last executing test programs:

2m19.426482725s ago: executing program 2 (id=3):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./bus\x00', 0x0, 0x8}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(0x0, 0x0, 0x9)
setitimer(0x2, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x250000, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4011}, 0x4000094)
prlimit64(0x0, 0x0, 0x0, &(0x7f0000000180))
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002640)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2c, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10}, [@FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x2c}]}, 0x24}}, 0x8800)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x3c}}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x840000000002, 0x3, 0x100)
ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x891a, &(0x7f0000000140)={'veth1_to_hsr\x00', {0x2, 0x4e23, @broadcast}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

2m15.917140664s ago: executing program 2 (id=11):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000006c0)={0x73622a85, 0x1, 0x3})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000280)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x62d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
flock(0xffffffffffffffff, 0x8)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r4, r3, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x2f}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0x0, 0x1, 0xfffffffffffffffc}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="430325bd7000fcffffff0c00000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x37)
r9 = eventfd2(0xd, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000040)={0x3, 0xdddd1000, 0x2, r9, 0x8})
syz_genetlink_get_family_id$smc(&(0x7f00000002c0), r0)
r10 = msgget$private(0x0, 0x120)
msgctl$IPC_RMID(r10, 0x0)

2m14.542877935s ago: executing program 2 (id=15):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
fallocate(r0, 0xc, 0x200000, 0x1000f4)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x86, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYRES32=r2, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRES8=r0, @ANYRES16=r2], 0x1, 0x0, 0x0)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000002000300", @ANYRES32=0x0, @ANYBLOB="02000200", @ANYRES32=0x0, @ANYBLOB="040000000000000008000700", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYBLOB="08000500", @ANYRES32=0x0, @ANYBLOB="10000500000000002000000000000000"], 0x4, 0x3)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x1004, &(0x7f0000002280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESHEX=r1, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000180)={{0x1, 0x1, 0xff}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2)
mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x11, r3, 0x100000000)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203"], 0x0)
syz_usb_control_io$hid(r5, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="00000700000035da144f"], 0x0, 0x0, 0x0, 0x0})
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
move_mount(r7, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[], 0x50)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
r9 = io_uring_setup(0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
io_uring_enter(r9, 0x2cbc, 0x366, 0x12, 0x0, 0x0)

2m10.006801662s ago: executing program 2 (id=38):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
preadv2(r3, &(0x7f00000004c0), 0x0, 0x2000, 0x101, 0x1)
recvmmsg(r1, &(0x7f0000006440)=[{{&(0x7f0000000440)=@l2, 0x80, &(0x7f0000002780), 0x0, &(0x7f0000006580)=""/255, 0xff}, 0xc68}, {{&(0x7f0000002900)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000002980)=""/231, 0xe7}], 0x1, &(0x7f0000002a80)=""/180, 0xb4}, 0x9}, {{&(0x7f0000002b40)=@qipcrtr, 0x80, &(0x7f0000003d40), 0x0, &(0x7f0000003d80)=""/4096, 0x1000}, 0x8}, {{0x0, 0x0, &(0x7f0000006100)=[{&(0x7f0000004d80)=""/65, 0x41}, {&(0x7f0000004e00)=""/247, 0xf7}, {&(0x7f0000004f00)=""/29, 0x1d}, {&(0x7f0000004f40)=""/87, 0x57}, {&(0x7f0000004fc0)=""/15, 0xf}, {&(0x7f0000005000)=""/229, 0xe5}, {&(0x7f0000005100)=""/4082, 0xff2}], 0x7, &(0x7f0000006180)=""/222, 0xde}, 0x7}, {{&(0x7f0000000600)=@hci, 0x80, &(0x7f0000006400)=[{&(0x7f0000006300)=""/48, 0x30}, {&(0x7f0000006340)=""/120, 0x78}, {&(0x7f00000063c0)=""/59, 0x3b}], 0x3}, 0x1}], 0x5, 0x4040, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpgid(0xffffffffffffffff)
sched_setattr(r4, &(0x7f0000000000)={0x38, 0x0, 0x8, 0x8001, 0x0, 0xd, 0x0, 0xfffffe0000000001, 0xfa11, 0x80000001}, 0x0)
getsockopt$inet_mptcp_buf(0xffffffffffffffff, 0x11c, 0x4, &(0x7f00000001c0)=""/13, &(0x7f0000000200)=0xd)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
fsopen(0x0, 0x0)
r5 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41)
r6 = open_tree(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x0)
fchdir(r6)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = accept4(r8, 0x0, 0x0, 0x800)
sendmmsg$alg(r9, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10", 0x48}], 0x3, &(0x7f0000000540)=[@iv={0x48, 0x117, 0x2, 0x30, "25d88a4afd3c88c41131b9e5800582d3e4176e5da323f1700493263bdc0b9daac7198f943c097e414b4e326d46ce9774"}], 0x48}], 0x1, 0x20040800)
recvmsg(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)=""/82, 0x52}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x3)
fcntl$dupfd(r7, 0x0, r7)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r5, 0x403c6f2b, &(0x7f0000000040)={0x1, {"40a568bf607c2094e9c6a0c0f550f7f8", "241e6a0b37e28869f574458eb6417d55", "a34d3bcc4817356e5c266b26fe399bde"}, 0x7, 0x4})
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cdg', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

2m9.667616722s ago: executing program 2 (id=40):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="fc0000001900010027bd700000000000e0000002000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400002000000000000080000000000000000000100000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000200000004"], 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x4}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in=@multicast2, @in6=@local, 0x3c, 0x4, 0x0, 0x2, 0x2, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2m7.78703789s ago: executing program 32 (id=40):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="fc0000001900010027bd700000000000e0000002000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400002000000000000080000000000000000000100000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000200000004"], 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x4}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in=@multicast2, @in6=@local, 0x3c, 0x4, 0x0, 0x2, 0x2, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

40.764942227s ago: executing program 1 (id=418):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x80)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffff", 0x18}], 0x1}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x100, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000280)=0x655e, 0x4)
dup2(r4, r4)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f00000003c0)={{0x70000, 0x5000, 0x3, 0x5, 0x6, 0x0, 0x9, 0x1, 0x4, 0x66, 0x4, 0x7}, {0xeeee0000, 0x50000, 0xb, 0x4, 0x3, 0x8, 0x17, 0xb2, 0x0, 0x3, 0x2, 0x80}, {0xdddd0000, 0xdddd1000, 0x10, 0x9, 0x9, 0x8, 0x8, 0x5, 0xf8, 0x9, 0x8, 0x7}, {0xf000, 0x2000, 0x4, 0x5, 0x1, 0x2, 0xf9, 0x2, 0x7, 0x57, 0x6, 0x7}, {0x6000, 0x80a0000, 0xe, 0x4, 0x87, 0x2, 0xff, 0xd0, 0x2, 0xc, 0x5, 0xb9}, {0x1000, 0x8000000, 0x10, 0xa8, 0x9, 0x5, 0x4, 0x28, 0x9, 0x7, 0x6, 0xb1}, {0xf000, 0x70000, 0xf, 0x7, 0x6, 0x2, 0x8, 0x1, 0xe, 0x0, 0xdc, 0x9}, {0x8080000, 0x80a0000, 0x9, 0xa, 0xd6, 0xe, 0x3, 0xc, 0x2, 0x1, 0xf, 0x6}, {0x4, 0xffff}, {0xdddd1000, 0x8}, 0x10, 0x0, 0xdddd1000, 0x0, 0x3, 0x1100, 0x5000, [0x1, 0x4, 0x1, 0x100]})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x4e, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x87c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, r12, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x84c, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x4, 0x92, 0xd, 0x11f4, 0xf, 0x100, 0xfffffffc, 0xfffffffe, 0x4, 0x7f, 0x9, 0x4, 0xa0000, 0x80, 0xc, 0x0, 0x6, 0xf290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x80, 0x479, 0x7, 0x1, 0x3, 0x4050732b, 0x1, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0xfffffff5, 0xbf2, 0x10001, 0x2, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0xd05, 0x7a, 0x11dc294f, 0x7, 0x5, 0x0, 0x9, 0x1, 0x7, 0x1e9, 0x4, 0xc33, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x8, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x9, 0x6, 0x4, 0x1, 0x3, 0xb9, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x9, 0x200, 0xc, 0x5, 0x89, 0x8, 0x100e, 0x7, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x5, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x2, 0x4, 0x8, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0xaa, 0x2, 0xedd5, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x34, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0x2, 0x5ca0, 0x3, 0x1000, 0x4, 0x7, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x4, 0x2, 0x0, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x2, 0x7ff, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0x9, 0x66c, 0x7fc, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x2, 0x9, 0x2823, 0x8, 0xffffffff, 0x0, 0xffffffff, 0x8001, 0x0, 0x9, 0x1, 0x1, 0x9, 0x5, 0x1ff, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x20000000, 0x7, 0x7, 0x7, {0x4, 0x2, 0xfe00, 0xfe42, 0x4, 0x7}, {0x0, 0x2, 0xcf, 0x1, 0x800, 0x2}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x0, 0x7, 0xfffffff1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x6, 0x9, 0x101, 0x5, 0x2, 0x5, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x0, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1664, 0x80c, 0x9, 0xce3a, 0x2, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x0, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0x4b, 0x2, 0x5, 0x1f, 0x7, 0x0, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x3, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x7ff, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x10, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x1, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x7fff, 0x400009, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdfb, 0x7, 0x9, 0x223ec3e9, 0xdaa, 0x0, 0xfe, 0x1000, 0x4, 0x8, 0x8, 0xf, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x5, 0x8001, 0x5, 0x10001, 0x1, 0x3, 0x80000000, 0x4, 0x38, 0x401, 0x3, 0x10, 0x3, 0x3, 0xbd, 0x9, 0x4, 0x5, 0x5, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0x1, 0xea58, 0x29dc6e7b, 0x53ad, 0x7, 0xd77, 0xff, 0x8, 0x5, 0x0, 0x0, 0x12, 0x0, 0xf, 0xbb4f, 0x8, 0xe4, 0xbcba, 0x80, 0x4, 0xc6, 0x9, 0x81, 0x10000, 0x70, 0x3, 0x4, 0x80, 0x3, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0xffffffff, 0x0, 0x7, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)
r13 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r13, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r13, 0x2)
socket$alg(0x26, 0x5, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e)

39.06648015s ago: executing program 4 (id=425):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./bus\x00', 0x0, 0x8}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(0x0, 0x0, 0x9)
setitimer(0x2, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x250000, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000002000000000f40600000a14000000020a01"], 0x3c}, 0x1, 0x0, 0x0, 0x4011}, 0x4000094)
prlimit64(0x0, 0x0, 0x0, &(0x7f0000000180))
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002640)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2c, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10}, [@FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x2c}]}, 0x24}}, 0x8800)
sendmsg$nl_route(r4, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x840000000002, 0x3, 0x100)
ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x891a, &(0x7f0000000140)={'veth1_to_hsr\x00', {0x2, 0x4e23, @broadcast}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

38.641941897s ago: executing program 1 (id=426):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r3 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0x7fff, &(0x7f0000000240)="12d6cacc400cb28384641a92606ff1d67f7718dadaa571f32ee2eb179974146cb14384e0e9a430de36da9cfa0941cbdb45400dbbf771a9f0d840b73de0cb08d1d3be1afc468f2a26a39cdfba80aa009e0b6b4bab31776e6f4b3cbe471b323c3e805335edbad98b115636442e777dce7bc27e899b8bc13ebd3a9b22f3813b493bcddc5ecc46eada6853")
ptrace$setregset(0x4205, r3, 0x1, &(0x7f00000001c0)={&(0x7f0000000100)="023e540000530c0648444f138d9c176b04f0f91de6b9fe593adb984dcb636b3f3b825c376f2b590f", 0x28})
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, &(0x7f00000000c0))
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000480)={{0xa, 0x3, 0x24000000, 0x3ff, '\x00', 0x6}, 0x1, [0xb, 0x11, 0xfffffffffffffff9, 0x5, 0x12, 0x1, 0x4, 0xfd, 0xffffffffffffffff, 0x7, 0x1, 0x8, 0xfffffffffffffff8, 0x4000000000000004, 0x3ff, 0x4, 0x4, 0x486, 0xc0010, 0x9, 0x1, 0x3ff, 0x5, 0x5, 0x80, 0x0, 0x3, 0x6, 0x1, 0x9, 0xfffffffffffffffe, 0x71, 0xa, 0x2, 0x203, 0x4, 0x9, 0x4, 0x5, 0xc, 0xfffffffffffffff7, 0x16, 0x9db6, 0x7f, 0xfffffffffffffff2, 0x2, 0x5, 0x7, 0x9, 0x8, 0x3, 0x6, 0xa2, 0x7ffc, 0x3, 0x0, 0x9, 0x1fd, 0x80000001, 0x2, 0x3ff, 0xffffffff, 0x3, 0x8, 0xffff, 0x0, 0x10000, 0xffffffffffffffff, 0x5, 0x3, 0x8000000000000005, 0x9, 0xec, 0x7f, 0xffffffffffffffff, 0x100000000, 0x9f1a, 0xffffffffffffffff, 0x100000001, 0xf, 0x0, 0x9, 0x3, 0x7, 0xb, 0x100000002a9, 0x3, 0x4, 0x8, 0x8, 0x1, 0x2, 0x4, 0x8, 0xe73, 0xfffffffffffffff7, 0xb, 0x8000000000000000, 0x6, 0x4, 0x5, 0x2000000000000639, 0x8000000000000000, 0x4, 0x400, 0x9a06, 0x9, 0xfffffffffffffffc, 0x7, 0xb3, 0x200080000001, 0x5, 0x1000000000d30, 0x7, 0x4, 0x256, 0x8000000000006ff, 0x3, 0x7, 0x1ff, 0x6, 0x9, 0x7, 0x1b485fe1, 0x7, 0x7, 0x7, 0x5]})
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000200), 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x4088)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4048aecb, &(0x7f0000000840)={0x7, 0x0, [{0x0, 0xffffffff, 0x0, 0x7fffffff, 0x6, 0x8001, 0x4}, {0x80000000, 0x4, 0x3, 0x10, 0x8000027, 0x7, 0x5}, {0xb, 0x8, 0x0, 0xffff, 0x7fffff7f, 0x5, 0x8}, {0xa, 0x12, 0x1, 0x7, 0x200df4, 0x401, 0x80000001}, {0x0, 0x2bb, 0x0, 0xa, 0x3, 0x3ffffe, 0x400}, {0x40000000, 0xa, 0x0, 0x5, 0x8010000, 0x6, 0xf30b}, {0x2, 0x451, 0x1, 0x7ffe, 0xffffffff, 0xfffffffc, 0x4}]})
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
memfd_secret(0x80000)
ioctl$KVM_X86_SET_MSR_FILTER(0xffffffffffffffff, 0x4188aec6, &(0x7f0000002cc0)={0x0, [{0x0, 0x4d88, 0x6, &(0x7f0000000640)="7a650e526bd0998268bb5847d9beacc47a22df873eab4b8b91133675482eaa56ace8db59bed9aa07d4e390c7c9f98c462b55612196911e3c4e510ede3efde35eec990f22a76cf752e507c1e2de2920a9fc0790cc176bd2b901e4127b09835ae6d0d196048bb19a64d26f20a05b95c69f371882ef2e20c5606ed1b2ebcf09a4a333f6e1c3c4fb64d8182df4ab09d0a381d966977fc041cea9bdf0aa31fe51efe9211b9b8e6e4551b6438f8efcc41265574ff6504435eb22a678a99768f0327ded8fdcb41f27c2024d2b923f7dc5df5bf62af447b121dd9f94d766d6cebdeb02f611ab10e57af4b3268fb3f9777373bd5fd6b82f730e67c4eab113d8e65d7405be3e5d92dc5e7e85d34bb8b7c894cbed629ecc25c288b3d4556a85a1e2150cac5b686a8de29ab7c35040b77875bfa0e451dc0869cfe105bd115e7cf48f44dfdf26be65f3b727fd88d6395d051e49c060998e84b19377fcb20fe2eb392335e5a9d84555ef037aab37169ce761aa8a8ec08ea87e3a3b896f3d1b2380bc8256e0f7ea7dc488382e6112b53a7bb269d6261f87e0e0e0cef9152f8a67f412148f34880c970101fbd7b0e8fc49d6a5c87e487b7b175b15be26b6b8e1ed8527614dcefcfd80f8392560c8b706418b7de8fbb7a666a7e7f322dc70373606bf39efa04616cb99d662dfc591061bde5ed27a66aa7edbfec1eb0b1e843c372b84c3ed514a0aadf523b8669e526765d429824aeaa0a6f4c185754d437d977a1f586431dc256ce5aa7c25be259de3a0ae6e5bcdf56b4c7e8199fe6b461e78467cfac19de6956056ef57e93d3a7df8f646f4a9002b100edb0a6caa72b3f6eb29dc54de58120d27daff9cd61c64107e1bcb3b3212e1e2aa24fb24dc2dafc636c82ad25da9d934e46c7783d8f915337612feb348857ce2262240dfe51ec94d9d61074959f167b9840b20f003883bf167149228d7f03eafde851427cd1966a96aeae05b51ae4cd82f4b4dad60a070c01a8b500e2683f7136e331602e76845262825d7f3764cf1a05ad95d88aab71d41484f63fa6a43c044c7f03130552321933bc40b888fd0cc55939ff79a5059516f3b80c7ba8188ffb6a259a34567ee52c1f9df0f6c91737d688e36d076a49d1045cac30d5ed52a10381c96d9f22e469cc531bb06853d18b8f8625d2a917e795ffa4407fa75713510a3f5370e1ecbf7a5ff68a90a1eda077531cf4d399d4908f138c936e1931c72240070c6a6255f5fd03966e9a06c1d481e8e3d128e880776e572177780a3481c49bd86c174e152bafed245d58ef3428c645b08e48833960d1b5223d7be0c67a2b2c7531390d1837a84ed004a00cb4b0cd6e78824da032b48c49ec006d14206dc3d0c67d7ca87e9ea0faddc3e0b0c917c64eefeebf79e3a16c958db63a08a5d4d7210273aba3e56a4cd4cccb044750ff97749505ff1332b2dd30990849ab1500e1947d0abfb0c59760f0a502806ee1bce56fbb42251dd6ac8b709c73a6b8c548c2b23cf351dc498810e477bd082464e76702703b56d3cd2f3d8a2e00f19d8ffa3c236d3601f169c9dfe9c316f8cbe63c3801a51ea5ac785694a0c653cd28d68c5a81c2590d2aeea8c8688b2e88f46c4f99890e51b42cce485fcb4d91557fb3912b36b0dbeac8df44e945eb9937141402fb2aa1476185e1f8c37f6c98bc937f36d9c7237135132a54a03067b002b9c657ab0daa253af66eee78b0309cb8532dd2dee800c8349b731da0efa66ead82eebe0102279df5aa281fe1d86c0dbf154910d5e8a113ecbddbd046367b9e2acfa7cc406f61b472bbec6919534615ed81b664da956ce6586bf4c92d63ef371dfec5f9ce748931d585cadc9372a95a1372c7213e2c52fca253945afeee02e9f2de2d9452c85fd2dbdc87cb6c25697dfcbed8a0eba381835e6c360f3861367ec98a9a9ccf956d6cbfb706fee0d391cf82a0d4662792274f52fc2b5d72a43ec74a86400e62d3652f607774cfad1504bc0476570d532b527bf0d7012804b2e6fdf9a9414f10b16c9374f2b065348d865b309e37750d3a7e12394e356c48c9fa0d4a9a43f689f6cbf70b09a3b9782cc3d5d93480f8a7a21a049780fc6bf21f1eca938a37afcbb2b929a0c502e164d2571e78d214b359d97e3edc0ad5c7fd1625b4ece33e1f569676e9a7262ead857873f77ef149d2f8c5a09ab19ae384a7f957f612a24283c35327aa969b20711309644c5b3e6c89da94e1f5da54246bd771468a1adc8a8d601e0b12769604f0f07ca43ce2a8a2f4b5654c0b76b146c49038e07db54dae702580b97096911f034fc1797029de8b7c213c902d1d754e77ff85e6222e745db9d5d2d45c5d29a8b6de0f27e5701fdf12b09fd6c70baa0f85a424c21ce0796dbe1fd366b94fcdf64ea232b3e88b89a38d728de77e84decc804f07a48f2716ca6f76b24923cea1a4da0d1f1dc73611269e784c4fd921f9b26c11f35b5cda45842a81b603ce2155d95c273fa0743a571b52e68c9ea3f28009fc37406b9e329ce50fedfb20dfb4cdf3a94769aee2586c2a17e68a07abfcd18aceddfd3876b14558e4d092eadb9120796c44e89610494085117bc41b5c4619a8c160b97811df49fc7d9bf222d7a002640644337ef5af53ed50661131f7c042665b276c0adf0c9a74f3542729beb7632a6027e65eddff7bb27915826701ec9b6a4c672f08877eefd859e0aa6e75a2e841e1ea98dff994e5a58be628df86bff17497a4d0f92ab39db421eb1062a2a393656bbb1d92becbb91a59619156b51585cd2eafd8a18d6326166312efeaa7258bddad63e0c7372ffb7ce1f1adf1ac2ffa0f278e4be6684d762f8971ed7bb04096b96f8126bf5fd32142e745d421f495327dde0f1e2d9a1d8ba63c1453101396a2e54e89cdabac2c6a01f23a5c1d5a2dfa2a3c634176e97c9c62b41ea28102b5a08af2fba1d311bb323df086ea97726c9d8c7b7b53a3399a80f040d434fdcc2148fb1da3b7d7f0f3e3fd56471a310ee275da611c79f86be8ed6343f6ed0ad91dfeffebc3ab6389d0566d6db904c1db499ae7d2698fdc7170320f85cc3d3d0d9d0d0c7d45db7b53c5eb79a2fed2a048d9d74419532122fac62f6315a9e13b461cb4e26514491debd366927987271be963ea5805a49b8b480c6a393fda1b11fd5634890cf02948cb5bfea237afb30d081c7403cd334a02e5bb8db542c4d5fa5ec5c8a0dd36b62156881c98e01948b4775a502c5d8453439fd930df52caac9d71c28b712000b306b913c10918ca0bc194f2533334462e5cd2b2e6c978a4838febfbc2d4375b8108bd0aa32aeaf05e7ba30c781cace6470ead574f5cbfa68aa8c8d835e9b3ab2bd7dd90b5e3e6cd62d8e04c3b45326e1f560a8dd8f3db4177e9e5ccd61f21dacb5c40c8030559cdfe88f7aa98bdcde90c1214cf293b3df093d0630bc3073cbaffa025b1f5537b49d799731745de7d36cded4a9db25915a511ba505b4ddd885cd226c24ea37fd926dbd90b887"}, {0x0, 0x0, 0x1ff, 0x0}, {0x3, 0x0, 0x100d5b6, 0x0}, {0x2, 0x0, 0xfffffff8, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x3, 0x0}, {0x2, 0x0, 0xa2d, 0x0}, {0x0, 0x0, 0x1, 0x0}, {0x1, 0x0, 0xf3f, 0x0}, {0x4, 0x0, 0x1000, 0x0}, {0x3, 0x0, 0x6, 0x0}, {0x3, 0x0, 0x1000, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x1545, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x40007, 0x0}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)

37.74710164s ago: executing program 0 (id=427):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_crypto(0x10, 0x3, 0x15)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'ip6_vti0\x00', <r2=>0x0})
r3 = shmget$private(0x0, 0x800000, 0x54003f00, &(0x7f0000800000/0x800000)=nil)
shmat(r3, &(0x7f0000000000/0x4000)=nil, 0xbbdccba4532b703b)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x170})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r2], 0x20}}, 0x0)

37.548201849s ago: executing program 5 (id=429):
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000005c0)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000280)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="18747636f657526f776c8a31d3cf9ca6035301270b3ca760a1b8621299", 0x1d}, {&(0x7f0000000500)}, {&(0x7f0000000700)="04e463082eb0716c4a8f10e9aeeecf3b5531f3ee26d677609a8bdec983677733fc8262e31807510752a3d413a17452ff90fecd8960456d416416df4ef5b208b3f0d574bbb40e97665c0dfce094771d0c4514dcfadcde97517d0195d9aca8df9ae51ae3603c2790a691aee37b483c0148b9e4088bee8bdba3aa7753d1d88513e2f9e34e3383e736d92e6ad5b87f49a68939e04d063c9a88fa5d264eb8262f13042dbdf953bf96e4aee8c92a9eed9a6ddf836d081035d12c6ba289c3bad2edceaabd1c1aeb0f46642be64e005000de6169370fde5be37f741256bacb36022ff923d108d03d58e60a98e09cb6a9a5b9e47710ca86e93180567ba2f63bfd219814a43042e87d6fc3bb7e2054a1afa8e4888b0a6cb8e4c2afc5168c938c6469b0908ebc5f3a160a2f39e264be5a822becd144c5d43f86cdb83c73d3dd467121ea807acf74daf07173a2f7190566ecc6245beca37bc96298c226186f88653aba2a73baa046c00f5f5ebb77d46c19215fdf46101f4d047d3de4b53723cf2169810be7e3e9fd66aa0ab6bffd031655a143df7de7b2a80038b413bb391e5ce0ed436651e16ef5414646a1e198ff983afc30a67a91050a5ce1fbf0a5bf611d21fb5296bffa272f6ffb014433f363c478dfbaf2648059dcb2e8c612e2609b982663efc48877668fa0df73c13930526be66249659bfb152a8097d9682d9eb0ccb2a73a48cbd726035a625b2834652c7a24206b3814a215dbb75fb4661b0eed97c02ce07bb324310ebfba0bcdeb6c762e4bee7603b412ff24e834a99ed2936e3a28a971c2bc2ab2ea446579c8f5cdea3abd2d8b61bb83415f763db27806fab03da11990ebb360d00784f712092e70a7807113298965c8eb9434e6e6d6be5502b3359d89d713439382301c848eeb08dbf8e3c3ded30b77e2b786c7f077f72314e3644a534b926dbd2763b5474c7a17461a3d7564617397f64aef1d24def25e999571e7a510405face96a98098b96376e4598693853df78df30bb5e86dce8dd6ab7955064cdd55d64a70f36cffcec10ca7150a5ac964dc157b396dd7afcbb9656a1230d925d69c8b80f7e402dbe171567da6b9f42a8284f452f1390338893d6efef35f70d3ae3d1be2fc6c7a61991015dede8c10b41e4eb341069a33a80df422742644e1d7026851acf61411bb337b22f24e3ce63563acdf439d376e5d04398c42638dfc69f06ecc52adde6006ef6264f52ec4afd1876bdcd89eb47a7d820ba0434e4dac4b918222825ab3e161fb823145c3661895a1bd917d208fed5c101bfe5216904ae5e4ddaebbda8f83a926f11287acf2b6faf3736e98789fc776d64e9a0ab55f89fd71b14ddb65a4e7ce056c7cbb2b7d1c7eb2060adb066a87cbfc3b90790ae19751f37c97646dac51445d9ecf4c059d830e2b5870664e0c4498a350a6dab5e940cfe77bbb698f9dd7e5b94bb2f919d53b30dee6ed314f17930d27d783289d6bd3601a3507fb52a14d5677cf79b67cfefe972ba3dad71178cda88792c9a8351d78593b84b7bd4efdd6473b032ad0da4aeb3b96b3bb09b663baa4851e77fe1cc1e172f2e60d04f9c2f9f19366f13e946a418da421bc87d8a914c1b7ce4be107ecdc5b13da8cb8c44f615924497e84f225bdd79cb1846105a54dde8b2265d3c06a7234685cdc45c3782c6cb8eecfaa34ff5666ae18f3a62fa5a70408d1f4eca945f162210083d6e7e9c05a6de0b6a11bf7e8205a007a8119c40253b36587a005040a8db2eb4e2ddcdeb3667c79fb2ea538ced80971980fd0dca3d0c68eecf580aac24c25072ae6a1a2710c4a27c25aa20c2f57f956d06a6b61ebb71ba2d51a0794264f46d9a583eacfa05c70aebbecbf30e11157a82803a13b1f1bd45e6af30b833bdbed01ee5bda7e789c699449dea29fd6ed25410fe11b169d9200a06d3d11b370b1c82244b2edb94f9c15eb9c2ea810fc63f7e7390e4dfcfb833f0255f48e053defbac004b8e4430aade1ddad2a6d18a0faa9d72b9352f7e76f5d56bd94c9e40cb04ffe6e7a8527607149be24b410b6afe5d14790797d31d5209635312328216946c57a7b91749fac86766dd723b1491788de0dd9229b626742660e23f4eec84389a27c82d5350b360dd5f4ab5b162d99bc4b54687eadba2ac3826acc11bee02eb3b5a83d629f5475cac1d91689e847a5c5cf93af93866919474ae42287ba2c0991193722460f533fe123985e00872402e85541a4bbee629bac881117b6ce5682e48dff1c85a0028f6cba939a60809e8167246d683c581f172bfd106effc7f35fbe58e0ba9f7ee2fc56ddb39987024cf44f98b55383ca80c67763a904298a8b7116a8ffd28baf9b536342b8b8d2e37cac698395972631b1eb9240bb75e237e571dc8f51846a81394f2272782797efa51f93740b0814ee3fcbe59fb1ac3186022992cbee5c8a3c772368879763c59d69af0d6871f2443a99516454b25edf008da43b635ac69d61fcbb8b9bd493262aac9fe04b26ed988a82d9b1204bd87bc598520209279a2bf6da16d3b2521501010546ccdca95e6d1836688eacc6c5cfcfd9a9d6c6537a878d56c3773801854e8fa24c53a193c84c1a11a6e346ab38630491b1b5c3936f718a91d90816733fbcff9d2e8c56260eed5253d355fb97992b1b52eab67e4f5419dec92b5143bf6b110be74b5915394b26015aaa1809b2cda11b389c3b294e394e536add37162f85c36a6b9cd8cec0f383c6bea727c1bdabc4661f48896b71e171a4aa4e45368a9a28721ec2a72d8f42af712ecb4fc2dfa5495b5066e7b5b8bde5de2dcbd1c12be054427276118a04ecaa87380a527aed8bf1cadb4969cd7d3ad6974537334201dcbbf7a1785e028eee1995596c08e249695d1a376cdfeea9a162bfeb04136f450fe922757e33599991075dcbfabd18e3853d227a5c1c47584ac2fcb4ccdefc73ea8718e76287d49f8605e9e4a929856c067406d32bfec024690d47402f8ce7e2065e80ae4dfd0a2c020d3bb5655b72e284fe9d1e40e43483989e31d82ea53f12217162b118ba4a1dd2ea82f81076357647253d05786490378f5a79314bcda057c354d51e10e17ccdfa27a0ef0755482dd65429ed402ac7db56a386462b61cb5c2e2c62e7866cf6c3be3990cbc64b55a58a521bd1cd2b87d82ec1827d85a9036c56b7964fafff9d193c786694953f8ad5556aefc3891f116c909c35daab5d0b33c06f6e7734dcff64a36c9882e787fec7e414a1698e07bf96e97f52d47bde8119e1490229dad0dae6ce8f927bc093d51b8685eb5c184a21b623dd8e812482447cb912a6d177c48e399c755c4e2921914b42fb04bd22c5d29b3ce802a570350e18922110a6b36725adcce39020f14fc8b06ddbe6e2b05714a457f8d7429917bd87e395f3e3eb2d8d82f0a0d4aa66cb7bf4e1f15b1c87ef1db4955031567f5877cab4c6c7895929f85883997c10248278e8cad7e686d3e474dc4f84c989e72dd877dad5e15879a650d6b8a8f7699c26f95477497f4dadf4bc4aed9d02bc1d1a0ac0b69639672ad264d30e201c3c958f6bc11d71e0227ac93dd6579fd333cbab5f1098bfd68c9c47d004f0574aed026d0ab6f8268eb6f0905ee0e64806d6c81e0288f066237400ab96f2366aae1e144ebe26533c997901908988dc9cad5e5d91cfb56fc8f8516d924f0e50ab0598e3af7fc06e83ede04b4541b91033ca93816b236e074aac8d0b3554c0b4d2316eae528e6775ac687d76a210d7107cce94346094d8998041552609f0b5bbb5c4d20fa20b32b516005ff02275c855ed65a179533f567bfad8cd946c7e93ba8f44da8ff4b48e3ebb99e388294e5165dad99bad0c748f375b763483ee1086e97b3a2ee56a005d6677e4323cae39f964fa81160ecb491ad5da0a9807e8028f2570952332528041f5f39bb1dbbb19e42d776157fa35e72f25e2800103f79737fe087eea9913d92564b2ad26a7641326b876ad764ecdb938d35b0e0523e7641d1a7703dd222db39cdb1c37f09f9883b5b3c8d823c727ab14ede98c4968aea9c6014321429dd86725204f9c81707f0edfaa8685b0e5fed3302fdcfb12cd4ab9e525a8b6a21b70330782a8a42a84cacc3e4007a6bd4d3f6c7fa087c6334e5198df56a2e89f38197c2b5e84dc599f47b014833a36f964442eb4456be788248e5c124da22b8ec30aae825180a7fb837707bb8bbd24b51f8e1d46bf5f525d5aadd70b44f5fbdaeb75bcd25b1e3e369ba882688fc0cdd33692e1f3f36a5bcf5fba312a9a4994e7e17ac02b1c30e6827715aca7ef56c7047bba2d3518bd7cf4dbc413ad7da99795ea732ea1f71c6963e588c3d6bcb7826618618ba3fb561b16dd083adbdfafd0499d4822307252a8ac09d03241ba2d3320e72cfe6a33048352c2f46b81e5d0056da322e8b886de0bf702a6750165d486fcfdecf90fd506cc28c95083ff36e573881df0a5cb56ae93fba32c2b903d2c8f8eb02e09236da61cb4d61bbd02a8fe25cafc0b65cfac49f0d7c3d7ea657c04014620f7dedbf456e649fbee5610cf98d32a98d4049d38235c32cd66477c460835bcf9e678a5dd0e1db320d847bc8dcd2bd3079de582e317ccd8ff7b74e788139a303b804e5662ac7364308c5e3e2e44a2cd8541c5a70a03ca5bf1c58287080feb1e4b20d14c15e4fe8afef5a967372431470920385be0b2a0f52e1a258978573534a25ef265fd7d50fd52061fbd41f6e667d018cef22bef8847c506f1afd660c5ef14d662f81a7ceaa0940c6f57b24f406583677ee45dceb65f1dece8890957380fa39a521eab16df1ffea9ee7309d4cf1000c7125dc2823d738cec773c75d46bc255d739892664b3c7d30749460740f9a1bc73cad43fa596bc4d59d160db7111ece2a72043a9288369767dadeba89d469f2e881cff2b80d856c8facdf0a75549b9196c04347a2336197d875b6d150cba513d3cfe0b5e8138927dfd1687c4347a7902740d961ab95b1b3a985adb9a60a2c249a7abaceb4ef612abf0a0e178653e0701a3f60b02f18beeda5dd7c039339eae28e9b332cccde071f1f6a135246bd940d51666e7ab33000ba2f5257a7f642220ba6f315d743ba3ec95d46eaf7e0fca2cfab21cc26c87bed7f206318be97b48b759d5017f28f10f61c630b45ebe8953bc1fa09c8791dac39213318a663290ed1272c23c492b148ac4a8b2709b3a9c4ad7819c7b1da3dd990a7bc7b856ec562df90a7807bbdbdf10bda81558f3634a71e0deaaddfde8b2f869b0a8dbc740d0eec51fdb6fb721b52f960ffb8f03c02f8a447c1797f205f7a9a1a75cfa04e61add57b9cf376ae30e1ee94599179899a48b7a7f36506ba16b360ebe3affbf75f9ff76846843b9d00b811ef314fdc6df9bb6d3ca18839003d188f2010211708a4b8fd6db16413e3e6f24594521ca1dd87ef09894a19f8030da81115a39b32ef2504ee0eebaa95a0f781c0f7717dcad8e09946da0f8c593f9f7afe468f4129ce420dd4f6ec06916c626d3a09d749d399bd48993d83b111764278bfe577fa7fb82efc06cdc580c8d3a42dfe1bc48bb02bd77d59f71753839c67c01dccab87fb29210f41af0409e96fd2c156e116d679eb7b23532df7d701228c67fb4ca076d0b42a3aff5584d9f3bccaf1216569931d51e78d0925f61ea0ace00c51e3ffe6e98e89f4f9b0b9e755a74336b368e2e897fe941dd233ee3485dcf96c5f1e08edf2ed9935637ee3a1a9001382783589fabdb3097e6e22da4bbece26365079c9100a664263ad56be717bf10dc2851fcdef2b8c", 0x1000}], 0x3, 0x0, 0x0, 0x1}], 0x1, 0x40808d4)
readv(r1, &(0x7f00000000c0)=[{&(0x7f0000001780)=""/4096, 0x1000}], 0x1)

37.398486958s ago: executing program 0 (id=430):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (async)
r1 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000201c1b100c00000000000109022d0001000060000904008002030000000921060400012205000905810320000908070905020340"], 0x0)
syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501)
socket$kcm(0x29, 0x5, 0x0) (async)
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) (async)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x20902, 0x0)
write$sequencer(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="810100000004000081", @ANYRES32=r2], 0x10) (async)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (rerun: 64)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_SMI(r4, 0xaeb7) (async)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r5, 0x5393, &(0x7f0000000000))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x120c0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = socket(0x11, 0x3, 0x0)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x1, 0x100, 0x100, 0x100, 0x0, 0x4}, 0x1c) (async)
sendmsg$BATADV_CMD_GET_VLAN(r7, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
close_range(r6, 0xffffffffffffffff, 0x2)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000000), 0x80081, 0x0)
mmap(&(0x7f000097b000/0x2000)=nil, 0x2000, 0x1000000, 0x13, 0xffffffffffffffff, 0x0) (async)
write$uinput_user_dev(r10, &(0x7f0000000840)={'syz0\x00', {0x1, 0x8000, 0x9, 0xac23}, 0x40, [0x10, 0x8000, 0x7, 0x7, 0xffcf, 0x7, 0x8, 0x1ff, 0xe85ab6b, 0x1, 0x4cc59373, 0x0, 0x8001, 0x1, 0x6, 0x16, 0x4, 0x1, 0x2, 0x6, 0x3, 0x4, 0x10000, 0x0, 0x4e3, 0x40000001, 0x7fff, 0x9, 0x0, 0x2, 0x1, 0xe, 0x8000, 0xffffffff, 0xa0, 0x80, 0x7, 0x3, 0xbc49, 0x696, 0x8000, 0x1, 0xb, 0x7, 0x7, 0x7, 0x2, 0xfff, 0x3, 0xff, 0x1, 0x4, 0x2000005, 0xffffffff, 0x0, 0x8, 0x7ff, 0x4, 0x3, 0xffffffff, 0x3, 0x80000100, 0x5, 0xb], [0x7, 0x9d2, 0x80000001, 0x800, 0x3, 0x9, 0x7, 0x7, 0x5, 0x80000001, 0x8, 0x40, 0x9, 0xc, 0x80000001, 0x4, 0x5, 0xd, 0xfffffff7, 0x3, 0x0, 0x2, 0x2, 0x3, 0xb, 0x66fe, 0x6, 0x5, 0xe03, 0x3ff, 0x4, 0xbffffc00, 0x3, 0x4, 0x101, 0x3, 0x7f, 0x3, 0xd08, 0x1, 0x1, 0x22, 0xfc000000, 0x0, 0x1, 0x4, 0xe37, 0x3, 0x0, 0x9ce6, 0xe8, 0xffff8000, 0x2, 0xb, 0xd7a8, 0x6, 0xbdc, 0x3e6, 0x2, 0x9, 0x0, 0x8, 0x7fffffff, 0x6], [0x1, 0x9, 0x7, 0x0, 0x10000001, 0x400b0, 0x8, 0x5, 0x2, 0x4, 0xa, 0x8, 0x3, 0x3, 0x4, 0xe, 0x8001, 0x1, 0x0, 0x9, 0x200, 0xbf1c, 0x79fc, 0x2, 0xf9, 0xffffff26, 0x0, 0xfffffff7, 0x9, 0x1, 0x7, 0x2, 0x8000, 0x10, 0x5, 0x3, 0x1, 0x10, 0x1, 0x2, 0xec5f, 0x8001, 0x7fffffff, 0x1b9, 0x5c78, 0x1, 0x8, 0x3, 0x1, 0x9, 0x3a17, 0x3, 0x74da, 0xec9, 0x140, 0x6, 0x3, 0x6, 0x1, 0x7fff, 0xa, 0x7f, 0x7, 0x1], [0x0, 0x20f, 0x7ffffffd, 0x200, 0x0, 0x45aa, 0xb, 0x2, 0xffff, 0x4, 0x9, 0x80000000, 0xffff, 0xb7, 0x3a1, 0xfffffff1, 0xffff, 0xc, 0x28002, 0xfffffffe, 0x9, 0x3ff, 0x1, 0xdf76, 0x63, 0xa, 0x7f, 0x100, 0x40, 0x4, 0x2, 0x8, 0x8, 0x7, 0x4, 0x3, 0x0, 0x2, 0x6b2, 0x9, 0xcd5e, 0x59, 0x9, 0x6, 0x6, 0x9, 0x5, 0x1, 0x0, 0x4, 0x9, 0x6, 0x1, 0x6, 0x3, 0x3, 0x9, 0xfff, 0x5, 0x3, 0x8, 0x1, 0x5, 0x6]}, 0x45c)
io_setup(0x0, &(0x7f0000000040)=<r11=>0x0)
io_cancel(r11, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0xbe21, r9, &(0x7f0000000080)="22ba13eaef7a4cec61e8d5c8753e3fe87d113ebb1548b55b9ed46962e4ab11aecb3eef70622c5a69eb", 0x29, 0x3dc0}, &(0x7f0000000100)) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (rerun: 32)

37.314985594s ago: executing program 5 (id=431):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r1, 0x5421, &(0x7f0000000140)=0x1)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
syz_genetlink_get_family_id$tipc2(0x0, r0)

37.107618789s ago: executing program 5 (id=432):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b00010000100009045507010349020009058203"], 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000006c0)='net/igmp\x00')
pread64(r1, &(0x7f0000000280)=""/86, 0x56, 0x4000000000000f3)
syz_usb_control_io(r0, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

36.628167026s ago: executing program 1 (id=435):
fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
lseek(r2, 0x6, 0x0)

36.04488072s ago: executing program 0 (id=438):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0xe, &(0x7f0000000140)={@local, @broadcast, @void, {@generic={0x88fb}}}, 0x0)
r2 = socket$inet6(0xa, 0x800, 0x7)
sendmmsg$inet6(r2, &(0x7f0000001480), 0x0, 0x400c404)
exit(0xfe)
sendmmsg$inet6(r2, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f00000007c0)}}, {{&(0x7f0000000800)={0xa, 0x4e21, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c, &(0x7f0000000c40)=[{0x0}, {0x0}, {&(0x7f0000000940)}, {0x0}, {0x0}, {&(0x7f0000000c00)}], 0x6}}, {{0x0, 0x0, &(0x7f00000045c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000680)="597a6b789cd5110caaa8e68623b0d55cfdff26cc78f16da427c07a314759cf6ca6867f2cda685d0f6a6723b953cb682580a11d0f01f7d7c16d7fb344aea09f9c6aa7639fc31813f85abae92cc838632e169851ff784e77c611e47d0a0269651bb766f9668aa38a809267f6afb294fecbee8cc438", 0x74}], 0x5}}], 0x3, 0x48c0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
getdents(r3, &(0x7f0000000000)=""/43, 0x2b)
getdents64(r3, 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x4, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x0, 0x4000000, 0x8}, 0x3c)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0xfffffffd, 0x4, 0x800}, 0x3c)
socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f00000003c0)=0xa, 0x4)
madvise(&(0x7f00002a3000/0x2000)=nil, 0x2000, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x1a, 0x1, 0xb)
readlinkat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000980)=""/186, 0xdb)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
sendmsg$nl_generic(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001600010a00000000010000000200000008002280040008806188e1ffad0ffccfcfd09a87ea87ad65d908be8f8d1d3630400f2f2d20ed9b739a508f995fde95adc387e4ffcd0df78c5afda9b08935db3c274c4a22f3079a1ee98c06592a329702a13bac437fcf4719ae55455f7ec880ebfa619e9c1fe3d9f8bdd327241bd721afb181e1a0bfbaf8eebe54a67d1c427daedc"], 0x1c}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='timers\x00')

36.015363411s ago: executing program 4 (id=439):
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004d0000480000000000059078ac1e0001ac141434441409030000000000000000ac1414aa000000004f07ceffffffff830200000000004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000190780000"], 0x0) (async)
r0 = syz_open_dev$media(&(0x7f0000000380), 0x3, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f00000005c0)={0x0, 0x7, 0x0, &(0x7f0000001040)=[{}, {}, {}, {}, {<r1=>0x80000000}, {}, {}], 0x2, 0x0, &(0x7f0000000c80)=[{}, {}], 0x4, 0x0, &(0x7f0000000400)=[{}, {}, {}, {}], 0x0, 0x0, &(0x7f00000004c0)})
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f00000008c0)={r1, 0x0, &(0x7f00000002c0)})
r2 = syz_open_dev$dri(&(0x7f0000002d40), 0x0, 0x40)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000002e80)={0x0, 0x0, 0x4, 0xfff, 0x8000})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x8, 0x8001, 0x0, 0xb, 0x8000000000000000, 0x6, 0xfa11, 0xffffffff}, 0x0) (async)
writev(0xffffffffffffffff, 0x0, 0x0) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[], 0xfe33) (async)
r5 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0x0, 0x6, 0x4, {0x9, @win={{0xe, 0xfffffffa, 0xe, 0x975}, 0x7, 0xc53, 0x0, 0x5, 0x0, 0xff}}}) (async)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc25c4110, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe5, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xfffd}}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x68, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x38, 0x2, [@TCA_FLOW_ACT={0x34, 0x9, 0x0, 0x1, [@m_mirred={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x68}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x2000c88c) (async)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc040}, 0x90)
timer_create(0x3, 0x0, &(0x7f00000000c0)) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)

35.536677618s ago: executing program 4 (id=441):
bind$alg(0xffffffffffffffff, &(0x7f0000000400)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000005c0)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(r0, &(0x7f0000000280)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="18747636f657526f776c8a31d3cf9ca6035301270b3ca760a1b8621299", 0x1d}, {&(0x7f0000000500)}, {&(0x7f0000000700)="04e463082eb0716c4a8f10e9aeeecf3b5531f3ee26d677609a8bdec983677733fc8262e31807510752a3d413a17452ff90fecd8960456d416416df4ef5b208b3f0d574bbb40e97665c0dfce094771d0c4514dcfadcde97517d0195d9aca8df9ae51ae3603c2790a691aee37b483c0148b9e4088bee8bdba3aa7753d1d88513e2f9e34e3383e736d92e6ad5b87f49a68939e04d063c9a88fa5d264eb8262f13042dbdf953bf96e4aee8c92a9eed9a6ddf836d081035d12c6ba289c3bad2edceaabd1c1aeb0f46642be64e005000de6169370fde5be37f741256bacb36022ff923d108d03d58e60a98e09cb6a9a5b9e47710ca86e93180567ba2f63bfd219814a43042e87d6fc3bb7e2054a1afa8e4888b0a6cb8e4c2afc5168c938c6469b0908ebc5f3a160a2f39e264be5a822becd144c5d43f86cdb83c73d3dd467121ea807acf74daf07173a2f7190566ecc6245beca37bc96298c226186f88653aba2a73baa046c00f5f5ebb77d46c19215fdf46101f4d047d3de4b53723cf2169810be7e3e9fd66aa0ab6bffd031655a143df7de7b2a80038b413bb391e5ce0ed436651e16ef5414646a1e198ff983afc30a67a91050a5ce1fbf0a5bf611d21fb5296bffa272f6ffb014433f363c478dfbaf2648059dcb2e8c612e2609b982663efc48877668fa0df73c13930526be66249659bfb152a8097d9682d9eb0ccb2a73a48cbd726035a625b2834652c7a24206b3814a215dbb75fb4661b0eed97c02ce07bb324310ebfba0bcdeb6c762e4bee7603b412ff24e834a99ed2936e3a28a971c2bc2ab2ea446579c8f5cdea3abd2d8b61bb83415f763db27806fab03da11990ebb360d00784f712092e70a7807113298965c8eb9434e6e6d6be5502b3359d89d713439382301c848eeb08dbf8e3c3ded30b77e2b786c7f077f72314e3644a534b926dbd2763b5474c7a17461a3d7564617397f64aef1d24def25e999571e7a510405face96a98098b96376e4598693853df78df30bb5e86dce8dd6ab7955064cdd55d64a70f36cffcec10ca7150a5ac964dc157b396dd7afcbb9656a1230d925d69c8b80f7e402dbe171567da6b9f42a8284f452f1390338893d6efef35f70d3ae3d1be2fc6c7a61991015dede8c10b41e4eb341069a33a80df422742644e1d7026851acf61411bb337b22f24e3ce63563acdf439d376e5d04398c42638dfc69f06ecc52adde6006ef6264f52ec4afd1876bdcd89eb47a7d820ba0434e4dac4b918222825ab3e161fb823145c3661895a1bd917d208fed5c101bfe5216904ae5e4ddaebbda8f83a926f11287acf2b6faf3736e98789fc776d64e9a0ab55f89fd71b14ddb65a4e7ce056c7cbb2b7d1c7eb2060adb066a87cbfc3b90790ae19751f37c97646dac51445d9ecf4c059d830e2b5870664e0c4498a350a6dab5e940cfe77bbb698f9dd7e5b94bb2f919d53b30dee6ed314f17930d27d783289d6bd3601a3507fb52a14d5677cf79b67cfefe972ba3dad71178cda88792c9a8351d78593b84b7bd4efdd6473b032ad0da4aeb3b96b3bb09b663baa4851e77fe1cc1e172f2e60d04f9c2f9f19366f13e946a418da421bc87d8a914c1b7ce4be107ecdc5b13da8cb8c44f615924497e84f225bdd79cb1846105a54dde8b2265d3c06a7234685cdc45c3782c6cb8eecfaa34ff5666ae18f3a62fa5a70408d1f4eca945f162210083d6e7e9c05a6de0b6a11bf7e8205a007a8119c40253b36587a005040a8db2eb4e2ddcdeb3667c79fb2ea538ced80971980fd0dca3d0c68eecf580aac24c25072ae6a1a2710c4a27c25aa20c2f57f956d06a6b61ebb71ba2d51a0794264f46d9a583eacfa05c70aebbecbf30e11157a82803a13b1f1bd45e6af30b833bdbed01ee5bda7e789c699449dea29fd6ed25410fe11b169d9200a06d3d11b370b1c82244b2edb94f9c15eb9c2ea810fc63f7e7390e4dfcfb833f0255f48e053defbac004b8e4430aade1ddad2a6d18a0faa9d72b9352f7e76f5d56bd94c9e40cb04ffe6e7a8527607149be24b410b6afe5d14790797d31d5209635312328216946c57a7b91749fac86766dd723b1491788de0dd9229b626742660e23f4eec84389a27c82d5350b360dd5f4ab5b162d99bc4b54687eadba2ac3826acc11bee02eb3b5a83d629f5475cac1d91689e847a5c5cf93af93866919474ae42287ba2c0991193722460f533fe123985e00872402e85541a4bbee629bac881117b6ce5682e48dff1c85a0028f6cba939a60809e8167246d683c581f172bfd106effc7f35fbe58e0ba9f7ee2fc56ddb39987024cf44f98b55383ca80c67763a904298a8b7116a8ffd28baf9b536342b8b8d2e37cac698395972631b1eb9240bb75e237e571dc8f51846a81394f2272782797efa51f93740b0814ee3fcbe59fb1ac3186022992cbee5c8a3c772368879763c59d69af0d6871f2443a99516454b25edf008da43b635ac69d61fcbb8b9bd493262aac9fe04b26ed988a82d9b1204bd87bc598520209279a2bf6da16d3b2521501010546ccdca95e6d1836688eacc6c5cfcfd9a9d6c6537a878d56c3773801854e8fa24c53a193c84c1a11a6e346ab38630491b1b5c3936f718a91d90816733fbcff9d2e8c56260eed5253d355fb97992b1b52eab67e4f5419dec92b5143bf6b110be74b5915394b26015aaa1809b2cda11b389c3b294e394e536add37162f85c36a6b9cd8cec0f383c6bea727c1bdabc4661f48896b71e171a4aa4e45368a9a28721ec2a72d8f42af712ecb4fc2dfa5495b5066e7b5b8bde5de2dcbd1c12be054427276118a04ecaa87380a527aed8bf1cadb4969cd7d3ad6974537334201dcbbf7a1785e028eee1995596c08e249695d1a376cdfeea9a162bfeb04136f450fe922757e33599991075dcbfabd18e3853d227a5c1c47584ac2fcb4ccdefc73ea8718e76287d49f8605e9e4a929856c067406d32bfec024690d47402f8ce7e2065e80ae4dfd0a2c020d3bb5655b72e284fe9d1e40e43483989e31d82ea53f12217162b118ba4a1dd2ea82f81076357647253d05786490378f5a79314bcda057c354d51e10e17ccdfa27a0ef0755482dd65429ed402ac7db56a386462b61cb5c2e2c62e7866cf6c3be3990cbc64b55a58a521bd1cd2b87d82ec1827d85a9036c56b7964fafff9d193c786694953f8ad5556aefc3891f116c909c35daab5d0b33c06f6e7734dcff64a36c9882e787fec7e414a1698e07bf96e97f52d47bde8119e1490229dad0dae6ce8f927bc093d51b8685eb5c184a21b623dd8e812482447cb912a6d177c48e399c755c4e2921914b42fb04bd22c5d29b3ce802a570350e18922110a6b36725adcce39020f14fc8b06ddbe6e2b05714a457f8d7429917bd87e395f3e3eb2d8d82f0a0d4aa66cb7bf4e1f15b1c87ef1db4955031567f5877cab4c6c7895929f85883997c10248278e8cad7e686d3e474dc4f84c989e72dd877dad5e15879a650d6b8a8f7699c26f95477497f4dadf4bc4aed9d02bc1d1a0ac0b69639672ad264d30e201c3c958f6bc11d71e0227ac93dd6579fd333cbab5f1098bfd68c9c47d004f0574aed026d0ab6f8268eb6f0905ee0e64806d6c81e0288f066237400ab96f2366aae1e144ebe26533c997901908988dc9cad5e5d91cfb56fc8f8516d924f0e50ab0598e3af7fc06e83ede04b4541b91033ca93816b236e074aac8d0b3554c0b4d2316eae528e6775ac687d76a210d7107cce94346094d8998041552609f0b5bbb5c4d20fa20b32b516005ff02275c855ed65a179533f567bfad8cd946c7e93ba8f44da8ff4b48e3ebb99e388294e5165dad99bad0c748f375b763483ee1086e97b3a2ee56a005d6677e4323cae39f964fa81160ecb491ad5da0a9807e8028f2570952332528041f5f39bb1dbbb19e42d776157fa35e72f25e2800103f79737fe087eea9913d92564b2ad26a7641326b876ad764ecdb938d35b0e0523e7641d1a7703dd222db39cdb1c37f09f9883b5b3c8d823c727ab14ede98c4968aea9c6014321429dd86725204f9c81707f0edfaa8685b0e5fed3302fdcfb12cd4ab9e525a8b6a21b70330782a8a42a84cacc3e4007a6bd4d3f6c7fa087c6334e5198df56a2e89f38197c2b5e84dc599f47b014833a36f964442eb4456be788248e5c124da22b8ec30aae825180a7fb837707bb8bbd24b51f8e1d46bf5f525d5aadd70b44f5fbdaeb75bcd25b1e3e369ba882688fc0cdd33692e1f3f36a5bcf5fba312a9a4994e7e17ac02b1c30e6827715aca7ef56c7047bba2d3518bd7cf4dbc413ad7da99795ea732ea1f71c6963e588c3d6bcb7826618618ba3fb561b16dd083adbdfafd0499d4822307252a8ac09d03241ba2d3320e72cfe6a33048352c2f46b81e5d0056da322e8b886de0bf702a6750165d486fcfdecf90fd506cc28c95083ff36e573881df0a5cb56ae93fba32c2b903d2c8f8eb02e09236da61cb4d61bbd02a8fe25cafc0b65cfac49f0d7c3d7ea657c04014620f7dedbf456e649fbee5610cf98d32a98d4049d38235c32cd66477c460835bcf9e678a5dd0e1db320d847bc8dcd2bd3079de582e317ccd8ff7b74e788139a303b804e5662ac7364308c5e3e2e44a2cd8541c5a70a03ca5bf1c58287080feb1e4b20d14c15e4fe8afef5a967372431470920385be0b2a0f52e1a258978573534a25ef265fd7d50fd52061fbd41f6e667d018cef22bef8847c506f1afd660c5ef14d662f81a7ceaa0940c6f57b24f406583677ee45dceb65f1dece8890957380fa39a521eab16df1ffea9ee7309d4cf1000c7125dc2823d738cec773c75d46bc255d739892664b3c7d30749460740f9a1bc73cad43fa596bc4d59d160db7111ece2a72043a9288369767dadeba89d469f2e881cff2b80d856c8facdf0a75549b9196c04347a2336197d875b6d150cba513d3cfe0b5e8138927dfd1687c4347a7902740d961ab95b1b3a985adb9a60a2c249a7abaceb4ef612abf0a0e178653e0701a3f60b02f18beeda5dd7c039339eae28e9b332cccde071f1f6a135246bd940d51666e7ab33000ba2f5257a7f642220ba6f315d743ba3ec95d46eaf7e0fca2cfab21cc26c87bed7f206318be97b48b759d5017f28f10f61c630b45ebe8953bc1fa09c8791dac39213318a663290ed1272c23c492b148ac4a8b2709b3a9c4ad7819c7b1da3dd990a7bc7b856ec562df90a7807bbdbdf10bda81558f3634a71e0deaaddfde8b2f869b0a8dbc740d0eec51fdb6fb721b52f960ffb8f03c02f8a447c1797f205f7a9a1a75cfa04e61add57b9cf376ae30e1ee94599179899a48b7a7f36506ba16b360ebe3affbf75f9ff76846843b9d00b811ef314fdc6df9bb6d3ca18839003d188f2010211708a4b8fd6db16413e3e6f24594521ca1dd87ef09894a19f8030da81115a39b32ef2504ee0eebaa95a0f781c0f7717dcad8e09946da0f8c593f9f7afe468f4129ce420dd4f6ec06916c626d3a09d749d399bd48993d83b111764278bfe577fa7fb82efc06cdc580c8d3a42dfe1bc48bb02bd77d59f71753839c67c01dccab87fb29210f41af0409e96fd2c156e116d679eb7b23532df7d701228c67fb4ca076d0b42a3aff5584d9f3bccaf1216569931d51e78d0925f61ea0ace00c51e3ffe6e98e89f4f9b0b9e755a74336b368e2e897fe941dd233ee3485dcf96c5f1e08edf2ed9935637ee3a1a9001382783589fabdb3097e6e22da4bbece26365079c9100a664263ad56be717bf10dc2851fcdef2b8c", 0x1000}], 0x3, 0x0, 0x0, 0x1}], 0x1, 0x40808d4)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000001780)=""/4096, 0x1000}], 0x1)

35.138987729s ago: executing program 4 (id=443):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="7c0000001000ffff2bbd7000bbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="100a0500231a0500480012800e00010069703665727370616e00000034000280060003003000000014000700fc02000000000000000080000000000014000600fc"], 0x7c}, 0x1, 0x20000, 0x0, 0x240440d5}, 0x9080)

34.973656341s ago: executing program 5 (id=445):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r3 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0x7fff, &(0x7f0000000240)="12d6cacc400cb28384641a92606ff1d67f7718dadaa571f32ee2eb179974146cb14384e0e9a430de36da9cfa0941cbdb45400dbbf771a9f0d840b73de0cb08d1d3be1afc468f2a26a39cdfba80aa009e0b6b4bab31776e6f4b3cbe471b323c3e805335edbad98b115636442e777dce7bc27e899b8bc13ebd3a9b22f3813b493bcddc5ecc46eada6853")
ptrace$setregset(0x4205, r3, 0x1, &(0x7f00000001c0)={&(0x7f0000000100)="023e540000530c0648444f138d9c176b04f0f91de6b9fe593adb984dcb636b3f3b825c376f2b590f", 0x28})
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, &(0x7f00000000c0))
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000480)={{0xa, 0x3, 0x24000000, 0x3ff, '\x00', 0x6}, 0x1, [0xb, 0x11, 0xfffffffffffffff9, 0x5, 0x12, 0x1, 0x4, 0xfd, 0xffffffffffffffff, 0x7, 0x1, 0x8, 0xfffffffffffffff8, 0x4000000000000004, 0x3ff, 0x4, 0x4, 0x486, 0xc0010, 0x9, 0x1, 0x3ff, 0x5, 0x5, 0x80, 0x0, 0x3, 0x6, 0x1, 0x9, 0xfffffffffffffffe, 0x71, 0xa, 0x2, 0x203, 0x4, 0x9, 0x4, 0x5, 0xc, 0xfffffffffffffff7, 0x16, 0x9db6, 0x7f, 0xfffffffffffffff2, 0x2, 0x5, 0x7, 0x9, 0x8, 0x3, 0x6, 0xa2, 0x7ffc, 0x3, 0x0, 0x9, 0x1fd, 0x80000001, 0x2, 0x3ff, 0xffffffff, 0x3, 0x8, 0xffff, 0x0, 0x10000, 0xffffffffffffffff, 0x5, 0x3, 0x8000000000000005, 0x9, 0xec, 0x7f, 0xffffffffffffffff, 0x100000000, 0x9f1a, 0xffffffffffffffff, 0x100000001, 0xf, 0x0, 0x9, 0x3, 0x7, 0xb, 0x100000002a9, 0x3, 0x4, 0x8, 0x8, 0x1, 0x2, 0x4, 0x8, 0xe73, 0xfffffffffffffff7, 0xb, 0x8000000000000000, 0x6, 0x4, 0x5, 0x2000000000000639, 0x8000000000000000, 0x4, 0x400, 0x9a06, 0x9, 0xfffffffffffffffc, 0x7, 0xb3, 0x200080000001, 0x5, 0x1000000000d30, 0x7, 0x4, 0x256, 0x8000000000006ff, 0x3, 0x7, 0x1ff, 0x6, 0x9, 0x7, 0x1b485fe1, 0x7, 0x7, 0x7, 0x5]})
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000200), 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x4088)
r5 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4048aecb, &(0x7f0000000840)={0x7, 0x0, [{0x0, 0xffffffff, 0x0, 0x7fffffff, 0x6, 0x8001, 0x4}, {0x80000000, 0x4, 0x3, 0x10, 0x8000027, 0x7, 0x5}, {0xb, 0x8, 0x0, 0xffff, 0x7fffff7f, 0x5, 0x8}, {0xa, 0x12, 0x1, 0x7, 0x200df4, 0x401, 0x80000001}, {0x0, 0x2bb, 0x0, 0xa, 0x3, 0x3ffffe, 0x400}, {0x40000000, 0xa, 0x0, 0x5, 0x8010000, 0x6, 0xf30b}, {0x2, 0x451, 0x1, 0x7ffe, 0xffffffff, 0xfffffffc, 0x4}]})
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
memfd_secret(0x80000)
ioctl$KVM_X86_SET_MSR_FILTER(0xffffffffffffffff, 0x4188aec6, &(0x7f0000002cc0)={0x0, [{0x0, 0x4d88, 0x6, &(0x7f0000000640)="7a650e526bd0998268bb5847d9beacc47a22df873eab4b8b91133675482eaa56ace8db59bed9aa07d4e390c7c9f98c462b55612196911e3c4e510ede3efde35eec990f22a76cf752e507c1e2de2920a9fc0790cc176bd2b901e4127b09835ae6d0d196048bb19a64d26f20a05b95c69f371882ef2e20c5606ed1b2ebcf09a4a333f6e1c3c4fb64d8182df4ab09d0a381d966977fc041cea9bdf0aa31fe51efe9211b9b8e6e4551b6438f8efcc41265574ff6504435eb22a678a99768f0327ded8fdcb41f27c2024d2b923f7dc5df5bf62af447b121dd9f94d766d6cebdeb02f611ab10e57af4b3268fb3f9777373bd5fd6b82f730e67c4eab113d8e65d7405be3e5d92dc5e7e85d34bb8b7c894cbed629ecc25c288b3d4556a85a1e2150cac5b686a8de29ab7c35040b77875bfa0e451dc0869cfe105bd115e7cf48f44dfdf26be65f3b727fd88d6395d051e49c060998e84b19377fcb20fe2eb392335e5a9d84555ef037aab37169ce761aa8a8ec08ea87e3a3b896f3d1b2380bc8256e0f7ea7dc488382e6112b53a7bb269d6261f87e0e0e0cef9152f8a67f412148f34880c970101fbd7b0e8fc49d6a5c87e487b7b175b15be26b6b8e1ed8527614dcefcfd80f8392560c8b706418b7de8fbb7a666a7e7f322dc70373606bf39efa04616cb99d662dfc591061bde5ed27a66aa7edbfec1eb0b1e843c372b84c3ed514a0aadf523b8669e526765d429824aeaa0a6f4c185754d437d977a1f586431dc256ce5aa7c25be259de3a0ae6e5bcdf56b4c7e8199fe6b461e78467cfac19de6956056ef57e93d3a7df8f646f4a9002b100edb0a6caa72b3f6eb29dc54de58120d27daff9cd61c64107e1bcb3b3212e1e2aa24fb24dc2dafc636c82ad25da9d934e46c7783d8f915337612feb348857ce2262240dfe51ec94d9d61074959f167b9840b20f003883bf167149228d7f03eafde851427cd1966a96aeae05b51ae4cd82f4b4dad60a070c01a8b500e2683f7136e331602e76845262825d7f3764cf1a05ad95d88aab71d41484f63fa6a43c044c7f03130552321933bc40b888fd0cc55939ff79a5059516f3b80c7ba8188ffb6a259a34567ee52c1f9df0f6c91737d688e36d076a49d1045cac30d5ed52a10381c96d9f22e469cc531bb06853d18b8f8625d2a917e795ffa4407fa75713510a3f5370e1ecbf7a5ff68a90a1eda077531cf4d399d4908f138c936e1931c72240070c6a6255f5fd03966e9a06c1d481e8e3d128e880776e572177780a3481c49bd86c174e152bafed245d58ef3428c645b08e48833960d1b5223d7be0c67a2b2c7531390d1837a84ed004a00cb4b0cd6e78824da032b48c49ec006d14206dc3d0c67d7ca87e9ea0faddc3e0b0c917c64eefeebf79e3a16c958db63a08a5d4d7210273aba3e56a4cd4cccb044750ff97749505ff1332b2dd30990849ab1500e1947d0abfb0c59760f0a502806ee1bce56fbb42251dd6ac8b709c73a6b8c548c2b23cf351dc498810e477bd082464e76702703b56d3cd2f3d8a2e00f19d8ffa3c236d3601f169c9dfe9c316f8cbe63c3801a51ea5ac785694a0c653cd28d68c5a81c2590d2aeea8c8688b2e88f46c4f99890e51b42cce485fcb4d91557fb3912b36b0dbeac8df44e945eb9937141402fb2aa1476185e1f8c37f6c98bc937f36d9c7237135132a54a03067b002b9c657ab0daa253af66eee78b0309cb8532dd2dee800c8349b731da0efa66ead82eebe0102279df5aa281fe1d86c0dbf154910d5e8a113ecbddbd046367b9e2acfa7cc406f61b472bbec6919534615ed81b664da956ce6586bf4c92d63ef371dfec5f9ce748931d585cadc9372a95a1372c7213e2c52fca253945afeee02e9f2de2d9452c85fd2dbdc87cb6c25697dfcbed8a0eba381835e6c360f3861367ec98a9a9ccf956d6cbfb706fee0d391cf82a0d4662792274f52fc2b5d72a43ec74a86400e62d3652f607774cfad1504bc0476570d532b527bf0d7012804b2e6fdf9a9414f10b16c9374f2b065348d865b309e37750d3a7e12394e356c48c9fa0d4a9a43f689f6cbf70b09a3b9782cc3d5d93480f8a7a21a049780fc6bf21f1eca938a37afcbb2b929a0c502e164d2571e78d214b359d97e3edc0ad5c7fd1625b4ece33e1f569676e9a7262ead857873f77ef149d2f8c5a09ab19ae384a7f957f612a24283c35327aa969b20711309644c5b3e6c89da94e1f5da54246bd771468a1adc8a8d601e0b12769604f0f07ca43ce2a8a2f4b5654c0b76b146c49038e07db54dae702580b97096911f034fc1797029de8b7c213c902d1d754e77ff85e6222e745db9d5d2d45c5d29a8b6de0f27e5701fdf12b09fd6c70baa0f85a424c21ce0796dbe1fd366b94fcdf64ea232b3e88b89a38d728de77e84decc804f07a48f2716ca6f76b24923cea1a4da0d1f1dc73611269e784c4fd921f9b26c11f35b5cda45842a81b603ce2155d95c273fa0743a571b52e68c9ea3f28009fc37406b9e329ce50fedfb20dfb4cdf3a94769aee2586c2a17e68a07abfcd18aceddfd3876b14558e4d092eadb9120796c44e89610494085117bc41b5c4619a8c160b97811df49fc7d9bf222d7a002640644337ef5af53ed50661131f7c042665b276c0adf0c9a74f3542729beb7632a6027e65eddff7bb27915826701ec9b6a4c672f08877eefd859e0aa6e75a2e841e1ea98dff994e5a58be628df86bff17497a4d0f92ab39db421eb1062a2a393656bbb1d92becbb91a59619156b51585cd2eafd8a18d6326166312efeaa7258bddad63e0c7372ffb7ce1f1adf1ac2ffa0f278e4be6684d762f8971ed7bb04096b96f8126bf5fd32142e745d421f495327dde0f1e2d9a1d8ba63c1453101396a2e54e89cdabac2c6a01f23a5c1d5a2dfa2a3c634176e97c9c62b41ea28102b5a08af2fba1d311bb323df086ea97726c9d8c7b7b53a3399a80f040d434fdcc2148fb1da3b7d7f0f3e3fd56471a310ee275da611c79f86be8ed6343f6ed0ad91dfeffebc3ab6389d0566d6db904c1db499ae7d2698fdc7170320f85cc3d3d0d9d0d0c7d45db7b53c5eb79a2fed2a048d9d74419532122fac62f6315a9e13b461cb4e26514491debd366927987271be963ea5805a49b8b480c6a393fda1b11fd5634890cf02948cb5bfea237afb30d081c7403cd334a02e5bb8db542c4d5fa5ec5c8a0dd36b62156881c98e01948b4775a502c5d8453439fd930df52caac9d71c28b712000b306b913c10918ca0bc194f2533334462e5cd2b2e6c978a4838febfbc2d4375b8108bd0aa32aeaf05e7ba30c781cace6470ead574f5cbfa68aa8c8d835e9b3ab2bd7dd90b5e3e6cd62d8e04c3b45326e1f560a8dd8f3db4177e9e5ccd61f21dacb5c40c8030559cdfe88f7aa98bdcde90c1214cf293b3df093d0630bc3073cbaffa025b1f5537b49d799731745de7d36cded4a9db25915a511ba505b4ddd885cd226c24ea37fd926dbd90b887"}, {0x0, 0x0, 0x1ff, 0x0}, {0x3, 0x0, 0x100d5b6, 0x0}, {0x2, 0x0, 0xfffffff8, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x3, 0x0}, {0x2, 0x0, 0xa2d, 0x0}, {0x0, 0x0, 0x1, 0x0}, {0x1, 0x0, 0xf3f, 0x0}, {0x4, 0x0, 0x1000, 0x0}, {0x3, 0x0, 0x6, 0x0}, {0x3, 0x0, 0x1000, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x1545, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x40007, 0x0}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)

34.74305308s ago: executing program 4 (id=446):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000080))
socket$inet6_tcp(0xa, 0x1, 0x0)
epoll_create(0x1000)
dup(r0)
socket$netlink(0x10, 0x3, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x1b)
socket$key(0xf, 0x3, 0x2)
socket$key(0xf, 0x3, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0xffe, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001cfe0f001f000000060001000000000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

34.63639137s ago: executing program 3 (id=447):
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000002540)=[{&(0x7f0000000540)="b88a00000088a800000000008100", 0x5bc}], 0x1}, 0x0)

34.462363918s ago: executing program 3 (id=448):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c00000004060101000000000000060000000000050001"], 0x1c}}, 0x0)

34.107941579s ago: executing program 0 (id=449):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000280)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000000)=[{0x3, 0x5, {0x1, 0x0, 0x3}, {0x2, 0x0, 0x1}, 0x1, 0xfd}, {0x0, 0x2, {0x1, 0x1}, {0x2, 0xf0}, 0x2, 0x2}], 0x40)
ustat(0x40, 0x0)
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x210400, 0x0)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000180)={'ip6tnl0\x00', <r4=>0x0, 0x4, 0x8, 0x5, 0x6, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, 0x8000, 0x80, 0x4}})
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newtfilter={0x3c8, 0x11, 0x1, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x74, r2, {0xfff1, 0xfff2}, {0xfff1, 0x9}, {0xc, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x9}}, @filter_kind_options=@f_cgroup={{0xb}, {0x390, 0x2, [@TCA_CGROUP_POLICE={0x4}, @TCA_CGROUP_EMATCHES={0x234, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x1c4, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xec, 0x1, 0x0, 0x0, {{0xb, 0x0, 0xa7}, "e45325b401f6a27024b5593a46bbc2a2e29233e74b95e56faa539e7a9fea05888d461bede451ce8fcd9b6a18c14ea4b5f502f5d55737b28b6073d68be7ee4ed6a3a5b37ccaf992bb3641822a1a499a2a497a86e8f2ba9ad3106bed6ba615024c5abc55a9a1d7212606b6abdb3de6d4394e6121b4e1fa83b74946e3d15e7aeef3201163519262febf8b040b9a36da02475c2a155e97efe083cdaecece9ae45d1b46c068c38b3506d75923e198f5c6b4a05eaff1053423fa97f655aec755fb34d202605694aadd9e6fff18df68ed55c7d2d93dcc005473d6df3b32fe43e71865"}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x9, 0x3, 0x35}, {0x9, 0x1, 0x7fff, 0x73}}}, @TCF_EM_META={0x60, 0x3, 0x0, 0x0, {{0x4, 0x4, 0xd}, [@TCA_EM_META_LVALUE={0xf, 0x2, [@TCF_META_TYPE_VAR="b8fe", @TCF_META_TYPE_VAR='Ga', @TCF_META_TYPE_VAR="37f2b33dfc9c27"]}, @TCA_EM_META_RVALUE={0x35, 0x3, [@TCF_META_TYPE_VAR="670b9f", @TCF_META_TYPE_VAR="2c9da7318e0c3e1782c1", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="03f1fc9d72bb70a3ce", @TCF_META_TYPE_VAR="cdafba", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="0b939b4060983e59"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0xfe, 0x2}, {0x9, 0xee, 0x2}}}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0xfff9, 0x7, 0x3ff}, {{}, {0x4, 0x1, 0x0, 0x1}}}}, @TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x2, 0x4, 0x8}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x0, 0x8, 0x6}, {0xffffffffffffffff, 0x3, 0x2}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0xe, 0x7, 0x9}, {{0x0, 0x1}, {0x3, 0x1}}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x3ff, 0x7, 0xfffb}, {{0x1, 0x1}, {0x3, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x3, 0x0, 0x0, {{0x7, 0x1, 0x200}, {0x4, 0x8, 0x0, 0x1, 0x4, 0x0, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x20, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x9d9, 0x3, 0xfff}, {0x9, 0xfff, 0x8, 0x378abd3}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xf1}}]}, @TCA_CGROUP_ACT={0x150, 0x1, [@m_mirred={0x14c, 0x19, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xfba0, 0x80000001, 0x2, 0x9, 0x90a}, 0x2, r4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x81, 0x9, 0x0, 0x1a, 0x441}, 0x1, r2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x5, 0x6, 0x1, 0x9}, 0x3, r2}}]}, {0xbd, 0x6, "64b99cb03d4e90d5abe64b0db2df55ffb112ca3baef3f48b33601a565aabaaf9e76c672e9d4105de6194c01ca09bbceb1593f7cb65305ae2578fc019bccf7fa2279e7b1a9cf92ff11802cfc627b349bff6f41ee89f7fa35a1de19237a2e2784b4a3c3302573cc17fb5a2ebc8ef6323746b21075fc1cd96e02dec0cc2d9b402cd10c077790759522b6e467a11a821994f747df5c27e397db1ee7fbb6bbcc3619aa7f17e51316087db137439c34d9f5b06d9a99122a7762071c4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}, @TCA_CGROUP_ACT={0x4}]}}]}, 0x3c8}, 0x1, 0xf0ffffffffffff, 0x0, 0x4013}, 0x20000050)

33.995363418s ago: executing program 4 (id=450):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sysvipc/sem\x00', 0x41, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x1f, 0x0, &(0x7f0000000200))
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000200)=""/175)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
munlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="600000001400000200000000fbdbdf2500000000000000000000ffffffffffffac1414aa00000000000000000000000000000084000700000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b56b6e000000000010000a002dbd70202dbd700007000000"], 0x60}}, 0x4004040)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001380)=ANY=[@ANYBLOB="340000001000210404000000fcdbdf2500000000cf247356b5d679b073e94d", @ANYRES32=0x0, @ANYBLOB="00000000d226000014001280090001007866726d0000000004000280"], 0xfffffffffffffdfc}}, 0xc080)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="07000000000000c0"], 0x10)
ioctl$TIOCL_SETSEL(r0, 0x541c, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="400000001e000000"], 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000001340), r2)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r5, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x100, 0x70bd39, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}}, 0x20008080)
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000001140)={'vcan0\x00', <r6=>0x0})
stat(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001240)={{{@in6=@mcast1, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e22, 0x2, 0x4e21, 0x80, 0x2, 0x20, 0x20, 0x33, r6, r7}, {0x4, 0x6, 0x5c4c, 0x0, 0x1dd9, 0x5, 0x9, 0x8}, {0x7, 0xcd76, 0xff}, 0xff, 0x6e6bb4, 0x0, 0x1, 0x2, 0x3}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d2}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x79, 0x2, 0x8, 0x8}}, 0xe8)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1, 0x18, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000080000000000000000d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000200000000b702000014000000b7030000000000008500000005000000bf090000000000006609010000000000060000000b000000180100002020702500000000002020207b9af8ff00000000ad9100000000ea8f269b119b5e91d6000037010000f8ffffffb702000008000000b70300000400000a0000000000000000850000001f0000002c93000000000000b50300000000000085000000f2007900b7220000000000009500000000000000"], &(0x7f0000000780)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef12}, 0x94)
r8 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r9, &(0x7f0000000000)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d670a8b089b3f363563030890e0879b0af8c6e70a9b334a959b669a9b2f200af3988f7ef319520100ffe8d178708c523c921b1b5b31070d073b090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b6f0be129305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669114e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f141f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e0b231d6f040dc19283b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80425d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813491ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203715ba49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a3289d24825642891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eb4581f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab9640071550027697b52160687461602f88df165d884b36ec2b6c25a2f33c71568009d4afb96d6861aca73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c513a9177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f411254c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb57412500005488efeee327415cc19451432c6f14c27693100c3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603f56935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486229e5b2e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df7227dfdb0d2b9e935c5af3cf474bed79dfc24ab0f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78c8fa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb06afa88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000026347ee80000000000f9ffffff00", 0x1000}}, 0x1006)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030000000000000000ffff"])
r10 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_inet_SIOCGARP(r10, 0x89a3, &(0x7f0000000340)={{0x3a, 0x0, @private}, {0x0, @multicast}, 0x0, {0x2, 0x0, @remote}, 'sit0\x00'})

33.858271357s ago: executing program 3 (id=451):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000098000000060a010400000000000000000100000808000b400000000070000480340001800b000100657874686472000024000280080001400000000c080003400000000208000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120800064000000002402a05800900010073797a30"], 0x10c}}, 0x0) (fail_nth: 8)

33.509696219s ago: executing program 3 (id=452):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
mmap(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="d40500002000ffffd435550000000200bc202000070000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)

33.405531967s ago: executing program 1 (id=453):
bind$alg(0xffffffffffffffff, &(0x7f0000000400)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000005c0)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(r0, &(0x7f0000000280)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000200)="18747636f657526f776c8a31d3cf9ca6035301270b3ca760a1b8621299", 0x1d}, {&(0x7f0000000500)}, {&(0x7f0000000700)="04e463082eb0716c4a8f10e9aeeecf3b5531f3ee26d677609a8bdec983677733fc8262e31807510752a3d413a17452ff90fecd8960456d416416df4ef5b208b3f0d574bbb40e97665c0dfce094771d0c4514dcfadcde97517d0195d9aca8df9ae51ae3603c2790a691aee37b483c0148b9e4088bee8bdba3aa7753d1d88513e2f9e34e3383e736d92e6ad5b87f49a68939e04d063c9a88fa5d264eb8262f13042dbdf953bf96e4aee8c92a9eed9a6ddf836d081035d12c6ba289c3bad2edceaabd1c1aeb0f46642be64e005000de6169370fde5be37f741256bacb36022ff923d108d03d58e60a98e09cb6a9a5b9e47710ca86e93180567ba2f63bfd219814a43042e87d6fc3bb7e2054a1afa8e4888b0a6cb8e4c2afc5168c938c6469b0908ebc5f3a160a2f39e264be5a822becd144c5d43f86cdb83c73d3dd467121ea807acf74daf07173a2f7190566ecc6245beca37bc96298c226186f88653aba2a73baa046c00f5f5ebb77d46c19215fdf46101f4d047d3de4b53723cf2169810be7e3e9fd66aa0ab6bffd031655a143df7de7b2a80038b413bb391e5ce0ed436651e16ef5414646a1e198ff983afc30a67a91050a5ce1fbf0a5bf611d21fb5296bffa272f6ffb014433f363c478dfbaf2648059dcb2e8c612e2609b982663efc48877668fa0df73c13930526be66249659bfb152a8097d9682d9eb0ccb2a73a48cbd726035a625b2834652c7a24206b3814a215dbb75fb4661b0eed97c02ce07bb324310ebfba0bcdeb6c762e4bee7603b412ff24e834a99ed2936e3a28a971c2bc2ab2ea446579c8f5cdea3abd2d8b61bb83415f763db27806fab03da11990ebb360d00784f712092e70a7807113298965c8eb9434e6e6d6be5502b3359d89d713439382301c848eeb08dbf8e3c3ded30b77e2b786c7f077f72314e3644a534b926dbd2763b5474c7a17461a3d7564617397f64aef1d24def25e999571e7a510405face96a98098b96376e4598693853df78df30bb5e86dce8dd6ab7955064cdd55d64a70f36cffcec10ca7150a5ac964dc157b396dd7afcbb9656a1230d925d69c8b80f7e402dbe171567da6b9f42a8284f452f1390338893d6efef35f70d3ae3d1be2fc6c7a61991015dede8c10b41e4eb341069a33a80df422742644e1d7026851acf61411bb337b22f24e3ce63563acdf439d376e5d04398c42638dfc69f06ecc52adde6006ef6264f52ec4afd1876bdcd89eb47a7d820ba0434e4dac4b918222825ab3e161fb823145c3661895a1bd917d208fed5c101bfe5216904ae5e4ddaebbda8f83a926f11287acf2b6faf3736e98789fc776d64e9a0ab55f89fd71b14ddb65a4e7ce056c7cbb2b7d1c7eb2060adb066a87cbfc3b90790ae19751f37c97646dac51445d9ecf4c059d830e2b5870664e0c4498a350a6dab5e940cfe77bbb698f9dd7e5b94bb2f919d53b30dee6ed314f17930d27d783289d6bd3601a3507fb52a14d5677cf79b67cfefe972ba3dad71178cda88792c9a8351d78593b84b7bd4efdd6473b032ad0da4aeb3b96b3bb09b663baa4851e77fe1cc1e172f2e60d04f9c2f9f19366f13e946a418da421bc87d8a914c1b7ce4be107ecdc5b13da8cb8c44f615924497e84f225bdd79cb1846105a54dde8b2265d3c06a7234685cdc45c3782c6cb8eecfaa34ff5666ae18f3a62fa5a70408d1f4eca945f162210083d6e7e9c05a6de0b6a11bf7e8205a007a8119c40253b36587a005040a8db2eb4e2ddcdeb3667c79fb2ea538ced80971980fd0dca3d0c68eecf580aac24c25072ae6a1a2710c4a27c25aa20c2f57f956d06a6b61ebb71ba2d51a0794264f46d9a583eacfa05c70aebbecbf30e11157a82803a13b1f1bd45e6af30b833bdbed01ee5bda7e789c699449dea29fd6ed25410fe11b169d9200a06d3d11b370b1c82244b2edb94f9c15eb9c2ea810fc63f7e7390e4dfcfb833f0255f48e053defbac004b8e4430aade1ddad2a6d18a0faa9d72b9352f7e76f5d56bd94c9e40cb04ffe6e7a8527607149be24b410b6afe5d14790797d31d5209635312328216946c57a7b91749fac86766dd723b1491788de0dd9229b626742660e23f4eec84389a27c82d5350b360dd5f4ab5b162d99bc4b54687eadba2ac3826acc11bee02eb3b5a83d629f5475cac1d91689e847a5c5cf93af93866919474ae42287ba2c0991193722460f533fe123985e00872402e85541a4bbee629bac881117b6ce5682e48dff1c85a0028f6cba939a60809e8167246d683c581f172bfd106effc7f35fbe58e0ba9f7ee2fc56ddb39987024cf44f98b55383ca80c67763a904298a8b7116a8ffd28baf9b536342b8b8d2e37cac698395972631b1eb9240bb75e237e571dc8f51846a81394f2272782797efa51f93740b0814ee3fcbe59fb1ac3186022992cbee5c8a3c772368879763c59d69af0d6871f2443a99516454b25edf008da43b635ac69d61fcbb8b9bd493262aac9fe04b26ed988a82d9b1204bd87bc598520209279a2bf6da16d3b2521501010546ccdca95e6d1836688eacc6c5cfcfd9a9d6c6537a878d56c3773801854e8fa24c53a193c84c1a11a6e346ab38630491b1b5c3936f718a91d90816733fbcff9d2e8c56260eed5253d355fb97992b1b52eab67e4f5419dec92b5143bf6b110be74b5915394b26015aaa1809b2cda11b389c3b294e394e536add37162f85c36a6b9cd8cec0f383c6bea727c1bdabc4661f48896b71e171a4aa4e45368a9a28721ec2a72d8f42af712ecb4fc2dfa5495b5066e7b5b8bde5de2dcbd1c12be054427276118a04ecaa87380a527aed8bf1cadb4969cd7d3ad6974537334201dcbbf7a1785e028eee1995596c08e249695d1a376cdfeea9a162bfeb04136f450fe922757e33599991075dcbfabd18e3853d227a5c1c47584ac2fcb4ccdefc73ea8718e76287d49f8605e9e4a929856c067406d32bfec024690d47402f8ce7e2065e80ae4dfd0a2c020d3bb5655b72e284fe9d1e40e43483989e31d82ea53f12217162b118ba4a1dd2ea82f81076357647253d05786490378f5a79314bcda057c354d51e10e17ccdfa27a0ef0755482dd65429ed402ac7db56a386462b61cb5c2e2c62e7866cf6c3be3990cbc64b55a58a521bd1cd2b87d82ec1827d85a9036c56b7964fafff9d193c786694953f8ad5556aefc3891f116c909c35daab5d0b33c06f6e7734dcff64a36c9882e787fec7e414a1698e07bf96e97f52d47bde8119e1490229dad0dae6ce8f927bc093d51b8685eb5c184a21b623dd8e812482447cb912a6d177c48e399c755c4e2921914b42fb04bd22c5d29b3ce802a570350e18922110a6b36725adcce39020f14fc8b06ddbe6e2b05714a457f8d7429917bd87e395f3e3eb2d8d82f0a0d4aa66cb7bf4e1f15b1c87ef1db4955031567f5877cab4c6c7895929f85883997c10248278e8cad7e686d3e474dc4f84c989e72dd877dad5e15879a650d6b8a8f7699c26f95477497f4dadf4bc4aed9d02bc1d1a0ac0b69639672ad264d30e201c3c958f6bc11d71e0227ac93dd6579fd333cbab5f1098bfd68c9c47d004f0574aed026d0ab6f8268eb6f0905ee0e64806d6c81e0288f066237400ab96f2366aae1e144ebe26533c997901908988dc9cad5e5d91cfb56fc8f8516d924f0e50ab0598e3af7fc06e83ede04b4541b91033ca93816b236e074aac8d0b3554c0b4d2316eae528e6775ac687d76a210d7107cce94346094d8998041552609f0b5bbb5c4d20fa20b32b516005ff02275c855ed65a179533f567bfad8cd946c7e93ba8f44da8ff4b48e3ebb99e388294e5165dad99bad0c748f375b763483ee1086e97b3a2ee56a005d6677e4323cae39f964fa81160ecb491ad5da0a9807e8028f2570952332528041f5f39bb1dbbb19e42d776157fa35e72f25e2800103f79737fe087eea9913d92564b2ad26a7641326b876ad764ecdb938d35b0e0523e7641d1a7703dd222db39cdb1c37f09f9883b5b3c8d823c727ab14ede98c4968aea9c6014321429dd86725204f9c81707f0edfaa8685b0e5fed3302fdcfb12cd4ab9e525a8b6a21b70330782a8a42a84cacc3e4007a6bd4d3f6c7fa087c6334e5198df56a2e89f38197c2b5e84dc599f47b014833a36f964442eb4456be788248e5c124da22b8ec30aae825180a7fb837707bb8bbd24b51f8e1d46bf5f525d5aadd70b44f5fbdaeb75bcd25b1e3e369ba882688fc0cdd33692e1f3f36a5bcf5fba312a9a4994e7e17ac02b1c30e6827715aca7ef56c7047bba2d3518bd7cf4dbc413ad7da99795ea732ea1f71c6963e588c3d6bcb7826618618ba3fb561b16dd083adbdfafd0499d4822307252a8ac09d03241ba2d3320e72cfe6a33048352c2f46b81e5d0056da322e8b886de0bf702a6750165d486fcfdecf90fd506cc28c95083ff36e573881df0a5cb56ae93fba32c2b903d2c8f8eb02e09236da61cb4d61bbd02a8fe25cafc0b65cfac49f0d7c3d7ea657c04014620f7dedbf456e649fbee5610cf98d32a98d4049d38235c32cd66477c460835bcf9e678a5dd0e1db320d847bc8dcd2bd3079de582e317ccd8ff7b74e788139a303b804e5662ac7364308c5e3e2e44a2cd8541c5a70a03ca5bf1c58287080feb1e4b20d14c15e4fe8afef5a967372431470920385be0b2a0f52e1a258978573534a25ef265fd7d50fd52061fbd41f6e667d018cef22bef8847c506f1afd660c5ef14d662f81a7ceaa0940c6f57b24f406583677ee45dceb65f1dece8890957380fa39a521eab16df1ffea9ee7309d4cf1000c7125dc2823d738cec773c75d46bc255d739892664b3c7d30749460740f9a1bc73cad43fa596bc4d59d160db7111ece2a72043a9288369767dadeba89d469f2e881cff2b80d856c8facdf0a75549b9196c04347a2336197d875b6d150cba513d3cfe0b5e8138927dfd1687c4347a7902740d961ab95b1b3a985adb9a60a2c249a7abaceb4ef612abf0a0e178653e0701a3f60b02f18beeda5dd7c039339eae28e9b332cccde071f1f6a135246bd940d51666e7ab33000ba2f5257a7f642220ba6f315d743ba3ec95d46eaf7e0fca2cfab21cc26c87bed7f206318be97b48b759d5017f28f10f61c630b45ebe8953bc1fa09c8791dac39213318a663290ed1272c23c492b148ac4a8b2709b3a9c4ad7819c7b1da3dd990a7bc7b856ec562df90a7807bbdbdf10bda81558f3634a71e0deaaddfde8b2f869b0a8dbc740d0eec51fdb6fb721b52f960ffb8f03c02f8a447c1797f205f7a9a1a75cfa04e61add57b9cf376ae30e1ee94599179899a48b7a7f36506ba16b360ebe3affbf75f9ff76846843b9d00b811ef314fdc6df9bb6d3ca18839003d188f2010211708a4b8fd6db16413e3e6f24594521ca1dd87ef09894a19f8030da81115a39b32ef2504ee0eebaa95a0f781c0f7717dcad8e09946da0f8c593f9f7afe468f4129ce420dd4f6ec06916c626d3a09d749d399bd48993d83b111764278bfe577fa7fb82efc06cdc580c8d3a42dfe1bc48bb02bd77d59f71753839c67c01dccab87fb29210f41af0409e96fd2c156e116d679eb7b23532df7d701228c67fb4ca076d0b42a3aff5584d9f3bccaf1216569931d51e78d0925f61ea0ace00c51e3ffe6e98e89f4f9b0b9e755a74336b368e2e897fe941dd233ee3485dcf96c5f1e08edf2ed9935637ee3a1a9001382783589fabdb3097e6e22da4bbece26365079c9100a664263ad56be717bf10dc2851fcdef2b8c", 0x1000}], 0x3, 0x0, 0x0, 0x1}], 0x1, 0x40808d4)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000001780)=""/4096, 0x1000}], 0x1)

33.270754858s ago: executing program 3 (id=454):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r1, 0x5421, &(0x7f0000000140)=0x1)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
syz_genetlink_get_family_id$tipc2(0x0, r0)

33.192205886s ago: executing program 0 (id=455):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b, 0x200000a00000}) (fail_nth: 13)

33.191547662s ago: executing program 5 (id=456):
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000001000500050007000000000008000900030000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)

33.163981411s ago: executing program 1 (id=457):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
mount_setattr(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f00000002c0)={0x0, 0x2, 0x100000}, 0x20)
mount$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x104000, 0x0)

33.041600764s ago: executing program 3 (id=458):
syz_open_dev$sg(&(0x7f0000000000), 0x4, 0x80000)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="0d735a0976a9bdc4325f64a590484bca568329a18a592d37606a886cc01a", @ANYRES32=0x0, @ANYBLOB='\bP\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_open_dev$vcsa(0x0, 0xa40f, 0x228102)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/igmp6\x00')
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r6, 0x0, 0x0)
preadv(r4, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x40000000, 0x0)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010700ffffffc400000052"], 0x14}, 0x1, 0x0, 0x0, 0xc008}, 0x4008010)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

32.971325609s ago: executing program 5 (id=459):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0xe, &(0x7f0000000140)={@local, @broadcast, @void, {@generic={0x88fb}}}, 0x0)
r2 = socket$inet6(0xa, 0x800, 0x7)
sendmmsg$inet6(r2, &(0x7f0000001480), 0x0, 0x400c404)
exit(0xfe)
sendmmsg$inet6(r2, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f00000007c0)}}, {{&(0x7f0000000800)={0xa, 0x4e21, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c, &(0x7f0000000c40)=[{0x0}, {0x0}, {&(0x7f0000000940)}, {0x0}, {0x0}, {&(0x7f0000000c00)}], 0x6}}, {{0x0, 0x0, &(0x7f00000045c0)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000680)="597a6b789cd5110caaa8e68623b0d55cfdff26cc78f16da427c07a314759cf6ca6867f2cda685d0f6a6723b953cb682580a11d0f01f7d7c16d7fb344aea09f9c6aa7639fc31813f85abae92cc838632e169851ff784e77c611e47d0a0269651bb766f9668aa38a809267f6afb294fecbee8cc438", 0x74}], 0x5}}], 0x3, 0x48c0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
getdents(r3, &(0x7f0000000000)=""/43, 0x2b)
getdents64(r3, 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x4, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x0, 0x4000000, 0x8}, 0x3c)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0xfffffffd, 0x4, 0x800}, 0x3c)
socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f00000003c0)=0xa, 0x4)
madvise(&(0x7f00002a3000/0x2000)=nil, 0x2000, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x1a, 0x1, 0xb)
readlinkat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000980)=""/186, 0xdb)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
sendmsg$nl_generic(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001600010a00000000010000000200000008002280040008806188e1ffad0ffccfcfd09a87ea87ad65d908be8f8d1d3630400f2f2d20ed9b739a508f995fde95adc387e4ffcd0df78c5afda9b08935db3c274c4a22f3079a1ee98c06592a329702a13bac437fcf4719ae55455f7ec880ebfa619e9c1fe3d9f8bdd327241bd721afb181e1a0bfbaf8eebe54a67d1c427daedc"], 0x1c}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='timers\x00')

32.907362519s ago: executing program 1 (id=460):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x2, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}, @TCA_INGRESS_BLOCK={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f00000000c0))
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r5, {0xffff}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r6, 0xffffffffffffffff, 0x0)

32.273945602s ago: executing program 0 (id=461):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e22, @empty}], 0x10)
listen(r1, 0x3)
sendmsg$inet6(r0, &(0x7f0000001dc0)={&(0x7f0000000840)={0xa, 0x4e22, 0x906, @loopback, 0x7}, 0x1c, &(0x7f0000001d40)=[{&(0x7f0000000880)="fa", 0x1}], 0x1}, 0x40085)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe006fffe4e22590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)

0s ago: executing program 33 (id=450):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sysvipc/sem\x00', 0x41, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x1f, 0x0, &(0x7f0000000200))
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000200)=""/175)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
munlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="600000001400000200000000fbdbdf2500000000000000000000ffffffffffffac1414aa00000000000000000000000000000084000700000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b56b6e000000000010000a002dbd70202dbd700007000000"], 0x60}}, 0x4004040)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001380)=ANY=[@ANYBLOB="340000001000210404000000fcdbdf2500000000cf247356b5d679b073e94d", @ANYRES32=0x0, @ANYBLOB="00000000d226000014001280090001007866726d0000000004000280"], 0xfffffffffffffdfc}}, 0xc080)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="07000000000000c0"], 0x10)
ioctl$TIOCL_SETSEL(r0, 0x541c, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="400000001e000000"], 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000001340), r2)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r5, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x100, 0x70bd39, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}}, 0x20008080)
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000001140)={'vcan0\x00', <r6=>0x0})
stat(&(0x7f0000001180)='./file0\x00', &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001240)={{{@in6=@mcast1, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e22, 0x2, 0x4e21, 0x80, 0x2, 0x20, 0x20, 0x33, r6, r7}, {0x4, 0x6, 0x5c4c, 0x0, 0x1dd9, 0x5, 0x9, 0x8}, {0x7, 0xcd76, 0xff}, 0xff, 0x6e6bb4, 0x0, 0x1, 0x2, 0x3}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d2}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x79, 0x2, 0x8, 0x8}}, 0xe8)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1, 0x18, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000080000000000000000d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000200000000b702000014000000b7030000000000008500000005000000bf090000000000006609010000000000060000000b000000180100002020702500000000002020207b9af8ff00000000ad9100000000ea8f269b119b5e91d6000037010000f8ffffffb702000008000000b70300000400000a0000000000000000850000001f0000002c93000000000000b50300000000000085000000f2007900b7220000000000009500000000000000"], &(0x7f0000000780)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef12}, 0x94)
r8 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r9, &(0x7f0000000000)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d670a8b089b3f363563030890e0879b0af8c6e70a9b334a959b669a9b2f200af3988f7ef319520100ffe8d178708c523c921b1b5b31070d073b090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b6f0be129305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669114e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f141f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e0b231d6f040dc19283b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80425d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813491ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203715ba49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a3289d24825642891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eb4581f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab9640071550027697b52160687461602f88df165d884b36ec2b6c25a2f33c71568009d4afb96d6861aca73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c513a9177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f411254c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb57412500005488efeee327415cc19451432c6f14c27693100c3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603f56935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486229e5b2e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df7227dfdb0d2b9e935c5af3cf474bed79dfc24ab0f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78c8fa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb06afa88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000026347ee80000000000f9ffffff00", 0x1000}}, 0x1006)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030000000000000000ffff"])
r10 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_inet_SIOCGARP(r10, 0x89a3, &(0x7f0000000340)={{0x3a, 0x0, @private}, {0x0, @multicast}, 0x0, {0x2, 0x0, @remote}, 'sit0\x00'})

kernel console output (not intermixed with test programs):

moving interface: batadv_slave_1
[  110.252622][   T12] veth1_macvtap: left promiscuous mode
[  110.279898][   T12] veth0_macvtap: left promiscuous mode
[  110.302268][   T12] veth1_vlan: left promiscuous mode
[  110.319687][   T12] veth0_vlan: left promiscuous mode
[  110.923127][ T6147] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.952846][ T6147] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.966451][   T12] team0 (unregistering): Port device team_slave_1 removed
[  111.016381][   T12] team0 (unregistering): Port device team_slave_0 removed
[  111.184851][ T6127] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  111.197760][ T6131] macvlan0: entered promiscuous mode
[  111.218529][ T6141] netlink: 'syz.4.55': attribute type 8 has an invalid length.
[  111.248185][ T6141] sch_fq: defrate 0 ignored.
[  111.258168][ T6151] netlink: 76 bytes leftover after parsing attributes in process `syz.1.58'.
[  111.276414][ T5839] Bluetooth: hci0: command tx timeout
[  111.311265][ T6151] netlink: 72 bytes leftover after parsing attributes in process `syz.1.58'.
[  111.321581][ T6151] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  111.329963][ T6151] netlink: 11 bytes leftover after parsing attributes in process `syz.1.58'.
[  111.416122][ T5919] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  111.431962][ T6157] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  111.467796][ T6157] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  111.554801][ T6088] chnl_net:caif_netlink_parms(): no params data found
[  111.618135][ T5919] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  111.661273][ T5919] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  111.723094][ T5919] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  111.844138][ T5919] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.136748][ T5919] usb 4-1: config 0 descriptor??
[  112.308679][ T5919] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  112.334913][ T5919] dvb-usb: bulk message failed: -22 (3/0)
[  112.362522][ T6167] netdevsim netdevsim1: Direct firmware load for .
[  112.362522][ T6167]  failed with error -2
[  112.432376][ T5919] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  112.443136][ T6181] netlink: 'syz.4.64': attribute type 13 has an invalid length.
[  112.456913][ T6167] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  112.456913][ T6167] 
[  112.502350][ T5919] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  112.512980][ T6181] netlink: 'syz.4.64': attribute type 17 has an invalid length.
[  112.560642][ T5919] usb 4-1: media controller created
[  112.575941][ T6181] gretap0: refused to change device tx_queue_len
[  112.593149][ T6181] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  112.610701][ T5919] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  112.621087][  T982] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  112.648390][ T5919] dvb-usb: bulk message failed: -22 (6/0)
[  112.657394][ T5919] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  112.672315][ T5919] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input5
[  112.713961][ T6088] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.726597][ T6088] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.733997][ T6088] bridge_slave_0: entered allmulticast mode
[  112.761362][ T5919] dvb-usb: schedule remote query interval to 150 msecs.
[  112.772592][ T5919] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  112.786517][  T982] usb 1-1: Using ep0 maxpacket: 8
[  112.811129][ T5919] usb 4-1: USB disconnect, device number 2
[  112.836169][  T982] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  112.844334][  T982] usb 1-1: config 0 has no interface number 0
[  112.858389][ T6088] bridge_slave_0: entered promiscuous mode
[  112.866543][  T982] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  112.877541][  T982] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  112.890191][  T982] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  112.969537][ T6088] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.999016][ T6088] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.006032][  T982] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  113.006139][  T982] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  113.006163][  T982] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.105963][ T6088] bridge_slave_1: entered allmulticast mode
[  113.114761][  T982] usb 1-1: config 0 descriptor??
[  113.162014][ T6088] bridge_slave_1: entered promiscuous mode
[  113.194488][  T982] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  113.254744][ T5919] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  113.361287][ T5839] Bluetooth: hci0: command tx timeout
[  113.538644][  T982] usb 1-1: USB disconnect, device number 3
[  113.538843][    C1] ldusb 1-1:0.55: usb_submit_urb failed (-19)
[  113.557480][ T6088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  113.613504][ T6088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  113.988022][ T6088] team0: Port device team_slave_0 added
[  114.035069][ T6088] team0: Port device team_slave_1 added
[  114.174704][ T6088] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.194540][ T6088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  114.253040][ T6088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.308658][ T6088] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.340441][ T6088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  114.370040][ T6088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  114.381041][ T5937] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  114.664878][ T6088] hsr_slave_0: entered promiscuous mode
[  114.672087][ T6088] hsr_slave_1: entered promiscuous mode
[  114.874574][ T6088] debugfs: 'hsr0' already exists in 'hsr'
[  114.880432][ T6088] Cannot create hsr debugfs directory
[  115.015681][   T29] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  115.029026][  T982] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  115.146707][ T5937] usb 4-1: Using ep0 maxpacket: 32
[  115.239869][ T5937] usb 4-1: config 0 has an invalid interface number: 196 but max is 0
[  115.255798][ T5937] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.290659][ T5937] usb 4-1: config 0 has no interface number 0
[  115.321405][ T5937] usb 4-1: config 0 interface 196 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  115.371812][ T5937] usb 4-1: config 0 interface 196 has no altsetting 0
[  115.385705][   T29] usb 2-1: Using ep0 maxpacket: 32
[  115.396377][ T5937] usb 4-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  115.421036][ T5937] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.432890][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 12336, setting to 1024
[  115.448217][ T5839] Bluetooth: hci0: command tx timeout
[  115.455726][ T5937] usb 4-1: Product: syz
[  115.460153][ T5937] usb 4-1: Manufacturer: syz
[  115.464837][ T5937] usb 4-1: SerialNumber: syz
[  115.469746][   T29] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  115.492613][ T5937] usb 4-1: config 0 descriptor??
[  115.497802][   T29] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  115.507332][   T29] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  115.521716][   T29] usb 2-1: Product: syz
[  115.526443][   T29] usb 2-1: Manufacturer: syz
[  115.531266][   T29] usb 2-1: SerialNumber: syz
[  115.649039][   T29] usb 2-1: config 0 descriptor??
[  115.699415][ T6214] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  115.780364][ T5937] ipheth 4-1:0.196: Unable to find endpoints
[  115.829894][ T5937] usb 4-1: USB disconnect, device number 3
[  116.006574][   T29] usb 2-1: USB disconnect, device number 4
[  116.141353][ T6088] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  116.158508][ T6088] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  116.185900][ T6088] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  116.223720][ T6088] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  116.553565][   T29] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  116.599278][ T6088] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.695109][ T6088] 8021q: adding VLAN 0 to HW filter on device team0
[  116.735988][   T29] usb 2-1: Using ep0 maxpacket: 32
[  116.747590][  T128] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.755268][  T128] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.776152][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 12336, setting to 1024
[  116.816075][   T29] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  116.858690][   T29] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  116.864267][ T1166] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.875047][ T1166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.893275][   T29] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  116.912719][   T29] usb 2-1: Product: syz
[  116.918314][ T1219] usb 4-1: new low-speed USB device number 4 using dummy_hcd
[  116.945140][   T29] usb 2-1: Manufacturer: syz
[  116.965474][   T29] usb 2-1: SerialNumber: syz
[  117.003538][   T29] usb 2-1: config 0 descriptor??
[  117.021936][ T6214] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  117.102454][ T1219] usb 4-1: LPM exit latency is zeroed, disabling LPM.
[  117.137928][ T1219] usb 4-1: config index 0 descriptor too short (expected 51076, got 59)
[  117.167269][ T1219] usb 4-1: config 247 has an invalid descriptor of length 166, skipping remainder of the config
[  117.205701][ T1219] usb 4-1: config 247 has 0 interfaces, different from the descriptor's value: 32
[  117.229052][ T1219] usb 4-1: string descriptor 0 read error: -22
[  117.235543][ T1219] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  117.250305][ T6088] 8021q: adding VLAN 0 to HW filter on device batadv0
[  117.266959][ T1219] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.445319][ T6254] netlink: 20 bytes leftover after parsing attributes in process `syz.0.76'.
[  117.521197][ T6088] veth0_vlan: entered promiscuous mode
[  117.559812][ T6245] netlink: 60 bytes leftover after parsing attributes in process `syz.3.75'.
[  117.662248][ T6088] veth1_vlan: entered promiscuous mode
[  117.802053][ T6088] veth0_macvtap: entered promiscuous mode
[  117.845330][ T6088] veth1_macvtap: entered promiscuous mode
[  117.911540][ T6088] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.947294][ T6088] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.982857][ T1123] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.012784][ T1123] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.057893][ T1123] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.081538][ T1123] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.298941][    T9] usb 2-1: USB disconnect, device number 5
[  118.319617][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.340565][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.465137][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.506866][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.655373][ T6285] netlink: 'syz.4.80': attribute type 1 has an invalid length.
[  119.705270][    T9] usb 4-1: USB disconnect, device number 4
[  119.726845][ T6285] netlink: 'syz.4.80': attribute type 2 has an invalid length.
[  119.851973][ T6289] netlink: 28 bytes leftover after parsing attributes in process `syz.1.81'.
[  119.895034][   T30] kauditd_printk_skb: 37 callbacks suppressed
[  119.895052][   T30] audit: type=1400 audit(1774557507.876:49): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=19 pid=6281 comm="syz.4.80"
[  120.536144][ T6303] xt_hashlimit: max too large, truncated to 1048576
[  120.584183][ T6306] warning: `syz.3.82' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  120.803830][   T29] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  121.026256][   T29] usb 2-1: Using ep0 maxpacket: 16
[  121.091259][ T6303] xt_CT: You must specify a L4 protocol and not use inversions on it
[  121.105903][   T29] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  121.165079][   T29] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  121.204745][   T29] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.237955][   T29] usb 2-1: config 0 descriptor??
[  121.249878][   T29] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  121.685685][   T10] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  122.009290][ T6317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.051390][ T6317] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.675660][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  122.705424][   T10] usb 6-1: unable to read config index 0 descriptor/start: -71
[  122.739000][   T10] usb 6-1: can't read configurations, error -71
[  123.212331][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  123.337432][ T6344] netlink: 136 bytes leftover after parsing attributes in process `syz.3.90'.
[  123.386642][    T9] usb 1-1: Using ep0 maxpacket: 32
[  123.393778][    T9] usb 1-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  123.403434][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.431219][    T9] usb 1-1: config 0 descriptor??
[  123.476667][    T9] as10x_usb: device has been detected
[  123.499407][    T9] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  123.554111][    T9] usb 1-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  123.635483][    T9] as10x_usb: error during firmware upload part1
[  123.645267][    T9] Registered device nBox DVB-T Dongle
[  123.718011][   T29] usb 2-1: USB disconnect, device number 6
[  123.815697][   T10] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  123.824844][ T6354] macsec1: entered allmulticast mode
[  123.854022][ T6354] veth1_macvtap: entered allmulticast mode
[  123.895270][ T6354] veth1_macvtap: left allmulticast mode
[  123.930203][ T6352] netlink: 'syz.3.92': attribute type 12 has an invalid length.
[  123.980673][   T10] usb 6-1: not running at top speed; connect to a high speed hub
[  123.990632][   T10] usb 6-1: config 95 has an invalid interface number: 1 but max is 0
[  124.005832][   T10] usb 6-1: config 95 has no interface number 0
[  124.024107][   T10] usb 6-1: config 95 interface 1 has no altsetting 0
[  124.048951][   T10] usb 6-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  124.058671][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.105699][   T10] usb 6-1: Product: syz
[  124.110097][   T10] usb 6-1: Manufacturer: syz
[  124.114942][   T10] usb 6-1: SerialNumber: syz
[  124.185747][   T29] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  124.329707][   T29] usb 2-1: device descriptor read/64, error -71
[  124.539697][ T6379] program syz.3.97 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.595095][ T6379] program syz.3.97 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.605715][   T29] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  124.745723][   T29] usb 2-1: device descriptor read/64, error -71
[  124.856950][   T29] usb usb2-port1: attempt power cycle
[  124.913149][   T10] usb 6-1: USB disconnect, device number 3
[  125.250986][   T29] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  125.318231][   T29] usb 2-1: device descriptor read/8, error -71
[  125.658062][   T29] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  125.688186][   T29] usb 2-1: device descriptor read/8, error -71
[  125.796082][   T29] usb usb2-port1: unable to enumerate USB device
[  125.976743][   T10] usb 1-1: USB disconnect, device number 4
[  126.019774][ T6388] program syz.5.100 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  126.081331][   T10] Unregistered device nBox DVB-T Dongle
[  126.099535][   T10] as10x_usb: device has been disconnected
[  126.513166][ T6397] FAULT_INJECTION: forcing a failure.
[  126.513166][ T6397] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  126.532689][ T6397] CPU: 1 UID: 0 PID: 6397 Comm: syz.3.104 Not tainted syzkaller #0 PREEMPT(full) 
[  126.532718][ T6397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  126.532739][ T6397] Call Trace:
[  126.532748][ T6397]  <TASK>
[  126.532757][ T6397]  dump_stack_lvl+0xe8/0x150
[  126.532800][ T6397]  should_fail_ex+0x412/0x560
[  126.532838][ T6397]  _copy_to_user+0x31/0xb0
[  126.532864][ T6397]  snd_pcm_oss_read2+0x341/0x420
[  126.532897][ T6397]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  126.532931][ T6397]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[  126.532971][ T6397]  snd_pcm_oss_read+0x628/0x8e0
[  126.533013][ T6397]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  126.533045][ T6397]  vfs_read+0x20c/0xa70
[  126.533067][ T6397]  ? ksys_write+0x1e6/0x270
[  126.533097][ T6397]  ? __pfx_vfs_read+0x10/0x10
[  126.533121][ T6397]  ? __fget_files+0x2a/0x420
[  126.533155][ T6397]  ? __fget_files+0x2a/0x420
[  126.533185][ T6397]  ? __fget_files+0x3a0/0x420
[  126.533215][ T6397]  ? __fget_files+0x2a/0x420
[  126.533255][ T6397]  ksys_read+0x150/0x270
[  126.533280][ T6397]  ? __pfx_ksys_read+0x10/0x10
[  126.533315][ T6397]  do_syscall_64+0x14d/0xf80
[  126.533338][ T6397]  ? trace_irq_disable+0x3b/0x150
[  126.533356][ T6397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.533377][ T6397]  ? clear_bhb_loop+0x40/0x90
[  126.533402][ T6397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.533424][ T6397] RIP: 0033:0x7fe86659c799
[  126.533453][ T6397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  126.533470][ T6397] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  126.533500][ T6397] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  126.533523][ T6397] RDX: 000000000000004f RSI: 0000200000000280 RDI: 0000000000000003
[  126.533536][ T6397] RBP: 00007fe867410090 R08: 0000000000000000 R09: 0000000000000000
[  126.533549][ T6397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.533560][ T6397] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  126.533594][ T6397]  </TASK>
[  126.747967][   T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  126.755548][    T9] usb 1-1: new low-speed USB device number 5 using dummy_hcd
[  126.907894][   T10] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  126.920181][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  126.947875][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  126.976968][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  126.997653][ T6404] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.017391][ T6404] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.030587][   T10] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  127.056786][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.088662][   T10] usb 6-1: config 0 descriptor??
[  127.125443][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  127.137499][    T9] usb 1-1: unable to read config index 0 descriptor/start: -71
[  127.145313][    T9] usb 1-1: can't read configurations, error -71
[  127.559600][   T10] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  127.788170][   T29] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  127.844572][ T6416] netlink: 'syz.0.111': attribute type 303 has an invalid length.
[  127.952620][ T6420] batadv_slave_0: entered promiscuous mode
[  127.968004][   T29] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  127.977122][   T30] audit: type=1326 audit(1774557515.966:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.011653][   T29] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.044576][   T30] audit: type=1326 audit(1774557515.976:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.086123][   T29] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  128.095410][   T29] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  128.113698][   T30] audit: type=1326 audit(1774557516.026:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.138449][   T29] usb 4-1: Manufacturer: syz
[  128.176535][   T29] usb 4-1: config 0 descriptor??
[  128.199571][   T30] audit: type=1326 audit(1774557516.026:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.267999][   T30] audit: type=1326 audit(1774557516.026:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.315168][   T30] audit: type=1326 audit(1774557516.026:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.344993][   T30] audit: type=1326 audit(1774557516.026:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.367722][   T29] rc_core: IR keymap rc-hauppauge not found
[  128.373705][   T29] Registered IR keymap rc-empty
[  128.398393][   T29] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  128.422267][   T29] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input7
[  128.437393][   T30] audit: type=1326 audit(1774557516.026:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.5.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  128.468245][    C1] igorplugusb 4-1:0.0: Error: urb status = -32
[  128.498400][ T6436] netlink: 12 bytes leftover after parsing attributes in process `syz.4.116'.
[  128.521707][   T29] usb 4-1: USB disconnect, device number 5
[  128.966128][    T9] usb 6-1: reset high-speed USB device number 4 using dummy_hcd
[  129.105714][    T9] usb 6-1: device descriptor read/64, error -32
[  129.136574][ T5919] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  129.155786][  T982] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  129.296860][ T5919] usb 2-1: Using ep0 maxpacket: 16
[  129.313695][ T5919] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  129.335219][  T982] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  129.349476][ T6420] batadv_slave_0: left promiscuous mode
[  129.358176][ T5919] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  129.371419][    T9] usb 6-1: reset high-speed USB device number 4 using dummy_hcd
[  129.380586][  T982] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  129.404384][  T982] usb 5-1: config 0 has no interface number 0
[  129.412493][  T982] usb 5-1: config 0 interface 41 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  129.431471][ T5919] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  129.441557][  T982] usb 5-1: config 0 interface 41 has no altsetting 0
[  129.449839][ T5919] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  129.459446][ T5919] usb 2-1: Manufacturer: syz
[  129.468050][  T982] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  129.482072][  T982] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.491209][ T5919] usb 2-1: config 0 descriptor??
[  129.498549][  T982] usb 5-1: Product: syz
[  129.525902][    T9] usb 6-1: device descriptor read/64, error -32
[  129.533945][  T982] usb 5-1: Manufacturer: syz
[  129.540203][  T982] usb 5-1: SerialNumber: syz
[  129.560495][  T982] usb 5-1: config 0 descriptor??
[  129.601413][  T982] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -22
[  130.064606][  T982] usb 2-1: USB disconnect, device number 11
[  130.289374][ T6470] PKCS7: Unknown OID: [4] 0.0.127.58.108.27.13(bad)
[  130.289398][ T6470] PKCS7: Only support pkcs7_signedData type
[  130.418450][   T10] usb 6-1: USB disconnect, device number 4
[  130.598810][ T6474] netlink: 'syz.0.125': attribute type 303 has an invalid length.
[  130.789662][ T6481] netlink: 'syz.1.127': attribute type 21 has an invalid length.
[  130.819885][ T6481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.127'.
[  130.855847][ T6481] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  131.016931][ T5937] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  131.186228][ T5937] usb 1-1: Using ep0 maxpacket: 8
[  131.214241][ T5937] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  131.222890][ T5937] usb 1-1: config 179 has no interface number 0
[  131.236723][ T5937] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  131.267999][ T5937] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  131.300455][ T5937] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  131.325648][ T5937] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  131.365653][ T5937] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  131.405867][ T5937] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  131.429723][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.462568][ T6478] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  131.731814][ T6501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.740991][ T6501] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.778165][   T29] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input9
[  131.934736][ T5937] usb 1-1: USB disconnect, device number 7
[  131.934809][    C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  131.934830][   T10] usb 5-1: USB disconnect, device number 4
[  131.934860][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  132.264948][ T6507] netlink: 16 bytes leftover after parsing attributes in process `syz.1.136'.
[  132.296779][ T6507] netlink: 20 bytes leftover after parsing attributes in process `syz.1.136'.
[  132.616214][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.137'.
[  132.735813][ T6519] netlink: 'syz.0.139': attribute type 303 has an invalid length.
[  132.885725][ T5910] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  132.960250][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  132.969466][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  133.045729][ T5910] usb 2-1: Using ep0 maxpacket: 16
[  133.055741][ T5910] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.067177][ T5910] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[  133.110698][ T5910] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  133.135853][ T5910] usb 2-1: config 1 interface 2 has no altsetting 0
[  133.168562][ T5910] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  133.181733][ T5910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.213145][ T6524] syzkaller1: entered promiscuous mode
[  133.220121][ T5910] usb 2-1: Product: syz
[  133.224642][ T5910] usb 2-1: Manufacturer: syz
[  133.232231][ T6524] syzkaller1: entered allmulticast mode
[  133.238619][ T5910] usb 2-1: SerialNumber: syz
[  133.473413][ T5910] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  133.490981][ T5910] usb 2-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  133.530296][ T5910] usb 2-1: found format II with max.bitrate = 3, frame size=7
[  133.555925][ T5910] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  133.574363][ T5910] usb 2-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  133.604720][ T5910] usb 2-1: found format II with max.bitrate = 3, frame size=7
[  133.644791][ T5910] usb 2-1: selecting invalid altsetting 0
[  133.681440][ T5910] usb 2-1: selecting invalid altsetting 0
[  133.847391][ T6541] FAULT_INJECTION: forcing a failure.
[  133.847391][ T6541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.909201][ T6541] CPU: 1 UID: 0 PID: 6541 Comm: syz.3.146 Not tainted syzkaller #0 PREEMPT(full) 
[  133.909231][ T6541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  133.909244][ T6541] Call Trace:
[  133.909252][ T6541]  <TASK>
[  133.909260][ T6541]  dump_stack_lvl+0xe8/0x150
[  133.909295][ T6541]  should_fail_ex+0x412/0x560
[  133.909331][ T6541]  _copy_from_user+0x2d/0xb0
[  133.909355][ T6541]  ___sys_recvmsg+0x175/0x590
[  133.909377][ T6541]  ? __lock_acquire+0x6b5/0x2cf0
[  133.909407][ T6541]  ? __pfx____sys_recvmsg+0x10/0x10
[  133.909462][ T6541]  do_recvmmsg+0x334/0x800
[  133.909507][ T6541]  ? __pfx_do_recvmmsg+0x10/0x10
[  133.909543][ T6541]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  133.909583][ T6541]  __x64_sys_recvmmsg+0x198/0x250
[  133.909612][ T6541]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  133.909648][ T6541]  do_syscall_64+0x14d/0xf80
[  133.909672][ T6541]  ? trace_irq_disable+0x3b/0x150
[  133.909690][ T6541]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.909711][ T6541]  ? clear_bhb_loop+0x40/0x90
[  133.909736][ T6541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.909757][ T6541] RIP: 0033:0x7fe86659c799
[  133.909776][ T6541] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  133.909792][ T6541] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  133.909813][ T6541] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  133.909828][ T6541] RDX: 03ffffffffffff67 RSI: 0000200000002440 RDI: 0000000000000004
[  133.909841][ T6541] RBP: 00007fe867410090 R08: 0000000000000000 R09: 0000000000000000
[  133.909853][ T6541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  133.909864][ T6541] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  133.909894][ T6541]  </TASK>
[  134.109185][ T5910] usb 2-1: USB disconnect, device number 12
[  134.600865][ T6449] udevd[6449]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  134.682865][ T6561] netlink: 56 bytes leftover after parsing attributes in process `syz.0.149'.
[  134.713176][ T6561] netlink: 20 bytes leftover after parsing attributes in process `syz.0.149'.
[  134.748329][ T6552] netlink: 'syz.1.148': attribute type 32 has an invalid length.
[  134.793596][ T6552] netlink: 8 bytes leftover after parsing attributes in process `syz.1.148'.
[  134.943652][ T6552] bond1: option coupled_control: invalid value (118)
[  135.063574][ T6552] bond1 (unregistering): Released all slaves
[  135.115007][ T6574] netlink: 'syz.0.152': attribute type 303 has an invalid length.
[  135.387780][ T6587] FAULT_INJECTION: forcing a failure.
[  135.387780][ T6587] name failslab, interval 1, probability 0, space 0, times 1
[  135.443111][ T6587] CPU: 1 UID: 0 PID: 6587 Comm: syz.3.156 Not tainted syzkaller #0 PREEMPT(full) 
[  135.443140][ T6587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  135.443153][ T6587] Call Trace:
[  135.443161][ T6587]  <TASK>
[  135.443171][ T6587]  dump_stack_lvl+0xe8/0x150
[  135.443206][ T6587]  should_fail_ex+0x412/0x560
[  135.443244][ T6587]  should_failslab+0xa8/0x100
[  135.443274][ T6587]  __kmalloc_cache_noprof+0x88/0x660
[  135.443297][ T6587]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[  135.443330][ T6587]  ? sctp_add_bind_addr+0x8c/0x370
[  135.443366][ T6587]  sctp_add_bind_addr+0x8c/0x370
[  135.443406][ T6587]  sctp_copy_local_addr_list+0x314/0x4f0
[  135.443441][ T6587]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  135.443473][ T6587]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  135.443506][ T6587]  ? sctp_v6_is_any+0x64/0x80
[  135.443527][ T6587]  ? sctp_copy_one_addr+0x93/0x360
[  135.443562][ T6587]  sctp_bind_addr_copy+0xb3/0x3c0
[  135.443594][ T6587]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  135.443625][ T6587]  sctp_connect_new_asoc+0x2ff/0x6b0
[  135.443652][ T6587]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  135.443683][ T6587]  ? __local_bh_enable_ip+0xd0/0x130
[  135.443709][ T6587]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  135.443735][ T6587]  ? security_sctp_bind_connect+0x7e/0x2c0
[  135.443766][ T6587]  sctp_sendmsg+0x1528/0x2c10
[  135.443805][ T6587]  ? __pfx_sctp_sendmsg+0x10/0x10
[  135.443831][ T6587]  ? aa_sk_perm+0x6d5/0x900
[  135.443877][ T6587]  ? __pfx_aa_sk_perm+0x10/0x10
[  135.443910][ T6587]  ? sock_rps_record_flow+0x19/0x400
[  135.443936][ T6587]  ? __pfx_inet_sendmsg+0x10/0x10
[  135.443962][ T6587]  ? inet_sendmsg+0x2f4/0x370
[  135.443987][ T6587]  ? __pfx_inet_sendmsg+0x10/0x10
[  135.444014][ T6587]  __sys_sendto+0x5de/0x710
[  135.444040][ T6587]  ? __pfx___sys_sendto+0x10/0x10
[  135.444059][ T6587]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  135.444099][ T6587]  ? __fget_files+0x3a0/0x420
[  135.444143][ T6587]  ? ksys_write+0x242/0x270
[  135.444169][ T6587]  ? __pfx_ksys_write+0x10/0x10
[  135.444198][ T6587]  __x64_sys_sendto+0xde/0x100
[  135.444224][ T6587]  do_syscall_64+0x14d/0xf80
[  135.444248][ T6587]  ? trace_irq_disable+0x3b/0x150
[  135.444265][ T6587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.444287][ T6587]  ? clear_bhb_loop+0x40/0x90
[  135.444313][ T6587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.444333][ T6587] RIP: 0033:0x7fe86659c799
[  135.444352][ T6587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  135.444369][ T6587] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  135.444393][ T6587] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  135.444408][ T6587] RDX: 0000000000034000 RSI: 0000200000847fff RDI: 0000000000000003
[  135.444420][ T6587] RBP: 00007fe867410090 R08: 000020000005ffe4 R09: 000000000000001c
[  135.444434][ T6587] R10: 00000000000000e0 R11: 0000000000000246 R12: 0000000000000002
[  135.444446][ T6587] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  135.444480][ T6587]  </TASK>
[  135.697014][ T6579] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  135.766555][ T6579] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  135.773684][ T6579] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  135.780932][ T6579] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  135.787522][ T6579] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  135.794070][ T6579] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  135.800782][ T6579] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  135.807719][ T6579] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  135.814191][ T6579] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  135.820728][ T6579] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  137.399002][ T6602] netlink: 20 bytes leftover after parsing attributes in process `syz.1.160'.
[  137.568504][ T6608] libceph: resolve '0.4' (ret=-3): failed
[  137.628427][ T6608] netlink: 12 bytes leftover after parsing attributes in process `syz.3.161'.
[  138.311895][ T6638] mmap: syz.1.163 (6638) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  138.335701][ T5937] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  138.583909][ T6643] netlink: 44 bytes leftover after parsing attributes in process `syz.3.167'.
[  138.593465][ T5937] usb 6-1: Using ep0 maxpacket: 32
[  138.667899][ T5937] usb 6-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  138.692650][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.703622][ T5937] usb 6-1: Product: syz
[  138.708018][ T5937] usb 6-1: Manufacturer: syz
[  138.712876][ T5937] usb 6-1: SerialNumber: syz
[  138.745746][ T5937] usb 6-1: config 0 descriptor??
[  138.971722][ T5937] airspy 6-1:0.0: usb_control_msg() failed -71 request 0a
[  138.985684][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  139.012431][ T5937] airspy 6-1:0.0: Could not detect board
[  139.051135][ T5937] airspy 6-1:0.0: probe with driver airspy failed with error -71
[  139.094552][ T5937] usb 6-1: USB disconnect, device number 5
[  139.146878][   T10] usb 5-1: Using ep0 maxpacket: 8
[  139.159874][   T10] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  139.180777][   T10] usb 5-1: config 179 has no interface number 0
[  139.205164][   T10] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  139.240086][   T10] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  139.266449][   T10] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  139.311520][   T10] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  139.354290][   T10] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  139.404049][   T10] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  139.427092][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.492346][ T6645] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  139.619611][ T6659] syz_tun: entered allmulticast mode
[  139.727725][ T6645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.776567][ T6645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.847269][   T10] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input10
[  139.965688][ T5937] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  140.039354][ T6645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.102904][ T6645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.160525][ T5937] usb 6-1: Using ep0 maxpacket: 8
[  140.185213][ T5937] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[  140.201166][ T5937] usb 6-1: config 0 has no interface number 0
[  140.230066][ T6665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.239390][ T6665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.289066][ T5937] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  140.315422][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.353805][ T6669] netlink: 'syz.0.172': attribute type 13 has an invalid length.
[  140.363086][ T5937] usb 6-1: Product: syz
[  140.370199][ T5937] usb 6-1: Manufacturer: syz
[  140.380136][ T5937] usb 6-1: SerialNumber: syz
[  140.422526][ T5937] usb 6-1: config 0 descriptor??
[  140.474958][ T6672] netlink: 12 bytes leftover after parsing attributes in process `syz.1.173'.
[  140.762011][ T6676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.174'.
[  140.844198][ T6676] FAULT_INJECTION: forcing a failure.
[  140.844198][ T6676] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.863913][ T6676] CPU: 0 UID: 0 PID: 6676 Comm: syz.0.174 Not tainted syzkaller #0 PREEMPT(full) 
[  140.863943][ T6676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  140.863956][ T6676] Call Trace:
[  140.863964][ T6676]  <TASK>
[  140.863973][ T6676]  dump_stack_lvl+0xe8/0x150
[  140.864010][ T6676]  should_fail_ex+0x412/0x560
[  140.864047][ T6676]  _copy_from_user+0x2d/0xb0
[  140.864072][ T6676]  __sys_sendto+0x2b0/0x710
[  140.864098][ T6676]  ? __pfx___sys_sendto+0x10/0x10
[  140.864118][ T6676]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  140.864156][ T6676]  ? __fget_files+0x3a0/0x420
[  140.864199][ T6676]  ? ksys_write+0x242/0x270
[  140.864225][ T6676]  ? __pfx_ksys_write+0x10/0x10
[  140.864253][ T6676]  __x64_sys_sendto+0xde/0x100
[  140.864280][ T6676]  do_syscall_64+0x14d/0xf80
[  140.864302][ T6676]  ? trace_irq_disable+0x3b/0x150
[  140.864321][ T6676]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.864342][ T6676]  ? clear_bhb_loop+0x40/0x90
[  140.864367][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.864388][ T6676] RIP: 0033:0x7fb148f9c799
[  140.864407][ T6676] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  140.864433][ T6676] RSP: 002b:00007fb149e97028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  140.864456][ T6676] RAX: ffffffffffffffda RBX: 00007fb149215fa0 RCX: 00007fb148f9c799
[  140.864471][ T6676] RDX: 000000000000000e RSI: 00002000000002c0 RDI: 0000000000000003
[  140.864485][ T6676] RBP: 00007fb149e97090 R08: 0000200000000440 R09: 0000000000000014
[  140.864498][ T6676] R10: 171346df250871c7 R11: 0000000000000246 R12: 0000000000000001
[  140.864510][ T6676] R13: 00007fb149216038 R14: 00007fb149215fa0 R15: 00007fb14933fa48
[  140.864543][ T6676]  </TASK>
[  141.437238][ T6688] capability: warning: `syz.0.177' uses deprecated v2 capabilities in a way that may be insecure
[  141.603449][ T6693] FAULT_INJECTION: forcing a failure.
[  141.603449][ T6693] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.657599][ T6693] CPU: 1 UID: 0 PID: 6693 Comm: syz.3.179 Not tainted syzkaller #0 PREEMPT(full) 
[  141.657629][ T6693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  141.657642][ T6693] Call Trace:
[  141.657651][ T6693]  <TASK>
[  141.657660][ T6693]  dump_stack_lvl+0xe8/0x150
[  141.657695][ T6693]  should_fail_ex+0x412/0x560
[  141.657731][ T6693]  _copy_from_user+0x2d/0xb0
[  141.657758][ T6693]  __se_sys_move_pages+0x12bf/0x1b80
[  141.657802][ T6693]  ? get_pid_task+0x20/0x1f0
[  141.657830][ T6693]  ? __pfx___se_sys_move_pages+0x10/0x10
[  141.657880][ T6693]  ? ksys_write+0x1e6/0x270
[  141.657915][ T6693]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  141.657945][ T6693]  ? __fget_files+0x3a0/0x420
[  141.657983][ T6693]  ? fput+0xa0/0xd0
[  141.658013][ T6693]  ? ksys_write+0x242/0x270
[  141.658038][ T6693]  ? __pfx_ksys_write+0x10/0x10
[  141.658066][ T6693]  ? __x64_sys_move_pages+0x21/0xf0
[  141.658099][ T6693]  do_syscall_64+0x14d/0xf80
[  141.658121][ T6693]  ? trace_irq_disable+0x3b/0x150
[  141.658139][ T6693]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.658159][ T6693]  ? clear_bhb_loop+0x40/0x90
[  141.658184][ T6693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.658205][ T6693] RIP: 0033:0x7fe86659c799
[  141.658225][ T6693] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  141.658242][ T6693] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  141.658264][ T6693] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  141.658280][ T6693] RDX: 0000200000000080 RSI: 0000000000001efe RDI: 0000000000000000
[  141.658293][ T6693] RBP: 00007fe867410090 R08: 0000200000000040 R09: 0000000000000000
[  141.658307][ T6693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.658319][ T6693] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  141.658350][ T6693]  </TASK>
[  141.765858][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  142.088260][ T5910] usb 5-1: USB disconnect, device number 5
[  142.088322][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  142.102540][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  142.157797][ T5937] uvcvideo 6-1:0.31: probe with driver uvcvideo failed with error -22
[  142.185716][   T10] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  142.291354][ T5937] usb 6-1: USB disconnect, device number 6
[  142.300065][ T6702] input: syz1 as /devices/virtual/input/input11
[  142.358309][   T10] usb 2-1: Using ep0 maxpacket: 16
[  142.393849][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.465693][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.502319][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  142.564408][   T10] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  142.588810][ T6714] netlink: 'syz.4.184': attribute type 13 has an invalid length.
[  142.600753][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.612891][ T6715] program syz.0.185 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  142.670443][   T10] usb 2-1: config 0 descriptor??
[  142.687710][ T6715] program syz.0.185 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  143.076468][ T5937] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  143.209582][   T10] HID 045e:07da: Invalid code 65791 type 1
[  143.281622][   T10] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0002/input/input12
[  143.348234][   T10] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  143.374289][ T5937] usb 6-1: Using ep0 maxpacket: 16
[  143.426505][ T5937] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[  143.477528][ T5937] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  143.515667][ T5937] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  143.579914][ T5937] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  143.630495][ T6745] netlink: 'syz.1.180': attribute type 10 has an invalid length.
[  143.643078][ T6745] team0: Device ipvlan1 failed to register rx_handler
[  143.664708][ T5937] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  143.797393][ T6748] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.814589][ T5937] usb 6-1: config 0 has no interface number 0
[  143.825461][ T6748] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.845951][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  143.848779][ T5937] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  143.951026][ T5937] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  143.997994][ T5937] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  144.028455][ T5937] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  144.109565][ T5937] usb 6-1: config 0 interface 125 has no altsetting 0
[  144.154851][ T5937] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  144.165871][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.285154][ T5937] usb 6-1: Product: syz
[  144.293986][ T5937] usb 6-1: Manufacturer: syz
[  144.299224][ T5937] usb 6-1: SerialNumber: syz
[  144.311923][ T5937] usb 6-1: config 0 descriptor??
[  144.493216][  T796] usb 2-1: reset high-speed USB device number 13 using dummy_hcd
[  145.479096][ T6765] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.193'.
[  145.543472][ T6768] netlink: 12 bytes leftover after parsing attributes in process `syz.4.194'.
[  145.746199][    C1] usb 6-1: async_complete: urb error -71
[  145.752242][    C1] usb 6-1: async_complete: urb error -71
[  145.813816][    C1] usb 6-1: async_complete: urb error -71
[  145.820506][ T6771] input: syz0 as /devices/virtual/input/input13
[  145.821375][    C1] usb 6-1: async_complete: urb error -71
[  145.847269][ T5937] get_1284_register: usb error -71
[  145.866434][ T6774] netlink: 'syz.5.197': attribute type 13 has an invalid length.
[  145.903924][ T5937] usb 6-1: USB disconnect, device number 7
[  145.925481][ T6775] loop2: detected capacity change from 0 to 7
[  145.967583][ T1219] usb 2-1: USB disconnect, device number 13
[  145.972224][ T6775] Dev loop2: unable to read RDB block 7
[  145.996729][ T6775]  loop2: unable to read partition table
[  146.017047][ T6775] loop2: partition table beyond EOD, truncated
[  146.047982][ T6775] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  146.263378][ T6785] net_ratelimit: 13068 callbacks suppressed
[  146.263400][ T6785] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  146.276147][ T6785] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  146.294337][ T6787] fuse: Bad value for 'rootmode'
[  146.494776][ T6792] Invalid logical block size (4194304)
[  146.547041][ T6793] program syz.3.203 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  146.642568][ T6793] program syz.3.203 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  147.253146][ T6808] netlink: 'syz.4.209': attribute type 13 has an invalid length.
[  147.261177][ T6808] netlink: 'syz.4.209': attribute type 17 has an invalid length.
[  147.269334][ T6808] netlink: 'syz.4.209': attribute type 27 has an invalid length.
[  147.614463][ T6813] xt_hashlimit: size too large, truncated to 1048576
[  147.817476][ T6816] syzkaller1: entered promiscuous mode
[  147.823011][ T6816] syzkaller1: entered allmulticast mode
[  148.156620][    T9] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  148.356360][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  148.405816][    T9] usb 1-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[  148.431735][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.485088][    T9] usb 1-1: config 0 descriptor??
[  148.523753][    T9] dvb-usb: found a 'TeVii S662' in warm state.
[  148.561646][    T9] dw2102: su3000_power_ctrl: 1, initialized 0
[  148.580522][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  148.630992][    T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  148.702368][    T9] dvb-usb: TeVii S662 error while loading driver (-19)
[  148.880290][ T6842] netlink: 'syz.1.220': attribute type 13 has an invalid length.
[  148.889541][ T6842] netlink: 'syz.1.220': attribute type 17 has an invalid length.
[  148.898366][ T6842] netlink: 'syz.1.220': attribute type 27 has an invalid length.
[  148.954678][  T982] usb 1-1: USB disconnect, device number 8
[  148.985676][ T1219] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  149.178818][ T1219] usb 4-1: unable to get BOS descriptor or descriptor too short
[  149.204219][ T1219] usb 4-1: not running at top speed; connect to a high speed hub
[  149.240275][ T1219] usb 4-1: config 17 has an invalid interface number: 8 but max is 1
[  149.255756][ T1219] usb 4-1: config 17 has 1 interface, different from the descriptor's value: 2
[  149.259627][ T6851] syzkaller0: entered promiscuous mode
[  149.273870][ T6851] syzkaller0: entered allmulticast mode
[  149.280413][ T1219] usb 4-1: config 17 has no interface number 0
[  149.287632][ T1219] usb 4-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 14129, setting to 64
[  149.312148][ T6851] FAULT_INJECTION: forcing a failure.
[  149.312148][ T6851] name failslab, interval 1, probability 0, space 0, times 0
[  149.329794][ T1219] usb 4-1: config 17 interface 8 has no altsetting 0
[  149.348360][ T1219] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  149.358006][ T1219] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.367914][ T6851] CPU: 1 UID: 0 PID: 6851 Comm: syz.1.224 Not tainted syzkaller #0 PREEMPT(full) 
[  149.367946][ T6851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  149.367959][ T6851] Call Trace:
[  149.367967][ T6851]  <TASK>
[  149.367976][ T6851]  dump_stack_lvl+0xe8/0x150
[  149.368011][ T6851]  should_fail_ex+0x412/0x560
[  149.368048][ T6851]  should_failslab+0xa8/0x100
[  149.368078][ T6851]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  149.368102][ T6851]  ? __alloc_skb+0x186/0x7d0
[  149.368122][ T6851]  ? __alloc_skb+0x1d0/0x7d0
[  149.368140][ T6851]  ? __local_bh_enable_ip+0xd0/0x130
[  149.368173][ T6851]  __alloc_skb+0x1d0/0x7d0
[  149.368199][ T6851]  alloc_skb_with_frags+0xca/0x890
[  149.368229][ T6851]  ? __lock_acquire+0x6b5/0x2cf0
[  149.368262][ T6851]  sock_alloc_send_pskb+0x878/0x990
[  149.368295][ T6851]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  149.368338][ T6851]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  149.368369][ T6851]  ? dev_get_by_index+0x22/0x2e0
[  149.368397][ T6851]  ? dev_get_by_index+0x22/0x2e0
[  149.368447][ T6851]  packet_sendmsg+0x33e5/0x50f0
[  149.368477][ T6851]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  149.368512][ T6851]  ? __lock_acquire+0x6b5/0x2cf0
[  149.368572][ T6851]  ? aa_sk_perm+0x6d5/0x900
[  149.368601][ T6851]  ? __pfx_packet_sendmsg+0x10/0x10
[  149.368631][ T6851]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  149.368670][ T6851]  ? aa_sock_msg_perm+0xf1/0x1b0
[  149.368710][ T6851]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  149.368738][ T6851]  ____sys_sendmsg+0x972/0x9f0
[  149.368782][ T6851]  ? __pfx_____sys_sendmsg+0x10/0x10
[  149.368824][ T6851]  ? import_iovec+0x73/0xa0
[  149.368851][ T6851]  ___sys_sendmsg+0x2a5/0x360
[  149.368882][ T6851]  ? __pfx____sys_sendmsg+0x10/0x10
[  149.368942][ T6851]  ? __fget_files+0x2a/0x420
[  149.368972][ T6851]  ? __fget_files+0x3a0/0x420
[  149.369014][ T6851]  __x64_sys_sendmsg+0x1bd/0x2a0
[  149.369041][ T6851]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  149.369074][ T6851]  ? __pfx_ksys_write+0x10/0x10
[  149.369109][ T6851]  do_syscall_64+0x14d/0xf80
[  149.369132][ T6851]  ? trace_irq_disable+0x3b/0x150
[  149.369150][ T6851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.369171][ T6851]  ? clear_bhb_loop+0x40/0x90
[  149.369197][ T6851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.369217][ T6851] RIP: 0033:0x7ff27059c799
[  149.369237][ T6851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  149.369253][ T6851] RSP: 002b:00007ff2713e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.369275][ T6851] RAX: ffffffffffffffda RBX: 00007ff270815fa0 RCX: 00007ff27059c799
[  149.369290][ T6851] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000005
[  149.369302][ T6851] RBP: 00007ff2713e6090 R08: 0000000000000000 R09: 0000000000000000
[  149.369315][ T6851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.369326][ T6851] R13: 00007ff270816038 R14: 00007ff270815fa0 R15: 00007ff27093fa48
[  149.369359][ T6851]  </TASK>
[  149.369560][ T1219] usb 4-1: Product: syz
[  149.725149][ T1219] usb 4-1: Manufacturer: syz
[  149.730086][ T1219] usb 4-1: SerialNumber: syz
[  149.839102][ T6859] program syz.4.227 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  149.849063][ T6859] program syz.4.227 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  150.051034][ T1219] usb 4-1: selecting invalid altsetting 0
[  150.220257][ T1219] usb 4-1: USB disconnect, device number 6
[  150.413368][ T6865] bond_slave_0: entered promiscuous mode
[  150.419355][ T6865] bond_slave_1: entered promiscuous mode
[  150.442416][ T6865] vlan2: entered promiscuous mode
[  150.452069][ T6865] bond0: entered promiscuous mode
[  150.959932][ T6872] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  150.985994][  T982] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  151.063137][ T6874] netlink: 'syz.3.233': attribute type 13 has an invalid length.
[  151.089464][ T6874] netlink: 'syz.3.233': attribute type 17 has an invalid length.
[  151.117148][ T6874] netlink: 'syz.3.233': attribute type 27 has an invalid length.
[  151.132386][  T982] usb 2-1: device descriptor read/64, error -71
[  151.386086][  T982] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  151.547319][  T982] usb 2-1: device descriptor read/64, error -71
[  151.711816][  T982] usb usb2-port1: attempt power cycle
[  151.870541][ T5910] usb 4-1: new low-speed USB device number 7 using dummy_hcd
[  151.935633][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  152.067352][ T6898] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  152.076590][  T982] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  152.097893][ T6898] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.098010][ T5910] usb 4-1: config 32 has 1 interface, different from the descriptor's value: 2
[  152.110553][ T6898] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.131223][  T982] usb 2-1: device descriptor read/8, error -71
[  152.158402][ T5910] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[  152.171262][ T5910] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 255, setting to 8
[  152.381051][ T5910] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  152.411979][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.436055][  T982] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  152.456482][  T982] usb 2-1: device descriptor read/8, error -71
[  152.545285][ T6884] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  152.566229][  T982] usb usb2-port1: unable to enumerate USB device
[  152.763596][ T5910] usb 4-1: string descriptor 0 read error: -71
[  152.990948][ T5910] usb 4-1: USB disconnect, device number 7
[  153.143651][ T6907] netlink: 'syz.4.245': attribute type 13 has an invalid length.
[  153.167790][ T6907] netlink: 28 bytes leftover after parsing attributes in process `syz.4.245'.
[  153.786902][ T6924] FAULT_INJECTION: forcing a failure.
[  153.786902][ T6924] name failslab, interval 1, probability 0, space 0, times 0
[  153.822723][ T6916] fuse: Bad value for 'fd'
[  153.830350][ T6924] CPU: 1 UID: 0 PID: 6924 Comm: syz.3.250 Not tainted syzkaller #0 PREEMPT(full) 
[  153.830378][ T6924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  153.830391][ T6924] Call Trace:
[  153.830399][ T6924]  <TASK>
[  153.830408][ T6924]  dump_stack_lvl+0xe8/0x150
[  153.830443][ T6924]  should_fail_ex+0x412/0x560
[  153.830481][ T6924]  should_failslab+0xa8/0x100
[  153.830518][ T6924]  ? skb_clone+0x212/0x3a0
[  153.830545][ T6924]  kmem_cache_alloc_noprof+0x87/0x650
[  153.830577][ T6924]  skb_clone+0x212/0x3a0
[  153.830607][ T6924]  __netlink_deliver_tap+0x404/0x850
[  153.830653][ T6924]  ? netlink_deliver_tap+0x2e/0x1b0
[  153.830688][ T6924]  netlink_deliver_tap+0x19c/0x1b0
[  153.830722][ T6924]  netlink_sendskb+0x68/0x140
[  153.830754][ T6924]  netlink_unicast+0x3a3/0x9b0
[  153.830793][ T6924]  ? __pfx_netlink_unicast+0x10/0x10
[  153.830833][ T6924]  nfnetlink_rcv+0x2517/0x27b0
[  153.830899][ T6924]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  153.830946][ T6924]  ? ref_tracker_free+0x693/0x840
[  153.831006][ T6924]  ? __netlink_deliver_tap+0x807/0x850
[  153.831042][ T6924]  ? netlink_deliver_tap+0x2e/0x1b0
[  153.831088][ T6924]  netlink_unicast+0x80f/0x9b0
[  153.831124][ T6924]  ? __pfx_netlink_unicast+0x10/0x10
[  153.831154][ T6924]  ? netlink_sendmsg+0x650/0xb40
[  153.831172][ T6924]  ? skb_put+0x11b/0x210
[  153.831197][ T6924]  netlink_sendmsg+0x813/0xb40
[  153.831225][ T6924]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.831248][ T6924]  ? aa_sock_msg_perm+0xf1/0x1b0
[  153.831279][ T6924]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  153.831307][ T6924]  ____sys_sendmsg+0x972/0x9f0
[  153.831340][ T6924]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.831375][ T6924]  ? import_iovec+0x73/0xa0
[  153.831401][ T6924]  ___sys_sendmsg+0x2a5/0x360
[  153.831431][ T6924]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.831500][ T6924]  ? __fget_files+0x2a/0x420
[  153.831532][ T6924]  ? __fget_files+0x3a0/0x420
[  153.831574][ T6924]  __x64_sys_sendmsg+0x1bd/0x2a0
[  153.831604][ T6924]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  153.831640][ T6924]  ? __pfx_ksys_write+0x10/0x10
[  153.831676][ T6924]  do_syscall_64+0x14d/0xf80
[  153.831700][ T6924]  ? trace_irq_disable+0x3b/0x150
[  153.831718][ T6924]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.831740][ T6924]  ? clear_bhb_loop+0x40/0x90
[  153.831766][ T6924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.831788][ T6924] RIP: 0033:0x7fe86659c799
[  153.831808][ T6924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.831825][ T6924] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.831848][ T6924] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  153.831864][ T6924] RDX: 0000000024044010 RSI: 0000200000000100 RDI: 0000000000000003
[  153.831877][ T6924] RBP: 00007fe867410090 R08: 0000000000000000 R09: 0000000000000000
[  153.831890][ T6924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  153.831903][ T6924] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  153.831937][ T6924]  </TASK>
[  154.545732][   T30] audit: type=1326 audit(1774557542.536:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff27059c799 code=0x7ffc0000
[  154.653815][   T30] audit: type=1326 audit(1774557542.536:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff27059c799 code=0x7ffc0000
[  154.691969][   T30] audit: type=1326 audit(1774557542.616:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7ff27059c799 code=0x7ffc0000
[  154.830188][ T6934] FAULT_INJECTION: forcing a failure.
[  154.830188][ T6934] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  154.850585][ T6938] fuse: Bad value for 'fd'
[  154.894113][ T6934] CPU: 0 UID: 0 PID: 6934 Comm: syz.3.253 Not tainted syzkaller #0 PREEMPT(full) 
[  154.894143][ T6934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  154.894156][ T6934] Call Trace:
[  154.894165][ T6934]  <TASK>
[  154.894174][ T6934]  dump_stack_lvl+0xe8/0x150
[  154.894210][ T6934]  should_fail_ex+0x412/0x560
[  154.894247][ T6934]  prepare_alloc_pages+0x22a/0x650
[  154.894283][ T6934]  __alloc_frozen_pages_noprof+0x12f/0x380
[  154.894315][ T6934]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  154.894347][ T6934]  ? __pfx_policy_nodemask+0x10/0x10
[  154.894370][ T6934]  ? handle_mm_fault+0xee/0x3310
[  154.894412][ T6934]  alloc_pages_mpol+0x232/0x4a0
[  154.894446][ T6934]  folio_alloc_mpol_noprof+0x39/0x70
[  154.894477][ T6934]  shmem_alloc_and_add_folio+0x445/0xf80
[  154.894506][ T6934]  ? filemap_get_entry+0xca/0x320
[  154.894528][ T6934]  ? filemap_get_entry+0xca/0x320
[  154.894553][ T6934]  ? filemap_get_entry+0x2ac/0x320
[  154.894576][ T6934]  ? __pfx_filemap_get_entry+0x10/0x10
[  154.894600][ T6934]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  154.894626][ T6934]  ? shmem_allowable_huge_orders+0x309/0x690
[  154.894667][ T6934]  shmem_get_folio_gfp+0x5a9/0x1670
[  154.894720][ T6934]  shmem_write_begin+0x16c/0x330
[  154.894750][ T6934]  generic_perform_write+0x2e2/0x8f0
[  154.894793][ T6934]  ? __pfx_generic_perform_write+0x10/0x10
[  154.894823][ T6934]  ? do_raw_spin_unlock+0xf5/0x210
[  154.894846][ T6934]  ? mnt_put_write_access_file+0xc0/0x100
[  154.894883][ T6934]  ? file_update_time_flags+0x400/0x4a0
[  154.894911][ T6934]  shmem_file_write_iter+0xf8/0x120
[  154.894938][ T6934]  do_iter_readv_writev+0x619/0x8c0
[  154.894967][ T6934]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  154.895011][ T6934]  vfs_writev+0x33c/0x990
[  154.895050][ T6934]  ? __pfx_vfs_writev+0x10/0x10
[  154.895095][ T6934]  ? __fget_files+0x2a/0x420
[  154.895131][ T6934]  ? __fget_files+0x3a0/0x420
[  154.895161][ T6934]  ? __fget_files+0x2a/0x420
[  154.895202][ T6934]  do_writev+0x154/0x2e0
[  154.895234][ T6934]  ? __pfx_do_writev+0x10/0x10
[  154.895277][ T6934]  do_syscall_64+0x14d/0xf80
[  154.895301][ T6934]  ? trace_irq_disable+0x3b/0x150
[  154.895320][ T6934]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.895341][ T6934]  ? clear_bhb_loop+0x40/0x90
[  154.895368][ T6934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.895389][ T6934] RIP: 0033:0x7fe86659c799
[  154.895409][ T6934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  154.895426][ T6934] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  154.895448][ T6934] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  154.895464][ T6934] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000004
[  154.895477][ T6934] RBP: 00007fe867410090 R08: 0000000000000000 R09: 0000000000000000
[  154.895490][ T6934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.895502][ T6934] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  154.895537][ T6934]  </TASK>
[  154.956665][   T29] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  155.269277][   T30] audit: type=1326 audit(1774557543.226:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff27059c799 code=0x7ffc0000
[  155.286449][  T982] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  155.309255][   T30] audit: type=1326 audit(1774557543.226:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.1.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff27059c799 code=0x7ffc0000
[  155.380671][ T6946] netlink: 'syz.3.256': attribute type 13 has an invalid length.
[  155.391123][ T6946] netlink: 28 bytes leftover after parsing attributes in process `syz.3.256'.
[  155.515063][ T6948] sg_write: data in/out 156/36 bytes for SCSI command 0x69-- guessing data in;
[  155.515063][ T6948]    program syz.3.257 not setting count and/or reply_len properly
[  155.535963][  T982] usb 5-1: Using ep0 maxpacket: 16
[  155.548568][  T982] usb 5-1: no configurations
[  155.558996][   T29] usb 6-1: unable to get BOS descriptor or descriptor too short
[  155.568886][   T29] usb 6-1: not running at top speed; connect to a high speed hub
[  155.578004][   T29] usb 6-1: too many configurations: 228, using maximum allowed: 8
[  155.587401][  T982] usb 5-1: can't read configurations, error -22
[  155.591772][   T29] usb 6-1: unable to read config index 0 descriptor/start: -61
[  155.602181][   T29] usb 6-1: can't read configurations, error -61
[  155.745900][  T982] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  155.815757][   T29] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  155.994187][  T982] usb 5-1: Using ep0 maxpacket: 16
[  156.006634][  T982] usb 5-1: no configurations
[  156.011372][  T982] usb 5-1: can't read configurations, error -22
[  156.035766][  T982] usb usb5-port1: attempt power cycle
[  156.057777][   T29] usb 6-1: unable to get BOS descriptor or descriptor too short
[  156.078229][   T29] usb 6-1: not running at top speed; connect to a high speed hub
[  156.113801][   T29] usb 6-1: too many configurations: 228, using maximum allowed: 8
[  156.175128][   T29] usb 6-1: unable to read config index 0 descriptor/start: -61
[  156.188669][   T29] usb 6-1: can't read configurations, error -61
[  156.206089][   T29] usb usb6-port1: attempt power cycle
[  156.476053][  T982] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  156.496427][  T982] usb 5-1: Using ep0 maxpacket: 16
[  156.502495][  T982] usb 5-1: no configurations
[  156.509655][  T982] usb 5-1: can't read configurations, error -22
[  156.685695][   T29] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  156.727417][  T982] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  156.776197][  T982] usb 5-1: Using ep0 maxpacket: 16
[  156.782010][  T982] usb 5-1: no configurations
[  156.791183][  T982] usb 5-1: can't read configurations, error -22
[  156.801726][  T982] usb usb5-port1: unable to enumerate USB device
[  156.916727][   T29] usb 6-1: device not accepting address 10, error -71
[  156.960372][ T6959] netlink: 12 bytes leftover after parsing attributes in process `syz.0.260'.
[  157.284426][   T29] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  157.317545][   T29] usb 6-1: Using ep0 maxpacket: 16
[  157.336803][   T29] usb 6-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  157.355999][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.393074][   T29] usb 6-1: config 0 descriptor??
[  157.439102][   T29] gspca_main: sonixj-2.14.0 probing 0471:0327
[  157.449297][ T6966] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  157.630034][ T6969] netlink: 12 bytes leftover after parsing attributes in process `syz.3.264'.
[  157.683477][ T6969] netlink: 12 bytes leftover after parsing attributes in process `syz.3.264'.
[  157.802495][ T6969] netlink: 12 bytes leftover after parsing attributes in process `syz.3.264'.
[  157.825789][   T29] gspca_sonixj: reg_r err -71
[  157.830621][   T29] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[  157.844768][   T29] usb 6-1: USB disconnect, device number 11
[  157.894205][ T6974] fuse: Bad value for 'fd'
[  158.068762][ T6981] netlink: 'syz.4.269': attribute type 13 has an invalid length.
[  158.077798][ T6981] netlink: 28 bytes leftover after parsing attributes in process `syz.4.269'.
[  158.156363][ T6976] openvswitch: netlink: IPv6 tunnel dst address is zero
[  158.498794][ T6996] faux_driver vkms: [drm] Unknown color mode 5; guessing buffer size.
[  158.653355][ T7001] netlink: 'syz.5.272': attribute type 6 has an invalid length.
[  158.919153][ T7003] netlink: 8 bytes leftover after parsing attributes in process `syz.4.274'.
[  159.275904][ T7008] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  159.342143][ T7010] fuse: Bad value for 'fd'
[  159.376365][ T7008] kvm: pic: non byte read
[  159.381173][ T7008] kvm: pic: non byte read
[  160.408891][   T30] audit: type=1800 audit(1774557548.406:63): pid=7031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.281" name=488C7D032EF69C502C6E1236BD381EFD410165988847C1DCB98A18CA2B853910E52044FA3B3026CB88DE269537C8F26FFC3B15CBF279832BFC90BD95939043182E88050DFD2A4784A5D1453610FB1F1C2BAC36C3ECD3E6FB756EF8880DEBEEF3636AFD981D8AF4AB119928448F90351AEC113335EACF52A18C87738D9679D3AC73797A6B616C6C6572 dev="tmpfs" ino=331 res=0 errno=0
[  160.786079][ T7035] syzkaller1: entered promiscuous mode
[  160.806735][ T7035] syzkaller1: entered allmulticast mode
[  160.825888][   T29] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  160.997368][   T29] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  161.014967][   T29] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.069049][   T29] usb 2-1: config 0 descriptor??
[  161.094733][   T29] cp210x 2-1:0.0: cp210x converter detected
[  161.297599][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.336180][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.477716][   T29] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -121
[  161.515908][   T29] cp210x 2-1:0.0: querying part number failed
[  161.575383][   T29] usb 2-1: cp210x converter now attached to ttyUSB0
[  162.165098][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.175630][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  162.236433][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.136993][ T7079] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  163.447014][ T7084] netlink: 36 bytes leftover after parsing attributes in process `syz.5.295'.
[  163.497775][ T7081] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  163.553251][ T7081] netlink: 148 bytes leftover after parsing attributes in process `syz.5.295'.
[  163.804836][   T29] usb 2-1: USB disconnect, device number 18
[  163.857536][   T29] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  163.879549][   T29] cp210x 2-1:0.0: device disconnected
[  164.568549][ T7097] batadv0: entered promiscuous mode
[  164.574289][ T7097] vlan2: entered promiscuous mode
[  164.739618][ T7102] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  165.020277][ T7104] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  165.160315][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.596168][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.759522][ T7110] team_slave_0: entered promiscuous mode
[  165.765435][ T7110] team_slave_1: entered promiscuous mode
[  165.771337][ T5910] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.828379][ T7110] vlan2: entered promiscuous mode
[  165.846817][ T7110] team0: entered promiscuous mode
[  165.925165][ T7114] sch_tbf: burst 1447 is lower than device macvtap0 mtu (1514) !
[  166.247227][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.285700][ T5910] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  166.428089][  T982] IPVS: starting estimator thread 0...
[  166.467081][ T5910] usb 1-1: Using ep0 maxpacket: 8
[  166.496012][ T5910] usb 1-1: config 9 has an invalid interface number: 122 but max is 0
[  166.519703][ T5910] usb 1-1: config 9 has no interface number 0
[  166.529989][ T7124] IPVS: using max 37 ests per chain, 88800 per kthread
[  166.536963][ T5833] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  166.551446][ T5910] usb 1-1: config 9 interface 122 altsetting 6 endpoint 0xE has invalid maxpacket 1023, setting to 64
[  166.595860][ T5910] usb 1-1: config 9 interface 122 has no altsetting 0
[  166.636056][ T5910] usb 1-1: New USB device found, idVendor=05ac, idProduct=9219, bcdDevice=f7.cd
[  166.666572][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.702886][ T5910] usb 1-1: Product: syz
[  166.721619][ T5833] usb 4-1: Using ep0 maxpacket: 32
[  166.721627][ T5910] usb 1-1: Manufacturer: syz
[  166.721647][ T5910] usb 1-1: SerialNumber: syz
[  166.778043][ T5833] usb 4-1: config 0 has an invalid interface number: 196 but max is 0
[  166.811931][ T7133] IPVS: sh: FWM 3 0x00000003 - no destination available
[  166.819017][ T5833] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.848935][ T5833] usb 4-1: config 0 has no interface number 0
[  166.881667][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.900293][ T5833] usb 4-1: config 0 interface 196 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  166.917515][ T5833] usb 4-1: config 0 interface 196 has no altsetting 0
[  166.933217][ T5833] usb 4-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  166.943093][ T5833] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.954000][ T5833] usb 4-1: Product: syz
[  166.978577][ T5833] usb 4-1: Manufacturer: syz
[  167.013908][ T7135] xt_hashlimit: invalid interval
[  167.031943][ T5833] usb 4-1: SerialNumber: syz
[  167.041751][ T5833] usb 4-1: config 0 descriptor??
[  167.127207][ T5910] appledisplay 1-1:9.122: Could not find int-in endpoint
[  167.135414][ T5910] usbhid 1-1:9.122: couldn't find an input interrupt endpoint
[  167.204194][ T7139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.310'.
[  167.216666][ T5910] usb 1-1: USB disconnect, device number 9
[  167.268631][ T5833] ipheth 4-1:0.196: Unable to find endpoints
[  167.281110][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.325889][ T5833] usb 4-1: USB disconnect, device number 8
[  168.007428][ T7155] netlink: 'syz.4.315': attribute type 14 has an invalid length.
[  168.247851][ T7161] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  168.316141][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.345993][   T30] audit: type=1326 audit(1774557556.326:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  168.375671][   T30] audit: type=1326 audit(1774557556.326:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  168.584341][   T30] audit: type=1326 audit(1774557556.326:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  168.697021][   T30] audit: type=1326 audit(1774557556.326:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  168.722264][   T30] audit: type=1326 audit(1774557556.326:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  168.918114][   T30] audit: type=1326 audit(1774557556.326:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  168.987645][ T7177] netlink: 136 bytes leftover after parsing attributes in process `syz.5.321'.
[  168.997043][   T30] audit: type=1326 audit(1774557556.326:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  169.093543][   T30] audit: type=1326 audit(1774557556.326:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  169.216272][   T30] audit: type=1326 audit(1774557556.326:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  169.287493][   T30] audit: type=1326 audit(1774557556.326:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f5b3039c799 code=0x7ffc0000
[  169.361686][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.424100][ T7186] netlink: 24 bytes leftover after parsing attributes in process `syz.3.323'.
[  170.412384][   T29] net_ratelimit: 2 callbacks suppressed
[  170.412404][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.837756][ T7224] fuse: Unknown parameter 'use0000000000000000000000000000000000000000'
[  171.040650][ T7203] syz_tun: left allmulticast mode
[  171.396203][   T29] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  171.442422][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.567059][   T29] usb 5-1: not running at top speed; connect to a high speed hub
[  171.588302][   T29] usb 5-1: config 95 has an invalid interface number: 1 but max is 0
[  171.625734][   T29] usb 5-1: config 95 has no interface number 0
[  171.673143][   T29] usb 5-1: config 95 interface 1 has no altsetting 0
[  171.708856][   T29] usb 5-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  171.779336][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.809165][   T29] usb 5-1: Product: syz
[  171.844997][   T29] usb 5-1: Manufacturer: syz
[  171.865263][   T29] usb 5-1: SerialNumber: syz
[  172.490735][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.598512][   T29] usb 5-1: USB disconnect, device number 10
[  172.983305][ T5910] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.166741][ T7247] autofs4:pid:7247:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.100), cmd(0xc018937e)
[  173.245711][ T7247] autofs4:pid:7247:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[  173.270166][ T6566] udevd[6566]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  173.532653][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.905758][   T29] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  173.965528][ T7257] fuse: Unknown parameter 'use0000000000000000000000000000000000000000'
[  174.106929][   T29] usb 5-1: Using ep0 maxpacket: 32
[  174.129938][   T29] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  174.139238][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.174837][   T29] usb 5-1: config 0 descriptor??
[  174.188817][   T29] as10x_usb: device has been detected
[  174.195264][   T29] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  174.269429][   T29] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  174.281745][   T29] as10x_usb: error during firmware upload part1
[  174.382650][   T29] Registered device nBox DVB-T Dongle
[  174.386983][ T7266] FAULT_INJECTION: forcing a failure.
[  174.386983][ T7266] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.417345][ T7266] CPU: 1 UID: 0 PID: 7266 Comm: syz.5.344 Not tainted syzkaller #0 PREEMPT(full) 
[  174.417376][ T7266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  174.417388][ T7266] Call Trace:
[  174.417397][ T7266]  <TASK>
[  174.417407][ T7266]  dump_stack_lvl+0xe8/0x150
[  174.417443][ T7266]  should_fail_ex+0x412/0x560
[  174.417479][ T7266]  _copy_to_user+0x31/0xb0
[  174.417505][ T7266]  snd_pcm_oss_read+0x553/0x8e0
[  174.417549][ T7266]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  174.417580][ T7266]  vfs_read+0x20c/0xa70
[  174.417602][ T7266]  ? ksys_write+0x1e6/0x270
[  174.417631][ T7266]  ? __pfx_vfs_read+0x10/0x10
[  174.417653][ T7266]  ? __fget_files+0x2a/0x420
[  174.417685][ T7266]  ? __fget_files+0x2a/0x420
[  174.417713][ T7266]  ? __fget_files+0x3a0/0x420
[  174.417743][ T7266]  ? __fget_files+0x2a/0x420
[  174.417781][ T7266]  ksys_read+0x150/0x270
[  174.417805][ T7266]  ? __pfx_ksys_read+0x10/0x10
[  174.417837][ T7266]  do_syscall_64+0x14d/0xf80
[  174.417861][ T7266]  ? trace_irq_disable+0x3b/0x150
[  174.417877][ T7266]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.417897][ T7266]  ? clear_bhb_loop+0x40/0x90
[  174.417930][ T7266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.417951][ T7266] RIP: 0033:0x7f5b3039c799
[  174.417970][ T7266] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  174.417987][ T7266] RSP: 002b:00007f5b31315028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  174.418009][ T7266] RAX: ffffffffffffffda RBX: 00007f5b30615fa0 RCX: 00007f5b3039c799
[  174.418024][ T7266] RDX: 000000000000004f RSI: 0000200000000280 RDI: 0000000000000003
[  174.418037][ T7266] RBP: 00007f5b31315090 R08: 0000000000000000 R09: 0000000000000000
[  174.418064][ T7266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.418076][ T7266] R13: 00007f5b30616038 R14: 00007f5b30615fa0 R15: 00007f5b3073fa48
[  174.418109][ T7266]  </TASK>
[  174.713061][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.823576][ T7270] FAULT_INJECTION: forcing a failure.
[  174.823576][ T7270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.874240][ T7270] CPU: 0 UID: 0 PID: 7270 Comm: syz.3.346 Not tainted syzkaller #0 PREEMPT(full) 
[  174.874265][ T7270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  174.874274][ T7270] Call Trace:
[  174.874280][ T7270]  <TASK>
[  174.874287][ T7270]  dump_stack_lvl+0xe8/0x150
[  174.874313][ T7270]  should_fail_ex+0x412/0x560
[  174.874339][ T7270]  _copy_from_iter+0x1d3/0x1670
[  174.874367][ T7270]  ? rcu_is_watching+0x15/0xb0
[  174.874400][ T7270]  ? __pfx__copy_from_iter+0x10/0x10
[  174.874430][ T7270]  ? netlink_sendmsg+0x650/0xb40
[  174.874443][ T7270]  ? skb_put+0x11b/0x210
[  174.874462][ T7270]  netlink_sendmsg+0x6c0/0xb40
[  174.874483][ T7270]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.874499][ T7270]  ? aa_sock_msg_perm+0xf1/0x1b0
[  174.874524][ T7270]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  174.874543][ T7270]  ____sys_sendmsg+0x972/0x9f0
[  174.874568][ T7270]  ? __pfx_____sys_sendmsg+0x10/0x10
[  174.874592][ T7270]  ? import_iovec+0x73/0xa0
[  174.874611][ T7270]  ___sys_sendmsg+0x2a5/0x360
[  174.874632][ T7270]  ? __pfx____sys_sendmsg+0x10/0x10
[  174.874674][ T7270]  ? __fget_files+0x2a/0x420
[  174.874697][ T7270]  ? __fget_files+0x3a0/0x420
[  174.874726][ T7270]  __x64_sys_sendmsg+0x1bd/0x2a0
[  174.874747][ T7270]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  174.874772][ T7270]  ? __pfx_ksys_write+0x10/0x10
[  174.874797][ T7270]  do_syscall_64+0x14d/0xf80
[  174.874814][ T7270]  ? trace_irq_disable+0x3b/0x150
[  174.874828][ T7270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.874843][ T7270]  ? clear_bhb_loop+0x40/0x90
[  174.874861][ T7270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.874876][ T7270] RIP: 0033:0x7fe86659c799
[  174.874890][ T7270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  174.874903][ T7270] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.874921][ T7270] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  174.874933][ T7270] RDX: 0000000000000800 RSI: 0000200000006040 RDI: 0000000000000006
[  174.874942][ T7270] RBP: 00007fe867410090 R08: 0000000000000000 R09: 0000000000000000
[  174.874952][ T7270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.874961][ T7270] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  174.874984][ T7270]  </TASK>
[  175.760389][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.005809][  T982] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.823679][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.898422][ T5910] usb 5-1: USB disconnect, device number 11
[  177.083553][ T5910] Unregistered device nBox DVB-T Dongle
[  177.118894][ T5910] as10x_usb: device has been disconnected
[  177.420046][ T7301] netlink: 8 bytes leftover after parsing attributes in process `syz.0.354'.
[  177.646821][ T7304] fuse: Unknown parameter 'use0000000000000000000000000000000000000000'
[  177.780573][ T7308] netlink: 'syz.3.357': attribute type 21 has an invalid length.
[  177.813229][ T7308] netlink: 8 bytes leftover after parsing attributes in process `syz.3.357'.
[  177.842788][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.871093][ T7308] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  178.351448][ T7319] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.371322][ T7319] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.381246][ T7319] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.404738][  T982] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  178.566697][ T7327] syzkaller1: entered promiscuous mode
[  178.572477][ T7327] syzkaller1: entered allmulticast mode
[  178.586532][  T982] usb 4-1: Using ep0 maxpacket: 8
[  178.598591][  T982] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.625929][  T982] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.647005][  T982] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  178.669943][  T982] usb 4-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  178.680648][ T5910] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  178.702495][  T982] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.738009][  T982] usb 4-1: config 0 descriptor??
[  178.859177][ T5910] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  178.870032][ T5910] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  178.911287][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.036847][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.071492][ T5910] usb 1-1: config 0 has no interface number 0
[  179.086216][ T5910] usb 1-1: config 0 interface 41 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  179.120480][ T5910] usb 1-1: config 0 interface 41 has no altsetting 0
[  179.137485][ T5910] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  179.147103][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.155196][ T5910] usb 1-1: Product: syz
[  179.203879][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.299654][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.325765][ T5910] usb 1-1: Manufacturer: syz
[  179.361958][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.371785][ T5910] usb 1-1: SerialNumber: syz
[  179.444166][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.451631][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.461074][ T5910] usb 1-1: config 0 descriptor??
[  179.466746][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.474935][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.490630][ T5910] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -22
[  179.608899][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.629443][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.653984][  T982] elecom 0003:056E:00FE.0003: unknown main item tag 0x0
[  179.709929][  T982] elecom 0003:056E:00FE.0003: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.3-1/input0
[  179.744720][  T982] usb 4-1: USB disconnect, device number 9
[  179.920113][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.011480][ T7350] netlink: 16 bytes leftover after parsing attributes in process `syz.1.370'.
[  180.045974][ T7350] netlink: 20 bytes leftover after parsing attributes in process `syz.1.370'.
[  180.220514][ T7354] syzkaller0: entered promiscuous mode
[  180.226200][ T7354] syzkaller0: entered allmulticast mode
[  180.251592][ T7348] fido_id[7348]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  180.957044][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.352974][  T982] usb 1-1: USB disconnect, device number 10
[  181.379171][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.519631][ T7318] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.999941][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.075966][ T5910] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.181397][  T982] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  182.378239][  T982] usb 1-1: Using ep0 maxpacket: 16
[  182.389980][  T982] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  182.420710][  T982] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  182.549253][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  182.549297][   T30] audit: type=1804 audit(1774557570.546:77): pid=7383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.380" name="/newroot/80/file1" dev="tmpfs" ino=430 res=1 errno=0
[  182.585769][  T982] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  182.595256][  T982] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.644693][  T982] usb 1-1: Product: syz
[  182.658539][  T982] usb 1-1: Manufacturer: syz
[  182.668157][  T982] usb 1-1: SerialNumber: syz
[  182.706206][  T982] usb 1-1: config 0 descriptor??
[  182.724917][ T7389] netlink: 'syz.5.382': attribute type 10 has an invalid length.
[  182.741010][  T982] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  182.754504][  T982] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  183.041080][ T5833] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.327905][  T982] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  183.364947][  T982] em28xx 1-1:0.0: Config register raw data: 0xda
[  183.578324][  T982] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[  183.645734][  T982] em28xx 1-1:0.0: No AC97 audio processor
[  184.101177][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.547907][ T7425] loop2: detected capacity change from 0 to 7
[  184.626400][ T7425] Dev loop2: unable to read RDB block 7
[  184.632068][ T7425]  loop2: unable to read partition table
[  184.659962][ T7425] loop2: partition table beyond EOD, truncated
[  184.666361][ T7425] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  185.115922][ T5910] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.150150][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.520382][ T7420] syz.0.376 (7420): drop_caches: 2
[  185.682386][ T5910] usb 1-1: USB disconnect, device number 11
[  185.731567][ T5910] em28xx 1-1:0.0: Disconnecting em28xx
[  185.810562][ T5910] em28xx 1-1:0.0: Freeing device
[  185.834079][ T7444] fuse: Bad value for 'fd'
[  185.840549][ T7444] binder: BINDER_SET_CONTEXT_MGR already set
[  185.846864][ T7444] binder: 7433:7444 ioctl 4018620d 200000004a80 returned -16
[  186.159337][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.305508][ T7449] xt_hashlimit: size too large, truncated to 1048576
[  186.313688][ T7453] bridge0: port 3(veth0_to_bridge) entered blocking state
[  186.331585][ T7453] bridge0: port 3(veth0_to_bridge) entered disabled state
[  186.350388][ T7453] veth0_to_bridge: entered allmulticast mode
[  186.375778][ T7453] veth0_to_bridge: entered promiscuous mode
[  186.405453][ T7453] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  186.472324][ T7453] bridge0: port 3(veth0_to_bridge) entered blocking state
[  186.479858][ T7453] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  186.499743][ T7451] syzkaller1: entered promiscuous mode
[  186.535678][ T7451] syzkaller1: entered allmulticast mode
[  186.582975][ T7458] bond0: (slave bond_slave_1): Releasing backup interface
[  186.779933][ T7458] bond_slave_1: left promiscuous mode
[  187.023335][ T7471] FAULT_INJECTION: forcing a failure.
[  187.023335][ T7471] name failslab, interval 1, probability 0, space 0, times 0
[  187.036655][ T7471] CPU: 0 UID: 0 PID: 7471 Comm: syz.1.401 Not tainted syzkaller #0 PREEMPT(full) 
[  187.036680][ T7471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  187.036696][ T7471] Call Trace:
[  187.036704][ T7471]  <TASK>
[  187.036712][ T7471]  dump_stack_lvl+0xe8/0x150
[  187.036738][ T7471]  should_fail_ex+0x412/0x560
[  187.036765][ T7471]  should_failslab+0xa8/0x100
[  187.036786][ T7471]  ? skb_clone+0x212/0x3a0
[  187.036805][ T7471]  kmem_cache_alloc_noprof+0x87/0x650
[  187.036820][ T7471]  ? __netlink_lookup+0xc6/0x8b0
[  187.036841][ T7471]  skb_clone+0x212/0x3a0
[  187.036862][ T7471]  __netlink_deliver_tap+0x404/0x850
[  187.036895][ T7471]  ? netlink_deliver_tap+0x2e/0x1b0
[  187.036920][ T7471]  netlink_deliver_tap+0x19c/0x1b0
[  187.036944][ T7471]  netlink_unicast+0x7e3/0x9b0
[  187.036972][ T7471]  ? __pfx_netlink_unicast+0x10/0x10
[  187.036994][ T7471]  ? netlink_sendmsg+0x650/0xb40
[  187.037007][ T7471]  ? skb_put+0x11b/0x210
[  187.037025][ T7471]  netlink_sendmsg+0x813/0xb40
[  187.037046][ T7471]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.037063][ T7471]  ? aa_sock_msg_perm+0xf1/0x1b0
[  187.037087][ T7471]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  187.037107][ T7471]  ____sys_sendmsg+0x972/0x9f0
[  187.037132][ T7471]  ? __pfx_____sys_sendmsg+0x10/0x10
[  187.037156][ T7471]  ? import_iovec+0x73/0xa0
[  187.037176][ T7471]  ___sys_sendmsg+0x2a5/0x360
[  187.037197][ T7471]  ? __pfx____sys_sendmsg+0x10/0x10
[  187.037240][ T7471]  ? __fget_files+0x2a/0x420
[  187.037263][ T7471]  ? __fget_files+0x3a0/0x420
[  187.037293][ T7471]  __x64_sys_sendmsg+0x1bd/0x2a0
[  187.037313][ T7471]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  187.037338][ T7471]  ? __pfx_ksys_write+0x10/0x10
[  187.037363][ T7471]  do_syscall_64+0x14d/0xf80
[  187.037381][ T7471]  ? trace_irq_disable+0x3b/0x150
[  187.037393][ T7471]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.037409][ T7471]  ? clear_bhb_loop+0x40/0x90
[  187.037428][ T7471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.037443][ T7471] RIP: 0033:0x7ff27059c799
[  187.037458][ T7471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  187.037471][ T7471] RSP: 002b:00007ff2713a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.037488][ T7471] RAX: ffffffffffffffda RBX: 00007ff270816180 RCX: 00007ff27059c799
[  187.037500][ T7471] RDX: 0000000020084084 RSI: 0000200000000580 RDI: 0000000000000004
[  187.037510][ T7471] RBP: 00007ff2713a4090 R08: 0000000000000000 R09: 0000000000000000
[  187.037520][ T7471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.037529][ T7471] R13: 00007ff270816218 R14: 00007ff270816180 R15: 00007ff27093fa48
[  187.037552][ T7471]  </TASK>
[  187.394049][ T1219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.652604][ T7464] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.661293][ T7464] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.007940][ T7464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.084604][ T7464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.312272][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.445736][ T7481] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.773768][   T48] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  188.805215][   T48] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  188.869209][   T48] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  188.903639][ T7505] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  188.915755][   T48] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  189.358202][ T7490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.524214][ T7498] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.733636][ T7497] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  190.817268][ T7572] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  190.829463][ T7498] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.875733][ T7497] usb 4-1: device descriptor read/64, error -71
[  191.125761][ T7497] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  191.257908][ T7497] usb 4-1: device descriptor read/64, error -71
[  191.357178][ T7491] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.385282][ T7497] usb usb4-port1: attempt power cycle
[  191.676020][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  191.839539][ T7496] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.848007][ T7497] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  191.920838][ T7497] usb 4-1: device descriptor read/8, error -71
[  192.275691][ T7497] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  192.326476][ T7497] usb 4-1: device descriptor read/8, error -71
[  192.480899][ T7497] usb usb4-port1: unable to enumerate USB device
[  192.540537][ T7588] FAULT_INJECTION: forcing a failure.
[  192.540537][ T7588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.695742][ T7588] CPU: 1 UID: 0 PID: 7588 Comm: syz.1.414 Not tainted syzkaller #0 PREEMPT(full) 
[  192.695768][ T7588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  192.695778][ T7588] Call Trace:
[  192.695784][ T7588]  <TASK>
[  192.695790][ T7588]  dump_stack_lvl+0xe8/0x150
[  192.695818][ T7588]  should_fail_ex+0x412/0x560
[  192.695845][ T7588]  _copy_from_iter+0x1d3/0x1670
[  192.695873][ T7588]  ? rcu_is_watching+0x15/0xb0
[  192.695925][ T7588]  ? __pfx__copy_from_iter+0x10/0x10
[  192.695966][ T7588]  ? netlink_sendmsg+0x650/0xb40
[  192.695985][ T7588]  ? skb_put+0x11b/0x210
[  192.696011][ T7588]  netlink_sendmsg+0x6c0/0xb40
[  192.696039][ T7588]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.696062][ T7588]  ? aa_sock_msg_perm+0xf1/0x1b0
[  192.696095][ T7588]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  192.696122][ T7588]  ____sys_sendmsg+0x972/0x9f0
[  192.696156][ T7588]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.696190][ T7588]  ? import_iovec+0x73/0xa0
[  192.696217][ T7588]  ___sys_sendmsg+0x2a5/0x360
[  192.696247][ T7588]  ? __pfx____sys_sendmsg+0x10/0x10
[  192.696307][ T7588]  ? __fget_files+0x2a/0x420
[  192.696338][ T7588]  ? __fget_files+0x3a0/0x420
[  192.696394][ T7588]  __x64_sys_sendmsg+0x1bd/0x2a0
[  192.696423][ T7588]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  192.696458][ T7588]  ? __pfx_ksys_write+0x10/0x10
[  192.696494][ T7588]  do_syscall_64+0x14d/0xf80
[  192.696519][ T7588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.696541][ T7588]  ? clear_bhb_loop+0x40/0x90
[  192.696573][ T7588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.696595][ T7588] RIP: 0033:0x7ff27059c799
[  192.696615][ T7588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  192.696633][ T7588] RSP: 002b:00007ff2713e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.696656][ T7588] RAX: ffffffffffffffda RBX: 00007ff270815fa0 RCX: 00007ff27059c799
[  192.696673][ T7588] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000004
[  192.696687][ T7588] RBP: 00007ff2713e6090 R08: 0000000000000000 R09: 0000000000000000
[  192.696700][ T7588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.696713][ T7588] R13: 00007ff270816038 R14: 00007ff270815fa0 R15: 00007ff27093fa48
[  192.696746][ T7588]  </TASK>
[  193.020270][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.083481][ T7592] FAULT_INJECTION: forcing a failure.
[  193.083481][ T7592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.097137][ T7592] CPU: 1 UID: 0 PID: 7592 Comm: syz.0.416 Not tainted syzkaller #0 PREEMPT(full) 
[  193.097165][ T7592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  193.097179][ T7592] Call Trace:
[  193.097187][ T7592]  <TASK>
[  193.097196][ T7592]  dump_stack_lvl+0xe8/0x150
[  193.097231][ T7592]  should_fail_ex+0x412/0x560
[  193.097267][ T7592]  _copy_to_user+0x31/0xb0
[  193.097294][ T7592]  simple_read_from_buffer+0xe1/0x170
[  193.097330][ T7592]  proc_fail_nth_read+0x1bb/0x230
[  193.097365][ T7592]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  193.097399][ T7592]  ? rw_verify_area+0x2a6/0x4d0
[  193.097461][ T7592]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  193.097494][ T7592]  vfs_read+0x20c/0xa70
[  193.097515][ T7592]  ? fdget_pos+0x246/0x320
[  193.097540][ T7592]  ? __pfx___mutex_lock+0x10/0x10
[  193.097566][ T7592]  ? __pfx_vfs_read+0x10/0x10
[  193.097591][ T7592]  ? __fget_files+0x2a/0x420
[  193.097625][ T7592]  ? __fget_files+0x3a0/0x420
[  193.097670][ T7592]  ? __fget_files+0x2a/0x420
[  193.097711][ T7592]  ksys_read+0x150/0x270
[  193.097737][ T7592]  ? __pfx_ksys_read+0x10/0x10
[  193.097772][ T7592]  do_syscall_64+0x14d/0xf80
[  193.097794][ T7592]  ? trace_irq_disable+0x3b/0x150
[  193.097813][ T7592]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.097835][ T7592]  ? clear_bhb_loop+0x40/0x90
[  193.097861][ T7592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.097882][ T7592] RIP: 0033:0x7fb148f5cfce
[  193.097903][ T7592] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  193.097921][ T7592] RSP: 002b:00007fb149e96fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  193.097943][ T7592] RAX: ffffffffffffffda RBX: 00007fb149e976c0 RCX: 00007fb148f5cfce
[  193.097958][ T7592] RDX: 000000000000000f RSI: 00007fb149e970a0 RDI: 0000000000000004
[  193.097972][ T7592] RBP: 00007fb149e97090 R08: 0000000000000000 R09: 0000000000000000
[  193.097985][ T7592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  193.097998][ T7592] R13: 00007fb149216038 R14: 00007fb149215fa0 R15: 00007fb14933fa48
[  193.098031][ T7592]  </TASK>
[  193.322462][ T7595] sg_write: data in/out 156/36 bytes for SCSI command 0x69-- guessing data in;
[  193.322462][ T7595]    program syz.1.417 not setting count and/or reply_len properly
[  193.641670][   T30] audit: type=1800 audit(1774557581.636:78): pid=7600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.419" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  193.704283][ T7600] fuse: Bad value for 'group_id'
[  193.709529][ T7600] fuse: Bad value for 'group_id'
[  194.025799][ T7491] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  194.091837][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.165756][ T7491] usb 6-1: device descriptor read/64, error -71
[  194.405100][ T5902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.410470][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  194.420477][ T7491] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  194.429462][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  194.585993][ T7491] usb 6-1: device descriptor read/64, error -71
[  194.695992][ T7491] usb usb6-port1: attempt power cycle
[  195.122026][ T7498] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.175641][ T7491] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  195.266939][ T7491] usb 6-1: device descriptor read/8, error -71
[  195.525701][ T7491] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  195.566639][ T7491] usb 6-1: device descriptor read/8, error -71
[  195.696155][ T7491] usb usb6-port1: unable to enumerate USB device
[  196.170932][ T7499] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.763995][ T7646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.428'.
[  196.901302][ T7646] bond1 (unregistering): Released all slaves
[  196.995993][ T7491] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  197.165653][ T7491] usb 1-1: Using ep0 maxpacket: 32
[  197.177538][ T7491] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  197.198178][ T7491] usb 1-1: config 0 interface 0 has no altsetting 0
[  197.208998][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.227883][ T7491] usb 1-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  197.295664][ T7491] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.319142][ T7656] fuse: Bad value for 'group_id'
[  197.324154][ T7656] fuse: Bad value for 'group_id'
[  197.327526][ T7491] usb 1-1: config 0 descriptor??
[  197.395991][ T5889] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  197.435879][ T5902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.565855][ T5889] usb 6-1: Using ep0 maxpacket: 32
[  197.586778][ T5889] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[  197.614101][ T5889] usb 6-1: config 0 has no interface number 0
[  197.635839][ T5889] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  197.690410][ T5889] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[  197.805309][ T5889] usb 6-1: config 0 interface 85 has no altsetting 0
[  197.831847][ T5889] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  197.841841][ T5889] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.853734][ T5889] usb 6-1: Product: syz
[  197.860578][ T5889] usb 6-1: Manufacturer: syz
[  197.918508][ T5889] usb 6-1: SerialNumber: syz
[  197.967128][ T5889] usb 6-1: config 0 descriptor??
[  198.076700][ T7491] usbhid 1-1:0.0: can't add hid device: -71
[  198.084701][ T7491] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  198.145160][ T7491] usb 1-1: USB disconnect, device number 12
[  198.241865][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.582647][ T5889] appletouch 6-1:0.85: Failed to request geyser raw mode
[  198.614614][ T5889] appletouch 6-1:0.85: probe with driver appletouch failed with error -5
[  198.697804][ T5889] usb 6-1: USB disconnect, device number 16
[  199.051415][ T7689] netlink: 20 bytes leftover after parsing attributes in process `syz.4.443'.
[  199.242134][ T7689] ip6erspan0: entered allmulticast mode
[  199.264135][ T7693] fuse: Bad value for 'group_id'
[  199.269685][ T7693] fuse: Bad value for 'group_id'
[  199.282922][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.805096][ T7701] batadv0: entered promiscuous mode
[  199.837057][ T7701] vlan2: entered promiscuous mode
[  200.123741][ T7705] netlink: 'syz.0.449': attribute type 13 has an invalid length.
[  200.333440][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.362252][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807f34e400: rx timeout, send abort
[  200.399181][ T7710] FAULT_INJECTION: forcing a failure.
[  200.399181][ T7710] name failslab, interval 1, probability 0, space 0, times 0
[  200.441606][ T7710] CPU: 1 UID: 0 PID: 7710 Comm: syz.3.451 Not tainted syzkaller #0 PREEMPT(full) 
[  200.441635][ T7710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  200.441649][ T7710] Call Trace:
[  200.441657][ T7710]  <TASK>
[  200.441667][ T7710]  dump_stack_lvl+0xe8/0x150
[  200.441703][ T7710]  should_fail_ex+0x412/0x560
[  200.441739][ T7710]  should_failslab+0xa8/0x100
[  200.441769][ T7710]  __kmalloc_noprof+0xe8/0x760
[  200.441790][ T7710]  ? __kasan_kmalloc+0x93/0xb0
[  200.441813][ T7710]  ? nla_strdup+0x9d/0x140
[  200.441832][ T7710]  ? __kmalloc_cache_noprof+0x31c/0x660
[  200.441859][ T7710]  nla_strdup+0x9d/0x140
[  200.441883][ T7710]  nf_tables_newtable+0x491/0x1910
[  200.441908][ T7710]  ? nfnetlink_has_listeners+0x32/0x50
[  200.442091][ T7710]  nfnetlink_rcv+0x1240/0x27b0
[  200.442290][ T7710]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  200.442402][ T7710]  ? ref_tracker_free+0x693/0x840
[  200.442551][ T7710]  ? __netlink_deliver_tap+0x807/0x850
[  200.442636][ T7710]  ? netlink_deliver_tap+0x2e/0x1b0
[  200.442765][ T7710]  netlink_unicast+0x80f/0x9b0
[  200.442867][ T7710]  ? __pfx_netlink_unicast+0x10/0x10
[  200.442955][ T7710]  ? netlink_sendmsg+0x650/0xb40
[  200.443010][ T7710]  ? skb_put+0x11b/0x210
[  200.443076][ T7710]  netlink_sendmsg+0x813/0xb40
[  200.443152][ T7710]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.443223][ T7710]  ? aa_sock_msg_perm+0xf1/0x1b0
[  200.443311][ T7710]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  200.443389][ T7710]  ____sys_sendmsg+0x972/0x9f0
[  200.443509][ T7710]  ? __pfx_____sys_sendmsg+0x10/0x10
[  200.443604][ T7710]  ? import_iovec+0x73/0xa0
[  200.443679][ T7710]  ___sys_sendmsg+0x2a5/0x360
[  200.443757][ T7710]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.443911][ T7710]  ? __fget_files+0x2a/0x420
[  200.444006][ T7710]  ? __fget_files+0x3a0/0x420
[  200.444115][ T7710]  __x64_sys_sendmsg+0x1bd/0x2a0
[  200.444192][ T7710]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  200.444286][ T7710]  ? __pfx_ksys_write+0x10/0x10
[  200.444374][ T7710]  do_syscall_64+0x14d/0xf80
[  200.444440][ T7710]  ? trace_irq_disable+0x3b/0x150
[  200.444478][ T7710]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.444539][ T7710]  ? clear_bhb_loop+0x40/0x90
[  200.444606][ T7710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.444661][ T7710] RIP: 0033:0x7fe86659c799
[  200.444723][ T7710] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  200.444775][ T7710] RSP: 002b:00007fe867410028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.444853][ T7710] RAX: ffffffffffffffda RBX: 00007fe866815fa0 RCX: 00007fe86659c799
[  200.444910][ T7710] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  200.444950][ T7710] RBP: 00007fe867410090 R08: 0000000000000000 R09: 0000000000000000
[  200.444993][ T7710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.445025][ T7710] R13: 00007fe866816038 R14: 00007fe866815fa0 R15: 00007fe86693fa48
[  200.445104][ T7710]  </TASK>
[  200.463059][ T7711] program syz.4.450 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  200.479341][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.863069][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807f34c400: rx timeout, send abort
[  200.871858][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807f34e400: abort rx timeout. Force session deactivation
[  201.118141][ T7722] FAULT_INJECTION: forcing a failure.
[  201.118141][ T7722] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  201.118278][ T7722] CPU: 0 UID: 0 PID: 7722 Comm: syz.0.455 Not tainted syzkaller #0 PREEMPT(full) 
[  201.118302][ T7722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  201.118315][ T7722] Call Trace:
[  201.118324][ T7722]  <TASK>
[  201.118333][ T7722]  dump_stack_lvl+0xe8/0x150
[  201.118369][ T7722]  should_fail_ex+0x412/0x560
[  201.118404][ T7722]  prepare_alloc_pages+0x22a/0x650
[  201.118436][ T7722]  __alloc_frozen_pages_noprof+0x12f/0x380
[  201.118467][ T7722]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  201.118500][ T7722]  ? __pfx_policy_nodemask+0x10/0x10
[  201.118534][ T7722]  ? __lock_acquire+0x6b5/0x2cf0
[  201.118566][ T7722]  alloc_pages_mpol+0x232/0x4a0
[  201.118601][ T7722]  vma_alloc_folio_noprof+0xea/0x210
[  201.118633][ T7722]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  201.118675][ T7722]  do_pte_missing+0x1656/0x3490
[  201.118722][ T7722]  handle_mm_fault+0x1bec/0x3310
[  201.118772][ T7722]  ? handle_mm_fault+0xee/0x3310
[  201.118814][ T7722]  ? __pfx_handle_mm_fault+0x10/0x10
[  201.118850][ T7722]  ? follow_page_pte+0x841/0x1450
[  201.118903][ T7722]  ? __pfx_follow_page_pte+0x10/0x10
[  201.118951][ T7722]  __get_user_pages+0x165b/0x29d0
[  201.119019][ T7722]  __gup_longterm_locked+0x3db/0x1630
[  201.119081][ T7722]  gup_fast_fallback+0x1d82/0x22e0
[  201.119146][ T7722]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  201.119172][ T7722]  ? __pfx_gup_fast_fallback+0x10/0x10
[  201.119206][ T7722]  ? is_valid_gup_args+0x11f/0x200
[  201.119241][ T7722]  ? pin_user_pages_fast+0x4d/0xb0
[  201.119276][ T7722]  pfn_reader_user_pin+0xdbe/0x11a0
[  201.119314][ T7722]  ? __pfx_pfn_reader_user_pin+0x10/0x10
[  201.119339][ T7722]  ? kasan_save_track+0x4f/0x80
[  201.119361][ T7722]  ? interval_tree_span_iter_first+0xea/0xd70
[  201.119398][ T7722]  iopt_pages_fill_xarray+0x4e1/0x1180
[  201.119439][ T7722]  ? __pfx_iopt_pages_fill_xarray+0x10/0x10
[  201.119500][ T7722]  ? __kmalloc_cache_noprof+0x31c/0x660
[  201.119526][ T7722]  ? iopt_area_add_access+0x1f2/0x4c0
[  201.119549][ T7722]  ? __kmalloc_cache_noprof+0x15b/0x660
[  201.119579][ T7722]  iopt_area_add_access+0x210/0x4c0
[  201.119612][ T7722]  iommufd_access_pin_pages+0x6e0/0xc30
[  201.119655][ T7722]  ? __pfx_iommufd_access_pin_pages+0x10/0x10
[  201.119683][ T7722]  ? iommufd_test+0x4626/0x5d10
[  201.119712][ T7722]  ? __kvmalloc_node_noprof+0x393/0x8a0
[  201.119743][ T7722]  iommufd_test+0x467a/0x5d10
[  201.119783][ T7722]  ? __pfx_iommufd_test+0x10/0x10
[  201.119808][ T7722]  ? __lock_acquire+0x6b5/0x2cf0
[  201.119845][ T7722]  ? tomoyo_path_number_perm+0x219/0x630
[  201.119876][ T7722]  ? tomoyo_path_number_perm+0x219/0x630
[  201.119918][ T7722]  ? do_vfs_ioctl+0x1166/0x1530
[  201.119977][ T7722]  iommufd_fops_ioctl+0x4b5/0x5d0
[  201.120002][ T7722]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  201.120029][ T7722]  ? __fget_files+0x2a/0x420
[  201.120066][ T7722]  ? __fget_files+0x2a/0x420
[  201.120100][ T7722]  ? bpf_lsm_file_ioctl+0x9/0x20
[  201.120126][ T7722]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  201.120146][ T7722]  __se_sys_ioctl+0xfc/0x170
[  201.120174][ T7722]  do_syscall_64+0x14d/0xf80
[  201.120197][ T7722]  ? trace_irq_disable+0x3b/0x150
[  201.120213][ T7722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.120235][ T7722]  ? clear_bhb_loop+0x40/0x90
[  201.120260][ T7722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.120281][ T7722] RIP: 0033:0x7fb148f9c799
[  201.120301][ T7722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  201.120318][ T7722] RSP: 002b:00007fb149e97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  201.120341][ T7722] RAX: ffffffffffffffda RBX: 00007fb149215fa0 RCX: 00007fb148f9c799
[  201.120357][ T7722] RDX: 0000200000000100 RSI: 0000000000003ba0 RDI: 0000000000000003
[  201.120370][ T7722] RBP: 00007fb149e97090 R08: 0000000000000000 R09: 0000000000000000
[  201.120384][ T7722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  201.120397][ T7722] R13: 00007fb149216038 R14: 00007fb149215fa0 R15: 00007fb14933fa48
[  201.120432][ T7722]  </TASK>
[  201.139958][ T7723] fuse: Bad value for 'group_id'
[  201.139982][ T7723] fuse: Bad value for 'group_id'
[  201.363160][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807f34c400: abort rx timeout. Force session deactivation
[  201.538879][ T7496] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.830367][ T7730] netlink: 'syz.1.460': attribute type 13 has an invalid length.
[  202.399675][    T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!!
[  202.439199][    T0] NOHZ tick-stop error: local softirq work is pending, handler #4a!!!
[  203.419457][    T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!!
[  204.069090][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.640470][ T7483] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.105307][    C1] sched: DL replenish lagged too much
[  206.637130][ T7490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.282516][ T7483] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.292469][ T7498] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.424247][ T7497] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.081155][ T5147] Bluetooth: hci3: command 0x0406 tx timeout
[  212.081206][ T5147] Bluetooth: hci4: command 0x0406 tx timeout
[  212.081263][ T5147] Bluetooth: hci2: command 0x0406 tx timeout
[  212.081292][ T5147] Bluetooth: hci1: command 0x0406 tx timeout
[  215.136909][ T7490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.173913][ T7490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.788308][ T7498] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.749535][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  220.512566][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.818827][ T7484] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.857509][ T7484] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.507144][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.693575][ T7551] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.408855][ T5902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.449974][ T5902] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.792841][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.360459][ T5147] Bluetooth: hci0: command 0x0406 tx timeout
[  240.488647][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.543718][ T1101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.123017][ T7484] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.136423][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  256.149000][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  257.686135][ T1112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  264.029055][ T7551] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.533317][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.159085][ T7538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  278.653225][ T7478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  278.692140][ T7478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  284.979492][  T796] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  289.188220][ T1112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.647756][ T1166] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  296.042719][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  304.890282][ T7535] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  317.403560][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  317.415340][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  320.690387][ T1166] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.689019][   T58] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.278402][ T7547] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  333.577224][ T7535] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.801275][ T7489] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.518999][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  349.960115][   T31] INFO: task kworker/1:12:7496 blocked for more than 143 seconds.
[  349.960150][   T31]       Not tainted syzkaller #0
[  349.960163][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.960185][   T31] task:kworker/1:12    state:D stack:26440 pid:7496  tgid:7496  ppid:2      task_flags:0x4208060 flags:0x00080000
[  349.960261][   T31] Workqueue: events switchdev_deferred_process_work
[  349.960315][   T31] Call Trace:
[  349.960324][   T31]  <TASK>
[  349.960341][   T31]  __schedule+0x15dd/0x52d0
[  349.960398][   T31]  ? __pfx___schedule+0x10/0x10
[  349.960433][   T31]  ? schedule+0x90/0x360
[  349.960461][   T31]  schedule+0x164/0x360
[  349.960488][   T31]  schedule_preempt_disabled+0x13/0x30
[  349.960513][   T31]  __mutex_lock+0x7fe/0x1300
[  349.960546][   T31]  ? __mutex_lock+0x5ac/0x1300
[  349.960578][   T31]  ? switchdev_deferred_process_work+0xe/0x20
[  349.960611][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  349.960654][   T31]  ? process_scheduled_works+0xa8d/0x18c0
[  349.960683][   T31]  ? process_scheduled_works+0xa8d/0x18c0
[  349.960715][   T31]  switchdev_deferred_process_work+0xe/0x20
[  349.960742][   T31]  process_scheduled_works+0xb6e/0x18c0
[  349.960805][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  349.960842][   T31]  ? assign_work+0x3d5/0x5e0
[  349.960877][   T31]  worker_thread+0xa53/0xfc0
[  349.960937][   T31]  kthread+0x388/0x470
[  349.960961][   T31]  ? __pfx_worker_thread+0x10/0x10
[  349.960989][   T31]  ? __pfx_kthread+0x10/0x10
[  349.961012][   T31]  ret_from_fork+0x51e/0xb90
[  349.961046][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  349.961085][   T31]  ? __switch_to+0xc7d/0x1450
[  349.961117][   T31]  ? __pfx_kthread+0x10/0x10
[  349.961142][   T31]  ret_from_fork_asm+0x1a/0x30
[  349.961199][   T31]  </TASK>
[  349.961218][   T31] INFO: task syz.5.459:7738 blocked for more than 143 seconds.
[  349.961235][   T31]       Not tainted syzkaller #0
[  349.961248][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.961259][   T31] task:syz.5.459       state:D stack:27784 pid:7738  tgid:7726  ppid:6088   task_flags:0x400140 flags:0x00080002
[  349.961331][   T31] Call Trace:
[  349.961340][   T31]  <TASK>
[  349.961355][   T31]  __schedule+0x15dd/0x52d0
[  349.961408][   T31]  ? __pfx___schedule+0x10/0x10
[  349.961442][   T31]  ? schedule+0x90/0x360
[  349.961470][   T31]  schedule+0x164/0x360
[  349.961497][   T31]  schedule_preempt_disabled+0x13/0x30
[  349.961521][   T31]  __mutex_lock+0x7fe/0x1300
[  349.961554][   T31]  ? __mutex_lock+0x5ac/0x1300
[  349.961586][   T31]  ? ip_mroute_setsockopt+0x12e/0xff0
[  349.961625][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  349.961651][   T31]  ? rcu_is_watching+0x15/0xb0
[  349.961693][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  349.961727][   T31]  ip_mroute_setsockopt+0x12e/0xff0
[  349.961771][   T31]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  349.961808][   T31]  ? futex_private_hash_put+0x13b/0x170
[  349.961854][   T31]  do_ip_setsockopt+0xf1e/0x2ea0
[  349.961894][   T31]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  349.961924][   T31]  ? aa_sk_perm+0x6d5/0x900
[  349.961964][   T31]  ? __pfx_aa_sk_perm+0x10/0x10
[  349.961999][   T31]  ? __fget_files+0x2a/0x420
[  349.962032][   T31]  ? aa_sock_opt_perm+0xff/0x1a0
[  349.962069][   T31]  ip_setsockopt+0x66/0x110
[  349.962097][   T31]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  349.962134][   T31]  do_sock_setsockopt+0x17c/0x1b0
[  349.962166][   T31]  __x64_sys_setsockopt+0x13d/0x1b0
[  349.962206][   T31]  do_syscall_64+0x14d/0xf80
[  349.962232][   T31]  ? trace_irq_disable+0x3b/0x150
[  349.962252][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.962277][   T31]  ? clear_bhb_loop+0x40/0x90
[  349.962305][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.962330][   T31] RIP: 0033:0x7f5b3039c799
[  349.962352][   T31] RSP: 002b:00007f5b31291028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  349.962377][   T31] RAX: ffffffffffffffda RBX: 00007f5b30616360 RCX: 00007f5b3039c799
[  349.962396][   T31] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000006
[  349.962410][   T31] RBP: 00007f5b30432c99 R08: 000000000000003c R09: 0000000000000000
[  349.962426][   T31] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  349.962442][   T31] R13: 00007f5b306163f8 R14: 00007f5b30616360 R15: 00007f5b3073fa48
[  349.962478][   T31]  </TASK>
[  349.962489][   T31] INFO: task syz.5.459:7740 blocked for more than 143 seconds.
[  349.962504][   T31]       Not tainted syzkaller #0
[  349.962517][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.962528][   T31] task:syz.5.459       state:D stack:28832 pid:7740  tgid:7726  ppid:6088   task_flags:0x400040 flags:0x00080002
[  349.962600][   T31] Call Trace:
[  349.962609][   T31]  <TASK>
[  349.962623][   T31]  __schedule+0x15dd/0x52d0
[  349.962677][   T31]  ? __pfx___schedule+0x10/0x10
[  349.962711][   T31]  ? schedule+0x90/0x360
[  349.962739][   T31]  schedule+0x164/0x360
[  349.962766][   T31]  schedule_preempt_disabled+0x13/0x30
[  349.962790][   T31]  __mutex_lock+0x7fe/0x1300
[  349.962816][   T31]  ? __kasan_slab_free+0x5c/0x80
[  349.962847][   T31]  ? __mutex_lock+0x5ac/0x1300
[  349.962878][   T31]  ? ip_mroute_setsockopt+0x12e/0xff0
[  349.962916][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  349.962954][   T31]  ? __pfx_file_ioctl+0x10/0x10
[  349.962990][   T31]  ip_mroute_setsockopt+0x12e/0xff0
[  349.963033][   T31]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  349.963082][   T31]  ? do_vfs_ioctl+0x1166/0x1530
[  349.963116][   T31]  do_ip_setsockopt+0xf1e/0x2ea0
[  349.963155][   T31]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  349.963194][   T31]  ? aa_sk_perm+0x6d5/0x900
[  349.963233][   T31]  ? __pfx_aa_sk_perm+0x10/0x10
[  349.963268][   T31]  ? __fget_files+0x2a/0x420
[  349.963300][   T31]  ? aa_sock_opt_perm+0xff/0x1a0
[  349.963336][   T31]  ip_setsockopt+0x66/0x110
[  349.963364][   T31]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  349.963400][   T31]  do_sock_setsockopt+0x17c/0x1b0
[  349.963431][   T31]  __x64_sys_setsockopt+0x13d/0x1b0
[  349.963463][   T31]  do_syscall_64+0x14d/0xf80
[  349.963491][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.963515][   T31]  ? clear_bhb_loop+0x40/0x90
[  349.963543][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.963567][   T31] RIP: 0033:0x7f5b3039c799
[  349.963587][   T31] RSP: 002b:00007f5b31270028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  349.963612][   T31] RAX: ffffffffffffffda RBX: 00007f5b30616450 RCX: 00007f5b3039c799
[  349.963630][   T31] RDX: 00000000000000cc RSI: 0000000000000000 RDI: 0000000000000006
[  349.963644][   T31] RBP: 00007f5b30432c99 R08: 000000000000003c R09: 0000000000000000
[  349.963660][   T31] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000
[  349.963676][   T31] R13: 00007f5b306164e8 R14: 00007f5b30616450 R15: 00007f5b3073fa48
[  349.963712][   T31]  </TASK>
[  349.963723][   T31] INFO: task syz.5.459:7741 blocked for more than 143 seconds.
[  349.963738][   T31]       Not tainted syzkaller #0
[  349.963751][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.963763][   T31] task:syz.5.459       state:D stack:28832 pid:7741  tgid:7726  ppid:6088   task_flags:0x400140 flags:0x00080002
[  349.963834][   T31] Call Trace:
[  349.963842][   T31]  <TASK>
[  349.963857][   T31]  __schedule+0x15dd/0x52d0
[  349.963911][   T31]  ? __pfx___schedule+0x10/0x10
[  349.963946][   T31]  ? schedule+0x90/0x360
[  349.963973][   T31]  schedule+0x164/0x360
[  349.964000][   T31]  schedule_preempt_disabled+0x13/0x30
[  349.964024][   T31]  __mutex_lock+0x7fe/0x1300
[  349.964056][   T31]  ? __mutex_lock+0x5ac/0x1300
[  349.964088][   T31]  ? ip_mroute_setsockopt+0x12e/0xff0
[  349.964127][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  349.964153][   T31]  ? __futex_wait+0x371/0x420
[  349.964204][   T31]  ? __pfx___futex_wait+0x10/0x10
[  349.964246][   T31]  ip_mroute_setsockopt+0x12e/0xff0
[  349.964290][   T31]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  349.964349][   T31]  do_ip_setsockopt+0xf1e/0x2ea0
[  349.964387][   T31]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  349.964417][   T31]  ? aa_sk_perm+0x6d5/0x900
[  349.964458][   T31]  ? __pfx_aa_sk_perm+0x10/0x10
[  349.964492][   T31]  ? __fget_files+0x2a/0x420
[  349.964524][   T31]  ? aa_sock_opt_perm+0xff/0x1a0
[  349.964561][   T31]  ip_setsockopt+0x66/0x110
[  349.964587][   T31]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  349.964624][   T31]  do_sock_setsockopt+0x17c/0x1b0
[  349.964655][   T31]  __x64_sys_setsockopt+0x13d/0x1b0
[  349.964688][   T31]  do_syscall_64+0x14d/0xf80
[  349.964713][   T31]  ? trace_irq_disable+0x3b/0x150
[  349.964733][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.964757][   T31]  ? clear_bhb_loop+0x40/0x90
[  349.964785][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.964809][   T31] RIP: 0033:0x7f5b3039c799
[  349.964829][   T31] RSP: 002b:00007f5b3124f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  349.964854][   T31] RAX: ffffffffffffffda RBX: 00007f5b30616540 RCX: 00007f5b3039c799
[  349.964872][   T31] RDX: 00000000000000d4 RSI: 0000000000000000 RDI: 0000000000000006
[  349.964887][   T31] RBP: 00007f5b30432c99 R08: 0000000000000004 R09: 0000000000000000
[  349.964903][   T31] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000000
[  349.964918][   T31] R13: 00007f5b306165d8 R14: 00007f5b30616540 R15: 00007f5b3073fa48
[  349.964954][   T31]  </TASK>
[  349.964965][   T31] INFO: task syz.1.460:7737 blocked for more than 143 seconds.
[  349.964981][   T31]       Not tainted syzkaller #0
[  349.964993][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.965004][   T31] task:syz.1.460       state:D stack:28832 pid:7737  tgid:7729  ppid:5843   task_flags:0x400040 flags:0x00080002
[  349.965076][   T31] Call Trace:
[  349.965085][   T31]  <TASK>
[  349.965099][   T31]  __schedule+0x15dd/0x52d0
[  349.965153][   T31]  ? __pfx___schedule+0x10/0x10
[  349.965267][   T31]  ? schedule+0x90/0x360
[  349.965297][   T31]  schedule+0x164/0x360
[  349.965324][   T31]  schedule_preempt_disabled+0x13/0x30
[  349.965348][   T31]  __mutex_lock+0x7fe/0x1300
[  349.965380][   T31]  ? __mutex_lock+0x5ac/0x1300
[  349.965412][   T31]  ? __tun_chr_ioctl+0x3bc/0x1e10
[  349.965444][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  349.979267][   T31]  ? do_futex+0x333/0x420
[  349.979307][   T31]  ? file_init_path+0x434/0x590
[  349.979351][   T31]  __tun_chr_ioctl+0x3bc/0x1e10
[  349.979387][   T31]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  349.979418][   T31]  ? __fget_files+0x2a/0x420
[  349.979451][   T31]  ? __fget_files+0x3a0/0x420
[  349.979484][   T31]  ? __fget_files+0x2a/0x420
[  349.979522][   T31]  ? bpf_lsm_file_ioctl+0x9/0x20
[  349.979552][   T31]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  349.979577][   T31]  __se_sys_ioctl+0xfc/0x170
[  349.979608][   T31]  do_syscall_64+0x14d/0xf80
[  349.979634][   T31]  ? trace_irq_disable+0x3b/0x150
[  349.979656][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.979680][   T31]  ? clear_bhb_loop+0x40/0x90
[  349.979709][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.979733][   T31] RIP: 0033:0x7ff27059c799
[  349.979754][   T31] RSP: 002b:00007ff2713c5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  349.979788][   T31] RAX: ffffffffffffffda RBX: 00007ff270816090 RCX: 00007ff27059c799
[  349.979806][   T31] RDX: 00002000000000c0 RSI: 00000000800454d3 RDI: 0000000000000003
[  349.979822][   T31] RBP: 00007ff270632c99 R08: 0000000000000000 R09: 0000000000000000
[  349.979837][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  349.979852][   T31] R13: 00007ff270816128 R14: 00007ff270816090 R15: 00007ff27093fa48
[  349.979895][   T31]  </TASK>
[  349.979923][   T31] 
[  349.979923][   T31] Showing all locks held in the system:
[  349.979936][   T31] 4 locks held by kworker/u8:0/12:
[  349.979952][   T31] 3 locks held by kworker/u8:1/13:
[  349.979968][   T31] 5 locks held by kworker/1:1/29:
[  349.979982][   T31] 1 lock held by khungtaskd/31:
[  349.979995][   T31]  #0: ffffffff8e75e620 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  349.980071][   T31] 3 locks held by kworker/u8:2/36:
[  349.980087][   T31] 3 locks held by kworker/u8:3/48:
[  349.980101][   T31]  #0: ffff888031ce9948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.980304][   T31]  #1: ffffc90000b87c40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.980389][   T31]  #2: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  349.980453][   T31] 5 locks held by kworker/u9:0/51:
[  349.980467][   T31]  #0: ffff88807fab9148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.980534][   T31]  #1: ffffc90000bb7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.980610][   T31]  #2: ffff88807bb18ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  349.980674][   T31]  #3: ffff88807bb180c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  349.980742][   T31]  #4: ffffffff8fd5bde8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  349.980813][   T31] 4 locks held by kworker/u8:4/58:
[  349.980827][   T31]  #0: ffff888034b2f948 ((wq_completion)wg-kex-wg2#7){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.980901][   T31]  #1: ffffc900015f7c40 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.980969][   T31]  #2: ffff888058d09388 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x12f/0x830
[  349.981038][   T31]  #3: ffff888057205c60 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x140/0x830
[  349.981118][   T31] 3 locks held by kworker/u8:5/128:
[  349.981133][   T31] 5 locks held by kworker/u8:6/159:
[  349.981148][   T31] 2 locks held by kworker/1:2/796:
[  349.981167][   T31] 4 locks held by kworker/u8:7/1101:
[  349.981182][   T31] 4 locks held by kworker/u8:8/1112:
[  349.981204][   T31] 3 locks held by kworker/u8:9/1123:
[  349.981219][   T31] 5 locks held by kworker/u8:10/1166:
[  349.981233][   T31] 5 locks held by kworker/1:3/1219:
[  349.981261][   T31] 4 locks held by kworker/R-bat_e/3412:
[  349.981278][   T31] 1 lock held by klogd/5185:
[  349.981292][   T31] 1 lock held by udevd/5196:
[  349.981305][   T31] 1 lock held by dhcpcd/5490:
[  349.981319][   T31] 1 lock held by dhcpcd/5491:
[  349.981333][   T31] 2 locks held by crond/5567:
[  349.981347][   T31] 2 locks held by getty/5589:
[  349.981360][   T31]  #0: ffff888036b100a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  349.981436][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[  349.981505][   T31] 2 locks held by syz-executor/5812:
[  349.981520][   T31] 6 locks held by kworker/u9:2/5832:
[  349.981535][   T31] 5 locks held by kworker/1:4/5833:
[  349.981549][   T31] 7 locks held by kworker/u9:3/5834:
[  349.981563][   T31]  #0: ffff88802b07c948 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.981634][   T31]  #1: ffffc900041d7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.981704][   T31]  #2: ffff88807b360ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  349.981768][   T31]  #3: ffff88807b3600c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  349.981838][   T31]  #4: ffffffff8fd5bde8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  349.981907][   T31]  #5: ffff88802b07c2f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x7b/0x5c0
[  349.981987][   T31]  #6: ffffffff8e764938 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x38d/0x770
[  349.982061][   T31] 5 locks held by kworker/u9:4/5835:
[  349.982076][   T31]  #0: ffff88802b07d948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.982146][   T31]  #1: ffffc900041e7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.982227][   T31]  #2: ffff88802c0b0ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  349.982291][   T31]  #3: ffff88802c0b00c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  349.982361][   T31]  #4: ffffffff8fd5bde8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  349.982433][   T31] 2 locks held by syz-executor/5840:
[  349.982449][   T31] 2 locks held by syz-executor/5845:
[  349.982467][   T31] 2 locks held by kworker/0:4/5889:
[  349.982482][   T31] 4 locks held by kworker/0:5/5902:
[  349.982495][   T31]  #0: ffff8880319ad548 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.982569][   T31]  #1: ffffc90004867c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.982661][   T31]  #2: ffff888058d09388 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[  349.982730][   T31]  #3: ffff888057205c60 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0
[  349.982805][   T31] 2 locks held by kworker/0:10/7478:
[  349.982820][   T31] 3 locks held by kworker/1:10/7483:
[  349.982833][   T31]  #0: ffff88813fe0dd48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.982901][   T31]  #1: ffffc90003647c40 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.982969][   T31]  #2: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0xa5/0xfe0
[  349.983032][   T31] 3 locks held by kworker/0:12/7488:
[  349.983058][   T31] 4 locks held by kworker/0:13/7489:
[  349.983072][   T31]  #0: ffff888035f33148 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.983146][   T31]  #1: ffffc90003687c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.983241][   T31]  #2: ffff88802a381388 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[  349.983308][   T31]  #3: ffff8880574bf030 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0
[  349.983376][   T31] 4 locks held by kworker/0:14/7490:
[  349.983389][   T31]  #0: ffff888035558148 ((wq_completion)wg-kex-wg2#4){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.983462][   T31]  #1: ffffc90003697c40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.983550][   T31]  #2: ffff888079045388 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[  349.983616][   T31]  #3: ffff8880574baad8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x58b/0x9a0
[  349.983683][   T31] 2 locks held by kworker/0:15/7491:
[  349.983699][   T31] 3 locks held by kworker/1:12/7496:
[  349.983713][   T31]  #0: ffff88813fe0f148 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.983779][   T31]  #1: ffffc90002747c40 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.983846][   T31]  #2: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  349.983911][   T31] 3 locks held by kworker/1:13/7497:
[  349.983926][   T31] 4 locks held by kworker/1:14/7498:
[  349.983940][   T31]  #0: ffff8880319c4d48 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  349.984013][   T31]  #1: ffffc90004f8fc40 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  349.984111][   T31]  #2: ffff888058d0d388 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x1a1/0x9a0
[  349.984179][   T31]  #3: ffff8880574b8d20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x630/0x9a0
[  349.984254][   T31] 4 locks held by kworker/1:15/7499:
[  349.984270][   T31] 4 locks held by kworker/u8:11/7532:
[  349.984283][   T31] 2 locks held by kworker/u8:12/7535:
[  349.984298][   T31] 3 locks held by kworker/u8:13/7538:
[  349.984312][   T31] 3 locks held by kworker/u8:14/7543:
[  349.984326][   T31] 3 locks held by kworker/u8:15/7545:
[  349.984341][   T31] 4 locks held by kworker/u8:16/7547:
[  349.984355][   T31] 4 locks held by kworker/u8:17/7551:
[  349.984371][   T31] 6 locks held by syz.4.450/7708:
[  349.984386][   T31] 1 lock held by syz.5.459/7731:
[  349.984399][   T31] 1 lock held by syz.5.459/7738:
[  349.984413][   T31]  #0: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x12e/0xff0
[  349.984508][   T31] 1 lock held by syz.5.459/7740:
[  349.984522][   T31]  #0: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x12e/0xff0
[  349.984592][   T31] 1 lock held by syz.5.459/7741:
[  349.984605][   T31]  #0: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x12e/0xff0
[  349.984675][   T31] 2 locks held by syz.1.460/7730:
[  349.984689][   T31] 1 lock held by syz.1.460/7737:
[  349.984702][   T31]  #0: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x3bc/0x1e10
[  349.984766][   T31] 1 lock held by syz.1.460/7744:
[  349.984779][   T31]  #0: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x722/0xbe0
[  349.984837][   T31] 1 lock held by syz.1.460/7745:
[  349.984851][   T31]  #0: ffffffff8fbcedc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x722/0xbe0
[  349.984911][   T31] 1 lock held by kworker/u8:18/7747:
[  349.984925][   T31] 
[  349.984933][   T31] =============================================
[  349.984933][   T31] 
[  349.984962][   T31] NMI backtrace for cpu 0
[  349.984980][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  349.985002][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  349.985015][   T31] Call Trace:
[  349.985023][   T31]  <TASK>
[  349.985033][   T31]  dump_stack_lvl+0xe8/0x150
[  349.985064][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[  349.985095][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  349.985125][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  349.985159][   T31]  sys_info+0x135/0x170
[  349.985185][   T31]  watchdog+0xfd9/0x1030
[  349.985219][   T31]  ? watchdog+0x21a/0x1030
[  349.985245][   T31]  kthread+0x388/0x470
[  349.985266][   T31]  ? __pfx_watchdog+0x10/0x10
[  349.985283][   T31]  ? __pfx_kthread+0x10/0x10
[  349.985306][   T31]  ret_from_fork+0x51e/0xb90
[  349.985336][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  349.985362][   T31]  ? __switch_to+0xc7d/0x1450
[  349.985390][   T31]  ? __pfx_kthread+0x10/0x10
[  349.985412][   T31]  ret_from_fork_asm+0x1a/0x30
[  349.985458][   T31]  </TASK>
[  349.999859][   T31] Sending NMI from CPU 0 to CPUs 1:
[  349.999913][    C1] NMI backtrace for cpu 1
[  349.999929][    C1] CPU: 1 UID: 0 PID: 3412 Comm: kworker/R-bat_e Not tainted syzkaller #0 PREEMPT(full) 
[  349.999951][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  349.999964][    C1] Workqueue: bat_events batadv_tt_purge
[  349.999997][    C1] RIP: 0010:deref_stack_reg+0x1a2/0x230
[  350.000029][    C1] Code: ca 80 fa 01 75 46 49 8d 40 08 48 39 d8 0f 97 c1 4c 39 f0 0f 96 c0 20 c8 3c 01 75 30 4c 89 c7 49 89 f7 e8 11 08 00 00 49 89 c6 <48> 8b 5c 24 18 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df
[  350.000046][    C1] RSP: 0018:ffffc90000a084c0 EFLAGS: 00000202
[  350.000061][    C1] RAX: ffffc9000d6dff38 RBX: ffffc9000d6d8000 RCX: 0000000000000001
[  350.000075][    C1] RDX: ffffc90000a08628 RSI: dffffc0000000000 RDI: ffffc9000d6dfe70
[  350.000089][    C1] RBP: 1ffff920001410bd R08: ffffc9000d6dfe70 R09: 0000000000000000
[  350.000102][    C1] R10: ffffc90000a08638 R11: fffff520001410c9 R12: 1ffff920001410be
[  350.000116][    C1] R13: 1ffff920001410bf R14: ffffc9000d6dff38 R15: dffffc0000000000
[  350.000131][    C1] FS:  0000000000000000(0000) GS:ffff88812555a000(0000) knlGS:0000000000000000
[  350.000146][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  350.000159][    C1] CR2: 0000200000168030 CR3: 000000007ec22000 CR4: 00000000003526f0
[  350.000176][    C1] Call Trace:
[  350.000182][    C1]  <IRQ>
[  350.000195][    C1]  unwind_next_frame+0x18c6/0x23c0
[  350.000227][    C1]  ? unwind_next_frame+0xa5/0x23c0
[  350.000254][    C1]  ? kthread+0x388/0x470
[  350.000274][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  350.000294][    C1]  arch_stack_walk+0x11b/0x150
[  350.000340][    C1]  ? ret_from_fork+0x51e/0xb90
[  350.000366][    C1]  stack_trace_save+0xa9/0x100
[  350.000385][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  350.000406][    C1]  ? __pfx_ip6_pol_route+0x10/0x10
[  350.000432][    C1]  ? ip6t_do_table+0x1df/0x1560
[  350.000452][    C1]  kasan_save_track+0x3e/0x80
[  350.000471][    C1]  ? kasan_save_track+0x3e/0x80
[  350.000495][    C1]  ? kasan_save_free_info+0x46/0x50
[  350.000521][    C1]  ? __kasan_slab_free+0x5c/0x80
[  350.000540][    C1]  ? kmem_cache_free+0x187/0x630
[  350.000560][    C1]  ? ip6_mc_input+0x8de/0xbd0
[  350.000580][    C1]  ? NF_HOOK+0x336/0x3c0
[  350.000599][    C1]  ? process_backlog+0x7dd/0x1950
[  350.000615][    C1]  ? __napi_poll+0xae/0x340
[  350.000641][    C1]  ? net_rx_action+0x627/0xf70
[  350.000656][    C1]  ? handle_softirqs+0x22a/0x870
[  350.000679][    C1]  ? do_softirq+0x76/0xd0
[  350.000707][    C1]  ? __local_bh_enable_ip+0xf8/0x130
[  350.000730][    C1]  ? batadv_tt_purge+0x4d1/0x9e0
[  350.000755][    C1]  ? process_scheduled_works+0xb6e/0x18c0
[  350.000778][    C1]  ? rescuer_thread+0x827/0x1130
[  350.000803][    C1]  ? kthread+0x388/0x470
[  350.000838][    C1]  ? skb_release_data+0x2bb/0x940
[  350.000859][    C1]  kasan_save_free_info+0x46/0x50
[  350.000887][    C1]  __kasan_slab_free+0x5c/0x80
[  350.000907][    C1]  kmem_cache_free+0x187/0x630
[  350.000927][    C1]  ? ip6_mc_input+0x8de/0xbd0
[  350.000951][    C1]  ip6_mc_input+0x8de/0xbd0
[  350.000976][    C1]  ? __pfx_ip6_mc_input+0x10/0x10
[  350.001000][    C1]  ? ip6_rcv_finish+0x265/0x280
[  350.001022][    C1]  NF_HOOK+0x336/0x3c0
[  350.001041][    C1]  ? skb_orphan+0xaf/0xd0
[  350.001063][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  350.001083][    C1]  ? NF_HOOK+0x9e/0x3c0
[  350.001102][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  350.001123][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  350.001149][    C1]  ? process_backlog+0x3eb/0x1950
[  350.001166][    C1]  process_backlog+0x7dd/0x1950
[  350.001194][    C1]  __napi_poll+0xae/0x340
[  350.001219][    C1]  ? skb_defer_free_flush+0x233/0x260
[  350.001248][    C1]  net_rx_action+0x627/0xf70
[  350.001272][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  350.001299][    C1]  ? try_to_wake_up+0x7fc/0x1390
[  350.001323][    C1]  handle_softirqs+0x22a/0x870
[  350.001349][    C1]  ? do_softirq+0x76/0xd0
[  350.001374][    C1]  ? batadv_tt_purge+0x4d1/0x9e0
[  350.001401][    C1]  do_softirq+0x76/0xd0
[  350.001423][    C1]  </IRQ>
[  350.001429][    C1]  <TASK>
[  350.001436][    C1]  __local_bh_enable_ip+0xf8/0x130
[  350.001459][    C1]  batadv_tt_purge+0x4d1/0x9e0
[  350.001489][    C1]  ? process_scheduled_works+0xa8d/0x18c0
[  350.001514][    C1]  process_scheduled_works+0xb6e/0x18c0
[  350.001554][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  350.001576][    C1]  ? do_raw_spin_lock+0x12b/0x2f0
[  350.001604][    C1]  rescuer_thread+0x827/0x1130
[  350.001636][    C1]  ? rescuer_thread+0xbb/0x1130
[  350.001671][    C1]  kthread+0x388/0x470
[  350.001695][    C1]  ? __pfx_rescuer_thread+0x10/0x10
[  350.001720][    C1]  ? __pfx_kthread+0x10/0x10
[  350.001738][    C1]  ret_from_fork+0x51e/0xb90
[  350.001763][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  350.001786][    C1]  ? __switch_to+0xc7d/0x1450
[  350.001808][    C1]  ? __pfx_kthread+0x10/0x10
[  350.001826][    C1]  ret_from_fork_asm+0x1a/0x30
[  350.001862][    C1]  </TASK>
[  357.876744][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  357.876777][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  357.876803][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  357.876818][   T31] Call Trace:
[  357.876828][   T31]  <TASK>
[  357.876837][   T31]  vpanic+0x56c/0xa60
[  357.876873][   T31]  ? __pfx___schedule+0x10/0x10
[  357.876898][   T31]  ? __pfx_vpanic+0x10/0x10
[  357.876944][   T31]  panic+0xc5/0xd0
[  357.876974][   T31]  ? __pfx_panic+0x10/0x10
[  357.877006][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  357.877037][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  357.877075][   T31]  watchdog+0x1023/0x1030
[  357.877101][   T31]  ? watchdog+0x21a/0x1030
[  357.877129][   T31]  kthread+0x388/0x470
[  357.877151][   T31]  ? __pfx_watchdog+0x10/0x10
[  357.877169][   T31]  ? __pfx_kthread+0x10/0x10
[  357.877192][   T31]  ret_from_fork+0x51e/0xb90
[  357.877224][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  357.877252][   T31]  ? __switch_to+0xc7d/0x1450
[  357.877281][   T31]  ? __pfx_kthread+0x10/0x10
[  357.877304][   T31]  ret_from_fork_asm+0x1a/0x30
[  357.877358][   T31]  </TASK>
[  357.877978][   T31] Kernel Offset: disabled