last executing test programs:

27.957528959s ago: executing program 0 (id=3452):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/105, 0x69}], 0x2}, 0xa1}], 0x1, 0x22, 0x0) (fail_nth: 2)

27.458562982s ago: executing program 3 (id=3453):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = eventfd2(0x2, 0x80000)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@private2, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x1000, 0xd98d, 0x100, 0x0, 0x2})
io_setup(0x81, &(0x7f0000000400)=<r2=>0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r1}, 0xffffffffffffffc6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x6e02, 0xc000, 0x1, 0x1d7})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1fd, r1, 0x0, 0x0, 0x0, 0x0, 0x1, r1}])

26.929262184s ago: executing program 0 (id=3455):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000002680)=[0x0], 0x1})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
syz_emit_ethernet(0x1e1, &(0x7f0000002240)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "001a10", 0x1ab, 0x3a, 0xfe, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @private0={0xfc, 0x0, '\x00', 0x1}, @empty, [{0x22, 0x12, "faebe2d83a9297db91b5ff44dc195e252e25f7626b6e5fcdb20ebf5f9121751e9e38ae6cb5b8d080ae871f752c092bf42fc1e0615946b90199bf87d954ac5642aff49b7bb4e31c53c4a935b375be41801933a0824509fc381d250b8155f636b29d7eae9db914aa926c01c0dae247bd0df3dbdf88bf5d6fcb2bec257307ce3da1f327b53a77d4c75be481b95906051935c240d8"}, {0x3, 0x10, "2e0810cf0167fed9adcaede95a798898153527e5d824174cb794ee4e7f2ff24d21cadecce88e5de3f8795e2dc9947c936ab9efa941813776e5693e017b74dbfb7112c40c72d27b033019e09986d33cb311f5daee6070fc96a0388b4d9fa95d52b7d1ed8fe4066158561407537c8467d0fabfe3c498399c89e255b7f340a1"}, {0x1, 0x8, "b3f1ad7b473f16d8c2f7f2db140406d2d904936e13dd9c6b03ff5614c4d9972d9e9bb3c0128cbbe8b9c1062fbee5eb7d22777871176cbe948f603a8c92032114d1476d"}, {0xe, 0x3, "6f9864739ca8eaa75c118d14fe63513064f6fc00e79b165e3e1d3dd0"}, {0x4, 0x1, "4f037a0c74b4a3862c"}]}}}}}}, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
rt_sigpending(&(0x7f0000000000), 0x8)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x4e20, @rand_addr=0x64010100}, {0x2, 0x4e21, @local}, {0x2, 0x4e23, @broadcast}, 0x287, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8, 0x9, 0xff9e})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002200)='/proc/asound/timers\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f00000001c0)={0x2020}, 0x2020)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000000c0))
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
setsockopt$inet6_mtu(r4, 0x29, 0x17, &(0x7f0000000100)=0x3, 0x4)
connect$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e28}, 0x1c)
sendmmsg(r4, &(0x7f00000092c0), 0x4ff, 0x0)

26.656089879s ago: executing program 3 (id=3457):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000140)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}], 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000001c0)={r2, 0x1}, 0x8) (fail_nth: 2)

26.629807538s ago: executing program 2 (id=3458):
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f00000003c0)})
creat(0x0, 0x0)
memfd_create(0x0, 0x2)
gettid()
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)

26.439462176s ago: executing program 2 (id=3459):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="17"], 0x20)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0xfffffffffffffffc, &(0x7f00000003c0))
ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={0x0}) (fail_nth: 2)

25.78462697s ago: executing program 2 (id=3460):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0)
write$dsp(r0, &(0x7f0000000200)='m', 0x1)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000100))
r5 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x103400, 0x0)
eventfd(0x5f0)
write$snddsp(r5, &(0x7f0000000200)="a3", 0x33)

25.638870777s ago: executing program 3 (id=3461):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f00000034c0)={0x2020}, 0xcac)

25.549188355s ago: executing program 0 (id=3462):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x84}, 0x1, 0x0, 0x0, 0x844}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="20000280", @ANYRES32=r0, @ANYBLOB="0000000000000000000000000a000000000000000000001420000100", @ANYRES8], 0x58}, 0x1, 0x0, 0x0, 0x840}, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa15, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1, 0x7, 0x8000, 0x1, 0x0, 0xffffffffffffffff, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r3, &(0x7f00000005c0), &(0x7f0000000680)=""/151}, 0x20)
r4 = accept4(r1, &(0x7f0000000100)=@sco={0x1f, @none}, &(0x7f0000000180)=0x80, 0x80000)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000001c0), 0x3)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000000400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x4d008}, 0x2000c000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002980)=ANY=[@ANYBLOB="340000001100010027bd7000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="c0000000001406001400350077673200"/28], 0x34}, 0x1, 0x0, 0x0, 0x40000100}, 0x40004)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

25.385296043s ago: executing program 3 (id=3463):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0xfffffffffffffea1)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/pid\x00')
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'lo\x00', <r8=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001400030529bd7000ffdbdf25020751ff", @ANYRES32=r8, @ANYBLOB="08000f2542f418df76b60200ac1e0101"], 0x20}, 0x1, 0x0, 0x0, 0xc090}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})
r9 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109021b000100000000090400000101292000090509"], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
shutdown(r0, 0x1)
syz_open_dev$audion(&(0x7f00000011c0), 0x3, 0x8c4201)
fsopen(&(0x7f0000000580)='overlay\x00', 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x81)
socket$netlink(0x10, 0x3, 0x0)

24.936016404s ago: executing program 1 (id=3464):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10013, r4, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0xfffffffffffffff8, 0xdddd1000, 0x1})
r5 = io_uring_setup(0x4822, &(0x7f0000000100)={0x0, 0x0, 0x800, 0x2, 0x2})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r6, 0x0)
accept(r6, 0x0, 0x0)

24.590247106s ago: executing program 1 (id=3466):
socket$inet6_sctp(0xa, 0x1, 0x84)
io_uring_setup(0x456, &(0x7f00000000c0)={0x0, 0x3, 0x1000, 0x1004003, 0x3c})
socket$kcm(0x2, 0x200000000000001, 0x106)
socket(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$userfaultfd(0xffffffffffffff9c, &(0x7f0000000100), 0x80001, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r1, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x5, @empty, 0xa098}, {0xa, 0x4e21, 0x9, @mcast1, 0x9}, 0xffffffffffffffff, 0x8001}}, 0x48)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

24.100312618s ago: executing program 2 (id=3468):
r0 = socket(0x400000000010, 0x3, 0x0)
mount_setattr(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8000, &(0x7f0000000100)={0x8, 0x1001fc, 0x1a0000}, 0x20)
sched_setattr(0x0, 0x0, 0x0)
r1 = syz_usb_connect(0x5, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000096d5c4004233e0269d7010203010902120001180000000904d9000037"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000040)={0x0, 0x0, 0x1, "ac"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
pwritev(r2, &(0x7f0000000840)=[{&(0x7f0000000380)='\f', 0xfff5}], 0x1, 0x5, 0xb2)
r3 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r3, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89fc, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x12, 0x0, 0x30040001, 0x0, 0x1, 0x0, 0x4, 0xfffffffe, 0x4000}})

24.046149508s ago: executing program 0 (id=3469):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x81, 0x0, 0x9, 0xfffffffffffffffd, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000140)={0xc})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x3c, 0x40, 0x119, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x20, 0x1, 0x0, 0x1, [@typed={0x6, 0x3, 0x0, 0x0, @str='\x80\n'}, @nested={0x14, 0x1a, 0x0, 0x1, [@nested={0x10, 0x47, 0x0, 0x1, [@nested={0x4, 0x146}, @nested={0x4, 0xb5}, @nested={0x4, 0x7e}]}]}]}, @nested={0x4, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r3 = add_key$keyring(&(0x7f0000000400), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f00000003c0)={'fscrypt:', @desc1}, &(0x7f0000000440)={0x0, "121094e249783d2d467c80b8b83aafd17621974d05873fa60fec44d55f01db504dc044568755c24536bc23fbc2632843da9e33080a45cf2ba4d8b2e4f3ea8a5d", 0x20}, 0x48, r3)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x1, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x2, 0x0, 0x0, 0xe}}, &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f000000b0c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
open(0x0, 0x109281, 0x0)
write$FUSE_INIT(r5, &(0x7f0000002280)={0x50, 0x0, r6, {0x7, 0x9, 0x0, 0x110002, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f0000007080)="f5201a6b6542be6cbad26e239346ffe3dbc7125e4eb0daba2e9ba73337e45b1a2c2828afbe1d99c856f2d7c9b91364a83e3c477d5e9569cf8787de2fd830003be5c3bbb4a246c4e13764c6e255ef511c263c70adb80380cc2b3247fb61ebddd2b945820fc646375953f1322be813b875bf64256ac7a8debe881f8352dc9fd70b9473bf07932110a5d1a94144b2ab0b4cd92458041eef085b29b5c115df0d7db2bea67006c66b64015fc980343e5ff451373afc63f2ae21d63cddeb3b0c53bbb4e0e31663f5b1b53de22517869df6114ac9047ee98a692b4f0e3e7cfc4e42368f217cc705f2bc5d10454ab30eda651c6ee29f0cc5a6ca7b384949955785844742121b5734a8cf3f3fe1d3e5c2085da26a028ba6c84d5cbce6afbe13cbb179d4c251e1d2d68e8c7d9c34eee698ceeb6e40aed55c62c45d8c7fcb2cfe95ce261238ca5c4458647ed7a001788e991e3d2ecfc77bedec164efda9e4a5d5f03043628fd8b5f906371c52e7de2e760b820dce5c3629610a48a036cd54f23ec3ef274f8da724f45c482505864c87359d4411cad79d7434c9a9d79323410b671880a344b933a47d735abd0e63308cf7f6e15790a50ccbcce072526952c763775066125af0fcde57ba3c514301aef17391c76adfc2419829a88e0d91b947d278cd03d94ce98ec639a6163eaa9755b1813685080ce588251fbd4240a7f65cdc1074503b0fe49b24996e52c6899ac90014d9a58566e841bcac357ed59f7e7274b6e94f7a526a5b420c5d6ababab7e7f8ba6ef6f3455a5aed80f4aaadb58fb38f725d524b4fd63238dc7936d62e81ef46bb7346d7f55c4fdbe7606b1053f6faf6d80612311823efe1e6522fd5bbb77c52c868362f263e56ea1447b612d681828561adefdd28fb855fd81f27e2698cc02bbcf7d653cf8dc9eea252f2b1f48c0d2ab70ece454daf9b5829d7106eb8ca8807eebd07d1bf6af6a4523577db893995778759e1be294aea8edb9226a9acbd44f98f60641f87195521491e621b10cc2032434f319e76743601a0bcc99fb3636389172a790e25260de7cb58961f9ad44d16c7604402bbca8cf82be528a64107c0dd114fd3458c0f1e97888c1c739dc678b43b202c603946cb5720a1e7331282a48afb12b461c41b6fd92b97c6960ac9f664f509b02c8267d722f372b007befada669d4cc36fb931763ffd8744b10e78cb849d40f88d190778a70f902faa4f34cae0b9e163b59b1bae96a933afecbc6a768f1d7ae20bf2771f28c1a3d333ae0b6f691d2f985e1ed6d0e1c29d7db36234b9bec18a1ee98b9ae90e4706d1c952f6059cc4d64bfc14152a88443f260d179c705df71e006a60981fefaa8a51c9c368680b830967b01b60734b9924335d7700b083bd7e87b3ad2f3d497e914368a15c5456d08861fb7513e96acb49935dc3f46fcaa297cdbdc759cb8a5a2515a482ca60440da8b7d5a8c79659d99e3892f9086b372d78622d3689267652c4dd60754cb8eb45028b0c237adff5ffaeaf78ed5a541c57feeb014a53e2a98042d5712d5f7a779b7a12bc120b8cf6df35b258fe1ad7ebdbee88d25355560fad504dce4bd878df5e43c55e765ac324dd8d65ce29c2a93f9e085bb51ff75dbbf314ed6aa3a36330fd146d28654c659f1c6c5089c3619be1c7707be835500fb15bf873ab35517b743207621346db75d16fb21624c04ceddda2d607642004f611db7414e1c593ef38c62e4d27a8b7833436609c284a46edc9b973e790aba0bf4c6bc0069ce9372c6c7b93d15740771ddf9c704338f4af870c649ecdaeab106b1242dbb74c284bfb5d87aa688d27befe1dc0d1019fde1842e89eee67e11f925672ebff47e4503e02fa989297e9461d540000b5e0ed2d957efc3b77a10181597c7fb2c94e62db50e46c46d10c1127573bae01166170467b7641d7e07dcd879f04b8dc08dcf460bef8e83aae33151a72eddf9ccac4eb95c48cb4008ba3fea542b2e3c6c4c07850cd4ca551536a20d18ed18852baaaf7339908583aae41f08f3c6f5811cd730e849dc8382e8bdf3519ab900d38a0a9822400d619b52a957b1bbe8384619e5d65588a2ca6bf068ca27fce9aa0448a60d04b3b230db3a939409ec7df45d70a944b34baaf0bf951d205667c8281e9e87468d1a2f6edf79a7d5df12a8564e56d3a952efa4c4be2b09be2c3d699b05268e8cfe998a9f37b8714c92647ada8a8129bc4084624c6f1059f834193deef961f5dbfe500c1bf781f45441984d52800d81d814a82ec4f859c7217146ac447c8462612574a1a8603148ed46bf3e195d417bbe43aa6bf83ea8fb525941ef8dd56149bd6fdcbf626609ddb699e40e83fa4792b39384eb0d1b78c97c6798537b192753caed3a5eaa4a33d54b473b43851cb282cd857ae11a4d34c6b53fc1c334f8ec42672295b88a326b65d338a70bb3d5d866ff55a9ce0345c7a890cd6dee36012c76d862802c9cbaf1abbab99dc898eb432f50474ae6c202121d19f8d0467fcb1279457accf9b777c75390756762dde795d94aaba4c1729f559adc33966fbf517fc91fae21bd8ef22e914bbe6bae774246749ad63d8d16f21c9aebc80a97be408443ae60af610dd3ad9964b2401e049b09dbb46f6126d3d534a7786bb3663719943111231d18e51ed534b1e28807c062280924e5d53a8a1316ca2b5936911a267d5b799fd7d8e5e725271d5b8eb90e3dd9ef9eb1400c68eb8f88622f548af7df4846758cfb74aeb48588d1820f504e97ae1d818feb7113175b04e7c0bae6239672c987253cdf0e9845119f3f200d40f586ab986312144c3525acb78a5784f5707217105bae651e0c000792f4e88c1a924d33fbe5474a71b1e193a8d3a6a65dc485f2a299e7d07a6cf621260dcfc5d79c9243618f57507ca025baa53b3e684667f33dfb8ab9065cc548ad5c881bceb5d937462ea850fc197f5ae8c9489815b2cff853895e987e684195a094d8460ee52ef9d8f6fa0ba01092f0cdffcc7a682ca3125058ce9ed0064d7d0a868b0419b49ded3d93f0c7e1d700288350ff4c130cf6e0b507ce6064623294536c8fc4011b9b40299bfe02144806411d5b36997db26033a5ddeecd6bf3faefd3ca0a6cb70b0561106b2dabb06cf88bb6fa283e43dcd2fa1f33063183e15450385ba6fed4436502211d3181351db793a76ae11ebde2b23f340b7522748a4602ec469b88eb7f3d1325baa536ab8096c58c6f2b4863a541f618112643e194a5873cdae4172bb3005743782d8af22dbf23ab60e7d0f4ceb3ef0c46e23e1ecee1839558bc5c146dd97aba7651dfd2401fb8aec4eda71b1b15a2570130f0f5ff489ad4355a708a6eafa9752eb5c9f7a83f43c3e3b317e7e68133573f585fc27c5cfc0d90016f5be8594e1cfac36b24570cebb5be46d3f5917441ccadc355536b8b9b455b87667edd802b77178251afdefe9a4b5f0ff7e59fa5cf9b449e18bc4bf8154f15913128a2584f7d60a3c09f467233783690df422d3d9982200eb604ec2ef50830bba6f82e8b91823808fac0b07bc0e51a671c32dea0f2f9aa2cfbbc91cdf54b719b6009ce750bab1680cac77398b2a619d550161fa70e7e8b86fb535f8797fca75708efba7f0d95da4ac235d9de68a50c998a72c0c2da90f511ea456f776c881b8416b894cd835ad13c62b035ef4d220a66c86c1c00de534690e42d064bf4fff946af98aec3f9490d6f0586e891d272a4bfb776ab84bd693af6526c4b09beab2460634d929bcc61cf75b041f067e7b503ecd6a80934e169ebb0ac926a85b53cb1d7b63eee6abcd9e250834da6e4da23b3b3d90c2f726861760ca14b78d5e895eb7fa2e8b39f724a0371412b1c94c6a42f1beeae2328e353971531bddcda730b6a0d90f7c58e3ce5953cf5a6c9e3fd657c92fe4b5b8b0b659353944afa5c69c309527d6d4039e78c675c8d2f527fbcb2b765864fed987f785221862bd7deb66e6676ddebdd19cf4cb26869f562928dc98088bb69281615fc6a2dafc466e70ff9ea1a411e1a3ba3f94ed7d429796afc9f0c95da19a4db691c36407985e5f08473dd8afd9de88b2c26b6ebd2ea35177238e18dfc36d579a80074c06f5cca60cf6d64d27eeb121c6c8e5e09aa3165c101068cb748694695e803540d947f33740d30616001448173ef57bbcb82fcb213348a2a58e2d14480b1ce1ad346729631b91f7e343e37abd8e787274ff4598acc99cc58f3578979e6e6a1926333bd8818a256b58e67c6f77145ee26f24998cab89021423e03326c175adaa8ea905122553948ece311cbcb770222e7f4f373398497c8c301480d031fc53c2a7018d91777cec253e89e28a82d15e01c12c0ccae1b56ecff35b90b19769bff4b786d4624679abe852780e9e4b9985e0564ee604027dc2a60f65d2fcf1d354e163a8465f77eb67e2a6c9fa89ea0768f9cf117fd1ea8969e592da11d34f6f9b7adb24f3261dd14199fea6da6b5d31f825b3706492b3305cbf6ef553fadfcad51a0484f09a8d2491c8a937fdd36d9e0b94fb6bdca6e80a6079739cc1d455fd735e89fe89938a7132dc0c9f181953dd9cf2d106a3f1478b46ddf35aae9bc6932227d79ac4f534967be2cbc30fa254658b61752b534257fc10bd8db219ec394b41e7fe541f9086ce19d28e13d2b3c384745fc88ed0cb5ef414e23e8782f99307c49121a733875e9fb9c8559d8ad6bab256dde2bfdee4286c1419b80acf55dd09da71116c0fa902d8e89465c313c311f272a11cd17417372dc74e01f3ba1a9afd8bcb9fad57cde63ad59a6999caaa359e6e5b4216dd3b0bc8d310e28c8a1232cefcbd5070d0537097e370433bc1017b7b1c4efa694a25b4385bccbdf79affb0b6d203b3cefe637fd6f7b51f5ec297471c874a57145b254bd14b89fe62709c94ca3cae304739294c7b4a871768e11cb7a2db0aaeff4abbd00c70b4d4e5e8f8c6d34afe3d619404e20ccf628f7902c17ab1200644fe465751587800d59acb3abd1f8ad9cbd8bfa64c94c44fb3086fd21c046d7430a1faadbd9b1625ee70c1071bede890f1c07113aed9b1a35ab0fb823e2cb38d2ee6376800f63d28326ec3be129333e1024d17c46198e329779a79f4ee69b56374268fefdd29995e411052bcc92318c636aa9fa634f3e537712f720a52cd95d5472cdd6b4eb66bd1ed2c41cb37c615eb486855671d964ba46ee44eb61ffcb0b22b20632ce3222e4c3037f348d5dec196f9e2bcc2335284f5529e4de9e6b4b84fc559de63357bc8ca0a00c16bdea79372b13abb251fd4bc52f1f732811b65b4c51715da133b20caba229244060fdec0ad4c47fdf1963b6aa1acf998585c59867b5afcd08958dceb9937a97e87b2153f45970ca77e5524c5160c69963717630795e3a4768e2521617bc211926e5cb08edea70cae99c6d7eff4c1e041c7ab0d3473d6ceb3cbc24a9f45c5818896463360490911b1fb77a24aa3b394e3ee1155ea2fbc6686db2c715670dc9187b33f3051b4b894b616bdf7fb287113c315413d83e0540676fe9a48d523bef3280611165fb77c7bb33c0a087fc06e7702fc7d8ea4f7aa264c7ed332af03ae3e392bc0f96ec11e3bca6604ccb7941043fb043b4880de676efaf3f0fba185e90db8e8e6718058fd1d26c49d0a163264d4aaf7094d02d6898f75c6edf2e49edf7b0a645018220535e8694baa1e910df6e493c0812c2cbb16966cb22af208279947f9490f2f5d3a49596050604f920af8fa41c5a339609659f331f24fa0aec3787d052a02541137dd1ccdc30970a879e4a42e491137bb3cddf2c87ea6368bc4d9aad9089af50b71d56bd296d891ac2fbec84303486739a44850680353efa2203d7fcfa00d9cd81433adcad3e6aac009784b63a3b7aca58155b24274b2d41de998321bdf0229ce74a0c61a24d74ceb30d4ba766632c4a48d9db4e3b3334830b12f3136158fb16fa745c2ebad16b65b279d28332894755de3e7ae2aa88f9e2af8a46200c427540eb68907152ee7d53212b55c170ab67c47c884db89757b09dc035ea59fe2be1f384b3edef6925c399753832d32296100ca4e2699154d6ed86bc145e92d699e43c2269ed359a004aee75ac5e730dffec87f239328bc95cc281a9c0bba661f6d36ac11d1151851c70cf39fbbabff2190b619294db73008e3d32acb0b29aa3d28d1e50784dbe35eb911d838bd710336612170666ea5f42b72c32be4d83c4ff61987acd1b1f0cebe281806af8ad4b6e7041c31bcb8a93cf0f44826821b0bb9c053468b4d8d034c084ba1c8dfcad9fac6ec379da5425492dc6f770000000050bd9a930ead9e4faf5b557eebe4461320476a7ae12b0dcc9d171f6d2737b824db7259e62915779dc5e8a08bc69c0c68784202aa3462bdff06af76bdf9f106dd6228211534c4433717947dfaca4b7b61a21d706217e3718b5ccac40c3c4692bd59f222d0c2e98af1ff1919256d7b0540ed69b11f212a9598c7499ba634d1677ecf17517e207d40baed5aa0e25b7e70b6b16f6d6f0c36a146db0644ababd31bc50f5039b3bc4f12b603da2675e121b09fe92c69548dfb9df18d0e50c1387280b7bb1366bf5bbabfcef5557a05ce24df1a02f22f791e06c5e3e21e5fd6db7f2c90ffb83b154b0fd9866c46609dc10b274954caf80e83693f5581f23fd765a18aa4e294bbf7a8721015ea6a6e1ba64f79f6609924d43757fd0752024af79e296415b42de3428f14d9d89f84c2e076a0821cc8921fff677ec7b91178bcbd755ece28477a6bd01fd429d824ddfb62edcdab7c4495edc5a3d27826ea4bddaeacfa7cb17632cee0095ca55d3973812033d96ec5e5ed6880b3a998b4998fb7441e11dd060515bdbfd5aa32aac6ae1fceb8e92d7e8985949946a458ca2f69637de6b92410986f8fa5ba4b1598d8383fdbff2e004dee71500302e3e9270371b39237260bde0888702c7b2bcff69192bd381cfe59b197b9dbe5e2eee27b64c17e95a1dade453a6f29dc8bef1bdd34a92a5275972a2cb18f6f553f99c6098f50198b68cd35d2877d9cdd15074422b43b03170f23138dda44b62b5e161705405d2e9a007f8cc9ec7920d1a6e947ccc57b1a51a728fe1afcb84115fe48be15c894cce96391ab3cdc1bd9aa4cf58213c15d1a849c3f38c8ee34b208766129bbb493558c139f2bfc39df29fc73422127823fc9c993f20d9df9e0acaf0b1729437458e0a857ebfe4a373fd491952a475e9c391b7ee02b79554807c0f12293aa385a3c6b18bfbfc690a7aa9bc85d8adb705eac642ec8611ac62d09d2a6892cd671629d457c2191eb5940114113ed8cd4e8411d96200d3d66f947baa7915610c396402d38f109837d29c8e937fb6223a9d0d605a3d91312908fb5a7df36122c35f7e47855d526915c3a7cea432ca4524fcae3b5c6fbad196c1efef0d129d9b3f9d23104fc3c8a90dbcea0400311e51de50c5abb62fcbedf998ebc1cf23fd76bcc2aea2451f6d0d3b8fdd337ce8d24d7ce2a5b29318df58adb0006d4295c138b4b03060134802626e31a5da92b5a7a8677132523affbdc8d958b955eb4615370497429cd3767f2f708c2cadc233bc3e5efc8c837385749da08c6dd573e3b105ce459d659f790dcaf53c1d0b4d8e0c64b6bce15559e59e66b3b0b2695703e9bd5b1c5bb3c5b1028441391f8fbeadc032e890fe5e3be78569056d147a891f4bc85406e78f962b532eb436b0e047a7d3c88bb89455ffbf1da360207af5d827e9fbbedd8393a828a92382329ff444d9a8128c40e302453550426de4babcdee45108e79533b9747fd21b8f775a76e1d4d54a8a98a65ee3c183be34172877c26e600c89949ced85004d69c24d4fee6f87d2ff24900d41577c78dfbff698d438c0e26ebe15d7b75b49a5b2a5c627da3b13f6458aeff3f0a1944a339b4be5e13d58a71928bb77053beaf7b68568205b62f5a4a9b3c0fef441ede90f012047b0cf2228481fab85d94219ce9f417e4e2b6018b319270a6b6f0de93d0147842f582bd4e41f00720626be2b2f9116875ea4f92e380bcfc33058505ee0336e10c71a5abf6f32c72fe68c68c166454db8e101b3a271f04e4dda8947743e0ac408c73cff69c10e7c015c6b078bab0a1c7aab14a26df087b2b4c859e684aebadff5033d1ebd6c6589a27ac75a075e6ef801f5dece0dbd1e477bb70d2b8553a88b13e304e00735e183feab89edf469cb90c0a5bbf778809a9996f4e72b16417672cd97bdd1c0baa64ea2d782aea9d58ea357b54d06f316076b5c413417061b3c7485b534fcc8bf25d2adf043b47a3d47f0755fe6225bba7569fe672d3507c8e15f7139ef7f606c616c52733413befb248eee53c4a9a16f952ac56e18e221626c4f51eb90c1314167c9677a7eb7004b9b42fd6ec21dd38d5b9032c441166be3f8e9dfed39fb0e654ca3126003decf8e50bf8ace994e16fdbe3f53a36a11ed6f06d1bb8e54f574a83035eba379f2453f2346d11414cafbde87cb5d66b650a5e25ebaced402188c1b4b941e788e1af908fff3ef84c1dadef0550687f0b6aeef6063dc1c8c8efe09d611253efb4d288ea407ef3c043aacc3dfc19a18449b38fb97d9fc0bb67de3e1744f782d3a9d1fc449c3a902b1ec8789e336f731a51cc7fefc43736e04942167fbfdac9f15c5b3f921aaa3df0c9709c21339ce890cd4054828615f18fd12548258440a06dbec3d72719b3e9f5f9967525f90f16993cab09c9eab2b27b29c959c002dbb028cc96297d40822772c16b4b786cc57cd581c02f143d6e728eeac1ab4eca6170748002c0e2269611a2b402f9fa8190d9216b1e1b7de8f81074b8dbb665f0d69c52cf573d07ca0752fd6fe7da88dcf4a915ab1533f5686b766393fe9bf1aeef9d17414d1803708e61973dd205097eb1ed466c8dcfb2c7710caf9df713a11c774fd0469880534ae2ccd1e40216ffa145f0fc832b166896810a678f3a47dd24bc2e6835c16e405a444971068dbd47926f430871121be8f19c8ac4fd0a9e3ff7cd961f90f24265de455694cc291de76437953ac314b1791acbe96d3fcae4fa397287a02eac86f13c931f4d4f49ad52cf1db0efdf7027ee8e468d64d316a2208ae33d8fc3274861b41f2e064c99fbba37b7a0c46a3df8dc4589de7ac28df63ed697a48011c863049345c371f10f7d53a56947e348d07e4ff71eaaaf9aaa09bf1147b80d62a60dcec6d7dd4cbf52f2b0b89d2c7de1f16d63ccc0260b0982fcf105736b50001c19eda998426284713670aab21ce128a80b57920d8c3436edb859d4afd7ed835985b5bec01df5447e66ee8511b28671646e71c0669ab2203c4c9a020000279ba87f089d04924cb33ff82f59da9399ce3f20932c073289938e4e7101d357cce920a2aae72f94d6e1aaf9a3905f4da18a7ee849a39f0d1e83adc67ffab826490d4bfff1f80e8c2c180b08e013daf6d054be660390fc4f872b8d60f14951f05ac0dcb4c4281f71ac2d4cb4d68ffdfe8f5c43160d99ea0077486219bb9400a8fc1faacf12878379a7ea5eae2adbbe2871c1664bea1985d594963935019446d605a61ff79802e114a34610d002cf27e0f4b96c6ff880785307161813f48b68c6f9130a6faee6f332e77755fb68b68248ec113030575b1c262c2430c000d11b269ce4e98a32eea3af403630e83aeaaed1420c9fd66eadcf34d6d1fbe457c5216481ddaf6b397912630999fbc5298eab15ab3cce9de7741367264a4e30a61ff7f1d5e7e64290218d9f6f5c9898cd23ee1ac35ab8d3691bf3df31cef54c161bdf3093390ad2322b6f71f22199ac68c5eab4aa7523b4957202751b675fe82c9d42432c92c2fec148da6e5514e9d5f2618d5a616cdbc4a560b3e36eb6cb8baca3251d8e819ea8f552f07ecca0664e7ef22a3a6c11d023eade70f1b872cf58e89c625f561e4858877e39d324dd448b041e4435b676ce0e86de9045e8b9e8305ae60cb7a41c01ce2318af7f9fa011d24aac2b2d31360ce7b437c46df5756d94d1005a0359b57534c49d1e8e173ba183666a19ff6e6c63388250985249eb40f0f981a2bc34e8196e9c468b1bf329c4ac9cf5f19e46734b1238f99f1e6d8c95ecca9cfafc15c756bb4780b675ec9781bfdb583bd91a7df33ed49daec1d65d14f26d7cfadb9e1de06e922939e924b034e4d128cd66a2f7a87c9399c622922e6e33af68c5115053f42c519a054e295b5f8e420630dc116bb2562ac87a6402e4635bd6c6b95943820f86acd5f48ac519b06f1b0bf1c7a70d69e84c95600e017a67e64536197447b810c21cf86a9d09c37aaf6cc39333b414844ce883cec0ffb23e36d5560e9ff6922a9237a6503c72346ebebf57e59c13e7320f670e1826c802b9cc674b55284ddb061e6e38b16c58532497709028ccc4c000604d4a72b3255170a217ac411ea68e64fb3b63653b985abc42bf21629775a05812ef159992320c3cb93805bbebb250e2f9f92b2c8795c388fea24de5e70d45f8ad1764a6e39a1d588191f77fd7bd0408252c784deef806464edc1b4d3de83df34f1b615e10ba20948ca9f28c4f435163e1f5a6fdd0bc8ef397c25b7d704e1ff1dca065022b99778c05ad39f806c3f7ae4278b768eac09b7d317ec5e07db3fc5579a29fb42658ba66c68afb3b8401b2e09c13bc0652309b26cfab2febc3e96a6da6341e6e860468aca74caf06bfc576124594c3f123d5e987319862b0700bd257cff3ea8abff23ebf1a62e575741db2902761578de5c72f4d37bf9186c2391dfff0fcdf2969df27ac0c34d3f07feb0d1887de871e96916add75c15ce2f795749ceadacca94df5808a1629ccd906b3776e7c2a9e94393243de87656432ec21be389731be9821fc035859fffd503f9c8279bd4a36f3be1e3ba0beecaaf6ee44203d8b76c4ca97da38f63fd07ed7812601ab9095a77d52397ecc31819b91d3c28f639bda94c46a5d527abe34bc579338a4db395c57dbeec31a37685ee8121284b63583e026783e47d58deaad78a17e9a946ae7a3db89d8d78d9f37ee5861de7ca92e7335dade99819ecfd63770413b17de97bf403a6d97e163f7eead7d8c182b77cc3d0e0f28f30839445ef751bcf4f21b5803a4e8754fd9a3addb2553ad1d81879addbdc2668e5f2e15926ed805ce7b4ae01be9677c322d59d619cfc806a4946f59010aac481e49d0a0b2ccd0fbd88abf07d4912a081c81633f4a6e0e68eceee686d58a43c45d3bec1046d3bb8d7fc727dda7cfe22af174219bc8e928ca15ff9ce2c707bcea190f8fdeb86a2dc99d7ca81b78efdb0062f1967bb66132164d227e149aa52f39af5e763705373c864323a5885dc6061b5a2ee5501d0b1aa465d93052f29d033a750b1b9cc85fddc0cf168ddc62fb2d1570458d246906fbb689bc8ee3864901eb43f96c19482a7ba7a52fe08b241a32aa9a2774359132b5e1905a08ba37244265070f6d69a428a5834f10d9ba45f476f9e88e856ac223d8cf6ff04894faa2590ecd0a3f6938d661d8aecf6223ae99c414962a86fdc1c2599cee39e9f0153a57ed809bd90023c8d688cc1aa7b5eec5fcd01d07d00100", 0x2000, &(0x7f0000006dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006600)={0x20, 0x0, 0x0, {0x0, 0x5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, 0x40, 0x107, 0xfffffffc, 0x10000, {0x1, 0x7c}, [@nested={0x4, 0x1142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x10, 0x2, 0x0, 0x1, [@nested={0xc, 0x14, 0x0, 0x1, [@typed={0x8, 0x17, 0x0, 0x0, @ipv4=@empty=0x4000000}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
read$FUSE(r5, &(0x7f0000009080)={0x2020, 0x0, <r8=>0x0}, 0x2020)
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240))
write$FUSE_INTERRUPT(r5, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r8}, 0x10)

23.997516675s ago: executing program 1 (id=3470):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
syz_emit_ethernet(0x6f, &(0x7f0000001c00)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4d, 0x0, @wg=@data={0x4, 0x7407, 0xfffffffffffffffd, "9c67524ed6ed152d4f775bbc411126513b67aa2818e6f3aeb55bee6ae1049f195705bc8bd9b1085cd41af77353267df8a1d4cecdb0"}}}}}}, 0x0)
recvmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0xa6d3}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002c40)=""/4096, 0x1000}, {0x0}], 0x2}, 0x2}], 0x2, 0x100, 0x0) (fail_nth: 2)

23.366687095s ago: executing program 1 (id=3471):
r0 = userfaultfd(0x801)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
poll(&(0x7f0000000000)=[{r0, 0x3081}], 0x1, 0xe2) (fail_nth: 2)

23.048706676s ago: executing program 1 (id=3472):
r0 = userfaultfd(0x80801)
socket$inet6_sctp(0xa, 0x5, 0x84)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10c4, 0xea90, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000000)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x1, 0x3, "c282fe"}, 0x0})
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="20010e"], 0x0})
syz_usb_control_io(r1, 0x0, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f0000000440)={&(0x7f0000001000), 0x2})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000040)={0x40000008})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000c0c000/0x1000)=nil, 0x1000, 0x4)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/163, 0xa3}], 0x1)

22.465223507s ago: executing program 0 (id=3473):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff00000000db040000000000003f000000000000005504000001ed0a002500000017ffffff46040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9e104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f1300010000949b3aab06b1e042ff2164d80c8ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1e0600bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee6330000000000000000000000000000000000004000000000000000038600008fb854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8265e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb66701f4578ba4cb9b706e605a88c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f6a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cf026657a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2cccb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400090300000021911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a8f01bc4b73cc31df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21c24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a3c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68000000000099347593f67da85d1c962bfb320d1553a74ec3bf003ba62b1784dbf0168a7e85f28b77bdebce96bf386a6dd5df162a16f2b7e8a4de0ffc464a87f91f81866d2ef0af71ebb07a739c3cb1b7000000000000"], &(0x7f00000001c0)='GPL\x00'}, 0x48)
sendmsg$tipc(r1, &(0x7f0000000400)={&(0x7f00000008c0), 0x58, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r2, &(0x7f0000000080)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x6, 0x3, 0x5, 0x1635}}, 0x120)
write$UHID_INPUT(r2, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d390887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b3366959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b39070d075d0936cd3b78130d9b61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251a4523a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
sendmsg$tipc(r1, &(0x7f0000000080)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x0, 0x4000001}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40081}, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000010c0)=@newlink={0x48, 0x10, 0xc3b, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6200}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e23}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x21ef}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x140}, 0x40080c0)

22.172695041s ago: executing program 0 (id=3474):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x9200000000000000)
r4 = dup3(r3, r2, 0x0)
recvmmsg(r4, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22102, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000500)={0xffffffffffffffff, 0x8003})
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x3, 0x2})
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents(r9, &(0x7f0000000040)=""/215, 0xd7)
getdents64(r9, 0xfffffffffffffffe, 0x39)

22.059473368s ago: executing program 3 (id=3475):
pipe2$9p(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r3 = memfd_create(&(0x7f0000000580)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
cachestat(r2, &(0x7f0000000000)={0x80, 0xdbd}, &(0x7f0000000080), 0x0)
ftruncate(r3, 0xffff)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r5, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r4, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r6, r5, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r4, 0x3b89, &(0x7f0000000200)={0x28, 0x4, r6, r7, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
fcntl$addseals(r3, 0x409, 0x7)
r8 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f00000002c0)={r3, 0x0, 0x0, 0x8000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000300)={0x48, 0x2, r5})
r9 = fcntl$dupfd(r8, 0x406, r1)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r9})
close_range(r0, 0xffffffffffffffff, 0x0)

21.662504677s ago: executing program 2 (id=3476):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x0, &(0x7f0000000180)=[0x82, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x100000000000004, 0x10000, 0x100, 0x9024, 0x0, 0x7, 0x5, 0x5, 0x49, 0x3ff, 0x5, 0x0, 0x9, 0x8, 0x7, 0x1c1, 0x1000000003, 0x2, 0x2, 0x6, 0x7, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0x4, 0xb, 0x6, 0x6, 0x3, 0xa3de, 0x20000000006, 0x8, 0x5c3e, 0x400, 0x3, 0x0, 0xfffffffffffffffa, 0x2, 0xe, 0x7, 0x8, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x9, 0xe8, 0x80000000, 0xfffffffffffffc01, 0x2, 0x4, 0x2, 0xcdc, 0x6, 0x2, 0x3, 0x2, 0x5, 0xfff, 0x6, 0x4, 0x6, 0xab6, 0x0, 0x4, 0xfff, 0xfdffffffffffff81, 0x9, 0x101, 0x2000000000000006, 0x1, 0x5, 0x400000000008061f, 0x3, 0x8, 0xf6, 0x4, 0x6, 0xffffffffffffffff, 0x7, 0xe53e, 0x2c, 0x8, 0x2293333d, 0x6, 0x5, 0x0, 0xd, 0x2, 0x5, 0x2, 0x2, 0x7, 0xdfd4, 0xfffd, 0x0, 0x8, 0xb, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcd, 0x8, 0x3]})
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x2, @empty, 0xa098}, {0xa, 0x4e21, 0x8000009, @mcast1}, r1, 0x4040099d}}, 0x48)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

21.44163061s ago: executing program 3 (id=3477):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0xffffffff, 0x0, 0x0, 0x4, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xff, 0x0, 0x0, 0x0, 0x3}}) (fail_nth: 9)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x100})

20.808657211s ago: executing program 2 (id=3478):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="7c00000010001fff00"/20, @ANYRES32=0x0], 0x7c}, 0x1, 0x0, 0x0, 0x841}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r4 = dup(r3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000003030101000000000000f7ca0000"], 0x20}, 0x1, 0x0, 0x0, 0x94f7cfd7d57de2ec}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r6, 0x0, 0x10, &(0x7f00000000c0)="170000000200020000ffbe8c5ee17688a2003c00010100000077fc5ad90200fb6a880000d6c9db0000db15d088bd8b7000000000d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009ceeff5acba400001fb700674f00c8e365d00b5033bf79ac2dfc061f15003901dee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02d8e9e90539062a80e605007f71174ab498ff0b3e5a1b47b6df7b23de8caa000000", 0x10c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xfffd}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x7}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50226bd70000100000007000000", @ANYRES32, @ANYBLOB="200002"], 0x38}, 0x1, 0x0, 0x0, 0x2000c844}, 0x20000110)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r9=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={r9, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r7, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000400)=[0x0], 0x0, 0x1, r10})

20.049086451s ago: executing program 1 (id=3480):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="7c00000010001fff00"/20, @ANYRES32=0x0], 0x7c}, 0x1, 0x0, 0x0, 0x841}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r4 = dup(r3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000003030101000000000000f7ca0000"], 0x20}, 0x1, 0x0, 0x0, 0x94f7cfd7d57de2ec}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r6, 0x0, 0x10, &(0x7f00000000c0)="170000000200020000ffbe8c5ee17688a2003c00010100000077fc5ad90200fb6a880000d6c9db0000db15d088bd8b7000000000d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009ceeff5acba400001fb700674f00c8e365d00b5033bf79ac2dfc061f15003901dee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02d8e9e90539062a80e605007f71174ab498ff0b3e5a1b47b6df7b23de8caa000000", 0x10c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xfffd}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x7}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50226bd70000100000007000000", @ANYRES32, @ANYBLOB="200002"], 0x38}, 0x1, 0x0, 0x0, 0x2000c844}, 0x20000110)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r9=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={r9, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r7, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000400)=[0x0], 0x0, 0x1, r10})

18.698095719s ago: executing program 4 (id=3481):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$packet_tx_ring(r0, 0x107, 0x18, &(0x7f0000000400)=@req3={0xa, 0x47, 0x8004, 0x4, 0x3, 0xffffffff, 0xfffe0}, 0x1c)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000001c0)={0xe886c5ffc5249171, 0x4, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000001c0)={[0x205, 0x6, 0x0, 0x0, 0x10003, 0x41, 0x400200cc4, 0xffd, 0x4, 0x0, 0x7, 0x0, 0x2, 0x0, 0x6a, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_FPU(r4, 0x41a0ae8d, &(0x7f0000000280)={'\x00', 0xc4, 0x66a, 0x9, 0x0, 0x3, 0x30000, 0x1000, '\x00', 0xd5ad})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x120002)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f00000083c0)={{0x3, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r5, 0x40505412, &(0x7f0000000300)={0x0, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2)
r6 = socket$igmp(0x2, 0x3, 0x2)
prctl$PR_MCE_KILL(0x21, 0x1, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000380], 0x0, 0x0, &(0x7f0000000380)}, 0x78)

18.522394389s ago: executing program 4 (id=3482):
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000090000402505a8a440000102030109021b000101000000090400"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0xfffffffffffffc4a}})
syz_open_dev$char_usb(0xc, 0xb4, 0x2000000)
syz_usb_disconnect(r0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000340), 0x3)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000000c0)=@ccm_128={{0x304}, "25beb819521eb41d", "cae5e9937ba539347092d917d39ed975", "98999999", "50f641306280c4e9"}, 0x28)
setsockopt$inet6_tcp_int(r1, 0x11a, 0x4, &(0x7f0000000040), 0x44)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
socket$unix(0x1, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = memfd_create(&(0x7f0000000780)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\x00\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3\x87\x99.\x84;t\x81\xc6\x15\xb4\xac\xf9u\x14w3\xb8\xcbn\xbd\x0e\x8f%\xc9\xdb-\xd5\xa9\xd0Fpz\xdeT\xff\xaf=\xdfm\x19\xa9\x89\x1d\xe8\a\x9b\xea\x1e\x90\xc1\xc9\xa6Ah\xd1\xa3i|v\x15\x1a$\xcb\x01\xda\xe4R\x81', 0x1)
r5 = dup(r4)
sendmsg$NFT_BATCH(r5, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x26feca68e7514152}, 0x20008881)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x5, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r6, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0xfcffffff})

15.419145726s ago: executing program 4 (id=3483):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000000)=r2, 0x4)

15.382652748s ago: executing program 4 (id=3484):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
syz_emit_ethernet(0x6f, &(0x7f0000001c00)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4d, 0x0, @wg=@data={0x4, 0x7407, 0xfffffffffffffffd, "9c67524ed6ed152d4f775bbc411126513b67aa2818e6f3aeb55bee6ae1049f195705bc8bd9b1085cd41af77353267df8a1d4cecdb0"}}}}}}, 0x0)
recvmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0xa6d3}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002c40)=""/4096, 0x1000}, {0x0}], 0x2}, 0x2}], 0x2, 0x100, 0x0)

15.341846146s ago: executing program 4 (id=3485):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xeea390}}, 0x50)
syz_io_uring_setup(0x21d5, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000066c0)="a062030607792c01386f28a428828947de99f79cc542703d923c7cb9d4e1f6fd95fbf2f747ab32f6fb041861fb3f87a88cb85405b4e73c0b6b12c81e42a9f13d82c32b7ddb172bcba1aac5c38f083747ac179f08d4d6d342a87ba8dd9bb7a9680f27433c3357b4f6ac97b19a973592f1ac6e7853a0b15ba42a28efb9cc30b146346b546018966e94976ca28f26a1950dd64c0adbb0c2e09bbd9caa9e7886a2b3d6e2b6d6616b718f1322ea2881ca59ef73948b1bcdc2dd3970e63cbc1043ce42af0ea1f95d17268cbc3ef062c8c31a537e94a20c1c505a6022d5ece7f51bd9c754d8c47cbe80bbb30b2159991a94dd3a25e64aff8a7a17374b5a71e0c7c241cbfd7f084e18a50bea512ada902210a3881ffcd42071ab09c4d80139d8980d6dc5d12c2595ced445caf22f80d8fb1a4c243da47fadb8e28e9c04fea820a8a2f032f5adff8b7d9269e63db68d196bf7f416405e52b6b8abd8bb9d9694b8b5eddae348209963738cd9710bd6c291af1c8eaf0e52d2f2f24bef8c8bc9f77eed40104e07c8ee1b4cb358fc73e2653fef6232b5e9f5d0be26b91a0b7967ed5e3bf10c449424ff4d11951d963677001d9576425d6a9c4503268a407d74854f5e1caacc0ccc463dc56e684db1d80b370da238915579ab82cdbd7d155adf10b96ed71100ea92834e8a4e4f5b7b831bff6fb4febe01bb398ea4065446f277f107aa3cc06e0b7a6e98434bf57744ba9ecb8effe704d7f852e16bc33ac113649f7540b7a7a67cf5493b400ce06e571d485af1732938b79ded4de7dad97a7e1c0be7bd479dc264647bb76503168423e3f6fc95f8ac8ea35e39f476ab54e88286fcf73eead1f794784465592fe4ad112ac63bbc3b3f35b87c40bc5fa6e3ca6cad878f9772a61a23aa00491a9e2442eb90a32af2bd74e99d075bcda20288bfc30f3b00a7e8e1a0b4791573abd65284bbb53e2b7d667239b95b332dd423e4d7c512de559bd53fde5285add9795bda81ec142620e693af9c787a4499dd76ca0d77d9c7c4043e537ec6c1cd0b9a642b12adc782a0e00f6c1ed7379d5fff4c2feb19182db977f657b195e4710ff00f78e35a146119897495b0e1a0068a6606292ee72bf65adcd2cd29b4e59a4b3f82eac77d5254013d03d2fb2511975558906741912d09304f0d4cf08c8f62690c67968c869f75a4025224d8e84baf7a42e01b4ecf7e55d7c45839778c2266880d1bb73e3aad618d1a4f8d5a16914d64d70438a88512649fd4caa90506e5a2d58a33ecaebc9b2e5f8a4fbeca57c829ae02fd2dc146e939c3d295ada7df4a07e74b356c6ffd7a9c546b9eddf7e013cbcb2b57ae0d225249f7e06a415681d9f597a060fd55e39bd56f04b863efeca458a0cbc54b660db50ca40d27a3fda3416860e691cfc780593f06b467700968bb918c32547e378b14b4e0dcd11cb0b2fb36ea70946ac62290184b4eed38b51c322a75367b50f558e063bf363341a17c28ddcbf9ce53da06f26303fd156423a25f686809bc9845a78e0cc3d94e04bc8da85f22a4a8ece2c4ac2c79e54dcc4eabc61e067060ad880377a71fe0c2c0305256e4f3c637575f086e4ae3d7ab5d106fde03d24c47dccba3da23a244c1f50a4f60cd8d71b77390c5ce6d5612fd0260a2f33389b064ae6acac783eca62874232fd3808fb2188151a43de6cebc7e245106183f7d929f1eeff6f972da3e3d967170247925fb0f04bf38e88d06321f9ff9d2c296553d842b69036a2b6de2aad3879aedee723ff00736f7b0dffe6182104105ff0f0b636f5192d6bb5ae7ef950825827d2f3d6285d83aedca3f31474e0ad50ce6290a0e546c30d900e5b4208ecc8b3aca0ba3d110fc3c0a7e004a53e5d0ba1cc1c2bb42c3dbcbb4ceb6674151932ae56f6b03cc34ce450c292fecd2456ddcf42b075e6fd49305fbf265a36f3cff61321dd60f16e844089d659130947672a2d059e04af9ef653e8afec926b5a5d411f60a2a435437095a1df8dc60a616bd1a1ce7b5251ed8f905becffebd635eee8ff0055c40f146f1350a406b853ecb005c6ede4dc270ce6751cff915aa27f5f6b0736da14c9949de599d57868c29cc97ad03bd89502a34b88ad29c8762d0dc24a6df759821882a32e70531cab51fa1752a4fc49cf0706cb24d203174b2940f29ef8b0ce65b40cfde4e0c7310c685cc8de8384e485a951192fa8c36c11f9b88a48caf027dca480caa4fccae70ea6c837eb82f926ad7691c7709f217220d71f6e374fb8522a84c118b5c25f3d56acfb25afbe676fc9e574b6c5a59c00a0bbeeff61fd82a1677f3da9bb596133db491a8f11b945d930c8a67de9ce80025c764d518efcbae25d9194dc96c31ed02c63b1ac976715f7233ffed7cb6e929bbb5afabd34bc37c095acd0abbbdb1ea48e40a30ac99550f0ccca19ecef5acb2604c48fffb53b352d114fac72d6fc019ddec558406668f773fed9476148133c0f9ca4d1fd7e70dd04bfa089dc57e5940f29a5fd33dc79913ff48853794fdaf891d71de94c4a4fed0544e09f2bd578b07003031b8602f08ca8a79fa5ebfd5477f4d4f031c3efe0db273446a99d0cbe21a3cf43f3b82774e4657bb4f9675adbaf71c52953f0b18a61e05a9c770536fbad215848f8238e8730b9085189ea4621780dac500d7d7dc7815b45e232f86592498f1515ac8c50306013524cc5f0a74b67bc85d435d332ce69f00641c86a3e91be84b78ac358f35b18d69679df4197d3be8554417cf44aee6dc623f68ce3388df18168efa1c87c776cbda792f6110b6af178eb8200a91dfb72c1e23b5e5a66b5a3ee3f4c2bba2ccac939dcb036006b86e894093922a95fd70baba9424a3d0327a0f209fe10b39f3cec3f669d301a2834e58fd56f94d622dccf653f08e776c9f3e1b0e5b3cdef133834b93c41c70438d51a0b127262868d49ca91623c3d8b75c2cce0b771b9ac941bb96029e782224a3686a7c0dd164e162ede667e0e5817e7bde85ad3bf30a6a5bdc420f751679be74a02f84aa93b971c3f45a67d155f7ecb1d5284660918dbf102bc16f496fb62a1290e6b88ddaff55740583cba13076afd623276634e0c11663be50766980949095003ef5bc6f90a98bbad436b67928513e70115224f672ca2a24e27bb98bd5288c49ea23d47ef13c5ff28c43ce53ca16a6caeccc1f601226253c4a38a88a93828f6c800547cadbaa6d7ad26db618cccd38a671507cad5ba0065ce2edba81a059b95c36c5d04ab456fd6fd81ec3738ebe546d973c0886a5e7b83dd9c2f58f5d6c19519e67575b3732a486555f8d8c4ae004a62e8d07ab2c8ef74cdb96aa99d75aeb1c25985996f281d71106910a3c3da17de35e04dbe00e2b7b75ec2fed177a7f2d04fbf68bd0b8af682b30911867d4d1497ba060b662f4e97a8e7fd3613015cc34302377497cd08bcdc29f06dae240820d2ccddbf8c95c76a4ba5d3e1b37a62369ce3f79fb74ebd9bc82c3fa3edad4034b6715c2853fa7781c974b5a4e541e8b69bf4bd653fcce4e4340d9409fe9112e4d253a3b7e9d43f4426127b10f2d5d3fcd2193490f7d933e0cc53dae552f2d7c9d77b8f9b27c59105cfae43a0aab314a0820fbb5684bf20986e3be215688b42938d272c4c0edd17bcdc84a514d2483456d6cfb4f5c1218859ee55bfc77da36c9c75734932a12fd03df38232063ed92024f8ee7c21f314129feb10670bb4d6a0ad4fb3dc57a64cfe6509a0770650cdec0efd5e0b1fd29433cf871c9ddbe648319bd481357326ac1eb32b4bef4ad89ab6122e92dc786decac88624a4a3963ae771f8023b9a92e446114764c53d7efc07e3ea77a9daac5cabbe648a223e249db62102ef7b7b6d06df46b6ff913911b89848a47aecc0563fb06b6d77fe1daf4541cf619105ab68e0bcdf7a05af22b0551323bf33dec8167df2b7fac62dc9e286dd3462f488c82ad194f7fd5d3ca72fe9c0c37cdb6d75684326e5cb30319ab333fc70bb197320acda161d2e685e78ac2cb1417223f64742b12a316d590b18a4173b2a105a381baf6f383ec2e81d04860b5cc536475d7c5d05bd6a7db1a5d93930bacba8c1de63707bd24785e19fc1f15ba724660ac00d0f2ebbcd5528b8cbe4f3ca332e8611e937a310fc79d234be6c1cd09d6a5cb06ab36a9d667188144c81f86aaf0851763573b36cc21462ba4f3d6e95d38d1e9b943085661d234ef6d079bc9d84c7447c85baba88263451ba10559e1ce326fee5074b26b54872e690a9a1e589e1c444daa3224b292bf9ec4a604dc512760084084f27386c89a1190b8905f0d720508c0ed69272f396725805480188aa4602a26e833c16aa5079c0577a8203ec0b2b929ef3b410bb427c168b7fefd1be652f06efc61c7a295a5d07a9fd61bd5bfe67ac5f74e485a66c92950a1b460257084ca3a3489943ad450300967234b487fa3def4010f9b715196562ebb0846b7ac3eba47646af6285582b4402f64aa684dff7d9cf81fbe1aa88959f7906f06839389f2ad56efb5029afe1d5ceac99a3e698f49ff0da7db06d7c9e94a8773a13fab93def139667b4dc6b741bd2769da7786acecbe315f9006bb6b72abe5bdc587d8d5aa8f67aaefef68197fd2e7874d9b7da2c3a5618720c12e8fc31db3e334c47abcbf10c6181ec14af4f9e90e19a35360a793b1e9b336e49b3ed67568a860cd4c298f967ba323d315821959629e5b7aaac367e1ddb8a1c5d61500afa69331a4c90861852f533657b28b97a343bc531a11ff634b157a6d859a35f0d2a595375e11a32457575f1d73da033bf5eeda12337b9fdd46bce192d3aaaa240a8c65bf47704d6aa64a9531f9de14a96fc9fe380db35dd5ec52321c67fb4c18abcaf22fbe8f602ed201232251317e1a1b71e1e2c924a92d84685de348eec97fed954b7f6681ddf521b4ee03a1aeb2e446ee2a7f4dfa37b1c53831139fc624c14dcc4d144ccdf758fd9f344b4cdc1df70f6a24fa78cab136c912d1ebffa7053ccbc9b9445762236dca409820f738370117d5c369dfc50fd42277f14eeaf29110aedcd503008c42914d04e219a8b6c01e337d04724919b07157e2275ba6365a9dba5ebc8019bd1aa1b8668023f64cf47e1b49b4fbcfc10d560bb74405c90751504db8100d8a8a1a3ff84d98f1262fbbd6b962f492b9531a7411c08e7e56eb0f838075f754b6a395b6b58a8e4c47eb46bfaba2ac94800a396749d18ba0e6219f8d616ec71a1e60b3bcc24e19d4a20ddbc6a871e6d7efa50a362610598d892a5adecbcfe217534deee3620dfc88c7992ec2e710e083ef0a50c20621405f654804d1af4f24d22b8ca48f26303e6969127a74f0b276a5624c3b84410d4d5ee3c62605876e60a88df2bd6e8db8c7e486fdb452178563e7add6bc126b721b9ef8b12181989b87031573a4010d88e34f15a2344e4808b74c99ad68f0c2aca4e8d504397c03e1328c4b1ec43fd902d206c3cfb63d7541ac57fdbc70b0033f87514286101231fe7e79668c802e1c23d61540cdf13a5e675b736e221ddc29ab747d9c64f6213f51d3c1ded2e2b0efc4e45183d90468f61ec1720f7a0b87947e2c54125cebe6563ee4415d886bbe869d17d36371c942c11db1e13c1dd40ed24cabaf7ee80eae6c4db934e982d9619d753dcd679c5650cd95d21582e31b259043a0d03371cd294f4cc028042c75070c9b534a2d79f164ab9d773295795280d1584ca664b53b263fe2e23534d27b0d85742fae8061e03187795129dd272041c6eb9c10c3406da1f752f4ca697bdbddd74975cd4dbba5687fb30ac4fd5d2579494eac73053a63821a852cf41a80f6668006f7e1c4e30b48d638ebab470c558d42baeed1adc8fc71f73e95f3ca212a4b009b508e89898727f805685e4e7650a2961d62c117d1ee9017236a6bffa0c36ae11bc52d346c83399e43c42cdb9f443aa307109a97ee66ceb7a29eeb2f1a2bb3ee1492229116db07301b2aa4126aee7775daa2d0eab4d206fae11b3c6b565dcc4c7b4dd1cf2abec81150d0629803f6eb221be384b8772fe6d6c4fa98c928a9d0a02e9ff8bb7a2168dbebe140323d93bee8983c496bccf752c372b795a3493624cefb3cfeb4307bd39826cac1ea3f18912deef1b8c8db30bc016990a477bc0a925fb36453a9e21354b2d7e6e3d4ca4dd20f27a8db05429d44b7a485365191dc4ba977a815958faf6434813a9f4046054763dd55dbb7fae892b746e169ae046ae3361a9f75cf622b03f75b1633da864395bd1c3a594fab0b1fb37f088dd1f2776e2b795c78635c2026a8ce7ff40968a1960786049a217dd8872ac0c01f4bafcf2d3d751dd46a5e1bec00540a9ca7afca3ef37575d4a8b1291d05be94913092890a9b4bfff39edbff307e5654896e79228777c0f8ea46c55bfe19e522bf457ab4e6b0167d776dbcd0160598370a12c4a03e4edc82b245a7608797b03d4ed89dfc2a5bf07b9fcb251fb8608553f3b3774818717a9aabe6b2ded811515ba454b390a6065bbc59552f3bfe51d38f139792e1aae60093a7c5770b52a1730feb1049c14a7d5261d644f6b738e22ee72aafa422bd93f61e1ccac0a5ef4726c66f61bb539acb937bd63da82c700c0860be90ce5621ced22b52b63d041266fc258fbfa6641aef22e97804e5138ad2ce4405eaf76bb0acd7fc61b2d6de4aabc5c28a850fcf219cff77c97d3cb6bec0067c171b912d11d82c56cbad56c0032a9657d4cdd1eacaca53f40f5e3fe911127e1cd30781351f180e1413933cee2d46ca0eea31ee01fe4e99a567edd0b10565d47b87c8a48366143e889e52d0ff13c920aea092c2545fa9b7056204fec156549d3c0a997bc1cf4a01338483bf5c69d6958ae038f1c3e3b84baeb2c1f9e064c0750602c34c6c483c316391d975f94f21f6dfe74e92c33228b408a9e2b9abcda33c497abba9c48a63e5c8f1a8d0f4c24d36a44e1601e8a09e8a5c7179bd4c44b17e542dd99cace87aab60a5e53325d544c991b6fa5deffa49fd886332980deeca9229cb2f67f495a7b743153854ed81e1623b12dbd65512d08a5732fee2db3fb455cf6df5a1701a2b8674633c6792162dc86ac76e30da225b0167a7e704ad33ba694f9c902afbeed58eef609874767053f59414d4d3eccbbcdbc7eba997c71f9b1f5139bb020d5dae1db6e2dcfbb51b5371b08bdbc3312b05ee6d8c03c8b5a7d4f23da45f276394f222b1a0bdf4e2603243cdba60ee0530387c88bb457ca9932f2283a4d55bb1195e6d325ed93f714e21908b1baafa467f1cec7fa26e5c384ee6828e77978bd1abd014de549a5e5966f2b2f4ba000f9d77f1abfe3a6c337cdb852c1ec59f61b63d543f3062dd2616a163ed7ca60168b0347b5c5646a678dafb4c502c333a0a48f0341b47f5c5946e42e571db0bfa0682a449ca64e71b5661a842975182399245c6de241512c67ac918d7e0c5cb66565010e881b8333567ca584321ead1c383b099d8bf1c56dac08cb218cde4226ad420d6d6313f9c4884d6394722304fdaa76e61db8c0d54eb1151344c41ce1130272928eecb2f9f0f23c752622374eb1223a80efcf0b937dff7d813d7be0340226c0a7b163741d9aecafcb7ddae5a219323323f621c802be82399e06d2e1cc582e759ffa303c5103f8a44d7129d2853b02e506abda57ad2836d7ff16f95232149fbeb8b62e586d3536bb4ae042ecd9e25d1dee789353071f9c89d4361000c47b763556e8902f1f25cbd8ae71679e03ff27db0ec75eeee3fccafc7fcf22c377ac60d3c61a43cb53abf6162118f2efc86a5ce80e69a02bc1db80018beeef6d567941232e4412a958ed012bf7a832c1eaf68134ecabc4927ad666b3d0f21d4e8d52fa37e0a9751124efed8bf47544299138a6f69d89e295677f12606c79b72451c263fca3eec22bf0c47c641159a0bbfb3b2b03154af533e5c06a149e52adcfae31bfc55f30064a8903c8d3b828d275a937b1e4adffa0597da5e253b50bd71b33f057ffeff0b2a0829b3bf33350fbe67c7c79034f80d69e6a21be495a848d328f416f15966491b218eab390544e39d498258ad80ddae248634c845cbe6f1c1e93e7c2b02075411e075fe936bcc75f4a4e1a3687cb3dbbb61cb31ddfbbc87a1859b3a48fccdd8e5915c8bf4eebe8f7093cef6a7a91c8682915f9908c854c483e90c9643467292884d284134dbaddafdbc74d94a5f9713719d62b4f6b4236803d210181847ca27129fde264156895f4e1822ef78a3b215ef56d7e36d2b94c93f5e931a0d13a3a3030061ce62de595eecf47eae6bf698530145757700df18f66fd7261a12c119d6679663b3c0f99d1705aebe66dc862eb21ccb7360b93f54507149b577abf521113991e06f345e8282fdc18de673e1ca7b188ee34b14f37f86ddcf97fef0b913c33cf8e5d5d33707dbcdbe4b27cef056670252f186735cdd02f6ed6bfe5318a704f00e34ffc4fda9855bf37c51be6a7423e44dd8a98883c8fa82ca37c90d681fb7a0db915576b50e49aff545b99aa3aa6343b814ba0bf64e53b2a1edcae2231bf20d65e4bb4da6dc8382120ede652adfb7c30a46e0ee784cbde74563d83eb8d89a1573fa104fddca9d4833c49dc904bda905426c7dee3e48b596c8ee201bea57fedb1a0649457eaac3c5b5f4519af3adb66f10b861e711cd4034448890e15047c2f8902588268b5645051f3f3968ed8d630e050ccef0d01b61ffeade51e4e72d8fd46bba4c20009396e984c424d174934a67a1930665fbea04c809e7cda0a2cdfd3a14d6b99c3a8d8b3691825830456876f188ff871fc861e4c6a0ca377dc1f0cb0f929f7eb1f5da045d9a588a393312acacca5c5a3b15bb1b488b08fc40ad65ae2c1df187eccd8377525a81d80df57579ae52f775fb2efdd172a41c370300fcc594c2635dcf50e9eb9d34fa8b4bbfd13078422e3a7734a8ae6cc09e39d07c7ee19838f8da4cbafe4162c8f8dc44e284840bd0a5c80bfc657c22e37e0d9a96dda34a51ce616c9ccdc95955cf85d93860da902ab30f11aa333eacc25c47981d8636038761ed4d84fcbb0ca92dd2e07863b9505b451c3c49e36a172527578123049ff2dc2b4e258a3f698a12ca4705a6fd0ce6bc4f1767b4d9c2e57c9ed1388527964ac96ff5e4cf5ad6fdb6a853b43905df32af8bd788b520fd526cbb95195a1bc00d654cb080acdf67938517a6cdac741d86730358be16465b4e1301f47f6a444c4e8d2980b8bd98a8dcd6617cde0b287e2d1f59167b5c445146fa49728111b8a2729428cabd02facb8fbddbdb2769680f288648d6baac53e0d909335da3e2b4c13ebd41f32820c9f491e9124ca444a0532f60e2816e15a5810baa91f64454aa355f9d362c7d1a461561689d08b1350a216b6f1bda57aae0706b3710a1b8e52a7e3084e600b5ee3dc540bba0c16267d549304a7840659a32e40070715c9bb912792d4a7b84fa06e73b9ddbc2f06c4edc19d25f5a198c7e3fc6226842e6215da5d826fcf5949612889f78e9de39d4e64b86b7033b5717a21f8f2b81c799a3fc0bfe6f5837b252eefa360c91a6148296bd19d50a343d909c1edf5261e70c8dfb2c488940cf236941ad3fd01247e37902a4bbfdd1839f7c92c260a2c494022fac08629303c8e54108d78ae2c94289c7f998ba3b622b48931ee7c17c59f5499d282467a1b8050acc94a0b17b21836c80b69f519b9b077d18e33c027faad562fa09f2cc6120f8cf5ee18cf7db9d729ffbb9de58885713215b7aebb8c98d9fa009be0a9ef3ceccdb2b31968db555b26c5c94e382d06ebf6d356e8caa85def5813dd1596d823924c4fb63dba5bd094cb64f204d1e59d31287715f831a1f0be95d8749f2166ba0b0b6b64a37991be1fe1c1e922835f2da0c074ec9413561d52166576b1c4f1e18f078dc046d1c284964b80217b55c59a474740c3649116b33e927479736bff6005859c7c00598f22cb8eca38af802f4c86836e8330492ac7ef3707890a8ff856dc7786ed769bba75b18484b257b3b022eeb51aa720639f79e6e6bd3d3c9a61f7822abe562867b4693f0b2f61135aaeaa510b31112efeec48d2602c6d4f2ddeeb51bb03ab18c18d8e127a37e22881febca47742b9332d3f2251003b1a46c40eca111d02446466b669568c70971bd33254ca577777f126f86f8a3665f065b645ff261e78e0f532e83a81b99c5de3488de74ca82daa0e4e7404eff911ae955acbb800f9f91b774e472bc14aa92817b6d85877b1861a6ca92c03c83b6f1490068bad8eab1f58c9e91e1029683de2ca45c99966966031ee86d8c9995f0612480e2a6d5396e8ae361d6fd2e24557613a1191f5019d4c8078628013512ea3a59532efffa6cfe4970d28d8c7aa8c866c4275ff2b0b4ef1a7e56854d7ee4bc445713da9349d13e30a4a802cb9db2f10280fd9ea043b5b3480441e8ed2d907eae1259befba9d87a04ce42b0010c70af157b90e0bf72549852fd122edd6cf3475f76852b13b4bf887cf32e25ad34aed7fd5a6e97b307f9b4ff1c07b2b55beef5ef3dd96eeb2a57720c18209d911a55341cee67e6ff577f7acaba01c2c9690b15a3b8aaa5b9d734196467a8c074b2eeeb5ae931ddf3deb15b1a8d603e72125c2e68ad206f2c4252a659f8248ff882a8e54126ebc0c77a46101072272460e683d465279a3695be6b64c9eeb4a576d95fd520be42eab5c95cbace0dfd80e2d67bab9f683a1cc9c006c02f0f90a21a0f51218c628f5608fbf1abc79aa63452bde1002383033578f32980e3779a8edeb226f6d3f9b36d8f07bddd7479b60346a4b4fa883940e3aef8ad8d834dad4405960a4409a6255e8753d0c0ad0960ff3ef48ce93fbe6b165e86eab36fccb8b989f5b54e6ccaa19749ff065a0a732d15c41b9072bbc6f07e1fd5a3df2775874e46b61ed50714e8c403fbed6884ec06f52ab71d2c191fcc56ac0b17ba3c46d2dab3e11c79383bd8867ff14b5fbca73b9ae594b6a09fb73a2e8f15aee59150e8d6d3dad9659025d045bbd1b9ca257c67bb78abe8f7eb9c8b3bc32951c41f7390bacc8c7059a2a9b078ab50413605aec604e4666a6ace765b0e7ab558fe6232f2703d07811e3d0ac5bf9434e87876e99250ee9db6527a8ccb4a3ee3bde738563c9746f941cf2cd7efacdbd2593cafdbe5171864b2982b54dc5a32c86638c0e650a331625033b8dd65851965ae791880349d5cd52548f4422a317f96ed79e7ccf3bd671e6dc70365f521c65206386eb1f99570a544d11b3d36fea285f8a3770ca303a965a0c1d598ebe3696e647be734ccf760d3d47dec75e236d7ac08019b6622a7b9f08bc8f0937ab75e75a047a7386befbd56fc4b2f89c852dadce8df946cb3fafe4eed2678caadf1a913ae32b2c0b8a37984cb700343c5e24609f8c5ddeff5e653837a9332a41c8e21466a13d79224125d5f6a4fef79b5adae7f4ab7d351c55400545edd3c00637bd27164828925e9bb5d79f1f1e6eb3270ab799ae38772f779565d92c47503de695f7aad7ddacda6f6c71e755b3737231b64715bf07849d3466e4f92239f733436ce674389bd16900", 0x2000, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x100000000404, 0x0, 0xc, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x400001, 0x801}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185100})
io_uring_enter(r2, 0x7277, 0x0, 0x28, 0x0, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x0, &(0x7f0000000180)=[0x82, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x100000000000004, 0x10000, 0x100, 0x9024, 0x0, 0x7, 0x5, 0x5, 0x49, 0x3ff, 0x5, 0x0, 0x9, 0x8, 0x7, 0x1c1, 0x1000000003, 0x2, 0x2, 0x6, 0x7, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0x4, 0xb, 0x6, 0x6, 0x3, 0xa3de, 0x20000000006, 0x8, 0x5c3e, 0x400, 0x3, 0x0, 0xfffffffffffffffa, 0x2, 0xe, 0x7, 0x8, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x9, 0xe8, 0x80000000, 0xfffffffffffffc01, 0x2, 0x4, 0x2, 0xcdc, 0x6, 0x2, 0x3, 0x2, 0x5, 0xfff, 0x6, 0x4, 0x6, 0xab6, 0x0, 0x4, 0xfff, 0xfdffffffffffff81, 0x9, 0x101, 0x2000000000000006, 0x1, 0x5, 0x400000000008061f, 0x3, 0x8, 0xf6, 0x4, 0x6, 0xffffffffffffffff, 0x7, 0xe53e, 0x2c, 0x8, 0x2293333d, 0x6, 0x5, 0x0, 0xd, 0x2, 0x5, 0x2, 0x2, 0x7, 0xdfd4, 0xfffd, 0x0, 0x8, 0xb, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcd, 0x8, 0x3]})
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000080)={<r6=>0xffffffffffffffff}, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x2, @empty, 0xa098}, {0xa, 0x4e21, 0x8000009, @mcast1}, r6, 0x4040099d}}, 0x48)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

15.145293178s ago: executing program 4 (id=3486):
r0 = socket(0x400000000010, 0x3, 0x0)
mount_setattr(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8000, &(0x7f0000000100)={0x8, 0x1001fc, 0x1a0000}, 0x20)
sched_setattr(0x0, 0x0, 0x0)
r1 = syz_usb_connect(0x5, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000096d5c4004233e0269d7010203010902120001180000000904d9000037"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000040)={0x0, 0x0, 0x1, "ac"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
pwritev(r2, &(0x7f0000000840)=[{&(0x7f0000000380)='\f', 0xfff5}], 0x1, 0x5, 0xb2)
r3 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r3, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89fc, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x12, 0x0, 0x30040001, 0x0, 0x1, 0x0, 0x4, 0xfffffffe, 0x4000}})

7.004285918s ago: executing program 32 (id=3474):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x9200000000000000)
r4 = dup3(r3, r2, 0x0)
recvmmsg(r4, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22102, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000500)={0xffffffffffffffff, 0x8003})
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x3, 0x2})
r9 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
getdents(r9, &(0x7f0000000040)=""/215, 0xd7)
getdents64(r9, 0xfffffffffffffffe, 0x39)

6.009064127s ago: executing program 33 (id=3477):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0xffffffff, 0x0, 0x0, 0x4, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xff, 0x0, 0x0, 0x0, 0x3}}) (fail_nth: 9)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x100})

5.511944984s ago: executing program 34 (id=3478):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="7c00000010001fff00"/20, @ANYRES32=0x0], 0x7c}, 0x1, 0x0, 0x0, 0x841}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r4 = dup(r3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000003030101000000000000f7ca0000"], 0x20}, 0x1, 0x0, 0x0, 0x94f7cfd7d57de2ec}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r6, 0x0, 0x10, &(0x7f00000000c0)="170000000200020000ffbe8c5ee17688a2003c00010100000077fc5ad90200fb6a880000d6c9db0000db15d088bd8b7000000000d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009ceeff5acba400001fb700674f00c8e365d00b5033bf79ac2dfc061f15003901dee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02d8e9e90539062a80e605007f71174ab498ff0b3e5a1b47b6df7b23de8caa000000", 0x10c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xfffd}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x7}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50226bd70000100000007000000", @ANYRES32, @ANYBLOB="200002"], 0x38}, 0x1, 0x0, 0x0, 0x2000c844}, 0x20000110)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r9=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={r9, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r7, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000400)=[0x0], 0x0, 0x1, r10})

4.497177855s ago: executing program 35 (id=3480):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="7c00000010001fff00"/20, @ANYRES32=0x0], 0x7c}, 0x1, 0x0, 0x0, 0x841}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r4 = dup(r3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000003030101000000000000f7ca0000"], 0x20}, 0x1, 0x0, 0x0, 0x94f7cfd7d57de2ec}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r6, 0x0, 0x10, &(0x7f00000000c0)="170000000200020000ffbe8c5ee17688a2003c00010100000077fc5ad90200fb6a880000d6c9db0000db15d088bd8b7000000000d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009ceeff5acba400001fb700674f00c8e365d00b5033bf79ac2dfc061f15003901dee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02d8e9e90539062a80e605007f71174ab498ff0b3e5a1b47b6df7b23de8caa000000", 0x10c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xfffd}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x7}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50226bd70000100000007000000", @ANYRES32, @ANYBLOB="200002"], 0x38}, 0x1, 0x0, 0x0, 0x2000c844}, 0x20000110)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[<r9=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={r9, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r7, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000400)=[0x0], 0x0, 0x1, r10})

0s ago: executing program 36 (id=3486):
r0 = socket(0x400000000010, 0x3, 0x0)
mount_setattr(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8000, &(0x7f0000000100)={0x8, 0x1001fc, 0x1a0000}, 0x20)
sched_setattr(0x0, 0x0, 0x0)
r1 = syz_usb_connect(0x5, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000096d5c4004233e0269d7010203010902120001180000000904d9000037"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000040)={0x0, 0x0, 0x1, "ac"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
pwritev(r2, &(0x7f0000000840)=[{&(0x7f0000000380)='\f', 0xfff5}], 0x1, 0x5, 0xb2)
r3 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r3, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89fc, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x12, 0x0, 0x30040001, 0x0, 0x1, 0x0, 0x4, 0xfffffffe, 0x4000}})

kernel console output (not intermixed with test programs):

t urb error = -90
[  509.989423][   T43] usb 4-1: config 127 interface 181 altsetting 249 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  510.003794][   T43] usb 4-1: config 127 interface 181 has no altsetting 0
[  510.003870][T15245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  510.013781][   T43] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0123, bcdDevice=12.8b
[  510.028153][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.036474][ T9479] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  510.050946][   T43] usb 4-1: Product: syz
[  510.055293][   T43] usb 4-1: Manufacturer: syz
[  510.063553][   T43] usb 4-1: SerialNumber: syz
[  510.078418][ T9479] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  510.109835][ T9479] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  510.132984][ T9461] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  510.140809][ T5978] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  510.182390][ T5978] usb 5-1: device descriptor read/8, error -71
[  510.184311][ T9479] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  510.202831][ T9479] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  510.228203][ T9479] usb 2-1: USB disconnect, device number 54
[  510.300885][ T9461] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  510.339696][   T43] kvaser_usb 4-1:127.181: error -ENODEV: Cannot get usb endpoint(s)
[  510.358129][ T9461] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.406554][ T9461] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  510.410531][   T43] usb 4-1: USB disconnect, device number 22
[  510.441714][ T9461] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.449967][ T5978] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  510.482448][ T9461] usb 3-1: config 0 descriptor??
[  510.489995][ T5978] usb 5-1: device descriptor read/8, error -71
[  510.608965][ T5978] usb usb5-port1: unable to enumerate USB device
[  510.712622][ T9461] usbhid 3-1:0.0: can't add hid device: -71
[  510.732692][ T9461] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  510.749071][ T9461] usb 3-1: USB disconnect, device number 47
[  510.888364][ T9479] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  511.040258][ T9479] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  511.093235][T15260] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3295'.
[  511.155417][ T9479] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  511.173177][ T9479] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.182119][ T9479] usb 1-1: Product: syz
[  511.196605][ T9479] usb 1-1: Manufacturer: syz
[  511.223909][ T9479] usb 1-1: SerialNumber: syz
[  511.274452][ T9479] hub 1-1:1.0: bad descriptor, ignoring hub
[  511.311054][ T9479] hub 1-1:1.0: probe with driver hub failed with error -5
[  511.445965][T15265] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3298'.
[  511.459774][T15266] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3299'.
[  511.605467][ T5978] usb 1-1: USB disconnect, device number 43
[  511.770367][ T9479] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  511.867373][T15272] fuse: Invalid rootmode
[  512.009703][ T9479] usb 2-1: config 0 has an invalid interface number: 81 but max is 2
[  512.017896][ T9479] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  512.133567][ T9479] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3
[  512.156401][ T9479] usb 2-1: config 0 has no interface number 0
[  512.173157][ T9479] usb 2-1: config 0 interface 81 altsetting 3 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  512.188469][ T5978] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  512.249050][ T9479] usb 2-1: config 0 interface 81 has no altsetting 0
[  512.258354][ T9465] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  512.327880][ T9479] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=21.7a
[  512.348770][ T5978] usb 3-1: Using ep0 maxpacket: 16
[  512.361630][ T5978] usb 3-1: too many configurations: 91, using maximum allowed: 8
[  512.387104][ T9479] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.398826][ T9465] usb 5-1: device descriptor read/64, error -71
[  512.449833][ T9479] usb 2-1: config 0 descriptor??
[  512.466970][ T5978] usb 3-1: New USB device found, idVendor=07c4, idProduct=a109, bcdDevice=e8.ef
[  512.492617][ T5978] usb 3-1: New USB device strings: Mfr=6, Product=96, SerialNumber=77
[  512.532557][ T5978] usb 3-1: Product: syz
[  512.536768][ T5978] usb 3-1: Manufacturer: syz
[  512.564391][ T5978] usb 3-1: SerialNumber: syz
[  512.678925][ T9465] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  512.709446][T15268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  512.745467][T15268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  512.792399][ T5978] ums-datafab 3-1:68.0: USB Mass Storage device detected
[  512.900796][ T9465] usb 5-1: device descriptor read/64, error -71
[  513.034622][ T9465] usb usb5-port1: attempt power cycle
[  513.205413][ T5978] ums-sddr55 3-1:68.0: USB Mass Storage device detected
[  513.476367][   T30] audit: type=1326 audit(1764705524.591:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  513.499186][ T9465] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  513.541143][ T9465] usb 5-1: device descriptor read/8, error -71
[  513.558381][   T30] audit: type=1326 audit(1764705524.591:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f36e418de97 code=0x7ffc0000
[  513.603557][ T5978] usb 3-1: USB disconnect, device number 48
[  513.673632][   T30] audit: type=1326 audit(1764705524.591:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  513.788457][ T9465] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  513.946221][ T9465] usb 5-1: device descriptor read/8, error -71
[  514.029646][   T30] audit: type=1326 audit(1764705524.591:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  514.139681][ T9465] usb usb5-port1: unable to enumerate USB device
[  514.309715][   T30] audit: type=1326 audit(1764705524.591:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  514.368478][   T30] audit: type=1326 audit(1764705524.591:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  514.451147][   T30] audit: type=1326 audit(1764705524.591:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  514.577140][ T9479] usb 2-1: string descriptor 0 read error: -71
[  514.618622][ T9479] cdc_ether 2-1:0.81: skipping garbage
[  514.627484][   T30] audit: type=1326 audit(1764705524.591:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  514.653134][ T9479] cdc_ether 2-1:0.81: skipping garbage
[  514.696226][ T9479] cdc_ether 2-1:0.81: skipping garbage
[  514.709643][ T9479] cdc_ether 2-1:0.81: skipping garbage
[  514.731481][ T9479] usb 2-1: bad CDC descriptors
[  514.788689][   T30] audit: type=1326 audit(1764705524.591:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  514.815776][ T9479] usb 2-1: unsupported MDLM descriptors
[  514.842357][ T9479] usb 2-1: USB disconnect, device number 55
[  514.874769][   T30] audit: type=1326 audit(1764705524.601:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15283 comm="syz.3.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  515.006633][T15298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3306'.
[  515.016798][T15298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3306'.
[  515.033414][T15298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3306'.
[  515.650538][T15305] netlink: 92 bytes leftover after parsing attributes in process `syz.4.3308'.
[  515.800053][T15310] netlink: 92 bytes leftover after parsing attributes in process `syz.3.3309'.
[  516.066334][T15311] netlink: 212340 bytes leftover after parsing attributes in process `syz.1.3310'.
[  516.075984][T15311] openvswitch: netlink: Message has 16 unknown bytes.
[  516.798409][ T5978] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  517.040862][ T5978] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  517.100906][ T5978] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  517.148312][ T5978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.186886][ T5978] usb 2-1: Product: syz
[  517.207105][ T5978] usb 2-1: Manufacturer: syz
[  517.231585][ T5978] usb 2-1: SerialNumber: syz
[  517.282152][ T5978] hub 2-1:1.0: bad descriptor, ignoring hub
[  517.328428][ T5978] hub 2-1:1.0: probe with driver hub failed with error -5
[  517.627689][ T5978] usb 2-1: USB disconnect, device number 56
[  517.673834][ T5928] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  517.860712][ T5928] usb 3-1: config 24 has an invalid interface number: 217 but max is 0
[  517.886984][ T5928] usb 3-1: config 24 has no interface number 0
[  517.905668][ T5928] usb 3-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  517.925012][ T5928] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.968821][ T5928] usb 3-1: Product: syz
[  517.973211][ T5928] usb 3-1: Manufacturer: syz
[  517.978287][ T5928] usb 3-1: SerialNumber: syz
[  517.995897][ T5928] hub 3-1:24.217: bad descriptor, ignoring hub
[  518.019187][ T5928] hub 3-1:24.217: probe with driver hub failed with error -5
[  518.151875][T15339] FAULT_INJECTION: forcing a failure.
[  518.151875][T15339] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  518.166698][T15339] CPU: 0 UID: 0 PID: 15339 Comm: syz.3.3319 Not tainted syzkaller #0 PREEMPT(full) 
[  518.166724][T15339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  518.166735][T15339] Call Trace:
[  518.166745][T15339]  <TASK>
[  518.166753][T15339]  dump_stack_lvl+0x189/0x250
[  518.166780][T15339]  ? __pfx____ratelimit+0x10/0x10
[  518.166809][T15339]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.166828][T15339]  ? __pfx__printk+0x10/0x10
[  518.166861][T15339]  ? fs_reclaim_acquire+0x7d/0x100
[  518.166892][T15339]  should_fail_ex+0x414/0x560
[  518.166932][T15339]  prepare_alloc_pages+0x213/0x610
[  518.166981][T15339]  __alloc_frozen_pages_noprof+0x123/0x370
[  518.167009][T15339]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  518.167037][T15339]  ? register_lock_class+0x51/0x320
[  518.167077][T15339]  ? policy_nodemask+0x27c/0x720
[  518.167105][T15339]  alloc_pages_mpol+0x232/0x4a0
[  518.167134][T15339]  vma_alloc_folio_noprof+0xe4/0x200
[  518.167158][T15339]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  518.167195][T15339]  folio_prealloc+0x30/0x180
[  518.167226][T15339]  __handle_mm_fault+0x2a50/0x53a0
[  518.167274][T15339]  ? __pfx___handle_mm_fault+0x10/0x10
[  518.167327][T15339]  ? find_vma+0xe7/0x160
[  518.167351][T15339]  ? __pfx_find_vma+0x10/0x10
[  518.167381][T15339]  handle_mm_fault+0x40a/0x8e0
[  518.167421][T15339]  do_user_addr_fault+0x764/0x1380
[  518.167481][T15339]  exc_page_fault+0x82/0x100
[  518.167511][T15339]  asm_exc_page_fault+0x26/0x30
[  518.167531][T15339] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  518.167554][T15339] Code: 3a 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f 3a 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  518.167572][T15339] RSP: 0018:ffffc90003faf898 EFLAGS: 00050202
[  518.167592][T15339] RAX: ffffffff8487bc01 RBX: ffff88807b470000 RCX: 000000000000073a
[  518.167608][T15339] RDX: 0000000000000000 RSI: ffff88807b470080 RDI: 0000200000004000
[  518.167621][T15339] RBP: ffffc90003fafa10 R08: ffff88807b4707b9 R09: 1ffff1100f68e0f7
[  518.167634][T15339] R10: dffffc0000000000 R11: ffffed100f68e0f8 R12: dffffc0000000000
[  518.167649][T15339] R13: 0000000000000000 R14: 00007ffffffff000 R15: 00000000000007ba
[  518.167671][T15339]  ? _copy_to_iter+0x381/0x1790
[  518.167709][T15339]  _copy_to_iter+0x493/0x1790
[  518.167736][T15339]  ? xa_find+0x8c/0x2b0
[  518.167763][T15339]  ? xa_find+0x8c/0x2b0
[  518.167787][T15339]  ? __pfx__copy_to_iter+0x10/0x10
[  518.167835][T15339]  seq_read_iter+0xbf5/0xe20
[  518.167889][T15339]  seq_read+0x369/0x480
[  518.167948][T15339]  ? __pfx_seq_read+0x10/0x10
[  518.167978][T15339]  ? __pfx___mutex_trylock_common+0x10/0x10
[  518.168020][T15339]  ? __pfx_seq_read+0x10/0x10
[  518.168045][T15339]  proc_reg_read+0x1e9/0x2e0
[  518.168066][T15339]  ? __pfx_proc_reg_read+0x10/0x10
[  518.168089][T15339]  vfs_read+0x200/0xa30
[  518.168117][T15339]  ? fdget_pos+0x247/0x320
[  518.168145][T15339]  ? __pfx___mutex_lock+0x10/0x10
[  518.168167][T15339]  ? __pfx_vfs_read+0x10/0x10
[  518.168197][T15339]  ? __fget_files+0x2a/0x420
[  518.168224][T15339]  ? __fget_files+0x3a0/0x420
[  518.168244][T15339]  ? __fget_files+0x2a/0x420
[  518.168274][T15339]  ksys_read+0x145/0x250
[  518.168304][T15339]  ? __pfx_ksys_read+0x10/0x10
[  518.168336][T15339]  ? do_syscall_64+0xbe/0xf80
[  518.168358][T15339]  do_syscall_64+0xfa/0xf80
[  518.168373][T15339]  ? lockdep_hardirqs_on+0x98/0x140
[  518.168402][T15339]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.168422][T15339]  ? clear_bhb_loop+0x60/0xb0
[  518.168447][T15339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.168465][T15339] RIP: 0033:0x7f36e418f749
[  518.168485][T15339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.168503][T15339] RSP: 002b:00007f36e503f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  518.168524][T15339] RAX: ffffffffffffffda RBX: 00007f36e43e5fa0 RCX: 00007f36e418f749
[  518.168539][T15339] RDX: 0000000000002020 RSI: 0000200000003f80 RDI: 0000000000000003
[  518.168552][T15339] RBP: 00007f36e503f090 R08: 0000000000000000 R09: 0000000000000000
[  518.168565][T15339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.168577][T15339] R13: 00007f36e43e6038 R14: 00007f36e43e5fa0 R15: 00007f36e450fa28
[  518.168615][T15339]  </TASK>
[  518.586875][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.596673][ T5928] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  518.762451][ T5928] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  518.800164][ T5928] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  518.855648][ T5928] usb 3-1: media controller created
[  518.946829][ T5928] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  519.265682][ T5928] DVB: Unable to find symbol dib7000p_attach()
[  519.286352][ T5928] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  519.541547][ T5928] rc_core: IR keymap rc-dib0700-rc5 not found
[  519.594561][ T5928] Registered IR keymap rc-empty
[  519.610924][ T5928] dvb-usb: could not initialize remote control.
[  519.626314][ T5928] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  519.696165][ T5928] usb 3-1: USB disconnect, device number 49
[  519.913746][ T5928] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  520.076472][T15367] FAULT_INJECTION: forcing a failure.
[  520.076472][T15367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  520.136280][T15367] CPU: 0 UID: 0 PID: 15367 Comm: syz.4.3327 Not tainted syzkaller #0 PREEMPT(full) 
[  520.136301][T15367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  520.136307][T15367] Call Trace:
[  520.136312][T15367]  <TASK>
[  520.136317][T15367]  dump_stack_lvl+0x189/0x250
[  520.136331][T15367]  ? __pfx____ratelimit+0x10/0x10
[  520.136346][T15367]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.136356][T15367]  ? __pfx__printk+0x10/0x10
[  520.136368][T15367]  ? __might_fault+0xb0/0x130
[  520.136387][T15367]  should_fail_ex+0x414/0x560
[  520.136401][T15367]  _copy_from_user+0x2d/0xb0
[  520.136412][T15367]  sk_getsockopt+0x197/0x2530
[  520.136428][T15367]  ? __pfx_sk_getsockopt+0x10/0x10
[  520.136446][T15367]  ? do_syscall_64+0x80/0xf80
[  520.136465][T15367]  ? __might_fault+0xb0/0x130
[  520.136487][T15367]  do_sock_getsockopt+0x20a/0x3d0
[  520.136500][T15367]  ? do_syscall_64+0x80/0xf80
[  520.136514][T15367]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  520.136527][T15367]  ? do_syscall_64+0x80/0xf80
[  520.136534][T15367]  ? __fget_files+0x2a/0x420
[  520.136544][T15367]  ? __fget_files+0x3a0/0x420
[  520.136553][T15367]  ? __fget_files+0x2a/0x420
[  520.136566][T15367]  __x64_sys_getsockopt+0x1a5/0x250
[  520.136586][T15367]  ? do_syscall_64+0x80/0xf80
[  520.136600][T15367]  ? do_syscall_64+0x80/0xf80
[  520.136616][T15367]  do_syscall_64+0xfa/0xf80
[  520.136627][T15367]  ? lockdep_hardirqs_on+0x98/0x140
[  520.136649][T15367]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.136660][T15367]  ? clear_bhb_loop+0x60/0xb0
[  520.136671][T15367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.136681][T15367] RIP: 0033:0x7f5a2578f749
[  520.136690][T15367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.136698][T15367] RSP: 002b:00007f5a266dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  520.136711][T15367] RAX: ffffffffffffffda RBX: 00007f5a259e5fa0 RCX: 00007f5a2578f749
[  520.136717][T15367] RDX: 0000000000000022 RSI: 0000000000000001 RDI: 0000000000000003
[  520.136723][T15367] RBP: 00007f5a266dc090 R08: 0000200000001a40 R09: 0000000000000000
[  520.136729][T15367] R10: 0000200000001a00 R11: 0000000000000246 R12: 0000000000000001
[  520.136735][T15367] R13: 00007f5a259e6038 R14: 00007f5a259e5fa0 R15: 00007f5a25b0fa28
[  520.136752][T15367]  </TASK>
[  520.366769][    C0] vkms_vblank_simulate: vblank timer overrun
[  520.402339][T15369] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3326'.
[  520.781520][T15374] team0: Device gtp0 is of different type
[  520.918342][ T5928] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  521.078529][ T5928] usb 5-1: Using ep0 maxpacket: 32
[  521.089284][ T5928] usb 5-1: config 0 interface 0 has no altsetting 0
[  521.098808][ T5928] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  521.109920][ T5928] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.119347][ T5928] usb 5-1: Product: syz
[  521.123615][ T5928] usb 5-1: Manufacturer: syz
[  521.128732][ T5928] usb 5-1: SerialNumber: syz
[  521.142446][ T5928] usb 5-1: config 0 descriptor??
[  521.487264][ T5928] gs_usb 5-1:0.0: Couldn't send data format (err=-71)
[  521.505707][ T5928] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71
[  521.534193][T15387] xt_hashlimit: size too large, truncated to 1048576
[  521.545577][ T5928] usb 5-1: USB disconnect, device number 87
[  521.651386][T15391] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3335'.
[  521.849877][ T5978] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  522.008354][ T5978] usb 4-1: Using ep0 maxpacket: 32
[  522.030989][ T5978] usb 4-1: config 1 interface 0 altsetting 70 bulk endpoint 0x1 has invalid maxpacket 32
[  522.061626][ T5978] usb 4-1: config 1 interface 0 has no altsetting 0
[  522.090572][ T5978] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  522.118929][ T5978] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.139236][ T5978] usb 4-1: Product: syz
[  522.143440][ T5978] usb 4-1: Manufacturer: syz
[  522.169970][ T5978] usb 4-1: SerialNumber: syz
[  522.187321][ T5978] usb 4-1: rejected 1 configuration due to insufficient available bus power
[  522.211660][ T5978] usb 4-1: no configuration chosen from 1 choice
[  523.009135][T15418] netlink: 120 bytes leftover after parsing attributes in process `syz.1.3342'.
[  523.041464][T15419] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3343'.
[  523.127706][T15421] FAULT_INJECTION: forcing a failure.
[  523.127706][T15421] name failslab, interval 1, probability 0, space 0, times 0
[  523.141767][T15421] CPU: 1 UID: 0 PID: 15421 Comm: syz.2.3344 Not tainted syzkaller #0 PREEMPT(full) 
[  523.141796][T15421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  523.141809][T15421] Call Trace:
[  523.141818][T15421]  <TASK>
[  523.141826][T15421]  dump_stack_lvl+0x189/0x250
[  523.141854][T15421]  ? __pfx____ratelimit+0x10/0x10
[  523.141882][T15421]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.141904][T15421]  ? __pfx__printk+0x10/0x10
[  523.141933][T15421]  ? __pfx___might_resched+0x10/0x10
[  523.141953][T15421]  ? fs_reclaim_acquire+0x7d/0x100
[  523.141983][T15421]  should_fail_ex+0x414/0x560
[  523.142008][T15421]  should_failslab+0xa8/0x100
[  523.142026][T15421]  __kmalloc_cache_noprof+0x6f/0x6e0
[  523.142050][T15421]  ? tcp_sendmsg_fastopen+0x1de/0x5e0
[  523.142073][T15421]  ? __lock_acquire+0x6b6/0x2cf0
[  523.142099][T15421]  tcp_sendmsg_fastopen+0x1de/0x5e0
[  523.142128][T15421]  tcp_sendmsg_locked+0x4c9d/0x5520
[  523.142165][T15421]  ? __lock_acquire+0x6b6/0x2cf0
[  523.142215][T15421]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  523.142235][T15421]  ? __local_bh_enable_ip+0x12d/0x1c0
[  523.142262][T15421]  ? __local_bh_enable_ip+0x12d/0x1c0
[  523.142296][T15421]  tcp_sendmsg+0x2f/0x50
[  523.142318][T15421]  __sock_sendmsg+0x19c/0x270
[  523.142339][T15421]  __sys_sendto+0x3bd/0x520
[  523.142363][T15421]  ? __pfx___sys_sendto+0x10/0x10
[  523.142382][T15421]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  523.142409][T15421]  ? __fget_files+0x3a0/0x420
[  523.142437][T15421]  ? ksys_write+0x22a/0x250
[  523.142462][T15421]  ? __pfx_ksys_write+0x10/0x10
[  523.142488][T15421]  __x64_sys_sendto+0xde/0x100
[  523.142513][T15421]  do_syscall_64+0xfa/0xf80
[  523.142526][T15421]  ? lockdep_hardirqs_on+0x98/0x140
[  523.142549][T15421]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.142564][T15421]  ? clear_bhb_loop+0x60/0xb0
[  523.142584][T15421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.142600][T15421] RIP: 0033:0x7ff68a18f749
[  523.142614][T15421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  523.142629][T15421] RSP: 002b:00007ff68b00a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  523.142647][T15421] RAX: ffffffffffffffda RBX: 00007ff68a3e5fa0 RCX: 00007ff68a18f749
[  523.142665][T15421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  523.142674][T15421] RBP: 00007ff68b00a090 R08: 0000200000000540 R09: 0000000000000010
[  523.142684][T15421] R10: 0000000020000010 R11: 0000000000000246 R12: 0000000000000001
[  523.142694][T15421] R13: 00007ff68a3e6038 R14: 00007ff68a3e5fa0 R15: 00007ff68a50fa28
[  523.142721][T15421]  </TASK>
[  523.818363][ T5978] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  523.988353][ T5978] usb 1-1: Using ep0 maxpacket: 8
[  523.995054][ T5978] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  524.018416][ T5978] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1c1e, bcdDevice= 0.00
[  524.048141][ T5978] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.093228][ T5978] usb 1-1: config 0 descriptor??
[  524.174014][ T5846] Bluetooth: hci1: command 0x0406 tx timeout
[  524.500687][T15430] FAULT_INJECTION: forcing a failure.
[  524.500687][T15430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  524.515473][T15430] CPU: 0 UID: 0 PID: 15430 Comm: syz.4.3347 Not tainted syzkaller #0 PREEMPT(full) 
[  524.515501][T15430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  524.515513][T15430] Call Trace:
[  524.515520][T15430]  <TASK>
[  524.515525][T15430]  dump_stack_lvl+0x189/0x250
[  524.515549][T15430]  ? __pfx____ratelimit+0x10/0x10
[  524.515567][T15430]  ? __pfx_dump_stack_lvl+0x10/0x10
[  524.515580][T15430]  ? __pfx__printk+0x10/0x10
[  524.515603][T15430]  should_fail_ex+0x414/0x560
[  524.515622][T15430]  _copy_from_user+0x2d/0xb0
[  524.515634][T15430]  __copy_msghdr+0x3c5/0x5b0
[  524.515655][T15430]  ___sys_sendmsg+0x1a5/0x2a0
[  524.515673][T15430]  ? __pfx____sys_sendmsg+0x10/0x10
[  524.515716][T15430]  ? __fget_files+0x2a/0x420
[  524.515729][T15430]  ? __fget_files+0x3a0/0x420
[  524.515748][T15430]  __sys_sendmmsg+0x227/0x430
[  524.515769][T15430]  ? __pfx___sys_sendmmsg+0x10/0x10
[  524.515791][T15430]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  524.515814][T15430]  ? ksys_write+0x22a/0x250
[  524.515832][T15430]  ? __pfx_ksys_write+0x10/0x10
[  524.515852][T15430]  __x64_sys_sendmmsg+0xa0/0xc0
[  524.515871][T15430]  do_syscall_64+0xfa/0xf80
[  524.515882][T15430]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.515893][T15430]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  524.515905][T15430]  ? clear_bhb_loop+0x60/0xb0
[  524.515919][T15430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.515938][T15430] RIP: 0033:0x7f5a2578f749
[  524.515955][T15430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.515966][T15430] RSP: 002b:00007f5a266dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  524.515980][T15430] RAX: ffffffffffffffda RBX: 00007f5a259e5fa0 RCX: 00007f5a2578f749
[  524.515989][T15430] RDX: 000000000400005c RSI: 00002000000007c0 RDI: 0000000000000003
[  524.515997][T15430] RBP: 00007f5a266dc090 R08: 0000000000000000 R09: 0000000000000000
[  524.516005][T15430] R10: 000000002400c8a0 R11: 0000000000000246 R12: 0000000000000001
[  524.516012][T15430] R13: 00007f5a259e6038 R14: 00007f5a259e5fa0 R15: 00007f5a25b0fa28
[  524.516031][T15430]  </TASK>
[  524.827190][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  524.827210][   T30] audit: type=1326 audit(1764705535.951:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f36e418f749 code=0x0
[  524.865647][ T5978] corsair-psu 0003:1B1C:1C1E.0008: unknown main item tag 0x4
[  524.876455][ T5978] corsair-psu 0003:1B1C:1C1E.0008: hidraw0: USB HID v1.00 Device [HID 1b1c:1c1e] on usb-dummy_hcd.0-1/input0
[  524.893341][T15434] CIFS: VFS: Malformed UNC in devname
[  524.953908][   T30] audit: type=1326 audit(1764705536.051:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  525.019789][   T30] audit: type=1326 audit(1764705536.051:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  525.057261][ T5978] corsair-psu 0003:1B1C:1C1E.0008: unable to initialize device (-71)
[  525.190098][ T5978] corsair-psu 0003:1B1C:1C1E.0008: probe with driver corsair-psu failed with error -71
[  525.226985][   T30] audit: type=1326 audit(1764705536.051:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  525.313952][ T5978] usb 1-1: USB disconnect, device number 44
[  525.488612][   T30] audit: type=1326 audit(1764705536.051:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  525.569438][   T30] audit: type=1326 audit(1764705536.051:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  525.603394][   T30] audit: type=1326 audit(1764705536.051:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  525.857745][   T30] audit: type=1326 audit(1764705536.061:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f36e418df90 code=0x7ffc0000
[  525.933641][   T30] audit: type=1326 audit(1764705536.061:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  525.939614][T15444] FAULT_INJECTION: forcing a failure.
[  525.939614][T15444] name failslab, interval 1, probability 0, space 0, times 0
[  526.012089][ T9465] usb 4-1: USB disconnect, device number 23
[  526.031885][T15444] CPU: 1 UID: 0 PID: 15444 Comm: syz.0.3350 Not tainted syzkaller #0 PREEMPT(full) 
[  526.031904][T15444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  526.031910][T15444] Call Trace:
[  526.031914][T15444]  <TASK>
[  526.031920][T15444]  dump_stack_lvl+0x189/0x250
[  526.031935][T15444]  ? __pfx____ratelimit+0x10/0x10
[  526.031949][T15444]  ? __pfx_dump_stack_lvl+0x10/0x10
[  526.031959][T15444]  ? __pfx__printk+0x10/0x10
[  526.031974][T15444]  ? __pfx___might_resched+0x10/0x10
[  526.031986][T15444]  should_fail_ex+0x414/0x560
[  526.032001][T15444]  should_failslab+0xa8/0x100
[  526.032013][T15444]  __kmalloc_node_noprof+0xd2/0x800
[  526.032026][T15444]  ? alloc_slab_obj_exts+0x3e/0x100
[  526.032040][T15444]  alloc_slab_obj_exts+0x3e/0x100
[  526.032053][T15444]  __memcg_slab_post_alloc_hook+0x31d/0x7d0
[  526.032082][T15444]  kmem_cache_alloc_node_noprof+0x4e4/0x700
[  526.032098][T15444]  ? __alloc_skb+0x112/0x2d0
[  526.032114][T15444]  __alloc_skb+0x112/0x2d0
[  526.032129][T15444]  alloc_skb_with_frags+0xca/0x890
[  526.032148][T15444]  sock_alloc_send_pskb+0x84d/0x980
[  526.032166][T15444]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  526.032177][T15444]  ? __lock_acquire+0x6b6/0x2cf0
[  526.032193][T15444]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  526.032205][T15444]  unix_dgram_sendmsg+0x461/0x1850
[  526.032222][T15444]  ? aa_file_perm+0x13a/0x1540
[  526.032236][T15444]  ? aa_file_perm+0x44d/0x1540
[  526.032248][T15444]  ? _parse_integer_limit+0x1ae/0x1f0
[  526.032261][T15444]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  526.032272][T15444]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  526.032289][T15444]  ? unix_seqpacket_sendmsg+0x111/0x1e0
[  526.032300][T15444]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  526.032312][T15444]  __sock_sendmsg+0x21c/0x270
[  526.032325][T15444]  sock_write_iter+0x279/0x360
[  526.032336][T15444]  ? __pfx_sock_write_iter+0x10/0x10
[  526.032350][T15444]  ? bpf_lsm_file_permission+0x9/0x20
[  526.032360][T15444]  ? security_file_permission+0x75/0x290
[  526.032378][T15444]  vfs_write+0x5c9/0xb30
[  526.032393][T15444]  ? __pfx_sock_write_iter+0x10/0x10
[  526.032403][T15444]  ? __pfx_vfs_write+0x10/0x10
[  526.032420][T15444]  ? __fget_files+0x2a/0x420
[  526.032435][T15444]  ksys_write+0x145/0x250
[  526.032449][T15444]  ? __pfx_ksys_write+0x10/0x10
[  526.032463][T15444]  ? do_syscall_64+0xbe/0xf80
[  526.032474][T15444]  do_syscall_64+0xfa/0xf80
[  526.032481][T15444]  ? lockdep_hardirqs_on+0x98/0x140
[  526.032495][T15444]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.032504][T15444]  ? clear_bhb_loop+0x60/0xb0
[  526.032515][T15444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.032524][T15444] RIP: 0033:0x7fae5cd8f749
[  526.032534][T15444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  526.032543][T15444] RSP: 002b:00007fae5dbff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  526.032555][T15444] RAX: ffffffffffffffda RBX: 00007fae5cfe5fa0 RCX: 00007fae5cd8f749
[  526.032562][T15444] RDX: 000000000000a052 RSI: 0000200000000000 RDI: 0000000000000003
[  526.032567][T15444] RBP: 00007fae5dbff090 R08: 0000000000000000 R09: 0000000000000000
[  526.032573][T15444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.032579][T15444] R13: 00007fae5cfe6038 R14: 00007fae5cfe5fa0 R15: 00007fae5d10fa28
[  526.032593][T15444]  </TASK>
[  526.468537][   T30] audit: type=1326 audit(1764705536.061:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.3.3334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f36e418f749 code=0x7ffc0000
[  526.611156][T15450] FAULT_INJECTION: forcing a failure.
[  526.611156][T15450] name failslab, interval 1, probability 0, space 0, times 0
[  526.624807][T15450] CPU: 1 UID: 0 PID: 15450 Comm: syz.3.3353 Not tainted syzkaller #0 PREEMPT(full) 
[  526.624836][T15450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  526.624849][T15450] Call Trace:
[  526.624857][T15450]  <TASK>
[  526.624866][T15450]  dump_stack_lvl+0x189/0x250
[  526.624894][T15450]  ? __pfx____ratelimit+0x10/0x10
[  526.624924][T15450]  ? __pfx_dump_stack_lvl+0x10/0x10
[  526.624945][T15450]  ? __pfx__printk+0x10/0x10
[  526.624978][T15450]  ? __pfx___might_resched+0x10/0x10
[  526.624998][T15450]  ? fs_reclaim_acquire+0x7d/0x100
[  526.625024][T15450]  should_fail_ex+0x414/0x560
[  526.625055][T15450]  should_failslab+0xa8/0x100
[  526.625079][T15450]  kmem_cache_alloc_node_noprof+0x77/0x700
[  526.625108][T15450]  ? __alloc_skb+0x112/0x2d0
[  526.625134][T15450]  ? netlink_autobind+0xdb/0x300
[  526.625158][T15450]  __alloc_skb+0x112/0x2d0
[  526.625189][T15450]  netlink_sendmsg+0x5c6/0xb30
[  526.625229][T15450]  ? __pfx_netlink_sendmsg+0x10/0x10
[  526.625261][T15450]  ? aa_sock_msg_perm+0xf1/0x1b0
[  526.625288][T15450]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  526.625309][T15450]  ? __pfx_netlink_sendmsg+0x10/0x10
[  526.625338][T15450]  __sock_sendmsg+0x21c/0x270
[  526.625366][T15450]  ____sys_sendmsg+0x505/0x820
[  526.625402][T15450]  ? __pfx_____sys_sendmsg+0x10/0x10
[  526.625441][T15450]  ? import_iovec+0x74/0xa0
[  526.625467][T15450]  ___sys_sendmsg+0x21f/0x2a0
[  526.625498][T15450]  ? __pfx____sys_sendmsg+0x10/0x10
[  526.625536][T15450]  ? rcu_read_lock_any_held+0xb3/0x120
[  526.625588][T15450]  ? __fget_files+0x2a/0x420
[  526.625610][T15450]  ? __fget_files+0x3a0/0x420
[  526.625644][T15450]  __x64_sys_sendmsg+0x19b/0x260
[  526.625685][T15450]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  526.625725][T15450]  ? __pfx_ksys_write+0x10/0x10
[  526.625758][T15450]  ? do_syscall_64+0xbe/0xf80
[  526.625780][T15450]  do_syscall_64+0xfa/0xf80
[  526.625797][T15450]  ? lockdep_hardirqs_on+0x98/0x140
[  526.625825][T15450]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.625845][T15450]  ? clear_bhb_loop+0x60/0xb0
[  526.625869][T15450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.625888][T15450] RIP: 0033:0x7f36e418f749
[  526.625907][T15450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  526.625923][T15450] RSP: 002b:00007f36e503f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  526.625944][T15450] RAX: ffffffffffffffda RBX: 00007f36e43e5fa0 RCX: 00007f36e418f749
[  526.625958][T15450] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  526.625971][T15450] RBP: 00007f36e503f090 R08: 0000000000000000 R09: 0000000000000000
[  526.625983][T15450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.625993][T15450] R13: 00007f36e43e6038 R14: 00007f36e43e5fa0 R15: 00007f36e450fa28
[  526.626027][T15450]  </TASK>
[  527.061078][T15457] FAULT_INJECTION: forcing a failure.
[  527.061078][T15457] name fail_futex, interval 1, probability 0, space 0, times 1
[  527.151342][T15457] CPU: 0 UID: 0 PID: 15457 Comm: syz.2.3351 Not tainted syzkaller #0 PREEMPT(full) 
[  527.151363][T15457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  527.151371][T15457] Call Trace:
[  527.151376][T15457]  <TASK>
[  527.151382][T15457]  dump_stack_lvl+0x189/0x250
[  527.151401][T15457]  ? __pfx____ratelimit+0x10/0x10
[  527.151419][T15457]  ? __pfx_dump_stack_lvl+0x10/0x10
[  527.151432][T15457]  ? __pfx__printk+0x10/0x10
[  527.151472][T15457]  should_fail_ex+0x414/0x560
[  527.151491][T15457]  get_futex_key+0x1a8/0x1660
[  527.151513][T15457]  ? __pfx_get_futex_key+0x10/0x10
[  527.151526][T15457]  ? __kmalloc_cache_noprof+0x3d5/0x6e0
[  527.151543][T15457]  ? __lock_acquire+0x6b6/0x2cf0
[  527.151559][T15457]  ? refill_pi_state_cache+0x93/0x180
[  527.151579][T15457]  ? __asan_memset+0x22/0x50
[  527.151597][T15457]  futex_requeue+0x21b/0x19a0
[  527.151607][T15457]  ? kstrtoull+0x12f/0x1d0
[  527.151624][T15457]  ? kstrtouint+0x6e/0xe0
[  527.151642][T15457]  ? get_pid_task+0x20/0x1f0
[  527.151656][T15457]  ? __pfx_futex_requeue+0x10/0x10
[  527.151676][T15457]  ? rcu_read_lock_any_held+0xb3/0x120
[  527.151694][T15457]  ? vfs_write+0x956/0xb30
[  527.151713][T15457]  ? ksys_write+0x1cb/0x250
[  527.151727][T15457]  do_futex+0x362/0x420
[  527.151740][T15457]  ? __pfx_vfs_write+0x10/0x10
[  527.151753][T15457]  ? __pfx_do_futex+0x10/0x10
[  527.151769][T15457]  __se_sys_futex+0x36f/0x400
[  527.151782][T15457]  ? fput+0xa0/0xd0
[  527.151792][T15457]  ? ksys_write+0x22a/0x250
[  527.151804][T15457]  ? __pfx___se_sys_futex+0x10/0x10
[  527.151817][T15457]  ? __pfx_ksys_write+0x10/0x10
[  527.151831][T15457]  ? __x64_sys_futex+0x21/0xf0
[  527.151844][T15457]  do_syscall_64+0xfa/0xf80
[  527.151852][T15457]  ? lockdep_hardirqs_on+0x98/0x140
[  527.151865][T15457]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.151874][T15457]  ? clear_bhb_loop+0x60/0xb0
[  527.151885][T15457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.151893][T15457] RIP: 0033:0x7ff68a18f749
[  527.151902][T15457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.151910][T15457] RSP: 002b:00007ff68afc8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  527.151927][T15457] RAX: ffffffffffffffda RBX: 00007ff68a3e6180 RCX: 00007ff68a18f749
[  527.151934][T15457] RDX: 0000000000000001 RSI: 000000000000000c RDI: 000020000000cffc
[  527.151940][T15457] RBP: 00007ff68afc8090 R08: 0000200000048000 R09: 0000000000000000
[  527.151946][T15457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.151951][T15457] R13: 00007ff68a3e6218 R14: 00007ff68a3e6180 R15: 00007ff68a50fa28
[  527.151966][T15457]  </TASK>
[  527.931398][T15468] FAULT_INJECTION: forcing a failure.
[  527.931398][T15468] name failslab, interval 1, probability 0, space 0, times 0
[  527.978385][T15468] CPU: 1 UID: 0 PID: 15468 Comm: syz.2.3358 Not tainted syzkaller #0 PREEMPT(full) 
[  527.978407][T15468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  527.978415][T15468] Call Trace:
[  527.978420][T15468]  <TASK>
[  527.978426][T15468]  dump_stack_lvl+0x189/0x250
[  527.978445][T15468]  ? __pfx____ratelimit+0x10/0x10
[  527.978463][T15468]  ? __pfx_dump_stack_lvl+0x10/0x10
[  527.978475][T15468]  ? __pfx__printk+0x10/0x10
[  527.978495][T15468]  ? __pfx___might_resched+0x10/0x10
[  527.978506][T15468]  ? fs_reclaim_acquire+0x7d/0x100
[  527.978521][T15468]  should_fail_ex+0x414/0x560
[  527.978539][T15468]  should_failslab+0xa8/0x100
[  527.978553][T15468]  kmem_cache_alloc_node_noprof+0x77/0x700
[  527.978571][T15468]  ? __alloc_skb+0x112/0x2d0
[  527.978585][T15468]  ? netlink_autobind+0xdb/0x300
[  527.978599][T15468]  __alloc_skb+0x112/0x2d0
[  527.978617][T15468]  netlink_sendmsg+0x5c6/0xb30
[  527.978641][T15468]  ? __pfx_netlink_sendmsg+0x10/0x10
[  527.978660][T15468]  ? aa_sock_msg_perm+0xf1/0x1b0
[  527.978676][T15468]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  527.978688][T15468]  ? __pfx_netlink_sendmsg+0x10/0x10
[  527.978705][T15468]  __sock_sendmsg+0x21c/0x270
[  527.978722][T15468]  ____sys_sendmsg+0x505/0x820
[  527.978742][T15468]  ? __pfx_____sys_sendmsg+0x10/0x10
[  527.978771][T15468]  ? import_iovec+0x74/0xa0
[  527.978786][T15468]  ___sys_sendmsg+0x21f/0x2a0
[  527.978805][T15468]  ? __pfx____sys_sendmsg+0x10/0x10
[  527.978825][T15468]  ? rcu_read_lock_any_held+0xb3/0x120
[  527.978855][T15468]  ? __fget_files+0x2a/0x420
[  527.978867][T15468]  ? __fget_files+0x3a0/0x420
[  527.978886][T15468]  __x64_sys_sendmsg+0x19b/0x260
[  527.978913][T15468]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  527.978936][T15468]  ? __pfx_ksys_write+0x10/0x10
[  527.978956][T15468]  ? do_syscall_64+0xbe/0xf80
[  527.978969][T15468]  do_syscall_64+0xfa/0xf80
[  527.978979][T15468]  ? lockdep_hardirqs_on+0x98/0x140
[  527.978995][T15468]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.979007][T15468]  ? clear_bhb_loop+0x60/0xb0
[  527.979021][T15468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.979033][T15468] RIP: 0033:0x7ff68a18f749
[  527.979045][T15468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.979056][T15468] RSP: 002b:00007ff68b00a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  527.979070][T15468] RAX: ffffffffffffffda RBX: 00007ff68a3e5fa0 RCX: 00007ff68a18f749
[  527.979079][T15468] RDX: 0000000004040100 RSI: 00002000000000c0 RDI: 0000000000000003
[  527.979087][T15468] RBP: 00007ff68b00a090 R08: 0000000000000000 R09: 0000000000000000
[  527.979095][T15468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.979102][T15468] R13: 00007ff68a3e6038 R14: 00007ff68a3e5fa0 R15: 00007ff68a50fa28
[  527.979121][T15468]  </TASK>
[  530.659600][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  530.659619][   T30] audit: type=1326 audit(1764705541.791:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  530.672182][T15491] netlink: 'syz.0.3364': attribute type 10 has an invalid length.
[  530.808700][   T30] audit: type=1326 audit(1764705541.791:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  530.865260][   T30] audit: type=1326 audit(1764705541.791:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  530.908721][T15491] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  530.959268][   T30] audit: type=1326 audit(1764705541.791:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  531.028372][   T30] audit: type=1326 audit(1764705541.791:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  531.192545][   T30] audit: type=1326 audit(1764705541.791:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  531.267464][   T30] audit: type=1326 audit(1764705541.791:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  531.360907][   T30] audit: type=1326 audit(1764705541.791:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  531.411603][   T30] audit: type=1326 audit(1764705541.791:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  531.882859][T15508] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  531.889417][T15508] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  532.066289][T15508] vhci_hcd vhci_hcd.0: Device attached
[  532.097956][   T30] audit: type=1326 audit(1764705541.791:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.0.3364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fae5cd8f749 code=0x7ffc0000
[  532.181241][T15519] FAULT_INJECTION: forcing a failure.
[  532.181241][T15519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  532.195585][T15513] vhci_hcd vhci_hcd.0: port 0 already used
[  532.255094][T15519] CPU: 1 UID: 0 PID: 15519 Comm: syz.0.3369 Not tainted syzkaller #0 PREEMPT(full) 
[  532.255124][T15519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  532.255136][T15519] Call Trace:
[  532.255145][T15519]  <TASK>
[  532.255155][T15519]  dump_stack_lvl+0x189/0x250
[  532.255184][T15519]  ? __pfx____ratelimit+0x10/0x10
[  532.255214][T15519]  ? __pfx_dump_stack_lvl+0x10/0x10
[  532.255235][T15519]  ? __pfx__printk+0x10/0x10
[  532.255277][T15519]  should_fail_ex+0x414/0x560
[  532.255309][T15519]  _copy_to_user+0x31/0xb0
[  532.255334][T15519]  simple_read_from_buffer+0xe1/0x170
[  532.255362][T15519]  proc_fail_nth_read+0x1b3/0x220
[  532.255396][T15519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  532.255430][T15519]  ? rw_verify_area+0x2a6/0x4d0
[  532.255457][T15519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  532.255489][T15519]  vfs_read+0x200/0xa30
[  532.255515][T15519]  ? fdget_pos+0x247/0x320
[  532.255543][T15519]  ? __pfx___mutex_lock+0x10/0x10
[  532.255564][T15519]  ? __pfx_vfs_read+0x10/0x10
[  532.255603][T15519]  ? __fget_files+0x2a/0x420
[  532.255631][T15519]  ? __fget_files+0x3a0/0x420
[  532.255651][T15519]  ? __fget_files+0x2a/0x420
[  532.255684][T15519]  ksys_read+0x145/0x250
[  532.255714][T15519]  ? __pfx_ksys_read+0x10/0x10
[  532.255746][T15519]  ? do_syscall_64+0xbe/0xf80
[  532.255768][T15519]  do_syscall_64+0xfa/0xf80
[  532.255784][T15519]  ? lockdep_hardirqs_on+0x98/0x140
[  532.255812][T15519]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.255833][T15519]  ? clear_bhb_loop+0x60/0xb0
[  532.255856][T15519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.255872][T15519] RIP: 0033:0x7fae5cd8e15c
[  532.255890][T15519] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  532.255907][T15519] RSP: 002b:00007fae5dbff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  532.255931][T15519] RAX: ffffffffffffffda RBX: 00007fae5cfe5fa0 RCX: 00007fae5cd8e15c
[  532.255946][T15519] RDX: 000000000000000f RSI: 00007fae5dbff0a0 RDI: 0000000000000004
[  532.255958][T15519] RBP: 00007fae5dbff090 R08: 0000000000000000 R09: 0000000000000000
[  532.255971][T15519] R10: 0000000000004020 R11: 0000000000000246 R12: 0000000000000001
[  532.255983][T15519] R13: 00007fae5cfe6038 R14: 00007fae5cfe5fa0 R15: 00007fae5d10fa28
[  532.256018][T15519]  </TASK>
[  532.558378][ T9465] usb 40-1: SetAddress Request (6) to port 0
[  532.578650][ T9465] usb 40-1: new SuperSpeed USB device number 6 using vhci_hcd
[  532.658365][   T43] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  532.949814][   T43] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  532.961812][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.627588][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.627628][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.634827][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.634887][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.634917][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.635880][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.635943][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.635971][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.636897][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.636933][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.636950][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.637822][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.637857][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.637870][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.647312][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.647364][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.647390][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.648957][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.649021][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.649045][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.650247][   T43] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  533.650285][   T43] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  533.650306][   T43] usb 4-1: config 0 interface 0 has no altsetting 0
[  533.653302][   T43] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  534.034970][T15529] netlink: 92 bytes leftover after parsing attributes in process `syz.4.3373'.
[  534.067740][   T43] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  534.087161][   T43] usb 4-1: Product: syz
[  534.091907][   T43] usb 4-1: Manufacturer: syz
[  534.098542][   T43] usb 4-1: SerialNumber: syz
[  534.125299][   T43] usb 4-1: config 0 descriptor??
[  534.145837][   T43] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  534.657452][T15539] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3375'.
[  535.122006][T15549] netlink: 92 bytes leftover after parsing attributes in process `syz.4.3377'.
[  536.126436][ T5910] usb 4-1: USB disconnect, device number 24
[  536.170836][ T5910] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  536.230494][T15509] vhci_hcd: connection reset by peer
[  536.236204][T10034] vhci_hcd: stop threads
[  536.244948][T10034] vhci_hcd: release socket
[  536.286325][T10034] vhci_hcd: disconnect device
[  536.770945][ T9463] usb 3-1: new full-speed USB device number 50 using dummy_hcd
[  536.928396][ T9463] usb 3-1: device descriptor read/64, error -71
[  537.168364][ T9463] usb 3-1: new full-speed USB device number 51 using dummy_hcd
[  537.208945][T15586] netlink: 92 bytes leftover after parsing attributes in process `syz.3.3387'.
[  537.624878][T15586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3387'.
[  537.668468][ T9463] usb 3-1: device descriptor read/64, error -71
[  537.679279][ T9465] usb 40-1: device descriptor read/8, error -110
[  537.808625][ T9463] usb usb3-port1: attempt power cycle
[  538.129124][ T9465] usb usb40-port1: attempt power cycle
[  538.468459][ T9463] usb 3-1: new full-speed USB device number 52 using dummy_hcd
[  538.678384][ T9463] usb 3-1: device descriptor read/8, error -71
[  538.698977][ T9465] usb usb40-port1: unable to enumerate USB device
[  538.921505][ T9463] usb 3-1: new full-speed USB device number 53 using dummy_hcd
[  538.999206][ T9463] usb 3-1: device descriptor read/8, error -71
[  539.157863][ T9463] usb usb3-port1: unable to enumerate USB device
[  539.508404][ T9465] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  539.617200][T15605] FAULT_INJECTION: forcing a failure.
[  539.617200][T15605] name failslab, interval 1, probability 0, space 0, times 0
[  539.630149][T15605] CPU: 1 UID: 0 PID: 15605 Comm: syz.3.3393 Not tainted syzkaller #0 PREEMPT(full) 
[  539.630175][T15605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  539.630187][T15605] Call Trace:
[  539.630195][T15605]  <TASK>
[  539.630203][T15605]  dump_stack_lvl+0x189/0x250
[  539.630229][T15605]  ? __pfx____ratelimit+0x10/0x10
[  539.630259][T15605]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.630280][T15605]  ? __pfx__printk+0x10/0x10
[  539.630313][T15605]  ? __pfx___might_resched+0x10/0x10
[  539.630331][T15605]  ? fs_reclaim_acquire+0x7d/0x100
[  539.630355][T15605]  should_fail_ex+0x414/0x560
[  539.630386][T15605]  should_failslab+0xa8/0x100
[  539.630409][T15605]  kmem_cache_alloc_node_noprof+0x77/0x700
[  539.630437][T15605]  ? __alloc_skb+0x112/0x2d0
[  539.630461][T15605]  ? netlink_autobind+0xdb/0x300
[  539.630484][T15605]  __alloc_skb+0x112/0x2d0
[  539.630514][T15605]  netlink_sendmsg+0x5c6/0xb30
[  539.630555][T15605]  ? __pfx_netlink_sendmsg+0x10/0x10
[  539.630587][T15605]  ? aa_sock_msg_perm+0xf1/0x1b0
[  539.630613][T15605]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  539.630632][T15605]  ? __pfx_netlink_sendmsg+0x10/0x10
[  539.630660][T15605]  __sock_sendmsg+0x21c/0x270
[  539.630686][T15605]  ____sys_sendmsg+0x505/0x820
[  539.630720][T15605]  ? __pfx_____sys_sendmsg+0x10/0x10
[  539.630769][T15605]  ? import_iovec+0x74/0xa0
[  539.630794][T15605]  ___sys_sendmsg+0x21f/0x2a0
[  539.630824][T15605]  ? __pfx____sys_sendmsg+0x10/0x10
[  539.630861][T15605]  ? rcu_read_lock_any_held+0xb3/0x120
[  539.630913][T15605]  ? __fget_files+0x2a/0x420
[  539.630935][T15605]  ? __fget_files+0x3a0/0x420
[  539.630969][T15605]  __x64_sys_sendmsg+0x19b/0x260
[  539.631001][T15605]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  539.631040][T15605]  ? __pfx_ksys_write+0x10/0x10
[  539.631073][T15605]  ? do_syscall_64+0xbe/0xf80
[  539.631096][T15605]  do_syscall_64+0xfa/0xf80
[  539.631112][T15605]  ? lockdep_hardirqs_on+0x98/0x140
[  539.631141][T15605]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.631161][T15605]  ? clear_bhb_loop+0x60/0xb0
[  539.631184][T15605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.631204][T15605] RIP: 0033:0x7f36e418f749
[  539.631223][T15605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.631240][T15605] RSP: 002b:00007f36e503f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  539.631263][T15605] RAX: ffffffffffffffda RBX: 00007f36e43e5fa0 RCX: 00007f36e418f749
[  539.631277][T15605] RDX: 0000000020008000 RSI: 0000200000000140 RDI: 0000000000000003
[  539.631290][T15605] RBP: 00007f36e503f090 R08: 0000000000000000 R09: 0000000000000000
[  539.631303][T15605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  539.631315][T15605] R13: 00007f36e43e6038 R14: 00007f36e43e5fa0 R15: 00007f36e450fa28
[  539.631367][T15605]  </TASK>
[  540.116232][ T9465] usb 5-1: Using ep0 maxpacket: 16
[  540.152788][ T9465] usb 5-1: config 4 has an invalid interface number: 51 but max is 0
[  540.161431][ T9465] usb 5-1: config 4 has no interface number 0
[  540.167574][ T9465] usb 5-1: config 4 interface 51 has no altsetting 0
[  540.177680][ T9465] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  540.187170][ T9465] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.195308][ T9465] usb 5-1: Product: syz
[  540.201422][ T9465] usb 5-1: Manufacturer: syz
[  540.206050][ T9465] usb 5-1: SerialNumber: syz
[  540.217670][ T9465] cdc_eem 5-1:4.51: probe with driver cdc_eem failed with error -22
[  540.434087][T15596] netlink: 'syz.4.3390': attribute type 29 has an invalid length.
[  540.458600][T15596] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3390'.
[  540.477870][T15596] bond0: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  540.515813][   T43] usb 5-1: USB disconnect, device number 88
[  540.639980][ T9465] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  540.810280][ T9465] usb 4-1: config 24 has an invalid interface number: 217 but max is 0
[  540.888516][ T9465] usb 4-1: config 24 has no interface number 0
[  540.922201][ T9465] usb 4-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  540.935005][ T9465] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.945624][ T9465] usb 4-1: Product: syz
[  540.949941][ T9465] usb 4-1: Manufacturer: syz
[  540.954832][ T9465] usb 4-1: SerialNumber: syz
[  540.976289][ T9465] hub 4-1:24.217: bad descriptor, ignoring hub
[  540.985366][ T9465] hub 4-1:24.217: probe with driver hub failed with error -5
[  541.174652][ T9465] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  541.200531][ T9465] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  541.221397][ T9465] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  541.240478][ T9465] usb 4-1: media controller created
[  541.283507][ T9465] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  541.361536][T15621] pim6reg: entered allmulticast mode
[  541.389985][T15623] pim6reg: left allmulticast mode
[  541.402796][ T9465] DVB: Unable to find symbol dib7000p_attach()
[  541.410523][ T9465] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  541.649530][ T9465] rc_core: IR keymap rc-dib0700-rc5 not found
[  541.664732][ T9465] Registered IR keymap rc-empty
[  541.695013][ T9465] dvb-usb: could not initialize remote control.
[  541.729847][ T9465] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  541.819616][ T9465] usb 4-1: USB disconnect, device number 25
[  542.187567][ T9465] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  543.127837][T15657] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3408'.
[  543.998880][ T9465] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  544.178134][ T9465] usb 5-1: config 24 has an invalid interface number: 217 but max is 0
[  544.218067][ T9465] usb 5-1: config 24 has no interface number 0
[  544.269652][T15668] netlink: 592 bytes leftover after parsing attributes in process `syz.2.3413'.
[  544.270647][ T9465] usb 5-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  544.339349][ T9465] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.360302][ T9465] usb 5-1: Product: syz
[  544.364471][ T9465] usb 5-1: Manufacturer: syz
[  544.398318][ T9465] usb 5-1: SerialNumber: syz
[  544.456210][ T9465] hub 5-1:24.217: bad descriptor, ignoring hub
[  544.532567][ T9465] hub 5-1:24.217: probe with driver hub failed with error -5
[  544.646165][T15676] program syz.0.3415 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  544.655345][ T9465] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  544.693417][ T9465] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  544.712040][ T9465] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  544.747785][ T9465] usb 5-1: media controller created
[  544.818822][ T9465] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  544.987668][ T9465] DVB: Unable to find symbol dib7000p_attach()
[  545.015539][ T9465] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  545.208606][ T9465] rc_core: IR keymap rc-dib0700-rc5 not found
[  545.424531][ T9465] Registered IR keymap rc-empty
[  545.437303][ T9465] dvb-usb: could not initialize remote control.
[  545.450994][ T9465] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  545.482341][ T9465] usb 5-1: USB disconnect, device number 89
[  545.855811][ T9465] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  545.998631][T15695] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3419'.
[  546.095156][T15688] vlan0: entered promiscuous mode
[  546.110527][T15688] vlan0: left promiscuous mode
[  546.898815][T15702] ptrace attach of "./syz-executor exec"[13379] was attempted by "./syz-executor exec"[15702]
[  546.907017][T15698] bridge0: port 2(bridge_slave_1) entered disabled state
[  546.916471][T15698] bridge0: port 1(bridge_slave_0) entered disabled state
[  546.998877][T15698] bridge0: left promiscuous mode
[  547.008805][T15698] bridge0: left allmulticast mode
[  547.239949][T15698] tipc: Resetting bearer <eth:xfrm0>
[  547.275278][T15698] tipc: Resetting bearer <eth:macvlan0>
[  547.346765][T15707] program syz.0.3423 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  547.370082][T15700] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3420'.
[  547.403002][   T68] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  547.418519][T15700] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3420'.
[  547.442268][   T68] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  547.476028][T15711] sctp: [Deprecated]: syz.0.3423 (pid 15711) Use of struct sctp_assoc_value in delayed_ack socket option.
[  547.476028][T15711] Use struct sctp_sack_info instead
[  547.533117][   T68] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  547.560559][   T68] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  547.573341][T15707] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3423'.
[  547.694642][T15714] syz.3.3425: vmalloc error: size 8392704, failed to allocated page array size 16392, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  547.749978][T15714] CPU: 0 UID: 0 PID: 15714 Comm: syz.3.3425 Not tainted syzkaller #0 PREEMPT(full) 
[  547.750008][T15714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  547.750021][T15714] Call Trace:
[  547.750030][T15714]  <TASK>
[  547.750039][T15714]  dump_stack_lvl+0x189/0x250
[  547.750070][T15714]  ? __pfx_dump_stack_lvl+0x10/0x10
[  547.750091][T15714]  ? __pfx__printk+0x10/0x10
[  547.750118][T15714]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  547.750145][T15714]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  547.750172][T15714]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  547.750201][T15714]  warn_alloc+0x214/0x310
[  547.750228][T15714]  ? __pfx_warn_alloc+0x10/0x10
[  547.750257][T15714]  ? __get_vm_area_node+0x28f/0x300
[  547.750287][T15714]  ? htable_create+0x101/0x7a0
[  547.750315][T15714]  __vmalloc_node_range_noprof+0x690/0x12d0
[  547.750385][T15714]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  547.750428][T15714]  ? rcu_is_watching+0x15/0xb0
[  547.750447][T15714]  ? htable_create+0x101/0x7a0
[  547.750470][T15714]  __kvmalloc_node_noprof+0x674/0x900
[  547.750488][T15714]  ? htable_create+0x101/0x7a0
[  547.750509][T15714]  ? hashlimit_pernet+0x23/0x240
[  547.750533][T15714]  ? hashlimit_pernet+0x23/0x240
[  547.750554][T15714]  ? hashlimit_pernet+0x23/0x240
[  547.750586][T15714]  htable_create+0x101/0x7a0
[  547.750619][T15714]  hashlimit_mt_check_common+0x719/0xa10
[  547.750653][T15714]  hashlimit_mt_check_v1+0x221/0x360
[  547.750680][T15714]  ? __pfx_hashlimit_mt_check_v1+0x10/0x10
[  547.750712][T15714]  ? xt_find_match+0x1f7/0x250
[  547.750742][T15714]  xt_check_match+0x3d1/0xab0
[  547.750770][T15714]  ? __pfx_xt_check_match+0x10/0x10
[  547.750796][T15714]  ? pcpu_alloc_noprof+0xfb6/0x16e0
[  547.750839][T15714]  ? xt_find_match+0x1f7/0x250
[  547.750869][T15714]  translate_table+0x150b/0x2000
[  547.750918][T15714]  ? __pfx_translate_table+0x10/0x10
[  547.750943][T15714]  ? __might_fault+0xb0/0x130
[  547.750997][T15714]  ? _copy_from_user+0x94/0xb0
[  547.751025][T15714]  do_ipt_set_ctl+0x967/0xcd0
[  547.751053][T15714]  ? rcu_is_watching+0x15/0xb0
[  547.751073][T15714]  ? trace_contention_end+0x39/0x100
[  547.751095][T15714]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  547.751139][T15714]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  547.751173][T15714]  ? __pfx_aa_sk_perm+0x10/0x10
[  547.751203][T15714]  nf_setsockopt+0x26f/0x290
[  547.751228][T15714]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  547.751273][T15714]  do_sock_setsockopt+0x17c/0x1b0
[  547.751308][T15714]  __x64_sys_setsockopt+0x13f/0x1b0
[  547.751341][T15714]  do_syscall_64+0xfa/0xf80
[  547.751358][T15714]  ? lockdep_hardirqs_on+0x98/0x140
[  547.751385][T15714]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.751453][T15714]  ? clear_bhb_loop+0x60/0xb0
[  547.751478][T15714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.751498][T15714] RIP: 0033:0x7f36e418f749
[  547.751518][T15714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.751535][T15714] RSP: 002b:00007f36e501e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  547.751559][T15714] RAX: ffffffffffffffda RBX: 00007f36e43e6090 RCX: 00007f36e418f749
[  547.751573][T15714] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000005
[  547.751587][T15714] RBP: 00007f36e4213f91 R08: 0000000000000448 R09: 0000000000000000
[  547.751599][T15714] R10: 00002000000006c0 R11: 0000000000000246 R12: 0000000000000000
[  547.751612][T15714] R13: 00007f36e43e6128 R14: 00007f36e43e6090 R15: 00007f36e450fa28
[  547.751646][T15714]  </TASK>
[  547.751724][T15714] Mem-Info:
[  548.168725][ T9467] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  548.237843][T15714] active_anon:6004 inactive_anon:1 isolated_anon:0
[  548.237843][T15714]  active_file:18709 inactive_file:40116 isolated_file:0
[  548.237843][T15714]  unevictable:768 dirty:626 writeback:0
[  548.237843][T15714]  slab_reclaimable:11507 slab_unreclaimable:99743
[  548.237843][T15714]  mapped:32103 shmem:1355 pagetables:1265
[  548.237843][T15714]  sec_pagetables:0 bounce:0
[  548.237843][T15714]  kernel_misc_reclaimable:0
[  548.237843][T15714]  free:1301087 free_pcp:15100 free_cma:0
[  548.378673][T15723] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3427'.
[  548.504743][T15714] Node 0 active_anon:24016kB inactive_anon:4kB active_file:75436kB inactive_file:160260kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129112kB dirty:3204kB writeback:0kB shmem:3884kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13028kB pagetables:5020kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  548.760281][T15714] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  548.961706][T15714] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  549.024836][T15714] lowmem_reserve[]: 0 2504 2504 2504 2504
[  549.034955][T15714] Node 0 DMA32 free:1293968kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24444kB inactive_anon:4kB active_file:76616kB inactive_file:160260kB unevictable:1536kB writepending:4360kB zspages:0kB present:3129332kB managed:2564720kB mlocked:0kB bounce:0kB free_pcp:43728kB local_pcp:21400kB free_cma:0kB
[  549.088897][   T43] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  549.112260][T15714] lowmem_reserve[]: 0 0 0 0 0
[  549.117024][T15714] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  549.162102][ T9465] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  549.198534][T15714] lowmem_reserve[]: 0 0 0 0 0
[  549.203335][T15714] Node 1 Normal free:3892660kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17576kB local_pcp:9032kB free_cma:0kB
[  549.270748][   T43] usb 1-1: config 24 has an invalid interface number: 217 but max is 0
[  549.280067][   T43] usb 1-1: config 24 has no interface number 0
[  549.306774][T15714] lowmem_reserve[]: 0 0 0 0 0
[  549.314485][   T43] usb 1-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  549.325875][T15714] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  549.347245][ T9465] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  549.357223][ T9465] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  549.367599][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.385764][ T9465] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  549.401214][T15714] Node 0 DMA32: 1162*4kB (ME) 531*8kB (UM) 623*16kB (UME) 546*32kB (UM) 404*64kB (UME) 237*128kB (UME) 113*256kB (UME) 59*512kB (UME) 29*1024kB (UME) 5*2048kB (UM) 269*4096kB (UM) = 1293424kB
[  549.420442][   T43] usb 1-1: Product: syz
[  549.424621][   T43] usb 1-1: Manufacturer: syz
[  549.429487][   T43] usb 1-1: SerialNumber: syz
[  549.437594][T15714] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  549.453010][ T9465] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  549.453038][ T9465] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.453054][ T9465] usb 2-1: Product: syz
[  549.453066][ T9465] usb 2-1: Manufacturer: syz
[  549.453078][ T9465] usb 2-1: SerialNumber: syz
[  549.454821][   T43] hub 1-1:24.217: bad descriptor, ignoring hub
[  549.454843][   T43] hub 1-1:24.217: probe with driver hub failed with error -5
[  549.467967][T15714] Node 1 
[  549.513802][ T9465] hub 2-1:1.0: bad descriptor, ignoring hub
[  549.527543][ T9465] hub 2-1:1.0: probe with driver hub failed with error -5
[  549.537652][T15714] Normal: 221*4kB (UE) 62*8kB (UME) 43*16kB (UME) 165*32kB (UME) 36*64kB (UME) 12*128kB (UME) 2*256kB (M) 2*512kB (M) 3*1024kB (UME) 1*2048kB (E) 946*4096kB (M) = 3892660kB
[  549.557879][T15714] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  549.603799][T15714] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  549.648341][T15714] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  549.670378][T15714] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  549.680325][   T43] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  549.692726][   T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  549.704152][   T43] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  549.714850][T15714] 61095 total pagecache pages
[  549.720892][   T43] usb 1-1: media controller created
[  549.727701][T15714] 1 pages in swap cache
[  549.737956][ T9465] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 57 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  549.759888][T15714] Free swap  = 124992kB
[  549.764096][T15714] Total swap = 124996kB
[  549.776481][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  549.790403][T15714] 2097051 pages RAM
[  549.794238][T15714] 0 pages HighMem/MovableOnly
[  549.819632][T15714] 424229 pages reserved
[  549.823845][T15714] 0 pages cma reserved
[  550.072386][   T43] DVB: Unable to find symbol dib7000p_attach()
[  550.091959][   T43] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  550.338329][   T43] rc_core: IR keymap rc-dib0700-rc5 not found
[  550.361915][   T43] Registered IR keymap rc-empty
[  550.385449][   T43] dvb-usb: could not initialize remote control.
[  550.406659][   T43] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  550.419756][ T5925] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  550.498907][   T43] usb 1-1: USB disconnect, device number 45
[  550.578960][T15752] netlink: 92 bytes leftover after parsing attributes in process `syz.3.3435'.
[  550.588485][ T5925] usb 5-1: Using ep0 maxpacket: 8
[  550.600897][ T5925] usb 5-1: config 162 has an invalid interface number: 97 but max is 0
[  550.614542][   T43] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  550.625533][ T5925] usb 5-1: config 162 has no interface number 0
[  550.633907][ T5925] usb 5-1: config 162 interface 97 has no altsetting 0
[  550.635885][T15750] syzkaller0: tun_chr_ioctl cmd 1074025677
[  550.653626][ T5925] usb 5-1: New USB device found, idVendor=0c2e, idProduct=0700, bcdDevice=e1.3b
[  550.664954][ T5925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.692467][T15753] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3435'.
[  550.704666][T15750] syzkaller0: linktype set to 6
[  550.723636][ T5925] usb 5-1: Product: syz
[  550.767105][ T5925] usb 5-1: Manufacturer: syz
[  550.925901][ T5925] usb 5-1: SerialNumber: syz
[  551.221058][ T6110] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  551.371682][ T6110] usb 3-1: device descriptor read/64, error -71
[  551.385214][T15758] FAULT_INJECTION: forcing a failure.
[  551.385214][T15758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  551.468555][T15758] CPU: 1 UID: 0 PID: 15758 Comm: syz.0.3439 Not tainted syzkaller #0 PREEMPT(full) 
[  551.468580][T15758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  551.468591][T15758] Call Trace:
[  551.468599][T15758]  <TASK>
[  551.468608][T15758]  dump_stack_lvl+0x189/0x250
[  551.468641][T15758]  ? __pfx____ratelimit+0x10/0x10
[  551.468679][T15758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  551.468700][T15758]  ? __pfx__printk+0x10/0x10
[  551.468727][T15758]  ? __might_fault+0xb0/0x130
[  551.468768][T15758]  should_fail_ex+0x414/0x560
[  551.468798][T15758]  _copy_from_iter+0x1de/0x1790
[  551.468843][T15758]  ? __pfx__copy_from_iter+0x10/0x10
[  551.468883][T15758]  ? page_copy_sane+0x4e/0x280
[  551.468913][T15758]  copy_page_from_iter+0xdd/0x170
[  551.468945][T15758]  tun_get_user+0x1d40/0x3da0
[  551.468970][T15758]  ? tun_get_user+0x6fc/0x3da0
[  551.469003][T15758]  ? aa_file_perm+0x44d/0x1540
[  551.469029][T15758]  ? __pfx_tun_get_user+0x10/0x10
[  551.469050][T15758]  ? __lock_acquire+0x6b6/0x2cf0
[  551.469083][T15758]  ? kstrtoull+0x12f/0x1d0
[  551.469118][T15758]  ? ref_tracker_alloc+0x318/0x460
[  551.469148][T15758]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  551.469180][T15758]  ? tun_get+0x1c/0x2f0
[  551.469204][T15758]  ? tun_get+0x1c/0x2f0
[  551.469221][T15758]  ? tun_get+0x1c/0x2f0
[  551.469245][T15758]  tun_chr_write_iter+0x113/0x200
[  551.469278][T15758]  vfs_write+0x5c9/0xb30
[  551.469313][T15758]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  551.469344][T15758]  ? __pfx_vfs_write+0x10/0x10
[  551.469383][T15758]  ? __fget_files+0x2a/0x420
[  551.469414][T15758]  ksys_write+0x145/0x250
[  551.469445][T15758]  ? __pfx_ksys_write+0x10/0x10
[  551.469477][T15758]  ? do_syscall_64+0xbe/0xf80
[  551.469500][T15758]  do_syscall_64+0xfa/0xf80
[  551.469516][T15758]  ? lockdep_hardirqs_on+0x98/0x140
[  551.469546][T15758]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.469566][T15758]  ? clear_bhb_loop+0x60/0xb0
[  551.469590][T15758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.469609][T15758] RIP: 0033:0x7fae5cd8e1ff
[  551.469627][T15758] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  551.469644][T15758] RSP: 002b:00007fae5dbff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  551.469675][T15758] RAX: ffffffffffffffda RBX: 00007fae5cfe5fa0 RCX: 00007fae5cd8e1ff
[  551.469689][T15758] RDX: 000000000000008a RSI: 0000200000000100 RDI: 00000000000000c8
[  551.469701][T15758] RBP: 00007fae5dbff090 R08: 0000000000000000 R09: 0000000000000000
[  551.469714][T15758] R10: 000000000000008a R11: 0000000000000293 R12: 0000000000000001
[  551.469726][T15758] R13: 00007fae5cfe6038 R14: 00007fae5cfe5fa0 R15: 00007fae5d10fa28
[  551.469760][T15758]  </TASK>
[  551.858344][ T6110] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  551.988724][ T6110] usb 3-1: device descriptor read/64, error -71
[  552.021643][T15762] FAULT_INJECTION: forcing a failure.
[  552.021643][T15762] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  552.075490][T15762] CPU: 0 UID: 0 PID: 15762 Comm: syz.0.3440 Not tainted syzkaller #0 PREEMPT(full) 
[  552.075508][T15762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  552.075515][T15762] Call Trace:
[  552.075520][T15762]  <TASK>
[  552.075526][T15762]  dump_stack_lvl+0x189/0x250
[  552.075549][T15762]  ? __pfx____ratelimit+0x10/0x10
[  552.075572][T15762]  ? __pfx_dump_stack_lvl+0x10/0x10
[  552.075587][T15762]  ? __pfx__printk+0x10/0x10
[  552.075606][T15762]  ? __might_fault+0xb0/0x130
[  552.075630][T15762]  should_fail_ex+0x414/0x560
[  552.075645][T15762]  _copy_from_user+0x2d/0xb0
[  552.075656][T15762]  ucma_create_id+0xd5/0x360
[  552.075668][T15762]  ? __pfx_ucma_create_id+0x10/0x10
[  552.075690][T15762]  ucma_write+0x249/0x2e0
[  552.075707][T15762]  ? __pfx_ucma_write+0x10/0x10
[  552.075722][T15762]  ? security_file_permission+0x75/0x290
[  552.075744][T15762]  ? rw_verify_area+0x255/0x4d0
[  552.075768][T15762]  vfs_writev+0x4b6/0x960
[  552.075780][T15762]  ? vfs_write+0x956/0xb30
[  552.075793][T15762]  ? __pfx_ucma_write+0x10/0x10
[  552.075803][T15762]  ? __pfx_vfs_writev+0x10/0x10
[  552.075820][T15762]  ? __fget_files+0x2a/0x420
[  552.075834][T15762]  ? __fget_files+0x3a0/0x420
[  552.075849][T15762]  ? __fget_files+0x2a/0x420
[  552.075873][T15762]  do_writev+0x14d/0x2d0
[  552.075891][T15762]  ? __pfx_do_writev+0x10/0x10
[  552.075909][T15762]  ? do_syscall_64+0xbe/0xf80
[  552.075925][T15762]  do_syscall_64+0xfa/0xf80
[  552.075932][T15762]  ? lockdep_hardirqs_on+0x98/0x140
[  552.075946][T15762]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.075955][T15762]  ? clear_bhb_loop+0x60/0xb0
[  552.075967][T15762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.075976][T15762] RIP: 0033:0x7fae5cd8f749
[  552.075989][T15762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  552.076002][T15762] RSP: 002b:00007fae5dbff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  552.076020][T15762] RAX: ffffffffffffffda RBX: 00007fae5cfe5fa0 RCX: 00007fae5cd8f749
[  552.076031][T15762] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000004
[  552.076041][T15762] RBP: 00007fae5dbff090 R08: 0000000000000000 R09: 0000000000000000
[  552.076050][T15762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.076059][T15762] R13: 00007fae5cfe6038 R14: 00007fae5cfe5fa0 R15: 00007fae5d10fa28
[  552.076077][T15762]  </TASK>
[  552.315545][    C0] vkms_vblank_simulate: vblank timer overrun
[  552.324507][ T6110] usb usb3-port1: attempt power cycle
[  552.709523][ T6110] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  552.742064][ T6110] usb 3-1: device descriptor read/8, error -71
[  552.936395][T15772] FAULT_INJECTION: forcing a failure.
[  552.936395][T15772] name failslab, interval 1, probability 0, space 0, times 0
[  552.962965][ T5925] metro_usb 5-1:162.97: Metrologic USB to Serial converter detected
[  552.994186][T15772] CPU: 1 UID: 0 PID: 15772 Comm: syz.3.3442 Not tainted syzkaller #0 PREEMPT(full) 
[  552.994215][T15772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  552.994226][T15772] Call Trace:
[  552.994232][T15772]  <TASK>
[  552.994238][T15772]  dump_stack_lvl+0x189/0x250
[  552.994263][T15772]  ? __pfx____ratelimit+0x10/0x10
[  552.994291][T15772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  552.994312][T15772]  ? __pfx__printk+0x10/0x10
[  552.994344][T15772]  ? __pfx___might_resched+0x10/0x10
[  552.994363][T15772]  ? fs_reclaim_acquire+0x7d/0x100
[  552.994387][T15772]  should_fail_ex+0x414/0x560
[  552.994416][T15772]  should_failslab+0xa8/0x100
[  552.994434][T15772]  __kmalloc_noprof+0xcb/0x7e0
[  552.994451][T15772]  ? tomoyo_encode+0x28b/0x550
[  552.994470][T15772]  tomoyo_encode+0x28b/0x550
[  552.994488][T15772]  tomoyo_realpath_from_path+0x58d/0x5d0
[  552.994504][T15772]  ? tomoyo_domain+0xd9/0x130
[  552.994522][T15772]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  552.994534][T15772]  tomoyo_path_number_perm+0x1e8/0x5a0
[  552.994552][T15772]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  552.994574][T15772]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  552.994598][T15772]  ? __fget_files+0x2a/0x420
[  552.994614][T15772]  ? __fget_files+0x3a0/0x420
[  552.994632][T15772]  ? __fget_files+0x2a/0x420
[  552.994648][T15772]  security_file_ioctl+0xcb/0x2d0
[  552.994668][T15772]  __se_sys_ioctl+0x47/0x170
[  552.994686][T15772]  do_syscall_64+0xfa/0xf80
[  552.994696][T15772]  ? lockdep_hardirqs_on+0x98/0x140
[  552.994713][T15772]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.994725][T15772]  ? clear_bhb_loop+0x60/0xb0
[  552.994740][T15772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.994751][T15772] RIP: 0033:0x7f36e418f749
[  552.994763][T15772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  552.994774][T15772] RSP: 002b:00007f36e503f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  552.994788][T15772] RAX: ffffffffffffffda RBX: 00007f36e43e5fa0 RCX: 00007f36e418f749
[  552.994797][T15772] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  552.994805][T15772] RBP: 00007f36e503f090 R08: 0000000000000000 R09: 0000000000000000
[  552.994812][T15772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.994819][T15772] R13: 00007f36e43e6038 R14: 00007f36e43e5fa0 R15: 00007f36e450fa28
[  552.994839][T15772]  </TASK>
[  552.994855][T15772] ERROR: Out of memory at tomoyo_realpath_from_path.
[  553.103989][ T6110] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  553.120189][ T5925] usb 5-1: Metrologic USB to Serial converter now attached to ttyUSB0
[  553.227914][ T6110] usb 3-1: device descriptor read/8, error -71
[  553.330395][ T5925] usb 5-1: USB disconnect, device number 90
[  553.362172][ T5925] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0
[  553.414874][ T5925] metro_usb 5-1:162.97: device disconnected
[  553.433337][ T6110] usb usb3-port1: unable to enumerate USB device
[  553.506405][T15779] FAULT_INJECTION: forcing a failure.
[  553.506405][T15779] name fail_futex, interval 1, probability 0, space 0, times 0
[  553.572034][T15779] CPU: 1 UID: 0 PID: 15779 Comm: syz.3.3445 Not tainted syzkaller #0 PREEMPT(full) 
[  553.572063][T15779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  553.572076][T15779] Call Trace:
[  553.572084][T15779]  <TASK>
[  553.572093][T15779]  dump_stack_lvl+0x189/0x250
[  553.572120][T15779]  ? __pfx____ratelimit+0x10/0x10
[  553.572149][T15779]  ? __pfx_dump_stack_lvl+0x10/0x10
[  553.572170][T15779]  ? __pfx__printk+0x10/0x10
[  553.572212][T15779]  should_fail_ex+0x414/0x560
[  553.572243][T15779]  get_futex_key+0x900/0x1660
[  553.572268][T15779]  ? _parse_integer_limit+0x1ae/0x1f0
[  553.572300][T15779]  ? kstrtoull+0x12f/0x1d0
[  553.572324][T15779]  ? __pfx_get_futex_key+0x10/0x10
[  553.572341][T15779]  ? kstrtouint+0x6e/0xe0
[  553.572362][T15779]  futex_wake_op+0x132/0xd80
[  553.572380][T15779]  ? rcu_read_lock_any_held+0xb3/0x120
[  553.572398][T15779]  ? __pfx_futex_wake_op+0x10/0x10
[  553.572411][T15779]  ? vfs_write+0x956/0xb30
[  553.572446][T15779]  ? ksys_write+0x1cb/0x250
[  553.572465][T15779]  do_futex+0x3bd/0x420
[  553.572481][T15779]  ? __pfx_vfs_write+0x10/0x10
[  553.572499][T15779]  ? __pfx_do_futex+0x10/0x10
[  553.572518][T15779]  __se_sys_futex+0x36f/0x400
[  553.572530][T15779]  ? fput+0xa0/0xd0
[  553.572541][T15779]  ? ksys_write+0x22a/0x250
[  553.572553][T15779]  ? __pfx___se_sys_futex+0x10/0x10
[  553.572566][T15779]  ? __pfx_ksys_write+0x10/0x10
[  553.572580][T15779]  ? __x64_sys_futex+0x21/0xf0
[  553.572597][T15779]  do_syscall_64+0xfa/0xf80
[  553.572605][T15779]  ? lockdep_hardirqs_on+0x98/0x140
[  553.572618][T15779]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.572628][T15779]  ? clear_bhb_loop+0x60/0xb0
[  553.572638][T15779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.572647][T15779] RIP: 0033:0x7f36e418f749
[  553.572657][T15779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.572665][T15779] RSP: 002b:00007f36e503f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  553.572679][T15779] RAX: ffffffffffffffda RBX: 00007f36e43e5fa0 RCX: 00007f36e418f749
[  553.572686][T15779] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000200000002200
[  553.572692][T15779] RBP: 00007f36e503f090 R08: 0000200000002240 R09: 00000000ab02000d
[  553.572699][T15779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.572704][T15779] R13: 00007f36e43e6038 R14: 00007f36e43e5fa0 R15: 00007f36e450fa28
[  553.572719][T15779]  </TASK>
[  554.401556][   T43] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  554.503471][ T9465] usb 2-1: USB disconnect, device number 57
[  554.518791][ T9465] usblp0: removed
[  554.620935][   T43] usb 3-1: config 24 has an invalid interface number: 217 but max is 0
[  554.640196][   T43] usb 3-1: config 24 has no interface number 0
[  554.657452][   T43] usb 3-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  554.677471][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.694728][   T43] usb 3-1: Product: syz
[  554.703557][   T43] usb 3-1: Manufacturer: syz
[  554.717981][   T43] usb 3-1: SerialNumber: syz
[  554.754298][   T43] hub 3-1:24.217: bad descriptor, ignoring hub
[  554.763251][   T43] hub 3-1:24.217: probe with driver hub failed with error -5
[  555.009239][   T43] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  555.040565][   T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  555.065986][   T43] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  555.095627][   T43] usb 3-1: media controller created
[  555.171084][T15801] fuse: Invalid rootmode
[  555.229366][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  555.312556][T15805] FAULT_INJECTION: forcing a failure.
[  555.312556][T15805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  555.392806][T15805] CPU: 1 UID: 0 PID: 15805 Comm: syz.0.3452 Not tainted syzkaller #0 PREEMPT(full) 
[  555.392836][T15805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  555.392848][T15805] Call Trace:
[  555.392857][T15805]  <TASK>
[  555.392867][T15805]  dump_stack_lvl+0x189/0x250
[  555.392895][T15805]  ? __pfx____ratelimit+0x10/0x10
[  555.392925][T15805]  ? __pfx_dump_stack_lvl+0x10/0x10
[  555.392946][T15805]  ? __pfx__printk+0x10/0x10
[  555.392973][T15805]  ? __might_fault+0xb0/0x130
[  555.393014][T15805]  should_fail_ex+0x414/0x560
[  555.393045][T15805]  _copy_to_iter+0x589/0x1790
[  555.393089][T15805]  ? skb_checksum+0x7c1/0x8c0
[  555.393110][T15805]  ? __pfx__copy_to_iter+0x10/0x10
[  555.393140][T15805]  ? process_measurement+0x1640/0x1a40
[  555.393176][T15805]  ? __skb_checksum_complete+0x1db/0x3d0
[  555.393205][T15805]  udpv6_recvmsg+0x973/0x1590
[  555.393252][T15805]  ? __pfx_udpv6_recvmsg+0x10/0x10
[  555.393284][T15805]  ? aa_sk_perm+0x7f0/0x920
[  555.393308][T15805]  ? __pfx_udpv6_recvmsg+0x10/0x10
[  555.393331][T15805]  inet6_recvmsg+0x1ee/0x6b0
[  555.393353][T15805]  ? __pfx_aa_sk_perm+0x10/0x10
[  555.393378][T15805]  ? __pfx_inet6_recvmsg+0x10/0x10
[  555.393396][T15805]  ? __lock_acquire+0x6b6/0x2cf0
[  555.393429][T15805]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  555.393447][T15805]  ? security_socket_recvmsg+0x7e/0x2e0
[  555.393478][T15805]  sock_recvmsg+0x105/0x270
[  555.393506][T15805]  ____sys_recvmsg+0x1c9/0x460
[  555.393545][T15805]  ? __pfx_____sys_recvmsg+0x10/0x10
[  555.393592][T15805]  ? import_iovec+0x74/0xa0
[  555.393616][T15805]  ___sys_recvmsg+0x1b5/0x510
[  555.393649][T15805]  ? __pfx____sys_recvmsg+0x10/0x10
[  555.393693][T15805]  ? __fget_files+0x3a0/0x420
[  555.393727][T15805]  do_recvmmsg+0x307/0x770
[  555.393757][T15805]  ? __pfx_do_recvmmsg+0x10/0x10
[  555.393795][T15805]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  555.393835][T15805]  __x64_sys_recvmmsg+0x190/0x240
[  555.393859][T15805]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  555.393883][T15805]  ? do_syscall_64+0xbe/0xf80
[  555.393906][T15805]  do_syscall_64+0xfa/0xf80
[  555.393922][T15805]  ? lockdep_hardirqs_on+0x98/0x140
[  555.393951][T15805]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.393971][T15805]  ? clear_bhb_loop+0x60/0xb0
[  555.393995][T15805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.394014][T15805] RIP: 0033:0x7fae5cd8f749
[  555.394032][T15805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.394049][T15805] RSP: 002b:00007fae5dbff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  555.394072][T15805] RAX: ffffffffffffffda RBX: 00007fae5cfe5fa0 RCX: 00007fae5cd8f749
[  555.394087][T15805] RDX: 0000000000000001 RSI: 00002000000057c0 RDI: 0000000000000003
[  555.394100][T15805] RBP: 00007fae5dbff090 R08: 0000000000000000 R09: 0000000000000000
[  555.394113][T15805] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001
[  555.394126][T15805] R13: 00007fae5cfe6038 R14: 00007fae5cfe5fa0 R15: 00007fae5d10fa28
[  555.394161][T15805]  </TASK>
[  555.695422][ T9463] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  555.898011][ T9463] usb 5-1: device descriptor read/64, error -71
[  555.962370][   T43] DVB: Unable to find symbol dib7000p_attach()
[  555.968854][   T43] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  556.158782][ T9463] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[  556.256385][T15824] FAULT_INJECTION: forcing a failure.
[  556.256385][T15824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.282978][   T43] rc_core: IR keymap rc-dib0700-rc5 not found
[  556.328504][ T9463] usb 5-1: device descriptor read/64, error -71
[  556.336706][T15824] CPU: 0 UID: 0 PID: 15824 Comm: syz.3.3457 Not tainted syzkaller #0 PREEMPT(full) 
[  556.336735][T15824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  556.336743][T15824] Call Trace:
[  556.336749][T15824]  <TASK>
[  556.336754][T15824]  dump_stack_lvl+0x189/0x250
[  556.336778][T15824]  ? __pfx____ratelimit+0x10/0x10
[  556.336796][T15824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  556.336808][T15824]  ? __pfx__printk+0x10/0x10
[  556.336824][T15824]  ? __might_fault+0xb0/0x130
[  556.336848][T15824]  should_fail_ex+0x414/0x560
[  556.336867][T15824]  _copy_from_user+0x2d/0xb0
[  556.336880][T15824]  sctp_setsockopt+0x19f/0x1200
[  556.336892][T15824]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  556.336909][T15824]  do_sock_setsockopt+0x17c/0x1b0
[  556.336929][T15824]  __x64_sys_setsockopt+0x13f/0x1b0
[  556.336949][T15824]  do_syscall_64+0xfa/0xf80
[  556.336959][T15824]  ? lockdep_hardirqs_on+0x98/0x140
[  556.336977][T15824]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.336989][T15824]  ? clear_bhb_loop+0x60/0xb0
[  556.337003][T15824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.337015][T15824] RIP: 0033:0x7f36e418f749
[  556.337026][T15824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.337037][T15824] RSP: 002b:00007f36e501e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  556.337052][T15824] RAX: ffffffffffffffda RBX: 00007f36e43e6090 RCX: 00007f36e418f749
[  556.337061][T15824] RDX: 000000000000007b RSI: 0000000000000084 RDI: 0000000000000003
[  556.337069][T15824] RBP: 00007f36e501e090 R08: 0000000000000008 R09: 0000000000000000
[  556.337076][T15824] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  556.337084][T15824] R13: 00007f36e43e6128 R14: 00007f36e43e6090 R15: 00007f36e450fa28
[  556.337103][T15824]  </TASK>
[  556.528380][ T9463] usb usb5-port1: attempt power cycle
[  556.539715][   T43] Registered IR keymap rc-empty
[  556.569214][   T43] dvb-usb: could not initialize remote control.
[  556.599829][   T43] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  556.621785][T15827] FAULT_INJECTION: forcing a failure.
[  556.621785][T15827] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.639311][T15827] CPU: 1 UID: 0 PID: 15827 Comm: syz.2.3459 Not tainted syzkaller #0 PREEMPT(full) 
[  556.639341][T15827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  556.639354][T15827] Call Trace:
[  556.639362][T15827]  <TASK>
[  556.639371][T15827]  dump_stack_lvl+0x189/0x250
[  556.639400][T15827]  ? __pfx____ratelimit+0x10/0x10
[  556.639429][T15827]  ? __pfx_dump_stack_lvl+0x10/0x10
[  556.639450][T15827]  ? __pfx__printk+0x10/0x10
[  556.639476][T15827]  ? __might_fault+0xb0/0x130
[  556.639519][T15827]  should_fail_ex+0x414/0x560
[  556.639559][T15827]  _copy_from_user+0x2d/0xb0
[  556.639582][T15827]  kstrtouint_from_user+0xc4/0x170
[  556.639613][T15827]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  556.639662][T15827]  proc_fail_nth_write+0x88/0x200
[  556.639692][T15827]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  556.639729][T15827]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  556.639766][T15827]  vfs_write+0x27e/0xb30
[  556.639807][T15827]  ? __pfx_vfs_write+0x10/0x10
[  556.639839][T15827]  ? __fget_files+0x2a/0x420
[  556.639867][T15827]  ? __fget_files+0x3a0/0x420
[  556.639888][T15827]  ? __fget_files+0x2a/0x420
[  556.639922][T15827]  ksys_write+0x145/0x250
[  556.639954][T15827]  ? __pfx_ksys_write+0x10/0x10
[  556.639987][T15827]  ? do_syscall_64+0xbe/0xf80
[  556.640010][T15827]  do_syscall_64+0xfa/0xf80
[  556.640027][T15827]  ? lockdep_hardirqs_on+0x98/0x140
[  556.640055][T15827]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.640075][T15827]  ? clear_bhb_loop+0x60/0xb0
[  556.640101][T15827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.640120][T15827] RIP: 0033:0x7ff68a18e1ff
[  556.640138][T15827] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  556.640155][T15827] RSP: 002b:00007ff68b00a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  556.640177][T15827] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff68a18e1ff
[  556.640191][T15827] RDX: 0000000000000001 RSI: 00007ff68b00a0a0 RDI: 0000000000000003
[  556.640203][T15827] RBP: 00007ff68b00a090 R08: 0000000000000000 R09: 0000000000000000
[  556.640216][T15827] R10: 0000200000000080 R11: 0000000000000293 R12: 0000000000000001
[  556.640228][T15827] R13: 00007ff68a3e6038 R14: 00007ff68a3e5fa0 R15: 00007ff68a50fa28
[  556.640265][T15827]  </TASK>
[  556.882511][   T43] usb 3-1: USB disconnect, device number 58
[  556.917964][   T43] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  556.988277][ T9463] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[  557.052615][ T9463] usb 5-1: device descriptor read/8, error -71
[  557.358491][ T9463] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[  557.379473][ T9463] usb 5-1: device descriptor read/8, error -71
[  557.508556][ T9463] usb usb5-port1: unable to enumerate USB device
[  557.890091][   T43] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  558.051351][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  558.076007][   T43] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  558.104553][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.128196][   T43] usb 4-1: Product: syz
[  558.133652][   T43] usb 4-1: Manufacturer: syz
[  558.139446][   T43] usb 4-1: SerialNumber: syz
[  558.155740][   T43] usb 4-1: config 0 descriptor??
[  558.177343][T15849] FAULT_INJECTION: forcing a failure.
[  558.177343][T15849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  558.191185][T15849] CPU: 1 UID: 0 PID: 15849 Comm: syz.4.3465 Not tainted syzkaller #0 PREEMPT(full) 
[  558.191214][T15849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  558.191226][T15849] Call Trace:
[  558.191235][T15849]  <TASK>
[  558.191249][T15849]  dump_stack_lvl+0x189/0x250
[  558.191277][T15849]  ? __pfx____ratelimit+0x10/0x10
[  558.191305][T15849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  558.191326][T15849]  ? __pfx__printk+0x10/0x10
[  558.191354][T15849]  ? __might_fault+0xb0/0x130
[  558.191396][T15849]  should_fail_ex+0x414/0x560
[  558.191427][T15849]  _copy_from_user+0x2d/0xb0
[  558.191449][T15849]  sctp_setsockopt+0x19f/0x1200
[  558.191471][T15849]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  558.191500][T15849]  do_sock_setsockopt+0x17c/0x1b0
[  558.191534][T15849]  __x64_sys_setsockopt+0x13f/0x1b0
[  558.191577][T15849]  do_syscall_64+0xfa/0xf80
[  558.191594][T15849]  ? lockdep_hardirqs_on+0x98/0x140
[  558.191623][T15849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.191643][T15849]  ? clear_bhb_loop+0x60/0xb0
[  558.191667][T15849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.191687][T15849] RIP: 0033:0x7f5a2578f749
[  558.191705][T15849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  558.191723][T15849] RSP: 002b:00007f5a266dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  558.191745][T15849] RAX: ffffffffffffffda RBX: 00007f5a259e5fa0 RCX: 00007f5a2578f749
[  558.191760][T15849] RDX: 0000000000000018 RSI: 0000000000000084 RDI: 0000000000000004
[  558.191772][T15849] RBP: 00007f5a266dc090 R08: 0000000000000008 R09: 0000000000000000
[  558.191785][T15849] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  558.191797][T15849] R13: 00007f5a259e6038 R14: 00007f5a259e5fa0 R15: 00007f5a25b0fa28
[  558.191832][T15849]  </TASK>
[  558.380187][    C1] vkms_vblank_simulate: vblank timer overrun
[  558.826395][T15857] FAULT_INJECTION: forcing a failure.
[  558.826395][T15857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  558.855599][T15857] CPU: 1 UID: 0 PID: 15857 Comm: syz.1.3470 Not tainted syzkaller #0 PREEMPT(full) 
[  558.855630][T15857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  558.855643][T15857] Call Trace:
[  558.855652][T15857]  <TASK>
[  558.855661][T15857]  dump_stack_lvl+0x189/0x250
[  558.855688][T15857]  ? __pfx____ratelimit+0x10/0x10
[  558.855725][T15857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  558.855748][T15857]  ? __pfx__printk+0x10/0x10
[  558.855774][T15857]  ? __might_fault+0xb0/0x130
[  558.855815][T15857]  should_fail_ex+0x414/0x560
[  558.855847][T15857]  _copy_from_user+0x2d/0xb0
[  558.855868][T15857]  ___sys_recvmsg+0x12e/0x510
[  558.855895][T15857]  ? __pfx____sys_recvmsg+0x10/0x10
[  558.855949][T15857]  ? __might_fault+0xb0/0x130
[  558.855982][T15857]  do_recvmmsg+0x307/0x770
[  558.856011][T15857]  ? __pfx_do_recvmmsg+0x10/0x10
[  558.856045][T15857]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  558.856085][T15857]  __x64_sys_recvmmsg+0x190/0x240
[  558.856109][T15857]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  558.856134][T15857]  ? do_syscall_64+0xbe/0xf80
[  558.856157][T15857]  do_syscall_64+0xfa/0xf80
[  558.856173][T15857]  ? lockdep_hardirqs_on+0x98/0x140
[  558.856201][T15857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.856221][T15857]  ? clear_bhb_loop+0x60/0xb0
[  558.856246][T15857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.856265][T15857] RIP: 0033:0x7f306158f749
[  558.856284][T15857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  558.856302][T15857] RSP: 002b:00007f306248a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  558.856334][T15857] RAX: ffffffffffffffda RBX: 00007f30617e5fa0 RCX: 00007f306158f749
[  558.856349][T15857] RDX: 0000000000000002 RSI: 00002000000057c0 RDI: 0000000000000003
[  558.856362][T15857] RBP: 00007f306248a090 R08: 0000000000000000 R09: 0000000000000000
[  558.856375][T15857] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  558.856387][T15857] R13: 00007f30617e6038 R14: 00007f30617e5fa0 R15: 00007f306190fa28
[  558.856422][T15857]  </TASK>
[  559.064727][    C1] vkms_vblank_simulate: vblank timer overrun
[  559.143033][ T9463] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  559.382753][T15863] openvswitch: netlink: Key 3 has unexpected len 2 expected 4
[  559.413398][T15865] FAULT_INJECTION: forcing a failure.
[  559.413398][T15865] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  559.418553][ T5896] usb 5-1: new full-speed USB device number 95 using dummy_hcd
[  559.426736][T15865] CPU: 1 UID: 0 PID: 15865 Comm: syz.1.3471 Not tainted syzkaller #0 PREEMPT(full) 
[  559.426762][T15865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  559.426774][T15865] Call Trace:
[  559.426783][T15865]  <TASK>
[  559.426791][T15865]  dump_stack_lvl+0x189/0x250
[  559.426816][T15865]  ? __pfx____ratelimit+0x10/0x10
[  559.426843][T15865]  ? __pfx_dump_stack_lvl+0x10/0x10
[  559.426862][T15865]  ? __pfx__printk+0x10/0x10
[  559.426897][T15865]  should_fail_ex+0x414/0x560
[  559.426926][T15865]  _copy_to_user+0x31/0xb0
[  559.426948][T15865]  simple_read_from_buffer+0xe1/0x170
[  559.426972][T15865]  proc_fail_nth_read+0x1b3/0x220
[  559.427002][T15865]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  559.427031][T15865]  ? rw_verify_area+0x2a6/0x4d0
[  559.427056][T15865]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  559.427084][T15865]  vfs_read+0x200/0xa30
[  559.427116][T15865]  ? __pfx_vfs_read+0x10/0x10
[  559.427150][T15865]  ? __pfx_timespec64_add_safe+0x10/0x10
[  559.427176][T15865]  ? do_sys_openat2+0x15a/0x200
[  559.427207][T15865]  ksys_read+0x145/0x250
[  559.427235][T15865]  ? __pfx_ksys_read+0x10/0x10
[  559.427263][T15865]  ? do_syscall_64+0xbe/0xf80
[  559.427284][T15865]  do_syscall_64+0xfa/0xf80
[  559.427299][T15865]  ? lockdep_hardirqs_on+0x98/0x140
[  559.427324][T15865]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.427342][T15865]  ? clear_bhb_loop+0x60/0xb0
[  559.427372][T15865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.427390][T15865] RIP: 0033:0x7f306158e15c
[  559.427407][T15865] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  559.427422][T15865] RSP: 002b:00007f306248a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  559.427443][T15865] RAX: ffffffffffffffda RBX: 00007f30617e5fa0 RCX: 00007f306158e15c
[  559.427456][T15865] RDX: 000000000000000f RSI: 00007f306248a0a0 RDI: 0000000000000004
[  559.427467][T15865] RBP: 00007f306248a090 R08: 0000000000000000 R09: 0000000000000000
[  559.427479][T15865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  559.427489][T15865] R13: 00007f30617e6038 R14: 00007f30617e5fa0 R15: 00007f306190fa28
[  559.427519][T15865]  </TASK>
[  559.680147][ T9463] usb 3-1: config 24 has an invalid interface number: 217 but max is 0
[  559.688554][ T9463] usb 3-1: config 24 has no interface number 0
[  559.740566][ T9463] usb 3-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  559.750252][ T9463] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.798750][ T9463] usb 3-1: Product: syz
[  559.805101][ T9463] usb 3-1: Manufacturer: syz
[  559.813123][ T9463] usb 3-1: SerialNumber: syz
[  559.819864][T15863] openvswitch: netlink: Duplicate or invalid key (type 0).
[  559.827239][T15863] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  559.863619][ T5896] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  559.876314][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.886351][ T5896] usb 5-1: Product: syz
[  559.892109][ T5896] usb 5-1: Manufacturer: syz
[  559.901215][ T5896] usb 5-1: SerialNumber: syz
[  559.908094][ T9463] hub 3-1:24.217: bad descriptor, ignoring hub
[  559.917126][ T9463] hub 3-1:24.217: probe with driver hub failed with error -5
[  559.924969][ T5896] usb 5-1: config 0 descriptor??
[  559.998628][   T43] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  560.110428][ T9463] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  560.126789][ T9463] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  560.158955][ T5896] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  560.160624][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  560.168504][ T9463] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  560.187523][ T9463] usb 3-1: media controller created
[  560.197322][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.221932][   T43] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  560.229742][ T9463] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  560.232546][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.292999][T15872] tipc: Can't bind to reserved service type 0
[  560.310875][   T43] usb 2-1: config 0 descriptor??
[  560.344314][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.361848][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.378868][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.386603][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.395475][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.403717][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.411945][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.412053][ T9463] DVB: Unable to find symbol dib7000p_attach()
[  560.420273][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.420336][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.420364][  T983] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[  560.441096][  T983] hid-generic 00A0:0006:0003.0009: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  560.455724][ T9463] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  560.571175][  T983] usb 4-1: USB disconnect, device number 27
[  560.712573][ T9463] rc_core: IR keymap rc-dib0700-rc5 not found
[  560.737720][   T43] cp2112 0003:10C4:EA90.000A: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  560.749783][ T9463] Registered IR keymap rc-empty
[  560.759037][T15873] fido_id[15873]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  560.780736][ T9463] dvb-usb: could not initialize remote control.
[  560.794540][ T9463] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  560.810198][T15878] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  560.825850][ T9463] usb 3-1: USB disconnect, device number 59
[  560.922212][   T43] cp2112 0003:10C4:EA90.000A: Part Number: 0x82 Device Version: 0xFE
[  560.951200][T15878] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  561.054067][ T9463] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  561.155189][ T5896] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  561.215363][ T5896] usb 5-1: USB disconnect, device number 95
[  561.334686][T15886] FAULT_INJECTION: forcing a failure.
[  561.334686][T15886] name failslab, interval 1, probability 0, space 0, times 0
[  561.370890][T15886] CPU: 1 UID: 0 PID: 15886 Comm: syz.3.3477 Not tainted syzkaller #0 PREEMPT(full) 
[  561.370918][T15886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  561.370930][T15886] Call Trace:
[  561.370938][T15886]  <TASK>
[  561.370947][T15886]  dump_stack_lvl+0x189/0x250
[  561.370979][T15886]  ? __pfx____ratelimit+0x10/0x10
[  561.371009][T15886]  ? __pfx_dump_stack_lvl+0x10/0x10
[  561.371030][T15886]  ? __pfx__printk+0x10/0x10
[  561.371063][T15886]  ? __pfx___might_resched+0x10/0x10
[  561.371081][T15886]  ? fs_reclaim_acquire+0x7d/0x100
[  561.371108][T15886]  should_fail_ex+0x414/0x560
[  561.371162][T15886]  should_failslab+0xa8/0x100
[  561.371185][T15886]  __kmalloc_cache_node_noprof+0x74/0x6e0
[  561.371215][T15886]  ? page_pool_create_percpu+0x76/0xbc0
[  561.371246][T15886]  page_pool_create_percpu+0x76/0xbc0
[  561.371278][T15886]  __veth_napi_enable_range+0x16c/0x700
[  561.371319][T15886]  ? __pfx___veth_napi_enable_range+0x10/0x10
[  561.371365][T15886]  ? netif_napi_set_irq_locked+0x20b/0x720
[  561.371396][T15886]  veth_napi_enable_range+0xff/0x200
[  561.371435][T15886]  veth_set_features+0x1c8/0x2a0
[  561.371465][T15886]  __netdev_update_features+0xa1a/0x1ac0
[  561.371506][T15886]  ? __pfx___netdev_update_features+0x10/0x10
[  561.371540][T15886]  ? rcu_is_watching+0x15/0xb0
[  561.371570][T15886]  ? __might_fault+0xb0/0x130
[  561.371623][T15886]  ethtool_set_one_feature+0x2b4/0x300
[  561.371650][T15886]  ? __pfx_ethtool_set_one_feature+0x10/0x10
[  561.371675][T15886]  ? bpf_lsm_capable+0x9/0x20
[  561.371699][T15886]  ? security_capable+0x7e/0x2e0
[  561.371730][T15886]  dev_ethtool+0x1098/0x19c0
[  561.371766][T15886]  ? __pfx_dev_ethtool+0x10/0x10
[  561.371807][T15886]  ? dev_load+0x21/0x1f0
[  561.371836][T15886]  dev_ioctl+0x392/0x1150
[  561.371867][T15886]  sock_do_ioctl+0x22c/0x300
[  561.371893][T15886]  ? __pfx_sock_do_ioctl+0x10/0x10
[  561.371933][T15886]  sock_ioctl+0x576/0x790
[  561.371958][T15886]  ? __pfx_sock_ioctl+0x10/0x10
[  561.371984][T15886]  ? __fget_files+0x3a0/0x420
[  561.372006][T15886]  ? __fget_files+0x2a/0x420
[  561.372031][T15886]  ? bpf_lsm_file_ioctl+0x9/0x20
[  561.372054][T15886]  ? __pfx_sock_ioctl+0x10/0x10
[  561.372075][T15886]  __se_sys_ioctl+0xfc/0x170
[  561.372106][T15886]  do_syscall_64+0xfa/0xf80
[  561.372122][T15886]  ? lockdep_hardirqs_on+0x98/0x140
[  561.372151][T15886]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.372170][T15886]  ? clear_bhb_loop+0x60/0xb0
[  561.372195][T15886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.372215][T15886] RIP: 0033:0x7f36e418f749
[  561.372234][T15886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  561.372253][T15886] RSP: 002b:00007f36e503f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  561.372276][T15886] RAX: ffffffffffffffda RBX: 00007f36e43e5fa0 RCX: 00007f36e418f749
[  561.372291][T15886] RDX: 00002000000002c0 RSI: 0000000000008946 RDI: 0000000000000003
[  561.372304][T15886] RBP: 00007f36e503f090 R08: 0000000000000000 R09: 0000000000000000
[  561.372317][T15886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  561.372328][T15886] R13: 00007f36e43e6038 R14: 00007f36e43e5fa0 R15: 00007f36e450fa28
[  561.372364][T15886]  </TASK>
[  561.691937][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.708852][T15886] veth0_to_team: set_features() failed (-12); wanted 0x0000612e4fdd49e9, left 0x0000612e4fdd09e9
[  561.906012][T15868] cp2112 0003:10C4:EA90.000A: Multi-message I2C transactions not supported
[  561.997981][   T43] cp2112 0003:10C4:EA90.000A: error reading lock byte: -71
[  562.011274][   T43] usb 2-1: USB disconnect, device number 58
[  562.153815][T15892] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3478'.
[  562.254627][T15893] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3478'.
[  563.096403][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  563.102939][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  563.117213][T15906] netlink: 92 bytes leftover after parsing attributes in process `syz.1.3480'.
[  563.186241][T15907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3480'.
[  564.538458][  T983] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[  564.690974][  T983] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  564.704254][  T983] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  564.720205][  T983] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.734487][  T983] usb 5-1: Product: syz
[  564.742134][  T983] usb 5-1: Manufacturer: syz
[  564.750948][  T983] usb 5-1: SerialNumber: syz
[  564.769392][  T983] hub 5-1:1.0: bad descriptor, ignoring hub
[  564.781847][  T983] hub 5-1:1.0: probe with driver hub failed with error -5
[  565.088499][  T983] usb 5-1: USB disconnect, device number 96
[  567.838615][ T7931] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[  567.989779][ T7931] usb 5-1: config 24 has an invalid interface number: 217 but max is 0
[  567.998468][ T7931] usb 5-1: config 24 has no interface number 0
[  568.008851][ T7931] usb 5-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  568.017939][ T7931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  568.026508][ T7931] usb 5-1: Product: syz
[  568.030939][ T7931] usb 5-1: Manufacturer: syz
[  568.035544][ T7931] usb 5-1: SerialNumber: syz
[  568.046383][ T7931] hub 5-1:24.217: bad descriptor, ignoring hub
[  568.052775][ T7931] hub 5-1:24.217: probe with driver hub failed with error -5
[  568.246928][ T7931] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  568.257458][ T7931] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  568.268175][ T7931] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  568.276732][ T7931] usb 5-1: media controller created
[  568.296537][ T7931] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  568.342018][ T7931] DVB: Unable to find symbol dib7000p_attach()
[  568.348430][ T7931] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  568.418529][ T7931] rc_core: IR keymap rc-dib0700-rc5 not found
[  568.424680][ T7931] Registered IR keymap rc-empty
[  568.430175][ T7931] dvb-usb: could not initialize remote control.
[  568.436493][ T7931] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  570.238388][T15395] Bluetooth: hci2: command 0x0406 tx timeout
[  570.593412][T15922] dib0700: could not acquire lock
[  576.014316][T15395] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  576.024784][T15395] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  576.033532][T15395] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  576.042888][T15395] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  576.051225][T15395] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  577.012909][T15395] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  577.021800][T15395] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  577.030388][T15395] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  577.040143][T15395] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  577.049018][T15395] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  577.458976][T15395] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  577.468990][T15395] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  577.477156][T15395] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  577.488347][T15395] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  577.496661][T15395] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  578.078416][T15395] Bluetooth: hci4: command tx timeout
[  578.474297][ T5846] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  578.485387][ T5846] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  578.495265][ T5846] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  578.503817][ T5846] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  578.519330][ T5846] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  579.118381][T15395] Bluetooth: hci6: command tx timeout
[  579.518409][T15395] Bluetooth: hci7: command tx timeout
[  580.159991][T15395] Bluetooth: hci4: command tx timeout
[  580.558410][T15395] Bluetooth: hci8: command tx timeout
[  581.208351][T15395] Bluetooth: hci6: command tx timeout
[  581.598546][T15395] Bluetooth: hci7: command tx timeout
[  582.248346][T15395] Bluetooth: hci4: command tx timeout
[  582.638433][T15395] Bluetooth: hci8: command tx timeout
[  582.934426][ T5846] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  582.944041][ T5846] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  582.953541][ T5846] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  582.961960][ T5846] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  582.970062][ T5846] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  583.278527][T15395] Bluetooth: hci6: command tx timeout
[  583.678423][T15395] Bluetooth: hci7: command tx timeout
[  584.318391][T15395] Bluetooth: hci4: command tx timeout
[  584.718372][T15395] Bluetooth: hci8: command tx timeout
[  585.038426][T15395] Bluetooth: hci9: command tx timeout
[  585.358356][T15395] Bluetooth: hci6: command tx timeout
[  585.608574][T15395] Bluetooth: hci3: command 0x0406 tx timeout
[  585.758361][ T5846] Bluetooth: hci7: command tx timeout
[  586.798388][ T5846] Bluetooth: hci8: command tx timeout
[  587.118566][ T5846] Bluetooth: hci9: command tx timeout
[  589.198494][ T5846] Bluetooth: hci9: command tx timeout
[  591.278372][ T5846] Bluetooth: hci9: command tx timeout
[  621.438464][T15395] Bluetooth: hci0: command 0x0406 tx timeout
[  624.483477][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  624.490985][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  636.025285][T15395] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  636.036846][T15395] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  636.046073][T15395] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  636.054406][T15395] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  636.063465][T15395] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  637.017296][T15395] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  637.026842][T15395] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  637.035522][T15395] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  637.045068][T15395] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  637.055027][T15395] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  638.021689][T15395] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  638.030273][T15395] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  638.040920][T15395] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  638.049151][T15395] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  638.057201][T15395] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  638.158577][ T5846] Bluetooth: hci10: command tx timeout
[  638.521920][T15395] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  638.531030][T15395] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  638.540325][T15395] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  638.549891][T15395] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  638.557860][T15395] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  639.118459][ T5846] Bluetooth: hci11: command tx timeout
[  640.088517][ T5846] Bluetooth: hci12: command tx timeout
[  640.238597][ T5846] Bluetooth: hci10: command tx timeout
[  640.638393][ T5846] Bluetooth: hci13: command tx timeout
[  641.198499][ T5846] Bluetooth: hci11: command tx timeout
[  642.158459][ T5846] Bluetooth: hci12: command tx timeout
[  642.318454][ T5846] Bluetooth: hci10: command tx timeout
[  642.718367][ T5846] Bluetooth: hci13: command tx timeout
[  643.028820][T15395] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  643.041874][T15395] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  643.053036][T15395] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  643.062404][T15395] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  643.072004][T15395] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  643.278632][ T5846] Bluetooth: hci11: command tx timeout
[  644.238477][ T5846] Bluetooth: hci12: command tx timeout
[  644.408403][ T5846] Bluetooth: hci10: command tx timeout
[  644.798360][ T5846] Bluetooth: hci13: command tx timeout
[  645.118360][ T5846] Bluetooth: hci14: command tx timeout
[  645.358625][ T5846] Bluetooth: hci11: command tx timeout
[  646.318414][ T5846] Bluetooth: hci12: command tx timeout
[  646.888398][ T5846] Bluetooth: hci13: command tx timeout
[  647.198378][ T5846] Bluetooth: hci14: command tx timeout
[  649.278583][ T5846] Bluetooth: hci14: command tx timeout
[  651.358495][ T5846] Bluetooth: hci14: command tx timeout
[  685.930393][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  685.938009][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  696.196853][ T5843] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  696.212270][ T5843] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  696.220817][ T5843] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  696.232018][ T5843] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  696.240189][ T5843] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  697.093673][ T5843] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  697.102414][ T5843] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  697.111619][ T5843] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  697.122001][ T5843] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  697.130171][ T5843] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  698.126713][ T5843] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  698.137698][ T5843] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  698.147501][ T5843] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  698.156839][ T5843] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  698.164866][ T5843] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  698.238306][ T5846] Bluetooth: hci4: command 0x0406 tx timeout
[  698.318505][T15395] Bluetooth: hci15: command tx timeout
[  698.610436][ T5846] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  698.619714][ T5846] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  698.628669][ T5846] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  698.643881][ T5846] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  698.653014][ T5846] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  699.198540][ T5846] Bluetooth: hci16: command tx timeout
[  700.238329][ T5846] Bluetooth: hci17: command tx timeout
[  700.398312][ T5846] Bluetooth: hci15: command tx timeout
[  700.718370][ T5846] Bluetooth: hci18: command tx timeout
[  701.280483][ T5843] Bluetooth: hci16: command tx timeout
[  702.318450][T15968] Bluetooth: hci17: command tx timeout
[  702.478346][T15968] Bluetooth: hci15: command tx timeout
[  702.798419][T15968] Bluetooth: hci18: command tx timeout
[  703.363445][T15968] Bluetooth: hci6: command 0x0406 tx timeout
[  703.363848][T15989] Bluetooth: hci8: command 0x0406 tx timeout
[  703.369688][T15968] Bluetooth: hci16: command tx timeout
[  703.376942][T15990] Bluetooth: hci7: command 0x0406 tx timeout
[  703.629626][ T5846] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  703.638122][ T5846] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  703.646468][ T5846] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  703.657310][ T5846] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  703.667692][ T5846] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  704.408305][T15395] Bluetooth: hci17: command tx timeout
[  704.558450][T15395] Bluetooth: hci15: command tx timeout
[  704.878558][T15395] Bluetooth: hci18: command tx timeout
[  705.438430][T15395] Bluetooth: hci16: command tx timeout
[  705.768706][T15395] Bluetooth: hci19: command tx timeout
[  706.478359][ T5846] Bluetooth: hci17: command tx timeout
[  706.959425][ T5846] Bluetooth: hci18: command tx timeout
[  707.848334][ T5846] Bluetooth: hci19: command tx timeout
[  708.481134][ T5846] Bluetooth: hci9: command 0x0406 tx timeout
[  709.918648][T15395] Bluetooth: hci19: command tx timeout
[  711.998721][T15395] Bluetooth: hci19: command tx timeout
[  716.640467][   T31] INFO: task kworker/1:1:43 blocked for more than 143 seconds.
[  716.648071][   T31]       Not tainted syzkaller #0
[  716.653147][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  716.663571][   T31] task:kworker/1:1     state:D stack:20672 pid:43    tgid:43    ppid:2      task_flags:0x4208060 flags:0x00080000
[  716.675916][   T31] Workqueue: events_power_efficient reg_check_chans_work
[  716.683172][   T31] Call Trace:
[  716.686550][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  716.690164][   T31]  __schedule+0x17b2/0x4d40
[  716.694721][   T31]  ? do_raw_spin_lock+0x121/0x290
[  716.700553][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  716.705941][   T31]  ? __pfx___schedule+0x10/0x10
[  716.710848][   T31]  ? schedule+0x91/0x360
[  716.715121][   T31]  schedule+0x165/0x360
[  716.719866][   T31]  schedule_preempt_disabled+0x13/0x30
[  716.725728][   T31]  __mutex_lock+0x7e6/0x1350
[  716.730478][   T31]  ? __mutex_lock+0x5bb/0x1350
[  716.735274][   T31]  ? reg_check_chans_work+0xa1/0xee0
[  716.740776][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  716.768553][   T31]  ? __lock_acquire+0x6b6/0x2cf0
[  716.773582][   T31]  reg_check_chans_work+0xa1/0xee0
[  716.788755][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  716.800398][   T31]  ? __pfx_reg_check_chans_work+0x10/0x10
[  716.818939][   T31]  ? process_scheduled_works+0x9ef/0x1770
[  716.824822][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  716.838469][   T31]  ? process_scheduled_works+0x9ef/0x1770
[  716.844241][   T31]  ? process_scheduled_works+0x9ef/0x1770
[  716.856000][   T31]  process_scheduled_works+0xad1/0x1770
[  716.863240][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  716.869407][   T31]  worker_thread+0x8a0/0xda0
[  716.874046][   T31]  kthread+0x711/0x8a0
[  716.878521][   T31]  ? __pfx_worker_thread+0x10/0x10
[  716.883677][   T31]  ? __pfx_kthread+0x10/0x10
[  716.888382][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  716.893619][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  716.899149][   T31]  ? __pfx_kthread+0x10/0x10
[  716.903777][   T31]  ret_from_fork+0x52d/0xa60
[  716.908509][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  716.913658][   T31]  ? __switch_to_asm+0x39/0x70
[  716.918589][   T31]  ? __switch_to_asm+0x33/0x70
[  716.923379][   T31]  ? __pfx_kthread+0x10/0x10
[  716.928022][   T31]  ret_from_fork_asm+0x1a/0x30
[  716.932880][   T31]  </TASK>
[  716.935932][   T31] INFO: task kworker/u8:3:50 blocked for more than 143 seconds.
[  716.943655][   T31]       Not tainted syzkaller #0
[  716.948652][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  716.957346][   T31] task:kworker/u8:3    state:D stack:22072 pid:50    tgid:50    ppid:2      task_flags:0x4208160 flags:0x00080000
[  716.971214][   T31] Workqueue: ipv6_addrconf addrconf_verify_work
[  716.977525][   T31] Call Trace:
[  716.980903][   T31]  <TASK>
[  716.983862][   T31]  __schedule+0x17b2/0x4d40
[  716.988575][   T31]  ? do_raw_spin_lock+0x121/0x290
[  716.993635][   T31]  ? __pfx___schedule+0x10/0x10
[  716.998732][   T31]  ? schedule+0x91/0x360
[  717.003105][   T31]  schedule+0x165/0x360
[  717.007284][   T31]  schedule_preempt_disabled+0x13/0x30
[  717.013197][   T31]  __mutex_lock+0x7e6/0x1350
[  717.017832][   T31]  ? __mutex_lock+0x5bb/0x1350
[  717.022678][   T31]  ? addrconf_verify_work+0x19/0x30
[  717.027925][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  717.033115][   T31]  ? process_scheduled_works+0x9ef/0x1770
[  717.039062][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  717.044399][   T31]  addrconf_verify_work+0x19/0x30
[  717.049557][   T31]  ? process_scheduled_works+0x9ef/0x1770
[  717.055300][   T31]  process_scheduled_works+0xad1/0x1770
[  717.060987][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  717.068138][   T31]  worker_thread+0x8a0/0xda0
[  717.072867][   T31]  kthread+0x711/0x8a0
[  717.076950][   T31]  ? __pfx_worker_thread+0x10/0x10
[  717.082191][   T31]  ? __pfx_kthread+0x10/0x10
[  717.086822][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  717.092931][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  717.098225][   T31]  ? __pfx_kthread+0x10/0x10
[  717.103445][   T31]  ret_from_fork+0x52d/0xa60
[  717.108066][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  717.113295][   T31]  ? __switch_to_asm+0x39/0x70
[  717.118090][   T31]  ? __switch_to_asm+0x33/0x70
[  717.123212][   T31]  ? __pfx_kthread+0x10/0x10
[  717.127933][   T31]  ret_from_fork_asm+0x1a/0x30
[  717.133718][   T31]  </TASK>
[  717.137056][   T31] INFO: task kworker/u8:18:11580 blocked for more than 143 seconds.
[  717.149572][   T31]       Not tainted syzkaller #0
[  717.154553][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  717.163327][   T31] task:kworker/u8:18   state:D stack:22032 pid:11580 tgid:11580 ppid:2      task_flags:0x4208060 flags:0x00080000
[  717.176622][   T31] Workqueue: events_unbound linkwatch_event
[  717.182618][   T31] Call Trace:
[  717.186005][   T31]  <TASK>
[  717.189305][   T31]  __schedule+0x17b2/0x4d40
[  717.193876][   T31]  ? do_raw_spin_lock+0x121/0x290
[  717.199978][   T31]  ? __pfx___schedule+0x10/0x10
[  717.204952][   T31]  ? schedule+0x91/0x360
[  717.210047][   T31]  schedule+0x165/0x360
[  717.214243][   T31]  schedule_preempt_disabled+0x13/0x30
[  717.219744][   T31]  __mutex_lock+0x7e6/0x1350
[  717.224360][   T31]  ? __mutex_lock+0x5bb/0x1350
[  717.229532][   T31]  ? linkwatch_event+0xe/0x60
[  717.234241][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  717.239466][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  717.244692][   T31]  ? process_scheduled_works+0x9ef/0x1770
[  717.250836][   T31]  ? process_scheduled_works+0x9ef/0x1770
[  717.256573][   T31]  linkwatch_event+0xe/0x60
[  717.261222][   T31]  process_scheduled_works+0xad1/0x1770
[  717.266824][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  717.274283][   T31]  worker_thread+0x8a0/0xda0
[  717.279703][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  717.286141][   T31]  ? __kthread_parkme+0x7b/0x200
[  717.291575][   T31]  kthread+0x711/0x8a0
[  717.295724][   T31]  ? __pfx_worker_thread+0x10/0x10
[  717.300986][   T31]  ? __pfx_kthread+0x10/0x10
[  717.305625][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  717.311054][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  717.316284][   T31]  ? __pfx_kthread+0x10/0x10
[  717.321054][   T31]  ret_from_fork+0x52d/0xa60
[  717.325679][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  717.330947][   T31]  ? __switch_to_asm+0x39/0x70
[  717.335814][   T31]  ? __switch_to_asm+0x33/0x70
[  717.340783][   T31]  ? __pfx_kthread+0x10/0x10
[  717.345393][   T31]  ret_from_fork_asm+0x1a/0x30
[  717.350251][   T31]  </TASK>
[  717.353350][   T31] INFO: task syz.0.3474:15875 blocked for more than 144 seconds.
[  717.371580][   T31]       Not tainted syzkaller #0
[  717.377667][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  717.386403][   T31] task:syz.0.3474      state:D stack:24760 pid:15875 tgid:15875 ppid:14226  task_flags:0x400040 flags:0x00080002
[  717.398444][   T31] Call Trace:
[  717.401734][   T31]  <TASK>
[  717.404696][   T31]  __schedule+0x17b2/0x4d40
[  717.409322][   T31]  ? do_raw_spin_lock+0x121/0x290
[  717.414361][   T31]  ? __pfx___schedule+0x10/0x10
[  717.419346][   T31]  ? schedule+0x91/0x360
[  717.423750][   T31]  schedule+0x165/0x360
[  717.427947][   T31]  schedule_preempt_disabled+0x13/0x30
[  717.433501][   T31]  __mutex_lock+0x7e6/0x1350
[  717.438122][   T31]  ? __mutex_lock+0x5bb/0x1350
[  717.442990][   T31]  ? tun_chr_close+0x3e/0x1c0
[  717.447657][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  717.452971][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  717.458108][   T31]  tun_chr_close+0x3e/0x1c0
[  717.462730][   T31]  __fput+0x44c/0xa70
[  717.466833][   T31]  task_work_run+0x1d4/0x260
[  717.471551][   T31]  ? __pfx_task_work_run+0x10/0x10
[  717.477799][   T31]  ? exit_to_user_mode_loop+0x40/0x130
[  717.483422][   T31]  exit_to_user_mode_loop+0xe9/0x130
[  717.488771][   T31]  do_syscall_64+0x2c7/0xf80
[  717.493394][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.499501][   T31]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  717.505139][   T31]  ? clear_bhb_loop+0x60/0xb0
[  717.509849][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.515864][   T31] RIP: 0033:0x7fae5cd8f749
[  717.520397][   T31] RSP: 002b:00007fae5d10fb88 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  717.528887][   T31] RAX: 0000000000000000 RBX: 00007fae5cfe7da0 RCX: 00007fae5cd8f749
[  717.536869][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  717.544926][   T31] RBP: 00007fae5cfe7da0 R08: 00000000000009d8 R09: 0000001d5d10fe7f
[  717.552995][   T31] R10: 00007fae5cfe7cb0 R11: 0000000000000246 R12: 0000000000089154
[  717.561346][   T31] R13: 00007fae5cfe6270 R14: ffffffffffffffff R15: 00007fae5d10fca0
[  717.569417][   T31]  </TASK>
[  717.572550][   T31] INFO: task syz.2.3478:15889 blocked for more than 144 seconds.
[  717.581598][   T31]       Not tainted syzkaller #0
[  717.586567][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  717.595455][   T31] task:syz.2.3478      state:D stack:24760 pid:15889 tgid:15889 ppid:12730  task_flags:0x400040 flags:0x00080002
[  717.607492][   T31] Call Trace:
[  717.610991][   T31]  <TASK>
[  717.613939][   T31]  __schedule+0x17b2/0x4d40
[  717.618572][   T31]  ? do_raw_spin_lock+0x121/0x290
[  717.623720][   T31]  ? __pfx___schedule+0x10/0x10
[  717.628655][   T31]  ? schedule+0x91/0x360
[  717.632911][   T31]  schedule+0x165/0x360
[  717.637083][   T31]  schedule_preempt_disabled+0x13/0x30
[  717.642622][   T31]  __mutex_lock+0x7e6/0x1350
[  717.647238][   T31]  ? __mutex_lock+0x5bb/0x1350
[  717.652068][   T31]  ? tun_chr_close+0x3e/0x1c0
[  717.656788][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  717.661948][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  717.667110][   T31]  tun_chr_close+0x3e/0x1c0
[  717.671901][   T31]  __fput+0x44c/0xa70
[  717.675897][   T31]  task_work_run+0x1d4/0x260
[  717.681719][   T31]  ? __pfx_task_work_run+0x10/0x10
[  717.686875][   T31]  ? exit_to_user_mode_loop+0x40/0x130
[  717.692444][   T31]  exit_to_user_mode_loop+0xe9/0x130
[  717.697767][   T31]  do_syscall_64+0x2c7/0xf80
[  717.702485][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.708616][   T31]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  717.714297][   T31]  ? clear_bhb_loop+0x60/0xb0
[  717.719743][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.725662][   T31] RIP: 0033:0x7ff68a18f749
[  717.730164][   T31] RSP: 002b:00007ff68a50fb88 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  717.738766][   T31] RAX: 0000000000000000 RBX: 00007ff68a3e7da0 RCX: 00007ff68a18f749
[  717.746860][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  717.755004][   T31] RBP: 00007ff68a3e7da0 R08: 0000000000001720 R09: 0000001d8a50fe7f
[  717.763060][   T31] R10: 00007ff68a3e7cb0 R11: 0000000000000246 R12: 00000000000896bc
[  717.771159][   T31] R13: 00007ff68a3e6450 R14: ffffffffffffffff R15: 00007ff68a50fca0
[  717.779354][   T31]  </TASK>
[  717.783326][   T31] INFO: task syz.2.3478:15892 blocked for more than 144 seconds.
[  717.791125][   T31]       Not tainted syzkaller #0
[  717.796090][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  717.804856][   T31] task:syz.2.3478      state:D stack:25224 pid:15892 tgid:15889 ppid:12730  task_flags:0x400140 flags:0x00080003
[  717.816903][   T31] Call Trace:
[  717.820285][   T31]  <TASK>
[  717.823239][   T31]  __schedule+0x17b2/0x4d40
[  717.827806][   T31]  ? do_raw_spin_lock+0x121/0x290
[  717.832900][   T31]  ? __pfx___schedule+0x10/0x10
[  717.837962][   T31]  ? schedule+0x91/0x360
[  717.842328][   T31]  schedule+0x165/0x360
[  717.846519][   T31]  schedule_preempt_disabled+0x13/0x30
[  717.852096][   T31]  __mutex_lock+0x7e6/0x1350
[  717.856804][   T31]  ? __mutex_lock+0x5bb/0x1350
[  717.861842][   T31]  ? rtnl_newlink+0x8e9/0x1c80
[  717.866732][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  717.871830][   T31]  ? ns_capable+0x8a/0xf0
[  717.876364][   T31]  rtnl_newlink+0x8e9/0x1c80
[  717.881058][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  717.887241][   T31]  ? rcu_preempt_deferred_qs_irqrestore+0x89c/0xce0
[  717.894093][   T31]  ? __lock_acquire+0x6b6/0x2cf0
[  717.899127][   T31]  ? rcu_is_watching+0x15/0xb0
[  717.903914][   T31]  ? rcu_read_unlock_special+0x3d8/0x520
[  717.909605][   T31]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[  717.915788][   T31]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  717.922069][   T31]  ? __lock_acquire+0x6b6/0x2cf0
[  717.927180][   T31]  ? is_bpf_text_address+0x292/0x2b0
[  717.932548][   T31]  ? is_bpf_text_address+0x26/0x2b0
[  717.937754][   T31]  ? kernel_text_address+0xa5/0xe0
[  717.942947][   T31]  ? __kernel_text_address+0xd/0x40
[  717.948207][   T31]  ? unwind_get_return_address+0x4d/0x90
[  717.953878][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  717.959011][   T31]  rtnetlink_rcv_msg+0x7cf/0xb70
[  717.963977][   T31]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  717.969148][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  717.974633][   T31]  ? __lock_acquire+0x6b6/0x2cf0
[  717.979716][   T31]  netlink_rcv_skb+0x208/0x470
[  717.984519][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  717.991469][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  717.996825][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  718.002541][   T31]  netlink_unicast+0x82f/0x9e0
[  718.007604][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  718.012974][   T31]  ? netlink_sendmsg+0x642/0xb30
[  718.017938][   T31]  ? skb_put+0x11b/0x210
[  718.022231][   T31]  netlink_sendmsg+0x805/0xb30
[  718.027190][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  718.032579][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  718.037539][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  718.042908][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  718.048262][   T31]  __sock_sendmsg+0x21c/0x270
[  718.053048][   T31]  ____sys_sendmsg+0x505/0x820
[  718.057834][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  718.063297][   T31]  ? import_iovec+0x74/0xa0
[  718.067821][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  718.072568][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  718.077800][   T31]  ? futex_wait+0x285/0x360
[  718.082383][   T31]  ? __fget_files+0x2a/0x420
[  718.087005][   T31]  ? __fget_files+0x3a0/0x420
[  718.093064][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  718.098215][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  718.104143][   T31]  ? do_syscall_64+0xbe/0xf80
[  718.109126][   T31]  do_syscall_64+0xfa/0xf80
[  718.113670][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  718.118995][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.125098][   T31]  ? clear_bhb_loop+0x60/0xb0
[  718.129877][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.135812][   T31] RIP: 0033:0x7ff68a18f749
[  718.140370][   T31] RSP: 002b:00007ff68afc8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  718.148852][   T31] RAX: ffffffffffffffda RBX: 00007ff68a3e6180 RCX: 00007ff68a18f749
[  718.156868][   T31] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[  718.165096][   T31] RBP: 00007ff68a213f91 R08: 0000000000000000 R09: 0000000000000000
[  718.173137][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  718.181247][   T31] R13: 00007ff68a3e6218 R14: 00007ff68a3e6180 R15: 00007ff68a50fa28
[  718.189349][   T31]  </TASK>
[  718.193479][   T31] INFO: task syz.2.3478:15902 blocked for more than 144 seconds.
[  718.201537][   T31]       Not tainted syzkaller #0
[  718.206469][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  718.215221][   T31] task:syz.2.3478      state:D stack:25040 pid:15902 tgid:15889 ppid:12730  task_flags:0x400140 flags:0x00080002
[  718.227661][   T31] Call Trace:
[  718.230984][   T31]  <TASK>
[  718.233946][   T31]  __schedule+0x17b2/0x4d40
[  718.238962][   T31]  ? do_raw_spin_lock+0x121/0x290
[  718.244023][   T31]  ? __pfx___schedule+0x10/0x10
[  718.248994][   T31]  ? schedule+0x91/0x360
[  718.253324][   T31]  schedule+0x165/0x360
[  718.257484][   T31]  schedule_preempt_disabled+0x13/0x30
[  718.263052][   T31]  __mutex_lock+0x7e6/0x1350
[  718.267682][   T31]  ? __mutex_lock+0x5bb/0x1350
[  718.272564][   T31]  ? rtnetlink_rcv_msg+0x71c/0xb70
[  718.277751][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  718.283133][   T31]  rtnetlink_rcv_msg+0x71c/0xb70
[  718.288112][   T31]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  718.293300][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  718.300005][   T31]  ? __lock_acquire+0x6b6/0x2cf0
[  718.305004][   T31]  ? rcu_is_watching+0x15/0xb0
[  718.310025][   T31]  netlink_rcv_skb+0x208/0x470
[  718.314795][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  718.320451][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  718.325770][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  718.331328][   T31]  netlink_unicast+0x82f/0x9e0
[  718.336156][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  718.341520][   T31]  ? netlink_sendmsg+0x642/0xb30
[  718.346485][   T31]  ? skb_put+0x11b/0x210
[  718.350849][   T31]  netlink_sendmsg+0x805/0xb30
[  718.355654][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  718.361131][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  718.366120][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  718.371483][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  718.376791][   T31]  __sock_sendmsg+0x21c/0x270
[  718.381568][   T31]  ____sys_sendmsg+0x505/0x820
[  718.386363][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  718.391799][   T31]  ? import_iovec+0x74/0xa0
[  718.396433][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  718.407606][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  718.413119][   T31]  ? futex_wait+0x285/0x360
[  718.417727][   T31]  ? __fget_files+0x2a/0x420
[  718.422480][   T31]  ? __fget_files+0x3a0/0x420
[  718.427164][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  718.432267][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  718.437743][   T31]  ? do_syscall_64+0xbe/0xf80
[  718.442703][   T31]  do_syscall_64+0xfa/0xf80
[  718.447235][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  718.452477][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.458587][   T31]  ? clear_bhb_loop+0x60/0xb0
[  718.463277][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.469470][   T31] RIP: 0033:0x7ff68a18f749
[  718.473892][   T31] RSP: 002b:00007ff68af86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  718.482494][   T31] RAX: ffffffffffffffda RBX: 00007ff68a3e6360 RCX: 00007ff68a18f749
[  718.490524][   T31] RDX: 0000000020000110 RSI: 0000200000000180 RDI: 000000000000000c
[  718.498753][   T31] RBP: 00007ff68a213f91 R08: 0000000000000000 R09: 0000000000000000
[  718.507882][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  718.516053][   T31] R13: 00007ff68a3e63f8 R14: 00007ff68a3e6360 R15: 00007ff68a50fa28
[  718.524238][   T31]  </TASK>
[  718.527400][   T31] INFO: task syz.1.3480:15900 blocked for more than 145 seconds.
[  718.535295][   T31]       Not tainted syzkaller #0
[  718.540316][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  718.549342][   T31] task:syz.1.3480      state:D stack:24760 pid:15900 tgid:15900 ppid:14467  task_flags:0x400040 flags:0x00080002
[  718.561486][   T31] Call Trace:
[  718.564950][   T31]  <TASK>
[  718.567902][   T31]  __schedule+0x17b2/0x4d40
[  718.572534][   T31]  ? do_raw_spin_lock+0x121/0x290
[  718.577576][   T31]  ? __pfx___schedule+0x10/0x10
[  718.582559][   T31]  ? schedule+0x91/0x360
[  718.586834][   T31]  schedule+0x165/0x360
[  718.591148][   T31]  schedule_preempt_disabled+0x13/0x30
[  718.596718][   T31]  __mutex_lock+0x7e6/0x1350
[  718.601458][   T31]  ? __mutex_lock+0x5bb/0x1350
[  718.607704][   T31]  ? tun_chr_close+0x3e/0x1c0
[  718.612473][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  718.617517][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  718.622722][   T31]  tun_chr_close+0x3e/0x1c0
[  718.627519][   T31]  __fput+0x44c/0xa70
[  718.631709][   T31]  task_work_run+0x1d4/0x260
[  718.636344][   T31]  ? __pfx_task_work_run+0x10/0x10
[  718.641548][   T31]  ? exit_to_user_mode_loop+0x40/0x130
[  718.647034][   T31]  exit_to_user_mode_loop+0xe9/0x130
[  718.652472][   T31]  do_syscall_64+0x2c7/0xf80
[  718.657151][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  718.662772][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.669034][   T31]  ? clear_bhb_loop+0x60/0xb0
[  718.673758][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.679807][   T31] RIP: 0033:0x7f306158f749
[  718.684339][   T31] RSP: 002b:00007f306190fb88 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  718.692930][   T31] RAX: 0000000000000000 RBX: 00007f30617e7da0 RCX: 00007f306158f749
[  718.700978][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  718.710394][   T31] RBP: 00007f30617e7da0 R08: 00000000000110ac R09: 0000001d6190fe7f
[  718.718505][   T31] R10: 00007f30617e7cb0 R11: 0000000000000246 R12: 00000000000898ed
[  718.726497][   T31] R13: 00007f30617e6360 R14: ffffffffffffffff R15: 00007f306190fca0
[  718.734548][   T31]  </TASK>
[  718.737599][   T31] INFO: task syz.1.3480:15906 blocked for more than 145 seconds.
[  718.745450][   T31]       Not tainted syzkaller #0
[  718.750451][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  718.759197][   T31] task:syz.1.3480      state:D stack:25224 pid:15906 tgid:15900 ppid:14467  task_flags:0x400140 flags:0x00080003
[  718.771280][   T31] Call Trace:
[  718.774579][   T31]  <TASK>
[  718.777508][   T31]  __schedule+0x17b2/0x4d40
[  718.782110][   T31]  ? do_raw_spin_lock+0x121/0x290
[  718.787180][   T31]  ? __pfx___schedule+0x10/0x10
[  718.792200][   T31]  ? schedule+0x91/0x360
[  718.796460][   T31]  schedule+0x165/0x360
[  718.800729][   T31]  schedule_preempt_disabled+0x13/0x30
[  718.806230][   T31]  __mutex_lock+0x7e6/0x1350
[  718.812706][   T31]  ? __mutex_lock+0x5bb/0x1350
[  718.817523][   T31]  ? rtnl_newlink+0x8e9/0x1c80
[  718.822411][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  718.827486][   T31]  ? ns_capable+0x8a/0xf0
[  718.832096][   T31]  rtnl_newlink+0x8e9/0x1c80
[  718.836852][   T31]  ? netlink_deliver_tap+0x19c/0x1b0
[  718.842219][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  718.847277][   T31]  ? kasan_quarantine_put+0xdd/0x220
[  718.854230][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  718.859710][   T31]  ? nlmon_xmit+0xb0/0x100
[  718.864126][   T31]  ? kmem_cache_free+0x192/0x670
[  718.869152][   T31]  ? __local_bh_enable_ip+0x12d/0x1c0
[  718.874726][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  718.880419][   T31]  ? __local_bh_enable_ip+0x12d/0x1c0
[  718.885801][   T31]  ? __lock_acquire+0x6b6/0x2cf0
[  718.890869][   T31]  ? __dev_queue_xmit+0x259/0x3b10
[  718.896027][   T31]  ? __dev_queue_xmit+0x259/0x3b10
[  718.901994][   T31]  ? __dev_queue_xmit+0x1d47/0x3b10
[  718.907212][   T31]  ? kasan_save_track+0x3e/0x80
[  718.913478][   T31]  ? __kasan_slab_alloc+0x6c/0x80
[  718.918609][   T31]  ? kmem_cache_alloc_noprof+0x367/0x6e0
[  718.924352][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  718.929477][   T31]  rtnetlink_rcv_msg+0x7cf/0xb70
[  718.934457][   T31]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  718.939651][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  718.945132][   T31]  ? ref_tracker_free+0x63a/0x7d0
[  718.950398][   T31]  ? __asan_memcpy+0x40/0x70
[  718.955040][   T31]  ? __pfx_ref_tracker_free+0x10/0x10
[  718.960631][   T31]  ? __skb_clone+0x63/0x7a0
[  718.965197][   T31]  netlink_rcv_skb+0x208/0x470
[  718.970102][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  718.975576][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  718.980956][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  718.986186][   T31]  netlink_unicast+0x82f/0x9e0
[  718.991342][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  718.996775][   T31]  netlink_sendmsg+0x805/0xb30
[  719.001633][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.006949][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  719.013469][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  719.018908][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.024211][   T31]  __sock_sendmsg+0x21c/0x270
[  719.029056][   T31]  ____sys_sendmsg+0x505/0x820
[  719.034035][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  719.039542][   T31]  ? import_iovec+0x74/0xa0
[  719.044076][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  719.048839][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  719.054150][   T31]  ? futex_wait+0x285/0x360
[  719.058774][   T31]  ? __fget_files+0x2a/0x420
[  719.063412][   T31]  ? __fget_files+0x3a0/0x420
[  719.068110][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  719.073214][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  719.078789][   T31]  ? do_syscall_64+0xbe/0xf80
[  719.083505][   T31]  do_syscall_64+0xfa/0xf80
[  719.088030][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  719.093318][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.099612][   T31]  ? clear_bhb_loop+0x60/0xb0
[  719.104308][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.110290][   T31] RIP: 0033:0x7f306158f749
[  719.115735][   T31] RSP: 002b:00007f3062448038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  719.124391][   T31] RAX: ffffffffffffffda RBX: 00007f30617e6180 RCX: 00007f306158f749
[  719.132448][   T31] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[  719.140530][   T31] RBP: 00007f3061613f91 R08: 0000000000000000 R09: 0000000000000000
[  719.148610][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  719.156614][   T31] R13: 00007f30617e6218 R14: 00007f30617e6180 R15: 00007f306190fa28
[  719.164661][   T31]  </TASK>
[  719.167704][   T31] INFO: task syz.1.3480:15907 blocked for more than 145 seconds.
[  719.175508][   T31]       Not tainted syzkaller #0
[  719.180749][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  719.189510][   T31] task:syz.1.3480      state:D stack:24816 pid:15907 tgid:15900 ppid:14467  task_flags:0x400140 flags:0x00080002
[  719.201891][   T31] Call Trace:
[  719.205219][   T31]  <TASK>
[  719.208399][   T31]  __schedule+0x17b2/0x4d40
[  719.212971][   T31]  ? do_raw_spin_lock+0x121/0x290
[  719.219903][   T31]  ? __pfx___schedule+0x10/0x10
[  719.224809][   T31]  ? schedule+0x91/0x360
[  719.229214][   T31]  schedule+0x165/0x360
[  719.233384][   T31]  schedule_preempt_disabled+0x13/0x30
[  719.239601][   T31]  __mutex_lock+0x7e6/0x1350
[  719.244215][   T31]  ? __dev_queue_xmit+0x259/0x3b10
[  719.249408][   T31]  ? __mutex_lock+0x5bb/0x1350
[  719.254206][   T31]  ? rtnetlink_rcv_msg+0x71c/0xb70
[  719.259636][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  719.264705][   T31]  rtnetlink_rcv_msg+0x71c/0xb70
[  719.269753][   T31]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  719.274904][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  719.280528][   T31]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  719.287568][   T31]  netlink_rcv_skb+0x208/0x470
[  719.292398][   T31]  ? rcu_is_watching+0x15/0xb0
[  719.297175][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  719.302712][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  719.308059][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  719.313342][   T31]  netlink_unicast+0x82f/0x9e0
[  719.318117][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  719.324871][   T31]  ? netlink_sendmsg+0x642/0xb30
[  719.329869][   T31]  ? skb_put+0x11b/0x210
[  719.334138][   T31]  netlink_sendmsg+0x805/0xb30
[  719.339151][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.344480][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  719.349563][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  719.354912][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.360489][   T31]  __sock_sendmsg+0x21c/0x270
[  719.365195][   T31]  ____sys_sendmsg+0x505/0x820
[  719.370205][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  719.375530][   T31]  ? import_iovec+0x74/0xa0
[  719.380089][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  719.384873][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  719.390148][   T31]  ? futex_wake+0x4b2/0x560
[  719.394687][   T31]  ? __fget_files+0x2a/0x420
[  719.399440][   T31]  ? __fget_files+0x3a0/0x420
[  719.404156][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  719.409243][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  719.414716][   T31]  ? do_syscall_64+0xbe/0xf80
[  719.419467][   T31]  do_syscall_64+0xfa/0xf80
[  719.425151][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  719.430638][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.436796][   T31]  ? clear_bhb_loop+0x60/0xb0
[  719.445821][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.452004][   T31] RIP: 0033:0x7f306158f749
[  719.456450][   T31] RSP: 002b:00007f3062427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  719.464963][   T31] RAX: ffffffffffffffda RBX: 00007f30617e6270 RCX: 00007f306158f749
[  719.473604][   T31] RDX: 0000000020000110 RSI: 0000200000000180 RDI: 000000000000000a
[  719.481849][   T31] RBP: 00007f3061613f91 R08: 0000000000000000 R09: 0000000000000000
[  719.490159][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  719.498417][   T31] R13: 00007f30617e6308 R14: 00007f30617e6270 R15: 00007f306190fa28
[  719.506558][   T31]  </TASK>
[  719.509640][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  719.518763][   T31] 
[  719.518763][   T31] Showing all locks held in the system:
[  719.527666][   T31] 1 lock held by khungtaskd/31:
[  719.532618][   T31]  #0: ffffffff8df414c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  719.542785][   T31] 3 locks held by kworker/1:1/43:
[  719.547811][   T31]  #0: ffff88801a056948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[  719.560291][   T31]  #1: ffffc90000b37b80 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[  719.571395][   T31]  #2: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0xa1/0xee0
[  719.581231][   T31] 3 locks held by kworker/u8:3/50:
[  719.586356][   T31]  #0: ffff88814cbcf948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[  719.598505][   T31]  #1: ffffc90000bb7b80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[  719.612382][   T31]  #2: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  719.622224][   T31] 7 locks held by kworker/u8:7/1153:
[  719.629271][   T31] 2 locks held by getty/5597:
[  719.633987][   T31]  #0: ffff88814dee70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  719.643834][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  719.654173][   T31] 3 locks held by kworker/u8:18/11580:
[  719.659716][   T31]  #0: ffff88801a069948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[  719.671749][   T31]  #1: ffffc9001bfbfb80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[  719.683032][   T31]  #2: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  719.692231][   T31] 1 lock held by syz.0.3474/15875:
[  719.697336][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  719.706523][   T31] 2 locks held by syz.3.3477/15887:
[  719.711854][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: dev_ioctl+0x7a4/0x1150
[  719.720707][   T31]  #1: ffff88807bb62d38 (&dev_instance_lock_key#14){+.+.}-{4:4}, at: napi_disable+0x4e/0x80
[  719.731743][   T31] 1 lock held by syz.2.3478/15889:
[  719.736871][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  719.745978][   T31] 1 lock held by syz.2.3478/15892:
[  719.751179][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80
[  719.760543][   T31] 1 lock held by syz.2.3478/15902:
[  719.765682][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[  719.775231][   T31] 1 lock held by syz.1.3480/15900:
[  719.780391][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  719.789440][   T31] 1 lock held by syz.1.3480/15906:
[  719.794631][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80
[  719.803800][   T31] 1 lock held by syz.1.3480/15907:
[  719.808966][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[  719.818609][   T31] 1 lock held by syz.4.3486/15925:
[  719.823729][   T31]  #0: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: dev_ioctl+0x83c/0x1150
[  719.833772][   T31] 2 locks held by syz-executor/15932:
[  719.839468][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  719.848990][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  719.859513][   T31] 2 locks held by syz-executor/15935:
[  719.864907][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  719.874689][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  719.885255][   T31] 2 locks held by syz-executor/15938:
[  719.890708][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  719.900254][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  719.910922][   T31] 2 locks held by syz-executor/15941:
[  719.916327][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  719.925860][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  719.937397][   T31] 2 locks held by syz-executor/15945:
[  719.942899][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  719.952418][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  719.963021][   T31] 2 locks held by syz-executor/15954:
[  719.968438][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  719.977906][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  719.988651][   T31] 2 locks held by syz-executor/15957:
[  719.994043][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.003820][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.014424][   T31] 2 locks held by syz-executor/15960:
[  720.019890][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.029658][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.041880][   T31] 2 locks held by syz-executor/15964:
[  720.047298][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.056961][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.067557][   T31] 2 locks held by syz-executor/15969:
[  720.073028][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.082499][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.093050][   T31] 2 locks held by syz-executor/15974:
[  720.098620][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.108336][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.118948][   T31] 2 locks held by syz-executor/15977:
[  720.124410][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.133939][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.145519][   T31] 2 locks held by syz-executor/15981:
[  720.151053][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.160964][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.171590][   T31] 2 locks held by syz-executor/15984:
[  720.177087][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.186586][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.197236][   T31] 2 locks held by syz-executor/15996:
[  720.202689][   T31]  #0: ffffffff8f2e55b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  720.212426][   T31]  #1: ffffffff8f2f2548 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  720.222998][   T31] 
[  720.225329][   T31] =============================================
[  720.225329][   T31] 
[  720.233865][   T31] NMI backtrace for cpu 0
[  720.233884][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  720.233908][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  720.233920][   T31] Call Trace:
[  720.233929][   T31]  <TASK>
[  720.233937][   T31]  dump_stack_lvl+0x189/0x250
[  720.233967][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  720.233988][   T31]  ? __pfx__printk+0x10/0x10
[  720.234027][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  720.234053][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  720.234079][   T31]  ? __pfx__printk+0x10/0x10
[  720.234110][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  720.234139][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  720.234163][   T31]  watchdog+0xf3c/0xf80
[  720.234190][   T31]  ? watchdog+0x1e2/0xf80
[  720.234227][   T31]  kthread+0x711/0x8a0
[  720.234255][   T31]  ? __pfx_watchdog+0x10/0x10
[  720.234275][   T31]  ? __pfx_kthread+0x10/0x10
[  720.234300][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  720.234327][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[  720.234363][   T31]  ? __pfx_kthread+0x10/0x10
[  720.234391][   T31]  ret_from_fork+0x52d/0xa60
[  720.234423][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  720.234462][   T31]  ? __switch_to_asm+0x39/0x70
[  720.234485][   T31]  ? __switch_to_asm+0x33/0x70
[  720.234507][   T31]  ? __pfx_kthread+0x10/0x10
[  720.234532][   T31]  ret_from_fork_asm+0x1a/0x30
[  720.234575][   T31]  </TASK>
[  720.234584][   T31] Sending NMI from CPU 0 to CPUs 1:
[  720.382897][    C1] NMI backtrace for cpu 1
[  720.382914][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  720.382929][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  720.382937][    C1] RIP: 0010:mark_lock+0x3e/0x190
[  720.382955][    C1] Code: 00 83 f9 01 bb 09 00 00 00 83 db 00 83 fa 08 0f 45 da bd 01 00 00 00 89 d9 d3 e5 25 ff 1f 00 00 48 0f a3 05 94 04 df 11 73 10 <48> 69 c0 c8 00 00 00 48 8d 88 70 63 1e 93 eb 42 83 3d 1b 94 e2 17
[  720.382967][    C1] RSP: 0018:ffffc90000a089e0 EFLAGS: 00000007
[  720.382980][    C1] RAX: 00000000000000b7 RBX: 0000000000000008 RCX: 0000000000000008
[  720.382989][    C1] RDX: 0000000000000008 RSI: ffff88801ce9e6b0 RDI: ffff88801ce9db80
[  720.382998][    C1] RBP: 0000000000000100 R08: ffffffff81916597 R09: ffff8880534265e8
[  720.383007][    C1] R10: dffffc0000000000 R11: ffffffff81aeafa0 R12: ffffffffffffff03
[  720.383017][    C1] R13: ffff88801ce9e6b0 R14: ffff88801ce9db80 R15: ffff88801ce9e6b0
[  720.383026][    C1] FS:  0000000000000000(0000) GS:ffff8881261c5000(0000) knlGS:0000000000000000
[  720.383037][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  720.383047][    C1] CR2: 00007f44edb17d60 CR3: 000000005ca96000 CR4: 00000000003526f0
[  720.383060][    C1] DR0: 0000000000000000 DR1: 0000000000006800 DR2: 0000000000009951
[  720.383073][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  720.383082][    C1] Call Trace:
[  720.383087][    C1]  <IRQ>
[  720.383095][    C1]  __lock_acquire+0x6b6/0x2cf0
[  720.383117][    C1]  ? __lock_acquire+0x6b6/0x2cf0
[  720.383136][    C1]  ? try_to_wake_up+0x67/0x12b0
[  720.383150][    C1]  lock_acquire+0x117/0x340
[  720.383167][    C1]  ? try_to_wake_up+0x67/0x12b0
[  720.383184][    C1]  _raw_spin_lock_irqsave+0xa7/0xf0
[  720.383201][    C1]  ? try_to_wake_up+0x67/0x12b0
[  720.383217][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  720.383239][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  720.383260][    C1]  try_to_wake_up+0x67/0x12b0
[  720.383278][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  720.383299][    C1]  ? debug_object_deactivate+0x6d/0x360
[  720.383321][    C1]  hrtimer_wakeup+0x4e/0x60
[  720.383338][    C1]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  720.383355][    C1]  __hrtimer_run_queues+0x51c/0xc30
[  720.383395][    C1]  ? ktime_get_update_offsets_now+0x67/0x3d0
[  720.383428][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  720.383443][    C1]  ? read_tsc+0x9/0x20
[  720.383465][    C1]  hrtimer_interrupt+0x45b/0xaa0
[  720.383491][    C1]  __sysvec_apic_timer_interrupt+0x102/0x3e0
[  720.383535][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  720.383562][    C1]  </IRQ>
[  720.383568][    C1]  <TASK>
[  720.383575][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  720.383592][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  720.383614][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 63 14 22 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  720.383628][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[  720.383641][    C1] RAX: aa4b7791a2c32300 RBX: ffffffff819729e7 RCX: aa4b7791a2c32300
[  720.383654][    C1] RDX: 0000000000000001 RSI: ffffffff8d762d2a RDI: ffffffff8bbfa900
[  720.383665][    C1] RBP: ffffc90000197f10 R08: ffff8880b893341b R09: 1ffff11017126683
[  720.383677][    C1] R10: dffffc0000000000 R11: ffffed1017126684 R12: ffffffff8f801370
[  720.383689][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039d3b70
[  720.383702][    C1]  ? do_idle+0x1e7/0x510
[  720.383721][    C1]  default_idle+0x13/0x20
[  720.383737][    C1]  default_idle_call+0x73/0xb0
[  720.383754][    C1]  do_idle+0x1e7/0x510
[  720.383768][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  720.383785][    C1]  ? lockdep_hardirqs_on+0x98/0x140
[  720.383807][    C1]  ? __pfx_do_idle+0x10/0x10
[  720.383845][    C1]  ? do_idle+0x4ed/0x510
[  720.383865][    C1]  cpu_startup_entry+0x44/0x60
[  720.383881][    C1]  start_secondary+0x101/0x110
[  720.383900][    C1]  common_startup_64+0x13e/0x147
[  720.383924][    C1]  </TASK>