last executing test programs:

49.8284047s ago: executing program 1 (id=2844):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x9}, @local=@item_012={0x2, 0x2, 0x4, "c1a1"}, @main=@item_4={0x3, 0x0, 0x9, "5aa8257f"}, @main=@item_012={0x0, 0x0, 0x9}, @main=@item_4={0x3, 0x0, 0xb, "af45cee1"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000140), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(r1, 0x40184810, &(0x7f0000000040)={0x3, 0xfffffffd, 0x2, 0x400, 0x8, 0x81})

48.366083763s ago: executing program 0 (id=2849):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6(0xa, 0x80002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x0)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000780)={0x0, r4}, 0x0, 0x0, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000104)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x8911, &(0x7f0000000140)={0xa, 0xfffc, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = dup(r5)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={&(0x7f0000000140)="17e89526a4730e15f15d7004baab12", 0x0, 0x0, 0x0, 0xc6}, 0x38)
setitimer(0x2, &(0x7f0000000040)={{}, {0x0, 0x2710}}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0xfa7e}, 0x0)
shmget$private(0x0, 0x4000, 0x40, &(0x7f0000ffc000/0x4000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r6, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000ff070000000000000000000001000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000000000000000000b10d875a6af9d08a52e8e1b1bcca0d678c48b8c443535d76fff30aaeaea8edecfb9fe1df564ae7e7f31cbd0157690a5f23cc35590391d27081ea3b56d7f5a1190d52e8dad264f3396485ee59769a1b06ea35ed37d03abedf4e0923f51147126d5fa546ef18bc93baa6285f96c69378e6cbfd72c81e5f47f58c9b88d96b7df91ff20108cbc4944bc98c31246f09cbb6c09cc34660601b4cbb0d9c6105e8caba3f1b25d03ce8bfa55e568982a515e05222aef564dbdbe882b6f455d4c009114156870f963118d45950717f78d28dd3d35ad4df4b8dfcf3ced3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50}}, 0x0)

47.014901189s ago: executing program 4 (id=2855):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000008c0)={0xc0})
fstat(r0, &(0x7f0000002a80))
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f00000001c0)=0x1)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r2, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

46.916708797s ago: executing program 0 (id=2856):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xdc80, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r2, &(0x7f00000004c0)='W', 0x1, 0x4c000, &(0x7f0000000000)={0xa, 0x4e20, 0xfffffffd, @loopback, 0x8}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, 0x0, 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYBLOB="ff"])
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)=ANY=[])
r3 = socket$kcm(0x2, 0xa, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000001840)={@val={0x8, 0x800}, @val={0x6, 0x0, 0x6, 0x0, 0x14}, @ipv4=@generic={{0x6, 0x4, 0x2, 0x2, 0xfc0, 0x66, 0x0, 0xb, 0x4, 0x0, @rand_addr=0x64010102, @broadcast, {[@timestamp={0x44, 0x4, 0xe6, 0x0, 0x7}]}}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b7589ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54d5d833293f5df09224482179e5bcd8e227c99172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19415e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb91010763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb80ada1e5ca74c8960093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e1215563bf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c3df04affee49612a735907d3c4d310a54a6f609873ad56f29a138f4d5661f686"}}, 0xfce)

46.792293283s ago: executing program 4 (id=2858):
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x25, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0x0, 0x9}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x100, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x8, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0xfffffff9, 0x2000, 0x2, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1003, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0xfffffffa, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x412, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xfffbffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000a40)={'syz1\x00', {0xfffd, 0xd}, 0x4d, [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x400, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x10, 0x0, 0xfffffffe, 0xffff, 0x0, 0x0, 0x20, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x6, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0x100, 0xfffffffe, 0x0, 0x4, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffff, 0xe, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x40001c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x200000, 0x0, 0x8, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7fffffc, 0x0, 0x0, 0x7fff, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x2], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfc2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0xe, 0x0, 0x1000003, 0x0, 0x1, 0x1ff]}, 0x45c)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@empty, 0x3b})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r3)
ioctl$sock_SIOCETHTOOL(r2, 0x89f1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r4, 0x2000)

46.629654113s ago: executing program 1 (id=2860):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000840)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(0xffffffffffffffff, 0x81, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f00007a7000/0x2000)=nil, 0x2000)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
write$FUSE_NOTIFY_DELETE(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="2a00000006000000e34a52c98bf40000000000000000010500000000000200000092125713aea03fa4852db45a7315ce0e95dabd51ab447f9505b75e20de715f25559e496eb2e3c0404d36b62155449de588ebe8cb4e54f6f5d8f9ff55ba0d23453fef630e82a3e87bbb284894ffb55d1d428673e1f4b2c85bb9c2f658a6a362081af8ac8a"], 0x2a)
r3 = socket(0x2b, 0x80801, 0x1)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r5=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2, 0xfffffff8}, {0xa, 0x0, 0xf, @mcast1}, r5}}, 0x48)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r5}}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000011c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d0, 0x140, 0x5c, 0x160, 0x0, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@uncond, 0x5002, 0xa8, 0xf0, 0x52020000, {0x0, 0x6802000000000000}}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x7fff, 0x9, 0x7, 'syz0\x00', {0x719}}}}, {{@ipv6={@private0, @private2, [0xff, 0x0, 0xffffff00, 0xff], [0xff, 0xffffff00, 0xffffff00, 0xffffff00], 'tunl0\x00', 'pimreg0\x00', {0xff}, {0xff}, 0x33, 0x4, 0x9456fff08070a538, 0x70}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x82b, 0x0, 0x0, 'syz0\x00', 'syz0\x00', {0x8000800000000000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x330)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3000000, 0x200000005c831, r3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000570000/0x4000)=nil, 0x4000, 0x9)

46.629350736s ago: executing program 3 (id=2861):
r0 = socket$nl_route(0x10, 0x3, 0x0)
close_range(r0, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000004580)={0x1, 0x5, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0, 0x0, 0x6}, [@btf_id={0x18, 0x7, 0x3, 0x0, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x6, 0x29, &(0x7f0000000200)=""/41, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x2c, 0x3f, 0x107, 0xfffffffe, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x10, 0x0, 0x1, [@nested={0x4, 0x8}, @typed={0x8, 0xf, 0x0, 0x0, @fd=r1}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
acct(0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'gretap0\x00', &(0x7f0000000180)={'gretap0\x00', <r2=>0x0, 0x40, 0x7800, 0x3, 0x100, {{0x3f, 0x4, 0x2, 0x8, 0xfc, 0x65, 0x0, 0x2, 0x29, 0x0, @local, @private=0xa010102, {[@end, @timestamp_prespec={0x44, 0x3c, 0x2c, 0x3, 0x1, [{@empty, 0xfffffffd}, {@local, 0x1}, {@remote, 0x9}, {@local, 0x1}, {@rand_addr=0x64010101, 0x10}, {@broadcast}, {@loopback, 0x4bf}]}, @cipso={0x86, 0x16, 0x3, [{0x7, 0x10, "182f070af4baea58e7efddfd5166"}]}, @cipso={0x86, 0x2f, 0xfffffffffffffffc, [{0x4, 0xb, "fe7c22ddfcefdda74a"}, {0x1, 0xe, "800c2ea6b427bd855d69d932"}, {0x5, 0xe, "af08a3789333a787bfe189bf"}, {0x0, 0x2}]}, @lsrr={0x83, 0x1b, 0x59, [@multicast2, @multicast1, @dev={0xac, 0x14, 0x14, 0x3f}, @empty, @rand_addr=0x64010101, @multicast2]}, @end, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x34, 0x75, 0x1, 0x6, [{@broadcast, 0x8}, {@multicast1, 0xfffffffd}, {@remote, 0x4}, {@multicast1, 0x80}, {@broadcast, 0x4}, {@empty, 0x5}]}, @rr={0x7, 0xf, 0x26, [@broadcast, @broadcast, @private=0xa010100]}]}}}}})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x1, 0xfffffffd, 0x2, {0x0, 0x0, 0x0, 0x0, 0xa063, 0x41c23}, [@IFLA_LINK={0x0, 0x5, r2}, @IFLA_VFINFO_LIST={0x18, 0x16, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@IFLA_VF_RATE={0x10, 0x6, {0x3, 0x4, 0xffffffff}}]}]}]}, 0x15}}, 0x2402c004)

45.690746775s ago: executing program 0 (id=2862):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0xb00)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x30}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[], 0x38}, 0x1, 0x300}, 0x0)
getpeername(0xffffffffffffffff, &(0x7f00000002c0)=@in={0x2, 0x0, @remote}, 0x0)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r4, 0x8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000050, 0x0, 0x0)
fspick(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000000406010100000000000000000000000005000100070000002d8ce0d0c69fe93c8eb9a53af6c3af308d66439de4e2d0aab9e0dec2f00e40d8b8098410a7a461d2499736324d69b80f1657dbb10ec5ad09f45482893371b3e1a22ce3d83c8ff9a8b00d1c2b0266f8e6f5cdd3840279b9ccb7cef102fed38436e815701ea7e7c9eba029258be5ae892e5ff7833bde85f39d413511cf87db614f847db7b1dff3cbeac2e964ca3b3a04ae38ddf2b8f2d6bd39253e67213cc059654b5a7138bbfd77cce033cbc147f59eb66f131e602d8e1d43a6a80fcc7e975e24075e29b84179c9155082b5f277219483312acd766c5b96ae46a515b90d90bbc73486fac32a3e5b8d55cb2ab09dc44b58d85f3fb44cadfde2f4de5b9fb298064a56d34524373898fea947a6474c7f4c113ccbdcc7c66e9d443b9d525757fb1dfb645260b43452b5bca8ac19ed2ffd69261c0c"], 0x1c}}, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x4000000, 0xfffffffe, 0x3002, 0x0, 0x3, 0x9, 0x5, 0x7}})
syz_emit_ethernet(0x7a, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa008100000086dd602e5cea00403c0020010000000000000000000000000002ff0200000000000000000000000000010004c910"], 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x1e71, 0x2019, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xf, 0x10, 0xfa, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x3, 0x1, 0x1, 0x80, {0x9, 0x21, 0x2a60, 0x8, 0x1, {0x22, 0x439}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0xf, 0xe8}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x4f, 0x0, 0x1}}]}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x110, 0x5, 0xe, 0x9, 0x8, 0x2b}, 0x48, &(0x7f0000000380)={0x5, 0xf, 0x48, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x9, 0x6, 0x6, 0x2}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x8, 0x9}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0xb, 0x3}, @ssp_cap={0x1c, 0x10, 0xa, 0x0, 0x4, 0x7ba8, 0xf0f, 0x4, [0xffc00f, 0xff00e1, 0xffff3f, 0xff000f]}, @ssp_cap={0xc, 0x10, 0xa, 0x8, 0x0, 0xe09, 0xf000, 0xffb3}]}, 0x1, [{0x57, &(0x7f0000000400)=@string={0x57, 0x3, "608eb2fe68ba104abde02eefcb42f1cc1dca98f14786b166441cf1ceadf02d2b6de6d28a2394036945a9eeb46265660689ba60773c9512ad681e40ae6cf77e3679c0419bbf01c205b1ab141a18d0576c47466e98b4"}}]})
syz_usb_control_io$hid(r7, &(0x7f0000000800)={0x14, &(0x7f00000006c0)={0x40, 0x6, 0x5e, {0x5e, 0x23, "847876b11e63efef9bac3e176c2177ba044772fb10fea0060eaf0b73f6a5d137d2e66a68d35219b4fff8557dfbebf3437019831f3dcbd83667f3c27013ca3c7bac45a5b66ce677427df5ba98c4ba0bf53f2e2e96fccf2284fe838517"}}, &(0x7f0000000740)={0x0, 0x3, 0x43, @string={0x43, 0x3, "1e93763099b990afdb4f3e94a31b579edd17d1fc12ee8ab01d2313f4175ad187c2ac11c8046b4bc75effa1f0975e268d80753a8da343493afb7a9a28f4b33db8b1"}}, &(0x7f00000004c0)={0x0, 0x22, 0x15, {[@main=@item_012={0x0, 0x0, 0xb}, @main=@item_4={0x3, 0x0, 0xa, "012198dc"}, @local=@item_012={0x0, 0x2, 0x9}, @local=@item_012={0x2, 0x2, 0xa, '(\v'}, @local=@item_012={0x0, 0x2, 0x8}, @local=@item_4={0x3, 0x2, 0xa, "d6199c43"}, @global=@item_4={0x3, 0x1, 0x0, "1fa9cefe"}]}}, &(0x7f00000007c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1, 0x2, 0x1, {0x22, 0x451}}}}, &(0x7f0000000ac0)={0x18, &(0x7f0000000840)={0x0, 0x7, 0xd5, "04ebf14de75212cd62e49aaa553297968232c6b3782555f3f63233e82e785372a5ebe29ee2330c36b9daec45699a5cc51ca11ea6181e12aa4bb0e85d2375fad67c7d626cec2d68d1814fef5be656fd90d7fdb435095c327337de9f68f49c0f7f5468a7cad4b7c99aef549ca60fe06551e29602ed439be0401e27f541ba43585e62fa1b33753ae7b4fe54aedb9392b47d51ca0d3b0979e5fbf563e879d1eec912d2ee1589e2dc313f5323d6b98a3576dd2d4fae4cc41739569b41278f022c03d56452a4323281fe78b123790656496fbd119d4228a9"}, &(0x7f0000000940)={0x0, 0xa, 0x1, 0x5f}, &(0x7f0000000980)={0x0, 0x8, 0x1, 0xe}, &(0x7f00000009c0)={0x20, 0x1, 0x94, "a65b35425b87c260e7d2331b0a31dd3bb8ec8b7b4aec682a9ee302b446baf4e17dda06f91d340770e36f836013536922e65daf07deabb09b031e1fc06bc48cabdf5fef6c404b3e9d34b704aed1bc28e4817ec9e2100de47f910e41c45c29166c28a3626be8f6e77b1e687a9b39dbc72621272dccc166632916693401b1b06e23d2e3d80e1f2ebd2040de32c87a3aadba91185355"}, &(0x7f0000000a80)={0x20, 0x3, 0x1, 0x1}})
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

45.540459889s ago: executing program 2 (id=2863):
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xc0002009})
openat$dma_heap(0xffffff9c, &(0x7f0000000000), 0x2800, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
epoll_pwait(r1, &(0x7f0000000540)=[{}], 0x1, 0x4000a, 0x0, 0x0)

45.489881231s ago: executing program 2 (id=2864):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12011101000000086d044fc200000000000109022400010000400909040004010300000002000005000000000000000000000000e9ff"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000f80)={0x0, 0x22, 0x7, {[@global=@item_012={0x1, 0x1, 0x0, '4'}, @main=@item_012={0x2, 0x0, 0xa, "b608"}, @global=@item_012={0x1, 0x1, 0x4, '\x00'}]}}, 0x0}, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_usb_connect(0x4, 0x568, &(0x7f0000000840)={{0x12, 0x1, 0x110, 0xa0, 0x67, 0xc8, 0x10, 0x409, 0x63, 0x7752, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x556, 0x2, 0xe6, 0xa, 0xc0, 0x7, [{{0x9, 0x4, 0x1d, 0xa, 0xe, 0xd0, 0x1, 0xee, 0x20, [@uac_as={[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x2b, 0x1, 0x81, 0x0, "d66a4e"}]}], [{{0x9, 0x5, 0xc, 0x0, 0x200, 0x7, 0x0, 0x50, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x4, 0x2}]}}, {{0x9, 0x5, 0x5, 0x4, 0x3ff, 0x3, 0x8, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x5, 0x200}]}}, {{0x9, 0x5, 0xb, 0xc, 0x40, 0x40, 0x70, 0x77, [@generic={0xd6, 0x31, "7588cfe70ffada0ae5890761191ba1fd15237a4c5090ed762d24a046a1c753dd9a2277ddfccce21a49f8e653d7457d3c2e0d65439f3e4ff9c70c97e58eba967594842af60777b58c942ec6a166232190fe306ccf7ad429e7fedbcd6d1fac80c8ec1b04a1efb48b2b6e3e1a0983de64035d46f9695002b799caa742111aa8cd9a7efcdf41b24998b19f382de6541e380c6402756cac5a0c74a5ab851084e6343cdd4962d209015b99eee52030bd117c5c31ad99f774ba43c13a4444cfa08dc7474275974724f1efed3bb32baf6ea626f8ee63b563"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x20, 0x3, 0x62, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x2, 0x8}]}}, {{0x9, 0x5, 0x3, 0x3, 0x40, 0x1, 0x7, 0x58, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0xd, 0x7}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x8}]}}, {{0x9, 0x5, 0xe, 0x2, 0x400, 0x9, 0x6, 0xea, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xa, 0x4}]}}, {{0x9, 0x5, 0x5, 0x2, 0x1f7, 0x6, 0x1, 0x7c, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x2}]}}, {{0x9, 0x5, 0xf, 0x4, 0x200, 0x5, 0x49, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x81, 0xe104}]}}, {{0x9, 0x5, 0x2, 0x0, 0x400, 0x7, 0x3, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x84, 0x1}]}}, {{0x9, 0x5, 0xd, 0x0, 0x40, 0x6f, 0xc, 0x2, [@generic={0xdf, 0x4, "bd5900ef6bb8853b2d9018bc57be872ee1afd0ff3356aaebd01e81a6a63c059446e1d08c08780777c25f48a0f10787344be9d97472e4dbd3b9e1ea5ddaeed9029ed2b86f31e2fe8672dce8bf2eb3f46848c4601865baca49aa9170e1661f45d7d0eb3c61ba1f1cfb052084ed05101d41967321a6540eab3d77d207aaa0ee2c78607f975c24801ae567bcf5125e7ed67ca1b9595ff7cd9e669269c6ecca028e142f39a9372bedd5eb7b4ef212eae98fb4a321362ffd66d6bfe5716327897af3b243c8e123ebbce64b4966e2460a73cb3e2e7c2853f1d726f687d424f742"}]}}, {{0x9, 0x5, 0x7, 0x1, 0x40, 0x5, 0x6, 0x3, [@generic={0xea, 0x22, "222665488a364d576321ddde50382e5c2b2d57acaedd3966f65acbf77b3e90fd79855bd45bdaf5060c04124d40175756d1e708d88f15d9c71729c512b5f33df0223e46ee6e0934bbfa5234cfb5cb3f7d4fd4a9a435e0a586d0e81dcbe0157de70dd45139fddcb86c00e169371c0ce9e643ac5b0b64c7f205bddbfd054a39989e3a903e0e192367decfa7d3fd677747747f98ec30722a62e2e55fe89930139232426fe6b2a75e9dac4968360dacc4a1a3a20d82151f9f6d2817280248a781673f63fe345ac1b9afcc9f8dbc0d32ed50a39479e050eaaaa4077b602f411c93810818a555da2a5c3fb8"}]}}, {{0x9, 0x5, 0x9, 0x3, 0x8, 0x66, 0x6, 0xf8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x7}, @generic={0xb2, 0x21, "16f4399fcf54932ce87927974d8a7759ffd06ba0e4e39e8a5275181d77dd63113e38951e01a1eea1c71966eedc278cabb4168318060df22c8906130d2da994a1992ac2fd79368838d40516ef84223931326357d0ffebdec348ef7b8a8d2b986c3ff97d803a45a53c4020d2867917838b0742b18988be5b426521761d6ba59fa30d6068583bd1595ec7869b8b3346cb0c1968f5f3faa7ee13e3e67b72f9be76dabf89241d498736ac928581fa72560016"}]}}, {{0x9, 0x5, 0xa, 0x10, 0x10, 0x7f, 0x4, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0x3}, @generic={0x24, 0x9, "f23665bf43aaa5ec17c9666f8768448d36d99d6f3deac073f34bd603894fb56a78e6"}]}}, {{0x9, 0x5, 0xa, 0x3, 0x200, 0x4f, 0x4, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0xf3, 0x1}, @generic={0x54, 0xe, "c3e0fc2f373f676a1e4002351a1ad684621d41713456224293f039e32c635e1875e821b8460295e5583e899abfb5f51fc2a185452ade4986231ce6d645d45bedc4312383781a4a5f2a16b3d7fa2792d67d5d"}]}}]}}, {{0x9, 0x4, 0x20, 0x9, 0x1, 0x81, 0xaa, 0xa6, 0xef, [@uac_control={{0xa, 0x24, 0x1, 0x2, 0x2}, [@mixer_unit={0x5, 0x24, 0x4, 0x5, 0x2}, @output_terminal={0x9, 0x24, 0x3, 0x4, 0x305, 0x3, 0x3, 0xfb}, @processing_unit={0xd, 0x24, 0x7, 0x5, 0x6, 0x2, "e729e7129a82"}, @feature_unit={0x13, 0x24, 0x6, 0x6, 0x6, 0x6, [0x9, 0x3, 0x6, 0x9, 0x8, 0x7], 0x5}, @extension_unit={0xb, 0x24, 0x8, 0x3, 0xffff, 0x0, "b069ba38"}]}], [{{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x36, 0x50, 0x5, [@generic={0x4a, 0x1, "384e62c62e7faac97524e4819101fd93513a400193d6ceca1b9cf34b6a13a0d3c222c956421e70ecdbc3bdac54badb5cc4e00ffd6256e7d0ea494a08dafcc675b1200116cac5615d"}]}}]}}]}}]}}, &(0x7f0000000e40)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x41, 0x8, 0x4, 0x3, 0x20, 0x5}, 0xd0, &(0x7f0000000200)={0x5, 0xf, 0xd0, 0x3, [@generic={0xa0, 0x10, 0x2, "481d2e04cdce4308d960a6168b4f2a717485a707cfabba06642e8e7c1cfb15c79a591ec0003c83bca2f3408b6d59d9bcf576646a5bec3fd3cad1388f201fdf7f361f816ce67ca936635fc64779d1317145fefa28f4a3de223f507e5742161528fde3048984aeb9c289b4e25378ca03e2dbad02a1482d5e24e7e2124f50e2c298d5ef5933daf5d04c18775f0b4548e741b1896500b405fe57eb3d5f89a1"}, @ssp_cap={0x24, 0x10, 0xa, 0x3d, 0x6, 0x8, 0x7, 0x530, [0x0, 0x0, 0x0, 0xc00f, 0x3fff, 0xff6090]}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0x8, 0x1, 0x2}]}, 0x9, [{0xd8, &(0x7f0000000440)=@string={0xd8, 0x3, "b92f9a0d39233111695eac917a30a82f3ccc35e2ba9a2e65de5b7f4e7cded890f26419035dd089e20794145b23ebac01ed09ed0f1e8af1bdc1f4cc5ddff18263a1beec9230f92849b673020b0be35a837b6ce2952af1272bd745e05fd586a0cb51e2e93dc8b3301e0dffc78ec573985425417071d13b8bd7278d3f3a0b5914f48b731064463cb9918e1730e071efe68cdc4a5c58d99057e7ed3ccac3fb082c3c769a88c654a1e9264feb5cda6cc232c891a9841322a1a890b68777c80bce12279fdc7fc53439ab9b1938a791645179266b7c9e38ca47"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x2c01}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x458}}, {0x5e, &(0x7f0000000580)=@string={0x5e, 0x3, "31ac5dfa1b464299349487d7964da519698f8bab277ff73bb78761c62902002cd7acccbfdbf9e577f7707a624112d66fb83a917af1640fe2a4a1706c957ccaf46dfd2e996beba43de99826f6bff732e84666aaea891d1f6386955f32"}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x1c01}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x340a}}, {0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0xc04}}, {0x36, &(0x7f0000000780)=@string={0x36, 0x3, "9b1c8a42e05be5c8d9d1e8e5c7cfd5fdbcf9636666003f54bdc04cbdc966e7ff168fe4547899c037b9974e4d35134ff47adb557f"}}, {0x46, &(0x7f0000000dc0)=@string={0x46, 0x3, "57f7f814f8bf1d08c66e74e28ffae454cb938e7d938ab7fe783af93d8cad8694de1c96aa757e97a1ba60865a30a5c2ae73bb2d915e89127a8de5ef402916a3a1bc1853b1"}}]})
syz_usb_control_io$lan78xx(r2, &(0x7f00000007c0)={0xc, &(0x7f0000000ec0)={0x0, 0x11, 0x70, {0x70, 0x2, "fe544fec1b226a51ce28c0f096345dbad825c3fbf42f84842133b00c7728de46c566f4d8e2eff7f07f150ba252a2cc2736a003e29d161a188031ff3444cd88631ba9105ab09690e49d2fe2fa8f26d37a8bf16754d9ee5574636331d3341090c085d53b990a38be241aa69ed79664"}}, &(0x7f0000000fc0)={0x0, 0x3, 0x5e, @string={0x5e, 0x3, "6856ff26d0d37a7f450b1c6ff94c47fe057a36d45b8c8df7159e1dc8826904639a55e3b5e2de17e5af2566c0263670e21d24f8b09b846d38a6a13c5c539e40b13ccf22dcae47d297f9b6e4a728b846527de276ed9bde3fd846007113"}}}, &(0x7f0000001180)={0x1c, &(0x7f0000000f40)={0x20, 0x15, 0xf, "fe80e73e31c7bfc8604de8f6185b02"}, &(0x7f0000001040)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000001080)={0x0, 0x8, 0x1, 0x2}, &(0x7f00000010c0)={0xc0, 0xa1, 0x4, 0x1}, &(0x7f0000001100)={0x40, 0xa0, 0x4, 0x1}, &(0x7f0000001140)={0xc0, 0xa2, 0x2f, "91970a75a8e89d3bdbbafe940e62563b3c28e5e5655afb65378b1ffbb25cc24b12e7510af14754fb41b5fc3c01e86e"}})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0x5, &(0x7f0000000080)=0x80000001, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000083c0)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x3fffffffffffe, {0x0, 0x200000000, 0x1, 0x4, 0x6, 0x0, {0x0, 0x10001, 0x200000000000, 0xd, 0x0, 0x100, 0x10000, 0x2, 0x80000000, 0x0, 0xd, r5, 0x0, 0x7, 0xa0}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000004300)={0x50, 0x0, r4, {0x7, 0x26, 0x8, 0xfffffffff323ca46, 0x0, 0xfffc, 0x6, 0x5d3186cc, 0x0, 0x0, 0x1, 0x10001}}, 0x50)
syz_open_dev$usbfs(&(0x7f0000000000), 0xb, 0x2)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r7 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r7, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x65)
setsockopt$inet_mreqsrc(r7, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
close_range(r6, 0xffffffffffffffff, 0x0)
creat(&(0x7f00000001c0)='./file0/file0\x00', 0x108)
creat(&(0x7f0000000180)='./file0/file0\x00', 0x0)
epoll_create1(0x0)
read$FUSE(r1, &(0x7f0000002100)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f0000000040)={0x10, 0xffffffffffffffda, r8}, 0x10)
umount2(&(0x7f0000000000)='./file0\x00', 0x9)

45.134019966s ago: executing program 3 (id=2865):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="18000000000300000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r0}, 0x18)
syz_open_dev$loop(0x0, 0x7, 0x80000)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001500000000000000000000000200"], 0x1c}}, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)

45.031828375s ago: executing program 4 (id=2866):
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000700)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32, @ANYBLOB="20000100", @ANYRES32=r3, @ANYBLOB="00000001e000030000000000000000000000000008"], 0x38}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x2000000)

45.01491088s ago: executing program 1 (id=2867):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6(0xa, 0x80002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x0)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000780)={0x0, r4}, 0x0, 0x0, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000104)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x8911, &(0x7f0000000140)={0xa, 0xfffc, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = dup(r5)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={&(0x7f0000000140)="17e89526a4730e15f15d7004baab12", 0x0, 0x0, 0x0, 0xc6}, 0x38)
setitimer(0x2, &(0x7f0000000040)={{}, {0x0, 0x2710}}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0xfa7e}, 0x0)
shmget$private(0x0, 0x4000, 0x40, &(0x7f0000ffc000/0x4000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r6, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000ff070000000000000000000001000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000000000000000000b10d875a6af9d08a52e8e1b1bcca0d678c48b8c443535d76fff30aaeaea8edecfb9fe1df564ae7e7f31cbd0157690a5f23cc35590391d27081ea3b56d7f5a1190d52e8dad264f3396485ee59769a1b06ea35ed37d03abedf4e0923f51147126d5fa546ef18bc93baa6285f96c69378e6cbfd72c81e5f47f58c9b88d96b7df91ff20108cbc4944bc98c31246f09cbb6c09cc34660601b4cbb0d9c6105e8caba3f1b25d03ce8bfa55e568982a515e05222aef564dbdbe882b6f455d4c009114156870f963118d45950717f78d28dd3d35ad4df4b8dfcf3ced3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50}}, 0x0)

45.004466298s ago: executing program 3 (id=2868):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELSET={0x154, 0xb, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x7}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_USERDATA={0xd9, 0xd, 0x1, 0x0, "2e9164453b8208e6f109783db6c600c535fa10afe09d8dd5209f6a8c0803aeb642048f8791d2bcf77122b5c7a368b3d9d1f4bfb039a04b88aad22c86f1904fd5d5eafcb7a280431cee91dd88b86bce4b918c20ede6c0b338c45d3fb699d1f1e89f2f1527f793eff8024fc258c8c1eedf54a6ca34eac4477029829dc11173a70c8dc9db7584d359d3d04b3bbc8351702a393b380f13cd4b16b905c497b8d2f37b6285c6824a1cc2cafd30b44881451660cfa090c8d4ad47412eed73138465f6a04068bd77766925a2586c42b2779465965bf2206ef8"}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_EXPR={0x48, 0x11, 0x0, 0x1, @lookup={{0xb}, @val={0x38, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0xc}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_LOOKUP_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}, @NFT_MSG_NEWFLOWTABLE={0x70, 0x16, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3ff}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSETELEM={0x954, 0xc, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x940, 0x3, 0x0, 0x1, [{0x93c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @target={{0xb}, @void}}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_DATA={0x10c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0xb8, 0x1, "4760295c35b52c8268d0ec351f03b84f8f47ac7a7801a434e711d8d3cd47e83b3d4cb02e9d49f3d1feedd5adb3133c66d7ac6ded6e0aa44c2b3ee5daf43f4be3a14a1419da802c6a7956cb640d4888cbc7df55a78986eb174a407210d5ff60cb3e97180ae984de700d6d32d9b8f0071b143ceeab238481eb1de19d2b7197cc1aa9c4bc799b41d28351af3a9ccd1609eae6f98bf3550a3030fce9a09ba9989cfc50507a814f02ac0323fcdb7fdb8a645c31157e9e"}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}, @NFTA_SET_ELEM_KEY_END={0xfc, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0x89, 0x1, "43be06019996c45cab193f6e4122f5e5e60e0a7bdca436efa8151e6162dae3ee6ee7cb81cc4b6d8efaeadd84b7a40631116ab12528927b7ba5fb9df98867066cf8329787c0a63f9e3593ad8798cab7b751e1a9d52e204e244d5682e37a4338d31a1847a5c8316889f93f150765d46774f63e071844d9a61bf1eeb70ab1dfc326d560c0bb6c"}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}]}, @NFTA_SET_ELEM_USERDATA={0x7, 0x6, 0x1, 0x0, "97bd25"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_KEY={0xac, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xa5, 0x1, "60d88674018e7c9de5a01e7873ede0add721ececcfb0b009026361c99cd90608963e0ce4a9882a138a9e59e7c9294da5439223484158bc24cd4658e543385c5aba6cef621e81df11a8aacd201d7313d412ac4a64bc5682106cffb10b050ae34cd18d1d43b8027dfc876362c5c21ec9d59d710b18e8d5acbca2b242ee35b68dcc771adec464bec51c29fd81cdae29776b38babcf426bc7754155c7571b149bab51b"}]}, @NFTA_SET_ELEM_KEY={0x23c, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0xbd, 0x1, "565b2c94e0dbad6c9d228892bfac34091154ed50d93e82d0959ff3f7180c278c7f08c01b3c6d665092ac3a569dd1b4ed2e66f5a95e5791d2b06228e23fc791dc70b36231a3083506ce6c70a40eec62afd05a1c4d9b5d2d424695861047d1dbdea44250a175ac52f4d2acc4f1bc1f766f2f9e0300f9bf62655466b0cfb9b33770802bebb9a6de4c67f77a092ce7aa41d3f4e6ac7fa593e66c6a6e2ee4920e8b57cf874e8fcf8ddbdece0d646816c731087272b7d84cccc53114"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VALUE={0x4e, 0x1, "9fd198df03729e4fc037daba892daeaf9b11225afe8cef0cb2c7ccba4c76ea5e4b114eae4723f68c54d889e26f5b63c58f7b2bd737a1e52068bb466f1f051655f0e37c32cfd1ebc232c7"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0xae, 0x1, "44573226999b5acaf76fc806bb7095d637c7cfe8cdbab38099b137cff67ce4c42c4436284ec0a3e5ffe27d61e2cd19a9aa4cb82fc0d748b512058f765c470573df23bc9a600f916d18bb6a56e84ecb5844a606edb2d81201cb5508d0a6700bc355f80de0b3cfe9f3d08fe88bb1a92426f3a7a07222ec7462d4d6592cdd6ddbe27db27ca1297bc2ec30249a0f02e02e57010b55831e696c20b656523e33611debf271cd64e6bfcb0aa4d8"}]}, @NFTA_SET_ELEM_KEY_END={0x354, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}, @NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xd, 0x1, "0f75fab765571c8930"}, @NFTA_DATA_VALUE={0x13, 0x1, "b752d1df1799388a9c0aeb8bd91640"}, @NFTA_DATA_VALUE={0xfb, 0x1, "6744bc15aa7e76037254ca2190703d65af18dca735ce759e57373edacededf96f74020f5fab83863c32238f9b175125277c71b4c297d2c8bd5d33d94c8453c6f2e18662c7d84c11185503606c416edb1ba342d6953fc8310eb127eebe90dd7e2a33e8e04726c48f276bbb1c7ec3c23f14ad8c2128841b9cf24c32f76ec06e2cf2bf1ce3e9587732ed3a6f77684629127ccf7ea5b1149b8c2ad49278dfe5f069e5646a9040be24a08976a465b974508f803d49efa3fcc63ca672619adddc74cd7da00c8ddee74a205b522daf2b3dd669b1dc8128ae5ddf442909ce7883d6dbf7e5d911e6614d930d2107dbf537d9e37d3298d43fa636fb4"}, @NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x6}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0xd0, 0x1, "3b60235103cce08535a9b2f7b131d60ac517a9613d111d12a61e079a2e0035d0df87ef2a079c7df144f10496a5b4b06ed1c7c3a216bf680f2eec3541529fdf8bd7676f69141b6da92c91a9b5612644dd653328a5a917a981ff176562786f7898ee0a3255b20c565760047e27eb8c2876588fd2df75611fd03100303e0e54dd359ab7a2f7bdc142dd1749a2f1a958d41dee3255d3e85f65c14b761e0402be1538aef36d125211e8fa01eecf65c8cc0cde7fcd26cab940bdb93b6c50b72f0bc4cffc1c3743ebdac1aeabd4a777"}, @NFTA_DATA_VALUE={0xb3, 0x1, "85659405720143697eece39bece35db9284d784f12c58a72e36ffa2399407aac9f673da5cb84a272d06d17188da74b2575e158fa92aedc36d8a312f6e977cf2d3f32f2d43fd03fd535cecf6d7628687ae572c53e4c6cf5589381ed2e48533cfb772d68670dda128dffafc4fbd29bbc48988695b57c2caf8ba3f07c4ef271f375eaa19863821fdf3e7fae4736c40ec6248c3ae03e5ce5bc809bba4b911f3fafd05cbdce15dbec14f23753b49dc38e2a"}]}, @NFTA_SET_ELEM_EXPRESSIONS={0xc8, 0xb, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x44a4}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x81}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x200}]}}}, {0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xdf}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0xe3}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, {0x38, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}]}]}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x7}, @NFT_OBJECT_SYNPROXY=@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xb60}, 0x1, 0x0, 0x0, 0x4000015}, 0x40)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$pokeuser(0x6, r2, 0x10b, 0x538ec475)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f0000000000)=0x2)
read$FUSE(r5, &(0x7f0000002400)={0x2020}, 0xff43)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x1c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)

44.874641848s ago: executing program 4 (id=2869):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000008c0)={0xc0})
fstat(r0, &(0x7f0000002a80))
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f00000001c0)=0x1)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r2, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

44.712999489s ago: executing program 3 (id=2870):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x9}, @local=@item_012={0x2, 0x2, 0x4, "c1a1"}, @main=@item_4={0x3, 0x0, 0x9, "5aa8257f"}, @main=@item_012={0x0, 0x0, 0x9}, @main=@item_4={0x3, 0x0, 0xb, "af45cee1"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000140), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(r1, 0x40184810, &(0x7f0000000040)={0x3, 0xfffffffd, 0x2, 0x400, 0x8, 0x81})

44.640561047s ago: executing program 4 (id=2871):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x809}, {0xa, 0x8, 0x0, @empty}, 0x2, {[0x0, 0x1, 0xfffffffe, 0x0, 0xffffffff, 0x8]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9]}}, 0x5c) (fail_nth: 5)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x4e22, 0x800, @empty}, 0x0, {[0x0, 0x8000]}}, 0x5c)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000340)=0x6, 0x4)

43.740261493s ago: executing program 4 (id=2872):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="e3080000", @ANYRES16=r1, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="0a0018000303030303030000080026006c090000"], 0x30}}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
listen(r3, 0x50)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000240)={'netpci0\x00', 0x77})
bind$inet6(r4, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(r7, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f00000001c0)=ANY=[@ANYBLOB="12015001020000402505a1a440000102030109025c0002010070000904000001020d0000052406"], 0x0)
r8 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1ff, 0x181800)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r8, 0x80804120, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040), 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xb423, 0x0, 0x5, 0x1000}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000000)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r7, 0x0, 0x0, 0x0, 0x80800})

43.460082767s ago: executing program 1 (id=2873):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000000)={0x79})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000001240))
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
unshare(0x22020400)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = syz_open_procfs(0x0, 0x0)
preadv(r4, &(0x7f00000026c0)=[{&(0x7f0000000240)=""/4088, 0xff8}], 0x1, 0x15f, 0x0)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r5, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x10, 0x0, @vifc_lcl_addr=@multicast2, @remote}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000280)={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c)
setsockopt$MRT_FLUSH(r5, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r4)
openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x640000, 0xa8)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x40000071, 0x0, 0xff000000000c0000}]})
openat$vcsa(0xffffff9c, 0x0, 0x1, 0x0)

42.573218597s ago: executing program 0 (id=2874):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x8000000000000002, &(0x7f0000000e80)={<r1=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000000)={0x13, 0x10, 0x8, {0x0, r1, 0x1}}, 0x18)

42.447047101s ago: executing program 0 (id=2875):
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x25, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0x0, 0x9}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x100, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x8, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0xfffffff9, 0x2000, 0x2, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1003, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0xfffffffa, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x412, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xfffbffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000a40)={'syz1\x00', {0xfffd, 0xd}, 0x4d, [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x400, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x10, 0x0, 0xfffffffe, 0xffff, 0x0, 0x0, 0x20, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x6, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0x100, 0xfffffffe, 0x0, 0x4, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffff, 0xe, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x40001c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x200000, 0x0, 0x8, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7fffffc, 0x0, 0x0, 0x7fff, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x2], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfc2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0xe, 0x0, 0x1000003, 0x0, 0x1, 0x1ff]}, 0x45c)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@empty, 0x3b})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r2)
r3 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)

42.446346895s ago: executing program 1 (id=2876):
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x25, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0x0, 0x9}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x100, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x8, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0xfffffff9, 0x2000, 0x2, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1003, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0xfffffffa, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x412, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xfffbffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000a40)={'syz1\x00', {0xfffd, 0xd}, 0x4d, [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x400, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x10, 0x0, 0xfffffffe, 0xffff, 0x0, 0x0, 0x20, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x6, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0x100, 0xfffffffe, 0x0, 0x4, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffff, 0xe, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x40001c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x200000, 0x0, 0x8, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7fffffc, 0x0, 0x0, 0x7fff, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x2], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfc2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0xe, 0x0, 0x1000003, 0x0, 0x1, 0x1ff]}, 0x45c)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@empty, 0x3b})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r3)
ioctl$sock_SIOCETHTOOL(r2, 0x89f1, 0x0)
r4 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r4, 0x2000)

41.673740543s ago: executing program 2 (id=2877):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x3c, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0)

41.623792083s ago: executing program 3 (id=2878):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="18000000000300000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r0}, 0x18)
syz_open_dev$loop(0x0, 0x7, 0x80000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001500000000000000000000000200"], 0x1c}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)

41.556601219s ago: executing program 2 (id=2879):
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000700)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32=r4, @ANYBLOB="00000001e000030000000000000000000000000008"], 0x38}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x2000000)

41.477965041s ago: executing program 3 (id=2880):
fsopen(&(0x7f0000000300)='jfs\x00', 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901"], 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
socket(0x40000000015, 0x5, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pselect6(0x40, &(0x7f00000020c0)={0x64, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x2000000000008}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xc3ac, 0x0, 0x938, 0x80000000000, 0x4}, &(0x7f0000002100)={0x0, 0x3938700}, 0x0)

41.454245448s ago: executing program 2 (id=2881):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELSET={0x154, 0xb, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x7}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_USERDATA={0xd9, 0xd, 0x1, 0x0, "2e9164453b8208e6f109783db6c600c535fa10afe09d8dd5209f6a8c0803aeb642048f8791d2bcf77122b5c7a368b3d9d1f4bfb039a04b88aad22c86f1904fd5d5eafcb7a280431cee91dd88b86bce4b918c20ede6c0b338c45d3fb699d1f1e89f2f1527f793eff8024fc258c8c1eedf54a6ca34eac4477029829dc11173a70c8dc9db7584d359d3d04b3bbc8351702a393b380f13cd4b16b905c497b8d2f37b6285c6824a1cc2cafd30b44881451660cfa090c8d4ad47412eed73138465f6a04068bd77766925a2586c42b2779465965bf2206ef8"}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_EXPR={0x48, 0x11, 0x0, 0x1, @lookup={{0xb}, @val={0x38, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0xc}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_LOOKUP_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}, @NFT_MSG_NEWFLOWTABLE={0x70, 0x16, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3ff}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSETELEM={0x954, 0xc, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x940, 0x3, 0x0, 0x1, [{0x93c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @target={{0xb}, @void}}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_DATA={0x10c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0xb8, 0x1, "4760295c35b52c8268d0ec351f03b84f8f47ac7a7801a434e711d8d3cd47e83b3d4cb02e9d49f3d1feedd5adb3133c66d7ac6ded6e0aa44c2b3ee5daf43f4be3a14a1419da802c6a7956cb640d4888cbc7df55a78986eb174a407210d5ff60cb3e97180ae984de700d6d32d9b8f0071b143ceeab238481eb1de19d2b7197cc1aa9c4bc799b41d28351af3a9ccd1609eae6f98bf3550a3030fce9a09ba9989cfc50507a814f02ac0323fcdb7fdb8a645c31157e9e"}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}, @NFTA_SET_ELEM_KEY_END={0xfc, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0x89, 0x1, "43be06019996c45cab193f6e4122f5e5e60e0a7bdca436efa8151e6162dae3ee6ee7cb81cc4b6d8efaeadd84b7a40631116ab12528927b7ba5fb9df98867066cf8329787c0a63f9e3593ad8798cab7b751e1a9d52e204e244d5682e37a4338d31a1847a5c8316889f93f150765d46774f63e071844d9a61bf1eeb70ab1dfc326d560c0bb6c"}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}]}, @NFTA_SET_ELEM_USERDATA={0x7, 0x6, 0x1, 0x0, "97bd25"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_KEY={0xac, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xa5, 0x1, "60d88674018e7c9de5a01e7873ede0add721ececcfb0b009026361c99cd90608963e0ce4a9882a138a9e59e7c9294da5439223484158bc24cd4658e543385c5aba6cef621e81df11a8aacd201d7313d412ac4a64bc5682106cffb10b050ae34cd18d1d43b8027dfc876362c5c21ec9d59d710b18e8d5acbca2b242ee35b68dcc771adec464bec51c29fd81cdae29776b38babcf426bc7754155c7571b149bab51b"}]}, @NFTA_SET_ELEM_KEY={0x23c, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0xbd, 0x1, "565b2c94e0dbad6c9d228892bfac34091154ed50d93e82d0959ff3f7180c278c7f08c01b3c6d665092ac3a569dd1b4ed2e66f5a95e5791d2b06228e23fc791dc70b36231a3083506ce6c70a40eec62afd05a1c4d9b5d2d424695861047d1dbdea44250a175ac52f4d2acc4f1bc1f766f2f9e0300f9bf62655466b0cfb9b33770802bebb9a6de4c67f77a092ce7aa41d3f4e6ac7fa593e66c6a6e2ee4920e8b57cf874e8fcf8ddbdece0d646816c731087272b7d84cccc53114"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VALUE={0x4e, 0x1, "9fd198df03729e4fc037daba892daeaf9b11225afe8cef0cb2c7ccba4c76ea5e4b114eae4723f68c54d889e26f5b63c58f7b2bd737a1e52068bb466f1f051655f0e37c32cfd1ebc232c7"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0xae, 0x1, "44573226999b5acaf76fc806bb7095d637c7cfe8cdbab38099b137cff67ce4c42c4436284ec0a3e5ffe27d61e2cd19a9aa4cb82fc0d748b512058f765c470573df23bc9a600f916d18bb6a56e84ecb5844a606edb2d81201cb5508d0a6700bc355f80de0b3cfe9f3d08fe88bb1a92426f3a7a07222ec7462d4d6592cdd6ddbe27db27ca1297bc2ec30249a0f02e02e57010b55831e696c20b656523e33611debf271cd64e6bfcb0aa4d8"}]}, @NFTA_SET_ELEM_KEY_END={0x354, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}, @NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xd, 0x1, "0f75fab765571c8930"}, @NFTA_DATA_VALUE={0x13, 0x1, "b752d1df1799388a9c0aeb8bd91640"}, @NFTA_DATA_VALUE={0xfb, 0x1, "6744bc15aa7e76037254ca2190703d65af18dca735ce759e57373edacededf96f74020f5fab83863c32238f9b175125277c71b4c297d2c8bd5d33d94c8453c6f2e18662c7d84c11185503606c416edb1ba342d6953fc8310eb127eebe90dd7e2a33e8e04726c48f276bbb1c7ec3c23f14ad8c2128841b9cf24c32f76ec06e2cf2bf1ce3e9587732ed3a6f77684629127ccf7ea5b1149b8c2ad49278dfe5f069e5646a9040be24a08976a465b974508f803d49efa3fcc63ca672619adddc74cd7da00c8ddee74a205b522daf2b3dd669b1dc8128ae5ddf442909ce7883d6dbf7e5d911e6614d930d2107dbf537d9e37d3298d43fa636fb4"}, @NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x6}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0xd0, 0x1, "3b60235103cce08535a9b2f7b131d60ac517a9613d111d12a61e079a2e0035d0df87ef2a079c7df144f10496a5b4b06ed1c7c3a216bf680f2eec3541529fdf8bd7676f69141b6da92c91a9b5612644dd653328a5a917a981ff176562786f7898ee0a3255b20c565760047e27eb8c2876588fd2df75611fd03100303e0e54dd359ab7a2f7bdc142dd1749a2f1a958d41dee3255d3e85f65c14b761e0402be1538aef36d125211e8fa01eecf65c8cc0cde7fcd26cab940bdb93b6c50b72f0bc4cffc1c3743ebdac1aeabd4a777"}, @NFTA_DATA_VALUE={0xb3, 0x1, "85659405720143697eece39bece35db9284d784f12c58a72e36ffa2399407aac9f673da5cb84a272d06d17188da74b2575e158fa92aedc36d8a312f6e977cf2d3f32f2d43fd03fd535cecf6d7628687ae572c53e4c6cf5589381ed2e48533cfb772d68670dda128dffafc4fbd29bbc48988695b57c2caf8ba3f07c4ef271f375eaa19863821fdf3e7fae4736c40ec6248c3ae03e5ce5bc809bba4b911f3fafd05cbdce15dbec14f23753b49dc38e2a"}]}, @NFTA_SET_ELEM_EXPRESSIONS={0xc8, 0xb, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x44a4}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x81}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x200}]}}}, {0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xdf}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0xe3}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, {0x38, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}]}]}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x7}, @NFT_OBJECT_SYNPROXY=@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xb60}, 0x1, 0x0, 0x0, 0x4000015}, 0x40)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$pokeuser(0x6, r2, 0x10b, 0x538ec475)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f0000000000)=0x2)
read$FUSE(r5, &(0x7f0000002400)={0x2020}, 0xff43)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x1c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)

41.360874853s ago: executing program 2 (id=2882):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r2, &(0x7f00000002c0)="cb4dd80f5129418d52733c1e0c62a305b24b9bd5cea352a57db13b14041f85c1d39741e84c", &(0x7f0000000340)=""/105}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b0002040000080904000065d4695e000905", @ANYRESDEC], 0x0)
unshare(0x22020600)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRES32=0x1, @ANYBLOB, @ANYRES32, @ANYBLOB="00000000000000af36a9da000000000500"/28], 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1d, 0x2, 0x6)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xffe0, 0xfff1}, {0x9}, {0xfffc, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x240080c5}, 0x98)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000400)={{{@in6=@private0, @in=@broadcast, 0x4e22, 0x0, 0x0, 0x1, 0x2, 0x0, 0x80}, {0xffffffffffffffff, 0x3, 0x0, 0x0, 0x1, 0x5, 0x400000, 0x3}, {0x2}, 0x5, 0x6e6bbe, 0x1, 0x1, 0x3}, {{@in6=@local, 0x0, 0x32}, 0x2, @in=@empty, 0x0, 0x0, 0x3, 0xc, 0x0, 0x0, 0xac4}}, 0xe4)

41.024167254s ago: executing program 0 (id=2883):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e24, @private=0xa010102}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f00000000c0), 0x4)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000100)="1400000016000b63d25a80648c2594f90924fc60", 0x14}], 0x1, 0x0, 0x0, 0x600}, 0x4000000)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000200)={0x1, [<r3=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000008c0)={r3, 0x10, "83cd73d913625563f3877450d9e218b0"}, &(0x7f0000000340)=0x18)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000013c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x7)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000200)={r3, 0x1}, &(0x7f0000000240)=0x8)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000180)=0x80000001, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xfffffffffffffe84}, 0x68)
r5 = openat$sequencer2(0xffffff9c, &(0x7f0000000100), 0x100, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r5, 0x82187202, &(0x7f0000000380)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r5, 0x80045104, &(0x7f00000001c0))
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000b0b4eb40b10e07700402000000010902120001000000000904"], 0x0)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa08000000001414bb0000000044045e0000014e200010907802020000800000000000000000"], 0x0)

40.547290952s ago: executing program 1 (id=2884):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0xb00)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x30}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[], 0x38}, 0x1, 0x300}, 0x0)
getpeername(0xffffffffffffffff, &(0x7f00000002c0)=@in={0x2, 0x0, @remote}, 0x0)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r4, 0x8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000050, 0x0, 0x0)
fspick(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000000406010100000000000000000000000005000100070000002d8ce0d0c69fe93c8eb9a53af6c3af308d66439de4e2d0aab9e0dec2f00e40d8b8098410a7a461d2499736324d69b80f1657dbb10ec5ad09f45482893371b3e1a22ce3d83c8ff9a8b00d1c2b0266f8e6f5cdd3840279b9ccb7cef102fed38436e815701ea7e7c9eba029258be5ae892e5ff7833bde85f39d413511cf87db614f847db7b1dff3cbeac2e964ca3b3a04ae38ddf2b8f2d6bd39253e67213cc059654b5a7138bbfd77cce033cbc147f59eb66f131e602d8e1d43a6a80fcc7e975e24075e29b84179c9155082b5f277219483312acd766c5b96ae46a515b90d90bbc73486fac32a3e5b8d55cb2ab09dc44b58d85f3fb44cadfde2f4de5b9fb298064a56d34524373898fea947a6474c7f4c113ccbdcc7c66e9d443b9d525757fb1dfb645260b43452b5bca8ac19ed2ffd69261c0c"], 0x1c}}, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x4000000, 0xfffffffe, 0x3002, 0x0, 0x3, 0x9, 0x5, 0x7}})
syz_emit_ethernet(0x7a, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa008100000086dd602e5cea00403c0020010000000000000000000000000002ff0200000000000000000000000000010004c910"], 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x1e71, 0x2019, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xf, 0x10, 0xfa, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x3, 0x1, 0x1, 0x80, {0x9, 0x21, 0x2a60, 0x8, 0x1, {0x22, 0x439}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0xf, 0xe8}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x4f, 0x0, 0x1}}]}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x110, 0x5, 0xe, 0x9, 0x8, 0x2b}, 0x48, &(0x7f0000000380)={0x5, 0xf, 0x48, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x9, 0x6, 0x6, 0x2}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x8, 0x9}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0xb, 0x3}, @ssp_cap={0x1c, 0x10, 0xa, 0x0, 0x4, 0x7ba8, 0xf0f, 0x4, [0xffc00f, 0xff00e1, 0xffff3f, 0xff000f]}, @ssp_cap={0xc, 0x10, 0xa, 0x8, 0x0, 0xe09, 0xf000, 0xffb3}]}, 0x1, [{0x57, &(0x7f0000000400)=@string={0x57, 0x3, "608eb2fe68ba104abde02eefcb42f1cc1dca98f14786b166441cf1ceadf02d2b6de6d28a2394036945a9eeb46265660689ba60773c9512ad681e40ae6cf77e3679c0419bbf01c205b1ab141a18d0576c47466e98b4"}}]})
syz_usb_control_io$hid(r7, &(0x7f0000000800)={0x14, &(0x7f00000006c0)={0x40, 0x6, 0x5e, {0x5e, 0x23, "847876b11e63efef9bac3e176c2177ba044772fb10fea0060eaf0b73f6a5d137d2e66a68d35219b4fff8557dfbebf3437019831f3dcbd83667f3c27013ca3c7bac45a5b66ce677427df5ba98c4ba0bf53f2e2e96fccf2284fe838517"}}, &(0x7f0000000740)={0x0, 0x3, 0x43, @string={0x43, 0x3, "1e93763099b990afdb4f3e94a31b579edd17d1fc12ee8ab01d2313f4175ad187c2ac11c8046b4bc75effa1f0975e268d80753a8da343493afb7a9a28f4b33db8b1"}}, &(0x7f00000004c0)={0x0, 0x22, 0x15, {[@main=@item_012={0x0, 0x0, 0xb}, @main=@item_4={0x3, 0x0, 0xa, "012198dc"}, @local=@item_012={0x0, 0x2, 0x9}, @local=@item_012={0x2, 0x2, 0xa, '(\v'}, @local=@item_012={0x0, 0x2, 0x8}, @local=@item_4={0x3, 0x2, 0xa, "d6199c43"}, @global=@item_4={0x3, 0x1, 0x0, "1fa9cefe"}]}}, &(0x7f00000007c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1, 0x2, 0x1, {0x22, 0x451}}}}, &(0x7f0000000ac0)={0x18, &(0x7f0000000840)={0x0, 0x7, 0xd5, "04ebf14de75212cd62e49aaa553297968232c6b3782555f3f63233e82e785372a5ebe29ee2330c36b9daec45699a5cc51ca11ea6181e12aa4bb0e85d2375fad67c7d626cec2d68d1814fef5be656fd90d7fdb435095c327337de9f68f49c0f7f5468a7cad4b7c99aef549ca60fe06551e29602ed439be0401e27f541ba43585e62fa1b33753ae7b4fe54aedb9392b47d51ca0d3b0979e5fbf563e879d1eec912d2ee1589e2dc313f5323d6b98a3576dd2d4fae4cc41739569b41278f022c03d56452a4323281fe78b123790656496fbd119d4228a9"}, &(0x7f0000000940)={0x0, 0xa, 0x1, 0x5f}, &(0x7f0000000980)={0x0, 0x8, 0x1, 0xe}, &(0x7f00000009c0)={0x20, 0x1, 0x94, "a65b35425b87c260e7d2331b0a31dd3bb8ec8b7b4aec682a9ee302b446baf4e17dda06f91d340770e36f836013536922e65daf07deabb09b031e1fc06bc48cabdf5fef6c404b3e9d34b704aed1bc28e4817ec9e2100de47f910e41c45c29166c28a3626be8f6e77b1e687a9b39dbc72621272dccc166632916693401b1b06e23d2e3d80e1f2ebd2040de32c87a3aadba91185355"}, &(0x7f0000000a80)={0x20, 0x3, 0x1, 0x1}})
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

0s ago: executing program 32 (id=2872):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="e3080000", @ANYRES16=r1, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="0a0018000303030303030000080026006c090000"], 0x30}}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
listen(r3, 0x50)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000240)={'netpci0\x00', 0x77})
bind$inet6(r4, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8), 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(r7, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f00000001c0)=ANY=[@ANYBLOB="12015001020000402505a1a440000102030109025c0002010070000904000001020d0000052406"], 0x0)
r8 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1ff, 0x181800)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r8, 0x80804120, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040), 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xb423, 0x0, 0x5, 0x1000}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000000)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r7, 0x0, 0x0, 0x0, 0x80800})

kernel console output (not intermixed with test programs):

interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  647.919072][ T5881] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  647.928929][ T5881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.937231][ T5881] usb 4-1: Product: syz
[  647.941635][ T5881] usb 4-1: Manufacturer: syz
[  647.947034][ T5881] usb 4-1: SerialNumber: syz
[  647.965421][    T9] usb 5-1: new full-speed USB device number 126 using dummy_hcd
[  647.974302][ T5881] hso 4-1:6.2: Failed to find BULK IN ep
[  648.872983][    T9] usb 5-1: config 0 has no interfaces?
[  648.898721][    T9] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  648.935121][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.995494][    T9] usb 5-1: Product: syz
[  649.085447][    T9] usb 5-1: Manufacturer: syz
[  649.115821][    T9] usb 5-1: SerialNumber: syz
[  649.205147][    T9] usb 5-1: config 0 descriptor??
[  650.350089][ T5895] usb 4-1: USB disconnect, device number 12
[  650.620928][T14937] usb 5-1: USB disconnect, device number 126
[  650.835531][ T5895] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  650.956973][T15277] ptrace attach of "./syz-executor exec"[5838] was attempted by "./syz-executor exec"[15277]
[  650.975463][    T9] usb 2-1: new high-speed USB device number 120 using dummy_hcd
[  651.018066][ T5895] usb 4-1: Using ep0 maxpacket: 16
[  651.038432][ T5895] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  651.188276][ T5895] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  651.203558][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  651.222642][ T5895] usb 4-1: config 0 descriptor??
[  651.255420][    T9] usb 2-1: device descriptor read/64, error -71
[  651.735568][    T9] usb 2-1: new high-speed USB device number 121 using dummy_hcd
[  651.793990][ T5895] mcp2221 0003:04D8:00DD.0031: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  651.885439][    T9] usb 2-1: device descriptor read/64, error -71
[  652.013789][    T9] usb usb2-port1: attempt power cycle
[  652.068957][T15287] FAULT_INJECTION: forcing a failure.
[  652.068957][T15287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  652.088459][T15287] CPU: 1 UID: 0 PID: 15287 Comm: syz.0.2518 Not tainted syzkaller #0 PREEMPT(full) 
[  652.088485][T15287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  652.088496][T15287] Call Trace:
[  652.088504][T15287]  <TASK>
[  652.088513][T15287]  dump_stack_lvl+0x189/0x250
[  652.088548][T15287]  ? __pfx____ratelimit+0x10/0x10
[  652.088572][T15287]  ? __pfx_dump_stack_lvl+0x10/0x10
[  652.088592][T15287]  ? __pfx__printk+0x10/0x10
[  652.088612][T15287]  ? __might_fault+0xb0/0x130
[  652.088643][T15287]  should_fail_ex+0x414/0x560
[  652.088665][T15287]  _copy_from_user+0x2d/0xb0
[  652.088688][T15287]  get_compat_msghdr+0xad/0x4a0
[  652.088713][T15287]  ? __pfx_get_compat_msghdr+0x10/0x10
[  652.088746][T15287]  ___sys_sendmsg+0x193/0x2a0
[  652.088770][T15287]  ? __pfx____sys_sendmsg+0x10/0x10
[  652.088826][T15287]  ? __fget_files+0x2a/0x420
[  652.088847][T15287]  ? __fget_files+0x3a0/0x420
[  652.088880][T15287]  __sys_sendmsg+0x164/0x220
[  652.088902][T15287]  ? __pfx___sys_sendmsg+0x10/0x10
[  652.088932][T15287]  ? __pfx_ksys_write+0x10/0x10
[  652.088955][T15287]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  652.088981][T15287]  ? lockdep_hardirqs_on+0x9c/0x150
[  652.089008][T15287]  __do_fast_syscall_32+0xb6/0x2b0
[  652.089033][T15287]  ? lockdep_hardirqs_on+0x9c/0x150
[  652.089061][T15287]  do_fast_syscall_32+0x34/0x80
[  652.089086][T15287]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  652.089107][T15287] RIP: 0023:0xf7fe7539
[  652.089123][T15287] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  652.089139][T15287] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  652.089159][T15287] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440
[  652.089172][T15287] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  652.089183][T15287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  652.089195][T15287] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  652.089207][T15287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  652.089235][T15287]  </TASK>
[  652.685405][    T9] usb 2-1: new high-speed USB device number 122 using dummy_hcd
[  652.706243][    T9] usb 2-1: device descriptor read/8, error -71
[  653.488510][ T5931] usb 4-1: USB disconnect, device number 13
[  654.042822][T15319] pimreg: entered allmulticast mode
[  654.048207][    T9] usb 2-1: new high-speed USB device number 123 using dummy_hcd
[  654.083295][T15323] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2529'.
[  654.115487][    T9] usb 2-1: Using ep0 maxpacket: 8
[  654.140109][T15325] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2530'.
[  654.276347][    T9] usb 2-1: config 6 has an invalid interface number: 2 but max is 0
[  654.305061][    T9] usb 2-1: config 6 has no interface number 0
[  654.334643][    T9] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  654.397631][    T9] usb 2-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  654.466664][T15319] pimreg: left allmulticast mode
[  654.864465][T15332] tipc: Enabled bearer <ib:wg1>, priority 0
[  654.889713][    T9] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  655.045613][    T9] usb 2-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  655.100373][    T9] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  655.113023][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  655.255440][    T9] usb 2-1: Product: syz
[  655.288648][    T9] usb 2-1: Manufacturer: syz
[  655.303906][    T9] usb 2-1: SerialNumber: syz
[  655.372776][    T9] hso 2-1:6.2: Failed to find BULK IN ep
[  655.548705][T15336] FAULT_INJECTION: forcing a failure.
[  655.548705][T15336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  655.568199][T15336] CPU: 1 UID: 0 PID: 15336 Comm: syz.0.2533 Not tainted syzkaller #0 PREEMPT(full) 
[  655.568224][T15336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  655.568235][T15336] Call Trace:
[  655.568242][T15336]  <TASK>
[  655.568248][T15336]  dump_stack_lvl+0x189/0x250
[  655.568273][T15336]  ? __pfx____ratelimit+0x10/0x10
[  655.568303][T15336]  ? __pfx_dump_stack_lvl+0x10/0x10
[  655.568322][T15336]  ? __pfx__printk+0x10/0x10
[  655.568354][T15336]  should_fail_ex+0x414/0x560
[  655.568373][T15336]  _copy_to_user+0x31/0xb0
[  655.568389][T15336]  put_cmsg_compat+0x492/0x650
[  655.568407][T15336]  ? __pfx_put_cmsg_compat+0x10/0x10
[  655.568416][T15336]  ? __skb_datagram_iter+0x61d/0x990
[  655.568432][T15336]  ? put_cmsg+0xeb/0x5f0
[  655.568450][T15336]  packet_recvmsg+0xe6c/0x15b0
[  655.568466][T15336]  ? __pfx_packet_recvmsg+0x10/0x10
[  655.568476][T15336]  ? __pfx_aa_sk_perm+0x10/0x10
[  655.568489][T15336]  ? aa_sock_msg_perm+0xf1/0x1d0
[  655.568501][T15336]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  655.568514][T15336]  ? security_socket_recvmsg+0x7e/0x2e0
[  655.568527][T15336]  ? __pfx_packet_recvmsg+0x10/0x10
[  655.568537][T15336]  sock_recvmsg+0x22c/0x270
[  655.568554][T15336]  ____sys_recvmsg+0x1c9/0x460
[  655.568570][T15336]  ? __pfx_____sys_recvmsg+0x10/0x10
[  655.568580][T15336]  ? get_compat_msghdr+0x37e/0x4a0
[  655.568602][T15336]  ___sys_recvmsg+0x1b5/0x510
[  655.568616][T15336]  ? __pfx____sys_recvmsg+0x10/0x10
[  655.568640][T15336]  ? __fget_files+0x3a0/0x420
[  655.568658][T15336]  do_recvmmsg+0x36a/0x770
[  655.568674][T15336]  ? __pfx_do_recvmmsg+0x10/0x10
[  655.568685][T15336]  ? ksys_write+0x1cb/0x250
[  655.568706][T15336]  ? __fget_files+0x3a0/0x420
[  655.568722][T15336]  __sys_recvmmsg+0x19d/0x280
[  655.568734][T15336]  ? __pfx___sys_recvmmsg+0x10/0x10
[  655.568746][T15336]  ? __pfx_ksys_write+0x10/0x10
[  655.568760][T15336]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0
[  655.568773][T15336]  __do_fast_syscall_32+0xb6/0x2b0
[  655.568789][T15336]  ? lockdep_hardirqs_on+0x9c/0x150
[  655.568804][T15336]  do_fast_syscall_32+0x34/0x80
[  655.568818][T15336]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  655.568834][T15336] RIP: 0023:0xf7fe7539
[  655.568844][T15336] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  655.568852][T15336] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[  655.568865][T15336] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  655.568872][T15336] RDX: 0000000000000179 RSI: 0000000000000000 RDI: 0000000000000000
[  655.568878][T15336] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  655.568884][T15336] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  655.568890][T15336] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  655.568905][T15336]  </TASK>
[  655.853553][    C1] vkms_vblank_simulate: vblank timer overrun
[  656.330583][T15350] FAULT_INJECTION: forcing a failure.
[  656.330583][T15350] name failslab, interval 1, probability 0, space 0, times 0
[  656.344930][T15350] CPU: 0 UID: 0 PID: 15350 Comm: syz.4.2538 Not tainted syzkaller #0 PREEMPT(full) 
[  656.344954][T15350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  656.344965][T15350] Call Trace:
[  656.344980][T15350]  <TASK>
[  656.344988][T15350]  dump_stack_lvl+0x189/0x250
[  656.345012][T15350]  ? __pfx____ratelimit+0x10/0x10
[  656.345036][T15350]  ? __pfx_dump_stack_lvl+0x10/0x10
[  656.345055][T15350]  ? __pfx__printk+0x10/0x10
[  656.345076][T15350]  ? __pfx___might_resched+0x10/0x10
[  656.345099][T15350]  ? fs_reclaim_acquire+0x7d/0x100
[  656.345126][T15350]  should_fail_ex+0x414/0x560
[  656.345149][T15350]  should_failslab+0xa8/0x100
[  656.345174][T15350]  kmem_cache_alloc_node_noprof+0x77/0x710
[  656.345194][T15350]  ? __alloc_skb+0x112/0x2d0
[  656.345211][T15350]  ? rtnl_prop_list_size+0x1ba/0x1e0
[  656.345240][T15350]  __alloc_skb+0x112/0x2d0
[  656.345263][T15350]  rtmsg_ifinfo_build_skb+0x84/0x260
[  656.345295][T15350]  rtnetlink_event+0x1b7/0x270
[  656.345319][T15350]  notifier_call_chain+0x1b6/0x3e0
[  656.345352][T15350]  netif_set_mac_address+0x37c/0x4c0
[  656.345379][T15350]  ? __pfx_netif_set_mac_address+0x10/0x10
[  656.345401][T15350]  ? down_write+0x162/0x1f0
[  656.345421][T15350]  ? netdev_name_node_lookup+0xdf/0x120
[  656.345452][T15350]  dev_set_mac_address_user+0x137/0x270
[  656.345477][T15350]  dev_ioctl+0x7b4/0x1150
[  656.345500][T15350]  sock_do_ioctl+0x22c/0x300
[  656.345526][T15350]  ? __pfx_sock_do_ioctl+0x10/0x10
[  656.345560][T15350]  ? unix_ioctl+0x1f8/0x6f0
[  656.345578][T15350]  ? unix_compat_ioctl+0x15/0x30
[  656.345602][T15350]  compat_sock_ioctl+0xb8d/0xc80
[  656.345630][T15350]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  656.345657][T15350]  ? __fget_files+0x3a0/0x420
[  656.345678][T15350]  ? __fget_files+0x2a/0x420
[  656.345703][T15350]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  656.345731][T15350]  __ia32_compat_sys_ioctl+0x543/0x840
[  656.345752][T15350]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  656.345770][T15350]  ? __fget_files+0x3a0/0x420
[  656.345796][T15350]  ? fput+0xa0/0xd0
[  656.345819][T15350]  ? ksys_write+0x22a/0x250
[  656.345836][T15350]  ? exc_page_fault+0x82/0x100
[  656.345859][T15350]  ? __pfx_ksys_write+0x10/0x10
[  656.345880][T15350]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  656.345905][T15350]  ? lockdep_hardirqs_on+0x9c/0x150
[  656.345930][T15350]  __do_fast_syscall_32+0xb6/0x2b0
[  656.345956][T15350]  ? lockdep_hardirqs_on+0x9c/0x150
[  656.345989][T15350]  do_fast_syscall_32+0x34/0x80
[  656.346014][T15350]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  656.346034][T15350] RIP: 0023:0xf704d539
[  656.346048][T15350] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  656.346063][T15350] RSP: 002b:00000000f543d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  656.346081][T15350] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008924
[  656.346094][T15350] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  656.346105][T15350] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  656.346115][T15350] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  656.346126][T15350] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  656.346154][T15350]  </TASK>
[  656.445443][ T5908] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  656.855428][ T5908] usb 4-1: device descriptor read/64, error -71
[  656.866100][T15359] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2540'.
[  657.020078][T15363] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  657.185282][ T5895] usb 2-1: USB disconnect, device number 123
[  657.191379][ T5908] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  657.326579][ T5908] usb 4-1: device descriptor read/64, error -71
[  657.435651][ T5908] usb usb4-port1: attempt power cycle
[  657.775473][ T5908] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  657.806530][ T5908] usb 4-1: device descriptor read/8, error -71
[  658.138280][ T5908] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  658.167030][ T5908] usb 4-1: device descriptor read/8, error -71
[  658.276198][ T5908] usb usb4-port1: unable to enumerate USB device
[  658.300565][T15384] FAULT_INJECTION: forcing a failure.
[  658.300565][T15384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  658.314340][T15384] CPU: 1 UID: 0 PID: 15384 Comm: syz.2.2547 Not tainted syzkaller #0 PREEMPT(full) 
[  658.314365][T15384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  658.314376][T15384] Call Trace:
[  658.314384][T15384]  <TASK>
[  658.314393][T15384]  dump_stack_lvl+0x189/0x250
[  658.314419][T15384]  ? __pfx____ratelimit+0x10/0x10
[  658.314444][T15384]  ? __pfx_dump_stack_lvl+0x10/0x10
[  658.314464][T15384]  ? __pfx__printk+0x10/0x10
[  658.314496][T15384]  should_fail_ex+0x414/0x560
[  658.314521][T15384]  _copy_to_user+0x31/0xb0
[  658.314548][T15384]  simple_read_from_buffer+0xe1/0x170
[  658.314576][T15384]  proc_fail_nth_read+0x1b3/0x220
[  658.314598][T15384]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  658.314619][T15384]  ? rw_verify_area+0x2a6/0x4d0
[  658.314637][T15384]  ? __lock_acquire+0xab9/0xd20
[  658.314658][T15384]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  658.314678][T15384]  vfs_read+0x200/0xa30
[  658.314697][T15384]  ? fdget_pos+0x247/0x320
[  658.314723][T15384]  ? __pfx___mutex_lock+0x10/0x10
[  658.314749][T15384]  ? __pfx_vfs_read+0x10/0x10
[  658.314769][T15384]  ? __fget_files+0x2a/0x420
[  658.314795][T15384]  ? __fget_files+0x3a0/0x420
[  658.314814][T15384]  ? __fget_files+0x2a/0x420
[  658.314852][T15384]  ksys_read+0x145/0x250
[  658.314871][T15384]  ? exc_page_fault+0x82/0x100
[  658.314896][T15384]  ? __pfx_ksys_read+0x10/0x10
[  658.314919][T15384]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  658.314948][T15384]  ? lockdep_hardirqs_on+0x9c/0x150
[  658.314976][T15384]  __do_fast_syscall_32+0xb6/0x2b0
[  658.315003][T15384]  ? lockdep_hardirqs_on+0x9c/0x150
[  658.315030][T15384]  do_fast_syscall_32+0x34/0x80
[  658.315056][T15384]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  658.315078][T15384] RIP: 0023:0xf706d539
[  658.315093][T15384] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  658.315109][T15384] RSP: 002b:00000000f545d590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  658.315130][T15384] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f545d620
[  658.315143][T15384] RDX: 000000000000000f RSI: 00000000f7405ff4 RDI: 0000000000000000
[  658.315155][T15384] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  658.315165][T15384] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  658.315177][T15384] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  658.315207][T15384]  </TASK>
[  658.553815][    C1] vkms_vblank_simulate: vblank timer overrun
[  659.250825][T15373] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2543'.
[  659.545478][T14937] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  659.710880][T14937] usb 4-1: config 0 has no interfaces?
[  659.728781][T14937] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  659.799088][T14937] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.809217][T14937] usb 4-1: Product: syz
[  659.820574][T14937] usb 4-1: Manufacturer: syz
[  659.859628][T14937] usb 4-1: SerialNumber: syz
[  659.973305][T14937] usb 4-1: config 0 descriptor??
[  660.938426][T15420] FAULT_INJECTION: forcing a failure.
[  660.938426][T15420] name failslab, interval 1, probability 0, space 0, times 0
[  661.210751][T15420] CPU: 1 UID: 0 PID: 15420 Comm: syz.0.2557 Not tainted syzkaller #0 PREEMPT(full) 
[  661.210776][T15420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  661.210787][T15420] Call Trace:
[  661.210794][T15420]  <TASK>
[  661.210803][T15420]  dump_stack_lvl+0x189/0x250
[  661.210827][T15420]  ? __pfx____ratelimit+0x10/0x10
[  661.210850][T15420]  ? __pfx_dump_stack_lvl+0x10/0x10
[  661.210870][T15420]  ? __pfx__printk+0x10/0x10
[  661.210892][T15420]  ? __pfx___might_resched+0x10/0x10
[  661.210914][T15420]  ? fs_reclaim_acquire+0x7d/0x100
[  661.210947][T15420]  should_fail_ex+0x414/0x560
[  661.210970][T15420]  should_failslab+0xa8/0x100
[  661.210994][T15420]  __kmalloc_noprof+0xcb/0x7f0
[  661.211013][T15420]  ? io_cache_alloc_new+0x40/0x100
[  661.211044][T15420]  io_cache_alloc_new+0x40/0x100
[  661.211071][T15420]  __io_prep_rw+0x23f/0xe20
[  661.211097][T15420]  ? __pfx___io_prep_rw+0x10/0x10
[  661.211122][T15420]  ? __asan_memset+0x22/0x50
[  661.211139][T15420]  ? blk_start_plug_nr_ios+0x7f/0x1c0
[  661.211163][T15420]  io_submit_sqes+0x935/0x1e60
[  661.211207][T15420]  __se_sys_io_uring_enter+0x2df/0x2b20
[  661.211243][T15420]  ? ksys_write+0x1cb/0x250
[  661.211263][T15420]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  661.211279][T15420]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  661.211302][T15420]  ? __pfx_vfs_write+0x10/0x10
[  661.211322][T15420]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  661.211348][T15420]  ? __fget_files+0x3a0/0x420
[  661.211375][T15420]  ? fput+0xa0/0xd0
[  661.211399][T15420]  ? ksys_write+0x22a/0x250
[  661.211416][T15420]  ? exc_page_fault+0x82/0x100
[  661.211440][T15420]  ? __pfx_ksys_write+0x10/0x10
[  661.211462][T15420]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  661.211487][T15420]  ? __ia32_sys_io_uring_enter+0x21/0xf0
[  661.211510][T15420]  __do_fast_syscall_32+0xb6/0x2b0
[  661.211535][T15420]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.211563][T15420]  do_fast_syscall_32+0x34/0x80
[  661.211587][T15420]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  661.211608][T15420] RIP: 0023:0xf7fe7539
[  661.211624][T15420] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  661.211639][T15420] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 00000000000001aa
[  661.211659][T15420] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000000047bc
[  661.211673][T15420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  661.211682][T15420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  661.211693][T15420] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  661.211704][T15420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  661.211733][T15420]  </TASK>
[  661.481467][    C1] vkms_vblank_simulate: vblank timer overrun
[  661.935405][ T5825] usb 5-1: new full-speed USB device number 127 using dummy_hcd
[  662.138711][ T5825] usb 5-1: config 0 has an invalid interface number: 195 but max is 0
[  662.187860][ T5825] usb 5-1: config 0 has no interface number 0
[  662.214990][ T5825] usb 5-1: config 0 interface 195 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  662.283245][ T5895] usb 4-1: USB disconnect, device number 18
[  662.347134][ T5825] usb 5-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=fd.08
[  662.445405][ T5825] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  662.453427][ T5825] usb 5-1: Product: syz
[  662.475371][ T5825] usb 5-1: Manufacturer: syz
[  662.480004][ T5825] usb 5-1: SerialNumber: syz
[  662.529213][ T5825] usb 5-1: config 0 descriptor??
[  662.534852][T15426] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  662.768503][ T5825] asix 5-1:0.195 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  662.841646][T15445] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2563'.
[  662.904438][ T5825] asix 5-1:0.195: probe with driver asix failed with error -71
[  662.959717][ T5825] usb 5-1: USB disconnect, device number 127
[  664.015440][ T5895] usb 2-1: new high-speed USB device number 124 using dummy_hcd
[  664.214224][ T5895] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  664.226481][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  664.242908][ T5895] usb 2-1: Product: syz
[  664.252449][ T5895] usb 2-1: Manufacturer: syz
[  664.262618][ T5895] usb 2-1: SerialNumber: syz
[  664.465501][ T5825] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  664.857779][ T5895] rtl8150 2-1:1.0: couldn't reset the device
[  664.867606][ T5895] rtl8150 2-1:1.0: probe with driver rtl8150 failed with error -5
[  664.902024][ T5895] usb 2-1: USB disconnect, device number 124
[  665.169417][ T5825] usb 5-1: config 0 has no interfaces?
[  665.335854][ T5895] usb 2-1: new high-speed USB device number 125 using dummy_hcd
[  665.352217][ T5825] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  665.361676][ T5825] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  665.369749][ T5825] usb 5-1: Product: syz
[  665.374484][ T5825] usb 5-1: Manufacturer: syz
[  665.379731][ T5825] usb 5-1: SerialNumber: syz
[  665.401461][ T5825] usb 5-1: config 0 descriptor??
[  665.499526][ T5895] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  665.508736][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  665.613416][ T5895] usb 2-1: Product: syz
[  665.629885][ T5895] usb 2-1: Manufacturer: syz
[  665.648929][ T5895] usb 2-1: SerialNumber: syz
[  665.893991][T15493] FAULT_INJECTION: forcing a failure.
[  665.893991][T15493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  665.908777][T15493] CPU: 1 UID: 0 PID: 15493 Comm: syz.3.2575 Not tainted syzkaller #0 PREEMPT(full) 
[  665.908805][T15493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  665.908817][T15493] Call Trace:
[  665.908826][T15493]  <TASK>
[  665.908834][T15493]  dump_stack_lvl+0x189/0x250
[  665.908859][T15493]  ? __pfx____ratelimit+0x10/0x10
[  665.908884][T15493]  ? __pfx_dump_stack_lvl+0x10/0x10
[  665.908904][T15493]  ? __pfx__printk+0x10/0x10
[  665.908936][T15493]  should_fail_ex+0x414/0x560
[  665.908961][T15493]  _copy_to_user+0x31/0xb0
[  665.908988][T15493]  simple_read_from_buffer+0xe1/0x170
[  665.909016][T15493]  proc_fail_nth_read+0x1b3/0x220
[  665.909038][T15493]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  665.909060][T15493]  ? rw_verify_area+0x2a6/0x4d0
[  665.909078][T15493]  ? __lock_acquire+0xab9/0xd20
[  665.909099][T15493]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  665.909119][T15493]  vfs_read+0x200/0xa30
[  665.909138][T15493]  ? fdget_pos+0x247/0x320
[  665.909164][T15493]  ? __pfx___mutex_lock+0x10/0x10
[  665.909191][T15493]  ? __pfx_vfs_read+0x10/0x10
[  665.909212][T15493]  ? __fget_files+0x2a/0x420
[  665.909239][T15493]  ? __fget_files+0x3a0/0x420
[  665.909260][T15493]  ? __fget_files+0x2a/0x420
[  665.909291][T15493]  ksys_read+0x145/0x250
[  665.909313][T15493]  ? __pfx_ksys_read+0x10/0x10
[  665.909335][T15493]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  665.909362][T15493]  ? lockdep_hardirqs_on+0x9c/0x150
[  665.909397][T15493]  __do_fast_syscall_32+0xb6/0x2b0
[  665.909431][T15493]  do_fast_syscall_32+0x34/0x80
[  665.909456][T15493]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  665.909478][T15493] RIP: 0023:0xf70ed539
[  665.909493][T15493] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  665.909509][T15493] RSP: 002b:00000000f54dd590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  665.909529][T15493] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54dd620
[  665.909542][T15493] RDX: 000000000000000f RSI: 00000000f7485ff4 RDI: 0000000000000000
[  665.909554][T15493] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  665.909565][T15493] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  665.909577][T15493] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  665.909607][T15493]  </TASK>
[  666.144134][    C1] vkms_vblank_simulate: vblank timer overrun
[  666.433776][ T5895] rtl8150 2-1:1.0: eth1: rtl8150 is detected
[  666.541757][T15498] FAULT_INJECTION: forcing a failure.
[  666.541757][T15498] name failslab, interval 1, probability 0, space 0, times 0
[  666.630665][ T5895] usb 2-1: USB disconnect, device number 125
[  666.655873][T15498] CPU: 1 UID: 0 PID: 15498 Comm: syz.3.2576 Not tainted syzkaller #0 PREEMPT(full) 
[  666.655895][T15498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  666.655906][T15498] Call Trace:
[  666.655914][T15498]  <TASK>
[  666.655922][T15498]  dump_stack_lvl+0x189/0x250
[  666.655947][T15498]  ? __pfx____ratelimit+0x10/0x10
[  666.655971][T15498]  ? __pfx_dump_stack_lvl+0x10/0x10
[  666.655990][T15498]  ? __pfx__printk+0x10/0x10
[  666.656015][T15498]  ? __pfx___might_resched+0x10/0x10
[  666.656044][T15498]  should_fail_ex+0x414/0x560
[  666.656066][T15498]  should_failslab+0xa8/0x100
[  666.656092][T15498]  __kmalloc_noprof+0xcb/0x7f0
[  666.656110][T15498]  ? kfree+0x4d/0x6d0
[  666.656119][T15498]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  666.656136][T15498]  tomoyo_realpath_from_path+0xe3/0x5d0
[  666.656149][T15498]  ? tomoyo_domain+0xd9/0x130
[  666.656164][T15498]  ? tomoyo_mkdev_perm+0x1a3/0x510
[  666.656174][T15498]  tomoyo_mkdev_perm+0x1cf/0x510
[  666.656183][T15498]  ? __lock_acquire+0xab9/0xd20
[  666.656197][T15498]  ? __pfx_tomoyo_mkdev_perm+0x10/0x10
[  666.656226][T15498]  ? __pfx_current_check_access_path+0x10/0x10
[  666.656243][T15498]  tomoyo_path_mknod+0xf3/0x190
[  666.656257][T15498]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  666.656271][T15498]  ? __pfx_filename_create+0x10/0x10
[  666.656285][T15498]  security_path_mknod+0x17e/0x3a0
[  666.656300][T15498]  do_mknodat+0x274/0x4d0
[  666.656317][T15498]  ? __pfx_do_mknodat+0x10/0x10
[  666.656332][T15498]  ? getname_flags+0x1e5/0x540
[  666.656347][T15498]  __ia32_sys_mknod+0x8c/0xa0
[  666.656359][T15498]  __do_fast_syscall_32+0xb6/0x2b0
[  666.656374][T15498]  ? lockdep_hardirqs_on+0x9c/0x150
[  666.656390][T15498]  do_fast_syscall_32+0x34/0x80
[  666.656404][T15498]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  666.656416][T15498] RIP: 0023:0xf70ed539
[  666.656425][T15498] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  666.656434][T15498] RSP: 002b:00000000f54dd55c EFLAGS: 00000206 ORIG_RAX: 000000000000000e
[  666.656446][T15498] RAX: ffffffffffffffda RBX: 0000000080000200 RCX: 0000000000002000
[  666.656453][T15498] RDX: 0000000000000706 RSI: 0000000000000000 RDI: 0000000000000000
[  666.656459][T15498] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  666.656465][T15498] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  666.656471][T15498] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  666.656487][T15498]  </TASK>
[  666.656499][T15498] ERROR: Out of memory at tomoyo_realpath_from_path.
[  667.104151][T15510] pimreg: entered allmulticast mode
[  667.112175][T15510] pimreg: left allmulticast mode
[  667.162145][ T5825] usb 5-1: USB disconnect, device number 2
[  668.045583][T15541] FAULT_INJECTION: forcing a failure.
[  668.045583][T15541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  668.073577][T15541] CPU: 1 UID: 0 PID: 15541 Comm: syz.4.2585 Not tainted syzkaller #0 PREEMPT(full) 
[  668.073601][T15541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  668.073612][T15541] Call Trace:
[  668.073620][T15541]  <TASK>
[  668.073630][T15541]  dump_stack_lvl+0x189/0x250
[  668.073655][T15541]  ? __pfx____ratelimit+0x10/0x10
[  668.073680][T15541]  ? __pfx_dump_stack_lvl+0x10/0x10
[  668.073700][T15541]  ? __pfx__printk+0x10/0x10
[  668.073720][T15541]  ? __might_fault+0xb0/0x130
[  668.073752][T15541]  should_fail_ex+0x414/0x560
[  668.073776][T15541]  _copy_from_user+0x2d/0xb0
[  668.073801][T15541]  kstrtouint_from_user+0xc4/0x170
[  668.073826][T15541]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  668.073865][T15541]  proc_fail_nth_write+0x88/0x200
[  668.073884][T15541]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  668.073908][T15541]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  668.073929][T15541]  vfs_write+0x27e/0xb30
[  668.073959][T15541]  ? __pfx_vfs_write+0x10/0x10
[  668.073981][T15541]  ? __fget_files+0x2a/0x420
[  668.074009][T15541]  ? __fget_files+0x3a0/0x420
[  668.074030][T15541]  ? __fget_files+0x2a/0x420
[  668.074062][T15541]  ksys_write+0x145/0x250
[  668.074084][T15541]  ? __pfx_ksys_write+0x10/0x10
[  668.074107][T15541]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  668.074132][T15541]  ? lockdep_hardirqs_on+0x9c/0x150
[  668.074159][T15541]  __do_fast_syscall_32+0xb6/0x2b0
[  668.074186][T15541]  ? lockdep_hardirqs_on+0x9c/0x150
[  668.074215][T15541]  do_fast_syscall_32+0x34/0x80
[  668.074241][T15541]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  668.074263][T15541] RIP: 0023:0xf704d539
[  668.074279][T15541] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  668.074296][T15541] RSP: 002b:00000000f543d590 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  668.074316][T15541] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f543d620
[  668.074330][T15541] RDX: 0000000000000001 RSI: 00000000f73e5ff4 RDI: 0000000000000000
[  668.074342][T15541] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  668.074354][T15541] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  668.074365][T15541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  668.074402][T15541]  </TASK>
[  668.300918][    C1] vkms_vblank_simulate: vblank timer overrun
[  669.275434][ T5908] usb 2-1: new full-speed USB device number 126 using dummy_hcd
[  669.438597][ T5908] usb 2-1: config 0 has no interfaces?
[  669.443817][T15572] tipc: Can't bind to reserved service type 0
[  669.457616][ T5908] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  669.468353][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  669.485664][ T5908] usb 2-1: Product: syz
[  669.492119][ T5908] usb 2-1: Manufacturer: syz
[  669.499089][ T5908] usb 2-1: SerialNumber: syz
[  669.512400][ T5908] usb 2-1: config 0 descriptor??
[  669.867745][T15589] FAULT_INJECTION: forcing a failure.
[  669.867745][T15589] name failslab, interval 1, probability 0, space 0, times 0
[  669.894098][T15589] CPU: 1 UID: 0 PID: 15589 Comm: syz.4.2598 Not tainted syzkaller #0 PREEMPT(full) 
[  669.894122][T15589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  669.894133][T15589] Call Trace:
[  669.894141][T15589]  <TASK>
[  669.894150][T15589]  dump_stack_lvl+0x189/0x250
[  669.894175][T15589]  ? __pfx____ratelimit+0x10/0x10
[  669.894199][T15589]  ? __pfx_dump_stack_lvl+0x10/0x10
[  669.894219][T15589]  ? __pfx__printk+0x10/0x10
[  669.894244][T15589]  ? __pfx___might_resched+0x10/0x10
[  669.894273][T15589]  should_fail_ex+0x414/0x560
[  669.894297][T15589]  should_failslab+0xa8/0x100
[  669.894322][T15589]  kmem_cache_alloc_node_noprof+0x77/0x710
[  669.894341][T15589]  ? __mutex_lock+0x335/0x1350
[  669.894364][T15589]  ? __alloc_skb+0x112/0x2d0
[  669.894388][T15589]  __alloc_skb+0x112/0x2d0
[  669.894411][T15589]  rtmsg_ifa+0xf8/0x1f0
[  669.894441][T15589]  __inet_del_ifa+0x869/0x1040
[  669.894481][T15589]  devinet_ioctl+0x1361/0x1b50
[  669.894516][T15589]  ? __pfx_devinet_ioctl+0x10/0x10
[  669.894543][T15589]  ? get_user_ifreq+0x133/0x180
[  669.894569][T15589]  inet_ioctl+0x3c0/0x4c0
[  669.894590][T15589]  ? __pfx_inet_ioctl+0x10/0x10
[  669.894605][T15589]  ? lockdep_hardirqs_on+0x9c/0x150
[  669.894653][T15589]  ? do_vfs_ioctl+0xbe8/0x1430
[  669.894675][T15589]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  669.894691][T15589]  ? inet_compat_ioctl+0x1aa/0x3a0
[  669.894716][T15589]  sock_do_ioctl+0xdc/0x300
[  669.894743][T15589]  ? __pfx_sock_do_ioctl+0x10/0x10
[  669.894768][T15589]  ? __lock_acquire+0xab9/0xd20
[  669.894802][T15589]  compat_sock_ioctl+0xb8d/0xc80
[  669.894831][T15589]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  669.894858][T15589]  ? __fget_files+0x3a0/0x420
[  669.894879][T15589]  ? __fget_files+0x2a/0x420
[  669.894904][T15589]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  669.894936][T15589]  __ia32_compat_sys_ioctl+0x543/0x840
[  669.894958][T15589]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  669.894978][T15589]  ? __fget_files+0x3a0/0x420
[  669.895006][T15589]  ? fput+0xa0/0xd0
[  669.895037][T15589]  ? ksys_write+0x22a/0x250
[  669.895055][T15589]  ? exc_page_fault+0x82/0x100
[  669.895079][T15589]  ? __pfx_ksys_write+0x10/0x10
[  669.895101][T15589]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  669.895127][T15589]  ? lockdep_hardirqs_on+0x9c/0x150
[  669.895155][T15589]  __do_fast_syscall_32+0xb6/0x2b0
[  669.895180][T15589]  ? lockdep_hardirqs_on+0x9c/0x150
[  669.895208][T15589]  do_fast_syscall_32+0x34/0x80
[  669.895233][T15589]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  669.895255][T15589] RIP: 0023:0xf704d539
[  669.895270][T15589] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  669.895286][T15589] RSP: 002b:00000000f543d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  669.895305][T15589] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000891c
[  669.895317][T15589] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000
[  669.895328][T15589] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  669.895338][T15589] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  669.895348][T15589] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  669.895378][T15589]  </TASK>
[  670.208027][    C1] vkms_vblank_simulate: vblank timer overrun
[  670.613357][T15614] pimreg: entered allmulticast mode
[  670.621157][T15614] pimreg: left allmulticast mode
[  670.877175][T15617] pimreg: entered allmulticast mode
[  670.884814][T15617] pimreg: left allmulticast mode
[  671.947307][ T5895] usb 2-1: USB disconnect, device number 126
[  672.347585][T15629] FAULT_INJECTION: forcing a failure.
[  672.347585][T15629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  672.381954][T15629] CPU: 1 UID: 0 PID: 15629 Comm: syz.1.2608 Not tainted syzkaller #0 PREEMPT(full) 
[  672.381971][T15629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  672.381977][T15629] Call Trace:
[  672.381982][T15629]  <TASK>
[  672.381987][T15629]  dump_stack_lvl+0x189/0x250
[  672.382004][T15629]  ? __pfx____ratelimit+0x10/0x10
[  672.382018][T15629]  ? __pfx_dump_stack_lvl+0x10/0x10
[  672.382028][T15629]  ? __pfx__printk+0x10/0x10
[  672.382039][T15629]  ? __might_fault+0xb0/0x130
[  672.382055][T15629]  should_fail_ex+0x414/0x560
[  672.382069][T15629]  _copy_from_iter+0x1de/0x1790
[  672.382085][T15629]  ? rcu_is_watching+0x15/0xb0
[  672.382101][T15629]  ? kmalloc_reserve+0xbd/0x290
[  672.382112][T15629]  ? __pfx__copy_from_iter+0x10/0x10
[  672.382125][T15629]  ? __build_skb_around+0x262/0x3f0
[  672.382137][T15629]  ? netlink_sendmsg+0x642/0xb30
[  672.382147][T15629]  ? skb_put+0x11b/0x210
[  672.382166][T15629]  netlink_sendmsg+0x6b2/0xb30
[  672.382181][T15629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  672.382193][T15629]  ? __import_iovec+0x5d4/0x7f0
[  672.382205][T15629]  ? aa_sock_msg_perm+0xf1/0x1d0
[  672.382218][T15629]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  672.382231][T15629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  672.382242][T15629]  __sock_sendmsg+0x21c/0x270
[  672.382258][T15629]  ____sys_sendmsg+0x505/0x830
[  672.382272][T15629]  ? __pfx_____sys_sendmsg+0x10/0x10
[  672.382291][T15629]  ___sys_sendmsg+0x21f/0x2a0
[  672.382304][T15629]  ? __pfx____sys_sendmsg+0x10/0x10
[  672.382333][T15629]  ? __fget_files+0x2a/0x420
[  672.382345][T15629]  ? __fget_files+0x3a0/0x420
[  672.382362][T15629]  __sys_sendmsg+0x164/0x220
[  672.382375][T15629]  ? __pfx___sys_sendmsg+0x10/0x10
[  672.382390][T15629]  ? __pfx_ksys_write+0x10/0x10
[  672.382403][T15629]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  672.382418][T15629]  ? lockdep_hardirqs_on+0x9c/0x150
[  672.382433][T15629]  __do_fast_syscall_32+0xb6/0x2b0
[  672.382448][T15629]  ? lockdep_hardirqs_on+0x9c/0x150
[  672.382463][T15629]  do_fast_syscall_32+0x34/0x80
[  672.382477][T15629]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  672.382489][T15629] RIP: 0023:0xf7f61539
[  672.382499][T15629] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  672.382507][T15629] RSP: 002b:00000000f545655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  672.382519][T15629] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  672.382527][T15629] RDX: 0000000000004040 RSI: 0000000000000000 RDI: 0000000000000000
[  672.382533][T15629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  672.382539][T15629] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  672.382545][T15629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  672.382559][T15629]  </TASK>
[  672.659477][    C1] vkms_vblank_simulate: vblank timer overrun
[  673.505430][ T5931] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[  673.657476][ T5931] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  673.673985][ T5931] usb 2-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  673.684231][ T5931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.713438][ T5931] usb 2-1: config 0 descriptor??
[  673.727844][ T5931] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  673.752426][T15653] input: syz0 as /devices/virtual/input/input28
[  674.079071][ T5908] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  674.260610][T15666] pimreg: entered allmulticast mode
[  674.273245][T15666] pimreg: left allmulticast mode
[  674.338051][ T5908] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  674.350663][ T5908] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  674.361383][ T5908] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  674.370697][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.383377][T15653] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  674.423940][ T5908] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  674.954422][ T5908] usb 5-1: USB disconnect, device number 3
[  675.193923][T15653] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2618'.
[  675.795401][   T43] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  675.881381][T15691] FAULT_INJECTION: forcing a failure.
[  675.881381][T15691] name failslab, interval 1, probability 0, space 0, times 0
[  675.936965][T15691] CPU: 1 UID: 0 PID: 15691 Comm: syz.4.2629 Not tainted syzkaller #0 PREEMPT(full) 
[  675.936993][T15691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  675.937004][T15691] Call Trace:
[  675.937012][T15691]  <TASK>
[  675.937020][T15691]  dump_stack_lvl+0x189/0x250
[  675.937046][T15691]  ? __pfx____ratelimit+0x10/0x10
[  675.937069][T15691]  ? __pfx_dump_stack_lvl+0x10/0x10
[  675.937089][T15691]  ? __pfx__printk+0x10/0x10
[  675.937127][T15691]  ? __pfx___might_resched+0x10/0x10
[  675.937162][T15691]  should_fail_ex+0x414/0x560
[  675.937195][T15691]  should_failslab+0xa8/0x100
[  675.937225][T15691]  kmem_cache_alloc_noprof+0x74/0x6e0
[  675.937251][T15691]  ? __pmd_alloc+0xc2/0x540
[  675.937279][T15691]  __pmd_alloc+0xc2/0x540
[  675.937322][T15691]  __handle_mm_fault+0x9ad/0x5400
[  675.937357][T15691]  ? __pfx___handle_mm_fault+0x10/0x10
[  675.937394][T15691]  ? find_vma+0xe7/0x160
[  675.937411][T15691]  ? __pfx_find_vma+0x10/0x10
[  675.937434][T15691]  handle_mm_fault+0x40a/0x8e0
[  675.937464][T15691]  do_user_addr_fault+0x764/0x1380
[  675.937509][T15691]  exc_page_fault+0x82/0x100
[  675.937535][T15691]  asm_exc_page_fault+0x26/0x30
[  675.937552][T15691] RIP: 0010:rep_movs_alternative+0x33/0x90
[  675.937571][T15691] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 7d 35 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  675.937586][T15691] RSP: 0018:ffffc9001df9fd88 EFLAGS: 00050212
[  675.937603][T15691] RAX: 0000000000000000 RBX: 0000000000000010 RCX: 0000000000000010
[  675.937615][T15691] RDX: 0000000000000000 RSI: ffffc9001df9fe40 RDI: 0000000080002280
[  675.937628][T15691] RBP: ffffc9001df9fec0 R08: ffffc9001df9fe4f R09: 1ffff92003bf3fc9
[  675.937641][T15691] R10: dffffc0000000000 R11: fffff52003bf3fca R12: 0000000080002290
[  675.937654][T15691] R13: 00007ffffffff000 R14: ffffc9001df9fe40 R15: 0000000080002280
[  675.937686][T15691]  _copy_to_user+0x8a/0xb0
[  675.937712][T15691]  __ia32_compat_sys_times+0x219/0x2e0
[  675.937737][T15691]  ? fput+0xa0/0xd0
[  675.937761][T15691]  ? __pfx___ia32_compat_sys_times+0x10/0x10
[  675.937785][T15691]  ? ksys_write+0x22a/0x250
[  675.937803][T15691]  ? exc_page_fault+0x82/0x100
[  675.937826][T15691]  ? __pfx_ksys_write+0x10/0x10
[  675.937855][T15691]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  675.937881][T15691]  ? lockdep_hardirqs_on+0x9c/0x150
[  675.937908][T15691]  __do_fast_syscall_32+0xb6/0x2b0
[  675.937934][T15691]  ? lockdep_hardirqs_on+0x9c/0x150
[  675.937961][T15691]  do_fast_syscall_32+0x34/0x80
[  675.937986][T15691]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  675.938007][T15691] RIP: 0023:0xf704d539
[  675.938022][T15691] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  675.938037][T15691] RSP: 002b:00000000f543d55c EFLAGS: 00000206 ORIG_RAX: 000000000000002b
[  675.938054][T15691] RAX: ffffffffffffffda RBX: 0000000080002280 RCX: 0000000000000000
[  675.938067][T15691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  675.938077][T15691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  675.938086][T15691] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  675.938097][T15691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  675.938124][T15691]  </TASK>
[  676.328384][    T9] usb 2-1: USB disconnect, device number 127
[  676.513990][   T43] usb 4-1: config 0 has an invalid interface number: 200 but max is 0
[  676.522368][   T43] usb 4-1: config 0 has no interface number 0
[  676.528658][   T43] usb 4-1: config 0 interface 200 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[  676.538524][   T43] usb 4-1: config 0 interface 200 has no altsetting 0
[  676.549323][   T43] usb 4-1: New USB device found, idVendor=0b57, idProduct=852a, bcdDevice=6d.39
[  676.558579][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  676.566638][   T43] usb 4-1: Product: syz
[  676.570956][   T43] usb 4-1: Manufacturer: syz
[  676.575634][   T43] usb 4-1: SerialNumber: syz
[  676.591809][   T43] usb 4-1: config 0 descriptor??
[  676.750425][T15706] pimreg: entered allmulticast mode
[  676.759465][T15706] pimreg: left allmulticast mode
[  676.837414][   T43] input: Hanwang Art Master III 1308 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.200/input/input29
[  676.910031][   T43] usb 4-1: USB disconnect, device number 19
[  676.927105][T15708] : entered promiscuous mode
[  677.435490][ T5908] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  677.575463][ T5908] usb 5-1: device descriptor read/64, error -71
[  677.632228][T15722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2639'.
[  677.875508][    T9] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[  677.915075][ T5908] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  678.076937][    T9] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  678.089628][ T5908] usb 5-1: device descriptor read/64, error -71
[  678.143450][    T9] usb 1-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config
[  678.157762][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  678.168069][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  678.187194][    T9] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  678.224700][ T5908] usb usb5-port1: attempt power cycle
[  678.234830][ T5931] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  678.255425][    T9] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  678.264069][    T9] usb 1-1: Product: syz
[  678.270983][    T9] usb 1-1: Manufacturer: syz
[  678.337688][    T9] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22
[  678.425818][ T5931] usb 4-1: Using ep0 maxpacket: 16
[  678.440292][ T5931] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  678.460357][ T5931] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  678.520954][ T5931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.576887][ T5931] usb 4-1: config 0 descriptor??
[  678.586739][ T5908] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  678.608628][ T5908] usb 5-1: device descriptor read/8, error -71
[  678.845779][ T5908] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  678.908045][ T5908] usb 5-1: device descriptor read/8, error -71
[  678.924280][T15746] FAULT_INJECTION: forcing a failure.
[  678.924280][T15746] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  678.937704][T15746] CPU: 0 UID: 0 PID: 15746 Comm: syz.2.2650 Not tainted syzkaller #0 PREEMPT(full) 
[  678.937733][T15746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  678.937744][T15746] Call Trace:
[  678.937752][T15746]  <TASK>
[  678.937760][T15746]  dump_stack_lvl+0x189/0x250
[  678.937784][T15746]  ? __pfx____ratelimit+0x10/0x10
[  678.937806][T15746]  ? __pfx_dump_stack_lvl+0x10/0x10
[  678.937824][T15746]  ? __pfx__printk+0x10/0x10
[  678.937843][T15746]  ? __might_fault+0xb0/0x130
[  678.937871][T15746]  should_fail_ex+0x414/0x560
[  678.937894][T15746]  _copy_from_iter+0x1de/0x1790
[  678.937922][T15746]  ? rcu_is_watching+0x15/0xb0
[  678.937950][T15746]  ? __alloc_skb+0x142/0x2d0
[  678.937969][T15746]  ? __pfx__copy_from_iter+0x10/0x10
[  678.937992][T15746]  ? __build_skb_around+0x262/0x3f0
[  678.938014][T15746]  ? netlink_sendmsg+0x642/0xb30
[  678.938031][T15746]  ? skb_put+0x11b/0x210
[  678.938053][T15746]  netlink_sendmsg+0x6b2/0xb30
[  678.938080][T15746]  ? __pfx_netlink_sendmsg+0x10/0x10
[  678.938102][T15746]  ? __import_iovec+0x5d4/0x7f0
[  678.938123][T15746]  ? aa_sock_msg_perm+0xf1/0x1d0
[  678.938146][T15746]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  678.938168][T15746]  ? __pfx_netlink_sendmsg+0x10/0x10
[  678.938188][T15746]  __sock_sendmsg+0x21c/0x270
[  678.938215][T15746]  ____sys_sendmsg+0x505/0x830
[  678.938239][T15746]  ? __pfx_____sys_sendmsg+0x10/0x10
[  678.938272][T15746]  ___sys_sendmsg+0x21f/0x2a0
[  678.938293][T15746]  ? __pfx____sys_sendmsg+0x10/0x10
[  678.938343][T15746]  ? __fget_files+0x2a/0x420
[  678.938364][T15746]  ? __fget_files+0x3a0/0x420
[  678.938392][T15746]  __sys_sendmsg+0x164/0x220
[  678.938413][T15746]  ? __pfx___sys_sendmsg+0x10/0x10
[  678.938440][T15746]  ? __pfx_ksys_write+0x10/0x10
[  678.938462][T15746]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  678.938487][T15746]  ? lockdep_hardirqs_on+0x9c/0x150
[  678.938514][T15746]  __do_fast_syscall_32+0xb6/0x2b0
[  678.938540][T15746]  ? lockdep_hardirqs_on+0x9c/0x150
[  678.938567][T15746]  do_fast_syscall_32+0x34/0x80
[  678.938592][T15746]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  678.938622][T15746] RIP: 0023:0xf706d539
[  678.938638][T15746] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  678.938653][T15746] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  678.938674][T15746] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  678.938687][T15746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  678.938698][T15746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  678.938709][T15746] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  678.938720][T15746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  678.938749][T15746]  </TASK>
[  679.130707][ T5908] usb usb5-port1: unable to enumerate USB device
[  679.291952][ T5931] mcp2221 0003:04D8:00DD.0032: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  679.657773][T15758] pimreg: entered allmulticast mode
[  679.665622][T15758] pimreg: left allmulticast mode
[  680.510628][ T5931] usb 1-1: USB disconnect, device number 115
[  681.079464][T15772] fuse: Unknown parameter 'ɳXpûìŽàÜÎj�èsïCT-O¤ºŠ‘ŽšUþ²xÏÉjSíÆP·8€-ÅÜ\¬yPR´ÉP#Šê`Fá¸Ô� ³[N9ÁИ)å…öS^ª`ùÂBû±)7œ*µPÌhàrÂ!8s °6nQÜ¡œ©Ú¾"þ0x000000000000000400000000000000000003000000000000000000000000000000000000000000000000000000000000000'
[  681.660452][T15784] FAULT_INJECTION: forcing a failure.
[  681.660452][T15784] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  681.676377][T15784] CPU: 0 UID: 0 PID: 15784 Comm: syz.0.2659 Not tainted syzkaller #0 PREEMPT(full) 
[  681.676402][T15784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  681.676422][T15784] Call Trace:
[  681.676430][T15784]  <TASK>
[  681.676438][T15784]  dump_stack_lvl+0x189/0x250
[  681.676464][T15784]  ? __pfx____ratelimit+0x10/0x10
[  681.676487][T15784]  ? __pfx_dump_stack_lvl+0x10/0x10
[  681.676505][T15784]  ? __pfx__printk+0x10/0x10
[  681.676525][T15784]  ? __might_fault+0xb0/0x130
[  681.676555][T15784]  should_fail_ex+0x414/0x560
[  681.676576][T15784]  _copy_from_iter+0x1de/0x1790
[  681.676605][T15784]  ? rcu_is_watching+0x15/0xb0
[  681.676634][T15784]  ? kmalloc_reserve+0xbd/0x290
[  681.676653][T15784]  ? __pfx__copy_from_iter+0x10/0x10
[  681.676677][T15784]  ? __build_skb_around+0x262/0x3f0
[  681.676700][T15784]  ? netlink_sendmsg+0x642/0xb30
[  681.676715][T15784]  ? skb_put+0x11b/0x210
[  681.676733][T15784]  netlink_sendmsg+0x6b2/0xb30
[  681.676758][T15784]  ? __pfx_netlink_sendmsg+0x10/0x10
[  681.676778][T15784]  ? __import_iovec+0x5d4/0x7f0
[  681.676799][T15784]  ? aa_sock_msg_perm+0xf1/0x1d0
[  681.676822][T15784]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  681.676844][T15784]  ? __pfx_netlink_sendmsg+0x10/0x10
[  681.676863][T15784]  __sock_sendmsg+0x21c/0x270
[  681.676890][T15784]  ____sys_sendmsg+0x505/0x830
[  681.676915][T15784]  ? __pfx_____sys_sendmsg+0x10/0x10
[  681.676948][T15784]  ___sys_sendmsg+0x21f/0x2a0
[  681.676969][T15784]  ? __pfx____sys_sendmsg+0x10/0x10
[  681.677025][T15784]  ? __fget_files+0x2a/0x420
[  681.677046][T15784]  ? __fget_files+0x3a0/0x420
[  681.677075][T15784]  __sys_sendmsg+0x164/0x220
[  681.677096][T15784]  ? __pfx___sys_sendmsg+0x10/0x10
[  681.677123][T15784]  ? __pfx_ksys_write+0x10/0x10
[  681.677144][T15784]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  681.677169][T15784]  ? lockdep_hardirqs_on+0x9c/0x150
[  681.677195][T15784]  __do_fast_syscall_32+0xb6/0x2b0
[  681.677219][T15784]  ? lockdep_hardirqs_on+0x9c/0x150
[  681.677246][T15784]  do_fast_syscall_32+0x34/0x80
[  681.677270][T15784]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  681.677290][T15784] RIP: 0023:0xf7fe7539
[  681.677304][T15784] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  681.677319][T15784] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  681.677338][T15784] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  681.677351][T15784] RDX: 000000002000c000 RSI: 0000000000000000 RDI: 0000000000000000
[  681.677362][T15784] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  681.677371][T15784] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  681.677382][T15784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  681.677408][T15784]  </TASK>
[  682.005010][ T5908] usb 4-1: USB disconnect, device number 20
[  682.615825][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  682.615841][   T30] audit: type=1326 audit(1761078045.669:8250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15803 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d539 code=0x7ffc0000
[  682.685506][ T5908] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[  682.703288][   T30] audit: type=1326 audit(1761078045.669:8251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15803 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=40000003 syscall=257 compat=1 ip=0xf704d539 code=0x7ffc0000
[  682.753888][   T30] audit: type=1326 audit(1761078045.669:8252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15803 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d539 code=0x7ffc0000
[  682.902632][   T30] audit: type=1326 audit(1761078045.669:8253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15803 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf704d539 code=0x7ffc0000
[  682.933127][   T30] audit: type=1326 audit(1761078045.669:8254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15803 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d539 code=0x7ffc0000
[  682.957873][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  682.973990][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  682.993515][ T5908] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  683.006696][   T30] audit: type=1326 audit(1761078045.669:8255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15803 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d539 code=0x7ffc0000
[  683.028733][    C1] vkms_vblank_simulate: vblank timer overrun
[  683.035239][ T5908] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  683.044889][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.091975][ T5908] usb 3-1: config 0 descriptor??
[  683.559088][ T5908] usbhid 3-1:0.0: can't add hid device: -71
[  683.575720][ T5908] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  683.598120][ T5908] usb 3-1: USB disconnect, device number 98
[  683.695476][ T5931] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[  683.835752][ T5931] usb 1-1: device descriptor read/64, error -71
[  684.029065][T15834] vhci_hcd vhci_hcd.0: failed to lookup sock
[  684.095434][ T5931] usb 1-1: new high-speed USB device number 117 using dummy_hcd
[  684.245412][ T5931] usb 1-1: device descriptor read/64, error -71
[  684.411624][ T5931] usb usb1-port1: attempt power cycle
[  684.828065][ T5931] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[  684.866114][ T5931] usb 1-1: device descriptor read/8, error -71
[  684.978406][T15859] FAULT_INJECTION: forcing a failure.
[  684.978406][T15859] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  685.015450][T15859] CPU: 1 UID: 0 PID: 15859 Comm: syz.2.2684 Not tainted syzkaller #0 PREEMPT(full) 
[  685.015466][T15859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  685.015473][T15859] Call Trace:
[  685.015477][T15859]  <TASK>
[  685.015483][T15859]  dump_stack_lvl+0x189/0x250
[  685.015498][T15859]  ? __pfx____ratelimit+0x10/0x10
[  685.015513][T15859]  ? __pfx_dump_stack_lvl+0x10/0x10
[  685.015523][T15859]  ? __pfx__printk+0x10/0x10
[  685.015535][T15859]  ? fs_reclaim_acquire+0x7d/0x100
[  685.015553][T15859]  should_fail_ex+0x414/0x560
[  685.015567][T15859]  prepare_alloc_pages+0x213/0x610
[  685.015583][T15859]  __alloc_frozen_pages_noprof+0x123/0x370
[  685.015604][T15859]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  685.015623][T15859]  ? policy_nodemask+0x27c/0x720
[  685.015634][T15859]  ? __lock_acquire+0xab9/0xd20
[  685.015650][T15859]  alloc_pages_mpol+0x232/0x4a0
[  685.015670][T15859]  vma_alloc_folio_noprof+0xe4/0x200
[  685.015684][T15859]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  685.015703][T15859]  folio_prealloc+0x30/0x180
[  685.015716][T15859]  __handle_mm_fault+0x2a8b/0x5400
[  685.015735][T15859]  ? __pfx___handle_mm_fault+0x10/0x10
[  685.015756][T15859]  ? find_vma+0xe7/0x160
[  685.015765][T15859]  ? __pfx_find_vma+0x10/0x10
[  685.015776][T15859]  handle_mm_fault+0x40a/0x8e0
[  685.015792][T15859]  do_user_addr_fault+0x764/0x1380
[  685.015814][T15859]  exc_page_fault+0x82/0x100
[  685.015829][T15859]  asm_exc_page_fault+0x26/0x30
[  685.015838][T15859] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  685.015850][T15859] Code: 35 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 4f 35 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  685.015859][T15859] RSP: 0018:ffffc9001ea97b50 EFLAGS: 00050206
[  685.015869][T15859] RAX: ffffffff84912a01 RBX: 0000000000001000 RCX: 0000000000000540
[  685.015876][T15859] RDX: 0000000000000000 RSI: ffff888032be1ac0 RDI: 0000000080004000
[  685.015883][T15859] RBP: 0000000000001000 R08: ffff888032be1fff R09: 1ffff1100657c3ff
[  685.015890][T15859] R10: dffffc0000000000 R11: ffffed100657c400 R12: 0000000080004540
[  685.015897][T15859] R13: 00007ffffffff000 R14: ffff888032be1000 R15: 0000000080003540
[  685.015915][T15859]  ? _copy_from_user+0x91/0xb0
[  685.015932][T15859]  _copy_to_user+0x8a/0xb0
[  685.015947][T15859]  vcs_read+0xa62/0xdb0
[  685.015969][T15859]  ? __lock_acquire+0xab9/0xd20
[  685.015980][T15859]  ? __pfx_vcs_read+0x10/0x10
[  685.015994][T15859]  vfs_read+0x200/0xa30
[  685.016010][T15859]  ? __pfx_vfs_read+0x10/0x10
[  685.016021][T15859]  ? __fget_files+0x2a/0x420
[  685.016035][T15859]  ? __fget_files+0x2a/0x420
[  685.016046][T15859]  ? __fget_files+0x3a0/0x420
[  685.016057][T15859]  ? __fget_files+0x2a/0x420
[  685.016073][T15859]  ksys_read+0x145/0x250
[  685.016083][T15859]  ? exc_page_fault+0x82/0x100
[  685.016097][T15859]  ? __pfx_ksys_read+0x10/0x10
[  685.016109][T15859]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  685.016123][T15859]  ? lockdep_hardirqs_on+0x9c/0x150
[  685.016138][T15859]  __do_fast_syscall_32+0xb6/0x2b0
[  685.016153][T15859]  ? lockdep_hardirqs_on+0x9c/0x150
[  685.016168][T15859]  do_fast_syscall_32+0x34/0x80
[  685.016182][T15859]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  685.016193][T15859] RIP: 0023:0xf706d539
[  685.016202][T15859] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  685.016210][T15859] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  685.016220][T15859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003540
[  685.016226][T15859] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  685.016232][T15859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  685.016238][T15859] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  685.016244][T15859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  685.016259][T15859]  </TASK>
[  685.135953][ T5931] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[  685.160003][    T9] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  685.160918][ T5931] usb 1-1: device descriptor read/8, error -71
[  685.266760][ T5931] usb usb1-port1: unable to enumerate USB device
[  685.363188][    T9] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  685.363212][    T9] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  685.363228][    T9] usb 4-1: config 1 has no interface number 1
[  685.363322][    T9] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  685.363355][    T9] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  685.565472][    T9] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  685.565503][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  685.565523][    T9] usb 4-1: Product: syz
[  685.565537][    T9] usb 4-1: Manufacturer: syz
[  685.565552][    T9] usb 4-1: SerialNumber: syz
[  685.710293][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.715515][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  685.715595][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  686.080748][    T9] usb 4-1: USB disconnect, device number 21
[  686.189079][ T5874] udevd[5874]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  686.639926][T15883] FAULT_INJECTION: forcing a failure.
[  686.639926][T15883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  686.674915][T15883] CPU: 0 UID: 0 PID: 15883 Comm: syz.4.2691 Not tainted syzkaller #0 PREEMPT(full) 
[  686.674941][T15883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  686.674952][T15883] Call Trace:
[  686.674960][T15883]  <TASK>
[  686.674967][T15883]  dump_stack_lvl+0x189/0x250
[  686.674992][T15883]  ? __pfx____ratelimit+0x10/0x10
[  686.675015][T15883]  ? __pfx_dump_stack_lvl+0x10/0x10
[  686.675032][T15883]  ? __pfx__printk+0x10/0x10
[  686.675061][T15883]  should_fail_ex+0x414/0x560
[  686.675084][T15883]  _copy_from_user+0x2d/0xb0
[  686.675108][T15883]  copy_from_sockptr+0x5e/0xa0
[  686.675128][T15883]  do_ipv6_setsockopt+0x1741/0x2eb0
[  686.675153][T15883]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  686.675171][T15883]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  686.675202][T15883]  ? vfs_write+0x956/0xb30
[  686.675225][T15883]  ? __pfx___might_resched+0x10/0x10
[  686.675256][T15883]  ? __lock_acquire+0xab9/0xd20
[  686.675283][T15883]  ? aa_sk_perm+0x81e/0x950
[  686.675309][T15883]  ? __pfx_aa_sk_perm+0x10/0x10
[  686.675330][T15883]  ? __fget_files+0x2a/0x420
[  686.675348][T15883]  ? aa_sock_opt_perm+0xff/0x1b0
[  686.675371][T15883]  ipv6_setsockopt+0x59/0x170
[  686.675388][T15883]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  686.675416][T15883]  do_sock_setsockopt+0x17c/0x1b0
[  686.675438][T15883]  __ia32_sys_setsockopt+0x13f/0x1b0
[  686.675463][T15883]  __do_fast_syscall_32+0xb6/0x2b0
[  686.675488][T15883]  ? lockdep_hardirqs_on+0x9c/0x150
[  686.675514][T15883]  do_fast_syscall_32+0x34/0x80
[  686.675538][T15883]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  686.675559][T15883] RIP: 0023:0xf704d539
[  686.675575][T15883] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  686.675591][T15883] RSP: 002b:00000000f543d55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  686.675611][T15883] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  686.675623][T15883] RDX: 000000000000001b RSI: 00000000800000c0 RDI: 0000000000000020
[  686.675634][T15883] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  686.675645][T15883] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  686.675655][T15883] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  686.675684][T15883]  </TASK>
[  687.194373][T15897] pimreg: entered allmulticast mode
[  687.202800][T15897] pimreg: left allmulticast mode
[  687.307112][    T9] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  687.655560][    T9] usb 4-1: Using ep0 maxpacket: 16
[  687.664486][    T9] usb 4-1: too many configurations: 97, using maximum allowed: 8
[  687.676479][T15906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2698'.
[  687.830395][    T9] usb 4-1: string descriptor 0 read error: -71
[  687.837013][    T9] usb 4-1: New USB device found, idVendor=2304, idProduct=023b, bcdDevice=7b.5c
[  687.881949][    T9] usb 4-1: New USB device strings: Mfr=249, Product=204, SerialNumber=224
[  687.900600][    T9] usb 4-1: rejected 8 configurations due to insufficient available bus power
[  687.910376][    T9] usb 4-1: no configuration chosen from 8 choices
[  687.929993][    T9] usb 4-1: USB disconnect, device number 22
[  687.965397][ T5825] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  688.140080][ T5825] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  688.149051][ T5825] usb 2-1: config 1 descriptor has 1 excess byte, ignoring
[  688.185628][ T5825] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  688.234120][ T5825] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  688.290026][ T5825] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  688.322106][ T5825] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  688.365181][ T5825] usb 2-1: Product: syz
[  688.385408][ T5825] usb 2-1: Manufacturer: syz
[  688.509496][ T5825] cdc_wdm 2-1:1.0: skipping garbage
[  688.511783][T15909] FAULT_INJECTION: forcing a failure.
[  688.511783][T15909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  688.519228][ T5825] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22
[  688.536119][T15909] CPU: 1 UID: 0 PID: 15909 Comm: syz.3.2699 Not tainted syzkaller #0 PREEMPT(full) 
[  688.536142][T15909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  688.536152][T15909] Call Trace:
[  688.536164][T15909]  <TASK>
[  688.536177][T15909]  dump_stack_lvl+0x189/0x250
[  688.536200][T15909]  ? __pfx____ratelimit+0x10/0x10
[  688.536221][T15909]  ? __pfx_dump_stack_lvl+0x10/0x10
[  688.536238][T15909]  ? __pfx__printk+0x10/0x10
[  688.536256][T15909]  ? __might_fault+0xb0/0x130
[  688.536282][T15909]  should_fail_ex+0x414/0x560
[  688.536313][T15909]  _copy_from_iter+0x1de/0x1790
[  688.536334][T15909]  ? skb_set_owner_w+0x25b/0x3a0
[  688.536358][T15909]  ? sock_alloc_send_pskb+0x86b/0x980
[  688.536385][T15909]  ? __pfx__copy_from_iter+0x10/0x10
[  688.536414][T15909]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  688.536447][T15909]  skb_copy_datagram_from_iter+0xf5/0x720
[  688.536472][T15909]  ? dev_get_by_index+0x22/0x2e0
[  688.536494][T15909]  ? skb_put+0x11b/0x210
[  688.536516][T15909]  packet_sendmsg+0x3797/0x5080
[  688.536548][T15909]  ? __aa_labelset_update_subtree+0x1090/0x11b0
[  688.536590][T15909]  ? __pfx___might_resched+0x10/0x10
[  688.536613][T15909]  ? __lock_acquire+0xab9/0xd20
[  688.536648][T15909]  ? __pfx_packet_sendmsg+0x10/0x10
[  688.536662][T15909]  ? aa_sk_perm+0x81e/0x950
[  688.536691][T15909]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  688.536719][T15909]  ? aa_sock_msg_perm+0xf1/0x1d0
[  688.536742][T15909]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  688.536764][T15909]  ? __pfx_packet_sendmsg+0x10/0x10
[  688.536783][T15909]  __sock_sendmsg+0x21c/0x270
[  688.536811][T15909]  __sys_sendto+0x3bd/0x520
[  688.536841][T15909]  ? __pfx___sys_sendto+0x10/0x10
[  688.536857][T15909]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  688.536894][T15909]  ? __fget_files+0x3a0/0x420
[  688.536932][T15909]  ? ksys_write+0x22a/0x250
[  688.536959][T15909]  ? exc_page_fault+0x82/0x100
[  688.536983][T15909]  ? __pfx_ksys_write+0x10/0x10
[  688.537008][T15909]  __ia32_sys_sendto+0xdd/0x100
[  688.537031][T15909]  __do_fast_syscall_32+0xb6/0x2b0
[  688.537056][T15909]  ? lockdep_hardirqs_on+0x9c/0x150
[  688.537085][T15909]  do_fast_syscall_32+0x34/0x80
[  688.537114][T15909]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  688.537136][T15909] RIP: 0023:0xf70ed539
[  688.537152][T15909] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  688.537167][T15909] RSP: 002b:00000000f54dd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[  688.537187][T15909] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  688.537199][T15909] RDX: 000000000000000e RSI: 0000000000000801 RDI: 0000000080000000
[  688.537211][T15909] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  688.537222][T15909] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  688.537233][T15909] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  688.537270][T15909]  </TASK>
[  688.832081][    C1] vkms_vblank_simulate: vblank timer overrun
[  688.911588][T15911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2700'.
[  689.725995][ T5825] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[  689.901077][ T5825] usb 3-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[  689.910370][ T5825] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  689.919228][ T5825] usb 3-1: Product: syz
[  689.927933][T15933] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2707'.
[  689.955420][ T5825] usb 3-1: Manufacturer: syz
[  689.960228][ T5825] usb 3-1: SerialNumber: syz
[  690.175900][ T5908] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[  690.191495][   T30] audit: type=1326 audit(1761078053.239:8256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.213573][    C1] vkms_vblank_simulate: vblank timer overrun
[  690.229315][ T5825] gspca_main: pac207-2.14.0 probing 093a:2476
[  690.234171][   T30] audit: type=1326 audit(1761078053.239:8257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.237076][ T5825] gspca_pac207: Failed to read a register (index 0x0000, error -71)
[  690.258843][   T30] audit: type=1326 audit(1761078053.239:8258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.283170][ T5825] uvcvideo 3-1:13.0: probe with driver uvcvideo failed with error -22
[  690.290487][   T30] audit: type=1326 audit(1761078053.239:8259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.329376][   T30] audit: type=1326 audit(1761078053.239:8260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.351705][ T5908] usb 1-1: Using ep0 maxpacket: 32
[  690.366518][   T30] audit: type=1326 audit(1761078053.239:8261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=9 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.366638][ T5908] usb 1-1: config 0 has an invalid interface number: 19 but max is 0
[  690.399179][   T30] audit: type=1326 audit(1761078053.239:8262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.409123][ T5825] usb 3-1: USB disconnect, device number 99
[  690.421713][ T5908] usb 1-1: config 0 has no interface number 0
[  690.447382][ T5908] usb 1-1: config 0 interface 19 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  690.458870][   T30] audit: type=1326 audit(1761078053.239:8263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.480836][    C1] vkms_vblank_simulate: vblank timer overrun
[  690.487584][ T5908] usb 1-1: config 0 interface 19 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 16
[  690.497834][ T5908] usb 1-1: config 0 interface 19 altsetting 0 has an endpoint descriptor with address 0x91, changing to 0x81
[  690.510395][ T5908] usb 1-1: config 0 interface 19 altsetting 0 endpoint 0x81 has invalid maxpacket 34106, setting to 1024
[  690.522730][   T30] audit: type=1326 audit(1761078053.239:8264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.544837][    C1] vkms_vblank_simulate: vblank timer overrun
[  690.553227][ T5908] usb 1-1: config 0 interface 19 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  690.563737][ T5908] usb 1-1: config 0 interface 19 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  690.585607][   T30] audit: type=1326 audit(1761078053.239:8265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15925 comm="syz.2.2704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706d539 code=0x7ffc0000
[  690.616963][    T9] usb 2-1: USB disconnect, device number 2
[  690.668053][ T5908] usb 1-1: New USB device found, idVendor=04a4, idProduct=0014, bcdDevice=c9.57
[  690.677975][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.686310][ T5908] usb 1-1: Product: syz
[  690.691094][ T5908] usb 1-1: Manufacturer: syz
[  690.696875][ T5908] usb 1-1: SerialNumber: syz
[  690.710347][ T5908] usb 1-1: config 0 descriptor??
[  690.716524][T15933] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  690.723891][T15933] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  690.734246][ T5908] ipaq 1-1:0.19: PocketPC PDA converter detected
[  690.741077][ T5908] usb 1-1: active config #0 != 1 ??
[  690.895669][T15946] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  690.902357][T15946] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  690.913306][T15946] vhci_hcd vhci_hcd.0: Device attached
[  690.924837][T15947] usbip_core: unknown command
[  690.930012][T15947] vhci_hcd: unknown pdu 0
[  690.934483][T15947] usbip_core: unknown command
[  690.945208][T15126] vhci_hcd: stop threads
[  690.950936][T15126] vhci_hcd: release socket
[  690.951232][   T43] usb 1-1: USB disconnect, device number 120
[  690.955578][T15126] vhci_hcd: disconnect device
[  692.054765][T15973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2721'.
[  692.138936][T15976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2719'.
[  692.375434][ T5908] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[  692.589236][ T5908] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  692.598125][ T5908] usb 3-1: config 1 descriptor has 1 excess byte, ignoring
[  692.608249][ T5908] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  692.625891][ T5908] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  692.657362][ T5908] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  692.680482][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  692.834632][ T5908] usb 3-1: Product: syz
[  692.855620][ T5908] usb 3-1: Manufacturer: syz
[  692.880631][ T5908] cdc_wdm 3-1:1.0: skipping garbage
[  692.886071][ T5908] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  693.548812][T15994] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2725'.
[  693.835384][   T43] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  693.985509][   T43] usb 5-1: Using ep0 maxpacket: 32
[  693.993285][   T43] usb 5-1: config 0 has an invalid interface number: 19 but max is 0
[  694.001656][   T43] usb 5-1: config 0 has no interface number 0
[  694.008426][   T43] usb 5-1: config 0 interface 19 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  694.021422][   T43] usb 5-1: config 0 interface 19 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 16
[  694.040040][   T43] usb 5-1: config 0 interface 19 altsetting 0 has an endpoint descriptor with address 0x91, changing to 0x81
[  694.073401][   T43] usb 5-1: config 0 interface 19 altsetting 0 endpoint 0x81 has invalid maxpacket 34106, setting to 1024
[  694.096326][   T43] usb 5-1: config 0 interface 19 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  694.120192][   T43] usb 5-1: config 0 interface 19 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  694.155216][   T43] usb 5-1: New USB device found, idVendor=04a4, idProduct=0014, bcdDevice=c9.57
[  694.164889][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.174697][   T43] usb 5-1: Product: syz
[  694.179165][   T43] usb 5-1: Manufacturer: syz
[  694.184000][   T43] usb 5-1: SerialNumber: syz
[  694.199723][   T43] usb 5-1: config 0 descriptor??
[  694.215205][T15994] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  694.222847][T15994] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  694.238925][   T43] ipaq 5-1:0.19: PocketPC PDA converter detected
[  694.252256][   T43] usb 5-1: active config #0 != 1 ??
[  694.577428][   T43] usb 5-1: USB disconnect, device number 8
[  695.089047][    T9] usb 3-1: USB disconnect, device number 100
[  695.296253][T16013] FAULT_INJECTION: forcing a failure.
[  695.296253][T16013] name failslab, interval 1, probability 0, space 0, times 0
[  695.330594][T16013] CPU: 0 UID: 0 PID: 16013 Comm: syz.2.2732 Not tainted syzkaller #0 PREEMPT(full) 
[  695.330621][T16013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  695.330633][T16013] Call Trace:
[  695.330641][T16013]  <TASK>
[  695.330650][T16013]  dump_stack_lvl+0x189/0x250
[  695.330675][T16013]  ? __pfx____ratelimit+0x10/0x10
[  695.330699][T16013]  ? __pfx_dump_stack_lvl+0x10/0x10
[  695.330718][T16013]  ? __pfx__printk+0x10/0x10
[  695.330743][T16013]  ? __pfx___might_resched+0x10/0x10
[  695.330766][T16013]  ? fs_reclaim_acquire+0x7d/0x100
[  695.330793][T16013]  should_fail_ex+0x414/0x560
[  695.330816][T16013]  should_failslab+0xa8/0x100
[  695.330841][T16013]  __kmalloc_cache_noprof+0x6f/0x6f0
[  695.330862][T16013]  ? alloc_bprm+0x7d/0x5c0
[  695.330885][T16013]  alloc_bprm+0x7d/0x5c0
[  695.330908][T16013]  do_execveat_common+0x1b3/0x6a0
[  695.330942][T16013]  __ia32_compat_sys_execve+0x99/0xb0
[  695.330965][T16013]  __do_fast_syscall_32+0xb6/0x2b0
[  695.330992][T16013]  ? lockdep_hardirqs_on+0x9c/0x150
[  695.331020][T16013]  do_fast_syscall_32+0x34/0x80
[  695.331045][T16013]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  695.331067][T16013] RIP: 0023:0xf706d539
[  695.331083][T16013] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  695.331099][T16013] RSP: 002b:00000000f545d55c EFLAGS: 00000206 ORIG_RAX: 000000000000000b
[  695.331119][T16013] RAX: ffffffffffffffda RBX: 0000000080000400 RCX: 0000000000000000
[  695.331133][T16013] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  695.331144][T16013] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  695.331155][T16013] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  695.331165][T16013] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  695.331194][T16013]  </TASK>
[  695.870203][ T5825] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[  696.095361][ T5825] usb 3-1: Using ep0 maxpacket: 8
[  696.104362][ T5825] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  696.172981][ T5825] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 0.00
[  696.182311][ T5825] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  696.271735][ T5825] usb 3-1: config 0 descriptor??
[  696.554529][ T5825] corsair 0003:1B1C:1B09.0033: unbalanced delimiter at end of report description
[  696.603730][ T5825] corsair 0003:1B1C:1B09.0033: parse failed
[  696.609965][ T5825] corsair 0003:1B1C:1B09.0033: probe with driver corsair failed with error -22
[  696.635435][ T5895] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  696.799912][ T5895] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  696.812705][ T5895] usb 2-1: config 0 has no interface number 0
[  696.824913][ T5895] usb 2-1: config 0 interface 41 has no altsetting 0
[  696.841941][ T5895] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  696.857922][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  696.866559][ T5895] usb 2-1: Product: syz
[  696.870874][ T5895] usb 2-1: Manufacturer: syz
[  696.879780][ T5895] usb 2-1: SerialNumber: syz
[  696.885274][T16038] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2741'.
[  696.897705][ T5895] usb 2-1: config 0 descriptor??
[  697.135404][ T5825] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  697.151661][T16042] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2743'.
[  697.287142][ T5825] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  697.295958][ T5825] usb 5-1: config 1 descriptor has 1 excess byte, ignoring
[  697.303235][ T5825] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  697.313554][ T5825] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  697.331815][ T5825] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  697.341926][ T5825] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  697.365823][ T5825] usb 5-1: Product: syz
[  697.374711][ T5825] usb 5-1: Manufacturer: syz
[  697.385010][ T5825] cdc_wdm 5-1:1.0: skipping garbage
[  697.398240][ T5931] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  697.415542][ T5825] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  697.578280][ T5931] usb 4-1: Using ep0 maxpacket: 32
[  697.596195][ T5895] CoreChips 2-1:0.41: probe with driver CoreChips failed with error -32
[  697.598519][ T5931] usb 4-1: config 0 has an invalid interface number: 19 but max is 0
[  697.625705][ T5931] usb 4-1: config 0 has no interface number 0
[  697.631839][ T5931] usb 4-1: config 0 interface 19 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  697.646193][ T5931] usb 4-1: config 0 interface 19 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 16
[  697.656178][ T5931] usb 4-1: config 0 interface 19 altsetting 0 has an endpoint descriptor with address 0x91, changing to 0x81
[  697.669018][ T5931] usb 4-1: config 0 interface 19 altsetting 0 endpoint 0x81 has invalid maxpacket 34106, setting to 1024
[  697.680654][ T5931] usb 4-1: config 0 interface 19 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  697.690880][ T5931] usb 4-1: config 0 interface 19 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  697.708069][ T5931] usb 4-1: New USB device found, idVendor=04a4, idProduct=0014, bcdDevice=c9.57
[  697.717270][ T5931] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  697.725267][ T5931] usb 4-1: Product: syz
[  697.729578][ T5931] usb 4-1: Manufacturer: syz
[  697.734175][ T5931] usb 4-1: SerialNumber: syz
[  697.751404][ T5931] usb 4-1: config 0 descriptor??
[  697.757181][T16042] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  697.764539][T16042] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  697.773486][ T5931] ipaq 4-1:0.19: PocketPC PDA converter detected
[  697.780272][ T5931] usb 4-1: active config #0 != 1 ??
[  697.983774][ T5895] usb 4-1: USB disconnect, device number 23
[  698.756073][ T5931] usb 3-1: USB disconnect, device number 101
[  699.095710][ T5825] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[  699.173054][T16067] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2747'.
[  699.255405][ T5825] usb 1-1: Using ep0 maxpacket: 16
[  699.262895][ T5825] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  699.317942][ T5825] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  699.362279][ T5825] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  699.391592][ T5825] usb 1-1: config 0 descriptor??
[  699.662785][T16070] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  699.905481][ T5881] usb 5-1: USB disconnect, device number 9
[  700.909418][ T5881] usb 2-1: USB disconnect, device number 3
[  701.593614][ T5825] usbhid 1-1:0.0: can't add hid device: -71
[  701.599974][ T5825] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  701.610705][ T5825] usb 1-1: USB disconnect, device number 121
[  702.328531][T16096] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2757'.
[  702.385153][T16099] FAULT_INJECTION: forcing a failure.
[  702.385153][T16099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  702.400521][T16099] CPU: 1 UID: 0 PID: 16099 Comm: syz.4.2758 Not tainted syzkaller #0 PREEMPT(full) 
[  702.400546][T16099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  702.400557][T16099] Call Trace:
[  702.400565][T16099]  <TASK>
[  702.400573][T16099]  dump_stack_lvl+0x189/0x250
[  702.400596][T16099]  ? __pfx____ratelimit+0x10/0x10
[  702.400618][T16099]  ? __pfx_dump_stack_lvl+0x10/0x10
[  702.400638][T16099]  ? __pfx__printk+0x10/0x10
[  702.400669][T16099]  should_fail_ex+0x414/0x560
[  702.400693][T16099]  _copy_to_user+0x31/0xb0
[  702.400719][T16099]  simple_read_from_buffer+0xe1/0x170
[  702.400745][T16099]  proc_fail_nth_read+0x1b3/0x220
[  702.400766][T16099]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  702.400788][T16099]  ? rw_verify_area+0x2a6/0x4d0
[  702.400804][T16099]  ? __lock_acquire+0xab9/0xd20
[  702.400823][T16099]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  702.400841][T16099]  vfs_read+0x200/0xa30
[  702.400859][T16099]  ? fdget_pos+0x247/0x320
[  702.400882][T16099]  ? __pfx___mutex_lock+0x10/0x10
[  702.400907][T16099]  ? __pfx_vfs_read+0x10/0x10
[  702.400926][T16099]  ? __fget_files+0x2a/0x420
[  702.400959][T16099]  ? __fget_files+0x3a0/0x420
[  702.400978][T16099]  ? __fget_files+0x2a/0x420
[  702.401007][T16099]  ksys_read+0x145/0x250
[  702.401029][T16099]  ? __pfx_ksys_read+0x10/0x10
[  702.401050][T16099]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  702.401075][T16099]  ? lockdep_hardirqs_on+0x9c/0x150
[  702.401100][T16099]  __do_fast_syscall_32+0xb6/0x2b0
[  702.401124][T16099]  ? lockdep_hardirqs_on+0x9c/0x150
[  702.401151][T16099]  do_fast_syscall_32+0x34/0x80
[  702.401176][T16099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  702.401196][T16099] RIP: 0023:0xf704d539
[  702.401211][T16099] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  702.401226][T16099] RSP: 002b:00000000f543d590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  702.401245][T16099] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543d620
[  702.401258][T16099] RDX: 000000000000000f RSI: 00000000f73e5ff4 RDI: 0000000000000000
[  702.401270][T16099] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  702.401279][T16099] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  702.401290][T16099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  702.401319][T16099]  </TASK>
[  702.639315][    C1] vkms_vblank_simulate: vblank timer overrun
[  702.787171][ T5895] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[  702.832823][T16103] input: syz0 as /devices/virtual/input/input30
[  702.955393][ T5895] usb 3-1: Using ep0 maxpacket: 32
[  702.962393][ T5895] usb 3-1: config 0 has an invalid interface number: 19 but max is 0
[  702.971179][ T5895] usb 3-1: config 0 has no interface number 0
[  702.977579][ T5895] usb 3-1: config 0 interface 19 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  702.990114][ T5895] usb 3-1: config 0 interface 19 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 16
[  703.000278][ T5895] usb 3-1: config 0 interface 19 altsetting 0 has an endpoint descriptor with address 0x91, changing to 0x81
[  703.012137][ T5895] usb 3-1: config 0 interface 19 altsetting 0 endpoint 0x81 has invalid maxpacket 34106, setting to 1024
[  703.023595][ T5895] usb 3-1: config 0 interface 19 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  703.033915][ T5895] usb 3-1: config 0 interface 19 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  703.049739][ T5895] usb 3-1: New USB device found, idVendor=04a4, idProduct=0014, bcdDevice=c9.57
[  703.059610][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.067712][ T5895] usb 3-1: Product: syz
[  703.072018][ T5895] usb 3-1: Manufacturer: syz
[  703.076724][ T5895] usb 3-1: SerialNumber: syz
[  703.083528][ T5895] usb 3-1: config 0 descriptor??
[  703.089751][T16096] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  703.097171][T16096] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  703.106666][ T5895] ipaq 3-1:0.19: PocketPC PDA converter detected
[  703.113238][ T5895] usb 3-1: active config #0 != 1 ??
[  703.115399][ T5825] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  703.195602][   T43] usb 1-1: new full-speed USB device number 122 using dummy_hcd
[  703.277036][ T5825] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  703.288197][ T5825] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  703.298162][ T5825] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  703.308721][ T5825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  703.319062][ T5895] usb 3-1: USB disconnect, device number 102
[  703.321370][T16103] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  703.350907][ T5825] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  703.368132][   T43] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  703.378493][   T43] usb 1-1: config 0 has no interface number 0
[  703.384891][   T43] usb 1-1: config 0 interface 41 has no altsetting 0
[  703.396829][   T43] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  703.407738][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.417234][   T43] usb 1-1: Product: syz
[  703.422106][   T43] usb 1-1: Manufacturer: syz
[  703.432626][   T43] usb 1-1: SerialNumber: syz
[  703.447641][   T43] usb 1-1: config 0 descriptor??
[  703.564223][ T5825] usb 5-1: USB disconnect, device number 10
[  703.774521][T16103] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2761'.
[  704.149176][   T43] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -32
[  704.534465][ T5825] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[  704.773346][ T5825] usb 3-1: Using ep0 maxpacket: 16
[  704.795089][ T5825] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  704.822157][ T5825] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  704.842074][ T5825] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.863344][ T5825] usb 3-1: config 0 descriptor??
[  705.137691][ T5895] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  705.307325][ T5895] usb 4-1: config 0 has an invalid interface number: 5 but max is 0
[  705.315751][ T5895] usb 4-1: config 0 has an invalid descriptor of length 10, skipping remainder of the config
[  705.336493][ T5895] usb 4-1: config 0 has no interface number 0
[  705.350304][ T5895] usb 4-1: config 0 interface 5 has no altsetting 0
[  705.372196][ T5895] usb 4-1: New USB device found, idVendor=0403, idProduct=e0f5, bcdDevice=37.20
[  705.382928][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67
[  705.391392][ T5895] usb 4-1: Product: syz
[  705.400366][ T5895] usb 4-1: Manufacturer: syz
[  705.405038][ T5895] usb 4-1: SerialNumber: syz
[  705.459365][ T5895] usb 4-1: config 0 descriptor??
[  705.483736][ T5895] ftdi_sio 4-1:0.5: FTDI USB Serial Device converter detected
[  705.496219][ T5895] ftdi_sio ttyUSB0: unknown device type: 0x3720
[  706.188958][T16149] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  706.535565][T16151] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2774'.
[  706.756575][T14937] usb 4-1: USB disconnect, device number 24
[  706.763606][T14937] ftdi_sio 4-1:0.5: device disconnected
[  706.810031][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  707.099110][ T5825] usbhid 3-1:0.0: can't add hid device: -71
[  707.107968][ T5825] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  707.124991][    T9] usb 2-1: Using ep0 maxpacket: 32
[  707.142158][    T9] usb 2-1: config 0 has an invalid interface number: 19 but max is 0
[  707.377476][    T9] usb 2-1: config 0 has no interface number 0
[  707.393319][ T5825] usb 3-1: USB disconnect, device number 103
[  707.405873][    T9] usb 2-1: config 0 interface 19 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  707.491096][    T9] usb 2-1: config 0 interface 19 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 16
[  707.522245][    T9] usb 2-1: config 0 interface 19 altsetting 0 has an endpoint descriptor with address 0x91, changing to 0x81
[  707.560107][    T9] usb 2-1: config 0 interface 19 altsetting 0 endpoint 0x81 has invalid maxpacket 34106, setting to 1024
[  707.574569][    T9] usb 2-1: config 0 interface 19 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  707.594449][ T5881] usb 1-1: USB disconnect, device number 122
[  707.627293][    T9] usb 2-1: config 0 interface 19 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  707.658840][    T9] usb 2-1: New USB device found, idVendor=04a4, idProduct=0014, bcdDevice=c9.57
[  707.668173][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.676347][    T9] usb 2-1: Product: syz
[  707.680810][    T9] usb 2-1: Manufacturer: syz
[  707.685520][    T9] usb 2-1: SerialNumber: syz
[  707.695611][    T9] usb 2-1: config 0 descriptor??
[  707.701882][T16151] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  707.709933][T16151] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  707.721236][    T9] ipaq 2-1:0.19: PocketPC PDA converter detected
[  707.738493][    T9] usb 2-1: active config #0 != 1 ??
[  707.896604][T16178] geneve2: entered promiscuous mode
[  707.903430][T16178] geneve2: entered allmulticast mode
[  707.941689][    T9] usb 2-1: USB disconnect, device number 4
[  708.797770][T16193] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2783'.
[  710.478708][T16220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2790'.
[  710.669669][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  710.805411][    T9] usb 2-1: device descriptor read/64, error -71
[  711.045543][    T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  711.175410][    T9] usb 2-1: device descriptor read/64, error -71
[  711.289340][    T9] usb usb2-port1: attempt power cycle
[  711.564799][T16231] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2795'.
[  711.685383][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  711.713635][T16231] 8021q: adding VLAN 0 to HW filter on device bond1
[  711.724884][    T9] usb 2-1: device descriptor read/8, error -71
[  711.943928][T16235] 8021q: adding VLAN 0 to HW filter on device bond1
[  711.957957][T16235] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  711.997862][    T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  712.035483][    T9] usb 2-1: device descriptor read/8, error -71
[  712.051037][T16235] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  712.156908][    T9] usb usb2-port1: unable to enumerate USB device
[  712.457614][T16242] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  712.466763][T16242] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  712.474378][T16242] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  712.482920][T16242] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  712.490669][T16242] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  713.612774][T16246] chnl_net:caif_netlink_parms(): no params data found
[  714.243120][T16246] bridge0: port 1(bridge_slave_0) entered blocking state
[  714.257344][T16246] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.282143][T16246] bridge_slave_0: entered allmulticast mode
[  714.304597][T16246] bridge_slave_0: entered promiscuous mode
[  714.342780][ T1325] bridge_slave_1: left allmulticast mode
[  714.348848][ T1325] bridge_slave_1: left promiscuous mode
[  714.377701][ T1325] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.444671][ T1325] bridge_slave_0: left allmulticast mode
[  714.451177][ T1325] bridge_slave_0: left promiscuous mode
[  714.457218][ T1325] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.712001][T16286] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2806'.
[  714.751620][T16242] Bluetooth: hci5: command tx timeout
[  716.090776][ T1325] bond2 (unregistering): (slave bridge2): Releasing backup interface
[  716.337596][ T1325] bond0 (unregistering): Released all slaves
[  716.361967][ T1325] bond1 (unregistering): Released all slaves
[  716.389784][ T1325] bond2 (unregistering): Released all slaves
[  716.425158][T16246] bridge0: port 2(bridge_slave_1) entered blocking state
[  716.432443][T16246] bridge0: port 2(bridge_slave_1) entered disabled state
[  716.440783][T16246] bridge_slave_1: entered allmulticast mode
[  716.449002][T16246] bridge_slave_1: entered promiscuous mode
[  716.740158][ T1325] tipc: Left network mode
[  716.767458][T16246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  716.825497][T16242] Bluetooth: hci5: command tx timeout
[  716.831256][T16246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  716.939348][T16246] team0: Port device team_slave_0 added
[  716.954432][T16246] team0: Port device team_slave_1 added
[  717.065951][T16246] batman_adv: batadv0: Adding interface: batadv_slave_0
[  717.106059][T16246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  717.132674][ T5825] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[  717.140639][T16246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  717.161567][ T1325] hsr_slave_0: left promiscuous mode
[  717.168875][ T1325] batman_adv: batadv0: Removing interface: batadv_slave_0
[  717.179455][ T1325] batman_adv: batadv0: Removing interface: batadv_slave_1
[  717.195216][ T1325] hsr0: left allmulticast mode
[  717.275422][ T5825] usb 1-1: device descriptor read/64, error -71
[  717.541437][ T5825] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[  717.692608][ T1325] team0 (unregistering): Port device team_slave_1 removed
[  717.699995][ T5825] usb 1-1: device descriptor read/64, error -71
[  717.744556][ T1325] team0 (unregistering): Port device team_slave_0 removed
[  717.815734][ T5825] usb usb1-port1: attempt power cycle
[  718.103209][T16246] batman_adv: batadv0: Adding interface: batadv_slave_1
[  718.111770][T16246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  718.138373][T16246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  718.195551][ T5825] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[  718.219672][ T5825] usb 1-1: device descriptor read/8, error -71
[  718.254546][T16246] hsr_slave_0: entered promiscuous mode
[  718.261539][T16246] hsr_slave_1: entered promiscuous mode
[  718.268338][T16246] debugfs: 'hsr0' already exists in 'hsr'
[  718.274054][T16246] Cannot create hsr debugfs directory
[  718.494353][ T5825] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[  718.573735][ T5825] usb 1-1: device descriptor read/8, error -71
[  718.738571][T16343] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2812'.
[  718.874113][ T5825] usb usb1-port1: unable to enumerate USB device
[  718.907872][ T1325] IPVS: stop unused estimator thread 0...
[  718.915464][T16242] Bluetooth: hci5: command tx timeout
[  719.167272][ T5825] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  719.337170][ T5825] usb 5-1: Using ep0 maxpacket: 16
[  719.346113][ T5825] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[  719.407967][ T5825] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  719.450959][ T5825] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  719.483929][ T5825] usb 5-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  719.521777][ T5825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  719.542797][ T5825] usb 5-1: config 0 descriptor??
[  719.711196][T16246] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  719.723326][T16246] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  719.739452][T16246] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  719.755238][T16246] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  719.976143][T16246] 8021q: adding VLAN 0 to HW filter on device bond0
[  720.122403][T16246] 8021q: adding VLAN 0 to HW filter on device team0
[  720.232630][  T772] bridge0: port 1(bridge_slave_0) entered blocking state
[  720.239777][  T772] bridge0: port 1(bridge_slave_0) entered forwarding state
[  720.257736][ T5825] usbhid 5-1:0.0: can't add hid device: -71
[  720.265524][ T5825] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  720.306255][ T5825] usb 5-1: USB disconnect, device number 11
[  720.335154][  T772] bridge0: port 2(bridge_slave_1) entered blocking state
[  720.342352][  T772] bridge0: port 2(bridge_slave_1) entered forwarding state
[  720.604251][T16246] 8021q: adding VLAN 0 to HW filter on device batadv0
[  720.700723][T16246] veth0_vlan: entered promiscuous mode
[  720.717794][T16246] veth1_vlan: entered promiscuous mode
[  720.766678][T16246] veth0_macvtap: entered promiscuous mode
[  720.803916][T16246] veth1_macvtap: entered promiscuous mode
[  720.832040][T16246] batman_adv: batadv0: Interface activated: batadv_slave_0
[  720.852960][T16246] batman_adv: batadv0: Interface activated: batadv_slave_1
[  721.007243][T16242] Bluetooth: hci5: command tx timeout
[  721.015008][ T3562] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  721.024274][ T3562] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  721.053993][ T3562] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  721.086758][ T3562] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  721.250345][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  721.264588][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  721.349970][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  721.358540][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  721.749640][T16407] FAULT_INJECTION: forcing a failure.
[  721.749640][T16407] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  721.767402][T16407] CPU: 1 UID: 0 PID: 16407 Comm: syz.4.2824 Not tainted syzkaller #0 PREEMPT(full) 
[  721.767427][T16407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  721.767439][T16407] Call Trace:
[  721.767446][T16407]  <TASK>
[  721.767455][T16407]  dump_stack_lvl+0x189/0x250
[  721.767480][T16407]  ? __pfx____ratelimit+0x10/0x10
[  721.767505][T16407]  ? __pfx_dump_stack_lvl+0x10/0x10
[  721.767523][T16407]  ? __pfx__printk+0x10/0x10
[  721.767551][T16407]  ? __might_fault+0xb0/0x130
[  721.767580][T16407]  should_fail_ex+0x414/0x560
[  721.767603][T16407]  _copy_from_user+0x2d/0xb0
[  721.767628][T16407]  get_compat_msghdr+0xad/0x4a0
[  721.767654][T16407]  ? __pfx_get_compat_msghdr+0x10/0x10
[  721.767687][T16407]  ___sys_sendmsg+0x193/0x2a0
[  721.767710][T16407]  ? __pfx____sys_sendmsg+0x10/0x10
[  721.767765][T16407]  ? __fget_files+0x2a/0x420
[  721.767786][T16407]  ? __fget_files+0x3a0/0x420
[  721.767817][T16407]  __sys_sendmsg+0x164/0x220
[  721.767839][T16407]  ? __pfx___sys_sendmsg+0x10/0x10
[  721.767868][T16407]  ? __pfx_ksys_write+0x10/0x10
[  721.767891][T16407]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  721.767916][T16407]  ? lockdep_hardirqs_on+0x9c/0x150
[  721.767942][T16407]  __do_fast_syscall_32+0xb6/0x2b0
[  721.767967][T16407]  ? lockdep_hardirqs_on+0x9c/0x150
[  721.767995][T16407]  do_fast_syscall_32+0x34/0x80
[  721.768019][T16407]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  721.768039][T16407] RIP: 0023:0xf704d539
[  721.768056][T16407] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  721.768072][T16407] RSP: 002b:00000000f543d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  721.768091][T16407] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  721.768103][T16407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  721.768113][T16407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  721.768123][T16407] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  721.768134][T16407] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  721.768166][T16407]  </TASK>
[  722.076739][T16409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2823'.
[  722.560250][T16413] syzkaller0: entered promiscuous mode
[  722.565800][T16413] syzkaller0: entered allmulticast mode
[  722.815371][ T5825] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  722.936320][ T5908] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  722.976371][ T5825] usb 5-1: Using ep0 maxpacket: 8
[  722.989338][ T5825] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  723.012216][ T5825] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  723.045713][ T5825] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  723.055954][ T5825] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  723.066450][ T5825] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  723.092903][ T5908] usb 4-1: device descriptor read/64, error -71
[  723.121113][ T5825] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  723.130781][ T5825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  723.335543][ T5908] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  723.347572][ T5825] usb 5-1: usb_control_msg returned -32
[  723.353434][ T5825] usbtmc 5-1:16.0: can't read capabilities
[  723.476406][ T5908] usb 4-1: device descriptor read/64, error -71
[  723.598106][ T5908] usb usb4-port1: attempt power cycle
[  723.704095][T16417] usbtmc 5-1:16.0: stb usb_control_msg returned -32
[  723.728984][ T5825] usb 5-1: USB disconnect, device number 12
[  723.995500][T16446] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2829'.
[  724.055213][ T5908] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  724.155531][ T5908] usb 4-1: device descriptor read/8, error -71
[  724.427671][ T5908] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  724.668227][T16459] use of bytesused == 0 is deprecated and will be removed in the future,
[  724.685400][T16459] use the actual size instead.
[  724.917196][ T5908] usb 4-1: device descriptor read/8, error -71
[  725.028348][ T5908] usb usb4-port1: unable to enumerate USB device
[  726.277526][T16480] FAULT_INJECTION: forcing a failure.
[  726.277526][T16480] name failslab, interval 1, probability 0, space 0, times 0
[  726.290348][T16480] CPU: 0 UID: 0 PID: 16480 Comm: syz.0.2835 Not tainted syzkaller #0 PREEMPT(full) 
[  726.290370][T16480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  726.290382][T16480] Call Trace:
[  726.290390][T16480]  <TASK>
[  726.290398][T16480]  dump_stack_lvl+0x189/0x250
[  726.290422][T16480]  ? __pfx____ratelimit+0x10/0x10
[  726.290446][T16480]  ? __pfx_dump_stack_lvl+0x10/0x10
[  726.290463][T16480]  ? __pfx__printk+0x10/0x10
[  726.290487][T16480]  ? __lock_acquire+0xab9/0xd20
[  726.290516][T16480]  should_fail_ex+0x414/0x560
[  726.290540][T16480]  should_failslab+0xa8/0x100
[  726.290564][T16480]  kmem_cache_alloc_noprof+0x74/0x6e0
[  726.290585][T16480]  ? skb_clone+0x212/0x3a0
[  726.290610][T16480]  skb_clone+0x212/0x3a0
[  726.290633][T16480]  __netlink_deliver_tap+0x404/0x850
[  726.290663][T16480]  ? netlink_deliver_tap+0x2e/0x1b0
[  726.290681][T16480]  netlink_deliver_tap+0x19c/0x1b0
[  726.290695][T16480]  netlink_unicast+0x7fa/0x9e0
[  726.290715][T16480]  ? __pfx_netlink_unicast+0x10/0x10
[  726.290730][T16480]  ? netlink_sendmsg+0x642/0xb30
[  726.290739][T16480]  ? skb_put+0x11b/0x210
[  726.290751][T16480]  netlink_sendmsg+0x805/0xb30
[  726.290766][T16480]  ? __pfx_netlink_sendmsg+0x10/0x10
[  726.290778][T16480]  ? __import_iovec+0x5d4/0x7f0
[  726.290791][T16480]  ? aa_sock_msg_perm+0xf1/0x1d0
[  726.290804][T16480]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  726.290817][T16480]  ? __pfx_netlink_sendmsg+0x10/0x10
[  726.290828][T16480]  __sock_sendmsg+0x21c/0x270
[  726.290844][T16480]  ____sys_sendmsg+0x505/0x830
[  726.290858][T16480]  ? __pfx_____sys_sendmsg+0x10/0x10
[  726.290878][T16480]  ___sys_sendmsg+0x21f/0x2a0
[  726.290890][T16480]  ? __pfx____sys_sendmsg+0x10/0x10
[  726.290920][T16480]  ? __fget_files+0x2a/0x420
[  726.290932][T16480]  ? __fget_files+0x3a0/0x420
[  726.290956][T16480]  __sys_sendmsg+0x164/0x220
[  726.290969][T16480]  ? __pfx___sys_sendmsg+0x10/0x10
[  726.290985][T16480]  ? __pfx_ksys_write+0x10/0x10
[  726.290998][T16480]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  726.291013][T16480]  ? lockdep_hardirqs_on+0x9c/0x150
[  726.291028][T16480]  __do_fast_syscall_32+0xb6/0x2b0
[  726.291042][T16480]  ? lockdep_hardirqs_on+0x9c/0x150
[  726.291057][T16480]  do_fast_syscall_32+0x34/0x80
[  726.291071][T16480]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  726.291083][T16480] RIP: 0023:0xf7fe7539
[  726.291093][T16480] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  726.291102][T16480] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  726.291113][T16480] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  726.291121][T16480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  726.291126][T16480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  726.291132][T16480] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  726.291138][T16480] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  726.291153][T16480]  </TASK>
[  727.669541][    T9] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[  727.855399][ T5895] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  727.885709][    T9] usb 1-1: Using ep0 maxpacket: 8
[  727.897363][    T9] usb 1-1: config index 0 descriptor too short (expected 30, got 18)
[  727.957113][    T9] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  727.995504][ T5895] usb 2-1: device descriptor read/64, error -71
[  728.004055][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  728.034969][    T9] usb 1-1: Product: syz
[  728.059995][    T9] usb 1-1: Manufacturer: syz
[  728.089532][    T9] usb 1-1: SerialNumber: syz
[  728.168692][    T9] usb 1-1: config 0 descriptor??
[  728.184508][    T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  728.204243][    T9] usb 1-1: setting power ON
[  728.218537][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  728.295409][ T5895] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  728.296094][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  728.336109][    T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  728.356709][    T9] usb 1-1: media controller created
[  728.389752][T16503] dvb-usb: bulk message failed: -22 (3/0)
[  728.398047][T16503] cxusb: i2c wr: len=80 is too big!
[  728.398047][T16503] 
[  728.441129][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  728.480071][    T9] usb 1-1: selecting invalid altsetting 6
[  728.491146][    T9] usb 1-1: digital interface selection failed (-22)
[  728.495500][ T5895] usb 2-1: device descriptor read/64, error -71
[  728.514846][    T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  728.525690][   T43] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[  728.542230][    T9] usb 1-1: setting power OFF
[  728.550183][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  728.562919][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  728.573617][    T9] (NULL device *): no alternate interface
[  728.616037][ T5895] usb usb2-port1: attempt power cycle
[  728.636541][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  728.658281][    T9] usb 1-1: USB disconnect, device number 127
[  728.685521][   T43] usb 3-1: Using ep0 maxpacket: 16
[  728.711431][   T43] usb 3-1: config 0 interface 0 has no altsetting 0
[  728.724313][   T43] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  728.733751][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.755944][ T5908] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  728.767263][   T43] usb 3-1: config 0 descriptor??
[  728.915907][ T5908] usb 5-1: Using ep0 maxpacket: 8
[  728.924103][ T5908] usb 5-1: config index 0 descriptor too short (expected 30, got 18)
[  728.935500][ T5908] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  728.947630][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  728.959073][ T5908] usb 5-1: Product: syz
[  728.963353][ T5908] usb 5-1: Manufacturer: syz
[  728.971202][ T5908] usb 5-1: SerialNumber: syz
[  728.976054][ T5895] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  728.991390][ T5908] usb 5-1: config 0 descriptor??
[  729.002306][ T5895] usb 2-1: device descriptor read/8, error -71
[  729.012065][ T5908] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  729.027889][ T5908] usb 5-1: setting power ON
[  729.038077][ T5908] dvb-usb: bulk message failed: -22 (2/0)
[  729.059983][ T5908] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  729.083496][ T5908] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  729.092150][ T5908] usb 5-1: media controller created
[  729.109733][ T5908] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  729.129094][ T5908] usb 5-1: selecting invalid altsetting 6
[  729.136178][ T5908] usb 5-1: digital interface selection failed (-22)
[  729.148818][ T5908] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  729.162696][ T5908] usb 5-1: setting power OFF
[  729.167434][ T5908] dvb-usb: bulk message failed: -22 (2/0)
[  729.173189][ T5908] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  729.185075][ T5908] (NULL device *): no alternate interface
[  729.185512][   T43] usbhid 3-1:0.0: can't add hid device: -71
[  729.225055][T16513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  729.238780][T16513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  729.253177][   T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  729.268796][   T43] usb 3-1: USB disconnect, device number 104
[  729.295719][ T5895] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  729.311682][ T5908] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  729.325727][ T5895] usb 2-1: device descriptor read/8, error -71
[  729.443043][ T5895] usb usb2-port1: unable to enumerate USB device
[  729.791939][ T5908] usb 5-1: USB disconnect, device number 13
[  730.406090][T16536] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2854'.
[  730.574847][T16546] input: syz0 as /devices/virtual/input/input31
[  730.761569][T16551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2856'.
[  730.782990][T16552] pimreg: entered allmulticast mode
[  730.794979][T16555] pimreg: left allmulticast mode
[  730.805562][T16554] netlink: 'syz.3.2861': attribute type 1 has an invalid length.
[  730.868548][ T5908] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  731.028133][ T5908] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  731.039521][ T5908] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  731.103047][ T5908] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  731.126706][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.160616][T16546] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  731.199819][ T5908] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  731.427964][ T5825] usb 5-1: USB disconnect, device number 14
[  731.452684][ T5997] udevd[5997]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  732.475540][ T5908] usb 3-1: new full-speed USB device number 105 using dummy_hcd
[  732.652290][ T5908] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  732.707218][ T5908] usb 3-1: config 0 interface 0 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  732.757522][ T5908] usb 3-1: config 0 interface 0 has no altsetting 0
[  732.764171][ T5908] usb 3-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  733.079093][ T5825] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  733.513265][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.573083][ T5908] usb 3-1: config 0 descriptor??
[  733.655368][ T5825] usb 4-1: device descriptor read/64, error -71
[  733.659475][ T5908] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  733.895724][ T5825] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  734.045405][ T5825] usb 4-1: device descriptor read/64, error -71
[  734.155431][    T9] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  734.163229][ T5825] usb usb4-port1: attempt power cycle
[  734.329549][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  734.341401][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  734.363713][    T9] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  734.380936][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  734.390327][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  734.398479][    T9] usb 5-1: Product: syz
[  734.402782][    T9] usb 5-1: Manufacturer: syz
[  734.407557][    T9] usb 5-1: SerialNumber: syz
[  734.425018][    T9] cdc_ncm 5-1:1.0: NCM or ECM functional descriptors missing
[  734.439478][    T9] cdc_ncm 5-1:1.0: bind() failure
[  734.525393][ T5825] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  734.555977][ T5825] usb 4-1: device descriptor read/8, error -71
[  734.805427][ T5825] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  734.836113][ T5825] usb 4-1: device descriptor read/8, error -71
[  734.910487][T16611] input: syz0 as /devices/virtual/input/input32
[  734.955676][ T5825] usb usb4-port1: unable to enumerate USB device
[  735.022952][T16614] input: syz0 as /devices/virtual/input/input33
[  735.185364][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  735.295567][ T5825] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  735.336594][    T9] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  735.347778][    T9] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  735.357971][    T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  735.367699][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.379701][T16611] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  735.390457][    T9] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  735.447188][ T5825] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  735.458890][ T5825] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  735.469870][ T5825] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  735.479024][ T5825] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.490549][T16614] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  735.502198][ T5825] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  735.598703][ T5908] usb 1-1: USB disconnect, device number 2
[  735.660174][ T5895] usb 3-1: USB disconnect, device number 105
[  735.837598][ T5895] usb 2-1: USB disconnect, device number 13
[  736.218172][ T5825] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  736.388133][ T5825] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  736.400234][ T5825] usb 4-1: config 0 has no interfaces?
[  736.406681][ T5825] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  736.416490][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.433743][ T5825] usb 4-1: config 0 descriptor??
[  736.475410][    T9] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[  736.724147][    T9] usb 3-1: config 4 has 1 interface, different from the descriptor's value: 2
[  736.739213][    T9] usb 3-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  736.762711][    T9] usb 3-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  736.793387][ T5895] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  743.231852][    C1] sched: DL replenish lagged too much
[  748.448553][ T5895] usb 1-1: device descriptor read/all, error -110
[  748.715969][    T9] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  749.814757][   T43] usb 5-1: USB disconnect, device number 15
[  751.875205][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  752.937060][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  753.344704][ T5888] usb 4-1: USB disconnect, device number 33
[  756.384708][    T9] usb 3-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  766.956482][    T9] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  766.980915][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.233169][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  809.253243][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  837.172973][ T5832] Bluetooth: hci5: command 0x0406 tx timeout
[  870.306344][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  870.326123][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  898.985214][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  898.992191][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5838/1:b..l P11965/1:b..l P9511/1:b..l P14293/1:b..l
[  899.004160][    C0] rcu: 	(detected by 0, t=10503 jiffies, g=87789, q=1029489 ncpus=2)
[  899.012240][    C0] task:syz.4.2250      state:R  running task     stack:26856 pid:14293 tgid:14293 ppid:5838   task_flags:0x40044c flags:0x10080002
[  899.026671][    C0] Call Trace:
[  899.029958][    C0]  <TASK>
[  899.032898][    C0]  __schedule+0x1798/0x4cc0
[  899.037433][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  899.042645][    C0]  ? __pfx___schedule+0x10/0x10
[  899.047520][    C0]  ? memcg_rstat_updated+0xee/0x220
[  899.052728][    C0]  ? memcg_rstat_updated+0xfa/0x220
[  899.057938][    C0]  ? __lruvec_stat_mod_folio+0x6f/0x2e0
[  899.063508][    C0]  ? preempt_schedule+0xae/0xc0
[  899.068370][    C0]  preempt_schedule_common+0x83/0xd0
[  899.073665][    C0]  preempt_schedule+0xae/0xc0
[  899.078349][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  899.083735][    C0]  ? __lruvec_stat_mod_folio+0x6f/0x2e0
[  899.089303][    C0]  preempt_schedule_thunk+0x16/0x30
[  899.094524][    C0]  _raw_spin_unlock+0x3f/0x50
[  899.099212][    C0]  unmap_page_range+0x3a7f/0x4370
[  899.104294][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  899.109684][    C0]  ? mas_find+0xb0e/0xd30
[  899.114024][    C0]  ? unmap_vmas+0x144/0x580
[  899.118538][    C0]  unmap_vmas+0x399/0x580
[  899.122886][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  899.127772][    C0]  exit_mmap+0x240/0xb40
[  899.132028][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  899.136810][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  899.142026][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  899.147236][    C0]  ? __khugepaged_exit+0x347/0x470
[  899.152359][    C0]  __mmput+0x118/0x430
[  899.156438][    C0]  exit_mm+0x1da/0x2c0
[  899.160520][    C0]  ? __pfx_exit_mm+0x10/0x10
[  899.165112][    C0]  ? hrtimer_try_to_cancel+0x3d9/0x420
[  899.170590][    C0]  ? rcu_is_watching+0x15/0xb0
[  899.175369][    C0]  do_exit+0x648/0x2300
[  899.179548][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  899.184927][    C0]  ? do_raw_spin_lock+0x121/0x290
[  899.189963][    C0]  ? __pfx_do_exit+0x10/0x10
[  899.194576][    C0]  do_group_exit+0x21c/0x2d0
[  899.199169][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  899.204378][    C0]  get_signal+0x1285/0x1340
[  899.208911][    C0]  arch_do_signal_or_restart+0xa0/0x790
[  899.214463][    C0]  ? __pfx_get_old_timespec32+0x10/0x10
[  899.220021][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  899.226201][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  899.231674][    C0]  exit_to_user_mode_loop+0x72/0x130
[  899.236967][    C0]  __do_fast_syscall_32+0x1f4/0x2b0
[  899.242176][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  899.247395][    C0]  do_fast_syscall_32+0x34/0x80
[  899.252255][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  899.258585][    C0] RIP: 0023:0xf704d539
[  899.262655][    C0] RSP: 002b:00000000f543d460 EFLAGS: 00000206 ORIG_RAX: 000000000000010b
[  899.271076][    C0] RAX: fffffffffffffdfc RBX: 0000000000000000 RCX: 0000000000000000
[  899.279049][    C0] RDX: 00000000f543d494 RSI: 00000000f543d48c RDI: 00000000f543d494
[  899.287020][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  899.294992][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  899.302962][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  899.310950][    C0]  </TASK>
[  899.313970][    C0] task:syz.4.927       state:R  running task     stack:26856 pid:9511  tgid:9511  ppid:5838   task_flags:0x40044c flags:0x10080002
[  899.327464][    C0] Call Trace:
[  899.330743][    C0]  <TASK>
[  899.333685][    C0]  __schedule+0x1798/0x4cc0
[  899.338215][    C0]  ? __page_table_check_zero+0xba/0x530
[  899.343772][    C0]  ? __pfx___schedule+0x10/0x10
[  899.348633][    C0]  ? __page_table_check_zero+0x406/0x530
[  899.354270][    C0]  ? __page_table_check_zero+0xba/0x530
[  899.359833][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  899.365128][    C0]  preempt_schedule_irq+0xb5/0x150
[  899.370254][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  899.376000][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  899.381825][    C0]  irqentry_exit+0x6f/0x90
[  899.386252][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  899.392243][    C0] RIP: 0010:lock_release+0x2b5/0x3e0
[  899.397539][    C0] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 ab fa f3 10 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
[  899.417153][    C0] RSP: 0018:ffffc90003e770d0 EFLAGS: 00000206
[  899.423230][    C0] RAX: 309af8fccdb29100 RBX: 0000000000000206 RCX: 309af8fccdb29100
[  899.431207][    C0] RDX: 0000000000000002 RSI: ffffffff8d9d457d RDI: ffffffff8bc07360
[  899.439183][    C0] RBP: ffff88801c710b80 R08: ffffc90003e77c60 R09: 0000000000000000
[  899.447157][    C0] R10: ffffc90003e77258 R11: fffff520007cee4d R12: 0000000000000002
[  899.455130][    C0] R13: 0000000000000002 R14: ffffffff8e13d2e0 R15: ffff88801c710000
[  899.463127][    C0]  ? unwind_next_frame+0xa5/0x2390
[  899.468260][    C0]  ? unwind_next_frame+0xa5/0x2390
[  899.473420][    C0]  unwind_next_frame+0x19a9/0x2390
[  899.478547][    C0]  ? unwind_next_frame+0xa5/0x2390
[  899.483670][    C0]  ? do_group_exit+0x21c/0x2d0
[  899.488447][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  899.494616][    C0]  arch_stack_walk+0x11c/0x150
[  899.499391][    C0]  ? get_signal+0x1285/0x1340
[  899.504081][    C0]  stack_trace_save+0x9c/0xe0
[  899.508761][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  899.514136][    C0]  ? stack_depot_save_flags+0x40/0x860
[  899.519606][    C0]  ? __lock_acquire+0xab9/0xd20
[  899.524467][    C0]  kasan_save_track+0x3e/0x80
[  899.529150][    C0]  ? kasan_save_track+0x3e/0x80
[  899.534001][    C0]  ? __kasan_save_free_info+0x46/0x50
[  899.539372][    C0]  ? __kasan_slab_free+0x5c/0x80
[  899.544318][    C0]  ? kmem_cache_free+0x19b/0x690
[  899.549260][    C0]  ? unlink_anon_vmas+0x2cc/0x670
[  899.554288][    C0]  ? free_pgtables+0x57a/0x9c0
[  899.559057][    C0]  ? exit_mmap+0x43c/0xb40
[  899.563479][    C0]  ? __mmput+0x118/0x430
[  899.567736][    C0]  ? exit_mm+0x1da/0x2c0
[  899.571983][    C0]  ? do_exit+0x648/0x2300
[  899.576312][    C0]  ? do_group_exit+0x21c/0x2d0
[  899.581123][    C0]  ? unlink_anon_vmas+0x2cc/0x670
[  899.586155][    C0]  __kasan_save_free_info+0x46/0x50
[  899.591354][    C0]  __kasan_slab_free+0x5c/0x80
[  899.596130][    C0]  kmem_cache_free+0x19b/0x690
[  899.600907][    C0]  ? __pfx___anon_vma_interval_tree_augment_rotate+0x10/0x10
[  899.608291][    C0]  unlink_anon_vmas+0x2cc/0x670
[  899.613156][    C0]  free_pgtables+0x57a/0x9c0
[  899.617767][    C0]  ? __pfx_free_pgtables+0x10/0x10
[  899.622895][    C0]  ? __pfx_down_write+0x10/0x10
[  899.627752][    C0]  ? __mas_set_range+0x12f/0x3c0
[  899.632701][    C0]  exit_mmap+0x43c/0xb40
[  899.636956][    C0]  ? uprobe_clear_state+0x20f/0x290
[  899.642167][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  899.646932][    C0]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  899.652589][    C0]  ? __pfx_exit_aio+0x10/0x10
[  899.657288][    C0]  ? uprobe_clear_state+0x27c/0x290
[  899.662501][    C0]  __mmput+0x118/0x430
[  899.666585][    C0]  exit_mm+0x1da/0x2c0
[  899.670663][    C0]  ? __pfx_exit_mm+0x10/0x10
[  899.675256][    C0]  ? hrtimer_try_to_cancel+0x3d9/0x420
[  899.680727][    C0]  ? rcu_is_watching+0x15/0xb0
[  899.685505][    C0]  do_exit+0x648/0x2300
[  899.689673][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  899.695051][    C0]  ? do_raw_spin_lock+0x121/0x290
[  899.700080][    C0]  ? __pfx_do_exit+0x10/0x10
[  899.704689][    C0]  do_group_exit+0x21c/0x2d0
[  899.709288][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  899.714505][    C0]  get_signal+0x1285/0x1340
[  899.719039][    C0]  arch_do_signal_or_restart+0xa0/0x790
[  899.724594][    C0]  ? __pfx_get_old_timespec32+0x10/0x10
[  899.730149][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  899.736330][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  899.741804][    C0]  exit_to_user_mode_loop+0x72/0x130
[  899.747100][    C0]  __do_fast_syscall_32+0x1f4/0x2b0
[  899.752308][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  899.757528][    C0]  do_fast_syscall_32+0x34/0x80
[  899.762390][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  899.768730][    C0] RIP: 0023:0xf704d539
[  899.772801][    C0] RSP: 002b:00000000f543d460 EFLAGS: 00000206 ORIG_RAX: 000000000000010b
[  899.781221][    C0] RAX: fffffffffffffdfc RBX: 0000000000000000 RCX: 0000000000000000
[  899.789193][    C0] RDX: 00000000f543d494 RSI: 00000000f543d48c RDI: 00000000f543d494
[  899.797168][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  899.805144][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  899.813120][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  899.821111][    C0]  </TASK>
[  899.824129][    C0] task:syz.4.1557      state:R  running task     stack:26856 pid:11965 tgid:11965 ppid:5838   task_flags:0x40044c flags:0x10080002
[  899.837626][    C0] Call Trace:
[  899.840905][    C0]  <TASK>
[  899.843841][    C0]  __schedule+0x1798/0x4cc0
[  899.848367][    C0]  ? __pfx_get_page_from_freelist+0x10/0x10
[  899.854284][    C0]  ? __pfx___schedule+0x10/0x10
[  899.859150][    C0]  ? do_raw_spin_lock+0x121/0x290
[  899.864192][    C0]  ? preempt_schedule+0xae/0xc0
[  899.869051][    C0]  preempt_schedule_common+0x83/0xd0
[  899.874346][    C0]  preempt_schedule+0xae/0xc0
[  899.879029][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  899.884416][    C0]  preempt_schedule_thunk+0x16/0x30
[  899.889632][    C0]  _raw_spin_unlock+0x3f/0x50
[  899.894316][    C0]  unmap_page_range+0x3a7f/0x4370
[  899.899393][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  899.904782][    C0]  ? mas_find+0xb0e/0xd30
[  899.909123][    C0]  ? unmap_vmas+0x144/0x580
[  899.913636][    C0]  unmap_vmas+0x399/0x580
[  899.917986][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  899.922870][    C0]  exit_mmap+0x240/0xb40
[  899.927122][    C0]  ? uprobe_clear_state+0x20f/0x290
[  899.932332][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  899.937102][    C0]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  899.942760][    C0]  ? __pfx_exit_aio+0x10/0x10
[  899.947454][    C0]  ? uprobe_clear_state+0x27c/0x290
[  899.952667][    C0]  __mmput+0x118/0x430
[  899.956758][    C0]  exit_mm+0x1da/0x2c0
[  899.960838][    C0]  ? __pfx_exit_mm+0x10/0x10
[  899.965430][    C0]  ? hrtimer_try_to_cancel+0x3d9/0x420
[  899.970903][    C0]  ? rcu_is_watching+0x15/0xb0
[  899.975681][    C0]  do_exit+0x648/0x2300
[  899.979855][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  899.985229][    C0]  ? do_raw_spin_lock+0x121/0x290
[  899.990261][    C0]  ? __pfx_do_exit+0x10/0x10
[  899.994871][    C0]  do_group_exit+0x21c/0x2d0
[  899.999467][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  900.004681][    C0]  get_signal+0x1285/0x1340
[  900.009218][    C0]  arch_do_signal_or_restart+0xa0/0x790
[  900.014773][    C0]  ? __pfx_get_old_timespec32+0x10/0x10
[  900.020325][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  900.026505][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  900.031974][    C0]  exit_to_user_mode_loop+0x72/0x130
[  900.037267][    C0]  __do_fast_syscall_32+0x1f4/0x2b0
[  900.042478][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  900.047692][    C0]  do_fast_syscall_32+0x34/0x80
[  900.052556][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  900.058892][    C0] RIP: 0023:0xf704d539
[  900.062962][    C0] RSP: 002b:00000000f543d460 EFLAGS: 00000206 ORIG_RAX: 000000000000010b
[  900.071379][    C0] RAX: fffffffffffffdfc RBX: 0000000000000000 RCX: 0000000000000000
[  900.079352][    C0] RDX: 00000000f543d494 RSI: 00000000f543d48c RDI: 00000000f543d494
[  900.087324][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  900.095298][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  900.103268][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  900.111270][    C0]  </TASK>
[  900.114294][    C0] task:syz-executor    state:R  running task     stack:20152 pid:5838  tgid:5838  ppid:1      task_flags:0x40054c flags:0x10080003
[  900.127787][    C0] Call Trace:
[  900.131071][    C0]  <TASK>
[  900.134050][    C0]  __schedule+0x1798/0x4cc0
[  900.138574][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  900.143791][    C0]  ? __pfx___schedule+0x10/0x10
[  900.148654][    C0]  ? __lock_acquire+0xab9/0xd20
[  900.153521][    C0]  ? radix_tree_next_chunk+0x990/0xb60
[  900.158989][    C0]  ? preempt_schedule+0xae/0xc0
[  900.163849][    C0]  preempt_schedule_common+0x83/0xd0
[  900.169147][    C0]  preempt_schedule+0xae/0xc0
[  900.173834][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  900.179220][    C0]  preempt_schedule_thunk+0x16/0x30
[  900.184439][    C0]  _raw_read_unlock+0x3f/0x50
[  900.189124][    C0]  zap_pid_ns_processes+0x2c4/0x5f0
[  900.194336][    C0]  ? zap_pid_ns_processes+0x129/0x5f0
[  900.199722][    C0]  ? __pfx_zap_pid_ns_processes+0x10/0x10
[  900.205460][    C0]  ? _raw_write_unlock_irq+0x23/0x50
[  900.210756][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  900.215964][    C0]  do_exit+0x1ee7/0x2300
[  900.220218][    C0]  ? do_raw_spin_lock+0x121/0x290
[  900.225248][    C0]  ? __pfx_do_exit+0x10/0x10
[  900.229863][    C0]  do_group_exit+0x21c/0x2d0
[  900.234456][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  900.239668][    C0]  get_signal+0x1285/0x1340
[  900.244210][    C0]  arch_do_signal_or_restart+0xa0/0x790
[  900.249761][    C0]  ? __pfx_get_old_timespec32+0x10/0x10
[  900.255319][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  900.261511][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  900.266983][    C0]  exit_to_user_mode_loop+0x72/0x130
[  900.272274][    C0]  __do_fast_syscall_32+0x1f4/0x2b0
[  900.277489][    C0]  do_fast_syscall_32+0x34/0x80
[  900.282350][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  900.288687][    C0] RIP: 0023:0xf704d539
[  900.292754][    C0] RSP: 002b:00000000f753fcb0 EFLAGS: 00000206 ORIG_RAX: 000000000000010b
[  900.301170][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  900.309140][    C0] RDX: 00000000f753fce4 RSI: 00000000f753fcdc RDI: 00000000f753fce4
[  900.317110][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  900.325081][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  900.333054][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  900.341049][    C0]  </TASK>