6c80cf1ad07ae23cb11e154d8b48508ed3ffe2d63d4236ef38ef19bc6759110e8e13b61a69c21e993b9edcf67809a15ba26debc4151b3d0c52043d048fe4479bd6d71c9944c316cce035f8e915655ce5f278f9f3af2d44cc7c8896d8da3d4b6385a0d7aabf8dd1aeb7d4333b8d20b685b440acdf00ee322e7809bfa4a7bbe944f91d124083e5003b8c24e69308eb88081582e9d55dce0fd5bde15a557e7bb5b71371ae079e3b87024ace411a3a20b2d642bb217cbcd51180b8dc1f462179b3bfb44b959c017dde62cb68e963900fb355417ceeff4eb814cf99328132a83c9a48d8508fc34dd05a5d95afd3cc7cd033bcc63a3703c454037fb763030b7afbaca34c7aa5da9b3d9c04702f59e5af093380b4895d2517e1736224497c178cc6468c39d3e333503f0078b7a406b73b7ca6cd39033ed8dc2e8a8c7cd6750f825621a44040cd964c35963817856d60d360b90b989f63669de7166612522c6910a09a97b2d44cfc78a4849df650667a2721a372bb6fb9ddfe1dc6653b295a74057a26fd803d2d72a5f999ad1770d054a9d6fccf9523df0caba8653c957d043a375fa3792e6ccb237b6754490d45972b4259d1d6dc0a374e5b4de32901a3c6bbce3558677d41fd8386ad9c7651e5fbd65b82c33096f66d5693da76fb9f21e76951d4d84db994d45f295af1f54c1eb992831330618de85282b1450c86cf75e2524cca3f89897e5a910c47c935d483f703159c2465fb9a2945421018b1c7eccb34d81392ee82bcfc3bffc5dc100c037da51485819f44e9e20a6e85e8c29ed6d1d7612aa17db6fee6824bc1a787cbb63a73ed08f7e41d0b3ad9dac0a381dd70cd6ac3350f268c67b934e07f23c88528a0b7b1612f6d9795ab8a3eaf94bc8d100dced339303285728a239f1cb60203171fd27da6d5c86a6b01438de206ebb254756038f071d3a7b1bc23d0c27546728d661aa0934495f1285f7a50bf33d0d1a31d71688ebc5776b4b5f7dc2dfc9bfd34df53dc85bb0da72a20fe71b9dc15801089a39145c7bc4da936f13c9316031f86b4f054daddeed0a369322d3830afd6a773380e39cb44d23bf0f1be3847565411901c73ffa18245aafb16671dc78112f3c9197cc95cd8b090362bc22173e41ab0505c438b68d36b71bc4bf4149475438d3525e1afcd5aefd3ac30dac8e27e7172a34da794e668b8ee02abd74e405eebcec2b56e99ab435fc2e5d61676c413b036557d74f7b6c3afe98dd11654e14811013f2d7df8ed68417ac8fcc93f284b6094c7484a79066a35c44a675229a933d97926a2299f4b160937024e79231b1e701fb548c0f2fc09720b17590be62888999ef777ba3a2bf76a3e24d81fd45d2921381e45930b0078c63091b314a39237c458a9e4ce02823b4ad59dc6f70b67f385506432798e155ce02cb6e29aa1cfab8024c1eb4ff7530b5b9cc6e49982823df46dd2b691df0fa84e0a8a4c3ea26249f91bcc5e52cc661fc3422d81c4049418670eca259c40f9f2cf1ee6ca06391c1305011aa1301cd921673fd0e5a6e609e093fd1fb93812105a4342565e75e74eb2f453c5ef18e71d6fe6127f0ff2a08414e2e2d2d85193ffa6de890728e72e288c007c6b2e9006e53880ac258d96f264ed4b8ea754b2ff97315123853682b201c722316b2873ebf6bc691c469628f9b1"}, @NFTA_DATA_VALUE={0xae, 0x1, "208368214411dc0f1ca5f98e3e8a787dd01988712b40f8d92eafadb03956a9d8e9a7c28c15c96288b490eb3a2e06f17ec33e86ea515430d0cba5964fe42b268aa3cbeda74c192aa9fdf61948fab19d23eb61bc0e9d5086a40fe84239e73e617f948d4533bb1616a4cc5253e011de3b444e36865c040167793a3d607ed86ea8e30dd90e4ae4409f3ba1191429f0b15b6a63fc469c0610225e1c3c3b99baf26e7b0d0ba9c4d071fd1ed696"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x0, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VERDICT={0xfd37}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x0, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0xfe4f, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x0, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x1278}}, 0x0)

1.416069075s ago: executing program 1 (id=992):
r0 = syz_io_uring_setup(0x1bbc, &(0x7f00000000c0)={0x0, 0x31e8, 0x800, 0x2, 0x2bd}, &(0x7f0000000140), &(0x7f0000000180))
r1 = io_uring_setup(0x47bb, &(0x7f0000000040)={0x0, 0xa09, 0x80, 0x2, 0x319, 0x0, r0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r1, 0x0, 0xcbffffff, 0x7, &(0x7f0000000000), 0x8)

1.324551467s ago: executing program 0 (id=993):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
syz_io_uring_setup(0x315b, 0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080045"], 0x0)
r2 = syz_io_uring_setup(0x891, &(0x7f0000000140)={0x0, 0x8c36, 0x80, 0x2, 0xbfdffdfc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000f40)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/146, 0x92}], 0x1, &(0x7f0000000280)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r5=>0x0}}}, @cred={{0x1c}}, @rights={{0x10}}], 0xe8}}, {{&(0x7f0000000340), 0x6e, &(0x7f0000000440)=[{&(0x7f00000003c0)=""/111, 0x6f}], 0x1, &(0x7f0000001100)=[@rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}], 0x188}}, {{&(0x7f0000000540)=@abs, 0x6e, &(0x7f00000006c0), 0x0, &(0x7f0000000700)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x88}}, {{&(0x7f0000000780), 0x6e, &(0x7f0000000e00), 0x0, &(0x7f0000000e80)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}], 0xa0}}], 0x4, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x90, &(0x7f0000001040)=ANY=[@ANYBLOB="8a00488925632edb9a03003d05719968004ed622b16669bd978281cc6330820d03f0a56727015de24f9028bba7dcce25ca846a3024fef2a9bc71b47c5c486673922038923e53fadc99ff7b53eebce4ce3b1688ca1b8996381ca214dc42e482d58c6f35257871e477b97473d573a7d62b3e96d782d441c380191fa11b3b59d2dda6129b78593b69adb98397c6"])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
quotactl_fd$Q_QUOTAON(r6, 0xffffffff80000201, r5, &(0x7f0000000040)='./file0\x00')
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x5, 0x2, 0x1})
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x2)

636.4769ms ago: executing program 1 (id=994):
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002e40)=[@ip_tos_int={{0x10, 0x0, 0x34, 0xee40000}}], 0x10}}], 0x2, 0x0)

486.493866ms ago: executing program 1 (id=995):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="050000", 0x3)
writev(r0, &(0x7f0000000640)=[{0x0}, {&(0x7f00000003c0)="9e26d91653d47390a2f3d5bbf427088ec475be4e410fe43a080c9b4911d561ed6da4c9b56bb4783d2e6ba812504e6ff45adb11653e40a199077be178976183be841781e91588d0a96429e2464a3a73fdb4e9139a6be827ecb3a24f41476a285299a205a09163ac786544415529ca080ccbe610c80d1d91fcc00ab9ae195c394d8c9f3b4b161972ff2a100a668d2844e54ca25463dfe4dcb527bb020f77173cf280e4a61ab5fb36945abdd9236d217b4e651253647bc3b616882cb322a9967d3263f471c681fb21f381fa2e47c12458f1c78382604e7d2459e3269c192d377ed9988a307ab38e2c3dac56", 0xea}, {0x0}], 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet(0x2, 0x2, 0x0)
socket$kcm(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xd94, 0xfffffffffffffff4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
symlink(&(0x7f00000005c0)='./file1\x00', &(0x7f0000000600)='./file0\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200), &(0x7f00000002c0)=@v3={0x3000000, [{0x2, 0x9}, {0x3, 0x3ff}]}, 0x18, 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
lchown(0x0, 0x0, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@delchain={0x1c8c, 0x65, 0x4, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xc, 0x10}, {0x10}, {0x2}}, [@TCA_RATE={0x6, 0x5, {0x8e, 0x2}}, @filter_kind_options=@f_basic={{0xa}, {0x1c, 0x2, [@TCA_BASIC_POLICE={0x10, 0x4, [@TCA_POLICE_RATE64={0xc, 0x8, 0x8000000000000001}]}, @TCA_BASIC_CLASSID={0x8, 0x1, {0x0, 0x3}}]}}, @TCA_RATE={0x6, 0x5, {0x3, 0xa6}}, @filter_kind_options=@f_basic={{0xa}, {0x1c24, 0x2, [@TCA_BASIC_POLICE={0x480, 0x4, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x0, 0x1ff, 0x8, 0x3, 0x4, 0xffffffff, 0x0, 0xa0a, 0x8, 0x80, 0x5, 0x1, 0xdb, 0x7, 0x2, 0x4, 0x9, 0x1, 0x7, 0x80000001, 0x4, 0x8, 0x8, 0x1, 0xfffffff7, 0x10001, 0x3, 0x1000, 0x8001, 0x101, 0x1, 0x4, 0xc34d, 0x8c, 0x0, 0x1000, 0x2, 0x7, 0x0, 0x4, 0x9b, 0xc, 0xfff, 0x3, 0x7, 0x80, 0x9, 0x4, 0x9, 0xe, 0x8, 0xb9, 0x0, 0x5, 0x71, 0x10001, 0x7, 0xf, 0x1, 0x0, 0x7ff, 0x8, 0x1, 0x9, 0x1, 0x2, 0x7, 0x5, 0x6, 0xffffffff, 0x9, 0x58, 0xa0000000, 0x8, 0x859c, 0x9, 0x10001, 0x4, 0x0, 0x6, 0xfffffff0, 0x1, 0x6, 0x2, 0x1, 0x400, 0x0, 0x100, 0x7, 0xfffffff7, 0x10000, 0x5, 0x5, 0x480, 0x3, 0xfffff96c, 0x2095a66, 0x9, 0x1, 0x7, 0x8b, 0x7, 0x9, 0x3, 0x9, 0x7, 0x3, 0x8, 0x0, 0x2, 0x3, 0xd, 0xa, 0x1, 0x81, 0x26e, 0x6, 0x0, 0x20000, 0x7, 0x2, 0x7, 0x100, 0x6, 0x2, 0x1ff, 0x9, 0x23b, 0x7ff, 0x9, 0x8008, 0x10000, 0x8, 0x9, 0x6, 0x4, 0x5, 0x2, 0x7f, 0x2, 0xe483, 0x1, 0x4, 0xffffffff, 0x14ec, 0x4, 0x5, 0xa, 0x8, 0xfffffff7, 0x10000, 0x2, 0x51f5, 0xbdb3, 0xf, 0x2, 0x5, 0x400, 0x5, 0x6, 0x9, 0x3, 0x10000, 0x7, 0x5, 0x3, 0x5, 0x101, 0xc009, 0xc, 0x7, 0x1, 0x2, 0x1, 0x4000800, 0xf, 0x3, 0x5, 0x1, 0xfffffff7, 0x4, 0x8001, 0x4, 0x7, 0xaa, 0x0, 0x8, 0x400, 0x101, 0x1, 0x2, 0x9, 0x7fff, 0x1, 0x7f, 0xfffffffe, 0x0, 0x7, 0x77dd, 0x1, 0x2, 0x6, 0x9, 0x81, 0x7, 0x10001, 0x5, 0xc8a, 0x6, 0x800, 0x8, 0x5, 0xb, 0xa, 0xff800000, 0xf, 0x401, 0x7fffffff, 0x2, 0x8, 0x6, 0x9, 0x6, 0x8, 0x2, 0xd, 0x0, 0x683, 0x3, 0x6, 0x3, 0x2, 0x9, 0xffffffc0, 0x8, 0xff, 0x5, 0x5b9, 0x7, 0x1, 0x3, 0xffff, 0x6, 0x4, 0x1b6, 0x1, 0x40, 0x7, 0x9, 0x2, 0x5, 0x2, 0x7, 0x7, 0x2]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x8, 0x2, 0x600000, 0xb950, {0x1, 0x1, 0x83f, 0x9, 0x7ff, 0xba}, {0x3, 0x1, 0x3ff, 0x40, 0x0, 0x7}, 0x7fffffff, 0x800, 0x5f}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x6, 0x7fffffff, 0x81, 0x8, {0x2, 0x1, 0xb5a, 0x81, 0x7, 0x40}, {0x78, 0x2, 0x5235, 0x1, 0x2, 0x2}, 0x2, 0x5, 0x8}}]}, @TCA_BASIC_POLICE={0x24, 0x4, [@TCA_POLICE_RATE64={0xc, 0x8, 0x1}, @TCA_POLICE_RATE64={0xc, 0x8, 0xff}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}]}, @TCA_BASIC_EMATCHES={0x13ec, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}, @TCA_EMATCH_TREE_LIST={0x11a8, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xe4, 0x1, 0x0, 0x0, {{0xffff, 0x0, 0x6}, "8c06ec7d1bd203f82727b6a94d6cc38b0cf254440e63095a01907b255c4f15dc97855403d07773815739120af19598c70997fe8329c45db079659decf3e926a54e8023fc4b5bcd2180420a0eca12d7bf2dc1997df4c73f822e05791d52c5b653423637d6393fc6b75e5dae58ccb3d7fbe37ee941a1717bf574f2a0ee7a41a80175e99c476065596964d9be50fca191d8f3bc8437efb18c3bc20b3876430e8c37f89d1e8da7074d9f6bdb88360dc811b583579af01b103c8cd682062737a23ae5495630ba9b93dbe1ae6fb56cdb6a27a96057753d0cda80"}}, @TCF_EM_CONTAINER={0x74, 0x2, 0x0, 0x0, {{0x10, 0x0, 0x9}, "8465aee4f02d4ab2dd05fbed21d94e87cef81d09364a93b476868192b4af0be23af2fee7c28c188c29db40be638e7de5a6234dac462285c66dcba0fa8c938868325e90cccbdecb9f73f9754afd295bf0f53d7851c2613c58bf4f3da4aafdce3e1e2ce1886a68"}}, @TCF_EM_CONTAINER={0x100c, 0x3, 0x0, 0x0, {{0x5, 0x0, 0xb}, "1e12bfbd17736c13f2d7c28932d91a6dd49c51d514dbd6e70c0fef623b50b95606a38b6261cce33472a6d1f4257a923ff23d08aa22d7e0fd413a85cd5f47663619dc402619d3842f33f9df9ad1b98efc3fd5416c2810d2fc0ce276c2826631838a1f1d274401248f4e226e1e8361977a49e8ce1a0f0b71cd2c543dad3e8eedb486719f270d03278cfb107caef68c5cf2fb6d8c6834b89c5a445bbabf8535f32e5197d4cc642fa48ea2f11feb5de7b20e1c6a4f185b1b26de8bc419e3312c7abf3021aa15728582640b60ff044c8ae318ea91c83aac60b144f40d14c1fca7a6de9f0a54937d7492da97a47475473f8a62878f96a6ca25185fa43d6c11a7329778a598b9ae9e3df0198c7f767d1af704099d6e289c549dc76fe4694a44e06beb245e693519dfacd95910d06c9fdca0eda64af0ca30b0e2f0e080ce74f3746784a0090414c8d8e3715df1097907fc64c18489df929368500a5b6973bf97f82e67e7c8f2ad3c4fa7f9149d7e5e6b37750620fdcbc81f9c2d9e6bf0b37bd8825d20e777eb79a70dcb8fa8bcdee0786f4ac764f795fed61fab22b434035e1c19d2149200c37f42eb8b538d7554974796073c1a65f3d1ba15ba605f2936cd019acd9c1fe98791f879b39064ea6645e79a24b43a0f4652007eedb86994ed29a115347926d60cf84da05a45a2723ebff1c6f794c7b7ee91238b9a7ec8252a59ebfcc8d13f119271d198c90ddbecbcca95ede7f0fa06237e5fd2ebe9373c1146e349baf2909d26d75afae569924eaf09be3e56b6e94eb95a2a5657fe9cbb4c292cee194598a3192ee85d916a5a48994e7fd343bfaf962d965f64ae628ccb1522e090e1a5df97499caa07d564fd322bfcf170129b3c841ac8c118258e05238ce199bcf0cc0dc4892d29ec80621012c2a7a052149c122580959c7feec9d0e242ac40bfd680e04138bb18a9a4db55ae149d2fd5a8ce5468412fa752bd875f6fec161aadc88bc739831a16bc3a4aae81985450633248e607b8a1a103eb80bcb82713847588d83bacae6d5f04a67ab479119c1f2d7226759462742c063cb589fd2cfe4427b926e65f8bbbf6522f2920ba4516b6d2aed6eea961abcdecbea7989f059ffbc267a7211bb138f1e55450f5983c16926d2dd3dd22666083bbac295da062700565e43456f3a34cd79ee832954130c2706b797ccc283abff90e75f10e98b4abf5b26abb644750dc349d54c7ee0c42933cd794eb424dbfe5f147ce4448667d70dd5d5c37faa5b933a76df27f9ed6902cbd3aaa9717fd8ebadd0cdc60e2df87b51c07d6b4a6173a486d7ff04cbada5b4aa9a4815a09c0d4cc2469b4ff44c86dab965e3c909646157e7f4f4cd224dece584d8fb4e8889201a2b7435ba63b61fc70d6ae841abfd18060af6d92933d9b98a082ce3cedcfd1ab848d0b265aafb7d82db5f24204273813a55fb859c92bde9573944c64d48bd93146d1b1b28e53568746b0846fcdc0763b5924807c2292fee5ed391f76a2b6686eb2b6df9ebde4e3c1dd2cc6e753a9e91ab300de014e9b9c605437fdfaacec4585c6d7721db158c09a1cbe393db98e5e990b58c21b51ddcb624998dda364c287c5afaf20878c04005225dcf7ca258968251ae0d6b16192f76f3bae33134586b300e489ff6b8e3beb00bc1bd77f423a302b77176f7637a97c2d06885fc7864bd4ae9aac1be27d17d0fc3cda8a4a60f1525c7ed3f9cdb13270c55f1ca8fa7815b10fd696a4dd52f5b1bf67143e5cc1ad11c02b8e38a66cb9fd099dc3eb4a963f3f671cdf9d3663768047d860584e1d2e088cc42d31e67b09c35508025ec0966d6968bbf81d3fb93917f5af215cd72b0e0ff447020bfb6010ebabd7aae3cc55d47917dc5d0f0139daba116962c2f8b24f64d5ceb65c595237f57fe10b9eed5ce70c5e46b93d938b4bc89aa47cf123e00b77007b18079c3d6b9dd651ee6c102c62ef0a66f7166ab4f0e36a5d0bff85c48074bfb79503717c244016e49309caa747efc9a8d58c000e01f56875a1936869392900d882723201cf6bad712895534b6a75f024868d6185cf5d2722b8f31a2bcd9bb0e33700e3d08a596338146f758caeb1384ec6a23d1618afe0a2bc79e0f41ecfe4b74489247c2885de7da1bed573be3ccb9e376b98884b40b225a499a0f1ae7987d59cd0eaf13dd2caf07de1b358dd03d4b12de2312a44776eeb673eee57dd82e8e70a44ef64970770433fd64560bd10b1ab8b5db236c20c5c82852efd8b2755d9c74af0a33fd5735a94379fafc883fae963d9ddb7080a102234d34da31595fbb1befe1206bf69e13c2ef1e0c5afba3cbed12cca96ef94f2e487d55d3ad1a29e492ee77439fcb2d6d0a47d82a23c2dee26769634c1555fe51e43ab7b5d739162a2ca87d7da9cab61499f729b3f54afbfefd84aa0238ac16a876caa654ee2aa048048e7a1de3e5031a7bf005c57dcb2934b5f03be8de8d0dc7f3f2fde95fff5d3cb18257804d00d88eb8fd6d0bf66a81fb36eb7b0175f672942fa54200110a4eab3e30daea3420578473b856b1febc55c1433f17e4e01c1390ea57bc741a4ab3a82a8aafa93639a09d68b9461b70408ec597f8ce896e515576e85819b98f2717e3c40e331c96c33cba91f6dd0c53dcb8f72b86580541abf1c4cbaec86bdded010be1695bf58c0cc5f18249393e4107efeb6a9db3ecc3fd75f905e8bc90bd3beae83c0dd282ba6db3fca8e6ba2b30f4aba7ba63ee8ae14b6c43f33667535f1a102bcddd2ef86f94bdec729e199d8457fefa85c071b6226654506c591967c4bccaf3a08dfe7de8e2898bb76d8bb92b1d1b46b785f5155cf21ba8fb3bf8520d851724be063753ab129e7c11349fa86dceebf7ca1a4258706c676fd8c233e3af890a8f736e0e9b1e7cb159a6a8fa86c6c85940f3a706e33729f2c9b002e9f97ed86753f4b34d54fd85b24722214f154f056e388484be810ab137bac93047456d6d3eda39e08b164bf6bf4d40f44570f562e3d1c74ac7cba14ace6f14eb90dc173b752640e884f7191ed890dc99c9fdf9be1a5c2ecf8c6e99d373a4a806382ebc19366e5c1eecba2634647a2d034d029c9e4705a0e1e8f5eedb338c150bd682eda642382c596e1278388105877d2163eb8ec8a6696ba8af891096e139a7785ae6d4131ada76f0ddacc07a174f8a6564536878a8067d276d672810c2091d4138c354f1ae352ed994e08a5f15f0d3661c14dc777e8e11525ca9a97482a6c8ea76d173e918903787fc232680f1570286392e9b7808142d603747351538145d0de8a177106ddf6db4ead83a446ec9b5c867c4a81d2d5430ac1be1fb4da64a201a9f04ac322fbadc050b91e33fe0a8264c3dbfff6865b5a4e2011cce8adee29304568b341e2202a224fbebf8df32176bad9f987d0cb86568dd75133cbfc2e8891dd448ad5634e6ce78c2a84a70ec6dfe21b86f3aeece572aa84b1b8bbb4cd236cccc29b4720b13e40e7fc92b95d572f2082a6f969d6dbe746eafce7a0d4cb44fe90f40ec9aaa1fc55134bc4f12293a62e5c952d6cf7db89e63b4db12b98ffffc1b12a04e50b4b5e90fe1cb2b24b9b8b338722d6efcbc1213b9bae04cce524c5836b5262508355bbd19b1f16785e720c0666eced07e7ed911edba528776ed5a706a5ae5e98f2886129b4929c0c0dc95a0062905cccdc7f3d48311ece3e33faab217d5ecebcccb339b84573e70776eead9c8786de093fc3a0d347567f94318b2ec09ebc6ba8eebc3b440007dce282177ed29db2ee48501c909956c15eeb28f4501651c780fd1017bb2bdcafac573e1e437ae6ce9a6e5eac9a55f8383dff53a1ca5338f259e0528aed230f441cad90c4117b7b23f1d864945dbbfafca879aaab113de2f65d4ccee56436b77ce970ad9e67e4dd2bd5b48b9799c33fb183ff3ba2f629191e299351b9c955899f93f8cd6934cfeb7b0f743f1a69eeeeebd0ea749b58f4616286f971905803631f3615255df7dcc1243eedb71a0f45c92d28848cf9e991b4d42e1fb58f5c9ff8a8adc9ec677cfe4cdb36e9195a5bd7002713a82c9e9d6d8d97e077af2f6cd6963ac3c09d41300de2cb2546a4adc85f83df0a2f32e27c550a9fc56f93433c1f967abe8faaa1b491538773ec2930933fb873592f64c7e85d5db423f52546f8df46da66a5d7c350d6939b4852d254217de9fc6487bbe020ed6a3091bc690c6cea0e166b3c0ad5058e2f38e8e03cadd90d35dc2dca9bb9f557e42f64d3f88eb7ac7ab9899c9b2066ea3669c629d225723b87eb48e59f3630452868013803f87e26edc35891c61b8412af0dcc1679c4634e07415a48c6f1d5019286c32f257e5a51ea81a52d41a3bcda9a5acc5dd559d642004abf0ae16a5b88d0d0ede98eb36f23908e1e4b1733284627e14025fa3f7598eca9d446c9eb292e2850c1423477ea59f4b2da5e43b8d1258f6387ab38d16b07849b07a9e563c49b5f451ca99b5f7e647e9a5868a13ee9e342f7a7ad5d246118c5bef22d6551a75940b22066748a5a47d1557f67f9bec84aedb980ff74638f29fd15199a9f83e4cd35615815050c0c67f0d103da75697ca8734939d18009dfb4408eab9dc73896a44a9be0d69c77f2d91511beafe21a8c9209d277b5ef88280d6ed8a5b190eb37b8b1b666d7408e514eeb34428604e2b01613c3d65fe49d4d765e2ac3ab33906ebd0409ee1fa167e8729224eeea0cd76d5124835e27c38339554d92fb4fd952e09fd0f8a79a423a8f8ebfeabb6da9494e39b3a68479802776afd4138e5aee0e5c4164507592dfc495fe377fa2a1affebb14a938c5015d9d65d945c49c4efa9bac3387165df93c90d5cf26bbb12c06dd4085bf9e32d3c3aba54891a71ee4628bd09db870175d3cb9c35ac07388de94e14ff335769b3ac0cf615b6ee4fdac05972c55e2cd30302fe0392664c1d6b6dbd090c7985aa7fcc3cd6b9046fa0135bdf2be864739b8cc14bc29762efe1d563e7ccae92cbd870a072fb6aa4d6f412377ca77e9472dc89cfce7686ee7d47e7c75e0c2ca54fa08392b620b3b4b50bbfe6625cf1b46a580406b51875c8cca67ce81391e9ef6ede92acc7a751d4fbfee8aa4022e5180895656b67b2fb30ed72f9670403d170897227abfb576177907cf5aa3d98f77a2b4de8871fe4e64732ca5547573200b4f3066ef5743129c4091c7689385ff4d9b6c67eb7fb8ee505beaf1def2b676478e5374335312d3d51ae6c6939662651055ad88c08733ce35d7aff236178ad1f87ff996119cb251af0394b952cabe0f7844f6b9cfb1aa29550d48434164d7bcbcb96a7969019ae8bec26b6bbb1a9f6bf00db504425c4232e92a9e63a274a6d6017eefe616f176d4ee35212c83a7e6d50a9c4c24fb9462778800cdd63be2401465a3c72d3c008b116584006e1e005aaef72bac0f0e4638c9fb0c4e2b3168e3cd42648077004a4b06c7eb38672f0717dd6939d7c486a2be548b2f0d6fd0a530943824f73f46dfde889d8cb388c082a7f8eecd6f6e63081003624bbc8dd43c54f0a23b7913c325bf75ac8e36d8d8e5e43125153d5007563fb6a4c02f7cd44001d624d0f9932b6eb80d3ce3563acb31d355474035eeb66de2a192bfd5536fdce59c18b6da2609e8fee3a349650ae14473cc3549f58c75d532b1892fa636685085d2b9b109f7166d17836f1aaa973edd100a44d31664b5f9d6690e7a749871995a242b8e3f88c8ee018bc3904983c62e44448e71954c23cfb5d09561bdffc164f7d90a813786e4cbf6bde66cfd79dcd20e95f733d4f75c"}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x1, 0x7, 0x5}, {{0x2, 0x1, 0x1}, {0x4, 0x1, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0x0, 0x0, 0x6}}}, @TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0x8, 0x0, 0x6}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0xf72, 0x7, 0x7}, {{0x0, 0x0, 0x1}, {0x3, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x200}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x25}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfe}}, @TCA_EMATCH_TREE_LIST={0x210, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xbc, 0x2, 0x0, 0x0, {{0xbbe, 0x9, 0x6}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x7d}, @TCA_EM_IPT_NFPROTO={0x5}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x81}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x7}, @TCA_EM_IPT_NFPROTO={0x5}, @TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_DATA={0x67, 0x5, "c13875963d9b545a1aa8cf48ac2ed46eea691f4fe0ce985579ed3c8a21b47302f6fe094426cfe5e94406bfda399938f2ee238e22e7f100e307ef4b58103d706e38161b57534d224178695e00bd0cc1b31703a1c0831d6a326be36dabc451913b6ac581"}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x1}]}}, @TCF_EM_CONTAINER={0xc, 0x3, 0x0, 0x0, {{0x2, 0x0, 0x2}}}, @TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xfff7, 0x3, 0xfff9}, {0xffffffff, 0x75d, 0x2, 0x7ff}}}, @TCF_EM_CONTAINER={0x28, 0x3, 0x0, 0x0, {{0x1, 0x0, 0xf02d}, "a095129a67ef212362335517e57e5123519bcc5a47224955b955"}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x3, 0x8, 0x80}, {0xffffffffffffffff, 0x2, 0x2}}}, @TCF_EM_META={0x2c, 0x1, 0x0, 0x0, {{0x9, 0x4, 0x9}, [@TCA_EM_META_RVALUE={0xa, 0x3, [@TCF_META_TYPE_VAR="8334", @TCF_META_TYPE_INT=0x7]}, @TCA_EM_META_LVALUE={0x12, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="2eee"]}]}}, @TCF_EM_CONTAINER={0xc4, 0x1, 0x0, 0x0, {{0x6, 0x0, 0x5}, "8c271dbc81bae5c5d270ee8b8d928ca1f2bda1294d25601055a2a34e4c80b1bf93bdf26311787fe7d1da517a898309893c79ce347da500e882399f7bf4094440038ec50c3c4c874a08e44f80bc8ddcc691f3d77ee64d0b68302ff184457ac7da5daf898e205a0a830411710f7e2368df5f2932daf8dafc7751108c07df5a1e117f4750c3f0d0cbebf8c63c9fa2950e3d896c0211de32f18236632ac4ea2c96bb4fcb98df6322f20c10952899ca108e290f2bbf46b66bf9"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x815}}]}, @TCA_BASIC_ACT={0x10c, 0x3, [@m_connmark={0x108, 0xe, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x6, 0x5, 0x8, 0x100}, 0xffff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x80000001, 0x3, 0xffffffffffffffff, 0x7c77, 0x7}}}]}, {0x9e, 0x6, "90a30ed48f199818cc76db7b63a1b70a2332188f2a4db419b43c238a3cd256b550322322554454b7c0ebcfedc2f81c38a779045d4df0abfeb15fc9676dcc262f543a2f3580ef3f3335ae5c5151c74e188b8c8c43a8b56572d7f63a13fd1ab00251356e0765ea8bca973bf7516f1e97cb6a09bd001a5ca523bc646609ce609f0a531af7798b5ffe1e90f0e275f24191a3d36dd381cee19bc20ddc"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, @TCA_BASIC_ACT={0xc0, 0x3, [@m_police={0xbc, 0x9, 0x0, 0x0, {{0xb}, {0x4}, {0x8d, 0x6, "6d78867adb28dd8913bb7cfef21fd80956bd828df1b285bce8470e6ccbdab48d9c64e4420259fab24e03a13f19cff1910a5699d2c43719f4ad84f4ace7daedb081bb87399f44762dd14b8b4010a9ba4698df9eeb475a043938f54d7d29fec03d99d4074eeea73159cbdaec4553df5be4fa7254397d5eb08d56198855b12e4c4878383721f2970bbc64"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_BASIC_ACT={0x7c, 0x3, [@m_ife={0x78, 0xd, 0x0, 0x0, {{0x8}, {0x4}, {0x50, 0x6, "601663f4e19f43070383099d7ae335a21a48f1d643853ddf30589106b3b081b0cac13211e2bbc07fc1ab3454fc3d4cf927efa9f2182f1571c9479e759d8036808d01b4ec094131b8db686c41"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, @TCA_BASIC_EMATCHES={0x148, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x110, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x2, 0x0, 0x0, {{0x5, 0x2, 0x3}, {0x6, 0x0, 0x1}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x8dc3, 0x1, 0x200}, {0x1, 0x8, 0x6, 0x1, 0x5, 0x1}}}, @TCF_EM_CONTAINER={0xa8, 0x2, 0x0, 0x0, {{0x1, 0x0, 0xff}, "6a85a67ef8188e1fbc6fda155e0f56a5da6d149a58a243d316c8802150f81213a728c294cbd7236c10be27290a9471b95b19ea61c8508adb6fc3650b60523d737eb72649244a30a809129a6aacb480260256fbe6a0fa20e5e92bcfd2317856d487caec57a8294bcfe1b608da1fdd70a492ffe29de7c0edd588072f8689fbfe821f0686089a1017a98f3b5d298de961d0cb942649b1113a4026c0"}}, @TCF_EM_NBYTE={0x10, 0x9, 0x0, 0x0, {{0x2, 0x2, 0x75f0}, {0x8, 0x0, 0x1}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x0, 0x7, 0xff}, {{0x2, 0x1, 0x1, 0x1}, {0x2, 0x1, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xf, 0x1, 0xda}, {0x80000001, 0x4, 0xfb6, 0x5, 0x0, 0x2, 0x3}}}]}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x3ff, 0x7, 0xb}, {{0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0xfac1, 0x7, 0x9}, {{0x2}, {0x4, 0x1, 0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x800}}]}]}}]}, 0x1c8c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="180000000003000000000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(r4, 0x80044dff, &(0x7f00000003c0))

485.954413ms ago: executing program 3 (id=996):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x8480, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r1=>0x0})
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000340)={0x1f, 0x1, @none, 0x0, 0x1}, 0xe)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000840)={0x28, 0x2, r1, 0x0, &(0x7f0000007000/0x3000)=nil, 0x3000, 0x7fffffffffffffff})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000000)={0x28, 0x4, r1, 0x0, &(0x7f00004f9000/0x3000)=nil, 0x3000})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c250a80bffd00000000000000000000000000f621791a165a0f9895c989d03f77b848e13182b954b27928746b8b1d18c6b05f0ff7486c004c0dc21760a033c02a30c0794698389859c19842746d4dd2556e837ee31945da7caf058c4f31ea71967af0d278c0115eb81171f4b3caa6723ead2760864d3774fa96c8678f8b2cba", @ANYRES32=0x0, @ANYBLOB="1400020000000000000000000000000000000001"], 0x2c}, 0x1, 0x0, 0x0, 0x44044}, 0x4040800)
r5 = userfaultfd(0x80001)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newtaction={0x60, 0x30, 0xffff, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0xff, 0x2000000e, 0x8, 0x2}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0)
quotactl_fd$Q_GETINFO(r5, 0xffffffff80000502, 0xee00, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x91c6b000)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000002c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, 0x0)
readv(r5, &(0x7f0000000600)=[{&(0x7f00000000c0)=""/114, 0x72}], 0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="680000000001010400000000000000000a00fffc3c0001802c000180140003001202000000000000000000001e00000114000400ff0100000000000000000000000000010c00028005400100000000000400028008000740000000000c00068008000100ac1414"], 0x68}}, 0x20044800)
syz_open_dev$evdev(&(0x7f0000002f80), 0x3, 0x484000)
syz_open_dev$loop(&(0x7f0000001580), 0x7, 0x30400)
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000040)={0x28, 0x5, r1, r1, 0x3, 0xfffffffffefffffa, 0x3fff})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, r1})

399.448224ms ago: executing program 2 (id=997):
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0xe1c018dc9a4b25b0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="378ed71e90788cd496bfc24aa043630c288ff0", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r0, &(0x7f0000006e80)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x20ca)
statx(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0\x00', 0x4800, 0x100, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x11812410, 0x0, 0x0, 0x81}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000004540)="03684a7b99a4fde940f3ec0d105ea2c8267323117153aa4a4f099c3835a607cd5cbd77b83cc33d13bbb6c6bcae59db739af84a4b5d34bffc145f3cc27ed3d4f9d9b3103699a1e1cc4ddfb6c1afd07ddfc18e358cd62649479724ce867fefc0a15041bee9f6084842fb982d5c2cf1488d668b741c64f0a6fd2643e729ac5a56462a6b64d5a0a751fda4fadf63ba0dc2fd14ecbf546918db77095545b41ab170e5d6e8ec8bf9ce9b8d53b832e90c701fe52af7999f8fd509577ead1be27891ada8564167f2c7d2eea1c1c9c65d8e151c58ddee43ec34e74d330ec50cbbb2bb21892c7ca995066e3cbea8a69d94dc6bcef5f3c0ef630e774d092ea58627f3e09c66a9c7d1abcf4f8f8af87f4269df288aca9bbf758275ce9695256e764d185a91a7570fca3aab16c75ecaff6b8dda371c3226d6ec6e55c5c4d8cfc5c33892bacc956a3613bcfa849da1b5e070a7911d7488b3e628d9339718e8b821f1bb5d5c45f0316bb563d0a442801412dfd5a4d61ca657e04d6686f7d5863d57954400aeee8e79be8f3cc4cbb3d4b91269df039c3d3543e500b90a2bdc6eb60cc7afab7b5187d88fbd76e6212ea29e872b73f925287bdc808b4a4f8ec7f8aa08bc90b29e217c3eef69d8deae4141f4f9bd110b7bde9320e7b45f422e9a6111bcaf99c9911e46e219d3bab477926bd5d2e78d4cd0eca133c232b1e863fd7799dbf609f3670b323e5518e8f4bd36e9b3da2c68a28eaec9cac688b4dd0b73adc24a8c7acc264399b7facbc2f43e8e40b6cae9f8e956d1dbfe259f12bae75ad362c354050ffdd6e954f2d7615fafce888bd6f672a81c9fd4318caba765069c0a425e898bf7611b77f0fe61c27d318159dba42f011900246c64557d27b77aef928ab04a147baca37863cf998a2ac30b903c0314449ddb218887c309ec7184c8c733f5d4e7b2d79516e9531c9a5becf8294d6ccd777f285b13160e1c949d3069c6c66c0daa62bac679bc9b69825398d1c290d765e882fa2c8708b20ccec885ab6785dc22696b61c109ff84bc5407932c3e5bf12069a68b8e3333a26d3dd390ef9bc01b86013fbcb5c28a1f4d2b8084f1502fccc4027a124c3629d8f4a8befd14b597cebda5f94f36050a31b95087cbac347788a71a90e87f2187fae600aa42719c05c2859cb30ae0fd58a7bba681f7a6027a00583071def2c9a94456e5d9acb9fd2d11fdea524582489c02377bf7f590948985c769b3822cb6366681d79113c6a6c752f2475caba77b7b2e8f293d7fd9b991f63e254c98dec94f4f3def4fee9cdb56ff3ba7fe6a718cbe9a7f04710e257ea8a49d6605266048fc122d4f3173d4b04b3e282bd3c5198d7fcb72ec38e0b07dd8a541b2807e601e5a0a01f07a281e0e1a261c65977088a54597efd0997c59647aeebb2605a89705eeff3ec780e302e24b23a0cbe4f81367c3f118545f01328d22eb8e802667389143166a9db9477c9b58eb5c76a19b8f8b2692b0d356003f08ae54dfc820d8e357ecbf91fb7e212cbef1262171abaf2f613a5bb59b783cad476fec50d16ca0ac13c08a59a3097e6e3fde700a4b987d10311fc22d4aa210956cd859799f78010e4c0f25b715876aa253df15009490f71be3b0022875161f537c70b14bdb9e2d87a5a11b414a1198533c7de6fc4d22228133bc26b19d9f1e7627b14c72e3c39d3fa2186a42e50a0d1867dc312f94c7209d51475ed4aa80b2ccb0557a40422bf7317de2fdf3296727723a2d23babd5e23f7c3edf4942bb485b95a122e6aba41b8f80f684f84605462448d5a4fd66dfe9bbf80590b9999b4780d4f4f189a20f4400b2975df85b584c8c8f9fa3095f13aede1f52dac98be358b0a0d72bed4df71cd23973e326179580268c4e5d1be4b2ae2e1e2dba913998faa6088af128fc8fd3ae26203a898882b67d86d63f6ee8f8e216337330db6d928facf9d0ca273845ee5b33a0a136aeb48b7c52d3b95fe73efaf06197ec8753ee0349f19db8730917d0f18a2de9602d3b887bc583ff64dfee67e2bdf4d5cc1c341b89acd3dd5176d2c15ec2a77120b8a49591ca438ae36c52845e5dca550e539da9ba2a2eda49be316f3d6d4b7c83666bd4759940347c29dedd273adac722630a940e104316b4806553ded47132be4e31a50600f5a4dd56825b245b7aae853f56f79e0ec31f7b5db945ee3bb92865acb0d8828598e77446ee50ecd8bf5e7ccbd963445a09e3be215709b0b3bff2e9d12e6549924338f236b4ff973682e2e03fbf6b167e3b3a0f8c3f3c1e8d0e21a71937c918cabab50dd74c011a1a5531cfcf88a5df5fa58f17715f7c7b3a64d9dab6f20a596288969191420ed71daccbae7c1ec88bf74811b5e1f4bd306f3d810c4f3600df2903ffdf8db40ac7153fd93327a1065cf2c4590c8ba9f9391eb6aa600cb42aff8793e4721afeb3d470beda45dad9adfc6f4fdb24eafc63792f5015c656ca37cee82b7ee382bda31d786d6e03d4c8611c4ca464e2360ca747815c9eebd38c8fc7d5eea2db96b29d771a96dc5c884029077125bcc31980564555d21ecce5d0388e1bc1e618c7dfb31b02b1a6730db7eda387dd4ceb96f65178bb088e81133e5086f73c458f84139685ef930945a51979faeab539e4964244709dcb8b38f575d3a3ec1328a0df65fb34241db7cb3250b8ae0dbc44670d2b5cc3a1785d8d281c05256ef2beee3b202d8bce053e55ce1fb2bb208e65d488ae24484b00c2e343fc3544ca546406688022db6e29ceca9539ec095a2a2cfc5f516230f75fc961c5de1e8d33222331f57db02cac5f9208029c6114d041bb1cc7f959f77511f5790a564600c018afc253e5ecd5010bd769b45a04296ca09e87fb63bf3d3b51dd8b3f6d4426a03c0944d09dff654c5718ab1fef063caba34029be6811502e8bb785011dd1e34b0c192915adeeb40faad0725a8f9a62acf61b944a271d20567f350cdee22d76e3cc5966ba742d9c43823af19ba74c60da0df0c5f4e7e26af7224147774a1f8ae09f929066e1769ffb3c40ba9fed13d2670b9e865a155426ed5c83648c0ad34e46f5308b455e0835730fe529668b606f3f52b0d04534d0e14bc0ff0f742359550e6980ac9978455adb3de0f292af12a3700453e035a49eafe98fc0d7f26e42a6c41f380448607b7c96291f98fa6bbd7e32c249a49171f8fa81762a490a1ce5c39d66d35c6ed6c0679440c06197c2e24d48e1de81c711164c02820816afb5393d3d6c801c3c062ac46d1494f52c45ca36faf94894eec9d71e1be6c7256f4aee8dc080156b28623c821ef8d1826ebf0a41332620f42589270e142561374c825e828e2bd9ae41fd34959db48319d54ffe7a1b58ae8f7361cbaee8e26e0e7e1b7f125f8cd99788825efd01c38ec987904190a0ad52bc20cd36cc7209f9269ac87b2fa44d2456661d3056d893cf912c69ae6b2b83d0c781a6d6c33df1910867b71257ab74e244e3ebbac07445069418fe2e440a384e16feedf8e3165676e67866430eb6a8a5334620d8c2cda15b0328bb0c50630886353f95241cf4f3b647a4ff812c70e1b074c4befdc70fbfdbf868bcc81652034b5bfa831f1b686724046dcd17ac91ace83711e9ec7465d14c9d508bce93676a58ef7dae37221436865ad34ac2fd691e3b3e12aee6736dbdeec9b1c05fcedf8b9ced547259a1a40471ebe8b4bfda69d2f884da025e2809fb9f159150bbcb331ca3c502012a7fe76b4fc2771976aeb624ad7f2d72c707f5f19d8ded84581ac5afa697ff99d27d88c9588fe769839c9cc9d6786a0f814667527c53b6253b1825bfe17e7d734d96d61da0ae7349d0922774fa9b4baf332a4568e32cafa417ec659c4ad72cd656a1e2c59c8dee38890ed3acd8b4f8657de41f670106c38c38ba1a553f0f589a57c61f5105d70e0c0953459383cb9337ca972cda1d2cd3056eb07f21c1f5b995a04997fecf501bb201c67fd2afe4d44fedea595969b6b3706087b0f59d2ddbb099d60436a94f0ba33282b29f6e914fe92add4b33cf70b680b905cfa2b2ccb00b9967f99806e8d69783fd35a2d7fbb424e9fde2647609aecb0208bc3864bf95f05e50ba12123edaca8de927b338dfcb3cc597947c606c08315061a7fec98c48f480e2febd26fcc8dc12289aeb0adefa2c2be1766a5bc74ef1aab6c2cdbdfbf1810d956bc889c8e614b7b933ff6e336bb208db5b592775fe71c3ebfad5f47e0d074e1c0cb36761481ec677794f23c3698bd35875719f242e3fc939bc3668f9723f31effe189dabdf4ebbed073eab952c88f13059eee22230bc7724d7266b15726a0b0898cdd274e3e56d0a356166b5d16456249e9e92e84e39f61c0ecdf99ec2cd230440c03fd21cf68f27306628d35ea47367775f39d20a07f3959b38d49e3674061fc1018b647047ad39f77027878badd29927c5806f95aebde5f070fed28ed34052550678d3c6b677a3b5a46f76a98264c42206bf62caa95df5437092b68e025ee9ce2ad733b6db3ec97fd33cdc3b2f77ee90dd86d8bd289ae1a437c86f4153ddcff5e846347bfecc1499bb42980e4fa91790faee1b1991dfead5d7c460348631f0469b2b9e8f65207a00985511e0c41f441d9a3154f5a0298c172fd7135d4bf95c11cdf1769db1cc55f392aec309037599327a7c53c10a56d1ace8ad19186a2fc75dfa9d657c114eae99c1c1a6b4a58440718bea82290bd1c2a67048938c381648ea2b2c7110d748c9c8d782f20430b1427b51d7036e55b0997c6f75717db67a82c88d3647ee036b49392f0467d6010b32f9de3e5e79ef082c5bb975d11d2bf76a97f7159c11a7753db8a065d3126ccda9abbebd2c54374e389942c24b27435868fadb45bb060d3c1084b211e2afa8dfaa2d8dab8dc47fe10e6c32afece7c4976176a7c66d704125c0948c238c843b41b0246be1f50f8e07884cfe7ae8885ca06339a339c8d5978b079e0eb78facfa1dc67ca70733dfefc6c868ca149e0661b70e0134870a3107c8c46711fed14f892d6fc66d95306838688f13b19e904416a8d161cc33527878b38ad10b1c08db21457b2075608be7300d39748e4fcebe02b190f3e8ed32a0ef734b11ca43a21f5f809bba795f5aa0ea01050021d0f5213620af5b08fda6421a42b7c82804a20a6ef6d471babf76f46538327f943476d1d109a3f0dc531233d6f93d8dc27f4745735085f92adf63d617b373fba24f289035710e69eb80da12d36e8eaec22620ffaabadfb824bd5fc309a2c74959505856b5b890bba8f22bc571a9d87e93ba3b9aba6dcf26f7076c0c2e271641835ea25fd49d96c69d4fb8bb8731bd2cbc75146aed10d269f9060462339cde8830b535920be3dbf143eace0f1ea9469b95a64fbd7e5057eb880d4422cbf97cfc3f7140251d4923580ca2113f345cf24a66499ceffd2e39dc4fd74cf448638962957b409f0d218c165c13ffe107aa1dd1d9a02092cd46cf2b353dd2d2ca7b8a7ae8eda0ee18bba269bbffed0c7d400497aee4da0896cf6329d76ccea098fbef9075412d1c2a3644cf0f202b884303d204314ae92c56217b2feb5e7c1e15a99fbdd655fb8f6bbc3ab1259bf03b2ee17c5b7e9443695177ec5040eeff3fc36ceafe143393d76a3d735cfe6c9b632e52dbe64dc1265961e8a27ee9f76c0add9e0581e474d7678214f5b64c932903715befc6b766611f1d7e495573b9a3e009cfcb0ffef7ac57c3561badbfa41c119e541180aa2364de61a601699cd1bf3de01d15794b728e1444efd6ffa1e57d95489c8df91fbc057b66dd6d9f3a01b19f36bc99f0b54ed1f9905067dd1608bce47f5ff1981a25184aacd39e331d8ff3dfa7c012d7e667a69249cb4803b23f7eeaab8ed29c69ba3d2a1b88821ffefc5825650c53b6364f38e0a178312f5d29d5375423cceabc8e1c4e51a566ba3f9b176b858c8860440ff8ebdde725640d2dff6b9160bb69f188755b0ff766b410704cda4c33e1ae2c73b5799a00d2f55de73109728b350302b64df2ce3eaf2e0c6561009b60c2701ac493076305e97ed20c3b42f40b2bc7f13bba4ab8181e2085b07930c6f5579205dff696902be824e65ddc774e886e8d261fe74712a31e406b0f7725b4559d7ad0f27a1a870261aa5bb8a720e7c89ba933770d48821416de070df1abcc6eee1147c20bda090d940aeee2bd48c0f3d94675d9b9cf1a62ba50e31a7af0714dd8325d5fb7142e88c4d22ddb8f0278ee6ba88e361524e291b6d000f6523ad4188b021da9ef4a634ed09eb2002b9c726746c9ffc32f261edb448106aa1e2daaed865255fd1d296fedbbb2de3f7c1f15935e52006492b632ad125aa1e000c9d71bdb945792668e16b26122a3fd7cba1a40db8083068c5c48fd2aaa621c87d9f5621bba442fc26839030dbe4e37fda4046d6503bb03e0f928de25d4cd4e2a40ec93c9021dfcbb25f6e2c943cc85eba8123340d6364949581e8c8c2913d59dafe4297672c0b9e7418485f00cbcf672a588904beb3c074bebf339815b91c7c374ceed5a701e1ade8f5d87ca536120116307ac259577a8e12958425317c482d2c7089bf3d83e12318d1526107a050f3c094492de7255b22e18ca2ff261b3ed197f2f8e67b71b1c5a6a04b99158b58e9baad75201aabe13254617d0de0a9073af62491c67fc18d1ccbf7686a85a99b39e9d7d9c85a0777e47c9fd0e10c932c20f13ef287b44b9b706ec818aa0c48a10caac58a9b8355e84bc820698c2501f0c12e1b67df701cfcbe72dc47a2c87d43753ebfdb24cc838507e241d9fcd3d4955a373209ccda903a3ffced05e4232f2cca9bba197fdba8a9357cb1d6da6d9b4095027dc03e17d59ebc2d358e171da0044df102b193c79390ebcb58023b40c621df71e064b0056bfcf1eaee1eca85357cd1ac78feaa54bbbd85596977ba85003ea60d8685f4e3b756e4f81453077396590fa214f672929e81569442023667b798c24e06ee20dbf64cfccb51b2bca4e2a5b0df137bb37ab3e2854dc7e1b879866a72a5809b563596cc9fd3e53abdbccfd5dbc60662252ddc5c290d72230d79b7504b40fdb45ded2f02e926652c1e04ea4c1c488025ad1098adeebe98e385ab1caec4b9eb4d3bbd5ef3ddf1fd0d72784604a989558fd37f6d4fee20609090b3331e254fec98414a2c54589ee01c9429b7cb574b9167efede1d966a227bf2a8e422f38680d77d3c555cf1117e7d7e804ad730c36a78b7846473d6481bd0839bd3e6982ed47246c370a90b76e5b88de202346fb20b8b6b5ecb6a90b8478d17b175a1821df75b48ecc34866fe5c8960bf64d5ff92831bb9357474bec65e0dd1699b0f0340ee5ac5e9e9d3df66edca20201371fc21ad80aacd49c6b0abcfee9c876c15edcfccde823b55b61cb7b254487ef8c8781a22043f4adaf25df34580a6b3904fd014b50c59fa90eff75fa5fd32aaec9aa10df8a2b9b824952e475c964533942bbe30f4167a11fc15d548e0a31f911030569722f0c67e79e90483f6f0bee1c7f80face1a1b0f940c891be688cb16394f6c07fd29b5f248c211d1f76ec1292755d8bd963e191b3a8851472fbbd2cb732f4fd9fef3a8fb29aea097328173fdeaf56fa2279e86fb954306b040c960d0b601b3a741c96cf1f0bd1172f848585cb3b57d7d2e2a84914526f5a6f9895cf5aa4425b4dbf9f59037756a0321bba204a737e36277e86fd268f6047921f4f8fab69dfee137c07874f12f89084e7117e2c9221690a27f880f17d08d56f9dbc96ffef3920b55fb773dde72e1ba35f3e0c9872e339508281426ab04941df4885f7e0293149f1642c2573e2b6594b8fd953ae2468cf917cdaa0692cf461e3628860935def39af78af5e1540147ab1c70c3ab7f7c76abea0d8541feb43e632d7a2cc7bef15a4700304048ecf135968d0a9644ce899aad05b186a2224bab3836248cc6137472203ebceb29b3e87610df12417ee722f309c54b2e65591d8b929440f3ec43ee9ff8f7b7710668e4312610d1591303d5270394da0ab61e4515af5215dc81137f0dc90f951972731f8d98ceb8b4ea38da7d8dc153ccbae5068781eaf9a4a7b11b4319090261b61aa65a8536292eb5392020eb285b2db07f81e7f764d65037050f1e3748593474c6c1dc11cfcb56e1c916157280098a437265e1c682cbfed717e7275bc6c3bb6c6ef7f0f9fdd19ef82ff2c82284c3a061f57b21d3705aff97710108a7d1217a7ea3feda021d20f1fdca94bbef67e0aeaa3db6ccc2d060f7b33707fe19cb2d0232f1239373bb38e666cbbbf3a697c6d0e957ec6730f56034440e789a7a37304d09eb742f21019a77c608cf578162a55d0aea113c051b110b5281ed8b6638d2b31604e965cb019f2f106bc4e96d1313c70612f1ff18afdce7926270dd242c49cc53792f160d1e143e04d7eb3ca40828b153fac466bc53a084281987b47b806a4ef668859eb9035ef68e9c20bd6bb790fdf6f921569b4e97fae5b7edc761b4944c1d6d90f4df40bc3203ed838d4c61cdeb7a9bbb68d59b2cc00125eecaf06b759ac1b9dd68028225d0a60efa499e4436962362727011eef6cc55962dd4ffe2fd3892907e837045883cc9ba8892ab265a31924f3055d4dee68feff05d9f10ebdf1e8c1c1e7001b5b02a7fe26b9c0641e054ae37854187fb1bb6e9fae05b09e85a1e0e14bc801f2d8b9a178a9a72b147e137e0d83192664a88a3aca4fb6a4f0c5787b20c31bc5975dfbc8bcff8987573bd14b1ca434d93452e67ed01c60be99e535bb3f848888d224520b61cfc1de2d6b2ebef9f24674c31aada52784a0b7b60f351653c71d546cf951e6b4a0d917ac6afd0a713f41833f9f74a3a7d3c19b523299666da2b48676ca7aafebadef05b3bbf4b6b62834046f51d3d4582fb4c9de27a3f5e992853368e4f17f9dba27c8c4438307fc7405f53fb27cc81c1521452a1a5edb0cabdf7a73b1cab0675b619fd5a0fadb7147776e74695c042d9d8bfda045bcef7542b42249f34c7590605d0201a762390f2fee5f3cdb488426609c663c9fc4dc2a5277f3f589a14e6dcc202dfcd89bb148a368ff1792d230c19934143d2c260dbdfb334af863b856e415febd22fba01c568d8f48dba6d92f493cd1164a376f006d55db609cc2c9532a9f56da3b06e3db2a05f797eed57892e2fb677541324bcd763cf4669e7a871e322d0cc6e21befe3c767976f058dbe7a059d673c94c7ac5d49178bf19d32907b6fe66a92cc8ea30a858da43f74354390d6e97021da50812c59a78915e5b33221531bfa054c594ce3a2300e5a7d712773181901dfcf6922e980566fa62b1f2b669a27fbecce29e9be6d22058463e350163f33d18ce92a72d1b470857b6a37998aec5672521a8f0d66ab2bd01de516036ec47d1f63b95b437dc6d5a0168189d5a963cb0a80a9a5f20b03515396e3525f0ab13b0c1e5dd051b4c930da6d57ab6f7dd94ab3e689e0355af0b34871296152a76cce170d7b14d471ee4d9daa93de4ed755f30d45344f724288c17e4b22583158f1305ff55fecf7d526e207fa609886e14c9a168bf364b049409f63590f18a5515de8c1fd8c5a9710b6e33d2ecd01466b799f14be787612b8f17df0c05483a16097c0a504880249e28f1e067663c640a550a8c7ad9d090f7b2e902c5c20936869a5f3d3a014817f90babf847b43cf67ec23f120ae4abc63a418d1d99f359fc2c33a5bb34e1f5780576111a88c5ede834bc41e498548ddd128f9e884f4cd3e1bf1aaa1204079ce74e709306f38f2d6859128fc35d3a74c534ff1dccadfc8fe41f1be9510349af8710eb6d2dbc758be12b65622dad1cf48abc2fc409f5ed6a3af8d0b6548643c46dfba9db4e5827475e6e317c9c018a4dd5de391cc9cca85ec527537e26949e5091baca4f0b563d4c3969f15115e5ccdeb9e40788fe12f9d32d9488a70ae53b819726e4483ea6bbcb76f99775ca5e4f93c76edae462c08d596209f985aa55ef5e786701edcee8d831dd6dc0fee9ad01b6bdd63e886a5e55bdc593390c81e18dfd8c685b81306bad6b7a19a86b2bab5cbf4754708422e99f8f2497d798b3db565e709bcbba4c376c1c60b22b994fe8fdcb25215d505511cc1927f6a35344023d5da0a3ac0830e6aa80f5f7f0d94a67c99c6b22717078aecba2a599daa2acc054cda25e3965172e5fef464ec19aa71de5e84b6de30cc673fbab8c441ea37bfb3fc321a504371bc0996702e9be38db762e339ad7ad66dc2caa887e4ab60272d7963f85b14c941d31e545b85c640427302efe7142f0e0897a8c623ce57da213fbc2d1f90677142fd48cafca0b2934e572833ed6473218d0513dd1f6ecc578e5a1109ddae552b3be0cfe7246d7682a59fe9ae783a0f318d1800d5c466c80c5fd3facd0340f455f081068dd2cda5cda744018d902217152b6c05d37c090f8348b0471053152c2a4570fbab3f6dc30c8e49a63b88a00b3aac75180a633692e35ea976821694e133eb8bb4d31237d002fce1dd2ce55528dafcef2f0e00690562d144bb0e19576ce6ab72deac22067d8edac916b1b07e4eb57ff0b885b1b79f37dcf88135eedc17ffd948b61e4df4985033bcf891dd5b1448c8668947a271d93d03ce31216810a6bb45a6c5a12e290d97a60ad4b5c7384cf19421ac1ca64d346b50771e0b50e5caf1d9dfe056e8da247aa502ff04c8e29ca810a1d3ec7a89bc17dba2936f03a80228171f7999b3f2768617970efe57b14011c80666ac4999a568ebef74e2ca14df0ff6f0fcd47c538be96aaca1e65b53b98447101e49672b48167c0afc1afffe669b0f9718bd3305805c292db9738740b362564e4691cbdf061db1ed3f9db1f8bed82939f835d14f46818e3eb4e25f7a8d77d9d0d7913c45d8a81115c1a5e37b1d3bd1b7b5e6afaaefc81d9700bf83506fbf15457bc0f59f7008cc803efdcb6d39e388f6b28e80d47134265cc5438804b12d50e61a489da829dca05792d2ac182ba747331e88a7118f7dd38067f7d38f37be362260effacbc33863bb47aeebbadeae648a1090718266eedd2ed5a2c23f168759198aa92b2ac45c2a68ff212f29260e641a38541b066d39df4e95cd1c8e7e6ffae1b8017e6f629db3910b07496c8a81e4e66ac2321fd9e7ebfecf5bf6e922d7a79fb710a2d42dad1916c9b186c2c50c818fdb1afa19be867d943ee98f732fe3a01364281c0f6d0eb64a278721dc7bff5316256b0f4251abbd9b8ba7c7c12a3bf02a1fbc9ca94b965588fbc82343d07df8e06eaa5ed2137fec129351d80a9048a7d78b31ffaf2e388864a763c4af7aa53000e0bb2eb8ac0e4272cbb79dc6a7d65890f125c523c7cfddacdedbe87938aca915c92c807dab26be7d748827d4e3188676312ef1ac8460b29e8e715f4075e33104ce82e6785aadf17a7cf82d2a705e9f2d0fd25810ba33d76e54b48eda3effc01f37c89db38af81922fadc8c3361fe74ed51eac5e4437108106ffdedb339b406c082d62a8bf718989846d23f966e1ea39103010f767b3a6f0a0a2041b1dafcb787e69ffad75ed2a0081b92a4136ad5ae557c55a4b6219a390103428181ab36f329ad182a92957495c", 0x2000, &(0x7f0000006dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004480)={0x90, 0x0, 0x6, {0x3, 0x0, 0x7fffffff, 0x1fffffffffffd, 0x400, 0xc, {0x1, 0x9, 0x8, 0x1, 0x1, 0x8, 0x8, 0x123, 0xdab5, 0xa000, 0x0, r2, r3, 0x6, 0xffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002000)={0x0, &(0x7f0000002000)})
getpid()
r4 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = fanotify_init(0x200, 0x40800)
fanotify_mark(r5, 0x20, 0x4800103e, r4, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r7 = fanotify_init(0xf00, 0x0)
fanotify_mark(r7, 0x105, 0x5000003a, r6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r8 = getpid()
sched_setscheduler(r8, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, r7, 0xcc7a0000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r11, &(0x7f0000000000)='./bus/file0\x00', 0x0)
renameat2(r11, &(0x7f0000000240)='./bus/file0\x00', r11, &(0x7f00000001c0)='./file0\x00', 0x2)

364.438156ms ago: executing program 1 (id=998):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000180)={0x6, @capture={0x1000, 0x1, {0x1, 0x401}, 0x6a, 0x3a1}}) (fail_nth: 4)

274.640785ms ago: executing program 2 (id=999):
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
tkill(r0, 0x32)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000012000000080007000000002018000180140002006e657464657673696d300000000000000800080000000000080009"], 0x44}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001580), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000001680))
r5 = eventfd2(0x1, 0x80000)
ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f00000001c0)={0x0, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
r6 = accept4(r1, &(0x7f0000000140)=@nfc_llcp, &(0x7f0000000280)=0x80, 0x80000)
connect$vsock_stream(r6, &(0x7f00000002c0)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000000)={0x0, r5})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x2080, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f00000000c0)=0x11)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_tcp_buf(r5, 0x6, 0x21, &(0x7f0000000340)=""/13, &(0x7f0000000380)=0xd)
syz_socket_connect_nvme_tcp()
unshare(0x2040400)

272.096443ms ago: executing program 4 (id=1000):
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x48000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_dev$MSR(&(0x7f0000000040), 0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b80)=@migrate={0xa0, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0xfffc, 0x0, 0x0, 0x0, 0xa, 0xe0, 0x80}, 0x2}, [@migrate={0x50, 0x11, [{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, @in6=@empty, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x8}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x42000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newtaction={0x7c, 0x30, 0x1, 0x0, 0x0, {}, [{0x68, 0x1, [@m_vlan={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5}]}, {0xffffffffffffff95}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fadvise64(r3, 0x7f, 0xffffffffffffffc0, 0x5)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x4e20, 0x7d4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r6=>0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r7}, 0x38)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f00000002c0)={@private1={0xfc, 0x1, '\x00', 0xfd}, @mcast1, @dev={0xfe, 0x80, '\x00', 0x21}, 0x3, 0xb, 0x0, 0x100, 0x8000000000020001, 0x0, r6})
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r8, &(0x7f0000000340)=[{{&(0x7f0000000300)={0xa, 0x4e3a, 0x1, @private2, 0x9}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000040)="06", 0x1}], 0x1}}, {{&(0x7f0000000000)={0xa, 0x4e20, 0x5a0, @private1}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000480)="a4", 0x1}], 0x1}}], 0x2, 0x4058040)
r9 = socket$netlink(0x10, 0x3, 0x4)
writev(r9, &(0x7f0000000080)=[{&(0x7f0000000e40)="480000001400190d09004beafd0d36020a8447000b4e230f00004e20a2bc560119d7004f19dfb7f393d7359031033f817f00000000000000000101ff05c00e030002000000ffff01", 0x48}], 0x1)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000002c0)={@private0, @empty, @private0, 0x0, 0x6, 0x0, 0x0, 0x6, 0x150042, r6})

140.753924ms ago: executing program 1 (id=1001):
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x48000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_dev$MSR(&(0x7f0000000040), 0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b80)=@migrate={0xa0, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0xfffc, 0x0, 0x0, 0x0, 0xa, 0xe0, 0x80}, 0x2}, [@migrate={0x50, 0x11, [{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, @in6=@empty, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x8}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x42000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newtaction={0x7c, 0x30, 0x1, 0x0, 0x0, {}, [{0x68, 0x1, [@m_vlan={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5}]}, {0xffffffffffffff95}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fadvise64(r3, 0x7f, 0xffffffffffffffc0, 0x5)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x4e20, 0x7d4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r6=>0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r7}, 0x38)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f00000002c0)={@private1={0xfc, 0x1, '\x00', 0xfd}, @mcast1, @dev={0xfe, 0x80, '\x00', 0x21}, 0x3, 0xb, 0x0, 0x100, 0x8000000000020001, 0x0, r6})
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r8, &(0x7f0000000340)=[{{&(0x7f0000000300)={0xa, 0x4e3a, 0x1, @private2, 0x9}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000040)="06", 0x1}], 0x1}}, {{&(0x7f0000000000)={0xa, 0x4e20, 0x5a0, @private1}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000480)="a4", 0x1}], 0x1}}], 0x2, 0x4058040)
r9 = socket$netlink(0x10, 0x3, 0x4)
writev(r9, &(0x7f0000000080)=[{&(0x7f0000000e40)="480000001400190d09004beafd0d36020a8447000b4e230f00004e20a2bc560119d7004f19dfb7f393d7359031033f817f00000000000000000101ff05c00e030002000000ffff01", 0x48}], 0x1)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000002c0)={@private0, @empty, @private0, 0x0, 0x6, 0x0, 0x0, 0x6, 0x150042, r6})

0s ago: executing program 0 (id=1002):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/prev\x00')
pread64(r1, 0x0, 0x0, 0x6)
mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = creat(&(0x7f0000000340)='./file0\x00', 0x14)
close(r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvfrom(r5, 0x0, 0x0, 0x2120, 0x0, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
getpid()
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
shutdown(r6, 0x1)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000000c0), 0x1004001, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',7'])

kernel console output (not intermixed with test programs):

1, Product=2, SerialNumber=3
[  126.399558][ T5960] usb 2-1: Product: syz
[  126.409413][ T5960] usb 2-1: Manufacturer: syz
[  126.422447][ T5960] usb 2-1: SerialNumber: syz
[  126.528516][ T5960] usb 2-1: config 0 descriptor??
[  126.693157][ T5960] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  126.862153][ T6498] I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  126.872274][ T6498] EXT4-fs (loop3): unable to read superblock
[  127.091718][ T5960] ssu100 2-1:0.0: probe with driver ssu100 failed with error -110
[  127.124167][ T6503] ieee802154 phy0 wpan0: encryption failed: -90
[  127.281769][ T6511] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  128.732912][ T6526] =======================================================
[  128.732912][ T6526] WARNING: The mand mount option has been deprecated and
[  128.732912][ T6526]          and is ignored by this kernel. Remove the mand
[  128.732912][ T6526]          option from the mount to silence this warning.
[  128.732912][ T6526] =======================================================
[  128.777844][ T6526] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  128.899784][ T6526] FAT-fs (loop4): unable to read boot sector
[  129.393669][ T6533] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  129.456793][ T5960] usb 2-1: USB disconnect, device number 3
[  129.766877][ T6543] overlay: Unknown parameter 'uid>00000000000000000000'
[  130.305274][ T6546] EXT4-fs: Ignoring removed bh option
[  130.332394][ T6546] I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  130.345854][ T6546] EXT4-fs (loop3): unable to read superblock
[  130.662494][ T6552] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  132.797927][ T6572] program syz.1.174 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.886350][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  132.920566][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  134.154083][ T6591] netlink: 12 bytes leftover after parsing attributes in process `syz.3.178'.
[  134.163851][ T6591] netlink: 12 bytes leftover after parsing attributes in process `syz.3.178'.
[  134.172825][ T6591] netlink: 50 bytes leftover after parsing attributes in process `syz.3.178'.
[  134.215866][ T6591] exfat: Deprecated parameter 'utf8'
[  134.227334][ T6591] exFAT-fs (loop3): mounting with "discard" option, but the device does not support discard
[  134.241392][ T6591] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  134.251089][ T6591] exFAT-fs (loop3): unable to read boot sector
[  134.257297][ T6591] exFAT-fs (loop3): failed to read boot sector
[  134.263568][ T6591] exFAT-fs (loop3): failed to recognize exfat type
[  134.542907][ T5960] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  134.650322][ T6595] input: syz0 as /devices/virtual/input/input5
[  134.716271][ T5960] usb 4-1: config 6 has an invalid interface number: 2 but max is 0
[  134.734597][ T5960] usb 4-1: config 6 has no interface number 0
[  134.741988][ T5960] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  134.758201][ T6597] 9pnet_fd: Insufficient options for proto=fd
[  134.770794][ T5960] usb 4-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  134.784591][ T5960] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  134.840905][ T5960] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  135.014052][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.023417][ T5960] usb 4-1: Product: syz
[  135.029461][ T5960] usb 4-1: Manufacturer: syz
[  135.034793][ T5960] usb 4-1: SerialNumber: syz
[  135.051747][ T5960] hso 4-1:6.2: Failed to find INT IN ep
[  135.402035][ T6609] tipc: Started in network mode
[  135.407228][ T6609] tipc: Node identity ac14140f, cluster identity 4711
[  135.418040][ T6609] tipc: New replicast peer: 255.255.255.255
[  135.426392][ T6609] tipc: Enabled bearer <udp:syz2>, priority 10
[  136.079775][ T6614] input: syz1 as /devices/virtual/input/input6
[  136.543861][ T5918] tipc: Node number set to 2886997007
[  136.976008][    T9] usb 4-1: USB disconnect, device number 5
[  137.301726][ T5960] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  138.110668][ T6633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.192'.
[  138.121900][ T5960] usb 3-1: Using ep0 maxpacket: 32
[  138.152689][ T5960] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  138.174837][ T5960] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  138.184507][ T5960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.193205][ T5960] usb 3-1: Product: syz
[  138.197882][ T5960] usb 3-1: Manufacturer: syz
[  138.204555][ T5960] usb 3-1: SerialNumber: syz
[  138.240944][ T5960] usb 3-1: config 0 descriptor??
[  138.262529][ T5960] cdc_ether 3-1:0.0: skipping garbage
[  138.267959][ T5960] usb 3-1: bad CDC descriptors
[  138.286996][ T5960] usb 3-1: unsupported MDLM descriptors
[  138.494151][    T9] usb 3-1: USB disconnect, device number 8
[  138.509160][ T6638] netlink: 8 bytes leftover after parsing attributes in process `syz.3.194'.
[  138.665185][ T6638] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  139.012234][ T6657] netlink: 'syz.1.199': attribute type 29 has an invalid length.
[  139.021167][ T6657] netlink: 4 bytes leftover after parsing attributes in process `syz.1.199'.
[  139.623427][ T6664] 9pnet_fd: Insufficient options for proto=fd
[  139.912695][ T6671] hfsplus: Unknown parameter '|/Í@'
[  140.552940][ T6675] uprobe: syz.0.205:6675 failed to unregister, leaking uprobe
[  141.335970][ T6681] overlayfs: failed to resolve './file0': -2
[  144.227415][ T6723] overlayfs: failed to resolve './file0': -2
[  148.583859][ T6771] overlayfs: failed to resolve './file0': -2
[  148.864865][   T30] audit: type=1800 audit(1758197053.334:26): pid=6781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.237" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  149.415684][ T6773] IPVS: You probably need to specify IP address on multicast interface.
[  149.428228][ T6773] IPVS: Error connecting to the multicast addr
[  150.998177][ T6800] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  151.022516][ T6801] Bluetooth: MGMT ver 1.23
[  151.391183][ T6019] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  151.594946][ T6807] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  151.622235][ T6807] CIFS mount error: No usable UNC path provided in device string!
[  151.622235][ T6807] 
[  151.633061][ T6807] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  151.671229][ T6019] usb 1-1: Using ep0 maxpacket: 16
[  151.710127][ T6019] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  151.854489][ T6019] usb 1-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=f6.59
[  151.920348][ T6019] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.932656][ T6810] overlayfs: failed to resolve './file0': -2
[  151.949041][ T6019] usb 1-1: Product: syz
[  151.991524][ T6019] usb 1-1: Manufacturer: syz
[  152.069602][ T6019] usb 1-1: SerialNumber: syz
[  152.616170][ T6822] comedi comedi0: Minor 48 is invalid!
[  153.098365][ T6019] usb 1-1: config 0 descriptor??
[  153.315603][ T6019] peak_usb 1-1:0.0 can0: sending cmd f=0x6 n=0x1 failure: -22
[  153.349879][ T6019] peak_usb 1-1:0.0: unable to read PCAN-USB serial number (err -22)
[  153.614619][ T6019] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -22
[  153.666166][ T6831] hfsplus: Unknown parameter '|/Í@'
[  153.841617][ T6019] usb 1-1: USB disconnect, device number 3
[  155.734755][ T6849] syz.3.256 uses obsolete (PF_INET,SOCK_PACKET)
[  155.776126][ T6850] FAULT_INJECTION: forcing a failure.
[  155.776126][ T6850] name failslab, interval 1, probability 0, space 0, times 0
[  155.789000][ T6850] CPU: 0 UID: 0 PID: 6850 Comm: syz.0.255 Not tainted syzkaller #0 PREEMPT(full) 
[  155.789015][ T6850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  155.789021][ T6850] Call Trace:
[  155.789027][ T6850]  <TASK>
[  155.789032][ T6850]  dump_stack_lvl+0x189/0x250
[  155.789048][ T6850]  ? __pfx____ratelimit+0x10/0x10
[  155.789061][ T6850]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.789071][ T6850]  ? __pfx__printk+0x10/0x10
[  155.789086][ T6850]  ? __pfx___might_resched+0x10/0x10
[  155.789101][ T6850]  should_fail_ex+0x414/0x560
[  155.789115][ T6850]  should_failslab+0xa8/0x100
[  155.789126][ T6850]  __kmalloc_noprof+0xcb/0x7f0
[  155.789139][ T6850]  ? iter_file_splice_write+0x1c6/0x10e0
[  155.789156][ T6850]  iter_file_splice_write+0x1c6/0x10e0
[  155.789183][ T6850]  ? __pfx_iter_file_splice_write+0x10/0x10
[  155.789198][ T6850]  ? rcu_read_lock_any_held+0xb3/0x120
[  155.789207][ T6850]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  155.789221][ T6850]  ? __pfx_iter_file_splice_write+0x10/0x10
[  155.789234][ T6850]  direct_splice_actor+0x101/0x160
[  155.789252][ T6850]  splice_direct_to_actor+0x5a8/0xcc0
[  155.789276][ T6850]  ? __pfx_direct_splice_actor+0x10/0x10
[  155.789289][ T6850]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  155.789308][ T6850]  do_splice_direct+0x181/0x270
[  155.789322][ T6850]  ? __pfx_do_splice_direct+0x10/0x10
[  155.789335][ T6850]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  155.789350][ T6850]  ? rw_verify_area+0x255/0x4d0
[  155.789365][ T6850]  do_sendfile+0x4da/0x7e0
[  155.789380][ T6850]  ? __pfx_do_sendfile+0x10/0x10
[  155.789397][ T6850]  __se_sys_sendfile64+0xd9/0x190
[  155.789407][ T6850]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  155.789418][ T6850]  ? do_syscall_64+0xbe/0xfa0
[  155.789433][ T6850]  do_syscall_64+0xfa/0xfa0
[  155.789443][ T6850]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.789455][ T6850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.789464][ T6850]  ? clear_bhb_loop+0x60/0xb0
[  155.789475][ T6850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.789484][ T6850] RIP: 0033:0x7f5e9378eba9
[  155.789494][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.789502][ T6850] RSP: 002b:00007f5e94625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  155.789513][ T6850] RAX: ffffffffffffffda RBX: 00007f5e939d5fa0 RCX: 00007f5e9378eba9
[  155.789520][ T6850] RDX: 0000200000000080 RSI: 0000000000000005 RDI: 0000000000000005
[  155.789525][ T6850] RBP: 00007f5e94625090 R08: 0000000000000000 R09: 0000000000000000
[  155.789531][ T6850] R10: 0000000000007f03 R11: 0000000000000246 R12: 0000000000000002
[  155.789536][ T6850] R13: 00007f5e939d6038 R14: 00007f5e939d5fa0 R15: 00007ffc40b7b128
[  155.789551][ T6850]  </TASK>
[  156.772141][ T5918] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  156.957876][ T5918] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  157.003469][ T5918] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  157.062827][ T5918] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  157.126148][ T6866] netlink: 40 bytes leftover after parsing attributes in process `syz.3.260'.
[  157.263603][ T5918] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  157.313897][ T5918] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.400049][ T5918] usb 1-1: Product: syz
[  157.460166][ T5918] usb 1-1: Manufacturer: syz
[  157.540575][ T5918] usb 1-1: SerialNumber: syz
[  157.558473][ T5918] hub 1-1:1.0: bad descriptor, ignoring hub
[  157.591259][ T5918] hub 1-1:1.0: probe with driver hub failed with error -5
[  157.780677][ T6858] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.803705][ T6858] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.954292][ T5918] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  157.982164][ T6887] EXT4-fs: Ignoring removed oldalloc option
[  157.989647][ T6887] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  158.128106][ T6887] EXT4-fs (loop1): unable to read superblock
[  158.180171][ T5918] usb 1-1: USB disconnect, device number 4
[  158.462288][ T5918] usblp0: removed
[  158.676897][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  158.841148][    T9] usb 4-1: Using ep0 maxpacket: 8
[  158.853120][    T9] usb 4-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  158.874331][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.895474][    T9] usb 4-1: Product: syz
[  158.899667][    T9] usb 4-1: Manufacturer: syz
[  158.914571][    T9] usb 4-1: SerialNumber: syz
[  158.951155][    T9] usb 4-1: config 0 descriptor??
[  158.973715][    T9] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  159.791121][ T6898] netlink: 'syz.0.273': attribute type 1 has an invalid length.
[  159.798878][ T6898] netlink: 224 bytes leftover after parsing attributes in process `syz.0.273'.
[  160.070562][ T6885] pimreg: entered allmulticast mode
[  160.124115][    T9] gspca_sonixj: reg_w1 err -71
[  160.201403][    T9] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[  160.230714][    T9] usb 4-1: USB disconnect, device number 6
[  160.347398][ T6916] kvm: pic: non byte write
[  160.369126][ T6915] tun0: tun_chr_ioctl cmd 1074025677
[  160.376994][ T6915] tun0: linktype set to 0
[  160.520519][   T30] audit: type=1804 audit(1758197064.994:27): pid=6919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.279" name="/newroot/75/bus" dev="tmpfs" ino=420 res=1 errno=0
[  160.548227][ T5884] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  160.559260][ T5884] CPU: 1 UID: 0 PID: 5884 Comm: kworker/u9:9 Not tainted syzkaller #0 PREEMPT(full) 
[  160.559286][ T5884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  160.559297][ T5884] Workqueue: hci1 hci_rx_work
[  160.559325][ T5884] Call Trace:
[  160.559332][ T5884]  <TASK>
[  160.559339][ T5884]  dump_stack_lvl+0x189/0x250
[  160.559370][ T5884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.559390][ T5884]  ? __pfx__printk+0x10/0x10
[  160.559421][ T5884]  ? kernfs_path_from_node+0x250/0x290
[  160.559442][ T5884]  ? kernfs_path_from_node+0x2f/0x290
[  160.559466][ T5884]  sysfs_create_dir_ns+0x259/0x280
[  160.559498][ T5884]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  160.559521][ T5884]  ? do_raw_spin_unlock+0x122/0x240
[  160.559546][ T5884]  kobject_add_internal+0x59f/0xb40
[  160.559581][ T5884]  kobject_add+0x155/0x220
[  160.559608][ T5884]  ? __pfx_kobject_add+0x10/0x10
[  160.559631][ T5884]  ? _raw_spin_unlock+0x28/0x50
[  160.559652][ T5884]  ? get_device_parent+0x366/0x3a0
[  160.559676][ T5884]  device_add+0x408/0xb50
[  160.559698][ T5884]  hci_conn_add_sysfs+0xd5/0x1e0
[  160.559721][ T5884]  le_conn_complete_evt+0xf39/0x1500
[  160.559751][ T5884]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  160.559769][ T5884]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  160.559792][ T5884]  ? __asan_memcpy+0x40/0x70
[  160.559821][ T5884]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  160.559843][ T5884]  ? skb_pull_data+0xfb/0x200
[  160.559868][ T5884]  hci_le_conn_complete_evt+0x187/0x450
[  160.559902][ T5884]  hci_event_packet+0x78f/0x1200
[  160.559928][ T5884]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  160.559956][ T5884]  ? __pfx_hci_event_packet+0x10/0x10
[  160.559981][ T5884]  ? kcov_remote_start+0x4d3/0x7f0
[  160.560002][ T5884]  ? local_clock_noinstr+0xe0/0xe0
[  160.560028][ T5884]  ? hci_send_to_monitor+0xe2/0x570
[  160.560049][ T5884]  hci_rx_work+0x46a/0xe80
[  160.560080][ T5884]  ? process_scheduled_works+0x9ef/0x17b0
[  160.560107][ T5884]  process_scheduled_works+0xae1/0x17b0
[  160.560162][ T5884]  ? __pfx_process_scheduled_works+0x10/0x10
[  160.560202][ T5884]  worker_thread+0x8a0/0xda0
[  160.560229][ T5884]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  160.560259][ T5884]  ? __kthread_parkme+0x7b/0x200
[  160.560284][ T5884]  kthread+0x711/0x8a0
[  160.560305][ T5884]  ? __pfx_worker_thread+0x10/0x10
[  160.560326][ T5884]  ? __pfx_kthread+0x10/0x10
[  160.560344][ T5884]  ? _raw_spin_unlock_irq+0x23/0x50
[  160.560361][ T5884]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.560379][ T5884]  ? __pfx_kthread+0x10/0x10
[  160.560396][ T5884]  ret_from_fork+0x4bc/0x870
[  160.560421][ T5884]  ? __pfx_ret_from_fork+0x10/0x10
[  160.560449][ T5884]  ? __switch_to_asm+0x39/0x70
[  160.560468][ T5884]  ? __switch_to_asm+0x33/0x70
[  160.560496][ T5884]  ? __pfx_kthread+0x10/0x10
[  160.560516][ T5884]  ret_from_fork_asm+0x1a/0x30
[  160.560554][ T5884]  </TASK>
[  160.833094][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.343115][ T5884] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  161.357947][ T5884] Bluetooth: hci1: failed to register connection device
[  161.489502][ T6919] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  161.524461][ T6919] EXT4-fs (loop4): unable to read superblock
[  161.830595][ T6938] befs: (nbd0): No write support. Marking filesystem read-only
[  162.318153][ T6938] block nbd0: Attempted send on invalid socket
[  162.325774][ T6938] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.336011][ T6938] befs: (nbd0): unable to read superblock
[  162.518903][ T6937] Set syz1 is full, maxelem 6117 reached
[  163.854774][ T6944] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  163.854839][ T6961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.291'.
[  163.861518][ T6944] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  163.870606][ T6944] vhci_hcd vhci_hcd.0: Device attached
[  164.034360][ T6967] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  164.139127][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.148670][ T6965] hpfs: hpfs_map_sector(): read error
[  164.161240][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.170465][ T6965] hpfs: hpfs_map_sector(): read error
[  164.182368][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.192003][ T6965] hpfs: hpfs_map_sector(): read error
[  164.204054][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.214782][ T6965] hpfs: hpfs_map_sector(): read error
[  164.226792][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.236084][ T6965] hpfs: hpfs_map_sector(): read error
[  164.248040][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.257317][ T6965] hpfs: hpfs_map_sector(): read error
[  164.269144][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.278436][ T6965] hpfs: hpfs_map_sector(): read error
[  164.291281][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.300492][ T6965] hpfs: hpfs_map_sector(): read error
[  164.313862][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.323231][ T6965] hpfs: hpfs_map_sector(): read error
[  164.335287][ T6965] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  164.344630][ T6965] hpfs: hpfs_map_sector(): read error
[  164.356773][ T6965] hpfs: hpfs_map_sector(): read error
[  164.369247][ T6965] hpfs: hpfs_map_sector(): read error
[  164.382775][ T6965] hpfs: hpfs_map_sector(): read error
[  164.394611][ T6965] hpfs: hpfs_map_sector(): read error
[  164.406572][ T6965] hpfs: hpfs_map_sector(): read error
[  164.419354][ T6965] hpfs: hpfs_map_sector(): read error
[  164.431409][ T6965] hpfs: hpfs_map_sector(): read error
[  164.443417][ T6965] hpfs: hpfs_map_sector(): read error
[  164.455382][ T6965] hpfs: hpfs_map_sector(): read error
[  164.465251][ T6019] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  164.550708][   T10] vhci_hcd: vhci_device speed not set
[  164.631232][   T10] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  164.695248][ T6019] usb 5-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  164.744098][ T6019] usb 5-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  164.809033][ T6019] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  164.855907][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.880760][ T6944] genirq: Flags mismatch irq 4. 00200000 (das16m1) vs. 00200080 (ttyS0)
[  166.256251][ T6019] usb 5-1: string descriptor 0 read error: -71
[  166.266866][ T6957] vhci_hcd: connection reset by peer
[  166.283996][ T6494] vhci_hcd: stop threads
[  166.286797][ T6019] aiptek 5-1:17.0: interface has no int in endpoints, but must have minimum 1
[  166.298806][ T6494] vhci_hcd: release socket
[  166.311836][ T6494] vhci_hcd: disconnect device
[  166.357417][ T6019] usb 5-1: USB disconnect, device number 2
[  166.386169][ T6991] exfat: Unknown parameter '017777777777777777777770x0000000000000000017777777777777777777770x0000000000000000'
[  166.511769][   T24] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  166.695648][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.704882][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.717011][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.726200][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.737126][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.746162][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.757082][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.766204][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  166.778160][ T6995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.299'.
[  167.162477][   T24] usb 3-1: Using ep0 maxpacket: 8
[  167.174165][   T24] usb 3-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d
[  167.186866][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.204758][   T24] usb 3-1: Product: syz
[  167.213350][   T24] usb 3-1: Manufacturer: syz
[  167.223275][   T24] usb 3-1: SerialNumber: syz
[  167.235949][   T24] usb 3-1: config 0 descriptor??
[  167.247524][   T24] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  167.712192][ T5884] Bluetooth: hci1: command 0x0406 tx timeout
[  168.076145][   T24] gspca_sonixj: reg_r err -110
[  168.146192][   T24] sonixj 3-1:0.0: probe with driver sonixj failed with error -110
[  169.121519][ T6995] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  169.129996][ T5884] Bluetooth: hci0: command 0x0c1a tx timeout
[  169.137014][ T6995] Bluetooth: hci0: Opcode 0x0406 failed: -110
[  169.356109][ T6995] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  169.365200][ T6995] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  169.371223][ T6995] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  169.380140][ T6995] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  169.387889][ T6995] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  169.394609][ T6995] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  169.400586][ T6995] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  169.412294][ T6995] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  169.419318][ T6995] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  169.425421][ T6995] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  169.436058][ T6995] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  169.443930][ T6995] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  169.449903][ T6995] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  169.457186][ T6995] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  169.554550][ T7017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.563476][ T7017] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  169.633049][ T7021] blk_print_req_error: 9 callbacks suppressed
[  169.633067][ T7021] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.651411][ T7021] exFAT-fs (loop0): unable to read boot sector
[  169.657703][ T7021] exFAT-fs (loop0): failed to read boot sector
[  169.664249][ T7021] exFAT-fs (loop0): failed to recognize exfat type
[  169.861214][ T5960] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  170.153522][   T10] vhci_hcd: vhci_device speed not set
[  170.165426][ T7027] __nla_validate_parse: 137 callbacks suppressed
[  170.165442][ T7027] netlink: 20 bytes leftover after parsing attributes in process `syz.0.306'.
[  170.367964][ T7030] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  170.378907][ T7030] hfs: can't find a HFS filesystem on dev loop1
[  170.568160][ T5960] usb 4-1: device not accepting address 7, error -71
[  170.638153][ T5918] usb 3-1: USB disconnect, device number 9
[  171.041259][ T5960] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  171.201178][ T5884] Bluetooth: hci0: command 0x0c1a tx timeout
[  171.461178][ T5880] Bluetooth: hci2: command 0x0c1a tx timeout
[  171.468237][ T5867] Bluetooth: hci1: command 0x0406 tx timeout
[  171.474466][ T5884] Bluetooth: hci3: command 0x0c1a tx timeout
[  171.521196][ T5884] Bluetooth: hci4: command 0x0c1a tx timeout
[  171.531802][ T5960] usb 4-1: Using ep0 maxpacket: 32
[  171.662016][ T5960] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  171.678225][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.689540][ T5960] usb 4-1: Product: syz
[  172.414334][ T7050] syz.1.313 (7050) used greatest stack depth: 16368 bytes left
[  172.521661][ T5960] usb 4-1: Manufacturer: syz
[  172.540138][ T5960] usb 4-1: SerialNumber: syz
[  172.725253][ T5960] usb 4-1: config 0 descriptor??
[  172.795366][ T5960] rtl8150 4-1:0.0: couldn't find required endpoints
[  172.851697][ T5960] rtl8150 4-1:0.0: probe with driver rtl8150 failed with error -5
[  173.061112][ T5960] usb 4-1: USB disconnect, device number 8
[  173.282740][ T5884] Bluetooth: hci0: command 0x0c1a tx timeout
[  173.521175][ T5884] Bluetooth: hci3: command 0x0c1a tx timeout
[  173.529363][ T5884] Bluetooth: hci2: command 0x0c1a tx timeout
[  173.535820][ T5884] Bluetooth: hci1: command 0x0406 tx timeout
[  173.601919][ T5880] Bluetooth: hci4: command 0x0c1a tx timeout
[  175.482865][ T7086] netlink: 16 bytes leftover after parsing attributes in process `syz.1.321'.
[  175.493374][ T7086] netlink: 16 bytes leftover after parsing attributes in process `syz.1.321'.
[  175.712322][ T5880] Bluetooth: hci1: command 0x0406 tx timeout
[  175.718538][ T5884] Bluetooth: hci2: command 0x0c1a tx timeout
[  175.724790][ T5880] Bluetooth: hci3: command 0x0c1a tx timeout
[  175.730972][ T5884] Bluetooth: hci4: command 0x0c1a tx timeout
[  176.163649][ T7099] vivid-002: disconnect
[  176.578923][ T7089] vivid-002: reconnect
[  177.787944][ T5867] Bluetooth: hci1: command 0x0406 tx timeout
[  178.347315][ T7114] FAULT_INJECTION: forcing a failure.
[  178.347315][ T7114] name failslab, interval 1, probability 0, space 0, times 0
[  178.360139][ T7114] CPU: 1 UID: 0 PID: 7114 Comm: syz.0.326 Not tainted syzkaller #0 PREEMPT(full) 
[  178.360162][ T7114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  178.360172][ T7114] Call Trace:
[  178.360179][ T7114]  <TASK>
[  178.360186][ T7114]  dump_stack_lvl+0x189/0x250
[  178.360211][ T7114]  ? __pfx____ratelimit+0x10/0x10
[  178.360234][ T7114]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.360253][ T7114]  ? __pfx__printk+0x10/0x10
[  178.360285][ T7114]  ? lock_acquire+0x175/0x360
[  178.360307][ T7114]  ? __pfx___might_resched+0x10/0x10
[  178.360334][ T7114]  should_fail_ex+0x414/0x560
[  178.360360][ T7114]  should_failslab+0xa8/0x100
[  178.360379][ T7114]  __kmalloc_noprof+0xcb/0x7f0
[  178.360401][ T7114]  ? tomoyo_encode+0x28b/0x550
[  178.360428][ T7114]  tomoyo_encode+0x28b/0x550
[  178.360454][ T7114]  tomoyo_realpath_from_path+0x58d/0x5d0
[  178.360485][ T7114]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  178.360503][ T7114]  tomoyo_path_number_perm+0x1e8/0x5a0
[  178.360523][ T7114]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  178.360540][ T7114]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  178.360564][ T7114]  ? rcu_is_watching+0x15/0xb0
[  178.360597][ T7114]  ? rcu_read_unlock_special+0x3a2/0x4b0
[  178.360638][ T7114]  ? __rcu_read_unlock+0x84/0xe0
[  178.360659][ T7114]  ? __fget_files+0x3a0/0x420
[  178.360674][ T7114]  ? __fget_files+0x2a/0x420
[  178.360694][ T7114]  security_file_ioctl+0xcb/0x2d0
[  178.360713][ T7114]  __se_sys_ioctl+0x47/0x170
[  178.360736][ T7114]  do_syscall_64+0xfa/0xfa0
[  178.360759][ T7114]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.360774][ T7114]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  178.360789][ T7114]  ? clear_bhb_loop+0x60/0xb0
[  178.360809][ T7114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.360825][ T7114] RIP: 0033:0x7f5e9378eba9
[  178.360841][ T7114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.360854][ T7114] RSP: 002b:00007f5e945e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  178.360872][ T7114] RAX: ffffffffffffffda RBX: 00007f5e939d6180 RCX: 00007f5e9378eba9
[  178.360884][ T7114] RDX: 00002000000002c0 RSI: 000000004068aea3 RDI: 0000000000000006
[  178.360895][ T7114] RBP: 00007f5e945e3090 R08: 0000000000000000 R09: 0000000000000000
[  178.360908][ T7114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.360918][ T7114] R13: 00007f5e939d6218 R14: 00007f5e939d6180 R15: 00007ffc40b7b128
[  178.360948][ T7114]  </TASK>
[  178.607150][ T7114] ERROR: Out of memory at tomoyo_realpath_from_path.
[  178.880770][ T7117] fuse: Unknown parameter ''
[  179.056676][ T5953] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  179.333959][ T5953] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  179.363346][ T5953] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  179.563390][ T5953] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  179.591538][ T5953] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  179.795670][ T5953] usb 3-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16
[  179.829141][ T5953] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.844240][ T7135] netlink: 12 bytes leftover after parsing attributes in process `syz.4.333'.
[  179.863715][ T7135] netlink: 12 bytes leftover after parsing attributes in process `syz.4.333'.
[  179.912163][ T5953] usb 3-1: Product: syz
[  180.102880][ T5953] usb 3-1: Manufacturer: syz
[  180.280257][ T5953] usb 3-1: SerialNumber: syz
[  180.288513][ T7138] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  180.324338][ T5953] usb 3-1: config 0 descriptor??
[  180.335824][ T5953] kvaser_usb 3-1:0.0: CMD_MAP_CHANNEL_REQ failed for CAN0
[  180.358573][ T5953] kvaser_usb 3-1:0.0: error -EMSGSIZE: Failed to initialize card
[  180.368769][ T5953] kvaser_usb 3-1:0.0: probe with driver kvaser_usb failed with error -90
[  181.244826][ T7149] syz.0.336 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  182.012140][   T24] usb 3-1: USB disconnect, device number 10
[  182.267825][ T7156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.339'.
[  182.813233][ T7167] netlink: 4 bytes leftover after parsing attributes in process `syz.4.342'.
[  184.370463][ T7167] bridge_slave_1: left allmulticast mode
[  184.385998][ T7167] bridge_slave_1: left promiscuous mode
[  184.397529][ T7167] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.626640][ T7186] process 'syz.3.346' launched './file0' with NULL argv: empty string added
[  184.725966][ T7167] bridge_slave_0: left allmulticast mode
[  184.755640][ T7167] bridge_slave_0: left promiscuous mode
[  184.776166][ T7167] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.185203][ T7170] netlink: 8 bytes leftover after parsing attributes in process `syz.0.343'.
[  186.595870][ T7205] FAULT_INJECTION: forcing a failure.
[  186.595870][ T7205] name failslab, interval 1, probability 0, space 0, times 0
[  187.403194][ T7205] CPU: 1 UID: 0 PID: 7205 Comm: syz.3.353 Not tainted syzkaller #0 PREEMPT(full) 
[  187.403238][ T7205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  187.403248][ T7205] Call Trace:
[  187.403255][ T7205]  <TASK>
[  187.403264][ T7205]  dump_stack_lvl+0x189/0x250
[  187.403300][ T7205]  ? __pfx____ratelimit+0x10/0x10
[  187.403322][ T7205]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.403341][ T7205]  ? __pfx__printk+0x10/0x10
[  187.403369][ T7205]  ? __pfx___might_resched+0x10/0x10
[  187.403395][ T7205]  should_fail_ex+0x414/0x560
[  187.403420][ T7205]  should_failslab+0xa8/0x100
[  187.403439][ T7205]  kmem_cache_alloc_node_noprof+0x77/0x710
[  187.403462][ T7205]  ? __alloc_skb+0x112/0x2d0
[  187.403491][ T7205]  __alloc_skb+0x112/0x2d0
[  187.403518][ T7205]  netlink_ack+0x146/0xa50
[  187.403539][ T7205]  ? __pfx_genl_rcv_msg+0x10/0x10
[  187.403556][ T7205]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  187.403576][ T7205]  ? __pfx_nl80211_post_doit+0x10/0x10
[  187.403609][ T7205]  netlink_rcv_skb+0x28c/0x470
[  187.403630][ T7205]  ? __lock_acquire+0xab9/0xd20
[  187.403659][ T7205]  ? __pfx_genl_rcv_msg+0x10/0x10
[  187.403679][ T7205]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  187.403721][ T7205]  ? down_read+0x1ad/0x2e0
[  187.403740][ T7205]  genl_rcv+0x28/0x40
[  187.403756][ T7205]  netlink_unicast+0x82f/0x9e0
[  187.403786][ T7205]  ? __pfx_netlink_unicast+0x10/0x10
[  187.403810][ T7205]  ? netlink_sendmsg+0x642/0xb30
[  187.403831][ T7205]  ? skb_put+0x11b/0x210
[  187.403849][ T7205]  netlink_sendmsg+0x805/0xb30
[  187.403883][ T7205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.403909][ T7205]  ? aa_sock_msg_perm+0xf1/0x1d0
[  187.403931][ T7205]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  187.403948][ T7205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.403972][ T7205]  __sock_sendmsg+0x21c/0x270
[  187.403995][ T7205]  ____sys_sendmsg+0x505/0x830
[  187.404018][ T7205]  ? __pfx_____sys_sendmsg+0x10/0x10
[  187.404045][ T7205]  ? import_iovec+0x74/0xa0
[  187.404065][ T7205]  ___sys_sendmsg+0x21f/0x2a0
[  187.404084][ T7205]  ? __pfx____sys_sendmsg+0x10/0x10
[  187.404139][ T7205]  ? __fget_files+0x2a/0x420
[  187.404153][ T7205]  ? __fget_files+0x3a0/0x420
[  187.404179][ T7205]  __x64_sys_sendmsg+0x19b/0x260
[  187.404199][ T7205]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  187.404234][ T7205]  ? do_syscall_64+0xbe/0xfa0
[  187.404259][ T7205]  do_syscall_64+0xfa/0xfa0
[  187.404282][ T7205]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.404297][ T7205]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  187.404312][ T7205]  ? clear_bhb_loop+0x60/0xb0
[  187.404332][ T7205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.404347][ T7205] RIP: 0033:0x7f222638eba9
[  187.404367][ T7205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.404380][ T7205] RSP: 002b:00007f22245f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.404402][ T7205] RAX: ffffffffffffffda RBX: 00007f22265d5fa0 RCX: 00007f222638eba9
[  187.404413][ T7205] RDX: 0000000000000850 RSI: 0000200000000240 RDI: 0000000000000003
[  187.404423][ T7205] RBP: 00007f22245f6090 R08: 0000000000000000 R09: 0000000000000000
[  187.404433][ T7205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.404443][ T7205] R13: 00007f22265d6038 R14: 00007f22265d5fa0 R15: 00007ffcc7bac778
[  187.404473][ T7205]  </TASK>
[  188.271450][ T7211] comedi comedi0: Minor 48 is invalid!
[  190.846017][ T7223] 9pnet_fd: Insufficient options for proto=fd
[  190.961444][ T5983] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  191.661128][ T5983] usb 5-1: Using ep0 maxpacket: 32
[  191.674105][ T5983] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.930523][ T5983] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.943970][ T5983] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  191.961084][ T5983] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  191.969547][ T5983] usb 5-1: Product: syz
[  192.012223][ T5983] usb 5-1: Manufacturer: syz
[  192.182186][ T5983] hub 5-1:4.0: USB hub found
[  193.601273][ T5884] Bluetooth: hci4: command 0x0c1a tx timeout
[  194.326948][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.867067][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  195.139657][ T5983] hub 5-1:4.0: config failed, can't read hub descriptor (err -22)
[  195.216350][ T5983] usb 5-1: USB disconnect, device number 3
[  195.443162][ T7244] hfsplus: Unknown parameter '|/Í@'
[  197.612097][ T7264] hsr0: entered promiscuous mode
[  198.074482][ T7266] overlay: ./file0 is not a directory
[  198.108393][ T7266] netlink: 24 bytes leftover after parsing attributes in process `syz.2.370'.
[  198.454059][   T30] audit: type=1326 audit(1758197102.934:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7272 comm="syz.1.372" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2394f8eba9 code=0x0
[  198.756100][ T7277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.373'.
[  199.747620][ T7296] netlink: 8 bytes leftover after parsing attributes in process `syz.0.378'.
[  201.117629][ T5953] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  201.481563][ T5953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.571679][ T5953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.820504][ T7318] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  201.830889][ T7318] hfsplus: unable to find HFS+ superblock
[  201.865513][ T5953] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  201.921445][ T5953] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  201.940791][ T5953] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.981489][ T5953] usb 1-1: config 0 descriptor??
[  202.577632][ T7325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.388'.
[  202.836609][ T7325] dummy0: entered promiscuous mode
[  202.859578][ T7325] dummy0: left promiscuous mode
[  203.820409][ T7342] hfsplus: Unknown parameter '|/Í@'
[  203.874363][ T5953] usbhid 1-1:0.0: can't add hid device: -71
[  204.016448][ T5955] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  204.045777][ T5953] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  204.190223][ T7347] 9pnet_fd: Insufficient options for proto=fd
[  204.771404][ T5953] usb 1-1: USB disconnect, device number 5
[  204.944749][ T5955] usb 2-1: Using ep0 maxpacket: 32
[  204.980414][ T5955] usb 2-1: unable to get BOS descriptor or descriptor too short
[  205.036677][ T5955] usb 2-1: config 5 has an invalid interface number: 52 but max is 0
[  205.045178][ T5955] usb 2-1: config 5 has no interface number 0
[  205.061147][ T5955] usb 2-1: config 5 interface 52 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[  205.123972][ T5955] usb 2-1: string descriptor 0 read error: -22
[  205.130920][ T5955] usb 2-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=51.58
[  205.257254][ T7354] overlayfs: failed to resolve './file0': -2
[  205.647943][ T5955] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.686691][ T7339] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  205.797523][ T5955] aircable 2-1:5.52: aircable converter detected
[  205.862134][ T5955] usb 2-1: aircable converter now attached to ttyUSB0
[  205.929796][ T7362] netlink: 16 bytes leftover after parsing attributes in process `syz.2.399'.
[  205.994730][ T7366] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  206.208108][ T5953] usb 2-1: USB disconnect, device number 4
[  206.258434][ T5953] aircable ttyUSB0: aircable converter now disconnected from ttyUSB0
[  206.300431][ T5953] aircable 2-1:5.52: device disconnected
[  206.522629][ T7374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.403'.
[  206.533731][ T7374] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  206.811182][ T5918] libceph: mon0 (1)[c::]:6789 socket closed (con state V1_BANNER)
[  207.321051][ T7389] Bluetooth: MGMT ver 1.23
[  207.340845][ T7389] EXT4-fs: Ignoring removed bh option
[  207.346507][ T7389] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.353634][ T7389] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 1
[  207.363150][ T7389] EXT4-fs (loop4): unable to read superblock
[  207.742082][ T7387] 9pnet_fd: Insufficient options for proto=fd
[  207.800221][ T7376] ceph: No mds server is up or the cluster is laggy
[  208.118480][ T5918] libceph: mon0 (1)[c::]:6789 socket closed (con state V1_BANNER)
[  209.364263][ T7403] fuse: Bad value for 'user_id'
[  209.370186][ T7403] fuse: Bad value for 'user_id'
[  209.410159][ T7403] overlayfs: overlapping lowerdir path
[  209.567734][ T7403] overlayfs: overlapping lowerdir path
[  209.756185][ T5955] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  209.911778][ T7412] netlink: 996 bytes leftover after parsing attributes in process `syz.1.411'.
[  209.921830][ T7412] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.929785][ T7412] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.997404][ T5955] usb 1-1: Using ep0 maxpacket: 8
[  210.239091][ T5955] usb 1-1: New USB device found, idVendor=0fe9, idProduct=db01, bcdDevice=e9.9b
[  210.278957][ T5955] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.309498][ T5955] usb 1-1: Product: syz
[  210.317138][ T5955] usb 1-1: Manufacturer: syz
[  210.338359][ T5955] usb 1-1: SerialNumber: syz
[  210.349074][ T5955] usb 1-1: config 0 descriptor??
[  210.489991][ T5955] dvb-usb: found a 'DViCO FusionHDTV DVB-T USB (LGZ201)' in warm state.
[  210.753067][ T5955] dvb-usb: bulk message failed: -22 (2/0)
[  210.796110][ T5955] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  210.818653][ T5955] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T USB (LGZ201))
[  210.833042][ T7423] netlink: 8 bytes leftover after parsing attributes in process `syz.4.415'.
[  210.845221][ T7423] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  210.879252][ T5955] usb 1-1: media controller created
[  210.976510][ T5955] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  211.021201][ T5955] cxusb: set interface failed
[  211.028198][ T5955] dvb-usb: bulk message failed: -22 (1/0)
[  211.103805][ T5955] DVB: Unable to find symbol mt352_attach()
[  211.113047][ T5955] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T USB (LGZ201)'
[  211.201558][ T5955] rc_core: IR keymap rc-dvico-portable not found
[  211.207925][ T5955] Registered IR keymap rc-empty
[  211.359658][ T5955] rc rc0: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[  211.378527][ T5955] input: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input8
[  211.398545][ T5955] dvb-usb: schedule remote query interval to 100 msecs.
[  211.407982][ T5955] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully initialized and connected.
[  211.977350][ T5931] dvb-usb: bulk message failed: -22 (1/0)
[  212.045502][ T5955] usb 1-1: USB disconnect, device number 6
[  212.286503][ T7452] overlayfs: failed to resolve './file0': -2
[  212.421297][   T43] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  212.461942][ T5955] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully deinitialized and disconnected.
[  212.629553][ T7461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.426'.
[  212.648736][   T43] usb 3-1: Using ep0 maxpacket: 16
[  212.658413][   T43] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  212.671633][   T43] usb 3-1: config 0 has no interface number 0
[  212.684580][   T43] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  212.687998][ T7461] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  212.703978][   T43] usb 3-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[  212.721454][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.737252][   T43] usb 3-1: Product: syz
[  212.743921][   T43] usb 3-1: Manufacturer: syz
[  212.748997][   T43] usb 3-1: SerialNumber: syz
[  212.761943][   T43] usb 3-1: config 0 descriptor??
[  212.792763][   T43] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  212.856124][ T7467] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  212.865590][ T5955] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  212.870506][   T43] snd-usb-audio 3-1:0.1: probe with driver snd-usb-audio failed with error -2
[  212.910264][ T5869] udevd[5869]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  212.941125][ T5983] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  213.212511][ T5983] usb 5-1: Using ep0 maxpacket: 8
[  213.220574][ T5983] usb 5-1: unable to get BOS descriptor or descriptor too short
[  213.237777][ T5983] usb 5-1: config 8 has an invalid interface number: 121 but max is 0
[  213.247023][ T5983] usb 5-1: config 8 has no interface number 0
[  213.253734][ T5983] usb 5-1: config 8 interface 121 has no altsetting 0
[  213.267282][ T5983] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=f0.98
[  213.320387][ T5983] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.388755][ T5983] usb 5-1: Product: syz
[  213.399892][ T5983] usb 5-1: Manufacturer: syz
[  213.413480][ T5983] usb 5-1: SerialNumber: syz
[  214.002144][ T5983] radio-si470x 5-1:8.121: this is not a si470x device.
[  214.194269][ T5983] radio-raremono 5-1:8.121: this is not Thanko's Raremono.
[  214.715676][ T5983] usb 5-1: USB disconnect, device number 4
[  214.767725][ T6019] usb 3-1: USB disconnect, device number 11
[  215.434245][ T7490] FAULT_INJECTION: forcing a failure.
[  215.434245][ T7490] name failslab, interval 1, probability 0, space 0, times 0
[  215.447804][ T7490] CPU: 0 UID: 0 PID: 7490 Comm: syz.2.435 Not tainted syzkaller #0 PREEMPT(full) 
[  215.447828][ T7490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  215.447837][ T7490] Call Trace:
[  215.447844][ T7490]  <TASK>
[  215.447849][ T7490]  dump_stack_lvl+0x189/0x250
[  215.447864][ T7490]  ? __pfx____ratelimit+0x10/0x10
[  215.447877][ T7490]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.447887][ T7490]  ? __pfx__printk+0x10/0x10
[  215.447901][ T7490]  ? __pfx___might_resched+0x10/0x10
[  215.447917][ T7490]  should_fail_ex+0x414/0x560
[  215.447931][ T7490]  should_failslab+0xa8/0x100
[  215.447941][ T7490]  __kmalloc_cache_noprof+0x6f/0x6f0
[  215.447954][ T7490]  ? io_uring_alloc_task_context+0xa0/0x570
[  215.447967][ T7490]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  215.447979][ T7490]  io_uring_alloc_task_context+0xa0/0x570
[  215.447991][ T7490]  ? __lock_acquire+0xab9/0xd20
[  215.448004][ T7490]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[  215.448021][ T7490]  __io_uring_add_tctx_node+0x33e/0x4e0
[  215.448033][ T7490]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[  215.448042][ T7490]  ? __fget_files+0x2a/0x420
[  215.448052][ T7490]  ? __fget_files+0x2a/0x420
[  215.448061][ T7490]  __io_uring_add_tctx_node_from_submit+0x91/0x120
[  215.448072][ T7490]  __se_sys_io_uring_enter+0x24fc/0x2b20
[  215.448091][ T7490]  ? trace_sched_exit_tp+0x36/0x110
[  215.448101][ T7490]  ? __schedule+0x17ae/0x4cc0
[  215.448114][ T7490]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  215.448133][ T7490]  ? __pfx___schedule+0x10/0x10
[  215.448146][ T7490]  ? irqentry_exit+0x74/0x90
[  215.448159][ T7490]  ? lockdep_hardirqs_on+0x9c/0x150
[  215.448173][ T7490]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  215.448184][ T7490]  do_syscall_64+0xfa/0xfa0
[  215.448197][ T7490]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.448205][ T7490]  ? asm_sysvec_call_function_single+0x1a/0x20
[  215.448214][ T7490]  ? clear_bhb_loop+0x60/0xb0
[  215.448225][ T7490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.448233][ T7490] RIP: 0033:0x7fd80398eba9
[  215.448243][ T7490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.448250][ T7490] RSP: 002b:00007fd8047b9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  215.448261][ T7490] RAX: ffffffffffffffda RBX: 00007fd803bd6090 RCX: 00007fd80398eba9
[  215.448267][ T7490] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000004
[  215.448273][ T7490] RBP: 00007fd8047b9090 R08: 0000000000000000 R09: 0000000000000000
[  215.448278][ T7490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.448283][ T7490] R13: 00007fd803bd6128 R14: 00007fd803bd6090 R15: 00007ffefb904b68
[  215.448298][ T7490]  </TASK>
[  216.408195][ T7498] hfsplus: Unknown parameter '|/Í@'
[  216.596927][ T7494] overlayfs: failed to resolve './file0': -2
[  216.728519][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.2.439'.
[  216.738939][ T7501] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  217.361248][ T5983] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  217.500683][ T5955] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  217.543006][ T5983] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  217.711495][ T5983] usb 4-1: config 1 has no interface number 0
[  217.741143][ T5983] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  217.771768][ T5983] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  217.831793][ T5983] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  217.851158][ T5983] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  217.854335][ T5955] usb 2-1: Using ep0 maxpacket: 8
[  217.878013][ T5983] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  217.893368][ T5983] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  217.904551][ T5955] usb 2-1: config 0 has an invalid interface number: 4 but max is 0
[  217.922955][ T5983] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.966072][ T5983] usb 4-1: Product: syz
[  217.968453][ T5955] usb 2-1: config 0 has no interface number 0
[  217.982786][ T5983] usb 4-1: Manufacturer: syz
[  218.001749][ T5955] usb 2-1: New USB device found, idVendor=2020, idProduct=2033, bcdDevice=be.17
[  218.016023][ T5983] usb 4-1: SerialNumber: syz
[  218.016091][ T5955] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.104843][ T5955] usb 2-1: Product: syz
[  218.116838][ T5955] usb 2-1: Manufacturer: syz
[  218.130846][ T5955] usb 2-1: SerialNumber: syz
[  218.166631][ T5955] usb 2-1: config 0 descriptor??
[  218.202862][ T7508] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  218.641662][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.447'.
[  218.642419][ T7508] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  218.728132][ T7527] netlink: 16 bytes leftover after parsing attributes in process `syz.4.448'.
[  218.903545][ T7508] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  219.368084][ T7508] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  219.472643][ T5983] cdc_ncm 4-1:1.1: bind() failure
[  219.595249][ T7508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.604689][ T7508] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.616098][ T5983] usb 4-1: USB disconnect, device number 9
[  219.904716][ T7545] FAULT_INJECTION: forcing a failure.
[  219.904716][ T7545] name failslab, interval 1, probability 0, space 0, times 0
[  219.917918][ T7545] CPU: 1 UID: 0 PID: 7545 Comm: syz.4.454 Not tainted syzkaller #0 PREEMPT(full) 
[  219.917941][ T7545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  219.917951][ T7545] Call Trace:
[  219.917958][ T7545]  <TASK>
[  219.917966][ T7545]  dump_stack_lvl+0x189/0x250
[  219.917989][ T7545]  ? __pfx____ratelimit+0x10/0x10
[  219.918010][ T7545]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.918028][ T7545]  ? __pfx__printk+0x10/0x10
[  219.918046][ T7545]  ? kasan_save_track+0x4f/0x80
[  219.918069][ T7545]  ? dst_alloc+0x105/0x170
[  219.918086][ T7545]  ? fib6_rule_lookup+0x52f/0x6f0
[  219.918105][ T7545]  ? ip6_route_input+0x6de/0xad0
[  219.918122][ T7545]  ? ip6_rcv_finish+0x141/0x2e0
[  219.918143][ T7545]  ? __netif_receive_skb+0xd3/0x380
[  219.918163][ T7545]  ? netif_receive_skb+0x1cb/0x790
[  219.918180][ T7545]  ? tun_rx_batched+0x1b9/0x730
[  219.918198][ T7545]  ? tun_get_user+0x2aa2/0x3e20
[  219.918215][ T7545]  ? tun_chr_write_iter+0x113/0x200
[  219.918237][ T7545]  should_fail_ex+0x414/0x560
[  219.918262][ T7545]  should_failslab+0xa8/0x100
[  219.918279][ T7545]  __kmalloc_node_noprof+0xd2/0x800
[  219.918308][ T7545]  ? alloc_slab_obj_exts+0x3d/0xc0
[  219.918335][ T7545]  alloc_slab_obj_exts+0x3d/0xc0
[  219.918356][ T7545]  __memcg_slab_post_alloc_hook+0x31d/0x7d0
[  219.918396][ T7545]  kmem_cache_alloc_noprof+0x417/0x6e0
[  219.918418][ T7545]  ? dst_alloc+0x105/0x170
[  219.918436][ T7545]  ? __pfx_ip6_dst_gc+0x10/0x10
[  219.918455][ T7545]  dst_alloc+0x105/0x170
[  219.918478][ T7545]  ip6_pol_route+0xa21/0x1180
[  219.918496][ T7545]  ? ip6_pol_route+0x162/0x1180
[  219.918519][ T7545]  ? __pfx_ip6_pol_route+0x10/0x10
[  219.918537][ T7545]  ? __lock_acquire+0xab9/0xd20
[  219.918575][ T7545]  fib6_rule_lookup+0x52f/0x6f0
[  219.918596][ T7545]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  219.918615][ T7545]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  219.918639][ T7545]  ? __skb_flow_dissect+0x5ef8/0x68b0
[  219.918672][ T7545]  ip6_route_input+0x6de/0xad0
[  219.918698][ T7545]  ? __pfx_ip6_route_input+0x10/0x10
[  219.918726][ T7545]  ? __lock_acquire+0xab9/0xd20
[  219.918763][ T7545]  ? ip6_rcv_finish_core+0x222/0x420
[  219.918787][ T7545]  ip6_rcv_finish+0x141/0x2e0
[  219.918811][ T7545]  NF_HOOK+0x30c/0x3a0
[  219.918830][ T7545]  ? skb_orphan+0x4f/0xd0
[  219.918853][ T7545]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  219.918874][ T7545]  ? NF_HOOK+0x9a/0x3a0
[  219.918895][ T7545]  ? __pfx_NF_HOOK+0x10/0x10
[  219.918920][ T7545]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  219.918953][ T7545]  __netif_receive_skb+0xd3/0x380
[  219.918981][ T7545]  ? netif_receive_skb+0x115/0x790
[  219.919000][ T7545]  netif_receive_skb+0x1cb/0x790
[  219.919020][ T7545]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  219.919044][ T7545]  ? __pfx_netif_receive_skb+0x10/0x10
[  219.919069][ T7545]  ? tun_rx_batched+0x160/0x730
[  219.919091][ T7545]  tun_rx_batched+0x1b9/0x730
[  219.919109][ T7545]  ? __lock_acquire+0xab9/0xd20
[  219.919133][ T7545]  ? __pfx_tun_rx_batched+0x10/0x10
[  219.919157][ T7545]  ? tun_get_user+0x266c/0x3e20
[  219.919191][ T7545]  tun_get_user+0x2aa2/0x3e20
[  219.919219][ T7545]  ? tun_get_user+0x6f6/0x3e20
[  219.919240][ T7545]  ? tun_get_user+0x266c/0x3e20
[  219.919264][ T7545]  ? aa_file_perm+0x44d/0x1550
[  219.919285][ T7545]  ? __pfx_tun_get_user+0x10/0x10
[  219.919334][ T7545]  ? ref_tracker_alloc+0x318/0x460
[  219.919352][ T7545]  ? __lock_acquire+0xab9/0xd20
[  219.919373][ T7545]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  219.919397][ T7545]  ? tun_get+0x1c/0x2f0
[  219.919421][ T7545]  ? tun_get+0x1c/0x2f0
[  219.919440][ T7545]  ? tun_get+0x1c/0x2f0
[  219.919464][ T7545]  tun_chr_write_iter+0x113/0x200
[  219.919486][ T7545]  vfs_write+0x5c9/0xb30
[  219.919513][ T7545]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  219.919532][ T7545]  ? __pfx_vfs_write+0x10/0x10
[  219.919566][ T7545]  ? __fget_files+0x2a/0x420
[  219.919592][ T7545]  ksys_write+0x145/0x250
[  219.919617][ T7545]  ? __pfx_ksys_write+0x10/0x10
[  219.919643][ T7545]  ? do_syscall_64+0xbe/0xfa0
[  219.919669][ T7545]  do_syscall_64+0xfa/0xfa0
[  219.919692][ T7545]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.919708][ T7545]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  219.919723][ T7545]  ? clear_bhb_loop+0x60/0xb0
[  219.919744][ T7545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.919760][ T7545] RIP: 0033:0x7fd49138d65f
[  219.919775][ T7545] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  219.919788][ T7545] RSP: 002b:00007fd4922c1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  219.919805][ T7545] RAX: ffffffffffffffda RBX: 00007fd4915d5fa0 RCX: 00007fd49138d65f
[  219.919817][ T7545] RDX: 000000000000009e RSI: 0000200000003680 RDI: 00000000000000c8
[  219.919827][ T7545] RBP: 00007fd4922c1090 R08: 0000000000000000 R09: 0000000000000000
[  219.919836][ T7545] R10: 000000000000009e R11: 0000000000000293 R12: 0000000000000001
[  219.919845][ T7545] R13: 00007fd4915d6038 R14: 00007fd4915d5fa0 R15: 00007fff23a4deb8
[  219.919875][ T7545]  </TASK>
[  220.424082][   T10] usb 2-1: USB disconnect, device number 5
[  220.591120][ T5931] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  220.755860][ T5931] usb 3-1: Using ep0 maxpacket: 8
[  220.916427][ T5931] usb 3-1: unable to get BOS descriptor or descriptor too short
[  220.930318][ T5931] usb 3-1: config 2 has an invalid interface number: 194 but max is 0
[  220.955568][ T5931] usb 3-1: config 2 has no interface number 0
[  220.972775][ T5931] usb 3-1: config 2 interface 194 has no altsetting 0
[  220.982359][ T5931] usb 3-1: New USB device found, idVendor=06cb, idProduct=0002, bcdDevice=22.b9
[  221.061321][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.085475][ T5931] usb 3-1: Product: syz
[  221.090528][ T5931] usb 3-1: Manufacturer: syz
[  221.100342][ T5931] usb 3-1: SerialNumber: syz
[  221.256808][ T7551] ntfs3(loop4): try to read out of volume at offset 0x0
[  221.419638][ T5931] usb 3-1: selecting invalid altsetting 1
[  221.436649][ T5931] usb 3-1: Can not set alternate setting to 1, error: -22
[  221.444532][ T5931] synaptics_usb 3-1:2.194: probe with driver synaptics_usb failed with error -22
[  221.458367][ T5931] usb 3-1: USB disconnect, device number 12
[  221.811112][ T5983] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  221.973848][ T5983] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  221.986638][ T5983] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  221.996539][ T5983] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.010028][ T5983] usb 1-1: config 0 descriptor??
[  222.026643][ T7567] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  222.171591][ T5931] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  222.204837][ T7575] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  222.311673][ T5931] usb 3-1: device descriptor read/64, error -71
[  222.451339][   T43] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  222.571121][ T5931] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  222.692071][ T7584] warning: `syz.4.468' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  222.735367][ T5931] usb 3-1: device descriptor read/64, error -71
[  222.851423][ T5931] usb usb3-port1: attempt power cycle
[  222.874889][ T7567] mkiss: ax0: crc mode is auto.
[  222.930780][   T43] usb 2-1: Using ep0 maxpacket: 16
[  222.966383][ T7584] vfat: Unknown parameter '01777777777777777777777'
[  222.972216][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.987436][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.997414][   T43] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  223.007403][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.026645][   T43] usb 2-1: config 0 descriptor??
[  223.688244][ T5931] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  223.731612][   T43] ntrig 0003:1B96:0008.0001: unbalanced delimiter at end of report description
[  223.742884][ T5931] usb 3-1: device descriptor read/8, error -71
[  223.743808][   T43] ntrig 0003:1B96:0008.0001: parse failed
[  223.760996][   T43] ntrig 0003:1B96:0008.0001: probe with driver ntrig failed with error -22
[  224.015018][ T5931] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  224.114790][ T5931] usb 3-1: device descriptor read/8, error -71
[  224.255279][ T5931] usb usb3-port1: unable to enumerate USB device
[  224.942382][   T30] audit: type=1800 audit(1758197129.364:29): pid=7597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.466" name="file1" dev="overlay" ino=483 res=0 errno=0
[  225.354441][ T5983] usbhid 1-1:0.0: can't add hid device: -71
[  225.368323][ T5983] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  225.962280][ T5983] usb 1-1: USB disconnect, device number 8
[  226.221897][   T10] usb 2-1: USB disconnect, device number 6
[  226.638403][   T10] IPVS: starting estimator thread 0...
[  226.656539][ T7630] xt_l2tp: invalid flags combination: 8
[  226.791500][ T7631] IPVS: using max 27 ests per chain, 64800 per kthread
[  227.551130][   T10] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  227.761401][   T10] usb 2-1: Using ep0 maxpacket: 16
[  227.777486][   T10] usb 2-1: config index 0 descriptor too short (expected 65, got 36)
[  228.016811][ T7655] capability: warning: `syz.4.486' uses 32-bit capabilities (legacy support in use)
[  228.353034][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.365205][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.389829][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  228.411874][   T10] usb 2-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  228.422586][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.437092][   T10] usb 2-1: config 0 descriptor??
[  228.451813][   T10] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input9
[  228.505056][ T5219] pxrc 2-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  228.660389][ T7634] pim6reg527: entered allmulticast mode
[  228.669942][ T7634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.441926][ T7634] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.493805][ T5219] pxrc 2-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  229.502114][   T10] usb 2-1: USB disconnect, device number 7
[  229.543328][   T30] audit: type=1326 audit(1758197134.024:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.2.491" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd80398eba9 code=0x0
[  229.583520][ T7675] netlink: 132 bytes leftover after parsing attributes in process `syz.0.493'.
[  229.645194][ T7675] FAULT_INJECTION: forcing a failure.
[  229.645194][ T7675] name failslab, interval 1, probability 0, space 0, times 0
[  229.658016][ T7675] CPU: 0 UID: 0 PID: 7675 Comm: syz.0.493 Not tainted syzkaller #0 PREEMPT(full) 
[  229.658031][ T7675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  229.658037][ T7675] Call Trace:
[  229.658042][ T7675]  <TASK>
[  229.658047][ T7675]  dump_stack_lvl+0x189/0x250
[  229.658063][ T7675]  ? __pfx____ratelimit+0x10/0x10
[  229.658076][ T7675]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.658086][ T7675]  ? __pfx__printk+0x10/0x10
[  229.658102][ T7675]  ? __pfx___might_resched+0x10/0x10
[  229.658114][ T7675]  ? fs_reclaim_acquire+0x7d/0x100
[  229.658125][ T7675]  should_fail_ex+0x414/0x560
[  229.658139][ T7675]  should_failslab+0xa8/0x100
[  229.658150][ T7675]  kmem_cache_alloc_node_noprof+0x77/0x710
[  229.658163][ T7675]  ? __alloc_skb+0x112/0x2d0
[  229.658175][ T7675]  ? __rt6_find_exception_rcu+0x127/0x4c0
[  229.658192][ T7675]  __alloc_skb+0x112/0x2d0
[  229.658207][ T7675]  alloc_skb_with_frags+0xca/0x890
[  229.658216][ T7675]  ? __local_bh_enable_ip+0x12d/0x1c0
[  229.658228][ T7675]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.658246][ T7675]  sock_alloc_send_pskb+0x84d/0x980
[  229.658266][ T7675]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  229.658282][ T7675]  ? fib6_rule_lookup+0x3a1/0x6f0
[  229.658295][ T7675]  __ip6_append_data+0x2b43/0x3f30
[  229.658307][ T7675]  ? __lock_acquire+0xab9/0xd20
[  229.658330][ T7675]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  229.658352][ T7675]  ? __pfx___ip6_append_data+0x10/0x10
[  229.658362][ T7675]  ? __pfx_ip6_mtu+0x10/0x10
[  229.658378][ T7675]  ip6_append_data+0x1c4/0x380
[  229.658392][ T7675]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  229.658424][ T7675]  l2tp_ip6_sendmsg+0x1286/0x17c0
[  229.658442][ T7675]  ? __pfx_l2tp_ip6_sendmsg+0x10/0x10
[  229.658462][ T7675]  ? __pfx_aa_sk_perm+0x10/0x10
[  229.658472][ T7675]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[  229.658489][ T7675]  ? inet_sendmsg+0x2f4/0x370
[  229.658500][ T7675]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  229.658511][ T7675]  __sock_sendmsg+0x19c/0x270
[  229.658525][ T7675]  ____sys_sendmsg+0x52d/0x830
[  229.658538][ T7675]  ? __pfx_____sys_sendmsg+0x10/0x10
[  229.658552][ T7675]  ? import_iovec+0x74/0xa0
[  229.658563][ T7675]  ___sys_sendmsg+0x21f/0x2a0
[  229.658574][ T7675]  ? __pfx____sys_sendmsg+0x10/0x10
[  229.658602][ T7675]  ? __fget_files+0x2a/0x420
[  229.658610][ T7675]  ? __fget_files+0x3a0/0x420
[  229.658624][ T7675]  __sys_sendmmsg+0x227/0x430
[  229.658636][ T7675]  ? __pfx___sys_sendmmsg+0x10/0x10
[  229.658651][ T7675]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  229.658673][ T7675]  ? ksys_write+0x22a/0x250
[  229.658687][ T7675]  ? __pfx_ksys_write+0x10/0x10
[  229.658702][ T7675]  __x64_sys_sendmmsg+0xa0/0xc0
[  229.658713][ T7675]  do_syscall_64+0xfa/0xfa0
[  229.658725][ T7675]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.658737][ T7675]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.658745][ T7675]  ? clear_bhb_loop+0x60/0xb0
[  229.658757][ T7675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.658766][ T7675] RIP: 0033:0x7f5e9378eba9
[  229.658776][ T7675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.658784][ T7675] RSP: 002b:00007f5e94625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  229.658795][ T7675] RAX: ffffffffffffffda RBX: 00007f5e939d5fa0 RCX: 00007f5e9378eba9
[  229.658802][ T7675] RDX: 17fd147c801ae9ab RSI: 0000200000000ac0 RDI: 0000000000000007
[  229.658808][ T7675] RBP: 00007f5e94625090 R08: 0000000000000000 R09: 0000000000000000
[  229.658813][ T7675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.658818][ T7675] R13: 00007f5e939d6038 R14: 00007f5e939d5fa0 R15: 00007ffc40b7b128
[  229.658834][ T7675]  </TASK>
[  230.177530][ T7685] sctp: [Deprecated]: syz.3.496 (pid 7685) Use of struct sctp_assoc_value in delayed_ack socket option.
[  230.177530][ T7685] Use struct sctp_sack_info instead
[  230.485622][   T43] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  230.787127][ T7696] comedi comedi0: Minor 48 is invalid!
[  231.362657][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  231.491229][   T43] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  231.504663][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.548946][   T43] usb 1-1: config 0 descriptor??
[  231.560888][ T7679] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  231.619352][ T7699] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  231.628471][ T7699] overlayfs: missing 'lowerdir'
[  231.826778][   T43] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[  231.834232][   T43] elan 0003:04F3:0755.0002: item fetching failed at offset 3/5
[  231.843407][   T43] elan 0003:04F3:0755.0002: Hid Parse failed
[  231.850023][   T43] elan 0003:04F3:0755.0002: probe with driver elan failed with error -22
[  232.395602][ T7679] netlink: 20 bytes leftover after parsing attributes in process `syz.0.495'.
[  232.491719][ T7679] geneve2: entered promiscuous mode
[  232.588667][   T43] usb 1-1: USB disconnect, device number 9
[  232.813342][ T7715] netlink: 20 bytes leftover after parsing attributes in process `syz.0.505'.
[  232.934138][ T7715] Bluetooth: MGMT ver 1.23
[  233.186825][ T7723] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  233.688985][ T7733] comedi comedi0: Minor 48 is invalid!
[  234.575918][ T7736] gfs2: fsid=norecovery: Trying to join cluster "lock_nolock", "norecovery"
[  234.584898][ T7736] gfs2: fsid=norecovery: Now mounting FS (format 0)...
[  234.595521][ T7736] I/O error, dev loop0, sector 128 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 1
[  234.605381][ T7736] gfs2: error -5 reading superblock
[  234.610603][ T7736] gfs2: fsid=norecovery: can't read superblock
[  234.616797][ T7736] gfs2: fsid=norecovery: can't read superblock: -5
[  234.972456][ T5884] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  234.991575][ T5884] Bluetooth: hci2: command 0x0c1a tx timeout
[  235.147592][ T7745] comedi comedi0: Minor 48 is invalid!
[  235.901467][ T5918] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  236.211213][ T5918] usb 5-1: device descriptor read/64, error -71
[  236.461113][ T5918] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  238.366686][ T7778] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  239.031715][ T7795] 9pnet_fd: Insufficient options for proto=fd
[  239.785327][ T7802] netlink: 4 bytes leftover after parsing attributes in process `syz.4.527'.
[  239.826287][ T7802] netlink: 4 bytes leftover after parsing attributes in process `syz.4.527'.
[  239.923099][ T7803] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  240.026231][ T7803] netdevsim netdevsim4 netdevsim0: refused to change device tx_queue_len
[  240.961988][ T7819] netlink: 'syz.1.533': attribute type 10 has an invalid length.
[  241.152302][ T7819] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.159975][ T7819] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.169046][ T7819] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.176833][ T7819] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.401488][ T7827] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  241.557281][ T7827] qnx6: wrong signature (magic) in superblock #1.
[  241.560155][ T7819] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  241.620650][ T7827] qnx6: unable to read the first superblock
[  242.673890][ T7819] netlink: 12 bytes leftover after parsing attributes in process `syz.1.533'.
[  242.979276][ T7846] 9pnet_fd: Insufficient options for proto=fd
[  244.065413][ T7848] NILFS (loop2): device size too small
[  244.879663][ T7855] overlayfs: failed to resolve './file0': -2
[  245.227225][ T7868] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  245.469137][ T7865] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  245.514290][ T7865] FAT-fs (loop1): unable to read boot sector
[  246.484913][ T7877] cifs: Unknown parameter 'Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õë�ï1:ºÃÃÓ­'Ä4,�Zz-#FÇ<æõ]%gCžÊ
[  246.484913][ T7877] SÃȘØÈžZ§6ŸÂ'
[  246.691930][ T7885] fuse: Bad value for 'user_id'
[  246.718901][ T7885] fuse: Bad value for 'user_id'
[  246.730986][ T7887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.555'.
[  246.768729][ T7887] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.777047][ T7887] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.931289][  T983] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  247.131254][  T983] usb 3-1: Using ep0 maxpacket: 8
[  247.209305][  T983] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.380743][  T983] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.404222][  T983] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  247.413830][  T983] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.497918][  T983] usb 3-1: config 0 descriptor??
[  247.900598][ T7924] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  247.945314][  T983] usbhid 3-1:0.0: can't add hid device: -71
[  247.967443][  T983] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  247.970199][ T7927] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  247.996106][  T983] usb 3-1: USB disconnect, device number 17
[  248.043056][ T7929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.567'.
[  248.155803][ T7929] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.163552][ T7929] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.509557][ T7960] netlink: 148 bytes leftover after parsing attributes in process `syz.1.575'.
[  250.518723][ T7960] netlink: 152 bytes leftover after parsing attributes in process `syz.1.575'.
[  251.144350][ T7971] nfs: Unknown parameter 'À'
[  251.313905][ T7982] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  251.364422][ T7985] netlink: 12 bytes leftover after parsing attributes in process `syz.2.584'.
[  252.085946][ T7998] EXT4-fs: Ignoring removed nomblk_io_submit option
[  252.129904][ T7998] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  252.139735][ T7998] EXT4-fs (loop4): unable to read superblock
[  252.200355][ T8004] tmpfs: Bad value for 'mpol'
[  252.234192][ T8008] netlink: 'syz.3.589': attribute type 6 has an invalid length.
[  253.648788][ T8028] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  253.679338][ T8028] lo speed is unknown, defaulting to 1000
[  253.693596][ T8028] lo speed is unknown, defaulting to 1000
[  253.736271][ T8028] lo speed is unknown, defaulting to 1000
[  254.789968][ T8042] overlayfs: failed to resolve './file0': -2
[  255.021666][ T5918] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  255.224869][ T8028] infiniband syz2: set active
[  255.231744][ T5955] lo speed is unknown, defaulting to 1000
[  255.238048][ T5918] usb 3-1: Using ep0 maxpacket: 16
[  255.353209][ T5918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  255.372107][ T8028] infiniband syz2: added lo
[  255.380442][ T8028] syz2: rxe_create_cq: returned err = -12
[  255.386766][ T8028] infiniband syz2: Couldn't create ib_mad CQ
[  255.388979][ T5918] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  255.393314][ T8028] infiniband syz2: Couldn't open port 1
[  255.944426][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.951343][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.959830][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  255.969307][ T5918] usb 3-1: Product: syz
[  255.976323][ T5918] usb 3-1: Manufacturer: syz
[  255.981122][ T5918] usb 3-1: SerialNumber: syz
[  255.993550][ T5918] usb 3-1: config 0 descriptor??
[  256.010821][ T5918] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  256.029021][ T5918] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  256.070336][ T8028] RDS/IB: syz2: added
[  256.076917][ T8055] FAULT_INJECTION: forcing a failure.
[  256.076917][ T8055] name failslab, interval 1, probability 0, space 0, times 0
[  256.092118][ T8028] smc: adding ib device syz2 with port count 1
[  256.098518][ T8028] smc:    ib device syz2 port 1 has no pnetid
[  256.105119][ T8055] CPU: 0 UID: 0 PID: 8055 Comm: syz.4.602 Not tainted syzkaller #0 PREEMPT(full) 
[  256.105141][ T8055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  256.105151][ T8055] Call Trace:
[  256.105158][ T8055]  <TASK>
[  256.105165][ T8055]  dump_stack_lvl+0x189/0x250
[  256.105189][ T8055]  ? __pfx____ratelimit+0x10/0x10
[  256.105212][ T8055]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.105231][ T8055]  ? __pfx__printk+0x10/0x10
[  256.105259][ T8055]  ? __pfx___might_resched+0x10/0x10
[  256.105286][ T8055]  should_fail_ex+0x414/0x560
[  256.105311][ T8055]  should_failslab+0xa8/0x100
[  256.105330][ T8055]  __kmalloc_noprof+0xcb/0x7f0
[  256.105352][ T8055]  ? kfree+0x4d/0x6d0
[  256.105369][ T8055]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  256.105396][ T8055]  tomoyo_realpath_from_path+0xe3/0x5d0
[  256.105419][ T8055]  ? tomoyo_domain+0xd9/0x130
[  256.105443][ T8055]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  256.105460][ T8055]  tomoyo_path_number_perm+0x1e8/0x5a0
[  256.105480][ T8055]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  256.105537][ T8055]  ? __fget_files+0x2a/0x420
[  256.105557][ T8055]  ? __fget_files+0x3a0/0x420
[  256.105571][ T8055]  ? __fget_files+0x2a/0x420
[  256.105591][ T8055]  security_file_ioctl+0xcb/0x2d0
[  256.105610][ T8055]  __se_sys_ioctl+0x47/0x170
[  256.105634][ T8055]  do_syscall_64+0xfa/0xfa0
[  256.105655][ T8055]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.105677][ T8055]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.105704][ T8055]  ? clear_bhb_loop+0x60/0xb0
[  256.105725][ T8055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.105741][ T8055] RIP: 0033:0x7fd49138eba9
[  256.105756][ T8055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.105770][ T8055] RSP: 002b:00007fd4922c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.105787][ T8055] RAX: ffffffffffffffda RBX: 00007fd4915d5fa0 RCX: 00007fd49138eba9
[  256.105799][ T8055] RDX: 0000000000000000 RSI: 0000000000005201 RDI: 0000000000000003
[  256.105809][ T8055] RBP: 00007fd4922c1090 R08: 0000000000000000 R09: 0000000000000000
[  256.105818][ T8055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.105828][ T8055] R13: 00007fd4915d6038 R14: 00007fd4915d5fa0 R15: 00007fff23a4deb8
[  256.105856][ T8055]  </TASK>
[  256.105864][ T8055] ERROR: Out of memory at tomoyo_realpath_from_path.
[  256.174126][  T983] lo speed is unknown, defaulting to 1000
[  256.354701][ T8028] lo speed is unknown, defaulting to 1000
[  256.959716][ T8071] netlink: 28 bytes leftover after parsing attributes in process `syz.4.606'.
[  256.968779][ T8071] netlink: 28 bytes leftover after parsing attributes in process `syz.4.606'.
[  257.507945][ T5918] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  257.687869][ T5918] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  257.883411][ T5918] em28xx 3-1:0.0: board has no eeprom
[  258.494328][ T5918] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  258.587327][ T5918] em28xx 3-1:0.0: dvb set to bulk mode.
[  258.599691][  T983] em28xx 3-1:0.0: Binding DVB extension
[  259.122766][  T983] em28xx 3-1:0.0: Registering input extension
[  259.135756][ T5955] usb 3-1: USB disconnect, device number 18
[  259.158443][ T5955] em28xx 3-1:0.0: Disconnecting em28xx
[  259.241902][ T8092] 9pnet_fd: Insufficient options for proto=fd
[  259.749386][ T5955] em28xx 3-1:0.0: Closing input extension
[  259.906606][ T8096] netlink: 36 bytes leftover after parsing attributes in process `syz.4.612'.
[  260.036694][ T8099] netlink: 68 bytes leftover after parsing attributes in process `syz.0.611'.
[  260.064521][ T5955] em28xx 3-1:0.0: Freeing device
[  261.296875][ T8028] lo speed is unknown, defaulting to 1000
[  261.561895][ T8111] hfsplus: Unknown parameter ''
[  261.712591][ T8111] veth3: entered promiscuous mode
[  261.810177][ T8122] bridge0: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  261.825345][ T8111] netlink: 36 bytes leftover after parsing attributes in process `syz.0.617'.
[  261.894076][   T30] audit: type=1326 audit(1758197166.374:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8106 comm="syz.2.615" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd80398eba9 code=0x0
[  261.971478][ T8028] lo speed is unknown, defaulting to 1000
[  262.311120][ T5931] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  262.395374][ T8028] lo speed is unknown, defaulting to 1000
[  262.461799][ T5931] usb 3-1: Using ep0 maxpacket: 32
[  262.477037][ T5931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.529290][ T5931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.554388][ T5931] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  262.601807][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.264710][ T5931] usb 3-1: config 0 descriptor??
[  263.869690][ T5931] hub 3-1:0.0: USB hub found
[  264.062092][ T5931] hub 3-1:0.0: 1 port detected
[  264.348981][ T8153] FAULT_INJECTION: forcing a failure.
[  264.348981][ T8153] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  264.362840][ T8153] CPU: 0 UID: 0 PID: 8153 Comm: syz.4.626 Not tainted syzkaller #0 PREEMPT(full) 
[  264.362862][ T8153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  264.362872][ T8153] Call Trace:
[  264.362879][ T8153]  <TASK>
[  264.362886][ T8153]  dump_stack_lvl+0x189/0x250
[  264.362910][ T8153]  ? __pfx____ratelimit+0x10/0x10
[  264.362932][ T8153]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.362951][ T8153]  ? __pfx__printk+0x10/0x10
[  264.362973][ T8153]  ? __might_fault+0xb0/0x130
[  264.363007][ T8153]  should_fail_ex+0x414/0x560
[  264.363032][ T8153]  _copy_from_user+0x2d/0xb0
[  264.363049][ T8153]  ___sys_sendmsg+0x158/0x2a0
[  264.363069][ T8153]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.363121][ T8153]  ? __fget_files+0x2a/0x420
[  264.363136][ T8153]  ? __fget_files+0x3a0/0x420
[  264.363170][ T8153]  __x64_sys_sendmsg+0x19b/0x260
[  264.363190][ T8153]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  264.363217][ T8153]  ? __pfx_ksys_write+0x10/0x10
[  264.363243][ T8153]  ? do_syscall_64+0xbe/0xfa0
[  264.363268][ T8153]  do_syscall_64+0xfa/0xfa0
[  264.363289][ T8153]  ? lockdep_hardirqs_on+0x9c/0x150
[  264.363310][ T8153]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.363326][ T8153]  ? clear_bhb_loop+0x60/0xb0
[  264.363346][ T8153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.363362][ T8153] RIP: 0033:0x7fd49138eba9
[  264.363378][ T8153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.363393][ T8153] RSP: 002b:00007fd49227f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.363411][ T8153] RAX: ffffffffffffffda RBX: 00007fd4915d6180 RCX: 00007fd49138eba9
[  264.363423][ T8153] RDX: 0000000000004800 RSI: 0000200000000000 RDI: 0000000000000007
[  264.363434][ T8153] RBP: 00007fd49227f090 R08: 0000000000000000 R09: 0000000000000000
[  264.363445][ T8153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.363454][ T8153] R13: 00007fd4915d6218 R14: 00007fd4915d6180 R15: 00007fff23a4deb8
[  264.363484][ T8153]  </TASK>
[  265.075757][ T8158] netlink: 96 bytes leftover after parsing attributes in process `syz.0.627'.
[  265.155753][ T5931] hub 3-1:0.0: hub_hub_status failed (err = -32)
[  265.178216][ T5931] hub 3-1:0.0: config failed, can't get hub status (err -32)
[  266.131166][ T5931] usbhid 3-1:0.0: can't add hid device: -32
[  266.141708][ T5931] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[  266.172373][ T8169] 9pnet_fd: Insufficient options for proto=fd
[  266.228891][ T8028] lo speed is unknown, defaulting to 1000
[  266.502333][ T5931] usb 3-1: USB disconnect, device number 19
[  267.402030][ T8180] UBIFS error (pid: 8180): cannot open "c:::", error -22
[  268.682493][ T8193] netem: incorrect gi model size
[  268.777015][ T8193] netem: change failed
[  268.922332][ T5931] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  269.091140][  T983] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  269.271294][ T8204] 9pnet_fd: Insufficient options for proto=fd
[  269.744962][ T5931] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  269.756374][ T5931] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  269.766912][ T5931] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  269.777113][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.801933][ T8195] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  269.817391][ T5931] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  269.963707][  T983] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  269.978765][  T983] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  270.040689][  T983] usb 4-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[  270.050012][  T983] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.223883][   T30] audit: type=1800 audit(1758197174.704:32): pid=8216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.645" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  270.304033][  T983] usb 4-1: config 0 descriptor??
[  270.392600][ T8216] hsr_slave_1 (unregistering): left promiscuous mode
[  270.799540][ T8197] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  270.832232][ T8197] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  270.866789][  T983] usbhid 4-1:0.0: can't add hid device: -71
[  270.882330][  T983] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  270.894098][  T983] usb 4-1: USB disconnect, device number 10
[  270.952984][ T8228] binder_alloc: 8227: binder_alloc_buf, no vma
[  271.871244][ T8243] netlink: 20 bytes leftover after parsing attributes in process `syz.3.652'.
[  272.040083][  T983] usb 3-1: USB disconnect, device number 20
[  272.848279][ T8254] 9pnet_fd: Insufficient options for proto=fd
[  274.498908][ T8278] netlink: 1 bytes leftover after parsing attributes in process `syz.2.664'.
[  275.413357][ T8289] netlink: 36 bytes leftover after parsing attributes in process `syz.0.669'.
[  275.423760][ T8289] 9pnet_fd: Insufficient options for proto=fd
[  277.061373][ T5960] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  277.251351][ T5960] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  277.309757][ T5960] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  277.462051][ T5960] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  277.575318][ T8318] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  277.599547][ T8318] cramfs: wrong magic
[  278.251979][ T8321] netlink: 'syz.4.676': attribute type 1 has an invalid length.
[  278.259734][ T8321] netlink: 224 bytes leftover after parsing attributes in process `syz.4.676'.
[  278.284639][ T8319] netlink: 12 bytes leftover after parsing attributes in process `syz.4.676'.
[  278.294709][ T8319] netlink: 12 bytes leftover after parsing attributes in process `syz.4.676'.
[  278.313455][ T5960] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  278.624552][ T5960] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  278.647615][ T8327] 9pnet_fd: Insufficient options for proto=fd
[  278.674169][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.718078][ T5960] usb 1-1: Product: syz
[  279.135604][ T5960] usb 1-1: Manufacturer: syz
[  279.155936][ T5960] usb 1-1: SerialNumber: syz
[  279.179234][ T5931] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  279.195219][ T5960] usb 1-1: can't set config #1, error -71
[  279.245006][ T5960] usb 1-1: USB disconnect, device number 10
[  279.335126][ T5931] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  279.343878][ T5931] usb 3-1: config 0 has no interface number 0
[  279.363891][ T5931] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  279.373211][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.381446][   T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  279.399272][ T5931] usb 3-1: Product: syz
[  279.411363][ T5931] usb 3-1: Manufacturer: syz
[  279.416187][ T5931] usb 3-1: SerialNumber: syz
[  279.429865][ T5931] usb 3-1: config 0 descriptor??
[  279.531199][   T10] usb 5-1: Using ep0 maxpacket: 8
[  279.540960][   T10] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d
[  279.558564][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.568399][   T10] usb 5-1: Product: syz
[  279.574427][   T10] usb 5-1: Manufacturer: syz
[  279.579555][   T10] usb 5-1: SerialNumber: syz
[  279.590031][   T10] usb 5-1: config 0 descriptor??
[  279.609759][   T10] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  279.763765][ T5931] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  279.829665][ T5931] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  279.840995][ T5931] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  279.850624][ T5931] usb 3-1: media controller created
[  279.882353][ T5931] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  280.073605][ T5931] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  280.220871][ T8337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.250093][ T5931] usb 3-1: USB disconnect, device number 21
[  280.258905][ T8337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.273503][   T10] gspca_sonixj: reg_r err -32
[  280.285909][   T10] sonixj 5-1:0.0: probe with driver sonixj failed with error -32
[  282.248875][  T983] usb 5-1: USB disconnect, device number 7
[  283.045149][ T8384] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  283.515412][ T8393] netlink: 32 bytes leftover after parsing attributes in process `syz.2.699'.
[  283.525331][ T8396] vfat: Bad value for 'umask'
[  283.535683][ T8399] netlink: 144 bytes leftover after parsing attributes in process `syz.3.701'.
[  283.750636][ T8402] 9pnet_fd: Insufficient options for proto=fd
[  284.955576][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.709'.
[  284.964583][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.709'.
[  285.119108][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.709'.
[  285.128164][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.709'.
[  285.356023][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.709'.
[  285.365892][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.709'.
[  285.629088][ T8422] netlink: 20 bytes leftover after parsing attributes in process `syz.2.709'.
[  285.761280][ T5867] Bluetooth: hci2: command 0x0c1a tx timeout
[  286.047076][ T8440] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  286.617148][ T8451] usb usb8: usbfs: process 8451 (syz.0.715) did not claim interface 0 before use
[  287.103566][ T5918] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  287.119225][ T8450] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  287.169394][ T8450] FAT-fs (loop1): unable to read boot sector
[  287.367714][ T5918] usb 5-1: Using ep0 maxpacket: 8
[  287.394681][ T5918] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  287.407902][ T5918] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.464340][ T5918] pvrusb2: Hardware description: Terratec Grabster AV400
[  287.689714][ T5918] pvrusb2: **********
[  287.694531][ T5918] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  287.705591][ T5918] pvrusb2: Important functionality might not be entirely working.
[  287.714033][ T5918] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  287.726007][ T5918] pvrusb2: **********
[  288.576648][ T2344] pvrusb2: Invalid write control endpoint
[  288.617133][ T8461] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  288.676991][ T8461] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  288.700893][ T2344] pvrusb2: Invalid write control endpoint
[  288.740006][ T2344] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  288.799738][ T2344] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  288.809366][ T8445] lo speed is unknown, defaulting to 1000
[  288.819242][ T2344] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  288.838990][ T2344] pvrusb2: Device being rendered inoperable
[  288.849115][ T2344] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  288.882831][ T2344] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  288.960413][ T2344] pvrusb2: Attached sub-driver cx25840
[  289.003322][ T2344] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  289.020420][ T8470] hfsplus: Unknown parameter '|/Í@'
[  289.341217][ T2344] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  290.256118][ T8480] netlink: 'syz.1.722': attribute type 10 has an invalid length.
[  290.325196][ T8480] netlink: 40 bytes leftover after parsing attributes in process `syz.1.722'.
[  290.509611][ T8480] team0: entered promiscuous mode
[  290.514809][ T8480] team_slave_0: entered promiscuous mode
[  290.530335][ T8480] team_slave_1: entered promiscuous mode
[  290.549252][ T8480] team0: entered allmulticast mode
[  290.554814][ T8480] team_slave_0: entered allmulticast mode
[  290.560838][ T8480] team_slave_1: entered allmulticast mode
[  290.562738][ T8483] exFAT-fs (nullb0): invalid boot record signature
[  290.567662][ T8480] bridge0: port 3(team0) entered blocking state
[  290.583972][ T8480] bridge0: port 3(team0) entered disabled state
[  290.634902][ T8480] bridge0: port 3(team0) entered blocking state
[  290.641563][ T8480] bridge0: port 3(team0) entered forwarding state
[  291.061605][ T8483] exFAT-fs (nullb0): failed to read boot sector
[  291.067863][ T8483] exFAT-fs (nullb0): failed to recognize exfat type
[  291.269909][ T8485] netlink: 'syz.0.723': attribute type 10 has an invalid length.
[  291.325018][ T8485] bond0: (slave bond_slave_0): Releasing backup interface
[  291.555623][ T8488] netlink: 'syz.0.724': attribute type 6 has an invalid length.
[  293.044411][ T5884] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  293.484131][ T5955] usb 5-1: USB disconnect, device number 8
[  294.341852][ T8513] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  294.362415][ T8520] vfat: Deprecated parameter 'posix'
[  294.367908][ T8520] FAT-fs: "posix" option is obsolete, not supported now
[  294.368888][ T8520] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  294.383871][ T8513] EXT4-fs (loop4): unable to read superblock
[  294.393493][ T8520] FAT-fs (loop2): unable to read boot sector
[  294.491209][ T5960] usb 1-1: new low-speed USB device number 11 using dummy_hcd
[  294.826743][ T8526] EXT4-fs: inline encryption not supported
[  294.832657][ T8526] EXT4-fs: Ignoring removed i_version option
[  294.838911][ T8526] EXT4-fs: Ignoring removed bh option
[  294.849247][ T8526] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 1
[  294.859143][ T8526] EXT4-fs (loop4): unable to read superblock
[  295.041156][ T5867] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  295.122161][ T5867] Bluetooth: hci2: command 0x0c1a tx timeout
[  295.241937][ T5960] usb 1-1: device descriptor read/64, error -71
[  295.621190][ T5960] usb 1-1: new low-speed USB device number 12 using dummy_hcd
[  295.843467][ T5960] usb 1-1: device descriptor read/64, error -71
[  295.954344][ T5960] usb usb1-port1: attempt power cycle
[  296.005358][ T8533] netlink: 148 bytes leftover after parsing attributes in process `syz.4.737'.
[  296.014962][ T8533] netlink: 32 bytes leftover after parsing attributes in process `syz.4.737'.
[  296.097875][ T8518] I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  296.107820][ T8518] I/O error, dev loop2, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  296.117314][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  296.127147][ T8518] I/O error, dev loop2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  296.136574][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  296.146152][ T8518] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  296.153835][ T8518] UDF-fs: Scanning with blocksize 512 failed
[  296.160594][ T8518] I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  296.170033][ T8518] I/O error, dev loop2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  296.179487][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  296.189235][ T8518] I/O error, dev loop2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  296.199182][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  296.208904][ T8518] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  296.216677][ T8518] UDF-fs: Scanning with blocksize 1024 failed
[  296.223205][ T8518] I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  296.232707][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  296.242512][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  296.252135][ T8518] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  296.259767][ T8518] UDF-fs: Scanning with blocksize 2048 failed
[  296.267545][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  296.277392][ T8518] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  296.286967][ T8518] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  296.294720][ T8518] UDF-fs: Scanning with blocksize 4096 failed
[  296.300782][ T8518] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  296.693451][ T8534] netlink: 36 bytes leftover after parsing attributes in process `syz.1.738'.
[  297.611076][ T8546] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  297.622913][ T8546] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  298.078588][ T8534] syz.1.738 (8534): drop_caches: 2
[  298.753248][ T8555] netlink: 'syz.0.742': attribute type 4 has an invalid length.
[  301.856188][ T8586] dummy0: entered promiscuous mode
[  301.869922][ T8587] netlink: 'syz.0.750': attribute type 6 has an invalid length.
[  301.879144][ T8586] macsec1: entered promiscuous mode
[  301.889897][ T8586] dummy0: left promiscuous mode
[  302.805358][ T8600] netlink: 'syz.4.754': attribute type 6 has an invalid length.
[  305.289050][ T8619] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  305.304441][ T8619] qnx6: wrong signature (magic) in superblock #1.
[  306.421366][ T8619] qnx6: unable to read the first superblock
[  306.424897][ T8623] netlink: 12 bytes leftover after parsing attributes in process `syz.0.759'.
[  307.241936][ T8631] 9pnet_fd: Insufficient options for proto=fd
[  309.109143][ T8643] netlink: 'syz.1.766': attribute type 6 has an invalid length.
[  309.644245][ T8651] hfsplus: Unknown parameter '|/Í@'
[  310.171386][ T8662] hfsplus: Unknown parameter '|/Í@'
[  310.358984][ T8665] hfsplus: Unknown parameter '|/Í@'
[  310.399055][ T8666] hfsplus: Unknown parameter '|/Í@'
[  312.217610][ T8681] netlink: 104 bytes leftover after parsing attributes in process `syz.0.773'.
[  312.973352][ T5955] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  313.173063][ T5955] usb 1-1: config 0 has an invalid interface number: 83 but max is 0
[  313.453658][ T5955] usb 1-1: config 0 has no interface number 0
[  313.624483][ T5955] usb 1-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[  313.815322][ T5955] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.927840][ T5955] usb 1-1: config 0 descriptor??
[  313.947834][ T5955] ttusbir 1-1:0.83: cannot find expected altsetting
[  314.147882][ T8680] netlink: 'syz.0.773': attribute type 1 has an invalid length.
[  314.328187][ T5955] usb 1-1: USB disconnect, device number 14
[  314.541887][ T8708] netlink: 'syz.3.779': attribute type 6 has an invalid length.
[  315.564242][ T8716] netlink: 136 bytes leftover after parsing attributes in process `syz.3.780'.
[  317.208011][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  317.215121][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  317.754640][ T8757] netlink: 'syz.3.791': attribute type 6 has an invalid length.
[  318.977799][ T8775] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  319.202687][ T8775] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  321.442130][ T8800] netlink: 88 bytes leftover after parsing attributes in process `syz.4.802'.
[  321.587757][ T8815] lo speed is unknown, defaulting to 1000
[  321.877683][ T8818] EXT4-fs: Ignoring removed bh option
[  321.883241][ T8818] EXT4-fs: Ignoring removed oldalloc option
[  321.889169][ T8818] EXT4-fs: quotafile must be on filesystem root
[  321.918575][ T8822] netlink: 'syz.1.806': attribute type 6 has an invalid length.
[  322.411120][   T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  323.657706][   T30] audit: type=1326 audit(1758197228.134:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  323.693674][   T10] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  323.724380][   T10] usb 1-1: config 2 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  323.804981][   T30] audit: type=1326 audit(1758197228.134:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  323.829588][   T30] audit: type=1326 audit(1758197228.134:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  323.869130][   T30] audit: type=1326 audit(1758197228.134:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  323.869348][   T10] usb 1-1: config 2 interface 0 has no altsetting 0
[  324.440282][   T30] audit: type=1326 audit(1758197228.134:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  324.534753][   T30] audit: type=1326 audit(1758197228.134:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  324.557207][   T30] audit: type=1326 audit(1758197228.134:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  324.702014][   T10] usb 1-1: string descriptor 0 read error: -71
[  324.703311][   T30] audit: type=1326 audit(1758197228.134:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  324.708226][   T10] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47
[  324.999526][   T30] audit: type=1326 audit(1758197228.134:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  325.151740][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  325.157396][   T30] audit: type=1326 audit(1758197228.134:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.4.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  325.611713][   T10] usb 1-1: can't set config #2, error -71
[  325.636297][   T10] usb 1-1: USB disconnect, device number 15
[  326.021118][ T8852] 9pnet_fd: Insufficient options for proto=fd
[  328.230826][ T8867] netlink: 48 bytes leftover after parsing attributes in process `syz.0.818'.
[  328.439185][ T5960] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  329.943422][ T8869] netlink: 'syz.2.819': attribute type 6 has an invalid length.
[  330.109071][ T5960] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  330.133678][ T5960] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.169659][ T5960] usb 2-1: Product: syz
[  330.183865][ T5960] usb 2-1: Manufacturer: syz
[  330.201670][ T5960] usb 2-1: SerialNumber: syz
[  331.021223][ T5960] usb 2-1: can't set config #1, error -71
[  331.043725][ T5960] usb 2-1: USB disconnect, device number 8
[  331.667225][ T8894] 9pnet_fd: Insufficient options for proto=fd
[  331.798826][ T8896] netlink: 8 bytes leftover after parsing attributes in process `syz.2.827'.
[  331.817284][ T8896] blk_print_req_error: 5 callbacks suppressed
[  331.817303][ T8896] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  331.833147][ T8896] FAT-fs (loop2): unable to read boot sector
[  332.364884][ T8913] netlink: 28 bytes leftover after parsing attributes in process `syz.0.833'.
[  332.374311][ T8913] netlink: 28 bytes leftover after parsing attributes in process `syz.0.833'.
[  333.594762][ T8921] netlink: 'syz.1.834': attribute type 6 has an invalid length.
[  333.851531][   T24] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  334.062928][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  334.157471][   T24] usb 3-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.00
[  334.273499][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.461729][   T24] usb 3-1: config 0 descriptor??
[  334.915105][ T8933] netlink: 'syz.0.839': attribute type 1 has an invalid length.
[  335.015595][   T24] usbhid 3-1:0.0: can't add hid device: -71
[  335.036028][   T24] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  335.085896][   T24] usb 3-1: USB disconnect, device number 22
[  335.852654][   T24] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  336.040026][ T5867] block nbd0: Receive control failed (result -32)
[  336.161826][ T8967] overlayfs: failed to resolve './file0': -2
[  336.204366][ T5234] udevd[5234]: worker [8968] terminated by signal 33 (Unknown signal 33)
[  336.231198][   T24] usb 1-1: Using ep0 maxpacket: 8
[  336.260596][ T5234] udevd[5234]: worker [8968] failed while handling '/devices/virtual/tty/gsmtty21'
[  336.307244][   T24] usb 1-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a
[  336.360158][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.413690][   T24] usb 1-1: Product: syz
[  336.418072][   T24] usb 1-1: Manufacturer: syz
[  336.443237][   T24] usb 1-1: SerialNumber: syz
[  336.723730][   T24] usb 1-1: config 0 descriptor??
[  336.823046][   T24] gspca_main: sn9c2028-2.14.0 probing 0458:7003
[  337.467706][ T8984] netlink: 'syz.2.852': attribute type 6 has an invalid length.
[  337.772958][   T24] gspca_sn9c2028: read1 error -110
[  338.239994][ T6019] usb 4-1: new low-speed USB device number 11 using dummy_hcd
[  338.413850][   T24] gspca_sn9c2028: read1 error -32
[  338.419681][   T24] sn9c2028 1-1:0.0: probe with driver sn9c2028 failed with error -32
[  338.614808][ T6019] usb 4-1: device descriptor read/64, error -71
[  338.874919][ T5955] usb 1-1: USB disconnect, device number 16
[  338.991271][ T6019] usb 4-1: new low-speed USB device number 12 using dummy_hcd
[  339.249051][ T6019] usb 4-1: device descriptor read/64, error -71
[  339.267435][ T9005] overlayfs: failed to resolve './file0': -2
[  339.294475][ T9009] netlink: 28 bytes leftover after parsing attributes in process `syz.4.863'.
[  339.303819][ T9009] netlink: 28 bytes leftover after parsing attributes in process `syz.4.863'.
[  339.454050][ T6019] usb usb4-port1: attempt power cycle
[  339.491341][   T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  339.785308][   T24] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  339.816378][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.825888][   T24] usb 2-1: Product: syz
[  339.835136][   T24] usb 2-1: Manufacturer: syz
[  339.840033][   T24] usb 2-1: SerialNumber: syz
[  339.979564][ T6019] usb 4-1: new low-speed USB device number 13 using dummy_hcd
[  340.061779][ T6019] usb 4-1: device descriptor read/8, error -71
[  340.791121][ T6019] usb 4-1: new low-speed USB device number 14 using dummy_hcd
[  340.928801][ T9020] netlink: 'syz.4.866': attribute type 6 has an invalid length.
[  341.033688][ T9022] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 1
[  341.045094][ T9022] XFS (loop2): SB validate failed with error -5.
[  341.071354][ T6019] usb 4-1: device descriptor read/8, error -71
[  341.256207][ T6019] usb usb4-port1: unable to enumerate USB device
[  342.203887][ T6019] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  342.338371][ T9051] usb usb1: usbfs: process 9051 (syz.3.875) did not claim interface 4 before use
[  342.431338][ T6019] usb 5-1: device descriptor read/64, error -71
[  342.732757][ T9055] netlink: 28 bytes leftover after parsing attributes in process `syz.3.876'.
[  342.744957][ T9055] netlink: 28 bytes leftover after parsing attributes in process `syz.3.876'.
[  342.761098][ T6019] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  343.146212][ T9058] 9pnet_fd: Insufficient options for proto=fd
[  343.189525][ T6019] usb 5-1: device descriptor read/64, error -71
[  343.378210][   T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  343.432626][   T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  343.449063][   T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  343.486403][   T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  343.501809][ T6019] usb usb5-port1: attempt power cycle
[  343.503697][   T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  343.960867][   T24] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71
[  343.977510][   T24] usb 2-1: USB disconnect, device number 9
[  344.071607][ T6019] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  344.133872][ T9075] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  344.144983][ T9075] overlayfs: missing 'lowerdir'
[  344.465500][ T6019] usb 5-1: device descriptor read/8, error -71
[  344.550078][ T9080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.883'.
[  344.577175][ T9080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.883'.
[  344.588158][ T9081] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  344.631639][ T9081] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  344.689221][ T9083] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3919364976 (501678716928 ns) > initial count (201147751424 ns). Using initial count to start timer.
[  344.841479][ T6019] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  345.250993][ T6019] usb 5-1: device not accepting address 12, error -71
[  345.617229][ T6019] usb usb5-port1: unable to enumerate USB device
[  345.733599][ T9090] binder: BINDER_SET_CONTEXT_MGR already set
[  345.740983][ T9090] binder: 9088:9090 ioctl 4018620d 200000004a80 returned -16
[  346.024776][ T9095] overlayfs: failed to resolve './file0': -2
[  346.269506][ T9105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.893'.
[  346.269573][ T9105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.893'.
[  346.338403][ T9106] erofs (device loop1): cannot find valid erofs superblock
[  348.514136][ T9125] tap0: tun_chr_ioctl cmd 21731
[  348.582478][ T9133] netlink: 12 bytes leftover after parsing attributes in process `syz.4.901'.
[  348.592848][ T9133] tc_dump_action: action bad kind
[  349.673849][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  349.673868][   T30] audit: type=1326 audit(1758197254.154:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.3.903" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f222638eba9 code=0x0
[  349.960455][ T9146] 9pnet_fd: Insufficient options for proto=fd
[  350.330516][ T9150] 8021q: adding VLAN 0 to HW filter on device bond1
[  351.902694][ T9155] ntfs3: Unknown parameter 'wi‡?пò@ÀmLs>nocase'
[  352.094198][ T9171] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  352.110722][ T9155] netlink: 52 bytes leftover after parsing attributes in process `syz.3.906'.
[  352.131201][ T9171] EXT4-fs (loop2): unable to read superblock
[  352.541702][ T9183] tipc: Started in network mode
[  352.657905][ T9183] tipc: Node identity 5f2d0000000000000000000000000001, cluster identity 4711
[  352.762973][ T9183] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  353.281738][ T9180] udf: Unexpected value for 'nostrict'
[  353.393144][ T9188] overlayfs: failed to resolve './file0': -2
[  353.458945][ T9191] netlink: 'syz.3.916': attribute type 6 has an invalid length.
[  355.174784][ T5955] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  355.361231][ T5955] usb 3-1: Using ep0 maxpacket: 16
[  355.373266][ T5955] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.386165][ T5955] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.419440][ T5955] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  355.439807][ T5955] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  355.441436][ T9214] fuse: Unknown parameter 'ÿÿÿÿÿÿÿÿ0x0000000000000006'
[  355.466503][ T5955] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.494211][ T5955] usb 3-1: config 0 descriptor??
[  356.033256][ T9227] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  356.042931][ T9227] FAT-fs (loop4): unable to read boot sector
[  356.050200][ T9229] overlayfs: failed to resolve './file0': -2
[  356.059676][ T5955] usbhid 3-1:0.0: can't add hid device: -71
[  356.065703][ T5955] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  356.075561][ T5955] usb 3-1: USB disconnect, device number 23
[  356.140841][ T9225] netlink: 44 bytes leftover after parsing attributes in process `syz.0.929'.
[  356.457296][ T9248] netlink: 'syz.4.935': attribute type 6 has an invalid length.
[  356.481294][ T5960] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  357.457918][ T5960] usb 2-1: device descriptor read/64, error -71
[  358.321868][ T5960] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  358.771552][ T5960] usb 2-1: device descriptor read/64, error -71
[  358.853486][ T9272] overlayfs: failed to resolve './file0': -2
[  358.946212][ T5960] usb usb2-port1: attempt power cycle
[  359.115897][ T9288] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  359.130467][ T9288] EXT4-fs (loop2): unable to read superblock
[  359.157086][ T9288] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  359.173364][ T9288] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  359.193049][ T9288] overlayfs: missing 'lowerdir'
[  360.041726][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.3.951'.
[  360.270911][ T9323] overlayfs: failed to resolve './file0': -2
[  360.749069][ T9335] netlink: 'syz.1.960': attribute type 6 has an invalid length.
[  360.830003][ T9337] netlink: 'syz.3.961': attribute type 6 has an invalid length.
[  361.556155][ T9348] netlink: 28 bytes leftover after parsing attributes in process `syz.0.962'.
[  363.603347][ T9378] overlayfs: failed to resolve './file0': -2
[  363.856307][ T9388] evm: overlay not supported
[  364.900488][ T9401] netlink: 28 bytes leftover after parsing attributes in process `syz.2.974'.
[  364.909465][ T9401] netlink: 28 bytes leftover after parsing attributes in process `syz.2.974'.
[  365.417575][ T9407] program syz.4.976 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  365.479328][ T9409] netlink: 28 bytes leftover after parsing attributes in process `syz.1.975'.
[  365.488305][ T9409] netlink: 28 bytes leftover after parsing attributes in process `syz.1.975'.
[  366.242058][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.980'.
[  366.294238][ T9425] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  366.470251][ T9431] overlayfs: failed to resolve './file0': -2
[  366.608061][ T9433] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  366.613460][ T9436] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  367.731179][   T24] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  367.771404][ T6019] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  367.787171][ T9458] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  367.842344][ T9458] FAT-fs (loop0): unable to read boot sector
[  367.941334][ T6019] usb 5-1: Using ep0 maxpacket: 8
[  367.958860][ T6019] usb 5-1: config 6 has an invalid interface number: 2 but max is 0
[  367.971844][ T6019] usb 5-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  368.023558][ T6019] usb 5-1: config 6 has no interface number 0
[  368.064102][   T24] usb 3-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[  368.078312][   T24] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  368.079057][ T6019] usb 5-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xAA, changing to 0x8A
[  368.831909][ T6019] usb 5-1: config 6 interface 2 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  368.858493][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  368.875044][   T24] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  368.884895][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.893719][   T24] usb 3-1: Product: syz
[  368.898060][   T24] usb 3-1: Manufacturer: syz
[  368.903138][   T24] usb 3-1: SerialNumber: syz
[  368.909989][ T6019] usb 5-1: config 6 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  368.910903][   T24] usb 3-1: config 0 descriptor??
[  368.960953][ T6019] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  368.980592][ T6019] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.027422][ T6019] usb 5-1: Product: syz
[  369.036655][ T6019] usb 5-1: Manufacturer: syz
[  369.055230][   T24] usb-storage 3-1:0.0: USB Mass Storage device detected
[  369.064581][ T6019] usb 5-1: SerialNumber: syz
[  369.104147][ T6019] hso 5-1:6.2: Failed to find INT IN ep
[  369.113636][   T24] usb-storage 3-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  369.142960][ T9473] netlink: 112 bytes leftover after parsing attributes in process `syz.1.991'.
[  369.317325][   T30] audit: type=1326 audit(1758197273.794:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  369.381347][   T30] audit: type=1326 audit(1758197273.794:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  369.393396][   T24] usb 3-1: USB disconnect, device number 24
[  369.922168][   T30] audit: type=1326 audit(1758197273.794:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  369.935722][  T983] usb 5-1: USB disconnect, device number 13
[  369.944151][    C0] vkms_vblank_simulate: vblank timer overrun
[  369.945647][   T30] audit: type=1326 audit(1758197273.794:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  369.978161][    C0] vkms_vblank_simulate: vblank timer overrun
[  369.992791][   T30] audit: type=1326 audit(1758197273.794:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  370.051117][   T30] audit: type=1326 audit(1758197273.794:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  370.160609][   T30] audit: type=1326 audit(1758197274.414:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  370.190152][   T30] audit: type=1326 audit(1758197274.414:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9448 comm="syz.4.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd49138eba9 code=0x7ffc0000
[  370.411324][ T9489] overlayfs: failed to resolve './file0': -2
[  370.514986][ T9495] FAULT_INJECTION: forcing a failure.
[  370.514986][ T9495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.528430][ T9495] CPU: 1 UID: 0 PID: 9495 Comm: syz.1.998 Not tainted syzkaller #0 PREEMPT(full) 
[  370.528453][ T9495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  370.528467][ T9495] Call Trace:
[  370.528474][ T9495]  <TASK>
[  370.528482][ T9495]  dump_stack_lvl+0x189/0x250
[  370.528507][ T9495]  ? __pfx____ratelimit+0x10/0x10
[  370.528530][ T9495]  ? __pfx_dump_stack_lvl+0x10/0x10
[  370.528550][ T9495]  ? __pfx__printk+0x10/0x10
[  370.528571][ T9495]  ? __might_fault+0xb0/0x130
[  370.528604][ T9495]  should_fail_ex+0x414/0x560
[  370.528629][ T9495]  _copy_from_user+0x2d/0xb0
[  370.528645][ T9495]  video_usercopy+0x346/0x1450
[  370.528673][ T9495]  ? __pfx___video_do_ioctl+0x10/0x10
[  370.528692][ T9495]  ? __pfx_video_usercopy+0x10/0x10
[  370.528727][ T9495]  ? __fget_files+0x3a0/0x420
[  370.528746][ T9495]  v4l2_ioctl+0x18d/0x1e0
[  370.528765][ T9495]  ? __pfx_v4l2_ioctl+0x10/0x10
[  370.528783][ T9495]  __se_sys_ioctl+0xfc/0x170
[  370.528807][ T9495]  do_syscall_64+0xfa/0xfa0
[  370.528827][ T9495]  ? lockdep_hardirqs_on+0x9c/0x150
[  370.528849][ T9495]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.528865][ T9495]  ? clear_bhb_loop+0x60/0xb0
[  370.528885][ T9495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.528905][ T9495] RIP: 0033:0x7f2394f8eba9
[  370.528921][ T9495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.528936][ T9495] RSP: 002b:00007f2395e6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  370.528954][ T9495] RAX: ffffffffffffffda RBX: 00007f23951d5fa0 RCX: 00007f2394f8eba9
[  370.528967][ T9495] RDX: 0000200000000180 RSI: 00000000c0cc5615 RDI: 0000000000000003
[  370.528978][ T9495] RBP: 00007f2395e6a090 R08: 0000000000000000 R09: 0000000000000000
[  370.528988][ T9495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.528998][ T9495] R13: 00007f23951d6038 R14: 00007f23951d5fa0 R15: 00007fffb44c7f28
[  370.529027][ T9495]  </TASK>
[  370.546991][ T9496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.996'.
[  370.741632][ T9498] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1000'.
[  370.750734][ T9498] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1000'.
[  370.840351][ T9503] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1001'.
[  370.849470][ T9503] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1001'.
[  371.684196][ T9504] ------------[ cut here ]------------
[  371.691613][ T9504] WARNING: kernel/vhost_task.c:97 at __vhost_task_wake+0xbb/0xd0, CPU#0: syz.2.999/9504
[  371.701480][ T9504] Modules linked in:
[  371.705626][ T9504] CPU: 0 UID: 0 PID: 9504 Comm: syz.2.999 Not tainted syzkaller #0 PREEMPT(full) 
[  371.715038][ T9504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  371.725192][ T9504] RIP: 0010:__vhost_task_wake+0xbb/0xd0
[  371.730736][ T9504] Code: 38 00 74 08 48 89 df e8 93 81 95 00 48 8b 3b 5b 41 5e 41 5f e9 a6 45 01 00 e8 31 ef 30 00 90 0f 0b 90 eb 8b e8 26 ef 30 00 90 <0f> 0b 90 5b 41 5e 41 5f e9 18 47 f7 09 cc 0f 1f 80 00 00 00 00 90
[  371.750472][ T9504] RSP: 0018:ffffc9000cbe7680 EFLAGS: 00010293
[  371.752400][ T9496] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  371.756715][ T9504] RAX: ffffffff818eed7a RBX: ffff88802b60a800 RCX: ffff88801eb49e40
[  371.771588][ T9504] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  371.780303][ T9504] RBP: ffffc9000cbe7750 R08: ffff88802b60a877 R09: 1ffff110056c150e
[  371.788821][ T9504] R10: dffffc0000000000 R11: ffffed10056c150f R12: 1ffff9200197ced8
[  371.796969][ T9504] R13: dffffc0000000000 R14: 0000000000000002 R15: dffffc0000000000
[  371.805029][ T9504] FS:  0000000000000000(0000) GS:ffff8881259e1000(0000) knlGS:0000000000000000
[  371.814051][ T9504] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  371.820658][ T9504] CR2: 0000000000000002 CR3: 00000000796a2000 CR4: 00000000003526f0
[  371.828719][ T9504] Call Trace:
[  371.832037][ T9504]  <TASK>
[  371.834988][ T9504]  vhost_worker_queue+0x194/0x260
[  371.840033][ T9504]  ? __pfx_vhost_worker_queue+0x10/0x10
[  371.845839][ T9504]  ? __init_swait_queue_head+0xa9/0x150
[  371.851435][ T9504]  __vhost_worker_flush+0x134/0x1e0
[  371.856658][ T9504]  ? __pfx___vhost_worker_flush+0x10/0x10
[  371.862568][ T9504]  ? __pfx_vhost_flush_work+0x10/0x10
[  371.867972][ T9504]  ? xa_find+0x25b/0x2b0
[  371.872260][ T9504]  ? xa_find+0x8c/0x2b0
[  371.876736][ T9504]  vhost_dev_flush+0xb2/0x130
[  371.881820][ T9504]  ? __pfx_vhost_dev_flush+0x10/0x10
[  371.887324][ T9504]  ? __local_bh_enable_ip+0x12d/0x1c0
[  371.892762][ T9504]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  371.898471][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  371.904482][ T9504]  ? do_raw_spin_unlock+0x122/0x240
[  371.909698][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  371.915792][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  371.921901][ T9504]  vhost_vsock_dev_release+0x1fb/0x3f0
[  371.927463][ T9504]  ? evm_file_release+0x108/0x1e0
[  371.932522][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  371.938523][ T9504]  __fput+0x44c/0xa70
[  371.942579][ T9504]  task_work_run+0x1d4/0x260
[  371.947361][ T9504]  ? __pfx_task_work_run+0x10/0x10
[  371.952649][ T9504]  ? do_exit+0x6b0/0x2300
[  371.957099][ T9504]  ? kmem_cache_free+0x19b/0x690
[  371.962188][ T9504]  do_exit+0x6b5/0x2300
[  371.966393][ T9504]  ? do_raw_spin_lock+0x121/0x290
[  371.971591][ T9504]  ? __pfx_do_exit+0x10/0x10
[  371.976291][ T9504]  do_group_exit+0x21c/0x2d0
[  371.981430][ T9504]  ? lockdep_hardirqs_on+0x9c/0x150
[  371.986652][ T9504]  get_signal+0x1285/0x1340
[  371.991611][ T9504]  arch_do_signal_or_restart+0xa0/0x790
[  371.997161][ T9504]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  372.003551][ T9504]  ? __se_sys_futex+0x36f/0x400
[  372.008555][ T9504]  ? exit_to_user_mode_loop+0x40/0x130
[  372.014069][ T9504]  exit_to_user_mode_loop+0x72/0x130
[  372.019364][ T9504]  do_syscall_64+0x2bd/0xfa0
[  372.023988][ T9504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.030045][ T9504]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  372.035736][ T9504]  ? clear_bhb_loop+0x60/0xb0
[  372.040441][ T9504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.046361][ T9504] RIP: 0033:0x7fd80398eba9
[  372.050784][ T9504] Code: Unable to access opcode bytes at 0x7fd80398eb7f.
[  372.057869][ T9504] RSP: 002b:00007fd80483f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  372.066318][ T9504] RAX: 0000000000000001 RBX: 00007fd803bd5fa8 RCX: 00007fd80398eba9
[  372.074338][ T9504] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd803bd5fac
[  372.083117][ T9504] RBP: 00007fd803bd5fa0 R08: 7fffffffffffffff R09: 0000000000000000
[  372.091665][ T9504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.099781][ T9504] R13: 00007fd803bd6038 R14: 00007ffefb904a80 R15: 00007ffefb904b68
[  372.107865][ T9504]  </TASK>
[  372.110949][ T9504] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  372.118264][ T9504] CPU: 0 UID: 0 PID: 9504 Comm: syz.2.999 Not tainted syzkaller #0 PREEMPT(full) 
[  372.127546][ T9504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  372.137603][ T9504] Call Trace:
[  372.140886][ T9504]  <TASK>
[  372.143809][ T9504]  dump_stack_lvl+0x99/0x250
[  372.148393][ T9504]  ? __asan_memcpy+0x40/0x70
[  372.153012][ T9504]  ? __pfx_dump_stack_lvl+0x10/0x10
[  372.158199][ T9504]  ? __pfx__printk+0x10/0x10
[  372.162790][ T9504]  vpanic+0x237/0x6d0
[  372.166799][ T9504]  ? __pfx_vpanic+0x10/0x10
[  372.171288][ T9504]  ? is_bpf_text_address+0x292/0x2b0
[  372.176564][ T9504]  ? is_bpf_text_address+0x26/0x2b0
[  372.181753][ T9504]  panic+0xb9/0xc0
[  372.185460][ T9504]  ? __pfx_panic+0x10/0x10
[  372.189885][ T9504]  __warn+0x334/0x4c0
[  372.193853][ T9504]  ? __vhost_task_wake+0xbb/0xd0
[  372.198785][ T9504]  ? __vhost_task_wake+0xbb/0xd0
[  372.203707][ T9504]  report_bug+0x2be/0x4f0
[  372.208052][ T9504]  ? __vhost_task_wake+0xbb/0xd0
[  372.212975][ T9504]  ? __vhost_task_wake+0xbb/0xd0
[  372.217902][ T9504]  ? __vhost_task_wake+0xbd/0xd0
[  372.222833][ T9504]  handle_bug+0x84/0x160
[  372.227060][ T9504]  exc_invalid_op+0x1a/0x50
[  372.231546][ T9504]  asm_exc_invalid_op+0x1a/0x20
[  372.236393][ T9504] RIP: 0010:__vhost_task_wake+0xbb/0xd0
[  372.241920][ T9504] Code: 38 00 74 08 48 89 df e8 93 81 95 00 48 8b 3b 5b 41 5e 41 5f e9 a6 45 01 00 e8 31 ef 30 00 90 0f 0b 90 eb 8b e8 26 ef 30 00 90 <0f> 0b 90 5b 41 5e 41 5f e9 18 47 f7 09 cc 0f 1f 80 00 00 00 00 90
[  372.261517][ T9504] RSP: 0018:ffffc9000cbe7680 EFLAGS: 00010293
[  372.267574][ T9504] RAX: ffffffff818eed7a RBX: ffff88802b60a800 RCX: ffff88801eb49e40
[  372.275528][ T9504] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  372.283479][ T9504] RBP: ffffc9000cbe7750 R08: ffff88802b60a877 R09: 1ffff110056c150e
[  372.291437][ T9504] R10: dffffc0000000000 R11: ffffed10056c150f R12: 1ffff9200197ced8
[  372.299391][ T9504] R13: dffffc0000000000 R14: 0000000000000002 R15: dffffc0000000000
[  372.307535][ T9504]  ? __vhost_task_wake+0xba/0xd0
[  372.312467][ T9504]  vhost_worker_queue+0x194/0x260
[  372.317484][ T9504]  ? __pfx_vhost_worker_queue+0x10/0x10
[  372.323025][ T9504]  ? __init_swait_queue_head+0xa9/0x150
[  372.328559][ T9504]  __vhost_worker_flush+0x134/0x1e0
[  372.333757][ T9504]  ? __pfx___vhost_worker_flush+0x10/0x10
[  372.339466][ T9504]  ? __pfx_vhost_flush_work+0x10/0x10
[  372.344832][ T9504]  ? xa_find+0x25b/0x2b0
[  372.349057][ T9504]  ? xa_find+0x8c/0x2b0
[  372.353209][ T9504]  vhost_dev_flush+0xb2/0x130
[  372.357875][ T9504]  ? __pfx_vhost_dev_flush+0x10/0x10
[  372.363164][ T9504]  ? __local_bh_enable_ip+0x12d/0x1c0
[  372.368612][ T9504]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  372.374323][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  372.380308][ T9504]  ? do_raw_spin_unlock+0x122/0x240
[  372.385504][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  372.391478][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  372.397453][ T9504]  vhost_vsock_dev_release+0x1fb/0x3f0
[  372.402905][ T9504]  ? evm_file_release+0x108/0x1e0
[  372.407921][ T9504]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  372.413889][ T9504]  __fput+0x44c/0xa70
[  372.417872][ T9504]  task_work_run+0x1d4/0x260
[  372.422449][ T9504]  ? __pfx_task_work_run+0x10/0x10
[  372.427551][ T9504]  ? do_exit+0x6b0/0x2300
[  372.431867][ T9504]  ? kmem_cache_free+0x19b/0x690
[  372.436802][ T9504]  do_exit+0x6b5/0x2300
[  372.440947][ T9504]  ? do_raw_spin_lock+0x121/0x290
[  372.445960][ T9504]  ? __pfx_do_exit+0x10/0x10
[  372.450549][ T9504]  do_group_exit+0x21c/0x2d0
[  372.455125][ T9504]  ? lockdep_hardirqs_on+0x9c/0x150
[  372.460318][ T9504]  get_signal+0x1285/0x1340
[  372.464825][ T9504]  arch_do_signal_or_restart+0xa0/0x790
[  372.470361][ T9504]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  372.476503][ T9504]  ? __se_sys_futex+0x36f/0x400
[  372.481359][ T9504]  ? exit_to_user_mode_loop+0x40/0x130
[  372.486810][ T9504]  exit_to_user_mode_loop+0x72/0x130
[  372.492083][ T9504]  do_syscall_64+0x2bd/0xfa0
[  372.496709][ T9504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.502759][ T9504]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  372.508377][ T9504]  ? clear_bhb_loop+0x60/0xb0
[  372.513042][ T9504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.518927][ T9504] RIP: 0033:0x7fd80398eba9
[  372.523336][ T9504] Code: Unable to access opcode bytes at 0x7fd80398eb7f.
[  372.530334][ T9504] RSP: 002b:00007fd80483f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  372.538734][ T9504] RAX: 0000000000000001 RBX: 00007fd803bd5fa8 RCX: 00007fd80398eba9
[  372.546692][ T9504] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd803bd5fac
[  372.554651][ T9504] RBP: 00007fd803bd5fa0 R08: 7fffffffffffffff R09: 0000000000000000
[  372.562603][ T9504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.570566][ T9504] R13: 00007fd803bd6038 R14: 00007ffefb904a80 R15: 00007ffefb904b68
[  372.578557][ T9504]  </TASK>
[  372.581826][ T9504] Kernel Offset: disabled
[  372.586136][ T9504] Rebooting in 86400 seconds..