last executing test programs:

21.184446846s ago: executing program 0 (id=463):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x400000000010, 0x3, 0x0) (async)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd21, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xc, 0xfff2}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_test', 0xc3a01, 0x0)
sendfile(r7, 0xffffffffffffffff, &(0x7f0000002700)=0x1, 0x8)
setsockopt$MRT6_DEL_MFC_PROXY(r7, 0x29, 0xd3, &(0x7f00000002c0)={{0xa, 0x4e22, 0xdb, @remote, 0x2}, {0xa, 0x4e22, 0x77, @empty, 0x7f}, 0x0, {[0x0, 0x0, 0xb, 0x6, 0x4, 0xb53d, 0xb4, 0x101]}}, 0x5c)
ioctl$UDMABUF_CREATE(r7, 0x40187542, &(0x7f00000001c0)={0xffffffffffffffff, 0x1, 0xfffffffffffff000, 0x1000000}) (async)
ioctl$UDMABUF_CREATE(r7, 0x40187542, &(0x7f00000001c0)={0xffffffffffffffff, 0x1, 0xfffffffffffff000, 0x1000000})
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e21, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c) (async)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e21, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {0x0, 0xfff1}, {0xfff2, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4041080)

21.109284339s ago: executing program 0 (id=464):
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @ioapic={0x8000000, 0x5, 0x6, 0x100, 0x0, [{0x8, 0xb, 0xb, '\x00', 0x9}, {0x1, 0x1, 0x1}, {0x8, 0x5, 0x0, '\x00', 0x10}, {0x6, 0x1, 0x9, '\x00', 0x9}, {0x5, 0x5, 0x2, '\x00', 0xb6}, {0x3e, 0xc, 0x6, '\x00', 0x1}, {0x1, 0x5, 0x6, '\x00', 0x7f}, {0xa, 0x80, 0x4, '\x00', 0x81}, {0xfc, 0x4}, {0x3, 0x0, 0x84, '\x00', 0x4}, {0x7, 0x5, 0xfd, '\x00', 0x3}, {0x5, 0x6, 0x8, '\x00', 0x40}, {0x2, 0xd, 0x7, '\x00', 0x40}, {0x7, 0x7, 0x5, '\x00', 0x2}, {0xfe, 0xd0, 0xf, '\x00', 0x2}, {0x2, 0x9, 0x9, '\x00', 0x5}, {0xa, 0x5, 0x9, '\x00', 0x4}, {0xe, 0x1, 0x67}, {0x7, 0x3, 0x6, '\x00', 0x8}, {0x8, 0xff, 0x8e, '\x00', 0xd1}, {0x2, 0x7, 0x1, '\x00', 0x8}, {0x4, 0x1, 0x5, '\x00', 0x3}, {0x5, 0x4, 0xc, '\x00', 0x1}, {0x3, 0xf7, 0x9, '\x00', 0x6b}]}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x82042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000071000040"])
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000019280)=ANY=[@ANYBLOB="300000001a0001000000000000000000818080010000000000000000140002"], 0x30}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000cc0)={'sit0\x00', &(0x7f0000000100)=@ethtool_cmd={0x31, 0x6, 0x0, 0x5, 0xda, 0x5, 0x5, 0x1, 0xf, 0x0, 0x8a, 0x1, 0xfffe, 0x4, 0x5, 0x8001, [0x3]}})

20.96767104s ago: executing program 0 (id=465):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r2 = syz_open_dev$hidraw(&(0x7f0000000380), 0xfffffffffffff850, 0x410701)
read$hidraw(r2, &(0x7f0000000980)=""/144, 0x90)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x70bd26, 0x0, {0x81, 0x10, 0x0, 0xd, 0x0, 0x0, 0x0, 0x1, 0x4}}, 0x1c}}, 0x4004000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f00000002c0)="ff0d406f60454fdb53e071df593b", 0xe)
r4 = socket$igmp6(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcb, 0x0, 0xf)
r5 = syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="eadaecbebf023226b1df62897550d2f54ae3cedba5e6e35fd21871498be1e5301f0c3a7b7f0791aab7c641551f3d46daf963af5be3075ddb1c22d012be3ad694b7aba4f3eeef1f252b9eaf66aa05432dafe923a9156194857ee55e7608fe05256918a1898779fb25b9675b62cbff4bc45c12ef4c9263b9003ab26f60d75ee095981ba8d262d0f20703ee7866486db1b351e26b5e87550c7dc291c38e414adbe1d0800e52bc25be85bfdee2b90eb9349a2985d4981e693a0e03817958e7a9"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x11175}], 0x1, 0x0, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r7, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x4, 0x3, 0x0, [0x0, 0x18000000], [0x8200, 0x1]}}, 0xe})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x143200, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r9, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
ioctl$sock_SIOCGSKNS(r4, 0x894c, &(0x7f0000000100)=0x7)
sendmsg(r3, &(0x7f00000000c0)={&(0x7f0000000640)=@in={0x2, 0x4e24, @rand_addr=0x64010102}, 0x80, &(0x7f0000000900)=[{&(0x7f00000006c0)="6d07ee327abccf4a2bc1f031f7d15ab0cadbfaa2dbe16630b0f082251b5f2c9344432838d8af88395364afbc8a35eb1bfcda545eeba649395fbc62e94be82a92e91b448af2ccb051085ebb8f9e518fd2807ef2883e70a1e5d7e75e80f7681f1f2914e84af8d668632444dbee4a5daebd", 0x70}, {&(0x7f00000014c0)="ea3a8d1c15c9d8c855719ffa2579f3d2b8d74f66861c94c750331c7c0e05fc25b021d837a4182637c9e07e015d417cee46f9ad9520c9ffb7fb096cb135a22d22a1e4bb85698d298a0c368346f15a566319b151ea83e7db0942cbff6a968cf4769c500cf45a14e0606529405c51fa64d3c4e97e5f8f374b743b06528e9a2c3b4d809e8dd6fd65b8c5e1c1e6969d1377a1b15d3bd5e76a1d2fe75c0db6ff8676948c3125ada3430a015369e7e6b7fa3a70d4622c8f2c5294d70f76572df1d9456f36810a19f87921cacd78be8bb57e19ce26cb8d83e2444fb1ded5724cf1a979fefed0d67debe03c19e6ecdcd000000024cffbaf0d9ce2b0b5674f8e19e9ed6a9e9ac279b27271e62c7e9d44886f21cfc4a7ee2523a28085db2f71fcb2674ae688c2c6b88d44245174d81240ccd8bf7fe0286cd58b4c3198ab034db6b9978ce3831f6f57e1567808e74846297540c84d794390088a669474d60e5d336f8fae275a6adc9b970c4cf853a5edd033f28032727e26d30ca213df3401eb637e5260308fcfdd67a82642d71b6eb3af2ba86f6925ec3638d3f3a88e97b5d5b1e78532c1c9fbe60bc727234ad670bc8664f7b4f3a62e7db012120f8500304a25fd0664378ba5ad10f9943aeff4a545b8b630d8a53d5616d0cb794847a87ef86a5df3e875205929b0cf43c7aa987eca9ae3b9f998ab78ba9f21a9add16e11b7468dd4907a9c00b061e0bd8c64d6d1c67c225d2d16a3774a4ab206d620a2b7b48960854a762daf4d375e825fe26e26189b8f9c838e707a8f770a96a3e0e01229a1124c56b2081f990dbb63339019a26c6dd5e3ac752e7cf5d8ba059a54f632a5f4e7833a9838b4d0ad1e533e5dc947ad5858e88380df31ba4321b3a0134887c16adf38eea6e393575d7725c94ba91580ecc0c0ce4f77887d72877225fad324db64e4cdd6920b0aa7bba1601d329bcd381ba242dc96da7a4cd08eae032d8ca26f271cf0eb2a8ff73b710b27f370ea2a71a776f76a38fc75230c9f30e0ae2afaf8d453e36c2526dbe4edce31320e286a648e07716b8a267e94fe973961f792f48b819969308d24dc9e684365b4af25d7f89efe870e0158ff2c408d325164744d29f46dfba29c4c258164432c27a0ee1b76403fde9e189df83cd019a2d210c04498648d3815818d41510d63ead3bdc7cdef345792477b8103cea6a99d14e8f768308557c34e4a10f0f5a84a2cebc7d394772e640952ff3f26daf34f9ed9198c3b4460c0a3ce0b43a6e94787460415ec5ac78d429eb8cfcf4f69e2aaa9bd744ef6cc3a844da3526ee6e05ec8007a0d42194e51a4ad1a50d59b12322136d5f341f801a7ab51693601b715e3dcdba657d27a72a3199c235da8b6ca48141f072872d58deff9d728f908d9dccb33e208fb1ddea9237cc34d92125d14b7e176bfc9c4fe1b4c143a3334850c895b26bb8438674f7aef784d5dd6bca28db07a53eab4df70fcf5a463be9aa6061025d4c721450aba05df2446a1e0f362f64dde8c73d01fe785d4342753bf72c7a90c14e14d6a8e8bde7b1e86d1c0fa48e172b610bc41ce7f147c08e80de47c3264ae643601eababee552e384d9f2c15b3ba8ae204c8e7e871ed7b3ae7f80ae8c5d3976ae804740a4d7d3fc43323e86d21ef4de2b27e52716fcdada9950c0ee695d2445dd3ad616bb63a21d30c3d1cf63be9a6463547140e80d35d4df455304a549308660939e3bef51598f2ed24967bbfa37967ceeefde93e452dc084306f1ff14426ddd6ab03df3c24eb0c8269f82854c643e59dcdb1ff9428ef05355589cba18b518fea95a97fc19be8ef0d00eaed2dc180a2ae911dad67797e06377edcef71498d86ec4d5df501773ed0f9bba10ca13af56b5764c40028e59c2916cc8bbd750c47e109a9c3a84758d459fb27a3d06c6414675d8df5e1a0c78e54e14f69d98b024d76abfe118c71d120317e966e3a872f1e1b69b7538e3b2534e8621261743c07ed4d6c13baaf4c85db551c61d79eb5d77dc48be418bd809640c11c5bf7fd7df81dfb1e8eeb2174a546d2214d2c3bc0f07c159c6323f4740bb656c7bd3c2c40c09c7502a2706b716713e27df8479de9898cf5f791fda804f11fd5e3a15ef5103827e9b91da4aa52126f094d712565be2bfec2b52b9a70a2d469b531b958662e41564b8671ff56d4be73c0ba32af4afec3aecedf2ea5398a4c50ff726d1c5c4b6b9f3b181bb8b4d7a913404c120a3983f28b7df9636aa6c40114b1608a394ed9546925eb0942aea250b1c10237e25d08f313b3eda5e9a56d08ac778d43887c762ecfdcaae3f2ed90985c54225d0982a492b78c21f9f5115bdc275c2b2906cf3ce47b902fca52f3ec3d799ef6615890e909e0a48a6e0222fc8fc85091138e422f7715929b24dcc6a5427ebded2bf08614996929bf3b76ec693523c7a069004276b743dc34481f02499243f3f5e3d2ffd6cba2913dea8af248fca20bea88e11d7180f474fa6b9c4b1534c552f9dc0e80e45e1aea581b9f14780fcbf4155c57bb37f279c260168740bac4b775f25eaf945fd4878b92aa70803a320c7815ea7cf3de0729a7f8c2dd9a5f234f4e2408e8dc0fc4d35e2a1604f709f5799770ab320b8dbad06218fd4296cbbf0d972b58b29e152d4a06f39d08e6d79165e7168bf383d86a830e499725bb4145e7b9886820a63df6d17e6db8816a570eae83d2ff3c8acc2219a3c97fef06989aad1117dc35a7fa324fc304f3ca7be97856805b722edd9d30eafa5e4e16498bd0e9c37834e3faa633de731091167d9e23a76ffd46f58b9852100517d0c7e8cd9976a26e0ea3977194c2ad9387c64a277e7aa61667680ef7b4191ea4f899d7881441ce6db21796e4ff45706903292ce16605d1bef1d97c88f2493969434d03b9bed1ed41318828bbb4181635841afb5c612b7f333e7af054ec498a3e1305f1f75e247a606d88668d6afd1139e66ad29b7ef922ef730df90437ae8c7bdeb06719690ec718a610e0277c7d858db36de57b35744f4073bee0df6b78c078e2f3ed954b522019c5d6f2577729622cfec0a00792456a26a4c47c01cd31e98a167d69137a4eeaa5dd38c08d57a003073426b307ad4c1d9b411b0f0c63582adc57a26cdc9b4968b84dcf27c0a0e4c8a037f3734228486706f0b15a2976008957138eb715ea87d9cd06d99a1e5fee420f1ce213b4e4f591cb74dde07bed34f267e68ba277911d71177ef85108e858a37cb71b86675064e2d1fbf4371dfa81d0a545d9de7f6013f30dbf77ee15e21c0864e03fb648ed86725651840edfff904c5e4486649d90552163062e41bc077d8774b9154eee995a0ef3417b09e771efe78cd631701750c1f30eee03e2572f1206a81ae32866d56d1413605158e2a14eedac14f418aa22bb669df0080ec556f70b7ae9732e2fa1b3681a96b9b4f9712f12250a892fd346d069630f70d440d52b5bff8f0d775e8d01cf95d7d8b67b5db9b90059daf262153477665ddf302c466a4bc7e53e79fe32726fe4bbc1a78253bf3e5fc5f334b939e1d0df3796ef50fae47e31e88de5b5c47e5ad9098195bc37f3b7b1ee137abe61f60d7df12cc812cbb039f62252652ade1168f3364c8581f3d2a6e182f097674113dd27c5e69a7afc7d9271cbb3680226d01139f33b104035f733d92cc8fd4fcf8fe480f9f8f5a3a29d23d4249eade318467b88db052605d51622700e909d633067b7b11ad85ff93cf258fab60312e62d3280e4d86a8ce4a0588b49e51e9ce738c2be55ab991d0cfab77471c7004079d5a1ee9518e05ceb0ee1252e70db6a7c441c13d5930d471ff69269089fed149edc79bfec7108751bef61a72abfe626d06d441a65b6c80032f8e3377c7e3f4637e66484eb254ebe9b9516d33ecbd2d3b550629c25cbbe292eabb5dc2d2075fac6fe940875a3b3a8bc82e46e84af41915004bf143811ca1efd6c3b0aebe8a12b180a7f915e9900293b7af69c91989f3f007436d9a6c26e0d3676cc72eed4f642cfbfb82addd91000008b75c4b5f072d9528a009d28138d59602e77f640cb408dd235615b695eda74d2d894f50a6fd7164ef0895dea712c1e0e5e7882d99b94f7edc81339a3a541f65a7b1d979ec48472830a2030306cb6706ef0b8cd7b899b678a6dbb190fd9ba790c9d4715c8f82bade0def714e4c36aac54689655ee33cfca03c6431f55409cf4c90fee1f3f3a10046560cf78adf0636f943de609b20de85d0c4d71578ac70faaa171d69f4c6096e978e34d0274f334041582a081cca1e9f27568b87d22ef70b79a4dbdead6b6504941a7680717e677f47de7dee3fd9216a01e51d454fc00d8457ca7154b54c6db03405c71e5ff3dc93c7f95c6ce71c0028d6172d42b957869e060e5a51c48e219bf8ca180976264c860fae4f9a7bd33d6389dd0e4d996b9b9498153d639d46445feffd842df5c8626fd3093129b276cd4f1f460598c942706ae11e1056a15da22fc4901a54aff9a4fcce2d81d8f53523c86a9532b5a236b8cf6a6663491ea3476eb270a523c12f8cf5e1ba9b11b3a67a60eb6275a7feff9f960717a8b16647ec122fa6b8df42a3da09621bb58d8d5325cf621a7e1b441087d480ffcb93ffed0aacf95cefbc6f323d41c9558f648565cb110bf2ad1e21b65401f12f6b7cf02a81c6636918c9e10302690ae3cb6c68ab3caef15bb675488106b83e3ef8f0993e3b8f71d527c3a0bb4110b3e5fee91b9941d02e9a4d16d0b3dec64d19678f58a54a3c7edd41ef9e753a1989c16c1d24cbedcd0be20a9f63b161d84f3ef538e470ec5263d4ce51cfb60c8a6a5cc6ec212758f6e097f6991685cbf5278372fa423b69bd5662b4a004ef2344d14de63f44f1c2cf2ac012c73141f9a4048589cc37fc62b8f10a9e0437db0b4ed252e5c855d3ac259108865bb9afd7d9236b09ecb7b018df4ff4f7544f10c17f7cefa0d64a1f976befb1da531a97c340b014f42f79d59b4d00041d812210788ec48b8ca24b98a38353d40e80b90bd9cd0b9dc6ecf4071fa91ffa63fc6a58601a487a95c95f2c262103c89b0e1eebd24ef908c5be6009ac8305fe5340544eb7fffc1d9f931178c40b5448eba06f11b5eb28d14ff3af2408d95f636a756503f3201e7721835a764472930a64141d9680b3be65a0198889d082e882637c1dcb31a8b6cd2c351106dbee3881191e12dc3a6455dcb07c398ed88cfca7b6558df31892ef83ef5a17436440d484a56ef88b8e29522c9faacd658cbb9a42c989ee7ec80953541f05a07560eb96ff583870d270a4640fb5820e9a339c2215357b231b1faae35594bc6285003725558cc197bf7aa29e8d454134ed4f5cfb0a058a4dbe94916d31ecea649d9e05e232bac0b8dae0e3f427d4ab46930656f4f8f8d0b04500bb88a7af7a936f670b0c94a262fb09ee6832f12bfc114c3f55c8bba8deb2f9f43569af96521285d90f9d83199851dc2238ffc7b09e801c24bd6844055bd2ad527f40b736d4597b3613cb0c818c2cba05e44f8af412addc3ca8dcabd3461720ff8a9789d108c5c538c2dd9ef7abfd23846fe7afbdc6744d964cc36044b9da53edee4953c5cc157a5f072749bd86086bb966ab561347ff627fe21d167344e332a417ebbf49c376ba32979ea4e22d3a4f561747498c04758cc7c4c0655127ee7c5cda002afcd6aa6791133419af4c00ef11462d5550d7f7cc42579ad9f690b0bb034cef84cc8932f7bc791c0ed137cb46639916f7fe24e7c756900f8136f29bc328b235d9ef2a7ef3b9985e7a54b17f871f24", 0x1000}, {&(0x7f0000000740)="672bab4eb7ff04e8f172bd896b57d2c8761ba8b72f06a20fc2767539a5495ede1028aed3d914bb053ca8ca6ae7c48b6afc37249f789177c4bf66ab7b5d1d07a32bdb7925550e2f09ebe48cd54e5fe553543ed3fe407077baf131ea6ff9935c48311271493dc031de4bfab523808c8642cf3e3859ea95ae00b4cb8f3e15c0984775f11e53be6a91bf238afc8bd8decdda6ebe43", 0x93}, {&(0x7f0000000800)="822a91da63e6637d8bd9d24d463d1b19012100f86cf80ce5747f9e0b517b0045d983630329e0b2b7b1a7356583f38dbbea6f3c3f198100c91caf681a5c0c17db3f48ef1b3ee456788e2f99eebfb256bce697c0b59450b7ed36fd9f9947b2ec8f67b9a6c40b678dc2ea5cfdc5b290dbae94f578cd9f320279bb4ef6ec2be2730c8bc580b1ed5f28f89d13fc646a05b2390b2c5c810a07a7d7354943adc6b3b60bce7bbd1688ad5f0e9936b1903d7a93718a47750566660304cd81369a438431e9b19205f5d3f5073f8be164a07e29c6fc18566cea261fd9a829af5ab7eb81e7c1dac930271dee23483d24c3eb", 0xec}], 0x4, &(0x7f0000003840)=[{0x138, 0x119, 0x1, "6da0f027321fcbec1eebdd90e0db62d2df874afbebb159bfc841b2daee7eec4e949e9885091ab911ad1f247cdbdfbca23af3eba19d3e608a935db7f1182a057d7dbcb0c58b1bd7797178a8f8802d56dd64aeca993e2a2d4f832b22c056d015c252a554215750fb9f13d20f0bab98007a3b722c610b7351e08ea82321e668b8bec1076456c5c4f55ee1f667dee55f58c99246c22e837c4d021c753bb4394facc42746f421e421c00a42f8a3e4a31e9ed55a300a0356c33742c116813f3be239fec3b5a549d6d90dc53bc7fd248a8d957f3e4dd90701fd0d57ad2f690bdacce224cb69388739d7088bc595a23d10b8a5c5653eb6fc0636dc1d8635d4f6a13056f7227dbd3d4b0260b866634750df257db80eedc4c1ddd06500"/291}, {0x1010, 0x10b, 0xfff, "8bdb8739f359707edc7b2d877023481a157c414fd4d80278b2de40c1b5261e5b483b5c2977b1f92b21d382db3480a610e1c2ca4c985da7d448fd6766ff72782c458b32ed613e5eedf606d9c34df26fdb0483f5ad979cfb7434d05efa314b23f29fab2bac57e15e8f0923d35bee959fec913c70521d9f0b3e0818900c7f1846c4a762514cd44492d204d39d195ff4278a58e381ae649a2010e9dfaf7c0731ada2cf455fbc95f237b4200bb2dddc5e1605a778a10758caf88cf49c91549c75f378bdf0e62bf1e98522e8cdfdcd95fb89673525846d033e09662f270449e38e21d8c45d060ffb5354f221a737eaec046567120ae63b96685cd7e9cba29f81cae79ebc41d0631e832dfba8f1124ce565ca99621f4c1181695ed7e5e07ffa09a7bd8c9e4766f2e1d9cdd56eb91dcba219c79c850f37747fe49c204bfa7cac8a8f379191c983a416c884c5c36b45a58ac25edb2207bacdf734a07cfd76d3d030eee3970d244fe2cb837a8b55103230d9b8961ede5169eb759894397e870f22ef8d2d24f5acf682ff3cc3881ae7d433467304e861e5c2dbe032fb83ea2fd91b971ca5ec1574bbfb1fdd43199016368ce1b6fc46e1fa73af40c114f80af021752f82b3375cf873401a2ada03388c9d0b900ea155843041c7ba9a0da7085085bc8f9d60df2df91ae34ef9a5e84c8f7fcddc2951505c41aa092b718e092c7053fc1233f8864c33cbf17e8e0c417a076a78f9b2d5eaf57f79132535046d378a2a100f9b0a136f3b2c124d486683617375172fb68aa686217d3995e69b4c14bb9225cc9f271f4ab479434f4cc6c0ebb43204e56297c256276b4abc89c317c9761bf8dfe6aae9b6a941ae2667b37df72afd44f37908f9144e7323bacdfb2c6a95d1e857f714de5a3a7ae19c6fc4b50d006244a2959e0fe7bff98edfa7100c85824dd3a6bf9f497494d324193f1ff18ac3f3270e06f7a9700b2152981b5278eaee1067d804a89bf20ca6ca919f511d1bdd4b100acf6e4474cd4a91df2669e21cc9981c23d6d348b7d57d160c4c6c127ba66ae4b0b627b9c3afa87f7d6f098fc7fb0c87ff89cc2095bcfe40fc6325ae15de4e305a2838a0feed3b23bc761b00dd0b5c06eded2a92dadcaa6bfdab57ed3a3458c00c99023f39f4a9305057af96ab66bc59a5508f4e038d31788cead8bdf44ba67f293207392931f010acac23af8b8d53b4cfcc015404278a8aceea856b09dcc2015da97f0d0803bbc217853e985d762506ebb106a6417a4155fd88a369e5876074021f9499ee92aef9c5388f0fb08aacedd3da2730d86b640f57646cd478cb27d896049ac2512e62ca58babb1c675d942415f29d04cebfeeecd512a7a7881d1fe9206e2386ed5bf81c6225d8cfa42bff3b9e38f464f16a4f4acda3af83caf0fdde9027be342e7ab05d4807d0564154c1010056a33d2d7eaac85dc18999a5fd88ed3dfbd0ad1a096b3e02105b2f9e36547eb20d609598722d564e967a538c7a17ec158e42afc21ca364050a52603ebff0e75d6d792f3954d7f829f63ffb252b339882f6a0eb90ae975ce91af3042e4747b8b322b8536df5236f9eb8ed9db6f6054d66a4b7f7d37d3ab0bfd357bcf634ecd29c68bdef493515080b7d09a00bd28e55bc75588cc8beb4d63b99d5b72578ad2d13293edf4e68d5fe458bf97ac3e38e924f6b9d7d5744b521981b7b354a93c306be41ee516b93dc89320b37b24765a1879e1eebb15342e3a8bad03e113d590577e1344d7ec0673d948b27dae5d00770a2d13d48db24eaf92ef2deaf340517c4a39e307132c9019eca9c68f95a19347bd008f80013494ed042e3af397487b56460f2e697c2bac1d3fcdd532d770dea465f4d2052d463e2030d7db779961d25973ac2e8d6f9844032b0b1711ccd06a8a4a19e85263ddfe2d35568328507f732b233224f1736a78eef93bf0fc809e37c77a2e0ecc2b741a818dfe5bab9caa912fdf33a913792d37ee9375b16c192f04ff5f96b9ea8f7e4f2656660ba14b406c82b34a54bc45c1af93740c11456c903cbf8d65f1b6268103f7881aa683b850817975d5f51bfa1a5e2ce840b1e8684120c9421b03e4ef7542755f30e71a495296c6c8d39a4c42d2c9497e0305d3a24989ecd079676ce3b106f6102cd1a368b6f7df4447cf86e214689f950925fb227002cf05aa838f2c3612bccf684588561b8ae5891c2a5fdced3373ba5558a57c191a79f85ce166c841eb2de3621b522d2a30d26e5974185433fb22dd0b12c3a43871a042862811d0573359d7bb882c75e22c8aaa5f741c254bb89aa3116f1cc2a047f1ff02ef2fd324013cdf1a41b3f673f37fb2aaf40815b296fff6776600e4645c0fe12817c40faae77e3ee42ad76ff52e1365266e4cee14bbcea8f5c9fb639df3a61ae2b4637550bb156215bb51885114a83abf9186fcf5e33ae173a9706f27b0e64fe021748931fdf938d5762da7db9fede30896e2d972d6a3060711712b067b7c1280391308debe06bd37a05155f9c45cce131d5551da4e66ea68ec694fa6efd0f44af1a76c665fcaa926b0e94fcbbc332ae9b968a5e573db4ff02bc0bcdc75935f6afae575010b6dff576939b941b971e81ba1b942ceb5b47695dfc9bf2da13b0f722e01daa2d39e11fae60613f5a4bbea258d4b4e70612ff3ae4b2dde1929e99b29df8550ca28ccc8de0506554e069e012d6c6b5b8f4130faa45d1924d518696494b0214e43e2d7c7c1eeff62b6bddfbc1fb5876c53ae127955f5e7b7da8f683d5d88d21aec31f1252c2e2a6ad6b926e84fe427ddee3fa45153024befb0289ec6397bccfb078761394d1f362b00578019f8f39a91b120817eea418f5cbcdaef84acf3165128a93d0901b86cc187893ec6774c7ed4b8723212ce7d0cf182a951c2bfc933e665c1c68180fc94b9c12065b6f966fbc1ca93480b5b0f293a7094fe5e3ecea8ddf86ac31c370a651343a33e76e9b74db84e4a8971052b1b83433e99fb5f78857a59c4d5e158394870a70ce572df090016433278a747e6188616b4aa666da4b981512d30984926913958feb305b589ac62843dd3221183711f7fb7feeae28434ad36ad249316067a4355a786b2e8ad04554976bfe2da958327d456f055e43195eeafad75ddf1827bc9e46529c7b169be1dd376e5029448e0dab2d8b839c76fb75bdf2b1ece930708bfd33fdb39ca31917f91f78de89f4e03aa871048b831bd0335892f6f75a9b1b1847ac03005f2f9e13b0ce75222d30d1bfac53da4217aeab1df8fddd457ce20056e062ae4016446b639c9a0b33a2b016bcc7aa76045e86de03dbfc3cc1d8188a704ca6e87f6f511a81bb49b60da3db8256b9ecfc5cea00cb02c765507b11166711557affcad08b4ca6fb8b0af3ecdb188ef6088013074767566760deb9f583135d43259ef941fc65aaef53c7d20b409e36dbefc5e2df09b0ead7df23d2a9b5b4cc2d8e1a00a8cabd70362fb23ba72dfb5a7e480b6f8e0ea87a728e798bad8e0a978dc904115e32f70064fcfa124191f5084f3cdf0539736ba7846a04fb3079aae2ed150d9e5a622cb36ad1015b31bbc3bddd84c946fe9eb8fd55279cf4fc79eb0ba5856cc587dc91956e3aba8b56b81798c13e2fd9d9ec504cd7cfe0c7e40fd67f2b3fc15e405a2c8a00f342f375a0a0fb58694f11d8d2141cdc13ad9f059613c6c140ac15949730f915e4132a66f10d553dfb9e324fa1b72c0c4e1a472929a79bcf4dd863d0b2ee178aea867c63e2e57f3cea972bc763c9b20318f32303b627b5a0fc64efa9760383ff9be1936ae816ba67920a82e52c8a44309c858a43b292d2700ed7347d54e434cf807634255a6ee800162dcff83122620c838dc7bf3bb506ca4da038601e100cae9918ee0a0e176b03d86f6aeca9cb0c1338057ea5aba58b983b6c3b5dd43a94ea629c2613688ba1de6d04bcc69dadff1e3c1b33bc9960f81855f0f8d1cee40d95c125ca9e54ac6951158aca08a03a7b90459799a37d75b5df14daaaef74ce2e84451f090c731d82acb7c25ed53bd0ea7cb1df2c24e62c9e2f551cecb4f1ea0d3c54f13793e5d0bc38c5cc2f3164cb898c0bdb6ec68109540241fcfd61edb467fa81704777fae953efa98ff0127ccfe614672f035f6338c6e2ea2bad7033c7654c0e4c95d41972ef601700c2768779df7f3b5dbaacf45963604f1279d3ffad458de6a92966c6084bbf6c6ac1344956ac991ffb884b8c6cc363ffe1fd5a44d81eed17777aa3d7caab0f4a61a77fc875776c8c530e711e6b5a90a1d1b1675253ba60db0b11bf43e1807b5e1d4c440dbf11730e3546dcc734b82ff86eac87840de42fd078c260b8f4de4123c57e077949579b0f4dd258a8ec39325527e9fd00a19f788a58d82b9986c5f1bf19141d5b1b539889415082b6560b97ba551cc101ef3abc7e0d11e7e7a30a22f89c1a8b6def4035d849edb17ef17641a48b530bc3fa39c347973226dd1acb93311ad5eab23a8c37db4955574e791593b107cf4a3f07d0da565ba5a3ff5f902f32fb0380844fa379faae512ce8e0332f0c2d955aa7818fc49366c3abb94a975eff81621b8b2cba94a82dd2520d61d89898d03b742260e196209c5f6a310ca8aefa2ba86124f7db36e03b7a30cb8c6aa8733a0a1d824b75124e20bdf688d9d3ed9b23b7ddf1968456e5664ec35115528f52929ba129428f91ea435ba04ab034cf5dc866dea9e61967bc9838fe16bebf2ce15b269d1785f7f1b3fd57e07014ef12a1bf1492c80db5d77d09fd83d0241f005efb77e858f006b635af55b80e5834789b761cb96e000d77d7b2caab47e0bb5f12f16de96f7a84015aa3e7425de7428bcc6f94f4453f8b7f5ae03bb09c92f9df6ddc0a49b9e1bfd156e455c974d026cd5510dd0b1a2a8482ba83808cd09d8ee64c1eb0f46b928cf76b314137fda418f9fb3b5ff925300e9b9f012c44b50e4cd85bfde350cff2263b05efa5cd3c6151812788e3b743097448c623fbc2a2f7ef92d9a89bdc298a44e982760f94a3baec82a835b1929762cbb17008ccb250ec3a220015f7b78b37246a000ecc14cc9cd5bff914c7e5f8d5dcae8d728ee70d0e1334b05a22abb6c8d331df373c0fc8c1cd0a8d88dbee138ef28444c16f754ccaa490e4532666e6836d91e28ec8406551a07d1eab4085a8696314eb7b8b1dedc6872de748fea0c75230def09a1282a02621df2591f8e733c715944e2dfc8f2e961a98b2b56d9496e4b716d7330cd4376184b9f881fa66640d794813a7670c1f7f68e02272d1defb55e6038fcb6b682fdac0878266aa1de3abc7644158e2c02973e6bd844f4722f45ff35533d228095f80a17ef330e8968a5b2902845b47f34751f40289f7d322bf13e3cba46cc7fb223326218edc291f2bcc033f97d4a3f774d7e9f9b03e8f581427265f1733b486fce74b39a4623082e445cccc98d361da76a4356d903488ea45d96cfc4bedddbff4b5bc0e6059bc46a391feb46c5968079c3369414598a65e3a88a141a402b8f84f20b840b49c3018fc6ada52f731511956b8e0f210b94c69c737fb4d57461cd6cd2295e5f54d27a887e1baec76289929405f53033b4b2e0f6c2ab8c991a60e6ca31da9bc58c74836a14cbc341fd4b7ddf85662e3b4706a52566ac3aff7685f756454f803573f2b40df08ccbeb55977b348eb3ad378ef501a9768ad2207289b40a86cffb22d19438d617fdf4d366e82c59b595f0e5afe79a277492d80e6d924bcc36e1e4a126603ee4c43959d4f25f99798b01972403ed194b2b7c46e"}, {0x20, 0x1, 0x3, "38b58823c3c6614378699449c0a637"}, {0xb8, 0x113, 0x2, "9d3bc8265df673eccbf3ba22331f47af7fb6e34895b7fc35e5d0e87b812a7bee0bc189b51276f62b3ec0063a114971b409e58942b956ac54bb5020d5da61c3461eb52b78da07d79e443fa4e589c0e62e29e4e156464017f9dd705a129924b23761eb0e69e08c163a419e5faffc8b011c5b3748ae8d0f7f2d2eb90fdd9fc3e7151c2e99d4808ef4f512bcba7fae2a83854c3cec81df4c55e0f3930fe7bc58c8dc17"}, {0xc0, 0x10f, 0x9, "fcfc5003b7c9d7c304b2689aaeda721995b6814342b927201258905464deaff19140284ee6433c2b4e41bce445fe4433462569ba8d287159389bd9ea5cb43f791c05c7549a3514824b55347c312c157b79f698894cd7e935c8b3d61f1e3e5c9f0c042c0331e8ef30cab054ca96abdfd786c6a0e642d2b3dd04d771e01c61b2d4271356ce7363e2ab826551064e3f66e7655145fdf7b1f030c3e71c862f38001dec6eaec29dbdc2ea99080e8fc1"}, {0xc8, 0x10d, 0xffffff1e, "9ffc5e9d6f6f0f7ef38cbad495554faf79327574ca40a153fe43fa6b7bef8863293f9829999362d4d115006bd50e8be43adb5ebd49b708d7f5475a536fd2d1762d73fd67d44dfc5ee4f1f11c762c6e06ab938043ae99768ea25e705be7807f5d79b1d14f262e4eb58b38203b108903c7c8faa6bb4972a089a987c44a98342fa681e824240710f1fb7fe16dd614ac2db18b2a04f31ced9c242d629443a11335786f770993acf4c9af641b4fe830494422b150c195878920"}], 0x13a8}, 0x4000011)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})

19.722614588s ago: executing program 0 (id=474):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = getpgid(0xffffffffffffffff)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r4, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000080)=r1)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r7 = fsopen(&(0x7f0000000000)='tmpfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000b00)='\xbf%#\x00', 0x0)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f00000000c0)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/41, 0x29}], 0x1}}], 0x32, 0x4000}, 0x4040)

19.642926331s ago: executing program 0 (id=476):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x4, 0x1d}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000600)=<r3=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r4, &(0x7f0000000140)={'full'}, 0xfffffdef)
syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="44000000100001042abd70000000000100000000", @ANYRES32=0x0, @ANYBLOB="fff0000000000000180012800e000100697036677265746170000000040002800a0001"], 0x44}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
r10 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r10, 0x0, 0x0)
syz_usb_control_io(r10, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0x57, {0x57, 0x7, "a7ea3163fd3bc518194b120c1e73d54cfc4ad2841ef4f6a3fd7c59ccb785025f2e7b3504ff87cbfd10f3c080b733000000000000000800000000000000ea7a288982d5337c364daf03bd400d66293b0a2b103dd93f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r10, 0x0, 0x0)
syz_usb_control_io(r10, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000300)={0x40, 0xd, 0x10, "f21d64911c4132db21fee26903f96d36"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r10, 0x0, 0x0)
syz_usb_control_io$hid(r10, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x1, 0x17, "b6a15453d1d33889973739ea453e5003b21a6d2fa4aa8b"}, 0x0})
sendmmsg$unix(r9, 0x0, 0x0, 0x0)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet6_buf(r11, 0x29, 0x6, 0x0, &(0x7f0000000040)=0x4c)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x0, r0, 0x0, 0x0, 0x0, 0x40002202, 0x1, {0x1}})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

15.997887625s ago: executing program 0 (id=488):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@RTM_DELMDB={0x17, 0x55, 0xe611276dffabacad, 0x70bd2c, 0x25dfdbfb, {}, [@MDBA_SET_ENTRY={0x0, 0x1, {0x0, 0x0, 0x1, 0x1, {@ip4=@remote, 0x8edd}}}, @MDBA_SET_ENTRY={0x0, 0x1, {0x0, 0x1, 0x1, 0x1, {@ip4=@rand_addr=0x64010101, 0x105ba}}}, @MDBA_SET_ENTRY={0x0, 0x1, {0x0, 0x0, 0x2, 0x0, {@in6_addr=@loopback, 0x8edd}}}]}, 0x18}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x2, 0x4, 0x101, 0x3ff, 0x80, 0xffffffffffffffff, 0xfffffffc}, 0x50)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x7105, r2}, 0x38)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, 'Xw'}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'C'}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
setsockopt$SO_J1939_ERRQUEUE(r5, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xc}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
r7 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r7, 0x110, 0x5, 0x0, 0x4)
sendto$inet(r3, &(0x7f0000000080)='\x00\x00', 0xfdef, 0x8080, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
r8 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffff0600ff"], 0x0)
syz_usb_control_io$cdc_ecm(r8, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r8, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
r9 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip6_mr_vif\x00')
read$FUSE(r9, &(0x7f0000000240)={0x2020}, 0x2020)
r10 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x141, 0x30, 0xf5, 0x69, 0x20, 0x5ac, 0x219, 0xf072, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x55, 0x7, 0x1, 0x3, 0x49, 0x2, 0x0, [], [{{0x9, 0x5, 0x82, 0x3, 0x400, 0x0, 0x33, 0x81}}]}}]}}]}}, 0x0)
syz_usb_control_io(r10, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect$uac1(0x2, 0xa0, &(0x7f0000000640)=ANY=[@ANYBLOB="12010003000000106b1d010140000102030109028e00030156c0020904000000010100000a24010101bb9d783a1c0363434ea086b12402010211240601040507000a0008000300020005052405060f0d2406020503020002000a00040c24020203020250800009010904010000010200000904010101010200000905010920009301050725010003480f0904020000010200000904020101010200000905820920000d020407250126080300"], 0x0)
syz_usb_ep_write$ath9k_ep1(r10, 0x82, 0x40, &(0x7f0000000040)=ANY=[])
syz_usb_control_io$cdc_ncm(r10, 0x0, 0x0)

5.842626202s ago: executing program 4 (id=524):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x2)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000640)=0x10)
ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000080)=0x4)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000480)={{0xfffc, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2})
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0xed)
ioctl$UI_DEV_CREATE(r3, 0x5501)
close_range(r2, 0xffffffffffffffff, 0x0)

5.646506005s ago: executing program 2 (id=525):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r2 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r3=>0x0})
sendto$packet(r1, 0x0, 0x0, 0x40008c1, &(0x7f00000000c0)={0x11, 0x0, r3, 0x1, 0x62, 0x6, @broadcast}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x73, 0xfffff034}, {0x50, 0x0, 0x5, 0xffffffff}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000003e01feffffff00000000017c00000000a2025357c917a6abf39d93f4cfa4ee22a7d01d208efd831048e477c77df68fdc0bd0f4cd95b59491396d74052118d810742b37eb2be0170008b84d140325356fd0c9ba08b268492691f0510a48051517517771bd58353fe6dbe19b10a001424692dedec094d00936d4e1bc2c708af8eeb19b1a27006cea23b08eca7d6cf72a7a"], 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r6)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="01002dbd7000fedbdf252c000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800)
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f00000002c0)={0xffff, {{0x2, 0x4e22, @multicast1}}, 0x0, 0x1, [{{0x2, 0x4e24, @loopback}}]}, 0x110)
r8 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r9 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r9, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r9, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r9, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r9, &(0x7f0000001740)=[{{0x0, 0xfd67, &(0x7f0000001400), 0x1}}], 0x4000210, 0x10002, 0x0) (fail_nth: 35)
recvmmsg$unix(r9, &(0x7f0000004d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000020, 0x0)
pwritev(r9, 0x0, 0x0, 0xe, 0x3c3)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r8, 0x0, 0x0)
openat$cgroup_ro(r10, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', '', [], 0xa, "e9f29b9ddec951ca67445b62fada2ea76900c9663c03c4ccde7daa7414c08d954528f103e4097dececce3720427225def9df5022e2214834645ebf43006dd40b45a43808fd4cb68b7417d73441b0ffa177f8e72e5a3041712dc5384c69a3aaf2fe750d15e73a25053af1"}, 0x6e)
r11 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r11, &(0x7f0000000440), 0x0, 0x48000)
getsockopt$inet_sctp_SCTP_MAX_BURST(r11, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, &(0x7f0000000000)=0x8)

5.372727937s ago: executing program 4 (id=526):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0xb4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x84, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1], 0x0, [0x8, 0x6, 0x3c, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x1}, @TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8, 0xb, 0x1}]}}]}, 0xb4}}, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r1, 0xa05, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20040084)

5.282623638s ago: executing program 4 (id=527):
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$watch_queue(0xffffffffffffffff, &(0x7f0000000140)=""/53, 0x35)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=ANY=[@ANYBLOB="b80000000001050500000000000000000a0000013c00028057fd018014000300fe80000000000000000000000000003814000400000000000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff02000000000000000000000000000114000400fe8000000000000000000000000000aa0800074000000001240006800c000380060001004e21000014004400fe880000000000000000000000000001"], 0xb8}}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
socket(0x200000000000011, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x1000002a, 0x4, 0x0, 0x800, 0x0, 0x10, 0x0, 0x1}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'caif0\x00'})
r3 = socket(0x10, 0x803, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x53, 0xd, 0x9})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H\x00\x00\x00'], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0)

5.28194335s ago: executing program 2 (id=528):
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x200040)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xa}, &(0x7f0000000140)={0x1f, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
getresgid(&(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0))
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
prlimit64(0x0, 0x8, &(0x7f00000001c0), 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r0 = dup(0xffffffffffffffff)
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffd2c)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000680), &(0x7f00000006c0)=0xc)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000002c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x2000c801}, 0x0)
syz_open_dev$video(&(0x7f0000000080), 0xf, 0x8000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x20001, 0x0)
r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VIDIOC_S_PARM(r4, 0xc0cc5616, &(0x7f00000003c0)={0x9, @raw_data="37b025082227b5ed70e82c97a6b379050182ff8ab8dab8611f438123137e93fc956de227b93bd0459eab7576f942b59afcd862204283cdfafa3c1020af790bac871efacd814e7d65259fb02eaa5948b0afe8d9e13752e585699de1463a9ec2245b1749ed9fb86d94aa8ee57844955cf4cfc1a29eb07bc61e476d5a889939310433ba6a9889b4f31d8a56077402b640e2487afaf24e8ef6e98b2dcd9f08f36bee35d6f49d73ec396be43b79aefccacd2491ea16791c45fe5e43f9ffd599982e25a53a9310c38ea2a2"})
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$VIDIOC_CROPCAP(r5, 0xc02c563a, &(0x7f0000000040)={0xa, {0x4, 0x2003, 0x1, 0x401}, {0x0, 0x400002, 0x4, 0x1000}, {0xa47, 0x5}})
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000040)=0x4, 0x4)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs2/binder0\x00', 0x2, 0x0)
r7 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r7, 0x4008af83, &(0x7f0000000400)={0x1d})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x6, 0x5000, 0x1000, &(0x7f0000008000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)

5.078377376s ago: executing program 2 (id=530):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
close(r4)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000240)={'filter\x00', 0x4}, 0x68)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0x2, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x8], [0x88000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r5, &(0x7f00000000c0)={0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="0000f50000000341e9"], 0x0}, 0x0)
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000001340)={0x1018, 0x14, 0x800, 0x70bd25, 0x25dfdbfc, {0x29, 0x75}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "4d139d2942ec7a7cb1be64ba7123a44baa6476b1e77f14ddca6bc9bc6f4ddad60f4c054c3b5175499c4b7318033b85aa34557bf0edaa44787c6db92d48fa29f3fc70fca1f575914ecbcdce46c71200a7df3ab8c1197ac3dab21e62cfaa85ae1421d3d507a43a52704a0d95f02e8d61bce9d8c144a55dcc6f6936cfb4f37343b7031ccb7b42469ebdc2e8a8df87312fd3129aad5dcdd5230af579464112e3e36c092002f449a61ba7f8fec47f44ae3e34307e8383953f38703694e15a44f948eca1a42ad9cb82ba92a98f88cea8c4ae29e7d25154d80227bf2040a54f3dbffca0fc90933f560da033bd473a3c04c007b708723f173b188e083d49439977421f5db3ed9395624cf6b839a0faacd53c00e8fcd5d5c6b00fb70969a53c52ed16fd2961120331d5c0c1535f4d8620af09f270d15b91ddcc62cc1240ee2b5434d2ab7d9d340a2edd59cea1bf3fd816aec901f7452d6ab35caadb8132f68221acdbfc31c408b3af4f99d388aa43301fe07ad3dcd41c65434bc82ef74c6cd4f5be227c6d868e0b3bb565a7fed516974c91881afa310052b1e16f849c9c5c58afac9e3ca4f9620697a8513bdcc687a5bdfd3235d3c109641aeba8595ac29f2f71c2c65a8a8507900c4068e5ba20846352317fbe1f4ad899e1a863018b29d4e835d013b3605458a1d1e4ebe22503d7ad4984745ae44f0bbb84894a3291fc44019285b5535bb632868c8589c2734cb9f02abd66b09489b2d75bb6c81bf8d30e9287d0fed5abe3dc3724fccf806451d606ebe033e9ae9a010f8c764d4bf8042315c5b1a1841144eb978983ff31bc200ae87429f2cedc568ab35c076679bc6e8c43c1f2b3184f0ae256aca0d7268d3f96b0f4445027a7963bb99b2e63769df374ff9f6cba50e228da69a094c012ca43c084d73044ccb1c2017ff9e5f9dd236b8f43df47ba7b176a2ea2482673be50696aa31fc2ad461bdfb1241f126c2bedfb28565043ac4757a6971009543e18a368578f5eff23824363474c366a0dd84ff1f03957c67536c13b1654db274620c474d1b4706700e7c6fb02b56ea608f6d79e4919bf2c68e164055100052ba5f12b90c0c44640c3e984d939b61bccbefaf9072d14352406525139b48ca2de705ac4885bdd3a4c7e27bc7e35301027248fa0a5f72543abdcd3e53e2e406699168108403f5f1a85b8598c848302d3a212076e0563a360b7485081cae92016a9fd1eb25c683918fef29c1524e0a907bc57e090327ce99e0b417a88ba996c8f5cf0b7d6ea7a94afa95e2a223ebab7360361d352b96e15b9aadbc26ae6cc2f5d52b49b9d6243a5f2a949b2c144d5e1fff202f4f046eb8b4ffbbfdf0a24936073b8e5f5d6302b4837ca17881c740bda5bd1823564103c4c4e807c9108d16e82019b110bad65883ccadfe06f68c28ec7354babe2bc20cc81600ea3a4e028019a5ec0e1e5bc5f440717f2623ba26d696cecad8400b3cabf31870d9a4e6f8b6a46f684b1781b7e6b7f46b4e2259d2ad2953406e0fc83997191ad4effde7c141f0715fc094a92785340a9b805c122f1fab3cab1cca87d4d42d1e4cfd9140fbf0a10885d64855328f68d60c667ddd934a245d6dec5f6f1c1eff00917d39e80f15c05a5d63dbc32663967c9d1f5f0148ac925e2dca7e9bbf9003f45512d706f0ed5433b35341df35da2e33eab78b818f59a2937c3cc700a29a50597a6c198bda49a8281d719903487f7e0d09f22667546dd2e8fd72f83e94a30cab5f11bf9b1f6ddac6f1ce34d782595147c934d2d530a516768fb7835773ca96884855bf7da9664d6eea80afb4b27c3ec430e54bf84924d20adcaebcfe0e5b5944bc339b9e1397e72c02ac527680b5a1e30aa8fddb1b6d7a0b1035d01690bb7c345bbeba461b37eaebd7b27a470554de1f8ad35c5d97eca8eae1ef2e1e8db92126d12996ac674f1ffde6fa2f7383e118811a8b95ded497526dc46585d8d803c2bb16718b9168ec045244639897f4d9e2a3d873e901db5226c2cca65de61298c7d12a6a5da2f43ca30bff95daf29fa581ac5feaabaf4f210a9e54e3ca3235600029a87fcfa830215b0d334e27fcd7263be038a42d6bd9d4da13ed8b7aac2b07095ec1219ab200fb26c8a808e056e63dfe073131c3e376bae13afd0f03607e73a4ebe5855b813203aafba1c961597bbe29b11cd371c3caf7864c9f09dfb4137b313e803ed5fe317f3c0d993c0c2ff0b2eed5f624c552ded13da4442602a38a557a89fac3b98af2039d93cc20f0a66f14882a3252b5366ef7bb3f9685de4c53dd6aeef9c5216eeda19294e8f03af402de3a905cf4d3bd72fe0ddad626f56c2f86f9895acf728e9588f6bab8ebe73dbf9ff82df948db5e3e924f44b0443bd22f0de4c783d66bba53dbc37693614f756b56a35351867c7cb2af695e18ba2dbfc6bcc3dea9f12b979fe02980749d38fcb19e461c90264d62e2548eb8e982ad440bc636dd5d629c2c819a2f2777b94e911fc183a67e1022e36ea35954932694afe6ea32531a0838b4c0dafe948e4eee393a9ca78fa37116eadad4a7172878ca13f3dc07a41d266f4c0d731f93be280d182391783b20b6a63a6c14682970816a90c30d6e3de7b5bfe4c0b9a82f7288fd94fcdb9d43becda8fa30188a1d4b4f887470f5acd07fe1d05eacbc66a5c0363a90c892919bc445bd6a83bfbc6f33a5fe495f6c22e6d3e892f7556a2a108728ad8621c16a0432589a9dfc1f9406f088f287f92bc443eca38ee696197e17073a9b31270d1d7faae023f3a6fcb6a555b18fdd3e9c7d748ce822d3cbd2ad4048483da190ef4dee6a3fd0002ee25dede5fa7610f084496c8e1bb7b64ee6a6c32c822a921dfe6a1f414664678ea86cfbddd59f6139d792be00cbb3271001af48fa7e1934557896923db5a787d5db794388587113a94ac64fff7319470c25e1da654065914a3fcc30584a923920d7970d2f28d4382f3ce0495ccb68a73582ed003260d840ceb104af6fbba9369fa1e4a53e75f97c08a1c772d90a5edb0ddb042be6bca8f4229ab6b9a3f1a59b5622f8f5af9fea5e1bf9c111daaa43eee9bfcd459b4fc5ff0c3e32291b994b61d8931e7e3689dc27dbac5b54d7fbe39c9189a35037f13f61ac7155f69691e9edee4159149cd586ef1e81ec1734cc4f11a53981afa590b582ab792cca7950a5a5d1c9bd73774db46d389a6898addcbe6599259d06d9dd2825a0f8b242a55969e6488e3b6717585459a002b5fde5bd00b833421ef06d1d4b0ab7dd3ae4447d3875c6796fc803182deff129574083695d47780f5bede0c14532a1ef5756764cd5fbab8aeecb6d02947167710d2992e46713d3500f1ec67dc9f3f9a2d35e598fbec75a8ee77036c710cf3b01041eb7a8606a119e4672e42caf3408a0217ae3efe529bfb4f22ca4a0c09cd02a4ec3e0034db30e65c6a72dbcb81def9424f1c870e4aff341e93dc6f5d098fc7a6c29eecb7e0c1b80b280f7342ed8f368e00a2270e613a51ba6fe9fb065a0674941c5d876e0869a44e7294ad7764f81a02da06ce236d2d16198c55593da04fede5000b30c57fb1ffbea34ac14c3d62e929eaaf1386aba752d3c9d8fcc551151753c9ef63440000fb6a532a1a2997b56bd8260de09b0a7b4f9f764b1ecfa79a73551b7cc6741045873c9a80030b9cedf3f07b17053798c29c5fd41d856d245b6fb5be5622df314e2524e1b4d87a4a27fd1805e70075be5bc304bdce455df03cb9c50d41a0ca6ced909c7d1ee500b6647d19341d46f3046458ad1cedb6530587edef020edfd26f15f919f577d0a420adcac5a971e724c6e8aa562e5dff1f4d75adfdd81cd31281a32d0521baeaf46af5a0119dbd588021dbe0025f0f6f0a0277acadbb914715bf3eea9478dbb48b4884b1df2f5c78e0236b9933a96b93535823942c1f85ab0d120929ea734052b92e64320f77b9a0e7e208e2e7a10ce784c9f7289f77696d4c50c34287d749ebf2df192a76bd320e0122e5158db42182891a7fd32c4b72d2d2b55e146a9ad05776fa5e2d40fcb18621d22de05e740f5b4ade25937d7a59e3ec902a1c6dcc71f008c834e694df14edc144ba31db95563a1d144b535cf660b70cf8f37db30a8fa2f6096d10670a55152827d4838c1caea1c3ffc8f9f1216bb21a6a8559168c28020a7e237d625666db3f8c27c4e6cfc5a018bb98bd9c5fd8b85961fbe99b43963a9e5fe7a2e2e27017c0872991a5088e2bf7e81a06e1fc18445f213abf4831a1da624b8d7ac35cf9909ab0ba8d0c5ec3e7be594b289e1e309054110ac703a5853715325266e449a693f50d4627bdc7e39e5c48f50bf4ad647181a99a140af7154ed414ff8528429e77ce86a17db271d34f46f854ae47d444a1176bc73488216199e6813581ae331a9640ffcb78a1c0f40ef7c5e7442d4c2d7606d2d2eb83a8355b98adc84f7d2c8ddf8f94e2fee546c937421ddf87b0834258edc140258506b080d1d28023796ad7fbc2884893f4ff285f4a907dc22ce4d0ca256daf111e0d20ba3db0f2b9740927a24adc06e42e3412962765edd93bb979460d8db14ca59ba740eb3fb8b1c283604d77b42500a66989f42adb18adb024833b83ae18c60fc4ed8fe25b65333bff430b49c37ae8db35e8f5dfe9387c7cd23cccffb0aad383842f68086b2310d20f0554573dbb61f661a5a5848adf4f3e001db815993a4c4977b2d80852e807a9b205e4935c8a9c741a6620504cc0ad41ba8ab4370d7136f68d255e98caaa34dda34d25c58204fadef4b5b5f20a1662a033de27a84929b6ebe112ad3c5cf8f7bbe7ec14580fb5b98c8f90b92590d568c6e699da2f52d66ad52f31bb175b475645e392447bd3d7cdd9a7883a9b50a6ad6feb3caab1209cb22dc4569f59a9bebdbfdd6bf29c524d0d852d686b9963446f33ceed133275f873b0a0241a5e5b4c82b950a63a8bc8bf8de2fcd5c555369214a8233b6d466a31d90b360b7ffd98eb7fb70539ab635831a4e3be65b18eab545755a6b15d76ce1d90750438f27303669ad3e3ad7c58277490a249244823a128bf70aac75fb6532657a48c9c44046c2dc132af17dd403e2bdf54d8a3a9c02358ca03c1f66506ce1bd2ce15f5c86bddc6840a3b4a2464f19b7e94b974e3b7e3f348520d34a137d04908a0632bcbe74470fbab47c6d334ef70e67ecf7f6ef53167eda41f596dbdf323c0b0a2de65cd2516feaa655e6861d1d088dba87e78b46b098f2a8a84a9b042075fef3b406fbcd0d154e089827caa7d993d7321d24e6541eeeb09ec5471c46e3dd1b6bb89011862b2c29cc0ad7ca71573deb979d766373ee3fd06fba994fbcbed4594937ca697d55a0b7f801efef58efe25d8349556107a5b186388cf5e19126950b20478a3628164c9617c48fc3a7cb24bc5879a5f5861dda2534c2abb090a73192c4a891087db52eb43d0f73e13db53cdc02d80c61f1c19dde6b5eb9b8b59053aa342678504265794c947cd3f2880b7f708b60bd5b2a45a425647074ad40fc41e02c4227d4edbf4c55858628cdef331406a4608af56c694affbc800dc6d6f3bba5e30a788c1de39109faa04ecc9479098da16c22eb18ed257b834199575d207c615000717435f9fe73378b04a2bb53de553a5f03279d3327287beb12ac6d334851f85ce0faa5e38aad2f600ad807927ca614775ae91edca79a9359bddcf7e7f490eeb35efc17f9428e098402467d399c6ec1ccd18f73e82c9f7bb2ad01f92412bea2fd3efffce381af5ce7a6cb16720ef7e1a6f1207a7f097974f8f7b7133f0"}]}, 0x1018}}, 0x4000000)
syz_usb_control_io$cdc_ecm(r5, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, &(0x7f0000000440)={0x44, &(0x7f00000001c0)={0x40, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.521955649s ago: executing program 3 (id=533):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4, 0x0, 0x1000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x703, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x64, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x38, 0x3, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x28, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe8}}, 0x0)

3.378534498s ago: executing program 3 (id=534):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f0000000380)={{0x3, 0x81}, 'port0\x00', 0x32, 0x60030, 0x3, 0x1ff, 0xfffffff4, 0xfffffffe, 0x8, 0x0, 0x4, 0xf5})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x2, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000389000/0x4000)=nil)
r2 = syz_open_dev$video4linux(&(0x7f0000000c80), 0x7, 0xc82)
ioctl$VIDIOC_SUBDEV_G_FMT(r2, 0xc0585604, &(0x7f0000000cc0)={0x0, 0x0, {0xfffff982, 0x8, 0x300f, 0x3, 0x7, 0x0, 0x2, 0x1}})
socket(0x2b, 0x80801, 0x1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000580)=ANY=[@ANYRES8, @ANYRESOCT=r2, @ANYBLOB="43ea1e5826391df797f84a34408f01bbee64c7385f200ce050dbe941e73d360331b04fb4f1826055b0c775d8cce469018a65bff79162ef7a3a0cef0af53a96fa7a97eb116c6a5c25d15a660f0b15fa351f988db114cb3a8ba5b78c342ac7fd63884ea62914284397f7e633c36e021646df2d4ad0c7615ea25a7062f32076e4a763409a1b88d44fc4bb7408286fe0de156d9936e350e9978d38e68409af969dcb91676314991e736ed73dd3b53030b8d28dd88cf347656bc905880696a1b553a05d5298a30b829c1fabe0b7e5737d48", @ANYRESOCT=r0, @ANYRES16, @ANYRESHEX, @ANYRESHEX=r2, @ANYRES16=r3], 0x48)
r4 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r5 = openat$binfmt(0xffffffffffffff9c, r4, 0x42, 0x1ff)
close(r5)
r6 = openat$binfmt(0xffffffffffffff9c, r4, 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000180)={@any, 0x1})
close(r6)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, r4, &(0x7f0000000540)={[&(0x7f0000000080)='\\th\x00\x05\x00\x00\x00\x14Z\xdc/\xb6\n\xc6p\x89\x96;\xb7V\xef\xd9,\x11uZ9T\xbfN=x\xb0n\x97\xb2\x19\x91\x83T\x84\xbf\x8f\x9e#\x80\xaeI\x9d\xd7z\x19\bs\x1eY\x01Y\x9f\xf6\xc0\xa7\x04\xe3\x1c\xd1\xde\xbb\xd4\xc6\xa6\xfc<\x80\xf8o\xf5\xa8\xdcw.ME5\xbb\xab\x98\x93<oNs9\xd9\xca\xea\xb5c\x931d\xa6V\xb0\x02>\xd1~\x80\xd8o:F\xcaA']}, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8b19, &(0x7f0000000140)={'wlan1\x00', @random="0300000000eb"})
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x106}}, 0x20)

3.045026691s ago: executing program 1 (id=535):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_io_uring_setup(0x98b, &(0x7f0000000280)={0x0, 0x15a3, 0x8, 0x1, 0x1003ce}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x68, 0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000020, 0x1, {0x2}})
io_uring_enter(r1, 0x52de, 0xf62e, 0x8, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x80000001, 0x8b03)
ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5387, &(0x7f0000000140))
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="d40000fb1800010000000000000000001c1400edfe030001000000008500e1a7d7da2f11b9848431101e42c61982225a5227aedf9afada0e244a0fa9620aeff71b4b87"], 0xd4}, 0x1, 0x0, 0x0, 0xc040810}, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001a0001ecffff3f000000000081"], 0x14}}, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0])
ioctl$KVM_SET_CPUID(r7, 0x4008ae8a, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000000000000b811ab8f2e73c7fcb1208b95d01516ce524c5a341b22ca39685c87ff69eb897673188d9e3cd19ad06860bd3b502d74d3e98aa52829a1427b8d713a0f99edaf6ce2c7a684b114b3849483ff6e883ef2247dd9762a25ea4d3c1c2e1800ceb4ddbdd1608d650c4ecaff27d2c0f8d323de57b570f282accc2e"])
add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f0000000380)={'fscrypt:', @desc3}, &(0x7f00000003c0)={0x0, "b282dab75cf653267aad4c6ddc92645fd7c387dec4f3945cdfee3e41313e570d3294fad7238e25756bf43cc63f5489fd451ae8727d9960599baee8f7758cb644", 0x10}, 0x48, 0xfffffffffffffffc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r9=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001000000229bd7000fbdbdf2500000000", @ANYRES32=r9, @ANYBLOB="158306000000f20008e3c2ed914daf99"], 0x28}}, 0x0)

2.657426599s ago: executing program 1 (id=536):
chdir(&(0x7f0000000480)='./cgroup\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="08000000024bba6c320000000100000000ffffffffffff"], 0x513300)

2.52266712s ago: executing program 1 (id=537):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0x9eb6, 0x4)
bind$inet6(r0, &(0x7f0000f65000)={0xa, 0x4e20, 0x8001, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffefffbfbbfbe, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty, 0x5eff}, 0x1c)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000080))
syz_usb_connect(0x0, 0x2d, &(0x7f0000000b80)={{0x12, 0x1, 0x0, 0x69, 0xdd, 0x34, 0x40, 0xccd, 0x93, 0x235a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x6c, 0xe0, 0x8d, 0x0, [], [{{0x9, 0x5, 0x2}}]}}]}}]}}, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200)={[&(0x7f0000000040)='^\x00', &(0x7f0000000080)='+\x00', &(0x7f00000000c0)=',!\x00', &(0x7f0000000100)='\x00', &(0x7f0000000140)='](#+}#\xfc\']\x00', &(0x7f0000000180)='(!\x00', &(0x7f00000001c0)='${.\x00']}, &(0x7f0000000340)={[&(0x7f0000000240)='%\x00', &(0x7f0000000280)='@#\x00', &(0x7f00000002c0)='&*)&&\x00', &(0x7f0000000300)='\'}/\x00']})

2.292042209s ago: executing program 3 (id=538):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
r0 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

2.281931526s ago: executing program 4 (id=539):
io_setup(0x8, &(0x7f0000004200))
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/igmp6\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x20048815)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x6, 0x8, 0x0, 0x3}, 0x0)
r2 = socket(0x1d, 0xe597a920e6a7fba5, 0x2000009)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
getsockopt$SO_COOKIE(r2, 0x1, 0x39, &(0x7f0000000140), &(0x7f0000000300)=0x8)
sendmmsg$sock(r2, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="1f", 0x206c}], 0x1}}], 0x206c, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c0000001000370429bd7000fcdbdf2500000000e4bdd55ececc464bcab411c9e10dee8dba2bd96642586f1430b974b5c6e62192268a43db25284f428ffce735447cac19863a4113983e09bb5f0c4591fb977ff053a596fdb1d2c21c28f971b64b", @ANYRES32=0x0, @ANYBLOB="890c0400000000003c0012800b000100697036746e6c00002c00028014000300fc020000000000000000000000000000140002"], 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$can_j1939(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)="f4e78d4837b4c64b7bce30d85066e820619c9624346344714b2b454ea8f4eef1584fbfa34491c5c24c7b75198d6f0f7b69933483ee784106987e85d5f2a77f21d1c0cb9eb183e1a76d856e5ebd44bf761e52cefa49f6232ab391b4625ed815a87d9eed921d95eaf0cfb3eb3a921c34394f5fe05b9effc5", 0x77}, 0x1, 0x0, 0x0, 0x20048000}, 0x810)
socket(0x400000000010, 0x3, 0x0)
r4 = syz_open_dev$radio(&(0x7f00000008c0), 0x1, 0x2)
poll(&(0x7f0000000200), 0x51, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x2, 0x9}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x80ffffd, 0x0, 0x1, 0xa, 0x7f, 0x7}, 0x20)
ioctl$VIDIOC_S_EXT_CTRLS(r4, 0xc0205648, &(0x7f0000000200)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f041, 0x0, '\x00', @value=0x100}})
r5 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x0, 0x12, 0x60a, 0x0, 0x202, 0x2b0, 0x2e8, 0x2e8, 0x2b0, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000000000000617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x3}}, @common=@inet=@socket2={{0x28}, 0x2}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54, 0x0, 0x0, 0x10, 0x0, @void, @value=0x3001}, 0x42)

2.082477052s ago: executing program 3 (id=540):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
getresgid(&(0x7f0000000540), &(0x7f0000000580), &(0x7f00000005c0))
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000100), 0x509000, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f0000000300)=0x3)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
prlimit64(0x0, 0x8, &(0x7f00000001c0), 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000680), &(0x7f00000006c0)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x101001a, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',allow_other,\x00'], 0xfb, 0x0, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r7, &(0x7f0000004100)={0x2020}, 0x2020)
write$vga_arbiter(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="746172676574205043493a5b89d9f46ac070df4e31642e3100"], 0x14)
syz_usb_disconnect(0xffffffffffffffff)
clock_gettime(0x0, &(0x7f0000000300))
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r8, 0x29, 0xb, &(0x7f0000000140)=0x7fc, 0x4)
setsockopt$inet6_tcp_int(r8, 0x6, 0x22, &(0x7f0000000080)=0x1, 0x4)
statx(r7, &(0x7f0000000180)='./file0\x00', 0x800, 0x400, &(0x7f0000000340))

1.296529561s ago: executing program 4 (id=541):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000140), 0x4)
unshare(0x22020400)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x10000a0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000892e79106d042107259c0102030109022200010000000009040000000e010000082402010102000008"], 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe0b5bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10", 0x48}], 0x3}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14)

1.246033582s ago: executing program 1 (id=542):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x4, 0x1d}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000600)=<r3=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r4, &(0x7f0000000140)={'full'}, 0xfffffdef)
syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
set_mempolicy(0x3, &(0x7f00000002c0)=0x1ff, 0x5)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x40, 0x2)
sendmmsg$unix(r8, 0x0, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x0, r0, 0x0, 0x0, 0x0, 0x40002202, 0x1, {0x1}})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.128098578s ago: executing program 2 (id=543):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000280)={@fd={0x66642a85, 0x0, r2}, @flat=@weak_handle={0x77682a85, 0x1, 0x1}, @fda={0x66646185, 0x1, 0x1, 0x18}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = syz_io_uring_setup(0xe71, &(0x7f0000000000)={0x0, 0x76cb, 0x1, 0x3, 0x2f9}, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_register$IORING_UNREGISTER_EVENTFD(r4, 0x5, 0x0, 0x0)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYRESOCT=0x0], 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, 0x0)

747.139162ms ago: executing program 32 (id=488):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@RTM_DELMDB={0x17, 0x55, 0xe611276dffabacad, 0x70bd2c, 0x25dfdbfb, {}, [@MDBA_SET_ENTRY={0x0, 0x1, {0x0, 0x0, 0x1, 0x1, {@ip4=@remote, 0x8edd}}}, @MDBA_SET_ENTRY={0x0, 0x1, {0x0, 0x1, 0x1, 0x1, {@ip4=@rand_addr=0x64010101, 0x105ba}}}, @MDBA_SET_ENTRY={0x0, 0x1, {0x0, 0x0, 0x2, 0x0, {@in6_addr=@loopback, 0x8edd}}}]}, 0x18}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x2, 0x4, 0x101, 0x3ff, 0x80, 0xffffffffffffffff, 0xfffffffc}, 0x50)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x7105, r2}, 0x38)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RANGE_TO_DATA={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, 'Xw'}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'C'}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
setsockopt$SO_J1939_ERRQUEUE(r5, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xc}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
r7 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r7, 0x110, 0x5, 0x0, 0x4)
sendto$inet(r3, &(0x7f0000000080)='\x00\x00', 0xfdef, 0x8080, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
r8 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffff0600ff"], 0x0)
syz_usb_control_io$cdc_ecm(r8, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r8, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
r9 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip6_mr_vif\x00')
read$FUSE(r9, &(0x7f0000000240)={0x2020}, 0x2020)
r10 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x141, 0x30, 0xf5, 0x69, 0x20, 0x5ac, 0x219, 0xf072, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x55, 0x7, 0x1, 0x3, 0x49, 0x2, 0x0, [], [{{0x9, 0x5, 0x82, 0x3, 0x400, 0x0, 0x33, 0x81}}]}}]}}]}}, 0x0)
syz_usb_control_io(r10, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect$uac1(0x2, 0xa0, &(0x7f0000000640)=ANY=[@ANYBLOB="12010003000000106b1d010140000102030109028e00030156c0020904000000010100000a24010101bb9d783a1c0363434ea086b12402010211240601040507000a0008000300020005052405060f0d2406020503020002000a00040c24020203020250800009010904010000010200000904010101010200000905010920009301050725010003480f0904020000010200000904020101010200000905820920000d020407250126080300"], 0x0)
syz_usb_ep_write$ath9k_ep1(r10, 0x82, 0x40, &(0x7f0000000040)=ANY=[])
syz_usb_control_io$cdc_ncm(r10, 0x0, 0x0)

706.478451ms ago: executing program 3 (id=545):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xf, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x130, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

651.124578ms ago: executing program 3 (id=546):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x5})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000000000000200000001000000000000000b000000070000b29ba2"])
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="ac008ac5ab41a2361d3e86d1e0508b10", 0x10, 0x20040045, &(0x7f00000000c0)={0xa, 0x4e21, 0x5ed1, @empty, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000300)='yeah\x00', 0x5)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x80010, r3, 0xfffff000)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000002100010000000000000000000200000000000000000000000a30cad8b96ed2a7436b6c8b895bbed8fc388f106553a335585c81ca2204a40a90b4349c75d05203238535335b310a2f70f43a9f14cbba26d79429c17b89da7e67886c27bf0aeb5d6558a7da06e178752a2309d09a3477849a34cf1a7fac37f38788a4"], 0x1c}}, 0x44044)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x1, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000ff03000000000000ff0f0000612000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x5, 0xca, &(0x7f0000000600)=""/202, 0x41000, 0x65, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x30}, 0x94)
syz_usb_connect$uac1(0x6, 0x71, &(0x7f0000000540)=ANY=[@ANYBLOB="120150aab10c9702000000106b1d7d670f591a8c377d0a010140000102030109025f00030104c7010904000000010100000a240192000d020102220401000001020000090401010101020000090501090800030209071601800800040904000009040201010102efff08058209200006000000000000000000000006685068f4ad360a3fd7943e949fcadb0236750673209b14eebe03c23f01a54d3b08e869c527eae1aba6f305388ed684bb2ea79e5087526949fc5bf71e3c63e59993bad95dc386184e0520cc50e1e2e6a0e8d8ee956769b1b39f6eb6e71dc9105714ebb5911d2feebfd5f001cef9f4643e15ba024c6e4a3c9f901147c589f2e5fa52bc7f42364ed94cae687582a0fe2eb711b1cb07b10f10f001314a7e03cae7d797b7dae80611eae781e5e492d50e8ef3b01677b6d68997a26449dfd46013d8cd53c779e51e4b7b7495903f89024e9210a2fef15958adcabda154366c0f31365ca33c82a189e430fcb4b908e619796a66b4733b5c99b57c1ee8c7e81775dc849e1fe024f64df06918d5c2fd4e5c"], 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
syz_clone(0x800000, 0x0, 0x0, &(0x7f0000000080), &(0x7f0000000380), &(0x7f00000003c0)="3230257fba12322ed5573507928e6f91d7a7b7142217cd771c90e685d7cdbcb9cdc61c3e02315a3616788e8e7b759d11d93a02c816bee155a648ccb0a063cd7c7fddb8c5")

559.319878ms ago: executing program 2 (id=547):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000001040)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000001080)={0x1d, r2}, 0x10)
write$UHID_INPUT(r1, &(0x7f0000000000)={0xf, {"a2e3ad21e08eeb661b5e060987f70e06d038e7ff7fc6e5539b0d650e8b089b3f363b68090890e0878f0e1ac6e7049b3b47959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07440936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)

354.938598ms ago: executing program 2 (id=548):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x2, 0x111e81)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x3, 0x0}, @multicast1}, {0xa001, 0x880b, 0x8}}}}}, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x34196e7b363f4e97, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x2, &(0x7f00000000c0)=[{0x20, 0x0, 0xff, 0xfffff01c}, {0x6}]}, 0x10)
r3 = syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r3, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x1b}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8880}, 0x4)
syz_extract_tcp_res$synack(&(0x7f0000000140), 0x1, 0x0)
ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f0000000380)={{{0xf}}, 0x0, 0x6, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000380)=@ethtool_dump={0x3f, 0x800, 0x1000}})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)

304.215791ms ago: executing program 1 (id=549):
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip6_mr_vif\x00')
pread64(r0, &(0x7f000001a240)=""/102387, 0x18ff3, 0x100008)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @log={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOG_GROUP={0x6, 0x1, 0x1, 0x0, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newlink={0x54, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c9}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @sit={{0x8}, {0x28, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast2}, @IFLA_IPTUN_6RD_PREFIX={0x14, 0xb, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8, 0xc, 0xee}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4008000}, 0x4008040)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0)

174.957417ms ago: executing program 1 (id=550):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000400), 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$SOUND_MIXER_READ_STEREODEVS(0xffffffffffffffff, 0x80044dfb, &(0x7f0000000100))
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000140)=@gcm_256={{0x303}, "b95a1bb6f54ea34e", "4d71daa186888fc6e374943629b936cef51ca13ebb3a9bc9793d6eb58c6f5fe1", "069ea282", "27cc9aa51273fcd7"}, 0x38)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x9, 0x8, 0x0, 0x3}, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r3 = io_uring_setup(0x2ef1, &(0x7f0000000000)={0x0, 0x5712, 0x10000, 0x0, 0x1})
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYRES8=0x0], 0x3c}, 0x1, 0x0, 0x0, 0x4000004}, 0x8031)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x80, &(0x7f0000000140), 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f00000002c0)={0x79, 0x0, 0x100000})
close_range(r3, r4, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000080)=0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0x12, &(0x7f0000000080)=0x800, 0x4)
r9 = socket$netlink(0x10, 0x3, 0x4)
write(r9, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001d40)=ANY=[@ANYBLOB="101300002d00090036bd70000100000004000000cb011180c708605d8a0c9549f671af21be3edd7313f3b3cefa172a8aae2f295cc72b60b26946113d23"], 0x1310}, 0x1, 0x0, 0x0, 0x20000004}, 0x84)

0s ago: executing program 4 (id=551):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$kcm(0x29, 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r7, 0x4)
sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xc, 0x0, 0xfffffffffffffffe, 0x0, 0xffdfffff}, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x1e, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000540)=[{0x0}, {0x0}], 0x2)
r8 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x183822, 0x0)
r9 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x100, 0x0, 0x333}, &(0x7f0000000000)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r8, 0x0, &(0x7f0000000100)=[{0x0}, {0x0}], 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r9, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=@acquire={0x16c, 0x17, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @in=@multicast2, {@in6=@private2, @in6=@local}, {{@in=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, {}, {}, 0x4, 0x6e6bb8}, 0xfffffffe}, [@tmpl={0x44, 0x8, [{{@in6=@loopback}, 0x0, @in=@loopback}]}]}, 0x16c}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000100)}], 0x1}, 0x8000)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{0x0}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_u8={{0x11, 0x29, 0x3b}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x38}, 0x0)

kernel console output (not intermixed with test programs):

[ T7638]  device_add+0x475/0xb50
[  139.216884][ T7638]  wiphy_register+0x1ba6/0x28d0
[  139.216906][ T7638]  ? trace_irq_disable+0x37/0x110
[  139.216933][ T7638]  ? __pfx_wiphy_register+0x10/0x10
[  139.216959][ T7638]  ? ieee80211_register_hw+0x325a/0x4080
[  139.216981][ T7638]  ieee80211_register_hw+0x3425/0x4080
[  139.217005][ T7638]  ? ieee80211_register_hw+0x14a1/0x4080
[  139.217025][ T7638]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  139.217044][ T7638]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  139.217069][ T7638]  ? __hrtimer_setup+0x187/0x210
[  139.217085][ T7638]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  139.217109][ T7638]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  139.217140][ T7638]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  139.217161][ T7638]  ? kstrndup+0xbf/0x160
[  139.217182][ T7638]  hwsim_new_radio_nl+0xea4/0x1b10
[  139.217204][ T7638]  ? __pfx___nla_validate_parse+0x10/0x10
[  139.217233][ T7638]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  139.217258][ T7638]  ? __nla_parse+0x40/0x60
[  139.217283][ T7638]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  139.217307][ T7638]  genl_family_rcv_msg_doit+0x215/0x300
[  139.217328][ T7638]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  139.217352][ T7638]  ? bpf_lsm_capable+0x9/0x20
[  139.217374][ T7638]  ? security_capable+0x7e/0x2e0
[  139.217400][ T7638]  genl_rcv_msg+0x60e/0x790
[  139.217420][ T7638]  ? __pfx_genl_rcv_msg+0x10/0x10
[  139.217438][ T7638]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  139.217463][ T7638]  netlink_rcv_skb+0x208/0x470
[  139.217486][ T7638]  ? __pfx_genl_rcv_msg+0x10/0x10
[  139.217504][ T7638]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  139.217531][ T7638]  ? lock_release+0x4b/0x3e0
[  139.217555][ T7638]  ? down_read+0x1ad/0x2e0
[  139.217569][ T7638]  genl_rcv+0x28/0x40
[  139.217586][ T7638]  netlink_unicast+0x82c/0x9e0
[  139.217609][ T7638]  ? __pfx_netlink_unicast+0x10/0x10
[  139.217631][ T7638]  ? netlink_sendmsg+0x642/0xb30
[  139.217654][ T7638]  ? skb_put+0x11b/0x210
[  139.217670][ T7638]  netlink_sendmsg+0x805/0xb30
[  139.217697][ T7638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.217721][ T7638]  ? aa_sock_msg_perm+0xf1/0x1d0
[  139.217737][ T7638]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  139.217756][ T7638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.217779][ T7638]  __sock_sendmsg+0x219/0x270
[  139.217800][ T7638]  ____sys_sendmsg+0x505/0x830
[  139.217828][ T7638]  ? __pfx_____sys_sendmsg+0x10/0x10
[  139.217849][ T7638]  ? import_iovec+0x74/0xa0
[  139.217869][ T7638]  ___sys_sendmsg+0x21f/0x2a0
[  139.217887][ T7638]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.217907][ T7638]  ? futex_wake+0x4b2/0x560
[  139.217938][ T7638]  ? __fget_files+0x2a/0x420
[  139.217951][ T7638]  ? __fget_files+0x3a0/0x420
[  139.217970][ T7638]  __x64_sys_sendmsg+0x19b/0x260
[  139.217985][ T7638]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  139.218002][ T7638]  ? rcu_is_watching+0x15/0xb0
[  139.218017][ T7638]  ? rcu_is_watching+0x15/0xb0
[  139.218034][ T7638]  do_syscall_64+0xfa/0x3b0
[  139.218051][ T7638]  ? rcu_is_watching+0x15/0xb0
[  139.218062][ T7638]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.218075][ T7638]  ? clear_bhb_loop+0x60/0xb0
[  139.218089][ T7638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.218101][ T7638] RIP: 0033:0x7f3767b8ebe9
[  139.218114][ T7638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.218125][ T7638] RSP: 002b:00007f37689fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.218140][ T7638] RAX: ffffffffffffffda RBX: 00007f3767db6180 RCX: 00007f3767b8ebe9
[  139.218150][ T7638] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  139.218159][ T7638] RBP: 00007f3767c11e19 R08: 0000000000000000 R09: 0000000000000000
[  139.218167][ T7638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.218176][ T7638] R13: 00007f3767db6218 R14: 00007f3767db6180 R15: 00007f3767edfa28
[  139.218190][ T7638]  </TASK>
[  139.274598][ T5983] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  139.275600][    C1] vkms_vblank_simulate: vblank timer overrun
[  139.688202][    C1] vkms_vblank_simulate: vblank timer overrun
[  139.701601][ T7645] pty pty22: ldisc open failed (-12), clearing slot 22
[  139.710857][    T9] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  139.734611][    T9] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  139.783394][ T5983] usb 4-1: Using ep0 maxpacket: 32
[  139.992092][ T5983] usb 4-1: unable to get BOS descriptor or descriptor too short
[  140.003927][ T5983] usb 4-1: config 0 has an invalid interface number: 63 but max is 0
[  140.012019][ T5983] usb 4-1: config 0 has no interface number 0
[  140.024458][    T9] usb 5-1: USB disconnect, device number 26
[  140.052534][ T5983] usb 4-1: config 0 interface 63 has no altsetting 0
[  140.089967][ T5983] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0113, bcdDevice=d5.e8
[  140.107432][ T5983] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.109805][ T7659] capability: warning: `syz.1.401' uses deprecated v2 capabilities in a way that may be insecure
[  140.116767][ T5983] usb 4-1: Product: syz
[  140.233212][ T5983] usb 4-1: Manufacturer: syz
[  140.239858][ T5983] usb 4-1: SerialNumber: syz
[  140.262265][ T7664] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.400'.
[  140.292743][ T7664] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  140.304018][ T7664] CPU: 0 UID: 0 PID: 7664 Comm: syz.4.400 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  140.304042][ T7664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  140.304052][ T7664] Call Trace:
[  140.304058][ T7664]  <TASK>
[  140.304065][ T7664]  dump_stack_lvl+0x189/0x250
[  140.304092][ T7664]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.304113][ T7664]  ? __pfx__printk+0x10/0x10
[  140.304136][ T7664]  ? __rcu_read_unlock+0x84/0xe0
[  140.304158][ T7664]  ? kernfs_path_from_node+0x2f/0x290
[  140.304177][ T7664]  ? kernfs_path_from_node+0x250/0x290
[  140.304194][ T7664]  ? kernfs_path_from_node+0x2f/0x290
[  140.304214][ T7664]  sysfs_warn_dup+0x8e/0xa0
[  140.304231][ T7664]  sysfs_do_create_link_sd+0xc0/0x110
[  140.304250][ T7664]  device_add_class_symlinks+0x1cf/0x240
[  140.304269][ T7664]  device_add+0x475/0xb50
[  140.304287][ T7664]  wiphy_register+0x1ba6/0x28d0
[  140.304315][ T7664]  ? __pfx_wiphy_register+0x10/0x10
[  140.304337][ T7664]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  140.304357][ T7664]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  140.304385][ T7664]  ieee80211_register_hw+0x3425/0x4080
[  140.304409][ T7664]  ? ieee80211_register_hw+0x14a1/0x4080
[  140.304429][ T7664]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  140.304448][ T7664]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  140.304472][ T7664]  ? __hrtimer_setup+0x187/0x210
[  140.304487][ T7664]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  140.304512][ T7664]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  140.304543][ T7664]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  140.304563][ T7664]  ? trace_kmalloc+0x1f/0xd0
[  140.304583][ T7664]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  140.304606][ T7664]  ? kstrndup+0xbf/0x160
[  140.304626][ T7664]  hwsim_new_radio_nl+0xea4/0x1b10
[  140.304648][ T7664]  ? __pfx___nla_validate_parse+0x10/0x10
[  140.304684][ T7664]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  140.304710][ T7664]  ? __nla_parse+0x40/0x60
[  140.304734][ T7664]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  140.304759][ T7664]  genl_family_rcv_msg_doit+0x215/0x300
[  140.304781][ T7664]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  140.304805][ T7664]  ? bpf_lsm_capable+0x9/0x20
[  140.304827][ T7664]  ? security_capable+0x7e/0x2e0
[  140.304852][ T7664]  genl_rcv_msg+0x60e/0x790
[  140.304873][ T7664]  ? __pfx_genl_rcv_msg+0x10/0x10
[  140.304890][ T7664]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  140.304915][ T7664]  netlink_rcv_skb+0x208/0x470
[  140.304939][ T7664]  ? __pfx_genl_rcv_msg+0x10/0x10
[  140.304957][ T7664]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  140.304983][ T7664]  ? lock_release+0x4b/0x3e0
[  140.305008][ T7664]  ? down_read+0x1ad/0x2e0
[  140.305023][ T7664]  genl_rcv+0x28/0x40
[  140.305039][ T7664]  netlink_unicast+0x82c/0x9e0
[  140.305063][ T7664]  ? __pfx_netlink_unicast+0x10/0x10
[  140.305084][ T7664]  ? netlink_sendmsg+0x642/0xb30
[  140.305106][ T7664]  ? skb_put+0x11b/0x210
[  140.305122][ T7664]  netlink_sendmsg+0x805/0xb30
[  140.305149][ T7664]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.305173][ T7664]  ? aa_sock_msg_perm+0xf1/0x1d0
[  140.305189][ T7664]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  140.305207][ T7664]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.305230][ T7664]  __sock_sendmsg+0x219/0x270
[  140.305251][ T7664]  ____sys_sendmsg+0x505/0x830
[  140.305270][ T7664]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.305290][ T7664]  ? import_iovec+0x74/0xa0
[  140.305310][ T7664]  ___sys_sendmsg+0x21f/0x2a0
[  140.305327][ T7664]  ? __pfx____sys_sendmsg+0x10/0x10
[  140.305357][ T7664]  ? futex_wait+0x285/0x360
[  140.305391][ T7664]  ? __fget_files+0x2a/0x420
[  140.305406][ T7664]  ? __fget_files+0x3a0/0x420
[  140.305423][ T7664]  __x64_sys_sendmsg+0x19b/0x260
[  140.305440][ T7664]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  140.305460][ T7664]  ? rcu_is_watching+0x15/0xb0
[  140.305477][ T7664]  ? rcu_is_watching+0x15/0xb0
[  140.305493][ T7664]  do_syscall_64+0xfa/0x3b0
[  140.305511][ T7664]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.305524][ T7664]  ? clear_bhb_loop+0x60/0xb0
[  140.305538][ T7664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.305551][ T7664] RIP: 0033:0x7f5630d8ebe9
[  140.305563][ T7664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.305573][ T7664] RSP: 002b:00007f562eb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.305588][ T7664] RAX: ffffffffffffffda RBX: 00007f5630fb6270 RCX: 00007f5630d8ebe9
[  140.305598][ T7664] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  140.305606][ T7664] RBP: 00007f5630e11e19 R08: 0000000000000000 R09: 0000000000000000
[  140.305614][ T7664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  140.305623][ T7664] R13: 00007f5630fb6308 R14: 00007f5630fb6270 R15: 00007f56310dfa28
[  140.305638][ T7664]  </TASK>
[  140.794219][ T5983] usb 4-1: config 0 descriptor??
[  140.810721][ T7667] netlink: 32 bytes leftover after parsing attributes in process `syz.0.403'.
[  140.833435][   T92] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  141.254318][ T7624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.267755][ T7624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.302054][   T30] audit: type=1326 audit(1755393893.589:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03e58ebe9 code=0x7ffc0000
[  141.343509][   T92] usb 2-1: Using ep0 maxpacket: 32
[  141.349435][ T7671] FAULT_INJECTION: forcing a failure.
[  141.349435][ T7671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.365543][ T7671] CPU: 0 UID: 0 PID: 7671 Comm: syz.0.405 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  141.365566][ T7671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.365577][ T7671] Call Trace:
[  141.365583][ T7671]  <TASK>
[  141.365590][ T7671]  dump_stack_lvl+0x189/0x250
[  141.365612][ T7671]  ? __pfx____ratelimit+0x10/0x10
[  141.365633][ T7671]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.365651][ T7671]  ? __pfx__printk+0x10/0x10
[  141.365673][ T7671]  ? __might_fault+0xb0/0x130
[  141.365696][ T7671]  ? rcu_is_watching+0x15/0xb0
[  141.365714][ T7671]  should_fail_ex+0x414/0x560
[  141.365736][ T7671]  _copy_from_user+0x2d/0xb0
[  141.365754][ T7671]  ___sys_recvmsg+0x12e/0x510
[  141.365774][ T7671]  ? __pfx____sys_recvmsg+0x10/0x10
[  141.365792][ T7671]  ? __fget_files+0x2a/0x420
[  141.365810][ T7671]  ? rcu_is_watching+0x15/0xb0
[  141.365825][ T7671]  ? lock_release+0x4b/0x3e0
[  141.365847][ T7671]  ? __might_fault+0xcc/0x130
[  141.365868][ T7671]  do_recvmmsg+0x307/0x770
[  141.365888][ T7671]  ? __pfx_do_recvmmsg+0x10/0x10
[  141.365909][ T7671]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  141.365938][ T7671]  __x64_sys_recvmmsg+0x190/0x240
[  141.365955][ T7671]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  141.365971][ T7671]  ? rcu_is_watching+0x15/0xb0
[  141.365989][ T7671]  ? rcu_is_watching+0x15/0xb0
[  141.366005][ T7671]  do_syscall_64+0xfa/0x3b0
[  141.366025][ T7671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.366042][ T7671]  ? clear_bhb_loop+0x60/0xb0
[  141.366058][ T7671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.366074][ T7671] RIP: 0033:0x7f3767b8ebe9
[  141.366087][ T7671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.366099][ T7671] RSP: 002b:00007f3768a40038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  141.366113][ T7671] RAX: ffffffffffffffda RBX: 00007f3767db5fa0 RCX: 00007f3767b8ebe9
[  141.366123][ T7671] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 000000000000000a
[  141.366131][ T7671] RBP: 00007f3768a40090 R08: 0000000000000000 R09: 0000000000000000
[  141.366139][ T7671] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  141.366147][ T7671] R13: 00007f3767db6038 R14: 00007f3767db5fa0 R15: 00007f3767edfa28
[  141.366161][ T7671]  </TASK>
[  141.597204][   T30] audit: type=1326 audit(1755393893.589:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03e58ebe9 code=0x7ffc0000
[  141.629431][ T5983] kvaser_usb 4-1:0.63: error -ENODEV: Cannot get usb endpoint(s)
[  141.643524][ T5983] usb 4-1: USB disconnect, device number 17
[  141.688344][   T92] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  141.709630][   T92] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  141.726078][   T92] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  141.762370][   T92] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  141.772059][   T92] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  141.781745][   T92] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  141.795435][   T92] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  141.807669][   T92] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.821292][   T92] usb 2-1: config 0 descriptor??
[  142.216119][ T7685] netlink: 4 bytes leftover after parsing attributes in process `syz.4.408'.
[  142.295900][   T92] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 20 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  142.343661][   T92] usb 2-1: USB disconnect, device number 20
[  142.364819][   T92] usblp0: removed
[  142.682603][ T7700] FAULT_INJECTION: forcing a failure.
[  142.682603][ T7700] name failslab, interval 1, probability 0, space 0, times 0
[  142.696903][ T7700] CPU: 0 UID: 0 PID: 7700 Comm: syz.0.412 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  142.696926][ T7700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  142.696935][ T7700] Call Trace:
[  142.696941][ T7700]  <TASK>
[  142.696948][ T7700]  dump_stack_lvl+0x189/0x250
[  142.696971][ T7700]  ? __pfx____ratelimit+0x10/0x10
[  142.696991][ T7700]  ? __pfx_dump_stack_lvl+0x10/0x10
[  142.697009][ T7700]  ? __pfx__printk+0x10/0x10
[  142.697029][ T7700]  ? fs_reclaim_acquire+0x7d/0x100
[  142.697050][ T7700]  ? rcu_is_watching+0x15/0xb0
[  142.697067][ T7700]  ? __pfx___might_resched+0x10/0x10
[  142.697081][ T7700]  ? lock_acquire+0x5f/0x360
[  142.697103][ T7700]  should_fail_ex+0x414/0x560
[  142.697124][ T7700]  should_failslab+0xa8/0x100
[  142.697146][ T7700]  __kmalloc_noprof+0xcb/0x4f0
[  142.697165][ T7700]  ? nf_tables_newset+0x132b/0x2530
[  142.697181][ T7700]  ? nla_strdup+0x9d/0x140
[  142.697201][ T7700]  ? trace_kmalloc+0x1f/0xd0
[  142.697218][ T7700]  nla_strdup+0x9d/0x140
[  142.697237][ T7700]  ? nft_rhash_estimate+0x3f/0xa0
[  142.697266][ T7700]  nf_tables_newset+0x136a/0x2530
[  142.697286][ T7700]  ? __pfx_nf_tables_newset+0x10/0x10
[  142.697303][ T7700]  ? nfnl_pernet+0x23/0x240
[  142.697319][ T7700]  ? rcu_is_watching+0x15/0xb0
[  142.697336][ T7700]  ? lock_release+0x4b/0x3e0
[  142.697357][ T7700]  ? __nla_parse+0x40/0x60
[  142.697379][ T7700]  nfnetlink_rcv+0x1132/0x2520
[  142.697408][ T7700]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  142.697433][ T7700]  ? ref_tracker_free+0x63a/0x7d0
[  142.697462][ T7700]  ? __netlink_deliver_tap+0x807/0x850
[  142.697481][ T7700]  ? netlink_deliver_tap+0x2e/0x1b0
[  142.697502][ T7700]  ? lock_release+0x4b/0x3e0
[  142.697524][ T7700]  netlink_unicast+0x82c/0x9e0
[  142.697547][ T7700]  ? __pfx_netlink_unicast+0x10/0x10
[  142.697566][ T7700]  ? netlink_sendmsg+0x642/0xb30
[  142.697586][ T7700]  ? skb_put+0x11b/0x210
[  142.697601][ T7700]  netlink_sendmsg+0x805/0xb30
[  142.697625][ T7700]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.697647][ T7700]  ? aa_sock_msg_perm+0xf1/0x1d0
[  142.697662][ T7700]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  142.697679][ T7700]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.697700][ T7700]  __sock_sendmsg+0x219/0x270
[  142.697720][ T7700]  ____sys_sendmsg+0x505/0x830
[  142.697738][ T7700]  ? __pfx_____sys_sendmsg+0x10/0x10
[  142.697757][ T7700]  ? import_iovec+0x74/0xa0
[  142.697775][ T7700]  ___sys_sendmsg+0x21f/0x2a0
[  142.697791][ T7700]  ? __pfx____sys_sendmsg+0x10/0x10
[  142.697819][ T7700]  ? __fget_files+0x2a/0x420
[  142.697832][ T7700]  ? __fget_files+0x3a0/0x420
[  142.697850][ T7700]  __x64_sys_sendmsg+0x19b/0x260
[  142.697866][ T7700]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  142.697884][ T7700]  ? __pfx_ksys_write+0x10/0x10
[  142.697902][ T7700]  ? rcu_is_watching+0x15/0xb0
[  142.697920][ T7700]  ? rcu_is_watching+0x15/0xb0
[  142.697935][ T7700]  do_syscall_64+0xfa/0x3b0
[  142.697957][ T7700]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.697973][ T7700]  ? clear_bhb_loop+0x60/0xb0
[  142.697990][ T7700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.698006][ T7700] RIP: 0033:0x7f3767b8ebe9
[  142.698020][ T7700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.698034][ T7700] RSP: 002b:00007f3768a40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.698051][ T7700] RAX: ffffffffffffffda RBX: 00007f3767db5fa0 RCX: 00007f3767b8ebe9
[  142.698063][ T7700] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  142.698072][ T7700] RBP: 00007f3768a40090 R08: 0000000000000000 R09: 0000000000000000
[  142.698082][ T7700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  142.698092][ T7700] R13: 00007f3767db6038 R14: 00007f3767db5fa0 R15: 00007f3767edfa28
[  142.698110][ T7700]  </TASK>
[  142.893417][   T44] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  143.154916][ T7706] veth1_to_bond: entered allmulticast mode
[  143.183524][   T92] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  143.425381][ T5983] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  143.463420][   T44] usb 3-1: Using ep0 maxpacket: 8
[  143.470233][   T44] usb 3-1: config index 0 descriptor too short (expected 30, got 18)
[  143.480493][   T44] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  143.517057][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.536338][   T44] usb 3-1: Product: syz
[  143.540535][   T44] usb 3-1: Manufacturer: syz
[  143.546871][   T44] usb 3-1: SerialNumber: syz
[  143.552813][   T44] usb 3-1: config 0 descriptor??
[  143.559962][   T44] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  143.568008][   T44] usb 3-1: setting power ON
[  143.572633][   T44] dvb-usb: bulk message failed: -22 (2/0)
[  143.584843][   T44] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  143.800975][ T5983] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  143.839062][ T7695] dvb-usb: bulk message failed: -22 (3/0)
[  143.845587][ T7695] dvb-usb: bulk message failed: -22 (5/0)
[  143.863019][   T44] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  143.905585][ T5983] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  143.921442][ T5983] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  143.922108][   T44] usb 3-1: media controller created
[  143.948788][ T7730] cxusb: i2c wr: len=79 is too big!
[  143.948788][ T7730] 
[  143.957704][ T5983] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  143.971312][ T7705] veth1_to_bond: left allmulticast mode
[  143.999208][ T5983] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  144.014082][ T5983] usb 4-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  144.023432][ T5983] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.063145][ T7728] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.418'.
[  144.084358][ T7728] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  144.097415][ T7728] CPU: 1 UID: 0 PID: 7728 Comm: syz.1.418 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  144.097440][ T7728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.097452][ T7728] Call Trace:
[  144.097459][ T7728]  <TASK>
[  144.097467][ T7728]  dump_stack_lvl+0x189/0x250
[  144.097493][ T7728]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.097513][ T7728]  ? __pfx__printk+0x10/0x10
[  144.097535][ T7728]  ? __rcu_read_unlock+0x84/0xe0
[  144.097556][ T7728]  ? kernfs_path_from_node+0x2f/0x290
[  144.097574][ T7728]  ? kernfs_path_from_node+0x250/0x290
[  144.097588][ T7728]  ? kernfs_path_from_node+0x2f/0x290
[  144.097603][ T7728]  sysfs_warn_dup+0x8e/0xa0
[  144.097617][ T7728]  sysfs_do_create_link_sd+0xc0/0x110
[  144.097632][ T7728]  device_add_class_symlinks+0x1cf/0x240
[  144.097647][ T7728]  device_add+0x475/0xb50
[  144.097663][ T7728]  wiphy_register+0x1ba6/0x28d0
[  144.097686][ T7728]  ? __pfx_wiphy_register+0x10/0x10
[  144.097703][ T7728]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  144.097718][ T7728]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  144.097740][ T7728]  ieee80211_register_hw+0x3425/0x4080
[  144.097754][ T7728]  ? preempt_schedule+0xae/0xc0
[  144.097773][ T7728]  ? ieee80211_register_hw+0x14a1/0x4080
[  144.097788][ T7728]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  144.097802][ T7728]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  144.097819][ T7728]  ? __hrtimer_setup+0x187/0x210
[  144.097830][ T7728]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  144.097849][ T7728]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  144.097873][ T7728]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  144.097887][ T7728]  ? trace_kmalloc+0x1f/0xd0
[  144.097903][ T7728]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  144.097921][ T7728]  ? kstrndup+0xbf/0x160
[  144.097936][ T7728]  hwsim_new_radio_nl+0xea4/0x1b10
[  144.097951][ T7728]  ? __pfx___nla_validate_parse+0x10/0x10
[  144.097973][ T7728]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  144.097991][ T7728]  ? __nla_parse+0x40/0x60
[  144.098008][ T7728]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  144.098025][ T7728]  genl_family_rcv_msg_doit+0x215/0x300
[  144.098042][ T7728]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  144.098066][ T7728]  ? bpf_lsm_capable+0x9/0x20
[  144.098083][ T7728]  ? security_capable+0x7e/0x2e0
[  144.098103][ T7728]  genl_rcv_msg+0x60e/0x790
[  144.098119][ T7728]  ? __pfx_genl_rcv_msg+0x10/0x10
[  144.098133][ T7728]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  144.098152][ T7728]  netlink_rcv_skb+0x208/0x470
[  144.098170][ T7728]  ? __pfx_genl_rcv_msg+0x10/0x10
[  144.098183][ T7728]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  144.098203][ T7728]  ? lock_release+0x4b/0x3e0
[  144.098221][ T7728]  ? down_read+0x1ad/0x2e0
[  144.098232][ T7728]  genl_rcv+0x28/0x40
[  144.098244][ T7728]  netlink_unicast+0x82c/0x9e0
[  144.098261][ T7728]  ? __pfx_netlink_unicast+0x10/0x10
[  144.098276][ T7728]  ? netlink_sendmsg+0x642/0xb30
[  144.098292][ T7728]  ? skb_put+0x11b/0x210
[  144.098304][ T7728]  netlink_sendmsg+0x805/0xb30
[  144.098324][ T7728]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.098341][ T7728]  ? futex_unqueue+0x22/0x240
[  144.098354][ T7728]  ? aa_sock_msg_perm+0xf1/0x1d0
[  144.098366][ T7728]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  144.098379][ T7728]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.098396][ T7728]  __sock_sendmsg+0x219/0x270
[  144.098413][ T7728]  ____sys_sendmsg+0x505/0x830
[  144.098427][ T7728]  ? __pfx_____sys_sendmsg+0x10/0x10
[  144.098441][ T7728]  ? import_iovec+0x74/0xa0
[  144.098455][ T7728]  ___sys_sendmsg+0x21f/0x2a0
[  144.098468][ T7728]  ? __pfx____sys_sendmsg+0x10/0x10
[  144.098479][ T7728]  ? rcu_is_watching+0x15/0xb0
[  144.098493][ T7728]  ? futex_wait+0x285/0x360
[  144.098516][ T7728]  ? __fget_files+0x2a/0x420
[  144.098527][ T7728]  ? __fget_files+0x3a0/0x420
[  144.098540][ T7728]  __x64_sys_sendmsg+0x19b/0x260
[  144.098553][ T7728]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  144.098569][ T7728]  ? rcu_is_watching+0x15/0xb0
[  144.098582][ T7728]  ? rcu_is_watching+0x15/0xb0
[  144.098595][ T7728]  do_syscall_64+0xfa/0x3b0
[  144.098612][ T7728]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.098625][ T7728]  ? clear_bhb_loop+0x60/0xb0
[  144.098638][ T7728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.098651][ T7728] RIP: 0033:0x7eff8918ebe9
[  144.098662][ T7728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.098673][ T7728] RSP: 002b:00007eff8a037038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.098688][ T7728] RAX: ffffffffffffffda RBX: 00007eff893b6270 RCX: 00007eff8918ebe9
[  144.098698][ T7728] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  144.098706][ T7728] RBP: 00007eff89211e19 R08: 0000000000000000 R09: 0000000000000000
[  144.098715][ T7728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  144.098723][ T7728] R13: 00007eff893b6308 R14: 00007eff893b6270 R15: 00007eff894dfa28
[  144.098737][ T7728]  </TASK>
[  144.576249][    C1] vkms_vblank_simulate: vblank timer overrun
[  144.589009][ T5983] usb 4-1: Product: syz
[  144.593211][ T5983] usb 4-1: Manufacturer: syz
[  144.594285][   T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  144.597841][ T5983] usb 4-1: SerialNumber: syz
[  144.626867][ T5983] usb 4-1: config 0 descriptor??
[  144.632987][   T44] usb 3-1: selecting invalid altsetting 6
[  144.639072][   T44] usb 3-1: digital interface selection failed (-22)
[  144.645796][   T44] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  144.657902][   T44] usb 3-1: setting power OFF
[  144.662964][   T44] dvb-usb: bulk message failed: -22 (2/0)
[  144.668688][   T44] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  144.677959][   T44] (NULL device *): no alternate interface
[  144.819389][ T7735] trusted_key: encrypted_key: insufficient parameters specified
[  144.843961][ T5983] rc_core: IR keymap rc-imon-rsc not found
[  144.851331][ T5983] Registered IR keymap rc-empty
[  144.857404][ T5983] rc rc0: iMON Station as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  144.871942][ T5983] input: iMON Station as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input11
[  145.069923][ T5983] imon_raw 4-1:0.0: probe with driver imon_raw failed with error -90
[  145.115808][ T5983] usb 4-1: USB disconnect, device number 18
[  145.153813][ T7745] FAULT_INJECTION: forcing a failure.
[  145.153813][ T7745] name failslab, interval 1, probability 0, space 0, times 0
[  145.168262][ T7745] CPU: 1 UID: 0 PID: 7745 Comm: syz.0.425 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  145.168286][ T7745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  145.168296][ T7745] Call Trace:
[  145.168303][ T7745]  <TASK>
[  145.168309][ T7745]  dump_stack_lvl+0x189/0x250
[  145.168331][ T7745]  ? __pfx____ratelimit+0x10/0x10
[  145.168352][ T7745]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.168371][ T7745]  ? __pfx__printk+0x10/0x10
[  145.168392][ T7745]  ? fs_reclaim_acquire+0x7d/0x100
[  145.168415][ T7745]  ? __pfx___might_resched+0x10/0x10
[  145.168429][ T7745]  ? lock_acquire+0x5f/0x360
[  145.168448][ T7745]  should_fail_ex+0x414/0x560
[  145.168468][ T7745]  ? rhashtable_init_noprof+0x4ee/0xbb0
[  145.168483][ T7745]  should_failslab+0xa8/0x100
[  145.168504][ T7745]  __kvmalloc_node_noprof+0x161/0x5f0
[  145.168525][ T7745]  ? rhashtable_init_noprof+0x4ee/0xbb0
[  145.168542][ T7745]  rhashtable_init_noprof+0x4ee/0xbb0
[  145.168560][ T7745]  nft_rhash_init+0x10b/0x3a0
[  145.168583][ T7745]  ? __pfx_nft_rhash_init+0x10/0x10
[  145.168604][ T7745]  ? __pfx_nft_rhash_key+0x10/0x10
[  145.168625][ T7745]  ? __pfx_nft_rhash_obj+0x10/0x10
[  145.168646][ T7745]  ? __pfx_nft_rhash_cmp+0x10/0x10
[  145.168668][ T7745]  ? nf_tables_newset+0x1396/0x2530
[  145.168685][ T7745]  ? kfree+0x18e/0x440
[  145.168705][ T7745]  nf_tables_newset+0x1c04/0x2530
[  145.168726][ T7745]  ? __pfx_nf_tables_newset+0x10/0x10
[  145.168745][ T7745]  ? nfnl_pernet+0x23/0x240
[  145.168762][ T7745]  ? rcu_is_watching+0x15/0xb0
[  145.168781][ T7745]  ? lock_release+0x4b/0x3e0
[  145.168804][ T7745]  ? __nla_parse+0x40/0x60
[  145.168827][ T7745]  nfnetlink_rcv+0x1132/0x2520
[  145.168857][ T7745]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  145.168892][ T7745]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  145.168913][ T7745]  ? netlink_deliver_tap+0x2e/0x1b0
[  145.168936][ T7745]  ? lock_release+0x4b/0x3e0
[  145.168971][ T7745]  netlink_unicast+0x82c/0x9e0
[  145.168992][ T7745]  ? __pfx_netlink_unicast+0x10/0x10
[  145.169011][ T7745]  ? netlink_sendmsg+0x642/0xb30
[  145.169032][ T7745]  ? skb_put+0x11b/0x210
[  145.169048][ T7745]  netlink_sendmsg+0x805/0xb30
[  145.169074][ T7745]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.169095][ T7745]  ? aa_sock_msg_perm+0xf1/0x1d0
[  145.169111][ T7745]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  145.169127][ T7745]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.169148][ T7745]  __sock_sendmsg+0x219/0x270
[  145.169169][ T7745]  ____sys_sendmsg+0x505/0x830
[  145.169187][ T7745]  ? __pfx_____sys_sendmsg+0x10/0x10
[  145.169205][ T7745]  ? import_iovec+0x74/0xa0
[  145.169227][ T7745]  ___sys_sendmsg+0x21f/0x2a0
[  145.169244][ T7745]  ? __pfx____sys_sendmsg+0x10/0x10
[  145.169270][ T7745]  ? __fget_files+0x2a/0x420
[  145.169284][ T7745]  ? __fget_files+0x3a0/0x420
[  145.169302][ T7745]  __x64_sys_sendmsg+0x19b/0x260
[  145.169318][ T7745]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  145.169337][ T7745]  ? __pfx_ksys_write+0x10/0x10
[  145.169354][ T7745]  ? rcu_is_watching+0x15/0xb0
[  145.169370][ T7745]  ? rcu_is_watching+0x15/0xb0
[  145.169385][ T7745]  do_syscall_64+0xfa/0x3b0
[  145.169405][ T7745]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.169419][ T7745]  ? clear_bhb_loop+0x60/0xb0
[  145.169435][ T7745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.169449][ T7745] RIP: 0033:0x7f3767b8ebe9
[  145.169462][ T7745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.169475][ T7745] RSP: 002b:00007f3768a40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.169493][ T7745] RAX: ffffffffffffffda RBX: 00007f3767db5fa0 RCX: 00007f3767b8ebe9
[  145.169505][ T7745] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  145.169515][ T7745] RBP: 00007f3768a40090 R08: 0000000000000000 R09: 0000000000000000
[  145.169567][ T7745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  145.169577][ T7745] R13: 00007f3767db6038 R14: 00007f3767db5fa0 R15: 00007f3767edfa28
[  145.169594][ T7745]  </TASK>
[  145.558196][    C1] vkms_vblank_simulate: vblank timer overrun
[  145.606696][ T7750] netlink: 'syz.4.426': attribute type 12 has an invalid length.
[  145.622080][ T7752] netlink: 60 bytes leftover after parsing attributes in process `syz.1.421'.
[  145.634524][ T7754] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.660012][ T7750] netlink: 'syz.4.426': attribute type 29 has an invalid length.
[  145.672100][ T7754] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.682822][ T7750] netlink: 148 bytes leftover after parsing attributes in process `syz.4.426'.
[  145.707760][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  145.707774][   T30] audit: type=1326 audit(1755393897.989:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  145.754220][ T7759] vivid-002: disconnect
[  145.832644][   T30] audit: type=1326 audit(1755393897.989:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  145.903247][ T7737] vivid-002: reconnect
[  145.943516][   T30] audit: type=1326 audit(1755393897.989:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  145.965661][    C1] vkms_vblank_simulate: vblank timer overrun
[  145.971755][   T30] audit: type=1326 audit(1755393897.989:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  146.001847][   T30] audit: type=1326 audit(1755393897.989:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  146.032190][   T30] audit: type=1326 audit(1755393897.989:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  146.099253][   T30] audit: type=1326 audit(1755393897.989:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  146.146831][   T30] audit: type=1326 audit(1755393897.989:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  146.265948][   T30] audit: type=1326 audit(1755393897.989:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  146.299183][   T92] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  146.324122][ T5983] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  146.341270][ T7772] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.432'.
[  146.354354][ T7772] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  146.386828][ T7772] CPU: 1 UID: 0 PID: 7772 Comm: syz.3.432 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  146.386852][ T7772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  146.386863][ T7772] Call Trace:
[  146.386869][ T7772]  <TASK>
[  146.386877][ T7772]  dump_stack_lvl+0x189/0x250
[  146.386903][ T7772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.386923][ T7772]  ? __pfx__printk+0x10/0x10
[  146.386950][ T7772]  ? kernfs_root+0x1c/0x230
[  146.386971][ T7772]  ? kernfs_path_from_node+0x2f/0x290
[  146.386989][ T7772]  ? kernfs_path_from_node+0x250/0x290
[  146.387008][ T7772]  ? kernfs_path_from_node+0x2f/0x290
[  146.387027][ T7772]  sysfs_warn_dup+0x8e/0xa0
[  146.387043][ T7772]  sysfs_do_create_link_sd+0xc0/0x110
[  146.387062][ T7772]  device_add_class_symlinks+0x1cf/0x240
[  146.387081][ T7772]  device_add+0x475/0xb50
[  146.387099][ T7772]  wiphy_register+0x1ba6/0x28d0
[  146.387127][ T7772]  ? __pfx_wiphy_register+0x10/0x10
[  146.387148][ T7772]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  146.387168][ T7772]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  146.387195][ T7772]  ieee80211_register_hw+0x3425/0x4080
[  146.387218][ T7772]  ? ieee80211_register_hw+0x14a1/0x4080
[  146.387239][ T7772]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  146.387259][ T7772]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  146.387282][ T7772]  ? __hrtimer_setup+0x187/0x210
[  146.387298][ T7772]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  146.387321][ T7772]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  146.387352][ T7772]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  146.387372][ T7772]  ? trace_kmalloc+0x1f/0xd0
[  146.387392][ T7772]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  146.387415][ T7772]  ? kstrndup+0xbf/0x160
[  146.387435][ T7772]  hwsim_new_radio_nl+0xea4/0x1b10
[  146.387456][ T7772]  ? __pfx___nla_validate_parse+0x10/0x10
[  146.387486][ T7772]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  146.387511][ T7772]  ? __nla_parse+0x40/0x60
[  146.387535][ T7772]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  146.387559][ T7772]  genl_family_rcv_msg_doit+0x215/0x300
[  146.387581][ T7772]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  146.387605][ T7772]  ? bpf_lsm_capable+0x9/0x20
[  146.387626][ T7772]  ? security_capable+0x7e/0x2e0
[  146.387651][ T7772]  genl_rcv_msg+0x60e/0x790
[  146.387672][ T7772]  ? __pfx_genl_rcv_msg+0x10/0x10
[  146.387689][ T7772]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  146.387709][ T7772]  ? __asan_memcpy+0x40/0x70
[  146.387728][ T7772]  ? __pfx_ref_tracker_free+0x10/0x10
[  146.387748][ T7772]  ? __skb_clone+0x63/0x7a0
[  146.387768][ T7772]  netlink_rcv_skb+0x208/0x470
[  146.387791][ T7772]  ? __pfx_genl_rcv_msg+0x10/0x10
[  146.387809][ T7772]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  146.387835][ T7772]  ? lock_release+0x4b/0x3e0
[  146.387860][ T7772]  ? down_read+0x1ad/0x2e0
[  146.387875][ T7772]  genl_rcv+0x28/0x40
[  146.387892][ T7772]  netlink_unicast+0x82c/0x9e0
[  146.387915][ T7772]  ? __pfx_netlink_unicast+0x10/0x10
[  146.387943][ T7772]  ? netlink_sendmsg+0x642/0xb30
[  146.387966][ T7772]  ? skb_put+0x11b/0x210
[  146.387982][ T7772]  netlink_sendmsg+0x805/0xb30
[  146.388009][ T7772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.388033][ T7772]  ? futex_unqueue+0x22/0x240
[  146.388052][ T7772]  ? aa_sock_msg_perm+0xf1/0x1d0
[  146.388069][ T7772]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  146.388087][ T7772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.388110][ T7772]  __sock_sendmsg+0x219/0x270
[  146.388132][ T7772]  ____sys_sendmsg+0x505/0x830
[  146.388151][ T7772]  ? __pfx_____sys_sendmsg+0x10/0x10
[  146.388170][ T7772]  ? import_iovec+0x74/0xa0
[  146.388188][ T7772]  ___sys_sendmsg+0x21f/0x2a0
[  146.388205][ T7772]  ? __pfx____sys_sendmsg+0x10/0x10
[  146.388223][ T7772]  ? futex_wait+0x285/0x360
[  146.388253][ T7772]  ? __fget_files+0x2a/0x420
[  146.388264][ T7772]  ? __fget_files+0x3a0/0x420
[  146.388277][ T7772]  __x64_sys_sendmsg+0x19b/0x260
[  146.388291][ T7772]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  146.388306][ T7772]  ? rcu_is_watching+0x15/0xb0
[  146.388320][ T7772]  ? rcu_is_watching+0x15/0xb0
[  146.388333][ T7772]  do_syscall_64+0xfa/0x3b0
[  146.388350][ T7772]  ? rcu_is_watching+0x15/0xb0
[  146.388361][ T7772]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.388374][ T7772]  ? clear_bhb_loop+0x60/0xb0
[  146.388388][ T7772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.388400][ T7772] RIP: 0033:0x7f386d18ebe9
[  146.388412][ T7772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.388424][ T7772] RSP: 002b:00007f386e029038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.388438][ T7772] RAX: ffffffffffffffda RBX: 00007f386d3b6270 RCX: 00007f386d18ebe9
[  146.388448][ T7772] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  146.388457][ T7772] RBP: 00007f386d211e19 R08: 0000000000000000 R09: 0000000000000000
[  146.388466][ T7772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.388474][ T7772] R13: 00007f386d3b6308 R14: 00007f386d3b6270 R15: 00007f386d4dfa28
[  146.388489][ T7772]  </TASK>
[  146.391814][   T30] audit: type=1326 audit(1755393897.999:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7755 comm="syz.0.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3767b8ebe9 code=0x7ffc0000
[  146.899891][    C1] vkms_vblank_simulate: vblank timer overrun
[  146.963430][ T5983] usb 1-1: device descriptor read/64, error -71
[  147.048793][ T7777] trusted_key: encrypted_key: insufficient parameters specified
[  147.069169][ T7779] FAULT_INJECTION: forcing a failure.
[  147.069169][ T7779] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.107980][ T7779] CPU: 0 UID: 0 PID: 7779 Comm: syz.2.435 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  147.107996][ T7779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  147.108002][ T7779] Call Trace:
[  147.108006][ T7779]  <TASK>
[  147.108010][ T7779]  dump_stack_lvl+0x189/0x250
[  147.108025][ T7779]  ? __pfx____ratelimit+0x10/0x10
[  147.108037][ T7779]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.108047][ T7779]  ? __pfx__printk+0x10/0x10
[  147.108058][ T7779]  ? __might_fault+0xb0/0x130
[  147.108071][ T7779]  ? rcu_is_watching+0x15/0xb0
[  147.108082][ T7779]  should_fail_ex+0x414/0x560
[  147.108095][ T7779]  _copy_from_user+0x2d/0xb0
[  147.108106][ T7779]  ___sys_recvmsg+0x12e/0x510
[  147.108117][ T7779]  ? __pfx____sys_recvmsg+0x10/0x10
[  147.108125][ T7779]  ? __switch_to+0xdae/0x1670
[  147.108139][ T7779]  ? __fget_files+0x2a/0x420
[  147.108150][ T7779]  ? rcu_is_watching+0x15/0xb0
[  147.108158][ T7779]  ? lock_release+0x4b/0x3e0
[  147.108171][ T7779]  ? __might_fault+0xcc/0x130
[  147.108182][ T7779]  do_recvmmsg+0x307/0x770
[  147.108193][ T7779]  ? __pfx_do_recvmmsg+0x10/0x10
[  147.108207][ T7779]  __x64_sys_recvmmsg+0x190/0x240
[  147.108217][ T7779]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  147.108226][ T7779]  ? rcu_is_watching+0x15/0xb0
[  147.108235][ T7779]  ? rcu_is_watching+0x15/0xb0
[  147.108243][ T7779]  do_syscall_64+0xfa/0x3b0
[  147.108256][ T7779]  ? rcu_is_watching+0x15/0xb0
[  147.108264][ T7779]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.108273][ T7779]  ? clear_bhb_loop+0x60/0xb0
[  147.108282][ T7779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.108291][ T7779] RIP: 0033:0x7fa03e58ebe9
[  147.108299][ T7779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.108307][ T7779] RSP: 002b:00007fa03f323038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  147.108319][ T7779] RAX: ffffffffffffffda RBX: 00007fa03e7b5fa0 RCX: 00007fa03e58ebe9
[  147.108325][ T7779] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 000000000000000a
[  147.108332][ T7779] RBP: 00007fa03f323090 R08: 0000000000000000 R09: 0000000000000000
[  147.108337][ T7779] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  147.108343][ T7779] R13: 00007fa03e7b6038 R14: 00007fa03e7b5fa0 R15: 00007fa03e8dfa28
[  147.108352][ T7779]  </TASK>
[  147.343214][   T92] usb 5-1: Using ep0 maxpacket: 32
[  147.362127][   T92] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.372027][   T92] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  147.404447][ T5983] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  147.406016][   T92] usb 5-1: config 0 interface 0 has no altsetting 0
[  147.437064][ T7781] netlink: 'syz.1.436': attribute type 4 has an invalid length.
[  147.581502][   T92] usb 5-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  147.592347][ T7789] FAULT_INJECTION: forcing a failure.
[  147.592347][ T7789] name failslab, interval 1, probability 0, space 0, times 0
[  147.605181][   T92] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.606743][ T7789] CPU: 0 UID: 0 PID: 7789 Comm: syz.1.439 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  147.606765][ T7789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  147.606775][ T7789] Call Trace:
[  147.606781][ T7789]  <TASK>
[  147.606788][ T7789]  dump_stack_lvl+0x189/0x250
[  147.606811][ T7789]  ? __pfx____ratelimit+0x10/0x10
[  147.606832][ T7789]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.606849][ T7789]  ? __pfx__printk+0x10/0x10
[  147.606870][ T7789]  ? __pfx___might_resched+0x10/0x10
[  147.606886][ T7789]  ? lock_acquire+0x5f/0x360
[  147.606908][ T7789]  should_fail_ex+0x414/0x560
[  147.606931][ T7789]  should_failslab+0xa8/0x100
[  147.606954][ T7789]  __kmalloc_cache_noprof+0x70/0x3d0
[  147.606975][ T7789]  ? __nft_trans_set_add+0x5e/0x710
[  147.606995][ T7789]  ? __pfx_nft_rhash_cmp+0x10/0x10
[  147.607019][ T7789]  __nft_trans_set_add+0x5e/0x710
[  147.607038][ T7789]  ? kfree+0x18e/0x440
[  147.607058][ T7789]  nf_tables_newset+0x1d6f/0x2530
[  147.607079][ T7789]  ? __pfx_nf_tables_newset+0x10/0x10
[  147.607098][ T7789]  ? nfnl_pernet+0x23/0x240
[  147.607116][ T7789]  ? rcu_is_watching+0x15/0xb0
[  147.607135][ T7789]  ? lock_release+0x4b/0x3e0
[  147.607156][ T7789]  ? __nla_parse+0x40/0x60
[  147.607180][ T7789]  nfnetlink_rcv+0x1132/0x2520
[  147.607210][ T7789]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  147.607235][ T7789]  ? ref_tracker_free+0x63a/0x7d0
[  147.607265][ T7789]  ? __netlink_deliver_tap+0x807/0x850
[  147.607287][ T7789]  ? netlink_deliver_tap+0x2e/0x1b0
[  147.607309][ T7789]  ? lock_release+0x4b/0x3e0
[  147.607334][ T7789]  netlink_unicast+0x82c/0x9e0
[  147.607356][ T7789]  ? __pfx_netlink_unicast+0x10/0x10
[  147.607376][ T7789]  ? netlink_sendmsg+0x642/0xb30
[  147.607397][ T7789]  ? skb_put+0x11b/0x210
[  147.607413][ T7789]  netlink_sendmsg+0x805/0xb30
[  147.607438][ T7789]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.607461][ T7789]  ? aa_sock_msg_perm+0xf1/0x1d0
[  147.607477][ T7789]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  147.607495][ T7789]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.607517][ T7789]  __sock_sendmsg+0x219/0x270
[  147.607537][ T7789]  ____sys_sendmsg+0x505/0x830
[  147.607555][ T7789]  ? __pfx_____sys_sendmsg+0x10/0x10
[  147.607575][ T7789]  ? import_iovec+0x74/0xa0
[  147.607594][ T7789]  ___sys_sendmsg+0x21f/0x2a0
[  147.607611][ T7789]  ? __pfx____sys_sendmsg+0x10/0x10
[  147.607639][ T7789]  ? __fget_files+0x2a/0x420
[  147.607652][ T7789]  ? __fget_files+0x3a0/0x420
[  147.607671][ T7789]  __x64_sys_sendmsg+0x19b/0x260
[  147.607687][ T7789]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  147.607707][ T7789]  ? __pfx_ksys_write+0x10/0x10
[  147.607747][ T7789]  ? rcu_is_watching+0x15/0xb0
[  147.607764][ T7789]  ? rcu_is_watching+0x15/0xb0
[  147.607781][ T7789]  do_syscall_64+0xfa/0x3b0
[  147.607802][ T7789]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.607818][ T7789]  ? clear_bhb_loop+0x60/0xb0
[  147.607834][ T7789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.607850][ T7789] RIP: 0033:0x7eff8918ebe9
[  147.607864][ T7789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.607878][ T7789] RSP: 002b:00007eff8a09a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.607896][ T7789] RAX: ffffffffffffffda RBX: 00007eff893b5fa0 RCX: 00007eff8918ebe9
[  147.607908][ T7789] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  147.607919][ T7789] RBP: 00007eff8a09a090 R08: 0000000000000000 R09: 0000000000000000
[  147.607928][ T7789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  147.607938][ T7789] R13: 00007eff893b6038 R14: 00007eff893b5fa0 R15: 00007eff894dfa28
[  147.607956][ T7789]  </TASK>
[  147.635458][ T5983] usb 1-1: device descriptor read/64, error -71
[  147.743564][ T5983] usb usb1-port1: attempt power cycle
[  147.784515][   T92] usb 5-1: config 0 descriptor??
[  147.793412][   T10] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  147.955876][ T7794] FAULT_INJECTION: forcing a failure.
[  147.955876][ T7794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.016772][ T7795] netlink: 60 bytes leftover after parsing attributes in process `syz.2.440'.
[  148.029188][ T7795] vivid-004: disconnect
[  148.046903][ T7794] CPU: 1 UID: 0 PID: 7794 Comm: syz.1.441 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  148.046929][ T7794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  148.046939][ T7794] Call Trace:
[  148.046945][ T7794]  <TASK>
[  148.046958][ T7794]  dump_stack_lvl+0x189/0x250
[  148.046981][ T7794]  ? __pfx____ratelimit+0x10/0x10
[  148.047002][ T7794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.047020][ T7794]  ? __pfx__printk+0x10/0x10
[  148.047039][ T7794]  ? __might_fault+0xb0/0x130
[  148.047063][ T7794]  ? rcu_is_watching+0x15/0xb0
[  148.047081][ T7794]  should_fail_ex+0x414/0x560
[  148.047103][ T7794]  _copy_from_iter+0x1db/0x16f0
[  148.047120][ T7794]  ? sock_alloc_send_pskb+0x875/0x990
[  148.047141][ T7794]  ? __pfx__copy_from_iter+0x10/0x10
[  148.047160][ T7794]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  148.047179][ T7794]  skb_copy_datagram_from_iter+0xf5/0x720
[  148.047199][ T7794]  ? dev_get_by_index+0x22/0x2e0
[  148.047217][ T7794]  ? skb_put+0x11b/0x210
[  148.047233][ T7794]  packet_sendmsg+0x3797/0x5080
[  148.047254][ T7794]  ? audit_net_cb+0x40/0x970
[  148.047276][ T7794]  ? __pfx_process_measurement+0x10/0x10
[  148.047294][ T7794]  ? tomoyo_check_open_permission+0x16a/0x3b0
[  148.047316][ T7794]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  148.047340][ T7794]  ? __pfx___might_resched+0x10/0x10
[  148.047360][ T7794]  ? mntput_no_expire+0xb9/0x9d0
[  148.047379][ T7794]  ? rcu_is_watching+0x15/0xb0
[  148.047395][ T7794]  ? __pfx_packet_sendmsg+0x10/0x10
[  148.047412][ T7794]  ? aa_sk_perm+0x81e/0x950
[  148.047434][ T7794]  ? unwind_next_frame+0xa5/0x2390
[  148.047452][ T7794]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  148.047471][ T7794]  ? is_bpf_text_address+0x26/0x2b0
[  148.047492][ T7794]  ? rcu_is_watching+0x15/0xb0
[  148.047507][ T7794]  ? aa_sock_msg_perm+0xf1/0x1d0
[  148.047522][ T7794]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  148.047541][ T7794]  ? __pfx_packet_sendmsg+0x10/0x10
[  148.047558][ T7794]  __sock_sendmsg+0x219/0x270
[  148.047579][ T7794]  ____sys_sendmsg+0x52d/0x830
[  148.047597][ T7794]  ? __pfx_____sys_sendmsg+0x10/0x10
[  148.047613][ T7794]  ? __might_fault+0xb0/0x130
[  148.047636][ T7794]  ? import_iovec+0x74/0xa0
[  148.047655][ T7794]  ___sys_sendmsg+0x21f/0x2a0
[  148.047672][ T7794]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.047691][ T7794]  ? kstrtouint+0x6e/0xe0
[  148.047721][ T7794]  ? __fget_files+0x2a/0x420
[  148.047735][ T7794]  ? __fget_files+0x3a0/0x420
[  148.047752][ T7794]  __sys_sendmmsg+0x227/0x430
[  148.047771][ T7794]  ? __pfx___sys_sendmmsg+0x10/0x10
[  148.047786][ T7794]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  148.047817][ T7794]  ? ksys_write+0x22a/0x250
[  148.047838][ T7794]  ? __pfx_ksys_write+0x10/0x10
[  148.047857][ T7794]  ? rcu_is_watching+0x15/0xb0
[  148.047875][ T7794]  __x64_sys_sendmmsg+0xa0/0xc0
[  148.047892][ T7794]  do_syscall_64+0xfa/0x3b0
[  148.047914][ T7794]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.047931][ T7794]  ? clear_bhb_loop+0x60/0xb0
[  148.047948][ T7794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.047969][ T7794] RIP: 0033:0x7eff8918ebe9
[  148.047984][ T7794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.047998][ T7794] RSP: 002b:00007eff8a09a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  148.048016][ T7794] RAX: ffffffffffffffda RBX: 00007eff893b5fa0 RCX: 00007eff8918ebe9
[  148.048029][ T7794] RDX: 0000000000000001 RSI: 0000200000000440 RDI: 000000000000000a
[  148.048041][ T7794] RBP: 00007eff8a09a090 R08: 0000000000000000 R09: 0000000000000000
[  148.048051][ T7794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.048061][ T7794] R13: 00007eff893b6038 R14: 00007eff893b5fa0 R15: 00007eff894dfa28
[  148.048080][ T7794]  </TASK>
[  148.416598][    C1] vkms_vblank_simulate: vblank timer overrun
[  148.462688][ T7790] vivid-004: reconnect
[  148.614722][   T10] usb 4-1: Using ep0 maxpacket: 16
[  148.620419][ T7800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.630784][   T10] usb 4-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  148.652128][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  148.671987][   T10] usb 4-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00
[  148.682201][ T7766] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.682346][ T7800] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.691538][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.705363][ T7800] netlink: 8 bytes leftover after parsing attributes in process `syz.2.443'.
[  148.706730][ T5983] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  148.717155][ T7766] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.740730][   T10] usb 4-1: config 0 descriptor??
[  148.750523][   T92] usbhid 5-1:0.0: can't add hid device: -71
[  148.757575][   T92] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  148.767542][   T92] usb 5-1: USB disconnect, device number 27
[  148.804834][ T5983] usb 1-1: device descriptor read/8, error -71
[  148.820759][ T7806] netlink: 192 bytes leftover after parsing attributes in process `syz.4.445'.
[  148.874992][ T7809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.884180][ T7809] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.963526][    T9] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  149.145002][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  149.155227][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  149.166915][   T10] waltop 0003:172F:0034.0005: item fetching failed at offset 1/3
[  149.175321][    T9] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  149.184741][   T10] waltop 0003:172F:0034.0005: probe with driver waltop failed with error -22
[  149.193553][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.205210][    T9] usb 2-1: config 0 descriptor??
[  149.214641][    T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  149.222096][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  149.234346][    T9] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  149.250766][    T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  149.269764][    T9] usb 2-1: media controller created
[  149.276953][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  149.281634][ T7820] FAULT_INJECTION: forcing a failure.
[  149.281634][ T7820] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.301228][ T7820] CPU: 1 UID: 0 PID: 7820 Comm: syz.2.448 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  149.301249][ T7820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  149.301259][ T7820] Call Trace:
[  149.301266][ T7820]  <TASK>
[  149.301272][ T7820]  dump_stack_lvl+0x189/0x250
[  149.301295][ T7820]  ? __pfx____ratelimit+0x10/0x10
[  149.301316][ T7820]  ? __pfx_dump_stack_lvl+0x10/0x10
[  149.301334][ T7820]  ? __pfx__printk+0x10/0x10
[  149.301354][ T7820]  ? __might_fault+0xb0/0x130
[  149.301377][ T7820]  ? rcu_is_watching+0x15/0xb0
[  149.301395][ T7820]  should_fail_ex+0x414/0x560
[  149.301417][ T7820]  _copy_from_user+0x2d/0xb0
[  149.301435][ T7820]  ___sys_recvmsg+0x12e/0x510
[  149.301455][ T7820]  ? __pfx____sys_recvmsg+0x10/0x10
[  149.301474][ T7820]  ? __fget_files+0x2a/0x420
[  149.301494][ T7820]  ? rcu_is_watching+0x15/0xb0
[  149.301510][ T7820]  ? lock_release+0x4b/0x3e0
[  149.301532][ T7820]  ? __might_fault+0xcc/0x130
[  149.301560][ T7820]  do_recvmmsg+0x307/0x770
[  149.301580][ T7820]  ? __pfx_do_recvmmsg+0x10/0x10
[  149.301601][ T7820]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  149.301629][ T7820]  __x64_sys_recvmmsg+0x190/0x240
[  149.301646][ T7820]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  149.301662][ T7820]  ? rcu_is_watching+0x15/0xb0
[  149.301679][ T7820]  ? rcu_is_watching+0x15/0xb0
[  149.301694][ T7820]  do_syscall_64+0xfa/0x3b0
[  149.301716][ T7820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.301731][ T7820]  ? clear_bhb_loop+0x60/0xb0
[  149.301748][ T7820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.301764][ T7820] RIP: 0033:0x7fa03e58ebe9
[  149.301778][ T7820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.301792][ T7820] RSP: 002b:00007fa03f323038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  149.301811][ T7820] RAX: ffffffffffffffda RBX: 00007fa03e7b5fa0 RCX: 00007fa03e58ebe9
[  149.301823][ T7820] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 000000000000000a
[  149.301835][ T7820] RBP: 00007fa03f323090 R08: 0000000000000000 R09: 0000000000000000
[  149.301845][ T7820] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  149.301855][ T7820] R13: 00007fa03e7b6038 R14: 00007fa03e7b5fa0 R15: 00007fa03e8dfa28
[  149.301873][ T7820]  </TASK>
[  149.302899][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  149.538375][    T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  149.553820][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input12
[  149.569811][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  149.582323][    T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  149.639637][ T7824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.648852][ T7824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.666286][ T7824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.691568][ T7824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.733422][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  149.739177][    T9] dvb-usb: error while querying for an remote control event.
[  149.903645][ T5983] dvb-usb: bulk message failed: -22 (1/0)
[  149.917486][ T5983] dvb-usb: error while querying for an remote control event.
[  150.083593][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  150.098478][    T9] dvb-usb: error while querying for an remote control event.
[  150.263482][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  150.281168][    T9] dvb-usb: error while querying for an remote control event.
[  150.343575][ T5983] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  150.453757][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  150.459647][    T9] dvb-usb: error while querying for an remote control event.
[  150.503424][ T5983] usb 5-1: Using ep0 maxpacket: 16
[  150.512889][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.532598][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.545704][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  150.555355][ T5983] usb 5-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  150.580046][ T5983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.590465][ T5983] usb 5-1: config 0 descriptor??
[  150.623667][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  150.629463][    T9] dvb-usb: error while querying for an remote control event.
[  150.718730][    T9] usb 4-1: USB disconnect, device number 19
[  150.758640][ T7860] netlink: 'syz.3.460': attribute type 10 has an invalid length.
[  150.770879][ T7860] syz_tun: entered promiscuous mode
[  150.787734][ T7860] $Hÿ: (slave syz_tun): Enslaving as an active interface with an up link
[  150.793511][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  150.805195][   T10] dvb-usb: error while querying for an remote control event.
[  150.973414][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  150.980597][   T10] dvb-usb: error while querying for an remote control event.
[  151.025321][ T5983] usbhid 5-1:0.0: can't add hid device: -71
[  151.037818][ T7863] vlan2: entered allmulticast mode
[  151.042960][ T7863] macvtap0: entered allmulticast mode
[  151.048428][ T7863] veth0_macvtap: entered allmulticast mode
[  151.056972][ T7863] netlink: 52 bytes leftover after parsing attributes in process `syz.4.461'.
[  151.071781][ T7863] netlink: 52 bytes leftover after parsing attributes in process `syz.4.461'.
[  151.082895][ T5983] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  151.091574][ T7863] netlink: 52 bytes leftover after parsing attributes in process `syz.4.461'.
[  151.104158][ T5983] usb 5-1: USB disconnect, device number 28
[  151.152345][    T9] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  151.160129][ T5942] dvb-usb: bulk message failed: -22 (1/0)
[  151.169718][ T5942] dvb-usb: error while querying for an remote control event.
[  151.182302][ T7863] netlink: 20 bytes leftover after parsing attributes in process `syz.4.461'.
[  151.303464][    T9] usb 4-1: device descriptor read/64, error -71
[  151.343548][ T5983] dvb-usb: bulk message failed: -22 (1/0)
[  151.349287][ T5983] dvb-usb: error while querying for an remote control event.
[  151.513476][ T5983] dvb-usb: bulk message failed: -22 (1/0)
[  151.519240][ T5983] dvb-usb: error while querying for an remote control event.
[  151.553478][    T9] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  151.683419][ T5983] dvb-usb: bulk message failed: -22 (1/0)
[  151.689227][    T9] usb 4-1: device descriptor read/64, error -71
[  151.748245][ T5983] dvb-usb: error while querying for an remote control event.
[  151.768319][ T7876] netlink: 60 bytes leftover after parsing attributes in process `syz.2.466'.
[  151.770598][   T10] usb 2-1: USB disconnect, device number 22
[  151.797066][ T7876] vivid-004: disconnect
[  151.840957][   T10] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  151.858497][ T7879] netlink: 24 bytes leftover after parsing attributes in process `syz.1.467'.
[  151.873700][    T9] usb usb4-port1: attempt power cycle
[  151.910286][ T7882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.467'.
[  151.931144][ T7882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.467'.
[  151.940182][ T7882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.467'.
[  151.950577][ T7882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.467'.
[  151.990652][   T30] kauditd_printk_skb: 44 callbacks suppressed
[  151.990663][   T30] audit: type=1326 audit(1755393904.269:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5630d8ebe9 code=0x7ffc0000
[  152.078827][   T30] audit: type=1326 audit(1755393904.269:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5630d8ebe9 code=0x7ffc0000
[  152.101795][   T30] audit: type=1326 audit(1755393904.279:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5630d8ebe9 code=0x7ffc0000
[  152.245846][ T7890] bridge_slave_1: left allmulticast mode
[  152.251491][ T7890] bridge_slave_1: left promiscuous mode
[  152.257358][ T7890] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.330550][ T7874] vivid-004: reconnect
[  152.351793][ T7890] bridge_slave_0: left allmulticast mode
[  152.376458][ T7890] bridge_slave_0: left promiscuous mode
[  152.413434][   T30] audit: type=1326 audit(1755393904.279:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5630d8ebe9 code=0x7ffc0000
[  152.435594][    C1] vkms_vblank_simulate: vblank timer overrun
[  152.443514][    T9] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  152.455595][ T7890] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.567423][   T30] audit: type=1326 audit(1755393904.279:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5630d8ebe9 code=0x7ffc0000
[  152.573496][    T9] usb 4-1: device descriptor read/8, error -71
[  152.637034][ T7905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.681868][   T30] audit: type=1326 audit(1755393904.279:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5630d8ebe9 code=0x7ffc0000
[  152.707207][ T7905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.722582][   T30] audit: type=1326 audit(1755393904.279:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.4.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5630d8ebe9 code=0x7ffc0000
[  152.893875][    T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  152.913997][    T9] usb 4-1: device descriptor read/8, error -71
[  152.954575][ T5942] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  153.023555][    T9] usb usb4-port1: unable to enumerate USB device
[  153.115042][ T5942] usb 2-1: config 0 has an invalid descriptor of length 25, skipping remainder of the config
[  153.125330][ T5942] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  153.138577][ T5942] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  153.147805][ T5942] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.163850][   T10] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  153.178253][ T5942] usb 2-1: config 0 descriptor??
[  153.197285][ T5942] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  153.305523][ T7921] netlink: 'syz.2.478': attribute type 10 has an invalid length.
[  153.346681][ T7922] hub 9-0:1.0: USB hub found
[  153.351572][ T7922] hub 9-0:1.0: 1 port detected
[  153.365316][ T7921] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  153.385708][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.396153][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  153.424680][   T10] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  153.435690][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.445048][   T10] usb 1-1: config 0 descriptor??
[  153.537243][ T7927] loop6: detected capacity change from 0 to 7
[  153.544944][ T7927] Dev loop6: unable to read RDB block 7
[  153.550670][ T7927]  loop6: AHDI p1 p2 p3
[  153.557188][ T7927] loop6: partition table partially beyond EOD, truncated
[  153.565492][ T7927] loop6: p1 start 1405162169 is beyond EOD, truncated
[  153.573653][ T7927] loop6: p2 start 1203593728 is beyond EOD, truncated
[  153.663021][ T7930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.677447][ T7930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.723640][ T7930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.735062][ T7930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.865851][   T10] kovaplus 0003:1E7D:2D50.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0
[  154.293441][ T5862] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  154.501890][ T5862] usb 4-1: Using ep0 maxpacket: 8
[  154.523704][ T5862] usb 4-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  154.540015][ T5862] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.548343][   T92] usb 2-1: USB disconnect, device number 23
[  154.581896][ T5862] usb 4-1: Product: syz
[  154.598120][ T5862] usb 4-1: Manufacturer: syz
[  154.602736][ T5862] usb 4-1: SerialNumber: syz
[  154.655543][ T5862] usb 4-1: config 0 descriptor??
[  154.686317][ T5862] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  155.013439][   T92] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  155.083415][ T5920] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  155.112325][ T7965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.122288][ T7965] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.175631][   T92] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  155.194467][   T92] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  155.206897][   T92] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  155.219298][   T92] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  155.229663][   T92] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  155.230662][ T7966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.240250][ T5920] usb 5-1: Using ep0 maxpacket: 8
[  155.257202][   T92] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.268325][ T5920] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  155.277874][ T5920] usb 5-1: config 0 has no interface number 0
[  155.287176][   T92] usb 2-1: config 0 descriptor??
[  155.292581][ T5920] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  155.304311][ T7966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.306042][ T5920] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  155.326095][ T5920] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  155.339574][ T5920] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  155.354277][ T5920] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  155.366800][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.381973][ T5920] usb 5-1: config 0 descriptor??
[  155.397703][ T5920] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  155.539726][   T92] hdpvr 2-1:0.0: firmware version 0xd dated —jl;™S11´Ôø!ºvOp³
[  155.539726][   T92] 4(r¥ý
[  155.539726][   T92] d×Å2}±dæ~ýýŠÙ­^r¤
[  155.780201][ T7941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.790033][ T7941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.815818][   T92] hdpvr 2-1:0.0: device init failed
[  155.825878][   T92] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12
[  155.838745][   T92] usb 2-1: USB disconnect, device number 24
[  156.150820][   T10] kovaplus 0003:1E7D:2D50.0006: couldn't init struct kovaplus_device
[  156.159140][   T10] kovaplus 0003:1E7D:2D50.0006: couldn't install mouse
[  156.168875][   T10] kovaplus 0003:1E7D:2D50.0006: probe with driver kovaplus failed with error -71
[  156.201099][   T10] usb 1-1: USB disconnect, device number 28
[  156.400588][ T7974] __nla_validate_parse: 3 callbacks suppressed
[  156.400604][ T7974] netlink: 4 bytes leftover after parsing attributes in process `syz.0.488'.
[  156.407163][ T7975] FAULT_INJECTION: forcing a failure.
[  156.407163][ T7975] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.431395][ T7975] CPU: 1 UID: 0 PID: 7975 Comm: syz.1.489 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  156.431420][ T7975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  156.431429][ T7975] Call Trace:
[  156.431434][ T7975]  <TASK>
[  156.431440][ T7975]  dump_stack_lvl+0x189/0x250
[  156.431464][ T7975]  ? __pfx____ratelimit+0x10/0x10
[  156.431484][ T7975]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.431499][ T7975]  ? __pfx__printk+0x10/0x10
[  156.431516][ T7975]  ? __might_fault+0xb0/0x130
[  156.431537][ T7975]  ? rcu_is_watching+0x15/0xb0
[  156.431554][ T7975]  should_fail_ex+0x414/0x560
[  156.431575][ T7975]  _copy_from_user+0x2d/0xb0
[  156.431592][ T7975]  ___sys_recvmsg+0x12e/0x510
[  156.431612][ T7975]  ? __pfx____sys_recvmsg+0x10/0x10
[  156.431630][ T7975]  ? __fget_files+0x2a/0x420
[  156.431649][ T7975]  ? rcu_is_watching+0x15/0xb0
[  156.431664][ T7975]  ? lock_release+0x4b/0x3e0
[  156.431686][ T7975]  ? __might_fault+0xcc/0x130
[  156.431704][ T7975]  do_recvmmsg+0x307/0x770
[  156.431722][ T7975]  ? __pfx_do_recvmmsg+0x10/0x10
[  156.431741][ T7975]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  156.431767][ T7975]  __x64_sys_recvmmsg+0x190/0x240
[  156.431784][ T7975]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  156.431801][ T7975]  ? rcu_is_watching+0x15/0xb0
[  156.431817][ T7975]  ? rcu_is_watching+0x15/0xb0
[  156.431833][ T7975]  do_syscall_64+0xfa/0x3b0
[  156.431854][ T7975]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.431870][ T7975]  ? clear_bhb_loop+0x60/0xb0
[  156.431887][ T7975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.431900][ T7975] RIP: 0033:0x7eff8918ebe9
[  156.431913][ T7975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.431926][ T7975] RSP: 002b:00007eff8a09a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  156.431942][ T7975] RAX: ffffffffffffffda RBX: 00007eff893b5fa0 RCX: 00007eff8918ebe9
[  156.431952][ T7975] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 000000000000000a
[  156.431962][ T7975] RBP: 00007eff8a09a090 R08: 0000000000000000 R09: 0000000000000000
[  156.431971][ T7975] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  156.431981][ T7975] R13: 00007eff893b6038 R14: 00007eff893b5fa0 R15: 00007eff894dfa28
[  156.431997][ T7975]  </TASK>
[  156.913411][ T5862] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  156.944463][ T5920] usb 4-1: USB disconnect, device number 24
[  157.035019][ T7986] input: syz0 as /devices/virtual/input/input13
[  157.063565][ T5862] usb 1-1: Using ep0 maxpacket: 16
[  157.070566][ T5862] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  157.081100][ T5862] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  157.162574][ T5862] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  157.194807][ T5862] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  157.245520][ T5862] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.300473][ T5862] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  157.318299][ T5862] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  157.333147][ T5862] usb 1-1: Manufacturer: syz
[  157.433333][ T7993] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.493'.
[  157.495799][ T7993] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  157.508637][ T7993] CPU: 1 UID: 0 PID: 7993 Comm: syz.3.493 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  157.508666][ T7993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  157.508677][ T7993] Call Trace:
[  157.508684][ T7993]  <TASK>
[  157.508692][ T7993]  dump_stack_lvl+0x189/0x250
[  157.508717][ T7993]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.508737][ T7993]  ? __pfx__printk+0x10/0x10
[  157.508757][ T7993]  ? kernfs_root+0x1c/0x230
[  157.508776][ T7993]  ? kernfs_path_from_node+0x2f/0x290
[  157.508792][ T7993]  ? kernfs_path_from_node+0x250/0x290
[  157.508806][ T7993]  ? kernfs_path_from_node+0x2f/0x290
[  157.508831][ T7993]  sysfs_warn_dup+0x8e/0xa0
[  157.508849][ T7993]  sysfs_do_create_link_sd+0xc0/0x110
[  157.508863][ T7993]  device_add_class_symlinks+0x1cf/0x240
[  157.508879][ T7993]  device_add+0x475/0xb50
[  157.508892][ T7993]  wiphy_register+0x1ba6/0x28d0
[  157.508915][ T7993]  ? __pfx_wiphy_register+0x10/0x10
[  157.508930][ T7993]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  157.508946][ T7993]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  157.508967][ T7993]  ieee80211_register_hw+0x3425/0x4080
[  157.508985][ T7993]  ? ieee80211_register_hw+0x14a1/0x4080
[  157.509001][ T7993]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  157.509015][ T7993]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  157.509033][ T7993]  ? __hrtimer_setup+0x187/0x210
[  157.509044][ T7993]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  157.509063][ T7993]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  157.509087][ T7993]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  157.509103][ T7993]  ? trace_kmalloc+0x1f/0xd0
[  157.509118][ T7993]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  157.509136][ T7993]  ? kstrndup+0xbf/0x160
[  157.509152][ T7993]  hwsim_new_radio_nl+0xea4/0x1b10
[  157.509168][ T7993]  ? __pfx___nla_validate_parse+0x10/0x10
[  157.509191][ T7993]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  157.509209][ T7993]  ? __nla_parse+0x40/0x60
[  157.509226][ T7993]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  157.509243][ T7993]  genl_family_rcv_msg_doit+0x215/0x300
[  157.509259][ T7993]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  157.509276][ T7993]  ? bpf_lsm_capable+0x9/0x20
[  157.509292][ T7993]  ? security_capable+0x7e/0x2e0
[  157.509311][ T7993]  genl_rcv_msg+0x60e/0x790
[  157.509326][ T7993]  ? __pfx_genl_rcv_msg+0x10/0x10
[  157.509338][ T7993]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  157.509353][ T7993]  ? __asan_memcpy+0x40/0x70
[  157.509367][ T7993]  ? __pfx_ref_tracker_free+0x10/0x10
[  157.509382][ T7993]  ? __skb_clone+0x63/0x7a0
[  157.509396][ T7993]  netlink_rcv_skb+0x208/0x470
[  157.509412][ T7993]  ? __pfx_genl_rcv_msg+0x10/0x10
[  157.509426][ T7993]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  157.509445][ T7993]  ? lock_release+0x4b/0x3e0
[  157.509462][ T7993]  ? down_read+0x1ad/0x2e0
[  157.509474][ T7993]  genl_rcv+0x28/0x40
[  157.509486][ T7993]  netlink_unicast+0x82c/0x9e0
[  157.509502][ T7993]  ? __pfx_netlink_unicast+0x10/0x10
[  157.509516][ T7993]  ? __build_skb_around+0x237/0x3e0
[  157.509534][ T7993]  ? netlink_sendmsg+0x642/0xb30
[  157.509553][ T7993]  ? skb_put+0x11b/0x210
[  157.509565][ T7993]  netlink_sendmsg+0x805/0xb30
[  157.509584][ T7993]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.509602][ T7993]  ? aa_sock_msg_perm+0xf1/0x1d0
[  157.509614][ T7993]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  157.509638][ T7993]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.509657][ T7993]  __sock_sendmsg+0x219/0x270
[  157.509673][ T7993]  ____sys_sendmsg+0x505/0x830
[  157.509687][ T7993]  ? __pfx_____sys_sendmsg+0x10/0x10
[  157.509702][ T7993]  ? import_iovec+0x74/0xa0
[  157.509716][ T7993]  ___sys_sendmsg+0x21f/0x2a0
[  157.509729][ T7993]  ? __pfx____sys_sendmsg+0x10/0x10
[  157.509744][ T7993]  ? futex_wait+0x285/0x360
[  157.509767][ T7993]  ? __fget_files+0x2a/0x420
[  157.509778][ T7993]  ? __fget_files+0x3a0/0x420
[  157.509792][ T7993]  __x64_sys_sendmsg+0x19b/0x260
[  157.509804][ T7993]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  157.509826][ T7993]  ? rcu_is_watching+0x15/0xb0
[  157.509840][ T7993]  ? rcu_is_watching+0x15/0xb0
[  157.509853][ T7993]  do_syscall_64+0xfa/0x3b0
[  157.509870][ T7993]  ? rcu_is_watching+0x15/0xb0
[  157.509882][ T7993]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.509895][ T7993]  ? clear_bhb_loop+0x60/0xb0
[  157.509909][ T7993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.509921][ T7993] RIP: 0033:0x7f386d18ebe9
[  157.509933][ T7993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.509944][ T7993] RSP: 002b:00007f386e008038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  157.509959][ T7993] RAX: ffffffffffffffda RBX: 00007f386d3b6360 RCX: 00007f386d18ebe9
[  157.509969][ T7993] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  157.509979][ T7993] RBP: 00007f386d211e19 R08: 0000000000000000 R09: 0000000000000000
[  157.509988][ T7993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.509996][ T7993] R13: 00007f386d3b63f8 R14: 00007f386d3b6360 R15: 00007f386d4dfa28
[  157.510010][ T7993]  </TASK>
[  158.015415][ T5862] usb 1-1: config 0 descriptor??
[  158.582732][   T10] usb 5-1: USB disconnect, device number 29
[  158.603496][   T10] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  158.643453][ T5862] rc_core: IR keymap rc-hauppauge not found
[  158.649467][ T5862] Registered IR keymap rc-empty
[  158.657079][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  158.665541][ T8000] netlink: 676 bytes leftover after parsing attributes in process `syz.2.495'.
[  158.686631][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  158.699887][ T8000] netlink: 676 bytes leftover after parsing attributes in process `syz.2.495'.
[  158.718260][ T5862] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  158.734978][ T5862] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input14
[  158.760519][ T8009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.769492][ T8009] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.778971][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  158.849436][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  158.853775][   T13] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  158.873555][   T13] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  158.873985][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  158.883599][ T5942] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  158.982750][ T8016] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.497'.
[  159.002360][ T8016] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  159.013253][ T8016] CPU: 0 UID: 0 PID: 8016 Comm: syz.4.497 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  159.013278][ T8016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  159.013288][ T8016] Call Trace:
[  159.013295][ T8016]  <TASK>
[  159.013302][ T8016]  dump_stack_lvl+0x189/0x250
[  159.013329][ T8016]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.013352][ T8016]  ? __pfx__printk+0x10/0x10
[  159.013373][ T8016]  ? kernfs_root+0x1c/0x230
[  159.013395][ T8016]  ? kernfs_path_from_node+0x2f/0x290
[  159.013414][ T8016]  ? kernfs_path_from_node+0x250/0x290
[  159.013431][ T8016]  ? kernfs_path_from_node+0x2f/0x290
[  159.013451][ T8016]  sysfs_warn_dup+0x8e/0xa0
[  159.013468][ T8016]  sysfs_do_create_link_sd+0xc0/0x110
[  159.013487][ T8016]  device_add_class_symlinks+0x1cf/0x240
[  159.013505][ T8016]  device_add+0x475/0xb50
[  159.013523][ T8016]  wiphy_register+0x1ba6/0x28d0
[  159.013546][ T8016]  ? __pfx_wiphy_register+0x10/0x10
[  159.013564][ T8016]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  159.013581][ T8016]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  159.013601][ T8016]  ieee80211_register_hw+0x3425/0x4080
[  159.013615][ T8016]  ? preempt_schedule+0xae/0xc0
[  159.013634][ T8016]  ? ieee80211_register_hw+0x14a1/0x4080
[  159.013649][ T8016]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  159.013663][ T8016]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  159.013680][ T8016]  ? __hrtimer_setup+0x187/0x210
[  159.013700][ T8016]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  159.013721][ T8016]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  159.013745][ T8016]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  159.013761][ T8016]  ? trace_kmalloc+0x1f/0xd0
[  159.013776][ T8016]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  159.013793][ T8016]  ? kstrndup+0xbf/0x160
[  159.013809][ T8016]  hwsim_new_radio_nl+0xea4/0x1b10
[  159.013825][ T8016]  ? __pfx___nla_validate_parse+0x10/0x10
[  159.013852][ T8016]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  159.013870][ T8016]  ? __nla_parse+0x40/0x60
[  159.013887][ T8016]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  159.013905][ T8016]  genl_family_rcv_msg_doit+0x215/0x300
[  159.013922][ T8016]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  159.013940][ T8016]  ? bpf_lsm_capable+0x9/0x20
[  159.013957][ T8016]  ? security_capable+0x7e/0x2e0
[  159.013980][ T8016]  genl_rcv_msg+0x60e/0x790
[  159.013995][ T8016]  ? __pfx_genl_rcv_msg+0x10/0x10
[  159.014007][ T8016]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  159.014026][ T8016]  netlink_rcv_skb+0x208/0x470
[  159.014042][ T8016]  ? __pfx_genl_rcv_msg+0x10/0x10
[  159.014056][ T8016]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  159.014074][ T8016]  ? lock_release+0x4b/0x3e0
[  159.014092][ T8016]  ? down_read+0x1ad/0x2e0
[  159.014106][ T8016]  genl_rcv+0x28/0x40
[  159.014119][ T8016]  netlink_unicast+0x82c/0x9e0
[  159.014136][ T8016]  ? __pfx_netlink_unicast+0x10/0x10
[  159.014151][ T8016]  ? netlink_sendmsg+0x642/0xb30
[  159.014167][ T8016]  ? skb_put+0x11b/0x210
[  159.014180][ T8016]  netlink_sendmsg+0x805/0xb30
[  159.014198][ T8016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.014216][ T8016]  ? trace_irq_disable+0x37/0x110
[  159.014231][ T8016]  ? aa_sock_msg_perm+0xf1/0x1d0
[  159.014246][ T8016]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  159.014260][ T8016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.014276][ T8016]  __sock_sendmsg+0x219/0x270
[  159.014292][ T8016]  ____sys_sendmsg+0x505/0x830
[  159.014306][ T8016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  159.014321][ T8016]  ? import_iovec+0x74/0xa0
[  159.014335][ T8016]  ___sys_sendmsg+0x21f/0x2a0
[  159.014348][ T8016]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.014362][ T8016]  ? futex_wait+0x285/0x360
[  159.014390][ T8016]  ? __fget_files+0x2a/0x420
[  159.014400][ T8016]  ? __fget_files+0x3a0/0x420
[  159.014414][ T8016]  __x64_sys_sendmsg+0x19b/0x260
[  159.014427][ T8016]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  159.014442][ T8016]  ? rcu_is_watching+0x15/0xb0
[  159.014455][ T8016]  ? rcu_is_watching+0x15/0xb0
[  159.014468][ T8016]  do_syscall_64+0xfa/0x3b0
[  159.014484][ T8016]  ? rcu_is_watching+0x15/0xb0
[  159.014496][ T8016]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.014512][ T8016]  ? clear_bhb_loop+0x60/0xb0
[  159.014526][ T8016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.014538][ T8016] RIP: 0033:0x7f5630d8ebe9
[  159.014550][ T8016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.014560][ T8016] RSP: 002b:00007f562e76e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.014575][ T8016] RAX: ffffffffffffffda RBX: 00007f5630fb6360 RCX: 00007f5630d8ebe9
[  159.014586][ T8016] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  159.014595][ T8016] RBP: 00007f5630e11e19 R08: 0000000000000000 R09: 0000000000000000
[  159.014604][ T8016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  159.014612][ T8016] R13: 00007f5630fb63f8 R14: 00007f5630fb6360 R15: 00007f56310dfa28
[  159.014626][ T8016]  </TASK>
[  159.503489][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  159.523441][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  159.553441][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  159.624406][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  159.628663][ T7976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.643089][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  159.659436][ T7976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.761948][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  159.985773][ T7976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.021980][ T7976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  160.025077][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  160.054912][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  160.073519][ T5862] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  160.096190][ T5862] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  160.139443][ T5862] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  160.168333][ T8030] FAULT_INJECTION: forcing a failure.
[  160.168333][ T8030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.184459][ T8030] CPU: 0 UID: 0 PID: 8030 Comm: syz.3.501 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  160.184482][ T8030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  160.184500][ T8030] Call Trace:
[  160.184505][ T8030]  <TASK>
[  160.184512][ T8030]  dump_stack_lvl+0x189/0x250
[  160.184535][ T8030]  ? __pfx____ratelimit+0x10/0x10
[  160.184556][ T8030]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.184574][ T8030]  ? __pfx__printk+0x10/0x10
[  160.184593][ T8030]  ? __might_fault+0xb0/0x130
[  160.184616][ T8030]  ? rcu_is_watching+0x15/0xb0
[  160.184633][ T8030]  should_fail_ex+0x414/0x560
[  160.184654][ T8030]  _copy_from_user+0x2d/0xb0
[  160.184672][ T8030]  ___sys_recvmsg+0x12e/0x510
[  160.184692][ T8030]  ? __pfx____sys_recvmsg+0x10/0x10
[  160.184711][ T8030]  ? __fget_files+0x2a/0x420
[  160.184728][ T8030]  ? rcu_is_watching+0x15/0xb0
[  160.184743][ T8030]  ? lock_release+0x4b/0x3e0
[  160.184764][ T8030]  ? __might_fault+0xcc/0x130
[  160.184784][ T8030]  do_recvmmsg+0x307/0x770
[  160.184802][ T8030]  ? __pfx_do_recvmmsg+0x10/0x10
[  160.184820][ T8030]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  160.184845][ T8030]  __x64_sys_recvmmsg+0x190/0x240
[  160.184862][ T8030]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  160.184876][ T8030]  ? rcu_is_watching+0x15/0xb0
[  160.184895][ T8030]  ? rcu_is_watching+0x15/0xb0
[  160.184910][ T8030]  do_syscall_64+0xfa/0x3b0
[  160.184930][ T8030]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.184943][ T8030]  ? clear_bhb_loop+0x60/0xb0
[  160.184960][ T8030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.184975][ T8030] RIP: 0033:0x7f386d18ebe9
[  160.184988][ T8030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.185003][ T8030] RSP: 002b:00007f386e08c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  160.185022][ T8030] RAX: ffffffffffffffda RBX: 00007f386d3b5fa0 RCX: 00007f386d18ebe9
[  160.185033][ T8030] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 000000000000000a
[  160.185044][ T8030] RBP: 00007f386e08c090 R08: 0000000000000000 R09: 0000000000000000
[  160.185054][ T8030] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  160.185065][ T8030] R13: 00007f386d3b6038 R14: 00007f386d3b5fa0 R15: 00007f386d4dfa28
[  160.185083][ T8030]  </TASK>
[  160.557769][ T8034] PKCS7: Unknown OID: [5] (bad)
[  160.563126][ T8034] PKCS7: Only support pkcs7_signedData type
[  160.731846][ T8037] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  160.738378][ T8037] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  160.816489][ T8037] vhci_hcd vhci_hcd.0: Device attached
[  161.138512][ T5983] vhci_hcd: vhci_device speed not set
[  161.213409][ T5983] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  161.954903][ T8040] vhci_hcd: connection reset by peer
[  161.960417][   T13] vhci_hcd: stop threads
[  161.968402][   T13] vhci_hcd: release socket
[  161.972923][   T13] vhci_hcd: disconnect device
[  162.094817][ T5942] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  162.194979][ T8062] bridge0: entered promiscuous mode
[  162.200338][ T8062] macsec1: entered promiscuous mode
[  162.258058][ T5942] usb 5-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  162.267527][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.279124][ T5942] usb 5-1: Product: syz
[  162.283310][ T5942] usb 5-1: Manufacturer: syz
[  162.288072][ T5942] usb 5-1: SerialNumber: syz
[  162.295873][ T5942] usb 5-1: config 0 descriptor??
[  162.302940][ T5942] gspca_main: sunplus-2.14.0 probing 055f:c230
[  162.469842][ T8068] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.510'.
[  162.500602][ T8068] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  162.511475][ T8068] CPU: 1 UID: 0 PID: 8068 Comm: syz.3.510 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  162.511503][ T8068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  162.511514][ T8068] Call Trace:
[  162.511529][ T8068]  <TASK>
[  162.511537][ T8068]  dump_stack_lvl+0x189/0x250
[  162.511563][ T8068]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.511583][ T8068]  ? __pfx__printk+0x10/0x10
[  162.511604][ T8068]  ? kernfs_root+0x1c/0x230
[  162.511624][ T8068]  ? kernfs_path_from_node+0x2f/0x290
[  162.511642][ T8068]  ? kernfs_path_from_node+0x250/0x290
[  162.511660][ T8068]  ? kernfs_path_from_node+0x2f/0x290
[  162.511679][ T8068]  sysfs_warn_dup+0x8e/0xa0
[  162.511696][ T8068]  sysfs_do_create_link_sd+0xc0/0x110
[  162.511715][ T8068]  device_add_class_symlinks+0x1cf/0x240
[  162.511735][ T8068]  device_add+0x475/0xb50
[  162.511752][ T8068]  wiphy_register+0x1ba6/0x28d0
[  162.511780][ T8068]  ? __pfx_wiphy_register+0x10/0x10
[  162.511801][ T8068]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  162.511821][ T8068]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  162.511849][ T8068]  ieee80211_register_hw+0x3425/0x4080
[  162.511873][ T8068]  ? ieee80211_register_hw+0x14a1/0x4080
[  162.511894][ T8068]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  162.511913][ T8068]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  162.511937][ T8068]  ? __hrtimer_setup+0x187/0x210
[  162.511952][ T8068]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  162.511977][ T8068]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  162.512009][ T8068]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  162.512028][ T8068]  ? trace_kmalloc+0x1f/0xd0
[  162.512049][ T8068]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  162.512072][ T8068]  ? kstrndup+0xbf/0x160
[  162.512092][ T8068]  hwsim_new_radio_nl+0xea4/0x1b10
[  162.512114][ T8068]  ? __pfx___nla_validate_parse+0x10/0x10
[  162.512143][ T8068]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  162.512168][ T8068]  ? __nla_parse+0x40/0x60
[  162.512192][ T8068]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  162.512215][ T8068]  genl_family_rcv_msg_doit+0x215/0x300
[  162.512237][ T8068]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  162.512260][ T8068]  ? bpf_lsm_capable+0x9/0x20
[  162.512282][ T8068]  ? security_capable+0x7e/0x2e0
[  162.512307][ T8068]  genl_rcv_msg+0x60e/0x790
[  162.512327][ T8068]  ? __pfx_genl_rcv_msg+0x10/0x10
[  162.512345][ T8068]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  162.512363][ T8068]  ? kasan_check_range+0x9b/0x2c0
[  162.512388][ T8068]  netlink_rcv_skb+0x208/0x470
[  162.512411][ T8068]  ? __pfx_genl_rcv_msg+0x10/0x10
[  162.512430][ T8068]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  162.512456][ T8068]  ? lock_release+0x4b/0x3e0
[  162.512480][ T8068]  ? down_read+0x1ad/0x2e0
[  162.512495][ T8068]  genl_rcv+0x28/0x40
[  162.512511][ T8068]  netlink_unicast+0x82c/0x9e0
[  162.512543][ T8068]  ? __pfx_netlink_unicast+0x10/0x10
[  162.512564][ T8068]  ? netlink_sendmsg+0x642/0xb30
[  162.512587][ T8068]  ? skb_put+0x11b/0x210
[  162.512603][ T8068]  netlink_sendmsg+0x805/0xb30
[  162.512629][ T8068]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.512653][ T8068]  ? futex_unqueue+0x22/0x240
[  162.512671][ T8068]  ? aa_sock_msg_perm+0xf1/0x1d0
[  162.512688][ T8068]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  162.512706][ T8068]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.512729][ T8068]  __sock_sendmsg+0x219/0x270
[  162.512751][ T8068]  ____sys_sendmsg+0x505/0x830
[  162.512769][ T8068]  ? __pfx_____sys_sendmsg+0x10/0x10
[  162.512789][ T8068]  ? import_iovec+0x74/0xa0
[  162.512808][ T8068]  ___sys_sendmsg+0x21f/0x2a0
[  162.512826][ T8068]  ? __pfx____sys_sendmsg+0x10/0x10
[  162.512844][ T8068]  ? futex_wait+0x285/0x360
[  162.512876][ T8068]  ? __fget_files+0x2a/0x420
[  162.512890][ T8068]  ? __fget_files+0x3a0/0x420
[  162.512908][ T8068]  __x64_sys_sendmsg+0x19b/0x260
[  162.512926][ T8068]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  162.512946][ T8068]  ? rcu_is_watching+0x15/0xb0
[  162.512965][ T8068]  ? rcu_is_watching+0x15/0xb0
[  162.512981][ T8068]  do_syscall_64+0xfa/0x3b0
[  162.513005][ T8068]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.513022][ T8068]  ? clear_bhb_loop+0x60/0xb0
[  162.513040][ T8068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.513055][ T8068] RIP: 0033:0x7f386d18ebe9
[  162.513070][ T8068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.513083][ T8068] RSP: 002b:00007f386e029038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  162.513102][ T8068] RAX: ffffffffffffffda RBX: 00007f386d3b6270 RCX: 00007f386d18ebe9
[  162.513114][ T8068] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  162.513123][ T8068] RBP: 00007f386d211e19 R08: 0000000000000000 R09: 0000000000000000
[  162.513131][ T8068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.513140][ T8068] R13: 00007f386d3b6308 R14: 00007f386d3b6270 R15: 00007f386d4dfa28
[  162.513155][ T8068]  </TASK>
[  162.823730][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  162.824380][    C1] vkms_vblank_simulate: vblank timer overrun
[  162.996153][    C1] vkms_vblank_simulate: vblank timer overrun
[  163.005246][ T5942] gspca_sunplus: reg_r err -110
[  163.010754][ T5942] sunplus 5-1:0.0: probe with driver sunplus failed with error -110
[  163.042179][ T8071] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.066972][ T8071] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.557003][ T8075] netlink: 'syz.3.512': attribute type 29 has an invalid length.
[  163.565623][ T8075] netlink: 'syz.3.512': attribute type 29 has an invalid length.
[  163.627704][ T8079] FAULT_INJECTION: forcing a failure.
[  163.627704][ T8079] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.640890][ T8079] CPU: 1 UID: 0 PID: 8079 Comm: syz.3.514 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  163.640926][ T8079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.640944][ T8079] Call Trace:
[  163.640954][ T8079]  <TASK>
[  163.640967][ T8079]  dump_stack_lvl+0x189/0x250
[  163.640998][ T8079]  ? __pfx____ratelimit+0x10/0x10
[  163.641018][ T8079]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.641033][ T8079]  ? __pfx__printk+0x10/0x10
[  163.641051][ T8079]  ? __might_fault+0xb0/0x130
[  163.641072][ T8079]  ? rcu_is_watching+0x15/0xb0
[  163.641089][ T8079]  should_fail_ex+0x414/0x560
[  163.641109][ T8079]  _copy_from_user+0x2d/0xb0
[  163.641127][ T8079]  ___sys_recvmsg+0x12e/0x510
[  163.641145][ T8079]  ? __pfx____sys_recvmsg+0x10/0x10
[  163.641162][ T8079]  ? __fget_files+0x2a/0x420
[  163.641178][ T8079]  ? rcu_is_watching+0x15/0xb0
[  163.641193][ T8079]  ? lock_release+0x4b/0x3e0
[  163.641214][ T8079]  ? __might_fault+0xcc/0x130
[  163.641233][ T8079]  do_recvmmsg+0x307/0x770
[  163.641252][ T8079]  ? __pfx_do_recvmmsg+0x10/0x10
[  163.641273][ T8079]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  163.641301][ T8079]  __x64_sys_recvmmsg+0x190/0x240
[  163.641318][ T8079]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  163.641331][ T8079]  ? rcu_is_watching+0x15/0xb0
[  163.641340][ T8079]  ? rcu_is_watching+0x15/0xb0
[  163.641349][ T8079]  do_syscall_64+0xfa/0x3b0
[  163.641361][ T8079]  ? rcu_is_watching+0x15/0xb0
[  163.641369][ T8079]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.641378][ T8079]  ? clear_bhb_loop+0x60/0xb0
[  163.641388][ T8079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.641397][ T8079] RIP: 0033:0x7f386d18ebe9
[  163.641406][ T8079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.641420][ T8079] RSP: 002b:00007f386e08c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  163.641432][ T8079] RAX: ffffffffffffffda RBX: 00007f386d3b5fa0 RCX: 00007f386d18ebe9
[  163.641439][ T8079] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 000000000000000a
[  163.641445][ T8079] RBP: 00007f386e08c090 R08: 0000000000000000 R09: 0000000000000000
[  163.641451][ T8079] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  163.641457][ T8079] R13: 00007f386d3b6038 R14: 00007f386d3b5fa0 R15: 00007f386d4dfa28
[  163.641466][ T8079]  </TASK>
[  163.873936][    C1] vkms_vblank_simulate: vblank timer overrun
[  163.987778][ T8082] binder_alloc: binder_alloc_mmap_handler: 8081 200000ff0000-200000ff3000 already mapped failed -16
[  164.343485][ T7200] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  164.553402][ T7200] usb 4-1: Using ep0 maxpacket: 16
[  164.564544][ T7200] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.578611][ T7200] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  164.606403][ T7200] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  164.696602][ T7200] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  164.715106][ T7200] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  164.750355][ T7200] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  164.759892][ T7200] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  164.772361][ T7200] usb 4-1: Manufacturer: syz
[  164.790744][ T7200] usb 4-1: config 0 descriptor??
[  165.084703][ T7200] rc_core: IR keymap rc-hauppauge not found
[  165.094770][ T7200] Registered IR keymap rc-empty
[  165.099846][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.133822][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.164255][ T7200] rc rc1: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc1
[  165.190824][ T7200] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc1/input15
[  165.206143][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.245180][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.276787][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.303495][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.323430][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.343459][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.363440][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.383595][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.393455][ T5862] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  165.413478][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.443457][ T7200] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  165.464492][ T7200] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  165.473746][ T7200] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  165.484952][ T7200] usb 4-1: USB disconnect, device number 25
[  165.543397][ T5862] usb 2-1: Using ep0 maxpacket: 32
[  165.550518][ T5862] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  165.558754][ T5862] usb 2-1: config 0 has no interface number 0
[  165.566509][ T5862] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  165.576377][ T5862] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.584411][ T5862] usb 2-1: Product: syz
[  165.588587][ T5862] usb 2-1: Manufacturer: syz
[  165.593184][ T5862] usb 2-1: SerialNumber: syz
[  165.600206][ T5862] usb 2-1: config 0 descriptor??
[  165.607574][ T5862] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  165.808554][ T5862] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  165.819471][ T5862] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  166.009859][    C1] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 6
[  166.077829][ T8104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.108932][ T8104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.303483][ T5983] vhci_hcd: vhci_device speed not set
[  166.397030][ T8114] netlink: 60 bytes leftover after parsing attributes in process `syz.3.523'.
[  166.407581][ T8114] vivid-001: disconnect
[  166.448029][ T7200] usb 5-1: USB disconnect, device number 30
[  166.614825][ T8116] input: syz0 as /devices/virtual/input/input16
[  166.769255][ T8118] FAULT_INJECTION: forcing a failure.
[  166.769255][ T8118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.786792][ T8118] CPU: 0 UID: 0 PID: 8118 Comm: syz.2.525 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  166.786819][ T8118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  166.786829][ T8118] Call Trace:
[  166.786835][ T8118]  <TASK>
[  166.786842][ T8118]  dump_stack_lvl+0x189/0x250
[  166.786872][ T8118]  ? __pfx____ratelimit+0x10/0x10
[  166.786892][ T8118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.786909][ T8118]  ? __pfx__printk+0x10/0x10
[  166.786927][ T8118]  ? __might_fault+0xb0/0x130
[  166.786950][ T8118]  ? rcu_is_watching+0x15/0xb0
[  166.786967][ T8118]  should_fail_ex+0x414/0x560
[  166.786989][ T8118]  _copy_from_user+0x2d/0xb0
[  166.787007][ T8118]  ___sys_recvmsg+0x12e/0x510
[  166.787026][ T8118]  ? __pfx____sys_recvmsg+0x10/0x10
[  166.787043][ T8118]  ? __fget_files+0x2a/0x420
[  166.787064][ T8118]  ? rcu_is_watching+0x15/0xb0
[  166.787079][ T8118]  ? lock_release+0x4b/0x3e0
[  166.787099][ T8118]  ? __might_fault+0xcc/0x130
[  166.787117][ T8118]  do_recvmmsg+0x307/0x770
[  166.787137][ T8118]  ? __pfx_do_recvmmsg+0x10/0x10
[  166.787155][ T8118]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  166.787181][ T8118]  __x64_sys_recvmmsg+0x190/0x240
[  166.787197][ T8118]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  166.787213][ T8118]  ? rcu_is_watching+0x15/0xb0
[  166.787229][ T8118]  ? rcu_is_watching+0x15/0xb0
[  166.787246][ T8118]  do_syscall_64+0xfa/0x3b0
[  166.787268][ T8118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.787284][ T8118]  ? clear_bhb_loop+0x60/0xb0
[  166.787301][ T8118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.787317][ T8118] RIP: 0033:0x7fa03e58ebe9
[  166.787333][ T8118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.787346][ T8118] RSP: 002b:00007fa03f323038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  166.787363][ T8118] RAX: ffffffffffffffda RBX: 00007fa03e7b5fa0 RCX: 00007fa03e58ebe9
[  166.787375][ T8118] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 000000000000000a
[  166.787384][ T8118] RBP: 00007fa03f323090 R08: 0000000000000000 R09: 0000000000000000
[  166.787394][ T8118] R10: 0000000000010002 R11: 0000000000000246 R12: 0000000000000002
[  166.787405][ T8118] R13: 00007fa03e7b6038 R14: 00007fa03e7b5fa0 R15: 00007fa03e8dfa28
[  166.787422][ T8118]  </TASK>
[  167.092395][ T8111] vivid-001: reconnect
[  167.173766][ T8124] netlink: 56 bytes leftover after parsing attributes in process `syz.4.527'.
[  167.205386][ T8124] netlink: 4 bytes leftover after parsing attributes in process `syz.4.527'.
[  167.215671][ T8124] chnl_net:caif_netlink_parms(): no params data found
[  167.360613][ T8129] netlink: 'syz.3.529': attribute type 1 has an invalid length.
[  167.560940][ T8136] input: syz0 as /devices/virtual/input/input17
[  167.640666][ T8139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  167.651424][ T8139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.165485][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  168.168099][ T7200] usb 2-1: USB disconnect, device number 25
[  168.204744][ T7200] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  168.263107][ T7200] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  168.287358][ T8140] netlink: 8 bytes leftover after parsing attributes in process `syz.3.531'.
[  168.303243][ T7200] quatech2 2-1:0.51: device disconnected
[  170.151928][ T8165] loop6: detected capacity change from 0 to 7
[  170.163550][    T9] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  170.174980][ T8165] Dev loop6: unable to read RDB block 7
[  170.180642][ T8165]  loop6: AHDI p3 p4
[  170.190462][ T8165] loop6: partition table partially beyond EOD, truncated
[  170.238627][ T8165] loop6: p3 start 1886353253 is beyond EOD, truncated
[  170.324622][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  170.336526][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  170.364825][ T8169] netlink: 60 bytes leftover after parsing attributes in process `syz.4.539'.
[  170.375149][ T8169] vivid-003: disconnect
[  170.390795][ T8170] fuse: Bad value for 'fd'
[  170.397142][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.406367][    T9] usb 2-1: Product: syz
[  170.411186][    T9] usb 2-1: Manufacturer: syz
[  170.415893][    T9] usb 2-1: SerialNumber: syz
[  170.423222][    T9] usb 2-1: config 0 descriptor??
[  170.636023][    T9] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-8
[  170.661040][    T9] dvb_usb_af9035 2-1:0.0: probe with driver dvb_usb_af9035 failed with error -8
[  170.739747][    T9] usb 2-1: USB disconnect, device number 26
[  170.975241][ T8163] vivid-003: reconnect
[  171.113459][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  171.297752][ T8176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.307043][ T8176] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.373474][   T92] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  171.533445][   T92] usb 5-1: Using ep0 maxpacket: 16
[  171.542929][   T92] usb 5-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  171.552063][   T92] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.560067][   T92] usb 5-1: Product: syz
[  171.564327][   T92] usb 5-1: Manufacturer: syz
[  171.568947][   T92] usb 5-1: SerialNumber: syz
[  171.575502][   T92] usb 5-1: config 0 descriptor??
[  171.582123][   T92] usb 5-1: Found UVC 0.00 device syz (046d:0721)
[  171.588554][   T92] usb 5-1: No valid video chain found.
[  171.675244][   T30] audit: type=1326 audit(1755393923.969:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386d18ebe9 code=0x7ffc0000
[  171.718790][   T30] audit: type=1326 audit(1755393923.969:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386d18ebe9 code=0x7ffc0000
[  171.741311][   T30] audit: type=1326 audit(1755393923.989:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f386d18ebe9 code=0x7ffc0000
[  171.763829][   T30] audit: type=1326 audit(1755393923.989:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386d18ebe9 code=0x7ffc0000
[  171.787360][   T30] audit: type=1326 audit(1755393923.989:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386d18ebe9 code=0x7ffc0000
[  171.849342][   T30] audit: type=1326 audit(1755393923.989:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f386d18ebe9 code=0x7ffc0000
[  171.888530][   T30] audit: type=1326 audit(1755393923.989:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386d18ebe9 code=0x7ffc0000
[  172.060662][ T5860] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  172.070038][ T5860] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  172.077553][ T5860] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  172.088001][ T5860] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  172.095583][ T5860] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  172.108138][ T8190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  172.144112][ T8190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  172.353552][ T5862] usb 5-1: USB disconnect, device number 31
[  172.584962][ T8206] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.550'.
[  172.602197][ T8206] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  172.615218][ T8206] CPU: 1 UID: 0 PID: 8206 Comm: syz.1.550 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  172.615241][ T8206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  172.615252][ T8206] Call Trace:
[  172.615258][ T8206]  <TASK>
[  172.615269][ T8206]  dump_stack_lvl+0x189/0x250
[  172.615294][ T8206]  ? __pfx_dump_stack_lvl+0x10/0x10
[  172.615314][ T8206]  ? __pfx__printk+0x10/0x10
[  172.615337][ T8206]  ? __rcu_read_unlock+0x84/0xe0
[  172.615372][ T8206]  ? kernfs_path_from_node+0x2f/0x290
[  172.615391][ T8206]  ? kernfs_path_from_node+0x250/0x290
[  172.615409][ T8206]  ? kernfs_path_from_node+0x2f/0x290
[  172.615429][ T8206]  sysfs_warn_dup+0x8e/0xa0
[  172.615447][ T8206]  sysfs_do_create_link_sd+0xc0/0x110
[  172.615465][ T8206]  device_add_class_symlinks+0x1cf/0x240
[  172.615485][ T8206]  device_add+0x475/0xb50
[  172.615502][ T8206]  wiphy_register+0x1ba6/0x28d0
[  172.615531][ T8206]  ? __pfx_wiphy_register+0x10/0x10
[  172.615552][ T8206]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  172.615572][ T8206]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  172.615599][ T8206]  ieee80211_register_hw+0x3425/0x4080
[  172.615617][ T8206]  ? preempt_schedule+0xae/0xc0
[  172.615643][ T8206]  ? ieee80211_register_hw+0x14a1/0x4080
[  172.615663][ T8206]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  172.615682][ T8206]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  172.615706][ T8206]  ? __hrtimer_setup+0x187/0x210
[  172.615721][ T8206]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  172.615747][ T8206]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  172.615778][ T8206]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  172.615798][ T8206]  ? trace_kmalloc+0x1f/0xd0
[  172.615818][ T8206]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  172.615841][ T8206]  ? kstrndup+0xbf/0x160
[  172.615861][ T8206]  hwsim_new_radio_nl+0xea4/0x1b10
[  172.615883][ T8206]  ? __pfx___nla_validate_parse+0x10/0x10
[  172.615913][ T8206]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  172.615938][ T8206]  ? __nla_parse+0x40/0x60
[  172.615962][ T8206]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  172.615986][ T8206]  genl_family_rcv_msg_doit+0x215/0x300
[  172.616007][ T8206]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  172.616031][ T8206]  ? bpf_lsm_capable+0x9/0x20
[  172.616053][ T8206]  ? security_capable+0x7e/0x2e0
[  172.616078][ T8206]  genl_rcv_msg+0x60e/0x790
[  172.616098][ T8206]  ? __pfx_genl_rcv_msg+0x10/0x10
[  172.616115][ T8206]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  172.616140][ T8206]  netlink_rcv_skb+0x208/0x470
[  172.616164][ T8206]  ? __pfx_genl_rcv_msg+0x10/0x10
[  172.616181][ T8206]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  172.616207][ T8206]  ? lock_release+0x4b/0x3e0
[  172.616231][ T8206]  ? down_read+0x1ad/0x2e0
[  172.616246][ T8206]  genl_rcv+0x28/0x40
[  172.616262][ T8206]  netlink_unicast+0x82c/0x9e0
[  172.616286][ T8206]  ? __pfx_netlink_unicast+0x10/0x10
[  172.616307][ T8206]  ? netlink_sendmsg+0x642/0xb30
[  172.616330][ T8206]  ? skb_put+0x11b/0x210
[  172.616346][ T8206]  netlink_sendmsg+0x805/0xb30
[  172.616380][ T8206]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.616404][ T8206]  ? aa_sock_msg_perm+0xf1/0x1d0
[  172.616421][ T8206]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  172.616439][ T8206]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.616463][ T8206]  __sock_sendmsg+0x219/0x270
[  172.616485][ T8206]  ____sys_sendmsg+0x505/0x830
[  172.616503][ T8206]  ? __pfx_____sys_sendmsg+0x10/0x10
[  172.616523][ T8206]  ? import_iovec+0x74/0xa0
[  172.616543][ T8206]  ___sys_sendmsg+0x21f/0x2a0
[  172.616560][ T8206]  ? __pfx____sys_sendmsg+0x10/0x10
[  172.616579][ T8206]  ? futex_wake+0x4b2/0x560
[  172.616611][ T8206]  ? __fget_files+0x2a/0x420
[  172.616625][ T8206]  ? __fget_files+0x3a0/0x420
[  172.616642][ T8206]  __x64_sys_sendmsg+0x19b/0x260
[  172.616659][ T8206]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  172.616679][ T8206]  ? rcu_is_watching+0x15/0xb0
[  172.616695][ T8206]  ? rcu_is_watching+0x15/0xb0
[  172.616708][ T8206]  do_syscall_64+0xfa/0x3b0
[  172.616724][ T8206]  ? rcu_is_watching+0x15/0xb0
[  172.616737][ T8206]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.616749][ T8206]  ? clear_bhb_loop+0x60/0xb0
[  172.616763][ T8206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.616776][ T8206] RIP: 0033:0x7eff8918ebe9
[  172.616788][ T8206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.616799][ T8206] RSP: 002b:00007eff8a037038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  172.616814][ T8206] RAX: ffffffffffffffda RBX: 00007eff893b6270 RCX: 00007eff8918ebe9
[  172.616824][ T8206] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000007
[  172.616833][ T8206] RBP: 00007eff89211e19 R08: 0000000000000000 R09: 0000000000000000
[  172.616842][ T8206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  172.616850][ T8206] R13: 00007eff893b6308 R14: 00007eff893b6270 R15: 00007eff894dfa28
[  172.616866][ T8206]  </TASK>
[  173.317383][ T8194] chnl_net:caif_netlink_parms(): no params data found
[  173.874481][ T8194] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.001910][ T8194] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.038278][ T8194] bridge_slave_0: entered allmulticast mode
[  174.057030][ T8194] bridge_slave_0: entered promiscuous mode
[  174.097802][ T8212] delete_channel: no stack
[  174.115479][ T8194] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.124997][ T8194] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.167056][ T5860] Bluetooth: hci5: command tx timeout
[  174.180498][ T8194] bridge_slave_1: entered allmulticast mode
[  174.187655][ T8194] bridge_slave_1: entered promiscuous mode
[  174.302014][ T8194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.326855][ T8194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.429861][ T8194] team0: Port device team_slave_0 added
[  174.437126][ T8194] team0: Port device team_slave_1 added
[  174.506045][ T8248] netlink: 376 bytes leftover after parsing attributes in process `syz.4.559'.
[  174.996105][ T8194] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.009954][ T8194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.059268][ T8194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.201564][ T7200] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  175.270239][ T8194] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.295540][ T8194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.321429][    C0] vkms_vblank_simulate: vblank timer overrun
[  175.338828][ T8194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.403451][ T7200] usb 5-1: Using ep0 maxpacket: 16
[  175.410812][ T7200] usb 5-1: config 2 has an invalid interface number: 32 but max is 2
[  175.421745][ T7200] usb 5-1: config 2 has an invalid interface number: 196 but max is 2
[  175.427082][ T8194] hsr_slave_0: entered promiscuous mode
[  175.437983][ T7200] usb 5-1: config 2 has no interface number 1
[  175.438685][ T8194] hsr_slave_1: entered promiscuous mode
[  175.445703][ T7200] usb 5-1: config 2 has no interface number 2
[  175.451110][ T8194] debugfs: 'hsr0' already exists in 'hsr'
[  175.456012][ T7200] usb 5-1: config 2 interface 32 has no altsetting 0
[  175.461652][ T8194] Cannot create hsr debugfs directory
[  175.469145][ T7200] usb 5-1: config 2 interface 0 has no altsetting 0
[  175.483677][ T7200] usb 5-1: config 2 interface 196 has no altsetting 0
[  175.492448][ T7200] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=65.11
[  175.501698][ T7200] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.509765][ T7200] usb 5-1: Product: syz
[  175.514030][ T7200] usb 5-1: Manufacturer: syz
[  175.518619][ T7200] usb 5-1: SerialNumber: syz
[  175.582652][ T8194] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  175.592150][ T8194] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  175.602328][ T8194] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  175.611668][ T8194] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  175.666056][ T8194] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.682775][ T8194] 8021q: adding VLAN 0 to HW filter on device team0
[  175.696776][ T6247] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.703859][ T6247] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.716342][ T6246] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.723440][ T6246] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.799995][ T8194] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.836043][ T8194] veth0_vlan: entered promiscuous mode
[  175.848039][ T8194] veth1_vlan: entered promiscuous mode
[  175.872420][ T7200] usb 5-1: USB disconnect, device number 32
[  175.889643][ T8194] veth0_macvtap: entered promiscuous mode
[  175.906149][ T8194] veth1_macvtap: entered promiscuous mode
[  175.921706][ T6748] udevd[6748]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:2.32/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  175.929678][ T6457] udevd[6457]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:2.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  175.952208][ T6280] udevd[6280]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:2.196/sound/card5/controlC5/../uevent} for writing: No such file or directory
[  175.969856][ T8194] batman_adv: batadv0: Interface activated: batadv_slave_0
[  175.983005][ T8194] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.000863][ T6241] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.014384][ T6241] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.023219][ T6241] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.032894][ T6241] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.074588][ T3530] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.082565][ T3530] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.102815][ T6241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.110947][ T6241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.233843][ T5860] Bluetooth: hci5: command tx timeout
[  178.313646][ T5867] Bluetooth: hci5: command tx timeout
[  180.393762][ T5867] Bluetooth: hci5: command tx timeout
[  187.113617][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  194.155326][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  194.161673][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  206.392826][ T5233] udevd[5233]: worker [6810] /devices/platform/dummy_hcd.2/usb3/3-1 is taking a long time
[  219.113487][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  232.073840][ T5860] Bluetooth: hci0: command 0x0406 tx timeout
[  255.595446][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  255.601747][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  286.313518][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  293.353441][   T31] INFO: task kworker/1:1:44 blocked for more than 143 seconds.
[  293.361014][   T31]       Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0
[  293.368709][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  293.377394][   T31] task:kworker/1:1     state:D stack:21584 pid:44    tgid:44    ppid:2      task_flags:0x4208060 flags:0x00004000
[  293.389398][   T31] Workqueue: usb_hub_wq hub_event
[  293.394494][   T31] Call Trace:
[  293.397789][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  293.400732][   T31]  __schedule+0x1798/0x4cc0
[  293.405306][   T31]  ? __pfx___schedule+0x10/0x10
[  293.410177][   T31]  ? schedule+0x91/0x360
[  293.414481][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.419272][   T31]  ? lock_release+0x4b/0x3e0
[  293.443816][   T31]  ? schedule+0x91/0x360
[  293.448094][   T31]  ? wq_worker_sleeping+0x63/0x250
[  293.453210][   T31]  schedule+0x165/0x360
[  293.503491][   T31]  schedule_timeout+0x9a/0x270
[  293.508322][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  293.564869][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.569691][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.607423][   T31]  ? wait_for_completion+0x267/0x5d0
[  293.612775][   T31]  wait_for_completion+0x2bf/0x5d0
[  293.619944][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  293.626749][   T31]  i2c_del_adapter+0x581/0x6e0
[  293.631569][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  293.640291][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.645297][   T31]  ? dvb_usb_adapter_exit+0xd7/0x240
[  293.650614][   T31]  dvb_usb_i2c_exit+0x64/0xb0
[  293.660884][   T31]  dvb_usb_device_exit+0x1be/0x350
[  293.666255][   T31]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  293.671916][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.678507][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  293.684746][   T31]  cxusb_probe+0x603/0x700
[  293.689194][   T31]  ? __pfx_cxusb_probe+0x10/0x10
[  293.696110][   T31]  ? __pm_runtime_set_status+0x785/0xa50
[  293.701794][   T31]  usb_probe_interface+0x668/0xc30
[  293.723551][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  293.729233][   T31]  really_probe+0x26a/0x9e0
[  293.756580][   T31]  __driver_probe_device+0x18c/0x2f0
[  293.761936][   T31]  driver_probe_device+0x4f/0x430
[  293.768967][   T31]  __device_attach_driver+0x2ce/0x530
[  293.774996][   T31]  bus_for_each_drv+0x251/0x2e0
[  293.779881][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  293.787686][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  293.793100][   T31]  __device_attach+0x2b8/0x400
[  293.798904][   T31]  ? __pfx___device_attach+0x10/0x10
[  293.806124][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  293.811356][   T31]  bus_probe_device+0x185/0x260
[  293.817933][   T31]  device_add+0x7b6/0xb50
[  293.822297][   T31]  usb_set_configuration+0x1a87/0x20e0
[  293.829672][   T31]  usb_generic_driver_probe+0x8d/0x150
[  293.835876][   T31]  usb_probe_device+0x1c1/0x390
[  293.840780][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  293.848097][   T31]  really_probe+0x26a/0x9e0
[  293.852618][   T31]  __driver_probe_device+0x18c/0x2f0
[  293.859091][   T31]  driver_probe_device+0x4f/0x430
[  293.864394][   T31]  __device_attach_driver+0x2ce/0x530
[  293.869790][   T31]  bus_for_each_drv+0x251/0x2e0
[  293.874906][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  293.880809][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  293.886301][   T31]  __device_attach+0x2b8/0x400
[  293.891076][   T31]  ? __pfx___device_attach+0x10/0x10
[  293.896413][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  293.901622][   T31]  bus_probe_device+0x185/0x260
[  293.906522][   T31]  device_add+0x7b6/0xb50
[  293.910848][   T31]  usb_new_device+0xa39/0x16f0
[  293.915709][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  293.920911][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.925700][   T31]  hub_event+0x2958/0x4a20
[  293.930128][   T31]  ? __pfx_hub_event+0x10/0x10
[  293.934920][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.939686][   T31]  ? lock_acquire+0x5f/0x360
[  293.944325][   T31]  ? rcu_is_watching+0x15/0xb0
[  293.949083][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  293.954836][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  293.961308][   T31]  process_scheduled_works+0xade/0x17b0
[  293.966962][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  293.972943][   T31]  worker_thread+0x8a0/0xda0
[  293.977610][   T31]  kthread+0x70e/0x8a0
[  293.981684][   T31]  ? __pfx_worker_thread+0x10/0x10
[  293.986830][   T31]  ? __pfx_kthread+0x10/0x10
[  293.991426][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  293.996716][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.001915][   T31]  ? __pfx_kthread+0x10/0x10
[  294.007270][   T31]  ret_from_fork+0x3f9/0x770
[  294.011864][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  294.017008][   T31]  ? __switch_to_asm+0x39/0x70
[  294.021769][   T31]  ? __switch_to_asm+0x33/0x70
[  294.026592][   T31]  ? __pfx_kthread+0x10/0x10
[  294.031197][   T31]  ret_from_fork_asm+0x1a/0x30
[  294.036005][   T31]  </TASK>
[  294.039172][   T31] INFO: lockdep is turned off.
[  294.063406][   T31] NMI backtrace for cpu 0
[  294.063431][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  294.063451][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.063461][   T31] Call Trace:
[  294.063468][   T31]  <TASK>
[  294.063474][   T31]  dump_stack_lvl+0x189/0x250
[  294.063497][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.063516][   T31]  ? __pfx__printk+0x10/0x10
[  294.063540][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  294.063559][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  294.063578][   T31]  ? __pfx__printk+0x10/0x10
[  294.063595][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  294.063617][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  294.063635][   T31]  watchdog+0xf93/0xfe0
[  294.063658][   T31]  ? watchdog+0x1de/0xfe0
[  294.063679][   T31]  kthread+0x70e/0x8a0
[  294.063699][   T31]  ? __pfx_watchdog+0x10/0x10
[  294.063719][   T31]  ? __pfx_kthread+0x10/0x10
[  294.063737][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  294.063764][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.063783][   T31]  ? __pfx_kthread+0x10/0x10
[  294.063801][   T31]  ret_from_fork+0x3f9/0x770
[  294.063818][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  294.063836][   T31]  ? __switch_to_asm+0x39/0x70
[  294.063856][   T31]  ? __switch_to_asm+0x33/0x70
[  294.063873][   T31]  ? __pfx_kthread+0x10/0x10
[  294.063891][   T31]  ret_from_fork_asm+0x1a/0x30
[  294.063915][   T31]  </TASK>
[  294.063921][   T31] Sending NMI from CPU 0 to CPUs 1:
[  294.096414][   T44] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  294.101074][    C1] NMI backtrace for cpu 1
[  294.101086][    C1] CPU: 1 UID: 0 PID: 44 Comm: kworker/1:1 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  294.101104][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.101114][    C1] Workqueue: usb_hub_wq hub_event
[  294.101138][    C1] RIP: 0010:__sanitizer_cov_trace_cmp8+0x8/0x90
[  294.101159][    C1] Code: 48 89 44 11 20 e9 08 9e bc 09 cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 50 a0 92 65 8b 15 28 a2 e0 10 81 e2 00 01 ff 00
[  294.101171][    C1] RSP: 0018:ffffc90000a088e0 EFLAGS: 00000046
[  294.101183][    C1] RAX: ffffffff81ad7f88 RBX: 000000000001e848 RCX: ffff888020ec1e00
[  294.101195][    C1] RDX: 0000000000000100 RSI: 000000447865e816 RDI: 000000447867d05e
[  294.101204][    C1] RBP: 000000447867d05e R08: 0000000000000001 R09: 0000000000000000
[  294.101214][    C1] R10: dffffc0000000000 R11: ffffffff8167ba30 R12: dffffc0000000000
[  294.101225][    C1] R13: 000000447865e816 R14: ffff888027fd3401 R15: 1ffff110170e4f59
[  294.101235][    C1] FS:  0000000000000000(0000) GS:ffff888125d1b000(0000) knlGS:0000000000000000
[  294.101248][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  294.101258][    C1] CR2: 00005586b31d4000 CR3: 000000007d172000 CR4: 00000000003526f0
[  294.101271][    C1] Call Trace:
[  294.101277][    C1]  <IRQ>
[  294.101282][    C1]  hrtimer_start_range_ns+0x358/0x1080
[  294.101310][    C1]  dummy_timer+0x437d/0x4550
[  294.101329][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  294.101356][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  294.101378][    C1]  ? rcu_is_watching+0x15/0xb0
[  294.101396][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  294.101415][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  294.101432][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  294.101449][    C1]  __hrtimer_run_queues+0x529/0xc60
[  294.101474][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  294.101487][    C1]  ? read_tsc+0x9/0x20
[  294.101506][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  294.101524][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  294.101540][    C1]  handle_softirqs+0x283/0x870
[  294.101555][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  294.101571][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  294.101586][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  294.101605][    C1]  __irq_exit_rcu+0xca/0x1f0
[  294.101618][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  294.101635][    C1]  irq_exit_rcu+0x9/0x30
[  294.101647][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  294.101666][    C1]  </IRQ>
[  294.101671][    C1]  <TASK>
[  294.101677][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  294.101693][    C1] RIP: 0010:vprintk_emit+0x58f/0x7a0
[  294.101709][    C1] Code: 85 32 01 00 00 e8 c1 86 1f 00 41 89 df 4d 85 f6 48 8b 1c 24 75 07 e8 b0 86 1f 00 eb 06 e8 a9 86 1f 00 fb 48 c7 c7 80 e1 12 8e <31> f6 ba 01 00 00 00 31 c9 41 b8 01 00 00 00 45 31 c9 53 e8 b9 35
[  294.101720][    C1] RSP: 0018:ffffc90000b46a20 EFLAGS: 00000246
[  294.101732][    C1] RAX: ffffffff81a024e7 RBX: ffffffff81a023a4 RCX: 0000000000100000
[  294.101743][    C1] RDX: ffffc900198a2000 RSI: 00000000000fffff RDI: ffffffff8e12e180
[  294.101754][    C1] RBP: ffffc90000b46b30 R08: ffffffff8fa38137 R09: 1ffffffff1f47026
[  294.101765][    C1] R10: dffffc0000000000 R11: fffffbfff1f47027 R12: dffffc0000000000
[  294.101777][    C1] R13: 1ffff92000168d48 R14: 0000000000000200 R15: 0000000000000055
[  294.101788][    C1]  ? vprintk_emit+0x444/0x7a0
[  294.101803][    C1]  ? vprintk_emit+0x587/0x7a0
[  294.101819][    C1]  ? vprintk_emit+0x444/0x7a0
[  294.101834][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  294.101851][    C1]  ? rcu_is_watching+0x15/0xb0
[  294.101868][    C1]  _printk+0xcf/0x120
[  294.101888][    C1]  ? __pfx__printk+0x10/0x10
[  294.101907][    C1]  ? free_large_kmalloc+0x13a/0x1f0
[  294.101928][    C1]  dvb_usb_device_exit+0x29b/0x350
[  294.101945][    C1]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  294.101963][    C1]  ? rcu_is_watching+0x15/0xb0
[  294.101978][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  294.101996][    C1]  cxusb_probe+0x603/0x700
[  294.102016][    C1]  ? __pfx_cxusb_probe+0x10/0x10
[  294.102072][    C1]  ? __pm_runtime_set_status+0x785/0xa50
[  294.102090][    C1]  usb_probe_interface+0x668/0xc30
[  294.102112][    C1]  ? __pfx_usb_probe_interface+0x10/0x10
[  294.102130][    C1]  really_probe+0x26a/0x9e0
[  294.102148][    C1]  __driver_probe_device+0x18c/0x2f0
[  294.102164][    C1]  driver_probe_device+0x4f/0x430
[  294.102180][    C1]  __device_attach_driver+0x2ce/0x530
[  294.102197][    C1]  bus_for_each_drv+0x251/0x2e0
[  294.102216][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  294.102232][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  294.102254][    C1]  __device_attach+0x2b8/0x400
[  294.102269][    C1]  ? __pfx___device_attach+0x10/0x10
[  294.102285][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  294.102302][    C1]  bus_probe_device+0x185/0x260
[  294.102321][    C1]  device_add+0x7b6/0xb50
[  294.102336][    C1]  usb_set_configuration+0x1a87/0x20e0
[  294.102363][    C1]  usb_generic_driver_probe+0x8d/0x150
[  294.102380][    C1]  usb_probe_device+0x1c1/0x390
[  294.102399][    C1]  ? __pfx_usb_probe_device+0x10/0x10
[  294.102415][    C1]  really_probe+0x26a/0x9e0
[  294.102432][    C1]  __driver_probe_device+0x18c/0x2f0
[  294.102448][    C1]  driver_probe_device+0x4f/0x430
[  294.102464][    C1]  __device_attach_driver+0x2ce/0x530
[  294.102487][    C1]  bus_for_each_drv+0x251/0x2e0
[  294.102505][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  294.102520][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  294.102542][    C1]  __device_attach+0x2b8/0x400
[  294.102557][    C1]  ? __pfx___device_attach+0x10/0x10
[  294.102573][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  294.102591][    C1]  bus_probe_device+0x185/0x260
[  294.102610][    C1]  device_add+0x7b6/0xb50
[  294.102625][    C1]  usb_new_device+0xa39/0x16f0
[  294.102643][    C1]  ? __pfx_usb_new_device+0x10/0x10
[  294.102657][    C1]  ? rcu_is_watching+0x15/0xb0
[  294.102673][    C1]  hub_event+0x2958/0x4a20
[  294.102706][    C1]  ? __pfx_hub_event+0x10/0x10
[  294.102720][    C1]  ? rcu_is_watching+0x15/0xb0
[  294.102734][    C1]  ? lock_acquire+0x5f/0x360
[  294.102753][    C1]  ? rcu_is_watching+0x15/0xb0
[  294.102766][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  294.102780][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  294.102795][    C1]  process_scheduled_works+0xade/0x17b0
[  294.102817][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  294.102837][    C1]  worker_thread+0x8a0/0xda0
[  294.102859][    C1]  kthread+0x70e/0x8a0
[  294.102877][    C1]  ? __pfx_worker_thread+0x10/0x10
[  294.102890][    C1]  ? __pfx_kthread+0x10/0x10
[  294.102907][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  294.102923][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.102940][    C1]  ? __pfx_kthread+0x10/0x10
[  294.102956][    C1]  ret_from_fork+0x3f9/0x770
[  294.102971][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  294.102987][    C1]  ? __switch_to_asm+0x39/0x70
[  294.103004][    C1]  ? __switch_to_asm+0x33/0x70
[  294.103020][    C1]  ? __pfx_kthread+0x10/0x10
[  294.103037][    C1]  ret_from_fork_asm+0x1a/0x30
[  294.103058][    C1]  </TASK>
[  294.690846][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  294.690865][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(full) 
[  294.690886][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.690897][   T31] Call Trace:
[  294.690904][   T31]  <TASK>
[  294.690911][   T31]  dump_stack_lvl+0x99/0x250
[  294.690934][   T31]  ? __asan_memcpy+0x40/0x70
[  294.690953][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.690971][   T31]  ? __pfx__printk+0x10/0x10
[  294.690997][   T31]  vpanic+0x281/0x750
[  294.691015][   T31]  ? __pfx_vpanic+0x10/0x10
[  294.691032][   T31]  ? preempt_schedule+0xae/0xc0
[  294.691052][   T31]  ? preempt_schedule_common+0x83/0xd0
[  294.691075][   T31]  panic+0xb9/0xc0
[  294.691092][   T31]  ? __pfx_panic+0x10/0x10
[  294.691109][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  294.691135][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  294.691155][   T31]  watchdog+0xfd2/0xfe0
[  294.691179][   T31]  ? watchdog+0x1de/0xfe0
[  294.691201][   T31]  kthread+0x70e/0x8a0
[  294.691221][   T31]  ? __pfx_watchdog+0x10/0x10
[  294.691240][   T31]  ? __pfx_kthread+0x10/0x10
[  294.691260][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  294.691279][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.691298][   T31]  ? __pfx_kthread+0x10/0x10
[  294.691317][   T31]  ret_from_fork+0x3f9/0x770
[  294.691334][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  294.691353][   T31]  ? __switch_to_asm+0x39/0x70
[  294.691372][   T31]  ? __switch_to_asm+0x33/0x70
[  294.691391][   T31]  ? __pfx_kthread+0x10/0x10
[  294.691409][   T31]  ret_from_fork_asm+0x1a/0x30
[  294.691434][   T31]  </TASK>
[  294.694081][   T31] Kernel Offset: disabled