last executing test programs:

5.595981533s ago: executing program 2 (id=8551):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(r0, &(0x7f0000000440)=""/176, 0xb0, 0x200)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0xcc93f1266b77d0bf}, 0x8040)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munmap(&(0x7f00006bb000/0x1000)=nil, 0x1000)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000005180)={0x2020}, 0x2020)

5.558281377s ago: executing program 3 (id=8552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mbind(&(0x7f000053b000/0x3000)=nil, 0x3000, 0xc001, &(0x7f0000000080)=0x2b, 0x400000000000, 0x2)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000040)=0x52, 0x4)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1000004)
setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000080)=0xe, 0x4)
getsockopt$inet6_buf(r1, 0x29, 0x6, 0xffffffffffffffff, &(0x7f0000000180)=0xa4)
write(r0, &(0x7f0000000000), 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x28, r2, 0xfd39e943ccf1163b, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000010}, 0x50)

5.360343823s ago: executing program 3 (id=8553):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x400000000, 0x0)
r2 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
shmat(r2, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x5})
shmctl$IPC_RMID(r2, 0x0)
capset(0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x8000000000000001, 0x3, 0x1, 0x4})
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f00000002c0)={0x3e, {0x0, 0x0, 0x1, 0x0, 0x8, 0x1}})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002080)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
dup2(r5, r4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r4, 0x0)
mbind(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x779a, 0x3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet(0x2, 0x2, 0xe1)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r8 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)

5.031846197s ago: executing program 1 (id=8556):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x178, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xd}, {0x0, 0xffea}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0x70, 0x2, [@TCA_ROUTE4_ACT={0x6c, 0x6, [@m_ife={0x68, 0x1a, 0x0, 0x0, {{0x8}, {0x18, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @multicast}, @TCA_IFE_TYPE={0x6, 0x5, 0x7}]}, {0x29, 0x6, "5cf80cae43926c79f74d5b5abcda3c8569302a433fb2205af13ea1534835029ea0d077c685"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}, @filter_kind_options=@f_basic={{0xa}, {0xc4, 0x2, [@TCA_BASIC_ACT={0xc0, 0x3, [@m_ife={0xbc, 0x9, 0x0, 0x0, {{0x8}, {0x68, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @local}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xffffffff, 0x2, 0x10000000, 0x0, 0x40}}}, @TCA_IFE_METALST={0x14, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x100}, @IFE_META_TCINDEX={0x6}]}, @TCA_IFE_SMAC={0xa, 0x4, @remote}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}, @TCA_IFE_DMAC={0xa}]}, {0x2d, 0x6, "5bf0c575244155d2c0b90d2c93717dda1c885ca09938b8653d174c8321a63eeb67eaf0b8a03d743889"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x178}, 0x1, 0x0, 0x0, 0x4004}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

4.730275836s ago: executing program 1 (id=8558):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup2(r0, r0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000040)={'ip_vti0\x00', <r2=>0x0, 0x1, 0x1, 0xa355, 0x7fff, {{0x9, 0x4, 0x3, 0x0, 0x24, 0x64, 0x0, 0x7, 0x4, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@generic={0x89, 0x10, "6f6d76deeb844d749b26d9d7671e"}]}}}}})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, 0x0, 0x328, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x4}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x80}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xd}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x9}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc1}, 0x40088c3)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x48}}, 0x0)

4.272094518s ago: executing program 1 (id=8560):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000", @ANYRES16=r6, @ANYBLOB="01002c9d7000ffdbdf2504"], 0x14}}, 0x800)

4.167710633s ago: executing program 2 (id=8561):
socket$key(0xf, 0x3, 0x2)
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000d972a440b72040155ab7010203010902120001000000000904800000ff"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000440)={0x24, &(0x7f0000000ac0)=ANY=[@ANYBLOB="201d0e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r1, 0xc0905664, &(0x7f0000000200)={0x0, 0x0, '\x00', @raw_data=[0x7, 0x8, 0x4, 0x4, 0x7, 0x5, 0x8, 0x2, 0x5, 0x101, 0x9, 0xff, 0x14eb, 0x400, 0x59c4, 0x3ff, 0x8, 0x2, 0xe8, 0x1, 0x1, 0x2, 0x10, 0x7, 0x1, 0x7fff, 0x1933, 0x8, 0x5, 0x3, 0x5, 0x4]})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x0, 0x80)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$poke(0x5, r2, &(0x7f0000000080), 0x0)

4.101907792s ago: executing program 1 (id=8562):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x218, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xd}, {0x0, 0xffea}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0xf8, 0x2, [@TCA_ROUTE4_ACT={0xf4, 0x6, [@m_vlan={0x88, 0x6, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1b6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}]}, {0x49, 0x6, "657c8f856bb2bb5d377d3e798375b1d28aa9ff79c5750c001846426a94e358dab26224b357e0bd9c9b84cfee21ec99f48cf585ab10ae01a9ffc67e6ad19b4103524e4f4a3b"}, {0xc}, {0xc}}}, @m_ife={0x68, 0x1a, 0x0, 0x0, {{0x8}, {0x18, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @multicast}, @TCA_IFE_TYPE={0x6, 0x5, 0x7}]}, {0x29, 0x6, "5cf80cae43926c79f74d5b5abcda3c8569302a433fb2205af13ea1534835029ea0d077c685"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}, @filter_kind_options=@f_basic={{0xa}, {0xdc, 0x2, [@TCA_BASIC_ACT={0xd8, 0x3, [@m_ife={0xd4, 0x9, 0x0, 0x0, {{0x8}, {0x84, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @local}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xffffffff, 0x2, 0x10000000, 0x0, 0x40}}}, @TCA_IFE_METALST={0x14, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x100}, @IFE_META_TCINDEX={0x6}]}, @TCA_IFE_SMAC={0xa, 0x4, @remote}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x7fff, 0x40000000, 0x0, 0x9, 0x5}}}, @TCA_IFE_DMAC={0xa}]}, {0x2a, 0x6, "5bf0c575244155d2c0b90d2c93717dda1c885ca09938b8653d174c8321a63eeb67eaf0b8a03d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x218}, 0x1, 0x0, 0x0, 0x4004}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {0x0}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

3.883350738s ago: executing program 3 (id=8563):
fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f0000000140))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f00000000c0)={0x1, 0x0, {0x1b, 0x26, 0x12, 0xf, 0xb, 0x64, 0x4, 0x89}}) (fail_nth: 1)

3.826364112s ago: executing program 1 (id=8564):
r0 = openat$btrfs_control(0xffffff9c, &(0x7f0000000000), 0x140, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
getsockopt$netlink(r1, 0x10e, 0x9, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, 0x0, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc099}, 0x4000) (async)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0) (async)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r6 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$SIOCSIFMTU(r5, 0x8923, &(0x7f0000000100)={'vlan0\x00', 0x40})
socket$inet_mptcp(0x2, 0x1, 0x106)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000080)=0x1f6, 0x4) (async)
sendmmsg$inet(r7, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4008884) (async)
socket$kcm(0x10, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0) (async)
io_setup(0x1, 0x0) (async)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000040)={0x0, 0x6, [@multicast, @random="c8138d4581fd", @empty, @random="1b8bc520c489", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}]})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)

3.490989768s ago: executing program 4 (id=8565):
r0 = socket(0x1d, 0x2, 0x6)
ppoll(&(0x7f0000000040)=[{r0, 0x2800}], 0x1, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0x0, 0x3}, 0xff}, 0x18)
sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x24000000) (fail_nth: 1)

3.404040691s ago: executing program 3 (id=8566):
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
pipe(0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x5761, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000000340)={0x385d, 0x1, "41c0537f19690cd7945060f524cdb875af5413d65b5f6f342a71406b0f796cc1191e1ecd916f54350f5cbfd5896a119fd1d5137dcdbb6a497f35099c1dd374e82b44205929de6f5a3d34c6a4de4d7fc1ed8475df44d91b190113bb920c0bf5c89c13e219ab37ae309b0100dc743f0f72109379dedc37a8bfa1b3c9c71bf823d8a5b7cca690b1d8e57080dfc1add8e83dbe05186101ff8ff3be2931f2b34c53942890c18707702679f77ed8a45f24646f47cfd378c215093d708a8c53f656993df90974147953df95bf23c9cb2caa4a5e30f10a0fffc410151f15fbcffb19002c635a7539de507c89478209e870201702c9e56ef23457a96269196f5cdd404b76"})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = memfd_secret(0x0)
r4 = fsopen(&(0x7f0000000140)='f2fs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x55, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0xeb, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @generic="12444b588d"]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000300)={'veth0_virt_wifi\x00', 0x1000})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d657461000000001400028008000140000000120800024000000019140000001100"], 0xd8}}, 0x80)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r6 = gettid()
tkill(r6, 0x12)
r7 = syz_io_uring_setup(0x6148, &(0x7f0000000340)={0x0, 0x13ea, 0x2, 0x2, 0x3c6}, &(0x7f0000000040), &(0x7f0000000140))
io_uring_enter(r7, 0x2241, 0x1b86, 0x1, &(0x7f00000001c0), 0x8)
syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

2.930370645s ago: executing program 2 (id=8568):
r0 = socket(0x1d, 0x2, 0x6)
ppoll(&(0x7f0000000040)=[{r0, 0x2800}], 0x1, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0x0, 0x3}, 0xff}, 0x18)
sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x24000000)

2.880143623s ago: executing program 0 (id=8569):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x214, 0x98, 0xffffffff, 0xffffffff, 0x98, 0xffffffff, 0x180, 0xffffff7a, 0xffffffff, 0x180, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0x70, 0x98}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x9, 0x5, 0x1d}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0xff000000, 'team_slave_0\x00', 'ip6gre0\x00', {0xff}, {0xff}, 0x6, 0x3}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@icmp={{0x24}, {0x12, "b2fa", 0x1}}, @inet=@rpfilter={{0x24}, {0x5}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x0, 0x4}, {0x3, 0x5, 0x2}, 0x3, 0x5f}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x270)
r1 = open(&(0x7f00000000c0)='./file0\x00', 0xc83, 0x104)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000100))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x2c, 0x19, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x2c}}, 0x8004)
r3 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$bt_hci(r3, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000074d564b"])
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x37, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0904000000000000000002000000400004803c0001800a00010072616e67650000002c0002800c000380050001002d000000080001400000000008000240000000000c00048005000100160000000900010073797a00000000000000750073797a3200000000140000001100010000000000000000000000000a"], 0x94}}, 0x804)

2.827802597s ago: executing program 1 (id=8570):
openat$fb0(0xffffffffffffff9c, 0x0, 0x60c40, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x80)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1004, 0x1)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000083c0)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, r3, {0x7, 0x1f, 0x1000001, 0x5069f481, 0x8, 0x7fff, 0x0, 0x800, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef10542a2201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42731b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c32768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e179100a0000000000000021e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90a14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9edb6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc83cccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x400000000000000, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
syz_fuse_handle_req(r2, &(0x7f0000002100)="6be00ff09321e32a7e0f1d45fb750f1ec1e15be572a7d646754b1e1cea02c1a06d0d9b86514e6d2afce29df5f1c8c9d7fe087f7116a341c9cbd7e536063d42367f79ccea05e0fcf72d19ca8c65612a23cc447ab5982f306298cdfc40a20a86edfb26c58e1491cae8751acfc1a22867f2c866f123215209101ec37c2734d97fb4612d3fcefd3a3c824ace75498471f1e35363631e29cc05b89e0f7c26948edbe418596cbc3c686d37d24c4e049f35e99d6b6de3470b342a4fd59bf1012aa8d0238f32d7f7702e0c293dcf71b3d4b2dc6c6527b070c12a5ae65027998d74526c4ad93283708c59afc157dd299b378f85e159970e6d3a248022714873dd40b54f4418012650d564b568730769a5f27fd458d5f535672fddbd105e2423a85bfdfda463d3cd154ea1185276b3c400ccc39953ef1af942faeff3095d9cdd9bc03374408464d4f85ab3c1fd2965b5e0fbd95a396baf089d5792b3ecc98c536c19b4d3cdf8cb499072f3491f0cf76b5f42ea959c5366ab26f2b7e2539e999d41d6bc583ba13a3f59fc4d3b37eb96374ffc22d53e79198778092656323188c7a052e0d9587a6b80cafa69a0ad770d514e5c9edc0b8556732c04549cc9f4d14299e75514d80b6e026a0f8daea3ff396aff507f89bf2ca4c48d0413f6a37c8ef193dbe07ab52e7487f4e115caa83153f729d4659f51e27939429c41a5e5152eb48e109e81baa49ebf076bb13ebdd031a0c077b18c0db18a085d5b3262cb50649b4e8fecf6b306a0430a8f89e2ff7fda3ca48fb8e2b1aad0999072f20c98466cc868970e53d6860b8fc76fa3b40eb40ab92863469346d5a6860c0297dfa94d908f1168ba2ac5197a9f9cbf3abc32fce7d14ee228d395ae53b1bc374939be6b2a135661048a02aaeeedfc755fe1df353b8e8e0aa093574321ab55fc3d16060ed0cd3e8c3f5954b745048d58061e834cfb142d027c03a69df52118f92acc387a734df458e28cd8324ae588bdcf3c12e4c492e4c14e47dc3efc9123bc189dcc677b619fd8cf34ebed6b73c2c740964072f1d87505ccc4ce189293b0c1e6cd68b8ad7a8cb8b049b8aa4f3675ab09787732643353c4f93cec2787e5ca3b96011459c133cb6947d51c408981798b675b9f9bc2186f016b585bdbb6100434e97033261967b1f6fc02bbe32e4125e922b364757008fff71df0ac6e9479caebefc5255727e8f9deb38bac48fcf65b70b7ff53b1b73682903d1300ba4fe2cf7a7c4b1a561f902d4bdfcc37697c68ff5e4f9bb0722f2be019fa57791da330e8ec69683e7b12d64ec27fe017bb18190609be3a406cc4b1c818e778c404c0e35b1f0cf2e8109f672ee2d649fb71e686930c434ad92fe5d290deed7fdf3fdd71d7409f23daab810569a01a8ae9167e558e71f84f88639ecb5ec1ae0eae0474e37ce81d73c7c93a912a56de243e39995c8d1a6194457509fbd62b94bcce0f1e7b3aca47d36c4874fd1aa8d8d1475a2af2f457ea39004dc3c1834bf20701c00416858c810bd72e8c55f4507c2187d062abf119fe91a1871e423c16964de5351c70dd668f08c99329fe189d78d7944a2e9ce47b2aad9657f8e860ab6bc03c365059528dd28350b84c06c56e87f019a0fe5a71595c7ccbf493c41fe52e907708020cdaf26be8e21d3a97c2ef6dd1de85ac6a9f8ba0771d48353b399555c5b6be41241c9de86888d0fcd5198343ad913fa35da296dc3eeecfe2ee4a56b56bf84e23a3bddc4601b504433b339468f029cd2dd9e637217e5816391010093471cd0ac2d352cb88ff5e5930dd589d1b03c5f408023c8207a1bfc2de6794a65985c1345ab256b8e7990fb8c3fe54b9b76dee19f4a7380a0659b730db58bf69efb51044eb4eaf0df5b7a07baf629a537fdef46c33c6dec622c27dc806025bc0144a3a1a64136cd8e7674a4e01aafaec604ef8356b921be7df063a2ec67dc312d964ff1c30f8d77b7c3e06588ac351a8818701c5b7c9e4b9e9721e12d0bc0731c7e2ccd0b1028e5ac990a3e45c44ba1ce8ea73a54927f6fda6cf5e52253a8ee0df194073fe76568f51c6cf45312f1aec20010db2b59d95d39c3b1a40067e6657964368e12173d71fe2f7950e5f0f3a2923ecd474b623010d77f674e52f23552eece20dccfe15c64fa05ffa6bec88d28fea4b2de624c8dd1106c86b220af9f53f15e00785d764224975efb15f290c4a6af055f7a8baeebe9903c0c9f48b53dc423997adcb8acbe7d82de105383644f9d9f3d8cc8f9a79bfa75c7e1a3f470d2448612ee26950b0affc39e98bb75a30583ae55383d376f22dce6c2cdc544ad8d68fa82e5d16b0a65c63ba4c4fae2ce1269ce321be2a0f2550c2b47c8cca190d0e44af824705dc3d5565c4c0a1ab68c50d83534fb32e7ba31c8dec6a17c127985a516ace1f9016278e85056f6288513ed706b873646e0fe3f1803ce71dc72d91da85ad5d385e0b072b6857ecf36746cceced48b0e4663b92cc349baeec28d27ff568ba9bf4d68191166cf65a13af7cf213c2ffca68b9379ea167c7bda82fa7261e2754a00a6f0b4065c57a8f9868f8247d39eca71faae27afbff8864bf934e746300d5e9a31a4b78ca059bb9c40d30bfe745336264daa57002085686f73f48474e2d4bc1e38e62ed4547a6bbd74b1d9fab3f4b2622eb6c8d32b79ef9ab691fefd7b1bfa787de85ccaa14687be5a0529f928dfd974752bde8b063bc717d2a07eb4a1651f465aa78be32457955f83b2cb4608e22a4ef7bccba0378274289a7adc38521cd8d691741e87b03f536b9196c2284baa062038a22320e6d8c3f9e29051450b16bb7909566e75e6ebe423fa88b7f395c0dae22f027efc014db76ffc4244dfeb4d014809569caed95c43f92486c8d9cde522d403efe788fbc3b54ac39e90bd2f2dc3f3d66308d2df22d9602da5ec2133f296252bf0da014020194cf9ee65e7b137c5488401eba99def61e721fa3889d86ecaa5d5a3e4c8642fc0f9ef43186edd427402f63f06bbfa26850f2e4c71bd6387978a8085740fe4b1012dde14413dfc12052acf9508fd6a8a64f59d5756a59c806b64f42cc4466aed5327071f32fe2cb24aa62d21da4c1de44c2aab46f01c53eef1d83002437668fc494953f4951fcc1bc050e402b7cb73d61b3fae4d806fe6b745160df0a6fb6e830d18b04f142b22de9fe78b4307f95c9badbeeca0a2cb134d229e19fbab6a913ea4a0c59b59ac4e9de55b4fe2d7d5585d57c21678931d151038442fc388557da00dc01bae0c7df06ac72be56668cfd942c9edcfe77c1128a6640ad4d4a210d69d94b5e306b3848c09c61c05ec638096ceff5fc156bd34cc3c461bbc4d3ea0eabeabf46459f98f15821e181dfec54b87c9c10bf1ae64449ed9e90fa660191d38760117f9a0ae6422ad983e8b348bc0579dba87ad505c24ccb683ffd8f734b8e5f0c65e3a749d86a2fb1aad19abb96490167993fa130db74152d8984084220ad17653c01f3fbbd2e1000d3ace6ed697f0d4a9bdfb2dff49148e8def07acd5e3355370d1c19d3afb7bd12fc30e6acb4841f641672dda483d0afc53150369ce1e2523b3706f5b65542032838d45a5dedfc2369e385390d1628e78dced081b931f67dc75e23cf2b0f529fde6c9c84e4b3894c11b9f56ddc65827f68b0fde08875fa8ad3cac7e212c7727d41f6d51434a890ccac19f3e9b0a594556fbf51e84e874de4e2eeba206369871dd844f6248ec180b3741f2ab3d23b76448562207f577b10f4d14949a926b837252cdcf62af32e83001d63ebde5c1d266c8d2b43f5545dbf070eaa47613481d6c920f1801b490d2a847d7e85872fe75f56d90f050fe741d94511058d71271daf9c565ced757402c315685820c80ed1f6a889a8db0326ecb58f1f287d24c5beb5b19b94d8400aa406daa591e292832c78be74613ffc2a12635951d487650c864ef55927036edb5ec02614e5eb75f67b933220ac39f891c37cc0b7fe23ce8b0ad8e5ec9c0efbfd706f5730c142fbd5297ac7f03f4ca6f49b9cba1e9cbee6b08e936c7ee1642e5f1e3eb566c294d10fc4fb45a7239590cbdebb7a16b972a983748e73aa23be7f66a30c22610456445234bb8ba11b412eaae69b808f76d90b7bb14223b644b8860c550f3c92ae47c06a38429d66da2a414c01985d4b7c935717a4dec2cd4e89092d5dc9aefd0ac0b23481459a2adcb654063743b667c3c3241f203f81385aeef164a0be7655d02074b6710b4e2c50c3ee0747892327e8f22aaf51fccf2b715b24c02c6690389afe83e6128a1ef199234c8c9803124089382c6bed5b296945fcfa937313caf39176b741809c7c7fde30468e8875266315d9e733258b9305cd92276211d0c75c97b103c31c52c0c4dd17dc5931c5a7644ddb15ab8de78cc32125f85b78ba00d09079626a813e589dce18010f427079ec6cb74a2752c7247e7b7df37dc701245e9cf37fbfac5b1c427ba477b15c21d48084d38253a4d49af73d9f25e23333ac3a84e4b671fd31abd4b32441fb07dfe30659915a88ddb684933bee5ee9dccd45763f6544fdacfa4d821f36d7907a42ab9db72b231cbc9e1ddf2000441586eab8d59277955f9665c5e358da456d759490bf9f79462ced96372b237ab61d8b48a78612c64f48d5bd89fb6e67b0818033743b7ffb3305bcdbab0f71b46d5ab61d8190c5106813ca4435386e55e43c6cb925cf81039ed5f11df2d96c53a448519ede7e83dee8b82acd143ce0d1b91318a0f0efdabb77c178cdee559c1d2181600b6b3847e05f41234c5bee021d4f0bbed10cd557f686e8b9769780a13df35fd069855fd8e2aec5bb84e8d0b7740fb7fa88b823826b7e8a979148b95177a2e720b45296c280a9abce6bc5d943e394c07eed5148f86a94450569af8c38e184603abc46a59b2ba01e84225da828ccb93ca557e4ffe9e8e8b98c1fa471409f9d7b9d9da4b0f4fb7d58d7474039204faa2ab1067a2eaf9df247a2ba1b099cdfe79a7db1273e0660e37f6e8afc125564c6b8b5e893231a6addf326988bd78578950e4b2f317ffb322fb44a570587c6c6baa59d6d844454e92f89534c7d902760b984fae30ff5eff5b90fe03f49429c5a5becd275c5c670ae8d39b5faf986970492e579a8d98aed5da2894c96bf8779e9aaba84724bf471734b4d9d4db6a0ebfcb1c31f88c59d4b0f38078435f575b0e7cc7cd5f6cc9a39bf16d3514e89b562ded72187c1e550d4852e9bdc585525d02ed1d3adc819a072d82c37935b2fe6ff3c3f0c7b7fbee2c25ad515835d067ea53af1c6d0b4a9b35de653f2e5a8a1d9261c49813ecab580f368a79515a8621f16b750fa9d711d2884764e222c723e7dd94532de5d5d40fe12660fef784d8ecf2ededbef7a61b881cf61e8c035f31d3801b34ea385fb5fd3895e6789ed741aab0e5d091050f7cde8aa1f4feb53683626870adc4190554316bcea49c6ee182fd66a6ccd2e198ba2ae6f3621a6a6186a6cbd5378e6347afbd88cbff663f73ff568ed47861219eee3598520625f64f7a6303be64361d705021104d9871592d28524f5cf391e7d445746a0e9e42924760e62c955301e1ab3744f79217841a1668a6a871bf2efc278b0bf0b4b46a769caadf243f1af31df19006080d11a4f84ee4932034f48fdde875415d949438e8c1bdea8bb9899c230561482960cac0e77ce78584e35d3430af7ed37ec71f33f265d62b397b99f71aeef08e0a92e221d8ef14c82616d06b1ccafa63969a7ab145928d9c7b1b23e16acc00754ac707f6ce3939b4604baf0f3fa69fa48bb7218f3a992e65a4aabd8a6adf4a7c1e32877273393a1567632348d480a84f3b4ae31eb810a22ccb652064be040c9a90e52b59031a22abfd1840b2ecec89d16426ab31dfb83177ae08255d1424a6ddf8bb5d5adb66a7e6cf7f68be0ce5b4a56fa3463da621062ac85af5334018c3a473c5af9c5686eb9abbd24420293df7ae5fd075b2d3b9aec226e1a016c989b029d1daed5933d285227dbedab33a32b0d71d4cb1fb79c3a8e342fb4126785a3259f241150c7c381918f8f88146fb8fcf14d42ace0fd5c0084db3726575b04ef47c2bd1a0ccf977c8232e1688d4d39c88f7ab8d565b578bed84bbfa17982308a9269933ebd2f7260a67e01a3790fca5673643aff626514846dc1634e3c2fbdb0eaedb163072d9c0bb2fc129aa57618ca1d2b37324aa49972117b9ca81092eb89089659c39eaa380fd950aa914181ac98c1990af713eb834fdb2b731f2791292e9b2774aaf3a091152e25d7ea92a6c80f3217fedba12816ec910677d3381b361272074143fb51f391e6cd1953dd6cbfa33ba97e5d019fddd3da76fe350b767c8eb706a5f46a536c3103da6af42c1a5a7cf488be7f0d3a8ae4598d0d1f4f8339a63c124a5ce1b18a225f840368d390acddeac589093a753ed2e45ae4bfa62f222d4c6a6fbaee8163e76a0bf6291619d3b4af530d03c1769a456ec52491996c6739290f4cd325e9a3c1f0db9b079e5809859f6bb2d6cc494a500862179b65aa65ded80971e60dd9338dddbbf736924626aae8d65fa4a32e8affbf49b5b20c546520aac759594fd996e5f573e8a359dc4192c2723e05d7f8d212d78a03e9a7ee41b3ed6d098964f77e1e96e0e6641222fa247757998d9e9d33787079d1b0913f9b6fd0163f7603d4bbb7430738ab618026ba0526b5722f7c5b155e9c20209ebdac884d4afc34ee32420892acfa0a63d93e1aa4fa71581166d783abe45cbfc66f65c75b803d932dc3a40851508499001dde84fd3646ae3743c1edcfe433579cd41ce625262082cea3e4f87ea17f26c2390e9c134972cbe8291c500ad925f896aeb4d652cc01e397ff9eec6c4ab32432f61f90ad6f24fc2f24c47d039e90cbdbdf97ea2c0b1ea6562c1ab651e46adab86814e14e9196366e6da5f16c743baa0d31a1b14200451df59b639dbf0ec8976e31b41462268a66d3fb55b0fb344a587890d92d7df87244b517276d6cef787cecdff92e2293d0d2e51228bba0ba3ba9e57483147727a90ab99b07498a1a9c46cd32e0af493e4c092e515ee9541c678c3566092e62a14a566e225741102071811d3306cb229b8c08da4119a565f9a37c06a983ceef668e7e97df595bdfbb43b0350fc823bcb53630508b3e7a42ff2ad5a8bbe83811c35b78578fa4842122ac76be6e7cd68a9d3ec8c6a3b83edc1f545a1f2a74ce5212f02ba85e104c0e1d21e4f77a7a6a0253fee2d486f65abc1d15e483b7fa87633e1c02e6f5aecdb779dd63af36c457905b2d4bf2c19cd4a4d2475245c45f3ef767654be5c17aa9b3e20f8019d356324baf677e4604e736c2a8b289874accbcb2ba300f063fae2c7d447f9a60daa87592275e501cbe880e7b46230659a7d62fc069ba7bbbbb71cd5ece453a692e2a3620cc8ccab581f4619963b1823c401b84092580dfcba08f63c14cef7963bf6af2d550e2fd43dc2ce1a5079e9018fe1a6ade4496b17f31dba644022c1bec7f7a345f2f02fe4eae1fcf5fb377fbf33c4774843cdbf1357741b0a9be5b403345db08d6ce70e4c5a18cd8725364b4096b69863964dc596cc115105043f6d80603873494c177b886299ca479d1c12a3547ff136a203282df0bcda49100de02b368ea5124385a03280d15319c5a5dd5e150b6eb19c969ca5f3c3368bdceef985c1ee957d5a61b3b9eb1c25e40b280fcec638726f78747dc2944e052c184cde480a6db7a2cd7b75f34cabcb2ca0e105b7af8c5d480b1cdb47d3675daf2e621db6e6e8924c157a028e860adde429979536c0ae06d3665e98166181eb47061fb20b4f0547daa938c54db21518a980ca5670a3dede7eb479497156b4998d11e838b6f112d3dfeae167bc3a8ed7c617fac11907094f25b0939bb9956f7aaeafbfa452ed4ec91b2d1450a43946096cd104a90a73d733da92125de061de39cf8e3d582e80f368b22c66cb69b86677a0af3bffc828ad1769a223f0f98e0857b60bc82f739fd6bbbc9a150830e1e850fa3bbd587bd9ca0fc157fb0b292cc91365348d01c435e2641885891306e177a108712290ec2d1ed3c6ac6d1c49aaffed07b6196787667cd8a7af66a1b631f9e9c6fd668509b7a2e3fb848d99e54e298742ca771bf913e50552faefdc0761a0b1aac3a38669fcead818c26a385ea630960c151199226c23d2b1c9ee42f864d4fe05d22eb826a80ad0738daa292938a4dcfcf18a60642b2b27f0e4998b0569e79c5dff424dd324641eea7b929d13735754b4ba6ba1540bba6b4bee8d3ee3c8eb8900e9c7e36854958f5b632b111abd2f722e2bc8aae4f112f488d8c1e68ba32fe88a39773ed81027a14cfb877ece8772dab7d360fab7cfdbe31a69d218ebdb7b0e42fd8b775348171f0f8a59386fa4fce2fcefefc09cc99a477cb856376541ea5048ab8fdda87ace560a565b2fef28327ca537eea30114a0581fee17e58ed375377a23d8ccbbf757a38aaac794a2630c42f9d4ed91cb886cb5277134b02ab691434ce897c5310472a691f99785cfda982c8e99bd2958589258228a7624137acc14a13414d06f6aee835b3637a0e7367a010652a076b2945fbdadeef39d65d503c18dddf7320fe07873331dcfd16e7cc786cac00d0934cbc6b024547e11132e413b7e5c4f926202128dd1aa76a39065a4228f109bc3327dac7028843868c32fc5d902e882494eb3cf81a90212434d404cbcfa72722e3ffae4079c2e6333a94d5f38e2a2948a01c10ef1a3adf58bae5b5629be02a1de64a201223c23eafd61a5be59c40188fa3463fd64e98f0646a9338bb9ee85f3ae5eabe370727121b4d8559fd32be127a6dbae3c1a0a43ef1173973b3b3332434c6c92b3144d9fb308768ac4067eb72d597b85882e0d228c6dece3da0677d9fa6c0b13788b3c2b0c9e67377ba0ada12aa956672c58f48fa6cfdf0357d3cacaabac46dc438632b1e7edd2e120310e7cd7aa2e55884b422b88e8eb9f5c468c04f9f045f4e5db6e12e9d7330f3e625a7e4676f61f93ef729e8cdcc743c44d409ff5720e85d4d447cfed7f187563ba04add8b27b4d5e1ffdd2bd61a167fcb2da8d58e67479ebc076329d27bd24ecaabc4cb05552a409ce732ecb86a6f0a213e35e53f895bc3c4ae020ece95499d4670375f61a32fa215c956734f5aa8127ec859cac7dfb5768864dbb7591f9d91c05e365c4dbbe864d207bf9eff04c4b3047b68cebef76a7915673dc5ccafceea57e38beb9a69473a1b2ae96c812ad737db0f66e87ca2305dcf4d66369e1afd74412a207a7a2d6d97982e1874afbb6a9b420d88c542bcdf6cf3c471c7535a3444ad20793876793ae8fce30fa468a50ef241a15ec0ea3229b1aafcc76eba39f8cd2a93f23ca2b04c8ab87c4f5a8a9a1db2bbcfc17a7aedf9877b669f8c2a05783586581656064dcfd19200a8f60c4a582766a0ca5148b56cafafc0ef1601336b5398a90d1bf68c6ecfd1ede4613fb9474bba76ac945f51129543e22f14fdea4e83c206032f0b5faa83a1de556d48d5f08bc53879f492897df7a59e0ddd00825706a2ac507e5fb31bad911885ffeb2d2368616786593f4c6a28de95edf2d993dab8412fa5b16eda075a934f46967fb1643085370da9d1e5895a5ddd6898429c85bdd41b28f58cc3e106ab683ecba03253b8122a8a5b6064eca49ebf4133c2351468cd01200332fca0a00c980262de8dcde7f7e145aefe3fa56b2dd6de3f2bd1514f5a2d143457a28bac927c248d4d89779835a83398fd54e7d53d7b2d1940fd12d7bc96e16b0fe15fbf16c3600b891b3bf6723303d01a73120734be1f27d43b5d5c374d6e44f42e0df163d2797da5bb292fbc58f8ac2056dbcb85b31c81d56fad2d70625b1304c04a508d6ccbfce072279358cb065a50f4bdf8c81ddd2d5ecf2b2c2b1015051b465e5ff682c9e3f8160123334b82dfe5a751d8b5f441587bbe7bed1325338cae6a8c06101081a55d499efbf77714e43ac99ecc08965e152bc84faba1bd966f4c01879f24b451b8f3ebae04852de5efd441396a6a871f97ea3dc413174886d71748c8beac5e5d403887e818e335cfdffa9d76b5074a5dcf12ad7725cb83cde0174679c0961643606a03082c5ec01590d687ff5bf9f8b2c3a84bfdb9c25622adc66aeb7f0355efddd4ab9954e5455c2428ee4e5383888ab466bd5fe817eb6b794a555c0eea446287cce32d9efd960e58771ddfb8ee2b4133b79d8953c2ae959a5d6ce09448d50da61bf22268fd32dcd501fd47c6b72cf8f50159a7aeec6e220ca81fc64ff97014ea77b6f791ccf6625eba88f60d1fe699cb16636a9acc4067786c537623c699568112c2093663bfba92ddc1ffcfe93f247f90accc6002faa61f43e54c3fab5e04a6ea1c5415e31ab129f8c9f82c3e3191513a4af151b1d6ab45a2f0eeca83f0870bc40da6257b9ea1c6238171a754995137d4123f2a4888e73db901f70a044ee0dd8176defd5dd82d9fc5a1a0d79effaf86fdf0b88eabc338c353f5fb040fe34db18211b20f8a3e4589b212e913665506488f21c88f5aec85eb694134a557c95d9a6ab9efc089e5c9848e591e3387cc11ca66fb03ca713513b98ebc2f35befcf64792ef44411e0f75ee4da42dcadfffdf9eecb761bd5e89183881103c5019e1ef3f3d80ba27fb0e1897e925d4122fdf3b3b568cc8795adf98643e86409226f2c5ed87cf481ffcd6e21a2bf0bff07a98bed3be5328118c3cb43c05f1b740242b0855f71400dd155c888b627615488025f81fcc6f5628efaf081489683c6d259c33b591edf4c9a4bfc54802c93ffbba4baf2a5030af8882b7d53eae80720e36a15c6c210658cdffa162630ba5d0217fbbf44879a04d41c58befb8a271abf4460a2d768be38d22f832e3cfad91b90f1b576924c8cbda71bbe89c85c239fa02f69c25e5422c977d97a54954fd16b85970db963db2b132b057a0282aef92614a9148e2a1a1edfa5ec46ae8d662dabae8f8141ea30dfddac44573ff52c3f93d82b0245b03c6db05b540e614cc9e3f702467054d688a92dcc9123f71a064cc52730fc5ee94b2746c80688521cc1cdb0f9455d4875f4af4afdc67d2e389361e1328edad7594d4bc9beec8b935aa3e5e98652c934d14fd16da50d685717303186da715778856da54666448d648d32becd2d63a6503ac21e56317903d15465ac4d3765f7a05420811307f71c1dc55ce5a4cd21130487cb0065397785da5094d27fae505996c1d404399797ff61d40f2ed63fca51db673197cd158a6e9b9ee93bb37df8bbaf92f47493c81c65439d359d578244a7f83629f4323a182e68526d674f4b6b64908350253520a4e564fae27df523e9218ff84f55a7ca622fc2e3bcc5edec9cc45c5a1b4c00c64038afdb165ad0ca3d8b66cea248e6a60a1c6d27e0dd2e5c7eec49fb8227a5266aedbc4fff982ffda402190548fb63fdeb67b3fb0894b11ce904b1c194f8f36cdecddc1312d64e9f227cc4b614b3679f978e0f1b6bb7aaeb2461cd28a94b73dd55eef1d5a98d72b9d8750b2dfe3a3cec044e13a8700", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x18, 0x0, 0x2, {0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
io_submit(r6, 0x1, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x4, r5, &(0x7f0000000540)="8bb3", 0x2, 0x6}])
syz_fuse_handle_req(r2, &(0x7f000000a400)="9f6e7acf81934af02b6c299ee94fecc0ca63cc714d2ba9d2423804699270730a2b7e2d4e383bddbed909f8e4069f8c19809e6386b3d8f26c0773686b44104b6417dbeaaf6575753a2a7b688a8a64c70c7c04e6548380349f063bf74ca715137deff5afed46191ddf05bf2af6651d0fb012ebc68de41e5ee1e49cd72f023d12edd0cc82715b4b7ee6ba2019a6b101fc3ea1776c2b2b8444d7f10930636d62ebae79285faedc2dc509da3a229c0712458dba3a2ef26992b9bdefb157400814d7ce475c3288d6fa2c6cff93d7b38f0831c0b9fcda8d5a014d7c23d5e9111ccbb24ffd35542b58adc88aa9d6af995e50a19bffa9964a140389d258b77c5d241958747cb087a9bebe5c64c9aad476a47aefc68fb7b91231225ff5e15c01b8f8f7535fa4b21d74c29e4abe54c361c96ce61a813f7baba722fefcffea3bf4ccfbfab08b333ed14da5f3f0c5597014bd4a180f36ef6c5956b4676b1e2d335fee5ea478e8388a621176905ac905a1bbceb5568be4d4b33b4779728b60597e4232c61df0e7ab9918a4f1fa84986b00ce120e3a360f00b304b8eba6c7e73003abaef231dd5a417674f2fefb4a1e2c0f8c9479a55794946ef5683618fbcecdd394eff001a60a0d06fe6c2bba56252b37ff799edd7ee8cff5066806e13372c4675bc824cad70e4ac5cff06763ed9d10f4337317d770cee2ccaf086683cb25886fa718553506381f9294e2090bc4b1ec4ed0c01465d45128dd8750fa3f0519600dd483031bb6ead99bdbaa47ff2e7e654561fb8b35f0e1fa9aa3910fb73f522917780c03564e2d445a0192b223392252f7d8c2e78bdad723c2345d0024b212a2694b8eadc12aafa4693bdae9ff58968a57d1483d4b65424c04fbaf3c20639c020a0b4e3e2960b6630101738356316469526349d2533771860e1fcc7de3668c0cd46c13235a9f4eeaeb63692e61e0f263988d3512b93e595f28cbf873329b515a245c33aa8c22478a435c3c8154f8008ef7caf90d00b1b8f5d494e28b8a9c3bc1026602b6b0cb4eb5526762b384c7ed93de0d0dc920087885b6f0fa75ab3bdfa64057a1d60386e9f6417a8c352b8da660ab0baf2b9ac3c0724d84fe75c3c9b362438fd9d5eb331bad5a655d4b27ab05ad38c1638b35dc6fe7b32935ac957c52534e577ec63d85ee164ec6fb3fd741e929d9b1d65da4f14dd7daa516963bf591dace54fcdb40ff5688aa6cf31b5c887cbc77e0f0099d88ba675e7c6cfd49f539f38c0fc93f90aa09f56a79be4d87deb86063d3783459aaa0320ea923727f551ba05e1f5f4382de6aaf575cc4bf6ea8c0fd2091b62b33908eba434118d1997f0e25c386ecd98aa276e3c2394189cefca1f215f211893671f6fac58bd5ae0cb4527fd02a9017fee75c520e7985dd0f23083b9015753cedbfcb02ba0b53087b6cf8f13e8d003fa67b4aeffaa9eef5c0ca67ef33d5d0462e971a58eca9b0a531fa5b79f49afcb0d1a5d0c771bab0b8cbe8f4eb62bd2db653d40311b4c36c3f7e99706c0900e52d62432635b6a4909999328c4686c26f55370b68bac6572c7f0afdca58d1f1070b64dd10e06bbdaf225bece2e0aa8f6962af9128330ffa67322176e98990fae30cbf8861564208c36c2bc75a7f54889aff3072a4a398fb88758dda08cfd870d6ce8286effb33a15c47aba2a712782006eb1d5a012de4b55ce972804a2a49af3f7856e334f7f51e2b1729300a65f60bc4373ecdee7bdf717662ed6bfeabfe63303be9ecd4f8fb380f2cdf701ea4e319fce34e6f6d6b71dbf668449c2fdca7a339cfdb3ba9b7662439b4e96dcf917e739fba7d00da72bbf31d219111248b4b667f5d6975215eb4292b049e32885343eea7fc628a9ba55b54453b5407aaf7526473de81a28a56791677f0066c2d4f7916c90636dbc8dd25b1193bd479d9cd9d289872db2002a934528d580db05d7564801ca1ce24505e656a3272eb0e4f267083645596cb3f82996d468ede2623214bf48518e92f6f147f77b458e87d1aa9d6d24fd8851e88f36a943a60b77603e281aecd7bc0d05dc9a14a37973c3d7c766675fb46eb74e2ab99d7d0b871ee3cc10a39b8dc01114a9274621b740c63239674c04b55e147c258f49dbffd41a5cb617f779789e68a1ee3a21faa8f81fb117cc3425c7fc1b91fc5c7369b64100499506e5ecf6c5f69f5ecf97ef5d333f79292176b4d2a5cf3e39cabfd7ceb1e32043a7d5defb5ce606fe6ea8ad737b9f0b2587dd406a5e4bfdca91ee031555e5c423b0cc7a0619d4da54461cc1ef25dff5d6bdc7955708180cbc38614a7da063c680ca36e6fc60af579ef53e5f8be52682a51106031ed479fecc1181622fe5bdffab1e39d3ab82a99dcf34505acc4284f922c213121e85b106426b810114e8b75c3a16b462886e4edd84e4a9614455d81cfd5d388ba3158d0b1c987506c92841f1e2706cfd7aad713a7f2a6000af12e5b78cdbced46786563688d9b37cf463b67e2771f0fc07cc785eb5b547d134dd74a75a4d156451a10d5855284fe665631290d899cca2d7adac2e7037a241f0de55b2ee2ffadd725509461eb0b24951f033d5c899edca28bf74b6fc30e225f69561cde039eae98d9a2a2596b1ff9b6b7a8d79495717ab75515522a4d85154875f18d39eade46977c9c47050b699b8007602d90dcde7c34d3705cf386b6a33638eb2bc8b47223cbd93b2b542e187eea96f0dabb6e40b75d9378e24547155d51770506d64c16577bbc5bb4f0550abcf6b330559e0c43eb3758c424ed8ad7d24ce5c7644361c904b803a7e6960da1d7ef21f5baf73356f02a8956a82e1633b9c357a1d4458eab6b256d7617954060ec8fe917527cc3c1410630a7d478e8055090b7c45610b94a6ee7459a4f7955f08eddcac3db2cf6539fd105eb6d9f269dbb96a394aea074fe981018eebc6e80db4bdc90fc221d381cb88ad9379b27d54e2699a28227d4d14aea3183d3b9a46361ce1fa00f227d5d7a36387f63c186fb8bca8838b2b95358d8cefa780f3417f283207a597a8bdea749aeb2f7e59233fe895e6eb4fff3c0a8472ca690c754f99f84338f546af065461162d89a39ab123eb8f0b6a387a2333942465d4152548b632847b3afd44841e314b7b8190a01f9512228af53b38ec17b86995cb9d990e7749e7ead52213071e6cf38cac2f920d6eaf39a954189200c079487de71294269472c56b71f379c86292ce5234f07520bdb450db1b738aa7f9ef4e32a61400cfb30f8169f1b2d88f77cff72f4cb33739ec3ec04d33b4c92b1007e0dd129d69c372677094e1bc2b3d5a644d643e82c96af1480e63c0beb74efd9266330ef3c9f28c30d1d6dd509659ef3e00b67f809bf15f8e0741bf7eb84c64fb3bf504854e9130afaf121ba61c043f0230649d43bf6389216a32d5fb5a86edd5521d4038b477e3f231f7e71f25c7d5f84e9b89edc361707c1e39de57048f303f4aa3b7b3d931632376fa85e7b1c37a5b3f99b72937da2107871bca53d0e322029ac3355600f0c62eda2300f81436a9ff7ba6ccd16cc179e18d5b6987de9e4e3099b1106ee4d4eee68dd31861c448e4dbff11b56536e8a7fa57dcdbd250ee99c80a8a27f03f7a815983cc0e20dd7b6c38a2c3cef852e96d20344fb677f70e9c080b8769bb2ca813f9bdc25c9f544c607f0a89727d105b36adf3a61f0ef084180116944b900c1d70f010fcf545e6838b11b2c93d8c4b4872d139dd5312b191fe962c851024782150587be3fded3177a19ef85c53cb6f310b1c69195b56802344289331f3791a97613ddf3342982d2e18a96e0fa0b9eb21ccc65bdc10099c72dc74ab56d8b58809a78d6e184ac07eea66d392c299f3cc38fa1fcc0a75a18cf751073ae72aaa6ab702631f3cb36301bb57ccedca318e8940e96c15b572f0241ebb1cb9e4b34210f6b9bd1a7292189e32ff646e2354bb1008b07df1e81b8284f7dd0931c336eabdfd1b3c6582da20566f1fd5339c1ad80fd49cb3d478f7470ce533c5ce6e6157f6da33550b0971d97f057b9f94a7b6fbb88b474d9311dafe9024c5a8ecf19c06a3b4ddfc09759998c75316e6635b84c0c0b9d1d1cb3c707fedd072d95468dd4e4bfe58043b2b802ba23951f5c56948476e54601095bf98b718418f827c0ae9cd9ed1a87ba14ac57683da87819cc1c4bce40bef6fa1aff209e72ac07eec6d036abc77629e9d292ca6637ba0ed3b1ad764a6d797aedf1d86f30ce3e5a2d8a757e8950cd89931d7a091a5bbf9816bc83aea1df3e86c95f5280df9ff90b9da2df2e6066d331b53fcd498b80a06f9a843d276a39172d7e6f8d9a6a7de624a0825e72dec833c376877dfcd460f431ca2f8fc7ec4df04a2483fd6ab038871aa9878f22bc8d5f366e6e5710b7da6e4bf6c9b3fce1960bbb0a074915077cd460540b5169bc0a771c520ab73af4784f0b4caa256c2ef5baf25d8e547fa77512b21709b4bc44b5203559dd96d5dfb4a09159d23513037b92e8c53f1a3873a3e416d7d2f1474ef725e1dd2f25efd0378b09a1bee880a28c58f9c21c059b5faabebae15d861c0ca550c006c96f5d88d624c833829f94ea32f489c7be04bee485211cd724b3f5f95f7201392cd0ab87abe82ddff3c72c729901931b28d3e30b4f9e49cc35f4145717f31c79fd89d553c02a8feb97ae7ee17c3239ee77406610b947eb24070f95a704b2ed0e031b958811ea2051ca219a366e6a2f841ee295cc497068e03cda36735c73213defba2e8666b455f64da077b6cb232092c59e5a52a28c3ae941fdd50b4d31dd623428d3f837721a438a57026a4811563bd4c2e08a7148e3287f19d04c00a8804a8a3159e6987365ecd8b635b98e805e7ce95107a332f1fd773fe7b481a6b0e2995c5cb129ca5ddd615341add0036cff12fbde0ff11c921ad8ba7e52bbef6c18911cb59211911925f09aaa9227a9c26c73ced16e3b8f03b90ec0578454cfb3373c7fc1bee179a47d736ca829da40617c5c32b841309fa40fed8e8fa0198c21bca8c7803b20b4c7b715e880c255160eed37791d2747ffc71856bbce594557a61c0b8141a69ecbc81b9cd27e5a03217fa0dfe6734c63c66b18abc748abeb03f7fd4dfe27fcf18be1872563ea7b15b1e33d80907099cd7f7152f8d67b00dd8afcd960600e2adaf31226be2768680f237ab04cf0ce9350de5b139da1fd36cb9d0b88ddb8d197407fa31313b747051e3c4acd0448f4e1916db21ded7bfb73c218c5eeccd4f908e2127de7c72b3bc94b8d62bbeae371632efe2ab1e9b2bcfeb8471fbf09ca36d2874127dec4fd27ad4876e2c9a6e59b5d072343302ea456ee4848df1c4a0aa3b022db205d8c43d45affe6b8787756b83462c5907c4f65b3f72100213fab82218979bba945ced50e322d7186e3d9ad63e0e6df6fa9159b058d68a6d615b6a6d6a6fe6bc7fa9af550b88b39e16edb1040252cbfe89f3f50c777ba7522b8cdaf92faf74bf34b0b72f3bb45ec97122620e1334c90d4aebc1978429308cd5c3a0965c35af70f5ceaa6545d7c10c3eb50a0c61ee322de372ecebc106cc11188b4688556a43affacddbe3b33a435cd8fa6bf4e9de0b1e78350eeeeba62915d88bdbe777b4846c3a96a8df2b23ee63957b46a2e4cab6e4d6729c40147167d6bc5ef13b66a9aa0196e3c40b52746ca9e5b93ccaac044d025505edece73adf0f72d53d73f81f57b893009e4d90f7cc8a65c059c1147e314d9989c73f85501afc952d5d308e1febfa3f1cf911384fa8dff343b8a9113a50bd581ff4d28ca21998a17ff8e3f7471ff045f44bf2e2d372b124ae3881411360124d6bbf279a4883f711dee9cce229fd13d5b0be879a2b71cf27feb86f1c29a9b5be1d99b130d4766a940daa65c02e71447ea963cdcce59a1f604d55831acc321106518b8009ab5232dcf6d924665eaab3d7a09ac29bf32ec61f06f27b5e81d1053aa73266a27379c321a8ecebc4029c2380ce73b69036b45cede192d5745fbb998bc7fe68dd03c3bc099b7c295083fbe940b8e912d106b912eb7b5bda60649f6b3b60f397680c552527c146463eb40e8e33808a5e3ecb0f8befb7548b9d1efa89976ab04589c2841b77230ffa5f35961fba0c4d83c43e3636ab335473737df29718da38c8fcbcc1a4d09fe715d1855cdea9a7f27fa7041046231fc9bec4797b52f33039aad767516475d54863837ed565eb0198f4c798b40b7e974a6d130e82f4d8dc1bfe09ba2d95b9e010d0f6b7e43e02ab6e8cd407fcd4a82ee3d8742e257be5c869cca457430b6acabacfe2f188b1cab5b68718cd4969109dfadb87225d24b7ccbd124e33554a42ea00122ad34115b5e1d67e1af14ceaf593b700109d0fe70f5265f7efd0c39a209e87ff1b23d0a168262d4440ae10027113a7ee1782b1ef5c2d94ba29ad17c19e2203a144a4148a391754b6c1ab592e2f93c6202449d276b3326f660457e0e817bb9edc30117b25203039eb6968261996cdd5f4b5061a6c92465c52053c04e2959c7ebb1d2d7f897adcd59b4d6956a75e0d5a932a1e87a1d49784d9aa8613831b5093c1ce1c321e53817dda92a3f1b724df966cd1c4bc6effb2412e54e2854928cbd7d87cfef8b211d1ed443da28a10d96289220b47754c4e078deb3efd909e44a112eb2f842e6b6021bb4c90170877b9a34c0bd34313d61d79dd50df9cb46b47fa5adcf5843622e56654473dcff27d38fb492c4bc4890f235fa30742916bd0f89009773e91d18e90732032dd79e023e7862192cb5d34d702e3b636ef92d0ecf94a380e3cb246899fe6e020bd486336d8909d523315b94f317b8df72a3b6e8ad71c8f9a22b06d534536f90facb8a4dec9ba91132bebbb06ed1ea906ff3d243fb512e72678b0ef6b258b692d58be4ee06de176df2fac98bafa6e644d97929e8e7894539947289ccb226ee5c394ba11f34a6fec30d0c8a5c97913d707ad26cf78ea34c9f59277d4767b3d36155c8b29308c8d3f5b467f86118c4aaaea00ff575ab0c0885ab768161ee4407724ff4f33b3be1e5fd754aae7219ba9cc92b3e18b8e4cf206df7ab8b90ee7b67ea4e983a822f292676deb78791f0ef1645df16b55bc5d59cc4fd420029bba81dc770f3f6603ffdc787da5540db746fa3fc48a10755afe92461494441f0f9cc97adef4390bf17ae415cf3099e6fe564d093e640292a620d8a2c825843b6f3107e9a8e86726542e8e2c902732a77cb5bb2ed8d06052c56d51a9ac370c9d133d1a62e9b50f3f95436d010eb92a904b88ca3592ca707fed126192bb834426c1d24f2525e8f0c0be223ec487e319af500d91c4fa2b859229aed94c1c425bfdc609a2ff406fd3305636c0298efbace476ccc79f4b41616dbed1e5e85357a6b5681b53b2794f09faa6791a21bb02c24f1441d02de396b93aa319846f36b5a8a05de36ee8a43717b8b128d4d3877edcd0feca6ad46cd43a9af0fc35a2008b8c3f2ee68bd787496c50a3387d0b74afddbaa502b79801d3cf6dd90246cfeb82882efe4a9e2967a81a3c896a2a4a7ba89443fbd5b11b4376bccc64aa9436fe668fcba169f4fe8cbe835ebed40f2c3a44381ef428055b31f8b137efd5ee0c42c0943a4b9ef475097be3aff6f341528c85fc38ef8b6b3dc10fb4303278faf2db2da7487dbfc3c5d13c93683d50364f61577b97daa1c8f738507cf486f69161a2d0546bd43ffc78080d62dae4a2b9ee7d9402f5792df6a23feb0809f225f4e7f98051dba043da77f91180f36f42af7d7ae1e61f59cba4aadb160a3c599c4cbeebccf61cbef072b0e68950225e8a112186062e82e527d8f15088ad92f5f73e316ea0bf696e2e15b153f2e5c6e59bd6369157e63cffb741333fad6850912a6d6c4ab8538bc904ea1c32e8f56b1795a4fab16710d521051a18d210a6f1e2f81f03de13cb86e65343ac93cc85cbbdc90885a24422ed257da9d91e9f5a3de08b5b1e6b905837eb6c95aabf3faff8222f9a782cc81b82dc91a388b9187b706971c2358b8887771d054aabd7a7fe0a7d3ba75ef57dd3c8212077f94a0cabc46017092eb687bb9a15f741f029efcd22bfb5df61d1f595b1bd8dec3374a510aff5479c6efdbd3946527a2cafdcd02690c437c8cf58796d643d32ff6dbc2fd353328478986e3ba0085e1e4397b48a7617ce2e8668347df694f60b1cc51cd45f69d54dca80f4c66c65430ea6d4ae34ff6a5a85327f92dc5f8c64a67a9e776cf3d428cb84399e480d5e485369ba7249a81ed9bb5c186f1cf777cda932dda2fc23a8749c04ebb05a176ec88fedce4ff9d9582ac7db9682baf4ba415137b070ce5786b7f36b09112e8341c3a14531128ae00d765d96cfbe394b0d4aa304977e7ead890a78ff760ab4f719cd7abb0b20d344f4ea83bc3dee1fcc735cde108e12847462b50162a5c585498532161ef4b7dd5b5aa87f433362fea6afc21b4273e8db17bcf89db22232663fe150a1f2f5af5845179346aa18f4f9e618d1cdb7fdaf81006919bf2aa3fcffb1eb140108c09a4f8810b378d3d9efe9d37aba27058be8317efd1e5f90394888d9cad4e27314c28fbf341c9f3c3824f7cbd58339a0d6cfb64ef1905f6d2c0fe4a80fc04f1e73a008506316d8390f2b84675719fcfe34c08c7601bb166a37e55539b668406a2967031e722295bd8ae1deecfc8691814e46fd8ccf5f58f93a37322452e867028ba366853d229e3a0c61075b830904e484ee8adb8127d3c9e17811b5141224bf478063d9b52eaf73a0dd1b8a281ee7839d2bd7d537fcf9979a51a9a6b2c6907aa44aa840222bbd9714f9e8626ef2ebff2d94021b3be5f39daed3cb26921c57c601a398d339dc9315eeea4df90c72f42abc0e2ac8ae89558c35918c61031e1c798fa5ad9b8d94c11e2011c0c7e30b8bfa52cd3613f837bc979a61ab73f971fc173f6bb5642eb2edc1623ede4a8758c115e7b9e32fb48ba90e39f55e4e1e5fbfe97db6f6470329591ec5957d58e542cfacca93835b92f78f60a74acb8cc5755d84b2bf46943420418eaea5dbfa2fb17515870db66cf3cfed26a2414e34200b2d762f733657e75481d89c1696be88f962f589f8973abdf8a6c7c8547e55a3d662bf56ce8699a53c73ec390e7f8982bd44f26233a41c5e41238b240ae47a42a7fca5d386f53fffffd8802a554663f803fe50fb72922f082596c6b8337d3a2600381d01a8840f81997cc34be82ec8714510ff400000000db2cc091093e167c6773dff5b9f532fb33245836a556dffbdd13eaa8c141a00408f0766d3a55b45f9f91a80a2302890bc778af00a89184b3614c460000a73625ccc750003d87ecf9b295bb6c5300efab30b25c20323db671fec07bd990ec75f60c253fd0bc557586ce64b90471a2ba40f0bcb6950811e4636ec8ae97ce43e33a293b08ac7377fa6df022499d806bcea8992fc254baa0d23c769ac0435d5b227f836c1bde880be968ed817d6a58258fa518621a5e34ccbd57f90d4a78fe3348854cba6bbc19e3825e1d3276e597552263ef3feae6cf2e7e100e4394afcc113c48f58f912c75c79a94c5f1689f461f7df51965fa337bf9ef0333ae4bd0b9c84053755636e3b6d9d42eaa604588fb85a06408d267ce62c2e0976be0acb1b23648b2cacd9dfd513fc10b65e5bd2f534644c3c0e261c50bc17ba38d5e83814b44b6476b00529c3c5bfaa579ddac61398edbd4effd253fa51d17b429f5417c4f008bd8418875b538f84de753c558753469a44e421d0741edc8d3a53e8d0ae5d7d3e23dbcba355cafc0507b83303ba4522485cf6906522b9a57206ffa0281c53bb2671662291261aa9f82b73875329cb2c2cc5515155875355d993d94e74e27a38edebe1d0f6d8e0bed9814add258756c68778a8965a45519d9857e766e8ae6c1fe245e61c2aa0ffbb3717ec3e5a58be3328fb19112185296e1b02a2bf5490728bacb5c7f85e2807a61532c695fa4b8b82363941ab419c6cbae720002f98668c23c4a85764184a77daa670b17363de420053647b053d04352b77e414b4af474597636c61d2d4de4fcdf64dca70f2f9e0a8c3dd0df3735101f29e20ef789d1f3664cacb600b08f2e7dbb997f2708eafa7181fbbefc99bf1a0c17f42bfa3e6e1ab6d46ead3eb98a4296a1287336e7982de861dea9b66bbadeed3474b1c7c9303c4b894a5296b90690b28751d305b56fd5c52b5e97c9be4a449f60118177b34fc38827b9d87a55e514cbaae367a24debc0c95dcecf7bd3a5759ff05107dc5b6927b950a3a1c6911217cd134676a1c00b0a528fa6be8d241665afcdf0e719842803e705b1131dacf0a05e804a9daba85fa22cb75fe3bf99e4174c37b84d39b3d8a3eb01a8b04e857032aa4e0d8f3278df1ebee49f3ac5612854d5fcba754eabe509f65d4d2bd74180460aec4c4432b4ea3b94d66b4f2c1860c9ddece2978bf3e0e9664adfb326151aebeaf3578d6e3c11cc7807b0b588677ef1f05e520460d4b99d31b934c68c9a97105ace235910b86dc160fb982f909f7f96031145b6d2ba68e4729ea849a90808f73ae8daee8f742b6aca275d3950bbf8abadca3b7ac84631bed650039f203e74823ded486546d028832d2d75fbf58296d2dd9e4f22f5ac33c393ab9b8b89b1305435f06cd43717ffbc4b3f200ca719bdad6fed834078238547bdbaa609e7a086c1043285285d4c20dbc6b45bc628752226fdf7bedf84facf02300b767df32c27f005e54b661f9229450b638c3215f2db8a0b2fcc84febd5fa01ce24201fc70702308467a7d5bf437c83c850edf3eef941627ba1677397cbb12f55f32ead50f98da2b31194bf730ab980cc9dffa673fdce59a5df35986f5a5d409c38d26f60c0ffc9b58696a3a9eb9daa26801e41a5cddeac8d9106fa4052dc73796c2b55ddd847c7567eeedc602587370af6e8880df1927201df6d177616792b677dd5ee9dfea7667474a6383b341a340d20f0038e059819a311843a3b5ebdf589cdab4b580c42c74051286098eda1b24715551f6448f1d89aaa1349e68534b469691b6c6aea97034c1c188f6e8f84b731b516fc832e5252116b3fddbac0fa9027f8cd51b0e8aedd0e15f612c70ba9960ffdbf15198a1c7e056ec28c189b9e296af0452c3280aa89e52a66e440ac7b130c2a1d02513d520f1f82e930184f81fceed992c8c2e90f2977258c220991fe8ca5443f284b926e511e37e53ffcfd3979ab5792d80d8718633a7ed26d2661363b9a8fe52871e61e4f856cdb81620a8af38f093d8259aa2e8d6151d42238e40c29da3e6eecdbda7626858ff7ae1a6ebbfbd5063949d9bca041b78aa650e892ee099662c66c568d0dbd4ba4cab373d50735c74989b9ad0f0b34fbd8b29fc11774bdaf0cb6a543417c83ebabbe54072724cbacdbbff5afe3bc905639831a8cad21e73a4d0e272bf5a573b703c8acf28a6ce9b77ba72ae3cb42212697bface04303dd6787b8258b2e1678c2003550d60334d45fb8b65a281edd7b74c2b233fc1460522b6bcac6b80d67a9622931f91ca51856bd6cb8970abd4da5276218be0225fbed329b4c2a1ae548eea5551ddbc00", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)={0x78, 0xffffffffffffffda, 0xb, {0x8, 0x1, 0x0, {0x0, 0x7ff, 0x40000000d09, 0xfe63, 0x3, 0x4, 0x4, 0x2, 0x8, 0x6000, 0x35, 0x0, r4, 0xcdb, 0x17}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$6lowpan_enable(r5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x12)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r7 = io_uring_setup(0x3450, &(0x7f0000000080)={0x0, 0x1539})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r7, 0x10, &(0x7f00000003c0)={0x18f3, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4088, 0xff8}], 0x0, 0x1}, 0x20)

2.689035298s ago: executing program 0 (id=8571):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(r0, &(0x7f0000000440)=""/176, 0xb0, 0x200)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0xcc93f1266b77d0bf}, 0x8040)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munmap(&(0x7f00006bb000/0x1000)=nil, 0x1000)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000005180)={0x2020}, 0x2020)

2.252140979s ago: executing program 4 (id=8572):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000", @ANYRES16=r6, @ANYBLOB="01002c9d7000ffdbdf2504"], 0x14}}, 0x800)

2.03539324s ago: executing program 4 (id=8573):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000a00)={'wlan0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="02030c65420002000000ab5d71acedd7c9560385dcb1080084d7dc039806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (fail_nth: 1)

1.611335351s ago: executing program 2 (id=8574):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r1=>0x0})
r2 = epoll_create(0x80)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000340), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080))
epoll_wait(r2, &(0x7f0000000100)=[{}], 0x1, 0xb6)
bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000200)=[{{0x4}, {0x2, 0x0, 0x1, 0x1}}], 0x8)

1.611189827s ago: executing program 4 (id=8575):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

1.590400132s ago: executing program 3 (id=8576):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x8, 0x4010, 0xffffffffffffffff, 0x9ef43000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
getsockname$unix(0xffffffffffffffff, &(0x7f00000001c0)=@abs, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
io_pgetevents(0x0, 0x8, 0x0, 0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={[0x9, 0xfffffffc]}, 0x8})
recvmmsg(r1, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)=""/70, 0x46}, {&(0x7f0000000780)=""/4096, 0x1000}], 0x2}, 0x10001}], 0x1, 0x102, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa15, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r3 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f00000002c0)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000240)={{@host, 0x804}, @any, 0x0, 0x8000000000, 0x0, 0x5d3, 0xffffffffffff7966, 0x0, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, &(0x7f0000000180)={{@host}, 0xfffffffffffffff8, 0x800000000000002, 0x20007fff})
r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000140), 0x21041, 0x0)
ioctl$VT_SETMODE(r5, 0x5602, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r3, 0x0, 0x1)
fchdir(r6)
socket$nl_generic(0x10, 0x3, 0x10)

1.441103493s ago: executing program 0 (id=8577):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x130, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xd}, {0x0, 0xffea}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0xf8, 0x2, [@TCA_ROUTE4_ACT={0xf4, 0x6, [@m_vlan={0x88, 0x6, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1b6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}]}, {0x49, 0x6, "657c8f856bb2bb5d377d3e798375b1d28aa9ff79c5750c001846426a94e358dab26224b357e0bd9c9b84cfee21ec99f48cf585ab10ae01a9ffc67e6ad19b4103524e4f4a3b"}, {0xc}, {0xc}}}, @m_ife={0x68, 0x1a, 0x0, 0x0, {{0x8}, {0x18, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @multicast}, @TCA_IFE_TYPE={0x6, 0x5, 0x7}]}, {0x29, 0x6, "5cf80cae43926c79f74d5b5abcda3c8569302a433fb2205af13ea1534835029ea0d077c685"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x130}, 0x1, 0x0, 0x0, 0x4004}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, 0x0, 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

1.391877264s ago: executing program 2 (id=8578):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0))
r2 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad3, 0x10, 0x1, 0x35b}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
r5 = syz_usb_connect$sierra_net(0x0, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x1199, 0x68a3, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x0, 0x80, 0xfa, {{0x9, 0x4, 0x7, 0x0, 0x3, 0xff, 0x0, 0x0, 0x0, "", {{0x9, 0x5, 0x43978451d8f6fedb, 0x2, 0x40, 0x2, 0x1b, 0xfe}, {0x9, 0x5, 0x7, 0x2, 0x200, 0xc, 0x77, 0x3}, {0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0xfd, 0x32}}}}}}]}}, 0x0)
syz_usb_control_io$sierra_net(r5, 0x0, 0x0)
syz_usb_control_io$sierra_net(r5, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x133d, 0x0, 0x8, 0x0, 0x0)
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r8, 0x4008ae6a, &(0x7f00000001c0)={0x2, 0x0, [{0x3, 0x1, 0x0, 0x0, @adapter={0x2, 0xffffffffffffffff, 0x6, 0x2, 0x7}}, {0x3, 0x1, 0x0, 0x0, @adapter={0x0, 0x6a, 0x8, 0x5, 0x3}}]})
write$uinput_user_dev(r6, &(0x7f0000001940)={'syz0\x00', {0x8, 0x65, 0x9d8, 0x8000}, 0x6, [0x2, 0xffffffff, 0xffffbfdb, 0x7, 0x6, 0x7fff, 0x6, 0xb47, 0xb0, 0x8, 0xfffffffd, 0x7, 0xf, 0x200, 0x892, 0x7, 0x80, 0x1000, 0x6, 0x7, 0x2, 0x1fffc0, 0x0, 0x3f3, 0x7, 0x400, 0x8, 0x7, 0xa0, 0x2e8, 0x7, 0x94, 0x7, 0xdb5, 0xa50, 0x4, 0x7fffffff, 0x9, 0x6, 0x6, 0xffff, 0x80, 0x3, 0x0, 0x1, 0x290, 0x800, 0x8000, 0x7, 0x3, 0xe, 0x7, 0x7, 0x582, 0x514, 0x7fce, 0x1, 0x8001, 0x10000, 0x6, 0x3ff, 0x3, 0x2, 0xff1], [0x80, 0x6b8, 0x81c, 0x9, 0x0, 0x7, 0xc7, 0xa, 0xe, 0x4, 0xa, 0x4, 0x8, 0x75, 0x6fb6, 0x0, 0x40, 0x8, 0xfffffff9, 0xffff2893, 0x9, 0x7, 0x0, 0x10, 0x78, 0x6, 0x300, 0x9, 0x8, 0xff, 0x0, 0x1, 0x6, 0x6, 0x6, 0x5, 0x8, 0xf62, 0x74, 0x9, 0x7, 0x8001, 0x6, 0xdf, 0x6, 0x7ff, 0x5, 0x5, 0x1, 0x2, 0x200, 0x7, 0xf0000000, 0x5, 0x7, 0xc172, 0x6625, 0x5, 0x6, 0xfffff0f9, 0x7f, 0x1000, 0x8, 0x7], [0x1, 0xe6, 0x8f, 0x2, 0x100, 0x28, 0x2, 0x5, 0x9, 0x1, 0x4, 0x4, 0x2, 0x3, 0x5, 0x0, 0x7b, 0x10, 0xffffffff, 0x4bb, 0x9, 0x4, 0x1, 0xffff7ef1, 0x6, 0x5, 0x7f, 0x4, 0x9, 0x8, 0x4, 0x4, 0x7, 0xc, 0x0, 0x0, 0x7fffffff, 0x7, 0x9, 0x4, 0x8, 0x3, 0x400000, 0x4, 0x71, 0x7, 0xd59, 0x0, 0x3, 0x0, 0x3, 0x9, 0x4, 0x6, 0x1, 0x0, 0x9, 0x2, 0x1, 0x4, 0x5a5, 0xfe82, 0x0, 0x5], [0x9, 0xbf0, 0x0, 0x0, 0x9, 0xffff1d53, 0xc386, 0x2be9a045, 0xfffffffc, 0x2, 0x4, 0x3, 0x6, 0x7ff, 0x6, 0x8, 0x4000, 0x4df47f53, 0x3, 0xfffffffa, 0x1ec, 0x8, 0x9, 0x5, 0xc, 0x9, 0x81, 0xfffffffd, 0x9, 0x5, 0x5, 0x80000000, 0x40, 0x2, 0x1, 0x3, 0xe0, 0xc8, 0xa315, 0x2, 0x6, 0x9, 0x71d, 0x7, 0x5, 0x20, 0x10001, 0x1, 0x3ff, 0x7, 0xf6b5, 0x6, 0x4, 0x5, 0x4, 0x80000000, 0x76, 0x3, 0x4, 0x2, 0x13d, 0x5, 0x7fff, 0x1]}, 0x45c)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x1)
ioctl$UI_GET_SYSNAME(r6, 0x8040552c, &(0x7f0000000040))
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x5)
ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000480)={{0xfffc, 0x3, 0x0, 0x5}, 'syz0\x00', 0x42})
socket$inet(0x2, 0x1, 0x0)
ioctl$BTRFS_IOC_BALANCE(r7, 0x5000940c, 0x0)
ioctl$UI_SET_KEYBIT(r6, 0x40045565, 0xee)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setfsgid(0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(0xffffffffffffffff, 0xaea2, 0x7f)
ioctl$UI_DEV_CREATE(r6, 0x5501)
ioctl$sock_inet6_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000140))

1.134960739s ago: executing program 0 (id=8579):
socket$key(0xf, 0x3, 0x2)
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000d972a440b72040155ab7010203010902120001000000000904800000ff"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000440)={0x24, &(0x7f0000000ac0)=ANY=[@ANYBLOB="201d0e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r1, 0xc0905664, &(0x7f0000000200)={0x0, 0x0, '\x00', @raw_data=[0x7, 0x8, 0x4, 0x4, 0x7, 0x5, 0x8, 0x2, 0x5, 0x101, 0x9, 0xff, 0x14eb, 0x400, 0x59c4, 0x3ff, 0x8, 0x2, 0xe8, 0x1, 0x1, 0x2, 0x10, 0x7, 0x1, 0x7fff, 0x1933, 0x8, 0x5, 0x3, 0x5, 0x4]})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x0, 0x80)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$poke(0x5, r2, &(0x7f0000000080), 0x0)

987.729562ms ago: executing program 4 (id=8580):
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)='4', 0x1}], 0x1, 0x0, 0x0, 0x0)
unshare(0x22020400)
r1 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x3f, 0x0, &(0x7f0000000040))
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r2, 0x0, 0x0, 0x60cd894)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

807.982464ms ago: executing program 4 (id=8581):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
pipe2(0x0, 0x800)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="9110feff000d000095000000e0ff0000"], &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1004c, '\x00', 0x0, @sk_reuseport=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x922, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'virt_wifi0\x00', <r3=>0x0})
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@remote, r3}, 0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x2000, {0x0, 0x0, 0x74, r3, {0xfffd, 0x10}, {0xd, 0xfff1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40044}, 0x200088c0)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='nv', 0x2)
getsockopt$inet_tcp_buf(r5, 0x6, 0x1a, 0x0, &(0x7f0000000100))
sendmsg$key(r4, 0x0, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_BLKTRACETEARDOWN(r6, 0x1276, 0x20000000)
r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
r8 = syz_io_uring_setup(0x39, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r8, 0x21, &(0x7f0000000440)=r7, 0x1)
msgctl$IPC_INFO(0x0, 0x3, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58)

358.755076ms ago: executing program 2 (id=8582):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
pipe2(0x0, 0x800)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="9110feff000d000095000000e0ff0000"], &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1004c, '\x00', 0x0, @sk_reuseport=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'virt_wifi0\x00', <r4=>0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote, r4}, 0x14)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x2000, {0x0, 0x0, 0x74, r4, {0xfffd, 0x10}, {0xd, 0xfff1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40044}, 0x200088c0)
r5 = socket$key(0xf, 0x3, 0x2)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='nv', 0x2)
getsockopt$inet_tcp_buf(r6, 0x6, 0x1a, 0x0, &(0x7f0000000100))
sendmsg$key(r5, 0x0, 0x0)
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_BLKTRACETEARDOWN(r7, 0x1276, 0x20000000)
r8 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
r9 = syz_io_uring_setup(0x39, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r9, 0x21, &(0x7f0000000440)=r8, 0x1)
msgctl$IPC_INFO(0x0, 0x3, 0x0)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58)

261.036355ms ago: executing program 0 (id=8583):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000", @ANYRES16=r6, @ANYBLOB="01002c9d7000ffdbdf2504"], 0x14}}, 0x800)

66.313689ms ago: executing program 0 (id=8584):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5400000010000104000000000200000000000000", @ANYRES32=r2, @ANYBLOB="0000faffffff000034001280110001006272696467655f736c617665000000001c000580050021000000000006001f00"], 0x54}}, 0x0)

0s ago: executing program 3 (id=8585):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = open(&(0x7f0000000280)='.\x00', 0x80, 0x122)
fcntl$notify(r2, 0x402, 0x8000003d)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
open(&(0x7f0000000080)='./bus\x00', 0x4001410c2, 0x766c618eb221465a)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
read$alg(r3, &(0x7f00000012c0)=""/4109, 0x100d)
sendmsg$alg(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000e00)="7911bf87e318844b7b7ece8fe95693844ba2b4c29049c749521cf970374e19e3e0eb47e456c6b48e9e6cbd7bf0c99099ca842917790c07a3922b2732c0b26c06681e5f6eeb013cae354f9e4cbdb1e2740ed027e6cea3bf48243cf3a4dfea964f056d9750a3845e1afa1cd4746ed1de3dcd86984fcb49e380144defb2648b5d28438225bdb08ba43fde421a07274d5d77389ddda7dbfec5ce2019fb2b85555c3adbf6812125af1e846cf1c0e4b88a751c58dfad1d210fbec40a1b21115f69230ca80b3ed558b27f6c46fe25c01fe4c18c0ba7d1e6861f6eb75b6f4903971921f799a56c12097998d9cfdce430335046f02dd1fef77b36c617b8b67621", 0xfc}, {&(0x7f0000002300)="efc738a16cc28c4946440ccbad4a5f1d56d06c415fd74d3f7ae7fede9df25861ac370f6d867d6672f8e7024df494ac35bd04b35f68b11663b146746ef3f58b12cfd7cd648c12a75f123d9cf5f9c10bcb48f942b34db9fbddcea5e0c3999da708bc472cd687c8f27748d1839e219628ad9687678201b445a59e0da96ecd38c0ce8bca1acbc78f9a3335e5db0eb0cd454006b4e3a5988e038b05322dad026df32c378b20fd75460e1205020d105c5115d2893e413b8b80e36946d011863b5a21472f1bd0d48b0c58211aff50a91e31112d632b56886d75ee84f49ffe015e33237150d3a3c4d871d348fa8e16f94c9e9d1e08d37c8b58f05f1a7c7133aae433f4564b8120d926c8ed8945d774620ec50deb1b3de7e66655d52f397f1811a024d870a4be151a15908b871992af52db41a28cb43633e1f9727e5373e318da8155d3e00b5b5eb28da52e8d364ec5de7614d8fd52401a6367e32464752d7379aaee4b08445ab9ca96663e47584d7470acf0312c545ffcee66d1903bc965caf4d66faf0c8e82ce4bd9c769d3440aca255e97c95a9810f33244d3963ec5610d0dcf62394ba8241351909acab1c154d1796ab44f683a08b307cc1905573642f6b2ef46e764d7f6d692de0fdefe6363a586f50d385e14b5b4209fd4efd93668ef020eaa8e3a70e6511438f81a2e6236b90628ac919ba9eeb04a9fd736a2681489427fa2fbd7f9fe559db1070fe3876e3217626fa811af2b2e3efb3587b19460f885c277e81a94277bbd3f19d4427538a4d93185e6647c4b8ffba034fe43e288dbb2eaf46299255aa246eb720a58224fc8490ed19cc40edd59552ec36b4645edc4e72e4c0ec8c48be18626f32c6aa982f821c40a0ba2d9b19c18a2e3a6b82e562c11620551de6364cc836ccd438823cbb2be8883a46d1141e136fdef2b1b19b879bd1be9a9993265758044ec33a87c625607ceda2e8245ebd7610b8c779957a1186a1611bd0caf66de3bcfbe904e28bae0174818f47eec3e79d74624b57d0b0dd173bfb5dbc4292e817bb03a0725bf11769fcf53ea95ef538be9a33c841f618fe4bc731cd8c826caec2691aee93ca57624e693947484163b3ae01d947155b499f56d7283b7d82c8000ba4a5457a1b1e40a17b7d4a54b45ebb0e8322e9dc9e2743a030c54f637381f10676d747cf8d1f982285187126b6da1e6fb374a8d87c956f9ad7c0328e8452fb6801e1c4db11dba4fd3ac3c382a05ab7148dcfb2266eac19399469c7aaf60eecbb1a92d6abf4bdda90752059106149645c6f5ea20b66c3ca634145c64b0c86ff46edc2b7d6269df97efd2f3e6fcda4cc9dc636951a9d6f0dc01f51ae273dcfeb66ec749d3cfe7cb11c45a473e126cab55450c5ffa59b3f3afb686f8258200bb8a529faff7f988d632300b890f73d51c60c64f4679cd86cc1f4602089f93ba03a51c846eed467432084f71c38413d0d9d1b83f9605207e9b28142d7bf94c7aedcd19f0fc93d4b95a1fea7babe2cb8de1a1a08f3a2d8d0aa1e718c1460e15329700e9e14c5cffff9c7a62b09df0a025e96ab03fa316e50d5b3b01ca4c5e0c6ac23f9703462e14f5fb6d5c1c2514d714746db1b5a5cee1111640114a9556cc518168b161b13e989e8f9ac51e2c01f7fbefea6ce6a8714c47279093fbb59fb760b7dd3138004343063485b506b120728d22c422324871c34f2dc7c53ce0bbab87bcd3efcf8fd4fa2bce12a10b00bdbb24791758516d02012613dd74caac26a176392ec11250e81d2566b2373a2b6536c3e2f28742cbca11b201934d19b42241d94a9da5b282eff530ddd3ed20318be47e9264b0a8fb0745e78c9c1f612ed03479ae14a176cfe52edb5eb2712c21fae58bf4c4143da57a9ee28acede9f56700bfa0f5c51da975fec9f8141b76cacdbfe69be80a325666cbd8fe458ed7f8965166b120ffb5e28dfbb5b3141cf963fd07548a4a35d2c749ce3adea69e0e0d4fd4158142fb7050d477fc51b2ef7e6f0e09cb8016a9bdfff7a200cd992a71a156339160b5757e163a14246c94fe11a0e210c5946b3147bc6870c9900e102b82e9a66a243a2e23e7ff98f7d9f017301740ac157f804afebf2f5bebbbf68583d86b01daaf02bc086bc2c4ddecf1a30795cb23a37bcff24ac3307545acc9bc7949edb2ea5b851ceb3bf2d34f049f1664100b0fc8ea326000e032bc5e50cdec80803a468e334002cfa7ccbef11f951f7679f403ce0cff42101702999218a15396952a3faa0154764c4359f037414bad967afca45285bd5ab985364e6b8bec744c00b3f95010eda041112ace0f09833c9b1049c36f03cca4e9264485d5784466e4b908b4b6216bd935abf49553dcdd4e48bc39f8b22f9b4bef1339b5121ad34ef3df4051333b8ea4ce83cff7abc863c43440ab6892281bc96fbf848ae9e82cb1a2d791b8bcf98ddb65baada7c08075dfe27cd06aedb0ff458880d600ba5bdb14c0858415c43c0aa6660298a944d568487853e7dac0c955d1268f70874756f6316e6181313f215ed3724ef760d89df82a178b51169506ada831725827c62b80f2e47fdac38b86192f68fe2fe5794f7adeac9c5bfc9e1fa8d5199fd7df202ee6e1ba38d40b7750f900771ea8e4f00d4c25065cf8867dc929c892f8e4652040862d48e8af1a48fc500882e874995c48cace7754bf0be2765be83001958946c8cb794f8813816e505de401d789223bc0af5739045751640272afb39d45d2be00cac743bfbce9a9a7f4b8f55511f3ad26264a09c19f26ed1b45b0fb254f98e5e1473bbccaa21219b327d1bbedab4a4dfdf516259feef632f72f5092bf78d886772e73ed2250f5ec20ac6fa66cf8c2626d3b5973ce9f4f95ead5c8a65db49966de0fd9e9ce97894b764ec3f75093a4f3ec4507e2507256c59a52969fdabfc100e6ae23acf121bb3acf34d190211b4001b632b10a252be0430bd107ee884a0ba16fc50eb717ae36aba0dbb130dc64b5cc21d1fe87856c8787474333c3a793fe81c9b9b56ee41fd2e1f2d6150495dc3379bf66fa4d53f868047b6c50f8c5a4c2ea2a355b5eb1ab3d3f32791b9ffcb08698dbe841f3338be19e5d927dfb14711b4aed2435fc53340162c878bee30d9d7d2409be614240540f7f5702be3e2ba38d8f999a624acdcaef37dabb86d225f35e92691de25bf68e0115e6680107f07380b28254e9df2e54a5179ed064fc9744dcb553b56720171b0325876c9b82d0120add35ac3f38b41fc28b149f944c66555051ca92341a953739a1674fae837bdb8d8d10adf7ef74092f505375c8414d82805176b680908d5c0f6c2a14bd526631c5abeccaf3469e3ae01c4db2371a77219ee109a83d62aef26efff181f240a163bc0cb253405018b69ba8d62ac582cb186c8c89e3c140bffaa4d99fab17975ccd925efab24b6a181773fe1daac55f18ab1e0264f8d1f7aabe395ce80792bb77cbd0b58fcd928ad74f0342876e098c93f9611887022a92e4d9b1da9c911bb7d762bdcdba36f749e16aad0bcf6f8596b2b50fc65a6811b709d9ad6593c2eb9867af3a276de26d6a6f87ec5173ca79e88122bf5151e98dee268fc8a79a4e83f2427a02ed702b0926ecf0b4bb1a3051f0a4d3cf31038fb600c7eb0cedc0d59ac99bff3b31a9065efecca740fcd948fb9c2eb6197b8226c397de7a4c268fa41877ca1618f77ffa93b2e17348301899bb1a5b389422d7364eb1e5ddd0daf2065894cf10886ce0d3920c0a283de54ec57942d456579851ca3590c26f8c360b7cbaa0328c29532aad80b2627b25641e613b38a2accf5881bbbc7086085a8fcf25895da9244c7dd773bff995e159ea3899487f202d97f2977e4527f75ec64a85cb21b120828b2ac24c711ea2b7cba4b0a195a1840aec7d34a4745b42596f186820584b4b75af29fba5b6d3623718efeebf52e848fe48160fbfd5a0f6511649e3e1c58e599c6d9c7597e5e12227e281204921819fbf9e0c9bd16d598aec601bbdc87e8d94225368cb65da83cbb722d79957a7c0bcea91a45f9b52558ccdcd2754da40fc0fbf78abd06c05f1fc7381eb06e4a0afcca6db7cace72aaacdf498cf9ca42c9b3c6615d9df167ef2d1b868e56a9652beea2f72530f24fe373333d9a524ed48e52e51d3784649a9b9a9f1cfdfabd3cdf832b2dda019bb4e1e1e71e75f88cbc3a16a6848ac2385024abb76249841f630008f3805462604d65eebf4e14b6c2ad9f9e2dc2a5a55d7ce5dde8307ac655b4dfcc99d0f050e838d310957915b4fc838f26f2659d72f801e8c62c6477cc33d7f60e659881422ddad61819b93f0f7817acab429b3c7d3923abce00993ada7fd7e5987cab4f4aea02acabad3f27f223c0108f44d8d5833932b4eb427f83f7b336f214293f8adc0ed2cd45d792cc69a84e01f6fe7020f96cd05c1dd792f30f1dec2c21ecf00ca956e4a2c71b52b1c298ae6e319cf845b97b60e07ab82afa30ffe94c16efb971959951746edde9639bb055feebe25611b595e23cade8420a2ee207977ab47dd559f09d17823e6184f83c44b881e4baa5d9abd6e2f8156a1fff943e61eea0e9b2fe26236e8288c5116ae9a8b0f110794f629c800d08729ea2000d56dbe404a747c149b7890bd6ac91319200b7078e2e039a29f45ffac3ecbafbc8b00db9f2e8eeb92ebf0a494bd4616925c9b289522c76f87d2c73342db85cc9a3ff09ae84c2c4b3618ba220bb6442968d9ae9eec02e577412fbedd827678a320b7dd8503d0bab20ca7fe7d982330506fc38eaaa6f1cde45377b08f0b66590b75fd6d390da80d01bf6c6dfc12f3b31312b75d1c6e8c6b86527b4f7c5464465b655b1c76a2b7dc202cf50f88f41bae5d7b8e8c38f3b254628f2418e2fe00b63f8162c60cd95fc9b0b6bba3a0989bbb858d2f1c892713e3bdc1a50bddfbb5c11f242464183ee9b85734b5683c242a264ea415df1284ffd87a36516518a09171cbad0149753e836aa41b27ff441460cf0f0d59ca9c1023b2bac5be5512827d4a64e6d7283e335682f9f4e0ad5471839e447b803c6b43d7daa2709536bc2ab955880cd25d1a50aa78fd646e31b3382426e1e77429d37712968223046698b51362b974a6c6782bfb17f40ade50c82523c1c87b59ba4cab6db7ea321b345133ef90039ddf3465043f05e0c1f0d9322aaf67408cf0c81162c17fd0a3fa195df5b6916b008110e4d713810a268d360a4056d36887765410b420101fc35833c3b0ec5b1990eaafdedcec60154fbbf8665c2ad750b4717235f3eb5f508dbc8d8119b7ccad544ff12b4837de891c0bc17d8316d1faaa1b178de7c335501d42cd03cec3cd364d48d73e1e1c19320f5d9842f746cb3cc10ce0079a9faec3f23ee2cdc84503bd2f86c175d3fd7951c4a7267908aaccde39326f4689eda42da763103ebb2383878851af1679def7bd14a78d6f387bd0042", 0xf11}], 0x2, &(0x7f0000001240)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x8801}, 0x4000001)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_HASH_ELASTICITY={0x8, 0x1a, 0x1ff}, @IFLA_BR_MCAST_HASH_MAX={0x8, 0x1b, 0x6}]}}}]}, 0x44}}, 0x40000)

kernel console output (not intermixed with test programs):

 exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[ 1708.994430][   T30] audit: type=1326 audit(1761520592.351:2495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=875 comm="syz.1.8222" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706d539 code=0x7ffc0000
[ 1709.114491][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1709.232837][  T889] fuse: Bad value for 'rootmode'
[ 1709.828843][  T138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1710.167070][T30196] net_ratelimit: 2 callbacks suppressed
[ 1710.167088][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1710.248986][ T5894] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[ 1710.378491][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1710.405052][  T919] bond1: entered allmulticast mode
[ 1710.422988][  T919] FAULT_INJECTION: forcing a failure.
[ 1710.422988][  T919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1710.438885][  T919] CPU: 1 UID: 0 PID: 919 Comm: syz.4.8234 Not tainted syzkaller #0 PREEMPT(full) 
[ 1710.438909][  T919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1710.438920][  T919] Call Trace:
[ 1710.438928][  T919]  <TASK>
[ 1710.438936][  T919]  dump_stack_lvl+0x189/0x250
[ 1710.438965][  T919]  ? __pfx____ratelimit+0x10/0x10
[ 1710.438987][  T919]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1710.439010][  T919]  ? __pfx__printk+0x10/0x10
[ 1710.439029][  T919]  ? __might_fault+0xb0/0x130
[ 1710.439061][  T919]  should_fail_ex+0x414/0x560
[ 1710.439092][  T919]  _copy_from_user+0x2d/0xb0
[ 1710.439115][  T919]  get_compat_msghdr+0xad/0x4a0
[ 1710.439140][  T919]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1710.439170][  T919]  ___sys_sendmsg+0x193/0x2a0
[ 1710.439191][  T919]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1710.439242][  T919]  ? __fget_files+0x2a/0x420
[ 1710.439259][  T919]  ? __fget_files+0x3a0/0x420
[ 1710.439286][  T919]  __sys_sendmsg+0x164/0x220
[ 1710.439307][  T919]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1710.439333][  T919]  ? __pfx_ksys_write+0x10/0x10
[ 1710.439359][  T919]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1710.439384][  T919]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1710.439409][  T919]  __do_fast_syscall_32+0xb6/0x2b0
[ 1710.439433][  T919]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1710.439491][  T919]  do_fast_syscall_32+0x34/0x80
[ 1710.439518][  T919]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1710.439540][  T919] RIP: 0023:0xf709d539
[ 1710.439556][  T919] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1710.439572][  T919] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1710.439592][  T919] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000300
[ 1710.439606][  T919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1710.439617][  T919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1710.439627][  T919] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1710.439638][  T919] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1710.439666][  T919]  </TASK>
[ 1710.753431][ T5894] usb 1-1: config index 0 descriptor too short (expected 9915, got 36)
[ 1710.761842][ T5894] usb 1-1: config 0 has an invalid interface number: 187 but max is 1
[ 1710.770214][ T5894] usb 1-1: config 0 has an invalid interface number: 116 but max is 1
[ 1710.778447][ T5894] usb 1-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[ 1710.788755][ T5894] usb 1-1: config 0 has no interface number 0
[ 1710.794835][ T5894] usb 1-1: config 0 has no interface number 1
[ 1710.801093][ T5894] usb 1-1: config 0 interface 116 altsetting 64 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1710.814296][ T5894] usb 1-1: config 0 interface 187 has no altsetting 0
[ 1710.821119][ T5894] usb 1-1: config 0 interface 116 has no altsetting 0
[ 1710.838910][ T5894] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice= 4.61
[ 1710.847986][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1710.856073][ T5894] usb 1-1: Product: syz
[ 1710.864703][ T5894] usb 1-1: Manufacturer: syz
[ 1710.872685][ T5894] usb 1-1: SerialNumber: syz
[ 1710.879547][  T932] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1710.910579][ T5894] usb 1-1: config 0 descriptor??
[ 1711.048750][  T935] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8239'.
[ 1711.156246][  T944] FAULT_INJECTION: forcing a failure.
[ 1711.156246][  T944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1711.199374][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1711.199990][  T944] CPU: 0 UID: 0 PID: 944 Comm: syz.1.8239 Not tainted syzkaller #0 PREEMPT(full) 
[ 1711.200023][  T944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1711.200034][  T944] Call Trace:
[ 1711.200042][  T944]  <TASK>
[ 1711.200050][  T944]  dump_stack_lvl+0x189/0x250
[ 1711.200078][  T944]  ? __pfx____ratelimit+0x10/0x10
[ 1711.200100][  T944]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1711.200123][  T944]  ? __pfx__printk+0x10/0x10
[ 1711.200140][  T944]  ? __might_fault+0xb0/0x130
[ 1711.200173][  T944]  should_fail_ex+0x414/0x560
[ 1711.200213][  T944]  _copy_from_user+0x2d/0xb0
[ 1711.200235][  T944]  __sys_sendto+0x25c/0x520
[ 1711.200263][  T944]  ? __pfx___sys_sendto+0x10/0x10
[ 1711.200285][  T944]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1711.200320][  T944]  ? __fget_files+0x3a0/0x420
[ 1711.200347][  T944]  ? ksys_write+0x22a/0x250
[ 1711.200368][  T944]  ? exc_page_fault+0x82/0x100
[ 1711.200402][  T944]  ? __pfx_ksys_write+0x10/0x10
[ 1711.200429][  T944]  __ia32_sys_sendto+0xdd/0x100
[ 1711.200457][  T944]  __do_fast_syscall_32+0xb6/0x2b0
[ 1711.200480][  T944]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1711.200505][  T944]  do_fast_syscall_32+0x34/0x80
[ 1711.200528][  T944]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1711.200549][  T944] RIP: 0023:0xf706d539
[ 1711.200564][  T944] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1711.200580][  T944] RSP: 002b:00000000f543c55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1711.200599][  T944] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[ 1711.200611][  T944] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000080000440
[ 1711.200622][  T944] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[ 1711.200633][  T944] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1711.200644][  T944] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1711.200669][  T944]  </TASK>
[ 1711.651249][  T949] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8241'.
[ 1711.685020][  T950] netlink: 'syz.1.8242': attribute type 10 has an invalid length.
[ 1712.095925][  T960] netlink: 168876 bytes leftover after parsing attributes in process `syz.4.8245'.
[ 1712.219707][ T6561] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1712.329077][T30196] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 1712.490958][T30196] usb 4-1: config 0 has no interfaces?
[ 1712.500932][T30196] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 1712.524795][ T5894] snd-usb-6fire 1-1:0.187: unable to receive device firmware state.
[ 1712.539163][T30196] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1712.643102][ T5894] snd-usb-6fire 1-1:0.187: probe with driver snd-usb-6fire failed with error -71
[ 1712.664144][T30196] usb 4-1: Product: syz
[ 1712.677870][T30196] usb 4-1: Manufacturer: syz
[ 1712.778792][T30196] usb 4-1: SerialNumber: syz
[ 1712.817050][ T5894] usb 1-1: USB disconnect, device number 124
[ 1712.895835][T30196] usb 4-1: config 0 descriptor??
[ 1713.194966][  T963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1713.222634][  T963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1713.248294][ T5894] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1713.267924][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1713.313007][  T987] netlink: 'syz.4.8255': attribute type 10 has an invalid length.
[ 1713.325639][T30196] usb 4-1: USB disconnect, device number 122
[ 1713.420525][ T5958] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1713.423592][ T5894] usb 1-1: config 1 has an invalid interface number: 7 but max is 0
[ 1713.440112][ T5894] usb 1-1: config 1 has no interface number 0
[ 1713.446256][ T5894] usb 1-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1713.482354][ T5894] usb 1-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1713.496408][ T5894] usb 1-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1713.522927][ T5894] usb 1-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1713.534217][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1713.548129][ T5894] usb 1-1: Product: syz
[ 1713.552334][ T5894] usb 1-1: Manufacturer: syz
[ 1713.567277][ T5894] usb 1-1: SerialNumber: syz
[ 1713.592450][  T979] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1713.690204][  T998] FAULT_INJECTION: forcing a failure.
[ 1713.690204][  T998] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1713.738347][  T998] CPU: 1 UID: 0 PID: 998 Comm: syz.4.8260 Not tainted syzkaller #0 PREEMPT(full) 
[ 1713.738369][  T998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1713.738379][  T998] Call Trace:
[ 1713.738387][  T998]  <TASK>
[ 1713.738395][  T998]  dump_stack_lvl+0x189/0x250
[ 1713.738425][  T998]  ? __pfx____ratelimit+0x10/0x10
[ 1713.738445][  T998]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1713.738464][  T998]  ? __pfx__printk+0x10/0x10
[ 1713.738480][  T998]  ? __might_fault+0xb0/0x130
[ 1713.738517][  T998]  should_fail_ex+0x414/0x560
[ 1713.738546][  T998]  _copy_from_user+0x2d/0xb0
[ 1713.738569][  T998]  get_compat_msghdr+0xad/0x4a0
[ 1713.738591][  T998]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1713.738617][  T998]  ___sys_sendmsg+0x193/0x2a0
[ 1713.738639][  T998]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1713.738685][  T998]  ? __fget_files+0x2a/0x420
[ 1713.738701][  T998]  ? __fget_files+0x3a0/0x420
[ 1713.738727][  T998]  __sys_sendmsg+0x164/0x220
[ 1713.738747][  T998]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1713.738773][  T998]  ? __pfx_ksys_write+0x10/0x10
[ 1713.738798][  T998]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1713.738822][  T998]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1713.738847][  T998]  __do_fast_syscall_32+0xb6/0x2b0
[ 1713.738872][  T998]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1713.738898][  T998]  do_fast_syscall_32+0x34/0x80
[ 1713.738922][  T998]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1713.738944][  T998] RIP: 0023:0xf709d539
[ 1713.738960][  T998] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1713.738976][  T998] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1713.738996][  T998] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000300
[ 1713.739010][  T998] RDX: 000000000000c040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1713.739022][  T998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1713.739032][  T998] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1713.739044][  T998] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1713.739072][  T998]  </TASK>
[ 1714.028485][  T979] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1714.218190][    T9] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1714.260059][ T5894] sierra_net 1-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:16:07
[ 1714.310932][ T1007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8262'.
[ 1714.322761][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1714.448368][    T9] usb 3-1: Using ep0 maxpacket: 8
[ 1714.457871][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1714.472790][    T9] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1714.515560][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1714.556431][    T9] usb 3-1: config 0 descriptor??
[ 1714.745394][  T979] input: syz0 as /devices/virtual/input/input172
[ 1714.765958][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1714.765977][   T30] audit: type=1326 audit(1761520598.431:2498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1714.872613][   T30] audit: type=1326 audit(1761520598.431:2499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=139 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1715.233822][ T7583] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1715.249557][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1715.268238][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1715.281603][ T5894] sierra_net 1-1:1.7 wwan0: Submit SYNC failed -71
[ 1715.286883][   T30] audit: type=1326 audit(1761520598.431:2500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1715.316795][ T5894] sierra_net 1-1:1.7 wwan0: Send SYNC failed, status -71
[ 1715.321798][    T9] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1715.338848][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1715.368155][ T5958] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[ 1715.398152][   T30] audit: type=1326 audit(1761520598.431:2501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1715.411936][ T5894] usb 1-1: USB disconnect, device number 125
[ 1715.433451][ T5894] sierra_net 1-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem
[ 1715.514803][   T30] audit: type=1326 audit(1761520598.431:2502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1715.558196][ T5958] usb 5-1: Using ep0 maxpacket: 16
[ 1715.568736][ T5958] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 69, using maximum allowed: 30
[ 1715.580327][ T5958] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 69
[ 1715.597128][ T1029] FAULT_INJECTION: forcing a failure.
[ 1715.597128][ T1029] name failslab, interval 1, probability 0, space 0, times 0
[ 1715.610081][ T5894] sierra_net 1-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19
[ 1715.624973][ T1029] CPU: 0 UID: 0 PID: 1029 Comm: syz.1.8267 Not tainted syzkaller #0 PREEMPT(full) 
[ 1715.624996][ T1029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1715.625007][ T1029] Call Trace:
[ 1715.625014][ T1029]  <TASK>
[ 1715.625022][ T1029]  dump_stack_lvl+0x189/0x250
[ 1715.625049][ T1029]  ? __pfx____ratelimit+0x10/0x10
[ 1715.625069][ T1029]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1715.625090][ T1029]  ? __pfx__printk+0x10/0x10
[ 1715.625112][ T1029]  ? __pfx___might_resched+0x10/0x10
[ 1715.625133][ T1029]  should_fail_ex+0x414/0x560
[ 1715.625161][ T1029]  should_failslab+0xa8/0x100
[ 1715.625181][ T1029]  __kmalloc_noprof+0xcb/0x7f0
[ 1715.625202][ T1029]  ? kfree+0x4d/0x6d0
[ 1715.625219][ T1029]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1715.625250][ T1029]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1715.625275][ T1029]  ? tomoyo_domain+0xd9/0x130
[ 1715.625302][ T1029]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1715.625332][ T1029]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1715.625354][ T1029]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1715.625389][ T1029]  ? __lock_acquire+0xab9/0xd20
[ 1715.625422][ T1029]  ? __fget_files+0x2a/0x420
[ 1715.625443][ T1029]  ? __fget_files+0x3a0/0x420
[ 1715.625458][ T1029]  ? __fget_files+0x2a/0x420
[ 1715.625476][ T1029]  security_file_ioctl_compat+0xcb/0x2d0
[ 1715.625498][ T1029]  __ia32_compat_sys_ioctl+0x128/0x840
[ 1715.625521][ T1029]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1715.625543][ T1029]  ? __fget_files+0x3a0/0x420
[ 1715.625566][ T1029]  ? fput+0xa0/0xd0
[ 1715.625586][ T1029]  ? ksys_write+0x22a/0x250
[ 1715.625608][ T1029]  ? exc_page_fault+0x82/0x100
[ 1715.625631][ T1029]  ? __pfx_ksys_write+0x10/0x10
[ 1715.625658][ T1029]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1715.625680][ T1029]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1715.625704][ T1029]  __do_fast_syscall_32+0xb6/0x2b0
[ 1715.625726][ T1029]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1715.625751][ T1029]  do_fast_syscall_32+0x34/0x80
[ 1715.625773][ T1029]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1715.625794][ T1029] RIP: 0023:0xf706d539
[ 1715.625810][ T1029] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1715.625825][ T1029] RSP: 002b:00000000f543c55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1715.625844][ T1029] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080045530
[ 1715.625856][ T1029] RDX: 0000000080005ac0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1715.625867][ T1029] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1715.625877][ T1029] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1715.625888][ T1029] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1715.625915][ T1029]  </TASK>
[ 1715.919093][   T30] audit: type=1326 audit(1761520598.431:2503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1715.941262][   T30] audit: type=1326 audit(1761520598.441:2504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1715.963957][   T30] audit: type=1326 audit(1761520598.441:2505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1715.986121][   T30] audit: type=1326 audit(1761520598.441:2506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1716.008227][   T30] audit: type=1326 audit(1761520598.451:2507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=977 comm="syz.0.8251" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1716.014132][ T1029] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1716.057722][ T1033] netlink: 'syz.3.8268': attribute type 10 has an invalid length.
[ 1716.074837][ T5958] usb 5-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[ 1716.083948][ T5958] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1716.092013][ T5958] usb 5-1: Product: syz
[ 1716.096180][ T5958] usb 5-1: Manufacturer: syz
[ 1716.100802][ T5958] usb 5-1: SerialNumber: syz
[ 1716.108241][ T5958] usb 5-1: config 0 descriptor??
[ 1716.115478][ T5958] ums-onetouch 5-1:0.0: USB Mass Storage device detected
[ 1716.323468][ T5894] usb 5-1: USB disconnect, device number 107
[ 1716.391017][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1716.409351][ T1046] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8269'.
[ 1716.463021][ T5958] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1716.530460][ T1055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1716.565907][ T1055] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1716.876683][ T1074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8272'.
[ 1717.419759][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1717.514037][ T1092] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8274'.
[ 1717.586119][ T1096] binder: BINDER_SET_CONTEXT_MGR already set
[ 1717.611608][ T1096] binder: 1095:1096 ioctl 4018620d 80000040 returned -16
[ 1717.818981][ T5880] usb 3-1: USB disconnect, device number 118
[ 1717.873595][ T5894] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 1718.035722][ T5894] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[ 1718.094759][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1718.159924][ T5894] usb 4-1: Product: syz
[ 1718.164114][ T5894] usb 4-1: Manufacturer: syz
[ 1718.188326][ T5894] usb 4-1: SerialNumber: syz
[ 1718.458744][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1718.652793][ T5894] rtl8150 4-1:1.0: couldn't reset the device
[ 1718.673677][ T5894] rtl8150 4-1:1.0: probe with driver rtl8150 failed with error -5
[ 1718.882459][ T5894] usb 4-1: USB disconnect, device number 123
[ 1719.105022][ T1117] syzkaller1: entered promiscuous mode
[ 1719.110753][ T1117] syzkaller1: entered allmulticast mode
[ 1719.196293][T30196] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[ 1719.473176][ T1133] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8283'.
[ 1719.678551][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1719.738493][T30196] usb 1-1: config 1 has an invalid interface number: 7 but max is 0
[ 1719.768269][T30196] usb 1-1: config 1 has no interface number 0
[ 1719.769693][ T5958] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1719.783155][T30196] usb 1-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1719.841602][T30196] usb 1-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1719.866734][T30196] usb 1-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1719.884129][T30196] usb 1-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1719.907474][T30196] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1719.916066][T30196] usb 1-1: Product: syz
[ 1719.923450][T30196] usb 1-1: Manufacturer: syz
[ 1719.928608][T30196] usb 1-1: SerialNumber: syz
[ 1719.937004][ T1119] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1720.161936][ T1119] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1720.401583][ T1156] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8288'.
[ 1720.415779][T30196] sierra_net 1-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:17:07
[ 1720.458145][ T5958] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[ 1720.619418][ T5958] usb 4-1: Using ep0 maxpacket: 8
[ 1720.637233][ T5958] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1720.649519][ T5958] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1720.659636][ T5958] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1720.670448][ T5958] usb 4-1: Product: syz
[ 1720.674927][ T5958] usb 4-1: Manufacturer: syz
[ 1720.680773][ T5958] usb 4-1: SerialNumber: syz
[ 1720.696250][ T5958] usb 4-1: config 0 descriptor??
[ 1720.701782][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1720.723179][ T5958] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1720.814167][ T1119] input: syz0 as /devices/virtual/input/input173
[ 1720.820725][   T30] audit: type=1326 audit(1761520604.501:2508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1720.846249][   T30] audit: type=1326 audit(1761520604.501:2509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=139 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1720.891524][   T30] audit: type=1326 audit(1761520604.501:2510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1720.913535][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1720.965077][   T30] audit: type=1326 audit(1761520604.501:2511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1721.103027][   T30] audit: type=1326 audit(1761520604.501:2512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1721.146302][   T30] audit: type=1326 audit(1761520604.501:2513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1721.186468][T30196] sierra_net 1-1:1.7 wwan0: Submit SYNC failed -71
[ 1721.200561][T30196] sierra_net 1-1:1.7 wwan0: Send SYNC failed, status -71
[ 1721.231863][ T5880] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1721.260093][T30196] usb 1-1: USB disconnect, device number 126
[ 1721.275532][T30196] sierra_net 1-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem
[ 1721.298284][   T30] audit: type=1326 audit(1761520604.531:2514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1721.406891][   T30] audit: type=1326 audit(1761520604.541:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1721.438280][   T30] audit: type=1326 audit(1761520604.541:2516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1721.469428][   T30] audit: type=1326 audit(1761520604.541:2517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1116 comm="syz.0.8280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1721.498637][T30196] sierra_net 1-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19
[ 1721.517860][ T5880] usb 3-1: Using ep0 maxpacket: 16
[ 1721.531870][ T5880] usb 3-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[ 1721.541130][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1721.558209][ T5880] usb 3-1: Product: syz
[ 1721.581630][ T5880] usb 3-1: Manufacturer: syz
[ 1721.602090][ T5880] usb 3-1: SerialNumber: syz
[ 1721.631920][ T5880] usb 3-1: config 0 descriptor??
[ 1721.742977][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1721.927690][ T1163] bond0: entered promiscuous mode
[ 1721.978678][ T1163] bond_slave_0: entered promiscuous mode
[ 1722.028374][ T5822] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[ 1722.028653][ T1163] bond_slave_1: entered promiscuous mode
[ 1722.169028][ T1163] dummy0: entered promiscuous mode
[ 1722.184724][ T1163] batadv0: entered promiscuous mode
[ 1722.212745][ T1163] hsr1: entered allmulticast mode
[ 1722.218253][ T1163] bond0: entered allmulticast mode
[ 1722.220685][ T5822] usb 5-1: config 1 has an invalid interface number: 7 but max is 0
[ 1722.223467][ T1163] bond_slave_0: entered allmulticast mode
[ 1722.239468][ T1163] bond_slave_1: entered allmulticast mode
[ 1722.310359][ T5822] usb 5-1: config 1 has no interface number 0
[ 1722.316575][ T5822] usb 5-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1722.332601][ T1163] dummy0: entered allmulticast mode
[ 1722.337961][ T1163] batadv0: entered allmulticast mode
[ 1722.344422][ T1163] 8021q: adding VLAN 0 to HW filter on device hsr1
[ 1722.352655][ T5822] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1722.363019][ T1163] bond0: left promiscuous mode
[ 1722.367932][ T1163] bond_slave_0: left promiscuous mode
[ 1722.374176][ T1163] bond_slave_1: left promiscuous mode
[ 1722.380255][ T1163] dummy0: left promiscuous mode
[ 1722.380391][ T5822] usb 5-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1722.413054][ T1163] batadv0: left promiscuous mode
[ 1722.431763][ T5822] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1722.441262][ T5822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1722.467600][ T5822] usb 5-1: Product: syz
[ 1722.477725][ T5822] usb 5-1: Manufacturer: syz
[ 1722.491024][ T5822] usb 5-1: SerialNumber: syz
[ 1722.514835][ T1169] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 1722.726970][ T5880] usb_8dev 3-1:0.0 can0: sending command message failed
[ 1722.740326][ T1169] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 1722.758503][ T5880] usb_8dev 3-1:0.0 can0: can't get firmware version
[ 1722.808422][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1722.816587][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1722.879338][ T5880] usb_8dev 3-1:0.0: probe with driver usb_8dev failed with error -22
[ 1722.898416][ T5880] usb 3-1: USB disconnect, device number 119
[ 1723.073534][ T5822] sierra_net 5-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.4-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:18:07
[ 1723.493700][ T1169] input: syz0 as /devices/virtual/input/input174
[ 1723.609113][ T5822] sierra_net 5-1:1.7 wwan0: Submit SYNC failed -71
[ 1723.951190][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1723.969656][ T5822] sierra_net 5-1:1.7 wwan0: Send SYNC failed, status -71
[ 1724.041543][ T5822] usb 5-1: USB disconnect, device number 108
[ 1724.085057][ T5822] sierra_net 5-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.4-1, Sierra Wireless USB-to-WWAN Modem
[ 1724.208647][ T5822] sierra_net 5-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19
[ 1724.339118][ T5958] gspca_zc3xx: reg_w_i err -71
[ 1724.586690][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1724.968226][ T5958] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1725.045569][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1725.144122][ T5958] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71
[ 1725.161819][ T5958] usb 4-1: USB disconnect, device number 124
[ 1725.798627][ T1227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8304'.
[ 1725.818587][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1725.869710][ T1226] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8306'.
[ 1726.058345][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1727.081538][ T1257] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8313'.
[ 1727.098359][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1727.646747][ T1263] netlink: 'syz.2.8316': attribute type 10 has an invalid length.
[ 1728.138848][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1728.875681][ T5958] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1729.188304][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1730.182157][ T1314] bond1: option downdelay: invalid value (18446744073709551615)
[ 1730.193827][ T1314] bond1: option downdelay: allowed values 0 - 2147483647
[ 1730.224860][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1730.266043][ T1314] bond1 (unregistering): Released all slaves
[ 1730.302364][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.308744][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.768673][ T1321] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8332'.
[ 1731.258290][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1731.858263][ T5894] usb 1-1: new full-speed USB device number 127 using dummy_hcd
[ 1731.910011][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1732.196131][ T5894] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 1732.224682][ T5894] usb 1-1: config 0 has no interface number 0
[ 1732.346026][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1732.450008][ T5894] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1732.473791][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1732.523660][ T5894] usb 1-1: Product: syz
[ 1732.541774][ T5894] usb 1-1: Manufacturer: syz
[ 1732.594967][ T5894] usb 1-1: SerialNumber: syz
[ 1732.667457][ T5894] usb 1-1: config 0 descriptor??
[ 1733.163628][ T1359] netlink: 'syz.2.8342': attribute type 10 has an invalid length.
[ 1733.344272][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1733.433585][ T1365] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8343'.
[ 1733.442821][ T1362] syz.2.8344: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[ 1733.465017][ T1365] batadv1: entered promiscuous mode
[ 1733.472012][ T1362] CPU: 0 UID: 0 PID: 1362 Comm: syz.2.8344 Not tainted syzkaller #0 PREEMPT(full) 
[ 1733.472039][ T1362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1733.472051][ T1362] Call Trace:
[ 1733.472060][ T1362]  <TASK>
[ 1733.472070][ T1362]  dump_stack_lvl+0x189/0x250
[ 1733.472104][ T1362]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1733.472129][ T1362]  ? __pfx__printk+0x10/0x10
[ 1733.472149][ T1362]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1733.472174][ T1362]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1733.472201][ T1362]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1733.472229][ T1362]  warn_alloc+0x214/0x310
[ 1733.472255][ T1362]  ? stack_depot_save_flags+0x40/0x860
[ 1733.472286][ T1362]  ? __pfx_warn_alloc+0x10/0x10
[ 1733.472313][ T1362]  ? kasan_save_track+0x3e/0x80
[ 1733.472336][ T1362]  ? __kasan_kmalloc+0x93/0xb0
[ 1733.472362][ T1362]  ? xsk_setsockopt+0x4dc/0x8d0
[ 1733.472380][ T1362]  ? do_sock_setsockopt+0x17c/0x1b0
[ 1733.472396][ T1362]  ? __ia32_sys_setsockopt+0x13f/0x1b0
[ 1733.472412][ T1362]  ? __do_fast_syscall_32+0xb6/0x2b0
[ 1733.472433][ T1362]  ? do_fast_syscall_32+0x34/0x80
[ 1733.472453][ T1362]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1733.472483][ T1362]  __vmalloc_node_range_noprof+0x125/0x12d0
[ 1733.472533][ T1362]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1733.472562][ T1362]  ? __kasan_kmalloc+0x93/0xb0
[ 1733.472593][ T1362]  vmalloc_user_noprof+0xad/0xf0
[ 1733.472620][ T1362]  ? xskq_create+0xbf/0x170
[ 1733.472642][ T1362]  xskq_create+0xbf/0x170
[ 1733.472667][ T1362]  xsk_init_queue+0xb0/0x110
[ 1733.472689][ T1362]  xsk_setsockopt+0x4dc/0x8d0
[ 1733.472710][ T1362]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1733.472730][ T1362]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1733.472766][ T1362]  ? aa_sock_opt_perm+0xff/0x1b0
[ 1733.472796][ T1362]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1733.472813][ T1362]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1733.472834][ T1362]  do_sock_setsockopt+0x17c/0x1b0
[ 1733.472858][ T1362]  __ia32_sys_setsockopt+0x13f/0x1b0
[ 1733.472883][ T1362]  __do_fast_syscall_32+0xb6/0x2b0
[ 1733.472907][ T1362]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1733.472932][ T1362]  do_fast_syscall_32+0x34/0x80
[ 1733.472956][ T1362]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1733.472977][ T1362] RIP: 0023:0xf7f44539
[ 1733.472992][ T1362] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1733.473008][ T1362] RSP: 002b:00000000f543655c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1733.473029][ T1362] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000011b
[ 1733.473042][ T1362] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[ 1733.473055][ T1362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1733.473066][ T1362] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1733.473078][ T1362] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1733.473105][ T1362]  </TASK>
[ 1733.473113][ T1362] Mem-Info:
[ 1733.542696][ T1365] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1733.551264][ T1362] active_anon:11666 inactive_anon:0 isolated_anon:0
[ 1733.551264][ T1362]  active_file:17654 inactive_file:40560 isolated_file:0
[ 1733.551264][ T1362]  unevictable:768 dirty:404 writeback:0
[ 1733.551264][ T1362]  slab_reclaimable:11195 slab_unreclaimable:104540
[ 1733.551264][ T1362]  mapped:35413 shmem:5614 pagetables:1417
[ 1733.551264][ T1362]  sec_pagetables:0 bounce:0
[ 1733.551264][ T1362]  kernel_misc_reclaimable:0
[ 1733.551264][ T1362]  free:1294461 free_pcp:8858 free_cma:0
[ 1733.851455][ T1362] Node 0 active_anon:48364kB inactive_anon:0kB active_file:70616kB inactive_file:162036kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:143152kB dirty:1616kB writeback:0kB shmem:22420kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB kernel_stack:13004kB pagetables:5532kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1733.884980][ T5894] usb 1-1: Firmware version (0.0) predates our first public release.
[ 1733.893803][ T5894] usb 1-1: Please update to version 0.2 or newer
[ 1733.912822][ T1362] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1733.944310][ T1362] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1733.958161][ T5822] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1733.976989][ T1362] lowmem_reserve[]: 0 2505 2505 2505 2505
[ 1734.010988][ T1362] Node 0 DMA32 free:1248552kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:49940kB inactive_anon:0kB active_file:70616kB inactive_file:162036kB unevictable:1536kB writepending:1640kB zspages:0kB present:3129332kB managed:2565184kB mlocked:0kB bounce:0kB free_pcp:30040kB local_pcp:13692kB free_cma:0kB
[ 1734.047986][ T5894] usb 1-1: USB disconnect, device number 127
[ 1734.054820][ T1362] lowmem_reserve[]: 0 0 0 0 0
[ 1734.060196][ T1362] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1734.092041][ T1362] lowmem_reserve[]: 0 0 0 0 0
[ 1734.096758][ T1362] Node 1 Normal free:3911104kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:4288kB local_pcp:0kB free_cma:0kB
[ 1734.148712][ T5958] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1734.178511][ T1362] lowmem_reserve[]: 0 0 0 0 0
[ 1734.210113][ T1362] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1734.291015][ T1362] Node 0 DMA32: 117*4kB (UME) 46*8kB (UME) 39*16kB (UME) 270*32kB (UME) 171*64kB (UME) 92*128kB (UM) 34*256kB (UME) 21*512kB (UME) 9*1024kB (ME) 1*2048kB (E) 289*4096kB (UM) = 1247284kB
[ 1734.379570][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1734.403980][ T1362] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1734.621704][ T1362] Node 1 Normal: 208*4kB (UM) 58*8kB (UME) 63*16kB (UME) 278*32kB (UME) 104*64kB (UME) 22*128kB (UME) 5*256kB (UME) 4*512kB (ME) 2*1024kB (ME) 1*2048kB (U) 948*4096kB (M) = 3911104kB
[ 1734.701464][ T1362] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1734.711378][ T5822] usb 3-1: Using ep0 maxpacket: 32
[ 1734.717063][ T1362] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1734.726868][ T1362] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1734.767739][ T1362] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1734.767881][ T5822] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[ 1734.787241][ T5822] usb 3-1: config 0 has no interface number 0
[ 1734.793836][ T5822] usb 3-1: config 0 interface 2 has no altsetting 0
[ 1734.803996][ T1362] 64710 total pagecache pages
[ 1734.809206][ T1362] 0 pages in swap cache
[ 1734.928323][ T1362] Free swap  = 124996kB
[ 1734.938657][ T5958] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1734.955562][ T1362] Total swap = 124996kB
[ 1734.960718][ T5822] usb 3-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[ 1734.974886][ T5822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1734.980306][ T1362] 2097051 pages RAM
[ 1734.991651][ T1362] 0 pages HighMem/MovableOnly
[ 1734.995471][ T5822] usb 3-1: Product: syz
[ 1735.006015][ T1362] 424113 pages reserved
[ 1735.008209][ T5822] usb 3-1: Manufacturer: syz
[ 1735.037433][ T5822] usb 3-1: SerialNumber: syz
[ 1735.052519][ T1362] 0 pages cma reserved
[ 1735.094762][ T5822] usb 3-1: config 0 descriptor??
[ 1735.420307][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1735.428500][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1735.614014][ T5822] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1735.638687][ T5822] usb 3-1: invalid MIDI out EP 0
[ 1735.764841][ T5822] snd-usb-audio 3-1:0.2: probe with driver snd-usb-audio failed with error -22
[ 1735.817973][ T1397] netlink: 'syz.0.8354': attribute type 10 has an invalid length.
[ 1735.883615][T23760] udevd[23760]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1735.903256][ T5822] usb 3-1: USB disconnect, device number 120
[ 1735.926990][ T1401] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8353'.
[ 1736.483234][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1736.686336][ T5822] usb 4-1: new full-speed USB device number 125 using dummy_hcd
[ 1736.902864][ T5822] usb 4-1: config 0 has an invalid interface number: 128 but max is 0
[ 1736.914418][ T5822] usb 4-1: config 0 has no interface number 0
[ 1736.947457][ T5822] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1736.958568][ T5822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1737.003709][ T5822] usb 4-1: Product: syz
[ 1737.044442][ T5822] usb 4-1: Manufacturer: syz
[ 1737.099322][ T5822] usb 4-1: SerialNumber: syz
[ 1737.119684][ T5822] usb 4-1: config 0 descriptor??
[ 1737.579495][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1738.170946][ T5822] usb 4-1: Firmware version (0.0) predates our first public release.
[ 1738.224700][ T5822] usb 4-1: Please update to version 0.2 or newer
[ 1738.330392][ T5822] usb 4-1: USB disconnect, device number 125
[ 1738.458410][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1738.473450][ T1437] FAULT_INJECTION: forcing a failure.
[ 1738.473450][ T1437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1738.516236][ T1437] CPU: 1 UID: 0 PID: 1437 Comm: syz.0.8362 Not tainted syzkaller #0 PREEMPT(full) 
[ 1738.516264][ T1437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1738.516275][ T1437] Call Trace:
[ 1738.516284][ T1437]  <TASK>
[ 1738.516293][ T1437]  dump_stack_lvl+0x189/0x250
[ 1738.516321][ T1437]  ? __pfx____ratelimit+0x10/0x10
[ 1738.516344][ T1437]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1738.516368][ T1437]  ? __pfx__printk+0x10/0x10
[ 1738.516387][ T1437]  ? __might_fault+0xb0/0x130
[ 1738.516422][ T1437]  should_fail_ex+0x414/0x560
[ 1738.516459][ T1437]  _copy_from_user+0x2d/0xb0
[ 1738.516483][ T1437]  __sys_sendto+0x25c/0x520
[ 1738.516513][ T1437]  ? __pfx___sys_sendto+0x10/0x10
[ 1738.516536][ T1437]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1738.516572][ T1437]  ? __fget_files+0x3a0/0x420
[ 1738.516601][ T1437]  ? ksys_write+0x22a/0x250
[ 1738.516628][ T1437]  ? __pfx_ksys_write+0x10/0x10
[ 1738.516657][ T1437]  __ia32_sys_sendto+0xdd/0x100
[ 1738.516686][ T1437]  __do_fast_syscall_32+0xb6/0x2b0
[ 1738.516717][ T1437]  do_fast_syscall_32+0x34/0x80
[ 1738.516741][ T1437]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1738.516763][ T1437] RIP: 0023:0xf70ad539
[ 1738.516780][ T1437] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1738.516796][ T1437] RSP: 002b:00000000f545b55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1738.516815][ T1437] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[ 1738.516829][ T1437] RDX: 000000000000e90c RSI: 0000000000000000 RDI: 0000000080000540
[ 1738.516841][ T1437] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[ 1738.516853][ T1437] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1738.516864][ T1437] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1738.516893][ T1437]  </TASK>
[ 1738.701851][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1738.856548][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1739.345455][ T1446] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1739.555791][ T1452] netlink: 'syz.3.8366': attribute type 10 has an invalid length.
[ 1739.834623][ T1456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1739.898695][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1739.928005][ T1456] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1740.003225][ T1456] bond1: entered promiscuous mode
[ 1740.010019][ T1456] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1740.158136][ T1025] usb 4-1: new full-speed USB device number 126 using dummy_hcd
[ 1740.313619][ T1025] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1740.324921][ T1025] usb 4-1: config 0 has no interface number 0
[ 1740.348909][ T1025] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1740.365247][ T1025] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1740.392225][ T1025] usb 4-1: config 0 descriptor??
[ 1740.407220][ T1025] usb 4-1: selecting invalid altsetting 1
[ 1740.436918][ T1025] dvb_ttusb_budget: ttusb_init_controller: error
[ 1740.450504][ T1025] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1740.552475][ T1025] DVB: Unable to find symbol cx22700_attach()
[ 1740.721707][ T1473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1740.757330][ T1025] DVB: Unable to find symbol tda10046_attach()
[ 1740.775269][ T1471] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8371'.
[ 1740.795634][ T1473] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1740.813979][ T1025] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1740.952544][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.185186][ T1482] FAULT_INJECTION: forcing a failure.
[ 1741.185186][ T1482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1741.202192][ T1482] CPU: 1 UID: 0 PID: 1482 Comm: syz.2.8374 Not tainted syzkaller #0 PREEMPT(full) 
[ 1741.202215][ T1482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1741.202227][ T1482] Call Trace:
[ 1741.202235][ T1482]  <TASK>
[ 1741.202245][ T1482]  dump_stack_lvl+0x189/0x250
[ 1741.202273][ T1482]  ? __pfx____ratelimit+0x10/0x10
[ 1741.202297][ T1482]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1741.202320][ T1482]  ? __pfx__printk+0x10/0x10
[ 1741.202340][ T1482]  ? __might_fault+0xb0/0x130
[ 1741.202374][ T1482]  should_fail_ex+0x414/0x560
[ 1741.202413][ T1482]  _copy_from_iter+0x1de/0x1790
[ 1741.202438][ T1482]  ? __lock_acquire+0xab9/0xd20
[ 1741.202464][ T1482]  ? __pfx__copy_from_iter+0x10/0x10
[ 1741.202499][ T1482]  tun_get_user+0x219/0x3e90
[ 1741.202538][ T1482]  ? aa_file_perm+0x44d/0x1550
[ 1741.202556][ T1482]  ? __pfx_tun_get_user+0x10/0x10
[ 1741.202575][ T1482]  ? _parse_integer_limit+0x1ae/0x1f0
[ 1741.202610][ T1482]  ? __lock_acquire+0xab9/0xd20
[ 1741.202633][ T1482]  ? ref_tracker_alloc+0x318/0x460
[ 1741.202649][ T1482]  ? __lock_acquire+0xab9/0xd20
[ 1741.202667][ T1482]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1741.202690][ T1482]  ? tun_get+0x1c/0x2f0
[ 1741.202715][ T1482]  ? tun_get+0x1c/0x2f0
[ 1741.202735][ T1482]  ? tun_get+0x1c/0x2f0
[ 1741.202759][ T1482]  tun_chr_write_iter+0x113/0x200
[ 1741.202782][ T1482]  vfs_write+0x5c9/0xb30
[ 1741.202810][ T1482]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1741.202832][ T1482]  ? __pfx_vfs_write+0x10/0x10
[ 1741.202865][ T1482]  ? __fget_files+0x2a/0x420
[ 1741.202890][ T1482]  ksys_write+0x145/0x250
[ 1741.202917][ T1482]  ? __pfx_ksys_write+0x10/0x10
[ 1741.202943][ T1482]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1741.202969][ T1482]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1741.202995][ T1482]  __do_fast_syscall_32+0xb6/0x2b0
[ 1741.203019][ T1482]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1741.203045][ T1482]  do_fast_syscall_32+0x34/0x80
[ 1741.203072][ T1482]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1741.203094][ T1482] RIP: 0023:0xf7f44539
[ 1741.203110][ T1482] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1741.203126][ T1482] RSP: 002b:00000000f53f455c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 1741.203146][ T1482] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000
[ 1741.203159][ T1482] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[ 1741.203170][ T1482] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1741.203181][ T1482] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1741.203192][ T1482] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1741.203219][ T1482]  </TASK>
[ 1741.798368][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1741.988313][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1742.538259][T21299] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[ 1742.829419][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1742.829439][   T30] audit: type=1326 audit(1761520626.451:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1742.859082][T21299] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1742.933150][T21299] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1743.034358][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1743.084547][T21299] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1743.149406][T21299] usb 5-1: Manufacturer: syz
[ 1743.195523][T21299] usb 5-1: config 0 descriptor??
[ 1743.240399][   T30] audit: type=1326 audit(1761520626.451:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1743.510506][ T5822] usb 4-1: USB disconnect, device number 126
[ 1743.598136][T21299] rc_core: IR keymap rc-hauppauge not found
[ 1743.600746][   T30] audit: type=1326 audit(1761520626.451:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1743.617619][T21299] Registered IR keymap rc-empty
[ 1743.690986][T21299] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1743.738576][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1743.743220][   T30] audit: type=1326 audit(1761520626.461:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1743.750698][T21299] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input175
[ 1744.061869][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1744.234898][   T30] audit: type=1326 audit(1761520626.461:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1744.259338][   T30] audit: type=1326 audit(1761520626.461:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=399 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1744.282178][   T30] audit: type=1326 audit(1761520626.461:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1744.589851][ T1519] netlink: 168876 bytes leftover after parsing attributes in process `syz.4.8380'.
[ 1744.618777][   T30] audit: type=1326 audit(1761520626.461:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1744.646165][T21299] usb 5-1: USB disconnect, device number 109
[ 1744.671291][   T30] audit: type=1326 audit(1761520626.461:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=400 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1744.720685][ T1025] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 1744.868153][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1744.888552][   T30] audit: type=1326 audit(1761520626.461:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1492 comm="syz.0.8377" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1744.961431][ T1025] usb 4-1: config 1 has an invalid interface number: 7 but max is 0
[ 1744.981721][ T1025] usb 4-1: config 1 has no interface number 0
[ 1745.035034][ T1025] usb 4-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1745.095003][ T1025] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1745.108471][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1745.108763][ T1025] usb 4-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1745.186784][ T1025] usb 4-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1745.196773][ T1025] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1745.247292][ T1025] usb 4-1: Product: syz
[ 1745.268792][ T1025] usb 4-1: Manufacturer: syz
[ 1745.283044][ T1025] usb 4-1: SerialNumber: syz
[ 1745.301917][ T1508] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1745.514481][ T1506] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1745.658440][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1745.881598][ T1536] netlink: 'syz.0.8387': attribute type 10 has an invalid length.
[ 1745.907846][ T1536] bond0: (slave dummy0): Releasing backup interface
[ 1745.923806][ T1536] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1745.937688][ T1540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8386'.
[ 1745.947392][ T1536] team0: Failed to send options change via netlink (err -105)
[ 1746.027741][ T1536] team0: Port device dummy0 added
[ 1746.042860][ T1025] sierra_net 4-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.3-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:19:07
[ 1746.141480][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1746.587682][ T1506] input: syz0 as /devices/virtual/input/input176
[ 1746.657909][ T1025] sierra_net 4-1:1.7 wwan0: Submit SYNC failed -71
[ 1746.672264][ T1025] sierra_net 4-1:1.7 wwan0: Send SYNC failed, status -71
[ 1746.689871][ T1025] usb 4-1: USB disconnect, device number 127
[ 1746.714602][ T1025] sierra_net 4-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.3-1, Sierra Wireless USB-to-WWAN Modem
[ 1746.940918][ T1025] sierra_net 4-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19
[ 1747.139864][ T1555] FAULT_INJECTION: forcing a failure.
[ 1747.139864][ T1555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1747.163777][ T1555] CPU: 1 UID: 0 PID: 1555 Comm: syz.1.8390 Not tainted syzkaller #0 PREEMPT(full) 
[ 1747.163804][ T1555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1747.163816][ T1555] Call Trace:
[ 1747.163825][ T1555]  <TASK>
[ 1747.163834][ T1555]  dump_stack_lvl+0x189/0x250
[ 1747.163862][ T1555]  ? __pfx____ratelimit+0x10/0x10
[ 1747.163885][ T1555]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1747.163909][ T1555]  ? __pfx__printk+0x10/0x10
[ 1747.163928][ T1555]  ? __might_fault+0xb0/0x130
[ 1747.163963][ T1555]  should_fail_ex+0x414/0x560
[ 1747.164008][ T1555]  _copy_from_user+0x2d/0xb0
[ 1747.164032][ T1555]  __sys_bind+0x199/0x3e0
[ 1747.164059][ T1555]  ? __pfx___sys_bind+0x10/0x10
[ 1747.164094][ T1555]  ? __pfx_ksys_write+0x10/0x10
[ 1747.164126][ T1555]  __ia32_sys_bind+0x7a/0x90
[ 1747.164152][ T1555]  __do_fast_syscall_32+0xb6/0x2b0
[ 1747.164176][ T1555]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1747.164202][ T1555]  do_fast_syscall_32+0x34/0x80
[ 1747.164226][ T1555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1747.164247][ T1555] RIP: 0023:0xf706d539
[ 1747.164263][ T1555] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1747.164279][ T1555] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000169
[ 1747.164299][ T1555] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800024c0
[ 1747.164313][ T1555] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[ 1747.164329][ T1555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1747.164340][ T1555] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1747.164352][ T1555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1747.164379][ T1555]  </TASK>
[ 1747.352781][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1747.578413][ T1025] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1747.770254][ T1025] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 219, changing to 11
[ 1748.024556][ T1025] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8968, setting to 1024
[ 1748.088563][ T1025] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1748.112124][ T1025] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1748.150284][ T1025] usb 1-1: config 0 descriptor??
[ 1748.370891][ T1025] usbhid 1-1:0.0: can't add hid device: -71
[ 1748.376973][ T1025] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1748.379045][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1748.406020][ T1025] usb 1-1: USB disconnect, device number 2
[ 1748.698461][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1748.821004][ T1581] netlink: 168876 bytes leftover after parsing attributes in process `syz.3.8396'.
[ 1748.846148][ T1580] netlink: 'syz.1.8398': attribute type 10 has an invalid length.
[ 1748.856129][ T1580] bond0: (slave dummy0): Releasing backup interface
[ 1748.873235][ T1580] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1748.900984][ T1580] team0: Failed to send options change via netlink (err -105)
[ 1748.911847][ T1580] team0: Port device dummy0 added
[ 1749.018645][ T1025] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1749.030339][ T1587] binder: BINDER_SET_CONTEXT_MGR already set
[ 1749.107182][ T1587] binder: 1586:1587 ioctl 4018620d 80000040 returned -16
[ 1749.132191][ T1590] FAULT_INJECTION: forcing a failure.
[ 1749.132191][ T1590] name failslab, interval 1, probability 0, space 0, times 0
[ 1749.148752][ T1590] CPU: 1 UID: 0 PID: 1590 Comm: syz.1.8402 Not tainted syzkaller #0 PREEMPT(full) 
[ 1749.148778][ T1590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1749.148789][ T1590] Call Trace:
[ 1749.148797][ T1590]  <TASK>
[ 1749.148806][ T1590]  dump_stack_lvl+0x189/0x250
[ 1749.148836][ T1590]  ? __pfx____ratelimit+0x10/0x10
[ 1749.148857][ T1590]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1749.148878][ T1590]  ? __pfx__printk+0x10/0x10
[ 1749.148902][ T1590]  ? __pfx___might_resched+0x10/0x10
[ 1749.148934][ T1590]  should_fail_ex+0x414/0x560
[ 1749.148965][ T1590]  should_failslab+0xa8/0x100
[ 1749.148985][ T1590]  kmem_cache_alloc_noprof+0x74/0x6e0
[ 1749.149008][ T1590]  ? ksys_write+0x22a/0x250
[ 1749.149030][ T1590]  ? exc_page_fault+0x82/0x100
[ 1749.149050][ T1590]  ? getname_flags+0xb8/0x540
[ 1749.149069][ T1590]  getname_flags+0xb8/0x540
[ 1749.149085][ T1590]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1749.149110][ T1590]  __ia32_sys_symlink+0x5c/0x90
[ 1749.149135][ T1590]  __do_fast_syscall_32+0xb6/0x2b0
[ 1749.149159][ T1590]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1749.149184][ T1590]  do_fast_syscall_32+0x34/0x80
[ 1749.149206][ T1590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1749.149226][ T1590] RIP: 0023:0xf706d539
[ 1749.149251][ T1590] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1749.149265][ T1590] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000053
[ 1749.149284][ T1590] RAX: ffffffffffffffda RBX: 0000000080002040 RCX: 0000000080000000
[ 1749.149296][ T1590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1749.149306][ T1590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1749.149317][ T1590] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1749.149327][ T1590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1749.149352][ T1590]  </TASK>
[ 1749.355856][ T1025] usb 1-1: Using ep0 maxpacket: 32
[ 1749.455407][ T1025] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 219, changing to 11
[ 1749.470864][ T1025] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8968, setting to 1024
[ 1749.513445][ T1025] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1749.523028][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1749.531482][ T1025] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1749.584541][    T9] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[ 1749.649868][ T1025] usb 1-1: config 0 descriptor??
[ 1749.666955][ T1025] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1749.692735][ T1025] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1749.764050][    T9] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[ 1749.781557][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1749.800529][    T9] usb 5-1: Product: syz
[ 1749.811081][    T9] usb 5-1: Manufacturer: syz
[ 1749.815779][    T9] usb 5-1: SerialNumber: syz
[ 1749.930160][ T1600] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8404'.
[ 1750.330207][ T5880] usb 1-1: USB disconnect, device number 3
[ 1750.408875][ T5880] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[ 1750.461943][    T9] rtl8150 5-1:1.0: couldn't reset the device
[ 1750.478493][    T9] rtl8150 5-1:1.0: probe with driver rtl8150 failed with error -5
[ 1750.523433][    T9] usb 5-1: USB disconnect, device number 110
[ 1750.557151][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1751.609513][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1751.738291][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1751.828990][ T1634] netlink: 'syz.0.8412': attribute type 10 has an invalid length.
[ 1752.097222][ T1622] tipc: Started in network mode
[ 1752.102293][ T1622] tipc: Node identity , cluster identity 4711
[ 1752.109047][ T1622] tipc: Failed to set node id, please configure manually
[ 1752.116718][ T1622] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1752.618501][ T1641] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 1752.626037][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1752.722951][ T1643] netlink: 168876 bytes leftover after parsing attributes in process `syz.1.8415'.
[ 1752.977882][ T1651] veth1_to_bond: entered allmulticast mode
[ 1752.987044][ T1651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8418'.
[ 1752.998130][ T1025] usb 3-1: new full-speed USB device number 121 using dummy_hcd
[ 1753.085030][ T1651] bond0: (slave bond_slave_1): Releasing backup interface
[ 1753.145634][ T1651] veth1_to_bond (unregistering): left allmulticast mode
[ 1753.264466][ T5880] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1753.288720][ T1025] usb 3-1: config 0 has an invalid interface number: 128 but max is 0
[ 1753.300893][ T1025] usb 3-1: config 0 has no interface number 0
[ 1753.319631][ T1025] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1753.328978][ T1025] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1753.340550][ T1025] usb 3-1: Product: syz
[ 1753.345587][ T1025] usb 3-1: Manufacturer: syz
[ 1753.351567][T21299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1753.359874][ T1025] usb 3-1: SerialNumber: syz
[ 1753.378420][ T1662] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[ 1753.386586][ T1025] usb 3-1: config 0 descriptor??
[ 1753.470095][ T5880] usb 1-1: Using ep0 maxpacket: 16
[ 1753.481181][ T5880] usb 1-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice= 6.8a
[ 1753.528070][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1753.546913][ T5880] usb 1-1: Product: syz
[ 1753.551632][ T5880] usb 1-1: Manufacturer: syz
[ 1753.556259][ T5880] usb 1-1: SerialNumber: syz
[ 1753.579063][ T5880] usb 1-1: config 0 descriptor??
[ 1753.591585][ T5880] mcba_usb 1-1:0.0: Can't find endpoints
[ 1753.631682][ T1671] netlink: 'syz.3.8425': attribute type 10 has an invalid length.
[ 1753.671391][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1753.687754][ T1671] bond0: (slave dummy0): Releasing backup interface
[ 1753.712087][ T1671] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1753.721144][ T1671] team0: Failed to send options change via netlink (err -105)
[ 1753.905212][ T1671] team0: Port device dummy0 added
[ 1753.938427][ T1657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1753.957427][ T1657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1753.982626][ T1657] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1753.991456][ T1657] tipc: Resetting bearer <eth:syzkaller0>
[ 1754.003981][    T9] usb 1-1: USB disconnect, device number 4
[ 1754.263675][ T1655] tipc: Disabling bearer <eth:syzkaller0>
[ 1754.353816][ T1679] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8426'.
[ 1754.701971][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1754.778506][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1754.949701][ T1025] usb 3-1: Firmware version (0.0) predates our first public release.
[ 1754.957919][ T1025] usb 3-1: Please update to version 0.2 or newer
[ 1755.163352][ T1695] FAULT_INJECTION: forcing a failure.
[ 1755.163352][ T1695] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1755.239035][ T1695] CPU: 1 UID: 0 PID: 1695 Comm: syz.1.8430 Not tainted syzkaller #0 PREEMPT(full) 
[ 1755.239084][ T1695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1755.239121][ T1695] Call Trace:
[ 1755.239129][ T1695]  <TASK>
[ 1755.239137][ T1695]  dump_stack_lvl+0x189/0x250
[ 1755.239166][ T1695]  ? __pfx____ratelimit+0x10/0x10
[ 1755.239195][ T1695]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1755.239218][ T1695]  ? __pfx__printk+0x10/0x10
[ 1755.239237][ T1695]  ? __might_fault+0xb0/0x130
[ 1755.239271][ T1695]  should_fail_ex+0x414/0x560
[ 1755.239300][ T1695]  _copy_from_user+0x2d/0xb0
[ 1755.239323][ T1695]  get_compat_msghdr+0xad/0x4a0
[ 1755.239348][ T1695]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1755.239378][ T1695]  ___sys_sendmsg+0x193/0x2a0
[ 1755.239401][ T1695]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1755.239450][ T1695]  ? __fget_files+0x2a/0x420
[ 1755.239467][ T1695]  ? __fget_files+0x3a0/0x420
[ 1755.239493][ T1695]  __sys_sendmsg+0x164/0x220
[ 1755.239514][ T1695]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1755.239540][ T1695]  ? __pfx_ksys_write+0x10/0x10
[ 1755.239565][ T1695]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1755.239590][ T1695]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1755.239616][ T1695]  __do_fast_syscall_32+0xb6/0x2b0
[ 1755.239640][ T1695]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1755.239666][ T1695]  do_fast_syscall_32+0x34/0x80
[ 1755.239689][ T1695]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1755.239711][ T1695] RIP: 0023:0xf706d539
[ 1755.239727][ T1695] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1755.239743][ T1695] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1755.239763][ T1695] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[ 1755.239776][ T1695] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1755.239788][ T1695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1755.239800][ T1695] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1755.239812][ T1695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1755.239840][ T1695]  </TASK>
[ 1755.270409][ T1691] netlink: 168876 bytes leftover after parsing attributes in process `syz.4.8429'.
[ 1755.289556][ T1701] netlink: 'syz.0.8433': attribute type 25 has an invalid length.
[ 1755.528180][ T5880] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1755.552151][ T1705] binder: BINDER_SET_CONTEXT_MGR already set
[ 1755.566239][ T1705] binder: 1704:1705 ioctl 4018620d 80000040 returned -16
[ 1755.593555][ T1705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1755.606000][ T1705] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1755.736535][ T1713] netlink: 88 bytes leftover after parsing attributes in process `syz.3.8437'.
[ 1755.758707][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1755.769926][ T5880] usb 1-1: Using ep0 maxpacket: 16
[ 1755.789089][ T5880] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1755.800422][ T5880] usb 1-1: config 13 has an invalid interface number: 50 but max is 0
[ 1755.808857][ T5880] usb 1-1: config 13 has no interface number 0
[ 1755.859530][ T5880] usb 1-1: config 13 interface 50 altsetting 167 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1755.909705][ T5880] usb 1-1: config 13 interface 50 has no altsetting 0
[ 1755.932190][ T5880] usb 1-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[ 1755.955806][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1755.976144][ T5880] usb 1-1: Product: syz
[ 1755.996102][ T5880] usb 1-1: Manufacturer: syz
[ 1756.006648][ T5880] usb 1-1: SerialNumber: syz
[ 1756.118163][ T5958] usb 5-1: new full-speed USB device number 111 using dummy_hcd
[ 1756.280738][ T5880] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1756.287898][ T5880] usb 1-1: MIDIStreaming interface descriptor not found
[ 1756.305690][ T5958] usb 5-1: config 0 has an invalid interface number: 128 but max is 0
[ 1756.314011][ T5958] usb 5-1: config 0 has no interface number 0
[ 1756.336932][ T5958] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1756.358156][ T5880] usb 1-1: USB disconnect, device number 5
[ 1756.370463][ T5958] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1756.379330][ T5958] usb 5-1: Product: syz
[ 1756.383515][ T5958] usb 5-1: Manufacturer: syz
[ 1756.388698][ T5958] usb 5-1: SerialNumber: syz
[ 1756.412692][ T5958] usb 5-1: config 0 descriptor??
[ 1756.522287][ T1721] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 1756.613241][T24833] udevd[24833]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:13.50/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1756.788249][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1757.268496][ T1729] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[ 1757.841441][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1757.890277][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1757.909809][ T5958] usb 5-1: Firmware version (0.0) predates our first public release.
[ 1757.918376][ T5958] usb 5-1: Please update to version 0.2 or newer
[ 1758.451156][ T1757] netlink: 168876 bytes leftover after parsing attributes in process `syz.1.8448'.
[ 1758.818206][ T1765] FAULT_INJECTION: forcing a failure.
[ 1758.818206][ T1765] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1758.835886][ T1765] CPU: 1 UID: 0 PID: 1765 Comm: syz.4.8449 Not tainted syzkaller #0 PREEMPT(full) 
[ 1758.835904][ T1765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1758.835911][ T1765] Call Trace:
[ 1758.835916][ T1765]  <TASK>
[ 1758.835923][ T1765]  dump_stack_lvl+0x189/0x250
[ 1758.835942][ T1765]  ? __pfx____ratelimit+0x10/0x10
[ 1758.835958][ T1765]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1758.835971][ T1765]  ? __pfx__printk+0x10/0x10
[ 1758.835988][ T1765]  should_fail_ex+0x414/0x560
[ 1758.836006][ T1765]  _copy_to_user+0x31/0xb0
[ 1758.836021][ T1765]  simple_read_from_buffer+0xe1/0x170
[ 1758.836039][ T1765]  proc_fail_nth_read+0x1b3/0x220
[ 1758.836054][ T1765]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1758.836068][ T1765]  ? rw_verify_area+0x2a6/0x4d0
[ 1758.836081][ T1765]  ? __lock_acquire+0xab9/0xd20
[ 1758.836090][ T1765]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1758.836104][ T1765]  vfs_read+0x200/0xa30
[ 1758.836117][ T1765]  ? fdget_pos+0x247/0x320
[ 1758.836129][ T1765]  ? __pfx___mutex_lock+0x10/0x10
[ 1758.836143][ T1765]  ? __pfx_vfs_read+0x10/0x10
[ 1758.836157][ T1765]  ? __fget_files+0x2a/0x420
[ 1758.836174][ T1765]  ? __fget_files+0x3a0/0x420
[ 1758.836182][ T1765]  ? __fget_files+0x2a/0x420
[ 1758.836196][ T1765]  ksys_read+0x145/0x250
[ 1758.836211][ T1765]  ? __pfx_ksys_read+0x10/0x10
[ 1758.836225][ T1765]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1758.836240][ T1765]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1758.836255][ T1765]  __do_fast_syscall_32+0xb6/0x2b0
[ 1758.836269][ T1765]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1758.836283][ T1765]  do_fast_syscall_32+0x34/0x80
[ 1758.836296][ T1765]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1758.836309][ T1765] RIP: 0023:0xf709d539
[ 1758.836319][ T1765] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1758.836329][ T1765] RSP: 002b:00000000f546c590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 1758.836341][ T1765] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f546c620
[ 1758.836348][ T1765] RDX: 000000000000000f RSI: 00000000f7435ff4 RDI: 0000000000000000
[ 1758.836354][ T1765] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1758.836360][ T1765] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1758.836366][ T1765] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1758.836381][ T1765]  </TASK>
[ 1759.146263][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1759.908336][ T1025] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[ 1759.985282][ T1786] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8457'.
[ 1760.087007][ T1025] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 1760.103949][ T1025] usb 1-1: config 0 has no interface number 0
[ 1760.114404][ T1025] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1760.125206][ T1025] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1760.150757][ T1025] usb 1-1: Product: syz
[ 1760.155231][ T1025] usb 1-1: Manufacturer: syz
[ 1760.160156][ T1025] usb 1-1: SerialNumber: syz
[ 1760.179495][ T1025] usb 1-1: config 0 descriptor??
[ 1760.211111][ T5958] IPVS: starting estimator thread 0...
[ 1760.225918][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1760.276384][   T30] kauditd_printk_skb: 25 callbacks suppressed
[ 1760.276402][   T30] audit: type=1326 audit(1761520643.961:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1771 comm="syz.4.8454" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709d539 code=0x0
[ 1760.323679][ T1794] FAULT_INJECTION: forcing a failure.
[ 1760.323679][ T1794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1760.347173][ T1794] CPU: 0 UID: 0 PID: 1794 Comm: syz.2.8458 Not tainted syzkaller #0 PREEMPT(full) 
[ 1760.347191][ T1794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1760.347198][ T1794] Call Trace:
[ 1760.347202][ T1794]  <TASK>
[ 1760.347207][ T1794]  dump_stack_lvl+0x189/0x250
[ 1760.347226][ T1794]  ? __pfx____ratelimit+0x10/0x10
[ 1760.347239][ T1794]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1760.347252][ T1794]  ? __pfx__printk+0x10/0x10
[ 1760.347263][ T1794]  ? __might_fault+0xb0/0x130
[ 1760.347282][ T1794]  should_fail_ex+0x414/0x560
[ 1760.347300][ T1794]  _copy_from_user+0x2d/0xb0
[ 1760.347313][ T1794]  get_compat_msghdr+0xad/0x4a0
[ 1760.347327][ T1794]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1760.347343][ T1794]  ___sys_sendmsg+0x193/0x2a0
[ 1760.347356][ T1794]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1760.347367][ T1794]  ? __lock_acquire+0xab9/0xd20
[ 1760.347392][ T1794]  ? __fget_files+0x2a/0x420
[ 1760.347402][ T1794]  ? __fget_files+0x3a0/0x420
[ 1760.347416][ T1794]  __sys_sendmmsg+0x28e/0x430
[ 1760.347429][ T1794]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1760.347438][ T1794]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1760.347465][ T1794]  ? ksys_write+0x22a/0x250
[ 1760.347478][ T1794]  ? exc_page_fault+0x82/0x100
[ 1760.347490][ T1794]  ? __pfx_ksys_write+0x10/0x10
[ 1760.347506][ T1794]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1760.347518][ T1794]  __do_fast_syscall_32+0xb6/0x2b0
[ 1760.347532][ T1794]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1760.347546][ T1794]  do_fast_syscall_32+0x34/0x80
[ 1760.347560][ T1794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1760.347572][ T1794] RIP: 0023:0xf7f44539
[ 1760.347581][ T1794] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1760.347591][ T1794] RSP: 002b:00000000f543655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1760.347603][ T1794] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800092c0
[ 1760.347610][ T1794] RDX: 00000000000004ff RSI: 0000000000000000 RDI: 0000000000000000
[ 1760.347616][ T1794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1760.347622][ T1794] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1760.347628][ T1794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1760.347642][ T1794]  </TASK>
[ 1760.628900][ T1791] IPVS: using max 27 ests per chain, 64800 per kthread
[ 1760.868337][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1761.083078][ T1804] FAULT_INJECTION: forcing a failure.
[ 1761.083078][ T1804] name failslab, interval 1, probability 0, space 0, times 0
[ 1761.097324][ T1805] FAULT_INJECTION: forcing a failure.
[ 1761.097324][ T1805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1761.112748][ T1804] CPU: 0 UID: 0 PID: 1804 Comm: syz.1.8465 Not tainted syzkaller #0 PREEMPT(full) 
[ 1761.112776][ T1804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1761.112787][ T1804] Call Trace:
[ 1761.112795][ T1804]  <TASK>
[ 1761.112806][ T1804]  dump_stack_lvl+0x189/0x250
[ 1761.112834][ T1804]  ? __pfx____ratelimit+0x10/0x10
[ 1761.112857][ T1804]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1761.112880][ T1804]  ? __pfx__printk+0x10/0x10
[ 1761.112905][ T1804]  ? __pfx___might_resched+0x10/0x10
[ 1761.112929][ T1804]  ? fs_reclaim_acquire+0x7d/0x100
[ 1761.112960][ T1804]  should_fail_ex+0x414/0x560
[ 1761.112990][ T1804]  should_failslab+0xa8/0x100
[ 1761.113010][ T1804]  __kvmalloc_node_noprof+0x158/0x910
[ 1761.113037][ T1804]  ? traverse+0xde/0x580
[ 1761.113064][ T1804]  traverse+0xde/0x580
[ 1761.113088][ T1804]  ? aa_file_perm+0x13a/0x1550
[ 1761.113107][ T1804]  ? aa_file_perm+0x13a/0x1550
[ 1761.113127][ T1804]  seq_read_iter+0xd08/0xe20
[ 1761.113158][ T1804]  ? __asan_memset+0x22/0x50
[ 1761.113187][ T1804]  seq_read+0x369/0x480
[ 1761.113206][ T1804]  ? __lock_acquire+0xab9/0xd20
[ 1761.113232][ T1804]  ? __pfx_seq_read+0x10/0x10
[ 1761.113271][ T1804]  ? __pfx_seq_read+0x10/0x10
[ 1761.113290][ T1804]  proc_reg_read+0x1e9/0x2e0
[ 1761.113319][ T1804]  vfs_readv+0x5aa/0x850
[ 1761.113340][ T1804]  ? __pfx_proc_reg_read+0x10/0x10
[ 1761.113365][ T1804]  ? __pfx_vfs_readv+0x10/0x10
[ 1761.113399][ T1804]  ? __fget_files+0x2a/0x420
[ 1761.113420][ T1804]  ? __fget_files+0x3a0/0x420
[ 1761.113436][ T1804]  ? __fget_files+0x2a/0x420
[ 1761.113461][ T1804]  __ia32_compat_sys_preadv+0x1bf/0x2c0
[ 1761.113483][ T1804]  ? __pfx___ia32_compat_sys_preadv+0x10/0x10
[ 1761.113504][ T1804]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1761.113530][ T1804]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1761.113555][ T1804]  __do_fast_syscall_32+0xb6/0x2b0
[ 1761.113586][ T1804]  do_fast_syscall_32+0x34/0x80
[ 1761.113609][ T1804]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1761.113629][ T1804] RIP: 0023:0xf706d539
[ 1761.113645][ T1804] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1761.113661][ T1804] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 000000000000014d
[ 1761.113681][ T1804] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000980
[ 1761.113695][ T1804] RDX: 0000000000000001 RSI: 0000000000000182 RDI: 0000000000000000
[ 1761.113706][ T1804] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1761.113718][ T1804] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1761.113729][ T1804] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1761.113759][ T1804]  </TASK>
[ 1761.113992][ T1805] CPU: 0 UID: 0 PID: 1805 Comm: syz.3.8462 Not tainted syzkaller #0 PREEMPT(full) 
[ 1761.114013][ T1805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1761.114023][ T1805] Call Trace:
[ 1761.114031][ T1805]  <TASK>
[ 1761.114039][ T1805]  dump_stack_lvl+0x189/0x250
[ 1761.114066][ T1805]  ? __pfx____ratelimit+0x10/0x10
[ 1761.114084][ T1805]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1761.114105][ T1805]  ? __pfx__printk+0x10/0x10
[ 1761.114124][ T1805]  ? __might_fault+0xb0/0x130
[ 1761.114155][ T1805]  should_fail_ex+0x414/0x560
[ 1761.114184][ T1805]  _copy_from_user+0x2d/0xb0
[ 1761.114205][ T1805]  get_compat_msghdr+0xad/0x4a0
[ 1761.114230][ T1805]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1761.114259][ T1805]  ___sys_sendmsg+0x193/0x2a0
[ 1761.114281][ T1805]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1761.114333][ T1805]  ? __fget_files+0x2a/0x420
[ 1761.114349][ T1805]  ? __fget_files+0x3a0/0x420
[ 1761.114376][ T1805]  __sys_sendmsg+0x164/0x220
[ 1761.114397][ T1805]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1761.114424][ T1805]  ? __pfx_ksys_write+0x10/0x10
[ 1761.114450][ T1805]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1761.114475][ T1805]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1761.114500][ T1805]  __do_fast_syscall_32+0xb6/0x2b0
[ 1761.114524][ T1805]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1761.114549][ T1805]  do_fast_syscall_32+0x34/0x80
[ 1761.114572][ T1805]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1761.114593][ T1805] RIP: 0023:0xf7fc2539
[ 1761.114609][ T1805] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1761.114624][ T1805] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1761.114643][ T1805] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000340
[ 1761.114656][ T1805] RDX: 00000000052dacb4 RSI: 0000000000000000 RDI: 0000000000000000
[ 1761.114667][ T1805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1761.114677][ T1805] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1761.114689][ T1805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1761.114716][ T1805]  </TASK>
[ 1761.593295][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1761.616192][ T1807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1761.625123][ T1807] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1761.815432][ T1815] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1761.827612][ T1815] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1761.853212][ T1815] syzkaller0: entered promiscuous mode
[ 1761.859191][ T1815] syzkaller0: entered allmulticast mode
[ 1761.898972][ T1025] usb 1-1: Firmware version (0.0) predates our first public release.
[ 1761.907083][ T1025] usb 1-1: Please update to version 0.2 or newer
[ 1762.176222][ T1824] netlink: 168876 bytes leftover after parsing attributes in process `syz.3.8467'.
[ 1762.203238][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880337b5000: rx timeout, send abort
[ 1762.525536][ T1833] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8470'.
[ 1762.619475][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1762.711535][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880337b5000: abort rx timeout. Force session deactivation
[ 1762.765196][ T1838] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[ 1762.940056][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1763.116384][ T1847] FAULT_INJECTION: forcing a failure.
[ 1763.116384][ T1847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1763.185622][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880337b4000: rx timeout, send abort
[ 1763.512784][ T1847] CPU: 0 UID: 0 PID: 1847 Comm: syz.3.8475 Not tainted syzkaller #0 PREEMPT(full) 
[ 1763.512804][ T1847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1763.512814][ T1847] Call Trace:
[ 1763.512821][ T1847]  <TASK>
[ 1763.512830][ T1847]  dump_stack_lvl+0x189/0x250
[ 1763.512856][ T1847]  ? __pfx____ratelimit+0x10/0x10
[ 1763.512877][ T1847]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1763.512898][ T1847]  ? __pfx__printk+0x10/0x10
[ 1763.512916][ T1847]  ? __might_fault+0xb0/0x130
[ 1763.512946][ T1847]  should_fail_ex+0x414/0x560
[ 1763.512975][ T1847]  _copy_from_user+0x2d/0xb0
[ 1763.512998][ T1847]  get_compat_msghdr+0xad/0x4a0
[ 1763.513023][ T1847]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1763.513053][ T1847]  ___sys_sendmsg+0x193/0x2a0
[ 1763.513074][ T1847]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1763.513126][ T1847]  ? __fget_files+0x2a/0x420
[ 1763.513143][ T1847]  ? __fget_files+0x3a0/0x420
[ 1763.513166][ T1847]  __sys_sendmsg+0x164/0x220
[ 1763.513186][ T1847]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1763.513210][ T1847]  ? __pfx_ksys_write+0x10/0x10
[ 1763.513237][ T1847]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1763.513259][ T1847]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1763.513281][ T1847]  __do_fast_syscall_32+0xb6/0x2b0
[ 1763.513304][ T1847]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1763.513328][ T1847]  do_fast_syscall_32+0x34/0x80
[ 1763.513350][ T1847]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1763.513369][ T1847] RIP: 0023:0xf7fc2539
[ 1763.513384][ T1847] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1763.513399][ T1847] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1763.513418][ T1847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[ 1763.513431][ T1847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1763.513441][ T1847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1763.513450][ T1847] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1763.513459][ T1847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1763.513486][ T1847]  </TASK>
[ 1763.693932][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880337b4000: abort rx timeout. Force session deactivation
[ 1763.739442][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1763.908963][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1763.959817][ T1860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1763.974170][ T1860] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1764.651218][ T1871] netlink: 168876 bytes leftover after parsing attributes in process `syz.3.8482'.
[ 1764.781946][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1765.845057][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1766.060405][ T1878] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1766.267020][ T1897] FAULT_INJECTION: forcing a failure.
[ 1766.267020][ T1897] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1766.280396][ T1897] CPU: 1 UID: 0 PID: 1897 Comm: syz.1.8490 Not tainted syzkaller #0 PREEMPT(full) 
[ 1766.280412][ T1897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1766.280419][ T1897] Call Trace:
[ 1766.280424][ T1897]  <TASK>
[ 1766.280429][ T1897]  dump_stack_lvl+0x189/0x250
[ 1766.280447][ T1897]  ? __pfx____ratelimit+0x10/0x10
[ 1766.280460][ T1897]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1766.280473][ T1897]  ? __pfx__printk+0x10/0x10
[ 1766.280483][ T1897]  ? __might_fault+0xb0/0x130
[ 1766.280502][ T1897]  should_fail_ex+0x414/0x560
[ 1766.280520][ T1897]  _copy_from_user+0x2d/0xb0
[ 1766.280534][ T1897]  get_compat_msghdr+0xad/0x4a0
[ 1766.280548][ T1897]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1766.280565][ T1897]  ___sys_sendmsg+0x193/0x2a0
[ 1766.280577][ T1897]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1766.280595][ T1897]  ? __lock_acquire+0xab9/0xd20
[ 1766.280621][ T1897]  ? __fget_files+0x2a/0x420
[ 1766.280631][ T1897]  ? __fget_files+0x3a0/0x420
[ 1766.280645][ T1897]  __sys_sendmmsg+0x28e/0x430
[ 1766.280659][ T1897]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1766.280667][ T1897]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1766.280694][ T1897]  ? ksys_write+0x22a/0x250
[ 1766.280707][ T1897]  ? exc_page_fault+0x82/0x100
[ 1766.280719][ T1897]  ? __pfx_ksys_write+0x10/0x10
[ 1766.280736][ T1897]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1766.280748][ T1897]  __do_fast_syscall_32+0xb6/0x2b0
[ 1766.280762][ T1897]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1766.280777][ T1897]  do_fast_syscall_32+0x34/0x80
[ 1766.280790][ T1897]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1766.280802][ T1897] RIP: 0023:0xf706d539
[ 1766.280812][ T1897] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1766.280821][ T1897] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1766.280833][ T1897] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004380
[ 1766.280840][ T1897] RDX: 0000000000034000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1766.280846][ T1897] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1766.280852][ T1897] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1766.280858][ T1897] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1766.280872][ T1897]  </TASK>
[ 1766.744130][ T1900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8491'.
[ 1766.869513][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1766.922178][ T1906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1766.995442][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1767.048199][ T1908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1767.088297][ T1906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1767.113684][ T1915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8493'.
[ 1767.153669][ T5912] syz_tun: tun_net_xmit 90
[ 1767.173037][ T1908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1767.184757][ T1916] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1767.204541][ T1906] netlink: 56 bytes leftover after parsing attributes in process `syz.2.8492'.
[ 1767.215512][ T1916] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1767.318373][ T5894] syz_tun: tun_net_xmit 90
[ 1767.412371][ T1906] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1767.919534][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1767.928270][ T5912] syz_tun: tun_net_xmit 90
[ 1768.123533][ T5912] syz_tun: tun_net_xmit 90
[ 1768.660282][ T1938] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8500'.
[ 1768.858591][ T1949] FAULT_INJECTION: forcing a failure.
[ 1768.858591][ T1949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1768.873054][ T1949] CPU: 0 UID: 0 PID: 1949 Comm: syz.3.8504 Not tainted syzkaller #0 PREEMPT(full) 
[ 1768.873076][ T1949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1768.873087][ T1949] Call Trace:
[ 1768.873094][ T1949]  <TASK>
[ 1768.873102][ T1949]  dump_stack_lvl+0x189/0x250
[ 1768.873129][ T1949]  ? __pfx____ratelimit+0x10/0x10
[ 1768.873152][ T1949]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1768.873175][ T1949]  ? __pfx__printk+0x10/0x10
[ 1768.873194][ T1949]  ? __might_fault+0xb0/0x130
[ 1768.873228][ T1949]  should_fail_ex+0x414/0x560
[ 1768.873259][ T1949]  _copy_from_user+0x2d/0xb0
[ 1768.873282][ T1949]  get_compat_msghdr+0xad/0x4a0
[ 1768.873307][ T1949]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1768.873338][ T1949]  ___sys_sendmsg+0x193/0x2a0
[ 1768.873361][ T1949]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1768.873419][ T1949]  ? __fget_files+0x2a/0x420
[ 1768.873436][ T1949]  ? __fget_files+0x3a0/0x420
[ 1768.873464][ T1949]  __sys_sendmsg+0x164/0x220
[ 1768.873485][ T1949]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1768.873512][ T1949]  ? __pfx_ksys_write+0x10/0x10
[ 1768.873539][ T1949]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1768.873565][ T1949]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1768.873590][ T1949]  __do_fast_syscall_32+0xb6/0x2b0
[ 1768.873614][ T1949]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1768.873641][ T1949]  do_fast_syscall_32+0x34/0x80
[ 1768.873664][ T1949]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1768.873685][ T1949] RIP: 0023:0xf7fc2539
[ 1768.873701][ T1949] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1768.873717][ T1949] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1768.873737][ T1949] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001080
[ 1768.873749][ T1949] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1768.873760][ T1949] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1768.873770][ T1949] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1768.873781][ T1949] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1768.873810][ T1949]  </TASK>
[ 1769.093260][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1769.649558][ T1959] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1769.665481][ T1959] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1769.893421][ T1967] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8510'.
[ 1770.058410][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1770.143402][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1771.143098][ T1984] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8515'.
[ 1771.173668][ T1983] FAULT_INJECTION: forcing a failure.
[ 1771.173668][ T1983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1771.187290][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1771.212774][ T1983] CPU: 1 UID: 0 PID: 1983 Comm: syz.1.8516 Not tainted syzkaller #0 PREEMPT(full) 
[ 1771.212797][ T1983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1771.212804][ T1983] Call Trace:
[ 1771.212810][ T1983]  <TASK>
[ 1771.212815][ T1983]  dump_stack_lvl+0x189/0x250
[ 1771.212834][ T1983]  ? __pfx____ratelimit+0x10/0x10
[ 1771.212848][ T1983]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1771.212861][ T1983]  ? __pfx__printk+0x10/0x10
[ 1771.212872][ T1983]  ? __might_fault+0xb0/0x130
[ 1771.212892][ T1983]  should_fail_ex+0x414/0x560
[ 1771.212910][ T1983]  _copy_from_user+0x2d/0xb0
[ 1771.212926][ T1983]  kstrtouint_from_user+0xc4/0x170
[ 1771.212939][ T1983]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1771.212955][ T1983]  ? proc_loginuid_write+0xe7/0x500
[ 1771.212968][ T1983]  ? proc_loginuid_write+0xe7/0x500
[ 1771.212980][ T1983]  proc_loginuid_write+0x3dc/0x500
[ 1771.212994][ T1983]  ? __pfx_proc_loginuid_write+0x10/0x10
[ 1771.213012][ T1983]  vfs_writev+0x4b6/0x960
[ 1771.213025][ T1983]  ? __pfx_proc_loginuid_write+0x10/0x10
[ 1771.213041][ T1983]  ? __pfx_vfs_writev+0x10/0x10
[ 1771.213059][ T1983]  ? __fget_files+0x2a/0x420
[ 1771.213072][ T1983]  ? __fget_files+0x3a0/0x420
[ 1771.213081][ T1983]  ? __fget_files+0x2a/0x420
[ 1771.213094][ T1983]  __ia32_compat_sys_pwritev+0x1bf/0x2c0
[ 1771.213107][ T1983]  ? __pfx___ia32_compat_sys_pwritev+0x10/0x10
[ 1771.213119][ T1983]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1771.213134][ T1983]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1771.213148][ T1983]  __do_fast_syscall_32+0xb6/0x2b0
[ 1771.213162][ T1983]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1771.213182][ T1983]  do_fast_syscall_32+0x34/0x80
[ 1771.213196][ T1983]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1771.213208][ T1983] RIP: 0023:0xf706d539
[ 1771.213218][ T1983] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1771.213227][ T1983] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 000000000000014e
[ 1771.213239][ T1983] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000500
[ 1771.213246][ T1983] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 1771.213252][ T1983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1771.213258][ T1983] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1771.213265][ T1983] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1771.213280][ T1983]  </TASK>
[ 1772.171423][ T1996] netlink: 'syz.1.8521': attribute type 3 has an invalid length.
[ 1772.234539][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1772.538600][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1772.581992][ T2007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1772.620066][ T2007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1772.740347][ T2014] FAULT_INJECTION: forcing a failure.
[ 1772.740347][ T2014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1772.755223][ T2014] CPU: 1 UID: 0 PID: 2014 Comm: syz.0.8528 Not tainted syzkaller #0 PREEMPT(full) 
[ 1772.755248][ T2014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1772.755260][ T2014] Call Trace:
[ 1772.755267][ T2014]  <TASK>
[ 1772.755275][ T2014]  dump_stack_lvl+0x189/0x250
[ 1772.755303][ T2014]  ? __pfx____ratelimit+0x10/0x10
[ 1772.755324][ T2014]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1772.755347][ T2014]  ? __pfx__printk+0x10/0x10
[ 1772.755365][ T2014]  ? __might_fault+0xb0/0x130
[ 1772.755397][ T2014]  should_fail_ex+0x414/0x560
[ 1772.755427][ T2014]  _copy_from_user+0x2d/0xb0
[ 1772.755450][ T2014]  get_compat_msghdr+0xad/0x4a0
[ 1772.755475][ T2014]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1772.755505][ T2014]  ___sys_sendmsg+0x193/0x2a0
[ 1772.755528][ T2014]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1772.755575][ T2014]  ? __fget_files+0x2a/0x420
[ 1772.755592][ T2014]  ? __fget_files+0x3a0/0x420
[ 1772.755663][ T2014]  __sys_sendmsg+0x164/0x220
[ 1772.755684][ T2014]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1772.755710][ T2014]  ? __pfx_ksys_write+0x10/0x10
[ 1772.755735][ T2014]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1772.755758][ T2014]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1772.755780][ T2014]  __do_fast_syscall_32+0xb6/0x2b0
[ 1772.755802][ T2014]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1772.755825][ T2014]  do_fast_syscall_32+0x34/0x80
[ 1772.755847][ T2014]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1772.755876][ T2014] RIP: 0023:0xf70ad539
[ 1772.755891][ T2014] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1772.755907][ T2014] RSP: 002b:00000000f549d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1772.755927][ T2014] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1772.755940][ T2014] RDX: 0000000004004050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1772.755951][ T2014] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1772.755961][ T2014] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1772.755972][ T2014] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1772.755992][ T2014]  </TASK>
[ 1773.065367][ T2017] netlink: 168876 bytes leftover after parsing attributes in process `syz.3.8529'.
[ 1773.098542][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1773.263425][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1773.454642][ T2024] binder: 2018:2024 ioctl 4018620d 0 returned -22
[ 1773.519403][ T2030] netlink: 48 bytes leftover after parsing attributes in process `syz.2.8533'.
[ 1773.630813][ T2035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1773.643545][ T2035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1773.654274][ T2036] FAULT_INJECTION: forcing a failure.
[ 1773.654274][ T2036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1773.670661][ T2036] CPU: 0 UID: 0 PID: 2036 Comm: syz.1.8536 Not tainted syzkaller #0 PREEMPT(full) 
[ 1773.670685][ T2036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1773.670695][ T2036] Call Trace:
[ 1773.670702][ T2036]  <TASK>
[ 1773.670710][ T2036]  dump_stack_lvl+0x189/0x250
[ 1773.670739][ T2036]  ? __pfx____ratelimit+0x10/0x10
[ 1773.670760][ T2036]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1773.670781][ T2036]  ? __pfx__printk+0x10/0x10
[ 1773.670798][ T2036]  ? __might_fault+0xb0/0x130
[ 1773.670831][ T2036]  should_fail_ex+0x414/0x560
[ 1773.670861][ T2036]  _copy_from_user+0x2d/0xb0
[ 1773.670883][ T2036]  get_compat_msghdr+0xad/0x4a0
[ 1773.670905][ T2036]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1773.670933][ T2036]  ___sys_sendmsg+0x193/0x2a0
[ 1773.670953][ T2036]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1773.670972][ T2036]  ? __lock_acquire+0xab9/0xd20
[ 1773.671012][ T2036]  ? __fget_files+0x2a/0x420
[ 1773.671027][ T2036]  ? __fget_files+0x3a0/0x420
[ 1773.671060][ T2036]  __sys_sendmmsg+0x28e/0x430
[ 1773.671083][ T2036]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1773.671100][ T2036]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1773.671145][ T2036]  ? ksys_write+0x22a/0x250
[ 1773.671166][ T2036]  ? exc_page_fault+0x82/0x100
[ 1773.671185][ T2036]  ? __pfx_ksys_write+0x10/0x10
[ 1773.671211][ T2036]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1773.671231][ T2036]  __do_fast_syscall_32+0xb6/0x2b0
[ 1773.671253][ T2036]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1773.671275][ T2036]  do_fast_syscall_32+0x34/0x80
[ 1773.671294][ T2036]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1773.671313][ T2036] RIP: 0023:0xf706d539
[ 1773.671327][ T2036] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1773.671341][ T2036] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1773.671360][ T2036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003c00
[ 1773.671371][ T2036] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000000
[ 1773.671379][ T2036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1773.671388][ T2036] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1773.671397][ T2036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1773.671424][ T2036]  </TASK>
[ 1773.962112][ T2038] netlink: 'syz.4.8537': attribute type 30 has an invalid length.
[ 1774.068171][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1774.122175][ T2043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1774.131013][ T2043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1774.144922][ T2043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1774.153779][ T2043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1774.218197][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1774.239289][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1774.251252][    T9] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1774.283569][    T9] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1774.298415][    T9] usb 4-1: Product: syz
[ 1774.298703][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1774.302850][    T9] usb 4-1: Manufacturer: syz
[ 1774.348828][ T2051] netlink: 168876 bytes leftover after parsing attributes in process `syz.1.8542'.
[ 1774.388382][    T9] usb 4-1: SerialNumber: syz
[ 1774.455462][ T2056] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8543'.
[ 1774.482190][ T2052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1774.501046][ T2052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1774.565757][ T2052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1774.606879][ T2052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1774.640509][    T9] usb 4-1: palm_os_3_probe - error -71 getting connection information
[ 1774.677283][    T9] visor 4-1:1.0: probe with driver visor failed with error -71
[ 1774.714216][ T2064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1774.718581][    T9] usb 4-1: USB disconnect, device number 2
[ 1774.758901][ T2064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1774.851254][ T2070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1774.880758][   T30] audit: type=1326 audit(1761520658.571:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1774.944475][   T30] audit: type=1326 audit(1761520658.571:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1774.955077][ T2070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1774.993154][   T30] audit: type=1326 audit(1761520658.571:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.016394][   T30] audit: type=1326 audit(1761520658.571:2570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.107680][   T30] audit: type=1326 audit(1761520658.571:2571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.203675][   T30] audit: type=1326 audit(1761520658.571:2572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.251295][ T2075] FAULT_INJECTION: forcing a failure.
[ 1775.251295][ T2075] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1775.256991][   T30] audit: type=1326 audit(1761520658.571:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.292193][   T30] audit: type=1326 audit(1761520658.571:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.314530][ T2075] CPU: 0 UID: 0 PID: 2075 Comm: syz.3.8550 Not tainted syzkaller #0 PREEMPT(full) 
[ 1775.314554][ T2075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1775.314565][ T2075] Call Trace:
[ 1775.314574][ T2075]  <TASK>
[ 1775.314582][ T2075]  dump_stack_lvl+0x189/0x250
[ 1775.314610][ T2075]  ? __pfx____ratelimit+0x10/0x10
[ 1775.314630][ T2075]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1775.314652][ T2075]  ? __pfx__printk+0x10/0x10
[ 1775.314666][ T2075]  ? __might_fault+0xb0/0x130
[ 1775.314693][ T2075]  should_fail_ex+0x414/0x560
[ 1775.314717][ T2075]  _copy_from_user+0x2d/0xb0
[ 1775.314736][ T2075]  get_compat_msghdr+0xad/0x4a0
[ 1775.314755][ T2075]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1775.314778][ T2075]  ___sys_sendmsg+0x193/0x2a0
[ 1775.314795][ T2075]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1775.314834][ T2075]  ? __fget_files+0x2a/0x420
[ 1775.314846][ T2075]  ? __fget_files+0x3a0/0x420
[ 1775.314873][ T2075]  __sys_sendmsg+0x164/0x220
[ 1775.314888][ T2075]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1775.314909][ T2075]  ? __pfx_ksys_write+0x10/0x10
[ 1775.314930][ T2075]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1775.314951][ T2075]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1775.314970][ T2075]  __do_fast_syscall_32+0xb6/0x2b0
[ 1775.314989][ T2075]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1775.315009][ T2075]  do_fast_syscall_32+0x34/0x80
[ 1775.315028][ T2075]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1775.315044][ T2075] RIP: 0023:0xf7fc2539
[ 1775.315057][ T2075] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1775.315070][ T2075] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1775.315086][ T2075] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[ 1775.315096][ T2075] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1775.315105][ T2075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1775.315113][ T2075] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1775.315122][ T2075] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1775.315142][ T2075]  </TASK>
[ 1775.532709][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1775.596072][   T30] audit: type=1326 audit(1761520658.571:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.666085][   T30] audit: type=1326 audit(1761520658.571:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2046 comm="syz.0.8541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf70ad539 code=0x7ffc0000
[ 1775.948712][ T2083] binder: 2078:2083 ioctl 4018620d 0 returned -22
[ 1776.063651][ T2088] netlink: 168876 bytes leftover after parsing attributes in process `syz.1.8554'.
[ 1776.138679][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1776.389303][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1776.551543][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1776.662041][ T2103] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8557'.
[ 1777.068230][ T2111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1777.118374][ T2111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1777.262357][ T2113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1777.266513][ T2111] input: syz0 as /devices/virtual/input/input178
[ 1777.290270][ T2113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1777.416686][ T2118] FAULT_INJECTION: forcing a failure.
[ 1777.416686][ T2118] name failslab, interval 1, probability 0, space 0, times 0
[ 1777.462422][ T2118] CPU: 0 UID: 0 PID: 2118 Comm: syz.3.8563 Not tainted syzkaller #0 PREEMPT(full) 
[ 1777.462447][ T2118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1777.462468][ T2118] Call Trace:
[ 1777.462476][ T2118]  <TASK>
[ 1777.462485][ T2118]  dump_stack_lvl+0x189/0x250
[ 1777.462513][ T2118]  ? __pfx____ratelimit+0x10/0x10
[ 1777.462536][ T2118]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1777.462557][ T2118]  ? __pfx__printk+0x10/0x10
[ 1777.462579][ T2118]  ? __pfx___might_resched+0x10/0x10
[ 1777.462601][ T2118]  should_fail_ex+0x414/0x560
[ 1777.462629][ T2118]  should_failslab+0xa8/0x100
[ 1777.462649][ T2118]  __kmalloc_noprof+0xcb/0x7f0
[ 1777.462670][ T2118]  ? kfree+0x4d/0x6d0
[ 1777.462686][ T2118]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1777.462715][ T2118]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1777.462739][ T2118]  ? tomoyo_domain+0xd9/0x130
[ 1777.462767][ T2118]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1777.462787][ T2118]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1777.462809][ T2118]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1777.462847][ T2118]  ? __lock_acquire+0xab9/0xd20
[ 1777.462881][ T2118]  ? __fget_files+0x2a/0x420
[ 1777.462903][ T2118]  ? __fget_files+0x3a0/0x420
[ 1777.462917][ T2118]  ? __fget_files+0x2a/0x420
[ 1777.462936][ T2118]  security_file_ioctl_compat+0xcb/0x2d0
[ 1777.462959][ T2118]  __ia32_compat_sys_ioctl+0x128/0x840
[ 1777.462985][ T2118]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1777.463008][ T2118]  ? __fget_files+0x3a0/0x420
[ 1777.463031][ T2118]  ? fput+0xa0/0xd0
[ 1777.463049][ T2118]  ? ksys_write+0x22a/0x250
[ 1777.463070][ T2118]  ? exc_page_fault+0x82/0x100
[ 1777.463092][ T2118]  ? __pfx_ksys_write+0x10/0x10
[ 1777.463117][ T2118]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1777.463141][ T2118]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1777.463166][ T2118]  __do_fast_syscall_32+0xb6/0x2b0
[ 1777.463189][ T2118]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1777.463215][ T2118]  do_fast_syscall_32+0x34/0x80
[ 1777.463239][ T2118]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1777.463260][ T2118] RIP: 0023:0xf7fc2539
[ 1777.463276][ T2118] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1777.463291][ T2118] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1777.463312][ T2118] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004028700f
[ 1777.463324][ T2118] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1777.463335][ T2118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1777.463345][ T2118] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1777.463354][ T2118] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1777.463381][ T2118]  </TASK>
[ 1777.463388][ T2118] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1777.758374][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1777.976677][ T2129] FAULT_INJECTION: forcing a failure.
[ 1777.976677][ T2129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1778.033297][ T2129] CPU: 1 UID: 0 PID: 2129 Comm: syz.4.8565 Not tainted syzkaller #0 PREEMPT(full) 
[ 1778.033324][ T2129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1778.033336][ T2129] Call Trace:
[ 1778.033345][ T2129]  <TASK>
[ 1778.033354][ T2129]  dump_stack_lvl+0x189/0x250
[ 1778.033384][ T2129]  ? __pfx____ratelimit+0x10/0x10
[ 1778.033406][ T2129]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1778.033430][ T2129]  ? __pfx__printk+0x10/0x10
[ 1778.033448][ T2129]  ? __might_fault+0xb0/0x130
[ 1778.033483][ T2129]  should_fail_ex+0x414/0x560
[ 1778.033514][ T2129]  _copy_from_user+0x2d/0xb0
[ 1778.033537][ T2129]  get_compat_msghdr+0xad/0x4a0
[ 1778.033563][ T2129]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1778.033593][ T2129]  ___sys_sendmsg+0x193/0x2a0
[ 1778.033615][ T2129]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1778.033668][ T2129]  ? __fget_files+0x2a/0x420
[ 1778.033685][ T2129]  ? __fget_files+0x3a0/0x420
[ 1778.033717][ T2129]  __sys_sendmsg+0x164/0x220
[ 1778.033738][ T2129]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1778.033765][ T2129]  ? __pfx_ksys_write+0x10/0x10
[ 1778.033792][ T2129]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[ 1778.033817][ T2129]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1778.033842][ T2129]  __do_fast_syscall_32+0xb6/0x2b0
[ 1778.033866][ T2129]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1778.033892][ T2129]  do_fast_syscall_32+0x34/0x80
[ 1778.033921][ T2129]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1778.033943][ T2129] RIP: 0023:0xf709d539
[ 1778.033959][ T2129] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1778.033975][ T2129] RSP: 002b:00000000f546c55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1778.033995][ T2129] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[ 1778.034008][ T2129] RDX: 0000000024000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1778.034020][ T2129] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1778.034031][ T2129] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1778.034043][ T2129] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1778.034070][ T2129]  </TASK>
[ 1778.397630][ T2135] netlink: 168876 bytes leftover after parsing attributes in process `syz.3.8566'.
[ 1778.486276][ T2138] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8569'.
[ 1778.778277][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1779.179118][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1779.348663][ T2155] FAULT_INJECTION: forcing a failure.
[ 1779.348663][ T2155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1779.374466][ T2155] CPU: 0 UID: 0 PID: 2155 Comm: syz.4.8573 Not tainted syzkaller #0 PREEMPT(full) 
[ 1779.374493][ T2155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1779.374504][ T2155] Call Trace:
[ 1779.374512][ T2155]  <TASK>
[ 1779.374521][ T2155]  dump_stack_lvl+0x189/0x250
[ 1779.374551][ T2155]  ? __pfx____ratelimit+0x10/0x10
[ 1779.374574][ T2155]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1779.374597][ T2155]  ? __pfx__printk+0x10/0x10
[ 1779.374617][ T2155]  ? __might_fault+0xb0/0x130
[ 1779.374655][ T2155]  should_fail_ex+0x414/0x560
[ 1779.374674][ T2155]  _copy_from_user+0x2d/0xb0
[ 1779.374688][ T2155]  __sys_sendto+0x25c/0x520
[ 1779.374705][ T2155]  ? __pfx___sys_sendto+0x10/0x10
[ 1779.374718][ T2155]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1779.374738][ T2155]  ? __fget_files+0x3a0/0x420
[ 1779.374753][ T2155]  ? ksys_write+0x22a/0x250
[ 1779.374767][ T2155]  ? exc_page_fault+0x82/0x100
[ 1779.374779][ T2155]  ? __pfx_ksys_write+0x10/0x10
[ 1779.374795][ T2155]  __ia32_sys_sendto+0xdd/0x100
[ 1779.374812][ T2155]  __do_fast_syscall_32+0xb6/0x2b0
[ 1779.374826][ T2155]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1779.374841][ T2155]  do_fast_syscall_32+0x34/0x80
[ 1779.374854][ T2155]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1779.374866][ T2155] RIP: 0023:0xf709d539
[ 1779.374876][ T2155] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1779.374885][ T2155] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1779.374897][ T2155] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[ 1779.374905][ T2155] RDX: 000000000000ff88 RSI: 0000000000000000 RDI: 0000000080000140
[ 1779.374911][ T2155] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[ 1779.374917][ T2155] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1779.374923][ T2155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1779.374938][ T2155]  </TASK>
[ 1779.828385][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1779.894443][ T2164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1779.903743][ T2164] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1779.987270][   T30] kauditd_printk_skb: 25 callbacks suppressed
[ 1779.987288][   T30] audit: type=1326 audit(1761520663.671:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.025267][ T2164] input: syz0 as /devices/virtual/input/input179
[ 1780.032312][   T30] audit: type=1326 audit(1761520663.711:2603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=139 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.055603][   T30] audit: type=1326 audit(1761520663.711:2604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.100613][   T30] audit: type=1326 audit(1761520663.711:2605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.178111][   T30] audit: type=1326 audit(1761520663.711:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.217360][ T2170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1780.227090][   T30] audit: type=1326 audit(1761520663.711:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.251689][ T2170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1780.281380][   T30] audit: type=1326 audit(1761520663.771:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.321770][   T30] audit: type=1326 audit(1761520663.771:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2163 comm="syz.2.8578" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44539 code=0x7ffc0000
[ 1780.868600][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1781.336290][ T2188] 
[ 1781.338635][ T2188] =====================================================
[ 1781.345546][ T2188] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[ 1781.352987][ T2188] syzkaller #0 Not tainted
[ 1781.357381][ T2188] -----------------------------------------------------
[ 1781.364293][ T2188] syz.3.8585/2188 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 1781.371905][ T2188] ffffffff8dc0c058 (tasklist_lock){.+.+}-{3:3}, at: send_sigio+0x101/0x370
[ 1781.380504][ T2188] 
[ 1781.380504][ T2188] and this task is already holding:
[ 1781.387845][ T2188] ffff88805a5c6620 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370
[ 1781.396440][ T2188] which would create a new lock dependency:
[ 1781.402312][ T2188]  (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
[ 1781.409865][ T2188] 
[ 1781.409865][ T2188] but this new dependency connects a SOFTIRQ-irq-safe lock:
[ 1781.419294][ T2188]  (&dev->event_lock#2){..-.}-{3:3}
[ 1781.419317][ T2188] 
[ 1781.419317][ T2188] ... which became SOFTIRQ-irq-safe at:
[ 1781.432168][ T2188]   lock_acquire+0x120/0x360
[ 1781.436741][ T2188]   _raw_spin_lock_irqsave+0xa7/0xf0
[ 1781.442007][ T2188]   input_inject_event+0xa5/0x340
[ 1781.447015][ T2188]   led_trigger_event+0x138/0x210
[ 1781.452021][ T2188]   kbd_bh+0x1c6/0x2e0
[ 1781.456105][ T2188]   tasklet_action_common+0x36c/0x580
[ 1781.461459][ T2188]   handle_softirqs+0x286/0x870
[ 1781.466290][ T2188]   __irq_exit_rcu+0xca/0x1f0
[ 1781.470958][ T2188]   irq_exit_rcu+0x9/0x30
[ 1781.475266][ T2188]   sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1781.480969][ T2188]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1781.487018][ T2188]   console_flush_all+0x7f4/0xb10
[ 1781.492028][ T2188]   console_unlock+0xbb/0x190
[ 1781.496701][ T2188]   console_callback+0x380/0x440
[ 1781.501624][ T2188]   process_scheduled_works+0xae1/0x17b0
[ 1781.507241][ T2188]   worker_thread+0x8a0/0xda0
[ 1781.511901][ T2188]   kthread+0x711/0x8a0
[ 1781.516038][ T2188]   ret_from_fork+0x4bc/0x870
[ 1781.520703][ T2188]   ret_from_fork_asm+0x1a/0x30
[ 1781.525547][ T2188] 
[ 1781.525547][ T2188] to a SOFTIRQ-irq-unsafe lock:
[ 1781.532549][ T2188]  (tasklist_lock){.+.+}-{3:3}
[ 1781.532571][ T2188] 
[ 1781.532571][ T2188] ... which became SOFTIRQ-irq-unsafe at:
[ 1781.545164][ T2188] ...
[ 1781.545171][ T2188]   lock_acquire+0x120/0x360
[ 1781.552302][ T2188]   _raw_read_lock+0x36/0x50
[ 1781.556877][ T2188]   __do_wait+0xde/0x740
[ 1781.561102][ T2188]   do_wait+0x1f8/0x510
[ 1781.565241][ T2188]   kernel_wait+0xab/0x170
[ 1781.569644][ T2188]   call_usermodehelper_exec_work+0xbe/0x230
[ 1781.575615][ T2188]   process_scheduled_works+0xae1/0x17b0
[ 1781.581257][ T2188]   worker_thread+0x8a0/0xda0
[ 1781.585924][ T2188]   kthread+0x711/0x8a0
[ 1781.590063][ T2188]   ret_from_fork+0x4bc/0x870
[ 1781.594721][ T2188]   ret_from_fork_asm+0x1a/0x30
[ 1781.599553][ T2188] 
[ 1781.599553][ T2188] other info that might help us debug this:
[ 1781.599553][ T2188] 
[ 1781.609767][ T2188] Chain exists of:
[ 1781.609767][ T2188]   &dev->event_lock#2 --> &f_owner->lock --> tasklist_lock
[ 1781.609767][ T2188] 
[ 1781.622789][ T2188]  Possible interrupt unsafe locking scenario:
[ 1781.622789][ T2188] 
[ 1781.631094][ T2188]        CPU0                    CPU1
[ 1781.636442][ T2188]        ----                    ----
[ 1781.641789][ T2188]   lock(tasklist_lock);
[ 1781.646015][ T2188]                                local_irq_disable();
[ 1781.652749][ T2188]                                lock(&dev->event_lock#2);
[ 1781.659934][ T2188]                                lock(&f_owner->lock);
[ 1781.666770][ T2188]   <Interrupt>
[ 1781.670208][ T2188]     lock(&dev->event_lock#2);
[ 1781.675044][ T2188] 
[ 1781.675044][ T2188]  *** DEADLOCK ***
[ 1781.675044][ T2188] 
[ 1781.683166][ T2188] 5 locks held by syz.3.8585/2188:
[ 1781.688259][ T2188]  #0: ffff888032614420 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[ 1781.697379][ T2188]  #1: ffff8880787370c0 (&type->i_mutex_dir_key#5){++++}-{4:4}, at: path_openat+0x8da/0x3830
[ 1781.707568][ T2188]  #2: ffffffff9980c710 (&fsnotify_mark_srcu){.+.?}-{0:0}, at: fsnotify+0x735/0x1a80
[ 1781.717034][ T2188]  #3: ffff888068524808 (&mark->lock){+.+.}-{3:3}, at: dnotify_handle_event+0x62/0x440
[ 1781.726671][ T2188]  #4: ffff88805a5c6620 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370
[ 1781.735694][ T2188] 
[ 1781.735694][ T2188] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[ 1781.746082][ T2188]     -> (&dev->event_lock#2){..-.}-{3:3} {
[ 1781.751976][ T2188]        IN-SOFTIRQ-W at:
[ 1781.756295][ T2188]                             lock_acquire+0x120/0x360
[ 1781.763152][ T2188]                             _raw_spin_lock_irqsave+0xa7/0xf0
[ 1781.770686][ T2188]                             input_inject_event+0xa5/0x340
[ 1781.777966][ T2188]                             led_trigger_event+0x138/0x210
[ 1781.785314][ T2188]                             kbd_bh+0x1c6/0x2e0
[ 1781.791630][ T2188]                             tasklet_action_common+0x36c/0x580
[ 1781.799254][ T2188]                             handle_softirqs+0x286/0x870
[ 1781.806369][ T2188]                             __irq_exit_rcu+0xca/0x1f0
[ 1781.813288][ T2188]                             irq_exit_rcu+0x9/0x30
[ 1781.819857][ T2188]                             sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1781.827814][ T2188]                             asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1781.836115][ T2188]                             console_flush_all+0x7f4/0xb10
[ 1781.843388][ T2188]                             console_unlock+0xbb/0x190
[ 1781.850310][ T2188]                             console_callback+0x380/0x440
[ 1781.857490][ T2188]                             process_scheduled_works+0xae1/0x17b0
[ 1781.865358][ T2188]                             worker_thread+0x8a0/0xda0
[ 1781.872277][ T2188]                             kthread+0x711/0x8a0
[ 1781.878673][ T2188]                             ret_from_fork+0x4bc/0x870
[ 1781.885590][ T2188]                             ret_from_fork_asm+0x1a/0x30
[ 1781.892676][ T2188]        INITIAL USE at:
[ 1781.896897][ T2188]                            lock_acquire+0x120/0x360
[ 1781.903646][ T2188]                            _raw_spin_lock_irqsave+0xa7/0xf0
[ 1781.911090][ T2188]                            input_inject_event+0xa5/0x340
[ 1781.918270][ T2188]                            kbd_led_trigger_activate+0xbc/0x100
[ 1781.925965][ T2188]                            led_trigger_set+0x52d/0x950
[ 1781.932966][ T2188]                            led_trigger_set_default+0x260/0x2a0
[ 1781.940661][ T2188]                            led_classdev_register_ext+0x73d/0x930
[ 1781.948531][ T2188]                            input_leds_connect+0x517/0x790
[ 1781.955790][ T2188]                            input_register_device+0xd00/0x1140
[ 1781.963396][ T2188]                            atkbd_connect+0x72e/0xa00
[ 1781.970231][ T2188]                            serio_driver_probe+0x82/0xd0
[ 1781.977329][ T2188]                            really_probe+0x26d/0x9e0
[ 1781.984081][ T2188]                            __driver_probe_device+0x18c/0x2f0
[ 1781.991608][ T2188]                            driver_probe_device+0x4f/0x430
[ 1781.998876][ T2188]                            __driver_attach+0x452/0x700
[ 1782.005881][ T2188]                            bus_for_each_dev+0x233/0x2b0
[ 1782.012969][ T2188]                            serio_handle_event+0x1f9/0x8d0
[ 1782.020230][ T2188]                            process_scheduled_works+0xae1/0x17b0
[ 1782.028023][ T2188]                            worker_thread+0x8a0/0xda0
[ 1782.034871][ T2188]                            kthread+0x711/0x8a0
[ 1782.041188][ T2188]                            ret_from_fork+0x4bc/0x870
[ 1782.048027][ T2188]                            ret_from_fork_asm+0x1a/0x30
[ 1782.055043][ T2188]      }
[ 1782.057867][ T2188]      ... key      at: [<ffffffff99b26060>] input_allocate_device.__key.5+0x0/0x20
[ 1782.067233][ T2188]    -> (kbd_event_lock){....}-{3:3} {
[ 1782.072704][ T2188]       INITIAL USE at:
[ 1782.076853][ T2188]                          lock_acquire+0x120/0x360
[ 1782.083428][ T2188]                          _raw_spin_lock_irqsave+0xa7/0xf0
[ 1782.090790][ T2188]                          vt_reset_unicode+0x2b/0x160
[ 1782.097630][ T2188]                          reset_vc+0x68/0x1b0
[ 1782.103768][ T2188]                          vc_init+0x70/0x4a0
[ 1782.109824][ T2188]                          con_init+0x385/0x9c0
[ 1782.116054][ T2188]                          console_init+0x10e/0x430
[ 1782.122618][ T2188]                          start_kernel+0x254/0x410
[ 1782.129193][ T2188]                          x86_64_start_reservations+0x24/0x30
[ 1782.136735][ T2188]                          x86_64_start_kernel+0x143/0x1c0
[ 1782.143918][ T2188]                          common_startup_64+0x13e/0x147
[ 1782.150932][ T2188]     }
[ 1782.153670][ T2188]     ... key      at: [<ffffffff8e759298>] kbd_event_lock+0x18/0xa0
[ 1782.161786][ T2188]     ... acquired at:
[ 1782.165827][ T2188]    lock_acquire+0x120/0x360
[ 1782.170479][ T2188]    _raw_spin_lock+0x2e/0x40
[ 1782.175136][ T2188]    kbd_event+0xd2/0x3f70
[ 1782.179533][ T2188]    input_handle_events_default+0xd4/0x1a0
[ 1782.185409][ T2188]    input_pass_values+0x288/0x890
[ 1782.190496][ T2188]    input_event_dispose+0x330/0x6b0
[ 1782.195760][ T2188]    input_inject_event+0x1dd/0x340
[ 1782.200936][ T2188]    evdev_write+0x2fc/0x480
[ 1782.205510][ T2188]    vfs_write+0x27e/0xb30
[ 1782.209913][ T2188]    ksys_write+0x145/0x250
[ 1782.214421][ T2188]    __do_fast_syscall_32+0xb6/0x2b0
[ 1782.219689][ T2188]    do_fast_syscall_32+0x34/0x80
[ 1782.224696][ T2188]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1782.231176][ T2188] 
[ 1782.233477][ T2188]   -> (&tty->flow.lock){....}-{3:3} {
[ 1782.238923][ T2188]      INITIAL USE at:
[ 1782.242967][ T2188]                        lock_acquire+0x120/0x360
[ 1782.249359][ T2188]                        _raw_spin_lock_irqsave+0xa7/0xf0
[ 1782.256451][ T2188]                        start_tty+0x20/0x70
[ 1782.262411][ T2188]                        n_tty_set_termios+0xa7c/0x1090
[ 1782.269326][ T2188]                        tty_set_termios+0xda4/0x17e0
[ 1782.276092][ T2188]                        set_termios+0x516/0x6c0
[ 1782.282397][ T2188]                        tty_mode_ioctl+0x47e/0x740
[ 1782.288984][ T2188]                        tty_ioctl+0x9c6/0xde0
[ 1782.295119][ T2188]                        __se_sys_ioctl+0xfc/0x170
[ 1782.301606][ T2188]                        do_syscall_64+0xfa/0xfa0
[ 1782.308023][ T2188]                        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1782.315835][ T2188]    }
[ 1782.318495][ T2188]    ... key      at: [<ffffffff99ae6c40>] alloc_tty_struct.__key.35+0x0/0x20
[ 1782.327329][ T2188]    ... acquired at:
[ 1782.331287][ T2188]    lock_acquire+0x120/0x360
[ 1782.335948][ T2188]    _raw_spin_lock_irqsave+0xa7/0xf0
[ 1782.341303][ T2188]    stop_tty+0x2f/0x150
[ 1782.345524][ T2188]    kbd_event+0x2b72/0x3f70
[ 1782.350100][ T2188]    input_handle_events_default+0xd4/0x1a0
[ 1782.355975][ T2188]    input_pass_values+0x288/0x890
[ 1782.361063][ T2188]    input_event_dispose+0x330/0x6b0
[ 1782.366407][ T2188]    input_inject_event+0x1dd/0x340
[ 1782.371588][ T2188]    evdev_write+0x2fc/0x480
[ 1782.376157][ T2188]    vfs_write+0x27e/0xb30
[ 1782.380556][ T2188]    ksys_write+0x145/0x250
[ 1782.385050][ T2188]    __do_fast_syscall_32+0xb6/0x2b0
[ 1782.390317][ T2188]    do_fast_syscall_32+0x34/0x80
[ 1782.395323][ T2188]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1782.401806][ T2188] 
[ 1782.404109][ T2188]  -> (&new->fa_lock){....}-{3:3} {
[ 1782.409296][ T2188]     INITIAL USE at:
[ 1782.413258][ T2188]                      lock_acquire+0x120/0x360
[ 1782.419494][ T2188]                      _raw_write_lock_irq+0xa2/0xf0
[ 1782.426157][ T2188]                      fasync_remove_entry+0xf1/0x1c0
[ 1782.432896][ T2188]                      tty_fasync+0x13c/0x350
[ 1782.438943][ T2188]                      __fput+0x8a2/0xa70
[ 1782.444648][ T2188]                      task_work_run+0x1d4/0x260
[ 1782.450961][ T2188]                      exit_to_user_mode_loop+0xe9/0x130
[ 1782.457962][ T2188]                      __do_fast_syscall_32+0x1f4/0x2b0
[ 1782.464888][ T2188]                      do_fast_syscall_32+0x34/0x80
[ 1782.471460][ T2188]                      entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1782.479506][ T2188]     INITIAL READ USE at:
[ 1782.483904][ T2188]                           lock_acquire+0x120/0x360
[ 1782.490567][ T2188]                           _raw_read_lock_irqsave+0xaf/0x100
[ 1782.498019][ T2188]                           kill_fasync+0x199/0x4d0
[ 1782.504609][ T2188]                           sock_wake_async+0x137/0x160
[ 1782.511538][ T2188]                           sk_wake_async+0x184/0x280
[ 1782.518365][ T2188]                           unix_release_sock+0x78c/0xd50
[ 1782.525470][ T2188]                           unix_release+0x92/0xd0
[ 1782.531954][ T2188]                           sock_close+0xc3/0x240
[ 1782.538353][ T2188]                           __fput+0x44c/0xa70
[ 1782.544488][ T2188]                           task_work_run+0x1d4/0x260
[ 1782.551236][ T2188]                           do_exit+0x6b5/0x2300
[ 1782.557550][ T2188]                           do_group_exit+0x21c/0x2d0
[ 1782.564292][ T2188]                           get_signal+0x1285/0x1340
[ 1782.570945][ T2188]                           arch_do_signal_or_restart+0xa0/0x790
[ 1782.578647][ T2188]                           exit_to_user_mode_loop+0x72/0x130
[ 1782.586110][ T2188]                           __do_fast_syscall_32+0x1f4/0x2b0
[ 1782.593467][ T2188]                           do_fast_syscall_32+0x34/0x80
[ 1782.600475][ T2188]                           entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1782.608955][ T2188]   }
[ 1782.611519][ T2188]   ... key      at: [<ffffffff998098a0>] fasync_insert_entry.__key+0x0/0x20
[ 1782.620264][ T2188]   ... acquired at:
[ 1782.624159][ T2188]    lock_acquire+0x120/0x360
[ 1782.628862][ T2188]    _raw_read_lock_irqsave+0xaf/0x100
[ 1782.634327][ T2188]    kill_fasync+0x199/0x4d0
[ 1782.638897][ T2188]    __start_tty+0x18c/0x220
[ 1782.643471][ T2188]    start_tty+0x2b/0x70
[ 1782.647696][ T2188]    n_tty_set_termios+0xa7c/0x1090
[ 1782.652873][ T2188]    tty_set_termios+0xda4/0x17e0
[ 1782.657877][ T2188]    set_termios+0x516/0x6c0
[ 1782.662447][ T2188]    tty_mode_ioctl+0x47e/0x740
[ 1782.667277][ T2188]    tty_ioctl+0x9c6/0xde0
[ 1782.671674][ T2188]    __ia32_compat_sys_ioctl+0x543/0x840
[ 1782.677292][ T2188]    __do_fast_syscall_32+0xb6/0x2b0
[ 1782.682559][ T2188]    do_fast_syscall_32+0x34/0x80
[ 1782.687565][ T2188]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1782.694046][ T2188] 
[ 1782.696361][ T2188] -> (&f_owner->lock){....}-{3:3} {
[ 1782.701562][ T2188]    INITIAL USE at:
[ 1782.705460][ T2188]                    lock_acquire+0x120/0x360
[ 1782.711514][ T2188]                    _raw_write_lock_irq+0xa2/0xf0
[ 1782.718004][ T2188]                    __f_setown+0x67/0x370
[ 1782.723808][ T2188]                    f_setown+0x23a/0x300
[ 1782.729519][ T2188]                    do_fcntl+0x11d/0x1910
[ 1782.735335][ T2188]                    do_compat_fcntl64+0x477/0x720
[ 1782.741845][ T2188]                    __do_fast_syscall_32+0xb6/0x2b0
[ 1782.748513][ T2188]                    do_fast_syscall_32+0x34/0x80
[ 1782.754916][ T2188]                    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1782.762790][ T2188]    INITIAL READ USE at:
[ 1782.767099][ T2188]                         lock_acquire+0x120/0x360
[ 1782.773578][ T2188]                         _raw_read_lock_irqsave+0xaf/0x100
[ 1782.780848][ T2188]                         send_sigurg+0x55/0x420
[ 1782.787159][ T2188]                         sk_send_sigurg+0x6c/0x2e0
[ 1782.793725][ T2188]                         tcp_check_urg+0x200/0x760
[ 1782.800295][ T2188]                         tcp_urg+0x164/0x3f0
[ 1782.806357][ T2188]                         tcp_rcv_established+0x132a/0x2670
[ 1782.813621][ T2188]                         tcp_v4_do_rcv+0xa90/0x1430
[ 1782.820274][ T2188]                         __release_sock+0x265/0x3a0
[ 1782.826930][ T2188]                         release_sock+0x5f/0x1f0
[ 1782.833369][ T2188]                         tcp_sendmsg+0x39/0x50
[ 1782.839597][ T2188]                         __sock_sendmsg+0x19c/0x270
[ 1782.846253][ T2188]                         ____sys_sendmsg+0x52d/0x830
[ 1782.852995][ T2188]                         ___sys_sendmsg+0x21f/0x2a0
[ 1782.859649][ T2188]                         __sys_sendmmsg+0x28e/0x430
[ 1782.866299][ T2188]                         __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1782.873897][ T2188]                         __do_fast_syscall_32+0xb6/0x2b0
[ 1782.880990][ T2188]                         do_fast_syscall_32+0x34/0x80
[ 1782.887840][ T2188]                         entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1782.896152][ T2188]  }
[ 1782.898637][ T2188]  ... key      at: [<ffffffff99809880>] file_f_owner_allocate.__key+0x0/0x20
[ 1782.907471][ T2188]  ... acquired at:
[ 1782.911254][ T2188]    lock_acquire+0x120/0x360
[ 1782.915908][ T2188]    _raw_read_lock_irqsave+0xaf/0x100
[ 1782.921343][ T2188]    send_sigio+0x38/0x370
[ 1782.925741][ T2188]    kill_fasync+0x24d/0x4d0
[ 1782.930343][ T2188]    sock_wake_async+0x137/0x160
[ 1782.935279][ T2188]    sk_wake_async+0x184/0x280
[ 1782.940037][ T2188]    unix_release_sock+0x78c/0xd50
[ 1782.945133][ T2188]    unix_release+0x92/0xd0
[ 1782.949617][ T2188]    sock_close+0xc3/0x240
[ 1782.954016][ T2188]    __fput+0x44c/0xa70
[ 1782.958150][ T2188]    task_work_run+0x1d4/0x260
[ 1782.962906][ T2188]    do_exit+0x6b5/0x2300
[ 1782.967234][ T2188]    do_group_exit+0x21c/0x2d0
[ 1782.971989][ T2188]    get_signal+0x1285/0x1340
[ 1782.976652][ T2188]    arch_do_signal_or_restart+0xa0/0x790
[ 1782.982358][ T2188]    exit_to_user_mode_loop+0x72/0x130
[ 1782.987798][ T2188]    __do_fast_syscall_32+0x1f4/0x2b0
[ 1782.993167][ T2188]    do_fast_syscall_32+0x34/0x80
[ 1782.998187][ T2188]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1783.004674][ T2188] 
[ 1783.006985][ T2188] 
[ 1783.006985][ T2188] the dependencies between the lock to be acquired
[ 1783.006992][ T2188]  and SOFTIRQ-irq-unsafe lock:
[ 1783.020516][ T2188] -> (tasklist_lock){.+.+}-{3:3} {
[ 1783.025628][ T2188]    HARDIRQ-ON-R at:
[ 1783.029599][ T2188]                     lock_acquire+0x120/0x360
[ 1783.035741][ T2188]                     _raw_read_lock+0x36/0x50
[ 1783.041963][ T2188]                     __do_wait+0xde/0x740
[ 1783.047757][ T2188]                     do_wait+0x1f8/0x510
[ 1783.053460][ T2188]                     kernel_wait+0xab/0x170
[ 1783.059420][ T2188]                     call_usermodehelper_exec_work+0xbe/0x230
[ 1783.066943][ T2188]                     process_scheduled_works+0xae1/0x17b0
[ 1783.074121][ T2188]                     worker_thread+0x8a0/0xda0
[ 1783.080348][ T2188]                     kthread+0x711/0x8a0
[ 1783.086048][ T2188]                     ret_from_fork+0x4bc/0x870
[ 1783.092266][ T2188]                     ret_from_fork_asm+0x1a/0x30
[ 1783.098662][ T2188]    SOFTIRQ-ON-R at:
[ 1783.102625][ T2188]                     lock_acquire+0x120/0x360
[ 1783.108757][ T2188]                     _raw_read_lock+0x36/0x50
[ 1783.114892][ T2188]                     __do_wait+0xde/0x740
[ 1783.120683][ T2188]                     do_wait+0x1f8/0x510
[ 1783.126386][ T2188]                     kernel_wait+0xab/0x170
[ 1783.132350][ T2188]                     call_usermodehelper_exec_work+0xbe/0x230
[ 1783.139876][ T2188]                     process_scheduled_works+0xae1/0x17b0
[ 1783.147051][ T2188]                     worker_thread+0x8a0/0xda0
[ 1783.153298][ T2188]                     kthread+0x711/0x8a0
[ 1783.159003][ T2188]                     ret_from_fork+0x4bc/0x870
[ 1783.165221][ T2188]                     ret_from_fork_asm+0x1a/0x30
[ 1783.171612][ T2188]    INITIAL USE at:
[ 1783.175483][ T2188]                    lock_acquire+0x120/0x360
[ 1783.181529][ T2188]                    _raw_write_lock_irq+0xa2/0xf0
[ 1783.188016][ T2188]                    copy_process+0x224f/0x3c00
[ 1783.194249][ T2188]                    kernel_clone+0x21e/0x840
[ 1783.200297][ T2188]                    user_mode_thread+0xdd/0x140
[ 1783.206605][ T2188]                    rest_init+0x23/0x300
[ 1783.212307][ T2188]                    start_kernel+0x3ae/0x410
[ 1783.218360][ T2188]                    x86_64_start_reservations+0x24/0x30
[ 1783.225369][ T2188]                    x86_64_start_kernel+0x143/0x1c0
[ 1783.232021][ T2188]                    common_startup_64+0x13e/0x147
[ 1783.238510][ T2188]    INITIAL READ USE at:
[ 1783.242825][ T2188]                         lock_acquire+0x120/0x360
[ 1783.249304][ T2188]                         _raw_read_lock+0x36/0x50
[ 1783.255787][ T2188]                         __do_wait+0xde/0x740
[ 1783.261925][ T2188]                         do_wait+0x1f8/0x510
[ 1783.267999][ T2188]                         kernel_wait+0xab/0x170
[ 1783.274325][ T2188]                         call_usermodehelper_exec_work+0xbe/0x230
[ 1783.282197][ T2188]                         process_scheduled_works+0xae1/0x17b0
[ 1783.289722][ T2188]                         worker_thread+0x8a0/0xda0
[ 1783.296287][ T2188]                         kthread+0x711/0x8a0
[ 1783.302333][ T2188]                         ret_from_fork+0x4bc/0x870
[ 1783.308899][ T2188]                         ret_from_fork_asm+0x1a/0x30
[ 1783.315663][ T2188]  }
[ 1783.318147][ T2188]  ... key      at: [<ffffffff8dc0c058>] tasklist_lock+0x18/0x40
[ 1783.325913][ T2188]  ... acquired at:
[ 1783.329699][ T2188]    lock_acquire+0x120/0x360
[ 1783.334357][ T2188]    _raw_read_lock+0x36/0x50
[ 1783.339019][ T2188]    send_sigio+0x101/0x370
[ 1783.343510][ T2188]    dnotify_handle_event+0x169/0x440
[ 1783.348860][ T2188]    fsnotify+0x1814/0x1a80
[ 1783.353341][ T2188]    path_openat+0x171e/0x3830
[ 1783.358173][ T2188]    do_filp_open+0x1fa/0x410
[ 1783.362831][ T2188]    do_sys_openat2+0x121/0x1c0
[ 1783.367680][ T2188]    __ia32_compat_sys_open+0x117/0x140
[ 1783.373210][ T2188]    __do_fast_syscall_32+0xb6/0x2b0
[ 1783.378481][ T2188]    do_fast_syscall_32+0x34/0x80
[ 1783.383486][ T2188]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1783.389964][ T2188] 
[ 1783.392268][ T2188] 
[ 1783.392268][ T2188] stack backtrace:
[ 1783.398146][ T2188] CPU: 1 UID: 0 PID: 2188 Comm: syz.3.8585 Not tainted syzkaller #0 PREEMPT(full) 
[ 1783.398160][ T2188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1783.398168][ T2188] Call Trace:
[ 1783.398174][ T2188]  <TASK>
[ 1783.398180][ T2188]  dump_stack_lvl+0x189/0x250
[ 1783.398198][ T2188]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1783.398211][ T2188]  ? __pfx__printk+0x10/0x10
[ 1783.398223][ T2188]  validate_chain+0x1f05/0x2140
[ 1783.398240][ T2188]  __lock_acquire+0xab9/0xd20
[ 1783.398251][ T2188]  ? send_sigio+0x101/0x370
[ 1783.398263][ T2188]  lock_acquire+0x120/0x360
[ 1783.398272][ T2188]  ? send_sigio+0x101/0x370
[ 1783.398283][ T2188]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[ 1783.398295][ T2188]  ? dnotify_handle_event+0x62/0x440
[ 1783.398309][ T2188]  _raw_read_lock+0x36/0x50
[ 1783.398320][ T2188]  ? send_sigio+0x101/0x370
[ 1783.398330][ T2188]  send_sigio+0x101/0x370
[ 1783.398342][ T2188]  dnotify_handle_event+0x169/0x440
[ 1783.398355][ T2188]  fsnotify+0x1814/0x1a80
[ 1783.398368][ T2188]  ? fsnotify+0x735/0x1a80
[ 1783.398377][ T2188]  ? __pfx_fsnotify+0x10/0x10
[ 1783.398387][ T2188]  ? _raw_spin_unlock+0x28/0x50
[ 1783.398398][ T2188]  path_openat+0x171e/0x3830
[ 1783.398417][ T2188]  ? __pfx_path_openat+0x10/0x10
[ 1783.398433][ T2188]  do_filp_open+0x1fa/0x410
[ 1783.398444][ T2188]  ? __lock_acquire+0xab9/0xd20
[ 1783.398454][ T2188]  ? __pfx_do_filp_open+0x10/0x10
[ 1783.398470][ T2188]  ? _raw_spin_unlock+0x28/0x50
[ 1783.398482][ T2188]  ? alloc_fd+0x64c/0x6c0
[ 1783.398498][ T2188]  do_sys_openat2+0x121/0x1c0
[ 1783.398510][ T2188]  ? __se_sys_futex_time32+0x360/0x3e0
[ 1783.398526][ T2188]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1783.398538][ T2188]  ? rcu_is_watching+0x15/0xb0
[ 1783.398550][ T2188]  __ia32_compat_sys_open+0x117/0x140
[ 1783.398563][ T2188]  __do_fast_syscall_32+0xb6/0x2b0
[ 1783.398578][ T2188]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1783.398591][ T2188]  do_fast_syscall_32+0x34/0x80
[ 1783.398604][ T2188]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1783.398617][ T2188] RIP: 0023:0xf7fc2539
[ 1783.398627][ T2188] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1783.398636][ T2188] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000005
[ 1783.398648][ T2188] RAX: ffffffffffffffda RBX: 0000000080000080 RCX: 00000000001410c2
[ 1783.398656][ T2188] RDX: 00000000b221465a RSI: 0000000000000000 RDI: 0000000000000000
[ 1783.398663][ T2188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1783.398669][ T2188] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1783.398675][ T2188] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1783.398685][ T2188]  </TASK>
[ 1783.664455][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1783.673064][ T5912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1783.794936][ T2191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8584'.
[ 1783.820168][ T2191] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1783.831512][ T2194] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8582'.
[ 1783.844039][ T2188] bridge1: the hash_elasticity option has been deprecated and is always 16
[ 1784.701284][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1785.738668][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1785.988851][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1786.629106][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1786.698338][ T1025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1786.781075][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1787.820232][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1788.860252][T30196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1789.739872][ T5822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1789.898595][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1790.939993][ T5880] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog