last executing test programs:

15.034298641s ago: executing program 2 (id=2930):
openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40100, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
io_setup(0x8, &(0x7f0000000040)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0xfffffffffffffff8}])
socket$kcm(0x29, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r3, &(0x7f0000000140)=[{&(0x7f0000000000)=""/151, 0x97}], 0x1, 0xd, 0x0)

13.822322189s ago: executing program 2 (id=2935):
fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
r0 = syz_usb_connect$hid(0x3, 0x3f, 0x0, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0xa, &(0x7f0000ffb000/0x3000)=nil)
r4 = syz_open_dev$vim2m(&(0x7f0000000200), 0xb, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, &(0x7f0000000000)={0x1, @sliced={0x5, [0x9, 0x8, 0x9, 0x2, 0x231, 0xec, 0x2, 0x7ff, 0x3, 0x2, 0xaef6, 0x1ff, 0x3ff, 0x1, 0x9, 0x1, 0x4, 0x9, 0x4, 0xfffb, 0x9, 0x4, 0xfbff, 0x0, 0x401, 0x19f, 0x0, 0x8c, 0x8, 0x6, 0x1, 0x2, 0xea, 0x9, 0xe, 0x3, 0xeaf, 0x4, 0x8, 0x7, 0x3, 0x3, 0x5150, 0xad, 0xb, 0x9, 0x8abc, 0x800], 0x6}})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_QBUF(r6, 0xc04c560f, &(0x7f00000003c0)=@fd={0x3bfe, 0x8, 0x4, 0x10, 0x6, {}, {0x3, 0xc, 0x2, 0xc, 0x1, 0x82, "a5acce18"}, 0x0, 0x4, {}, 0x3})
bind$l2tp6(r5, &(0x7f00000024c0)={0xa, 0x7, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x8}, 0x20)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r7, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002680)={&(0x7f0000002640)=ANY=[@ANYBLOB='(\x00\b\x00', @ANYRES16=r8, @ANYBLOB="11032bbd7000fbdbdf25000000001400020077673200"/34], 0x28}, 0x1, 0x0, 0x0, 0x20}, 0x20000880)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge0\x00'})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x14, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0xa6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

12.633647985s ago: executing program 4 (id=2938):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x5c, 0x10, 0x403, 0xffa1, 0x25dfdbfe, {0x0, 0x0, 0x74, r1, 0x800, 0x55007}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x1}, @IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x6}, @IFLA_BR_NF_CALL_IPTABLES={0x5, 0x24, 0x1}]}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

9.739165477s ago: executing program 2 (id=2940):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0xee00, 0xffffffffffffffff}}, './file0\x00'})
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000000c0)={'ipvlan1\x00', 0xb})
sendto$l2tp(r1, &(0x7f00000002c0)="bf7755722d5dcc3f96e505f0ae4d79fc9f2b134dd9223540c74e44aa5378793bcba826325dd9a7b67534bf27c69138014c41e3d6d3fab4bfac35989073877c010510b3686b85d10d4e1c79e79ff9ba9f206ece2deee4e343d0bd269a560de2e4027e3eff9190971b2e9c34309b7a4bbad04a3da830d4aa42af63e72c6a54ad6bc6bb4dd50575c030dd5384f89c34ad9763b7daacf2c79c822e5ddd5b9f8181a234916fe7aa70413c9f483f6a7047bf2750d06ee4f0f087078b7310ace0d441847906567b16", 0xc5, 0x4004804, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r2=>0x0}, 0x0)
vmsplice(r2, &(0x7f0000000ac0)=[{&(0x7f0000000480)="7a44eac1", 0x4}], 0x1, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="210000000300000000000000000000000600fb1074fa000000000000002ff63504f112187dd09a1ff2b6a4861fcd9120ade4bdf48f5d8aef72487c1fca"], 0x21)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {0xffff, 0xffff}, {0xf, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x44000}, 0x9000)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x2c, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x68, @loopback, 0xc2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, 0x0, &(0x7f0000000300))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
close$binfmt(0xffffffffffffffff)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
ioprio_get$pid(0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000003a000701fcfffffffddbdf25027c0000040036800c0001"], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc050)

9.729847572s ago: executing program 4 (id=2941):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x400)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, r3, &(0x7f00000004c0)={[0x0, &(0x7f00000003c0)=')!}\x00']}, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xc)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
socket$inet_udplite(0x2, 0x2, 0x88)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@base={0x5, 0x10001, 0x7fff, 0x202, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001780), 0x8, r5}, 0x38)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYRES32=r6, @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8004)
openat$dir(0xffffff9c, &(0x7f0000000000)='./file1\x00', 0x40080, 0x100)
shutdown(r0, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x583402)
ioctl$EVIOCSABS2F(r7, 0x401845ef, &(0x7f0000000080)={0x0, 0x0, 0x3, 0xf22, 0x0, 0x3800})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}]}, &(0x7f0000000240)=0x10)

8.806028674s ago: executing program 2 (id=2943):
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x0)
r1 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))

8.588729445s ago: executing program 2 (id=2945):
syz_usb_connect(0x5, 0x1b, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x26, 0xdc, 0xc3, 0x20, 0x499, 0x1037, 0xe09f, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0x20, 0x0, 0x40, 0x8}}]}}, 0x0)
r0 = syz_io_uring_complete(0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@delchain={0x24, 0x5f, 0x333, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x5, 0x2}, {0x9, 0xb}}}, 0x24}}, 0x62b420270203c7c8)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001", @ANYRES32=r1], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x409, 0x0, 0x0, {0xa}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x60}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
pipe2(&(0x7f00000000c0), 0x80800)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000005c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021200011800e000100636f6e6e6c696d69740000000c00028008000140fffffff73c0000000c0a01010000000000000000070400000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xe0}}, 0x0)
close(r6)
ioctl$CEC_ADAP_G_CONNECTOR_INFO(r4, 0x8044610a, &(0x7f0000000340)={0x0, @raw})
splice(r4, 0x0, r5, 0x0, 0x12, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x10, 0xffffffff, 0xffff, 0x4, 0x500e, r0, 0xec, '\x00', r3, r4, 0x2, 0x2, 0x1}, 0x50)

7.982710028s ago: executing program 4 (id=2949):
fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
r0 = syz_usb_connect$hid(0x3, 0x3f, 0x0, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0xa, &(0x7f0000ffb000/0x3000)=nil)
r4 = syz_open_dev$vim2m(&(0x7f0000000200), 0xb, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, &(0x7f0000000000)={0x1, @sliced={0x5, [0x9, 0x8, 0x9, 0x2, 0x231, 0xec, 0x2, 0x7ff, 0x3, 0x2, 0xaef6, 0x1ff, 0x3ff, 0x1, 0x9, 0x1, 0x4, 0x9, 0x4, 0xfffb, 0x9, 0x4, 0xfbff, 0x0, 0x401, 0x19f, 0x0, 0x8c, 0x8, 0x6, 0x1, 0x2, 0xea, 0x9, 0xe, 0x3, 0xeaf, 0x4, 0x8, 0x7, 0x3, 0x3, 0x5150, 0xad, 0xb, 0x9, 0x8abc, 0x800], 0x6}})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_QBUF(r6, 0xc04c560f, &(0x7f00000003c0)=@fd={0x3bfe, 0x8, 0x4, 0x10, 0x6, {}, {0x3, 0xc, 0x2, 0xc, 0x1, 0x82, "a5acce18"}, 0x0, 0x4, {}, 0x3})
bind$l2tp6(r5, &(0x7f00000024c0)={0xa, 0x7, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x8}, 0x20)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r7, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002680)={&(0x7f0000002640)=ANY=[@ANYBLOB='(\x00\b\x00', @ANYRES16=r8, @ANYBLOB="11032bbd7000fbdbdf25000000001400020077673200"/34], 0x28}, 0x1, 0x0, 0x0, 0x20}, 0x20000880)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge0\x00'})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x14, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0xa6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

7.248150535s ago: executing program 0 (id=2950):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

6.862580803s ago: executing program 0 (id=2951):
r0 = openat$binderfs_ctrl(0xffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000040))
r1 = openat$dsp1(0xffffff9c, &(0x7f0000000140), 0x10080, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000180))
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000001c0)=0xc1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)={0x14c, r4, 0x0, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xc34b, 0x2a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_IE={0x108, 0x2a, [@supported_rates={0x1, 0x7, [{0x6, 0x1}, {0x1b}, {0xb, 0x1}, {0x36, 0x1}, {0x48}, {0x36, 0x1}, {0x48, 0x1}]}, @prep={0x83, 0x25, {{0x0, 0x1}, 0x9, 0x2, @broadcast, 0x34a26bd7, @value, 0x5, 0x4, @device_a, 0xe}}, @ext_channel_switch={0x3c, 0x4, {0x0, 0x8, 0x5, 0x8}}, @ext_channel_switch={0x3c, 0x4, {0x0, 0x4, 0xc, 0x2}}, @measure_req={0x26, 0xc6, {0xa, 0x40, 0x50, "7bdce63ac0d384af0f79bc4d4c2024d6197130de128fce75a93e60927923de5cc4e08a44f13b4d7ea84c1e911b84dc7fa6fd16171e6cb03f9a7243ff537667757faf49d942715a1f49c76174b5dcf8627e806bb3f4bddc2f78784d0e7d89db4ebc8eb1c4530918c65ab8068aec1dce23fd16989c00bebde6e8b4b735d3cb27d5bb18fe9d3a345cb0c3a40bbea98c453b3409332e452d0717db50162681cf0bf15505b2a3097a0c047b13aa29ceb8df7c64815f88cd0a87d79ecb5df3ee3b6b440a5435"}}]}, @NL80211_ATTR_MAC={0xa}]}, 0x14c}, 0x1, 0x0, 0x0, 0x4000800}, 0x40000)
splice(r2, &(0x7f0000000480)=0x7, r2, &(0x7f00000004c0)=0x81, 0x2, 0x0)
madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x16)
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x20, r4, 0x100, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="93e099cbf128"}]}, 0x20}, 0x1, 0x0, 0x0, 0x4048004}, 0x1)
getsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000600), &(0x7f0000000640)=0xe)
sendmmsg$inet(r3, &(0x7f0000001c80)=[{{&(0x7f0000000680)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000001c00)=[{&(0x7f00000006c0)="3e1cc398bf028bd85d71929a724234fd78e1a8e851846891df9dae362dd174f5c3205bf6791061a3f8fec1d3283ffaf828c2510f43917b9318608d1fba8479aae353c442ae3729e378742563786299bf7dbdbbad7a94b492c6ecbf4a3a1649a2fb5af4510696eb8dc3bc307ffb50bcfa1795cdd4620b9abd9f955f2098edfa75590313852444cb9310a3e9262583eefcc0198fe7feb47cc5b837e5ce", 0x9c}, {&(0x7f0000000780)="fa6183d9d1261d40e9c37e7771bb33486753dbac729c562d611e981799fb64d21439e15f3755499b5388b0bd969ea36bb02e15c67e797171b52a6982df53330cb75090bc055107deaa370dd8e77014b62eb36ba3f7da253577fd64650e0eb2ab4da57389616936d42a913aad90c2d823deb3563b3049fe9dfd1b5dc50802e8c1e44652231a4371ce30f354528b2e8f50f560761519d2a888d9f1067c4aaf77fc89a9ec155b2709eb349aa24cabeedd828f437f5382ff9420dd9aae48f08b4e1eb2bd1bf8ef092b5858", 0xc9}, {&(0x7f0000000880)="4b90754a52d529a022591d713ca3ea3dff8beca5c2adba9f47e16786ad68c96417ff14527bd5e2d11e0dfbe297f103922592698d433108e6652dd0d7616c5fee7714ef8b5e7a743cf8ab29bacf760aca475f490a8c60d7bdda9dc672437a816c5f13f820c38b6d3d2f13c03bd86ca6d1cf8790f71315075bcdd2f5bee91153b3b3786150717f83cf37af5ec0749658652bce2d3024bfd924cc6e75b6d29fc80b2e22f9954c2a493e1057d927dee01e66dbb456b8bda9a47eba21304b3134f3f93499dd5317e0781e7bea74ec8ebcba9f9028eb13dd86c882c5a50b455bc6db36d2311c922a20cf08cc87067b94c6a688a528cf7ac1ab071813858a6d7d4f2c49ba33c04b969366034a7471bc37f54bbbc31d046a0e7331201932bac1693a65bd663f85e4cd84ffcae2d95dfb9f0ef6e81e9c78bf35cf99257f5536df5b0b17670a882b290b01edb660f9e1629e4e2ba9288e5e9187b86ec5428e96b67e8ca78ac5971b4421222dac20e5378411d8daa1054d0d6e79c79ff26174de544b7c56cdf752768cb72ca4ef5a824fbb7720f6221d68425bb1f55855f654f04883f20dca205e179484ff6b4bc0229bd7d46bb7620693f50ecf2d8981935af32daf8e9eb5057e1f06e7d37022f82b93e5759bb6d24c67a694a4a89c7d7082c81e239c95a210a4df19c6482ac05deadb8242bf2bea4485dd69379ea93072025b310dce74364a7d4cae2e18e7376111228888da14354ba3f5a492e9b78046bb42a1af8c48d6ea536df9cb84894af2c1bb94b26fb6af6cdd3c0f8eba995af1ebc59195425ba1d6fc1f0802b5221c24147613790a5307f258a6dee626f9dcbf8b513aff23e4773a9ed9b167b059901f60ffd35a68caa616b23cdef1dbc1758d876ce5edda3df1a01a9f89435c99beff5d5775464e0e7b5f61e0b9bec0120a1c2a5ab127d60e6e370cf4a0d5253150001f0fc0bf8ebd54296a68a3f55bbd46e88794de5156d81775ffb3b9993c6bb9945495cb9a56606d3c9575331bee2f3ef5eeea7cf7c94e694badb718132777d42dce423cb57b02c0703dd503d8a06df62ed2a1ad210bca5a0c3e1b299380ddba874c2a39112b354feaa0360958d297a159925d53bc7cd348cf28f60c840b08326bbaa7d15e6a2bd8ffd5664a8093074eeffe07165a8ea689e1896f66305dc366e1f86759583bca00c9a676e0b409ce36a1af81f362a6530e3bb2a43d724c2944513148892f4bdfa8953e09e72499d172c2d921690dbf2630e69c960a62f0a5a34eea820cf4e3c35b8e19d9d558dd811814363cb2815db519038b8aecbaab777204fd8df8ff538037fc959e7c5944eb74df97d68d4c661883eb45ae89c52208dd2c200ca6b72bf8dd64836d2d80392fcc2d73a8e047f02457c0b3212d5fc0dd89c144a9619dedeb6bd28e09690d6c7d6d291e17c62fc246231f87d2590244ec2e18caa97618d96dd1ee014cea571d0171157b79dac7afe13ace0aa61dddc8f58fccec78d3ee734f20b076bc9ab4218878b533d9cb6ef40c3b7ddeee2d93aa546439ca8149d68678ea0fbef2a705da8e35693d297427cd72147e1654a5f89b412f48c43709ce76dc9eb13057372629cd70ff93d3f7157822c9fb0238d46caee3c4347d6dd4d8c46f930d22ab24c4fc4a978f147c184e4f849958ad21dc8a7bf9a62c8a49b6bdd465a872aa6a7112b48836fe56378d1ce4cbbad5d646052db3d40ad4de6a31f6160d2e3528239f65879896659806f980f41d99f8030cb08a19f72f2a85e9ee2f566c83b9a16de0ee72cafab41bf6d138ac5c2278c72fdf8f3fbd7d8d38ded754ed176f8d882bc7b5bf8bd5b5ada8fbcdf1f0e3d0a1bae526c2d795c5aa461330271d1dcf443dc20c0c06eb7eb7686f9c3ddc9bce688ed0c22cf6b647f8708e4770b47d7952e1c7ce00a08237db78a254a1e185282ae88627e294168293763aa05d1d5db4b520ad778f3c9bc2a518f386a2bfabc7a83cdb422f5c382ba76531624151219e624db86873fdd3c23b94c8637f4e501c7d89db8287622c8ff76dd45319504e40cf8ed6e658b19b55ad7eac5c10e3a05a16e7dcbe3cf8d96746df67d8fb8c60f9debd6b9efe2597e4f64878f11c47f4cbcc3286900b2be680e7a5fadc4350abb2d1d8648d0b320c6567376a4ce46f700f448d278b66e5cff74114f525b8e358b8164389237bb39d1564c62b3d6d7003b53b12f0eabd9db7f5c1536026c5cf54673ecf3b1f568f05096e8b8e04557fded1f1729d83ea96c7302818055d87a9af29d8d29c3d3f9a1fd45fbea0518d94d4054cace40cba2eb94ce151917cc272cf86741440a32953a991fb6d3eea8197eb675bd2fd756d1f09873a780766d5c270218343f1fdcba8126c0472d3256f7dceff8d8fe063bcd8369e43856a4edc695d0f0e248fb511bdcb69b96b95a2c62dce64957487712888f95f8cb74c2339af94d0b14e0d068bacf86c3b3ef5e0fac4886331b32a1982c25a1552cb213d60af551776f1f783dba3bafbfdfff34a60dda958d4ae63e087b25f96af1df53fb18ce11a79b5a0dc149ce3252fcf30daf073b92ffe1c703cf785877c7f95bc424b9ca62cd9db777882540250fcbad455435ec75873ee59551785ba8af25dbae470d838803ed1610f4de44be326fa50b2b9aa217658b762dbfabd2758b336128d68fc215c301461a4978fe367f5dc1e826ca64371415a3b037bbf1954d80f9e66089f6630a51dde0a7c589ec0f0aa1444437191d9b054051df381ef0add92b944daecf621e1545de0043f101117e6d90b2f619187f8944c714a273f5fdff40cf2bf23e2838442ec17aec34b9e777f3eeee3e4763d0c8d903d62c4d79fd26ca037311c63eab1ea1c9e16568496a91a2ea08bb1ccd2a152737fe60733b268d2530c9aaf1e78e7aa94bb9122070d155b7a062251e7f8015673dcd5ed04290597a72c66506c98ec6abb6e628f6a7ec4f886d8893f67725e5f6c83a369d5eaf5f69718a6ef119930d87c658723eb21c25ca99f53e0e87d0e665dc7f41ddc8cf81c1f0995126238b9e1dadd8e98d28b1edf7480fd6cb25d6e21fe1f414f85a5ba5602e352c00d81407c79919280c887e06613f3e5e77057a242a0c9a14489c6d9f6079cedf29a6aab4d9145b712564fc87de446d8aff243cdc561180fbd8cf163a8629b7effe8069c383875c5f4b93bcc1ede8d89ab8a3d5682b75a36b74a85177ee614b15306fa80fe8a5be57431dc12a5920fb4001bf079914ed9764df4c81b13690b09e8c0daf73008853cb170ec1dfe74193a6913b3ed6e1cbd448b8293c5617eb3b5b72199460f5cff88ce5a3f68fb77a2f0eeb39e4b16833d30bca4bc49e535e788df57dd6356e347265e64d2eae941f8f64f48e54794b80317e7ba9a3eb79b5a2b34fb6232ae427164d8420b5b29f60f7c4f416154291ed26316145221da22bf1ca4988b39e6998173449f815f8fac46421918807099d190174d0abae49a4b84cc1e67ae290452eeadec28afc02aa8c0470f69f3210d288c02df6b0a85db0b4c43fa0b22572f69f8a7f22481cd822bce41c2702961d73bb435de49914b6b84e72df0db305b358d34b3d4783a302cc32a85432cb74e861b7eddd57e0e6ecbe96dfcab21fc45d7725218875f0baef51f986c9b6fb86f44a252ad7c1150e02af1333d1ded98f6d985ca808f2af913034f61982cf42e26d64cbec3606e2cac0932a9be54d8658968b49a94b5534dd67885c09854b2f830d7d5c94e5a10cda43ef6dca714c82f90dc504a261ef4cff5b9bdbeab132dfcb8a58a185e680147a303555d60e8e72dcb10988061cd94d84aa7b3acff8316f7eba5693dea482f9578f7a7523653b34959edff59b4026ecc168d399f65b59b761586cb470b897920cbdf333dd3aa4723d5fceab724d56b89eafa5b09b9f5587a44554eab482d97dfd8d0667d8f4f44b0a6da68ce34fd6529f85e5e6acf9e487e73fcfe2e783c9b513037c9b01c1fadd804e0cbd3903424478b5312c21ceeeeefc2a7ef810fa478c3b411909d9755a10bf1a8ba674766b8dd6ebfb87bdfc85a441aae33bb81cb154178fa1701b59f27742cb1323233f43c80d13f18e7a9da4452f6d7412be7887d6e613f838ea8592fa928385c127bbf472ecb18583045bac8b59dad9994d5a8b2ba30746d7375cdac730c15a513e6b9a86a421ba6464c148733444f4dc93c0589debd7f8f3c8b56617a4dceec909b4f1b197ebaef9da27e39fadd11f016416e9cad84b2e765d46017ce2457f82f1f4e95d549c2efaf8c140b9c4df3cf4ece38278c640cb977ad52819160ded7c2f0e7aff76f8417a897a8cfb44a786b7f1b3fb84ac444e32b89374d7182c5eaab1ba0eb5b7bd8f811c08613cfe52d6cceb3fb3fa92397a055bc2811461e2ca0977434264645e0dfd25f077f02e32c5cef4690f80349f3a7e56bbaf8b679a7e2e690fa05456e3b249c44e15676fb482f1007b202ab4cbbac1592cbd78a2a692959b247942c6380d8ef2a18129fedca8b098e8c0f2858bd4c954d3352be8f22771a23ffa2c6bd80d605a06afbd24a59d3687354e5557375c4649a2579109bf9e9e27e90536056423f27903d4f915122973bebac1cbf57749696b26aadcad72d5b1735363e926642709378015dd074ae705798219538d99f204f987342d6ace573311b6310713417b9b9fbc3496c37ca1bc10b1f7c27ef16d64dfc4af228a249d220828a0cced7fee348e024ad62f84e0cf63594c0b73baf16cbbb08a9e9cbd0e591a31e8529a37fa0594b14a2569b6dd7e8c50c14fe17ac5d6f22a4b825dd4cfb91ecacbaf162a75d7684b4396bb278d65a232c4b367d37ec41bcf1ba5b56c61cc0442bfa8efe5e7ec90481ba993119eb39fe2b0a493df41e7045cc240348a732d270476a7ee711382b5da8776d6cc2def9e539411ac0d5818ba4c7de28847d8b075db0d5b7948c5c6d3fdf7870e7dc25d16afcfeb49fd9d1e881c0e777c9ae3513fa32dae8d8afa5dc517a204b7771c231bfe7f06e07d3b6e660257469e519c15710408bd8537fe56c631fa78726faaeb036a541cdf1c35345105c3d963b245ab7102638fbe1deb478cb3545d03a935f138e1e379081bf63b7a9f7f2d1baf17d2b44ca690a7a2a5ea3e0c6a4f6dc9b1fb4c9caaae9365df74dabcca602347230c8cf740483822e54f518f258029e49cc17d0a4f67e3545d2e6add125bc319d24f1fa0e88c70f7548acc7d0c09f88c395cfbc83d51d269eb43af116c7d8c6d1b1606d247250291dc77e78c4cf0830a4977963684ab3728ff7a4e6555ff1154ea96ff3ea7eaf55e572c66dfa3dd971b38d92b9605c217340a1ef391669a2d91036d819ff28623478c9fb019360d54254b8c49f0a5a33a52545f30fa438af6dee8be63161aeaeefddd956505cf7bfc2b98135abf695fe4d17e38092dc2f42800fdc2d408a05971031ebe4825fed8fb9d35f46642de6906f787566e379ff1cfe96aa944acdb19ed2f253dcb806c866802a48154dda0243aa9a7af717229d50db50cc3a17da3cde01ef17f210f539ddcc50343be74c9bf39a597c513f0a1afb4b70694ea1dc73ce7c188eb20b5a341e0a3e945985bbc6c376254103b470b98c706e5438ee41ad799cc6f8004f936c63469eb9766c812389fc878ce92230eaac542b3683261d5aac5bd0057b5820c1116aeba9cc9b3f21fce742262eb7275694a08d74d2beb3ef5a80f10aa671f3b09bbcc54934032348655753e80ec72697a87d7527290b09894244de51a29c8711", 0x1000}, {&(0x7f0000001880)="e8701f727b6f8471697d1e2f857c3c4ec0dee681ad298aa985225f0a4c171ea5e147293f3ea570e1196ca56ad7b73eeee65a783e15bf401554c6e103c4768ec0c7697c3a3bb87289d9b3012c", 0x4c}, {&(0x7f0000001900)="42815856d8b356c28f07dd16bea9c34a8a0103e058a82da15434284e4e8c7401270845621f477dd24ed2488685db558eab84f86dd86df58ee0cf37aafe2cee0f886ad923efc641eed5c821ca596696278f221e03982be3d79313a3cdf596a0d6766689ea7105a5b8517ca5db7b3288f6204206281d9b8ff22eb7b34c7eddf2af", 0x80}, {&(0x7f0000001980)="db2307307130eeedff78c7df57355d305693d115f9352cfbbc38cc766d6e25b758767372821fd160d3962ec74d14ef8a9255bdfbd13b8238f8fb7826f31bbbdc5b9e22d154f637d7785b09f630c9e17a3f42a2216a2c99be39c8ad2628547dfa4651a2731e3adc1b00053f1a0cf7b38565d372bbe48509636a19b2326519a7f8cb2ae92b964bdf2910f9eb336701772d4fecd7006ea60f9ab946002ad327b7418de5f0", 0xa3}, {&(0x7f0000001a40)="38b7873cde4547616e6c7348b0b7f547b5b5c186a2d9eb3840cec51e7740e7e1bc873d7365ac19589eb7b4263270dc68ccdf4368a942e6f3ca3af93f772cd3ee86249906d363f10bb24dd586649fff34a2bcaff6767ef95f6fe4e29cec18a780e1c20d809ce73043e8625fa2e77e55b334a35eb805384dab6e4b72030d6edbf1357b8f289c121427e492397b", 0x8c}, {&(0x7f0000001b00)="0f09f391bd4382f3839815a7ec0218ccd6b7da58ba0de2119ce8571b7c9a09147a25efffceefaa84a49c9f2e2e9d231275d30ab2e96469ec7289811d8fb7fac60648a44197aebc8f3320be8fef15b7993528a5ea7bbe247e4e8ac76b47996d9cffc9fd599675288128e05eaefd1662aaf4c96fa4065e1fcfb46ee081cb8b619a78f9de215ff31d342ebce6ab8807f0cc490d96b886fd309ab3a2bc0901d6e9c9c195beb4ae21e5ee9bb1f48f677df500e445e39eed2cf4cce7f7aa92a16d19810816d473257bd48bf951146d1d0436eed17c28418a4c04297d57dcbd50917af876b78bc1396fac709b1d0c5125e4d5531ed4fffcc54f2dc770", 0xf9}], 0x8, &(0x7f0000001c40)=[@ip_retopts={{0x14, 0x0, 0x7, {[@end, @lsrr={0x83, 0x7, 0x3a, [@multicast1]}]}}}, @ip_ttl={{0x10, 0x0, 0x2, 0x9}}], 0x24}}], 0x1, 0x8030)
ioctl$SNDRV_PCM_IOCTL_LINK(r0, 0x40044160, &(0x7f0000001cc0)=0x7)
r5 = signalfd4(r3, &(0x7f0000001d00)={[0xfffffffa, 0x4]}, 0x8, 0x80000)
ioctl$FBIOBLANK(r5, 0x4611, 0x3)
ioctl$USBDEVFS_ALLOW_SUSPEND(r3, 0x5522)
ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f0000001d40)='geneve1\x00')
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000001d80)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})
ioctl$SG_GET_KEEP_ORPHAN(r5, 0x2288, &(0x7f0000001dc0))
r6 = openat$fb0(0xffffff9c, &(0x7f0000001e00), 0x100, 0x0)
ioctl$FBIOBLANK(r6, 0x4611, 0x1)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000001e40)={<r7=>0x0, 0x6}, &(0x7f0000001e80)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000001ec0)={r7}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_register(r1, &(0x7f0000001f00)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1, 0x3a, 'geneve1\x00', 0x3a, '$}\'[!', 0x3a, './file0', 0x3a, [0x46, 0x4f, 0x4f]}, 0x37)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r5, &(0x7f0000002040)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002000)={&(0x7f0000001f80)={0x60, r4, 0x2, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xa681, 0x67}}}}, [@NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x15}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x6558}]}, 0x60}, 0x1, 0x0, 0x0, 0x41}, 0x4000000)
sendmsg$NL80211_CMD_STOP_AP(r3, &(0x7f0000002140)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000002100)={&(0x7f00000020c0)={0x28, r4, 0x400, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x33}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x400000c}, 0x20000040)
ioctl$F2FS_IOC_RESIZE_FS(r2, 0x4008f510, &(0x7f0000002180)=0x5)

6.611676719s ago: executing program 0 (id=2952):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = syz_mount_image$fuse(&(0x7f0000002340), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000022c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c726f6f746d6f64653d303030303030303030303030303030393030343030303064322c7573a5725f69", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'], 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000002140)={0x50, 0x0, r2, {0x7, 0x27, 0x0, 0x14a4014}}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x4, &(0x7f00000001c0)=[{0x15, 0x0, 0x2}, {0x81, 0xfc, 0x7f}, {0x2}, {0x6}]})
read$FUSE(r0, &(0x7f000000b040)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000005000000fd09000084"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000340), 0x800, r5}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), 0x0, 0x20008, r5}, 0x38)
write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r3}, 0x10)
syz_fuse_handle_req(r0, &(0x7f0000009040)="c9b6cf40d6a9928c6a8c0fdaba1e7bbd4ee597917b02ec4e8ff3bec8d7d8c08f8813039f40175e54e3d66ec19388ed788cf69c0c5b560f0401f1adb4b1f5198fe0bd7627cb9dc384db5b44495ba6094046fb2c8c7d0af7d67dbc3f5ef4aef8ec6bb01c52b6a10d4f9473987d0809b6a84f2ff8aae19a082abcb68b41c291add3ca2204a38c59e28c7c910aaa5a075676e541b6bb91de3854d2f97d3f80dc56c0705e74624a947f2c21ff936c6ba827742a24fd6d9e10b470ceb73a23fc57f5fa27cf073f2d0235e6fa4d1c29f9d0b6509c890ce0e7c3a2a4dd8b6336f02b9d7cc4c8e37f5f5a57f63aeec3228bd15b6d041eab97bccb14ee1ca6fbf7f7ed2e4dd0a32d41cc41c1031424b94621edcea1bddd40f3ad905202dfba3b912efd3468d2ad42b8a01bcb13b288afdc00b7e5857425d7919651160ec15447a26758f20653e69559f0892efc8f0715d8d79f52a44c79aba8ac58dc726ed721eeab3480eaacc2655d4b8831c9aff049c32709ab7adfb24ae767d45468dc0e42bc34b3568ce95e850eaabbf3a1be4d0f9b3e8781a2a9dc06374fe496a755b48abce67fd56de43816d64e883d9db51489ab8a81d1af3a180b6772d2bdac6313d3c183239d4c0bbbe76173f011f144ba71ac8043107f6533b3ef2f44924039b8587485749647315eb7bfe1e412e94f8cdaa937480fdd23769a69e14ea82d741484c99dd1ddd1edfb4faa51431f15531b61e59d68f9d189b27d0bf925970ac66fc35dbe1e430893cc60b28ca6d8e34931bf02154aee6f1fc58d0c0d8e48eaf8079ded67fdd9f19ebfa85d1ab6ec7f54e1963be353b34a6cb7fa35ddb60a9fc6bd1c6f11bf981b5a1bba81513fe447ff7eb2db0d27f1cfd04353e05f37d6c1bd6eb8219ce799338de3518bfec529373e4acfd644212be283856be064bac0f4926c02c0915816615f1f04d1d5136872029afee663f0bf1b6811c594e1465fba59f5727e5a826e3c60576bc2087f21521ffc90dcca39cbec7c0466c8fb7b1bcea7cffb333d2d16daa269d63f4911d10ed24462b37cdceb7c88e819489e1939e5e3cdcc5a858d09803c98d9e5fd617bc92c0880f072c54608f6ea69edba05b4edcd8d3f5e3c926220a191f2aa0d2f0c9158e298bc2e756ee091a0ac48752e4bb56fac67b02eb2c7b3380244ed66648482d8bc2a29bfc26ade0f4a5665282ea408254fd88e2812a184ee9af9c7769fba1ec380043d5cdf6056f89b4d7f12a441c3013b0fe0d8418fc47c13fbf4fc2b4a89496d4ab9d9826d0e586574e8dd15d4eb8b86ed372e37287fc818df5b6993b650fba844d960e3fd62db0bc7b12ab286d6492388a91ae4da6bdece6e101c13100eaba3b9998706fd4defaa3ed2965ce7fe6062b8c58f20c6b44b01121184ee1dda1cb66b3ababecfc0b7a9a12624e0b826c35d0149335149cfb49fbe68d1dbb7eef96d7956dc573d449847ff4bb7ba0ededd00c904130f1252c3dd4bdcdeccf6f8a83e3abfa14d12c753558022efa0704549b0571e31c4bc9f3e485f8d2d88189b4149569ef83e8feb2ad26c263b0f91f8975c86c8fa9c9457da5ef4a8a94844f824873576f722e32b376ba5f3ed0ea9818d86ddc35ba0e7f322594d9a0fea878af5c03d242bc7b0af89091f088245154391e75ab1b6b2730ccd01c28e9ec99428cc22c2d08ae2829537c34ebd1273327d0d18175698f9fe587e968d19f00ff98555fcfe95d00cb3abae32afcd48f3d4cd7c63c45581203a8a3040363d98bf9426493039fce7bb03493ab6e176cb45e2af461e77fc93d1202fe0bc7b77398c52bbc1c1436439f26cb2e17933a0ae309611e46bebd4d84a939d9b040a08cad90c2eda6ddc933edffc8e562aa64658f99a9ec8a47278edb828b5312a95ca34c0af428aac64d3fa1c4045885891fda7666dfb680da4dc2c02becb8303b76987b6d9be01174df88e41a48a42444caeae5e36118564e57209594285bc2915b222f99f016326430c38c9807994cfa1c3c85aa0f6375c716cd7f27be9b2cef6866d07c8ed00bc101a74219182562467ebbd43d2ba78a4b0eae22c67702f318bc55ccd92f5fd11557335f94ff6f38cfe9fbe31d3fac064dcd7d660d02fbeaa26acf8927c1e3bc71d9ed8ef2e93f0a42813526daa1fad36676734103bcc621a114b098295de578bf8d7df9034fb3ba86ea529bf639cde496b5e48145e4a814f894fb3bf3f41b49d0572dad5988348dad7a064b2d76d9092336cb404934790683b2b3576d3b75534df2c36bc78e05ed250b9aaede772a08bf5972444ecf4e447c062d95e556768e264813369465713834f6e239695b6bfca1b6108a09368688e212b7ba556df50c02486bf1b2196da3d4c0553923fe9b1bb4474d0f569bec1f35dce4be0f5e2408efa69aa66dda6bb1ef43295fe005f4a86840bb608796ce14bcc1134013bf741ad1aa70cc6579edbd42478d3054e1f7bdbd5b1131ded725041270e8a46bcc8bbfe89089f87105939deb2a9f10dd60d059679d4514bfbfc94b333c7dde79576426f07f24ab6a57290b0d723bf3bffa2f66fe191d0dee8b292c8c15eb42245b899ddde3c6afbbf0d7c301dd142878dbca579f387931460c8c37e186f60f8d9209dc98f1a27b84ecefd71de077017261ad6cc3072fe57ec589cd9498946fda8a834e3f02e8a91f7ce6e18e76f936f6f39d354b63dccc706e25b1d8b1a4830c46f249b5e5a40042fea920ed57a2415431f83c238113ee7d152c16f0780c502d5c995168e3f91113af11752f10434b8dc5ef0e46a276c683261aa73877ce96ebd0176977e124c5b93bbb02ef97a6f6a13c15c261f23014f4b13c8f18746727206b245bee70d7b94968141f104f0682a3df4242c6a60fa1b70c227306520b1b9fbd6c916b0edf5e2ce5220fc9ef10ab0a10e1bf259e91eb127d5a31b7633f15130fdb44ce2178a20d5dc3f91688090881c061d75b4b59c3b2b7eb7a3dd1564bfa6c883c217cb76c2a7516dec926add0a1886570531c32b6284b1e80fbde88905f67ea5cea41003325327000a7f7249a99986f19f423843e8dc791df8679a2ed2b024d7d8c79112644a4fbd32bef0cd1f9d55025708135ed34cbf52ce3a0af0f8cd985362ef6fceb6c72f241128b16dad7575558badb3847e051f38d7b5ca638a1f454054659d90b2c046e4f9e2ab127f257ccc92f887b3e0c4fb49d159741fc649638180addf3f23e5265015f6dad9b25cb86d8a33b802e55258749ec050d15d0d7d821f9615c7d8c12ce11c63fb1eb118455c4e2167f66e4eaf9dec0dd2f345a7e2bb369a66b0755003a9c89449393f71acd98afdf6347792251d669ff3c64c50d705a67e543cad95655d6a4cce233acdac5ffc96681772be3c04a1b36f5273815af65ef87c7ad0d51462bf337c2389a8eded875f75eeebe5e5efc26933948e623364d0dbad3402f659a93acaaa21bc8f559dca605aa6732d0eced5a21ee8a6403b1f91722fcbada24a3031d6aa221612a36584d5edc6ba0f64096e9b6eae1555a95945b937457c4c74371f474939d3c3f299f691316497951c646f142adbd6ee49182aec388ce2ca560a1f4b7d8a63e5cd25ba91ebc61175a6955895bcddae7bf1cefccac5c93dd669ab65a2f508adbcfd62ec46027efa396b9f69984d6adcb38fdddb616ec38929fedd97677c3d06060309db5a9cb5fc8919f4310f06bb40f1b76bc197798acbf8d3162257071e034174047006796fac6fbc95c28afd881e1197c20fea8b4be5c5de39a292bd1ff3819d4d4f48162ea1a57930d8f324ce54875d3ad09eea95c4c825765842f9bbb1957fa8188578e86081adfc87502e69c8841218b596d71c4ec49afa60408028012d974051559d924f5f8a59ee195fb01994b8710994d8201ae10f6e88e0e418489c47499b7efd2021f56a6c9fba761beaf79acb6087a496afe7524f2260e14a792cf1a1203d4b0cd8a11d2544293b7657fc393014295fa28e409ab8be0a02695223d17d7caf4f44cf5d0f416130067f28f3fc51c88ad7b53e401e658214abcc8f597f22d662144f878573d0370c874287698784b6ba9abf9b22da2eeb0ce8b817f85e429e799a5edd246d72d77228652b80c4949a85cd5131d851d9f9bda9afa0646de5e477e0fa999562cb46758502c7d63dd3e8b6f88c7ea44f41c4212d633f0160e738c6d36128e9e58c154b08460c899a26276dc1257dc5de18495573693674e40faf1dad49db8ac83baecf92f3aa5c23f639cdcf6e6864c14a8d6a3de95906813fd17f83c406ffd1d2d7bc75737b7b00172448b2ff167b9fa43649db32ab4094652cbb2e18c3bdb527f24049878bb44b82135009f9af22d24ffbee4b5289fa61bd0502f019b2f24a08542db818bffb7c1637b4f4cb9043952f88aa69d9431b8df2e3f9ef6e4a5ba58e79acf082bbd871aa0f0feef71ade8f921bb597ea28548f4116a281ab3542b732c4a8e9973409c75a0c6443d83547d0d314cc7bd62128e3b0db9c03c78b9d78ba714627866230414947523a6a239873f932c2b28c09cbdf182e856bf41598998150cbdd6d54f76c227fb1519f5afb0008e31d6a0b87818d0a2ca0dd6e953a5ba1a347dd927acd36f3fa3a68920eb9c36bce6cef857447aa733e4ffb7014e194993eb1399270b64151ddbb15478c2b762a14d1782608fb24199d9d311281c47726f565b3a3b7be584afb03d87cdc5eb8156772694ab422f59cd7b1e359583a7cc0695b9f64e6416c6b52de230afbc160d2e9384501b40645189434d416c0fbb034e9ffc654d0dee7ee7a878f9e559daac7ee5af769aeac7a92e85b1bc7983803d3bb572befe76184a46b76450feccffa753cc6123cba0686440a5ba81236458831031a4ba4c91d7aab3bb2514208a902face1c12b7dfe25318ab5ca2c1ef9769aa06ba0539f6904f95d3c8440617efc7858d3984f566b3390b9b1a0f2ec3c86dd77a0b82958c4b15278ffaf10e47e613545f4cf67ef7e8b31a6bda35022871840ae1536fb65bb11b932936db7a15642359bb6b157893d19e7918b11d3d3072b78c761c1784afa2214c865fc2aed860dcc17b69cfe9189bcd0767a84cb306a59966e5f96514a7d7182e6aa7204bbd1a84092ba645f86b68813debd5a2290acc93388e5eacc17db51d69604733ea9160a0e77ec5317194654313a9a8a0535c0bc49d0837e2821df92e8ee2f154cbea6b87ffc207aab4ea491e8aa75b90f70136d84ea2f5dfd138371dbdf8fe273956cb7411db6df48ebf56105da42b219b9dad387ca7be9ecd90508c62279a53bc9f7e2a845f9da42d8e85d2653854737948ce228b2d76d1b9fe2e0e456fdff24575939b82a3f6e1a4be6ffcf1c493c17dabbfa0859a87d259ae3931fb6da544589b9b6bb7cc93e078813ac94918942bf113aee5742498d86a70fff31d2a69507739317a9aa9e0289f053dad4eec63cd58e833027f0859fb4ab74e8fc742d03b5b6dca1168d3d47fd95b514a567e6518342d52b3c3bb6438b5aeacb95ff9001d2f5480f6a80a0685b5bda2ceba06925ab5ae0986954c3169e92fedaf3f1681247cb114202c0f728296a51396063fc64aad05662bf05a626b90f656b47069ca668bb96208c287e8f793d77d4fb1f1cc14e73406005e11a2c1c46ca7448be534c97738487527d79e284d7a0ae275bd4361ecf4a352e6dc8b8c8c8e132a3edb7d645f4943445f523fb28bbf857218a117f1288afec49f9def9aabc2381b38a315d5c927aeb96fa1ad3eb13b0151dd570f6734f004467171d2cdd609d1d09d115c9b42e1da3472ada98d3e1da90a8f373a98133fa708f5a62c75b5eb1b643c48de72143ffc8761ccffd7f3336b69faa277d364cdf2d4f2bc428bda8b76e4748d5ae02d9850ac6f2ed0ddcb874c25d210163d4da10c0d6cc5218a3558deee5519c94032158bca02fe1c1b8184fdf417e863352b224b7b06267486296ebd4100ad5f1108c78a7056979f5ad6f97794a0460bf371584d9b962034aa7449f4e6b0f925b7a648d4ed7f2442135629b0baee3385882682fde57e5eb9204647a898c566120e4b577ba215ed863f76d5ad9ed19a6b7465952292e7543110eac3dc436a16c85047f3ff10a00c917d5902d296c063c4b173775f2b612e407bce02c8647877abcc07b21b89a60e16ff5c5cdc3708f285d6e411036661e97f628c6c2bef7a6e297f0ea7db2aaceb87d13425e80c28cf095b1dd4e08122e89f58862c6466d79fe7d06e0038a9a1869cba0d1554bffc08b94bf3dc7ec4d108073a4dcb7a6a503b608e777f1ca6b64deec19072052cdab8e7222966170bd35cfa66d3d013c537e723bfa2f634b34edba64ee27ab814bf66c5943e5b7b4d2cbad0550982b2d68ea0633a48f24ef5a59da6e9671717afed4253db66afce693ab08e2b4343d9efd1705802393ba22af5f0e04fc559ddafd78bb1c013b2826cfd77591736cd8a1e079c00f72dc89ee419cf4cc5e867138e35372bb0854df45d2142ce56ea01465d7cf42d3beabbed8602ff568df5d8e53d22bbd897c0aa050165319ba28d6f861a128556e420275562b8a19c0a2112df4490925f52090c6c7ac79b8533936d4020af3ea5d383cc8e4f23cf275194887d42bde7061bc17246a91b735472c4dee6f2d159a4fb2cce10f0727a964658f6d60aa18bd474ce1e88114ce3c2a3acabd74175b82afc6126ed79d8d333ed993e3a0d67afba888c94cb266f906681d9595f2ca21946f32d8f07eb7cfc979cdd56a885e6a5deb1dc54ffbbbac728db4145056cc9b78386f1f17ad16856cc10b04038f0d835a5842584b6a9516a770abd839ade5d379db9889d22d9049dd13010ad612a64128f724f7a643505b8ca50bddc4ec4875beed2f8593b7382645625809bbc3591027d53bde8a16be5bb209cd49e71aaa435c923ef3c4d1aefec7111773b0d58b47efabc7a43b93cb7eab287cefe554a5b59e2a746081d0d875919df356504008374ef184be2f7ef7e644bf5535dedf5b969b30dcedcfbecb83173b0cea015efe45630880c303472daf1dc22b384e65078cb0ae21baa4834fcd4b4f7c995b700117e1448d041a7106277302fabf3a512ad4e802988c43e6cad0b4b74962e195b355b653acfab53d9f38337e46758c0f8c147333d30f8fbb508a889b84d4672e025b0d9adec09fd4e2d62bda0e0c40570d8fcf5487a59380584f7b85a8576985a4423cbdb1503ea4f93d4f3dbb2c384efcac84dd8649e6f09d2ac37e1d8268c3c07db365581c7c3752410909968598b8ea5ea05b68e6013965cc60be6f6b24e493655f5ddd572a84a924803a7df025914f4b57527841928d30c03b09aeee28c8b81860968f53a663f4f56b004e07cc380f5b0b0dad43869faeed5f240ce389a0fb0920073b8d3de611e54d4011f55ba28743a3b51af6293ed1376fcfe3592c877e2d81d14ee882410cf8207476409b5673eb65297155e91cbe089c8c043964063f9b469419bce6e59e0017e0f527d20eab5d9579208df9cc65389ca8fdb3d62618395bb0274b8094799cb4c36632488e79950ac3bd3d982d521614f56df1bd16c1f928481dd4580a796eb7892b3e4a33b748b16f96b1def674c2b70d0315b486a94a979292d635a2ad1fa877927de9355f38a612747fb982bccf12040d9a14a63c34b6f2b3b450a6401d4d0c96a9090ab80d30f7e7af84bade864791455402cbd278427c5a1e84e2e2286c4bf773da614e6705802c130ade8a3a67b309f9db1558372046ec276a34fb50f72c7df40e33f447ab5f0af05eece4e8f654b3c2dad6ea76ef6b694699f4ad8c6fdcbfd8bdc23d0c580631d0c95ac6ae9613dad680939db2ecf9e7a0d4d0f2f2b7f1c1d308cfaccacc2381e97bb278a53b14daf686c0541e56264c33d5176b830ac7d13c28edb2d8e77d7acbced061c4ec315cb1a259966ad997c7c7beae44d4d1b6955842d7fbba0bb0c461bb22db3e15f0fc1cd3fd997dac5e6a4bff6e2eb8310d828f15309b2c8feaa21281963d35ab2d5c099beb806cd384d304449c58d89910105df11225fb893e984734a8e5cba2e553f03ebd5ce4cae24826547df81db3f2bd7d930f785755c8b6311f221da59679ce50479adef1cc5dac984a5d2f9343fe4892b2b5640892892cfd50d0015c1f568792d8919943a578b62585081175237444d9542a2241c967bcfbc3dab4e8961ecad89165eaada2d759e844be5021aed42b971e9ffea8c08a3d6e4073ce4226b4e54b83f3d8ccd207a0cfcf9da7b5e55d1a26a90e03f7c3611c6562b65edb42fe110dc3970b44aa36660d1cdbc882495271f80816350b945aedb0d46ca6d160d5f0096e8263325e257dbb574932e32f1b28ce2b7f5b3ee6ccec64085496bb513ec168b53d79e6ecb72622a70b22e1f9116fa48815709b2080b27b31a6b26dde0701cd74c31b4e33a702f051ae07ad54ce23ae33e6060e5451a4171cc930af2ab70862044c5a0ff9e8aeebd3cc41c62d38e7b79596d3851430dd661b071c319751985d48eeea2afb463d7d9390ed4e68a60f90ad80aeca4b8d283ae0538e590668c857a526a264be238641eeb5f321248d829539efccf03dcefa54c6def8b7d4a8cdf6bc76d71eefaca1a7a33bd4b56e94b8e38f784b742bdd080faca4769e1aa91ff50d9374f3632cb7b66a0042beb802c6cedff0a3634aec072f57d38a6ea61439029ba5d921f57bfbc281d75f5ec322b8f8c90b4d3f65d00ef97dcffe7e07fa01af8e7f8da15532f0c18b73d7a183327aea46680651645782f4f318c00f2355c301fe2e805a22f8586119768b8424735f5495607d170f0818be232cec1d9e40daf79bcd63a26cbead93753b7171bcad462da2af68e9ea9c0b207200f1fcf3793283931603a719e745120273efb541a7af896f6eea7359939d7226896c8023cc963e4e0a7579bc83a37cb8d871324bb3e66b671d8df83d645495740c5b99aaf2edda3018e1895dda6744b1e6623cb62d4b80ac208f69a81caa0277a497e41bf637817518cbe0fcd2028d07be199a126f82641f2fd54e6b20287b912ee8d8dd72db5824ca9e464a94d45beda7f52932d1bb57a28a4e99ac32ea4c3650197613a87e4cec91d82f37069fde871575d3cb2220aaad9277511271a86377da5f2a9f94303e7151acb087ca549fd0cb9b1961954ddb28333a24b510b92cddc057ec5a147ccdd708a2db3c8cb3600756100b38b71f0676f6fc5a7f5912b5e81bf6d2b07e15fb5b1c96459110ceb22ba4f2fb0e531dcaa913a13437cc6276c8b4e1bdbc5365144c7abd2e2a6c93ef102e26b14e576ada244408d9db50aab045f9879bf95425eaa7b11d77e0dc503851c5c278c282aa736103adf5ca2b30724bde27f98e4e7a947f964b7abfe58a3da354e3008a2b86d50223d3077e151ce2e086172002eab7279ac1948361e172073184401d5650181547f1bacc1534f9ab2ad66fd9d200d867de79a92e465dda8d781b15881acc9bfdc53815f3fc3f064c830db3908cdb173e3e1295ea7dca280273ca99073d5663003f14c4f7ac9ef9bc735b2a413daaa7d97101553f90a0d33b043d1f2b0f131d35c9244808bb4b76213ff5c418053a569d760498518d701aae39cfbd7a052b586c53617dfaad1415c1cafbb41640d1650be9297dd42c803d8bfd443916310bb80a74c991cc26331ab70c0c4bc4f2295f069787f6759878e42ffbc76b34493f71d88a109b0813ebfcd24953b2b5f1f5164d9974bab7ed1f4d42f62b8379912dd7e9f35a19951e4d57b0c70fe516cd2059c4ef879d9f9b1191d5bb51b852d3e9462e4528b9c1f7c676e6039d1deb00442a482e297b08a67c79bb818d0316072d8174885de3413ae0505232100f217e424e0106811902d60ecc0e0aaca7c5f00f4f365e1360f10aa645b9215c93668a08be97cacd6b0f9c80ead76478846d12e8f24a53bfab01628afd199b2db332d38d5009d7a1437f0f5b2a0d36b5c98f3a35e5043ffd55bac325d3927888fa5d0e3569d9be002205b501b3e68d661515bb9eac9d4f234e22e4e5bd0b4c4530933aadd99f132794ce48e9a3220d2c17748c012fc5fd93d265cebb3edc3be29a1ba26f2adcf510663c28d29e28774c4ec1190fbfbf614aa8e2745f8605f7d7e94fdd06322454a08833f1a22c77deedb1337e380a8e18f85168e045d1e7cf32fda1a709d3eddf62909a9e580ed8abd605e07dbab79b5bcc2f4533e6fec589b976816471b1f11ac3c89336c52e03b72520995d05275024e9988727f2e1ac9421ccaaa0b736e9f7f296c2d27cbd774d7179f9c6921df68985998034862c15adc452666deb40c0c40cedf16f4d187524a0a5cdff6f7b2531eda54fbe15a7ad1aea46466a51642326c5d7d374fb38475d119027a3714598fe7307de94bece2741b7a742b053682dae9452eed3b820b1386b604fa647e392b35b205019cf1ad317d1441cbee2aea5ca95e56fd5e959689bf96c9f470acb8e4e630b13403e9459242b629fa28e1ba8eacf1ed572b1db735a20ee1a5b8500b6edf66cbe671c5938741ab2b36ccd4e92160f6df9e1d465cdaf3a7746e128e26e0e7a7aa4869b2a482c6e9bf7e58408411016740c547129e4f11d2317af3c5bb55b2468e6d08e75e5039c3bfdc9b6da06e7c27933a8c9d8ad0e4c74a093e6d57c02b1b49e995962c1046b5c8a3df0ea4c20049e300cbe41bd92a0ea5993ef6fd92ea74e28e1cfaf4a8533c224104d6081b64ae08b4e7a23a259b2b03655b987c23687c6e279bab469a3e0881a30620910566982945f8f86229fd614ca2bb2adcbdd49a5c579c0d1bbdefb9e33cd0641bb43f6ca3fab33dc4188e1508e4293e6de932040b895a97bc1f196467ad4a0d4899e6078c014f42521cf39411e2e4f1b5adc26f1f3bb2fcd27b89ac418c8251423de82c4b5980a4e66649b9f3ec48c833c35f8653ca510a0a1b0495619a60bf5d77e64a6938714c3a1946b3fa5079533698bb8f8f85bea8711ccda5cf01de150b055d3586a890d0654d2b4cfba25c434e2ff492b69798aa197dffbfe2bba77d4b4eea35c42e698221e971a4bca34e59c46084f48f2170b83db6719324ecb55e07a9cf74a84ee0fc3567fa5cd2f3937ad956b4ed2187e2026b7d4166d50fd9c937fb4dd5aa96f2731f1db1dda4eac4e589295ffe9b72a7b9533f6e23c82b57c8361c8cb3b15128235f65c84b99d93383b7398e936884542d0e73bdf37cadfb6c70da47af3c5a3cde0d8e381cdf9ec1a39d2fc963f0d8ee31b76d9668c0171967cb9ef2f15d5bbdbd1058328da7a60bbc7d77efed2de74a2ed5637a8a84e1163325dd22b584b15fe894c9b1ce89d24619a344a8987f6d21b7de7ccf6fad223134e1c389a8e6baa375dd142baf4a8852e984eb6c281cf86e2457a7f85782c7764564af26d331d3ddf4850d24742ef449cd5e32f5957d2ee10e05e7d3312215e4d36ac5c8c4bae3340f074f88a20e18b270b3baf05de1b0363f4c6f2ab9386d6034e8567e4828ad256cd250448c70147c318a621697be402c1e8365d2798084f968a8897242ff6756c2937e4d13", 0x2000, &(0x7f0000006b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002700)={0x90, 0x0, 0x0, {0x6, 0x0, 0x1, 0x8, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x4, r4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
fchmodat(r1, &(0x7f0000002440)='./file0\x00', 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'gretap0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20400}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x4c}}, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000040)='nv', 0x2)
connect$inet(r9, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)

6.553426733s ago: executing program 2 (id=2953):
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000002c0), 0x0, 0x0, 0x1)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x35, 0x0, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140000000075c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xec}}, 0x0)
madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r2, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r2, &(0x7f0000004940)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0xfff2, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0xc8, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0xffe0, 0x3}, {}, {0x3, 0xc}}, [@filter_kind_options=@f_matchall={{0xd}, {0x94, 0x2, [@TCA_MATCHALL_ACT={0x90, 0x2, [@m_ife={0x8c, 0x1, 0x0, 0x0, {{0x8}, {0x64, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x2, 0x800, 0x861168966fa2e5c1, 0xc, 0x2}, 0x1}}, @TCA_IFE_TYPE={0x6, 0x5, 0x401}, @TCA_IFE_METALST={0x4}, @TCA_IFE_DMAC={0xa, 0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0x4, 0x4, 0xb, 0x6e}, 0x1}}, @TCA_IFE_METALST={0x10, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4040011}, 0x0)

5.519126936s ago: executing program 0 (id=2954):
r0 = syz_usb_connect(0x4, 0x1cb, &(0x7f0000000000)=ANY=[@ANYRESOCT], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendto$packet(r4, &(0x7f00000002c0)="48357e0287af48ffa745b497a54e0eec1bf2c69011f35b48339d15afaef1bd7efe075ff441b16e244b8b05fe09e29583ad142567826dfa5cbc6f979b050015bde8c4441cd0fa6be03213181bfe84743015ec12ced8b1aa8f44e5c30afac6f9fd2ab1303be0d1b2c02533bcc97cce7da9b507b053b11821323590d379e9e350a3291fbedb6382de878b7a56e4e38c7f746d0424029f5d49b04697a4", 0xfffffffffffffcf6, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x34, r2, 0x1, 0x70bd2e, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8, 0xf, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x104}, 0x20000050)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x800)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r5=>0x0})
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, '\x00', r5, r6, 0x4, 0x5, 0x1}, 0x50)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x0, 0x0, 0x1000)
r7 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io(r7, &(0x7f00000003c0)={0x2c, &(0x7f0000001300)=ANY=[@ANYBLOB="000457"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_control_io(r7, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="5400000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)

4.985797929s ago: executing program 3 (id=2958):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f00000000c0)={0xdf, 0x0, 0x1000})
r2 = socket(0x80000000000000a, 0x2, 0x0)
socket(0x2a, 0x1, 0x1)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_LINK(r3, 0x40044160, &(0x7f0000000040)=0x4)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x4}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2f, &(0x7f0000000200)={0x1, {{0xa, 0x4e23, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0xa4fffffc, @rand_addr=' \x01\x00'}}}, 0x108)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
pwritev(r4, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x0, 0x0)
preadv2(r4, &(0x7f0000000600)=[{&(0x7f0000000340)=""/148, 0x94}], 0x1, 0x5, 0x5, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000140)={0x0, 0x0, &(0x7f000000b000/0xa000)=nil})
r5 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004"], 0x50)
sendmsg$key(r5, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100030a0000000600000000000000030006000000000002000000ffffffff0000000000000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x40094)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x20000)
ioctl$SG_GET_SG_TABLESIZE(r6, 0x227f, &(0x7f0000000180))
pipe(&(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
vmsplice(r8, &(0x7f0000000140)=[{&(0x7f0000013580)='\r', 0x1}], 0x1, 0x1)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@cgroup=r7, 0x15, 0x0, 0x532, &(0x7f0000000080)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x10001, 0x0, 0x6, 0x297e27, 0x14567})

4.81568525s ago: executing program 4 (id=2959):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = open(0x0, 0x80ff, 0x88)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000000000)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$char_usb(r1, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9)
socket$kcm(0x2, 0x200000000000001, 0x106)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0185647, &(0x7f00000001c0)={0x990000, 0x4, 0x400, r2, 0x0, &(0x7f0000000180)={0x990966, 0x800, '\x00', @value64=0x5}})
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000509dc0bbb4c85127d7a30100"/36], 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffe}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x9}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x2}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x80015}, 0x4000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r10, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)

4.581055691s ago: executing program 3 (id=2960):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

4.56056402s ago: executing program 1 (id=2961):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x193a, 0x4)
recvmmsg(r0, &(0x7f0000001f00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=""/23, 0x17, 0x1000000}, 0x800}], 0x1, 0x40000002, 0x0)

4.350766529s ago: executing program 1 (id=2962):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2400, 0x0)
lseek(r0, 0xfffffffffffffff9, 0x2)
read(r0, &(0x7f00000002c0)=""/22, 0x16) (fail_nth: 3)

4.318918295s ago: executing program 3 (id=2963):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x20902, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = getpid()
syz_pidfd_open(r4, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r6, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x3ff, 0x2, 0x5}, 0x1c)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00', <r8=>0x0})
r9 = getpid()
r10 = syz_pidfd_open(r9, 0x0)
setns(r10, 0x24020000)
syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
setpriority(0x1, r9, 0xb842)
sendto$packet(r7, &(0x7f0000000000)="ff", 0x1, 0x4008054, &(0x7f0000000380)={0x11, 0x8100, r8, 0x1, 0xe0, 0x6, @remote}, 0x14)
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20440080}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)=@bridge_getlink={0xc4, 0x12, 0x200, 0x70bd2a, 0x25dfdbfc, {0x7, 0x0, 0x0, 0x0, 0xa410, 0x2c703}, [@IFLA_CARRIER_CHANGES={0x8, 0x23, 0x1}, @IFLA_NET_NS_PID={0x8, 0x13, r4}, @IFLA_IFALIASn={0x4}, @IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0xd}]}]}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x2}, @IFLA_LINKINFO={0x54, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x44, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r5}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0xffff}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x8}, @IFLA_GRE_REMOTE={0x8, 0x7, @multicast2}, @IFLA_GRE_LINK={0x8, 0x1, r8}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e23}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x80000000}, @IFLA_EXT_MASK={0x8, 0x1d, 0x2c35}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4000}, 0x4000811)
write$sequencer(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="810100000000000081", @ANYRES8=r1], 0x10)

4.196181735s ago: executing program 1 (id=2964):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x12, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x50}}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xd, 0x400009, 0x8, 0xa}, 0x0)
syz_open_dev$media(0x0, 0x0, 0x101d01)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$setlease(r4, 0x400, 0x1)
fcntl$setlease(r4, 0x400, 0x1)
sendmsg$nl_netfilter(r3, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000040)=0x10000)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x25dfdbfe, {0x7a, 0x0, 0x0, 0x0, 0x40000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_TOS={0x5, 0x9, 0x40}, @IFLA_GRE_PMTUDISC={0x5}]}}}]}, 0x44}}, 0x0)
semget$private(0x0, 0x1, 0x5db)
listen(0xffffffffffffffff, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
ptrace(0x10, 0x1)

4.11030866s ago: executing program 3 (id=2965):
r0 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0x1, 0x3, 0x6, {0x8001, 0x80000001, 0x4, 0x4}}) (fail_nth: 4)

3.239240402s ago: executing program 3 (id=2966):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_128={{0xd733043595a52279}, "a8e0930a1a884884", "74743275e5fc20c3ab14916504a8ca92", '\x00', "3e6a808941a488cc"}, 0x28) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000002c0)={0x28, 0x2d, 0xe01, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0xc, 0x0, 0x0, @fd=r2}, @nested={0xa, 0x16, 0x0, 0x1, [@generic="c9eea79392c4"]}]}, 0x28}, 0x1, 0x0, 0x0, 0x2004801d}, 0x20000000) (async, rerun: 64)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}) (rerun: 64)
connect$unix(r3, &(0x7f0000000000)=@abs, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
unshare(0x22020400) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x10, 0x0, 0x0) (async, rerun: 32)
openat$kvm(0xffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async)
r5 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0xfcbb, 0x0, 0x3}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async, rerun: 64)
syz_io_uring_submit(r6, r7, &(0x7f0000000380)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x81, 0x23456}) (async, rerun: 64)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1b, &(0x7f0000000040)=0x10001, 0x4) (async)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4, 0x0, @loopback, 0x5}, 0x1c)

3.025812964s ago: executing program 1 (id=2967):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
sched_setattr(0x0, 0x0, 0x0)
socket(0x15, 0x5, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, 0x0, 0xfd9f4b76e9f284ce)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x25)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x203)
ioctl$KVM_GET_NESTED_STATE(r5, 0xc080aebe, &(0x7f000000a100)={{0x0, 0x0, 0xfffffffffffffcfd}})
setsockopt$inet_int(r3, 0x0, 0x6, 0x0, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e10ab135415bbbc6200"/26], 0x0)
setsockopt$inet_int(r3, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x89, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffffffff0180c20000030004aa013ea44e5b84b8042c11b300c8140c10aec0e9e1613f1f7f7c57881b451c4a5b8f55a98c7331af3ef9ad70f5a72351947cdd1bb4747985cb7a3db40bcf3f7448e704f4effb79c307c4aac18c0f3230c69c41c644bb6d1e8212beef801f41a28c712c23a3f500d6628d73613dcb238187cc4bb64b4b1414d4c90f"], 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r6 = socket$alg(0x26, 0x5, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r7, r7, 0x0)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = fanotify_init(0x200, 0x0)
fanotify_mark(r9, 0x51, 0x4800003e, r8, 0x0)
bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)

2.888288046s ago: executing program 3 (id=2968):
fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
r0 = syz_usb_connect$hid(0x3, 0x3f, 0x0, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0xa, &(0x7f0000ffb000/0x3000)=nil)
r4 = syz_open_dev$vim2m(&(0x7f0000000200), 0xb, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, &(0x7f0000000000)={0x1, @sliced={0x5, [0x9, 0x8, 0x9, 0x2, 0x231, 0xec, 0x2, 0x7ff, 0x3, 0x2, 0xaef6, 0x1ff, 0x3ff, 0x1, 0x9, 0x1, 0x4, 0x9, 0x4, 0xfffb, 0x9, 0x4, 0xfbff, 0x0, 0x401, 0x19f, 0x0, 0x8c, 0x8, 0x6, 0x1, 0x2, 0xea, 0x9, 0xe, 0x3, 0xeaf, 0x4, 0x8, 0x7, 0x3, 0x3, 0x5150, 0xad, 0xb, 0x9, 0x8abc, 0x800], 0x6}})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_QBUF(r6, 0xc04c560f, &(0x7f00000003c0)=@fd={0x3bfe, 0x8, 0x4, 0x10, 0x6, {}, {0x3, 0xc, 0x2, 0xc, 0x1, 0x82, "a5acce18"}, 0x0, 0x4, {}, 0x3})
bind$l2tp6(r5, &(0x7f00000024c0)={0xa, 0x7, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x8}, 0x20)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r7, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002680)={&(0x7f0000002640)=ANY=[@ANYBLOB='(\x00\b\x00', @ANYRES16=r8, @ANYBLOB="11032bbd7000fbdbdf25000000001400020077673200"/34], 0x28}, 0x1, 0x0, 0x0, 0x20}, 0x20000880)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge0\x00'})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x14, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0xa6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

2.37228782s ago: executing program 0 (id=2969):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x54, 0x0, 0x1, 0x401, 0x88, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}]}]}, 0x54}}, 0x0)

2.316694841s ago: executing program 0 (id=2970):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x1)
sendmsg$netlink(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)={0x18, 0x76, 0x31f, 0x0, 0x0, "", [@typed={0x8, 0x5, 0x0, 0x0, @pid}]}, 0x18}], 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
ioctl$TUNGETFILTER(r0, 0x800854db, &(0x7f0000001300)=""/4096)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_disconnect(r4)
r5 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r6, 0x541b, 0x0)
syz_usb_ep_write(r4, 0x81, 0x1, &(0x7f0000000040)='P')
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x20000804)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3, 0xf}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xffe0, 0xd}}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40480c4}, 0x20004804)

1.809040282s ago: executing program 1 (id=2971):
syz_open_procfs(0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mincore(&(0x7f00001b4000/0x4000)=nil, 0x4000, &(0x7f0000000140)=""/139)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x0, 0x80, 0x0, 0x4000}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x300)
io_uring_enter(r0, 0x3511, 0x42a2, 0x0, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1c)

1.644363787s ago: executing program 4 (id=2972):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

1.278690296s ago: executing program 1 (id=2973):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket(0x15, 0x6, 0x2)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303016303030302c757365725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r2, &(0x7f00000077c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0xffffffffffffffda, r3, {0x7, 0x1f, 0x0, 0x14000020}}, 0x50)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000100), 0x4000, 0xb27a98ee859c73e0)
ioctl$SNDRV_PCM_IOCTL_START(r4, 0x4142, 0x0)
syz_fuse_handle_req(r2, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r2, &(0x7f0000009800)="c119ed7667ec1da6ce5ad10520d9f0d916f246337b0557963a20976c5c2e3b9c50442c3aa3ad8af4490e25e8a248ad6569c868927ce88fde8f6dd47700c012579d8f5517c15a8692ebbfe31637d24da9b182159a75eb201be82b5b3482e6f7d3344eb462be4e452a789b9246974e521beb91400d62ba27d79dc7e4a2511c941b7658a426f1b03867abe8958cf54e277c8c7eba60d65881156958563b415fdfb45237d979dfffc5a2399d245c064928d88f8f2ad57fc65556fc4404b0deb7fe8b794c8f853fc356646a4bd5a3bde17b164539cde75bfbcb82189d10658affc840871f99d48a657c0a490f44959ec808a7de09590156b5f4dbe9689884f22c3388c3d735ab0a38bfa911e234a40a7700258e36df5be8b1e6e8d229a9ad553628c9e2d099d87e54328d8e75a59b5add9aa55447c933e752fc3bd90aa92645449401e7a715f3b4bcc17c799eed78a917850f05886472640ec78ba017ae6e83683db81d999696d3ad34143e5d6be46724f4086dd8480e85b070e2980ee952ef91f8467bf542428b1958ead9f7a09641d0c33c1566e77a3c923d94bee7dc9046e8b6803dc5c5a6e34ba951d2a0fe9d6d03a57391560e2328e8c581474e38e40055b45f7467b4dba95d64dac57b6fc0dc8a40f054aa801a3c022dcfadc793ecfb9968d3121157b0a8b25b99b09038c58570205b4166f3bd749d7a0f8bf89033e11c0a456bb72788cf7ccfeb980ce085711f8ea531fcc57206d8e0e0aea1f3220066c7769d71026259468604a5cc7331cc971a4cd78d8552e0e0d9955deb21282a27f0a5f8364d0f9fe91016f086c10a3662a154316891ae4fb8cc3481b2253bbd09c64629f3ffcb5e82b495e6721dce47734254ab64cc119c2a446f34d6cac813a3c0444d9a13ebbc0fa4baf1bdf78b9a9cf6620fe488bf2a1bf7e857ad6ea157542761cc6a7da8d4c2242853a1fd14629491680253603b910466927c2dd4818464d7d9c246b9cd726d123d1dda95d0325370a0f1b5751796d13501a2aa1ec0dc70a5b749f8d171cb7569d9b74354883a2216f452cc712d0829c8c5f206cc7924652473931adfd2bd3940b3adaf54967c0af599d4968da74f25d2cc309dbdbe3d6faa08f2c08205365d3c4a2c8344b1047c7d0caf6b595e5d24c89ea1b532fe3094d7a16c716110b75deb22a5a281c0f133cfcfaf5238a3c493c4f97f890bb33769ea652c67149be70e62de16b65730b3bd2f547c084ee77d456a86bf8f1f7304703d2524443c4b66ceb7d2e5d97124a6ae48158c16cefa3eb94a7ec49ae43dd02f9edd0924d73c7cec977186442518b8dc642dea31dce2b79b4ec5400210817da04caf0198e933e8c618a5f0e7123ca5786c45b10a543e7de350aa4c072c85612a99ec9534f70130eebc0ef842416091a0adba1d30730d04080928c094d49a70f0a354b918725578b27a9b65f1a43a7dc9d8b6c9a23e08ba83bb8802e69454eb316a6a0188713704b30098479f5d99497e60ffb372dbbe07642dea12bf6f3f4b6c508f1e061b0211b9be792fda7bb86f51f018085f2fd5ae316c761b35d562dcfb783b87d6da0820947f5d055f0f7cd3c50f1c61f1da1a73c7ef107f0ad957977a33cdc67f6aa82e03490f5333c1ec0a1fbd14b2aa961d2b3f6315bd06029c4c9654414bd9256de44ecf3b0485a41a9f7183d0469bd327f549201924ab80e3227f228e20e9fd3b646b3134385ed058f4bff4f714cdaa855e2c364d7bbaaf26df65bdb9dfc4f6104d219e41684493c621588ca8d01ef3211c28d613bc67e498b4b80279249bd947d029315dcabea9362e0258a5a819530459df44f7c83972299e54a29afd836fb176cdc1d86398b6c7a75cd15b1f76a0070839b5a24366603a0aee35a9f784e4a633703de42e6648a9626160a25c9033242cd97eb07ffc54a01d94c48333e832ec0eefe51a266fcb526dd2954cd1147d2a2df260affac31e4cec7ece02dce3f61078b0111b94c3bbddd41487e33820ddc8cdf7a1ebc58531f280e2c12a8514bb4e7a176208b73ec6f4cf1b660393837dea00a8474fc41039db848ad6b0375a36ba35582736cf7bdb33a051d49f966fd17a80cef2f0c458d1d5c932e4193c5018105416ff1b27eddf56d4277a49d0adbf34c998a062db4c8263f5c03696cda85a6f0db49a5c58e2809d7519e6ecaa017d90e31eef725fdb3f26d77bb15a3d924d3ccb728535dfdb7517a10b9a54a551c1ec95c6770ee0901d18f24149678f1677d1f5c447aee584c6f1dbb7a952da6b91e8af3d98fe790201b89a05b61abacfe6acd7a774e3a12436d169f54b8e2572f0ed70ca78e801bbc3b783d73c96d5424b82de2d8ba84f585c67cb4c7d8175b8a2fd75a59b24db0403064924a4a6ea5423ee818b70d1c5403da14370fbc98ab4ea6a7fe78e7d3e8da1a3f04856edd96e8b9d7e80064daed38d0ca194a638a11175a9812569a640a8d36afd90f19a1e0118ff7ecade45238544dcf5864697c4d36e444fb82bbc222a8a2bec2869c623f61aa38299d3a4e8806721d579907c31a0cf50b82dcebe08d8c5a21d97a707d5a83de1fb145227d0303334e5cc73c628e818ab6901c001ef8f02557d5ec579189b620f0e3307df5273573f707ee91985823894f9ccd80415c91d7baadd31ceedb3b26212e09a62bc22392fbbf3aa5e340dd3408c1c9e3d1d144dd5260c904812952466ba31a2dc80b8826b1354335b0d754954bc93cfce0eaf93665600f67505595ed66eb38ac98a23ae6568aac700361e784fc8ff3cf0cd19e15a3508f42fb1bca1f95a6502b5ed09df0f75859527025798b890df2f0110cc20798a7096831c9822ed5a9341fd6afc85a78736b857bbfbcae5f61fb5a3ca5577c4bfb6b1ccac7f21e95cb2c1e3fbe91f5a46522bfc49a0e11b4ccae898b5215cebacac2ac8d6685b05a9df649d39e40c66f4f1373e77a722beb0ed05167fa206fd66cae5b01741f86cc1681ce7efcee5d67cf8a89627d7d02ca8ae96e32cd5d74dffa715b7c2e0f24648932930e69667939490cadcd06b4396800152fa3dfb4810ab6c4de8f0814a9fb211517d19932befe0c0613699d481ba2d3140836d9dd074ac5dbbc27284463f190442b453d4a06e1e0053d0e097420e1406b104cc8bdc486a1fc581cf1dca50f63ce3de1403eb4a5080971aa2a2a911c3d24d0370b1c062e6b21c6a694eda76e61b877e596d34ebc507f10c3bbf969793f5b71d026d03cfcc2bdda2acdeea4b7066f07be408f6bb35ba7f3b8196e9a1d1ea30ff709d8c0fa29c40056bd53e609b5217976c422efe8052e4cbda4b12dd2a1286a4460c57bb3a138c55408fa6a0888e32299cc47efb84ad61a98385854824ec253f1279f9d1ffe6becb8c427b53c57b537e0f000000c7902347589230aa7316523108ab38842b3b97a0840d4c3eabd229232a71302edd1f3375d0092cb3a07312400c1be8a94da53a79d2fce38fed341193f6c4dc41f396774145aa18400bf108577e714f4a4c50ce408392f954eeae696d2605bb973b147ef98fa35d576c957a01f262d81157e1c8aaafc708634366afcebbf31cd4b7190d29e0b3a2960ab5ea952eecd38becbb7cf7659a95044a1ebe4240b0d26c7a932c14c1252eb24bad57be94c5632bc42aea31f722904306d39f1d0850ac029537c4425d048ecf3fcb5428638dbcb86e17d60164fc396c706c10f0a1ccb4dff2f36b47510a749dc03e32fd7f13893db135790d29a56fe1fae6d0202831d440242be2086c6e5dc71dae14089fc080a358f159faafb397da8ad8b48b1615112c76627a0e47a7cbfd2cb0e9a9c5316e96f8c2cf4ab7c875ed1bbd5a020ff2f265a1f63b6151a2288c3e83183e68cd12dce8094d392137f061d43421eeeee504e4db172c9fabc6297a5641a9a7696f16660489fd6f7ad9421068bd1294941e51b8d2b818627e3081369583e91c6b8b68c93173dc7fae27f3bb9a4c6a3d69cf5bf28b3f8b5c8fa8a8a90bfc228acd1df93c8b3f15fb318c7524ef2e8b6bc18010b4ac5b448dd3a134531654d610cfc9b393b5b1a22e90377b74ebc64aae95987881c0602311c0fa94cd612889125da49b810acf9617263b55e504b1b9160675cfbef83170fba4134640cc2be541bdb54077dd65304eddabcef91a3445804bcdbf00f53dbd3345c190c2ec117dfa986dd04c3f02b7ba9eee47538c5fda856d432cf343596c53cf3c109ada410a6e7b09c3f14b60c2c8a4cdf5ee0791017cd25f7ad96d0c51a5cc52e2647826662a99266a2f2072b7b1acf805d44d8064d419999df38537ffcd78a78ce3837bfe1faf7dc79f5e0d32ea5e62c06e6aa716e0e048cd5c5fa8b4212ac668ffaca2a4e8afb91aa7425a800fef89fd97587569489088b434510a38a49e8ee3e1b96a307dcd999268967405f354dc0478bac5229203eb9d6aacc2db83e233ce852ad55b799b6923653d3d5788ac56ffdfeb206acac33010161536e3573d54eea1925b6f4edc6aa193e9e362681e34564d146b49ed916ab8d6aea1a78e526c7a0dc56f5ca90d07862d17cb3f21307f2e012ffd011ec64d4cc23faa4a08c4128c0892be5d5999f681dd28bd6796f83e1e0b80ab61249e5049e81c2e692e360194129d1c9aa13d5302d3cbc6060159632c6d3c2db27c3fab53e0919a81ff5878f6328536292905883095b65581b696ee94a8a0dd7d0d11a2e269959a6f848c87eefef283e57fadf325b665ade2d6591b283c33ce9092ceb39df5bf6ff92cd6180353d8021cd3b8a7efb9be4f79b37ee19e4b9eccfec49b1f526420aed78424d5129afca3e28e1e6cb5cfdd894289abd5ee69d29413c548f65baea4c99ae73055000adb0dab38e7bc6c9c562a3214e3b279decf1dc731ceed1e4def2d70360953886da1eb7b18b745fd6d8751d038c6cde166d4101df1418689468d3add001cc44c8f2ab8105fc362cf5792d5c270441af890ba4bd563ce68b57a0f99b80ba93f7fea3765ec1fdadfc7274d4d7c46da05fbaf47e29de56ffc53f71188f94cc3ea26197eb9274aea10f793e348541feda0cb82915fbc966d317b74ef23a851f3a7886fe99c4bf917d5932dc9576313518276f690f400b8de28cc92c2b753ae283c7fa1639af82ab939e3be687621a525dbed50d33cd6366d559a75f1bd1cf25a0bc421c79debae4263beb171539835e6e5447d411383c3d7ebc8157892ab6d5013d49b0b777dc27f629e9e0924d889702dec588045563cc09cf1bea68fcfd0a2c6943248009b95cb6055b5c2f521c4120ecb4233c47d7f0454afa93063d5b26b94530b3b3089b85b64ebc684e5c38a561ba437b09582d38fd379e48e752cffc532bb8bec2999b2ce70fb9e5d7101d740008c935680537e8992b576c9f5dbcfb35513c11fa48caaedf52a6bc350aa2acbf1ec561680d8ee9837d3373e2d51183279a95d41eeb9558dee0fa43256b9a19012b3091a4bc1e94961beb05c33869915e69413122a953e0be0fb9759c9b8ac1254aabcce151638d60d197458e9757a1d1b0e7286fd66dbbe9deb51ca7274b3e0efb464ff44aafd5024cc534ce0d725bdd4e43601279231b6fda22ec25a680588794f086a9c094b751c575d0e0251afa27381c55a9c190ee3af55af0d20424db2411233fe46c537b41dc576639979469925a8c8e515539bebba248d3372ec80875afd26a04ef5d1aeb61390901eccf4df562680445ccd6a90fc70cf0ec08910b23e108ba9b35a689fecbeeacccda80a2acc6d2e7ed2990ac386ff3cc7992ea29d94bbe7d13c96cd31763cb8a5a150c6ee1781160e27df9b51678e650d009e95322a0a639c165288be42681e3dea6262e00ffdea6f076b9bc810880cfed87a609f1096dcf6af0f053b5ed80c2053157b97396d2876f6600149cda0fcbdac08621ae99e9fd24393d30c3911da7573c3675a695f9e014a3dc2d2e45296abaff428a733cb742a01df7059828f64e515099141081ab3a263c7c38459dbc0d32fa8768b8fc3550131d286637e25466d2a129d587663d9d0eaf4079a72cf37c9fccf5f2cdda2e9db69d82a87b4cf9c20dee03d935cf6099d1d1174344d551cb569a73c21ccafa6c59b988e0681bb175edd912cd64670598b444825c8f4a280dfee91ba18f50aa0f2fb529e5f73302fa09c4b9937f19ff6175af4f1321d3dc09e692ca7e1934f31ac91fb6e6fca4b1dda3a0063c8eeb5f68d43c820f8b9e1c6903ec1a2626ca3536bc386f42e7d865102daa82db5b2d2b580825afcfb65ca9c5cca7de06d838f84a84ee4f8381c05de2a0ec53bdcc447df8e8b9921c21cdd43312e1454790d727ae9c33487239195afc93149090e3c47dd9ec03feb51551ae92e9dc21ce5ebc4e8c8b99b9dd09ecd33a949aac69299024a52680c91244fcfefb9e2def28d0cdb621d7be8442c67c61b18a1228d341014a3116e9b8f2829e291f788e368b6e36460a6a76987918caa641f06184ab0a3910a43dfa97b3e5c31c837a12a436ee8796f9f507cfc438e6b061a59342be0c0bef0b646973d58830063a28c1cd3f434173f450c2ca3a846adcedf6b5d0bfd0813948e79fb8b6bdf9a5add644ab2a1d9795faae8ab680db6a4ad933848ec6ad09b212605ce497b2dba4eea307c45c17099a3f116508c73371d6f3dad906cf8ee9a9eab88e9365fc78112dfc8a4f865e627f1f6e11357632a3a1a2e9391f56376f8e181555ffc98ab9d93874392e81aa4183e8caec57a4a29613a3c4319595553143adf28bae56b719b8be0b2acc4b03038d48de63b19ca362945637d4a385becaaddad5b3dba297ffe71ca0cc9c9c1ff843ea5f0dff511b88ec7a6001a2570d09606c36d6bede06c4c7e93c77ca3da73f9933b16650df963a39ff34a3e83bad1c14a5a9457166f13c53502e9b9600982aa99598f711ef22720204282c9b02fea3eb55d568160f0fd62633787a77fd8acaed92f2607020c26f6f9386f9021f9123204a3f20e745caf37849b25f360e174718e1d78a32dbdab5d5aeb36c9b3366167b0fee60883a9b0f8bcd9695472ff4820462fa6f75801abe45c4ce02c6de61bddb434bf020b1145f0ca58f035f46107ca63a507498d7a1ffd9f6d3071479aec5999c1e7abc0e014c5be04b92486dce4d8bd88c321f3017050c599a6ed8888f810c75f2607fd35a8795b7478d1c346ce6694a0e1e3604cbe2ec7a31415d80508dd23ffe4db304a2ca1bc65681cff1135b95fc05f0a3b8cada0f5c83e8d0f3cdcbd4bfb48a7895cc9535d81d13ccc8f9534dfc542d9837e352eddd62577ee711d26bb07f41e9948d4b917a926eb8093944ae45cc6dd13ec9b61816950d158226ab7f1b8d8a1465f3eef2e9a63b3ff097282d2541fef5102c8b651ded051d3219f6527d4b5b6fcb1bd0fffe7080abde84ea1acbd2b89b0c9577fd7273675527a12dcaec02b3262389b05c2c09792ce465f7a879de0270fc2b6f28403a1dca0c5fc28f0687351c5bb346de8cfea7532b834904bb012731ef8fe83036c95251c757683834672fa80ba8383308e3e9e536fb0e906a9727e6b2870c3a8ee056d353a3fafe8e9ffde7b0ce951b60b35fc2f7d1e476ad1c45f2559ac66dd007fc27253256f98877a4476ad273880a874023e3f75b14b32366172bf860eb6dbcb0a98b83972e23b02fd02027ca7f9eaa0ee38eef55ccbace6ea3051d79c6017c34b5b502a9b0e52c8b4bd80391af549e6f4accb1cfdf2071de59ba903dde378d9e66ed0cbbddd66ac365e64c8fdb93b97305a55cb39beb745d4a824d1de5282b1b839a72603fe033f8c7aae2cbab65fcfb54eff28eb0bd4c72e3e892f953e3251b88ce178641e79ab5484bff93a8eaaf601be15368b46690ca10e70188f581f999eac931fe48f31b8951ccff1ba5d6cc007246595bdb22a3dcbfb2c9fe0d010bbab856f4c651dc5ab7e8fb0193b1c9924facf3c05a255ef328d589a0a89bfe67c7d971bd7b708517c8540391f6a6b9724069e572be3f85ca86e46e6fdedd22695fd8b364f3d5aa1a585971a39e1822eac8f51661ecd13c41e6349c030434a0dff79f441cb195bb08717345cf29401c834c35d9009895b6e5c03406b202ee333d7f531898967f93aaea74265fc605fb4b5a5750305ab82203f2fb49493a5d3deb285a2777c8641b3d5df1c7cdde888786d314ccdf20b60c5e05279160fae24073027d8b8b61aa4e4760d8d7d785d2fa1e551c2ff644bb83e69fc574c754a195efbca225e7a5e5ffb1f0852cc80187661295786fa35cca2baba685f744ec9e193e212823741437dde5ca003973261a167a389f2e5ead402feecbb4045a39d3ebd76c4bfcc65f60bc841f8488d08f258a95caf36cbac22671ac59a7e3ebd22d600bc417b15daaf296b562928ca6a2d7c11c5e96d3c1f56e683f1a55c07dde2cf889be2ca901606b613a299703312e74f80092ff6128835ea200fad70e0c2d094818ba6178200a211d6b2d2b068a4a0d757361535a73ad59a309c2167c874b23b2abf4e5eaf76e7e6851d4232303b8c9073ccea7398d34732289d0530f4183d004cc4c9827668005d28799ed2b23005f70bfbdcf2f4b6a821c2ca12b7915a5bd6098753218ebc41b16475c8611f492f85b08f551fee983915a5cfc82d24abd29a281963feadfe33cfe14735168b2e0528b0493011aa234d18450d9b29322d7094f3202f6a6b49094dad52707a3a80324835bf34daf557ac5f18695069601c6011fe48084355af3b531fb0e16a6ff81a8f9708e1a610d38dda66365255c7aa3a3d37bd4b58baa13d1b910280567642f97bf4836a1fcf336bf6e9a0fb347abcd1cdccfda04acdca918766a64fe7904b2e67b8872afd4366f9feb944f9b9ae5577c76c55c24b85e44b48d464333ba1a9f6e1e8ba10b57d7d8aab05e86702637485998fecc12b3fb12ff7ba3fd26223881a06350f215a8bffc46eba2cba0af2e11439ce012c667c5cafe3d0690c77b3f1ba108caffd5726393e61f194295cf4c51d0d383632cd9b75daeceb84ec450a0d344b08596530f1b95ff8b034c04b263a530c59d822e9c8c5c7328e539a18a2905c117944e22eceb60247b7aaaabdf0859a9143ffe2935454b6a87f21bc1de97893c23b48ce03782252f60e880f56b839daae71aa8a19e753506b370739ea88294ca2e0c1af31438ea33b084c43c6fa1381b7f1b9423685c53f3438e1e8893c6d157b297b336cf7f032ab4c01248ea5b2222e24f90240d8f28f6455e36cc423dbd2888d56c3fe6bdbcacf397ac13a1983797f7ccb84a1cb83339d4e9f599a154ac406a3bee3d4b3749b4f0768b0b225f31c9c91dc26a45a2e109a218ddd22af93b86b6fe336d3a051f7e07ff1d1d5eb662de4cfda0dacce0e20c37f34c75a97815591da22aacaa1e3a8028af1b5e15e470e800fd1dbdc99f21687724f07737c2c315e0836cb169f71e689fca00a2c73fe666699cd6571ea106767bd7f0bca061f0b4a21991fd02b8e695b78474ee1c9bc13bcdb9e477c02acf2343d449f9b85bd618bf7a2bc353c356b9578d3316b17f8bd3fc20f2b1a7a4cdc518e79c77d472c5cb6762693388d3124579d884a49a69d7f07c332be891c3244525c2e6b9387c041b93706a0121365cdf69aa839346e5e180945d8af7da0a8f65cd1bad1377d13ff6d02e7ea54d4377a1d3d49d3d357e61890034409b19f44fc02f5574f40fe535bd423bbd96a0a542ccade1b478b78265b25c1322fbbb8ec99cb45b22d737ee248169fe08f8a2958b925ace6372bcf1d1be57e9b4de97bd0db62425c53d869794d4390312b67db5e61d1b42c5afa549065005f359c47734f54b7f30918be1e2d0ff21596258caa287159fbe6dc0090242c43815367bb45067a55e0658d58eefd081b1541cf393561a5a369fe90c6d5d8caba63198c84fa0467fae813ecd3fb740a3783a53dfad07c9493fb3936b802e1bd9fb558bae88c44d9a4795aa634c13a5fba50923636ac6e2952da6c8424cc616eb364c11f876663d105fed392c15dbb00f9caf50af20c44e4fea91480cb4bfecaf126451e6f19146bb2ff26d310416c62410c37b000a1d1f0480419e5f5f320827fce26fbb25c9ab882ad4bdf6a674aaee87b85309a9783bbd34606ed46f6f761c5e124825b0e5df507c505814c769323bfa36170015e1720e2cbf30f79cc8515df1fb7d58695ecf8825e924e098d0dfcd5e396093d996a2fd4a9c5de03254b12dfcd2342f49acbecf18dc3417382e5b507652b1d089eed0805479546eba0fc7d17ecf11d692b4ce817f270720cf20737d3f02e302cf5e18d649bf3405fd262dba305e916280a38e3511307033dd70d2cde39d528e676f6a051ebc73b6ff0d5f63b58970e38e39ea366977a0809e22eed665620f65bbdd2f94ad82f3faaba1bfac309f60f843fe89573787092c8f7a7b44018ba7daba13e6b093b496f79adc0732574cac1cc33e5234d7770ad6cb534dab9856e390e172a91532ae77f4ec98054f4c12b02d0438ddf8d8d173e6a59f66564accb785693897b335199d9d8338e242703ad120f465a19153a1a330dcc275a399af921e0dac2b6d79ea51ec72fe932be071352c12933367487d7385de66d62b2bf5cae6c4d54f099d7c4ee10919dcb33a2b31498d979504b619a6eaf64ed400e491859f9c78c1d9d434d6ac69d570796088d76a47b4999816eb3b15e8de155f1392b75c1517e91df38ef0793610451ad31a0906eecf14c80b679202a6df9f00c7d28d1449988410c652740dde2ace85080e2a4f16824cde15ec4023b1fc4537d6947f1e001d37c90acae2995aab5476a99d3a20af07ae2e564e27e31b30d7bc3b8aa016e3b5c38feb9fc947ace24e83e7ba4f69f72e92f8f26bda8dd09ca791fe9cb1d0e14278c89a20ee2896924e88ba9cb3b916aff3b7a5924a91b4495d0305fb4adb3e036a31e2f200f272d4fa7285f96ab7e7b934464227e108511ded2ae4337aee944e4067c7b741d2f55483243d641b8bcca425bb69f591065a3b45c6f9513b472aff95c1b3e71133b3479cd5fc51e9eefe5bf0f7c2f9256f8d49a2ceb2d11ca0f0eab1e42464cb7d6aaa0c023147c1f108c3d6d1fa379638979170cb6d94fa92e5cf5f69316fd64c027eb10ddfd9b91fc91829f347cd73433e5197fd97fb10e99d2ed8868d49e24d59efa6758667f6ffc18e5258f98afeb01a3d794813fc2b9190090ccceaca0526f06a948d45bc7e2e40cdec3cf78c10676a8bb8a3e5e7200b3726b3407bf666862f9038d8216f9505cf7aa9a04f934d6da311d6500452676dccfd60977c4c99d56dcb7bb45fb2081e19803841a8edd8cc55b08082d9798a5c3a80de66f4ba2ccd90566d393d94608f17724719393b9df7725baacdf0e4e984b454576ad4f793143f4c8dc5f1ca822fbcdc90e9636727ee0638fb26759e6ff79b19c97ad224e5a85e1075833fe7fd2f3424420a5197eaa9d440c52807fc3e96c447dd745e49189f427454aae6aede782a8ac40582d85acc9ae68f95af556945889ae1fe381e69ed18aecb08866f5558ae36b6ff61c86fdb2b6f3eca083dc41c0", 0x2000, &(0x7f0000000b00)={&(0x7f0000000700)={0x50, 0xffffffffffffffda, 0x200000003, {0x7, 0x29, 0x0, 0x21, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
unshare(0x600)
r6 = socket$nl_route(0x10, 0x3, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000140)={0x8, {"76f3767468dfcd3288c02b1f0fb6e90d2e7d384907ef2c3898f8c82ad369174f07e1b3e6e91e091462b16bfab69681acdd4157ca8f0d9df329d0c003be4f52f419f9fa7a93641d83ed20696df06b489791136eeeeb6e8a1d13b5093a0b00f1b4671737654833dba9d3513cfe866d2761b34819ef0f6da6d8b0349656842967dffcd8384587c3611d0620c80c6c921a4da4325f7f2ccab7176eddfb5aaccb612d35860d1d4f3cebfd137f9dc9dc47742d24b306dee45912b8e3819bdfed0bdc6df2b6d17218783fc8ad7985364d70e649a0cddd0ad86f0d1241f848c701c71e4d2782e307e9f983b92ac44f358c2b0782efd1d9b74d5157853873023c039c965f4cf1baea199dd4991d1b0ab8b3ec9f18eb4c069b4a44b774b8703d141e3ecde814bba4eb3569ab2b6c3dd61ebdd9ff889714b5f8ba20c240b6c5481d3131b46dea7b769f4dd46ca700f704544f47830003d91a76a718f866c532c5a11fc71e8ed96324eb9ab48b256b59c8dc3ec803105564819ae6a77b07b79b8c443d42fa4dfa5e42aa35a910ae0991a18dee579ecf3d85b4427dcb3631a847b07e7c6f2c5ae928ebbc7542bbff7d96963a81c4fdc7b710988d7f3b7e902546261724af3cba7f2ee073fb924b89c3eb1e9dd97c9c2b738adadf8dcaa5f7422426265795182f00f1df85322a7e913ba26a8f2cc818f535c0f5f496d1da4b67b86f93e7ec1c8d7248bc9ae44591454d70b41fd76257d4af6d81e6de657be0b4c52ca06917ff85769bcc598f0834a10766e6ef8a6b59fbe3be07181311b0229e8ab92a88bf1c55afa924c6627cbed335a1549d891fc487d8a414e81ff4dc2423d70fe62ff19df9f4794e8256744b8127f052d55708d54c0b11ad2cdac7ec231d33849b4655170bf1084a6ab8efbbddb9239542dbbeeed78f5128d1b7d39c3a7fca9460dd404cb7c838ff47a79a4f235112b5a1eac506be6d5716d72bff5fcfb587d1a13b737964deef75e0c05ae552e26144ac844b11ef03981defe0a26afbbd5a41a2c7415b9803abd062a2eee8ab180b3193b972e3bd615f700b4fea42ec6f36fc175a8df54e7c42de443082ceeeca04824bda5c1a40417927a0f4f7fd75c7e94fa12ab3d0498a81df9a5f1e2d285a39fb7a114f61a05254a5a4c99d1a75994f2ee7b7a9b8807dc7c6f11296cadae6edbf465690420c2789607118ba01f64638de57391f7f1178928f2e86f38dfa402e90c2d2cf0a8845fa1599c60ee904f26504701324f1e908b0fde29586f25860f452417546deae1fa601058a7a2f72a30141c6748f2cd95305f076a6237a9d31841ee4a760404f91e3afa760a001145616b3d4690854e0229242b08bb624ca287d640f693e83cec860895c873b629ded6ea681ef7e990b4e45435398f150748d5fe82ff96511981db8ee4d2dd82091f2c98aae02e6cdcce54c1ce54d0ae9bf8305707edb5854ac5e15cf5d80af13f334f11ca6fb1716996e21ec23333f80c160e586291dc6de43d364606d650416704d816053102a7f619232d9d8cf482e551704de5aafcf9fed4073bb5cc3ede132935580a733721db455e32445b6aaff4f67fa57b5ba90f32f7efa796d9401d441bf6dcffad9d15480231254a4a1fbaff06bd8548fdb6c20d5a810c910f345a891e31a1edb00919b8d58436d6381484e6513f79fcae63816047d67ed0f6a83489e75406a4ed6445a34c8e065051bac212905a8ec0bdd3e545ff2cfbe1d7878da42feac19aa64814a74d712ca414c43191bc083b18140de56285c7617fa27352bd03f22bfc56f451cdad01d0096e87cfc71a3a76b747308a43a23fc2347e5add99f4654a7acf154bc339cd4f590b86501f555789ea0f20c071a328c10cdc59d3b3e1ca1874e6b795ee2efa4c7035b4db02e7b7e141ac6f4e8e1c1023d28c211349e8c141b39e8a51e1c2f1fb8ecdf92dbac3715a15b044db35f2d7c83183db41fc638b79c82698ad97eb05d95d98cc1292f7bbbe8e14a3b72a6d5c9b71e41bc71493f99c00c3994ec9e9c6e01dba7be1f8e7ea360756b429ec217b9b5861e833f949df24fd8ea664a8f970d967403f87d89cc05023c1de0cd9f2fde792c1304b0138e0918ff2fce285c10efb154a36bd13a3651ed8ef14330691bd81755bc7cb5bd1d014a25116db8a92e4dedbe1ea1d35d545d066626b094adbd7fc46036ea915288567cd47cc7e8c6cd66acaffe0978011daa6311eb7422849425317dcc1a02ef63fbfa8d1f8b18556075e0a9bf1612c99e05d181b37c117c9addf2f4dc7bdea3f8052c170093c0ce2edde88b32acd0b7a4fd92f7913d517c31ff7c389cf2860f9d53bc9d721be722801a9fb658be7680acbee0ba4848ceade211cafadea23276b1dc0ff80cc99c04d8aea186667011894d1ef46fdcd9812d1157cbc5c889f0b2e4ff4b93e789f7f3a53bff6c311ed2a68ff4a80969de95c88a117a2a75d73a3df69bffdc0d7161f1b284821b28c3f51bece399f46c50a4d06cdaffa5994bfcb455552cee208cd188ad893c999e0ae1c9b4bccc305e287236111c5d58416640489dbeacdcab80e55d8e2285e00d571396fa74625913d027da958c832527d84c77ae3655c89335e9f9975f667dc1e635c372147c3b6c75b475cc787007dfebe651ec5dca41c6d056e2999a73da71d8ed814a647aa01fa4cee4ca5124ce380c4b170c4ca9834b4d71ed51278f359e9de7db883bf4afaa7a3519ae91e7655494fd9222330c4c33a72abd52aa1526478ed1aef5c6f6d5ecf4aa5e0716d663979b0f9e9e6957dd14faf5b14cc944aa57a43527c8865a4fe19be8257029533c2050e50a5d2c761194435c46261fea07ec9e07b5f9de7d49187f1836ba69a2c4d7990c35b5acf0d38859ee403f6eb5a663b9da7b58b5ca9730be4fe842630f5a1cdd9f7ebb0394b796a8b70a43a8906050bfef0d4da0fac9bc7820153b074e99e5bd6ba2a0137491283b2d38ca47e02790f81382c89cc5460bc39f04d1afb422f976a352c5bd398ea8241fe2c2b9368ea9b2483aaff2c4f1f15b7d13625dfbaac5032b75d8c738f668086b9c4a770122d8b10d68c26f5d94f86ed2051382a55c50a08c4bd683c9143bc2cf958f8f3aa77b675e9b97f3b5c0c94524c59b449ff1a22631cab422ddf769adc3d83befa2090f6853b39b3060e81a667727b0c902e09dddb4d27b8523cd6ac8bd693f10e0acfa96d191c93ee7bf5a62f03f58f11ac9a91e15b89209d78913b483f0e45bef0835e9235953aa1bccac0a8700980b337e2f546cbf7aa349b22128b2f52341cf4079ef832f73630dfe952c70421bbed205388afde6a94d7d083b1d6ad299be23765cdad957863a07e0e2cc0c9912c9ec7a728cad68d8f48ae5d3dd4c4c8e0e48532ddb3f570f91ee97b61a5a31fe1f1178f5e9fae6f85bcf6f71d7b90b36e83e0802d89926ea3a204cc690e30028ce9c28fa2428bc9f1738f1c9e26769647aff66428664ff5f53bf368aef379b0eff961a9261b84af862347b901f28bd5f0f1e10ca90a77c2e2ec3fc9c38928e2a60bedb155b7f5f0044b4ac368b54c84e40ffa07e84b93d0e6f35cd479fe26bfa27753441f729f3c5d68a1b67852043e96d1861577bcd0b7e89dec47dbe138a07babf86a44487c1c3aa8730c6a2bbd4cadcb68b23657c3445d5f32b4d094d221f777df0915ef9e05cea75a141f172976106c5bfa44040f7c5269795885353243b3b83fa10690f8e03760d903ad00c4c08c87050334d08061ea38cbba423c58eb09d696430cc59fa5ba449853f6d249ed98e806138e4f64887f3258ce891ecf513848123c66d7b3a3a5ecc4888f3c9ad4808f52d210da7f058645e43b468e73918199df9dce5d929bd99e1675aa9d2f954448d3fccda9b683dbc5326d70e338a1b5bb9e314f506804367242b0507d4dc052b82968c22c341cf5dd8ad1a0891674af49d4f410bcf90c0d8837090173571fb35cef09c9f93c0e77a9753618b4abb87885eba878845812d5b80487241974e7aa9c3cfeff7f822f22393a2973dc96b9eccbd5369d738f7ba68a35df40a728d32ff24788762efc31f43aacf043231ca887bcf6fdebaf8d3009dafaa4a0b4338802a44b9e333c362391f42ba9ac1d0a4573b47a0a49f0c83aa6756ade35618e8cf80dee254b4fbcd5e69a2deb1b0af405cac93b9ec35cb9f9604fb60aa526485b436fbdefda0c50274413fae15948ddc77348268b9ce767fe4e249312001b57548616ccad41c3de8bbab309782b5dad01966bd8229c7c194c40c2cc5fe901a69735963bbbcad1cf0bb64b3ebbce808fcaba2547dbab4df6359074fa18f8272f5e24a5adfd6a50a2fe3800e0d60c7b24470914f615154e98b231cf627738948aacba699294a2f0473aff0581c8104cfc1ae3884d82a6f56f866a6cfc92deb0518ac9d6d3bd722144767ef36ebfdd6766db4a7346570b156b49aaa5f115424751a38a0dd26eaabc5775cdf612c685d964bf240b1e8fe6af5860dc050095d55959a810dc76a0520d451589d93a3b73178385f4d716f404d9457b8d30ae3d024471147216b37f92d2c90c52d9a83b4fd779fc138310b480d2fc87982d2797f22e195a4e885b6b6c1d49422709eee55e68f6512b1c59c962e17998c04307005a753b35e9ac7f567200f4887e9991557ea862deef57c2a2938e7564f88ac3bdf86965005a1cf758b61a437c7b74a030a76bb8b0f7f4437c5afcfc7c8c5e769b732c10788fed11b3cedbd27487743cd35a7146405858aad1e50b048dbd31c5d2455e1d5ed31cf10fbeeb125563e53ead2be53500c49edae46a6b3d51fea60c602334871a28398d00403713e2e31fec19d9fe0fca2975b65af2f2cf3d3dc27d36dffac11f4b60fa0dff78de7aaa062e74627c133673e6030423e178ebafcfb87ae2abeab3783c6f8d23011b49b62a20f1501eed08d169049f2f2002d2d75d8e58ff836f8ca06f1143f0b6f68e8bc3c6c3a50c638d1ec882955c2447ffc791e82446ece5fe6f193195092fc75022ee2e121b5e7af5ff253b42a33c0a54c824a4368bb703a64e9d47acaee3b5c988e37c2d06c620d85870a894401e1881a11e96b04bfeb04ec7b49185302978a73f95c6a1f9203db6d4581fae2fd818133753c415e4f1088bd6940475b3a416cac8ebfd9462c528c7842ae89c4da510a2ca5e0e26c45b4359b6729c35451d696552ef8c08eb477b803f1e5e925ee8e955a2458714ae649aca23bc0a595b4a3dbe32bf9a8d73dc15a4a788f3a1036f0f38e7a6a90d24c3f6ed1d479385356857f7ef1e7f85e259773526ce936a929e4ab5efb74f7348b1b26706a3d7af5b7695d0c8fa14142264329387befef7f35917d2838c59ac1d0eb484698578e4a2a149d1c8f1dd5b3bda62ead5761d367e5e9b4480d12b30569c72ed1cb2a4ce257c386d3e705fe41e05a327295f51c87f9b7b4de6a07b6e4b10206f50a3ec04b199504f9b8ff3e519425feb5b218e0476b9b248fa36a621173466175353ae91af245086bcc8b932ce47dff7d3a936a7f439190f459ca9e5fdc7d572e47b83aeb691219c277a9eb5928d0c4b5df9eee7323199e5b3d98b0f34fbc00b7d40d21d6e215d70c9df28e195f4a4e312ce8def645fc7eaf00891dfeb912af8b19898b29c15c4632e1643d4f259c4cb7bf83c0df062ba469deb8e92ca69739f7ea3cee391b6713dc5cbc11961488bebdccd0edaa21aa3c3933630f41ee3737df481ccee70c1c3c1d8b1f0bc183045287a7c999cc61b8cf991717ccff7168de", 0x1000}}, 0x1006)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e6400000000180002801400088008"], 0x48}}, 0x0)
sendmmsg$inet(r6, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3bd9ba", @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r9, 0x4140aecd, &(0x7f00000000c0))
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsync(r5)

0s ago: executing program 4 (id=2974):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
sendmsg$NL80211_CMD_DEL_MPATH(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x80, r2, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000800}, 0x40041c1)
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x28bd, 0x55, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x20000000}, 0x2400c051)
r4 = openat$apparmor_task_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x402c5828, &(0x7f0000000040)={0x0, 0x0, 0x9, 0x7})

kernel console output (not intermixed with test programs):

etem: invalid attributes len -3
[  695.732647][T15230] netem: change failed
[  695.835089][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  696.554767][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  696.831106][T15241] ptrace attach of "./syz-executor exec"[10637] was attempted by "./syz-executor exec"[15241]
[  696.930012][T15245] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  696.959480][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  697.600559][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  697.762757][T15261] syzkaller0: entered promiscuous mode
[  697.768557][T15261] syzkaller0: entered allmulticast mode
[  697.846388][  T978] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[  698.019166][  T978] usb 2-1: config 16 has an invalid descriptor of length 100, skipping remainder of the config
[  698.030139][  T978] usb 2-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  698.130565][ T5914] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[  698.166017][  T978] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  698.175705][  T978] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.286413][ T5914] usb 1-1: Using ep0 maxpacket: 32
[  698.636508][T15269] syzkaller0: entered promiscuous mode
[  698.642060][T15269] syzkaller0: entered allmulticast mode
[  698.698211][ T5914] usb 1-1: config 0 has an invalid interface number: 66 but max is 0
[  698.723787][T15270] syzkaller0: entered promiscuous mode
[  698.729513][T15270] syzkaller0: entered allmulticast mode
[  698.793471][ T5914] usb 1-1: config 0 has no interface number 0
[  698.828528][ T5914] usb 1-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[  698.838188][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  698.846440][ T5914] usb 1-1: Product: syz
[  698.858707][ T5914] usb 1-1: Manufacturer: syz
[  698.911659][ T5914] usb 1-1: SerialNumber: syz
[  698.921669][ T5914] usb 1-1: config 0 descriptor??
[  698.929318][ T5914] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state.
[  698.940817][ T5914] dvb-usb: bulk message failed: -22 (2/0)
[  698.951708][ T5914] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  698.962374][ T5914] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold)
[  698.970761][ T5914] usb 1-1: media controller created
[  698.991581][ T5914] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  699.756471][    T9] net_ratelimit: 1 callbacks suppressed
[  699.756491][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.046784][  T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.332571][ T5914] cxusb: set interface failed
[  700.337416][ T5914] dvb-usb: bulk message failed: -22 (1/0)
[  700.378433][ T5914] DVB: Unable to find symbol lgdt330x_attach()
[  700.384679][ T5914] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold'
[  700.656616][ T5914] rc_core: IR keymap rc-dvico-portable not found
[  700.676737][ T5914] Registered IR keymap rc-empty
[  700.697651][ T5914] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[  700.707326][  T978] usb 2-1: USB disconnect, device number 58
[  700.709999][ T5914] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input46
[  700.742185][ T5914] dvb-usb: schedule remote query interval to 100 msecs.
[  700.750113][ T5914] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected.
[  700.777410][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.847326][ T5914] usb 1-1: USB disconnect, device number 89
[  700.928566][T15289] FAULT_INJECTION: forcing a failure.
[  700.928566][T15289] name failslab, interval 1, probability 0, space 0, times 0
[  700.984190][T15289] CPU: 0 UID: 0 PID: 15289 Comm: syz.1.2616 Not tainted syzkaller #0 PREEMPT(full) 
[  700.984216][T15289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  700.984226][T15289] Call Trace:
[  700.984235][T15289]  <TASK>
[  700.984243][T15289]  dump_stack_lvl+0x189/0x250
[  700.984270][T15289]  ? __pfx____ratelimit+0x10/0x10
[  700.984289][T15289]  ? __pfx_dump_stack_lvl+0x10/0x10
[  700.984309][T15289]  ? __pfx__printk+0x10/0x10
[  700.984336][T15289]  ? __pfx___might_resched+0x10/0x10
[  700.984355][T15289]  ? fs_reclaim_acquire+0x7d/0x100
[  700.984384][T15289]  should_fail_ex+0x414/0x560
[  700.984414][T15289]  should_failslab+0xa8/0x100
[  700.984443][T15289]  __kmalloc_cache_noprof+0x6f/0x6f0
[  700.984463][T15289]  ? __asan_memset+0x22/0x50
[  700.984479][T15289]  ? alloc_netdev_mqs+0xb97/0x11b0
[  700.984503][T15289]  ? __xdp_rxq_info_reg+0x189/0x2a0
[  700.984525][T15289]  alloc_netdev_mqs+0xb97/0x11b0
[  700.984556][T15289]  __ip_tunnel_create+0x349/0x560
[  700.984578][T15289]  ? __pfx___ip_tunnel_create+0x10/0x10
[  700.984596][T15289]  ? bpf_lsm_capable+0x9/0x20
[  700.984625][T15289]  ip_tunnel_ctl+0x4dd/0xc30
[  700.984646][T15289]  vti_tunnel_ctl+0x3b9/0x500
[  700.984674][T15289]  ? __pfx_vti_tunnel_ctl+0x10/0x10
[  700.984692][T15289]  ? rcu_is_watching+0x15/0xb0
[  700.984712][T15289]  ? trace_contention_end+0x39/0x120
[  700.984740][T15289]  ip_tunnel_siocdevprivate+0xf5/0x180
[  700.984762][T15289]  ? __pfx_ip_tunnel_siocdevprivate+0x10/0x10
[  700.984790][T15289]  ? netdev_name_node_lookup+0xdf/0x120
[  700.984818][T15289]  dev_ifsioc+0xb57/0xf00
[  700.984846][T15289]  dev_ioctl+0x84c/0x1150
[  700.984869][T15289]  sock_ioctl+0x719/0x790
[  700.984895][T15289]  ? __pfx_sock_ioctl+0x10/0x10
[  700.984935][T15289]  compat_sock_ioctl+0x285/0xc80
[  700.984964][T15289]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  700.984991][T15289]  ? __fget_files+0x3a0/0x420
[  700.985020][T15289]  ? __fget_files+0x2a/0x420
[  700.985046][T15289]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  700.985067][T15289]  __ia32_compat_sys_ioctl+0x543/0x840
[  700.985092][T15289]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  700.985112][T15289]  ? __fget_files+0x3a0/0x420
[  700.985142][T15289]  ? fput+0xa0/0xd0
[  700.985161][T15289]  ? ksys_write+0x22a/0x250
[  700.985191][T15289]  ? lockdep_hardirqs_on+0x9c/0x150
[  700.985213][T15289]  __do_fast_syscall_32+0xb6/0x2b0
[  700.985233][T15289]  ? lockdep_hardirqs_on+0x9c/0x150
[  700.985254][T15289]  do_fast_syscall_32+0x34/0x80
[  700.985274][T15289]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  700.985294][T15289] RIP: 0023:0xf7fc2539
[  700.985310][T15289] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  700.985325][T15289] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  700.985343][T15289] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089f1
[  700.985355][T15289] RDX: 00000000800005c0 RSI: 0000000000000000 RDI: 0000000000000000
[  700.985366][T15289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  700.985376][T15289] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  700.985387][T15289] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  700.985410][T15289]  </TASK>
[  701.332698][ T5914] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected.
[  701.820395][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  701.888113][T15312] netlink: 5452 bytes leftover after parsing attributes in process `syz.3.2629'.
[  702.046530][ T5893] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[  702.216670][T15322] syzkaller0: entered promiscuous mode
[  702.222268][T15322] syzkaller0: entered allmulticast mode
[  702.425135][T15326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  702.435395][T15326] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  702.648070][ T5893] usb 1-1: unable to get BOS descriptor or descriptor too short
[  702.657498][ T5893] usb 1-1: unable to read config index 0 descriptor/start: -71
[  702.679137][ T5893] usb 1-1: can't read configurations, error -71
[  702.896598][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  703.104874][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  703.386752][T15332] syzkaller0: entered promiscuous mode
[  703.392421][T15332] syzkaller0: entered allmulticast mode
[  703.894244][  T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.046749][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.280471][T15363] ptrace attach of "./syz-executor exec"[5844] was attempted by "./syz-executor exec"[15363]
[  704.296314][   T24] usb 5-1: new full-speed USB device number 75 using dummy_hcd
[  704.479526][   T24] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  704.491112][   T24] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  704.631297][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  704.651973][   T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  704.683810][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.704006][   T24] usb 5-1: config 0 descriptor??
[  704.712873][T15349] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  705.097192][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  705.270960][   T24] logitech 0003:046D:C24F.0010: unbalanced collection at end of report description
[  705.297732][   T24] logitech 0003:046D:C24F.0010: parse failed
[  705.311068][   T24] logitech 0003:046D:C24F.0010: probe with driver logitech failed with error -22
[  706.149414][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  706.157735][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  706.274067][T15385] netlink: 'syz.2.2649': attribute type 1 has an invalid length.
[  706.649721][T15397] fuse: Unknown parameter 'Т	fËïIQZ1¨Ô#QŠFiË2nªrD|Wê^£š
Ùx°“è}W'
[  706.669919][T15397] fuse: Bad value for 'fd'
[  706.849986][T15401] wireguard0: entered promiscuous mode
[  706.855573][T15401] wireguard0: entered allmulticast mode
[  707.027134][    T9] usb 5-1: USB disconnect, device number 75
[  707.177920][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  707.291416][T15412] pim6reg: entered allmulticast mode
[  708.499640][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  708.551359][T15435] ptrace attach of "./syz-executor exec"[5852] was attempted by "./syz-executor exec"[15435]
[  709.155457][T15444] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2664'.
[  709.166760][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  709.566772][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  709.580493][T15451] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2666'.
[  710.041208][T10845] hid (null): unknown global tag 0xe
[  710.051065][T10845] hid-generic 0081:01FF:0000.0011: unknown main item tag 0x4
[  710.062060][T10845] hid-generic 0081:01FF:0000.0011: unknown main item tag 0x0
[  710.072882][T10845] hid-generic 0081:01FF:0000.0011: unknown main item tag 0x7
[  710.080665][T10845] hid-generic 0081:01FF:0000.0011: unknown global tag 0xe
[  710.088244][T10845] hid-generic 0081:01FF:0000.0011: item 0 4 1 14 parsing failed
[  710.096716][T10845] hid-generic 0081:01FF:0000.0011: probe with driver hid-generic failed with error -22
[  710.606705][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  711.529942][T15489] syzkaller0: entered promiscuous mode
[  711.535785][T15489] syzkaller0: entered allmulticast mode
[  711.653267][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  712.206641][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  712.715650][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  713.016339][ T5914] usb 1-1: new full-speed USB device number 92 using dummy_hcd
[  713.454964][ T5914] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  713.468911][ T5914] usb 1-1: config 0 has no interface number 0
[  713.475058][ T5914] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  713.487621][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  713.502433][T15513] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=680 (1360 ns) > initial count (1048 ns). Using initial count to start timer.
[  713.586526][ T5914] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  713.613012][ T5914] usb 1-1: config 0 descriptor??
[  713.652802][ T5914] usb 1-1: selecting invalid altsetting 1
[  713.671964][ T5914] dvb_ttusb_budget: ttusb_init_controller: error
[  713.691808][ T5914] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  713.738574][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  713.884491][ T5914] DVB: Unable to find symbol cx22700_attach()
[  714.577386][ T5914] DVB: Unable to find symbol tda10046_attach()
[  714.583589][ T5914] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  714.797563][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  715.186608][T15544] syzkaller0: entered promiscuous mode
[  715.192123][T15544] syzkaller0: entered allmulticast mode
[  715.246502][ T5893] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  715.415821][    T9] usb 1-1: USB disconnect, device number 92
[  715.807348][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  716.256353][   T24] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  716.416299][   T24] usb 2-1: Using ep0 maxpacket: 16
[  716.423482][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  716.497546][   T24] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  716.520957][   T24] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  716.548907][   T24] usb 2-1: config 0 interface 0 has no altsetting 0
[  716.567319][   T24] usb 2-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  716.588395][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  716.619808][   T24] usb 2-1: config 0 descriptor??
[  716.856838][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  716.955277][T15562] netlink: 5452 bytes leftover after parsing attributes in process `syz.3.2697'.
[  717.013526][T15569] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2700'.
[  717.029661][T15569] netlink: 164 bytes leftover after parsing attributes in process `syz.4.2700'.
[  717.039456][T15569] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2700'.
[  717.040390][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.090895][T15571] syzkaller0: entered promiscuous mode
[  717.096483][T15571] syzkaller0: entered allmulticast mode
[  717.167338][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.181961][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.194944][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.219136][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.244039][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.251828][T10845] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  717.269674][T15552] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  717.294775][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.324196][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.341206][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.361802][   T24] kye 0003:0458:0153.0012: unknown main item tag 0x0
[  717.406291][T10845] usb 3-1: Using ep0 maxpacket: 8
[  717.417795][T10845] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 16
[  717.442040][T10845] usb 3-1: New USB device found, idVendor=048d, idProduct=ce50, bcdDevice= 0.00
[  717.452553][   T24] kye 0003:0458:0153.0012: unexpected long global item
[  717.462068][   T24] kye 0003:0458:0153.0012: parse failed
[  717.469089][T10845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  717.481799][   T24] kye 0003:0458:0153.0012: probe with driver kye failed with error -22
[  717.502664][T10845] usb 3-1: config 0 descriptor??
[  717.976319][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  717.977716][T10845] asus 0003:048D:CE50.0013: item fetching failed at offset 2/5
[  718.028176][T10845] asus 0003:048D:CE50.0013: Asus hid parse failed: -22
[  718.051893][T10845] asus 0003:048D:CE50.0013: probe with driver asus failed with error -22
[  718.267530][T10845] usb 3-1: USB disconnect, device number 65
[  718.305377][ T5893] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  719.026296][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  719.026633][   T24] usb 2-1: USB disconnect, device number 59
[  720.052532][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  720.093005][T15618] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2714'.
[  720.160257][T15618] netem: change failed
[  721.090245][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.348663][T15626] syzkaller0: entered promiscuous mode
[  721.354201][T15626] syzkaller0: entered allmulticast mode
[  721.364177][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.947225][T15636] ptrace attach of "./syz-executor exec"[5853] was attempted by "./syz-executor exec"[15636]
[  722.328130][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  722.871376][T15644] binder: 15643:15644 ioctl c400941d 80000540 returned -22
[  723.086682][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  723.116418][   T24] usb 3-1: new full-speed USB device number 66 using dummy_hcd
[  723.268541][   T24] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  723.279542][   T24] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  723.290158][T15658] FAULT_INJECTION: forcing a failure.
[  723.290158][T15658] name failslab, interval 1, probability 0, space 0, times 0
[  723.302987][   T24] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  723.314177][T15658] CPU: 1 UID: 0 PID: 15658 Comm: syz.0.2725 Not tainted syzkaller #0 PREEMPT(full) 
[  723.314202][T15658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  723.314214][T15658] Call Trace:
[  723.314222][T15658]  <TASK>
[  723.314230][T15658]  dump_stack_lvl+0x189/0x250
[  723.314256][T15658]  ? __pfx____ratelimit+0x10/0x10
[  723.314274][T15658]  ? __pfx_dump_stack_lvl+0x10/0x10
[  723.314294][T15658]  ? __pfx__printk+0x10/0x10
[  723.314322][T15658]  ? __pfx___might_resched+0x10/0x10
[  723.314345][T15658]  should_fail_ex+0x414/0x560
[  723.314375][T15658]  should_failslab+0xa8/0x100
[  723.314402][T15658]  kmem_cache_alloc_node_noprof+0x77/0x710
[  723.314424][T15658]  ? __alloc_skb+0x112/0x2d0
[  723.314450][T15658]  __alloc_skb+0x112/0x2d0
[  723.314473][T15658]  netlink_ack+0x146/0xa50
[  723.314491][T15658]  ? __pfx_genl_rcv_msg+0x10/0x10
[  723.314519][T15658]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  723.314537][T15658]  ? __pfx_nl80211_post_doit+0x10/0x10
[  723.314556][T15658]  ? __asan_memcpy+0x40/0x70
[  723.314575][T15658]  ? __pfx_ref_tracker_free+0x10/0x10
[  723.314600][T15658]  netlink_rcv_skb+0x28c/0x470
[  723.314617][T15658]  ? __lock_acquire+0xab9/0xd20
[  723.314635][T15658]  ? __pfx_genl_rcv_msg+0x10/0x10
[  723.314660][T15658]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  723.314699][T15658]  ? down_read+0x1ad/0x2e0
[  723.314722][T15658]  genl_rcv+0x28/0x40
[  723.314742][T15658]  netlink_unicast+0x82c/0x9e0
[  723.314765][T15658]  ? __pfx_netlink_unicast+0x10/0x10
[  723.314783][T15658]  ? netlink_sendmsg+0x642/0xb30
[  723.314800][T15658]  ? skb_put+0x11b/0x210
[  723.314821][T15658]  netlink_sendmsg+0x805/0xb30
[  723.314849][T15658]  ? __pfx_netlink_sendmsg+0x10/0x10
[  723.314872][T15658]  ? __import_iovec+0x5d4/0x7f0
[  723.314891][T15658]  ? aa_sock_msg_perm+0xf1/0x1d0
[  723.314909][T15658]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  723.314925][T15658]  ? __pfx_netlink_sendmsg+0x10/0x10
[  723.314947][T15658]  __sock_sendmsg+0x219/0x270
[  723.314967][T15658]  ____sys_sendmsg+0x505/0x830
[  723.314994][T15658]  ? __pfx_____sys_sendmsg+0x10/0x10
[  723.315038][T15658]  ___sys_sendmsg+0x21f/0x2a0
[  723.315063][T15658]  ? __pfx____sys_sendmsg+0x10/0x10
[  723.315121][T15658]  ? __fget_files+0x2a/0x420
[  723.315144][T15658]  ? __fget_files+0x3a0/0x420
[  723.315177][T15658]  __sys_sendmsg+0x164/0x220
[  723.315202][T15658]  ? __pfx___sys_sendmsg+0x10/0x10
[  723.315240][T15658]  ? lockdep_hardirqs_on+0x9c/0x150
[  723.315265][T15658]  __do_fast_syscall_32+0xb6/0x2b0
[  723.315286][T15658]  ? lockdep_hardirqs_on+0x9c/0x150
[  723.315307][T15658]  do_fast_syscall_32+0x34/0x80
[  723.315327][T15658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  723.315347][T15658] RIP: 0023:0xf7fd2539
[  723.315362][T15658] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  723.315377][T15658] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  723.315397][T15658] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  723.315410][T15658] RDX: 0000000004040010 RSI: 0000000000000000 RDI: 0000000000000000
[  723.315421][T15658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  723.315431][T15658] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  723.315441][T15658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  723.315468][T15658]  </TASK>
[  723.315689][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  723.416508][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  723.641958][T15660] fuse: Bad value for 'user_id'
[  723.654429][ T5914] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  723.710182][T15660] fuse: Bad value for 'user_id'
[  723.846419][ T5914] usb 2-1: Using ep0 maxpacket: 32
[  723.858231][ T5914] usb 2-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b2.bf
[  723.870058][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.878216][ T5914] usb 2-1: Product: syz
[  723.885771][ T5914] usb 2-1: SerialNumber: syz
[  723.914112][ T5914] usb 2-1: config 0 descriptor??
[  724.181786][ T5922] usb 2-1: USB disconnect, device number 60
[  724.321510][T15659] delete_channel: no stack
[  724.366498][  T978] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  724.446518][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  724.792205][T15684] ptrace attach of "./syz-executor exec"[5854] was attempted by "./syz-executor exec"[15684]
[  725.514249][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  725.903146][  T978] usb 3-1: USB disconnect, device number 66
[  726.531832][T15709] IPv6: NLM_F_CREATE should be specified when creating new route
[  726.539878][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  726.887744][T15717] fuse: Bad value for 'user_id'
[  726.893361][T15717] fuse: Bad value for 'user_id'
[  727.408561][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  727.566665][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  727.680939][T15716] delete_channel: no stack
[  728.607404][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  729.367919][T15750] FAULT_INJECTION: forcing a failure.
[  729.367919][T15750] name failslab, interval 1, probability 0, space 0, times 0
[  729.380988][T15750] CPU: 1 UID: 0 PID: 15750 Comm: syz.4.2754 Not tainted syzkaller #0 PREEMPT(full) 
[  729.381004][T15750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  729.381010][T15750] Call Trace:
[  729.381016][T15750]  <TASK>
[  729.381021][T15750]  dump_stack_lvl+0x189/0x250
[  729.381038][T15750]  ? __pfx____ratelimit+0x10/0x10
[  729.381050][T15750]  ? __pfx_dump_stack_lvl+0x10/0x10
[  729.381062][T15750]  ? __pfx__printk+0x10/0x10
[  729.381079][T15750]  ? __pfx___might_resched+0x10/0x10
[  729.381094][T15750]  should_fail_ex+0x414/0x560
[  729.381113][T15750]  should_failslab+0xa8/0x100
[  729.381130][T15750]  __kmalloc_noprof+0xcb/0x7f0
[  729.381144][T15750]  ? skcipher_next_slow+0xee/0x230
[  729.381156][T15750]  ? skcipher_walk_next+0x7b3/0xbe0
[  729.381170][T15750]  skcipher_next_slow+0xee/0x230
[  729.381184][T15750]  ecb_encrypt+0x233/0x2b0
[  729.381201][T15750]  ? __pfx_ecb_encrypt+0x10/0x10
[  729.381226][T15750]  skcipher_recvmsg+0xb48/0x11d0
[  729.381252][T15750]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  729.381268][T15750]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  729.381276][T15750]  ? security_socket_recvmsg+0x7e/0x2e0
[  729.381288][T15750]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  729.381302][T15750]  sock_recvmsg+0x229/0x270
[  729.381315][T15750]  ____sys_recvmsg+0x1c9/0x460
[  729.381333][T15750]  ? __pfx_____sys_recvmsg+0x10/0x10
[  729.381345][T15750]  ? get_compat_msghdr+0x37e/0x4a0
[  729.381364][T15750]  ? get_pid_task+0x20/0x1f0
[  729.381382][T15750]  ___sys_recvmsg+0x1b5/0x510
[  729.381398][T15750]  ? __pfx____sys_recvmsg+0x10/0x10
[  729.381425][T15750]  ? __fget_files+0x3a0/0x420
[  729.381446][T15750]  __sys_recvmsg+0x161/0x220
[  729.381461][T15750]  ? __pfx___sys_recvmsg+0x10/0x10
[  729.381482][T15750]  ? lockdep_hardirqs_on+0x9c/0x150
[  729.381495][T15750]  __do_fast_syscall_32+0xb6/0x2b0
[  729.381507][T15750]  ? lockdep_hardirqs_on+0x9c/0x150
[  729.381519][T15750]  do_fast_syscall_32+0x34/0x80
[  729.381530][T15750]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  729.381542][T15750] RIP: 0023:0xf7fd8539
[  729.381553][T15750] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  729.381561][T15750] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000174
[  729.381573][T15750] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800005c0
[  729.381580][T15750] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  729.381585][T15750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  729.381591][T15750] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  729.381597][T15750] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  729.381611][T15750]  </TASK>
[  729.658740][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  730.043297][T15765] FAULT_INJECTION: forcing a failure.
[  730.043297][T15765] name failslab, interval 1, probability 0, space 0, times 0
[  730.058933][T15765] CPU: 1 UID: 0 PID: 15765 Comm: syz.1.2759 Not tainted syzkaller #0 PREEMPT(full) 
[  730.058958][T15765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  730.058969][T15765] Call Trace:
[  730.058976][T15765]  <TASK>
[  730.058984][T15765]  dump_stack_lvl+0x189/0x250
[  730.059010][T15765]  ? __pfx____ratelimit+0x10/0x10
[  730.059030][T15765]  ? __pfx_dump_stack_lvl+0x10/0x10
[  730.059049][T15765]  ? __pfx__printk+0x10/0x10
[  730.059077][T15765]  ? __pfx___might_resched+0x10/0x10
[  730.059094][T15765]  ? fs_reclaim_acquire+0x7d/0x100
[  730.059121][T15765]  should_fail_ex+0x414/0x560
[  730.059149][T15765]  should_failslab+0xa8/0x100
[  730.059174][T15765]  __kmalloc_noprof+0xcb/0x7f0
[  730.059195][T15765]  ? ieee80211_assign_beacon+0xea7/0x1cd0
[  730.059229][T15765]  ieee80211_assign_beacon+0xea7/0x1cd0
[  730.059277][T15765]  ieee80211_start_ap+0x1b49/0x31b0
[  730.059317][T15765]  ? __pfx_ieee80211_start_ap+0x10/0x10
[  730.059344][T15765]  ? __pfx_nl80211_calculate_ap_params+0x10/0x10
[  730.059372][T15765]  rdev_start_ap+0xff/0x270
[  730.059394][T15765]  nl80211_start_ap+0x1e29/0x25c0
[  730.059414][T15765]  ? __pfx___mutex_lock+0x10/0x10
[  730.059455][T15765]  ? __pfx_nl80211_start_ap+0x10/0x10
[  730.059476][T15765]  ? nl80211_pre_doit+0x4f1/0x930
[  730.059502][T15765]  genl_family_rcv_msg_doit+0x215/0x300
[  730.059547][T15765]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  730.059581][T15765]  ? bpf_lsm_capable+0x9/0x20
[  730.059600][T15765]  ? security_capable+0x7e/0x2e0
[  730.059629][T15765]  genl_rcv_msg+0x60e/0x790
[  730.059661][T15765]  ? __pfx_genl_rcv_msg+0x10/0x10
[  730.059682][T15765]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  730.059698][T15765]  ? __pfx_nl80211_start_ap+0x10/0x10
[  730.059715][T15765]  ? __pfx_nl80211_post_doit+0x10/0x10
[  730.059733][T15765]  ? __asan_memcpy+0x40/0x70
[  730.059751][T15765]  ? __pfx_ref_tracker_free+0x10/0x10
[  730.059777][T15765]  netlink_rcv_skb+0x208/0x470
[  730.059793][T15765]  ? __lock_acquire+0xab9/0xd20
[  730.059811][T15765]  ? __pfx_genl_rcv_msg+0x10/0x10
[  730.059836][T15765]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  730.059880][T15765]  ? down_read+0x1ad/0x2e0
[  730.059902][T15765]  genl_rcv+0x28/0x40
[  730.059923][T15765]  netlink_unicast+0x82c/0x9e0
[  730.059950][T15765]  ? __pfx_netlink_unicast+0x10/0x10
[  730.059969][T15765]  ? netlink_sendmsg+0x642/0xb30
[  730.059987][T15765]  ? skb_put+0x11b/0x210
[  730.060011][T15765]  netlink_sendmsg+0x805/0xb30
[  730.060038][T15765]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.060059][T15765]  ? __import_iovec+0x5d4/0x7f0
[  730.060077][T15765]  ? aa_sock_msg_perm+0xf1/0x1d0
[  730.060094][T15765]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  730.060109][T15765]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.060130][T15765]  __sock_sendmsg+0x219/0x270
[  730.060152][T15765]  ____sys_sendmsg+0x505/0x830
[  730.060180][T15765]  ? __pfx_____sys_sendmsg+0x10/0x10
[  730.060219][T15765]  ___sys_sendmsg+0x21f/0x2a0
[  730.060244][T15765]  ? __pfx____sys_sendmsg+0x10/0x10
[  730.060305][T15765]  ? __fget_files+0x2a/0x420
[  730.060328][T15765]  ? __fget_files+0x3a0/0x420
[  730.060362][T15765]  __sys_sendmsg+0x164/0x220
[  730.060386][T15765]  ? __pfx___sys_sendmsg+0x10/0x10
[  730.060420][T15765]  ? lockdep_hardirqs_on+0x9c/0x150
[  730.060441][T15765]  __do_fast_syscall_32+0xb6/0x2b0
[  730.060458][T15765]  ? lockdep_hardirqs_on+0x9c/0x150
[  730.060479][T15765]  do_fast_syscall_32+0x34/0x80
[  730.060499][T15765]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  730.060520][T15765] RIP: 0023:0xf7fc2539
[  730.060535][T15765] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  730.060558][T15765] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  730.060577][T15765] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  730.060590][T15765] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  730.060600][T15765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  730.060611][T15765] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  730.060621][T15765] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  730.060650][T15765]  </TASK>
[  730.481482][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  730.623807][T15771] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2761'.
[  730.686830][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  731.235695][T15782] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2764'.
[  731.727040][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  731.816398][   T24] usb 3-1: new full-speed USB device number 67 using dummy_hcd
[  731.946369][   T24] usb 3-1: device descriptor read/64, error -71
[  732.190857][T15799] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2770'.
[  732.199965][   T24] usb 3-1: new full-speed USB device number 68 using dummy_hcd
[  732.346317][   T24] usb 3-1: device descriptor read/64, error -71
[  732.457171][   T24] usb usb3-port1: attempt power cycle
[  732.690171][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  732.776708][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  732.816335][   T24] usb 3-1: new full-speed USB device number 69 using dummy_hcd
[  732.917604][T15815] syzkaller0: entered promiscuous mode
[  732.934752][T15815] syzkaller0: entered allmulticast mode
[  733.040402][   T24] usb 3-1: device descriptor read/8, error -71
[  733.266633][ T5914] usb 2-1: new full-speed USB device number 61 using dummy_hcd
[  733.344704][   T24] usb 3-1: new full-speed USB device number 70 using dummy_hcd
[  733.399482][   T24] usb 3-1: device descriptor read/8, error -71
[  733.485667][ T5914] usb 2-1: config 0 has an invalid interface number: 200 but max is 0
[  733.496025][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  733.504685][ T5914] usb 2-1: config 0 has no interface number 0
[  733.521218][ T5914] usb 2-1: config 0 interface 200 altsetting 2 endpoint 0x4 has invalid maxpacket 41352, setting to 64
[  733.542715][ T5914] usb 2-1: config 0 interface 200 has no altsetting 0
[  733.594084][   T24] usb usb3-port1: unable to enumerate USB device
[  733.608999][ T5914] usb 2-1: New USB device found, idVendor=0b57, idProduct=852a, bcdDevice=6d.39
[  733.630918][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.639058][ T5914] usb 2-1: Product: syz
[  733.646500][ T5914] usb 2-1: Manufacturer: syz
[  733.666407][ T5914] usb 2-1: SerialNumber: syz
[  733.716861][ T5914] usb 2-1: config 0 descriptor??
[  733.763006][T15789] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  733.816939][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  734.004012][ T5914] input: Hanwang Art Master III 1308 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.200/input/input47
[  734.036168][ T5914] usb 2-1: USB disconnect, device number 61
[  734.651182][T15820] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  734.660697][T15820] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  734.669150][T15820] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  734.687894][T15820] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  734.694708][T15820] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  734.702100][T15820] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  734.710812][T15820] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  734.717352][T15820] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  734.796340][T15836] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  734.847403][   T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  734.856737][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  734.865757][ T5914] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  734.966591][   T24] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[  735.128313][   T24] usb 1-1: config 1 has an invalid interface number: 7 but max is 0
[  735.143553][   T24] usb 1-1: config 1 has no interface number 0
[  735.176901][T15851] syzkaller0: entered promiscuous mode
[  735.182460][T15851] syzkaller0: entered allmulticast mode
[  735.314195][   T24] usb 1-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  735.325812][   T24] usb 1-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  735.335762][   T24] usb 1-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10
[  735.337887][ T5914] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  735.433228][   T24] usb 1-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  735.443196][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.452524][   T24] usb 1-1: Product: syz
[  735.457372][   T24] usb 1-1: Manufacturer: syz
[  735.462137][   T24] usb 1-1: SerialNumber: syz
[  735.472876][T15828] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  735.536403][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  735.544945][ T5914] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  735.563939][ T5914] usb 3-1: can't read configurations, error -22
[  735.712159][T15828] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  735.727739][ T5914] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  735.930899][ T5842] Bluetooth: hci0: command 0x0406 tx timeout
[  735.931143][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  735.967081][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  735.975803][ T5914] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  735.987413][ T5914] usb 3-1: can't read configurations, error -22
[  736.013153][ T5914] usb usb3-port1: attempt power cycle
[  736.140761][   T24] sierra_net 1-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:02:07
[  736.466351][ T5914] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  736.486991][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  736.495184][ T5914] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  736.503635][ T5914] usb 3-1: can't read configurations, error -22
[  736.527146][ T1099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  736.666448][ T5914] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  736.695501][ T5842] Bluetooth: hci2: command 0x0406 tx timeout
[  736.766515][ T5842] Bluetooth: hci1: command 0x0406 tx timeout
[  736.772634][ T5842] Bluetooth: hci4: command 0x0406 tx timeout
[  736.778872][T12680] Bluetooth: hci3: command 0x0406 tx timeout
[  736.787110][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  736.826088][ T5914] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[  736.857935][ T5914] usb 3-1: can't read configurations, error -22
[  736.874381][    T9] usb 1-1: USB disconnect, device number 93
[  736.883155][    T9] sierra_net 1-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem
[  736.908987][ T5914] usb usb3-port1: unable to enumerate USB device
[  737.061299][ T5922] net_ratelimit: 2 callbacks suppressed
[  737.061313][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  737.237698][    T9] sierra_net 1-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19
[  738.127933][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  738.354589][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  738.354606][   T30] audit: type=1326 audit(1759560411.214:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  738.434265][T15905] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2796'.
[  738.519083][T15907] netlink: 173 bytes leftover after parsing attributes in process `syz.2.2796'.
[  738.551347][   T30] audit: type=1326 audit(1759560411.214:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  738.605429][T15886] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2791'.
[  738.645259][T15886] netem: change failed
[  738.826994][ T5842] Bluetooth: hci2: command 0x0406 tx timeout
[  738.846375][ T5842] Bluetooth: hci4: command 0x0406 tx timeout
[  738.852427][ T5842] Bluetooth: hci1: command 0x0406 tx timeout
[  738.898062][ T5922] usb 3-1: new full-speed USB device number 75 using dummy_hcd
[  738.926264][   T30] audit: type=1326 audit(1759560411.214:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  738.956405][   T30] audit: type=1326 audit(1759560411.214:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  738.979154][   T30] audit: type=1326 audit(1759560411.214:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  739.052645][   T30] audit: type=1326 audit(1759560411.214:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  739.085445][   T30] audit: type=1326 audit(1759560411.224:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  739.173239][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  739.256691][ T5922] usb 3-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  739.283258][ T5922] usb 3-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3
[  739.333279][ T5922] usb 3-1: Product: syz
[  739.343446][ T5922] usb 3-1: Manufacturer: syz
[  739.354507][   T30] audit: type=1326 audit(1759560411.224:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  739.378125][ T5922] usb 3-1: SerialNumber: syz
[  739.425933][ T5922] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  739.475500][   T30] audit: type=1326 audit(1759560411.224:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  739.548849][   T30] audit: type=1326 audit(1759560411.224:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15897 comm="syz.0.2794" exe="/root/syz-executor" sig=0 arch=40000003 syscall=330 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  739.566512][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  739.864454][ T5922] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  739.886763][ T5922] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  740.068111][ T5922] usb 3-1: USB disconnect, device number 75
[  740.206722][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.551827][T10407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.561895][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.575418][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.972798][T15946] FAULT_INJECTION: forcing a failure.
[  740.972798][T15946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  741.107959][T15946] CPU: 0 UID: 0 PID: 15946 Comm: syz.1.2802 Not tainted syzkaller #0 PREEMPT(full) 
[  741.107983][T15946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  741.107993][T15946] Call Trace:
[  741.108000][T15946]  <TASK>
[  741.108008][T15946]  dump_stack_lvl+0x189/0x250
[  741.108033][T15946]  ? __pfx____ratelimit+0x10/0x10
[  741.108054][T15946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  741.108073][T15946]  ? __pfx__printk+0x10/0x10
[  741.108094][T15946]  ? __might_fault+0xb0/0x130
[  741.108126][T15946]  should_fail_ex+0x414/0x560
[  741.108153][T15946]  _copy_from_iter+0x1de/0x1790
[  741.108176][T15946]  ? rcu_is_watching+0x15/0xb0
[  741.108196][T15946]  ? kmalloc_reserve+0xbd/0x290
[  741.108215][T15946]  ? __pfx__copy_from_iter+0x10/0x10
[  741.108236][T15946]  ? __build_skb_around+0x262/0x3f0
[  741.108259][T15946]  ? netlink_sendmsg+0x642/0xb30
[  741.108277][T15946]  ? skb_put+0x11b/0x210
[  741.108299][T15946]  netlink_sendmsg+0x6b2/0xb30
[  741.108325][T15946]  ? __pfx_netlink_sendmsg+0x10/0x10
[  741.108347][T15946]  ? __import_iovec+0x5d4/0x7f0
[  741.108363][T15946]  ? aa_sock_msg_perm+0xf1/0x1d0
[  741.108381][T15946]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  741.108396][T15946]  ? __pfx_netlink_sendmsg+0x10/0x10
[  741.108416][T15946]  __sock_sendmsg+0x219/0x270
[  741.108435][T15946]  ____sys_sendmsg+0x505/0x830
[  741.108462][T15946]  ? __pfx_____sys_sendmsg+0x10/0x10
[  741.108498][T15946]  ___sys_sendmsg+0x21f/0x2a0
[  741.108528][T15946]  ? __pfx____sys_sendmsg+0x10/0x10
[  741.108615][T15946]  ? __fget_files+0x2a/0x420
[  741.108642][T15946]  ? __fget_files+0x3a0/0x420
[  741.108674][T15946]  __sys_sendmsg+0x164/0x220
[  741.108698][T15946]  ? __pfx___sys_sendmsg+0x10/0x10
[  741.108735][T15946]  ? lockdep_hardirqs_on+0x9c/0x150
[  741.108756][T15946]  __do_fast_syscall_32+0xb6/0x2b0
[  741.108776][T15946]  ? lockdep_hardirqs_on+0x9c/0x150
[  741.108797][T15946]  do_fast_syscall_32+0x34/0x80
[  741.108816][T15946]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  741.108836][T15946] RIP: 0023:0xf7fc2539
[  741.108850][T15946] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  741.108865][T15946] RSP: 002b:00000000f54b655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  741.108883][T15946] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  741.108895][T15946] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  741.108905][T15946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  741.108915][T15946] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  741.108926][T15946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  741.108951][T15946]  </TASK>
[  741.646536][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  741.669857][T15954] fuse: Bad value for 'fd'
[  742.287540][ T1099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  742.296919][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  742.486171][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  742.608323][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  742.686467][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  742.733445][T15953] delete_channel: no stack
[  743.416164][T15983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.425073][T15983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.443915][T15983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.447027][    T9] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  743.462015][T15983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.470678][T15983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.616284][    T9] usb 3-1: Using ep0 maxpacket: 16
[  743.627888][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  743.638253][    T9] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 254, using maximum allowed: 30
[  743.649259][    T9] usb 3-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  743.686539][ T5922] usb 2-1: new full-speed USB device number 62 using dummy_hcd
[  743.766979][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  743.839821][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  743.865173][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.893446][    T9] usb 3-1: Product: syz
[  743.903575][    T9] usb 3-1: Manufacturer: syz
[  743.908460][    T9] usb 3-1: SerialNumber: syz
[  743.921354][    T9] usb 3-1: bad CDC descriptors
[  744.045385][ T5922] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  744.055376][ T5922] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  744.068314][ T5922] usb 2-1: config 0 has no interface number 0
[  744.080633][ T5922] usb 2-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[  744.090704][ T5922] usb 2-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  744.101255][T15995] PKCS7: Unknown OID: [5] (bad)
[  744.118410][ T5922] usb 2-1: Product: syz
[  744.122860][T15995] PKCS7: Only support pkcs7_signedData type
[  744.225371][ T5922] usb 2-1: Manufacturer: syz
[  744.245886][    T9] usb 3-1: USB disconnect, device number 76
[  744.254540][ T5922] usb 2-1: SerialNumber: syz
[  744.268248][ T5922] usb 2-1: config 0 descriptor??
[  744.278368][ T5922] uvcvideo 2-1:0.105: Found UVC 0.00 device syz (046c:14e8)
[  744.288015][ T5922] uvcvideo 2-1:0.105: Entity type for entity Output 1 was not initialized!
[  744.303943][ T5922] uvcvideo 2-1:0.105: Failed to create links for entity 1
[  744.311605][ T5922] uvcvideo 2-1:0.105: Failed to register entities (-22).
[  744.612990][T15996] netlink: 'syz.1.2811': attribute type 13 has an invalid length.
[  744.672632][T15997] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  744.735875][T15997] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  744.834197][   T24] usb 2-1: USB disconnect, device number 62
[  745.092511][T16001] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2815'.
[  745.102031][T16001] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2815'.
[  745.113464][T16001] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2815'.
[  745.136027][T16001] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2815'.
[  745.206995][T10845] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  745.212405][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  745.212424][   T30] audit: type=1804 audit(1759560418.184:370): pid=16001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2815" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=62777 res=1 errno=0
[  745.416453][T10845] usb 3-1: Using ep0 maxpacket: 16
[  745.424188][T10845] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  745.436446][T10845] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  745.447838][T10845] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  745.457890][T10845] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  745.546382][T10845] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  745.560600][T10845] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  745.604602][T10845] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  745.618537][T10845] usb 3-1: Manufacturer: syz
[  745.627477][T16013] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2817'.
[  745.712655][T10845] usb 3-1: config 0 descriptor??
[  747.409196][T10407] net_ratelimit: 11 callbacks suppressed
[  747.409215][T10407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  747.423822][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  747.448027][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  747.465935][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  747.472583][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  747.542206][ T5922] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  747.776342][ T5922] usb 2-1: Using ep0 maxpacket: 16
[  747.784118][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  747.795905][ T5922] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  747.817537][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.855783][ T5922] usb 2-1: config 0 descriptor??
[  748.212368][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  748.283858][ T5922] hid_parser_main: 184 callbacks suppressed
[  748.283874][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  748.545598][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  748.623529][T10845] rc_core: IR keymap rc-hauppauge not found
[  748.624016][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  748.646957][T10845] Registered IR keymap rc-empty
[  748.667845][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  748.686744][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  748.776924][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  748.783715][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  748.802169][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  748.851526][   T30] audit: type=1326 audit(1759560421.804:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16036 comm="syz.4.2823" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8539 code=0x7ffc0000
[  748.896987][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  748.898796][T10845] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  748.966322][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  748.966350][   T30] audit: type=1326 audit(1759560421.804:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16036 comm="syz.4.2823" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8539 code=0x7ffc0000
[  748.997840][T10845] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input48
[  749.045509][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  749.046142][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.130161][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  749.186837][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.198647][ T5922] sony 0003:054C:0268.0014: unknown main item tag 0x0
[  749.228650][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.240694][ T5922] sony 0003:054C:0268.0014: hiddev0,hidraw0: USB HID v80.09 Device [HID 054c:0268] on usb-dummy_hcd.1-1/input0
[  749.252997][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  749.266441][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.306305][ T5922] sony 0003:054C:0268.0014: failed to claim input
[  749.306405][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.410848][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.415935][ T5922] usb 2-1: USB disconnect, device number 63
[  749.447754][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.474048][T16058] fido_id[16058]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  749.489204][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.519599][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.573972][T10845] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  749.598474][T10845] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  749.625968][T10845] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  749.661803][T10845] usb 3-1: USB disconnect, device number 77
[  749.886705][ T5922] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  749.989590][T16070] netlink: 'syz.4.2831': attribute type 3 has an invalid length.
[  750.109641][ T5922] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  750.121098][ T5922] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  750.274409][ T5922] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  750.288437][T16082] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2830'.
[  750.297519][T16082] openvswitch: netlink: ufid size 200 bytes exceeds the range (1, 16)
[  750.305729][T16082] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  750.389577][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  750.416696][T16065] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  750.485146][ T5922] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  750.650928][T16065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  750.663115][T16065] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  751.051274][T10845] usb 2-1: USB disconnect, device number 64
[  751.726600][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  751.755211][T10845] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  751.764254][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  752.060290][T10845] usb 3-1: config 0 has no interfaces?
[  752.068631][T10845] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  752.079275][T10845] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  752.106563][T10845] usb 3-1: Product: syz
[  752.110774][T10845] usb 3-1: Manufacturer: syz
[  752.116008][T10845] usb 3-1: SerialNumber: syz
[  752.134728][T10845] usb 3-1: config 0 descriptor??
[  752.352408][T16093] netlink: 'syz.2.2835': attribute type 16 has an invalid length.
[  752.360522][T16093] netlink: 'syz.2.2835': attribute type 17 has an invalid length.
[  752.379490][ T5922] usb 3-1: USB disconnect, device number 78
[  752.536703][   T49] net_ratelimit: 2 callbacks suppressed
[  752.536726][   T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  752.551158][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  752.560034][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  752.780462][   T30] audit: type=1326 audit(1759560425.714:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  752.805409][   T30] audit: type=1326 audit(1759560425.714:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  752.833707][   T30] audit: type=1326 audit(1759560425.714:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  752.924202][   T30] audit: type=1326 audit(1759560425.714:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  752.953088][   T30] audit: type=1326 audit(1759560425.714:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  752.975586][   T30] audit: type=1326 audit(1759560425.714:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  752.997617][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.004427][   T30] audit: type=1326 audit(1759560425.714:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  753.028921][   T30] audit: type=1326 audit(1759560425.714:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  753.050961][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.229827][   T30] audit: type=1326 audit(1759560425.714:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  753.251824][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.274575][   T30] audit: type=1326 audit(1759560425.714:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16102 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=40000003 syscall=330 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  753.298057][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.347825][T16110] ptrace attach of "./syz-executor exec"[5844] was attempted by "./syz-executor exec"[16110]
[  753.890606][T16118] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2840'.
[  753.900515][T16118] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2840'.
[  754.935072][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  755.119013][T16124] netlink: 'syz.1.2841': attribute type 13 has an invalid length.
[  755.567715][T16124] netlink: 'syz.1.2841': attribute type 17 has an invalid length.
[  756.034399][T16152] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2846'.
[  756.043789][T16152] openvswitch: netlink: ufid size 200 bytes exceeds the range (1, 16)
[  756.053283][T16152] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  756.373822][T16124] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  756.390944][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  756.443056][T16155] FAULT_INJECTION: forcing a failure.
[  756.443056][T16155] name failslab, interval 1, probability 0, space 0, times 0
[  756.466025][T16155] CPU: 0 UID: 0 PID: 16155 Comm: syz.4.2847 Not tainted syzkaller #0 PREEMPT(full) 
[  756.466041][T16155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  756.466048][T16155] Call Trace:
[  756.466053][T16155]  <TASK>
[  756.466058][T16155]  dump_stack_lvl+0x189/0x250
[  756.466074][T16155]  ? __pfx____ratelimit+0x10/0x10
[  756.466086][T16155]  ? __pfx_dump_stack_lvl+0x10/0x10
[  756.466098][T16155]  ? __pfx__printk+0x10/0x10
[  756.466115][T16155]  ? __pfx___might_resched+0x10/0x10
[  756.466126][T16155]  ? fs_reclaim_acquire+0x7d/0x100
[  756.466145][T16155]  should_fail_ex+0x414/0x560
[  756.466163][T16155]  should_failslab+0xa8/0x100
[  756.466180][T16155]  kmem_cache_alloc_node_noprof+0x77/0x710
[  756.466201][T16155]  ? __kasan_slab_alloc+0x6c/0x80
[  756.466219][T16155]  ? __alloc_skb+0x112/0x2d0
[  756.466234][T16155]  ? __alloc_skb+0x142/0x2d0
[  756.466248][T16155]  ? tipc_nl_compat_dumpit+0x34d/0x7b0
[  756.466264][T16155]  ? tipc_nl_compat_recv+0x802/0xbe0
[  756.466281][T16155]  __alloc_skb+0x112/0x2d0
[  756.466295][T16155]  __tipc_nl_compat_dumpit+0x155/0xb70
[  756.466316][T16155]  ? __pfx___tipc_nl_compat_dumpit+0x10/0x10
[  756.466336][T16155]  ? rcu_is_watching+0x15/0xb0
[  756.466358][T16155]  ? __asan_memset+0x22/0x50
[  756.466370][T16155]  ? __nlmsg_put+0xef/0x1b0
[  756.466383][T16155]  tipc_nl_compat_dumpit+0x566/0x7b0
[  756.466398][T16155]  tipc_nl_compat_recv+0x802/0xbe0
[  756.466411][T16155]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  756.466420][T16155]  ? __mutex_trylock_common+0x153/0x260
[  756.466432][T16155]  ? __pfx_tipc_nl_bearer_dump+0x10/0x10
[  756.466445][T16155]  ? __pfx_tipc_nl_compat_bearer_dump+0x10/0x10
[  756.466456][T16155]  ? __pfx___mutex_trylock_common+0x10/0x10
[  756.466474][T16155]  ? __local_bh_enable_ip+0x12d/0x1c0
[  756.466494][T16155]  ? trace_contention_end+0x39/0x120
[  756.466511][T16155]  genl_family_rcv_msg_doit+0x215/0x300
[  756.466530][T16155]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  756.466558][T16155]  genl_rcv_msg+0x60e/0x790
[  756.466575][T16155]  ? __pfx_genl_rcv_msg+0x10/0x10
[  756.466589][T16155]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  756.466601][T16155]  ? __asan_memcpy+0x40/0x70
[  756.466612][T16155]  ? __pfx_ref_tracker_free+0x10/0x10
[  756.466627][T16155]  netlink_rcv_skb+0x208/0x470
[  756.466637][T16155]  ? __lock_acquire+0xab9/0xd20
[  756.466647][T16155]  ? __pfx_genl_rcv_msg+0x10/0x10
[  756.466662][T16155]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  756.466689][T16155]  ? down_read+0x1ad/0x2e0
[  756.466703][T16155]  genl_rcv+0x28/0x40
[  756.466716][T16155]  netlink_unicast+0x82c/0x9e0
[  756.466731][T16155]  ? __pfx_netlink_unicast+0x10/0x10
[  756.466742][T16155]  ? netlink_sendmsg+0x642/0xb30
[  756.466753][T16155]  ? skb_put+0x11b/0x210
[  756.466767][T16155]  netlink_sendmsg+0x805/0xb30
[  756.466783][T16155]  ? __pfx_netlink_sendmsg+0x10/0x10
[  756.466796][T16155]  ? __import_iovec+0x5d4/0x7f0
[  756.466808][T16155]  ? aa_sock_msg_perm+0xf1/0x1d0
[  756.466818][T16155]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  756.466827][T16155]  ? __pfx_netlink_sendmsg+0x10/0x10
[  756.466839][T16155]  __sock_sendmsg+0x219/0x270
[  756.466851][T16155]  ____sys_sendmsg+0x505/0x830
[  756.466867][T16155]  ? __pfx_____sys_sendmsg+0x10/0x10
[  756.466889][T16155]  ___sys_sendmsg+0x21f/0x2a0
[  756.466903][T16155]  ? __pfx____sys_sendmsg+0x10/0x10
[  756.466939][T16155]  ? __fget_files+0x2a/0x420
[  756.466954][T16155]  ? __fget_files+0x3a0/0x420
[  756.466973][T16155]  __sys_sendmsg+0x164/0x220
[  756.466987][T16155]  ? __pfx___sys_sendmsg+0x10/0x10
[  756.467009][T16155]  ? lockdep_hardirqs_on+0x9c/0x150
[  756.467022][T16155]  __do_fast_syscall_32+0xb6/0x2b0
[  756.467034][T16155]  ? lockdep_hardirqs_on+0x9c/0x150
[  756.467047][T16155]  do_fast_syscall_32+0x34/0x80
[  756.467058][T16155]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  756.467070][T16155] RIP: 0023:0xf7fd8539
[  756.467079][T16155] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  756.467088][T16155] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  756.467100][T16155] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  756.467107][T16155] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  756.467113][T16155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  756.467118][T16155] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  756.467124][T16155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  756.467138][T16155]  </TASK>
[  756.900465][    C0] vkms_vblank_simulate: vblank timer overrun
[  757.006792][   T59] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  757.015371][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  757.419382][T16165] binder_alloc: 16159: binder_alloc_buf, no vma
[  757.606342][T10845] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  758.268970][T10845] usb 3-1: config 0 has an invalid interface number: 182 but max is 1
[  758.278350][T10845] usb 3-1: config 0 has an invalid interface number: 9 but max is 1
[  758.311999][T10845] usb 3-1: config 0 has no interface number 0
[  758.341731][T10845] usb 3-1: config 0 has no interface number 1
[  758.348737][T10845] usb 3-1: too many endpoints for config 0 interface 9 altsetting 255: 255, using maximum allowed: 30
[  758.363527][T10845] usb 3-1: config 0 interface 9 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  758.512171][T10845] usb 3-1: config 0 interface 9 has no altsetting 0
[  758.531772][T10845] usb 3-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=9c.af
[  758.550692][T10845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  758.594900][T10845] usb 3-1: config 0 descriptor??
[  758.704502][T10845] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  758.715994][T10845] snd-usb-audio 3-1:0.182: probe with driver snd-usb-audio failed with error -2
[  758.778560][T10845] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  758.844908][T16162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  758.872354][T16162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  758.969946][T10845] snd-usb-audio 3-1:0.9: probe with driver snd-usb-audio failed with error -2
[  759.012668][T10845] usb 3-1: USB disconnect, device number 79
[  759.033955][T16183] ptrace attach of "./syz-executor exec"[5854] was attempted by "./syz-executor exec"[16183]
[  759.425729][T16191] netlink: 'syz.1.2856': attribute type 21 has an invalid length.
[  759.425811][T16191] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2856'.
[  759.486584][    C1] net_ratelimit: 1 callbacks suppressed
[  759.486604][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.486874][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.487079][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.487265][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.487446][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.487637][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.487832][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.488026][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.488210][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.488410][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.677728][T16196] FAULT_INJECTION: forcing a failure.
[  759.677728][T16196] name failslab, interval 1, probability 0, space 0, times 0
[  759.677763][T16196] CPU: 1 UID: 0 PID: 16196 Comm: syz.2.2858 Not tainted syzkaller #0 PREEMPT(full) 
[  759.677784][T16196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  759.677796][T16196] Call Trace:
[  759.677805][T16196]  <TASK>
[  759.677813][T16196]  dump_stack_lvl+0x189/0x250
[  759.677840][T16196]  ? __pfx____ratelimit+0x10/0x10
[  759.677861][T16196]  ? __pfx_dump_stack_lvl+0x10/0x10
[  759.677882][T16196]  ? __pfx__printk+0x10/0x10
[  759.677914][T16196]  ? __pfx___might_resched+0x10/0x10
[  759.677932][T16196]  ? fs_reclaim_acquire+0x7d/0x100
[  759.677963][T16196]  should_fail_ex+0x414/0x560
[  759.677996][T16196]  should_failslab+0xa8/0x100
[  759.678025][T16196]  __kmalloc_cache_node_noprof+0x74/0x6f0
[  759.678050][T16196]  ? __get_vm_area_node+0x13f/0x300
[  759.678079][T16196]  __get_vm_area_node+0x13f/0x300
[  759.678107][T16196]  __vmalloc_node_range_noprof+0x30c/0x12d0
[  759.678131][T16196]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  759.678153][T16196]  ? kasan_save_track+0x4f/0x80
[  759.678177][T16196]  ? __kmalloc_cache_noprof+0x3d5/0x6f0
[  759.678200][T16196]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  759.678240][T16196]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  759.678276][T16196]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  759.678291][T16196]  __vmalloc_noprof+0xb1/0xf0
[  759.678315][T16196]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  759.678336][T16196]  bpf_prog_alloc_no_stats+0x4a/0x4d0
[  759.678359][T16196]  bpf_prog_alloc+0x3c/0x1a0
[  759.678381][T16196]  bpf_prog_create_from_user+0xa7/0x440
[  759.678409][T16196]  ? __pfx_seccomp_check_filter+0x10/0x10
[  759.678436][T16196]  do_seccomp+0x7b1/0xd90
[  759.678457][T16196]  ? __fget_files+0x3a0/0x420
[  759.678489][T16196]  ? __pfx_do_seccomp+0x10/0x10
[  759.678511][T16196]  ? ksys_write+0x22a/0x250
[  759.678550][T16196]  ? __secure_computing+0xe2/0x2a0
[  759.678578][T16196]  __do_fast_syscall_32+0xb6/0x2b0
[  759.678601][T16196]  ? lockdep_hardirqs_on+0x9c/0x150
[  759.678625][T16196]  do_fast_syscall_32+0x34/0x80
[  759.678646][T16196]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  759.678668][T16196] RIP: 0023:0xf7f35539
[  759.678684][T16196] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  759.678699][T16196] RSP: 002b:00000000f542655c EFLAGS: 00000206 ORIG_RAX: 0000000000000162
[  759.678720][T16196] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000000007
[  759.678733][T16196] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  759.678744][T16196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  759.678756][T16196] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  759.678766][T16196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  759.678793][T16196]  </TASK>
[  759.679235][T16196] syz.2.2858: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  759.679491][T16196] CPU: 1 UID: 0 PID: 16196 Comm: syz.2.2858 Not tainted syzkaller #0 PREEMPT(full) 
[  759.679512][T16196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  759.679531][T16196] Call Trace:
[  759.679539][T16196]  <TASK>
[  759.679548][T16196]  dump_stack_lvl+0x189/0x250
[  759.679575][T16196]  ? __pfx_dump_stack_lvl+0x10/0x10
[  759.679597][T16196]  ? __pfx__printk+0x10/0x10
[  759.679622][T16196]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  759.679647][T16196]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  759.679672][T16196]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  759.679699][T16196]  warn_alloc+0x214/0x310
[  759.679733][T16196]  ? __pfx_warn_alloc+0x10/0x10
[  759.679766][T16196]  ? __get_vm_area_node+0x2b5/0x300
[  759.679797][T16196]  __vmalloc_node_range_noprof+0x331/0x12d0
[  759.679824][T16196]  ? kasan_save_track+0x4f/0x80
[  759.679847][T16196]  ? __kmalloc_cache_noprof+0x3d5/0x6f0
[  759.679871][T16196]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  759.679912][T16196]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  759.679947][T16196]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  759.679965][T16196]  __vmalloc_noprof+0xb1/0xf0
[  759.679987][T16196]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  759.680008][T16196]  bpf_prog_alloc_no_stats+0x4a/0x4d0
[  759.680032][T16196]  bpf_prog_alloc+0x3c/0x1a0
[  759.680053][T16196]  bpf_prog_create_from_user+0xa7/0x440
[  759.680081][T16196]  ? __pfx_seccomp_check_filter+0x10/0x10
[  759.680108][T16196]  do_seccomp+0x7b1/0xd90
[  759.680129][T16196]  ? __fget_files+0x3a0/0x420
[  759.680161][T16196]  ? __pfx_do_seccomp+0x10/0x10
[  759.680184][T16196]  ? ksys_write+0x22a/0x250
[  759.680211][T16196]  ? __secure_computing+0xe2/0x2a0
[  759.680240][T16196]  __do_fast_syscall_32+0xb6/0x2b0
[  759.680262][T16196]  ? lockdep_hardirqs_on+0x9c/0x150
[  759.680285][T16196]  do_fast_syscall_32+0x34/0x80
[  759.680306][T16196]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  759.680327][T16196] RIP: 0023:0xf7f35539
[  759.680343][T16196] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  759.680358][T16196] RSP: 002b:00000000f542655c EFLAGS: 00000206 ORIG_RAX: 0000000000000162
[  759.680375][T16196] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000000007
[  759.680387][T16196] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  759.680398][T16196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  759.680408][T16196] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  759.680420][T16196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  759.680445][T16196]  </TASK>
[  759.695727][T16196] Mem-Info:
[  759.695748][T16196] active_anon:9585 inactive_anon:0 isolated_anon:0
[  759.695748][T16196]  active_file:19142 inactive_file:40153 isolated_file:0
[  759.695748][T16196]  unevictable:768 dirty:227 writeback:0
[  759.695748][T16196]  slab_reclaimable:6912 slab_unreclaimable:114616
[  759.695748][T16196]  mapped:38849 shmem:4221 pagetables:1394
[  759.695748][T16196]  sec_pagetables:0 bounce:0
[  759.695748][T16196]  kernel_misc_reclaimable:0
[  759.695748][T16196]  free:1271541 free_pcp:30426 free_cma:0
[  759.695791][T16196] Node 0 active_anon:38340kB inactive_anon:0kB active_file:76568kB inactive_file:160408kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:155396kB dirty:908kB writeback:0kB shmem:15348kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12868kB pagetables:5440kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  759.695832][T16196] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  759.695899][T16196] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  759.695950][T16196] lowmem_reserve[]: 0 2506 2506 2506 2506
[  759.695985][T16196] Node 0 DMA32 free:1178136kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:38340kB inactive_anon:0kB active_file:76568kB inactive_file:160408kB unevictable:1536kB writepending:908kB zspages:0kB present:3129332kB managed:2566220kB mlocked:0kB bounce:0kB free_pcp:102496kB local_pcp:18120kB free_cma:0kB
[  759.696037][T16196] lowmem_reserve[]: 0 0 0 0 0
[  759.696073][T16196] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  759.696125][T16196] lowmem_reserve[]: 0 0 0 0 0
[  759.696165][T16196] Node 1 Normal free:3892668kB boost:0kB min:55572kB low:69464kB high:83356kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:19204kB local_pcp:7520kB free_cma:0kB
[  759.696482][T16196] lowmem_reserve[]: 0 0 0 0 0
[  759.696534][T16196] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  759.696657][T16196] Node 0 DMA32: 9*4kB (UME) 75*8kB (E) 24*16kB (E) 194*32kB (UE) 57*64kB (UME) 35*128kB (UE) 12*256kB (UE) 7*512kB (UME) 7*1024kB (UME) 3*2048kB (UM) 279*4096kB (UME) = 1178108kB
[  759.696829][T16196] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  759.696933][T16196] Node 1 Normal: 189*4kB (UE) 57*8kB (UME) 44*16kB (UME) 88*32kB (UME) 23*64kB (UME) 7*128kB (UME) 2*256kB (M) 2*512kB (M) 3*1024kB (UME) 1*2048kB (E) 947*4096kB (UM) = 3892668kB
[  759.697110][T16196] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  759.697127][T16196] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=2 hugepages_size=2048kB
[  759.697143][T16196] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  759.697160][T16196] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  759.697181][T16196] 63512 total pagecache pages
[  759.697195][T16196] 0 pages in swap cache
[  759.697205][T16196] Free swap  = 124996kB
[  759.697213][T16196] Total swap = 124996kB
[  759.697227][T16196] 2097051 pages RAM
[  759.697235][T16196] 0 pages HighMem/MovableOnly
[  759.697244][T16196] 423790 pages reserved
[  759.697252][T16196] 0 pages cma reserved
[  761.386342][T10845] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[  761.643592][T16223] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2865'.
[  761.686317][T10845] usb 1-1: Using ep0 maxpacket: 8
[  762.316155][T10845] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  762.316173][T10845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.316538][T10845] usb 1-1: Product: syz
[  762.316554][T10845] usb 1-1: Manufacturer: syz
[  762.316569][T10845] usb 1-1: SerialNumber: syz
[  762.321917][T10845] usb 1-1: config 0 descriptor??
[  762.378574][T16228] netlink: 'syz.2.2866': attribute type 13 has an invalid length.
[  762.378642][T16228] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2866'.
[  762.546555][T10845] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  762.688150][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  762.688166][   T30] audit: type=1326 audit(1759560435.644:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  762.722320][T16238] netlink: 'syz.3.2870': attribute type 3 has an invalid length.
[  762.722420][   T30] audit: type=1326 audit(1759560435.644:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  762.754191][   T30] audit: type=1326 audit(1759560435.644:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  762.776282][    C0] vkms_vblank_simulate: vblank timer overrun
[  762.949993][   T30] audit: type=1326 audit(1759560435.644:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  763.018911][   T30] audit: type=1326 audit(1759560435.644:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  763.066798][   T30] audit: type=1326 audit(1759560435.644:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  763.111787][   T30] audit: type=1326 audit(1759560435.644:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  763.187296][T10845] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  763.216027][   T30] audit: type=1326 audit(1759560435.644:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  763.221623][T16246] dvmrp1: entered allmulticast mode
[  763.253570][   T30] audit: type=1326 audit(1759560435.644:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  763.275700][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.277099][T10845] usb 1-1: USB disconnect, device number 94
[  763.584925][   T30] audit: type=1326 audit(1759560435.644:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.1.2869" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000
[  764.103011][T16256] fuse: Invalid rootmode
[  764.460708][T16255] delete_channel: no stack
[  765.248773][T10845] net_ratelimit: 72 callbacks suppressed
[  765.248787][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.326426][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.335269][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.343552][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.351775][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.443624][T16274] FAULT_INJECTION: forcing a failure.
[  765.443624][T16274] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  765.467508][T16274] CPU: 0 UID: 0 PID: 16274 Comm: syz.0.2878 Not tainted syzkaller #0 PREEMPT(full) 
[  765.467532][T16274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  765.467542][T16274] Call Trace:
[  765.467550][T16274]  <TASK>
[  765.467558][T16274]  dump_stack_lvl+0x189/0x250
[  765.467584][T16274]  ? __pfx____ratelimit+0x10/0x10
[  765.467603][T16274]  ? __pfx_dump_stack_lvl+0x10/0x10
[  765.467623][T16274]  ? __pfx__printk+0x10/0x10
[  765.467659][T16274]  ? fs_reclaim_acquire+0x7d/0x100
[  765.467691][T16274]  should_fail_ex+0x414/0x560
[  765.467738][T16274]  prepare_alloc_pages+0x213/0x610
[  765.467770][T16274]  __alloc_frozen_pages_noprof+0x123/0x370
[  765.467800][T16274]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  765.467833][T16274]  ? policy_nodemask+0x27c/0x720
[  765.467855][T16274]  ? __lock_acquire+0xab9/0xd20
[  765.467878][T16274]  alloc_pages_mpol+0x232/0x4a0
[  765.467908][T16274]  vma_alloc_folio_noprof+0xe4/0x200
[  765.467938][T16274]  ? page_table_check_set+0x18d/0x730
[  765.467961][T16274]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  765.467998][T16274]  folio_prealloc+0x30/0x180
[  765.468024][T16274]  __handle_mm_fault+0x2a8b/0x5400
[  765.468061][T16274]  ? __pfx___handle_mm_fault+0x10/0x10
[  765.468097][T16274]  ? follow_page_pte+0x7ef/0x13e0
[  765.468138][T16274]  handle_mm_fault+0x40a/0x8e0
[  765.468170][T16274]  __get_user_pages+0x165c/0x2a00
[  765.468225][T16274]  __gup_longterm_locked+0xde4/0x1660
[  765.468259][T16274]  ? sanity_check_pinned_pages+0x1241/0x1300
[  765.468282][T16274]  ? gup_fast_fallback+0x1b86/0x22d0
[  765.468306][T16274]  gup_fast_fallback+0x1d65/0x22d0
[  765.468360][T16274]  ? __pfx_gup_fast_fallback+0x10/0x10
[  765.468382][T16274]  ? rcu_is_watching+0x15/0xb0
[  765.468401][T16274]  ? is_valid_gup_args+0x11f/0x200
[  765.468422][T16274]  ? pin_user_pages_fast+0x4d/0xb0
[  765.468442][T16274]  rds_info_getsockopt+0x1fb/0x470
[  765.468468][T16274]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  765.468490][T16274]  ? __might_fault+0xb0/0x130
[  765.468512][T16274]  ? rds_getsockopt+0x2c6/0x500
[  765.468528][T16274]  ? __pfx_rds_getsockopt+0x10/0x10
[  765.468545][T16274]  do_sock_getsockopt+0x36f/0x450
[  765.468570][T16274]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  765.468588][T16274]  ? warn_bogus_irq_restore+0x40/0x40
[  765.468603][T16274]  ? __fget_files+0x2a/0x420
[  765.468628][T16274]  ? __fget_files+0x3a0/0x420
[  765.468649][T16274]  ? __fget_files+0x2a/0x420
[  765.468751][T16274]  __ia32_sys_getsockopt+0x1a5/0x250
[  765.468783][T16274]  ? warn_bogus_irq_restore+0x40/0x40
[  765.468802][T16274]  ? warn_bogus_irq_restore+0x40/0x40
[  765.468822][T16274]  __do_fast_syscall_32+0xb6/0x2b0
[  765.468842][T16274]  ? lockdep_hardirqs_on+0x9c/0x150
[  765.468861][T16274]  do_fast_syscall_32+0x34/0x80
[  765.468877][T16274]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  765.468914][T16274] RIP: 0023:0xf7fd2539
[  765.468928][T16274] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  765.468942][T16274] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 000000000000016d
[  765.468962][T16274] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[  765.468974][T16274] RDX: 0000000000002716 RSI: 0000000080c35fff RDI: 0000000080000000
[  765.468983][T16274] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  765.468992][T16274] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  765.469001][T16274] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  765.469025][T16274]  </TASK>
[  765.818424][    C0] vkms_vblank_simulate: vblank timer overrun
[  765.939360][T16277] netlink: 'syz.2.2880': attribute type 21 has an invalid length.
[  765.947325][T16277] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2880'.
[  766.178021][T16291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2882'.
[  768.120223][   T51] Bluetooth: hci3: unexpected event for opcode 0x0402
[  768.182075][T16311] fuse: Invalid rootmode
[  768.410239][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  768.766699][T16320] FAULT_INJECTION: forcing a failure.
[  768.766699][T16320] name failslab, interval 1, probability 0, space 0, times 0
[  768.800530][T16320] CPU: 1 UID: 0 PID: 16320 Comm: syz.4.2892 Not tainted syzkaller #0 PREEMPT(full) 
[  768.800553][T16320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  768.800564][T16320] Call Trace:
[  768.800572][T16320]  <TASK>
[  768.800580][T16320]  dump_stack_lvl+0x189/0x250
[  768.800603][T16320]  ? __pfx____ratelimit+0x10/0x10
[  768.800620][T16320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  768.800638][T16320]  ? __pfx__printk+0x10/0x10
[  768.800665][T16320]  ? __pfx___might_resched+0x10/0x10
[  768.800689][T16320]  should_fail_ex+0x414/0x560
[  768.800719][T16320]  should_failslab+0xa8/0x100
[  768.800745][T16320]  __kvmalloc_node_noprof+0x158/0x910
[  768.800767][T16320]  ? rcu_is_watching+0x15/0xb0
[  768.800786][T16320]  ? nf_hook_entries_grow+0x281/0x720
[  768.800807][T16320]  ? __pfx___mutex_lock+0x10/0x10
[  768.800830][T16320]  nf_hook_entries_grow+0x281/0x720
[  768.800866][T16320]  __nf_register_net_hook+0x2c9/0x930
[  768.800896][T16320]  nf_register_net_hook+0xb2/0x190
[  768.800919][T16320]  nf_register_net_hooks+0x44/0x1b0
[  768.800940][T16320]  nf_defrag_ipv4_enable+0x87/0x120
[  768.800963][T16320]  nf_ct_netns_do_get+0x18c/0x5a0
[  768.800989][T16320]  ? nla_strcmp+0x106/0x140
[  768.801006][T16320]  ? __pfx_nf_ct_netns_do_get+0x10/0x10
[  768.801028][T16320]  ? nft_flowtable_lookup+0x134/0x140
[  768.801053][T16320]  ? nft_flow_offload_init+0x146/0x270
[  768.801081][T16320]  nf_tables_newrule+0x1791/0x28a0
[  768.801122][T16320]  ? __pfx_nf_tables_newrule+0x10/0x10
[  768.801147][T16320]  ? nfnl_pernet+0x23/0x240
[  768.801175][T16320]  ? __nla_parse+0x40/0x60
[  768.801199][T16320]  nfnetlink_rcv+0x11d9/0x2590
[  768.801254][T16320]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  768.801288][T16320]  ? ref_tracker_free+0x63a/0x7d0
[  768.801350][T16320]  ? __netlink_deliver_tap+0x807/0x850
[  768.801369][T16320]  ? netlink_deliver_tap+0x2e/0x1b0
[  768.801403][T16320]  netlink_unicast+0x82c/0x9e0
[  768.801429][T16320]  ? __pfx_netlink_unicast+0x10/0x10
[  768.801449][T16320]  ? netlink_sendmsg+0x642/0xb30
[  768.801466][T16320]  ? skb_put+0x11b/0x210
[  768.801488][T16320]  netlink_sendmsg+0x805/0xb30
[  768.801516][T16320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  768.801538][T16320]  ? __import_iovec+0x5d4/0x7f0
[  768.801558][T16320]  ? aa_sock_msg_perm+0xf1/0x1d0
[  768.801576][T16320]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  768.801592][T16320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  768.801612][T16320]  __sock_sendmsg+0x219/0x270
[  768.801634][T16320]  ____sys_sendmsg+0x505/0x830
[  768.801661][T16320]  ? __pfx_____sys_sendmsg+0x10/0x10
[  768.801702][T16320]  ___sys_sendmsg+0x21f/0x2a0
[  768.801727][T16320]  ? __pfx____sys_sendmsg+0x10/0x10
[  768.801784][T16320]  ? __fget_files+0x2a/0x420
[  768.801805][T16320]  ? __fget_files+0x3a0/0x420
[  768.801838][T16320]  __sys_sendmsg+0x164/0x220
[  768.801862][T16320]  ? __pfx___sys_sendmsg+0x10/0x10
[  768.801902][T16320]  ? lockdep_hardirqs_on+0x9c/0x150
[  768.801923][T16320]  __do_fast_syscall_32+0xb6/0x2b0
[  768.801944][T16320]  ? lockdep_hardirqs_on+0x9c/0x150
[  768.801967][T16320]  do_fast_syscall_32+0x34/0x80
[  768.801986][T16320]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  768.802007][T16320] RIP: 0023:0xf7fd8539
[  768.802023][T16320] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  768.802038][T16320] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  768.802058][T16320] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  768.802070][T16320] RDX: 0000000004000800 RSI: 0000000000000000 RDI: 0000000000000000
[  768.802082][T16320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  768.802092][T16320] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  768.802102][T16320] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  768.802127][T16320]  </TASK>
[  769.194993][T16310] delete_channel: no stack
[  770.503521][T16335] syzkaller0: entered promiscuous mode
[  770.516420][T16335] syzkaller0: entered allmulticast mode
[  771.086551][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.094922][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.103312][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.111685][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.169033][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.497006][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.763749][T16100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  772.084659][T16352] FAULT_INJECTION: forcing a failure.
[  772.084659][T16352] name failslab, interval 1, probability 0, space 0, times 0
[  772.111186][T16352] CPU: 1 UID: 0 PID: 16352 Comm: syz.3.2899 Not tainted syzkaller #0 PREEMPT(full) 
[  772.111212][T16352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  772.111223][T16352] Call Trace:
[  772.111231][T16352]  <TASK>
[  772.111239][T16352]  dump_stack_lvl+0x189/0x250
[  772.111264][T16352]  ? __pfx____ratelimit+0x10/0x10
[  772.111283][T16352]  ? __pfx_dump_stack_lvl+0x10/0x10
[  772.111303][T16352]  ? __pfx__printk+0x10/0x10
[  772.111332][T16352]  ? __pfx___might_resched+0x10/0x10
[  772.111349][T16352]  ? fs_reclaim_acquire+0x7d/0x100
[  772.111378][T16352]  should_fail_ex+0x414/0x560
[  772.111407][T16352]  should_failslab+0xa8/0x100
[  772.111433][T16352]  kmem_cache_alloc_node_noprof+0x77/0x710
[  772.111456][T16352]  ? __alloc_skb+0x112/0x2d0
[  772.111474][T16352]  ? netlink_autobind+0xdb/0x300
[  772.111499][T16352]  __alloc_skb+0x112/0x2d0
[  772.111523][T16352]  netlink_sendmsg+0x5c6/0xb30
[  772.111552][T16352]  ? __pfx_netlink_sendmsg+0x10/0x10
[  772.111575][T16352]  ? __import_iovec+0x5d4/0x7f0
[  772.111594][T16352]  ? aa_sock_msg_perm+0xf1/0x1d0
[  772.111613][T16352]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  772.111629][T16352]  ? __pfx_netlink_sendmsg+0x10/0x10
[  772.111650][T16352]  __sock_sendmsg+0x219/0x270
[  772.111671][T16352]  ____sys_sendmsg+0x505/0x830
[  772.111698][T16352]  ? __pfx_____sys_sendmsg+0x10/0x10
[  772.111736][T16352]  ___sys_sendmsg+0x21f/0x2a0
[  772.111760][T16352]  ? __pfx____sys_sendmsg+0x10/0x10
[  772.111817][T16352]  ? __fget_files+0x2a/0x420
[  772.111839][T16352]  ? __fget_files+0x3a0/0x420
[  772.111872][T16352]  __sys_sendmsg+0x164/0x220
[  772.111895][T16352]  ? __pfx___sys_sendmsg+0x10/0x10
[  772.111933][T16352]  ? lockdep_hardirqs_on+0x9c/0x150
[  772.111961][T16352]  __do_fast_syscall_32+0xb6/0x2b0
[  772.111982][T16352]  ? lockdep_hardirqs_on+0x9c/0x150
[  772.112003][T16352]  do_fast_syscall_32+0x34/0x80
[  772.112022][T16352]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  772.112042][T16352] RIP: 0023:0xf707e539
[  772.112058][T16352] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  772.112074][T16352] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  772.112093][T16352] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080006040
[  772.112106][T16352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  772.112115][T16352] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  772.112126][T16352] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  772.112137][T16352] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  772.112164][T16352]  </TASK>
[  772.689506][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  772.703168][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  772.792037][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  772.807560][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  772.815698][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  772.915505][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  773.116172][T16374] syzkaller0: entered promiscuous mode
[  773.122035][T16374] syzkaller0: entered allmulticast mode
[  773.168050][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  773.581475][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  773.682795][T16380] syzkaller0: entered promiscuous mode
[  773.689370][T16380] syzkaller0: entered allmulticast mode
[  774.098758][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.316375][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  774.316389][   T30] audit: type=1326 audit(1759560447.274:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  774.405571][   T30] audit: type=1326 audit(1759560447.284:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  774.471244][T16367] chnl_net:caif_netlink_parms(): no params data found
[  774.506371][   T30] audit: type=1326 audit(1759560447.324:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  774.536713][T16100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  774.698113][   T30] audit: type=1326 audit(1759560447.334:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  774.817532][   T30] audit: type=1326 audit(1759560447.334:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  774.848897][   T30] audit: type=1326 audit(1759560447.334:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  774.860604][ T5842] Bluetooth: hci4: command tx timeout
[  774.951213][T16402] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2909'.
[  775.221727][   T30] audit: type=1326 audit(1759560447.334:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  775.342711][   T30] audit: type=1326 audit(1759560447.344:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  775.364577][    C0] vkms_vblank_simulate: vblank timer overrun
[  775.380134][   T30] audit: type=1326 audit(1759560447.344:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  775.402126][    C0] vkms_vblank_simulate: vblank timer overrun
[  775.466020][   T30] audit: type=1326 audit(1759560447.344:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16382 comm="syz.0.2906" exe="/root/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7fd2539 code=0x7ffc0000
[  775.807303][T16401] pim6reg0: tun_chr_ioctl cmd 2147767506
[  775.859296][T16367] bridge0: port 1(bridge_slave_0) entered blocking state
[  775.866776][T16367] bridge0: port 1(bridge_slave_0) entered disabled state
[  775.906962][T16367] bridge_slave_0: entered allmulticast mode
[  775.914860][T16367] bridge_slave_0: entered promiscuous mode
[  775.949234][T16367] bridge0: port 2(bridge_slave_1) entered blocking state
[  775.971170][T16367] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.034871][T16367] bridge_slave_1: entered allmulticast mode
[  776.065186][T16367] bridge_slave_1: entered promiscuous mode
[  776.856535][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  776.926431][ T5842] Bluetooth: hci4: command tx timeout
[  777.006338][    T9] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[  777.156963][   T49] bond0 (unregistering): Released all slaves
[  777.171012][   T49] bond1 (unregistering): Released all slaves
[  777.188562][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  777.199787][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  777.209938][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  777.223039][    T9] usb 1-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[  777.232207][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.260238][    T9] usb 1-1: config 0 descriptor??
[  777.332691][   T49] bond2 (unregistering): Released all slaves
[  777.381422][T16433] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  777.392313][T16434] syzkaller0: entered promiscuous mode
[  777.403585][T16434] syzkaller0: entered allmulticast mode
[  777.428703][T16437] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2917'.
[  777.485894][T16438] tipc: Resetting bearer <eth:syzkaller0>
[  777.510305][T16427] tipc: Resetting bearer <eth:syzkaller0>
[  777.545066][T16427] tipc: Disabling bearer <eth:syzkaller0>
[  777.567410][T16100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  777.578468][   T49] tipc: Disabling bearer <udp:s>
[  777.607220][   T49] tipc: Left network mode
[  777.630363][T16367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  777.712316][    T9] hid_parser_main: 137 callbacks suppressed
[  777.712339][    T9] sunplus 0003:04FC:05D8.0015: unknown main item tag 0x0
[  777.738784][T16367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  777.748280][    T9] sunplus 0003:04FC:05D8.0015: unknown main item tag 0x0
[  777.755422][    T9] sunplus 0003:04FC:05D8.0015: unknown main item tag 0x0
[  777.791045][    T9] sunplus 0003:04FC:05D8.0015: hidraw0: USB HID v0.02 Device [HID 04fc:05d8] on usb-dummy_hcd.0-1/input0
[  777.921741][T16100] usb 1-1: USB disconnect, device number 95
[  777.947890][T16367] team0: Port device team_slave_0 added
[  778.035892][T16456] syzkaller0: entered promiscuous mode
[  778.052475][T16456] syzkaller0: entered allmulticast mode
[  778.162443][T16454] syzkaller0: entered promiscuous mode
[  778.183263][T16454] syzkaller0: entered allmulticast mode
[  778.217998][T16367] team0: Port device team_slave_1 added
[  778.248640][T16453] fido_id[16453]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  778.288789][T16464] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2923'.
[  778.715980][T16367] batman_adv: batadv0: Adding interface: batadv_slave_0
[  778.738323][T16367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  778.777055][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  778.816046][T16367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  778.946073][T16367] batman_adv: batadv0: Adding interface: batadv_slave_1
[  779.007937][ T5842] Bluetooth: hci4: command tx timeout
[  779.016643][T16367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  779.128516][T16367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  779.338397][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  779.338414][   T30] audit: type=1326 audit(1759560452.314:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16478 comm="syz.3.2926" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e539 code=0x0
[  779.422476][T16484] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2925'.
[  779.711288][T16367] hsr_slave_0: entered promiscuous mode
[  779.721516][T16367] hsr_slave_1: entered promiscuous mode
[  779.731708][T16367] debugfs: 'hsr0' already exists in 'hsr'
[  779.742634][T16367] Cannot create hsr debugfs directory
[  780.456592][T16100] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  780.577827][   T49] hsr_slave_0: left promiscuous mode
[  780.590180][T16506] fuse: Unknown parameter '00000000000000000000'
[  780.592112][   T49] hsr_slave_1: left promiscuous mode
[  780.606648][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  780.618232][T16100] usb 1-1: unable to get BOS descriptor or descriptor too short
[  780.633389][T16100] usb 1-1: config 14 has an invalid interface number: 21 but max is 0
[  780.653119][T16100] usb 1-1: config 14 has no interface number 0
[  780.684520][T16100] usb 1-1: config 14 interface 21 altsetting 251 bulk endpoint 0xA has invalid maxpacket 32
[  780.713954][T16100] usb 1-1: config 14 interface 21 has no altsetting 0
[  780.727074][   T49] veth1_macvtap: left promiscuous mode
[  780.728484][T16100] usb 1-1: New USB device found, idVendor=c880, idProduct=760e, bcdDevice=35.fc
[  780.752149][T16100] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.752306][   T49] veth0_macvtap: left promiscuous mode
[  780.766363][T16100] usb 1-1: Product: syz
[  780.772082][T16100] usb 1-1: Manufacturer: syz
[  780.797357][T16100] usb 1-1: SerialNumber: syz
[  780.835462][T16494] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  781.093501][   T49] veth1_vlan: left promiscuous mode
[  781.102585][ T5842] Bluetooth: hci4: command tx timeout
[  781.326549][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  781.455549][   T49] pim6reg (unregistering): left allmulticast mode
[  781.833670][T16504] delete_channel: no stack
[  783.653537][T10845] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  783.885310][T16491] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  783.923580][T16492] syzkaller0: entered promiscuous mode
[  783.930414][T16492] syzkaller0: entered allmulticast mode
[  785.635086][T16517] tipc: Resetting bearer <eth:syzkaller0>
[  785.662827][T16537] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  785.708402][T16100] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  785.721424][T16100] usb 1-1: MIDIStreaming interface descriptor not found
[  785.735825][T16517] tipc: Resetting bearer <eth:syzkaller0>
[  785.786555][T16100] usb 1-1: USB disconnect, device number 96
[  785.810405][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  785.852777][T14547] udevd[14547]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:14.21/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  785.878943][T16517] tipc: Disabling bearer <eth:syzkaller0>
[  786.559385][T16550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  786.567985][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  786.686551][T16100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  786.974237][T16570] FAULT_INJECTION: forcing a failure.
[  786.974237][T16570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  787.028040][T16570] CPU: 0 UID: 0 PID: 16570 Comm: syz.3.2944 Not tainted syzkaller #0 PREEMPT(full) 
[  787.028066][T16570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  787.028077][T16570] Call Trace:
[  787.028085][T16570]  <TASK>
[  787.028093][T16570]  dump_stack_lvl+0x189/0x250
[  787.028119][T16570]  ? __pfx____ratelimit+0x10/0x10
[  787.028139][T16570]  ? __pfx_dump_stack_lvl+0x10/0x10
[  787.028159][T16570]  ? __pfx__printk+0x10/0x10
[  787.028182][T16570]  ? __might_fault+0xb0/0x130
[  787.028215][T16570]  should_fail_ex+0x414/0x560
[  787.028244][T16570]  _copy_from_user+0x2d/0xb0
[  787.028267][T16570]  __ia32_sys_epoll_ctl+0x120/0x1a0
[  787.028303][T16570]  ? __pfx___ia32_sys_epoll_ctl+0x10/0x10
[  787.028331][T16570]  ? lockdep_hardirqs_on+0x9c/0x150
[  787.028353][T16570]  __do_fast_syscall_32+0xb6/0x2b0
[  787.028374][T16570]  ? lockdep_hardirqs_on+0x9c/0x150
[  787.028396][T16570]  do_fast_syscall_32+0x34/0x80
[  787.028415][T16570]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  787.028435][T16570] RIP: 0023:0xf707e539
[  787.028450][T16570] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  787.028465][T16570] RSP: 002b:00000000f546e55c EFLAGS: 00000206 ORIG_RAX: 00000000000000ff
[  787.028484][T16570] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000001
[  787.028496][T16570] RDX: 0000000000000003 RSI: 0000000080000040 RDI: 0000000000000000
[  787.028507][T16570] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  787.028517][T16570] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  787.028528][T16570] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  787.028553][T16570]  </TASK>
[  787.409541][T16100] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  787.424081][   T49] IPVS: stop unused estimator thread 0...
[  787.578998][T16100] usb 3-1: Using ep0 maxpacket: 32
[  787.590340][T16100] usb 3-1: config 32 has no interfaces?
[  787.598631][T16100] usb 3-1: New USB device found, idVendor=0499, idProduct=1037, bcdDevice=e0.9f
[  787.610215][T16100] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.245499][T16367] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  788.289012][T16367] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  788.337821][T16367] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  788.379410][T16100] usb 3-1: USB disconnect, device number 80
[  788.398690][T16367] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  788.645760][T16367] 8021q: adding VLAN 0 to HW filter on device bond0
[  788.693056][T16367] 8021q: adding VLAN 0 to HW filter on device team0
[  788.720755][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  788.720886][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  788.723774][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  788.723878][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  788.887898][T16367] 8021q: adding VLAN 0 to HW filter on device batadv0
[  788.942768][T16625] fuse: Bad value for 'rootmode'
[  788.984881][   T30] audit: type=1326 audit(1759560461.954:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.0.2952" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2539 code=0x0
[  788.992290][T16367] veth0_vlan: entered promiscuous mode
[  789.031087][T16367] veth1_vlan: entered promiscuous mode
[  789.072150][T16367] veth0_macvtap: entered promiscuous mode
[  789.083564][T16367] veth1_macvtap: entered promiscuous mode
[  789.110691][T16367] batman_adv: batadv0: Interface activated: batadv_slave_0
[  789.141985][T16367] batman_adv: batadv0: Interface activated: batadv_slave_1
[  789.174148][ T1099] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  789.189539][ T1099] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  789.216647][ T1099] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  789.240735][ T1099] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  789.360712][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  789.377298][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  789.416789][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  789.425555][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  789.528097][T16643] FAULT_INJECTION: forcing a failure.
[  789.528097][T16643] name failslab, interval 1, probability 0, space 0, times 0
[  789.543923][T16643] CPU: 0 UID: 0 PID: 16643 Comm: syz.1.2898 Not tainted syzkaller #0 PREEMPT(full) 
[  789.543949][T16643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  789.543960][T16643] Call Trace:
[  789.543968][T16643]  <TASK>
[  789.543977][T16643]  dump_stack_lvl+0x189/0x250
[  789.544009][T16643]  ? __pfx____ratelimit+0x10/0x10
[  789.544029][T16643]  ? __pfx_dump_stack_lvl+0x10/0x10
[  789.544049][T16643]  ? __pfx__printk+0x10/0x10
[  789.544078][T16643]  ? __pfx___might_resched+0x10/0x10
[  789.544102][T16643]  should_fail_ex+0x414/0x560
[  789.544132][T16643]  should_failslab+0xa8/0x100
[  789.544158][T16643]  __kmalloc_noprof+0xcb/0x7f0
[  789.544179][T16643]  ? snd_pcm_hw_refine+0x967/0x1640
[  789.544207][T16643]  snd_pcm_hw_refine+0x967/0x1640
[  789.544240][T16643]  ? stack_trace_save+0x9c/0xe0
[  789.544268][T16643]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  789.544287][T16643]  ? __lock_acquire+0xab9/0xd20
[  789.544313][T16643]  ? do_raw_spin_lock+0x121/0x290
[  789.544338][T16643]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  789.544380][T16643]  ? _raw_spin_unlock_irq+0x23/0x50
[  789.544397][T16643]  ? lockdep_hardirqs_on+0x9c/0x150
[  789.544419][T16643]  snd_pcm_hw_params+0x4b6/0x1d30
[  789.544446][T16643]  ? kasan_quarantine_put+0xdd/0x220
[  789.544479][T16643]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  789.544506][T16643]  ? snd_pcm_hw_param_near+0x373/0x500
[  789.544535][T16643]  ? snd_pcm_kernel_ioctl+0x230/0x3b0
[  789.544559][T16643]  snd_pcm_oss_change_params_locked+0x21cb/0x3e40
[  789.544618][T16643]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  789.544639][T16643]  ? aa_file_perm+0x44d/0x1550
[  789.544672][T16643]  ? _parse_integer_limit+0x1ae/0x1f0
[  789.544691][T16643]  ? __pfx_aa_file_perm+0x10/0x10
[  789.544711][T16643]  snd_pcm_oss_write+0x2fb/0x1190
[  789.544732][T16643]  ? __lock_acquire+0xab9/0xd20
[  789.544768][T16643]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  789.544793][T16643]  ? bpf_lsm_file_permission+0x9/0x20
[  789.544811][T16643]  ? security_file_permission+0x75/0x290
[  789.544838][T16643]  ? rw_verify_area+0x255/0x4d0
[  789.544864][T16643]  vfs_writev+0x4b6/0x960
[  789.544884][T16643]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  789.544912][T16643]  ? __pfx_vfs_writev+0x10/0x10
[  789.544943][T16643]  ? __fget_files+0x2a/0x420
[  789.544969][T16643]  ? __fget_files+0x3a0/0x420
[  789.544989][T16643]  ? __fget_files+0x2a/0x420
[  789.545041][T16643]  do_writev+0x14d/0x2d0
[  789.545062][T16643]  ? __pfx_do_writev+0x10/0x10
[  789.545084][T16643]  ? lockdep_hardirqs_on+0x9c/0x150
[  789.545106][T16643]  __do_fast_syscall_32+0xb6/0x2b0
[  789.545127][T16643]  ? lockdep_hardirqs_on+0x9c/0x150
[  789.545149][T16643]  do_fast_syscall_32+0x34/0x80
[  789.545168][T16643]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  789.545189][T16643] RIP: 0023:0xf7fd5539
[  789.545205][T16643] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  789.545220][T16643] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000092
[  789.545239][T16643] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  789.545252][T16643] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  789.545261][T16643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  789.545271][T16643] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  789.545282][T16643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  789.545309][T16643]  </TASK>
[  789.888450][T16100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  790.430546][T16100] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[  790.552851][T16659] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2957'.
[  790.597839][T16100] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  790.617542][T16662] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2957'.
[  790.618682][T16100] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  790.664693][T16100] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  790.691124][T16659] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2957'.
[  790.706374][T16100] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  790.714563][T16659] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2957'.
[  790.752557][T16100] usb 1-1: config 0 descriptor??
[  790.786516][T16659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2957'.
[  790.929795][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  790.937977][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  791.157100][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  791.169928][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  791.178807][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  791.200887][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  791.210237][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  791.358455][T16100] kovaplus 0003:1E7D:2D50.0016: unknown main item tag 0x0
[  791.365635][T16100] kovaplus 0003:1E7D:2D50.0016: unknown main item tag 0x0
[  791.382342][T16100] kovaplus 0003:1E7D:2D50.0016: unknown main item tag 0x0
[  791.401258][T16100] kovaplus 0003:1E7D:2D50.0016: unknown main item tag 0x0
[  791.436507][T16100] kovaplus 0003:1E7D:2D50.0016: unknown main item tag 0x0
[  791.487100][T16100] kovaplus 0003:1E7D:2D50.0016: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0
[  791.499836][T16683] FAULT_INJECTION: forcing a failure.
[  791.499836][T16683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  791.518303][T16681] ptrace attach of "./syz-executor exec"[16367] was attempted by "./syz-executor exec"[16681]
[  791.650008][T16683] CPU: 1 UID: 0 PID: 16683 Comm: syz.3.2965 Not tainted syzkaller #0 PREEMPT(full) 
[  791.650041][T16683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  791.650052][T16683] Call Trace:
[  791.650060][T16683]  <TASK>
[  791.650069][T16683]  dump_stack_lvl+0x189/0x250
[  791.650095][T16683]  ? __pfx____ratelimit+0x10/0x10
[  791.650114][T16683]  ? __pfx_dump_stack_lvl+0x10/0x10
[  791.650133][T16683]  ? __pfx__printk+0x10/0x10
[  791.650165][T16683]  should_fail_ex+0x414/0x560
[  791.650194][T16683]  _copy_to_user+0x31/0xb0
[  791.650218][T16683]  simple_read_from_buffer+0xe1/0x170
[  791.650244][T16683]  proc_fail_nth_read+0x1b3/0x220
[  791.650265][T16683]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  791.650285][T16683]  ? rw_verify_area+0x2a6/0x4d0
[  791.650302][T16683]  ? __lock_acquire+0xab9/0xd20
[  791.650314][T16683]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  791.650331][T16683]  vfs_read+0x200/0xa30
[  791.650347][T16683]  ? fdget_pos+0x247/0x320
[  791.650362][T16683]  ? __pfx___mutex_lock+0x10/0x10
[  791.650379][T16683]  ? __pfx_vfs_read+0x10/0x10
[  791.650397][T16683]  ? __fget_files+0x2a/0x420
[  791.650418][T16683]  ? __fget_files+0x3a0/0x420
[  791.650436][T16683]  ? __fget_files+0x2a/0x420
[  791.650461][T16683]  ksys_read+0x145/0x250
[  791.650484][T16683]  ? __pfx_ksys_read+0x10/0x10
[  791.650503][T16683]  ? lockdep_hardirqs_on+0x9c/0x150
[  791.650521][T16683]  __do_fast_syscall_32+0xb6/0x2b0
[  791.650537][T16683]  ? lockdep_hardirqs_on+0x9c/0x150
[  791.650554][T16683]  do_fast_syscall_32+0x34/0x80
[  791.650569][T16683]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  791.650585][T16683] RIP: 0023:0xf707e539
[  791.650597][T16683] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  791.650609][T16683] RSP: 002b:00000000f546e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  791.650624][T16683] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f546e620
[  791.650633][T16683] RDX: 000000000000000f RSI: 00000000f7415ff4 RDI: 0000000000000000
[  791.650642][T16683] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  791.650650][T16683] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  791.650658][T16683] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  791.650679][T16683]  </TASK>
[  792.207859][T16100] kovaplus 0003:1E7D:2D50.0016: couldn't init struct kovaplus_device
[  792.216006][T16100] kovaplus 0003:1E7D:2D50.0016: couldn't install mouse
[  792.243888][T16100] kovaplus 0003:1E7D:2D50.0016: probe with driver kovaplus failed with error -5
[  792.501966][ T5922] usb 1-1: USB disconnect, device number 97
[  792.511377][T16677] chnl_net:caif_netlink_parms(): no params data found
[  792.830022][T16677] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.841309][T16677] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.850525][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  792.864097][T16677] bridge_slave_0: entered allmulticast mode
[  792.919096][T16677] bridge_slave_0: entered promiscuous mode
[  792.928075][T16100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  792.944739][T16703] pim6reg: entered allmulticast mode
[  792.989171][T16677] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.996979][T16677] bridge0: port 2(bridge_slave_1) entered disabled state
[  793.005442][T16677] bridge_slave_1: entered allmulticast mode
[  793.014819][T16677] bridge_slave_1: entered promiscuous mode
[  793.063785][T16677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  793.096796][T16677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  793.247552][   T51] Bluetooth: hci5: command tx timeout
[  793.329654][T16677] team0: Port device team_slave_0 added
[  793.499380][T16677] team0: Port device team_slave_1 added
[  793.636302][T16100] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[  793.757484][T16677] batman_adv: batadv0: Adding interface: batadv_slave_0
[  793.784001][T16677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  793.814849][T16100] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  793.834035][T16100] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  793.846075][T16100] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.857522][T16677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  793.931153][T16100] usb 1-1: config 0 descriptor??
[  794.002955][T16677] batman_adv: batadv0: Adding interface: batadv_slave_1
[  794.010555][T16677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  794.205014][T16677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  794.241903][T16100] usbhid 1-1:0.0: can't add hid device: -71
[  794.252046][T16100] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  794.321282][T16100] usb 1-1: USB disconnect, device number 98
[  794.498693][T16727] fuse: Bad value for 'rootmode'
[  794.821362][T16100] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[  794.981135][T16100] usb 1-1: Using ep0 maxpacket: 16
[  795.000496][T16100] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  795.013068][T16100] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  795.025130][T16100] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  795.038513][T16100] usb 1-1: config 0 descriptor??
[  795.328814][   T51] Bluetooth: hci5: command tx timeout
[  795.352888][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  795.366372][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  795.379903][   T36] bond0 (unregistering): Released all slaves
[  795.407762][   T36] bond1 (unregistering): Released all slaves
[  795.468049][T16727] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  795.494433][T16100] mcp2221 0003:04D8:00DD.0017: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  795.583409][T16677] hsr_slave_0: entered promiscuous mode
[  795.627685][T16677] hsr_slave_1: entered promiscuous mode
[  795.634257][T16677] debugfs: 'hsr0' already exists in 'hsr'
[  795.659320][    C1] ==================================================================
[  795.667508][    C1] BUG: KASAN: slab-out-of-bounds in mcp2221_raw_event+0x106a/0x1240
[  795.675524][    C1] Read of size 1 at addr ffff88805822ffff by task udevd/14513
[  795.682994][    C1] 
[  795.685319][    C1] CPU: 1 UID: 0 PID: 14513 Comm: udevd Not tainted syzkaller #0 PREEMPT(full) 
[  795.685341][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  795.685352][    C1] Call Trace:
[  795.685360][    C1]  <IRQ>
[  795.685368][    C1]  dump_stack_lvl+0x189/0x250
[  795.685392][    C1]  ? __kasan_check_byte+0x12/0x40
[  795.685417][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  795.685436][    C1]  ? lock_release+0x4b/0x3e0
[  795.685454][    C1]  ? __virt_addr_valid+0x4a5/0x5c0
[  795.685478][    C1]  print_report+0xca/0x240
[  795.685494][    C1]  ? mcp2221_raw_event+0x106a/0x1240
[  795.685513][    C1]  kasan_report+0x118/0x150
[  795.685536][    C1]  ? mcp2221_raw_event+0x106a/0x1240
[  795.685557][    C1]  mcp2221_raw_event+0x106a/0x1240
[  795.685576][    C1]  ? down_trylock+0x50/0xb0
[  795.685600][    C1]  hid_input_report+0x40a/0x520
[  795.685618][    C1]  ? __pfx_mcp2221_raw_event+0x10/0x10
[  795.685637][    C1]  hid_irq_in+0x47e/0x6d0
[  795.685659][    C1]  __usb_hcd_giveback_urb+0x376/0x540
[  795.685684][    C1]  dummy_timer+0x862/0x4550
[  795.685726][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  795.685749][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  795.685773][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  795.685793][    C1]  __hrtimer_run_queues+0x529/0xc60
[  795.685828][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  795.685845][    C1]  ? read_tsc+0x9/0x20
[  795.685869][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  795.685902][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  795.685924][    C1]  handle_softirqs+0x283/0x870
[  795.685942][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  795.685961][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  795.685982][    C1]  __irq_exit_rcu+0xca/0x1f0
[  795.685999][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  795.686019][    C1]  irq_exit_rcu+0x9/0x30
[  795.686034][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  795.686052][    C1]  </IRQ>
[  795.686059][    C1]  <TASK>
[  795.686066][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  795.686087][    C1] RIP: 0010:netlink_recvmsg+0x183/0xa30
[  795.686112][    C1] Code: 0f 85 ca 06 00 00 41 8b 07 4d 8d 3c 06 49 83 c7 08 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 30 e1 c1 f8 4d 8b 3f <4d> 85 ff 44 89 6c 24 24 0f 85 76 06 00 00 e8 7a 3f 5c f8 4c 8b 7c
[  795.686129][    C1] RSP: 0018:ffffc9001aeb78a0 EFLAGS: 00000246
[  795.686146][    C1] RAX: 1ffff1100b11a441 RBX: ffff88807b14e000 RCX: 1ffff110063f2cba
[  795.686159][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888031f965d0
[  795.686170][    C1] RBP: ffffc9001aeb79c8 R08: ffffffff8f5b9137 R09: 1ffffffff1eb7226
[  795.686184][    C1] R10: dffffc0000000000 R11: fffffbfff1eb7227 R12: dffffc0000000000
[  795.686197][    C1] R13: 0000000000000040 R14: ffff8880588d2080 R15: 0000000000000000
[  795.686222][    C1]  ? __pfx_netlink_recvmsg+0x10/0x10
[  795.686242][    C1]  ? ep_try_send_events+0xd9b/0xf40
[  795.686265][    C1]  ? aa_sock_msg_perm+0xf1/0x1d0
[  795.686280][    C1]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  795.686295][    C1]  ? security_socket_recvmsg+0x7e/0x2e0
[  795.686313][    C1]  ? __pfx_netlink_recvmsg+0x10/0x10
[  795.686331][    C1]  sock_recvmsg+0x229/0x270
[  795.686349][    C1]  ____sys_recvmsg+0x1c9/0x460
[  795.686373][    C1]  ? __pfx_____sys_recvmsg+0x10/0x10
[  795.686399][    C1]  ? import_iovec+0x74/0xa0
[  795.686419][    C1]  ___sys_recvmsg+0x1b5/0x510
[  795.686441][    C1]  ? __pfx____sys_recvmsg+0x10/0x10
[  795.686474][    C1]  __x64_sys_recvmsg+0x198/0x260
[  795.686495][    C1]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  795.686519][    C1]  ? rcu_is_watching+0x15/0xb0
[  795.686539][    C1]  ? do_syscall_64+0xbe/0x3b0
[  795.686557][    C1]  do_syscall_64+0xfa/0x3b0
[  795.686574][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.686588][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  795.686612][    C1]  ? clear_bhb_loop+0x60/0xb0
[  795.686630][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.686646][    C1] RIP: 0033:0x7ff630ea7407
[  795.686660][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  795.686674][    C1] RSP: 002b:00007ffc1d3189a0 EFLAGS: 00000202 ORIG_RAX: 000000000000002f
[  795.686691][    C1] RAX: ffffffffffffffda RBX: 00007ff631586880 RCX: 00007ff630ea7407
[  795.686703][    C1] RDX: 0000000000000000 RSI: 00007ffc1d318a30 RDI: 000000000000000c
[  795.686713][    C1] RBP: 0000564bbe457910 R08: 0000000000000000 R09: 0000000000000000
[  795.686724][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000564bbe482550
[  795.686734][    C1] R13: 00007ffc1d318af0 R14: 00007ffc1d318a3c R15: 0000000000000000
[  795.686750][    C1]  </TASK>
[  795.686757][    C1] 
[  796.131172][    C1] Allocated by task 16552:
[  796.135581][    C1]  kasan_save_track+0x3e/0x80
[  796.140259][    C1]  __kasan_kmalloc+0x93/0xb0
[  796.144841][    C1]  __kmalloc_cache_noprof+0x3d5/0x6f0
[  796.150205][    C1]  tomoyo_find_next_domain+0xdc/0x1aa0
[  796.155652][    C1]  tomoyo_bprm_check_security+0x11c/0x180
[  796.161364][    C1]  security_bprm_check+0x89/0x270
[  796.166393][    C1]  bprm_execve+0x8ee/0x1450
[  796.170885][    C1]  do_execveat_common+0x510/0x6a0
[  796.175903][    C1]  __x64_sys_execve+0x94/0xb0
[  796.180570][    C1]  do_syscall_64+0xfa/0x3b0
[  796.185066][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.190944][    C1] 
[  796.193254][    C1] Freed by task 16552:
[  796.197302][    C1]  kasan_save_track+0x3e/0x80
[  796.201970][    C1]  __kasan_save_free_info+0x46/0x50
[  796.207167][    C1]  __kasan_slab_free+0x5c/0x80
[  796.211922][    C1]  kfree+0x19a/0x6d0
[  796.215803][    C1]  tomoyo_find_next_domain+0x173e/0x1aa0
[  796.221424][    C1]  tomoyo_bprm_check_security+0x11c/0x180
[  796.227138][    C1]  security_bprm_check+0x89/0x270
[  796.232157][    C1]  bprm_execve+0x8ee/0x1450
[  796.236669][    C1]  do_execveat_common+0x510/0x6a0
[  796.241690][    C1]  __x64_sys_execve+0x94/0xb0
[  796.246354][    C1]  do_syscall_64+0xfa/0x3b0
[  796.250845][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.256722][    C1] 
[  796.259031][    C1] The buggy address belongs to the object at ffff88805822fc00
[  796.259031][    C1]  which belongs to the cache kmalloc-512 of size 512
[  796.273086][    C1] The buggy address is located 511 bytes to the right of
[  796.273086][    C1]  allocated 512-byte region [ffff88805822fc00, ffff88805822fe00)
[  796.287738][    C1] 
[  796.290046][    C1] The buggy address belongs to the physical page:
[  796.296481][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5822c
[  796.305225][    C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  796.313709][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  796.321237][    C1] page_type: f5(slab)
[  796.325212][    C1] raw: 00fff00000000040 ffff88813fe26c80 ffffea000114f000 dead000000000002
[  796.333783][    C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  796.342357][    C1] head: 00fff00000000040 ffff88813fe26c80 ffffea000114f000 dead000000000002
[  796.351023][    C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  796.359704][    C1] head: 00fff00000000002 ffffea0001608b01 00000000ffffffff 00000000ffffffff
[  796.368364][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  796.377015][    C1] page dumped because: kasan: bad access detected
[  796.383424][    C1] page_owner tracks the page as allocated
[  796.389158][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 77568381112, free_ts 23550020686
[  796.408087][    C1]  post_alloc_hook+0x240/0x2a0
[  796.412854][    C1]  get_page_from_freelist+0x2365/0x2440
[  796.418401][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  796.424201][    C1]  alloc_pages_mpol+0x232/0x4a0
[  796.429065][    C1]  allocate_slab+0x96/0x3a0
[  796.433556][    C1]  ___slab_alloc+0xe94/0x1920
[  796.438217][    C1]  __slab_alloc+0x65/0x100
[  796.442629][    C1]  __kmalloc_cache_noprof+0x411/0x6f0
[  796.448012][    C1]  batadv_forw_packet_alloc+0x1e9/0x390
[  796.453565][    C1]  batadv_iv_ogm_queue_add+0x85f/0xd30
[  796.459021][    C1]  batadv_iv_ogm_schedule+0x866/0xf00
[  796.464387][    C1]  batadv_iv_send_outstanding_bat_ogm_packet+0x6c6/0x7e0
[  796.471409][    C1]  process_scheduled_works+0xade/0x17b0
[  796.476952][    C1]  worker_thread+0x8a0/0xda0
[  796.481532][    C1]  kthread+0x70e/0x8a0
[  796.485588][    C1]  ret_from_fork+0x436/0x7d0
[  796.490164][    C1] page last free pid 1 tgid 1 stack trace:
[  796.495972][    C1]  __free_frozen_pages+0xbc4/0xd30
[  796.501073][    C1]  free_contig_range+0x1bd/0x4a0
[  796.505995][    C1]  destroy_args+0x69/0x660
[  796.510405][    C1]  debug_vm_pgtable+0x39f/0x3b0
[  796.515245][    C1]  do_one_initcall+0x233/0x820
[  796.520005][    C1]  do_initcall_level+0x104/0x190
[  796.524930][    C1]  do_initcalls+0x59/0xa0
[  796.529248][    C1]  kernel_init_freeable+0x334/0x4b0
[  796.534441][    C1]  kernel_init+0x1d/0x1d0
[  796.538761][    C1]  ret_from_fork+0x436/0x7d0
[  796.543335][    C1]  ret_from_fork_asm+0x1a/0x30
[  796.548098][    C1] 
[  796.550403][    C1] Memory state around the buggy address:
[  796.556012][    C1]  ffff88805822fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  796.564057][    C1]  ffff88805822ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  796.572103][    C1] >ffff88805822ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  796.580143][    C1]                                                                 ^
[  796.588097][    C1]  ffff888058230000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  796.596139][    C1]  ffff888058230080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  796.604179][    C1] ==================================================================
[  796.612231][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  796.619419][    C1] CPU: 1 UID: 0 PID: 14513 Comm: udevd Not tainted syzkaller #0 PREEMPT(full) 
[  796.628344][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  796.638391][    C1] Call Trace:
[  796.641657][    C1]  <IRQ>
[  796.644486][    C1]  dump_stack_lvl+0x99/0x250
[  796.649069][    C1]  ? __asan_memcpy+0x40/0x70
[  796.653649][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  796.658836][    C1]  ? __pfx__printk+0x10/0x10
[  796.663423][    C1]  vpanic+0x237/0x6d0
[  796.667422][    C1]  ? __pfx_vpanic+0x10/0x10
[  796.671919][    C1]  panic+0xb9/0xc0
[  796.675625][    C1]  ? __pfx_panic+0x10/0x10
[  796.680037][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  796.685920][    C1]  ? mcp2221_raw_event+0x106a/0x1240
[  796.691194][    C1]  check_panic_on_warn+0x89/0xb0
[  796.696128][    C1]  ? mcp2221_raw_event+0x106a/0x1240
[  796.701400][    C1]  end_report+0x78/0x160
[  796.705637][    C1]  kasan_report+0x129/0x150
[  796.710135][    C1]  ? mcp2221_raw_event+0x106a/0x1240
[  796.715413][    C1]  mcp2221_raw_event+0x106a/0x1240
[  796.720513][    C1]  ? down_trylock+0x50/0xb0
[  796.725004][    C1]  hid_input_report+0x40a/0x520
[  796.729844][    C1]  ? __pfx_mcp2221_raw_event+0x10/0x10
[  796.735297][    C1]  hid_irq_in+0x47e/0x6d0
[  796.739619][    C1]  __usb_hcd_giveback_urb+0x376/0x540
[  796.744990][    C1]  dummy_timer+0x862/0x4550
[  796.749510][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  796.754441][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  796.759370][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  796.764299][    C1]  __hrtimer_run_queues+0x529/0xc60
[  796.769499][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  796.775208][    C1]  ? read_tsc+0x9/0x20
[  796.779278][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  796.785075][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  796.790180][    C1]  handle_softirqs+0x283/0x870
[  796.794934][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  796.799688][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  796.804967][    C1]  __irq_exit_rcu+0xca/0x1f0
[  796.809545][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  796.814735][    C1]  irq_exit_rcu+0x9/0x30
[  796.818964][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  796.824585][    C1]  </IRQ>
[  796.827503][    C1]  <TASK>
[  796.830424][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  796.836397][    C1] RIP: 0010:netlink_recvmsg+0x183/0xa30
[  796.841957][    C1] Code: 0f 85 ca 06 00 00 41 8b 07 4d 8d 3c 06 49 83 c7 08 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 30 e1 c1 f8 4d 8b 3f <4d> 85 ff 44 89 6c 24 24 0f 85 76 06 00 00 e8 7a 3f 5c f8 4c 8b 7c
[  796.861556][    C1] RSP: 0018:ffffc9001aeb78a0 EFLAGS: 00000246
[  796.867625][    C1] RAX: 1ffff1100b11a441 RBX: ffff88807b14e000 RCX: 1ffff110063f2cba
[  796.875585][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888031f965d0
[  796.883543][    C1] RBP: ffffc9001aeb79c8 R08: ffffffff8f5b9137 R09: 1ffffffff1eb7226
[  796.891502][    C1] R10: dffffc0000000000 R11: fffffbfff1eb7227 R12: dffffc0000000000
[  796.899462][    C1] R13: 0000000000000040 R14: ffff8880588d2080 R15: 0000000000000000
[  796.907437][    C1]  ? __pfx_netlink_recvmsg+0x10/0x10
[  796.912722][    C1]  ? ep_try_send_events+0xd9b/0xf40
[  796.917916][    C1]  ? aa_sock_msg_perm+0xf1/0x1d0
[  796.922839][    C1]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  796.928112][    C1]  ? security_socket_recvmsg+0x7e/0x2e0
[  796.933651][    C1]  ? __pfx_netlink_recvmsg+0x10/0x10
[  796.938946][    C1]  sock_recvmsg+0x229/0x270
[  796.943443][    C1]  ____sys_recvmsg+0x1c9/0x460
[  796.948204][    C1]  ? __pfx_____sys_recvmsg+0x10/0x10
[  796.953496][    C1]  ? import_iovec+0x74/0xa0
[  796.957991][    C1]  ___sys_recvmsg+0x1b5/0x510
[  796.962664][    C1]  ? __pfx____sys_recvmsg+0x10/0x10
[  796.967869][    C1]  __x64_sys_recvmsg+0x198/0x260
[  796.972800][    C1]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  796.978254][    C1]  ? rcu_is_watching+0x15/0xb0
[  796.983012][    C1]  ? do_syscall_64+0xbe/0x3b0
[  796.987677][    C1]  do_syscall_64+0xfa/0x3b0
[  796.992172][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.998230][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  797.004373][    C1]  ? clear_bhb_loop+0x60/0xb0
[  797.009043][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.014924][    C1] RIP: 0033:0x7ff630ea7407
[  797.019334][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  797.038928][    C1] RSP: 002b:00007ffc1d3189a0 EFLAGS: 00000202 ORIG_RAX: 000000000000002f
[  797.047341][    C1] RAX: ffffffffffffffda RBX: 00007ff631586880 RCX: 00007ff630ea7407
[  797.055304][    C1] RDX: 0000000000000000 RSI: 00007ffc1d318a30 RDI: 000000000000000c
[  797.063265][    C1] RBP: 0000564bbe457910 R08: 0000000000000000 R09: 0000000000000000
[  797.071229][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000564bbe482550
[  797.079192][    C1] R13: 00007ffc1d318af0 R14: 00007ffc1d318a3c R15: 0000000000000000
[  797.087176][    C1]  </TASK>
[  797.090505][    C1] Kernel Offset: disabled
[  797.094817][    C1] Rebooting in 86400 seconds..