last executing test programs:

13.656471088s ago: executing program 3 (id=1367):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x43)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x1000000201005)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
sendfile(r4, r3, 0x0, 0x7ffff000)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

13.032306884s ago: executing program 0 (id=1370):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0100000000000000", @ANYRES64=<r2=>0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="010000006b0100000100000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=r2, @ANYBLOB="000000000100"], 0x48}}, 0x20000000)

12.560108371s ago: executing program 0 (id=1373):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="ffffdf3f0000001500"/20, @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000"], 0x20}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x23c, 0x19, 0x1, 0x0, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x36}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xc}, {0x0, 0x38}}, [@tmpl={0x184, 0x5, [{{@in=@local, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {{@in6=@remote, 0x0, 0x33}, 0x0, @in6=@dev}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@local}, {{@in6=@remote, 0x0, 0x33}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0x50}, {{@in=@remote, 0x0, 0x6c}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {{@in=@remote, 0x0, 0x2b}, 0x0, @in6=@private1, 0x3501, 0x5, 0x0, 0x0, 0x0, 0x9}]}]}, 0x23c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xfff3, 0xffe0}, {}, {0x5, 0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xd, 0xd}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x4000010)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0x358, 0xffff8880b870dfff)
ptrace$getregset(0x4204, r3, 0x200, &(0x7f0000000140)={&(0x7f0000000380)=""/237, 0xed})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/timer_list\x00', 0x0, 0x0)
r8 = syz_io_uring_setup(0x49a, &(0x7f0000000500)={0x0, 0x79af, 0x3180, 0x1, 0x36}, &(0x7f0000000340), &(0x7f00000000c0))
syz_open_dev$sndpcmp(&(0x7f0000000180), 0x7fff, 0x800)
io_uring_enter(r8, 0x627, 0x4c1, 0x43, 0x0, 0x30)
write$UHID_CREATE2(r0, &(0x7f0000000400)=ANY=[], 0x1df)
socket$inet6_sctp(0xa, 0x801, 0x84)

10.619475768s ago: executing program 3 (id=1376):
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4004) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4004)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bind$qrtr(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x22020600)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000000240)={0x1d, 0x0, 0x0, {0x1}, 0xfe}, 0x18)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000400)={'syzkaller1\x00', 0x2})
ptrace(0x10, 0x1)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x44000) (async)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x44000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_io_uring_setup(0x237, &(0x7f0000000280)={0x0, 0xd8dc, 0x8000, 0x3, 0x200002cf}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000600)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008) (async)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3}, 0x9c)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x38, 0x0, @fd=r4, 0x100000001, 0x0, 0x0, 0x2, 0x1})

8.308075708s ago: executing program 0 (id=1383):
socket$tipc(0x1e, 0x2, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000003100)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000e00)={0x84, &(0x7f0000000900)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pwrite64(r0, 0x0, 0x0, 0x8)

6.774595728s ago: executing program 1 (id=1387):
socket$inet6(0x10, 0x3, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
pipe2(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4880) (async)
r1 = socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$uac1(0x5, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r0, @ANYRES64=r1], 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="54010000110001002ab57000ffdbdf2500000007000000000000ffff00000000000004d5020033000c0015"], 0x154}, 0x1, 0x0, 0x0, 0x400}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f022}) (async)
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) (async)
r5 = socket$alg(0x26, 0x5, 0x0) (async)
r6 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) (async)
r7 = fsmount(r6, 0x0, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
pwrite64(r7, 0x0, 0x0, 0x2)
r8 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0) (async)
r9 = userfaultfd(0x1)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f00000000c0)) (async)
ioctl$UFFDIO_REGISTER(r9, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r8, 0x20, &(0x7f0000000000)="1c681411f7a496c0dacc6a3c24465b016f64b4c00b5f7c691cb24cb8000000001a0000200000000000201500", 0x0, 0x48) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmmsg$unix(r11, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000200)="9386", 0x2}, {&(0x7f0000000600)="61dd6cffcd3c96ec98f5b6e22704fb0d33f980d2e2fa59f0dbc1be56ddda042454323670a830307d497fefa5e32ca04b65b3b53d274a214a51ff45ef551a410e8f6176e7da3f5ae844c3ed2bc74717b1762bc4d55076965cc7b2da4fae86ddbe305fb1ed445283f7277c3cd7dcaf5f059617a05c83262360c5aef0358954ecda76efc8551e8484cfb14939ae27ac0e13038f03a759bfcc03c1954885508fdec0ac120ba655d09c900b834469af064d06a0c7a20c3639d5da95498c471c23f2481295a9dc62231948a9def8f7fd75479e80e77013bef4f03373090e2bf1225bea1684475878bdc0b9a3d19b1a292cbcc0dac18b5c5ac278820319ab50ce4444c8f9117a31935e58b58a42e290d8880eb26e108ee152fe110c64ec43c3440f323b6b848cad114084d3de24c8ad331b043d455abe8ffb990db715e5835a003e4bec0b5c380a42ebb18063827db4a3b4600777c7f2edd5d510925e681eb8d6b22c9561ca725c32613f836fa7d808c24a7cd19aad2c873ef386a3d4775237cd7daa5269513b33f4b3ae19134f7c1804105721c5f2d2c87aad575edebe8a9b7f8e18cf648c20ec93d2b4534fdf319a0f095d402ebe70054d66daa90745dad265de372a0311b451c5a2a0a29ff0f9dcd34b8b6e1574bfb9a35462eb032cea247e21f91fb4a4e7374eaf124554285c31858108f69ba65bdd8f69133229e715a57d3a7f02d70a77f76bf10f425d35ebd584fff392806d641ed1eca3eb3b6c5d922f99cce7b6532e9421857022bbee42878884fb128bcbbcc47d0ab2ead31d6b322ec490edc5020ba0a58896d4027c57dae8d7b959f5bd7070cc2b27ae14afd53d1a4377c2e4e4c7c02a6bc2a987144b46bcd2c05f8ee29c54578b511a452dfdb6e2c76ed104d11dd5b76e71cf23c41d35636ec80f051f8f627e15fdff19593ed133451ee6823bdaad07d4959b22ccea51e3973f8efa286270622a2e7c062a2ee020edc78d9fe0acb458d15e0125431cb782c4e3cd42a36d3777e903665090258330bf26025eddcadd3d282313353dda11d18c34fcafb84b40f61bb3d4db9daeacc16342b408a64cb0ae2cfa1fb66d51c5acca4020ca7a16ad3140cca58ce97c08f8764806282949c642eb354cca33645a0877374dce2767ec8811b8e32cc91a34aae46f1197d32334823dc355bb6f37945eeb846aae515f65621d0a9aedadcc261f2d9fb36b6fef04ce25e0b1f0f73faec628f5e6d273c519be3c782695cad79055ee0e2ce41a8fad94db5f2f3e0edb31d1e705b42bc260186fc52686b4a61e1d73ae5ad46c3e29d14e2f966181970ee186934d96ae7529b0831867f3044184c1040f2ca1596c8594d1a1ae9e23de32f02b9dbf623bcc67eaa7de753279787bea352c174d1e7dd762ea260317b5cda8299387e0ecf531a5448b958702d2bfd85aa0ea5b9989d0a4df13ab6f02b30d37beb61fa4717378ac9a1788d601649140b6a3e3f543327ecbdc50d1e36b9586c5505384e55e7be7e3ed1ba4d73978b557e37c0297ecf1b55eb69b9a570d0c88fb9fb6b2da0ab8f2b0b39e9670ed3dd115b4cedeed5c742549cb57726067cfd983502513bf2020cf8ec1f171101b1e4d8a6f47920fac3a0107e69e2f5f3315d7516015500199f7a0df0cb746c5324caa4009f562d4cab7366206a0059928030c8106f42d084f92ddaef6fc75ddab1157d42825fd55327b7535541b45c1ef0750874193c56fba83f5c1dc1f22bcf3cc209415b8996ec33458a11f5918ae98f696adde58fd3c1d6caddf5578e8251d71f39fdb6fb26e6327cfdead192030a9cebc11bbf2e07955c1eb4007094227752ce2ed57ac7dad44521f2d056b768afb458148c27b86b038e7a0b543c5533833fcbb09f6107a87433c45c521153eb70d7653c7286fb0ff47a43df655d24e6f32aaba35bc03f867e3b105a35edf98b5275b8e96c17f0ffeb7d68bd37a0c2317ed514ce17bc76e19e74a6a96d1ad26bedb4f83a893e77fdfddd4a1ed90f857138bfd2f0cfb448462986c1bd5614a7b9c81a1843e9ef47acc821c169cc424ab9f86d6cf32a13394e174bf82e17d1bdd27cea251059a511be428a6418ef491946c56badfe0dd2fa2f153d512a356b87f52fb01a75166fcbd4e9a85957110e4809f633f14b4218db3d2a85b967f2e850e49a6b47fd5256fbd491cd8517f61c5811335eb537d15ca1f82d2c2468011a9b7e04a545ed218f56be0e810b90ad4e4e1a80374c06c7dee93d4cfb5be029f69c96bed01a4e49d7ef1667c75e18a50b69d4189cd4eae6813cb4a8817491d09004151223fe179ebdba76ada5b5ea0bbe7b5991ab89b4539a475523035a267244cef8fad73179d3500adcc94ce2d57b175855f3690a76624957e6bd1933257892a50641f13f8cec2ae1f8f1a8b1dcf73f7bb68d952b6380d7de2d641a865e2f33685136f5f592058b4f3b501434e44d3ef2cf9461c2dc14d2d60c81e29ae272d23f0c8812e0c3ff52e313ce9f4b41f5b9c7eb19fa541b047c8d08805d0e79b11157da9a270c11ba94e960264850a8c7ba363b95bfd89a8fb23c4efc4910ea69ba787701b85739411da3ada05c883239f3466abad6be9738ab2632e1440b1d864ed93799f9a219ec47b2ab0407d95147a878fe6dce1a080544fec548e4b538fa370e7461046de0aa0488c210b745751264c28b77e042d39256888ebbcfa88630c3171b1de9b005dc0c055ad3ad0eae62d7884238b687d0eadaf87f108da934e6df02d92d68a57cfd5d594c5100f898829d89a820eda48b5d1bb150241202f7caf0bade2c368e877b81c7b99adcd7cdfee164e7265bc41d5e8c7cddaff6cda1ff1f9ad0748c9c5c0a8cc0d3e9cc0173e2084367bc5b03a08847a90c9a905c9166ad739ff5223e4e0a5c29553a41c6dacbfbdb5037f72a2624f3d2f0ac2e76787a859ca315cac0324f91607ed96051f02372f14dd2afb6650c4b3cc8daf186bd9db1f8761ad54bd50704800feb3a9b1c2bde58df6b8b44e432c784dd30bd6fcc39989d1369a5bb7c6ef1299082ddfcbb55524841d3263c3f4d4bfca5ee352f469fade2d730cdcd7452e914971fc76045d48edda75269f077e4c54942462f9d38a50f6e371252f4d1a8c9e150366ea64e3050b32b75f2438bfe2a11f1ddd5a2c93896b29bcc2f05433917925ef5e9fc0eb6364a5c79a5fad221c2d6faccf4f35a02bdea5fce67d5976d5959462a92cc48c957759e498ef2fea562737ded1cf18a06870e8568fbe7ffcb6a40aab55c6d43c0e25401352085cf15d8798d7fb09fe60e345d12463d992fb1642f2314e102b3a77d552104e896e50515adf2616442d4c2628f8950c373b5b7ff5efb6816438c7765ad02707ef05041941d005cf9b45c3d73a8e2f6679cff892c27ab25815637867fc422c342404b2e9b4025d993c86665ddc95a0a2a5f7d4ce0f9ad0266775949e618adadef55062f892bf5db1ad4f694bdb667a0f483dccf97604d4a1f80d4e12dfdcbf53c5afa26a78f3a34fb97a0854ed5242fd3e2ed9086fc22b9234ab53dfb222a7c1f0297a9c1a65e2eae603cc1dd41684629bbc6ee271daaa7db9356218af013064638b07255d869d3d3c7b317cc3092f6ff0bf05bfebec48ed5b58417903f3f731d77351b7cba64ccb84438348bb08047b3a80140ed92145a477e9ec7631b836e1a4af7bc2e41df19d28301d3425dd9ada144a161c5e987be62d824ed15da3bd46463fbfd610bf99bb4b7aa39eb05a234bebcfaac6ae9474213c4705818d3e0ea109dc1e35c2cd3d99c09c0cd1312e9ed93748fdc8f0a19863b93ebe9671bac09b08f6bb889b9c49e8924051b326c2372e9b46c1aaf890730763700d4ed8d11f2e5e8b6a44474a0fab9ebba6d7e415771b0a8b9eb4038021831b6fcf2cd80a84a5c1320399d3cda57d869ea6320d252f849835570be58b6159ee444bb9f74a3c236a1a08c276963ca350448559fb212660b27e17a63b61ec88a120813dae7a6854a7afa2a6df09c9a21aefe1ada3bfb6e7850b05caddbb04eb8c6fa6e8ee83a263295d9c417e86f094d91714ca1c2d9eb33a1a85105647c61e61b4c5948d09758a0afea13d543d6a4bfeceebbebab3337cc643f563e1bb145f8f8888c8dec3ac2ca7dd2d325f86907e209c2b4a52b2a2e73404f26128f31b4dc5fa14e123427c2847889a57a717b7dc910664e68e07c6f7d66476b078511ead2159b7ab844dc92633a05f027afe5f0f4c274847dc073898fd561d2dbff9a2240e1622a219114a9c1fbc7552b6611a5d0a81ccabc179ac2a9c96001233a3f30cf21b3c07bce70325d5fb2ee9cb423d0fa9588f261f715a846136137fc64b3734b09e566436bb75ec0f54e99099deb0a602a9746e8ff078a68380b811690a9bfe4d6dce93d04b80a610ffa71f30c0a6ebef588d7bff72e63e20973f0e1c2803aaca3c30c4cc4d92023f4240e297f384039a9331889dbd7865490fbd8d2a9c2ac5a34047eeb2b1e50af017fbc10a2d8799a313d044d1e23fe7acbceb0754a52a08670c135d0289934697b0c7d67e1a91437ee22e39bebe1c91735ea4f8f023fde55edfd7c18a4c4d0c36963b866f110c6a28c4f86705a798b5f6de670d96ef209c5751a8d586eaa941751c8cdffafc9363c11be754d1b8ea81e51d8566f34ec5d39cc8183d658114b520581f9caf7c8c864d43ce62c9f3169f6b97a6267a3e49a07fb6a668f83fa0b810cc7b5bc9d6f7d6f056763a7aaed67f78ae09ed10bb62cb16d2d64d7813963ad986198bde0e87229df39fdcb8ffcf19dc680a8daa9119942f3b1184c53b965058295ab6a458cb54ee4f962be6f3ad458156e87b43847b25231bd0e00306112015ecb69d96f43e44b584eeeaae68996a16f5e2d87d0e19130949fbbec87346684449fe698d443a04207cd7308ba13ccd611cc11e1d4539f3f84377bc433448278f159cf9355b6efcb44a9d9275bdc814502bfa1c4184719cf2b08dd62bb2d340922311c794266d4038829bfa8728d2de46677db5d3154a585dd6fc0b974de132097f742d7dab2b56da01aea7442c78eb19970897edce2aaddf04ef53b0931a4940ca992125d94d96c7c7fd826f30d89d0f2df93a556cfa05ec13f9904bc44af63bed01bf4e2b196c4de27d98c7253d32d1d9994d2ed21b7a3ddafb5bc3bc24a5150a51d5cfe7a0c2ecbf6231f61fc0f8876ca92102dc8d7bf345b4cce65bdfbd9a6ae7825af42b7ecf98895fd17cad94a1cdfd20a732f38cb28318be352f0eaa6abd14129823fa086c96c5fa31aeb2660084571a9291ef04415040a47d1da37c0fa1fe5811a248d3862acc1479bc9992374da2c7956021123dfc3850435bc8b82b4bed0549c91d14afc2f55eb96b9980fc7e2b656cbe2fd54d4cdf9e831a6e698e0d3efccf6459c83b8c0fbbcab4df5591ae7865517b918a35b1c339f49239af82541d78a8f9385271d76cf5fa48481028a7d82f104575a4e7709c846d19724dba9b0df337e9cfbc20d467ca4836462f13c153f50e13ffb5346620e31adcda5e8af07548c9ba5868bd0c3dc54fd95b8f3cbb30cc141988207893275a7096d8d1c402c772f7f9b27ed269802e7bbddb576ca357f83dbcc04150a6e6017367b7861bbb59dc2e2e5490805160d1bd0548ea12754abea3b2b82a447e1b8b36c8fe0a8f5b3bfb735de6dd54d77b27972a6225d3f81d42dd8dc86cee570acf1b8adcaf7eedea38bcd4a5d6962be6e6b8ddc5dead0d246a1463dc265eaa81bdd2ffd4dec9fae8b9aaa6c3", 0xfff}, {&(0x7f00000003c0)="da0c9af54a7b98b9f8b7e708022b92de7ca6509f", 0x14}, {&(0x7f00000018c0)="0f99f22dededa21c7f3f5137a1fd3203b085d4175258e3747895e7fa9fd4c52324a14c5b15a57b6c2bf93f87130b61c01f4261a20cc3381c2a1a89c5f32ee120adfd046f512d6f8ab8f0fa0602b86026cfd2eb394afa2230aea4bee59ec62d498ad91e2e89ce7abbd1444bab5b9a87e7ac4471f6de132091d8a58082310e5e265053757f5b3bcd8417761f784569cffec3c5b742331ee2286b80e6c5ab3f099f42ff863a1674a15295d0d400ddc16b1c9e09363975f5c9c1cd09af674c53a7c31602142f58fd889885b57bd67cf7cb3f0f892870bb8a6f04781f5f2c1c45a6c4dd42496d41e7e2ed8698f323b570da2818b9bd6eb25c1358f2886cef361947d4b2b5b665b2fb9256cb3a16f39e487f5f415ad7e9a745e13b1691336913677f607651c64f22c44eab7a3fa1589ff2be88dcb3aaa36b10cda0f022446713f894c63447d29cb75bea4a15449a295285893a5f35dae53f3c6aeceb68947e2ccffe05f65b9fb024f883fd325f67e838c686e0395497d05b8788553260c2b98f36b79c755853b302c34688c66bf0a24c12c8f5ef239f0bd383673ca7b7ce4e84e56a847294580c634463d4f9d6aa6bacc1f00a814c45a19972a778b6900e1044781a7b8007b434625ab94c18cb886fcb8033d89c365f302245e2b629b8fc558ceab760951f2b5638376c573db7bbe8b79cacac303f2a4c9162e792b8f8e7aad7722ad7864077c1aea0809744d19e49be407ef447f40971f09c3021642554ecbe01401354f0ad718eb432b066d0cf422091bfc4a9092ed96046e7db3460cf98fbbd3488bffd8a6a233b51e17afcbc39b18f914ebeeb2edb9fe3eec9c7bc943aa51d0f98d45162c8d3e158ea2c3ca0367c5ed2af8bca72f209076cfc931a5907bcfee9aa8185b0ac75d7f3b34e72e8d6c4f1f7d6dfd6fb5f763ae071a34f30e4d12d3375f2f492f139430e1f2ca1bdd106e50c39575dcda30786741279b8bc4932d90a7be39f7ace6f142e79bc023b69aacc60c6bff1fd924883eb92f1984dba7d29a7832b12b6ba6befcafa2c483142bf5be97b254c615e751a5fd7d8247d6628c03beeabb77a40c132b57d628cf9c56b438ec8e0bd7aecb778614da0f439eb9c660394f65c24616f7834b5d7e0fbd0e48a414f9c7d6069fbfdb8aacfc5fceb88c6559c06f27770c042336e7328838409d5e64d417c6b3dc737934369e7ecf253f96344037551e0d63239ba03ddaf3382247d50f3ab3a0a0db41d6f7b5fa6b39dfbbf4900511995b657b3e73b3572f8f97b86c65e2c291cbc4277e3d593d9fcce59b72b1eb273b3bb6085f6b53e7882695a6892aacddad22da42ff988c020e9a004ea0294f70ef29c8a84a771e0a0f40fb8ba44d07a70d656f76960da7fbbcba06269d51f13a400568e0bb1fde23b99cd461f96a6cb1e8a3dd32b72b1fb96b6272ae05b0f7e59c4a3d9ef59ad83902a2719cabd3bf15813b369aa6b0d719c3e3d85be0fcf94f2dc4671c47a192863046bd03fa0cb558c46a7522f5d6ed43587bb9bead66ec7d398a16755f6628aaeb488347386dc313f08d2a8d4ec675ad25bf734ac6d8db83e19dd47ced8150830ab33d1edab380ce7427d06549edf58c96e34c238d140a11cc9be3f65833f4ba2c6445cc069522f2b79dc9e32e7480ace6db62e0346c3e8974c570e24f2e092cc8a8b60a776164c8d1296aa2a4cb24a791da078f23ce40d95adb4868e5b3628f69c4873b475cd07e917fa098617c1cbe85df2f9633cc98127e6ae4aabb8d2c25580bc973848ab1a731b3b37ffaf012ec60cc700bb128b39bc57cd4cf358136fcc9d9b346337b9dd21614b17eb68126accc3033294ae5db5bfc828e1e3676e49db470a9d4c7e00cd273a5f3203b61266e3e12e13536bb3820ff836724c5ca69f16f5e3a4161023d02649b3013f2d1ae0f1d774c3231e3d5672013a8726377860203d9f85fc8d2a07a5f5913f956fcd4ef3cd113766e3075d6e56bbb1bb2b7eda29adf87612d44fa00a18c777ea34493c362b8d9af8c75cca9fecbc100ca60fcc8ed7429c7b45c32e265e83ea528ed9cc852084efa4aaeb682d6445d0642e29617dfb421dc9e6e81f18a361d1f50abbdcdc939807bcb4c7e69ca06faef0c14d34c3e1d879bfc268f29de428252d804babbf23d974c256fa1ecd2e7cc02db5ed7ab03066309366df650beafcfd457b1834596ca28637f82ec7cfbdebcfbe5d49b25edc7cbe766428cd8c16bf9141bde62a147ba973726b91a5cd7dc86be400984e00b0274daafa36d10c4dcc61e4fe573d563e1fc400268e7d94c922a25bedb1ab0a18f03f815e0f966a256be5f334a9159f5dc35e94cc211de4eb6656b9ae9731525f9d51d7313894a316a9ea0f29ffb462e449e24d819c2239ac801c6d4dbff8f0bf5f0021d5f89bd2729491fc7401e227860cef0909fd014804a651c367960977b8f1719bddb7d2aaaa6a996e4386f3cfb2be7aef098705e8d7e3c65535555ea221ef58710fe4f260783ea29538cc1ba27910dcbf83abff3ff5f24c180d1218364b8480ead9a3883163d8a60cdfff679751a8596d77747512bf708b597ca30fd0a1e056fb04ff18decac672e78028310f51d6e0fa3fe550b33a606a4a14803babd112e1bc1e8504c008b4c81be52e5f5ac7b1e3603534f329d999bfb9f86e23daf17283fbb903b0dedfe10e0b6d577e6e0e4a84edde14cf5e92074e4c627e845ca9fb0fdc95994957441e690ccc147b138172f1bc8bb3488dd988f646b6c916aa468960f27051c36cecadc04a872db0cf6583831f5f2b6b9d0dfabbc974d4211fc70b087c3411a2f7da433bc090b58ad789ef5854a33a2629655c26c4ed1dafa1c729d14f3eaa921daf4ecefb9e718c8930bbe81fcdda83de1d884b48a5045bf3e5168c2182b2d15ec2e044dbf1da9738ba3b282bd641d0ec76333cd436417d62da6f713f55978c1874916595155880a369a99c0bc3ea9bb84e78b73434b4ec13e8cb96a263328334dc608eeb95bf405f8445d438b73c52333cc8e27d095fdf90c0f84449409a3fdd25d6df3ad22cc7907c77a97b2a80d36ec9afa06c541fb65beaccc0e816aca0e61e24490c328c93ff051d6e7a6e3b67c71faf026aa51a152b3bcf1cebf35cbf95593b6df49df31f55c90a8a8681ede58d8f8f08adfb3338c9bfa504e12ef5969008f2edef7289737fe225a0d59e51f58e5d30fce958c107e974dac78a8d38de3cd24f6b50c4a28094eaaa7652ec61e33e9eccbb1bbb97624be930ddbd1769acf673af84bf49872ce1ffd41f951f84fad50414a3ab71fb51502a2cd606e3a8eb7a570fa2805b29113021545f7bc65a7f63fb3be69beb73fba193c11aacefb54b14f6f00df0004f576623c58b194d6372782629789cfeaef68be3052faedc406db60ce2d5c27d70f730391a65bcbeb5adff4db1305bdee2fd6870d373ae7a435f9d353c962195862f0731cbc700ce665fdb46896e5d8d6d376412e7da8c0072fb6f7ce8cae8990574dcdc1e2f5220e685992f19f56562c1ce11c84d06438a32cbc56f9d9b75057aa146134392e2f6fe542997563e506df7e61d7af101366fe7a839acc73dc9fed3d5895c6696523ed5c5b8c5c896221ada4cc61e4b9de6a3afcdd0eb5e1643496b66c8cf6d503ce98206b9f02e78f9946ba7f3ed075153a6c17bd5193fd53461fbd2da408281794009d251d77ed4909e0bcbd959f2a49d2558782fb2ca37850c77fd2b5d7be0e7867393699c4239b3f45c423c7cb0e70ecb1fc135586b046a7696e6b0c60b3105f0ac2de3e949b70b03fbd2d29faa59ba534ace2190b34645b35e8566110dde379916fbae15ec70cad6819917d3c86d2b33519a3c3bd574041ccdccbca9e71f91c852a637385e66d348789535d520686fec5fc3ab700e53c89229524b8972c831c45da095750f0af095bbd58c13d42ca98f96e4724de06371dc00f6eb3be86c6f71d6aec8e9af31e3e313ff1058795289affe6b1ff333bd34163a3016d1a8d11fd4893d5d60f40c12768134256dd34f7e3280130eacdd1eeb8307ea89188eddefa49c50d90616292ef669e547b4070d0eb11e45a4a142cf98321ea0b683cf4490ff099616fb6de5f21c6fc3e75c3a39f850336907182101833b213d41109c450692c6f5c649fc177665c8e611dd9d1114aedc2785f38cc91335142bf427fe261f15d3aec95d774e32b9af0018272cbacdece42af29f23dc711a2de8bddd5ee1bb8ea5c9c165b47172b21358b0c2d995fcd23608b21a0d20e34340a9ce4f3add2624995f115ca06932aa9092c31efd20437424fad6d10b319f76c4c30757dad4fa0fee712bfcbc3ef0df146508d215746ce26d452bb0b497cae858f0db2e87cb727034979a38e99820f5e44bf863d7eb5b51a04facfafb6a118c18c7486800b6457d86a9ab65eb2e8ce26925657b1ac44cd74dd5fda044df2802cbf242ad4b5a4be477d60b6d3765e9737fe4be0120b6e840cdd9827512b12e5e82389254ac77237a57ed5935911b95eee2142a4962efecc80d9c0e061f30787138a326945e17521d812dfe03c71d671e00ee84e6cb9c4b788d03609394fd5ba9b7db5d9407134140804dc634d8d7d1cd5d69656ec46caddb50db222c691ee70998c41fbbf4df85a8ff1af2fbd21924df16124979a9f53170f2bbf0c4a3e61d912ff6a4d1fd34b9596fd210c242d6072110dc96cfc505084baa2bad0070c05bbdabd10feff2a73dbf89a47d891687e0437e8ec6fc96f7b8d233e008a98cb12b4a4830d56a2c08b0b8f236c4bc04ebffcd62a4db1c95a945db62f9f78cc85c0a8dd954614ee78a36228615bfadd227c33c01db4abbffd509495096ca3e2a6b7b23a395b666d2408a717d2a3977812428b092a8a566a32ba9a38e669937547c9e9dd96c2db92651948818e7a224304d26e1577f572ea16dc8716326ce41d25f4f85beb671542b5c9c550ea4fece798619ca6d9e3898cd006474aa8765e8365b12f30a9e7a01b3caff74d016241e43e083b0efaaa1bccd088e61d0840d7fc5e54e390a0a3a489fc80a041fbc186812d5a0cc91481ed08bca219d836171339fb3f03409cebaf5b18094ae156c906171e3726e155b94e885ee7a73c83cbf8baafacb20ec4dde00d9bd1b5231453ca912be5cbbdc0b4ed28a6f7cd4b3c807cfeda462c49169fcb5f18fb9344d8df5b4cab93b1ff2e22777c3546da368b1c673459d101c2ddc09d18672453ee0ebcfb3d74b615f6f9bf98d522e912bc0292534e193b14078db11a61ce9a9304d39cc8565e05f08c33fe7487e7329e15e1687e604584ff1d3992da389ec5140476f9306a6bcd3cf6a7db8920a139c6a2e91191180a8e49c0300f3e50ff17abb6203bdf703cb4af50735e8dcf1a0920c10df1d444ebc51bb53163effd320260f8fce88d49c2c044f278ff105e4eb4097087f50ac656e7f57a8efdc26e4cd0ba1eb4a96490a71804d9e6e3c7e615f5ce4893899fa7f59ed0b32351788c70a97798dbb3892a4ced9e23335c687f50b2e0e0d2209e08f30508cb280dc4c0743c8eca6c38b4aa6f5c573a12839c1bbf9db645ffa8d66742576e7f101d1191f0013f648e63bddfb25e08faaf3d8a0c83e44791fe8945b650395a98f4505259602e7846184e62a20e16113e553f7a64f62c40b2945c695e1706d395c248dcfd2b496aff71dc3590ec89551cc1d542d789335a2d612adbe7121e0766420e48ad29584199467089b35a8597745a866", 0xfeb}, {&(0x7f00000029c0)="4d92759da93bab45e06c9c918a365d105a34ecb1c30599e31d6181404f3b064eca337f39ecf6e087aa264842b5295132cca51d648aec1870f04960d42cfbae56ddda0309ddb5d3f1e591566c67fe9b3afd78f308e4ed6d7d6650ff104dcb268a1cb52ffde2d4d151681628e14b4e17f72bfd962ace415b1dea424fa8f1d0f05bff4ae7938c4385e957089973db330872e5d7c746ccdc89f3b25de49075be5b91a71ac2be71b5de17909413d79a4d6954d3ce82a5f37ce209e935099712981ffa904e1d905f1b839b50244058fe61bd9108f71ee4c22dd6efdb9fbdd1168da5c6850ad38150115eae37b964c04542ba9ce92fe7e9d152564e8380bae9e243ee81a0f2d3aa2c63497e6d83576787c27b9909a6e2667143694ececdbedcd9fac963b61707bb1c40be2bed31fdeb6fe15518ce72181b3cedeac5979ba104a4b9e7483698f0126cc0d5f46191db6de40c19f2a5992cbe5cf3f4d2c406b866fb36866fd7297c422f73de736252909718cd1cd2ef8b3487a5d1b0f7353622cacc96e461019c7de4c83d7eda7f4a9e34312969eadb5837f2c5c15b0eb1619f1201966b9a16b4b1a97a02a210e9be8bf39e97c83c21d76a4e71f2922a1ed35dff7d5ed8b3fac893f5471bb6a3c4e3116df60c26866eb6c4058160ed9dba503737a0e59d9a8d2ed7ae8fb50677b81ae336f1ff22012c889f7c11951783443aa0e822c928e4bcca90face244afc9ee645c51328098363115f0c0651f119512119075fa585d5a8d13b33338e9896c7620360b3eba888d5d8f77e203c2548fe83b61780d7e9f04e76cb8f60e55381d65030ab27a0f4f9bcd8011574a2afe422e7ba8761981066851b36d6fa0839d53f6097429c5946e0a4c3da4048c857fcd5e493e0d31f1be6066ec4217d86595b1e7e78d8f31ec9b0071e0108d1e0ad6f23df1ecb30e08047c5de6214a899b2419f08ce06109cd1681209bc9696e77f0960e9ced8bfc422e4f151d54c224243fb4146b5a94d955503b090f26237a338a0e6148b033de76825d055495048064a44a554c4136aa85782725474a48a18a9b9d49dab59f54c91ca1bee471132f0aca71857113b368b1dfcb33f708377b12e3332a77d575e32229ad181a1bf278aed413d917a18691c378eccc7b5fe610a7e7336843419ee59b12d92a85a47907eea5c026244fb5a3b73d31f35609de2b733d702903a13ee152295eb90822e78be201c677a4e4149dd31190d6781a719635608a2fd3d703d66bcfdf8ac7ef78106f4452dd3cf02c12837e9591e8a000e674bf0f6bf821d91db66ff48f8316ec9a6d50f00ff4d03d749d326e0f19dbf089d6b7747576ec93c970ca8918e4cec09755be25bf180e6a6db97116f25d87a1dd33978316411823f32f657a02e75bba0b57db7eb8448bd2ca7d1437e08480f12a415fca54467c5aad5426e3724fdeea62c29937760914af0bd89b2a2853cb803c41bcb7b75578e9a0e3f18c54735b89f2d54f2174415746484b89150968622201428a89274c81afd06b7c4bda47544b46781378e19bb2519115adeb632256bdca7012f96a24b66c58220309eb02f2fc22db4d2bd48564d3bf89886a64b9d897f69d7713e8181ade7cfb3daea499ab536b1fa1d6aa55df05ce5ee92d5ef2a9f33a64ff2c8e3ea50d9ab18856025adebe561e92240276aaabd86d523d74a0da510788bf8f6ba86af9be7b0584117c797c74172aad8de9a0a228377b06c6ccf94b4607231c6eed25306c1c29d8034465500762e57f7a93c04a008e2fe76a237469c4e24a197094f799dadee9622e11df1a9c4e5b404744b78627b3e5578f4ba94d62635897c4539500e13a27a0477d25ffb47bf5c12301ea523ef12f0a9b8aa6c5bd7ce3a07a247525bccaa89e79ae6cf296a59cdfc568833c355892a183148ff5d5e2156d43a72b172aadb75ccfd43575c894f1987a7de81f2e37fd3700f33a7e0f061e67a3a9fb47f5e926a07480ac5146dab1403b899ebca1e5e7fa1a047fbc0b52530a29ebf4c490e12813a2f37ba1d1e0251550cde448b4d7f37bac1c390a21939ecb27b3a59bfe01bc0b45a7886643195f27344fcd08ccd01bdbfc3bfe0fb1e4a15a8154fd770df80705dea63509ba9a59f0496f0947b3dab1cbb0a3455bd4c67251779c6cee007072af6a71000ec715d24a0e40d27c270d4cf88bfa1258e153c2c0c733d880f6e24d0e4c4e0c40a3208917bfd2cdf2ca62412a0dcf1ef3335c0f0c123b35dd71a46b31f1e734a22d98fb9bf505f74fa2c1029912faaf8733e67fe12631c320806c3c04f1620ef2c86f198b76684636efb5d7dfb08b6471b7755cb8fde36789032fb451aa5c7d3d534e3782a8fae043938efe3008d6a2ada3c153d89ccd396f182e21b2416e5fc6341ecb3495ec3d85da4ecc9b4609b13621e4e99f4a173a4c7ab7d1ee7eaf085bd56ebf63409c876515866c20c51e3f8ef3ba3d473f4f2e3a03fa7ec065979f692f53cb4ba0606acbd5f71555f878a97f6ea9b6e83efe6ca3f94c30c4169f619b6a66fa84c82238454b52adf74034d2179776a53df2794a80f72c915e65057686700c0150ba77d600b871f903cb35995257c63cf7f4d5132a1ee43a446e732f266618db79afd285366b918bc5556651098477a27c30fc9fd21e8c3330bae2053bd58f36c735ddb7fae475b3bb509abf71562106ddef0b69376107561f4cd68b28edbd467fcad835a68a322a4fdc41223aba36fea1a72e209d1e4c1d67ee75c9495330a119411ff96eb7aacfa4d6c15425a8498c1eebc1035833819b8c7f7b7f89db238d540d2236687477fed2d1b92d0751e3d6630d4bd47d4e4c36d0a1616f7659b4fa68d0ddfbc01febf488c4e5539abb725df527a5250bad0e1ac859642a7b6f93bf17b62347217bfcb7ecd04fa9933f092222387dbe3657076de39ed89b1520f6add98dbf72075103088d9a5305287b216682b5a7fee408bf77c7ba003f43eca1c676570e1cd704c0bffaf7a3cef3fcd87a43160cc085a6ee40f6465565182f66c1b0cd0368b6ef5b84cf2acd4af68fa84ffdfb0e6ebedd3173fff95ceb5291ef38c6b0bd0e2399b22153ee6bd9be74ecb958baf0b5b74ae5642c2710f34fd3a5d2f3a7ae6dc36e20e530628e0cfd3fd311c75b144089daf3bfc116e5b41c94b1c4f28721f7e30e1b515c17d3ed36ff27dc8b3764bb498828c9993f5ee6705599768f5dfd8f77fc4c7c3fb7541f0337ad9d97360a3d13fe419e35f714ab87b986b6e3e1653aff4a799950c21aaa4c604923092ee06fb1e95ddb369bd8ab7ef1ee6c62bebfd2c3bcb33822f1de579ecf5e3ded28abe97601dfc36e2529bc347c366d16e31073c4db2e156040538fadeda39a0574c3a216134584c69a594f396ae76d32755e521be854d5912b186d0c9ec494b42a07945fe370b9e9c49153cb0280f8fa65c11f1720d6353f2582bf3328ced72dabc3e71d17d4069fd70d923fd75056693b30271158d6bab982881a87b7861213e037807c5fa151902277c9e27c669a47a5030f34ff8eaf005bc6571a3dab9fb40de05968fa642a9e22930ccae43597a7537d1b357bb268a5ea519990a7543b1dad7e8a9dc419b46ab5709d7233e8c6deb73f78f4bebdf675074b4a43c135a592a4e4bd6e80e60608cc4194756ffd9d303b6558d439d820bcffb8e00d62d85169be933d210ff393d9946154a153c9c71ebb247c09520668985378b477a6ca2b94bc082c20c2e5e66ed46aceef41accb4028bbe51e12db22551633ec7e328d0995b02384a91346387469c63d9df34cae22639c1ef562ebfe444cc9b9ceec6903aea254a517c698adef4f64d69be4ff452e2bb89afbedc7defe3395f18f1841a37c75fbc5ddff99ccf11ef79039ee8936ef2758fe6fd7d4607c6d6d6e598acc64855603c1ec66637ea86d3728f8f9766240611c13e31b2bc80909fc5171b7ad8e52981934662adfde9fb6dd916d468a47e2cc0b41f8cea94a16e8b27ddd4555a011f2f7b943e87e7f0d5acb67ef0596382cc4acd7cb79d2322decb978839d4c78d4a4e6aee0fcf361501be6294596d957af673e0b396d8c234b2db3649c5ee150fd18f8386a4af04c5facff007dfe6dbe1cf9e707669a5c36b8897eb72f3864a5ea30887dce6bee01be3dc1b2ee6c9effc84582e7416c5b793a52c1550cec2139c6de5d1210c5365a237df90e35f5597ff6cf16298035ec08fe32df02c44f7ef4c9e1cddebe31629e695772cf5c76758418cac807ae22d53af8198bf43f0e833d50e6bbb8d1d091ce251db13870da83c6da56752ae2c29ba2a43b1c7a51b7d0940e1448393bc711bb9f069c3c28d21e06b982cf2a8d3cd5995117d15558e3689e382a4c87a19a10496c9eb2a4fa33efad5525023cb8d2977edad3a1d5a58a954a461d1e15c22fa47054b0e9845cc934e3dc51b01c1a9365a95bb1a586d099d1f7052df1dbcf4311e6e8cbcb25a87515c0183c91fcf7284165439af742d1b3a40062f1b755884ca06502fa1df4272cc5a4e15f896ca7969cab01671dcf25c6be08ae5b82a3f734f0251d9ba772a8c6b34fe4fb4a5674172dceadac3270a4f020ee3bfeeb46ec662c4add6901be54610abf2d75d6ebe18953c7b4ad43f101e9801b343c4f712af45b49a4be4719e78baca5a0fcf5a12bcddee60afed77024d9ee32793f0b9cf17b708af20901b85f510cfecfc6bf341703961fff25082b446a758a7cb5489d2a2709d6a858b81b43e21a47b58118bc6f75fa9cb6da0d0c3fb6a8650368e6fe932c413fec11fc9adf1bfce5bb52310130fde7bd7a51126b3c0a57877be5861646ea720550295302cd5ae1b4c3007fea9a788d38df9b39987afe1527b30fe5e5e565a74eb00f02d64867ebc0c51fc982df5a8ece51bc62a1916395aa49c7fe6a69ab07fcb6e79053560f2e6d6fec56bc0183684b52c10033c19a27b058ed23b4a164637d7b9caca06f12be3de812f641d148acd4c45c1030e6b916f4ffa5e39557df9b11f57660325d90e94850b72390dd766d959c6613540618b57383fe0f06765217f253f3fd0d757e59d4f19f589bc2dd846ecdc11bc607ce45c6e08da56d7589a20f7771f46491c9ee8e4544bcf6bfff5201e0344cf719c71f7b2e7149fa8cf1341faa68027de6b38d72cb7883c9b13edee56b088c5e52afb00afa038b6cc852b976c4168d3b3d4a01111a4b1003531c83d32d318eabf635f919ef1f981174aab1f9c7824023dc5aab7a4cc54caeb87ce4822261e4b860edb231ddd3259bb273dae38f3b30cf6ad65761fbf9e4190dcf4453ae5c6e60fd37f6238b51c825ff237a41072", 0xec1}], 0x5, 0x0, 0x0, 0x40044}}], 0x1, 0x4) (async)
recvmmsg(r10, &(0x7f0000000080)=[{{0x0, 0xfffffffffffffee1, 0x0, 0x0, 0x0, 0xffffffffffffff35}, 0x9}], 0x49, 0x2382, 0x0)
readv(r9, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1)
ioctl$UFFDIO_WAKE(r9, 0x8010aa02, &(0x7f00000002c0)={&(0x7f0000ffb000/0x1000)=nil, 0x1000})
bind$alg(r5, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(aes)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0) (async)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x3, {0x8000, 0x1000, 0x4, 0x870}})

6.503316054s ago: executing program 1 (id=1391):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000000c0), 0x8)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYRES64=r0, @ANYBLOB="f258876ecbd9081858d6d4d8cbae13da385a98afbba5fb8499dd36844b404154bcfd6833cd68cb5be247ea74d673de74114129d14d1ebdcdc3c682ad5709afda116ea8a9d8b26b46179c2837dee3bbaa139b5af768e29a30e608631acfdb02d0ba732e82231ab6", @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x20008000)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000000)=@sg0, 0x0, &(0x7f00000001c0)='./file0/file0\x00')
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r7 = accept4(r3, 0x0, 0x0, 0x80000)
sendmsg$alg(r7, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r8)
r9 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100fe0f00000c000200540a00001800000008000500", @ANYRES32=r12], 0x50}, 0x1, 0xba01}, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

6.045393282s ago: executing program 4 (id=1394):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./bus\x00', 0x0, 0x8}, 0x18)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2c0c2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0x4, &(0x7f0000000440)=ANY=[@ANYRESHEX=r4], 0x0, 0x6, 0x21, &(0x7f0000000200)=""/33, 0x41000, 0x8, '\x00', 0x0, @fallback=0x18, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, r3, 0x1, &(0x7f00000002c0)=[0xffffffffffffffff], &(0x7f0000000340)=[{0x1, 0x8000001, 0x7, 0x2}], 0x10, 0xab}, 0x94)
syz_genetlink_get_family_id$batadv(0x0, r0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r5, 0x5)
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r6, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000140)={0x4c, 0x14, 0x101, 0x70bd25, 0x25dfdbfd, {0x1, 0xf, 0x8, 0x7, {0x4e24, 0x4e22, [0x3, 0x31, 0xffffff01, 0xc3], [0x6, 0x0, 0x40000000, 0x7], 0x0, [0xde, 0x7fffffff]}, 0x2, 0x3}}, 0x4c}, 0x1, 0x0, 0x0, 0x24048084}, 0x40000)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71)
fsopen(0x0, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_NODELAY(r7, 0x84, 0x3, 0x0, 0x0)
shutdown(r4, 0x0)
unshare(0x40000080)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f40)=@newlink={0x34, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x1414, 0x12121}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(&(0x7f0000000080), 0x0, 0x9)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newae={0x70, 0x1e, 0x5e74984b1e295b5f, 0x70bd25, 0x25dfdbfc, {{@in=@private=0xa010101, 0x4d5, 0x2, 0x3c}, @in6=@mcast1, 0x5, 0x34ff}, [@mark={0xc, 0x15, {0x35075a, 0x7}}, @lifetime_val={0x24, 0x9, {0x4, 0x96, 0x3, 0x800}}]}, 0x70}, 0x1, 0x0, 0x0, 0x850}, 0x20004810)
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0)
socket(0x3, 0x1, 0x8)
setitimer(0x2, &(0x7f0000000580)={{0x77359400}}, 0x0)

5.659498255s ago: executing program 2 (id=1395):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x34, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_KEYS={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008010}, 0x4800)

5.580314568s ago: executing program 3 (id=1396):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000040000000160a01010000000000000000010000000900010073797a30000000000900020073797a300000000014000380080002400000000008000140000000002c000000180a05000000000000000000010000000900010073797a30000000000c0005"], 0xc8}}, 0x4000450)

5.4854602s ago: executing program 1 (id=1397):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xd, 0x400009, 0x8, 0xa}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/config', 0x0, 0x0)
getdents64(r2, &(0x7f0000001f00)=""/4111, 0x100f)
syz_open_dev$media(0x0, 0x0, 0x101d01)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
fcntl$setlease(r3, 0x400, 0x1)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000040)=0x10000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x25dfdbfe, {0x7a, 0x0, 0x0, 0x0, 0x40000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_TOS={0x5, 0x9, 0x40}, @IFLA_GRE_PMTUDISC={0x5}]}}}]}, 0x44}}, 0x0)
listen(0xffffffffffffffff, 0x2)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x54, r7, 0x1, 0x70bd2d, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @empty}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
ptrace(0x10, 0x1)
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x12000, 0x0, 0x0)

5.415064098s ago: executing program 2 (id=1398):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000640)='bic', 0x3)
sendmmsg$inet(r1, &(0x7f0000004980)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80040000}}], 0x1, 0x20000810)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000080)={0x9, 0x100, 0x3, {0x400e814, 0x7ffc, 0x401, 0x4}})
pipe2(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x84000)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(r4, &(0x7f00000022c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_OPEN(r4, &(0x7f0000000080)={0x20, 0x0, r5, {0x0, 0x4}}, 0x20)
write$FUSE_INTERRUPT(r3, &(0x7f0000000100)={0x10, 0xfffffffffffffff5, r5}, 0x10)
splice(r2, 0x0, r4, 0x0, 0x10, 0x7)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo\x00')
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_AUTHENTICATE(r6, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x104, r7, 0x100, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x8001, 0x46}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa}, @key_params=[@NL80211_ATTR_KEY_SEQ={0x5, 0xa, "e9"}], @NL80211_ATTR_MAC={0xa}, @key_params=[@NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "3910f670ec"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_SEQ={0x13, 0x4, "f800370f7f3a42a5cb469d35e19f55"}]}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x13}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1590}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1608}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x183}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xf}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2a1e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}], @NL80211_ATTR_SSID={0x16, 0x34, @random="301e42a8a5ebba230a39a676b1c5b198e4b8"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x104}, 0x1, 0x0, 0x0, 0x20000084}, 0x810)

5.370849872s ago: executing program 3 (id=1399):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00001ba000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x1a, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00001b0000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="f00fc7484d36f08266060266b9800000c00f326635000400000f308bc1de780066b9aa0200000f322e0f01cf66b9ab0900000f32f2f031b3e759dc2c", 0x3c}], 0x1, 0x9f6a364b3fac2a63, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
migrate_pages(0x0, 0x9, &(0x7f0000000040)=0x9, &(0x7f0000000380)=0x102)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x50)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000003c0))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0x3, [@fwd={0x4}, @enum64={0xa, 0x1, 0x0, 0x13, 0x0, 0x4, [{0xb, 0x7, 0x4}]}, @union={0x10, 0x4, 0x0, 0x5, 0x0, 0x2, [{0x5, 0x1, 0xf0e}, {0xd, 0x1, 0xdb}, {0xa, 0x3, 0x6}, {0xb, 0x3, 0x5}]}, @struct={0x3, 0x1, 0x0, 0x4, 0x0, 0xffff3b29, [{0xf, 0x4, 0x2}]}]}, {0x0, [0x2e]}}, &(0x7f00000004c0)=""/90, 0x93, 0x5a, 0x0, 0xce, 0x10000}, 0x28)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x57, &(0x7f00000006c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0x8d, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@bloom_filter={0x1e, 0x9, 0x1000, 0x80000000, 0x26018, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1, 0x2}, 0x50)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0b00000000000000000000000000000000000000cae471d725ecd1cea8281188769dd29e7feac94b25c3286c84cb14f23fe0c3dcffd0dd6e46b52f0cd4ad81776b8ba35653ec2a807dc3d6885e2459e88c0d3a3523f2999b7d082b64be1f2d56e57bae1d000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000010000000100"/28], 0x50)
r4 = creat(&(0x7f0000000240)='./file0\x00', 0x122)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, 0x0, 0x16)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = fcntl$dupfd(r5, 0x406, r5)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140)={0x0, r6}, 0x8)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000240)={0x1, 0xffff0fff, 0x1, r6, 0x1})
r7 = socket(0x2, 0x80805, 0x0)
listen(r7, 0x8)
sendmmsg$inet_sctp(r7, &(0x7f0000004380)=[{&(0x7f0000000000)=@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000040)="72e6", 0x2}], 0x1, &(0x7f0000000180)=[@sndinfo={0x20, 0x84, 0x2, {0x3, 0x8, 0x101, 0x8}}], 0x20, 0x20000010}], 0x1, 0x4000)

4.899468571s ago: executing program 2 (id=1400):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010", @ANYRES32=0x0, @ANYBLOB="0a12020000000000140003006e657464657673696d30000000000000180016801400018010000200370a0000d702"], 0x4c}}, 0x24040800)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
r2 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0xa2d42)
readv(r2, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/13, 0xd}], 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
munlockall()
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c00000010000360ccca382c5aabfe00000004007cb316cff33eef688c1b8bb48bf130ce4bf8cd6a35e01b5a3a38bb9ba33f0c578efc2bd795a3b97e268ee7b34f24a5c3c283252c023550e2d36ea4af645d155fd445d05ae553c40c33c81c3a85b906d2d4aa9c79138400cb1405d4a9e623ad34966541363662a537961301b065add9acacb5c8be7b89d12822a5d3ace82758537183486e157a2d92d32016033d", @ANYRESOCT=r2, @ANYBLOB="60bc010004a701003c00128009000100626f6e"], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x4000044)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap(&(0x7f00006a8000/0x4000)=nil, 0x4000, 0x3000009, 0x4c0f9eb5618f39d9, 0xffffffffffffffff, 0xba8e2000)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000140)={0x4, <r7=>0xffffffffffffffff})
mmap$KVM_VCPU(&(0x7f0000aa6000/0x2000)=nil, r4, 0x9, 0x11, r7, 0x0)
r8 = signalfd4(r1, &(0x7f0000000040)={[0x1]}, 0x8, 0x800)
mmap$KVM_VCPU(&(0x7f00003f6000/0x4000)=nil, r4, 0x0, 0x13, r8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
munlockall()
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

4.812105709s ago: executing program 0 (id=1401):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r1, 0x2000)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=@newsa={0x14c, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@empty}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x100}, {}, 0x0, 0x0, 0xa, 0x1}, [@coaddr={0x14, 0xe, @in=@empty}, @algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x14c}}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})

4.643809727s ago: executing program 0 (id=1402):
socket$inet6(0xa, 0x3, 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x1e, &(0x7f0000000280), 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1, 0x5}, {}, {0x7}}}, 0x24}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r4=>0x0)
sched_setattr(r4, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x100}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200008c0)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x3f, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
close(r5)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x80)
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='task\x00')
fchdir(r1)
write$cgroup_int(r6, &(0x7f0000000040)=0x800000000001c8, 0x12)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0x5)
sendmsg$nl_generic(r6, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000001840)={0x1174, 0x3f, 0x0, 0x70bd2a, 0x25dfdbfc, {0x1b}, [@typed={0xed, 0xaa, 0x0, 0x0, @binary="ddc6ed8f02cfec819eb72f79fe46679b92f2dfc785660ffa2459207a48f1ce3861b23b02b44f5bb8852fab92e2541e9eedd7b94078573ee52a1fd9a6f387d52122a5b7de2fb0f37179c89fec1a14c02cc63e26372d8675fc00264baf8a2c6ff022e75738525d072cb0f38cfdf5ffee5a9fd6bc220f987cfcbb697dcaf55cb5b5287bf3a0766f651023d363ef0d66d5a84a29dc50cd79bd7110a3914366ca5c9bcaa413e2d6221d7009fb39c52a90232c08d97373d4fa62de4c1a6ce33b190dbffb1ee0d9e1746571aa6daf5fffefd27fb338f5e94f8a87ca0d95048ac2479dd4975689ac608f0be99d"}, @generic="578c73556b259516640dc5c8d0a8f26c428d508a51cf06c8bc06694e04382cf80e6d5e1b624ec241501a6d97af81a28381e49c572b71ce4fe9", @typed={0x8, 0x21, 0x0, 0x0, @u32=0x8}, @typed={0x8, 0x7f, 0x0, 0x0, @u32=0x3802}, @generic="5b8e653a3add359402ae326216f2a76f8f3a258f668bdfaeb7e07c4fa9", @typed={0x8, 0x101, 0x0, 0x0, @pid=r4}, @generic="fd4fad7493a7082a4d9440cff3861391205b36182427d99678a9db51d272b8d8aa27c26091c635449906e7d0cabe7151b355192a426d65c41e29734ab606793ac259d403e25866f0929193a451a8ce6e56ceeef922344218ac2dadf0842feaa89b20d5008e4ec5329ebee8521645ad12ce7f37f36455f0ebad3f849daf5dc562ecdc5143d3a2b5c7bbe9e41c5b6b58883cc2f211203fd419aa5f26580ad8573c3ff619e1b420f1fe2556c2429eae496258cad9a46c55749e185a5dbb9d9bda4328d0371a67048810b06ac54509f5fbe4a4e0be2a5ff918863a5076830bea903527bb7becc47cac79cab185994f57c08b9f60af38cf32286d1de14f41b5ec42b64abe34e387f2ecb10af048cb77f293cc55e379cd4e399b8f006fb7e686d1b5c48491d4ffb81042ed56a5701978099f3f4da628e8ab405162b38a29ce270311ce59e0060cb7406265b278c84907d81512b7be153e80ac4dc2a547b90e97f21e3ed366f2c25d1142a8ed5577d6ccd4fd64660c317991d2b5908f39898c66f91ccf303e89332c2980810fda475d102331c0c5cb296cb0b7ddced57ae503fd344ccdeeae6c5fc1803ec3ec2a125f4df327e1c40a03afe53ee2399cfaee18cc4a0ed86e4267e29ab58575d76fe7d11109c06f598dddfce338ac7a7df2f716d05bc402ac60e627796331447e48bed59f6d39537677d6e98474fe4efc4b9621f17bc88edb889a88ca41d206aebb2c6aa7a9bd9657a11513612637851adbf26cd3e2797d918e3aa57dcae50127be8c1274ec0cf0a2b926d7adeb7358e0fe1500539d9805ca2d55e0c82890fa4f4204135c8ef2177d0dbc6516142bb4c0a6377a637cef13616433a8e589d79b57e616ac95ab833e99097f16e936a7bb52c8a74a4985ada88c286dc23fc6164f97760a544bd74bd0254969cba092ed9eaa8224fe638a5ef31999ce0bc416a76f5f681f37abcca3a39bdda88e930398ebf1991b968e389cc2029a0a92feab7180f7844d055e795ddd58a535cc378ba132b45c0c972ed76cad4babd0b19f98ff6764620f538129e400c49e7206664d7ddba3a5a1c8adf7aa784a90598a09757223a5bf8d34cf3add2159b42d07dd3fe0eb610b76ca0581ede5668ebc7d17ea37e7f0e021fc61cec61d5d4fb9999e955020529d4297fd052133ab1da6eb5359653d0965986457132937667a662412f196addc9f83b9009f453dd5b1f0435802c535a40872af6cf74945f6da3281e28019d70a0ecc9d7e4a6f08d06e0837272b24fe60c2e21f53e8c5fa4fb51118039029c9d9c04531575ca6a4b02b55200c02f79f1773cb2bd6799c15b22ed74fb812d94db71976b62ac90a76098e9f05a0d6ac86416970e86b8c9d02cf33139b64b33b00ba8111b3ff7b498d1be1d862f5b80cb00cfcba1dba60973179741880697d67d5e24a650d88cef6d2ae31fe3386a5116a05b504eebbd5d86e824d3f3ec8ecae0f1d93d7597fde134b63c196c7bd62b5b85a48dd88d3c6f14773448b9fb5c364b4dae7f7f15725d1737d447733fdcfdacf691072e105365998ab81072b6051a76188a08689e020a204c001033165e5f74468090a2b63bd359cdfebc452698f87e01097754592e674dad43180b04bc88240969621408a8a3b11c2f745b6239a8304fd75c236bdecee9028a495da41938b790cded3a2c04a7323b16d906b3437b6b7464fee2fa8c68cfd7ae5d7bdd98fad3034cdc50b61ad08a48089a5883b4891fe4fe8b3b96e1834292b3cf653627a03d377c4d55c8b4a4b6ed685ad79f5e356b73231fa1ea81854b1ca4880dd9711edc73d018110d92b7192af56c092371f900204214c93275798da088cdf3eea3a6da6946b9936d3dcbc6cf1998dce535e956a1467df0b5f3f733cf243f52a38b42ac816ea3b791b3b259612ef4ade817aab7d740ad820d8afafa329040c11a0d2754d2016d456c4bd41fcb9ee09e07145d05850dfd30fac51a39c2b9b68db3ca07777c13193d6145903d12a8dca1e459ce8d4ded82e1f46abbee62f68e3990f88d78d6995da1a4ae724550a8ec8a8cbd84167189097d341068749d5a2b0e86efa6d5bc0b9fe5b26f10b83d8ac66b93ef267b73f006b4456d1b6d91289c0ccb45f47f1c1310806a2331384de3d55fae38b44dd93bdf62db931effc9a2ca5b97bec836e2bfe5dd197442e06e0a29738ef705ea4e0b4b7acdae4a17b204e5c6168e4a5d16b7409b81fc45a670e1c2844f1263b2728a51e98b11d6ad84ecafc8386600ea266cf849a6cf771ecb10bc45ea79f890d137cf8c347120ed4c71023d18492e5b13278f894f5b11e31f16943d5fd4fe293e0f8705335d809a5bd50b6c64326fd2aa12d67a7d59d9816e0b63b1d9fa155515fb823eafbe6cc8015a2c1c8ee206b51e451ba33569f446a68379343ebb7ea602df01fba3aedece5570ebf2e8dc31ca97022bbfb9177a3663599f51978f6da7ef235ff90419accdfb4585cb281c133fd4e6041f5cf91e378d0583fe466376444678468c6f390c33b287417978e6f0450bb675fb7772d55a1692a98daf132a4cabd192d06972441a8ecb76071c79ca19272a6bf195ae3892204c5d797a9fae3f4ba1f2e77d054ee86a4046f8bbef5f9b3ebfd02aae2fd8c415dfc43f167dd1741d361ed2db3c0a83b3432e85b6f9466c70e958dd2eeb9a4bd2b88a25bf01595e9d27f0b20eb8e8c27bed1a72e0f6bf676fe792f4430f144fa3f4b1e0924d89012928139c7e649da8b5ad5e173d2ca6a6b3c9b313f26217cdf7060814242999ddf5bbd7293e305426d6e7549341660040b760246e4787ce9a5d360ee30745e1c6d894332684c3413ce029d7532baef6d9cb0850b14e9446cf76d7f77a24e6a9611d67d7f87a18d7813e1b4f14e6c3ec5cdd9419eb2ad17e6cec9f11ce36fcfd61de1533aa1bdff772a44191306d45e8e6483bb7454f8a3a8195453719f632f54e093ddea16eb10bc9cabc5928bf7f0eca426c325d1aae4d8ccc3f9ff531702d28c70e22abcdcd2f9266d03b5bfdeeb4b423f30338571e1c789decc6ad7ccce39467bc64167b69034c50c88e90b3f95e7015edb372ae546f59a43e71599544b921e1c1d11e1619ac992c43ccfa569337af7e2161ba6be58368c961e3489125cd77de8345e795134f643f0943105d5274ad05754516744023734d7b24a4684f8f4e504e6567cbc8122a7f68a2632577289be9bf1ea0805e44af3853dba14d30f41cd54d47007fab6c581992f4765c2b9bb7b6390b0d527e5f7e14a74f7dd06569ef3bdf9fbd99f9afd3ddc8920aaa78c7946409d4fcc186166acc439338cfcafdd809a834cb5efc4825c72b005f360962da241d5d2b9a8cf888df4eaa9f8c35c3553298e8919626e1f0141db908dc21b538ef3d099a2e93173635106dda7f182b5085c6d37caaab389b3413f3d32746d61abec3be09b4b3fb2398be4209305228aa1208d53087ed3cc9a9fb273d38e4dfe7e1c1ec7f4deeddc278e082e378281744e59cf44ce6667946bbe7e7aa41d7923e51275064c32f6f222cc92ef221a6b111d4f63743df5d029f6057ee059b17a6ef25f332b866e017c61f315934b0ae8851b3fd5b8d151e070a5c966b08dde3d7b7d6886139729769636e21b718aff5f991638d52494db6a53665693a90d3d0a6115f504dd74558940d09dcbba9509c3f9028a72059b002c306849396bee7b6a4b8d06a69736fa5bbbf0dce953535ef6a8031fc15d744621e26941e639163788290f94c7403731483de9f35dbf005c983935e22e7157a1605cb77d650cb20680e739c4d0c22f6d52cdde06b2dea161c84ef588d752cbac07db5dff1d6f1784f1c7b064465efeec57a08f949e058ad661da6e6047dba4c6d8144a2a44c70c22cec4b47f8c55b5b02ef072372956467357bf9eac53ddbddc67bcffaab59e2fb8016c6ff8878d5983eb6b6ddd1a1735a544998b0f71158c213794419ec2bafd7f85e067325b7b7629876d06c3feefc3e9b6bb63b2c7ff65cc20ba86ca132047b24a2ff16b893d6996129e2a18a0da2d0631ef66fc4b819af57831365bc4fd1108928295f3757a0b804b1fb5a6044e3ffdbc38a06177ae91edbfdd551f234e150d19710b94d09784593e032dde38c3406dd67be70890a1e0d12e851a721308668cd5df79d231fa8ab9070c20f0b1f10962e30181bd1086b1f3f0af3f8e0ca63e378e6b8fca5b90fa9a3494d048a8163274b944f03eed60c06c0c58e16a252bc7a62af0ce3efae9c4d5393c655008ecb98fd8d62022b657ff6839e131b2755bcbb4d502acd98cef28fd8fa147e3ca48a35142a38dfc4b900c2d4f860a1f50eea683a3c2b5aad765f37afd5f2349ccfa3d7ef4d43937762ae2debef22b853ea30d3c0c9ccdd8b814325bbf428619ba363bb2c3677f54dfc7333ac008a3a9f9fa8ca775244f9927d2ef9b72da244bee1008fa8dadc16aab47ccecf1f0e91c56912d7d793aa126750fd70783f5c07091ae4e74a630aae1b86572eeada459c08746014acfeb71ece604f76911ff23e62da9112a85d869ecd7cdfbb6e970565a5c9f6c73ae7108275447800dafe18b29e15f0435df918a5027cfd71c7d9ed6b782bf4ebb9dc8d9b87e259109aaf64b3f2a258860df5fd2fdb0528b2531f1b9ca5dbbf23976119af0e4e5c5513617e8e49016bc9302ca8b842c589b2fd9eca06553e2cc9519f207d45a4a7d64cddf1aa825dbc4085d1123fc857b2ccc8e48896711d91c0b42a953c68c2bda10ce302a55dc851665fcab4821b675f19a18bfed3bb7e9ee3d1f326007e2394a1fa52de6bec02e9fd1410034c0aeb4f42730b378e706ec908edaf5e01de622715459f8b4e70c1a7ae438dcec6826dadcf8c209c0d491d96098a4979b331f21fb848cd8bdfa9bb54c333a35e8bc6d80fa6f9a485ae8e33eb1a4ac1bcbde67e34e46d69f165aa99c9d29ac4fd280d5e6343feb0500af78f76d1ea7eb255be8ab29161faa7d0f7ac22c243785d16a595ff6bf8fc4685f4890b15e3f593103f73b0b933252e16abb661dd63af7ceab7795d9b60176a6f48acf4e4bfe9294e71426f3d0c4a935497c865685da0930f5341bb689bcaf4a3fd4ed81eef82c501ee649516608f4989253ca68f4e263cb0a1e8b9414f200e2a0b0a739eb67a985d510de72803b5fa3b7845b3b30e0ad2fac97ef679aa5af4d37ac67b14393f6aa0b25a22ef28653fd44e1436b8463132c5647c8002f47857df28b1a57878006b5a47d58369b3a48227a0acd8b24ff24ec7bfa535bbc8d3081b6f5285cc15889ce0f8f5d1c6c49bf9349f8ec383e516e85772633cf3f36c0bb6debd61916644d75478fadeeb735ab76925ec66c144e51cddec05a9ad7ba796b05557c0dfb0fa871b76e50c808bfb2aa960959bb3736a84509d1f2f2f50388ac3e0a28dacc47431f23f2f7a389978d9f88548f052ddc89e3bbb7ec43706f9b60b708ca41f44eb3c2af1ac525617f08ef74645c4d604eca290071716f8357c2bef54d4604de067d54aff0e3ddcb2bdae473b66d3b3cb5f32db12eab0e4b6ddbc5f69950f05422e88189f614533579bf587312716f0f54b7f32f87526ebd3a10ba0e1efd4fae2db6dab88222d8cf6071da5a78a17f5332c9276b1a6ef34e5b2783da64f80bab565f2bceb5457200ea74ee41e595f99dc28c497dc483844c20c1a69a35887b1333318c6b9a97872837eba8c78766ba52f250b69c226ba5b0c1f67f086bbe5e11acea85edffbcdf27af787306baa2b04730f865df3769bf6350199b"]}, 0x1174}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
r8 = openat(r7, &(0x7f0000000080)='./file1\x00', 0x42, 0x84)
fcntl$lock(r8, 0x24, &(0x7f0000001800)={0x1, 0x0, 0xffffffffffffff7f, 0x5a60})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003d00))
syz_open_dev$vim2m(&(0x7f00000000c0), 0x7, 0x2)

3.166642366s ago: executing program 4 (id=1403):
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0)
dup(0xffffffffffffffff)
socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f00000002c0)='blkio.bfq.avg_queue_size\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000000180)=""/140, 0x8c}], 0x1, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x100}], 0x1, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r5, 0x3b88, &(0x7f0000000100)={0xc, 0x0, 0xfdfd})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r8, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x1, 0xfffff034}, {0x48, 0x0, 0x40}, {0x6, 0x37, 0x0, 0x9}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[@ANYRES32=r0], 0x0)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2, r4, 0x3, 0x0)
sendmsg(r7, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40000000c6302, 0x0)
r10 = dup(r9)
sendfile(r10, r10, 0x0, 0xffffffff)

3.149223501s ago: executing program 1 (id=1404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000e80)={0x0, 0x7000, &(0x7f0000000e40)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000fbdbdf252100000008000300", @ANYRES32=r1, @ANYBLOB="24007d80040002"], 0x40}, 0x1, 0x0, 0x0, 0x24004084}, 0x24001094)

2.816184687s ago: executing program 2 (id=1405):
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x1}, &(0x7f0000000140), 0x0, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r2 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000006900)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc77a9b3df93199c796fa597f452bed6b6fbcc812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1d48f913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd375031ba5ae65e31f00e641832d29ed658b91f33595b033222944765cb6a50d859f754ed83eefd480be0e3100965f081190bbb39a5965ceaa76975b8888504", 0x128, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r2}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})

2.612120395s ago: executing program 1 (id=1406):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84) (async)
close(0x3)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
shutdown(r1, 0x1) (async)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000040)={0x0, @in6={{0x2, 0x0, 0x0, @empty}}}, &(0x7f0000000300)=0x90)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x40000000, 0x800, 0x0, 0x100000, 0x8000000}, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff000008000000000000000100008406"], 0x0, 0x42, 0x0, 0x2}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0xffff, 0xb, 0x281, 0x1}, 0x50) (async)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x401, 0x1000004, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503, 0x20000}, [@IFLA_LINK_NETNSID={0x8, 0x25, 0x1}, @IFLA_LINK={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac141400340008"], 0x2c}}, 0x0) (async)
sendto$inet6(r2, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

2.398418356s ago: executing program 2 (id=1407):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r3=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000640)=ANY=[@ANYBLOB="6000000218a30b99417d67b7e1e7544ee31d3833c3994b513ab11d2ceefa2bdc2001fed155626939bef87e3cd783d1f6e3f1bc79498aa6991661249495472c1906c2af0ac56da9ee4f87a1890c942ed7d385d05c97faa0cb408439adc76778a97bd08f71708b2e2fcbbd2357d7666619fb9c9d93c672758ccee43cd42489017df2941450ce3c465722f34b0a3f95d660285e68cc560e18ba39f789b8b8a6bc368e31f3dab4c0ef", @ANYRES16=r2, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="4400028040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400080000000800070000000000"], 0x60}, 0x1, 0x0, 0x0, 0x4000084}, 0x44084)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@getnexthop={0x20, 0x76, 0xb0d, 0x4000, 0x0, {0x3}, [@NHA_ID={0x8, 0x1, 0x2}]}, 0x20}}, 0x0)
unshare(0x68040200)
socket$inet(0x2, 0x3, 0x7)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
epoll_create1(0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b55385"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
syz_emit_ethernet(0x4e, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
r7 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r7, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @local}, 0x10, &(0x7f0000001980)=[{&(0x7f00000005c0)="a1c0ffff000039a9029e2d34161c00006145f0d9b160f03025058973bdc2d0c44fa8103709f6332440c1524acc1d2783b216d8e5688993bcdf8c5c2a8a99c67f22c2bd7cc634c8a74d805aabf47f4e59b655d109", 0x54}, {0x0}], 0x2}}], 0x1, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x5, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r6, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r6, 0x0, 0x0, 0x9200000000000000)
setsockopt$SO_J1939_FILTER(r7, 0x6b, 0x1, &(0x7f00000003c0)=[{0x2, 0x0, {0x2, 0x1}, {0x0, 0x1}, 0xfd}, {0x0, 0x0, {0x1, 0x1, 0x1}, {0x1, 0xff, 0x3}, 0x2, 0xfe}, {0x2, 0x0, {0x1, 0xf0, 0x3}, {0x1, 0x1, 0x4}, 0xff, 0xfd}, {0x0, 0xffffffffffffffff, {0x1, 0xf0, 0x2}, {0x1, 0x0, 0x3}, 0x0, 0xff}, {0x2, 0x2, {0x2, 0xf0, 0x4}, {0x2, 0x1, 0x3}, 0xfe, 0xff}, {0x1, 0x3, {0x2, 0xf0, 0x3}, {0x0, 0xf0, 0x1}, 0xfe, 0xfe}, {0x1, 0x1, {0x0, 0x1, 0x3}, {0x1, 0x0, 0x3}, 0x1, 0x2}, {0x3, 0x3, {0x0, 0xf0, 0x3}, {0x1, 0xf0}, 0x2}], 0x100)
close(0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x12, 0xffffffffffffffff, 0xfffff000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)="290000002000190f00003fffffffda060200000000e80001dd0000040d000600ea1100000005000000", 0x29}], 0x1)

1.83647229s ago: executing program 3 (id=1408):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x34, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params, @NL80211_ATTR_KEYS={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008010}, 0x4800)

1.769471339s ago: executing program 0 (id=1409):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
write$char_usb(r2, &(0x7f0000000080)='A', 0x1)
syz_usb_disconnect(r1)
r3 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0xd5d1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000440)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x7fff, 0x5, 0x0, 0x0, 0xb, 0x11, "f6e8a2ab78fc979fd1e00d96072096000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a932c64feb46819e0600000000000000e3fa9300", "f5bd000000983479150000000000000000000000000000004000", [0x0, 0x2000000000001]}})
semtimedop(0x0, 0x0, 0x0, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
write$P9_RFSYNC(r5, &(0x7f0000000400)={0x7, 0x33, 0x1}, 0x7)
semctl$IPC_RMID(0x0, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x40000, 0x2d)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r6)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

1.632023708s ago: executing program 1 (id=1410):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mprotect(&(0x7f00002f0000/0x4000)=nil, 0x4000, 0x2000000)
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000318000/0x1000)=nil, 0x1000, 0x16)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'veth0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff3}, {0x7, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x400, 0x33}}}}]}, 0x44}}, 0x20040084)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000001c0)=@newtclass={0x34, 0x28, 0x100, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0xa, 0x4}, {0x2, 0xb}, {0x7, 0xfff3}}, [@tclass_kind_options=@c_cbs={0x8}, @TCA_RATE={0x6, 0x5, {0x7, 0x43}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x1281, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r9, 0x4068aea3, &(0x7f0000000280)={0xd5, 0x0, 0x10})
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f00000001c0)=ANY=[])
socket$nl_netfilter(0x10, 0x3, 0xc)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))

1.500065826s ago: executing program 4 (id=1411):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r1, 0x2000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) (fail_nth: 7)

1.144364329s ago: executing program 4 (id=1412):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp', 0x5)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000004080)="611c", 0x2, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback={0x4000}, 0x3}, 0x1c)

958.128908ms ago: executing program 3 (id=1413):
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x2, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
r4 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={<r5=>0x0, 0x0, r3})
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000180)={r5, <r6=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc0106442, &(0x7f0000000080)={r6})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f0000000000)={0xffffffff, 0x3, 0xe90, 0x19})
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r8, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x20040800)
io_uring_setup(0x434c, &(0x7f0000000380)={0x0, 0x5f41, 0x20, 0x0, 0x20002cd})
pipe2$watch_queue(&(0x7f0000000280)={<r9=>0xffffffffffffffff}, 0x80)
r10 = add_key(&(0x7f0000000040)='cifs.spnego\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r10, r9, 0x0)
keyctl$revoke(0x3, r10)
syz_open_procfs(0x0, &(0x7f00000000c0)='cmdline\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r11, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r11, 0x405c5503, &(0x7f0000000180)={{}, 'syz0\x00'})

911.119784ms ago: executing program 4 (id=1414):
r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
r1 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000200)=[@in_dx={0x82, 0x20, {0x27, 0x1}}, @out_dx={0xaa, 0x28, {0xa7df, 0x3, 0xfffffffffffffffd}}, @uexit={0x0, 0x18, 0x8}, @wr_crn={0x46, 0x20, {0x3, 0xd720}}, @code={0xa, 0x63, {"0faea5d5000000450fc72ac42269df7605c4c1792b5700c423e95f0eb53e66430f2e150d000000440f7944060048b802000000000000000f23c80f21f8350c00b0000f23f8660f5ba663000000c4227d0f2f"}}, @wr_crn={0x46, 0x20, {0x4}}, @wr_crn={0x46, 0x20, {0x2, 0x9}}, @uexit={0x0, 0x18, 0x7}, @wr_drn={0x6e, 0x20, {0x6, 0x3d0e3777}}, @code={0xa, 0x77, {"0fb6a3f27f000066baf80cb87032ce83ef66bafc0c66b81d5166efc7442400d4000000c744240200200000c7442406000000000f011424440f01df66baf80cb8ffae8387ef66bafc0cecc4a37916f50021500d66ba210066b8002066ef67470f01ca0f93613d"}}, @cpuid={0x14, 0x18, {0x3, 0x3}}, @out_dx={0xaa, 0x28, {0x477, 0x6, 0xfffffffffffffffc}}, @wrmsr={0x1e, 0x20, {0xae7, 0x8001}}, @wr_crn={0x46, 0x20, {0x8, 0xfffffffffffffeff}}, @wr_crn={0x46, 0x20, {0x0, 0x4a89}}, @wr_crn={0x46, 0x20, {0x8}}, @out_dx={0xaa, 0x28, {0x3cbe, 0x2, 0x3}}, @code={0xa, 0x51, {"c40279333da300000066b84d000f00d866b8b1008ee043f6204f0fc76e000fc7a8a7f355260f01cf450f786800f3470f1ef0b9800000c00f3235002000000f30"}}, @out_dx={0xaa, 0x28, {0x594a, 0x5}}, @out_dx={0xaa, 0x28, {0x833a, 0x6, 0x8}}, @in_dx={0x82, 0x20, {0x867c, 0x1}}, @cpuid={0x14, 0x18, {0x9, 0x3}}, @cpuid={0x14, 0x18, {0x1, 0x8}}, @in_dx={0x82, 0x20, {0xc423, 0x1}}, @cpuid={0x14, 0x18, {0x100, 0xff}}, @wr_crn={0x46, 0x20, {0x9, 0x3}}, @rdmsr={0x32, 0x18, {0xabc}}, @wr_crn={0x46, 0x20, {0x0, 0x8000000000000000}}, @uexit={0x0, 0x18, 0x5}, @out_dx={0xaa, 0x28, {0x61ae, 0x5, 0x8}}, @wr_drn={0x6e, 0x20, {0x4, 0x1}}], 0x49b})
ioctl$KVM_GET_LAPIC(r1, 0x8400ae8e, &(0x7f00000006c0))
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f0000000040))
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r0, 0x1, 0xc)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000000)=""/47, 0x23)
getdents(r4, 0xfffffffffffffffd, 0x58)
r5 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
getdents(r5, &(0x7f0000000080)=""/63, 0x3f)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0xe3b1}}, './file0/../file0/../file0/../file0\x00'})

781.449432ms ago: executing program 4 (id=1415):
mount$fuse(0x0, 0x0, 0x0, 0x1, &(0x7f0000000ac0)=ANY=[@ANYBLOB="e7e4861f4bcfc6ea1143faf5be5b5e6bb7fabe3baafc310136a16290571ae8331b4e694ced800eb58807a40c5e77fb570e73ce84643ade9bd61334c3db831aa9838138efc968d22a37602fe9fbd34248422a878423c342d2dacc0f31a82f", @ANYBLOB=',rootmode=0', @ANYBLOB=',group_id', @ANYBLOB=','])
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
bind$alg(0xffffffffffffffff, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3", 0x5)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f", 0xcd}], 0x3}], 0x1, 0x40800)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x8001, 0x9, 0x33524742, 0x1, 0x10, 0xf, 0xc, 0x7, 0x0, 0x6, 0x3, 0x6}})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
read$FUSE(r5, &(0x7f00000022c0)={0x2020}, 0x2020)
r6 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r6, 0x48e9, 0x225e, 0x2, 0x0, 0x0)
write$FUSE_NOTIFY_RESEND(r5, &(0x7f00000076c0)={0x14}, 0x14)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {0x0}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_emit_ethernet(0x4a, &(0x7f00000010c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb08004500003c00000000000190780a010102ac1414aa05009078e0000002480000000000000000110000ac141400ac1414aa440c0001000000004e210020"], 0x0)
r10 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000140)=[<r11=>0x0], &(0x7f0000000340)=[<r12=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r10, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r12, r11], 0x2, 0x800})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r10, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$EXT4_IOC_SETFSUUID(r10, 0x4008662c, &(0x7f0000000080)={0x0, 0x0, 'W=\x00'})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000300)=0xc)
socket$igmp(0x2, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 2 (id=1416):
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
socket(0x10, 0x2, 0x0) (async)
r2 = socket(0x10, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, 0x0, &(0x7f0000000240)) (async)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, 0x0, &(0x7f0000000240))
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)=ANY=[@ANYBLOB="081100003300000126bd7000fddbdf25a40ffb80910f1380783cabcf3de8f3c211caac293bfba1f6c66248e2705bfdeaf3e518701e75b6870e949c9efe541264de467766dfe253da80bc4601fddfb29d68a356ca39cba5bb876bdee1d1f6640bb64e313f030da7715e4e5f282235c21405e318614f33083a4b615d83fbc2757362a21e81598dd1c94f416f7fe0291ee066acb78990917d93450dc091617b2b9b856b762e98782567c7ae32d25d68ac22ba4415ab4e9411b60459b5fe04a16c83cb50e70b539e77b39213d9c96b5f0eaa04346eb659528defaefebc201f6fd8a70ef275ffc1ccaf61d56015c4bb63039c3b5db172b76ef8c834ae9df36f8764c27785f4098f8bbe8190e92a2f53d0e17cbd0e3150c8839cfd779a96807dfb84d6d424978b1060dc0fe13a00d526681c018bd90b954e1dd4f36787f6cf693c4a428c8cc5a6c0c77a940f5911f6191babbb44ddb0874a2e573d9a4c41cc89134dc1498259ae3da6f5e2bb40631050a2b28b86f43fa397c8cb73698f2625d966e2695db75c2d719077e59f4278644ce09c0b5cd873f4ce68a6d88819c0caf1c3b58612897c74636701d99260c2ed0e29392f96e6b46a5d8e4797d49f7db2400f81bbdfe7fedab277d090a977eb6d3143e34ab570975d403d9d5975d8a1b373d0322e954d8921cca83c962e55959bb2b82ab789e617a67200d503f89c88d6e8f04deb2773349669e22cdc62f0d6037bc11334f3b7f3c203866d39f6f2f15215fa9a707960c2f6d5229ee00a879a842724c9f633dcb55114d5b4ae228f59001fdea972a1e2893ca0f1855a3918dda375af22d6531cf30c28f84ab3f45d7893f65a9ac09cca966c896c79172b1f8b8da2af3c82ad641eb3db53966e1f670fa1f94465c356331e7a9e39be91d6b2719780d650d54e75277ba22818857a3ce176b85f447a52d43e52d621422695ce1bbeaaa3611d296953b63f08238844704293e37334ef7dc826b87704ffa5e634c89fe70223869ef8484d0dbab21bf206fae62fa6b645ecd4f1f0ea1107ec9ae55882dd92b099da4cd71ab2493b81a3eee6f617dd53af22ff15b01e97689db12b6fe53f941207303d1e822a7b98303617efdaa4e844df85dac246617b3aff4cd0bb5db224a59fa4e7161c4862114cdec7a7b9f4ffcbd7e8a9dc761dc3368a0f37541463227ae5cf525441ab99b9ba09d70b4c2ad9719a5c48258398e77adb9d1f8dcc64d8d658cfcd1b5fef2669f1b2c19f0988268611a644f02f13b86377a9203c36091545f09d62c96c98732c2619cc81dbd4ca19dd62141ce8421dbc28de8b32fa91631b8957025c89812d5fdd72d79aa5d1f765aaa08317915d35ebdfc8a880923596ffbbe4bc6bbd81427869350d59a206c96c813efb25bade849f515e6b6a47c6ccb2131e60c8c05891ea8f065baf49459218c32257c13a82b423cee266dbf51f500ce996d76a723e662f3c3d2fddaff5c050f2ef2e17d0fafb0c42a82184201d8732fa4f1c370384fed4b0d8ee842f2de5523aed2e09e2c484f940a1736359711eb655bd00504e76f3c72f26970d3c05b00ea25803e8be24d7751baadfda870d3e0e64514f0b290a052071cd8f71a2c6ff4850b891c3f1818e0774794c46c62d511db9ee5b960404c866850602205b15b287e6d3279e6a5d1dce653ef770f68af6a16dfa552145e18dd0b185571f29542c24b753ee6ee5f5fb448afcfe643d540e7a120ebf36f2e4f3a30b46d8497ad69b5a55ee023709f640d44e1ba6a4da79579fbaf66676c8e2f60a1a8e3fe123a70b4604e75db29ee19bb8805e22195aeda6b0412c750e0043a53c673e24f9bf68544089b1bc8fe1763e0b157106cec5b21847eeea377c258bac16ff48a208b4c7d3cd1fcf410d22148beb6f95317061c1de7e2d87c448bc2c00069d2e886a7a37c4ced954d2b06ee6de91785a967d4dd117b83fdf7786133abd08ac3399ba7e6f521d933e14966ca444056c4289ec24c76b9eed38ceae0c5493dbe53c20063ac6f9290663cad2b4c73b5276bc5a17847e9098563928694a0316d7d73c4a439bd0fb91fdb520d9b92c5c686ed1122383012b84f4846f4d5e0c5fedf74c9c07ec64da1f2157feee49aa476a4d2b830f528f1c8bf8b7b76ecf7d2266ed1b9d8278a5923501cf134fb9e59f1ee9a5c1397387c2959e0743e634cc41782b57f8c7ea51525150c443066b352f84050fbfb72f55680f24461c791024efa74022caa8d58f1e9985e910f25aa92bfe756ab3eacf8079e7eb7f970165b3ff1bf1ca457ab5f4d9a1a08448ffca704fcee8030a7d8aca43ae64b0be45efd5151bcea83845720d210aa76ef748810e46ffb0cdb7bad706a24d6cb076171a6b79f5de5ac6b8190919a68b1b41b173914dd37d599f7a78587c4ee606b31949a88e6a790eca971c348d32f05a22e68d22793282b716d151d9de60e24cc049e3bf4cce36fe43b5ea824a7b3c854860ceed13d466439263353e81940e7ded03f31211cc714f4cdf240516025f1f5621cced4b88a4e48c940d6f46ff2f57f0583046b650a440c4ea8e9fab79e98d7529db2f11cc7529bb361cf8cb65600ffb36eb5fd93acbdd58398ecbb0befd277e267051f93dc3e7c6a5212c2ed990eb60d9d451b4458cb44cd691dac77ece483236e3006b7f7913e39f685ca41bcd1692494370acb70d0cfdc9e6de0bcd602040a0bc2de02a8cd477fef88b5410f5dfea1cd32d25464853d56c82abd3c11caebd992ca656e88a10ca2779f887472d5064fddd7397eb0205c419b23c2756a3b9b722ff273907c50f8b176834edcc1268e036214a2a25651c719541a4f7729ef7e32dee27c5b910bfea677c562138b30b3355b462c8f910874acc292f6787f8d94fa1cb2e648789cc67d05eb49d6d3c8788a024e3c523c4ee282764090044b44f30a9848daf2522b76448ecb9249ffe58dad4363b1d08181131a89af718ecbd5ffe44e032ca26664eecabc9aa57a875b5964ea492b7e759606a3f4ab36130a8a43a19be74709dea4eeebf5e53706685122e6603247996d672dacdf1bbadf5df111cfe7e72f5b2c6cdc32c1e4eed30147c9a51c5abd4214c577c4c8d1725daf906d145c6ff2c9ab0fc3da4edfb92be40b4af234c2bc147b2d08a801b539928cb754f2f6d2d4280ee0c834ee4f5eb8b0662ffa6f7154307b0fe55fe248a3f953a09b06244674adbf31dd7489be3f26423140ffe98671ca413d678047096fcad53f5bca7e602354553af02c225a67e4e8eabf298495a99de9653638405ebe78dc75e6d16c39e1547dadbc07a014369e39175991368d05be623656c4ecb3735612546b9a9c1490f834cab7567e61c8b2669aa62f156f2ff3b76b32e11b0e0acb6c7ccd6623bef1a5ccbe5f477ae90b3918899fc6b6075c514deaf387d5f09cd59f3fb3c0a9614f1eec092a8f7c6bd200e04da47085d58adc08f1f0651f7ce0cea5792a30aa2bee9970913fc9e79bcf0b5c55adfa6967a44b84ffcd3ce7fb47a610773eb9323b8ab3b5b9670f3ddc06e673e5ebe929f1ae4508decd56a2cefc34bab4703bbd3d83fcfdc27fc4e8a799a34742526848f6aae932ec98959f46ea50f12e0ad3ba4ef50a7b4defdf2fcf8dd2afdb8f29a1b7eed384b17c8b4ff4cfc220745cef2c083615eee226bccb8f2b7faf5a8948e60edc37a644b70011ff8b608da74a3873b2d8a6ba50dcce8a5ed6fe96c599c6d0b8a431f0b96789e974ea48400b94c2d1fbb7a8908de838cc64d4de93d506dfb450012df4af40d5980aed567e0b94281f8109ae7cb42f8253783a9ccb1cdd07245b31c0a00f13b42eedea9dd6d031f283a277f140f7ccacffc4e76829fede0479d59a542f873524651dbed995a00749e1b06182f073ebc3122ef1b007436d9eeb89d4f82ad366361ae8bb54e795b5c3d0594ccab1d5019f4b9191fd7c84598c866a8f98b2759738a65af53943b466aec83bb055e8f6c6e7755862de6c4c203fa67663702783f5f19459620a99f4de75fc85efedc44cf65adaaead7038406ebc507048b115c44209057f887f204a60ad9f6abc9b7983b930be5115cd91de9723bef58d29e421e123c7fa19ac3de2900827041d096ce0d589d45159c322ff3529687b89a10dd6c628977aedb1547ab6630995b48edba0a6f0e9ce99166dd7acdab5253f6bd4c3891c45d6ce4cf136a7791bc553769b57559215f79051388cff4761a3a63f6c73d8d7aafa8053e4f764f1c37b8b57128ecea00d7046c7532576bd413e01bf6df40bb1c3bf0480efbb1407003a98b1014552d2a1ecf99ba29c063ba96b3555cca24a211c2c604766a6b503a875040039f23f7ed46566519ee1aed0167c774555b623bee2bcfe83459af5527b312a19298e8323cd9b3fe5e075ee0867aadae8bc81939919d6d36834a87c1bf9e47d467395892aa09f12cfc172a2a9a44a43ff880219487798a206fbaca25172b3f00867d3f100f355ccb987bd0c41c015d791bae97c258ea4138a377fee51219e917893248391b7b2fa8d1bedc3ac71e5dd6ac382a0c8e0753f16bda800108d9dcbf9ccb192136b1cc555129afd8821b007543ff2d14f07003fe05cdd5fd133295c36bd44aca53c8fd91428fbd72951d4a97006636456baeac6c4d2f75d864e5aec7e738d865f2a0e5bdfadccc2486241fb38c024f981b08c8ad06bd48e99ee116c764d894f39e603949a4644ab2ed942d933876f16949c833f0bf1962b908087ff77b9318945edd47cf5c6b329e0dc403944fc9fc49e0c88f0177ba649ce61b4758ccdce20df2abbc45fec9e350286898d3fbc0ace3f75a5d8667438217ad564903ce64ee98e90ea770e431bec58c7d624278c5dc5955a555056be562308c7a003abdeb13456d43c245bcaa63c4ed17a4fb73cd53d890130322ad78c9b53073e7146ee8cc36f29f632c0e554dbcf161ab7a01badd56a0d84c8f337a2a3248c4ec96445158cb59060c352df81f6b85cccda5a0d737d44101a413d9edf5ed0bf16537520bd544e25540124ac7fc202bb8db6b141fca9cc25e85b4d064535de0dc5b8868025b71f8950ddc35d6b1bf04d8440c8ea2660fa3476578981bb467e9a54a9ebb2561f1414d34a922168537cde92375d6bb4e35cf4e2655cb0daca2a1b75013a9a5f72768b061492a381d1e339970a322f07ff3d0b9af33af6a191ed778a99b721eb89a294ebf76748230837f75cb9f5f31a0dcc4b9f6dcc99487e5799e1ff5db60f7193308a4b40dcac5e9aa3a288c03d724a5e2da794590446c236234eb0b34cc60fde282400039d7a263fad5b2df94907c54b07cc0d3e6d97a64e7306131f741caec8bfca4e40b033f4633a63d0845db13b0b59b3eb0ad2cde32856ee356d8e910524f71aa75d1b527bd0c69c7126f7d18644c3547acedcac805f9077778362d40004e8fb4d6de7f3dd679e1519f8896174be1fb9313a90bd3c5f2999cb0e1d96cbad7a1d9a708558d4984343d4b05f16acda0edba81d898efea1d7bb10baeaf2141d5b40b2131983132c6c16add15f83d122f305d67067321bc004960d47cb7e41e530a025498fa1d07b3040be112638801625d3e7e90d73b398bfe6d473278c5feba0b895347fc3395aa7c3308002200", @ANYRES32=r3, @ANYBLOB="08001000070000000000000c0023000000000000000000d90a58cde601d565cdddcc6aa3fcc8c25583297245b4d7973d0df9b022c59bb26343d8fac6abbe023d9e0640355e0034d2aca4a49132b88c8660af242102d45a28332c4b796cc5268b9a5ec5b6100520bfd976705ca7e25e8a5ac6dd7bdadeb451f164c86cdb89561b05f0b9e143b1917e3dd99ee920f46511a803ab9cf9dd2d6aaf8aee259d1476cd960ce44acbc6a970c4fdd6f99aeee46de8efec7151b1e4cc13cd723e9cfa7ba2f69b60189d7aff553101c449174d1e18b6c5b148275100a3f8bd0c4c96296c43028aa284f8f626392a21d31e5e06fe98065e0246d46b7fe927a881c18c044e5c139e1400be00fe80000000000000000000000000000a08006300"/296, @ANYRES32=0x0, @ANYBLOB="08001800040000003200ee8008003900", @ANYRES32, @ANYBLOB="0800c0000000000004004f80f01254c8a325874b7a364f6008009e0064010102a5fa1bc096f70000000000"], 0x1108}], 0x1, 0x0, 0x0, 0x10004800}, 0xc000)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
socket$isdn(0x22, 0x3, 0x2) (async)
socket$isdn(0x22, 0x3, 0x2)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
socket(0x1d, 0x2, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, 0x0, 0x0) (async)
connect$unix(r9, 0x0, 0x0)
sendmmsg$unix(r10, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

kernel console output (not intermixed with test programs):

7][T10089]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  440.017421][T10089]  genl_family_rcv_msg_doit+0x215/0x300
[  440.017454][T10089]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  440.017493][T10089]  ? bpf_lsm_capable+0x9/0x20
[  440.017520][T10089]  ? security_capable+0x7e/0x2e0
[  440.017558][T10089]  genl_rcv_msg+0x60e/0x790
[  440.017586][T10089]  ? __pfx_genl_rcv_msg+0x10/0x10
[  440.017607][T10089]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  440.017636][T10089]  ? __asan_memcpy+0x40/0x70
[  440.017665][T10089]  ? __pfx_ref_tracker_free+0x10/0x10
[  440.017707][T10089]  netlink_rcv_skb+0x208/0x470
[  440.017732][T10089]  ? __lock_acquire+0xab9/0xd20
[  440.017758][T10089]  ? __pfx_genl_rcv_msg+0x10/0x10
[  440.017782][T10089]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  440.017833][T10089]  ? down_read+0x1ad/0x2e0
[  440.017866][T10089]  genl_rcv+0x28/0x40
[  440.017896][T10089]  netlink_unicast+0x82c/0x9e0
[  440.017934][T10089]  ? __pfx_netlink_unicast+0x10/0x10
[  440.017962][T10089]  ? netlink_sendmsg+0x642/0xb30
[  440.017989][T10089]  ? skb_put+0x11b/0x210
[  440.018021][T10089]  netlink_sendmsg+0x805/0xb30
[  440.018061][T10089]  ? __pfx_netlink_sendmsg+0x10/0x10
[  440.018095][T10089]  ? aa_sock_msg_perm+0xf1/0x1d0
[  440.018137][T10089]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  440.018160][T10089]  ? __pfx_netlink_sendmsg+0x10/0x10
[  440.018191][T10089]  __sock_sendmsg+0x21c/0x270
[  440.018219][T10089]  ____sys_sendmsg+0x505/0x830
[  440.018258][T10089]  ? __pfx_____sys_sendmsg+0x10/0x10
[  440.018303][T10089]  ? import_iovec+0x74/0xa0
[  440.018335][T10089]  ___sys_sendmsg+0x21f/0x2a0
[  440.018370][T10089]  ? __pfx____sys_sendmsg+0x10/0x10
[  440.018450][T10089]  ? __fget_files+0x2a/0x420
[  440.018472][T10089]  ? __fget_files+0x3a0/0x420
[  440.018509][T10089]  __x64_sys_sendmsg+0x19b/0x260
[  440.018544][T10089]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  440.018590][T10089]  ? rcu_is_watching+0x15/0xb0
[  440.018625][T10089]  ? do_syscall_64+0xbe/0x3b0
[  440.018655][T10089]  do_syscall_64+0xfa/0x3b0
[  440.018678][T10089]  ? lockdep_hardirqs_on+0x9c/0x150
[  440.018704][T10089]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.018726][T10089]  ? clear_bhb_loop+0x60/0xb0
[  440.018752][T10089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.018772][T10089] RIP: 0033:0x7fa7e0d8eec9
[  440.018791][T10089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  440.018808][T10089] RSP: 002b:00007fa7e1c82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  440.018832][T10089] RAX: ffffffffffffffda RBX: 00007fa7e0fe6360 RCX: 00007fa7e0d8eec9
[  440.018848][T10089] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000a
[  440.018861][T10089] RBP: 00007fa7e0e11f91 R08: 0000000000000000 R09: 0000000000000000
[  440.018873][T10089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  440.018884][T10089] R13: 00007fa7e0fe63f8 R14: 00007fa7e0fe6360 R15: 00007fa7e110fa28
[  440.018915][T10089]  </TASK>
[  440.338767][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  440.341372][    C0] vkms_vblank_simulate: vblank timer overrun
[  440.346668][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  440.368822][T10093] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1064'.
[  440.469699][    C0] vkms_vblank_simulate: vblank timer overrun
[  441.639810][T10116] 8021q: adding VLAN 0 to HW filter on device batadv2
[  441.696903][T10116] team0: Port device batadv2 added
[  441.713137][T10122] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.1068'.
[  441.781537][T10122] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  441.793889][   T44] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  441.828339][T10122] CPU: 1 UID: 0 PID: 10122 Comm: syz.2.1068 Not tainted syzkaller #0 PREEMPT(full) 
[  441.828374][T10122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  441.828389][T10122] Call Trace:
[  441.828399][T10122]  <TASK>
[  441.828411][T10122]  dump_stack_lvl+0x189/0x250
[  441.828451][T10122]  ? __pfx_dump_stack_lvl+0x10/0x10
[  441.828479][T10122]  ? __pfx__printk+0x10/0x10
[  441.828520][T10122]  ? kernfs_path_from_node+0x2f/0x290
[  441.828550][T10122]  ? kernfs_path_from_node+0x250/0x290
[  441.828577][T10122]  ? kernfs_path_from_node+0x2f/0x290
[  441.828610][T10122]  sysfs_warn_dup+0x8e/0xa0
[  441.828635][T10122]  sysfs_do_create_link_sd+0xc0/0x110
[  441.828659][T10122]  device_add_class_symlinks+0x1cf/0x240
[  441.828689][T10122]  device_add+0x475/0xb50
[  441.828716][T10122]  wiphy_register+0x1c81/0x2aa0
[  441.828756][T10122]  ? __pfx_wiphy_register+0x10/0x10
[  441.828777][T10122]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  441.828803][T10122]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  441.828825][T10122]  ieee80211_register_hw+0x3473/0x40d0
[  441.828859][T10122]  ? ieee80211_register_hw+0x14b1/0x40d0
[  441.828886][T10122]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  441.828902][T10122]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  441.828924][T10122]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  441.828941][T10122]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  441.828966][T10122]  ? __hrtimer_setup+0x187/0x210
[  441.828985][T10122]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  441.829010][T10122]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  441.829059][T10122]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  441.829085][T10122]  ? trace_kmalloc+0x1f/0xd0
[  441.829106][T10122]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  441.829131][T10122]  ? kstrndup+0xbf/0x160
[  441.829161][T10122]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  441.829187][T10122]  ? __pfx___nla_validate_parse+0x10/0x10
[  441.829219][T10122]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  441.829245][T10122]  ? rcu_is_watching+0x15/0xb0
[  441.829270][T10122]  ? __nla_parse+0x40/0x60
[  441.829291][T10122]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  441.829317][T10122]  genl_family_rcv_msg_doit+0x215/0x300
[  441.829342][T10122]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  441.829376][T10122]  ? bpf_lsm_capable+0x9/0x20
[  441.829396][T10122]  ? security_capable+0x7e/0x2e0
[  441.829431][T10122]  genl_rcv_msg+0x60e/0x790
[  441.829454][T10122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  441.829468][T10122]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  441.829489][T10122]  ? __asan_memcpy+0x40/0x70
[  441.829511][T10122]  ? __pfx_ref_tracker_free+0x10/0x10
[  441.829543][T10122]  netlink_rcv_skb+0x208/0x470
[  441.829562][T10122]  ? __lock_acquire+0xab9/0xd20
[  441.829581][T10122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  441.829598][T10122]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  441.829638][T10122]  ? down_read+0x1ad/0x2e0
[  441.829662][T10122]  genl_rcv+0x28/0x40
[  441.829685][T10122]  netlink_unicast+0x82c/0x9e0
[  441.829712][T10122]  ? __pfx_netlink_unicast+0x10/0x10
[  441.829733][T10122]  ? netlink_sendmsg+0x642/0xb30
[  441.829752][T10122]  ? skb_put+0x11b/0x210
[  441.829777][T10122]  netlink_sendmsg+0x805/0xb30
[  441.829809][T10122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  441.829833][T10122]  ? aa_sock_msg_perm+0xf1/0x1d0
[  441.829858][T10122]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  441.829875][T10122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  441.829897][T10122]  __sock_sendmsg+0x21c/0x270
[  441.829919][T10122]  ____sys_sendmsg+0x505/0x830
[  441.829948][T10122]  ? __pfx_____sys_sendmsg+0x10/0x10
[  441.829981][T10122]  ? import_iovec+0x74/0xa0
[  441.830004][T10122]  ___sys_sendmsg+0x21f/0x2a0
[  441.830029][T10122]  ? __pfx____sys_sendmsg+0x10/0x10
[  441.830157][T10122]  ? __fget_files+0x2a/0x420
[  441.830173][T10122]  ? __fget_files+0x3a0/0x420
[  441.830201][T10122]  __x64_sys_sendmsg+0x19b/0x260
[  441.830228][T10122]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  441.830262][T10122]  ? rcu_is_watching+0x15/0xb0
[  441.830290][T10122]  ? do_syscall_64+0xbe/0x3b0
[  441.830315][T10122]  do_syscall_64+0xfa/0x3b0
[  441.830337][T10122]  ? lockdep_hardirqs_on+0x9c/0x150
[  441.830357][T10122]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.830373][T10122]  ? clear_bhb_loop+0x60/0xb0
[  441.830394][T10122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.830409][T10122] RIP: 0033:0x7fa7e0d8eec9
[  441.830425][T10122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  441.830440][T10122] RSP: 002b:00007fa7e1c82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  441.830460][T10122] RAX: ffffffffffffffda RBX: 00007fa7e0fe6360 RCX: 00007fa7e0d8eec9
[  441.830472][T10122] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000a
[  441.830483][T10122] RBP: 00007fa7e0e11f91 R08: 0000000000000000 R09: 0000000000000000
[  441.830493][T10122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  441.830503][T10122] R13: 00007fa7e0fe63f8 R14: 00007fa7e0fe6360 R15: 00007fa7e110fa28
[  441.830532][T10122]  </TASK>
[  442.851410][   T44] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  442.887960][   T44] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.926294][   T44] usb 5-1: config 0 interface 0 has no altsetting 0
[  442.964004][   T44] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  443.000750][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.014335][   T44] usb 5-1: config 0 descriptor??
[  443.385790][   T10] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  443.436769][T10119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  443.446072][T10119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  444.105689][T10145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  444.139653][T10145] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  444.164686][   T10] usb 1-1: Using ep0 maxpacket: 32
[  444.186923][   T10] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  444.217737][   T10] usb 1-1: config 0 has no interface number 0
[  444.226715][   T44] kovaplus 0003:1E7D:2D50.0018: unknown main item tag 0x0
[  444.249144][   T10] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  444.279560][   T44] kovaplus 0003:1E7D:2D50.0018: unknown main item tag 0x0
[  444.302161][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.311589][   T10] usb 1-1: Product: syz
[  444.314150][   T44] kovaplus 0003:1E7D:2D50.0018: unknown main item tag 0x0
[  444.316075][   T10] usb 1-1: Manufacturer: syz
[  444.333477][   T10] usb 1-1: SerialNumber: syz
[  444.347506][   T10] usb 1-1: config 0 descriptor??
[  444.373390][   T44] kovaplus 0003:1E7D:2D50.0018: unknown main item tag 0x0
[  444.393521][   T44] kovaplus 0003:1E7D:2D50.0018: unknown main item tag 0x0
[  444.397295][   T10] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  444.442292][   T44] kovaplus 0003:1E7D:2D50.0018: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.4-1/input0
[  444.446323][   T10] usb 1-1: selecting invalid altsetting 1
[  444.497102][   T10] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  444.531141][   T10] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  444.554727][  T981] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  444.565342][   T10] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  444.652698][   T10] usb 1-1: media controller created
[  444.754984][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  444.764674][  T981] usb 4-1: Using ep0 maxpacket: 8
[  444.815759][   T10] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  444.823021][  T981] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  444.837824][   T10] zl10353_read_register: readreg error (reg=127, ret==-71)
[  444.847313][  T981] usb 4-1: config 0 has no interface number 0
[  444.895898][  T981] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  444.907200][   T10] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  444.916467][  T981] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  444.937657][  T981] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  444.956829][  T981] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  444.979075][  T981] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  445.000249][   T10] usb 1-1: USB disconnect, device number 34
[  445.028319][  T981] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.046836][  T981] usb 4-1: config 0 descriptor??
[  445.077499][  T981] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  446.128855][   T10] usb 5-1: USB disconnect, device number 32
[  447.000179][T10166] netlink: 'syz.1.1087': attribute type 1 has an invalid length.
[  447.009698][T10166] netlink: 'syz.1.1087': attribute type 2 has an invalid length.
[  447.029647][T10166] netlink: 'syz.1.1087': attribute type 1 has an invalid length.
[  447.038431][T10166] netlink: 'syz.1.1087': attribute type 2 has an invalid length.
[  447.306422][T10185] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1091'.
[  447.396571][   T10] usb 4-1: USB disconnect, device number 34
[  447.425300][   T10] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  447.844580][   T10] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  447.964630][ T5914] usb 5-1: new low-speed USB device number 33 using dummy_hcd
[  448.007395][   T10] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  448.028243][   T10] usb 4-1: config 1 has an invalid descriptor of length 208, skipping remainder of the config
[  448.055519][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  448.066746][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 199, changing to 11
[  448.079440][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16605, setting to 1024
[  448.093819][   T10] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  448.105148][   T10] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  448.113344][   T10] usb 4-1: Product: syz
[  448.122915][   T10] usb 4-1: Manufacturer: syz
[  448.222104][ T5914] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  448.243787][ T5914] usb 5-1: config 0 has no interface number 0
[  448.254134][ T5914] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  448.270888][ T5914] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  448.282144][ T5914] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  448.295411][ T5914] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  448.307285][ T5914] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  448.329038][ T5914] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  448.356606][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  448.366989][ T5914] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  448.378066][ T5914] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.432819][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  448.443141][ T5914] usb 5-1: config 0 descriptor??
[  448.474085][T10194] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  448.481628][T10194] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  448.532222][   T10] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  448.533932][ T5914] ldusb 5-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[  448.554427][   T10] cdc_wdm 4-1:1.0: Unknown control protocol
[  448.650191][T10211] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1096'.
[  448.727855][ T5914] usb 5-1: USB disconnect, device number 33
[  448.755900][ T5914] ldusb 5-1:0.55: LD USB Device #1 now disconnected
[  448.789200][T10211] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  448.813983][T10211] CPU: 0 UID: 0 PID: 10211 Comm: syz.0.1096 Not tainted syzkaller #0 PREEMPT(full) 
[  448.814014][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  448.814028][T10211] Call Trace:
[  448.814037][T10211]  <TASK>
[  448.814047][T10211]  dump_stack_lvl+0x189/0x250
[  448.814082][T10211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  448.814107][T10211]  ? __pfx__printk+0x10/0x10
[  448.814137][T10211]  ? kernfs_path_from_node+0x2f/0x290
[  448.814159][T10211]  ? kernfs_path_from_node+0x250/0x290
[  448.814179][T10211]  ? kernfs_path_from_node+0x2f/0x290
[  448.814205][T10211]  sysfs_warn_dup+0x8e/0xa0
[  448.814226][T10211]  sysfs_do_create_link_sd+0xc0/0x110
[  448.814250][T10211]  device_add_class_symlinks+0x1cf/0x240
[  448.814278][T10211]  device_add+0x475/0xb50
[  448.814314][T10211]  wiphy_register+0x1c81/0x2aa0
[  448.814353][T10211]  ? __pfx_wiphy_register+0x10/0x10
[  448.814392][T10211]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  448.814425][T10211]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  448.814450][T10211]  ieee80211_register_hw+0x3473/0x40d0
[  448.814491][T10211]  ? ieee80211_register_hw+0x14b1/0x40d0
[  448.814528][T10211]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  448.814549][T10211]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  448.814579][T10211]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  448.814603][T10211]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  448.814637][T10211]  ? __hrtimer_setup+0x187/0x210
[  448.814663][T10211]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  448.814698][T10211]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  448.814763][T10211]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  448.814780][T10211]  ? trace_kmalloc+0x1f/0xd0
[  448.814801][T10211]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  448.814823][T10211]  ? strnlen+0x42/0x90
[  448.814845][T10211]  ? kstrndup+0xbf/0x160
[  448.814876][T10211]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  448.814906][T10211]  ? __pfx___nla_validate_parse+0x10/0x10
[  448.814938][T10211]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  448.814964][T10211]  ? rcu_is_watching+0x15/0xb0
[  448.814988][T10211]  ? __nla_parse+0x40/0x60
[  448.815008][T10211]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  448.815034][T10211]  genl_family_rcv_msg_doit+0x215/0x300
[  448.815058][T10211]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  448.815089][T10211]  ? bpf_lsm_capable+0x9/0x20
[  448.815109][T10211]  ? security_capable+0x7e/0x2e0
[  448.815137][T10211]  genl_rcv_msg+0x60e/0x790
[  448.815160][T10211]  ? __pfx_genl_rcv_msg+0x10/0x10
[  448.815175][T10211]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  448.815195][T10211]  ? __asan_memcpy+0x40/0x70
[  448.815218][T10211]  ? __pfx_ref_tracker_free+0x10/0x10
[  448.815249][T10211]  netlink_rcv_skb+0x208/0x470
[  448.815268][T10211]  ? __lock_acquire+0xab9/0xd20
[  448.815295][T10211]  ? __pfx_genl_rcv_msg+0x10/0x10
[  448.815312][T10211]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  448.815352][T10211]  ? down_read+0x1ad/0x2e0
[  448.815376][T10211]  genl_rcv+0x28/0x40
[  448.815399][T10211]  netlink_unicast+0x82c/0x9e0
[  448.815426][T10211]  ? __pfx_netlink_unicast+0x10/0x10
[  448.815447][T10211]  ? netlink_sendmsg+0x642/0xb30
[  448.815466][T10211]  ? skb_put+0x11b/0x210
[  448.815493][T10211]  netlink_sendmsg+0x805/0xb30
[  448.815524][T10211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  448.815550][T10211]  ? aa_sock_msg_perm+0xf1/0x1d0
[  448.815576][T10211]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  448.815592][T10211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  448.815614][T10211]  __sock_sendmsg+0x21c/0x270
[  448.815635][T10211]  ____sys_sendmsg+0x505/0x830
[  448.815664][T10211]  ? __pfx_____sys_sendmsg+0x10/0x10
[  448.815696][T10211]  ? import_iovec+0x74/0xa0
[  448.815719][T10211]  ___sys_sendmsg+0x21f/0x2a0
[  448.815745][T10211]  ? __pfx____sys_sendmsg+0x10/0x10
[  448.815806][T10211]  ? __fget_files+0x2a/0x420
[  448.815821][T10211]  ? __fget_files+0x3a0/0x420
[  448.815848][T10211]  __x64_sys_sendmsg+0x19b/0x260
[  448.815873][T10211]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  448.815907][T10211]  ? rcu_is_watching+0x15/0xb0
[  448.815933][T10211]  ? do_syscall_64+0xbe/0x3b0
[  448.815957][T10211]  do_syscall_64+0xfa/0x3b0
[  448.815976][T10211]  ? lockdep_hardirqs_on+0x9c/0x150
[  448.815994][T10211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.816010][T10211]  ? clear_bhb_loop+0x60/0xb0
[  448.816041][T10211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.816056][T10211] RIP: 0033:0x7f911b98eec9
[  448.816071][T10211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.816086][T10211] RSP: 002b:00007f911c779038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  448.816105][T10211] RAX: ffffffffffffffda RBX: 00007f911bbe6360 RCX: 00007f911b98eec9
[  448.816117][T10211] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000a
[  448.816128][T10211] RBP: 00007f911ba11f91 R08: 0000000000000000 R09: 0000000000000000
[  448.816138][T10211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.816148][T10211] R13: 00007f911bbe63f8 R14: 00007f911bbe6360 R15: 00007f911bd0fa28
[  448.816176][T10211]  </TASK>
[  449.306490][    C0] vkms_vblank_simulate: vblank timer overrun
[  449.913835][T10221] macvlan2: entered promiscuous mode
[  449.941521][T10221] macvlan2: entered allmulticast mode
[  449.998700][T10225] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1103'.
[  450.156778][T10228] ipvlan3: entered promiscuous mode
[  450.165374][T10228] 8021q: adding VLAN 0 to HW filter on device ipvlan3
[  450.350483][T10219] netlink: 'syz.2.1101': attribute type 1 has an invalid length.
[  450.359071][T10219] netlink: 'syz.2.1101': attribute type 2 has an invalid length.
[  450.370199][T10219] netlink: 'syz.2.1101': attribute type 1 has an invalid length.
[  450.379477][T10219] netlink: 'syz.2.1101': attribute type 2 has an invalid length.
[  450.530903][   T10] usb 4-1: USB disconnect, device number 35
[  501.778837][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.785588][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  548.331975][T10253] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1108'.
[  548.352633][T10253] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1108'.
[  548.914578][ T5914] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  549.124728][ T5914] usb 1-1: too many configurations: 151, using maximum allowed: 8
[  549.201561][ T5914] usb 1-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[  549.211181][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[  549.267371][ T5914] usb 1-1: Product: syz
[  549.274179][ T5914] usb 1-1: Manufacturer: syz
[  549.302260][ T5914] usb 1-1: SerialNumber: syz
[  549.330438][ T5914] usb 1-1: config 0 descriptor??
[  549.573338][  T981] usb 1-1: USB disconnect, device number 35
[  549.779886][T10273] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1113'.
[  549.838653][T10273] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  549.875233][T10273] CPU: 1 UID: 0 PID: 10273 Comm: syz.1.1113 Not tainted syzkaller #0 PREEMPT(full) 
[  549.875265][T10273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  549.875278][T10273] Call Trace:
[  549.875287][T10273]  <TASK>
[  549.875296][T10273]  dump_stack_lvl+0x189/0x250
[  549.875333][T10273]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.875361][T10273]  ? __pfx__printk+0x10/0x10
[  549.875395][T10273]  ? __rcu_read_unlock+0x84/0xe0
[  549.875418][T10273]  ? kernfs_path_from_node+0x2f/0x290
[  549.875457][T10273]  ? kernfs_path_from_node+0x250/0x290
[  549.875483][T10273]  ? kernfs_path_from_node+0x2f/0x290
[  549.875511][T10273]  sysfs_warn_dup+0x8e/0xa0
[  549.875533][T10273]  sysfs_do_create_link_sd+0xc0/0x110
[  549.875558][T10273]  device_add_class_symlinks+0x1cf/0x240
[  549.875587][T10273]  device_add+0x475/0xb50
[  549.875617][T10273]  wiphy_register+0x1c81/0x2aa0
[  549.875657][T10273]  ? __pfx_wiphy_register+0x10/0x10
[  549.875680][T10273]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  549.875706][T10273]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  549.875732][T10273]  ieee80211_register_hw+0x3473/0x40d0
[  549.875767][T10273]  ? ieee80211_register_hw+0x14b1/0x40d0
[  549.875795][T10273]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  549.875811][T10273]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  549.875833][T10273]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  549.875850][T10273]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  549.875875][T10273]  ? __hrtimer_setup+0x187/0x210
[  549.875894][T10273]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  549.875920][T10273]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  549.875969][T10273]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  549.875986][T10273]  ? trace_kmalloc+0x1f/0xd0
[  549.876008][T10273]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  549.876035][T10273]  ? kstrndup+0xbf/0x160
[  549.876074][T10273]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  549.876100][T10273]  ? __pfx___nla_validate_parse+0x10/0x10
[  549.876132][T10273]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  549.876157][T10273]  ? rcu_is_watching+0x15/0xb0
[  549.876183][T10273]  ? __nla_parse+0x40/0x60
[  549.876203][T10273]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  549.876229][T10273]  genl_family_rcv_msg_doit+0x215/0x300
[  549.876253][T10273]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  549.876283][T10273]  ? bpf_lsm_capable+0x9/0x20
[  549.876303][T10273]  ? security_capable+0x7e/0x2e0
[  549.876331][T10273]  genl_rcv_msg+0x60e/0x790
[  549.876354][T10273]  ? __pfx_genl_rcv_msg+0x10/0x10
[  549.876369][T10273]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  549.876403][T10273]  netlink_rcv_skb+0x208/0x470
[  549.876422][T10273]  ? __lock_acquire+0xab9/0xd20
[  549.876448][T10273]  ? __pfx_genl_rcv_msg+0x10/0x10
[  549.876465][T10273]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  549.876505][T10273]  ? down_read+0x1ad/0x2e0
[  549.876529][T10273]  genl_rcv+0x28/0x40
[  549.876551][T10273]  netlink_unicast+0x82c/0x9e0
[  549.876579][T10273]  ? __pfx_netlink_unicast+0x10/0x10
[  549.876600][T10273]  ? netlink_sendmsg+0x642/0xb30
[  549.876619][T10273]  ? skb_put+0x11b/0x210
[  549.876644][T10273]  netlink_sendmsg+0x805/0xb30
[  549.876675][T10273]  ? __pfx_netlink_sendmsg+0x10/0x10
[  549.876701][T10273]  ? aa_sock_msg_perm+0xf1/0x1d0
[  549.876727][T10273]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  549.876744][T10273]  ? __pfx_netlink_sendmsg+0x10/0x10
[  549.876766][T10273]  __sock_sendmsg+0x21c/0x270
[  549.876788][T10273]  ____sys_sendmsg+0x505/0x830
[  549.876817][T10273]  ? __pfx_____sys_sendmsg+0x10/0x10
[  549.876850][T10273]  ? import_iovec+0x74/0xa0
[  549.876874][T10273]  ___sys_sendmsg+0x21f/0x2a0
[  549.876899][T10273]  ? __pfx____sys_sendmsg+0x10/0x10
[  549.876964][T10273]  ? __fget_files+0x2a/0x420
[  549.876980][T10273]  ? __fget_files+0x3a0/0x420
[  549.877030][T10273]  __x64_sys_sendmsg+0x19b/0x260
[  549.877057][T10273]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  549.877093][T10273]  ? rcu_is_watching+0x15/0xb0
[  549.877120][T10273]  ? do_syscall_64+0xbe/0x3b0
[  549.877145][T10273]  do_syscall_64+0xfa/0x3b0
[  549.877165][T10273]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.877185][T10273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.877202][T10273]  ? clear_bhb_loop+0x60/0xb0
[  549.877222][T10273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.877238][T10273] RIP: 0033:0x7f11c9d8eec9
[  549.877255][T10273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.877271][T10273] RSP: 002b:00007f11cab40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  549.877291][T10273] RAX: ffffffffffffffda RBX: 00007f11c9fe6270 RCX: 00007f11c9d8eec9
[  549.877303][T10273] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000a
[  549.877314][T10273] RBP: 00007f11c9e11f91 R08: 0000000000000000 R09: 0000000000000000
[  549.877324][T10273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  549.877334][T10273] R13: 00007f11c9fe6308 R14: 00007f11c9fe6270 R15: 00007f11ca10fa28
[  549.877364][T10273]  </TASK>
[  550.377087][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.168726][T10281] macvlan2: entered promiscuous mode
[  551.174198][T10281] macvlan2: entered allmulticast mode
[  551.304776][   T24] usb 5-1: new low-speed USB device number 34 using dummy_hcd
[  551.550945][   T24] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  551.565085][   T24] usb 5-1: config 0 has no interface number 0
[  551.586146][   T24] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  551.598058][   T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  551.609989][   T24] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  551.623440][   T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  551.636139][   T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  551.648814][   T24] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  551.665818][   T24] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  551.677637][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.690851][   T24] usb 5-1: config 0 descriptor??
[  551.701443][T10278] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  551.710809][T10278] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  551.728667][   T24] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  551.795324][ T5843] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  551.820086][T10294] ipvlan2: entered promiscuous mode
[  551.838522][T10294] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  551.938723][   T24] usb 5-1: USB disconnect, device number 34
[  551.955548][   T24] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  551.974611][ T5843] usb 3-1: Using ep0 maxpacket: 16
[  551.998304][ T5843] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  552.013403][ T5843] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  552.061129][ T5843] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  552.100098][ T5843] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  552.109425][ T5843] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  552.118716][ T5843] usb 3-1: SerialNumber: syz
[  552.152996][ T5843] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  552.353116][ T5843] usb 3-1: USB disconnect, device number 38
[  552.811800][T10296] netlink: 'syz.1.1120': attribute type 1 has an invalid length.
[  552.926776][T10301] netlink: 'syz.1.1120': attribute type 1 has an invalid length.
[  552.944230][T10296] netlink: 'syz.1.1120': attribute type 2 has an invalid length.
[  552.993778][T10301] netlink: 'syz.1.1120': attribute type 2 has an invalid length.
[  553.093925][T10316] loop2: detected capacity change from 0 to 7
[  553.099430][T10266] Dev loop2: unable to read RDB block 7
[  553.099469][T10266]  loop2: AHDI p1 p2 p3
[  553.099503][T10266] loop2: partition table partially beyond EOD, truncated
[  553.099749][T10266] loop2: p1 start 1601398130 is beyond EOD, truncated
[  553.099773][T10266] loop2: p2 start 1702059890 is beyond EOD, truncated
[  553.155374][T10316] Dev loop2: unable to read RDB block 7
[  553.155431][T10316]  loop2: AHDI p1 p2 p3
[  553.155475][T10316] loop2: partition table partially beyond EOD, truncated
[  553.159805][T10316] loop2: p1 start 1601398130 is beyond EOD, truncated
[  553.341001][T10316] loop2: p2 start 1702059890 is beyond EOD, truncated
[  553.725707][T10323] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1127'.
[  554.135156][T10333] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1131'.
[  554.145825][T10333] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1131'.
[  555.083976][T10342] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1133'.
[  555.095764][T10323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  555.184061][T10323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  555.207416][T10323] bond0 (unregistering): Released all slaves
[  555.370487][T10345] 8021q: adding VLAN 0 to HW filter on device batadv4
[  555.537781][T10350] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.1132'.
[  555.551235][T10345] team0: Port device batadv4 added
[  555.583537][T10350] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  555.630123][T10350] CPU: 0 UID: 0 PID: 10350 Comm: syz.4.1132 Not tainted syzkaller #0 PREEMPT(full) 
[  555.630161][T10350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  555.630172][T10350] Call Trace:
[  555.630180][T10350]  <TASK>
[  555.630188][T10350]  dump_stack_lvl+0x189/0x250
[  555.630219][T10350]  ? __pfx_dump_stack_lvl+0x10/0x10
[  555.630240][T10350]  ? __pfx__printk+0x10/0x10
[  555.630269][T10350]  ? kernfs_path_from_node+0x2f/0x290
[  555.630292][T10350]  ? kernfs_path_from_node+0x250/0x290
[  555.630312][T10350]  ? kernfs_path_from_node+0x2f/0x290
[  555.630337][T10350]  sysfs_warn_dup+0x8e/0xa0
[  555.630357][T10350]  sysfs_do_create_link_sd+0xc0/0x110
[  555.630382][T10350]  device_add_class_symlinks+0x1cf/0x240
[  555.630411][T10350]  device_add+0x475/0xb50
[  555.630440][T10350]  wiphy_register+0x1c81/0x2aa0
[  555.630480][T10350]  ? __pfx_wiphy_register+0x10/0x10
[  555.630501][T10350]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  555.630528][T10350]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  555.630550][T10350]  ieee80211_register_hw+0x3473/0x40d0
[  555.630584][T10350]  ? ieee80211_register_hw+0x14b1/0x40d0
[  555.630611][T10350]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  555.630627][T10350]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  555.630650][T10350]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  555.630669][T10350]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  555.630695][T10350]  ? __hrtimer_setup+0x187/0x210
[  555.630714][T10350]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  555.630740][T10350]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  555.630790][T10350]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  555.630807][T10350]  ? trace_kmalloc+0x1f/0xd0
[  555.630828][T10350]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  555.630853][T10350]  ? kstrndup+0xbf/0x160
[  555.630882][T10350]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  555.630908][T10350]  ? __pfx___nla_validate_parse+0x10/0x10
[  555.630939][T10350]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  555.630964][T10350]  ? rcu_is_watching+0x15/0xb0
[  555.630989][T10350]  ? __nla_parse+0x40/0x60
[  555.631010][T10350]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  555.631044][T10350]  genl_family_rcv_msg_doit+0x215/0x300
[  555.631067][T10350]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  555.631097][T10350]  ? bpf_lsm_capable+0x9/0x20
[  555.631117][T10350]  ? security_capable+0x7e/0x2e0
[  555.631147][T10350]  genl_rcv_msg+0x60e/0x790
[  555.631170][T10350]  ? __pfx_genl_rcv_msg+0x10/0x10
[  555.631186][T10350]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  555.631222][T10350]  netlink_rcv_skb+0x208/0x470
[  555.631241][T10350]  ? __lock_acquire+0xab9/0xd20
[  555.631261][T10350]  ? __pfx_genl_rcv_msg+0x10/0x10
[  555.631281][T10350]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  555.631323][T10350]  ? down_read+0x1ad/0x2e0
[  555.631347][T10350]  genl_rcv+0x28/0x40
[  555.631370][T10350]  netlink_unicast+0x82c/0x9e0
[  555.631398][T10350]  ? __pfx_netlink_unicast+0x10/0x10
[  555.631419][T10350]  ? netlink_sendmsg+0x642/0xb30
[  555.631438][T10350]  ? skb_put+0x11b/0x210
[  555.631463][T10350]  netlink_sendmsg+0x805/0xb30
[  555.631494][T10350]  ? __pfx_netlink_sendmsg+0x10/0x10
[  555.631519][T10350]  ? aa_sock_msg_perm+0xf1/0x1d0
[  555.631544][T10350]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  555.631561][T10350]  ? __pfx_netlink_sendmsg+0x10/0x10
[  555.631583][T10350]  __sock_sendmsg+0x21c/0x270
[  555.631604][T10350]  ____sys_sendmsg+0x505/0x830
[  555.631634][T10350]  ? __pfx_____sys_sendmsg+0x10/0x10
[  555.631667][T10350]  ? import_iovec+0x74/0xa0
[  555.631691][T10350]  ___sys_sendmsg+0x21f/0x2a0
[  555.631716][T10350]  ? __pfx____sys_sendmsg+0x10/0x10
[  555.631777][T10350]  ? __fget_files+0x2a/0x420
[  555.631793][T10350]  ? __fget_files+0x3a0/0x420
[  555.631820][T10350]  __x64_sys_sendmsg+0x19b/0x260
[  555.631846][T10350]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  555.631880][T10350]  ? rcu_is_watching+0x15/0xb0
[  555.631906][T10350]  ? do_syscall_64+0xbe/0x3b0
[  555.631930][T10350]  do_syscall_64+0xfa/0x3b0
[  555.631952][T10350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.631968][T10350]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  555.631983][T10350]  ? clear_bhb_loop+0x60/0xb0
[  555.632004][T10350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.632027][T10350] RIP: 0033:0x7fd77658eec9
[  555.632044][T10350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.632060][T10350] RSP: 002b:00007fd773fb0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  555.632079][T10350] RAX: ffffffffffffffda RBX: 00007fd7767e6360 RCX: 00007fd77658eec9
[  555.632091][T10350] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000a
[  555.632102][T10350] RBP: 00007fd776611f91 R08: 0000000000000000 R09: 0000000000000000
[  555.632113][T10350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  555.632123][T10350] R13: 00007fd7767e63f8 R14: 00007fd7767e6360 R15: 00007fd77690fa28
[  555.632152][T10350]  </TASK>
[  556.245245][ T5843] usb 4-1: new low-speed USB device number 36 using dummy_hcd
[  556.417516][ T5843] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  556.428999][ T5843] usb 4-1: config 0 has no interface number 0
[  556.435536][ T5843] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  556.455055][ T5843] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  556.465981][ T5843] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  556.477827][ T5843] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  556.488975][ T5843] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  556.499839][ T5843] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  556.512943][ T5843] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  556.522218][ T5843] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.536010][ T5843] usb 4-1: config 0 descriptor??
[  556.542189][T10348] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  556.555938][T10348] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  556.586284][ T5843] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  556.698375][T10357] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1137'.
[  556.707837][T10357] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1137'.
[  556.795633][ T5843] usb 4-1: USB disconnect, device number 36
[  556.809335][ T5843] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  557.800491][T10379] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  558.447107][   T24] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  558.828251][   T24] usb 4-1: Using ep0 maxpacket: 8
[  558.837976][   T24] usb 4-1: config 2 has an invalid interface number: 31 but max is 0
[  558.846643][   T24] usb 4-1: config 2 has no interface number 0
[  558.866829][   T24] usb 4-1: config 2 interface 31 has no altsetting 0
[  558.889809][   T24] usb 4-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  558.904522][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.923042][   T24] usb 4-1: Product: syz
[  558.928324][   T24] usb 4-1: Manufacturer: syz
[  558.953524][   T24] usb 4-1: SerialNumber: syz
[  558.978141][T10366] netlink: 'syz.4.1140': attribute type 1 has an invalid length.
[  559.005707][T10366] netlink: 'syz.4.1140': attribute type 2 has an invalid length.
[  559.021784][   T24] ch9200 4-1:2.31: probe with driver ch9200 failed with error -22
[  559.026055][T10366] netlink: 'syz.4.1140': attribute type 1 has an invalid length.
[  559.058875][T10366] netlink: 'syz.4.1140': attribute type 2 has an invalid length.
[  559.172959][T10361] netlink: 'syz.2.1138': attribute type 6 has an invalid length.
[  559.460828][T10392] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1146'.
[  559.491067][T10392] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1146'.
[  559.494757][   T24] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  559.705846][   T24] usb 2-1: Invalid ep0 maxpacket: 9
[  559.924704][   T24] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  560.104072][T10400] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1148'.
[  560.169319][T10400] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1148'.
[  560.216913][   T24] usb 2-1: Invalid ep0 maxpacket: 9
[  560.229509][   T24] usb usb2-port1: attempt power cycle
[  560.451887][T10403] geneve2: entered promiscuous mode
[  560.556954][T10403] geneve2: entered allmulticast mode
[  560.595919][   T24] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  560.616444][ T8676] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  560.672629][ T8676] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  560.683196][   T24] usb 2-1: Invalid ep0 maxpacket: 9
[  560.723512][ T5935] usb 4-1: USB disconnect, device number 37
[  560.745579][ T8676] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  560.815324][ T8676] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  560.876704][   T24] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  560.945481][   T24] usb 2-1: Invalid ep0 maxpacket: 9
[  560.974366][   T24] usb usb2-port1: unable to enumerate USB device
[  562.019488][T10429] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  562.486816][T10422] netlink: 'syz.3.1156': attribute type 1 has an invalid length.
[  562.521787][T10422] netlink: 'syz.3.1156': attribute type 2 has an invalid length.
[  562.660895][T10422] netlink: 'syz.3.1156': attribute type 1 has an invalid length.
[  562.700513][T10422] netlink: 'syz.3.1156': attribute type 2 has an invalid length.
[  563.265185][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  563.271641][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  563.451835][T10427] netlink: 'syz.4.1158': attribute type 6 has an invalid length.
[  564.135023][T10451] geneve2: entered promiscuous mode
[  564.153547][T10451] geneve2: entered allmulticast mode
[  564.201773][ T1121] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  564.275929][ T1121] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  564.407004][ T1121] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[  564.443127][ T1121] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[  565.070534][T10473] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1171'.
[  565.270408][T10476] netlink: 'syz.1.1172': attribute type 1 has an invalid length.
[  565.427708][T10476] netlink: 488 bytes leftover after parsing attributes in process `syz.1.1172'.
[  565.438337][T10476] netlink: 488 bytes leftover after parsing attributes in process `syz.1.1172'.
[  566.497554][T10496] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  568.454300][T10509] netlink: 'syz.2.1177': attribute type 6 has an invalid length.
[  568.491620][T10518] netlink: 14220 bytes leftover after parsing attributes in process `syz.3.1183'.
[  568.880673][   T30] audit: type=1326 audit(1759821578.861:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10519 comm="syz.1.1184" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f11c9d8eec9 code=0x0
[  569.852254][ T5843] usb 4-1: new low-speed USB device number 38 using dummy_hcd
[  570.066981][ T5843] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  570.075866][ T5843] usb 4-1: config 0 has no interface number 0
[  570.081964][ T5843] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  570.107746][ T5843] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  570.119488][ T5843] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  570.132136][ T5843] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  570.147226][ T5843] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  570.159285][ T5843] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  570.173986][ T5843] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  570.404660][ T5843] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.464711][ T5843] usb 4-1: config 0 descriptor??
[  570.478067][T10539] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  570.486599][T10539] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  570.508738][ T5843] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  570.697818][T10539] ldusb 4-1:0.55: Write buffer overflow, 5 bytes dropped
[  570.709977][ T5843] usb 4-1: USB disconnect, device number 38
[  570.730824][ T5843] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  570.740482][T10550] FAULT_INJECTION: forcing a failure.
[  570.740482][T10550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  570.779047][T10550] CPU: 1 UID: 0 PID: 10550 Comm: syz.1.1192 Not tainted syzkaller #0 PREEMPT(full) 
[  570.779073][T10550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  570.779081][T10550] Call Trace:
[  570.779087][T10550]  <TASK>
[  570.779093][T10550]  dump_stack_lvl+0x189/0x250
[  570.779114][T10550]  ? __pfx____ratelimit+0x10/0x10
[  570.779132][T10550]  ? __pfx_dump_stack_lvl+0x10/0x10
[  570.779165][T10550]  ? __pfx__printk+0x10/0x10
[  570.779194][T10550]  ? __might_fault+0xb0/0x130
[  570.779235][T10550]  should_fail_ex+0x414/0x560
[  570.779270][T10550]  _copy_from_user+0x2d/0xb0
[  570.779298][T10550]  do_sock_getsockopt+0x17d/0x450
[  570.779332][T10550]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  570.779360][T10550]  ? do_syscall_64+0x40/0x3b0
[  570.779384][T10550]  ? __fget_files+0x3a0/0x420
[  570.779405][T10550]  ? __fget_files+0x2a/0x420
[  570.779435][T10550]  __x64_sys_getsockopt+0x1a5/0x250
[  570.779463][T10550]  ? do_syscall_64+0x40/0x3b0
[  570.779490][T10550]  ? do_syscall_64+0x40/0x3b0
[  570.779520][T10550]  do_syscall_64+0xfa/0x3b0
[  570.779555][T10550]  ? lockdep_hardirqs_on+0x9c/0x150
[  570.779580][T10550]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.779600][T10550]  ? clear_bhb_loop+0x60/0xb0
[  570.779627][T10550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.779647][T10550] RIP: 0033:0x7f11c9d8eec9
[  570.779667][T10550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.779686][T10550] RSP: 002b:00007f11caba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  570.779710][T10550] RAX: ffffffffffffffda RBX: 00007f11c9fe5fa0 RCX: 00007f11c9d8eec9
[  570.779726][T10550] RDX: 0000000000000084 RSI: 0000000000000084 RDI: 0000000000000003
[  570.779739][T10550] RBP: 00007f11caba3090 R08: 0000200000000180 R09: 0000000000000000
[  570.779753][T10550] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  570.779767][T10550] R13: 00007f11c9fe6038 R14: 00007f11c9fe5fa0 R15: 00007f11ca10fa28
[  570.779800][T10550]  </TASK>
[  571.143909][   T12] wlan1: Trigger new scan to find an IBSS to join
[  571.335202][T10559] netlink: 666 bytes leftover after parsing attributes in process `syz.4.1194'.
[  572.106380][T10568] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  572.404577][ T5935] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  572.764525][ T5843] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  572.772510][    C0] raw-gadget.1 gadget.4: ignoring, device is not running
[  572.844610][ T5935] usb 4-1: Using ep0 maxpacket: 8
[  572.870403][ T5935] usb 4-1: unable to get BOS descriptor or descriptor too short
[  572.881007][T10579] input: syz1 as /devices/virtual/input/input15
[  572.892314][ T5935] usb 4-1: config 8 interface 0 altsetting 7 endpoint 0x83 has invalid maxpacket 24929, setting to 1024
[  573.078760][ T5935] usb 4-1: config 8 interface 0 altsetting 7 bulk endpoint 0x83 has invalid maxpacket 1024
[  573.099959][ T5935] usb 4-1: config 8 interface 0 has no altsetting 0
[  573.106777][ T5843] usb 5-1: device descriptor read/64, error -32
[  573.117205][ T5935] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  573.129228][ T5935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.147050][ T5935] usb 4-1: Product: syz
[  573.151400][ T5935] usb 4-1: Manufacturer: syz
[  573.159167][ T5935] usb 4-1: SerialNumber: syz
[  573.166954][T10565] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  573.294837][  T981] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  573.375676][ T5843] usb 5-1: new full-speed USB device number 36 using dummy_hcd
[  573.539247][ T5935] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  573.554865][ T5935] usb 4-1: selecting invalid altsetting 0
[  573.598008][  T981] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  573.638038][  T981] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  573.656463][ T5843] usb 5-1: unable to get BOS descriptor or descriptor too short
[  573.669524][ T5935] usb 4-1: USB disconnect, device number 39
[  573.696472][ T5843] usb 5-1: not running at top speed; connect to a high speed hub
[  573.717982][  T981] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.810914][ T5843] usb 5-1: config 0 has an invalid interface number: 88 but max is 0
[  573.843345][  T981] usb 2-1: Product: syz
[  573.894987][  T981] usb 2-1: Manufacturer: syz
[  573.901111][ T5843] usb 5-1: config 0 has no interface number 0
[  573.914308][  T981] usb 2-1: SerialNumber: syz
[  573.925260][ T5843] usb 5-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10
[  573.946579][ T5843] usb 5-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  573.964591][ T5843] usb 5-1: config 0 interface 88 has no altsetting 0
[  573.968042][T10589] udevd[10589]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  573.975901][ T5843] usb 5-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  573.999575][ T5843] usb 5-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  574.009098][ T5843] usb 5-1: Product: syz
[  574.013312][ T5843] usb 5-1: Manufacturer: syz
[  574.020623][ T5843] usb 5-1: SerialNumber: syz
[  574.033082][  T981] usb 2-1: config 0 descriptor??
[  574.071185][ T5843] usb 5-1: config 0 descriptor??
[  574.504725][T10584] netlink: 'syz.2.1201': attribute type 6 has an invalid length.
[  574.774559][   T24] usb 4-1: new low-speed USB device number 40 using dummy_hcd
[  574.926770][   T24] usb 4-1: No LPM exit latency info found, disabling LPM.
[  574.941074][   T24] usb 4-1: string descriptor 0 read error: -22
[  574.965410][   T24] usb 4-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  574.984065][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.029411][   T24] usb 4-1: config 0 descriptor??
[  575.227310][   T12] wlan1: Trigger new scan to find an IBSS to join
[  575.319600][   T24] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  575.391263][   T24] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  575.411562][   T24] dib0700: firmware download failed at 7 with -22
[  575.480678][ T5843] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.88/input/input16
[  575.515042][   T24] usb 4-1: USB disconnect, device number 40
[  575.900565][ T5843] usb 5-1: USB disconnect, device number 36
[  577.009575][ T8676] wlan1: Creating new IBSS network, BSSID aa:34:6e:a6:13:0f
[  577.425593][   T24] usb 2-1: USB disconnect, device number 42
[  577.545489][ T5843] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  577.592533][T10625] binder: 10624:10625 ioctl c018620c 200000000640 returned -22
[  577.653225][T10621] input input17: cannot allocate more than FF_MAX_EFFECTS effects
[  577.739184][ T5843] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  577.750054][ T5843] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.774784][ T5843] usb 4-1: Product: syz
[  577.779246][ T5843] usb 4-1: Manufacturer: syz
[  577.783902][ T5843] usb 4-1: SerialNumber: syz
[  578.042924][ T5843] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  578.088685][T10638] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1213'.
[  578.109183][ T5843] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  578.149600][ T5843] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  578.216322][ T5843] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  578.306583][ T5843] usb 4-1: USB disconnect, device number 41
[  579.484169][T10653] 8021q: adding VLAN 0 to HW filter on device batadv3
[  579.507431][T10653] team0: Port device batadv3 added
[  579.561631][T10653] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1216'.
[  579.594017][T10653] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  579.605632][T10653] CPU: 0 UID: 0 PID: 10653 Comm: syz.3.1216 Not tainted syzkaller #0 PREEMPT(full) 
[  579.605663][T10653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  579.605677][T10653] Call Trace:
[  579.605687][T10653]  <TASK>
[  579.605697][T10653]  dump_stack_lvl+0x189/0x250
[  579.605735][T10653]  ? __pfx_dump_stack_lvl+0x10/0x10
[  579.605764][T10653]  ? __pfx__printk+0x10/0x10
[  579.605800][T10653]  ? __rcu_read_unlock+0x84/0xe0
[  579.605824][T10653]  ? kernfs_path_from_node+0x2f/0x290
[  579.605853][T10653]  ? kernfs_path_from_node+0x250/0x290
[  579.605879][T10653]  ? kernfs_path_from_node+0x2f/0x290
[  579.605912][T10653]  sysfs_warn_dup+0x8e/0xa0
[  579.605940][T10653]  sysfs_do_create_link_sd+0xc0/0x110
[  579.605972][T10653]  device_add_class_symlinks+0x1cf/0x240
[  579.606007][T10653]  device_add+0x475/0xb50
[  579.606044][T10653]  wiphy_register+0x1c81/0x2aa0
[  579.606095][T10653]  ? __pfx_wiphy_register+0x10/0x10
[  579.606117][T10653]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  579.606149][T10653]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  579.606172][T10653]  ieee80211_register_hw+0x3473/0x40d0
[  579.606205][T10653]  ? ieee80211_register_hw+0x14b1/0x40d0
[  579.606232][T10653]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  579.606249][T10653]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  579.606271][T10653]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  579.606289][T10653]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  579.606313][T10653]  ? __hrtimer_setup+0x187/0x210
[  579.606333][T10653]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  579.606367][T10653]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  579.606416][T10653]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  579.606434][T10653]  ? trace_kmalloc+0x1f/0xd0
[  579.606455][T10653]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  579.606481][T10653]  ? kstrndup+0xbf/0x160
[  579.606512][T10653]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  579.606538][T10653]  ? __pfx___nla_validate_parse+0x10/0x10
[  579.606570][T10653]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  579.606603][T10653]  ? rcu_is_watching+0x15/0xb0
[  579.606633][T10653]  ? __nla_parse+0x40/0x60
[  579.606653][T10653]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  579.606679][T10653]  genl_family_rcv_msg_doit+0x215/0x300
[  579.606702][T10653]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  579.606732][T10653]  ? bpf_lsm_capable+0x9/0x20
[  579.606752][T10653]  ? security_capable+0x7e/0x2e0
[  579.606780][T10653]  genl_rcv_msg+0x60e/0x790
[  579.606802][T10653]  ? __pfx_genl_rcv_msg+0x10/0x10
[  579.606818][T10653]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  579.606851][T10653]  netlink_rcv_skb+0x208/0x470
[  579.606870][T10653]  ? __lock_acquire+0xab9/0xd20
[  579.606889][T10653]  ? __pfx_genl_rcv_msg+0x10/0x10
[  579.606906][T10653]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  579.606947][T10653]  ? down_read+0x1ad/0x2e0
[  579.606970][T10653]  genl_rcv+0x28/0x40
[  579.606993][T10653]  netlink_unicast+0x82c/0x9e0
[  579.607022][T10653]  ? __pfx_netlink_unicast+0x10/0x10
[  579.607042][T10653]  ? netlink_sendmsg+0x642/0xb30
[  579.607061][T10653]  ? skb_put+0x11b/0x210
[  579.607087][T10653]  netlink_sendmsg+0x805/0xb30
[  579.607118][T10653]  ? __pfx_netlink_sendmsg+0x10/0x10
[  579.607141][T10653]  ? lockdep_hardirqs_on+0x9c/0x150
[  579.607167][T10653]  ? aa_sock_msg_perm+0xf1/0x1d0
[  579.607192][T10653]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  579.607209][T10653]  ? __pfx_netlink_sendmsg+0x10/0x10
[  579.607231][T10653]  __sock_sendmsg+0x21c/0x270
[  579.607253][T10653]  ____sys_sendmsg+0x505/0x830
[  579.607289][T10653]  ? __pfx_____sys_sendmsg+0x10/0x10
[  579.607321][T10653]  ? import_iovec+0x74/0xa0
[  579.607345][T10653]  ___sys_sendmsg+0x21f/0x2a0
[  579.607370][T10653]  ? __pfx____sys_sendmsg+0x10/0x10
[  579.607430][T10653]  ? __fget_files+0x2a/0x420
[  579.607445][T10653]  ? __fget_files+0x3a0/0x420
[  579.607473][T10653]  __x64_sys_sendmsg+0x19b/0x260
[  579.607505][T10653]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  579.607541][T10653]  ? rcu_is_watching+0x15/0xb0
[  579.607567][T10653]  ? do_syscall_64+0xbe/0x3b0
[  579.607592][T10653]  do_syscall_64+0xfa/0x3b0
[  579.607612][T10653]  ? lockdep_hardirqs_on+0x9c/0x150
[  579.607631][T10653]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.607648][T10653]  ? clear_bhb_loop+0x60/0xb0
[  579.607668][T10653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.607684][T10653] RIP: 0033:0x7f243b18eec9
[  579.607701][T10653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.607716][T10653] RSP: 002b:00007f243c07b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  579.607736][T10653] RAX: ffffffffffffffda RBX: 00007f243b3e6180 RCX: 00007f243b18eec9
[  579.607748][T10653] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000b
[  579.607759][T10653] RBP: 00007f243b211f91 R08: 0000000000000000 R09: 0000000000000000
[  579.607770][T10653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  579.607781][T10653] R13: 00007f243b3e6218 R14: 00007f243b3e6180 R15: 00007f243b50fa28
[  579.607810][T10653]  </TASK>
[  581.316229][T10643] netlink: 'syz.0.1215': attribute type 6 has an invalid length.
[  582.103263][   T10] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  582.395385][   T10] usb 2-1: Using ep0 maxpacket: 8
[  582.402812][   T10] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  582.459006][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.526435][   T10] usb 2-1: config 0 descriptor??
[  582.661253][  T981] usb 1-1: new low-speed USB device number 36 using dummy_hcd
[  582.887864][  T981] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  582.902461][  T981] usb 1-1: config 0 has no interface number 0
[  582.921206][  T981] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  582.957589][  T981] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  583.000146][  T981] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  583.019914][  T981] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  583.034590][  T981] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  583.046237][  T981] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  583.072871][  T981] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  583.084532][  T981] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.113048][  T981] usb 1-1: config 0 descriptor??
[  583.120699][T10677] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  583.134814][T10677] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  583.167186][  T981] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  583.244606][   T24] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  583.359295][T10677] ldusb 1-1:0.55: Write buffer overflow, 5 bytes dropped
[  583.387817][  T981] usb 1-1: USB disconnect, device number 36
[  583.396593][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  583.414586][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  583.428457][  T981] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  583.437907][   T24] usb 3-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  583.457900][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.555250][   T24] usb 3-1: config 0 descriptor??
[  583.979309][   T24] petalynx 0003:18B1:0037.0019: collection stack underflow
[  583.989372][   T24] petalynx 0003:18B1:0037.0019: item 0 4 0 12 parsing failed
[  584.001502][   T24] petalynx 0003:18B1:0037.0019: parse failed
[  584.129271][   T24] petalynx 0003:18B1:0037.0019: probe with driver petalynx failed with error -22
[  584.204697][T10692] netlink: 14220 bytes leftover after parsing attributes in process `syz.4.1229'.
[  584.207443][  T981] usb 3-1: USB disconnect, device number 39
[  584.582804][   T10] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71
[  584.602570][   T10] asix 2-1:0.0: probe with driver asix failed with error -71
[  584.638775][   T10] usb 2-1: USB disconnect, device number 43
[  584.764586][   T44] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  585.006834][T10707] vlan2: entered allmulticast mode
[  585.077588][T10707] bridge0: port 3(vlan2) entered blocking state
[  585.085047][T10707] bridge0: port 3(vlan2) entered disabled state
[  585.157418][T10707] vlan2: entered promiscuous mode
[  585.647594][T10716] 8021q: adding VLAN 0 to HW filter on device batadv4
[  585.668557][T10716] team0: Port device batadv4 added
[  585.733814][T10716] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1234'.
[  585.745864][T10724] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1239'.
[  585.759251][T10716] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  585.778964][T10724] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1239'.
[  585.910892][T10716] CPU: 0 UID: 0 PID: 10716 Comm: syz.3.1234 Not tainted syzkaller #0 PREEMPT(full) 
[  585.910925][T10716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  585.910937][T10716] Call Trace:
[  585.910947][T10716]  <TASK>
[  585.910957][T10716]  dump_stack_lvl+0x189/0x250
[  585.910994][T10716]  ? __pfx_dump_stack_lvl+0x10/0x10
[  585.911021][T10716]  ? __pfx__printk+0x10/0x10
[  585.911057][T10716]  ? kernfs_path_from_node+0x2f/0x290
[  585.911084][T10716]  ? kernfs_path_from_node+0x250/0x290
[  585.911109][T10716]  ? kernfs_path_from_node+0x2f/0x290
[  585.911140][T10716]  sysfs_warn_dup+0x8e/0xa0
[  585.911167][T10716]  sysfs_do_create_link_sd+0xc0/0x110
[  585.911195][T10716]  device_add_class_symlinks+0x1cf/0x240
[  585.911228][T10716]  device_add+0x475/0xb50
[  585.911262][T10716]  wiphy_register+0x1c81/0x2aa0
[  585.911311][T10716]  ? __pfx_wiphy_register+0x10/0x10
[  585.911336][T10716]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  585.911369][T10716]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  585.911396][T10716]  ieee80211_register_hw+0x3473/0x40d0
[  585.911436][T10716]  ? ieee80211_register_hw+0x14b1/0x40d0
[  585.911470][T10716]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  585.911489][T10716]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  585.911515][T10716]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  585.911538][T10716]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  585.911570][T10716]  ? __hrtimer_setup+0x187/0x210
[  585.911594][T10716]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  585.911615][T10716]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  585.911650][T10716]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  585.911664][T10716]  ? trace_kmalloc+0x1f/0xd0
[  585.911680][T10716]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  585.911700][T10716]  ? kstrndup+0xbf/0x160
[  585.911721][T10716]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  585.911740][T10716]  ? __pfx___nla_validate_parse+0x10/0x10
[  585.911763][T10716]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  585.911783][T10716]  ? rcu_is_watching+0x15/0xb0
[  585.911812][T10716]  ? __nla_parse+0x40/0x60
[  585.911827][T10716]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  585.911845][T10716]  genl_family_rcv_msg_doit+0x215/0x300
[  585.911863][T10716]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  585.911885][T10716]  ? bpf_lsm_capable+0x9/0x20
[  585.911901][T10716]  ? security_capable+0x7e/0x2e0
[  585.911922][T10716]  genl_rcv_msg+0x60e/0x790
[  585.911939][T10716]  ? __pfx_genl_rcv_msg+0x10/0x10
[  585.911950][T10716]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  585.911975][T10716]  netlink_rcv_skb+0x208/0x470
[  585.911991][T10716]  ? __lock_acquire+0xab9/0xd20
[  585.912005][T10716]  ? __pfx_genl_rcv_msg+0x10/0x10
[  585.912018][T10716]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  585.912050][T10716]  ? down_read+0x1ad/0x2e0
[  585.912069][T10716]  genl_rcv+0x28/0x40
[  585.912087][T10716]  netlink_unicast+0x82c/0x9e0
[  585.912108][T10716]  ? __pfx_netlink_unicast+0x10/0x10
[  585.912123][T10716]  ? netlink_sendmsg+0x642/0xb30
[  585.912138][T10716]  ? skb_put+0x11b/0x210
[  585.912158][T10716]  netlink_sendmsg+0x805/0xb30
[  585.912181][T10716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  585.912200][T10716]  ? aa_sock_msg_perm+0xf1/0x1d0
[  585.912219][T10716]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  585.912232][T10716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  585.912249][T10716]  __sock_sendmsg+0x21c/0x270
[  585.912265][T10716]  ____sys_sendmsg+0x505/0x830
[  585.912288][T10716]  ? __pfx_____sys_sendmsg+0x10/0x10
[  585.912312][T10716]  ? import_iovec+0x74/0xa0
[  585.912330][T10716]  ___sys_sendmsg+0x21f/0x2a0
[  585.912350][T10716]  ? __pfx____sys_sendmsg+0x10/0x10
[  585.912393][T10716]  ? __fget_files+0x2a/0x420
[  585.912405][T10716]  ? __fget_files+0x3a0/0x420
[  585.912425][T10716]  __x64_sys_sendmsg+0x19b/0x260
[  585.912445][T10716]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  585.912470][T10716]  ? rcu_is_watching+0x15/0xb0
[  585.912490][T10716]  ? do_syscall_64+0xbe/0x3b0
[  585.912508][T10716]  do_syscall_64+0xfa/0x3b0
[  585.912524][T10716]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.912537][T10716]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  585.912550][T10716]  ? clear_bhb_loop+0x60/0xb0
[  585.912570][T10716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.912587][T10716] RIP: 0033:0x7f243b18eec9
[  585.912607][T10716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.912625][T10716] RSP: 002b:00007f243c05a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  585.912647][T10716] RAX: ffffffffffffffda RBX: 00007f243b3e6270 RCX: 00007f243b18eec9
[  585.912662][T10716] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000b
[  585.912676][T10716] RBP: 00007f243b211f91 R08: 0000000000000000 R09: 0000000000000000
[  585.912689][T10716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  585.912697][T10716] R13: 00007f243b3e6308 R14: 00007f243b3e6270 R15: 00007f243b50fa28
[  585.912717][T10716]  </TASK>
[  587.270172][T10740] netlink: 14220 bytes leftover after parsing attributes in process `syz.0.1242'.
[  587.284822][  T981] usb 3-1: new low-speed USB device number 40 using dummy_hcd
[  587.466145][T10738] ipvlan3: entered promiscuous mode
[  587.472936][T10738] 8021q: adding VLAN 0 to HW filter on device ipvlan3
[  587.496576][  T981] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  587.623235][  T981] usb 3-1: config 0 has no interface number 0
[  587.644479][  T981] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  587.674244][  T981] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  587.697006][  T981] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  587.710770][  T981] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  587.929733][  T981] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  588.011172][  T981] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  588.155299][  T981] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  588.192502][  T981] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.253780][  T981] usb 3-1: config 0 descriptor??
[  588.281870][T10736] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  588.290127][T10736] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  588.301858][  T981] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  588.520913][T10734] ldusb 3-1:0.55: Write buffer overflow, 5 bytes dropped
[  588.538892][  T981] usb 3-1: USB disconnect, device number 40
[  588.553176][  T981] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  589.264713][  T981] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  589.360395][T10779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1252'.
[  589.370580][T10779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1252'.
[  589.443256][  T981] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  589.443741][T10780] syz_tun: entered allmulticast mode
[  589.457179][  T981] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  589.468928][  T981] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.505406][  T981] usb 5-1: Product: syz
[  589.514696][  T981] usb 5-1: Manufacturer: syz
[  589.540727][  T981] usb 5-1: SerialNumber: syz
[  589.550908][T10778] syz_tun: left allmulticast mode
[  589.629651][  T981] usb 5-1: config 0 descriptor??
[  591.716540][T10809] netlink: 'syz.0.1261': attribute type 5 has an invalid length.
[  591.851729][T10809] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1261'.
[  592.758399][T10821] kernel read not supported for file /eth0 (pid: 10821 comm: syz.2.1265)
[  592.797647][   T30] audit: type=1800 audit(1759821602.811:340): pid=10821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1265" name="eth0" dev="mqueue" ino=23236 res=0 errno=0
[  593.092109][ T5843] usb 5-1: USB disconnect, device number 37
[  594.183280][T10845] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1270'.
[  594.296779][T10848] FAULT_INJECTION: forcing a failure.
[  594.296779][T10848] name failslab, interval 1, probability 0, space 0, times 0
[  594.296828][T10848] CPU: 1 UID: 0 PID: 10848 Comm: syz.2.1271 Not tainted syzkaller #0 PREEMPT(full) 
[  594.296843][T10848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  594.296851][T10848] Call Trace:
[  594.296856][T10848]  <TASK>
[  594.296863][T10848]  dump_stack_lvl+0x189/0x250
[  594.296883][T10848]  ? __pfx____ratelimit+0x10/0x10
[  594.296898][T10848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  594.296913][T10848]  ? __pfx__printk+0x10/0x10
[  594.296931][T10848]  ? netlink_sendmsg+0x805/0xb30
[  594.296952][T10848]  ? __x64_sys_sendmsg+0x19b/0x260
[  594.296978][T10848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.297007][T10848]  should_fail_ex+0x414/0x560
[  594.297035][T10848]  should_failslab+0xa8/0x100
[  594.297052][T10848]  kmem_cache_alloc_noprof+0x74/0x6e0
[  594.297071][T10848]  ? skb_clone+0x212/0x3a0
[  594.297093][T10848]  skb_clone+0x212/0x3a0
[  594.297113][T10848]  __netlink_deliver_tap+0x404/0x850
[  594.297137][T10848]  ? netlink_deliver_tap+0x2e/0x1b0
[  594.297154][T10848]  netlink_deliver_tap+0x19c/0x1b0
[  594.297171][T10848]  netlink_sendskb+0x68/0x140
[  594.297187][T10848]  netlink_unicast+0x397/0x9e0
[  594.297199][T10848]  ? __asan_memcpy+0x40/0x70
[  594.297221][T10848]  ? __pfx_netlink_unicast+0x10/0x10
[  594.297241][T10848]  netlink_rcv_skb+0x28c/0x470
[  594.297256][T10848]  ? __lock_acquire+0xab9/0xd20
[  594.297271][T10848]  ? __pfx_genl_rcv_msg+0x10/0x10
[  594.297284][T10848]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  594.297311][T10848]  ? down_read+0x1ad/0x2e0
[  594.297330][T10848]  genl_rcv+0x28/0x40
[  594.297348][T10848]  netlink_unicast+0x82c/0x9e0
[  594.297368][T10848]  ? __pfx_netlink_unicast+0x10/0x10
[  594.297383][T10848]  ? netlink_sendmsg+0x642/0xb30
[  594.297397][T10848]  ? skb_put+0x11b/0x210
[  594.297416][T10848]  netlink_sendmsg+0x805/0xb30
[  594.297438][T10848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  594.297457][T10848]  ? aa_sock_msg_perm+0xf1/0x1d0
[  594.297476][T10848]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  594.297490][T10848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  594.297507][T10848]  __sock_sendmsg+0x21c/0x270
[  594.297522][T10848]  ____sys_sendmsg+0x505/0x830
[  594.297544][T10848]  ? __pfx_____sys_sendmsg+0x10/0x10
[  594.297568][T10848]  ? import_iovec+0x74/0xa0
[  594.297585][T10848]  ___sys_sendmsg+0x21f/0x2a0
[  594.297605][T10848]  ? __pfx____sys_sendmsg+0x10/0x10
[  594.297646][T10848]  ? __fget_files+0x2a/0x420
[  594.297657][T10848]  ? __fget_files+0x3a0/0x420
[  594.297676][T10848]  __x64_sys_sendmsg+0x19b/0x260
[  594.297696][T10848]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  594.297720][T10848]  ? __pfx_ksys_write+0x10/0x10
[  594.297742][T10848]  ? do_syscall_64+0xbe/0x3b0
[  594.297761][T10848]  do_syscall_64+0xfa/0x3b0
[  594.297775][T10848]  ? lockdep_hardirqs_on+0x9c/0x150
[  594.297798][T10848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.297810][T10848]  ? clear_bhb_loop+0x60/0xb0
[  594.297825][T10848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.297837][T10848] RIP: 0033:0x7fa7e0d8eec9
[  594.297849][T10848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  594.297860][T10848] RSP: 002b:00007fa7e1d06038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  594.297875][T10848] RAX: ffffffffffffffda RBX: 00007fa7e0fe5fa0 RCX: 00007fa7e0d8eec9
[  594.297885][T10848] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  594.297893][T10848] RBP: 00007fa7e1d06090 R08: 0000000000000000 R09: 0000000000000000
[  594.297900][T10848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  594.297908][T10848] R13: 00007fa7e0fe6038 R14: 00007fa7e0fe5fa0 R15: 00007fa7e110fa28
[  594.297928][T10848]  </TASK>
[  595.160364][   T44] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  595.336752][   T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  595.336779][   T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  595.336795][   T44] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  595.336823][   T44] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  595.336839][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.339294][   T44] usb 3-1: config 0 descriptor??
[  595.760025][T10861] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1273'.
[  596.785428][T10849] syz.4.1270 (10849): drop_caches: 2
[  597.100245][T10845] tty tty29: ldisc open failed (-12), clearing slot 28
[  597.547512][   T44] usbhid 3-1:0.0: can't add hid device: -71
[  597.553702][   T44] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  597.619051][   T44] usb 3-1: USB disconnect, device number 41
[  597.794596][T10858] netlink: 'syz.0.1274': attribute type 6 has an invalid length.
[  598.016682][T10880] veth1_to_bond: entered allmulticast mode
[  598.034895][T10880] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1277'.
[  598.139387][T10885] netlink: 'syz.1.1277': attribute type 10 has an invalid length.
[  598.230403][T10887] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1281'.
[  598.284086][T10880] bond0: (slave bond_slave_1): Releasing backup interface
[  598.390664][T10880] veth1_to_bond (unregistering): left allmulticast mode
[  598.473635][T10885] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  598.673326][T10892] sctp: [Deprecated]: syz.3.1283 (pid 10892) Use of struct sctp_assoc_value in delayed_ack socket option.
[  598.673326][T10892] Use struct sctp_sack_info instead
[  598.780950][T10896] loop2: detected capacity change from 0 to 7
[  598.799808][T10582] Dev loop2: unable to read RDB block 7
[  598.818067][T10582]  loop2: AHDI p1 p2 p3
[  598.996950][T10898] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1284'.
[  599.327446][T10582] loop2: partition table partially beyond EOD, truncated
[  599.365860][T10582] loop2: p1 start 1601398130 is beyond EOD, truncated
[  599.389917][T10582] loop2: p2 start 1702059890 is beyond EOD, truncated
[  599.497266][T10896] Dev loop2: unable to read RDB block 7
[  599.502966][T10896]  loop2: AHDI p1 p2 p3
[  599.507399][T10896] loop2: partition table partially beyond EOD, truncated
[  599.523573][T10896] loop2: p1 start 1601398130 is beyond EOD, truncated
[  599.533618][T10896] loop2: p2 start 1702059890 is beyond EOD, truncated
[  599.698132][T10910] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1287'.
[  599.744814][T10910] FAULT_INJECTION: forcing a failure.
[  599.744814][T10910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  599.784322][T10910] CPU: 0 UID: 0 PID: 10910 Comm: syz.2.1287 Not tainted syzkaller #0 PREEMPT(full) 
[  599.784343][T10910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  599.784351][T10910] Call Trace:
[  599.784357][T10910]  <TASK>
[  599.784363][T10910]  dump_stack_lvl+0x189/0x250
[  599.784398][T10910]  ? __pfx____ratelimit+0x10/0x10
[  599.784422][T10910]  ? __pfx_dump_stack_lvl+0x10/0x10
[  599.784446][T10910]  ? __pfx__printk+0x10/0x10
[  599.784488][T10910]  should_fail_ex+0x414/0x560
[  599.784524][T10910]  _copy_to_user+0x31/0xb0
[  599.784552][T10910]  simple_read_from_buffer+0xe1/0x170
[  599.784589][T10910]  proc_fail_nth_read+0x1b3/0x220
[  599.784621][T10910]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  599.784651][T10910]  ? rw_verify_area+0x2a6/0x4d0
[  599.784679][T10910]  ? __lock_acquire+0xab9/0xd20
[  599.784700][T10910]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  599.784729][T10910]  vfs_read+0x1fd/0xa30
[  599.784756][T10910]  ? fdget_pos+0x247/0x320
[  599.784782][T10910]  ? __pfx___mutex_lock+0x10/0x10
[  599.784810][T10910]  ? __pfx_vfs_read+0x10/0x10
[  599.784842][T10910]  ? __fget_files+0x2a/0x420
[  599.784867][T10910]  ? __fget_files+0x3a0/0x420
[  599.784885][T10910]  ? __fget_files+0x2a/0x420
[  599.784916][T10910]  ksys_read+0x145/0x250
[  599.784945][T10910]  ? __pfx_ksys_read+0x10/0x10
[  599.784969][T10910]  ? rcu_is_watching+0x15/0xb0
[  599.785009][T10910]  ? do_syscall_64+0xbe/0x3b0
[  599.785040][T10910]  do_syscall_64+0xfa/0x3b0
[  599.785063][T10910]  ? lockdep_hardirqs_on+0x9c/0x150
[  599.785087][T10910]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.785107][T10910]  ? clear_bhb_loop+0x60/0xb0
[  599.785134][T10910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.785155][T10910] RIP: 0033:0x7fa7e0d8d8dc
[  599.785174][T10910] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  599.785191][T10910] RSP: 002b:00007fa7e1d06030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  599.785215][T10910] RAX: ffffffffffffffda RBX: 00007fa7e0fe5fa0 RCX: 00007fa7e0d8d8dc
[  599.785231][T10910] RDX: 000000000000000f RSI: 00007fa7e1d060a0 RDI: 0000000000000004
[  599.785244][T10910] RBP: 00007fa7e1d06090 R08: 0000000000000000 R09: 0000000000000000
[  599.785256][T10910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  599.785268][T10910] R13: 00007fa7e0fe6038 R14: 00007fa7e0fe5fa0 R15: 00007fa7e110fa28
[  599.785303][T10910]  </TASK>
[  600.984676][   T10] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  601.259976][T10936] 8021q: adding VLAN 0 to HW filter on device batadv4
[  601.280154][T10936] team0: Port device batadv4 added
[  601.300476][   T10] usb 3-1: config 220 has an invalid interface number: 72 but max is 2
[  601.310170][   T10] usb 3-1: config 220 has an invalid descriptor of length 201, skipping remainder of the config
[  601.381297][T10936] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1293'.
[  601.397767][   T10] usb 3-1: config 220 has no interface number 2
[  601.407770][T10936] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  601.472866][T10936] CPU: 1 UID: 0 PID: 10936 Comm: syz.1.1293 Not tainted syzkaller #0 PREEMPT(full) 
[  601.472899][T10936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  601.472914][T10936] Call Trace:
[  601.472934][T10936]  <TASK>
[  601.472945][T10936]  dump_stack_lvl+0x189/0x250
[  601.472985][T10936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  601.473013][T10936]  ? __pfx__printk+0x10/0x10
[  601.473054][T10936]  ? kernfs_path_from_node+0x2f/0x290
[  601.473085][T10936]  ? kernfs_path_from_node+0x250/0x290
[  601.473112][T10936]  ? kernfs_path_from_node+0x2f/0x290
[  601.473147][T10936]  sysfs_warn_dup+0x8e/0xa0
[  601.473176][T10936]  sysfs_do_create_link_sd+0xc0/0x110
[  601.473208][T10936]  device_add_class_symlinks+0x1cf/0x240
[  601.473247][T10936]  device_add+0x475/0xb50
[  601.473285][T10936]  wiphy_register+0x1c81/0x2aa0
[  601.473339][T10936]  ? __pfx_wiphy_register+0x10/0x10
[  601.473369][T10936]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  601.473404][T10936]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  601.473435][T10936]  ieee80211_register_hw+0x3473/0x40d0
[  601.473479][T10936]  ? ieee80211_register_hw+0x14b1/0x40d0
[  601.473517][T10936]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  601.473540][T10936]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  601.473571][T10936]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  601.473596][T10936]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  601.473630][T10936]  ? __hrtimer_setup+0x187/0x210
[  601.473656][T10936]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  601.473688][T10936]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  601.473755][T10936]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  601.473780][T10936]  ? trace_kmalloc+0x1f/0xd0
[  601.473809][T10936]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  601.473850][T10936]  ? kstrndup+0xbf/0x160
[  601.473889][T10936]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  601.473933][T10936]  ? __pfx___nla_validate_parse+0x10/0x10
[  601.473976][T10936]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  601.474011][T10936]  ? rcu_is_watching+0x15/0xb0
[  601.474045][T10936]  ? __nla_parse+0x40/0x60
[  601.474074][T10936]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  601.474109][T10936]  genl_family_rcv_msg_doit+0x215/0x300
[  601.474142][T10936]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  601.474182][T10936]  ? bpf_lsm_capable+0x9/0x20
[  601.474210][T10936]  ? security_capable+0x7e/0x2e0
[  601.474248][T10936]  genl_rcv_msg+0x60e/0x790
[  601.474279][T10936]  ? __pfx_genl_rcv_msg+0x10/0x10
[  601.474299][T10936]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  601.474341][T10936]  netlink_rcv_skb+0x208/0x470
[  601.474362][T10936]  ? __lock_acquire+0xab9/0xd20
[  601.474383][T10936]  ? __pfx_genl_rcv_msg+0x10/0x10
[  601.474405][T10936]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  601.474451][T10936]  ? down_read+0x1ad/0x2e0
[  601.474483][T10936]  genl_rcv+0x28/0x40
[  601.474511][T10936]  netlink_unicast+0x82c/0x9e0
[  601.474541][T10936]  ? __pfx_netlink_unicast+0x10/0x10
[  601.474560][T10936]  ? netlink_sendmsg+0x6a2/0xb30
[  601.474588][T10936]  netlink_sendmsg+0x805/0xb30
[  601.474619][T10936]  ? __pfx_netlink_sendmsg+0x10/0x10
[  601.474643][T10936]  ? aa_sock_msg_perm+0xf1/0x1d0
[  601.474668][T10936]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  601.474685][T10936]  ? __pfx_netlink_sendmsg+0x10/0x10
[  601.474707][T10936]  __sock_sendmsg+0x21c/0x270
[  601.474729][T10936]  ____sys_sendmsg+0x505/0x830
[  601.474759][T10936]  ? __pfx_____sys_sendmsg+0x10/0x10
[  601.474791][T10936]  ? import_iovec+0x74/0xa0
[  601.474814][T10936]  ___sys_sendmsg+0x21f/0x2a0
[  601.474840][T10936]  ? __pfx____sys_sendmsg+0x10/0x10
[  601.474899][T10936]  ? __fget_files+0x2a/0x420
[  601.474915][T10936]  ? __fget_files+0x3a0/0x420
[  601.474950][T10936]  __x64_sys_sendmsg+0x19b/0x260
[  601.474976][T10936]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  601.475010][T10936]  ? rcu_is_watching+0x15/0xb0
[  601.475036][T10936]  ? do_syscall_64+0xbe/0x3b0
[  601.475059][T10936]  do_syscall_64+0xfa/0x3b0
[  601.475080][T10936]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.475096][T10936]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  601.475112][T10936]  ? clear_bhb_loop+0x60/0xb0
[  601.475133][T10936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.475149][T10936] RIP: 0033:0x7f11c9d8eec9
[  601.475166][T10936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.475180][T10936] RSP: 002b:00007f11cab40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  601.475200][T10936] RAX: ffffffffffffffda RBX: 00007f11c9fe6270 RCX: 00007f11c9d8eec9
[  601.475213][T10936] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000b
[  601.475224][T10936] RBP: 00007f11c9e11f91 R08: 0000000000000000 R09: 0000000000000000
[  601.475234][T10936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  601.475244][T10936] R13: 00007f11c9fe6308 R14: 00007f11c9fe6270 R15: 00007f11ca10fa28
[  601.475272][T10936]  </TASK>
[  601.953681][    C1] vkms_vblank_simulate: vblank timer overrun
[  602.419393][   T10] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  602.480502][   T10] usb 3-1: config 220 interface 0 has no altsetting 0
[  602.488531][   T10] usb 3-1: config 220 interface 72 has no altsetting 0
[  602.500127][   T10] usb 3-1: config 220 interface 1 has no altsetting 0
[  602.512593][   T10] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.dc
[  602.522645][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.531046][   T10] usb 3-1: Product: syz
[  602.536306][   T10] usb 3-1: Manufacturer: syz
[  602.540928][   T10] usb 3-1: SerialNumber: syz
[  602.764344][   T10] usb 3-1: selecting invalid altsetting 0
[  602.778791][   T10] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  602.847272][   T10] uvcvideo 3-1:220.0: No valid video chain found.
[  602.965099][   T10] usb 3-1: selecting invalid altsetting 0
[  602.994724][   T10] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  603.064672][   T10] usb 3-1: USB disconnect, device number 42
[  603.394642][T10951] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1299'.
[  603.426409][T10951] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1299'.
[  603.542017][T10956] kernel read not supported for file /eth0 (pid: 10956 comm: syz.3.1301)
[  603.559249][   T30] audit: type=1800 audit(1759821613.571:341): pid=10956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1301" name="eth0" dev="mqueue" ino=41013 res=0 errno=0
[  604.575211][T10975] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1304'.
[  604.605886][   T44] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  604.974769][   T44] usb 5-1: Using ep0 maxpacket: 16
[  605.012764][   T44] usb 5-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  605.028657][   T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.257859][   T44] usb 5-1: Product: syz
[  605.262096][   T44] usb 5-1: Manufacturer: syz
[  605.284091][   T44] usb 5-1: SerialNumber: syz
[  605.326245][   T44] usb 5-1: config 0 descriptor??
[  605.337959][   T44] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  605.565914][   T44] gp8psk: usb in 128 operation failed.
[  606.804352][T10993] netlink: 14220 bytes leftover after parsing attributes in process `syz.1.1308'.
[  606.819601][   T44] gp8psk: usb in 146 operation failed.
[  606.827980][   T44] gp8psk: failed to get FW version
[  606.855018][   T44] gp8psk: usb in 149 operation failed.
[  606.863528][   T44] gp8psk: failed to get FPGA version
[  606.879522][   T44] usb 5-1: Direct firmware load for dvb-usb-gp8psk-02.fw failed with error -2
[  606.925500][   T36] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  607.025126][   T44] usb 5-1: Falling back to sysfs fallback for: dvb-usb-gp8psk-02.fw
[  607.638419][T10991] binder: 10988:10991 ioctl c0306201 200000000100 returned -11
[  607.695681][T10991] fuse: Bad value for 'fd'
[  607.966442][ T5914] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[  608.136952][ T5914] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  608.147917][ T5914] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  608.184437][ T5914] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  608.224866][ T5914] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  608.269280][ T5914] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  608.322317][ T5914] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  608.333053][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  608.341752][ T5914] usb 2-1: Product: syz
[  608.346558][ T5914] usb 2-1: Manufacturer: syz
[  608.351375][ T5914] usb 2-1: SerialNumber: syz
[  608.388328][ T5914] usb 2-1: config 0 descriptor??
[  608.737301][ T5914] radio-si470x 2-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  608.748728][ T5914] radio-si470x 2-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  608.764258][T11017] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1316'.
[  608.784735][   T24] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  608.930551][ T5914] radio-si470x 2-1:0.0: software version 0, hardware version 0
[  608.946444][ T5914] radio-si470x 2-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  608.962552][ T5914] radio-si470x 2-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  609.024482][   T24] usb 1-1: Using ep0 maxpacket: 32
[  609.031661][   T24] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  609.040772][   T24] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  609.067185][   T24] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  609.086020][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  609.102319][   T24] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  609.126735][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  609.149986][ T5914] radio-si470x 2-1:0.0: submitting int urb failed (-90)
[  609.209119][   T24] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  609.227296][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.254320][   T24] usb 1-1: config 0 descriptor??
[  609.482249][   T24] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 38 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  609.537319][   T24] usb 1-1: USB disconnect, device number 38
[  609.556826][ T5914] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71
[  609.571441][   T24] usblp0: removed
[  609.575378][ T5914] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22
[  609.608437][ T5914] usb 2-1: USB disconnect, device number 44
[  609.683623][T11013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1315'.
[  609.711558][T11013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1315'.
[  609.724642][T11013] netlink: 'syz.0.1315': attribute type 14 has an invalid length.
[  609.744235][T11013] netlink: 'syz.0.1315': attribute type 13 has an invalid length.
[  610.007376][T11030] netlink: 14220 bytes leftover after parsing attributes in process `syz.3.1320'.
[  610.034798][   T24] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  610.224512][   T24] usb 1-1: device descriptor read/64, error -71
[  610.474578][   T24] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  610.614585][   T24] usb 1-1: device descriptor read/64, error -71
[  610.727016][   T24] usb usb1-port1: attempt power cycle
[  610.750754][T11038] syzkaller0: entered promiscuous mode
[  610.771029][T11038] syzkaller0: entered allmulticast mode
[  611.095674][   T24] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  611.135549][   T24] usb 1-1: device descriptor read/8, error -71
[  611.364560][  T981] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  611.376414][   T24] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  611.436491][   T24] usb 1-1: device descriptor read/8, error -71
[  611.617992][   T24] usb usb1-port1: unable to enumerate USB device
[  611.635332][  T981] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  611.726053][  T981] usb 3-1: config 1 has an invalid descriptor of length 28, skipping remainder of the config
[  611.845214][  T981] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  611.856962][  T981] usb 3-1: config 1 has no interface number 0
[  611.867582][  T981] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  611.943150][  T981] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  611.976482][  T981] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  611.986117][  T981] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  611.994583][  T981] usb 3-1: Product: syz
[  611.999315][  T981] usb 3-1: Manufacturer: syz
[  612.060659][  T981] usb 3-1: SerialNumber: syz
[  612.885625][T11068] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1328'.
[  613.422079][   T24] usb 3-1: USB disconnect, device number 43
[  614.050619][   T30] audit: type=1326 audit(1759821624.061:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.2.1330" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa7e0d8eec9 code=0x0
[  616.679066][T11085] netlink: 14220 bytes leftover after parsing attributes in process `syz.2.1332'.
[  617.985787][T11104] loop2: detected capacity change from 0 to 7
[  618.037913][ T5863] Dev loop2: unable to read RDB block 7
[  618.063976][ T5863]  loop2: AHDI p1 p2 p3
[  618.169897][ T5863] loop2: partition table partially beyond EOD, truncated
[  618.181360][ T5863] loop2: p1 start 1601398130 is beyond EOD, truncated
[  618.189852][ T5863] loop2: p2 start 1702059890 is beyond EOD, truncated
[  618.207002][T11104] Dev loop2: unable to read RDB block 7
[  618.212756][T11104]  loop2: AHDI p1 p2 p3
[  618.218417][T11104] loop2: partition table partially beyond EOD, truncated
[  618.226286][T11104] loop2: p1 start 1601398130 is beyond EOD, truncated
[  618.233288][T11104] loop2: p2 start 1702059890 is beyond EOD, truncated
[  618.284350][ T5212] Dev loop2: unable to read RDB block 7
[  618.483989][ T5212]  loop2: AHDI p1 p2 p3
[  618.898890][ T5212] loop2: partition table partially beyond EOD, truncated
[  618.931096][ T5212] loop2: p1 start 1601398130 is beyond EOD, truncated
[  618.976204][ T5212] loop2: p2 start 1702059890 is beyond EOD, truncated
[  619.734737][  T981] usb 4-1: new low-speed USB device number 42 using dummy_hcd
[  619.918583][  T981] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  619.948092][  T981] usb 4-1: config 0 has no interface number 0
[  619.994464][  T981] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  620.129320][  T981] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  620.180160][  T981] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  620.230763][  T981] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  620.456084][T11130] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1343'.
[  620.806073][  T981] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  620.844262][  T981] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  620.990950][T11134] netlink: 14220 bytes leftover after parsing attributes in process `syz.4.1346'.
[  621.127654][  T981] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  621.144775][  T981] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.163165][  T981] usb 4-1: config 0 descriptor??
[  621.212723][T11119] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  621.254674][T11119] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  621.280494][  T981] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  621.499195][T11119] ldusb 4-1:0.55: Write buffer overflow, 5 bytes dropped
[  621.526126][   T24] usb 4-1: USB disconnect, device number 42
[  621.551127][   T24] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  621.790873][T11163] 8021q: adding VLAN 0 to HW filter on device batadv5
[  621.858335][T11163] team0: Port device batadv5 added
[  621.934743][T11167] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.1352'.
[  621.951418][T11167] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  621.966689][T11167] CPU: 0 UID: 0 PID: 11167 Comm: syz.4.1352 Not tainted syzkaller #0 PREEMPT(full) 
[  621.966722][T11167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  621.966736][T11167] Call Trace:
[  621.966746][T11167]  <TASK>
[  621.966766][T11167]  dump_stack_lvl+0x189/0x250
[  621.966804][T11167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  621.966833][T11167]  ? __pfx__printk+0x10/0x10
[  621.966872][T11167]  ? kernfs_path_from_node+0x2f/0x290
[  621.966901][T11167]  ? kernfs_path_from_node+0x250/0x290
[  621.966926][T11167]  ? kernfs_path_from_node+0x2f/0x290
[  621.966960][T11167]  sysfs_warn_dup+0x8e/0xa0
[  621.966988][T11167]  sysfs_do_create_link_sd+0xc0/0x110
[  621.967021][T11167]  device_add_class_symlinks+0x1cf/0x240
[  621.967060][T11167]  device_add+0x475/0xb50
[  621.967096][T11167]  wiphy_register+0x1c81/0x2aa0
[  621.967145][T11167]  ? __pfx_wiphy_register+0x10/0x10
[  621.967174][T11167]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  621.967208][T11167]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  621.967238][T11167]  ieee80211_register_hw+0x3473/0x40d0
[  621.967282][T11167]  ? ieee80211_register_hw+0x14b1/0x40d0
[  621.967320][T11167]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  621.967342][T11167]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  621.967372][T11167]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  621.967396][T11167]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  621.967430][T11167]  ? __hrtimer_setup+0x187/0x210
[  621.967456][T11167]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  621.967491][T11167]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  621.967555][T11167]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  621.967581][T11167]  ? trace_kmalloc+0x1f/0xd0
[  621.967608][T11167]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  621.967641][T11167]  ? kstrndup+0xbf/0x160
[  621.967680][T11167]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  621.967716][T11167]  ? __pfx___nla_validate_parse+0x10/0x10
[  621.967803][T11167]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  621.967840][T11167]  ? rcu_is_watching+0x15/0xb0
[  621.967874][T11167]  ? __nla_parse+0x40/0x60
[  621.967901][T11167]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  621.967935][T11167]  genl_family_rcv_msg_doit+0x215/0x300
[  621.967968][T11167]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  621.968009][T11167]  ? bpf_lsm_capable+0x9/0x20
[  621.968036][T11167]  ? security_capable+0x7e/0x2e0
[  621.968075][T11167]  genl_rcv_msg+0x60e/0x790
[  621.968105][T11167]  ? __pfx_genl_rcv_msg+0x10/0x10
[  621.968127][T11167]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  621.968155][T11167]  ? __asan_memcpy+0x40/0x70
[  621.968185][T11167]  ? __pfx_ref_tracker_free+0x10/0x10
[  621.968227][T11167]  netlink_rcv_skb+0x208/0x470
[  621.968251][T11167]  ? __lock_acquire+0xab9/0xd20
[  621.968276][T11167]  ? __pfx_genl_rcv_msg+0x10/0x10
[  621.968300][T11167]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  621.968354][T11167]  ? down_read+0x1ad/0x2e0
[  621.968386][T11167]  genl_rcv+0x28/0x40
[  621.968418][T11167]  netlink_unicast+0x82c/0x9e0
[  621.968456][T11167]  ? __pfx_netlink_unicast+0x10/0x10
[  621.968485][T11167]  ? netlink_sendmsg+0x642/0xb30
[  621.968509][T11167]  ? skb_put+0x11b/0x210
[  621.968540][T11167]  netlink_sendmsg+0x805/0xb30
[  621.968579][T11167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  621.968613][T11167]  ? aa_sock_msg_perm+0xf1/0x1d0
[  621.968647][T11167]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  621.968669][T11167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  621.968699][T11167]  __sock_sendmsg+0x21c/0x270
[  621.968728][T11167]  ____sys_sendmsg+0x505/0x830
[  621.968776][T11167]  ? __pfx_____sys_sendmsg+0x10/0x10
[  621.968819][T11167]  ? import_iovec+0x74/0xa0
[  621.968852][T11167]  ___sys_sendmsg+0x21f/0x2a0
[  621.968886][T11167]  ? __pfx____sys_sendmsg+0x10/0x10
[  621.968966][T11167]  ? __fget_files+0x2a/0x420
[  621.968988][T11167]  ? __fget_files+0x3a0/0x420
[  621.969024][T11167]  __x64_sys_sendmsg+0x19b/0x260
[  621.969058][T11167]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  621.969104][T11167]  ? rcu_is_watching+0x15/0xb0
[  621.969139][T11167]  ? do_syscall_64+0xbe/0x3b0
[  621.969172][T11167]  do_syscall_64+0xfa/0x3b0
[  621.969197][T11167]  ? lockdep_hardirqs_on+0x9c/0x150
[  621.969221][T11167]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.969243][T11167]  ? clear_bhb_loop+0x60/0xb0
[  621.969271][T11167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.969292][T11167] RIP: 0033:0x7fd77658eec9
[  621.969311][T11167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  621.969330][T11167] RSP: 002b:00007fd773fb0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  621.969353][T11167] RAX: ffffffffffffffda RBX: 00007fd7767e6360 RCX: 00007fd77658eec9
[  621.969369][T11167] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000a
[  621.969383][T11167] RBP: 00007fd776611f91 R08: 0000000000000000 R09: 0000000000000000
[  621.969396][T11167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  621.969409][T11167] R13: 00007fd7767e63f8 R14: 00007fd7767e6360 R15: 00007fd77690fa28
[  621.969446][T11167]  </TASK>
[  623.074789][T11174] loop2: detected capacity change from 0 to 7
[  623.082145][T11174] Dev loop2: unable to read RDB block 7
[  623.088011][T11174]  loop2: AHDI p1 p2 p3
[  623.101909][T11174] loop2: partition table partially beyond EOD, truncated
[  623.115981][T11174] loop2: p1 start 1601398130 is beyond EOD, truncated
[  623.123209][T11174] loop2: p2 start 1702059890 is beyond EOD, truncated
[  624.675122][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.683792][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  625.287746][T11206] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1363'.
[  625.991099][T11219] loop2: detected capacity change from 0 to 7
[  626.174706][T11219] Dev loop2: unable to read RDB block 7
[  626.182728][T11219]  loop2: AHDI p1 p2 p3
[  626.191269][T11219] loop2: partition table partially beyond EOD, truncated
[  626.204658][T11219] loop2: p1 start 1601398130 is beyond EOD, truncated
[  626.217644][T11219] loop2: p2 start 1702059890 is beyond EOD, truncated
[  629.794561][T11268] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1379'.
[  629.803769][T11268] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1379'.
[  630.091098][T11274] 8021q: adding VLAN 0 to HW filter on device batadv5
[  630.109054][T11274] team0: Port device batadv5 added
[  630.230329][T11274] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1378'.
[  630.256696][T11274] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²iF=#'
[  630.267825][T11274] CPU: 0 UID: 0 PID: 11274 Comm: syz.1.1378 Not tainted syzkaller #0 PREEMPT(full) 
[  630.267857][T11274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  630.267871][T11274] Call Trace:
[  630.267881][T11274]  <TASK>
[  630.267892][T11274]  dump_stack_lvl+0x189/0x250
[  630.267930][T11274]  ? __pfx_dump_stack_lvl+0x10/0x10
[  630.267959][T11274]  ? __pfx__printk+0x10/0x10
[  630.267996][T11274]  ? __rcu_read_unlock+0x84/0xe0
[  630.268021][T11274]  ? kernfs_path_from_node+0x2f/0x290
[  630.268051][T11274]  ? kernfs_path_from_node+0x250/0x290
[  630.268078][T11274]  ? kernfs_path_from_node+0x2f/0x290
[  630.268112][T11274]  sysfs_warn_dup+0x8e/0xa0
[  630.268140][T11274]  sysfs_do_create_link_sd+0xc0/0x110
[  630.268173][T11274]  device_add_class_symlinks+0x1cf/0x240
[  630.268211][T11274]  device_add+0x475/0xb50
[  630.268249][T11274]  wiphy_register+0x1c81/0x2aa0
[  630.268303][T11274]  ? __pfx_wiphy_register+0x10/0x10
[  630.268333][T11274]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  630.268367][T11274]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  630.268396][T11274]  ieee80211_register_hw+0x3473/0x40d0
[  630.268441][T11274]  ? ieee80211_register_hw+0x14b1/0x40d0
[  630.268489][T11274]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  630.268512][T11274]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  630.268543][T11274]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  630.268567][T11274]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  630.268601][T11274]  ? __hrtimer_setup+0x187/0x210
[  630.268627][T11274]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  630.268664][T11274]  mac80211_hwsim_new_radio+0x2f7a/0x5220
[  630.268729][T11274]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  630.268754][T11274]  ? trace_kmalloc+0x1f/0xd0
[  630.268783][T11274]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  630.268818][T11274]  ? kstrndup+0xbf/0x160
[  630.268857][T11274]  hwsim_new_radio_nl+0xf5b/0x1bd0
[  630.268893][T11274]  ? __pfx___nla_validate_parse+0x10/0x10
[  630.268936][T11274]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  630.268971][T11274]  ? rcu_is_watching+0x15/0xb0
[  630.269005][T11274]  ? __nla_parse+0x40/0x60
[  630.269033][T11274]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  630.269068][T11274]  genl_family_rcv_msg_doit+0x215/0x300
[  630.269101][T11274]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  630.269141][T11274]  ? bpf_lsm_capable+0x9/0x20
[  630.269170][T11274]  ? security_capable+0x7e/0x2e0
[  630.269209][T11274]  genl_rcv_msg+0x60e/0x790
[  630.269241][T11274]  ? __pfx_genl_rcv_msg+0x10/0x10
[  630.269262][T11274]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  630.269309][T11274]  netlink_rcv_skb+0x208/0x470
[  630.269335][T11274]  ? __lock_acquire+0xab9/0xd20
[  630.269361][T11274]  ? __pfx_genl_rcv_msg+0x10/0x10
[  630.269384][T11274]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  630.269438][T11274]  ? down_read+0x1ad/0x2e0
[  630.269479][T11274]  genl_rcv+0x28/0x40
[  630.269511][T11274]  netlink_unicast+0x82c/0x9e0
[  630.269549][T11274]  ? __pfx_netlink_unicast+0x10/0x10
[  630.269578][T11274]  ? netlink_sendmsg+0x642/0xb30
[  630.269605][T11274]  ? skb_put+0x11b/0x210
[  630.269639][T11274]  netlink_sendmsg+0x805/0xb30
[  630.269682][T11274]  ? __pfx_netlink_sendmsg+0x10/0x10
[  630.269715][T11274]  ? aa_sock_msg_perm+0xf1/0x1d0
[  630.269750][T11274]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  630.269774][T11274]  ? __pfx_netlink_sendmsg+0x10/0x10
[  630.269805][T11274]  __sock_sendmsg+0x21c/0x270
[  630.269834][T11274]  ____sys_sendmsg+0x505/0x830
[  630.269873][T11274]  ? __pfx_____sys_sendmsg+0x10/0x10
[  630.269917][T11274]  ? import_iovec+0x74/0xa0
[  630.269950][T11274]  ___sys_sendmsg+0x21f/0x2a0
[  630.269986][T11274]  ? __pfx____sys_sendmsg+0x10/0x10
[  630.270064][T11274]  ? __fget_files+0x2a/0x420
[  630.270085][T11274]  ? __fget_files+0x3a0/0x420
[  630.270116][T11274]  __x64_sys_sendmsg+0x19b/0x260
[  630.270141][T11274]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  630.270175][T11274]  ? rcu_is_watching+0x15/0xb0
[  630.270201][T11274]  ? do_syscall_64+0xbe/0x3b0
[  630.270225][T11274]  do_syscall_64+0xfa/0x3b0
[  630.270246][T11274]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.270261][T11274]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  630.270277][T11274]  ? clear_bhb_loop+0x60/0xb0
[  630.270298][T11274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.270313][T11274] RIP: 0033:0x7f11c9d8eec9
[  630.270329][T11274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  630.270345][T11274] RSP: 002b:00007f11cab40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  630.270368][T11274] RAX: ffffffffffffffda RBX: 00007f11c9fe6270 RCX: 00007f11c9d8eec9
[  630.270381][T11274] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 000000000000000a
[  630.270392][T11274] RBP: 00007f11c9e11f91 R08: 0000000000000000 R09: 0000000000000000
[  630.270402][T11274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  630.270412][T11274] R13: 00007f11c9fe6308 R14: 00007f11c9fe6270 R15: 00007f11ca10fa28
[  630.270440][T11274]  </TASK>
[  631.447152][T11284] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1382'.
[  631.788146][T11286] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1381'.
[  632.064509][ T5843] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  632.318958][ T5843] usb 1-1: Using ep0 maxpacket: 8
[  632.340079][ T5843] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  632.341763][T11295] FAULT_INJECTION: forcing a failure.
[  632.341763][T11295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  632.364305][T11295] CPU: 1 UID: 0 PID: 11295 Comm: syz.4.1385 Not tainted syzkaller #0 PREEMPT(full) 
[  632.364325][T11295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  632.364334][T11295] Call Trace:
[  632.364340][T11295]  <TASK>
[  632.364346][T11295]  dump_stack_lvl+0x189/0x250
[  632.364382][T11295]  ? __pfx____ratelimit+0x10/0x10
[  632.364418][T11295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  632.364444][T11295]  ? __pfx__printk+0x10/0x10
[  632.364488][T11295]  should_fail_ex+0x414/0x560
[  632.364525][T11295]  _copy_to_user+0x31/0xb0
[  632.364554][T11295]  simple_read_from_buffer+0xe1/0x170
[  632.364590][T11295]  proc_fail_nth_read+0x1b3/0x220
[  632.364621][T11295]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  632.364647][T11295]  ? rw_verify_area+0x2a6/0x4d0
[  632.364664][T11295]  ? __lock_acquire+0xab9/0xd20
[  632.364678][T11295]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  632.364695][T11295]  vfs_read+0x1fd/0xa30
[  632.364712][T11295]  ? fdget_pos+0x247/0x320
[  632.364728][T11295]  ? __pfx___mutex_lock+0x10/0x10
[  632.364744][T11295]  ? __pfx_vfs_read+0x10/0x10
[  632.364763][T11295]  ? __fget_files+0x2a/0x420
[  632.364778][T11295]  ? __fget_files+0x3a0/0x420
[  632.364789][T11295]  ? __fget_files+0x2a/0x420
[  632.364806][T11295]  ksys_read+0x145/0x250
[  632.364826][T11295]  ? __pfx_ksys_read+0x10/0x10
[  632.364842][T11295]  ? rcu_is_watching+0x15/0xb0
[  632.364862][T11295]  ? do_syscall_64+0xbe/0x3b0
[  632.364880][T11295]  do_syscall_64+0xfa/0x3b0
[  632.364894][T11295]  ? lockdep_hardirqs_on+0x9c/0x150
[  632.364908][T11295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.364920][T11295]  ? clear_bhb_loop+0x60/0xb0
[  632.364935][T11295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.364947][T11295] RIP: 0033:0x7fd77658d8dc
[  632.364960][T11295] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  632.364971][T11295] RSP: 002b:00007fd77737f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  632.364986][T11295] RAX: ffffffffffffffda RBX: 00007fd7767e5fa0 RCX: 00007fd77658d8dc
[  632.364995][T11295] RDX: 000000000000000f RSI: 00007fd77737f0a0 RDI: 0000000000000004
[  632.365003][T11295] RBP: 00007fd77737f090 R08: 0000000000000000 R09: 0000000000000000
[  632.365011][T11295] R10: 0000000000000036 R11: 0000000000000246 R12: 0000000000000001
[  632.365018][T11295] R13: 00007fd7767e6038 R14: 00007fd7767e5fa0 R15: 00007fd77690fa28
[  632.365038][T11295]  </TASK>
[  632.384521][ T5843] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  632.686558][T11298] ptrace attach of "./syz-executor exec"[5861] was attempted by "./syz-executor exec"[11298]
[  632.740423][T11297] syzkaller1: entered promiscuous mode
[  632.749961][T11297] syzkaller1: entered allmulticast mode
[  633.115363][T11307] netlink: 288 bytes leftover after parsing attributes in process `syz.1.1387'.
[  633.139641][ T5843] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  633.194481][ T5843] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  633.264455][ T5843] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  633.342414][T11313] syzkaller0: entered promiscuous mode
[  633.348231][T11313] syzkaller0: entered allmulticast mode
[  633.351813][T11316] FAULT_INJECTION: forcing a failure.
[  633.351813][T11316] name failslab, interval 1, probability 0, space 0, times 0
[  633.354442][ T5843] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.389196][T11317] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1392'.
[  633.418830][T11316] CPU: 1 UID: 0 PID: 11316 Comm: syz.2.1390 Not tainted syzkaller #0 PREEMPT(full) 
[  633.418851][T11316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  633.418859][T11316] Call Trace:
[  633.418865][T11316]  <TASK>
[  633.418871][T11316]  dump_stack_lvl+0x189/0x250
[  633.418893][T11316]  ? __pfx____ratelimit+0x10/0x10
[  633.418909][T11316]  ? __pfx_dump_stack_lvl+0x10/0x10
[  633.418924][T11316]  ? __pfx__printk+0x10/0x10
[  633.418946][T11316]  ? __pfx___might_resched+0x10/0x10
[  633.418965][T11316]  should_fail_ex+0x414/0x560
[  633.418987][T11316]  should_failslab+0xa8/0x100
[  633.419002][T11316]  __kmalloc_noprof+0xcb/0x7f0
[  633.419021][T11316]  ? ima_write_template_field_data+0x47/0x490
[  633.419038][T11316]  ? ima_eventdigest_init_common+0x141/0x3a0
[  633.419060][T11316]  ima_write_template_field_data+0x47/0x490
[  633.419083][T11316]  ima_eventname_init_common+0x1e0/0x240
[  633.419104][T11316]  ? __pfx_ima_eventname_init_common+0x10/0x10
[  633.419125][T11316]  ? rcu_is_watching+0x15/0xb0
[  633.419142][T11316]  ? trace_kmalloc+0x1f/0xd0
[  633.419159][T11316]  ? ima_alloc_init_template+0x172/0x6f0
[  633.419176][T11316]  ? __pfx_ima_eventname_ng_init+0x10/0x10
[  633.419194][T11316]  ima_alloc_init_template+0x310/0x6f0
[  633.419214][T11316]  ima_store_measurement+0x1b7/0x640
[  633.419235][T11316]  ? __pfx_ima_store_measurement+0x10/0x10
[  633.419248][T11316]  ? ima_d_path+0x189/0x250
[  633.419267][T11316]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  633.419292][T11316]  process_measurement+0x11eb/0x1a40
[  633.419317][T11316]  ? __pfx_process_measurement+0x10/0x10
[  633.419353][T11316]  ? tomoyo_find_next_domain+0x173e/0x1aa0
[  633.419378][T11316]  ima_bprm_check+0xfd/0x200
[  633.419393][T11316]  ? __pfx_ima_bprm_check+0x10/0x10
[  633.419404][T11316]  ? tomoyo_bprm_check_security+0xf0/0x180
[  633.419417][T11316]  ? tomoyo_bprm_check_security+0xf0/0x180
[  633.419429][T11316]  ? tomoyo_bprm_check_security+0xf0/0x180
[  633.419439][T11316]  ? tomoyo_bprm_check_security+0x162/0x180
[  633.419453][T11316]  security_bprm_check+0xd9/0x270
[  633.419471][T11316]  bprm_execve+0x8ee/0x1450
[  633.419499][T11316]  ? __pfx_bprm_execve+0x10/0x10
[  633.419518][T11316]  ? copy_string_kernel+0x25f/0x2a0
[  633.419538][T11316]  do_execveat_common+0x510/0x6a0
[  633.419565][T11316]  __x64_sys_execveat+0xc4/0xe0
[  633.419586][T11316]  do_syscall_64+0xfa/0x3b0
[  633.419601][T11316]  ? lockdep_hardirqs_on+0x9c/0x150
[  633.419615][T11316]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.419627][T11316]  ? clear_bhb_loop+0x60/0xb0
[  633.419642][T11316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.419654][T11316] RIP: 0033:0x7fa7e0d8eec9
[  633.419673][T11316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  633.419684][T11316] RSP: 002b:00007fa7e1d06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  633.419699][T11316] RAX: ffffffffffffffda RBX: 00007fa7e0fe5fa0 RCX: 00007fa7e0d8eec9
[  633.419709][T11316] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  633.419718][T11316] RBP: 00007fa7e1d06090 R08: 0000000000000000 R09: 0000000000000000
[  633.419726][T11316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  633.419733][T11316] R13: 00007fa7e0fe6038 R14: 00007fa7e0fe5fa0 R15: 00007fa7e110fa28
[  633.419753][T11316]  </TASK>
[  633.474577][   T30] audit: type=1804 audit(1759821643.431:343): pid=11316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.1390" name="/newroot/281/file1" dev="tmpfs" ino=1475 res=0 errno=0
[  634.068422][ T5843] usb 1-1: usb_control_msg returned -71
[  634.078302][ T5843] usbtmc 1-1:16.0: can't read capabilities
[  634.123445][ T5843] usb 1-1: USB disconnect, device number 43
[  634.599023][T11339] tipc: New replicast peer: 0.0.0.0
[  634.619435][T11339] tipc: Enabled bearer <udp:syz2>, priority 10
[  634.645646][T11339] ptrace attach of "./syz-executor exec"[5862] was attempted by "./syz-executor exec"[11339]
[  634.851803][T11340] kvm: emulating exchange as write
[  635.844655][T11347] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1400'.
[  636.178681][T11356] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1402'.
[  637.356295][T11372] netlink: 27 bytes leftover after parsing attributes in process `syz.1.1406'.
[  638.055422][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  638.338096][T11386] FAULT_INJECTION: forcing a failure.
[  638.338096][T11386] name failslab, interval 1, probability 0, space 0, times 0
[  638.372184][T11386] CPU: 0 UID: 0 PID: 11386 Comm: syz.4.1411 Not tainted syzkaller #0 PREEMPT(full) 
[  638.372213][T11386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  638.372225][T11386] Call Trace:
[  638.372233][T11386]  <TASK>
[  638.372242][T11386]  dump_stack_lvl+0x189/0x250
[  638.372273][T11386]  ? __pfx____ratelimit+0x10/0x10
[  638.372297][T11386]  ? __pfx_dump_stack_lvl+0x10/0x10
[  638.372323][T11386]  ? __pfx__printk+0x10/0x10
[  638.372358][T11386]  ? __pfx___might_resched+0x10/0x10
[  638.372383][T11386]  ? fs_reclaim_acquire+0x7d/0x100
[  638.372410][T11386]  should_fail_ex+0x414/0x560
[  638.372446][T11386]  should_failslab+0xa8/0x100
[  638.372471][T11386]  __kvmalloc_node_noprof+0x158/0x910
[  638.372493][T11386]  ? io_alloc_cache_init+0x42/0x140
[  638.372524][T11386]  io_alloc_cache_init+0x42/0x140
[  638.372550][T11386]  io_ring_ctx_alloc+0x497/0xc10
[  638.372587][T11386]  io_uring_create+0x14a/0xba0
[  638.372638][T11386]  __se_sys_io_uring_setup+0x264/0x270
[  638.372668][T11386]  ? __pfx___se_sys_io_uring_setup+0x10/0x10
[  638.372710][T11386]  ? rcu_is_watching+0x15/0xb0
[  638.372743][T11386]  ? do_syscall_64+0xbe/0x3b0
[  638.372775][T11386]  do_syscall_64+0xfa/0x3b0
[  638.372798][T11386]  ? lockdep_hardirqs_on+0x9c/0x150
[  638.372823][T11386]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.372845][T11386]  ? clear_bhb_loop+0x60/0xb0
[  638.372871][T11386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.372892][T11386] RIP: 0033:0x7fd77658eec9
[  638.372911][T11386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.372929][T11386] RSP: 002b:00007fd77737f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  638.372953][T11386] RAX: ffffffffffffffda RBX: 00007fd7767e5fa0 RCX: 00007fd77658eec9
[  638.372968][T11386] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[  638.372983][T11386] RBP: 00007fd77737f090 R08: 0000000000000000 R09: 0000000000000000
[  638.372995][T11386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  638.373007][T11386] R13: 00007fd7767e6038 R14: 00007fd7767e5fa0 R15: 00007fd77690fa28
[  638.373042][T11386]  </TASK>
[  638.725821][ T5935] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  638.977392][ T5935] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  638.986616][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.014603][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.036019][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.053758][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.073117][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.094507][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.112825][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.132161][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.163844][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.183132][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.212556][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.254553][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.265011][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.306719][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.344476][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.377115][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.387871][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.399704][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.416159][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.425342][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.444473][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.456231][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  639.604337][ T5935] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  639.645253][ T5935] usb 1-1: config 0 interface 0 has no altsetting 0
[  639.777748][ T5935] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  639.806161][ T5935] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  639.824569][ T5935] usb 1-1: Product: syz
[  639.839047][ T5935] usb 1-1: Manufacturer: syz
[  639.843905][ T5935] usb 1-1: SerialNumber: syz
[  639.875242][ T5935] usb 1-1: config 0 descriptor??
[  639.899973][ T5935] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[  640.201698][    C0] usb 1-1: yurex_control_callback - control failed: -71
[  640.202998][   T24] usb 1-1: USB disconnect, device number 44
[  640.248830][   T24] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  640.474945][T11382] 
[  640.477314][T11382] ======================================================
[  640.484443][T11382] WARNING: possible circular locking dependency detected
[  640.491548][T11382] syzkaller #0 Not tainted
[  640.495967][T11382] ------------------------------------------------------
[  640.502981][T11382] syz.0.1409/11382 is trying to acquire lock:
[  640.509130][T11382] ffff88801c2f0220 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9e/0x450
[  640.519400][T11382] 
[  640.519400][T11382] but task is already holding lock:
[  640.526861][T11382] ffff888142fa62c8 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: lo_ioctl+0x16cc/0x1c10
[  640.536764][T11382] 
[  640.536764][T11382] which lock already depends on the new lock.
[  640.536764][T11382] 
[  640.547342][T11382] 
[  640.547342][T11382] the existing dependency chain (in reverse order) is:
[  640.556653][T11382] 
[  640.556653][T11382] -> #2 (&q->q_usage_counter(io)#24){++++}-{0:0}:
[  640.565550][T11382]        lock_acquire+0x120/0x360
[  640.570679][T11382]        blk_alloc_queue+0x538/0x620
[  640.576144][T11382]        __blk_mq_alloc_disk+0x15c/0x340
[  640.581888][T11382]        loop_add+0x411/0xad0
[  640.586570][T11382]        loop_init+0xd9/0x170
[  640.591351][T11382]        do_one_initcall+0x233/0x820
[  640.596642][T11382]        do_initcall_level+0x104/0x190
[  640.602193][T11382]        do_initcalls+0x59/0xa0
[  640.607217][T11382]        kernel_init_freeable+0x334/0x4b0
[  640.613041][T11382]        kernel_init+0x1d/0x1d0
[  640.617903][T11382]        ret_from_fork+0x436/0x7d0
[  640.623109][T11382]        ret_from_fork_asm+0x1a/0x30
[  640.628492][T11382] 
[  640.628492][T11382] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  640.635712][T11382]        lock_acquire+0x120/0x360
[  640.640829][T11382]        fs_reclaim_acquire+0x72/0x100
[  640.646467][T11382]        kmem_cache_alloc_noprof+0x45/0x6e0
[  640.652373][T11382]        __kernfs_iattrs+0xd9/0x320
[  640.657577][T11382]        kernfs_iop_setattr+0xea/0x3f0
[  640.663042][T11382]        notify_change+0xc1a/0xf40
[  640.668171][T11382]        do_truncate+0x1a4/0x220
[  640.673135][T11382]        path_openat+0x306c/0x3830
[  640.678261][T11382]        do_filp_open+0x1fa/0x410
[  640.683299][T11382]        do_sys_openat2+0x121/0x1c0
[  640.688529][T11382]        __x64_sys_openat+0x138/0x170
[  640.693909][T11382]        do_syscall_64+0xfa/0x3b0
[  640.698939][T11382]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.705358][T11382] 
[  640.705358][T11382] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[  640.713880][T11382]        validate_chain+0xb9b/0x2140
[  640.719172][T11382]        __lock_acquire+0xab9/0xd20
[  640.724475][T11382]        lock_acquire+0x120/0x360
[  640.729517][T11382]        down_read+0x46/0x2e0
[  640.734290][T11382]        kernfs_iop_getattr+0x9e/0x450
[  640.739753][T11382]        vfs_getattr_nosec+0x2e1/0x430
[  640.745398][T11382]        loop_assign_backing_file+0x222/0x400
[  640.751531][T11382]        lo_ioctl+0x1738/0x1c10
[  640.756552][T11382]        blkdev_ioctl+0x5ac/0x6d0
[  640.761578][T11382]        __se_sys_ioctl+0xf9/0x170
[  640.766786][T11382]        do_syscall_64+0xfa/0x3b0
[  640.771818][T11382]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.778330][T11382] 
[  640.778330][T11382] other info that might help us debug this:
[  640.778330][T11382] 
[  640.788576][T11382] Chain exists of:
[  640.788576][T11382]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#24
[  640.788576][T11382] 
[  640.803029][T11382]  Possible unsafe locking scenario:
[  640.803029][T11382] 
[  640.810663][T11382]        CPU0                    CPU1
[  640.816495][T11382]        ----                    ----
[  640.821874][T11382]   lock(&q->q_usage_counter(io)#24);
[  640.827525][T11382]                                lock(fs_reclaim);
[  640.834030][T11382]                                lock(&q->q_usage_counter(io)#24);
[  640.842019][T11382]   rlock(&root->kernfs_iattr_rwsem);
[  640.847426][T11382] 
[  640.847426][T11382]  *** DEADLOCK ***
[  640.847426][T11382] 
[  640.855572][T11382] 3 locks held by syz.0.1409/11382:
[  640.860767][T11382]  #0: ffff88802479d440 (&lo->lo_mutex){+.+.}-{4:4}, at: lo_ioctl+0x11c1/0x1c10
[  640.869835][T11382]  #1: ffff888142fa62c8 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: lo_ioctl+0x16cc/0x1c10
[  640.880117][T11382]  #2: ffff888142fa6300 (&q->q_usage_counter(queue)#8){+.+.}-{0:0}, at: lo_ioctl+0x16cc/0x1c10
[  640.890520][T11382] 
[  640.890520][T11382] stack backtrace:
[  640.896496][T11382] CPU: 1 UID: 0 PID: 11382 Comm: syz.0.1409 Not tainted syzkaller #0 PREEMPT(full) 
[  640.896523][T11382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  640.896535][T11382] Call Trace:
[  640.896541][T11382]  <TASK>
[  640.896549][T11382]  dump_stack_lvl+0x189/0x250
[  640.896574][T11382]  ? __pfx_dump_stack_lvl+0x10/0x10
[  640.896594][T11382]  ? __pfx__printk+0x10/0x10
[  640.896621][T11382]  print_circular_bug+0x2ee/0x310
[  640.896646][T11382]  check_noncircular+0x134/0x160
[  640.896670][T11382]  validate_chain+0xb9b/0x2140
[  640.896692][T11382]  ? tomoyo_path_perm+0x1e3/0x4b0
[  640.896717][T11382]  __lock_acquire+0xab9/0xd20
[  640.896737][T11382]  ? kernfs_iop_getattr+0x9e/0x450
[  640.896756][T11382]  lock_acquire+0x120/0x360
[  640.896772][T11382]  ? kernfs_iop_getattr+0x9e/0x450
[  640.896794][T11382]  down_read+0x46/0x2e0
[  640.896815][T11382]  ? kernfs_iop_getattr+0x9e/0x450
[  640.896837][T11382]  kernfs_iop_getattr+0x9e/0x450
[  640.896860][T11382]  vfs_getattr_nosec+0x2e1/0x430
[  640.896880][T11382]  loop_assign_backing_file+0x222/0x400
[  640.896899][T11382]  ? __pfx_loop_assign_backing_file+0x10/0x10
[  640.896916][T11382]  ? schedule+0x91/0x360
[  640.896937][T11382]  ? percpu_ref_kill_and_confirm+0xa3/0x130
[  640.896956][T11382]  lo_ioctl+0x1738/0x1c10
[  640.896975][T11382]  ? __pfx_lo_ioctl+0x10/0x10
[  640.896990][T11382]  ? ima_match_policy+0x10b/0x2150
[  640.897010][T11382]  ? ima_match_policy+0x20c3/0x2150
[  640.897028][T11382]  ? kernel_text_address+0xa5/0xe0
[  640.897044][T11382]  ? unwind_get_return_address+0x4d/0x90
[  640.897072][T11382]  ? __lock_acquire+0xab9/0xd20
[  640.897090][T11382]  ? __lock_acquire+0xab9/0xd20
[  640.897110][T11382]  ? __lock_acquire+0xab9/0xd20
[  640.897131][T11382]  ? __lock_acquire+0xab9/0xd20
[  640.897153][T11382]  ? is_bpf_text_address+0x26/0x2b0
[  640.897174][T11382]  ? is_bpf_text_address+0x292/0x2b0
[  640.897191][T11382]  ? is_bpf_text_address+0x26/0x2b0
[  640.897210][T11382]  ? kernel_text_address+0xa5/0xe0
[  640.897225][T11382]  ? __kernel_text_address+0xd/0x40
[  640.897240][T11382]  ? unwind_get_return_address+0x4d/0x90
[  640.897260][T11382]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  640.897285][T11382]  ? arch_stack_walk+0xfc/0x150
[  640.897310][T11382]  ? stack_trace_save+0x9c/0xe0
[  640.897332][T11382]  ? __pfx_stack_trace_save+0x10/0x10
[  640.897355][T11382]  ? stack_depot_save_flags+0x40/0x860
[  640.897380][T11382]  ? kasan_save_track+0x4f/0x80
[  640.897402][T11382]  ? kasan_save_track+0x3e/0x80
[  640.897424][T11382]  ? __kasan_save_free_info+0x46/0x50
[  640.897442][T11382]  ? __kasan_slab_free+0x5c/0x80
[  640.897456][T11382]  ? kfree+0x19a/0x6d0
[  640.897475][T11382]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  640.897493][T11382]  ? security_file_ioctl+0xcb/0x2d0
[  640.897517][T11382]  ? __se_sys_ioctl+0x47/0x170
[  640.897537][T11382]  ? do_syscall_64+0xfa/0x3b0
[  640.897556][T11382]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.897580][T11382]  ? __asan_memset+0x22/0x50
[  640.897600][T11382]  ? blk_get_meta_cap+0x18c/0x750
[  640.897625][T11382]  ? __pfx_blk_get_meta_cap+0x10/0x10
[  640.897648][T11382]  ? lockdep_hardirqs_on+0x9c/0x150
[  640.897667][T11382]  ? blkdev_common_ioctl+0xff7/0x2550
[  640.897682][T11382]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  640.897703][T11382]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  640.897718][T11382]  ? do_vfs_ioctl+0xbe8/0x1430
[  640.897739][T11382]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  640.897763][T11382]  ? __lock_acquire+0xab9/0xd20
[  640.897785][T11382]  ? __pfx_lo_ioctl+0x10/0x10
[  640.897801][T11382]  blkdev_ioctl+0x5ac/0x6d0
[  640.897816][T11382]  ? __pfx_blkdev_ioctl+0x10/0x10
[  640.897829][T11382]  ? __fget_files+0x2a/0x420
[  640.897845][T11382]  ? bpf_lsm_file_ioctl+0x9/0x20
[  640.897865][T11382]  ? __pfx_blkdev_ioctl+0x10/0x10
[  640.897878][T11382]  __se_sys_ioctl+0xf9/0x170
[  640.897899][T11382]  do_syscall_64+0xfa/0x3b0
[  640.897919][T11382]  ? lockdep_hardirqs_on+0x9c/0x150
[  640.897936][T11382]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.897951][T11382]  ? clear_bhb_loop+0x60/0xb0
[  640.897968][T11382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.897984][T11382] RIP: 0033:0x7f911b98eec9
[  640.898000][T11382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.898014][T11382] RSP: 002b:00007f911c7fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  640.898032][T11382] RAX: ffffffffffffffda RBX: 00007f911bbe5fa0 RCX: 00007f911b98eec9
[  640.898045][T11382] RDX: 0000000000000008 RSI: 0000000000004c06 RDI: 0000000000000004
[  640.898055][T11382] RBP: 00007f911ba11f91 R08: 0000000000000000 R09: 0000000000000000
[  640.898066][T11382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  640.898076][T11382] R13: 00007f911bbe6038 R14: 00007f911bbe5fa0 R15: 00007f911bd0fa28
[  640.898093][T11382]  </TASK>