last executing test programs:

31.316132233s ago: executing program 0 (id=2272):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x2, 0x2)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="8c0000001000370400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000006c0012800e00010069703665727370616e000000580002801400060020010000000000000000000000000002050016000100000014000700fc020000000000000000000000000000040012"], 0x8c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b0400150000000000000200000044000480400001800a0001006d6174636800000030000280080002400000000118000300c6a41d106c72000eea000000000000000f0000000a0001006f776e65720000000900010073797a30000000000900020073797a32"], 0x98}}, 0x4048010)
timer_create(0x2, 0x0, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)
r5 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x45e, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x7, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f0000000180)={0x2c, &(0x7f0000000e00)={0x0, 0xc, 0x5, {0x5, 0x4, "6d4c90"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
r6 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x8c36, 0x3c00, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r7=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r9 = syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r8, &(0x7f0000006340)={0x2020, 0x0, <r10=>0x0, <r11=>0x0, <r12=>0x0}, 0x2058)
write$FUSE_LSEEK(r8, &(0x7f00000021c0)={0x18, 0x0, r10, {0x7}}, 0x18)
read$FUSE(r8, &(0x7f0000000100)={0x2020, 0x0, <r13=>0x0}, 0x2020)
syz_fuse_handle_req(r8, &(0x7f0000002300)="716652f8fb7f8913de3f2610b3095ecddf1a7671c58be2cfb3cb385c0242aac0b880daa5bac0c64808ea74de797b362eabb25aaa60685a9fb874ffe68798a648fbca9e2435aa094bedcbf62a64f06d21a0e2d7e02fac8cddb729523a7ca866c0ba48d60f224e34b4632900c22b0ed68b0dd1eb2d72c073e48992078922fe88da85a54cc2c657ab1ed59b1b11ee82b2358cc6e2465d9ea0df865adb099824b790fad8be5929dc764cb585b65b70ea145440793080e0044482e27ce1d27470ae1d77f655aaca706263d54b92a4fe35667fc9fd8075fc715ed090f73be385bbd7f381b2ccf542544004d1aeae2d0fa7b00b9dce7de9e55e09bf34ba26523c8f96afbb8181c95f8fdac3609aaed5471166053ca5b8d438f48993377ccbefe07dd57b11088b40e650b850f6ca357288fb1b429591241052f3ae92482e18902dacba6a8ee3f4127c3ac0fc50a8164a6159cabafed2c3d6ec3d22ac005d6a476c69f5702bea20a93edf9f02d5555490037d609af349dd7b465f52a038c4dda4ef2b7488234dd51d04e65609b54fc6356f5beb86805dc62d5600e071dbcd733517e47f96f59129115e9a62f3f9d0fee7e22c751df77785ae506987a963911f391214571acf754975f0150958fb776277df1b03e286d9257efc24c99fb5e95c3021b34f2553b929b45385e851c26d1538e0431155c4768548a7e13fb3dd8ca24f862fcb67332a6ee6d6d809f46ae4aee57fb2fa6de5df31c766c2096e57507dca90609b1a6bc07e3367ed2c638acbcdb14ccb4158c49779a261be636f88b968b430cf46353d30672673bda832562431876aa2bbba78d1d7397ca9ece2f91ac8046fd6a43c2051cabf56755000ec276d1e51ca36d58aa15be63420af53ce0db156d3ad3d181aceef983c0da85a8aada25620255a203a7ef836855f860e7db5364dcd16a3e6511f81fcd7604bce3dd1f7d72684062078cd7158bdeb78191d4b0b7a8f48ec3065ce87a8fc851eebd363534b48e99f65ebbba2bc3664fa92eb0200857668f58888d39becd5a8429f3ad1fb4ab3d3e8dcec35ff8653f4656fac9d76ad5d98d30c2e82d0ae241e2ef53993e7133a9a830ce063ab4fea1a5beb704bb722552ed072643a89fc38c826deb9e9f47cfff7e06417ec367aa4c6bebd5bc5ae536d24bec30b918cbcf7a1c3341d36e7785ce0dbe404bb194d857c7cdced7c776d160151773bfa9b37c9576c4c7da7ef0f15d5dbe0e2d92503b3df09887db8164e9b264548dd15e24136ed71a51d03803a52eef0d3a93fde418cea9ff189a23dcf03da8fe8032f907571465cd6b6940097a798d0a2b914f66d39fa0d4b2ba81864401bf5310a9976b0385dee4d6e71dc0ef7efe2df7a4349ce074e2657afb0074377bc71c3b3c1d8a7a28c6db0e2b13870e061ee76e64f00f2ecb6191d6cae07122f3369dd6d15465e20b5e85e3faa8459d9d2b5ca83b4302117abc7928659cdfa2791b5528129d99b65f4735663d2c3973e5811564b89b985200167dbc8161a152f4f1d331e41a089008d17802a70fe8f967e79833a90d9349e3654a1c1c0866da727470f0e73a2f0258e71e7c19b61f620116f37576dc201fad2c5c49dfa728070b1f047a1610c8df0e04393534b6a6319dc7f0ae057b84300995cfa5e86b7b00998232e04116552fe341df516ba29a871bf9408badb690d1f5d2955f07f986f6d4cd5f1f383d34ce389faf97299c6692e77f180d3667fabd0e7b0bc5a20c8afbc3508fcad69db85dbb0a9b00452072868d1dcac41abf85e06289aeb6618ff068684483f95674bd752388457ef64862d973554e2aade6e044999ce05aa4b2514a1c5021b990b5c2da636969bf5daa415e4c7f6a00d24e50f005f875f59645839ff34e09929e7768f2d63a0a2acc361cde9182b0a681dc7f37e65fdc41da11e5b28698ba7060a3efe52cc2b8e35a8d3c0082a332772bac28c0b807ae13378bdb725f084d372e069fac920b17fad9277717850160834d8dbb053af9d9e58029ed787d8a08a9b6d13b0e4c4ce793146fe1390e57c28e91e5eebcf7b100a728d2840aac337cf03551232658ca9a6fde08fae45492db7ca1986872cec1178b289e7619073c0ce96b6a8b698428ccebfda5a1a9eac09b23c8caa68707aa1335341210b02f7bae0dbd12169a463ff517f66afa79e572601548bd584d15f84afff07c8c7498d675f7c208ea66237e73c7787591c0384a57c5ee2d9637ccc8e464bfd1d1bd2568aa962e5cb889b6e106a1091d4389beeaac7e929da634647810d50b4d6900052f6981faf7ce8a866c43d6fa2faf72ede340f5b372b56aa1a5fb2e702a3fb51bd7cb5514c5528817fd7ddb4f610fc0f3646d05d2c668afc31fc7a95c7a8a6c096833449d462dc3e6b2fc80f57913556005cda1b75a1b2e639658f3ab7b4a53bd7f48b9b8b0e84794063d2a5d484485219fb8e3dc5560d052b5047a16f61ff5f3590ce18d6a67768707f64c31cec013e107ea0264ff9a84ff43ceb54768b64b3c2da0dc3a1dea99c8d70b7ed7dea93cb970074bb45df40c7ceb8efd018d61df373481a8527d8b90ecc59f748c571f73e3a0d3bc5fccc5f8e12f3415d403715520c8153e63a68b414257d9298532585edae02cb555a44d2b13659768310975bbce32d402e34012c9bca9e7072d6e16ec65535a0778eb4c681776b6f8894b69cbd31f9cd1ab764d28c41b5548c8c1888c2485e8ad9375b568709de30420c300f30f0d070b8d3bb94ee9dd4a93ef69491bfeca0ec5210c8e0423b2f4d692db2ba9fe1a862e45974f47f12c89a380e77bccf6fff67455e181a04f421964b638ba939d7ec6d6fa6c0202db7aafdd918e1d94f753dc4a7f487f927050fd86762f373dadf9b1a0d3affde6c1e6e6d31538a1b4930eac42c228cad24ad97e34515be9457026603cace7744cc7174b6d05fc71b66202b13340caf05a51f440b803027026bff09a4f16db264a11ae0b31cb75ad5c25bbebddf90a2d82fb659d1d4ba5f287da78fde9d76c4e835b088d9dd33b736b2e3e581cb04b9d28c1f7a9e783b9d2afb2db4b1c1053516fd69b4e3f6e1b1ba2063ae58b0f31be09e1a870152aaa7eade4cf1c070a5c0f7c49873efc21645cbfddbb7b999923701db6fab245d148795e4b584c09ccef9714606789eef6425e198d3f1039910af1e0edec5af9ddc09c8794c2451b39b869a99dcd2d68d5b5f9bdf80a84a99d531bd52293140c581bfa270d3aa869909d0c56456ce1e2ff898497436b9b690afece518d2ada924e5f8c5f33ebb864f3ba606ed877f3db7c95e11ad5290a3c820db7d6f1db81626315f2651f7ef43e9da831776258408286c316612e99f2ff3eb160259de063529a71c0e989d69825fbe393f659f6e464ebe4e2abf7d1c4b237cb68bb7eea059f2b350aaa9fafd6aa9a4bec89fe616c264ea32dc64096879ad8d64c328f1ab11232ef703c6a2b6949318a730061cad2054772f9498e017461ab477712e1e0ef6ff597101af2b1be6ee9abfd2cc7ae01dfb3e824dea1956fb4e50947be8b2760032a600e31292a10bbbfde23c60c332513cb564cb10d7d6fd880ef10ea3770c14e3bd6a908baff0601e55691f5a26d36f365a127e8e10bffc9762e9120194a4374ce2b3372b1c989d1004a36bf8e06de6b79ca2c834f2a501e46855abfb0f1ecba0437298e99abfff4a894009341a1b912e070bae9c8ebc963871d4aa1d85feeb6b1be00b45ad04ad69f2c98320c74c3888b3c3663e836196a4ec6b5eecfd83b35c0d53a52c2680e6199bc183fc2ca471b8b9cfb6cbd50e317658aa63e8e4f297f28cec9ddb6dad5ae760f206de09a4c7c97e03ba5f855f962435f1d6e65fed81dbb49fad3c28bfb4bcdf9dad22b6f7eb29b69023e494ade7eba76d4cf24619595899697e7b9fcb1701846792e49c966de2e3602146c1eb51ffd7dd8157e7c585fce39f4217029846a24906b6a61666cf2a2889686b436889f25556458f054b3084beeff63313d05ccb90d330197a32949b71c44b0b1c1f31aebf23b149be900ac2c0651c145844589c6a02ee87cde5ab2600de511891e458d57c469233665ae012eea97b81471556a009373901eba42de403655441ff64945c56d8e255ce71711e8179b6a4fa09b1d14af359e66c3a3b7cbb1f00f7bdca4907f51831a0b542caa317e021adba19f70cfa7020896cec1a0324f3ff877b9da145fd624be5e43fce6fe58c9c57c907be545e75577654a63c4029de5f2a5973e231736b549bc30fea9f7961391ee2ff568ba9700c3209097d438b75ce88e41879a5664890848faeb99bdae726c3fd557e6aa707e39d040819fc2b7838232f49b3fa1aba34d4b40c66299c29389486295624b12722bf6f23466f070bda10890f1fac600bbce28f7b653a9c54d6dead28db2f90fc83757c10ccbf278b76f4eb56cd678e78a56694e2c9689190690108f103ad3e9ba1b906d5913a256c388c4144adb88a1b38cda623f110973b9070da9c7499ffc1d1c3c2b5280dc049aea949fbed1926f5ee680437da7eef53089bb7bd14d348ff4d4bbc4671d2aec67db06a515168e0a58ea687585836e42f39ad8b2807940e808313321cc782334ccb1fb85facabc0bd6254f908034993cf0b85ab3f8c7ef2f768804034c8a36f302c0f2c1475af360d58f025a0fb0a3029513c363e00d9976d2699285777389f9446ab23937ab45c7eed438a86e4ce9cd9b460e3e3069298c7ddebcca0361cb9c00ecd416d15fe91fe1a69d8c87cdfd8858679dba110a413f3ef5979fd5d489abd9b98c9ff28b20c12536b3a010cb05e69a3788c32f9166d441ebccd630cf1f2f9fbad6a92e45804832aa604365a4f2a1ca04b5d9d0f3e8cba35b3ff3abf62d4e347ac900c4b34bcb10b8f54cd78e872dc5e07eda298571c157dbc4eb05edb5c416b998010929019db32b3a59c595f7b2a47c4c5c0f15a9f19a7794bb53d5c9b3871381120845d6cf1d65284a33a48fbe9f0c5286a30f69e19a4ce8f3584be6894c7c84ff547829623981dc30ad7e08490dee72824206f1f5796c5dd3fa420fd2fb1ccd9d783fe3be3520ad8f7c75dc53bec0fb3e2e8d929b4f442e9c7c60dacfc040dd3c61579fdec62a0fab640af7ef3def0cc97f9be6e9e302372560c0755a60d6a92554777eca3777f0733983830c18198ed476acfb9f0b0587454fe3728978dd2c23f2d13d0a219d3c8338ca91b2b8d82d7c1b6968027439aca4ba5615b052c295b7c496f49489dc52e64745bb7abc1f4d56c3bdc313f26889f218c9f74e9d1495dba0926d0c27b119e1818ef6bc642738b83bed12cba94388937d77fcbb4b7880873787b76d8e64d9c3cc6d5972ba94bd586b9841e3db49907acb1fb92a9933ac0158456ec8c82a8066ab3731271307e8563c88f81e36f546334dd86a601404838798d0014aefd1e1d3676884f36dd3cf4e06b927fbff68427a079faa9905aa56f5f8da8968b09ee4aec105addb781af4d60440771656da3d4c359b0dfaa020b04424730ccc78f56c36e603c31a6e243a8932edfe4123da0d67f6b37cd776ca42b67fbc64da7333bde58229b11ddf770b6c8d2c5daad8de574fe50466929f8ceefecbf48949a901b62462b7ee7e27f08cb6c205d6339a216c28cad0f1953438af3fd1e48ee84ab6189abd1eb0818615d7c56d1776bee7e4975ab090ae96773ac0670dcc2545661996fe387029b6b00142518b10436ac8be6875b9f9bb9dfd83a5820bb75362acd08667f9524d8f0b181dc596da06c6a48d159644510b57d0bb08e18f4e16ab39715f1bd9359b1eec606082ad42d1abb2749d45b9211c1c16eef5d793dd88355117b2861e875e49a56820f9f562bc23a5a9823ceab79eea47fd0a595e2da2b098230aeaba3dd40be912a2f25b16787638c6c96678e5d6ce272bc1b2c916ac2371d16979ddd3173b98720861441257a42e91d02a465ce9715ebca36cc42cfb13d4e889bb5aece39481ac566e9ab2ee6c5bd03716f4e8024f44d125d12e30d01dab8a9495bc4ddd09aeb31d25dcdd8389edc1fb588e3fa8296eb239da969a21985c2477c0254243676e94b6ebc065cea97f12ce41544e207c7955b916f88fb4dd371b94afcb757477ad3aea693fcecb55db26d29f31e090da93a0e3ce57f3d62e87be7e97153b1d6f7f196344ce9219cffec204cc93c5f0d6876ce7981a54a050109c4859a312a3c6a0d447516fe5c1537ef1827d95c7a1e77d4179893f642b845e36003d742bdea1f2205346d2464be9a5de6648b324adf8106caa4bc26c6158582aaa30cefdd94491f669c86be1029b9bc44b6119786c2cd5ef67f13bcd7b08331330913ff438618c5392a7ad4b3351ee0224cf5658e793b531f07ad1978f5751b8071d2ab7f260738f6a58cf1c81f3f7a8e29b59291553d3f1799ce241a7f6cd9ba77d824f4d87906a2ec6f6e4450a76a3746cd48bd4d2e45d9372d049bf67bb353720f932bc487d060c8b2cdeb34efe93445f80bd0aa8a05c7abc4dbea7061be3c18fbde27226f07b6650d5deb2ce031f092f37c3d184aa4f707100f3d78fe985c03d3cbd7cb0d7c9ce62b85dbf791e791202536ea0915a46564308c3486e3405597bdfd346bd0f8b170063362ac01173cc548e7f73af6d0b11d294f8f1855af4fa4f8e4e339a5880ef478e940823cce5605351db19f03387ce0da5e41663a34e5a59f867b2018506e95d53f7f120a1c5502b48ceee706e96ace0d55ffbcb84e8ecef0d3a64c0b668344b914a0db82e2b1e8ff30186199c3532236f6b4003c55122b06e6054bdc5dc52bdaf39e5d6889db5fdda7bb0ac3443d6e2e3f20819e3006ecf49c810568f4acc3e35cea60b47e25c2c08fb82011992e73abbfcec5ed99328f0ad6dc6a96bcd825789d13894d8074c4fcf561bd0d93a55fcfaf7670ef27aef3e717b2b4029512b40d6df9d5692a7c7147b6d39f60690e0c6f26d2ae684b328dd77c7d65ddc34af8601d419139506948b6c70adea5de3596f044964a28e800ae19f9beef2c8d04fe064aec8e0476fc18e157f14cb074029099c3ef428b0154f1365f5a1bac47ae92de36747955525cbe021aa5f3f52fe9018b18f8c4f66b1f2c4571770d0a0b1dd7f371149a1a9fb319003bb32852d50b406a7f29265d2c85bdd8ddc461810060dae047206dbc800c23c38da8d3aad2ddd9e8b2a3228e9c93ee5f202dd4cffd6fb742e1753e62c07cfc518315bd5987fb5adc5b52607c35eff76e40b6c058073eba6574de0d407cc2e7229c2b19a9ad55a649931c806308f84ce8f1cedac4af7f14ce13ff1edb266d7b3ba565e1f9dbcd40b8a8637589bc9d8b05737a5a70c131c0d95a5bc2989d902a99a826086aa46f0fd34b8da25075696427dde979e55c4442f3db70777c197bf32b561209942494150d44c2ea266179cfe3b822ffc84c5b2d1575ba81291d22792720696fc011abdf1e12bd58b9abea1abc378575eca69fef35eec5f9db333167133cac6dddbb29462682896a496943abfee47458b061c9842aab0266f4b431bbdb897cc89afde03a3922ad5aa2a226aba93faec1231868b21968c5ae3ee39e477b4d0833bd39cc7c0d429e2d8df18f6ccff8cf2124dccbb46e7d36d4422d1def2786a25084ac2975b119741b6352a8c9ce28e707766fd92f99e8f085093f68d6f3a4fb921f011ead54ee959d4ee1126218bcaacdd5a69eb09da30918f3ae7f5e1bbe938cf39e35dd7fa81f495bcb2c9b007513bcc443c9e8ace7d5db23c53a655a889bf60d8abc13f16a4c609f2a0c620bde0a149fa6d8a182071a2b15a3d2c186b7588368d759ca54e82423cc5cabf9f6a48546330b090cfc60a4f7a822f4a0e1c7152b53213d8f33cc39ede2dce24a61d12cd9fae2ba309013108ee046812402ef3024ccb3f2634719ee8e6749a5681b35a5280f4990bf71ad9b03adff6029c64e32a3f00d1af4cb112cbc1a5e0fe3b9f35a123edb11bfee21dcb8cc400b8fa7822022f62f1c363498a39400c8ebf6ccece82351e4860abdd187319c6f766b5676fb92d95349c2e23d0a7f219c2ec7f62178cb8f8eb9608fc92df75ecadd64e52e7a0454d1007b0bef03854de3a6ee9ed27eec9432599a515eb660c51eb34f372b8fbd6a19e9127bc96838e41c11225629635fa68c9f8a26f18828870da6470770c004f06ce7904ae67ca3e8b22fd8340011c94499973224b0aabcc05d8644a21dacf0eba21add588a03f46c11871b7eca41fb889763316ba443b6075dd00ea174dbc0fd8ef8c77553fd37ef591665dd25eff97127e007d8029a17ab8ac3cc8984a56539bb28afd12f0554ae98191d604cc31f4a90fc50e2900a08ef4bc52320666138ce68213841788b262210ec09741bdbd084bfb346e237fe98483283c67f49b48321311ec02c6a2b2ad3c21b1faa04371faa4206622aa7eb4962c0e4a914ff5436055b0ac6a22df6bae8ed37ad5cb54f9ee020866ff842c346b36ad2ce7540230299bea80ab3c67a19b36ee781771e33052c444983fb6c4e71774cf205c752bb8261c43af479bb8ed70a996fbe04b23d96aa8f1d843354fe705268104a96c88d05687a7717da44f90688edf887bab5da7033b48ac7c52d6527b9a677e2a41ac14e8644aa559bb804e3e013c0dbedab897a67d5307acf8f7e13dac21b9c1c36a857d0caf235f0fd2667735683b9710fcbd87043c824107526ae77a238fae476771740871f2f1c1c7eede5d29627f54c3f5c1b8898b24b52066c6ca434eff9a440a8847623fb60d0c566e1ed9a9ffb2572c4ccb1f0906dc76ed92934ebe16edda8282cc536d173576305a772a49d9d6f129311161bf9e87fe6c3fbf37ddf307dd745cdfd57bb079cd6c40e9e609fbb5e6474e61fc865dc3bf8168929da3ef873b00d5975072cc006eb700ea514e927401d4b111a25c9bda6b3eda2e8fe55ec7eb69267ab0a297437d94b53f956af1d14b52138c114c97690a4bf243b3c2fb34a72458a1dc706902d664a43cbc9cd0b087968da26cfd14624e08bf0875bc84cadb079e74e667b614c3367c5099a509d2effedf167fc16e59bbae6c4fa9b26d61dffb67b8b2120af136a92c0febeb7c5257100afa4b98bd460d2854bb5e1379cd00d3ceb13500e054989f6c6820a1214e89db1d0647efcfdfbe870f0a4ba2423a18aac80f561c2bf731b1c7143514c2d32fdf2b8291519627e5f53516d96c504fea8e0fb324f5d7174a508d3e8fcf1fb0c4e5c05804439f206341ef69264e0e96fe285a605e0f5d00865ccd8a44984432f935b4f60d831d3ac4f4e31f24f29e87b7622a71be1c8f6b4619bdad9955b0a3b1c97b2ee1a036c387d8cb626c7cbf040174edfe0ccc790f0aa582d0cbcb44ee6509f89d4a0c272df9fdd9635d1911fc78adb2d141a488dd5fbea2560455f7a89435b0804d399cf5fbd86cfd65431182a336767697fd75adea142d4bd8255dbb08e336a0652e64e153b243937e163d18673f8445afa5443d943b3990b91cee3254a74111c8e209d845c64b9e11f2648bd406d7bc29a6ef923625cc7745e2b33ef79fbef48197138e52292bfaa3e35c2a5493e7ad8593235e06b4426e7958b12435ac36994e59ab077e012ac08d7f6953bb4d2d2287ba40ab76d160c913160055b34ae3796964dbc3ee18e00c486b862ec58c02185314b8837b2f7c0d590ec99fa0e8839c214c947dc775d8f57b9c6d8e281e99509a921a042fc8c2b17c6822a54b5fd6ea846a90288063381074bb428fff4a915900161c85d4fad83aa1ef8d13c129cf552ded8ef40c29dd324b532de311cab06132e47d0a9ab107f25857145ce4c6c297c32f568ff9dc67e11ec35a04ef51951320ce313b45f7ef00304ed6b4bef4e1e142b40792465333af4d3dd7c939e31c37797ef6cd1eb226d5431bc5548aa31d578d87f09b30a2757629a344832a5f5861069c885a278e2917e61035b34a5f9e233632d920866b7fa071f315c1f7f45d7b9a2eae43a6ea695b61aebde33ec8437512479a0f2285ebbc6b555019007b4a3985955c1d85b52d25210b4ea5fde11e9369f93c9e88b0365579b94eb41db0abb8820853dede54b458b49b4d2263e866ad9439b28d561f31e8ff8aff20cda5b034e9d17b16854ded8cb8c8ee4bb5b4309edc2d50d18ab81a0d2d30674485fb9b7d71bd48d50db9c77697fc06efac9ce9920179a7f4e36623747f175b25c1c2b4df643c2e51257cbd33ac53b1cf0ed7feef2f47ec2b292f5b3c19424b4f6261c62395cb915750f8b947f544e66bfefa7369711674f2958baf8c1854ae689b0129b5550335eabf6dee4d9b876e5d76610fbd9f7b8dec0c7b11973e1338ace2cea53dc88a706d5bbffc38bd50256a794916165d9406e409e2788b4dd63a91ea16846d1bf1e9c034eefd219f1e9447b8bf7fdbd0a913be46b1bfd1088d25a349d59e94269d474352db1ebfae2add74505449fa023d0fd1d0092531c81deef87f811afe67e4d5395eb6d8550f0fd0a27bb11f2999c595592f655a25f84ef7a3d7b7cc93b384b0cbf106c5731bf6d0183d0987bcca063b105ad6bf4302f58a3efe45ed84242b7dc7cda6179fdca1cca675a8ad3939f464beb46d9d21eefed3b10990310ef53bddc116015a0d2ba6561c6921c6e41114bf9d713e2af49b2327f826bf5bb64dee210fa3ad7e07e33cb1832f5d98ecd4ab833fb7174efd10f58c4dbf0b74207bc0a6c3d3eb7b41e604c7e791d4bfe7f1d02cb6b09f5f497685196f5d95709f954461259620c7cb97032ab545076e11f50c9d1a72aa5516d4e3a1be970120867869034b3c6fd995e14e306ff2d808c4d70fbdddaed27b90a2c3fcc578bdcfe428a070a6cc495496e086011dc0b2f62d45f1e407bf3a7343ba5f28e12db5faa4bef5e32b1e5c9a8b3136e4e594e65b368cf023498c375c3f2c5aaaedc8e8b209c52dd509650f2f73de4027ee1764e371cde6a8c3e70f8f171acbd28a4c25ed870aa50aea0ca1fa55eadd4a99654a3f0d2c460d5889300e874d92eadc17f4af38a159e9cd5748b4b2f0a202d49510416d2fe5e30465d721fd2f4e628355e42d0d2902fcb8ac644afb50c2b48b15adea937867ebdfe33f27949431543a59580845b383277daf69d7549e5cf11859d0fef1b60a4706a145bce010457bb5c66ebcb3152ae74c8860e7f09e3341182fa6cecff1f6450fb64e0707b929eb233ea805d15f477d199dab0b38f0d83e660e8ed41d783f948a9944c4926d1b17fb245520022f2fc218f6bc6c02524e96d1a09d91cb5dd2a429ecce2d930856da2ecb237a71c3d43386149ae70a69f9df0b4202d2b446c50fb5129a40f791cd48977f32535b569310078acf549e16fb7e4e3b6b4f875ca00e3a5f56d7e294d271124121ddf291dd120e5f4ea31a7e1dab17e59fb1794edc7a3494068bb7b87ad1012a72a475989dbdb0aa8d76fe9eebe4e83bf32d66f19db1b116499639ea3483ce2b46bcdfdf462901d13d3c433afa5dbd5c204c196a731098bbda6e7287c65517d7b5874cefd719faa42f4d902cc1d8ab136f5b916e985aae6", 0x2000, &(0x7f0000004f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004740)=ANY=[@ANYBLOB="180100000000000000000000000000040300000000000000080000000000000003"], 0x0, 0x0, 0x0, 0x0})
write$FUSE_IOCTL(r8, &(0x7f0000002140)={0x20, 0x0, r13, {0x0, 0x0, 0x80003ff}}, 0x20)
syz_fuse_handle_req(r8, &(0x7f0000008380)="d4cc2ac6c6ec02ab9e491166043def030af436bb5685b7b5b9d87ac5538f1de9767ae8bedcda1a510d176e9dc0603eb019f5a7d3440881aae5d72217be0df18494b204a23472e7205d78a03e88c43de03c52c72853558cca654ef99bdd9c9a5cd4cd226fb7546cd5f19935b77f740724d1a68fe89f50f2061650debea33c9732db1f37c3a71f18f6eaedddde679faff03ebd12aa6da34a45bd66f95f79d08880f52543a21cdbbaf22cc14e1fa7026e8a688d8155fd1511ab070ef112500e499ca55e10fe1580888a3d40072cd7b44136082fb5af07b383ff070cb96bb3026f9fb751ea8c44fffe90afcd093d9e24c08cf6ce3990cffcdbec131375978a78573210080a7be418ce2279f93b84ce403788efb95c2a2a79143f7d5caab7d1f138c033fbec36ef01e465cb546a430413961a88c88a3c27cb3dda3ded03dff654fcc24c26770e5dc932cf6f6788deed021b81591497cac5eb26d9609f3867cf7cb766a1fb2424d7263b62c2e6af9788eb2c4bb716155dddea1b67563a4cbe9b05ec4bf4254db9091d6ef1871c742e6179ea2378062646e6f646f9cedf73b04ea5dde0254c75b6a23cb5d5015e482ed6ae15cba1df87fb63593bae738ffbc84c5aa39acce2988c1a16dcba3c317cdc163af27af7812c9332199c1e3b5a53236990ee498eaf70e911936a076f6862ed7b902a903f8d947c2d05ee63b4f7a397775a3f32c975b95e7d1c64e8591db97f3aebf9922e7e8b47143f442a419d5c616a2be01598c93e2c0f1c27e80af539cd94d6e19dbeb0a4fdd91b82fb987e1ff10bd6860047bfbc9170130da91d74b0db00db4389affbcd86c9a6672ac3c95e3d95ab39f04e84da5eb7c896c42372063ca4bf7fc15ad8b77ba98edbf43a3cac0326a6d4a3c69fd4f138f73b287ec5d80d1fdab505419cf891c28ac853c9aa33323c52fe7ed67da95ab8cd17a3716e1efb758b861932ec75c90b2f061a23fbfa25ca700aea99c34e3e50cf2e2d48a9467b3d547e74405bcb37dc0d1df30b1bef2018ad6dcd992e45d4b34b0f860b1939bbc319812d07a059dd8d5bd9286e68c8dbbe04101fb6832fb058e8f81a2502174a9ae5e4a8bf4acbb7738ec86cf74a30098e83889ff03e7ca0c79cca826b49c93416ac61e8454e7946e0921c2ff5c461edcf047599eea93de9fdd7ac31c9a2bcbd16cc627ccf80508b8d4bff21bd920b3b54570e5491b976b19f97c9e024ff4d2c7dcd3429a9aaae05d7cc071421cd2ad72edd7fb2bc470fa67c8ef4a749a480b116bcc05d6b50dcfbbd75d1791681a5ce621b9c022cb9aa565af45938bb5189213458d458926d486f45dea77843a9d6ed782cf1281557104cef4791c901d3928311f6bcc100af212c286c3685679567e18029a0729a8e14d4554bfea50f7f49509a02d1e6d4bf752bcbf945dd667fca8761a0f9a6797d56fc1a4230da87b6969e8ad4cfb2fe3d7f920a93966caa20ca64a43d7fb08b57d6e6cd4f49049d7426464480fd7f211dd1afb963ba06ddbf6c33c505f6ef97b5378ada4b9a8b9757b2dc7df995b42682266aeeeb3b60286c39331855fe2cf289decda8f134583f761245274dea3cd21c008af1e3c10a7d8161b8575de2ccf3e7d7bd21ffb512095b9abfad0f7b3d636044e8c2ff898d2668968b879cbd081d28e14c0eca1feeedc75da5aaa5a44cfdf94073fcc11f1d01198f1fcc6e4822dc6dcb0038dca3cbea49e67badf7ed4c01ccd2badbcb3bcc06add6b829e69a8261d5a159236394b54a40a387bb362fe10f931fd65e1d9fc74f43b286a39981a7637d192df9e29db64c847b3f12e7ba2c93ee47622c215d54d681dc600f94be69764d7bcf6239c0df15f09b08b923b2c00c568eb3f3ea4355208d943ff4b14e96ae66f285fbc9eac61f167a2f4c4632fd90f193c4e5b37308f4603370e18e184b3855337e53e706606340b6d319fdfebd76bd40525b705e2ba36f80a0c9afecdb7b4fbdc827bb662d5346b57864b946271b6c2eb7503e2eaad76a486ac323a86ae7a14941c06f30532fe326ac57ea198d896db36f980eecdc81f902b1fdb8f9350574abdf0ac5a2431c4f460dec0098f1cd8a72a3cc40f1c598142014592caaaa9310734f48cf738471865eed75ea4406d33dd15ecef5dcab37ef0f05a258385b9bb9e97acbb7555a19d965e7de78f11314abec5f0ca15ae0602272f36b0410cf84a43b37a9bdeb5e276804ee57cb56bf189779a33b98bf28747dd21c3159964d4e202ae4fef28f52d569de2e42c59722562392bd7f40a65146ea9edccf46edac7be7eead07168efabf8afebd44b1401789b7e73e12e953b0812ea45b1199ae89154da40da2a475fb9fcab6c421c72f0df84dfe772ce2c143ecbf797a7d5ba9dedc52f60803eac9c6028a47c56358d8ceed0d0b382dfccf59c069163e0255160c16683a5b61cc672b53933f29fee7f5cc5206ff9cc3ccd020c47e079e6acecd8bd9a44894a28253fb2033d4ce23d46a0e0bd8f9354fd25d99ed0712e58a33f3612eb58ae028ede4ca729495b9ab46a43655db2ce63cebd45774a8f83256269bcd81e0ab253cb06c4529469e1feb5950119b575e1602e58af10bfe212ed4f14db794b9f09d07d04e0a6917048e52613ba5e06ef788019dbadf9687ef81c7c36cfba06f518ba01cf7f3d6c129b0c48973819ac3491acf656b657c9ceb0d52031ab66404874a78d3c968a11c365d7fc459bae0a40097f8e5f995883309ab76705edd74ebd2fa4017a8e15a66efc6c1b05839d07017dcbc76f3bd2636fa28547ca41024208c5f1f335c3399773d303b01138cca56ba96cbbff80a9bd33409d9ebc2711b10cf265829f923677af76c58b1f6e8f8075c98d2d12c2a66699d97f1cc3e51af541ab9a47f258c7c13b469cfa3c07ccee12422ee15ca65c474459272a57caaaa00ba37abdf2ef1a6bbb5e433ee176858f48378652d76045a4a5bf74b9503e3220fa7a7e67569fb786aeb961918f721f56517bf92e47b85fa781da7e68abcd65ecae9c34057f8d3b9fb6fcdf9b8d681a68dcf5e2cfafc571548b595b5d459f725d6faf2d8bac393cd808a42d9a8c2334ddea8c3e237fb3de6733868b71511a7db0a88ff8a8838ceff66624b710d93b40106a8513ae768efcbf843bf0daf5cd420be1e1ff34b71b34825f33fda94932dc80c5f9e4873e3dd613ed24ec9e98a29d96e645c3a41ba98d4519856d008f9bbbe1a88fb081a6ce5e3e0f574c70190d33bef0f5f839c982fb4ad2f00f0ca9b2b5fbb8d47b574d9e5f69351b7bfe5b0d6e4093d85ef55411df9039e447a6871cfb1a99d7d037cfff370ae5920b30079f00da08926fab82997372e197fcbb6a30ebc1b44f679430f57028b4f75ca0c7a25d6804540ad77afee1a8f32c8ee8bc011b18bb025af14af6d7cb12dc5f49586586152b20c0f9840269eb468a0ef05e6f54f84ecfcd762accf91eeae5e34276057ec3e7bb09431416455eb018bc9f3bbf216d3938a9c4468ce56eee8290ede0933245292486e32da3eb1f5a807488030f7976ad8ed845eb0ed4f33324542f44af8324f56d77112db84fa979c511322a46bcdda065c4234d643ccdefc0ec62ee56da69115c913b1fbc64cd3a7b724203b604353ccccd6775abe65afd6837d94dabf4ceb1aad7a12a7725d33c38db8d3727a2d9f9f0944e860dcf12e0d772f3cd98de080cff5a6fd9f666d671bb1d2a9e972f869385bf727e38f00d5c50b4b0a075363d6d5e9769fd08c6ab7f41f198a884807faa3345677dc73625f22a46e6a356b126bc35c05de065528329560b30cfdde4ce5ca1739859d9b71f9abb436f2e90804f72bd372415d25397d85c7772c4856bc04fd0e9410b63bdd7392e81685c91abcff97d4e2951821cac6bce2e2e55fafc0f4b1be436a89f087668a5edca27856cd915cb0a847f17d6eda760bee052798d6db13390e6d4fc2f833ff546725ca7f7656d990e47a03d5aa2e2a6d1c59e3e7744fe34fb07ca0c7bf8f92b46681f55c1e6172bf17482aa2e459efb01811c2a3cbab8a63205ef009b12f828c7743fc4be891fcd94aff80352d8a84dd8028f797a8687cd81013e2834762dbe2b3627c256108c9bcf89056983c30d5b6d5e736670ef11e8b5e4f85c620bc6fb404c9616d52447f938a9795d67701a39c0ce03ae614afe9c6d804d17604825248612dfd0a7ed50bc4cf621cd5c98a79776ada01a52448eda516829860b089f34fd4f1521ed60244aa8543fed0cb0f3c8073d7977ba56d2446e9910294d2f88bb177683ec1017200c057849127a4f0077963c297c7dab98e33125517836c1d38ab334e5c14d7518ba76a50d2a5adfabec9472217e0520ae076d54d4959c49257384c258c073a069851818bba51bc6896db3497788cc6f74ff61ec8367ad6179e32a56309f5f22183fc75fce3eba04e8195af1bafca26eeee3e0e20424c132a984a0c66969e29bd328f890bda2e56ee1a0003efc3c0782dd4a033524fbc4713b3534aafa68253299e999e05c2e2f9e449288876448f0df14ec47bea7386048479d3d8e66d1b67e4a590c3786b3fdd1f3424f24b9ff574b73103ecb2f21daa8f95c581722d657cf9326344e70f0317a5a80dda5d3a591979379b2262b76130edb4aaeba942a9e768ca2924efe72bc668593fbd74468ba6cc8a3a46f51f022150a43d6c4ccb9bbe058d01756f7a5000f1e5b0d77ba41919d46020b7218baf183fe2d54f103dd4dfeadec30bed6e141f81753a1eabd54dfbebc4dbbc0b7b42b847c6737daded451e23a7f73e1046a4544d238d37cdfbdfd0065a9269c5bedb1fa0a2e9bb799a2521ff7fd3b911f6ed7a3d98b5a4ef4d0aed0c0de20b29d399bee8a38081f84ce121ebedece85df5331537c4cc640d52722edd8cbef78e0e73127c71c16b84c22c2109cb98c3fb1fa1108962f9fcd07e1683e3bcb5a3a6fbb2a2b902e8876f7000fd3d742a93434b2e4d80456aacb7d93c569a8590b2c9ad2fbf8759acd63ccb8c9e990dc132b7382f62d48ac18a25905659d02fa22ef566ebad19b1ba6dba7fc560b2915a9c62cae88c9ac70f186ef2efe4acaba3830dcf2bdaf341b9a22a997a1c5e7fe564b5f257bf54bf56ace78ce2420430c7540e82400cab32eca25c6dd7c0fcac1c604d332032bfc129351475c7ffad57ba4d5593b2c28df956db94e1d2315cadc5e23b6a6bd6de69ea0cd25aed2f02755420036abb80d276e4db31f68710865e8f6ec67a8f0155c4d817fa8513d970e10bb51ed7cc4ab469692f6d024594b2d902badb7aafc2941220dc1a4fe81b0f48d9b9064833cba9d36e60926fa7d3b57345c17ed551a1bcba06d74a2fe92ed2dda77ce3ff924201d3901a533a2c65f533239675aca71309afe1231bccd87eec5d88aba53e3db3dca763a7f841f73bfe60f31a9935440be13ea3060db0f37d92b67d0d8e7f7478225f498145d46ee91610ef8b9210e7d082001c17dc83b3f453f9a1471c16224473ffaaffee91734b0c2e55b73b3949a966eaf061e9e714a34a36f2117f505470d7fd2e7600af34cd8caecc2ac7a693a4a73dd1d17faefaa7917d65e66eeb83aab8b3b9fb49a739d70dc581428f178a3cf50d9590b07ef272d5611a9aea0932d7c7c841850440a4368068201bfbc32b1a6d41a1362b4dd34bef4442c779b79950657dcd9a774070e89ae301ebb0f3c371645f775dad9c5db4e1987e6e9417933a453c3cfe242c50d41bbfc605721615ca06cd379d6dc5690af2b42bb2a5e9be2484ca1b66e647ede249852184cb474ec615d6a433250ec4dbf7b40499164cd7fe0dc9c612760dae30f1bc4ac058bdcdf4be8c0b015b812b096ea6c3b938c2d06e2a2fd759e269224c01142b59804b79f7cf3489d09045ea447baf5c4a1d27e6635a2158aae1af48c634a4d355db68ddef38e6159c68ef93e0783032d9faf28086e661dffb6bfaca582777e11ad8c5abd86a0f5fa0872ce93e08d5198fc5cf24356ee2aff2fd883eee1ff1c268ce0a3bf298f1fd55facc40528d3bb576afad86b813c41c3618fe7e2ff9b4277e32e58d77ba4f899ff4656f725def0304556b7396e7483ba95335ace312700645e92419e9fe1d5437843705c1b62674e5dc3f61c9346ffca5a0b25a1be3f46f072c54ab5236a5a736b6cf62fd2a233e27cdfe12f89a833636a2cde27a4e3c75826f67ee93b813a11041603c810e98392dc0eb00cec74ea65f3b88e7203d913c3866e0d5d91e0c52f225bae80fa98abfd197befe559f32dc81118880e9a46ec9f6806132c8a1fd27655bd42cdb7db2b162d550e1ff4f81685b71d7d8aaf167bcc5eae1c303870278bc7e1eee1d51c8bffe31fb0a1ed7150f4e31fa78f56c5d8c55c80f788a205f4499da112b8924110341b9237b13efc667fe052e99cd0159657d1c42522ef6e4959ce413a510ad5e9b956ab590462b734ad3472e3c7c38de32921ce0a769a37dd8ec2746a882442d0bf04e1cfbe1b13fa35977296d8629d6426fa90859ce0bd5a628f373fe495f26bce8bec6a510d0033f1e7627b7fde02c0eee1b906f765812e0e4d20081c313cdab0a9a02a233d0f512c53d92345740d49eac43d5b5069bffec1324a492dad46844e22124045aa439733939129c3194ca0f8b18e684142b43650290d663789da908e043575f409267109e7309051d98c7730a1fa2449f8c5b82c4dd9ce04751b421f487ba50ed325e5c5a26a16af0327d214049abf2d95361e59f931b3ef3a4c9a8a97daf72d2ab780a254823d8602ef767deaa9612b3fa0563d0ee990f11fe33335f709dc9388fd6df0196ae6ccd878f79735b158efa558a14d1ff306c4551526df7624116164b536fd6746635c7730695d9fb8a0e94d2af959d25b77bfbc2df4cf21d2fc16c93280cbe2672a3f7fe86a5eecd4c3e5f5f5aa33483e59a15ece331645a8e2657bf93bb34197fe394331a12952eb4eca050242c97fc4353eb7eb4ba7beba49fe97698a58dc67ec076cf44707137cc773aff4b6f29089c0fc755d3f2dc892bde1f98627908cf7251b1b5132b784831eb1854337851feaf8a14b6d2f433f51f710cee33babe4cc4bd1dd88eed87d55d936efa855181150eb0147bf14eb9fe4801910b30e2f7271405e3626ec0280bb07713d0d3de65f975fe5612e0593d2f8b9661346360d5a8c7440079baf91d4133a1513b08925e1f85ccbe96468dab6e6634660f65d845cc7726d8a2dea73606dbcb36758fec49e89fef5ad977484efc769dfe5b3aad9bccbe847c55275c69356f5db85028c4f0d2cc825056991c10a45d9269d3aa2dea62c062d2f31e764d4501f8cad4987fe27bc10128c13e0b61b129959de0f47da3c06aca7dc1c12463834473abbf1cc09800c5c81f9d8b2c2f37dcdd483e3f6ae651bf9af0f364c20d6cf9a1373178464c085136657f611dc67bea65bb0d67f9b6e43307cbe8547e3809aa260d0cdb47df63df9f92861d700eacd9b737a86dbe8b94b24044df8a7d669f835c2cd4713273ce8a8ca38c6b4e03806bf10a7be071516fff93971d85ea79df732a22bdb7273d71880e95b59bae80d79221d3af9763b9ff8a75fe3bb886d656614088c7f5046c610b6bcba14a8725e578ae77af7fb4356cc1ff1e514156f2e50f2a9703bf0b9c35dcd082b08887cd07fea8ed8e30295b9f3e990adfcf0c77253258e8f4e77b2d1bcf05b4246116d98e5b18431d446ff349b089752f561806ebc0be684c7691a35a3c668c5d0eb3419245b006d3cbdbe70aa4bdc6a64279fa7b753c3da2e174edccebd486d324c81c9c935061caedad5fccebe5697f92f64b7a678ab6e039fef6f9371e857fa3cf69dda9949ca5b1680d5e23556ed6f78ea7db2414b7831797c627a3799618d16606917da2f48e4e7a02e61f3c41b6b8e396356b83453ef4326f01fa13496912b8df99517f1856777574022ea6e723a22284de6b011b58001978c7af9ff1f08a71851e57f24cb8aaed2c8066eece3a627393d55d8c7e4a8ee5aeaa6b1711feab7e857d7b705efb6494b36379dc493caaa6c900a850e4f5218e49e06bfc2f516c7a7bde5a98674dcc2c48a542a7a893cc981cb45a928dd20a8d5793390a63ed77a5147d89bf19a3fa115e61dfb8bbb3ba78e8b1effd012f98bbadb38df4135fc2521e580edf0fe7d0ccd6ae2ebec8a54a720d1d945d25f949cf2821ce13a6a88af3a87510046baa5edcbf60c3b5e047a30653ad515453b9664a68d32643f3f90326c584b96c52f6edfee886c1946cfadadfd20033b5d46dd59a83531c84bca2d37f5e819a2691ac37aa16a308c5fc9ee74bc28ac05e8cf49d56d853a1c12d0493b1cf5d95a3a989178cad2a08f47e7b6df010087b84c7bdea1dbbb70c097b398965f3fec667085fbbdf54ae3d023597e8255ef8a89e2e1522a1063c720f92e4eb2a7e5b227cff7c59da8dd4566938e7d843d1dc1ee2605d52388e53100d49f31af27d9563d2420d873ffa1892575ca4436a8b23a721c3d8af97473a316269443b877fe75add8b3159f35aec4d97d4e36c3a7850b0f7d3f763fee8a6b4e3e22abb23006935d87a6a683d19d9ab4442fdc191df69337951e13c0137fbc64f12eefae598995e58281f954d550d90ece93573fda13bc0f60f346adbcad35a486790c3f67c6550957fc11a35676f3886044e991ff9c50c5007caab2da44ec18e449f6e50286c1e5d033e5cabb4fba90f9724923b8df3714d26c120ddb351a39e0c50e174828eab6f131538ec03daf44ebf341c209b5f820ca5fd912be14ec2876b4750c8bfaf78c1f4a58a96a334e3593235076f09e95c3ed40095d1a23d73475ac2585d6128cf6a9a0a4a7fb9f442de47ab66aec7db22e21cd0f236ea6530a4550822c8e70794061c276c62fac1177b9f13eb048728373ed2acc0a3d4c6e87ce8415de719d2e91845a023aca32a4d5c76afc2d8d85bfbc3ab84f7c0d052e40e31baa2d50f68284c1d4cf39a6317b48203cc66e39788966087c1db4301e202a44cac889155b01bd0dee0004189f99223eeb202d11411c2768fc99143573583df2f8f4141940aca77fa65a76a8e6803a1d5e8a6c1fe79c172166a88c57edb3e9c099a4a58bf465fc44414bf096375e50f98e730b374b64380dce8b0bb40205fb0f193b37ba1358513b8dca8a7cee913be26529312527f0d04b591fc63ea44f6105ec6e6d6cd9e8c06c7eb8d42fcaa32f2c2c7b36866dcad962885280536c6febe18d1115aad8e422a41d8b046e52868653b3e2e80c190a5c21c3ec8729f6cd0a95f8b3e6960aaa437ba2c874d772b302064c0842ec437b5497597d9b2ffb437974f91a1406e3b2d3ed032c4f2d963aa40b374242ef9b78aeb24cce33ad594791dc63f54e6caf1652292e1b5362f4e7ad687b8e701e205a7eec742dee9e83ddc744daad6033a4ae93de0f807aa1d0279c5dcf02121aac7841b593666df6555b81690d0ce3e5a5dd1e991abb8ded20fc828d27c97ec947f3d6ff8aeef89ddbebe4da05bddac19c54cc341f71d172a79a663fe8ab2ad40ad868dde640a4cf69077585e94a3bb7e70dc1143113db15e93548d34f10173c93fecb3c7e8c940949f493f42a33c36f7114cc0ab60722be02a14bef235f1acb92f9be827d3049195a7b0d3ad8c06ed3039519a68a7d56ca782c602df66fb4752bde8793850fd298beb728ae2bc1ee65793a24f54c01792a642937f43b640691b901d4a0ec269ae5809070049d63c0c358dbea712912edefbec101931b144db0e023038cf52848afc18ca6318e4a001d4cb1dec8eebee8213369a53241083ae5f360d94c1d8b8d7fd0111aa807fc5308ad314a1684cd1caf719d7bbe3f7b365c7f1bd59ab6ceeb9c0d4b314d55a0ded9caf4f1b4ff9f079836fe1adffa22cf2bddc3bdb8cd33b754dad58d5f23fcc47b70b2581f286ce98b5fa314c410456a2353fe2f37bcbd6bb8c9c305d277f49c0b9290330c887f12db679afe2267357b0ed3a9129a95c1cb24b3fda0551a5b092e23f4354c5d07bd27aa866d626409e596d3d3e072c640abfb19d9224c8c53dc8e6dfc3af64c593f9d4bedd3552952584c30429cbd57cc64d58a400ac505511edf85ebb5f23bf094ed7c06f433e7756fd9ddb4fdae6db04ce4bcb966fa4701ba485b23aeb6456a0fcb52d382e249d13643989159384689dee374bcdeae5c650f1ea8c74dec786cb923aa742c41fa5adbee714be396d4c87a65e70379efb37dd7e572d13503a61a21e073bab3acdbc5ceff2449e165d2ee2d8b760e42f57d6a6673ca7191cd4937e5877c77335c51360760e3b277eb8596633ed6d11c21c0f43b1ff0629749f33a9a9ca54c502dabf6cdd40f698fcdfb711cfeb75c7503d041f717539fdd321c774472bf2a2d9900452f14068cc22b8cf1c7162f200c46bcafc1dc94a4e811869156853062bc715c9390608d2938b982e0627991efd20d98ecc1c9610c4d52b47a8a6786c62f2e14201ca1d9346e33227509ef687941dcf45658637ee75b882bb47ab5011ce75d69fb86e616e2b723b62802be828b71beb42846af7dbd96a539bfa4330cbcb11a0252f6b8108d783a03035239c42a78c9a5bb1e34ca6bbd1ca9c2a83936e8a69503f13ec808766e3a2bfeb9e36d29ec31f6ebe30bb10312d024cb1f60f51b3083fda85059d493bdbf58d6b7b5a8971f4b48b44eb4a23dc8fcb89235d4dc529f5b9d0750aa3bd5fd5e08dec6a7d7d699a5de7ac098c8f12e8f6cf30943ecd22c6f36af6dd4db1158aa65c3cc1f484c795185c4b0afc65eabfa88668d16b943f41c9c16c315dac3dca4def25a205836352475f8af22f0b025b128a5bbda049002494313fb95728396e3148f9f4e55272b49892d4e40960e70bb3adfacb465c5ebb5e6e9ed3c476f6a21c8d7bf949e236973b14679e4d251d9038ce5c54eac55d0ab111c7476f20a6aee619e952e831771b66b11228c93c68fb42aa7f0ce40b86e603f1594ebe9c80a1acce6a754f2ade2ed96be3999fba72cb3942bba0cc6f00c26032d2f7bad1a4b5959f3ae841dc3b99ce8fcb6f9212270261c01fa6239d4e919962492cff085c4adb523082ce8463242c964ecc38b70d9a3683acf4a528b83757b9d79f4d2aa67016d9a8e8f422fc799d99d2328466cee91e24b5b48868b98da979d3594523e4a2190fb9563f7c565c510c736c388720dcfef798eff6ca863e12b33ccae9c808e11324594632679a3d29b3a2b4f255fb5b35a68f25e6882b02b8eb83154dd6839fdbd01e5dbe4721c9855a8c681d13f70f0c32f5ceff74aa4c61741a6f71e1b0b6be3ef5f672e7e637997d2e5d5834f6d2f68fc061bf4b23585e687c30bc0f1f9a22934876947928552c6978903d3454035df47aba861da0b5cd91d94507cb2dad2dba6ea3c8848aec05e49dc9d2933bf8518fe36ab40ceedcbffefb4d786a95c83397e4bbe9ca29e9ec4b4596d2bbd927e605d5c4f158edb3634082cf539e9ab0592222e2c644ecd7a515ea92b07e58a8bcc8cfb739a82b3c54229f707cc042c3778aa0103dfa5c6e18ed651d7d22b3af2c3d6c061b687110", 0x2000, &(0x7f0000004e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004bc0)={0x30, 0x0, 0x2, [{0x0, 0x1, 0x2, 0x7fff, 'fd'}]}, 0x0, &(0x7f0000004c00)={0xa0, 0xffffffffffffffda, 0x9, {{0x3, 0x3, 0x1, 0x6, 0x8, 0xc03f, {0x0, 0x9, 0x100000001, 0x6, 0x3ff, 0x0, 0x7, 0x0, 0x6, 0x2000, 0x6d1c4f9c, r11, r12, 0x1, 0x7}}, {0x0, 0x1}}}, 0x0, 0x0})
getdents64(r9, 0x0, 0x300)
getdents64(r9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r14=>0x0})
write(r1, &(0x7f0000001500)="7489523cb3a994c440d9ff8bcb4acd52a22b086ef0b03ac4ba18cde7bc769f96374aa99d89f14d0012290192490ed20d60a904e7b199d69d26de4efe684e09a6e12995a5cb44f1e9cf17b97ca42b3827a4a2c3d3e398a0f220ca842a23fa664d2af25476f5d9a66bb6e59751be53d4c3e5fed827bccf5f08c71ecf33f14616ef3b40d748abbd116d8a32e0a8ff97aa13159833dcecb6402d014b518eede63f051b10f97ada7439d8e431d1b8f46d4bd144ca75a0bbf030c3579715ec93899d2c31215784d9ae1fdea73c00e4a8e005e4a81e5f0d01d7411277508bdb9ece1228470ffb3253c22cba2b90f5a5442026826df322e95c296ff60297655efcaba79f959e53d37cb905a6c9521f7fc4c32c760e22db443be277ae8a250b54e1913f5531d70dd1066e5520c269dba18cfb5814b45537268f7485e9d14d81f36291de8fa0284755fe065aed779a88589be5af976d71efc882b3fc1e0195d51331157d3ee2681c2c864cb3e68baf7aba8ff8442da9a62d49ce04fd8f82e2c0e4071b2ed610423892169f20978c54ef1964d0138fe1eb337dad35a9b03683c1ea6e597df284c1b189723c331c5107e24696208a442e91fabff0db70bbbc739b266f29c67e62a3f9388ebc78e70cd5de5a6798031e4a7fc2e604ffa4f50174fb8b5f0460ab93af0d6aa17fe51e192415d3e69381735a02addbddc341ab3310abfa98b7db952fd7e6aba10676995e7111a24365af67e0ca9137edff633a5548a58976b09f9c0dc647c77433485161293d87027a474454bc4511c31a06fa6651a37d5c24af690e21b0a0ed54c7d2ac88acde038b2cb4aefc7427fd0ff3a80f6d5d280c1deb2320bfada27216773df70120a05dfe682069ebd60ddcc0116eff599737302e8e7c785343b73a1c050fb883750af2da298f80142ae92cec3d4676db5357686e77f5b97691fec19f1f78c7efff6516a681219548959522132f53e7d5320640fd6eb4378308ef99964726a053c45a7a43edac7c3bcab607eec44005db09d0a07d873e5e22c76da4166d2f28e21cfb220a187644c68cf921e1ade7696ab203b926989d83537d874f169b26dd05c8a067e4891f60a478a29bd1cace31735da52be091e188384f6be60cde0a77562d4d697b9547bb6dd4489fb646c0a2ec04db5614a38e534fef99d4efd4328a5cf6e79e83a61c5c300b0cc95d4bc96911e7a889aa2bc15301cff0e103b5bdfa2fec22eb3894fa46fc03e885e9c50262035501329d5499f876bcdd7c32e1d3d7dbfa2332894342d1af79d22bc005d65c3977d79cd16ac9b7c76a28f086dab4e0fe33ee3d1705e566a83f13b1bebd210d9d03317b93e5648ab2741be2d5f9ba03618fc1fe852a175a65ccd6f39626c9096138cc76a81afeeeb4cee05527865194f4f56ea1b40d682a929f75a34dc6a3b3e9cc8b55a0fc9c38f650ff3655fefeef4cb14823436ac72e7d136d63c0d15799782c38c92e62ecc25adc065e14b8d6a310cec53d2fffdc604a1f536b8b01e07e73e18c52ca2728f7c9d875c884d45fe4b7bfeb6fd888fd91002bcc5c159b084236568f9f7919d6f342dbac133ff7a93a7bb42a0d39110b8ce539bcf0443d0a05a0b963d38ad5a2c08dc4781cce3b262b9f8a587c7ae1a8553e8780f7822c48247b585747e1f35164814f6727f292b25f08187a62c88518c52cef6838e32fea213e273f0c283a26a5134ab12a29fbb4222e3e6130e3b44e4f61bf50dbf343f8139a99c0f08c02a36a9e1c07f3f8a5de4c7e6c2ba79f389a13199efacd926dfc2ce84b5ddc18aac6dfbb916114c2c68e93b24ee232d6c291e4cd8b721265a8e6d32152f24591f8a24b366dac04aae771ab5ed3a67bb7dadf288d10e4f52254bdb2ade06f42c56d5eff28b8c36ad8bb29c29b6e04966a416bef83c2f957756c3eca97ba791108750b500e887ae2f83b780d0bd7be732999797b6be5777dde0d281d9820e00a9f1a9943db5020c9ce4fb56032ed23df68d2910f95d6632f628edd13307be16c1f0934f844d75c70ccb5b7a41b63f7daeefe4f826f8e19c572bcfcc446b1a2248d89d91a951dd06beda02a1a0e611278a1228122a9fcd09bf02b5db7772f71fe847dadc50c3e3b82bcc71bd30ebecb4a33cfd353e47048c7f8cf0218c45508fc1168ef617d418f81a7464efb5fd78875e2fe106e1ecf431fd1e3d42b96e3ca76173a4c4358e86e480b20ac4863e2507870a95207170d60422a74f1d3e42a494f96b5c994f66e650c7b74e9b2a81b82244f2d97f09e9d5b11307c6e138e26c3a4930679613f82f94e55745b8b7bdfdebd7ccfa489637cec3bb350d5f13943a1ecd6165cd35872438c36b5b139eb5d5e0f097b7be4622fbcaccbaecd2842bf3fee0691c95ae70a9ee704c27394d31bebb9f51c9a34231134710bd5f7edfaaa0371f3c4f2925e1ca259bc1bf6787870bedb359915be54520d15a8f8a6cad371349d4e43e30ee622189ed61756fd42cfacebdf2cd3eb4d8c36beae05ec962c6606ad3e853355a34c983b5aab2e0b313eb8d0822a2e1b50e57a73b092688d229fe3b1b009a324b9d0fa6c1a8606026af814ae2b658aad03a9c3618c043447e124d2dd7a1413f1241e0059e709c06f3f0fd1e88730c8e232f13bf87a77a0d1fd06f79bce160d538100b11ed7bf10216271589a6625eb46edb2945ef73c477cdd6e256fb51e1bdbf61081962225fc34c5e0bf58c7b53ee9e33c6866e0f3675e1a5ba0237d677aa39c269a9467f57068964656a92f72804d1de1611454438c0a4f4d2cf32e016da9bd9ef32dad84e302c4b81e2c0b6d405e78d6998066e5398f99587b5ef6cfddf10f751cdc645e59d9b7f7519d6fdf5278e54a517a2cb32b8679233ccbf4132517c2a9fc037465a907f92440f4ab8e08a3e3bc110af7576f74bcd363465a5c44c43921506713daac76ee341884d4312b4c20896bea97783d7d32dbf6982bd82b96ec3f2b8028a7d84205ac6f06ac4e67f8626de6f928ea2284c5480be35177924524c272e33fc97300a8867bda99df852b22c41f8202abeba6052ce870d5b269432f5bfaa07ea484ab5f2ee69618082632e85752ac0a14f9e05e0e2f550d904934574949e3dbcaa50f7a9c7ff05115581941f837ca11d508ff8f5aeae9b0a9d4bfd01630b788afce08ea2d0aa8c3d28ad125a9daa77d82761c4665a5f443674098d1bc62cf35181f24edf76885d971b33f21cb21e78a31869b98f7e5572e39393a838432553da048fea264dd32e88f484929f71a08d86b53a4b2fc9534b99d2067bf8615ce26eecfe8e57bae98df701a99164636f960baa47fe823d166c7b840126f38284201ee76804ddec6d6c5fec3782323feda86153e05a80b5aad8ce0a30a44faa841a556f554c37d198e0d8093e32a9e352375a856959f8c372be33d033efc1c313a0808ae559e19da13d65f606cedf3bc87a4b2eb65cf320c61ab2cf94b51e9b03ab5cb8339ef30f7b786d6727c269342c35b7b9ba31672384e065e68da19f2170f8a21f66a70e8f4500f9befc171647528f3d02cac77109dbfc7deae81e1a640fdcd79b63bfd05be6ca9815124d4392243c39d7739808d1be5ed54155066bb6088ddfb9a1de2efa115caaf86571ce5988698caaa974cce570c33563806e81c24c78dbb6e185dd029a0a1f9fc993d59067cb45f7d694160d9a568bd622a0e33229b57b9935c7739c141451a31255dc0b354f52c75efa48aaabbe9ea168621202672402f1c3829e900053b958487c75605a09814cab12726c474ea5244cc047b0649fd211f45c9b7110c5c0f8a23c86807c9b34686e03095b106eb01f64dac1873e52f7df5f0123f39b9b012245bb838e3d824d8504981fb14492e181b973e9976818cce7b4429914cd12d8b8a8b9f397519bb75c8fb975858c90378df1e1c6c05f4cc777b8bda5ea7b5c7ed1196d934524b11c65a154a2d5acbfcf3b6a96e1d1dfd0d69adf1d6ff7d6cfa456e56489e86715ee6fa2a78ccd952be9e6e566d4c9d203567d395c456771bdfbe275dafc2c4a14a04d8b47d02c46c08e291cd55a0293c94d3846a60a9e5b3171cfc84f52f1aadcddd552c545d91f07a7f54b4a98f16f0f53d2b175381bc934a32343f7d3c28ffdd93d3ce35bf1ebaa35cfc430edd242b8f68fdaf2cd6bfa4e405ec5b123b746603a2a107699b1dd8c49d22f95cf0aa08b729c7d4bff76b7604af791971aaf3fafa6d829efc6cecc599531d68566179882f1a2c14c79b8a22c9c1fb463573bcec2ae2631bd061bc300e30ca86a7d0747e2269cb6715726c2e2964e5cc11d9f4aaa7b7dd4bbde7bf52e2c0386280896e081795ff4a4642e4e0a16f6fdc3cb0e17979a90cc3630e4d84ca631f874860ad119354506b126c1de8edae5fe0bbe27591f162134aa561153ef98d400904f0bf911b013fd5b93c6f6eee5a07660777e3ecd90c0c04f87b8fd2072c6c634056b8f8a867fb371bf6725b9f01d6709a4215afbba0d578e5ab8df0e982391c5ca104b6bb4cab319f5f60bfb39ff53a9c1459d98b0cd13e10067b2861472ffa8e35d6cb2097ff18412bdc63f2f6c27fb90f45a0352c196b5f69b355611b359b3a981d332917a6ac88fc71285b1ddbe5bf5b02129dfacb543a8b0f74740e8effc13cbdba0d49282dd3e16d193f985493eeae9928c5a94afcfcc678582f1fb192e585bf23279ca8ef8af7a06f65061cf19b636293e168de81465a8b13f9bd07ae75b3326d48f5ed3654afe07a1054eebec1be7969865b50e8c46a362161cdcc7c4dc1d742096ceeeea84d17dd2b0a23193d573bd15776168a0314076b61a40376842475f15587fde30476e88a187682b501c7c816dea3917304f54831f90e5844bd37624b168e359ace5dc76cae11e0e9df20434fba9300293363cc69a2456d4adbc551eeac107732e8f6b992445ecb252aa9e2a3a976c45476d31b57e347aa6c0ed0003ade61446ded1cfdfd88965ab2d86397fbc7fde6dc6ba6b715845861e9c2e486917a9aa9f82afa2ff4796069a13b36a3c05daf5091c9f1ba32b66291b08399b751528c7e09f3683d7d07a939223dd97fba91aa3ba45b77bc3ac3836f725215ec92ad0e7ca51cd07d55d5f4043d2231a05c50ac10be9711e0efabdbdb968e363c9cd252c2655a30986085479ade56416b7ef9e6b8abd5689ff99e646da4a3ac60536656c05dcde7f5a9dbd1804027659eef9a624a60f251fbb2ee37fdcb15afd85b6b2f0fa4e022dd36df59ee142732c953ad2ad9dbfbe49bc0f9ee1ae5d99fb15e50fa69ba66a2d1bac3aaac74c2bfb22bfab91470ae78c8c1bfb1c10c7be3a18b0ba4aee04ae82ebb58bab845ae237fbcdab3d92a197a0ce680c1b2b654dc195247732f853bcb666ab57a93fefe1bbd129d4cd9bafea622903ba95bf7d61202c3585cc892bda554ad2879e14bc0c939ed7e6bf7dd73a6bd9e983c4573bb5a0ca9d13856c4a1cd9f18589f682ecd5427898c7962b6312b44f16363f4c579dfecada678d9e4a0052b1f88ff6eca45285e01461d4ebf2cd388c88037d97f641664931ba2d542a276d80500bb550808064042bb45d806b858fbee67e280f5f459d3e6e588989f10d2cc0b07dcf5bf898f185fb6bc17d30e17433f04acd63cd5fe75d2c09b18812813c2c7cb1d08583d157008d567856ccf6d0e335ec720309938b007b2f79c19e69603e0374267c3d344f97f2f9d18b2d5931a28c9b1fe757d116f964a104da887e0e7baf861aa92d7972bd4e6489d62e8073409b022c5", 0x1000)
sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000600)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002abd7000fbdbdf251900000008000300", @ANYRES32=r14, @ANYBLOB="0500600004000002050060a10300000005001e0004000000"], 0x34}, 0x1, 0x0, 0x0, 0x48000}, 0x44080)

28.196663674s ago: executing program 0 (id=2282):
syz_usb_connect(0x2, 0x1ec, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x20, 0xb1, 0xd0, 0x20, 0x1b3d, 0x1ab, 0x8524, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1da, 0x2, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x2c, 0xff, 0x5, 0x71, 0xe7, 0x48, 0x3, [], [{{0x9, 0x5, 0x0, 0x0, 0x3ff, 0x3, 0x3, 0x8, [@generic={0x65, 0xf, "904d2d67de134c252c2703e0f04842de70451590f47e25a07895e23ad283e3893b954422ed607ea2f2b0c94a14352c680d0cd546466040c49ff29adee2042feac36846b32c14c86175f27ade251e7acc011284677c62a5367764c35bdc84d9644a0038"}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x40, 0x3}]}}, {{0x9, 0x5, 0x80, 0x8, 0x200, 0x0, 0xf3, 0x1, [@generic={0x23, 0x24, "d6627d12b2e5f65b617b5e2abaf544760db1943db0261a085d774b6aef4082d4b4"}]}}, {{0x9, 0x5, 0x3, 0xc, 0x3ff, 0xee, 0x4, 0xf4, [@generic={0x8, 0x1, "696fe3e2eb1c"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x8, 0x4, 0x4c, 0x8, [@generic={0x37, 0xb, "3bad28d948f08d78d8f88df86be56626fb1fee0416e26bed6c1fb8c328661b7b22de6f1130f75aaf14126af06a6cfc6f77b042d616"}, @generic={0xac, 0x30, "ea5f4f37f6a4ba8e03ec6fbf373ec161d6e623160af3fe8dfa40df29a8c9c6d5b4642e2097d0e0da2a73a55f9566a871c82cb4087fba3f556755c476a7e228d8d199790ed0fa3f6edc1290a139bc80fba950419131cd4f5aebb879ae33fa0d0dd208a02ec00790fa332522eb3544fc65bb26a3233fdc9b8582679031cf5d171208cfc0d03ee86dd06bf920d45767e164b8198a63f36a32d6df224b4d0133e6ea0412b40bcc150ddbf973"}]}}, {{0x9, 0x5, 0x1, 0x0, 0x400, 0x69, 0xc, 0x13, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x7f, 0x3}]}}]}}, {{0x9, 0x4, 0x5c, 0x5, 0x1, 0xb, 0xbe, 0x33, 0x40, [], [{{0x9, 0x5, 0xb, 0x2, 0x20, 0x1, 0x54, 0x69, [@generic={0x8, 0xb, "1268c0c56f0f"}]}}]}}]}}]}}, 0x0)

26.277688s ago: executing program 3 (id=2288):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22042, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = syz_usb_connect(0x0, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000280)={0x0, 0x30}, 0x0, 0x0})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8c8}, 0x20004804)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000140)=0x2000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x20, 0x2, 0x8, 0x5, 0x0, 0x0, {0xa, 0x0, 0x7}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4080}, 0x4008050)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
pipe(&(0x7f0000000d00))

26.191890997s ago: executing program 4 (id=2289):
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fspick(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
writev(r5, &(0x7f0000000940), 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000380)={'\x00', 0x7, 0x5, 0xfff, 0x200, 0x5})
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f00000001c0)=0x3)
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002300)="1c25e695befe42ad76af22a48befddea514cb5ca23c23f79d946e1622b8896c9b29ede4aae297ba31251530373989b35e0c66d5a4ad7c8cc55fd93a5e60f91bd9868b213658139be74f8a4d2f006fde1ac003ecd86b973fda8bc6e30e2d9e91c9b9111f24e96066306248e2464689743a5e635ceee94251b5031bf91d1cea3eafc22eff4616356be0597e27776f895f8f4d6c8885e3a295f91ccb08ac4681de47798d49f170016728c514995e92fcc806bafd88af7971a553251e5057bff6a12ea8f030f17cda88d7b91fa51f5628641111d6b681613e11419c6f361cc7e3198dc43f8da0fed8c7db01a1b92ffdf797bafe3bc954b4a9c2db1057b3025763c845cdf70496559edc121c5928c26071f14d219f7198c74a960ded0f188718603898bafa3360b952841504351377249878cd95fca60e84713f772b3d35ef442c492e5175471986cee1d629365db9409f90b8c80388f7d81c49f116437f65edf018ccdfab9925cbb4fdcf849294fe7270387e69b6a00dba2ed13659d3190943021218451531841c5c2df06685003bc3cb3e42f4482ba33a9785b1fb55dd93b41d4aae9a6243ddc3b1c84d67c2073e0eb0aed2b280ad3d8b3bdd91d3dd3f2e831f3a9dd25a5c19dd46c8e7a1ee2a6fe9902141b93bc19f85d633a7287e510067afe1ebb12d0ae30f2e881553ae8ffa904764fb2507e083f76b14e78d27e700dc15f7d212959fdd1b656a6fb814a1a089da39bcfcde056672721e5186a89a8e0cf9864ab8692a3aa80ccafa51ec4de01ab0e371b4f301821d4d2590c2df0bfe47c03cf54daeeff67dbabbaa27222b1bc69759ec74d0746074034337390536fe0338415307216f78ec02e3b4e3408c3e53cc952d882c5dc559b342822d9ac55d77ef1b625c5e6192a57450064b8a0a4282f6501e8f1ac9eef099218dc9a0d37124df94b4de258e73c6c68ed53c3884de0382381ab2873aaf75038c54044ac034cc908a67e3c1b5869df16c4feac61375b7f74998f12f39355c3efbcc03ab0b474a183fe370b881e7c4f1b68d154fe5c089b72f3f5839b2fe85a517a4d06c5ac68c6e9ede786ef960856e93ea0c16767a0da42ca2cf9b45094eb0c88f8e187c51973b08e2bd2dcf7230fb49c7713bc7f0a6611aa8116eea9b68b95e575987f905c3244eb7a142a4005ae52837327c0f09f5ef8b3b310703a4904085cc01da24827f8eed17e38966da0f40256f8051c7a770048572f288ba26b38200d0b3fbc794ae9c654027bb8d0717ddc856c74101f9f5f0acb15ef25ce603e4eb8b3371695e6edc24b183c63440ade26f4ac4276a2400c5986cb8672d569010c7a518bb9e72ce1c5f07c64bbcf66462c310f6a93942a5050ee42e93df7fa57f27c612f3cf5677ca1f9eae32b345918a2f624103d6cf12786b343b9c5bcc8f5aa3b1e2e2e3a9ddc465c9a19c1786a05de27f76e79a59773b31416f159c84ac630067b73b4509993841fefd2ba5124017a87a7da87855f1c87cb21e7ecd554864a26235d23c2f90984ccbd52c41f9c9f0deb205d972894d282f63bf91c6ab6b7fdca55f297ceb1fedb19dc0c0e42f1a0aa04de0b37abe6cb94bd9f5e8efd94c1da1bc182adfd490f64f3ddc2cb352337e7c52bcf1ebe255820e1a43394daa544d6e9b35d33f59ba22f5ea603ee8da90cf8f02ad6e9d3ff5c8c8a991f836b853f119985ffb157d5c52289f8e27d0195973c5bae5a4e9f23f5349d724141106b9b6f4f0abcc06b121c0676b32802674e4057573502d46525cd7d8aea96811b3dec307f90324750baea72d4969ca1012830e2fefea67b0e73c05ef2840dc3b8c8a3ca1f6ca471c66f9f193250314ac3a7618a2eb3ddaa0fd00e2d1332e365101514bd3ac1578ffb27e21bbfd6a906682470ef1b7b22b92c5e6cfd79505881ad79ed195bf1e50affef7dc0697d2b9025c09ff69d8cbc5a38a8f3c90813915da32efd28a3e566d1511e9659bf907c56b20d495e522f7d01b7635bb9e50acc6b82c1b91d5d5daa607af069439bf6ce739988f7c74a10734dd2549456e36f163e3891b268b90ecc1f10cced2d0ac3308d23608795099fa27928571e1c51b18385e939b6a4479b6bd39888e94a37192b12b38e4821dcc31bdb5fcb1ce71b66d9f663a59cf80b8f4c97bb52e71996c74eda8bf964e1dcc106d4885d13703e5a08720a0235ab3489b88da8f038b1da573fdd2afff5d4d98a00389c16c08e5b1b8e29441a9addec5ef0d3128c720717f75d18bf29b70be24bffc48022ae965f799c65ce5dcfab0d4aa95d5709a5c8979211d1ecb2581511ca6a8ba173a291d65bd7f3daebf0a67110410df3cc2c13b9dacde281a4a884d07d6deb306ea6627aa77c51aa39577081b05240fbc1e7287638cfec0721cfa43dbbf5d3f44d735f7e9412392a5185c21d3ca842fed12fad33f07d592fd83bb747c5457805db60abcd69522d21e53ba3568b4c9fc337bb12fa137cb9a921217ccf17b929f9f1a9cbef6aad05b7f86431d439f7117702fb7b8e1f5566a06f9e8d22e2781f9717df72b2b64aba5fca0afe66dc735daa4e7f9d6921d70a07a23e90598ed757b19d24d6231c985049c56f44df954a6c4ab91c3642841df6778572f212ee3255f8e00afcf2ad787856ab59379b1593507e6a95822cfb1a9e8eff40cdaab4c6b8d01867974da556ca998f7c7882b53c30fa418dd4e208a59a9a3b751f5a4fbb51dd02f940459d40def79662e246280c69131389653924ade5761b2873eba46a7e9f68be6178cfb97c66f53b2a9523c5f5c2720ddcdca92537f9ca47224fda97e0eaf29a38c0c44d21872c01de9dae9697979b35203c49bf043b6b438ed2d48d04021ef1a11cc77ffe7a623e7eda7a78331a623445c1bdde478dafc0af414886c9650b58deeaa55d8df753d8589bef0189eb8445e935e2436e1ae760149d08569bb5c96ad14eeca6c043be46862bc46270e09be85cef4f2e4bde91e64b07fb71a93767a1389c1b7a809c147d7e815f86eea8e0f9a0c340870371ba8d36f9a2ea1bad92dbd3dc356d25a1c3aa755662426ea808c942ee8c8381c98f64560282eed947bbcfe8f07031eab53519617d4a22cedd4f091037a2b50007afa2452e45ec8d8cc1a9e9ded68a7c4345c736be9501c188443056f48aa0a52ebe0b4cf5ffaf66686504e438b39c0023ea71b93390e78aac160554128ea7cfc52fb1d25c0a99c6053dfeafc7b89b693d93dbc53e251589c6ea4767d9ebb3862049067c39d04e6c818dc1b3dad4f709981372ddece98a859b95b88cce68fe8c66330a1f1de06807654c30125287106554568bb7a0eaa819d370db65e5cba650e1653a169ee4ed5b618a67d7c79d55e64342c2bb84ff0ce8ac33e22f57f2811aef3aa1a061fa7e1d058752ab570dfae7ce7cb9f3136c0095692c2f44f4b43f75c8e05404032eb9f30ccddeed5e87dccc4638d344ec4dee399264f1116d0d67a96f27272c4fb0a01baee74bfbbdaf1b0bac61e73e5ac1956af82143d6e4f974187b841271ea844dd2d9efdc7dfb4b543a35ab368d023130aaa8f53ae7ecdd4e373c980acb08eee1c48da5574bf1536c9f652712f7fa6974add98fa237d4759e12856607c76aa9a4b5f1844cbf369368197c5b749ba0fec510df8f6a9e5dff0cf0d3e036c2b783c9747735cd78511b8985b96712a8cdb378ffa39a6c6c5c118c4bd097e45d8c2defaa38c512f72d64ca20b220e31591161808bd96cf2895a5e5e29603f204040bc872f30511ccd4b57f786ec7933d9063836aa24b71878d9a7c15ce2e9157fc6908b55ed4fd7d319b7583340f6680c8669e9a8ff529ce3c8dd2ba5e2d83db3f5df726a0339c8e2de78d03beeda6a98bd69e49fca7880e3c45b38dc63998e1e045dd42fdd3f5200b521f15dc26f969d42cf3f6daa331cb0a7fcc1ec99a01390ff10b786577de2a581ec8036c55f987162bbdbe1396b68eeea653744e076d403de6f6006e8378810e5ef1e1574c9cc55c6c6a2cf921da404ad73896d887a8699b4f652e75e473a252faff2fdb449969529e0e768b7d8ae007f8ea4eb56b396fb3677a7d3ca14a3325f87bcadfac5d2382a1b6b5957f2cece3e1ebea6ab99c1de5df839a957f4aa9fd8caf7df609e0deed8e906307ab91e035d242e5ac79e7b11df86ae9b6d25ec40f9e00d06b59e63142a482dc26393ae249d7ec57e86f260564b6c10024f6ccf06c917316fd20e908da4c46a3598263f480ae027d3d5f8e07a309f3a4d04e52df1c372c810a7f2cab4ee1da476f2c18ead44bc8e7f5312afd978e2000c3b9909052e64b13579ddeee86fe2a9ddc56894b37bfc7372a94814938b6466ba65f92743e09b1ffd53646c702d251ee21b1595d7a82776c656abe874aaa3e441cd69fd68c9f116e410f14ab9bccf90d24b0cb6080a0313cc8e510a15834629b1ce2c87b3373975076c76333d82715530cdfd91ea9c30a0130e673c7cc2756a73ae13f637f4bfb6746de553d1cabf06229ff1ea7a8097d825e2ccb9862b7030899d524e2fcbe58fb4dbe21b56496f70d83223ebad69be9d0684fb7725e314ebba13930684713f89f77cc84b71b7dbe7f97f31f619651740a1aef25ed13a3be39a86b4f37a900277045d19c1e6b277495ef42d6e07a994cfbb09bd728145697381c6daa4a864acefcf65cb1f3633628aff5ec88cd1d24a1a941da781e4c7d24cad178e5b633c5c28525d13d0c20d6ff43122e6eceb9f19778386d17260ddf154ec217d264af9a9854935fd492b33ea119e74ea1aa5558bddb084348249ca6445f8502da237e48a39e91c16d26cd15f37632d271b62187e8e658e308a019cf2783d78561e77d9aa5614dcdacd033375350c91422893bb8e2d3eeef48f18c81d966479da270a1a83958c7f7961d36702e8f8524b52bdbe70d0e67862dd41ddf1334aece5664b25265c97cc573391415e7e33ace25144932fe625814e96a979f1754ffe29c1cee45cf6b13fbce137ca307c5e5394c840aebe6d3ea2c82ba17d5102a684d06e57e7a69b85496cc19cc9733bd715750f32272a1b76b1c6116aa25374ca6c1ddf45f913b9fca2ae3526a92207e4d346d6665354300e5b3d9e016137bd092650e8b05e573a1f864196508e727857adb01a7af77818d85bd5c6b20d43e65d278def390a16c1478e731cf22c64420b60f4e11e34680ce32130ba5dd148099d5c447afc0d386bd1c9eab0a736bbe493530e2db69f5070acc0b54f67b717b6f2669ebae284d2623e3039ae4bd868ffd1612fe2211d3e4013ed899ef52990c4a724e9fe99f723883d6caba06fc3233201488edff27bc5395afef8d3f606abd21c57a32a460449a4541ae510515870141531e8944266bc72d98de9330cb80aca19a0a1c494263e733920be1e7510fe3944da608dc81684ad1070b092b4a1b52d5f6a2bf97071b111883f0d47d9369a5cf40c5237345d49c558ef018f6f628cbc9ea9c6c17668ca688d182d244088aa96b126846882452e0233ccf8d2dbc9f2043f2242687f17e7478ea36b0c0a2488334525b46fc18324badeff0067d4c479115999bc581d7a5cca59f70202c7cdd5793c8449200a1574cbf2b34c5b8ea88b981600795927502499a69a09e08341c8a63bdc8134106e6282f672b27378a02e51500f0367c6bb47276c3abff6704450f3e1de405c17087599067de6bd4d623b50aa5756f6b9acc1ea0635bc0c076b4bb8636e7046d5d42188934899fde87eeee49dff68e2bed5fc48f252efcc9a0f90f31c55036f73050714ebac0e0ffc664439263a40bba2fe631c7977b451d4032ff8da31cb708ca067d6a2c6c5a6b1cabbda5b1dce112b8143faf505c03959afdeeb103362177034c6090b4543de91a19b511b9194ec4028d0a35ba08e85ac5ef5d929a421848f99235df954b4d5ae5da952af62f4fa58e53d116d8d243700f6dc5de4907012ab71aa5b1597950373ff7ade9f9d6cf98e614f844234499cda0110d345d62af4409f790ce57c60cbedc73815ddc9cbba4e273faa01798fb49fece239b244e0219c3eb83a589cf51dc7b85dfe5026493c695f745752f13e9de3f956deb3a8751d960a1d7eaacb8523b32f223e2f021952cba8365fb8dce6d5d6517ec045bdd18a0fed2600267bf1e4e63ac4482806439d56a68d3471974c7dc31f985581a50a43277827ce1b724baa688fe53c407d6c1174c654bbf187e726ff31eed11c33b21077d8042d78ee38dce15469e88bb1f8064daea80f39c963b8ef8fdae03b8c1f6d02d4d5f1241c334337617c5543459da20640babb8d069c9e1c38ba9d5ef19a295792aa86006f1c93a99db36b07bb51e68b75ea277342bbd59c1e963c0523f5ff3eac7383513b172556dc054005983e9a0c37e6f7a050886ae0760a7d3b92298d4d62e20e9911d1647918fe4bd37e9d0d9bf8f912315aafbcdbad219a8299465351de1b671aaf5cbd467f916cdf2cf19c7dba93c418b4ac08758bd56e1aa03639c13e3b3cd27b406f8604a2cecf592598454704823ae6626229473eb62668525aa5dc3f93b2684499d00e6042ace89bb3eff9523e03d77e5315a438489ac0b441e5965ef8048b85cf95ee267cc0752660e67420f67068aad2dc8257864d9f217b0b44c393ab37c9602f33c8f11a7c47c25b65f15f68d87e0746575a56970ec61a427e175d7252ad5e58d80305bb2d12b5baab9d9f9bd0a866437878d39e79c2c21b518ee57cb7214d77277fb1dd9a1046280f4fcf23dfc0c3745ca52ef4271cce332f85e05c652626c899c8a9d0309c72727a844f9bcd58e26b5566e2dc4391488f36441ea9c65e13bc567bc127ff82d4b491625dab543c36ce5752d7330a11423bf6b78940797099dfad91b327e65a7450f0d84ca6522fe04c783e6503bf7ab1d6fd816d2f3ff43a1a87458edc7fa4bbba1a239294e0f6288336dd13eb21f621be0d780d09890b218237e2575ab4138fea1bf607c4fb616c1114ae7c3a920f265e1c745762624d910da0ca7f9c813c78219889352ae7b59c7fc7895a9624cf6f4a73341cc1b482d6872b83aad3f3103ae0a73a18e559899c9037a92f396d3d8a9dbec9067dc4ad89baad61049596700070c350b8bee07010dd5207ab4dfcf7131b0e0073eb6722f824f0a1f87491c9230efdeb12e6e8f3425f7327279b7a59e4151d0084bea850f2702eb07e9e3e3a1cbe696dc75155abea22428280f51deeb1712824b398b2899302d3a7586f71942d8a22fe57d9c8d4610fda2add45416397e742ff715e77c6a8f93ab401e3a0cd16bac00fb2b7ceecdfd74c21c82822c2f699c5813e31e1ae3c981493bc40ecce73ec51d180b1a59170ad57960cf780ede4be2558c883055ae760c3d37dc5503a447d629ebf3dd4c476d83c56e0d7feebd244613c3bad6f81959ae00a363331e8af68aca137e43007988acf742e7b8834f5d13f9f3e946b291f8ab6a479946fde240ebea5497f28a77a0c0233ae93b7118b453456fbf078409f44a643222785bf52890c5d694c596e695f8f5738f73aac1b91264b5d7584474c1a6288e244ae30149fa2bc9c55570e947ae8f25ee86100557e3d5eda7e72a31311a204501b055406c0c0f7489359860defb7f2ab8f8c3fd75d00034acd0fefacfac883fb0dd1c3e6127b829b3eb76a21fe602d905574f94c4cfedea97915d29926530d49b7baf787980c232c927e186c93eafbd6b6623efa6a93db11fa223f611e4f0abde352054ed59661ff2aa2f5975faf38e72d40120141fecfbdef320eef0e1dcb33507caa95fc7803c12c938804cc7803f5583963a6bcd0a9aab0ef6199d07d16ced28f182f11c7475429f5d73a242922ef0ba3862c30831617abccb9b52ad671c03fd03f3313de7971e3a604b056ddf0e946e6f509c5bd191f2dcf3ff594e33a2b3c17759cb2cb3f20b6ff20d783b381c24f7238cdc358b93a60f2d0b941dbfd97f558618118cef60dcaee838065194d524d12287f14c144d2bfb651ab0e91a0773d48bf4ec53822ea23b0524f1021f02f7567c5d8f312f041339fa9da50bedebbde9f91a7a5bac6300f14f004ebb8d3f267a67c78bfbcbfbbef1c011b404b435b585a8fb92d68fbb4dade834f4b492c500f56f9ec81d507c076e14beec213b11c87ea56ccd141a1778cdc01e62b2fe5f3561363446b7da635a2cad02029502454e216bd4ff88e516b5042501ee1668a1e5fb063d6447a8fca6974ed380e07a6f83f45e7f38edf3243fc703391e181b759bf1bb273a4400a16e1653bafa05104241b3f965da676e50d5f3567bab51901a5b3711d46dc4209d39bd01ebb9e382d26222da6378c78a23853087ceccb858a914f06d3b6b57fcae6761b8dd826b83b64d80c64a17b623a813c2e2fa12a55daa7b1e96440651095987e6b0c6ca1a90434dda57c557bbfbf5598323414c3431db71ceee50fe4f49534b2b23811a6e008ff07cbbd3d39a70553156529f0d332e6c2e78831ecc920a3b8b4ba7b8e17cf442a21c33d0c5814604677d1134a5eefa406917136a3cbaffb2a8d5f65283938699dae4daafb408eaa38b3bb37741b2536eab7111127e3d3905b9d9fb37e6dfc246d7054ff496cb669ba6d5f0c3cd736eed438415729f25e9d21860b6f31afbcb507c669b1aeeba81136ba7979f817a4565c6d8ed6432e5021a5fcc0cf3837dbe7d424cb903f1e139623d9631a42d4c11738c9b849e6ca92904df51cbda7b34d55ba618e49f7853ee1ae9c8adbd4a61791825bdd163a6e948158506c13c494547106bf2776271ba4314c97af428020336b53b706734fae34ea205878fb75f0b0eb031f8e6ffddeeb0250234632ad3af4425611203ac20e7e89b5096700288273ba141b96d6f714fc1ad77906f99ba007eeb991e79c302f585593e611bb64092dab82962328dc5e81d00a4f8d6440e10d2ad1441ac65aa8004a8954b4d677bf5e808f4546da3e80df886b3a20eefeb78a4c23c46a41811e7476e09bb93dde50984376be9f1e287ba3c619fd87e18a6195b00b2b39be2d2c91edb3f19a99a3584bf938731aceded18fbb81f84cefb09eb1fa479498a1e4a99dedffa8b6ab184a7bb9468ea1abd8b5fce68cce28aeaf296a9714d613f1fe379f55d313c82a7c35aa4bbcb1e22abcb15391e08db826d8ed95fa2487dc7e52692577dd2ca65ad0c85d598d715d4dffb8406d4d38c555b6fb7b523a19f345256d99c1886ba11e596566691a6285d1b624390fb5d339183a7e6d2b6bfd7fe73c07aa9499427573ab34a44cbc6f1e3d17efeeadedd61a367eb716e4c8618b331dd0e3c692bc879f0b30fa0c329cf1580001bd535fee8eb5b9ba961168177723936f24984d25b5aef6cdfbb47df6f176a9958ecaeec1af038ccdf49ed4f7f532d9d866ce536962b02ab2db235e58c624febbd6da917f390ea4c89f36b0499432b2a271eb4911abcb4dacc32f6aac83e21eab13485b5eb4f3824f394ff197d5dbae37432e6c882d6a5e6bee725d8e97c2ed9648c6004c9dc032208c06a93b9835591cd2f99eb15ce05eb4c57a2ef0280b8c760f49414046f93f91df861335cb440892489e5259f67d18f45135b3b863eaca545f485e033785c470f6f8b4e778b0305ab5916021f6fdac9eff63da93739702e048f72c48850593deaff7f3c2d25deb5cda0f0666c180373f922a0456c17901f8e343e9d8ef34ca0f83401d52d7b3568e8b625cb6fea7383d74ba2cfeee7e489f89fc01442f514efebcb5466593319601fb22a1007d030cba7987350820d1815bb8611dd0ddb39127edac67791f20dd0ef6503f5655b0ce03592e7c0723c2b3922aed2569f0aa82d7f8f6e3d4fe05008311f3e4048c83441a92b00e80a5fe4741fd5d2bf479b7cbe41bf9ad873cb4ff8f740cc7aad641188e19c479b40a6706e8d864f1eb910d8f10af1d0ec7a21ca52a540ef1f7fb6f43bb4b2604c4e193fa0578c56c8af8a596838b660bc7aa522269aa225c263db3cb6eccb3ba9712357193fca62f1848dfdb329923fba701c60028582623d29365cde1382d795110d2063bba1747cbcc888bb291cc43f79bf6e6abca6baf9ae7489a30689db293249de79f8e414595df3925a558d0a7acd62a75e324134e86c7da85f33b791464a2ab1184bfe8f8bb46fbca139f31e8c04b4ea275124b2da57fd8f48b34104968d12f229a52464ebe0c0f7b6414b135e33ab731e83a6802db18f7688e8c76ede54ba7aa8f5df0c59318195148b977a803b38fd6be1050c68eb4946a97177a5273bc3b60c65a158c00a98b19b7b4da0e0df6cd0988c411869da6eeba423019b992b9b0b7c872af5da6fb8dbe7d0b4cbdeaa08fcb3d33e55d99e547018505e8e4a39a97e87b3fba6ef9e67fd4577565ff42dc6b52449d8b577c08a784a0bcc81413b28e3c0f71a9766acbd2f79d775b63349529645eda1c713e38d58cdce84574a7e2664b35e4287ee720abc981392d853b5364e8ad30ee634c837bd8150923742b43d90aceea405bc38c5ba935fb3f4be6b29df7fb83b64fba4b7e3b5c4da398ba394d3795b90c140cda49e877db4173211c37adbdfcbf0d4d55443ce01e41a024517346bbd43bbc322c57f61533d2dc7116d1a995a1ff0132a614d3cacffe8fc8d544eb8f2f2e31944255cc58438ef36194993a5726996bd1c1778e62d620d121d0aa5f3465e98b873839b6a34923eea7a7ba43c9cc56b3ea3a3f98412d19cd63e8f7c1c89a5fe9c741b12b2d7ea37011588a276c87f755453b0efdfe1bff29f9b9e3542aa98f66f88987b833bdcb9fc62067b8801e63a161ca0f8e42c38c1054c89f3eed24369769d3df691842f41d2f0a14cff568404eac9aec1a8644e3c49770c508d5435006ac1c6ebe613904da85e1440162e50e22ff294a4ce15364905cb8c8d9b202cb820c42d730cd18819b24a12fe901f158a70b55648a41159de4a7bf03c72bff4244dc868ae985c0c5fe865ed7667acf12c2740cb25b318e58378f2c3856697e9aba483e6038730cb8becb1787b9fdca4cd3b17d36e0f0688ce7c490b7238cad754777e13ceb93141c141be91282899c78c4a47ea0b8332a27092a4f523991ca81e9cc038b7851c8d51d80e3bfa5e21950ee9e5bac4832a7c1172c5cc950817203f80ec044b6a2c82a0d10c6b36c184c202d0dd733d9f85d776e4976d8202b2f7c0a9cef888c998f7166c0e493cc62d271c08cb0e5546ef127a7a7c6f28fffafd73a351c6f439ffc34369102c31996509adc0f43a11f6b395d189d041d53731c5b78fec220e7b43cc69925862d27a3de7409cad1cfb429129d298d9afc65dd3a604fd7b71ef5c36e9ac9380c97a1081a628ed8485e9ff2b944e1326f599640cb2ae64edfb5e84660ca3efa1d2423ea1fbe54f5c669bc76169562f8085f1d6309ee59adfb55aebc31dbadf3fc3e65204baab2accc1e2cf9e4c430658f3fce66c558aaf10c64b5fc1606a8200bf8e7eb90cbb48fe0d756485048ade2c5df3ec5005af520f418049bb19b32bbc58720771aedd5c9765ea79cd3a95bddcb15f7c201d7b765478de7132c3c2f15f3baa1ec7", 0x2000, 0x0)
r7 = syz_open_dev$ndb(&(0x7f0000002a40), 0x0, 0x2400)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$unix(r1, &(0x7f0000002d80)=[{{&(0x7f00000008c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001c80)=[{&(0x7f0000001d00)="b26db3fb96b14b141b148be96ad208a5e896a74411dffac6ea88aab1674279508f3f10c711", 0x25}, {&(0x7f0000000c80)="c88664ca701c175fa6a8558ba86d0d39867653fb6cf840f0caa4839f29f5bde2ed18d3b0b3d29285a22e2d114c517b161840f6e0ae5a101e2f61ddbebba59ed830a09c084468a29b75e9927aa68451b22b8a17f393329e1934b36c4afe3308cef5044ac2f55cdeab983d6bfa3e295736c2165b344a4657471c4ca71109717fcd6f05c16fc162357e8bb6e34dda74df2d41f768fda2b0afc289541c099dab025380c30a35a203780b518de4480977cbf81cf9945888275d6084663549f6f0621818c3b0b437facbff02c4bc574083a0194e93032f04dc625b600e3402bd8da979af57f1f58f3d28eac59972d68543e56c3b460556a19e80ae8f87c48bbd0bf9bebbce01728d8763e4b5e5503e558170d36c517a6552aa0bb7319bd743b2e4d55d5c92321d98929f43717f04da9f9310b5d282837d951ab8295f4d971f5d2852040c73baa2349a323433e24e0cbb0bf332e96c7530fcf41b20a48a8ca5351aa126d7e566dd79ed1a8bb1841ff287b4566df7f05f8fe78083e7523bdaeb2a9c4075c68741f9e5618a0d7be66735d8495468c85793da900a6e420b5f0e07112e8125a374652c4f05f85895006913c73925efa0f68c4ee39f78b9617f938b8ddb316ce4ef4b8c38ba251b9c0fea00d9a85d1613af75fcc9530f56e96d97c4fd291a485d6073fef5ee640d0cc851ae524cccba41c0b8bef66870fa8aacd5ced85c9e18b46cd64d5310ac4759f99f6e56a8b84cf038e8843f72fa00b72e6bc2058d162e38c0719e6ca91b8398d95cfac09039921940edb03ccdb58e1ce403ee2facf2b4ca863908da4ea3673c03f4f2c85f2aa5accfbdd057073e5dd5fcf7ac606660bbb94e36e54c1353c2c8fa1635124354289c2be0d3d6badde530342448e745964386cba11261790525167f4c273da5b358b6bd67f054f580b96e58a422db772284086560d84333a6e32c9ed9b58b63e0acb0bb68f95eee1e2c0c024b6846d0071af3eab882aac14a10f6cc7ad2b4e412f3833f2395d38f0142684321f3715976cd1bd41e375efed19b0dccba7238dd565b3fc65d15aea4b1ed6229d2ee5a55a04c7d4bf55bc26f74c2876ef4de45a354ba1148c55f75b07130ae8f43965fb9c0d110a1ed1f7e0b71fcc57385ac46a5a664c13cf0757ace047c92cddb1a88690ae8e90a367ced65b77a278fbb883115182dfbcfdddaa75bfd33ee018fb1fec11de573ae424b57bbecf442253b4d2ed039cd0c33b3889058cb855da03dc81ae8a0b0bace48786575fd4e64340fc4dcf8fa69c60948372c1aa26573ae9eaa4f8faabfcc70609c8a862ab39bbd65602eceaa0cf07e965ccc5e544a6eb9440fcf2d89b8911699e1e6787ad0b12bf5d31c9d3eff0b53799f022da99c4bd1b8a56ff45ad97bc53808f75d9d7d29cf79fa3dc6c13f25afaeaf42cd41ddfa1bd3cca0ba02f9d0a5f2ad1aa7fd47eecb3c9a287f4540430a99d8fa3a28d6421bfa82ba770f38a95cd4fd199bcb0d40988f1d3fbdcfd480869db6728e625a6a5d3882d560ee04c5343ae564dedc1145e37b2e6754244ba9a2c92de55e5f4127fd5d93e4cf2dcd9ad11d30eb53a2562d8e70e559b60e0e1e5b3281be52bca422aee840da44ff728e7dd11f31acdc635eba9bfd59537ab9f1a87f85461b03193367223f70ceacc4ef00122285d081df6867a067097934578f8a40b8a4c9e300b0926ac5c68f8a635b2764e37020211d4484ee5652235625e472ea6f9bc45daa05d674dd18b3e0c4caad65db190853bf1b98f8f64b224d1096e3b58dfe77160bd6cdf15471604acaa58587f1e3e8b16d7cd3d05f2f8166b2b5389f519b39d309493933836b2f9a392bfc8d449a444a1fa3bdedae67cc6b9377ccf2a78c1bdd3451628c0176b58beba89ebefbb544296f2725cf705f2bbb2eca224ae98a16cc3e3a17d2d58307a0a2979efd8b9c5a20e7b01cdca33738893e155f3092e05c8350e57024cf9e1a871faf0c7bb18c2f4e8218a85a2ee681a9c0ae7ef34cee36286e303ad42367633c64c427256ceafe952ba9eeef535489fba794cddab97d820370e0f7199f29265fa705d1d5987390be2526ebdf9896005c97960eb0f43b3ba57ebe814d083ff2d411f42ceb50e59813c1de159a51d5131ca7cd13e491f5bb6dc66dba424885f5e21980f67f4013292bb2c83b2e20231b6d3b483be1545037331f26c0e3a08db939f8c94e1a86c9150984353f0d4f20a92fa68ca49c8f7144e095f15b625da3c1a6e658b0d5ea0529980603ca5cc9c738f4b09a574e00c9f622248afbf16f2a62258cd3bccf6490875dba0977b2fa55c948e3ad3177f7c6c5306203aa9e961a4771339bea5c4a2dac6ac4e8758d648d6dee07a64cc2ee40ee8ab8df502b2f8ed4866ef5e963582bcb476d52ac683c778bafe5068d540aca4a40bd280782d42381569679b1fdc60c20d931ff50dd735537347e03385393ea2f34e0d30e2bbadc9572ea15682ee2a0179e0439597fa65cbaacc5b973b2316be8b2462901540b1f82d70ca7e0356962779ad62e0e214bc2ba4c71a3c1ae230af729db453301f5afad7fc863ac1e5174725577a4141735c4e3df1d6ab3beb64a27bf0f5aaa1c2502006df953f17fb598c404fc2dea52ad7ff1d13cc90d3dd3611b356fd4f51fce2a12029935214932e97a649ef75b5a21f09114dac4720d6a9d6391a7f43dfa1d2aef0273df3a75123c10e5d31ff159056385dae9008e92e9650be0bb2675760419185897a664487833695eb1ddaec18b5a4a0250913fd2ee6ff70982852482ec43182d46840419f164eb32f0d904aab90cacc06bf5a944de239071bfa124207b8ddc57e48a7feae0c339b14d882e3c123c8656216808b41d18c986cf3e0e7de60a981e70eddee09c2f01145c351855a8941b2a6cd98299b3ec65e87bce47ad4b7222625243795921b4c81d4fc725cb97f50b4415d713a15a8d1af113f9f11d562898f4d44a5503a34f5ee99e25f5fbf2381ea83b0d37837570058b71b66f33d7a2610a5233494e51fc8dcefeaa031542ea974d4bd517769a691c998a5fdafce8db2a8add28dff9d780a7e8c7e6018c1ac75a958e187bcae6561ca6d62f814efdc6096c3299d5799712fd11e485823f3e3d0ec9f3eef564116f558de8accf1deced7fd6d60d60a46375ccb213fa381fd7b58cfcda77fcfbdfb6954d369b789ac5007ee05b5651f3728b8d545a342f88aee97ce4fd314d6d2acf4df2909db45dcbe7c2f44b0acc61dfe86037d87ca64af572b97e25fd41e9abe76fbe3c63b7ec782aeab1a31ed748a6d4c596e7ccabbb0382a7a1668b970d4451e8a8f15ef3dfa72c67f5597d06f542712c1f2a6c79977910d45eae47fc876e8b02a512a079001b74102a4f1b43a1e5ec0bdcb980d8bbf592efd3ad13e16c584926691331acf8c4ef6960b0f8f369eb0cbe933d9f7610c0cbba47f490e69544ff40b7437102278f1b3454e980983162ab5a19d3c1812fceee98453540d7a9dab3486de6d9a45069503fa8ff1537274d8cd3f4854407f00e7d015a9a491bcb42c70773a650f4554ac7b7ffdc15ec0e38ef9b686d27f57efe4bda67e0eae83a597d6c487bcfab34a2c742138a6179c5a1942dffd03e5e3fb815e912858bddbad0d7f2e3bcfdfe938e0da0ff032916324e96196098410e70f925ea56a74d62b66c364584380bec2748e0da8b2be57578d07d0235311f9b051c2d82885e6232240e0cf8fb5d38ea60a2122f454b8c2898b670a05eda2bf52294379f7d04d2b4f68d4bd486ab012e232d18f54117276d03202066763039fc43edd0347e38c4994ef605fdd28d2fbccd3859c08e924a9489e4a2e8dfdc386df460aec36f6121040da16836cccf43f459d22ff9ea797e8e29a668824717e9efe73b019e8b7d168bd29069255e536040efcb3907df827a42f24ceaafce5aa8dd0f1da55d461758dfd26555957297ef76f34407b70d01b663804d578f50cefd0ee971b09035027fc68b35f62116ac9f5c4a2c38ebc020e63041309d8905ddf41dd5481a0a7b76ff25f6e9e3e44ffc10dbd371780546acf841d541f98b9fb968939b10c5c4d7bc7953a0471e6f93d3e67d66ecde22ce932ac4120c6e43d1770483dfd25b9055438d76d37f262edcc191176e4d7fe9439bdb1b5acb53e2bc5256bc32a6d4b95bcdae34b15409c957d42318a47055c58efc3eb9dcc02224283e06c736de0db86fd68ed10315e647fa7f5638896970d8138ba4c2eafaad44f04da8ffeaebc203a6fe5aebe772ccd19579c4e1b3d7a4614f83718076de4ffd63fdca7001bb8680fc6f690f86f18ca1f2405ccf6c2a51f946c6af89417dc06e6933181e44e1dd4ded4dd95f3e3396c4762a724e773ab158904a3aa6141708eba75bb4906bc82d9286093bb1720837113056d24a689cff1ae690620e5de5844b5177f18ed91f4cdfe63194339a53ad42066e649d356253d84e39363ff434751d3fd23225357bd6f1a75a71e595eaff52ffce759711ed725a947f59c0c46a9986c71dcf02119337d59090fe91879110d81bc73f7e05128060e5414326042f573ffb776f2935d2f3de24f02f62c8e8b81e8261296669480e5204fbfe278873b54521267478cdc008eedde63f9b5035cf33f0f17ccc2c02e1031ace6b5e0c08d94301ce7607cf830b239a131dbf767cdb218b92ba98a95b7c14134604f3f429da6b7d2bae512f1aeec15a67cabd2ba9b48d3ead2872f174dac7c66bdc0206a7b5dddb5f195a8979d83dd6a6d60c377e3d663f079ca45ca4d00c15004c2dfd5db8066bd833e1670dfa46323e6f3574b27bf7e340ede4d3e1d659e09c941580f1e2fd10047d4e0ee6f388daceffc174eb568ccadf2e7c516e6696118d8bb2153273052ff4ec4bdf2cf7edd193a450a9a74fe982d7f9a37389997e8289d2d3d2811db091845bda8fcbd6581c5e95e36e229eea12e1f4d51513f4c2714fb5416f372b899686e40839c4d963969172d2a7aea29206b33ee2c54ca94c89b8019a66a4188b8647aeae7201bc3cd1c9021db316d1311725e71a782449991fd8cdf97f99a10460925af077b713ebeaa1180708db70d5ead36437baa0f3024cff2ab4b7d8eea4dbe6ac125eb37781c62157c375d2784b56a041cc312ddb27c047274cea877ba16409789d5fe225cc7c7e10d21f8afeab47c7a8a00cb906400ce2c7b1b33421e52afc5f32c6b12ec3a6bafcd34817b558278352f588c03f83d3147513d97cd6fee77e6f9a457f00eda04c3ffdbb4d44a45b023e54e8df46dd7d34a202352ef3a0607466d3c2c0697faf17bc6c2680c3231ff621913de2a32591529d8a18e440debd44072951ec049c1ce3344a2c6e892b580b1ef5f6ac1f6de2f052363d403569b0d6b64f76fd2239dc874a892c777c3353c6c5b4c1f361a17e14f0064c0a55cda8874e1ded6b026e8a4f3b95e237b7236589f8c339850a17e7e9c9a07bbe2092fb5f4c31f7c38ed0e88c9a7bea870cdf9657b2d9153fb7924f317f63cb4e167a1acca710503c50753ade079ec9c6a907341ea222f8dcf73813817204fbf9f57cd6f619d8bbfa7b61a8d79ff35a67c25f93536e50a7a179f52f82bc027afef491b841dddc6e61fd162aa920ac9117e315068322cc3e158c16edec7a3d5a7353af7c8fe3a661e225781ced6916b5b125d6e14e583ab599194a1b442c3d5e097ed4279c453077306a7ef4901412756f700bbeecc15897b8821529a7964a7d9f73b91f4457fe22ed99f0018740fcde8c29b841aa7a2ad90f7ba4c3af", 0x1000}, {&(0x7f0000000000)="49270db8aea0547f974b", 0xa}, {&(0x7f00000000c0)="f75e29ebf568af9c5d6430e12d73bd3f91aacc", 0x13}, {&(0x7f0000000a80)="aa4992328813e9a0a959bc704f1d5127463942127ea10f1889ea27011f03139326450625dad17c885b514e32799d802d9f02e71f349ad6704d07", 0x3a}], 0x5, &(0x7f0000000b00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES64=r7, @ANYRES32=0x0, @ANYRESDEC=r4, @ANYBLOB="0000000028dae4b75b04f00000000000000001000000010000006a2c9c5a9a351134bf09b4a2a9986301589160dca3efa2eb1924f506d8b111b9ae7541221c281788f300873aefa0d1f42fed273c684f220bbcc99d25a60280b45f57ff6a1bf7ef956aaae467e597daab69f24bdc0088f55b79ac53ebd72315b2ed2ffd504d93113bd593ff0100000815a312bb731dd425b9dbc68559e7ed98506b853db5236429fb5b44258b2609a7a39d802f5e161d8fc42b9eb11743b634c91a8dc63fe3e8fbe78e1900000000000000000000200000c4530c4576336ec4516247a9d37714f6", @ANYRES32=r5, @ANYRES32=r5, @ANYRESHEX=r8, @ANYRES32=r7, @ANYRES32=r7, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x68, 0xc11}}, {{0x0, 0x0, &(0x7f0000002800), 0x0, &(0x7f0000000200)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}], 0x20, 0x20000090}}, {{0x0, 0x0, &(0x7f0000002d40)=[{&(0x7f00000009c0)="15c7026ffa877c9f5adcc20ff09a75ac39f60b340db8471f7f2182ae64e2092d5fe07194fd5993529b9a9ddea774c7f6d98ff90038f8f283d5f34a4b31f90d0e0a49", 0x42}, {&(0x7f0000002c00)="b057b2db", 0x4}, {&(0x7f0000002c40)}, {0x0}], 0x4, 0x0, 0x0, 0x20044894}}], 0x3, 0x4001)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r9 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r9, 0x4601, &(0x7f0000000100)={0x60, 0xa, 0x40, 0x0, 0x3e, 0x180, 0x2, 0x0, {}, {}, {}, {}, 0x0, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)

24.986591072s ago: executing program 0 (id=2294):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x19, 0x10, 0x79, 0x8, 0x4e8, 0x6889, 0x2bcd, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0xff, 0x10, 0x2, [{{0x9, 0x4, 0x41, 0x8b, 0x0, 0xff, 0xff, 0xff, 0x4}}]}}]}}, 0x0)
r0 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000040)=0x8)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x74, &(0x7f0000000200)={r1, 0xfffe, 0x20}, &(0x7f00000001c0)=0x18)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000080)=' hash=', 0x0)
connect$inet6(r3, &(0x7f0000002140)={0xa, 0x4e25, 0xffffffff, @mcast2, 0x7}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3, {0x1}}, './file0\x00'})
syz_usb_connect$cdc_ncm(0x4, 0xa3, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x91, 0x2, 0x1, 0x6, 0x0, 0xf5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x1, "252790"}, {0x5, 0x24, 0x0, 0x400}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x4e, 0x663, 0x8}, {0x6, 0x24, 0x1a, 0x3, 0x4}, [@mdlm={0x15, 0x24, 0x12, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x3, 0x3, 0x81, 0x3, 0x1, 0x7}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x7, 0x8, 0xd, 0x5, 0x7f}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xdc, 0x1, 0xf}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x20, 0x3, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x0, 0x2, 0x10}}}}}}}]}}, 0x0)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000fe"], 0xc8)
dup3(r5, r4, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

24.523788019s ago: executing program 4 (id=2295):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000140)="eb", 0x4164, 0x4008004, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)

24.156728343s ago: executing program 4 (id=2296):
socket$nl_route(0x10, 0x3, 0x0)
unshare(0x28000600)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x1}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x0, 0x20008081)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r3, 0x1, 0x0, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}, 0x20}}, 0x2000c050)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@map, 0x1d, 0x1, 0x6, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), <r6=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@fallback, r5, 0x17, 0xc, 0x0, @void, @value, @void, @void, r6}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r7 = syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r8, &(0x7f0000000000)="180c4552", 0x4)
write$binfmt_misc(r8, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000400)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x204, 0x0, 0x0, 0x0, 0xc, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x16}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
syz_open_dev$media(&(0x7f00000006c0), 0x4007, 0x0)
gettid()
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r9 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r9, 0xc004500a, &(0x7f0000000240)=0x3)
ioctl$SNDCTL_DSP_CHANNELS(r9, 0xc0045006, &(0x7f0000000080)=0x7f)

23.189646258s ago: executing program 4 (id=2303):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000007c0)="68377863ac6ea6", 0x7}], 0x1}}], 0x1, 0x8800)
close(r0)

23.138217321s ago: executing program 3 (id=2304):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$igmp(0x2, 0x3, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x32, 0xb}, 0x9c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff8}]})
capget(&(0x7f00000000c0)={0x19980330}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x4, 0x8a}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

22.995540183s ago: executing program 4 (id=2305):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000740), 0x8202, 0x0)
r2 = syz_open_dev$video(&(0x7f0000000380), 0x0, 0xaa040)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05640, &(0x7f0000000180)={0x2, @pix={0x5, 0x4982, 0x56595559, 0x0, 0xffff, 0x3, 0x3, 0xfeedcafe, 0x0, 0x0, 0x0, 0x5}})
mmap$binder(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x8000000000000000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_RESET(0xffffffffffffffff, 0x5000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)=ANY=[@ANYRES32=r6], 0x20)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="de6a84400f005f00440f20c0350a000000440f22c0c442c9a73b33aa00400000460f00d40f01df0f20d835080000000f22d80f0164120066b804000f00d8", 0x3e}], 0x1, 0x63, &(0x7f0000000240)=[@cr4={0x1, 0x200900}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x6, &(0x7f0000000040)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @jmp={0x5, 0x0, 0x7, 0x6, 0x7, 0xfffffffffffffffe}], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x98, &(0x7f0000000140)=""/152, 0x41100, 0x10, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000200)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0x7, 0x81, 0x6}, 0x10, 0x0, 0x0, 0x6, &(0x7f00000002c0)=[r0, r0, r1], &(0x7f0000000300)=[{0x3, 0x4, 0xa, 0x6}, {0x2, 0x2, 0x2, 0xa}, {0x2, 0x4, 0x3, 0x1}, {0x2, 0x5, 0x2}, {0x5, 0x4, 0x10, 0x6}, {0x3, 0x4, 0xd, 0x8}], 0x10, 0x3, @void, @value}, 0x94)

22.896412657s ago: executing program 3 (id=2306):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @private=0xa010102}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
write$binfmt_elf64(r1, &(0x7f0000004180)=ANY=[], 0x78)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = io_uring_setup(0x2e31, &(0x7f0000000780)={0x0, 0xca8a})
socket$kcm(0x2, 0x1, 0x84)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000380)={0x1d, r5, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
setsockopt$SO_J1939_ERRQUEUE(r4, 0x6b, 0x4, &(0x7f0000000080)=0x1, 0x4)
sendmsg$inet(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)}, 0x4048001)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r5, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
close_range(r2, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendto$inet(r1, &(0x7f0000004180)='(', 0x1, 0x1, 0x0, 0x0)

22.877944408s ago: executing program 2 (id=2307):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800000000040002800800"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

22.620922601s ago: executing program 3 (id=2308):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, 0x0, 0x0)
openat$audio(0xffffff9c, 0x0, 0x80, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0x10, 0x80000, 0x3)
sendmsg(r2, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000001c0)=@multiplanar_fd={0x7, 0x1, 0x4, 0x20, 0x800, {0x77359400}, {0x4, 0x0, 0x5, 0x3, 0x14, 0x6, "bc60c7f6"}, 0x1ad, 0x4, {&(0x7f00000003c0)=[{0x5, 0x9683, {}, 0xfffffff8}, {0x5, 0x6, {}, 0xfffffff7}]}, 0x4})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f00000002c0)={0x48})
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)='T', 0x1, 0x8910, &(0x7f0000000280)={0xa, 0xfffc, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x1}, 0x1c)
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x80, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r9, {0xc, 0xa}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x50, 0x2, [@TCA_FLOW_EMATCHES={0x4c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x40, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x28, 0x2, 0x0, 0x0, {{0x42, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}, @TCA_EM_META_RVALUE={0xe, 0x3, [@TCF_META_TYPE_VAR="5bb4366dc25fd3a6d958"]}]}}]}]}]}}]}, 0x80}}, 0x20040054)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

22.576775658s ago: executing program 2 (id=2309):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
preadv(r0, &(0x7f00000006c0)=[{&(0x7f00000002c0)=""/56, 0x38}, {0x0}], 0x2, 0x8, 0x10000)
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[{0x10}, {0x10, 0x110, 0xa}], 0x20, 0xe000}, 0x5}], 0x1, 0x0)

22.41644014s ago: executing program 1 (id=2310):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000240)=@assoc_value, &(0x7f0000000080)=0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
socket$inet6(0xa, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r4, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r5 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x0, 0x12, 0x0, 0x320})
r6 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r7 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r8 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r8, 0xffff)
fcntl$addseals(r8, 0x409, 0x7)
r9 = ioctl$UDMABUF_CREATE(r7, 0x40187542, &(0x7f00000002c0)={r8, 0x0, 0x0, 0x8000})
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r6, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r10})
close_range(r5, 0xffffffffffffffff, 0x0)
r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
close_range(r11, r11, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)

21.866742996s ago: executing program 0 (id=2311):
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f0104000000090583"], 0x0)
syz_usbip_server_init(0x1)

21.866072823s ago: executing program 2 (id=2312):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
socket$inet6(0xa, 0x1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x14, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x9}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x14, 0x6, 0x1, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x5128ef2c52fe809}, 0x800)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="7c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000080000000000140012800900010076657468000000000400028024000e00060000000041470004000000000000000100000000000000872b00030000000008002900bc1e0500140003007767320000000000000000000000000008000400cd"], 0x7c}, 0x1, 0x0, 0x0, 0x841}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00'})

21.704608236s ago: executing program 4 (id=2313):
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
migrate_pages(0xffffffffffffffff, 0x2, &(0x7f0000000140)=0x8001, &(0x7f00000001c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)={0xb8, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa, 0x0, 0x1}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0xfffffffffffffd57, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x38}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_NAT_SRC={0x24, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}]}, 0xb8}}, 0x0)
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x4, 0x0, 0x800, 0x0, 0x10, 0x0, 0x1}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r4, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @remote, 'caif0\x00'}})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet6_buf(r3, 0x29, 0x3d, &(0x7f00000002c0)=""/132, &(0x7f00000000c0)=0x84)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x2c, 0x3c, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @u32=0xffff}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x72}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

21.222038246s ago: executing program 2 (id=2314):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000180)={0x0, 0x600, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000040601010000000000000000030000080900020073797a32000000000500010007"], 0x38}, 0x1, 0x0, 0x0, 0x40011}, 0x20004000)

20.940620201s ago: executing program 2 (id=2315):
r0 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d2407010604000000000000e90924030000000001"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f0000000400)={0x40, 0x0, 0x1, "e6"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000009c0)={0x84, &(0x7f00000002c0)={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

20.940026624s ago: executing program 3 (id=2316):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xfff5}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x39}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080)

20.831214055s ago: executing program 3 (id=2317):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x101, 0x0, 0x0, {0x1}, @NFT_OBJECT_COUNTER=@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}}, @NFT_MSG_DELOBJ={0x1c8, 0x14, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_OBJ_USERDATA={0x4}, @NFTA_OBJ_USERDATA={0x4}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_OBJ_USERDATA={0xd6, 0x8, "948eaa938b2473fdef8577c07748640feed50476572679f03bd2443cb9e0941385b4216e2e12b110097e8190292edb8421f82a8ba8b524441941fc6b93515fcc6c2ff0d177ceaddbfe9e8138ca91f29ada3e07b66471093fcd2f64acd8fc7db21e3641f6f4a1ac70c6c07f233209f121a56f9da5f44c7ff75d31d9abd159d1ad7f2b11043e73175687401c4e4b9f087b07960cc0d33b9295d4df66c6c262e3da94efc0b9e2e9caa3f3434dc5a51984114334210ebd1549d2e89742a9833bd57628a2ed36714e2eb372a4742d054e4e0a528a"}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_USERDATA={0x98, 0x8, "712ddc3f6bd70fc0dd4ca2a20920690376c4ade8fd0af5542a83913773f1ab8d412baefc1e07bb3375026ebd1a275003e3457d433559d4ff35e3af54b74ba6881ff8a0ea5a8e071df8178a96429d8231f7547cf813338203e2c4aa0c8fc40d61359ba0b005f286e2899859fad7a28015295a18f58d33111dd57d1dbfb3f1cd077b71e3c5dfa65ef9089f623cc9fd832ffe9ed357"}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x801, 0x0, 0x0, {0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}]}, @NFT_MSG_DELSET={0xb4, 0xb, 0xa, 0x401, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0xffffff9a}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_USERDATA={0x7d, 0xd, 0x1, 0x0, "42a4a87ebb1a19ce9f07eacb6447def7ab562d1c0c10f2cd9a5a2a43503b06ed16b2a2d53bf281e9516f7eaa2bf3f505fa668ed4e949e3de624209fff8a9eabad2050f7552bfc60f6260ff49fe853183ad2d197ea2d74dbb6084530e2a2d650a4fb8c64d14836139ca3f599d9980307514bccdf7c727f7d5a1"}]}, @NFT_MSG_DELSETELEM={0x14, 0xe, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}}, @NFT_MSG_DELOBJ={0x50, 0x14, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_USERDATA={0x4}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELCHAIN={0x60, 0x5, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x6}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x5}]}], {0x14}}, 0x3b4}}, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, 0x0, 0x0)
listen(r1, 0xfffffffc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\t\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060006"], 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01000b00000000000000070000000c0001800500020001000000"], 0x20}}, 0x0)

18.764836713s ago: executing program 0 (id=2318):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x1000022f, &(0x7f00000004c0)={0x0, 0x1dff, 0x40, 0x3, 0x190}, &(0x7f0000000540)=<r0=>0x0, &(0x7f0000000400)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
syz_io_uring_setup(0x3f8a, &(0x7f0000000300)={0x0, 0x708e, 0x400, 0x3, 0x299}, &(0x7f0000000080), &(0x7f0000000640)=<r2=>0x0)
r3 = open$dir(&(0x7f0000000380)='./file0\x00', 0x202, 0x84)
r4 = open(&(0x7f0000000280)='.\x00', 0x8000, 0x0)
fcntl$notify(r4, 0x402, 0x8000003d)
fcntl$getownex(r4, 0x10, &(0x7f00000001c0))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r0, r2, &(0x7f0000000480)=@IORING_OP_LINKAT={0x27, 0x20, 0x0, r3, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', r4, 0x0, 0x0, {0x0, r5}})
socket(0x28, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000600)=[@text32={0x20, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0400000000000000850400000000000005"])
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="30000000130a0300000000bcfcb50000000000020000000900020073797a3100000008006849b612eaba03e8e7060340000000"], 0x30}}, 0x4000040)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x5, 0x5, &(0x7f0000000580)=ANY=[@ANYRES8=r6], 0x0, 0x5b4230ff, 0x0, 0x0, 0x41100, 0x2a, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf739, @void, @value}, 0x94)
r10 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r10, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
socket$igmp6(0xa, 0x3, 0x2)

18.623765909s ago: executing program 2 (id=2319):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x2100, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x1, 0x70bd2d, 0x25dfdc01, {0x0, 0x0, 0x0, 0x0, 0x14318}, [@IFLA_IFNAME={0x14, 0x3, 'erspan0\x00'}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @empty}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x84}, 0x4000)

18.476079949s ago: executing program 0 (id=2320):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800000000040002800800"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

18.186424834s ago: executing program 1 (id=2321):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x19, 0x10, 0x79, 0x8, 0x4e8, 0x6889, 0x2bcd, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0xff, 0x10, 0x2, [{{0x9, 0x4, 0x41, 0x8b, 0x0, 0xff, 0xff, 0xff, 0x4}}]}}]}}, 0x0)
r0 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000040)=0x8)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x74, &(0x7f0000000200)={r1, 0xfffe, 0x20}, &(0x7f00000001c0)=0x18)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000080)=' hash=', 0x0)
connect$inet6(r3, &(0x7f0000002140)={0xa, 0x4e25, 0xffffffff, @mcast2, 0x7}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3, {0x1}}, './file0\x00'})
syz_usb_connect$cdc_ncm(0x4, 0xa3, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x91, 0x2, 0x1, 0x6, 0x0, 0xf5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x1, "252790"}, {0x5, 0x24, 0x0, 0x400}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x4e, 0x663, 0x8}, {0x6, 0x24, 0x1a, 0x3, 0x4}, [@mdlm={0x15, 0x24, 0x12, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x3, 0x3, 0x81, 0x3, 0x1, 0x7}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x7, 0x8, 0xd, 0x5, 0x7f}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xdc, 0x1, 0xf}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x20, 0x3, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x0, 0x2, 0x10}}}}}}}]}}, 0x0)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000fe"], 0xc8)
dup3(r5, r4, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

16.999896459s ago: executing program 1 (id=2322):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a300000000040000380080001400000000008000240000000002c0003801400010063616966300000000000000000000000140001006d61"], 0x110}}, 0x800) (fail_nth: 14)

16.524653578s ago: executing program 1 (id=2323):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$igmp(0x2, 0x3, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e27, @rand_addr=0x64010104}, 0x10)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x32, 0xb}, 0x9c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff8}]})
capget(&(0x7f00000000c0)={0x19980330}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x4, 0x8a}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)=0x4, 0x4)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

16.34028571s ago: executing program 1 (id=2324):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f00000000c0)=0xd95, 0x4019e2060d4e3ac7)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441700322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f700", 0x2e}, 0x48, 0xfffffffffffffffd)
keyctl$chown(0x4, r3, 0xffffffffffffffff, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x4, &(0x7f0000000040)=[{0x2, 0x0, 0x8, 0xfffffff6}, {0xbe20, 0x0, 0x9}, {0x40, 0x1, 0x1, 0xfa4}, {0xfffe, 0x63, 0x5, 0x8}]})
socket$inet6(0xa, 0x4, 0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@fallback, 0xffffffffffffffff, 0x4, 0x2, 0xffffffffffffffff, @void, @value}, 0x20)
bind$alg(r4, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f00000000c0)=[{0x45, 0x1, 0x2}, {0x61}, {0x81}, {0x6, 0x0, 0xfd}]})
socket$inet_tcp(0x2, 0x1, 0x0)
recvmmsg$unix(r5, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

15.460035081s ago: executing program 1 (id=2325):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000001500)=[{{&(0x7f0000000180)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0], 0x10}}], 0x2, 0x600c802)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe8, 0xffffffffffffffff}, 0x10)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000200)={0x48})
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f00000003c0)=@ethtool_coalesce={0xf}})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
sendmsg$inet6(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)='d', 0x1}], 0x1}, 0x8000)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x1, 0x20}, 0xc)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1)

6.515183259s ago: executing program 32 (id=2313):
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
migrate_pages(0xffffffffffffffff, 0x2, &(0x7f0000000140)=0x8001, &(0x7f00000001c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)={0xb8, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa, 0x0, 0x1}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0xfffffffffffffd57, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x38}}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_NAT_SRC={0x24, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}]}, 0xb8}}, 0x0)
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x4, 0x0, 0x800, 0x0, 0x10, 0x0, 0x1}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r4, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @remote, 'caif0\x00'}})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet6_buf(r3, 0x29, 0x3d, &(0x7f00000002c0)=""/132, &(0x7f00000000c0)=0x84)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x2c, 0x3c, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @u32=0xffff}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x72}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

5.510561066s ago: executing program 33 (id=2317):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x101, 0x0, 0x0, {0x1}, @NFT_OBJECT_COUNTER=@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}}, @NFT_MSG_DELOBJ={0x1c8, 0x14, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_OBJ_USERDATA={0x4}, @NFTA_OBJ_USERDATA={0x4}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_OBJ_USERDATA={0xd6, 0x8, "948eaa938b2473fdef8577c07748640feed50476572679f03bd2443cb9e0941385b4216e2e12b110097e8190292edb8421f82a8ba8b524441941fc6b93515fcc6c2ff0d177ceaddbfe9e8138ca91f29ada3e07b66471093fcd2f64acd8fc7db21e3641f6f4a1ac70c6c07f233209f121a56f9da5f44c7ff75d31d9abd159d1ad7f2b11043e73175687401c4e4b9f087b07960cc0d33b9295d4df66c6c262e3da94efc0b9e2e9caa3f3434dc5a51984114334210ebd1549d2e89742a9833bd57628a2ed36714e2eb372a4742d054e4e0a528a"}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_USERDATA={0x98, 0x8, "712ddc3f6bd70fc0dd4ca2a20920690376c4ade8fd0af5542a83913773f1ab8d412baefc1e07bb3375026ebd1a275003e3457d433559d4ff35e3af54b74ba6881ff8a0ea5a8e071df8178a96429d8231f7547cf813338203e2c4aa0c8fc40d61359ba0b005f286e2899859fad7a28015295a18f58d33111dd57d1dbfb3f1cd077b71e3c5dfa65ef9089f623cc9fd832ffe9ed357"}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x801, 0x0, 0x0, {0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}]}, @NFT_MSG_DELSET={0xb4, 0xb, 0xa, 0x401, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0xffffff9a}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_USERDATA={0x7d, 0xd, 0x1, 0x0, "42a4a87ebb1a19ce9f07eacb6447def7ab562d1c0c10f2cd9a5a2a43503b06ed16b2a2d53bf281e9516f7eaa2bf3f505fa668ed4e949e3de624209fff8a9eabad2050f7552bfc60f6260ff49fe853183ad2d197ea2d74dbb6084530e2a2d650a4fb8c64d14836139ca3f599d9980307514bccdf7c727f7d5a1"}]}, @NFT_MSG_DELSETELEM={0x14, 0xe, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}}, @NFT_MSG_DELOBJ={0x50, 0x14, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_USERDATA={0x4}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELCHAIN={0x60, 0x5, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x6}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x5}]}], {0x14}}, 0x3b4}}, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, 0x0, 0x0)
listen(r1, 0xfffffffc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\t\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060006"], 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01000b00000000000000070000000c0001800500020001000000"], 0x20}}, 0x0)

3.50692562s ago: executing program 34 (id=2319):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x2100, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x1, 0x70bd2d, 0x25dfdc01, {0x0, 0x0, 0x0, 0x0, 0x14318}, [@IFLA_IFNAME={0x14, 0x3, 'erspan0\x00'}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @empty}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x84}, 0x4000)

3.009005848s ago: executing program 35 (id=2320):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800000000040002800800"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

0s ago: executing program 36 (id=2325):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000001500)=[{{&(0x7f0000000180)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0], 0x10}}], 0x2, 0x600c802)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe8, 0xffffffffffffffff}, 0x10)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000200)={0x48})
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f00000003c0)=@ethtool_coalesce={0xf}})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
sendmsg$inet6(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)='d', 0x1}], 0x1}, 0x8000)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x1, 0x20}, 0xc)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1)

kernel console output (not intermixed with test programs):

: renamed from eth2
[  599.606834][T12705] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  599.643034][ T5948] usb 5-1: USB disconnect, device number 116
[  599.699384][   T10] usb 4-1: config 0 descriptor??
[  599.935656][    T9] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  599.962739][T12705] 8021q: adding VLAN 0 to HW filter on device bond0
[  599.995899][T12705] 8021q: adding VLAN 0 to HW filter on device team0
[  600.012797][ T3558] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.020020][ T3558] bridge0: port 1(bridge_slave_0) entered forwarding state
[  600.041390][ T3470] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.048606][ T3470] bridge0: port 2(bridge_slave_1) entered forwarding state
[  600.107122][    T9] usb 3-1: config 0 has an invalid interface number: 44 but max is 1
[  600.119006][    T9] usb 3-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  600.132179][   T10] hid-picolcd 0003:04D8:F002.001E: item fetching failed at offset 3/11
[  600.159617][   T10] hid-picolcd 0003:04D8:F002.001E: device report parse failed
[  600.167971][    T9] usb 3-1: config 0 has an invalid interface number: 92 but max is 1
[  600.178309][   T10] hid-picolcd 0003:04D8:F002.001E: probe with driver hid-picolcd failed with error -22
[  600.195241][    T9] usb 3-1: config 0 has an invalid interface association descriptor of length 5, skipping
[  600.197667][T12705] 8021q: adding VLAN 0 to HW filter on device batadv0
[  600.225951][    T9] usb 3-1: config 0 has no interface number 0
[  600.240893][    T9] usb 3-1: config 0 has no interface number 1
[  600.274893][    T9] usb 3-1: config 0 interface 44 altsetting 255 has an invalid descriptor for endpoint zero, skipping
[  600.314967][    T9] usb 3-1: config 0 interface 44 altsetting 255 has an invalid descriptor for endpoint zero, skipping
[  600.339941][    T9] usb 3-1: config 0 interface 44 altsetting 255 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  600.353358][ T5948] usb 4-1: USB disconnect, device number 2
[  600.360095][    T9] usb 3-1: config 0 interface 44 altsetting 255 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  600.397230][T12705] veth0_vlan: entered promiscuous mode
[  600.418363][    T9] usb 3-1: config 0 interface 44 altsetting 255 has an invalid descriptor for endpoint zero, skipping
[  600.422715][T12705] veth1_vlan: entered promiscuous mode
[  600.472493][    T9] usb 3-1: config 0 interface 44 altsetting 255 has an invalid descriptor for endpoint zero, skipping
[  600.489402][    T9] usb 3-1: config 0 interface 44 has no altsetting 0
[  600.499428][    T9] usb 3-1: config 0 interface 92 has no altsetting 0
[  600.519644][    T9] usb 3-1: New USB device found, idVendor=1b3d, idProduct=01ab, bcdDevice=85.24
[  600.545397][ T5847] Bluetooth: hci2: command tx timeout
[  600.552929][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.562270][    T9] usb 3-1: Product: syz
[  600.567414][    T9] usb 3-1: Manufacturer: syz
[  600.572045][    T9] usb 3-1: SerialNumber: syz
[  600.572949][T12705] veth0_macvtap: entered promiscuous mode
[  600.590068][    T9] usb 3-1: config 0 descriptor??
[  600.621682][T12705] veth1_macvtap: entered promiscuous mode
[  600.688194][T12705] batman_adv: batadv0: Interface activated: batadv_slave_0
[  600.736656][T12705] batman_adv: batadv0: Interface activated: batadv_slave_1
[  600.764915][ T5947] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[  600.780401][T12705] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  600.822854][    T9] ftdi_sio 3-1:0.44: FTDI USB Serial Device converter detected
[  600.839037][T12705] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  600.852292][    T9] ftdi_sio ttyUSB0: unknown device type: 0x8524
[  600.858762][T12705] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  600.882612][T12705] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  600.897661][    T9] ftdi_sio 3-1:0.92: FTDI USB Serial Device converter detected
[  600.916048][    T9] ftdi_sio ttyUSB1: unknown device type: 0x8524
[  600.955215][ T5947] usb 5-1: Using ep0 maxpacket: 8
[  600.960883][    T9] usb 3-1: USB disconnect, device number 21
[  600.968741][ T5947] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  601.016180][ T5947] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  601.035723][    T9] ftdi_sio 3-1:0.44: device disconnected
[  601.074847][ T5947] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  601.083939][    T9] ftdi_sio 3-1:0.92: device disconnected
[  601.127062][ T5947] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  601.198877][ T5947] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  601.229407][ T5947] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.293275][ T1034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  601.319479][ T1034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  601.410578][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  601.462357][ T5947] usb 5-1: GET_CAPABILITIES returned 0
[  601.470767][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  601.539789][ T5947] usbtmc 5-1:16.0: can't read capabilities
[  601.653251][T12861] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2071'.
[  601.676229][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  601.703201][T12842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  601.731411][T12842] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  601.788493][ T5947] usb 5-1: USB disconnect, device number 117
[  602.104836][ T5948] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  602.124620][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  602.174996][   T43] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  602.267561][ T5948] usb 2-1: Using ep0 maxpacket: 32
[  602.277978][ T5948] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  602.289708][ T5948] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.299873][ T5948] usb 2-1: Product: syz
[  602.304040][ T5948] usb 2-1: Manufacturer: syz
[  602.329238][   T43] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  602.340018][   T43] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  602.346753][    T9] usb 4-1: config 171 has an invalid interface number: 109 but max is 0
[  602.379698][    T9] usb 4-1: config 171 has an invalid descriptor of length 0, skipping remainder of the config
[  602.396368][   T43] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  602.405863][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.413885][   T43] usb 3-1: Product: syz
[  602.443889][ T5948] usb 2-1: SerialNumber: syz
[  602.445177][    T9] usb 4-1: config 171 has no interface number 0
[  602.460408][ T5948] usb 2-1: config 0 descriptor??
[  602.468645][   T43] usb 3-1: Manufacturer: syz
[  602.496947][   T43] usb 3-1: SerialNumber: syz
[  602.503652][ T5948] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  602.520859][   T30] kauditd_printk_skb: 89 callbacks suppressed
[  602.520879][   T30] audit: type=1326 audit(1750432807.403:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.551137][T12882] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2075'.
[  602.574824][    T9] usb 4-1: config 171 interface 109 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1023
[  602.580632][   T30] audit: type=1326 audit(1750432807.403:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.622989][    T9] usb 4-1: config 171 interface 109 altsetting 0 endpoint 0x1 has invalid maxpacket 768, setting to 64
[  602.649427][T12882] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2075'.
[  602.712765][ T5948] gspca_ov534_9: reg_w failed -71
[  602.722152][   T30] audit: type=1326 audit(1750432807.403:4079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.746002][    T9] usb 4-1: config 171 interface 109 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 12
[  602.749648][   T30] audit: type=1326 audit(1750432807.403:4080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.788343][   T30] audit: type=1326 audit(1750432807.403:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.818193][   T30] audit: type=1326 audit(1750432807.443:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.825304][    T9] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=fd.2e
[  602.866049][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.874181][    T9] usb 4-1: Product: syz
[  602.931674][   T30] audit: type=1326 audit(1750432807.443:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.959997][   T30] audit: type=1326 audit(1750432807.443:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  602.961965][    T9] usb 4-1: Manufacturer: syz
[  602.998140][   T30] audit: type=1326 audit(1750432807.443:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  603.024496][   T43] usb 3-1: cannot find UAC_HEADER
[  603.064861][   T43] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  603.074311][    T9] usb 4-1: SerialNumber: syz
[  603.101201][T12875] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  603.124713][   T30] audit: type=1326 audit(1750432807.593:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12881 comm="syz.4.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  603.147818][ T5948] gspca_ov534_9: Unknown sensor 0000
[  603.147908][ T5948] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22
[  603.180378][ T6029] udevd[6029]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  603.201808][ T5948] usb 2-1: USB disconnect, device number 8
[  603.338990][T12875] input: syz1 as /devices/virtual/input/input49
[  603.594907][T12876] nvme_fabrics: missing parameter 'transport=%s'
[  603.602132][T12876] nvme_fabrics: missing parameter 'nqn=%s'
[  604.002715][T12918] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2080'.
[  604.031864][T12917] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  604.156369][    T9] ath6kl: Failed to submit usb control message: -110
[  604.163196][    T9] ath6kl: unable to send the bmi data to the device: -110
[  604.194919][    T9] ath6kl: Unable to send get target info: -110
[  604.241808][    T9] ath6kl: Failed to init ath6kl core: -110
[  604.252631][    T9] ath6kl_usb 4-1:171.109: probe with driver ath6kl_usb failed with error -110
[  604.354722][ T5948] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[  604.531279][ T5948] usb 5-1: config 0 has no interfaces?
[  604.547497][ T5948] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  604.556874][ T5948] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.608775][ T5948] usb 5-1: Product: syz
[  604.644239][ T5948] usb 5-1: Manufacturer: syz
[  604.727594][T12930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  604.800064][T12930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  605.063998][ T5888] usb 3-1: USB disconnect, device number 22
[  605.080317][ T5948] usb 5-1: SerialNumber: syz
[  605.102476][ T5948] usb 5-1: config 0 descriptor??
[  605.711309][T12944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  605.795651][T12944] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  605.904027][T12947] use of bytesused == 0 is deprecated and will be removed in the future,
[  605.944889][T12947] use the actual size instead.
[  606.753615][T12957] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  606.760183][T12957] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  606.789019][T12957] vhci_hcd vhci_hcd.0: Device attached
[  607.044629][ T5888] usb 33-1: new low-speed USB device number 4 using vhci_hcd
[  607.290400][ T5948] usb 4-1: USB disconnect, device number 3
[  607.526379][    T9] usb 5-1: USB disconnect, device number 118
[  607.765536][T12996] bridge1: entered allmulticast mode
[  607.813893][T12974] cgroup: fork rejected by pids controller in /syz3
[  607.859406][T13005] netlink: 'syz.4.2093': attribute type 13 has an invalid length.
[  607.874096][T13005] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2093'.
[  608.019793][T13005] net veth1_virt_wifi virt_wifi0: refused to change device tx_queue_len
[  608.316245][T13016] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2096'.
[  608.945142][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  608.954754][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  609.380954][T12959] vhci_hcd: connection reset by peer
[  609.409520][   T49] vhci_hcd: stop threads
[  609.413822][   T49] vhci_hcd: release socket
[  609.438890][   T49] vhci_hcd: disconnect device
[  609.448248][    T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  609.724692][    T9] usb 2-1: Using ep0 maxpacket: 32
[  609.733892][    T9] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  609.743435][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.754778][    T9] usb 2-1: Product: syz
[  609.758979][    T9] usb 2-1: Manufacturer: syz
[  609.771310][    T9] usb 2-1: SerialNumber: syz
[  609.786227][    T9] usb 2-1: config 0 descriptor??
[  609.808073][    T9] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  610.112192][T13052] netlink: 'syz.4.2103': attribute type 10 has an invalid length.
[  610.145131][T13052] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2103'.
[  610.165062][ T5948] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  610.178414][T13052] dummy0: entered promiscuous mode
[  610.210418][    T9] gspca_ov534_9: reg_w failed -71
[  610.217878][T13052] batman_adv: batadv0: Interface deactivated: dummy0
[  610.247878][T13052] batman_adv: batadv0: Removing interface: dummy0
[  610.262812][T13052] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  610.394666][ T5948] usb 4-1: Using ep0 maxpacket: 16
[  610.405417][ T5948] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  610.414978][ T5948] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  610.432536][ T5948] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  610.454771][ T5948] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  610.471888][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  610.489036][ T5948] usb 4-1: Product: syz
[  610.497804][ T5948] usb 4-1: Manufacturer: syz
[  610.508721][ T5948] usb 4-1: SerialNumber: syz
[  610.684686][    T9] gspca_ov534_9: Unknown sensor 0000
[  610.684787][    T9] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22
[  610.708597][    T9] usb 2-1: USB disconnect, device number 9
[  610.939810][ T5948] usb 4-1: 0:2 : does not exist
[  611.214655][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  611.275662][   T43] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  611.418355][    T9] usb 2-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd
[  611.431760][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  611.434996][   T43] usb 3-1: Using ep0 maxpacket: 16
[  611.440525][    T9] usb 2-1: Product: syz
[  611.452224][    T9] usb 2-1: Manufacturer: syz
[  611.471184][    T9] usb 2-1: SerialNumber: syz
[  611.478120][   T43] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  611.495683][   T43] usb 3-1: config 0 has no interface number 0
[  611.552490][    T9] usb 2-1: config 0 descriptor??
[  611.573450][ T5847] Bluetooth: hci5: urb ffff888029281300 submission failed (2)
[  611.770568][   T43] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  611.779828][T13071] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2105'.
[  611.812617][ T5948] usb 4-1: USB disconnect, device number 4
[  611.845438][   T43] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  611.850820][T13071] pim6reg9: entered allmulticast mode
[  611.905586][   T43] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  611.942649][   T43] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  611.952327][   T43] usb 3-1: Product: syz
[  611.962195][   T43] usb 3-1: SerialNumber: syz
[  611.969388][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  611.969415][   T30] audit: type=1326 audit(1750432816.853:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.1.2105" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x0
[  612.003668][   T43] usb 3-1: config 0 descriptor??
[  612.020892][   T43] cm109 3-1:0.8: invalid payload size 0, expected 4
[  612.038499][   T43] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input50
[  612.072802][ T5901] usb 2-1: USB disconnect, device number 10
[  612.139714][ T5888] vhci_hcd: vhci_device speed not set
[  612.278978][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  612.552439][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.561435][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.568795][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.576162][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.583333][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.590559][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.600771][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.607947][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.615851][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.623017][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  612.636845][ T5948] usb 3-1: USB disconnect, device number 23
[  612.642783][    C1] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  612.669563][ T5948] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  613.057236][T13105] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  613.794923][ T5888] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  613.844611][ T5901] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  614.005146][ T5888] usb 3-1: Using ep0 maxpacket: 16
[  614.033018][ T5888] usb 3-1: config 0 has no interfaces?
[  614.039202][ T5901] usb 4-1: Using ep0 maxpacket: 32
[  614.052571][ T5888] usb 3-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  614.092009][ T5901] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  614.131185][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.143497][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  614.170480][ T5888] usb 3-1: config 0 descriptor??
[  614.184095][ T5901] usb 4-1: Product: syz
[  614.194458][ T5901] usb 4-1: Manufacturer: syz
[  614.219595][ T5901] usb 4-1: SerialNumber: syz
[  614.241795][ T5901] usb 4-1: config 0 descriptor??
[  614.259863][ T5901] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  614.604737][ T5888] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  614.661395][ T5901] gspca_ov534_9: reg_w failed -71
[  614.827486][ T5888] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  614.839431][ T5888] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  614.850370][ T5888] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  614.860320][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.872919][ T5888] usb 2-1: config 0 descriptor??
[  615.246227][T13137] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2124'.
[  615.315092][ T5901] gspca_ov534_9: Unknown sensor 0000
[  615.315217][ T5901] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[  615.337787][ T5901] usb 4-1: USB disconnect, device number 5
[  615.356873][T13139] FAULT_INJECTION: forcing a failure.
[  615.356873][T13139] name failslab, interval 1, probability 0, space 0, times 0
[  615.373668][T13139] CPU: 1 UID: 0 PID: 13139 Comm: syz.3.2125 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  615.373693][T13139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  615.373704][T13139] Call Trace:
[  615.373712][T13139]  <TASK>
[  615.373720][T13139]  dump_stack_lvl+0x189/0x250
[  615.373748][T13139]  ? __pfx____ratelimit+0x10/0x10
[  615.373773][T13139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  615.373796][T13139]  ? __pfx__printk+0x10/0x10
[  615.373821][T13139]  ? __pfx___might_resched+0x10/0x10
[  615.373850][T13139]  should_fail_ex+0x414/0x560
[  615.373877][T13139]  should_failslab+0xa8/0x100
[  615.373899][T13139]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  615.373917][T13139]  ? __alloc_skb+0x112/0x2d0
[  615.373940][T13139]  __alloc_skb+0x112/0x2d0
[  615.373962][T13139]  netlink_dump+0x22b/0xe20
[  615.373983][T13139]  ? __nla_parse+0x40/0x60
[  615.374017][T13139]  ? ip_set_dump_start+0x158/0x410
[  615.374036][T13139]  ? __pfx_netlink_dump+0x10/0x10
[  615.374065][T13139]  ? netlink_lookup+0x30/0x200
[  615.374081][T13139]  ? netlink_lookup+0x30/0x200
[  615.374097][T13139]  ? netlink_lookup+0x30/0x200
[  615.374121][T13139]  __netlink_dump_start+0x5cb/0x7e0
[  615.374148][T13139]  ip_set_dump+0x13e/0x1c0
[  615.374172][T13139]  ? __pfx_ip_set_dump+0x10/0x10
[  615.374193][T13139]  ? __pfx_ip_set_dump_start+0x10/0x10
[  615.374208][T13139]  ? __pfx_ip_set_dump_do+0x10/0x10
[  615.374223][T13139]  ? __pfx_ip_set_dump_done+0x10/0x10
[  615.374254][T13139]  nfnetlink_rcv_msg+0xb4d/0x1130
[  615.374279][T13139]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  615.374318][T13139]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  615.374339][T13139]  ? kasan_save_free_info+0x46/0x50
[  615.374407][T13139]  netlink_rcv_skb+0x205/0x470
[  615.374428][T13139]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  615.374453][T13139]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  615.374484][T13139]  ? bpf_lsm_capable+0x9/0x20
[  615.374499][T13139]  ? security_capable+0x7e/0x2e0
[  615.374529][T13139]  nfnetlink_rcv+0x26a/0x2520
[  615.374552][T13139]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  615.374577][T13139]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  615.374604][T13139]  ? __dev_queue_xmit+0x27e/0x3a70
[  615.374625][T13139]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  615.374651][T13139]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  615.374672][T13139]  ? __pfx___dev_queue_xmit+0x10/0x10
[  615.374705][T13139]  ? ref_tracker_free+0x63a/0x7d0
[  615.374723][T13139]  ? __copy_skb_header+0xa7/0x550
[  615.374745][T13139]  ? __pfx_ref_tracker_free+0x10/0x10
[  615.374780][T13139]  ? skb_clone+0x246/0x3a0
[  615.374803][T13139]  ? __netlink_deliver_tap+0x807/0x850
[  615.374822][T13139]  ? netlink_deliver_tap+0x2e/0x1b0
[  615.374846][T13139]  ? netlink_deliver_tap+0x2e/0x1b0
[  615.374883][T13139]  ? netlink_deliver_tap+0x2e/0x1b0
[  615.374906][T13139]  netlink_unicast+0x758/0x8d0
[  615.374933][T13139]  netlink_sendmsg+0x805/0xb30
[  615.374962][T13139]  ? __pfx_netlink_sendmsg+0x10/0x10
[  615.374984][T13139]  ? aa_sock_msg_perm+0x94/0x160
[  615.375012][T13139]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  615.375032][T13139]  ? __pfx_netlink_sendmsg+0x10/0x10
[  615.375051][T13139]  __sock_sendmsg+0x219/0x270
[  615.375079][T13139]  ____sys_sendmsg+0x505/0x830
[  615.375105][T13139]  ? __pfx_____sys_sendmsg+0x10/0x10
[  615.375133][T13139]  ? import_iovec+0x74/0xa0
[  615.375155][T13139]  ___sys_sendmsg+0x21f/0x2a0
[  615.375176][T13139]  ? __pfx____sys_sendmsg+0x10/0x10
[  615.375232][T13139]  ? __fget_files+0x2a/0x420
[  615.375249][T13139]  ? __fget_files+0x3a0/0x420
[  615.375276][T13139]  __x64_sys_sendmsg+0x19b/0x260
[  615.375298][T13139]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  615.375328][T13139]  ? __pfx_ksys_write+0x10/0x10
[  615.375343][T13139]  ? rcu_is_watching+0x15/0xb0
[  615.375369][T13139]  ? do_syscall_64+0xbe/0x3b0
[  615.375387][T13139]  do_syscall_64+0xfa/0x3b0
[  615.375400][T13139]  ? lockdep_hardirqs_on+0x9c/0x150
[  615.375420][T13139]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  615.375435][T13139]  ? clear_bhb_loop+0x60/0xb0
[  615.375454][T13139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  615.375469][T13139] RIP: 0033:0x7fd4b678e929
[  615.375485][T13139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  615.375498][T13139] RSP: 002b:00007fd4b7613038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  615.375515][T13139] RAX: ffffffffffffffda RBX: 00007fd4b69b5fa0 RCX: 00007fd4b678e929
[  615.375525][T13139] RDX: 0000000000000010 RSI: 0000200000001300 RDI: 0000000000000003
[  615.375536][T13139] RBP: 00007fd4b7613090 R08: 0000000000000000 R09: 0000000000000000
[  615.375547][T13139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  615.375557][T13139] R13: 0000000000000000 R14: 00007fd4b69b5fa0 R15: 00007fd4b6adfa28
[  615.375582][T13139]  </TASK>
[  615.835203][    C1] vkms_vblank_simulate: vblank timer overrun
[  615.904872][ T5908] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[  616.070229][ T5908] usb 5-1: config 0 has no interfaces?
[  616.079901][ T5908] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  616.092719][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.102746][ T5908] usb 5-1: Product: syz
[  616.107963][ T5908] usb 5-1: Manufacturer: syz
[  616.112619][ T5908] usb 5-1: SerialNumber: syz
[  616.121975][ T5908] usb 5-1: config 0 descriptor??
[  616.192411][T13148] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  616.401095][ T5908] usb 3-1: USB disconnect, device number 24
[  616.438688][ T5888] uclogic 0003:256C:006D.001F: interface is invalid, ignoring
[  617.208660][ T5888] usb 2-1: USB disconnect, device number 11
[  617.415478][ T5908] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  617.471064][T13173] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  617.610702][ T5908] usb 4-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  617.610733][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.610750][ T5908] usb 4-1: Product: syz
[  617.610758][ T5908] usb 4-1: Manufacturer: syz
[  617.610768][ T5908] usb 4-1: SerialNumber: syz
[  617.612903][ T5908] usb 4-1: config 0 descriptor??
[  617.622636][ T5908] go7007 4-1:0.0: probe with driver go7007 failed with error -12
[  618.027410][ T5908] usb 5-1: USB disconnect, device number 119
[  618.998975][T13197] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  620.008221][   T43] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  620.175225][ T5901] usb 4-1: USB disconnect, device number 6
[  620.290131][   T43] usb 2-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  620.368676][   T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  620.384209][   T43] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c
[  620.399594][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  620.430124][   T43] usb 2-1: Product: syz
[  620.464422][   T43] usb 2-1: Manufacturer: syz
[  620.489474][   T43] usb 2-1: SerialNumber: syz
[  620.525417][   T43] usb 2-1: config 0 descriptor??
[  620.548635][   T43] ims_pcu 2-1:0.0: Missing CDC union descriptor
[  620.555720][   T43] ims_pcu 2-1:0.0: probe with driver ims_pcu failed with error -22
[  620.859651][T13226] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  621.189299][ T5888] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  621.316509][ T5947] usb 2-1: USB disconnect, device number 12
[  621.514152][ T5888] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  621.545321][   T30] audit: type=1326 audit(1750432826.433:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13231 comm="syz.1.2150" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x0
[  621.546420][ T5888] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  621.710236][ T5888] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  621.719745][ T5888] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.765410][T13227] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  621.785397][ T5888] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  622.006270][ T5888] usb 4-1: USB disconnect, device number 7
[  622.456849][T13243] syz.0.2151 (13243): drop_caches: 2
[  622.467918][T13243] sctp: [Deprecated]: syz.0.2151 (pid 13243) Use of int in maxseg socket option.
[  622.467918][T13243] Use struct sctp_assoc_value instead
[  622.649564][T13245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  622.658674][T13245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  622.721866][T13245] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2152'.
[  622.731804][T13245] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[  622.740847][T13245] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  622.807840][   T30] audit: type=1326 audit(1750432827.643:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  622.902805][   T30] audit: type=1326 audit(1750432827.643:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc1acd2ab19 code=0x7ffc0000
[  623.034647][ T5908] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  623.205444][   T30] audit: type=1326 audit(1750432827.643:4092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  623.238964][   T30] audit: type=1326 audit(1750432827.643:4093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  623.262600][   T30] audit: type=1326 audit(1750432827.643:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  623.285042][    C0] vkms_vblank_simulate: vblank timer overrun
[  623.292533][   T30] audit: type=1326 audit(1750432827.643:4095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1acd8e929 code=0x7ffc0000
[  623.315327][    C0] vkms_vblank_simulate: vblank timer overrun
[  623.353562][ T5908] usb 2-1: Using ep0 maxpacket: 32
[  623.385026][ T5908] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  623.404857][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.434387][ T5908] usb 2-1: config 0 descriptor??
[  623.442867][   T30] audit: type=1326 audit(1750432827.643:4096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc1acd2ab19 code=0x7ffc0000
[  623.465259][    C0] vkms_vblank_simulate: vblank timer overrun
[  623.488562][   T30] audit: type=1326 audit(1750432827.643:4097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc1acd2ab19 code=0x7ffc0000
[  623.514778][ T5908] gspca_main: sunplus-2.14.0 probing 041e:400b
[  623.522882][   T30] audit: type=1326 audit(1750432827.643:4098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13244 comm="syz.4.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc1acd2ab19 code=0x7ffc0000
[  623.726587][ T5947] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  623.890505][ T5908] gspca_sunplus: reg_r err -32
[  623.895483][ T5908] sunplus 2-1:0.0: probe with driver sunplus failed with error -32
[  623.896529][ T5947] usb 3-1: config 0 has an invalid interface number: 92 but max is 0
[  623.937124][ T5947] usb 3-1: config 0 has no interface number 0
[  623.950144][ T5947] usb 3-1: config 0 interface 92 has no altsetting 0
[  623.966664][ T5947] usb 3-1: New USB device found, idVendor=1b3d, idProduct=01ab, bcdDevice=85.24
[  624.013124][ T5947] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  624.034927][ T5947] usb 3-1: Product: syz
[  624.045030][ T5947] usb 3-1: Manufacturer: syz
[  624.051901][ T5947] usb 3-1: SerialNumber: syz
[  624.065025][ T5947] usb 3-1: config 0 descriptor??
[  624.158390][   T43] usb 2-1: USB disconnect, device number 13
[  624.300626][ T5947] ftdi_sio 3-1:0.92: FTDI USB Serial Device converter detected
[  624.312188][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  624.312252][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  624.362937][ T5947] ftdi_sio ttyUSB0: unknown device type: 0x8524
[  624.386516][ T5947] usb 3-1: USB disconnect, device number 25
[  624.402118][ T5947] ftdi_sio 3-1:0.92: device disconnected
[  624.534218][T13279] FAULT_INJECTION: forcing a failure.
[  624.534218][T13279] name failslab, interval 1, probability 0, space 0, times 0
[  624.610653][T13279] CPU: 0 UID: 0 PID: 13279 Comm: syz.1.2161 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  624.610678][T13279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  624.610688][T13279] Call Trace:
[  624.610696][T13279]  <TASK>
[  624.610703][T13279]  dump_stack_lvl+0x189/0x250
[  624.610729][T13279]  ? __pfx____ratelimit+0x10/0x10
[  624.610753][T13279]  ? __pfx_dump_stack_lvl+0x10/0x10
[  624.610775][T13279]  ? __pfx__printk+0x10/0x10
[  624.610798][T13279]  ? __pfx___might_resched+0x10/0x10
[  624.610819][T13279]  ? fs_reclaim_acquire+0x7d/0x100
[  624.610843][T13279]  should_fail_ex+0x414/0x560
[  624.610867][T13279]  should_failslab+0xa8/0x100
[  624.610886][T13279]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  624.610903][T13279]  ? __alloc_skb+0x112/0x2d0
[  624.610926][T13279]  __alloc_skb+0x112/0x2d0
[  624.610947][T13279]  netlink_ack+0x146/0xa50
[  624.610963][T13279]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  624.610980][T13279]  ? ref_tracker_free+0x63a/0x7d0
[  624.610998][T13279]  ? __copy_skb_header+0xa7/0x550
[  624.611019][T13279]  ? __pfx_ref_tracker_free+0x10/0x10
[  624.611049][T13279]  netlink_rcv_skb+0x28c/0x470
[  624.611069][T13279]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  624.611088][T13279]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  624.611116][T13279]  ? netlink_deliver_tap+0x2e/0x1b0
[  624.611134][T13279]  ? netlink_deliver_tap+0x2e/0x1b0
[  624.611159][T13279]  netlink_unicast+0x758/0x8d0
[  624.611186][T13279]  netlink_sendmsg+0x805/0xb30
[  624.611210][T13279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  624.611231][T13279]  ? aa_sock_msg_perm+0x94/0x160
[  624.611254][T13279]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  624.611281][T13279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  624.611299][T13279]  __sock_sendmsg+0x219/0x270
[  624.611323][T13279]  ____sys_sendmsg+0x505/0x830
[  624.611347][T13279]  ? __pfx_____sys_sendmsg+0x10/0x10
[  624.611374][T13279]  ? import_iovec+0x74/0xa0
[  624.611393][T13279]  ___sys_sendmsg+0x21f/0x2a0
[  624.611416][T13279]  ? __pfx____sys_sendmsg+0x10/0x10
[  624.611466][T13279]  ? __fget_files+0x2a/0x420
[  624.611483][T13279]  ? __fget_files+0x3a0/0x420
[  624.611512][T13279]  __x64_sys_sendmsg+0x19b/0x260
[  624.611535][T13279]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  624.611562][T13279]  ? __pfx_ksys_write+0x10/0x10
[  624.611575][T13279]  ? rcu_is_watching+0x15/0xb0
[  624.611603][T13279]  ? do_syscall_64+0xbe/0x3b0
[  624.611623][T13279]  do_syscall_64+0xfa/0x3b0
[  624.611639][T13279]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.611656][T13279]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  624.611672][T13279]  ? clear_bhb_loop+0x60/0xb0
[  624.611693][T13279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.611709][T13279] RIP: 0033:0x7f381c58e929
[  624.611726][T13279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.611741][T13279] RSP: 002b:00007f381d46e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  624.611760][T13279] RAX: ffffffffffffffda RBX: 00007f381c7b5fa0 RCX: 00007f381c58e929
[  624.611772][T13279] RDX: 0000000004000004 RSI: 0000200000000040 RDI: 0000000000000003
[  624.611784][T13279] RBP: 00007f381d46e090 R08: 0000000000000000 R09: 0000000000000000
[  624.611796][T13279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  624.611806][T13279] R13: 0000000000000000 R14: 00007f381c7b5fa0 R15: 00007f381c8dfa28
[  624.611832][T13279]  </TASK>
[  624.943972][    C0] vkms_vblank_simulate: vblank timer overrun
[  625.284646][ T5947] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  625.412581][T13288] xt_hashlimit: max too large, truncated to 1048576
[  625.460266][ T5947] usb 2-1: Using ep0 maxpacket: 8
[  625.483915][ T5947] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  625.495507][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.540926][ T5947] usb 2-1: Product: syz
[  625.570837][ T5947] usb 2-1: Manufacturer: syz
[  625.590752][ T5947] usb 2-1: SerialNumber: syz
[  625.605292][ T5947] usb 2-1: config 0 descriptor??
[  625.614437][ T5947] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  625.622870][ T5947] usb 2-1: setting power ON
[  625.637811][ T5947] dvb-usb: bulk message failed: -22 (2/0)
[  625.740048][ T5947] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  625.778380][ T5947] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  625.821928][ T5947] usb 2-1: media controller created
[  625.898711][ T5947] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  625.924301][ T5947] usb 2-1: selecting invalid altsetting 6
[  625.944613][ T5947] usb 2-1: digital interface selection failed (-22)
[  625.951266][ T5947] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  625.960829][ T5947] usb 2-1: setting power OFF
[  625.966124][ T5947] dvb-usb: bulk message failed: -22 (2/0)
[  625.971886][ T5947] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  625.981697][ T5947] (NULL device *): no alternate interface
[  626.057459][ T5888] usb 5-1: new high-speed USB device number 121 using dummy_hcd
[  626.057610][ T5947] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  626.124909][ T5947] usb 2-1: USB disconnect, device number 14
[  626.225248][ T5888] usb 5-1: Using ep0 maxpacket: 8
[  626.378918][ T5888] usb 5-1: unable to get BOS descriptor or descriptor too short
[  626.395458][ T5888] usb 5-1: unable to read config index 0 descriptor/start: -71
[  626.428168][ T5888] usb 5-1: can't read configurations, error -71
[  626.550377][T13310] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2174'.
[  627.022962][ T5908] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  627.141584][T13319] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  627.198414][ T5908] usb 2-1: Using ep0 maxpacket: 16
[  627.205961][ T5908] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  627.254181][ T5908] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  627.304328][ T5908] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  627.321295][ T5908] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  627.331039][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.339600][ T5908] usb 2-1: Product: syz
[  627.365122][ T5908] usb 2-1: Manufacturer: syz
[  627.369792][ T5908] usb 2-1: SerialNumber: syz
[  627.587049][ T5888] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[  627.757190][ T5888] usb 5-1: Using ep0 maxpacket: 32
[  627.788910][ T5888] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  627.798062][ T5908] usb 2-1: 0:2 : does not exist
[  627.814609][ T5888] usb 5-1: config 0 has no interface number 0
[  627.827687][ T5888] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  627.846997][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.858082][ T5888] usb 5-1: Product: syz
[  627.862387][ T5888] usb 5-1: Manufacturer: syz
[  627.867755][ T5888] usb 5-1: SerialNumber: syz
[  627.885903][ T5888] usb 5-1: config 0 descriptor??
[  627.898026][ T5888] smsc95xx v2.0.0
[  628.003300][T13343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  628.017207][T13343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  628.041440][T13343] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2185'.
[  628.051221][T13343] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[  628.061206][T13343] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  628.079285][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  628.079302][   T30] audit: type=1326 audit(1750432832.963:4158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  628.116626][   T30] audit: type=1326 audit(1750432832.963:4159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feea012ab19 code=0x7ffc0000
[  628.152426][   T30] audit: type=1326 audit(1750432832.963:4160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  628.192202][   T30] audit: type=1326 audit(1750432832.993:4161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feea012ab19 code=0x7ffc0000
[  628.210500][   T43] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  628.214608][    C0] vkms_vblank_simulate: vblank timer overrun
[  628.220612][   T30] audit: type=1326 audit(1750432832.993:4162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  628.254070][   T30] audit: type=1326 audit(1750432832.993:4163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feea012ab19 code=0x7ffc0000
[  628.277538][   T30] audit: type=1326 audit(1750432832.993:4164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feea012ab19 code=0x7ffc0000
[  628.303209][   T30] audit: type=1326 audit(1750432832.993:4165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feea012ab19 code=0x7ffc0000
[  628.329779][   T30] audit: type=1326 audit(1750432832.993:4166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feea012ab19 code=0x7ffc0000
[  628.355865][ T5908] usb 2-1: USB disconnect, device number 15
[  628.366693][ T5888] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  628.379348][ T5888] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  628.482267][   T30] audit: type=1326 audit(1750432832.993:4167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13342 comm="syz.2.2185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  628.630456][ T5888] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[  628.642295][ T5888] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -61
[  629.164655][   T24] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  629.394739][   T24] usb 2-1: Using ep0 maxpacket: 8
[  629.636768][T13375] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  629.730116][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  629.744334][   T24] usb 2-1: unable to read config index 0 descriptor/start: -71
[  629.811924][   T24] usb 2-1: can't read configurations, error -71
[  630.311076][ T5888] usb 5-1: USB disconnect, device number 123
[  630.888913][   T24] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  631.168902][ T5888] usb 5-1: new full-speed USB device number 124 using dummy_hcd
[  631.207859][   T24] usb 2-1: Using ep0 maxpacket: 32
[  631.249676][   T24] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  631.260059][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.269249][   T24] usb 2-1: Product: syz
[  631.273490][   T24] usb 2-1: Manufacturer: syz
[  631.281669][   T24] usb 2-1: SerialNumber: syz
[  631.312733][   T24] usb 2-1: config 0 descriptor??
[  631.342898][   T24] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  631.360694][ T5888] usb 5-1: config 0 has an invalid interface number: 44 but max is 1
[  631.369290][ T5888] usb 5-1: config 0 has an invalid interface number: 92 but max is 1
[  631.394686][ T5888] usb 5-1: config 0 has no interface number 0
[  631.410130][ T5888] usb 5-1: config 0 has no interface number 1
[  631.427551][ T5888] usb 5-1: config 0 interface 44 has no altsetting 0
[  631.442758][ T5888] usb 5-1: config 0 interface 92 has no altsetting 0
[  631.457159][ T5888] usb 5-1: New USB device found, idVendor=1b3d, idProduct=01ab, bcdDevice=85.24
[  631.466554][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.474660][ T5888] usb 5-1: Product: syz
[  631.474836][   T43] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  631.487429][ T5888] usb 5-1: Manufacturer: syz
[  631.495608][ T5888] usb 5-1: SerialNumber: syz
[  631.508982][ T5888] usb 5-1: config 0 descriptor??
[  631.541854][   T24] gspca_ov534_9: reg_w failed -71
[  631.636971][   T43] usb 4-1: Using ep0 maxpacket: 32
[  631.696505][   T43] usb 4-1: config 1 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  631.708037][   T43] usb 4-1: config 1 interface 0 altsetting 128 bulk endpoint 0x82 has invalid maxpacket 16
[  631.729160][   T43] usb 4-1: config 1 interface 0 altsetting 128 bulk endpoint 0x3 has invalid maxpacket 1024
[  631.735521][ T5888] ftdi_sio 5-1:0.44: FTDI USB Serial Device converter detected
[  631.752144][ T5888] ftdi_sio ttyUSB0: unknown device type: 0x8524
[  631.760080][   T43] usb 4-1: config 1 interface 0 altsetting 128 has 3 endpoint descriptors, different from the interface descriptor's value: 26
[  631.767345][ T5888] ftdi_sio 5-1:0.92: FTDI USB Serial Device converter detected
[  631.784160][ T5888] ftdi_sio ttyUSB1: unknown device type: 0x8524
[  631.814222][ T5888] usb 5-1: USB disconnect, device number 124
[  631.850314][ T5888] ftdi_sio 5-1:0.44: device disconnected
[  631.863675][ T5888] ftdi_sio 5-1:0.92: device disconnected
[  631.874484][   T43] usb 4-1: config 1 interface 0 has no altsetting 0
[  631.906360][   T43] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  631.918655][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  631.934306][   T43] usb 4-1: SerialNumber: syz
[  631.962219][T13399] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  631.974649][   T24] gspca_ov534_9: Unknown sensor 0000
[  631.974717][   T24] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22
[  631.983202][T13399] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  632.012665][   T24] usb 2-1: USB disconnect, device number 17
[  632.728369][T13409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.849644][T13409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  633.382265][T13417] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2201'.
[  633.513547][T13426] batman_adv: batadv0: Adding interface: dummy0
[  633.530048][T13426] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  633.567801][T13426] batman_adv: batadv0: Interface activated: dummy0
[  633.579823][T13428] batadv0: mtu less than device minimum
[  633.595489][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.606828][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.618370][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.629724][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.640961][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.652206][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.663427][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.674898][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.686240][T13428] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  633.710149][   T24] usb 5-1: new full-speed USB device number 125 using dummy_hcd
[  633.871669][   T24] usb 5-1: config 0 has an invalid interface number: 172 but max is 0
[  633.898083][   T24] usb 5-1: config 0 has no interface number 0
[  633.919672][   T24] usb 5-1: New USB device found, idVendor=2304, idProduct=020f, bcdDevice=3b.de
[  633.930597][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  633.940152][   T24] usb 5-1: Product: syz
[  633.945352][   T24] usb 5-1: Manufacturer: syz
[  633.950075][   T24] usb 5-1: SerialNumber: syz
[  633.961019][   T30] kauditd_printk_skb: 70 callbacks suppressed
[  633.961037][   T30] audit: type=1326 audit(1750432838.843:4238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  633.961162][   T24] usb 5-1: config 0 descriptor??
[  633.967923][ T5888] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  634.002932][   T30] audit: type=1326 audit(1750432838.843:4239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.064987][   T30] audit: type=1326 audit(1750432838.843:4240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.095723][   T30] audit: type=1326 audit(1750432838.843:4241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.099933][   T24] dvb-usb: found a 'Pinnacle 400e DVB-S USB2.0' in warm state.
[  634.126471][   T30] audit: type=1326 audit(1750432838.843:4242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.148929][    C1] vkms_vblank_simulate: vblank timer overrun
[  634.156416][   T24] dvb-usb: bulk message failed: -22 (4/0)
[  634.162398][   T24] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  634.173088][   T30] audit: type=1326 audit(1750432838.843:4243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.195933][   T24] dvb-usb: bulk message failed: -22 (5/0)
[  634.201802][   T24] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  634.226327][   T24] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  634.244677][   T30] audit: type=1326 audit(1750432838.883:4244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.267032][    C1] vkms_vblank_simulate: vblank timer overrun
[  634.289697][   T24] dvb-usb: Pinnacle 400e DVB-S USB2.0 error while loading driver (-19)
[  634.345735][ T5888] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  634.353199][   T30] audit: type=1326 audit(1750432838.883:4245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.427814][ T5888] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  634.448216][   T30] audit: type=1326 audit(1750432838.883:4246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.467966][ T5888] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  634.532076][ T5888] usb 3-1: config 220 has no interface number 2
[  634.533137][   T43] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[  634.569591][ T5888] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  634.578324][   T30] audit: type=1326 audit(1750432838.883:4247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13433 comm="syz.1.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  634.617813][   T43] usb 4-1: USB disconnect, device number 8
[  634.648917][ T5888] usb 3-1: config 220 interface 0 has no altsetting 0
[  634.677776][ T5888] usb 3-1: config 220 interface 76 has no altsetting 0
[  634.724256][ T5888] usb 3-1: config 220 interface 1 has no altsetting 0
[  634.765769][ T5901] usb 5-1: USB disconnect, device number 125
[  634.780827][ T5888] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  634.802000][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.811774][ T5888] usb 3-1: Product: syz
[  634.858490][ T5888] usb 3-1: Manufacturer: syz
[  634.863143][ T5888] usb 3-1: SerialNumber: syz
[  635.054724][   T43] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  635.206445][   T43] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  635.236134][   T43] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  635.267331][   T43] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  635.295831][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  635.354710][   T43] usb 4-1: Product: syz
[  635.364639][   T43] usb 4-1: Manufacturer: syz
[  635.438808][   T43] usb 4-1: SerialNumber: syz
[  635.639372][ T5888] usb 3-1: selecting invalid altsetting 0
[  635.649011][ T5888] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  635.676885][ T5888] usb 3-1: No valid video chain found.
[  635.714272][T13444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  635.719272][ T5888] usb 3-1: selecting invalid altsetting 0
[  635.752366][T13444] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  635.768939][ T5888] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  635.906977][ T5888] usb 3-1: USB disconnect, device number 27
[  635.914702][ T5901] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[  636.012887][   T43] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  636.065741][   T43] usb 4-1: USB disconnect, device number 9
[  636.096441][ T5901] usb 5-1: Using ep0 maxpacket: 16
[  636.144812][ T5901] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  636.191905][ T5901] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  636.258075][ T5901] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  636.351562][ T5901] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  636.451320][ T5901] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.634936][ T5888] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  636.659686][ T5901] usb 5-1: Product: syz
[  636.674292][ T5901] usb 5-1: Manufacturer: syz
[  636.743128][ T5901] usb 5-1: SerialNumber: syz
[  636.851275][T13462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  636.879457][T13462] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  637.178780][T13477] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  637.238680][T13462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2215'.
[  637.291591][ T5901] usb 5-1: 0:2 : does not exist
[  637.546835][ T5901] usb 5-1: 1:0: failed to get current value for ch 0 (-22)
[  637.633759][T13484] FAULT_INJECTION: forcing a failure.
[  637.633759][T13484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  637.648777][ T5901] usb 5-1: USB disconnect, device number 126
[  637.689796][ T6029] udevd[6029]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  637.739205][T13484] CPU: 1 UID: 0 PID: 13484 Comm: syz.2.2220 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  637.739232][T13484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  637.739242][T13484] Call Trace:
[  637.739251][T13484]  <TASK>
[  637.739259][T13484]  dump_stack_lvl+0x189/0x250
[  637.739288][T13484]  ? __pfx____ratelimit+0x10/0x10
[  637.739312][T13484]  ? __pfx_dump_stack_lvl+0x10/0x10
[  637.739335][T13484]  ? __pfx__printk+0x10/0x10
[  637.739365][T13484]  should_fail_ex+0x414/0x560
[  637.739390][T13484]  _copy_to_user+0x31/0xb0
[  637.739410][T13484]  simple_read_from_buffer+0xe1/0x170
[  637.739433][T13484]  proc_fail_nth_read+0x1df/0x250
[  637.739457][T13484]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  637.739478][T13484]  ? rw_verify_area+0x258/0x650
[  637.739501][T13484]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  637.739522][T13484]  vfs_read+0x1fd/0x980
[  637.739550][T13484]  ? __pfx___mutex_lock+0x10/0x10
[  637.739568][T13484]  ? __pfx_vfs_read+0x10/0x10
[  637.739592][T13484]  ? __fget_files+0x2a/0x420
[  637.739616][T13484]  ? __fget_files+0x3a0/0x420
[  637.739632][T13484]  ? __fget_files+0x2a/0x420
[  637.739659][T13484]  ksys_read+0x145/0x250
[  637.739676][T13484]  ? __pfx_ksys_read+0x10/0x10
[  637.739696][T13484]  ? rcu_is_watching+0x15/0xb0
[  637.739725][T13484]  ? do_syscall_64+0xbe/0x3b0
[  637.739745][T13484]  do_syscall_64+0xfa/0x3b0
[  637.739760][T13484]  ? lockdep_hardirqs_on+0x9c/0x150
[  637.739786][T13484]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.739803][T13484]  ? clear_bhb_loop+0x60/0xb0
[  637.739824][T13484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.739840][T13484] RIP: 0033:0x7feea018d33c
[  637.739855][T13484] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  637.739869][T13484] RSP: 002b:00007feea0f57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  637.739894][T13484] RAX: ffffffffffffffda RBX: 00007feea03b5fa0 RCX: 00007feea018d33c
[  637.739907][T13484] RDX: 000000000000000f RSI: 00007feea0f570a0 RDI: 0000000000000004
[  637.739918][T13484] RBP: 00007feea0f57090 R08: 0000000000000000 R09: 0000000000000000
[  637.739929][T13484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.739939][T13484] R13: 0000000000000000 R14: 00007feea03b5fa0 R15: 00007feea04dfa28
[  637.739968][T13484]  </TASK>
[  637.975687][    C1] vkms_vblank_simulate: vblank timer overrun
[  638.244013][T13488] FAULT_INJECTION: forcing a failure.
[  638.244013][T13488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  638.334905][T13488] CPU: 0 UID: 0 PID: 13488 Comm: syz.1.2222 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  638.334931][T13488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  638.334942][T13488] Call Trace:
[  638.334950][T13488]  <TASK>
[  638.334957][T13488]  dump_stack_lvl+0x189/0x250
[  638.334985][T13488]  ? __pfx____ratelimit+0x10/0x10
[  638.335008][T13488]  ? __pfx_dump_stack_lvl+0x10/0x10
[  638.335030][T13488]  ? __pfx__printk+0x10/0x10
[  638.335048][T13488]  ? __might_fault+0xb0/0x130
[  638.335076][T13488]  should_fail_ex+0x414/0x560
[  638.335103][T13488]  _copy_from_user+0x2d/0xb0
[  638.335121][T13488]  sk_getsockopt+0x197/0x2530
[  638.335147][T13488]  ? __pfx_sk_getsockopt+0x10/0x10
[  638.335166][T13488]  ? do_syscall_64+0x80/0x3b0
[  638.335193][T13488]  ? __lock_acquire+0xab9/0xd20
[  638.335226][T13488]  ? __might_fault+0xb0/0x130
[  638.335263][T13488]  do_sock_getsockopt+0x275/0x650
[  638.335282][T13488]  ? do_syscall_64+0x80/0x3b0
[  638.335301][T13488]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  638.335320][T13488]  ? do_syscall_64+0x80/0x3b0
[  638.335335][T13488]  ? __fget_files+0x3a0/0x420
[  638.335353][T13488]  ? __fget_files+0x2a/0x420
[  638.335378][T13488]  __x64_sys_getsockopt+0x1a5/0x250
[  638.335398][T13488]  ? do_syscall_64+0x80/0x3b0
[  638.335415][T13488]  ? do_syscall_64+0x80/0x3b0
[  638.335435][T13488]  do_syscall_64+0xfa/0x3b0
[  638.335449][T13488]  ? lockdep_hardirqs_on+0x9c/0x150
[  638.335471][T13488]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.335489][T13488]  ? clear_bhb_loop+0x60/0xb0
[  638.335509][T13488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.335526][T13488] RIP: 0033:0x7f381c58e929
[  638.335542][T13488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.335556][T13488] RSP: 002b:00007f381d46e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  638.335575][T13488] RAX: ffffffffffffffda RBX: 00007f381c7b5fa0 RCX: 00007f381c58e929
[  638.335588][T13488] RDX: 0000000000000049 RSI: 0000000000000001 RDI: 0000000000000003
[  638.335606][T13488] RBP: 00007f381d46e090 R08: 0000200000000240 R09: 0000000000000000
[  638.335618][T13488] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  638.335630][T13488] R13: 0000000000000000 R14: 00007f381c7b5fa0 R15: 00007f381c8dfa28
[  638.335658][T13488]  </TASK>
[  638.844810][ T5888] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  638.856884][T13501] netlink: 'syz.3.2226': attribute type 9 has an invalid length.
[  638.865458][T13501] netlink: 212260 bytes leftover after parsing attributes in process `syz.3.2226'.
[  638.934646][   T24] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  639.044840][ T5888] usb 3-1: Using ep0 maxpacket: 16
[  639.051705][ T5888] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  639.060937][ T5888] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  639.071305][ T5888] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  639.083130][ T5888] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  639.093238][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.093789][   T24] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  639.101702][ T5888] usb 3-1: Product: syz
[  639.101721][ T5888] usb 3-1: Manufacturer: syz
[  639.101735][ T5888] usb 3-1: SerialNumber: syz
[  639.111998][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.136318][   T24] usb 2-1: Product: syz
[  639.146142][   T24] usb 2-1: Manufacturer: syz
[  639.151025][   T24] usb 2-1: SerialNumber: syz
[  639.177478][   T24] usb 2-1: config 0 descriptor??
[  639.184798][ T5901] usb 5-1: new full-speed USB device number 127 using dummy_hcd
[  639.201329][   T24] go7007 2-1:0.0: probe with driver go7007 failed with error -12
[  639.374668][ T5901] usb 5-1: config 0 has an invalid interface number: 29 but max is 0
[  639.382814][ T5901] usb 5-1: config 0 has no interface number 0
[  639.391346][ T5901] usb 5-1: config 0 interface 29 has no altsetting 0
[  639.408824][ T5847] Bluetooth: hci2: Invalid handle: 0x21c9 > 0x0eff
[  639.439582][ T5901] usb 5-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  639.439637][ T5901] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.439657][ T5901] usb 5-1: Product: syz
[  639.439671][ T5901] usb 5-1: Manufacturer: syz
[  639.439686][ T5901] usb 5-1: SerialNumber: syz
[  639.442458][ T5901] usb 5-1: config 0 descriptor??
[  639.567821][ T5888] usb 3-1: 0:2 : does not exist
[  639.691015][ T5901] peak_usb 5-1:0.29: PEAK-System PCAN-USB X6 v213 fw v7.0.0 (2 channels)
[  639.994717][ T5908] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  640.009633][T13510] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6tnl0, syncid = 3, id = 0
[  640.058540][ T5888] usb 3-1: USB disconnect, device number 29
[  640.176973][ T5908] usb 4-1: config 0 has an invalid interface number: 44 but max is 1
[  640.186018][ T5908] usb 4-1: config 0 has an invalid interface number: 92 but max is 1
[  640.194440][ T5908] usb 4-1: config 0 has no interface number 0
[  640.203696][ T5908] usb 4-1: config 0 has no interface number 1
[  640.210394][ T5908] usb 4-1: config 0 interface 44 has no altsetting 0
[  640.219020][ T5908] usb 4-1: config 0 interface 92 has no altsetting 0
[  640.232555][ T5908] usb 4-1: New USB device found, idVendor=1b3d, idProduct=01ab, bcdDevice=85.24
[  640.245485][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.261463][ T5908] usb 4-1: Product: syz
[  640.265899][ T5908] usb 4-1: Manufacturer: syz
[  640.271945][ T5908] usb 4-1: SerialNumber: syz
[  640.286550][ T5908] usb 4-1: config 0 descriptor??
[  640.512178][ T5908] ftdi_sio 4-1:0.44: FTDI USB Serial Device converter detected
[  640.532109][ T5908] ftdi_sio ttyUSB0: unknown device type: 0x8524
[  640.566512][T13512] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  640.568583][ T5908] ftdi_sio 4-1:0.92: FTDI USB Serial Device converter detected
[  640.591435][ T5908] ftdi_sio ttyUSB1: unknown device type: 0x8524
[  640.602204][T13512] batman_adv: batadv0: Removing interface: batadv_slave_0
[  640.604714][ T5908] usb 4-1: USB disconnect, device number 10
[  640.632315][T13512] net_ratelimit: 12 callbacks suppressed
[  640.632328][T13512] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  640.678125][ T5908] ftdi_sio 4-1:0.44: device disconnected
[  640.700363][ T5908] ftdi_sio 4-1:0.92: device disconnected
[  641.595797][T13527] FAULT_INJECTION: forcing a failure.
[  641.595797][T13527] name failslab, interval 1, probability 0, space 0, times 0
[  641.608930][T13527] CPU: 0 UID: 0 PID: 13527 Comm: syz.3.2234 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  641.608947][T13527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  641.608957][T13527] Call Trace:
[  641.608962][T13527]  <TASK>
[  641.608967][T13527]  dump_stack_lvl+0x189/0x250
[  641.608987][T13527]  ? __pfx____ratelimit+0x10/0x10
[  641.609003][T13527]  ? __pfx_dump_stack_lvl+0x10/0x10
[  641.609018][T13527]  ? __pfx__printk+0x10/0x10
[  641.609032][T13527]  ? __pfx___might_resched+0x10/0x10
[  641.609046][T13527]  ? fs_reclaim_acquire+0x7d/0x100
[  641.609061][T13527]  should_fail_ex+0x414/0x560
[  641.609078][T13527]  should_failslab+0xa8/0x100
[  641.609089][T13527]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  641.609099][T13527]  ? lockdep_hardirqs_on+0x9c/0x150
[  641.609114][T13527]  ? __alloc_skb+0x112/0x2d0
[  641.609127][T13527]  __alloc_skb+0x112/0x2d0
[  641.609140][T13527]  sock_wmalloc+0xb2/0x130
[  641.609154][T13527]  l2tp_ip_sendmsg+0x1bb/0x1630
[  641.609182][T13527]  ? inet_sendmsg+0x2f4/0x370
[  641.609191][T13527]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  641.609206][T13527]  __sock_sendmsg+0x19c/0x270
[  641.609224][T13527]  __sys_sendto+0x3bd/0x520
[  641.609236][T13527]  ? __pfx___sys_sendto+0x10/0x10
[  641.609246][T13527]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  641.609263][T13527]  ? __fget_files+0x3a0/0x420
[  641.609279][T13527]  ? ksys_write+0x22a/0x250
[  641.609289][T13527]  ? __pfx_ksys_write+0x10/0x10
[  641.609297][T13527]  ? rcu_is_watching+0x15/0xb0
[  641.609315][T13527]  __x64_sys_sendto+0xde/0x100
[  641.609328][T13527]  do_syscall_64+0xfa/0x3b0
[  641.609337][T13527]  ? lockdep_hardirqs_on+0x9c/0x150
[  641.609350][T13527]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.609360][T13527]  ? clear_bhb_loop+0x60/0xb0
[  641.609372][T13527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.609381][T13527] RIP: 0033:0x7fd4b678e929
[  641.609391][T13527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  641.609399][T13527] RSP: 002b:00007fd4b7613038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  641.609412][T13527] RAX: ffffffffffffffda RBX: 00007fd4b69b5fa0 RCX: 00007fd4b678e929
[  641.609420][T13527] RDX: 000000000000005d RSI: 0000200000000040 RDI: 0000000000000003
[  641.609426][T13527] RBP: 00007fd4b7613090 R08: 0000200000000100 R09: 0000000000000010
[  641.609433][T13527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  641.609438][T13527] R13: 0000000000000000 R14: 00007fd4b69b5fa0 R15: 00007fd4b6adfa28
[  641.609454][T13527]  </TASK>
[  642.031544][ T5908] usb 2-1: USB disconnect, device number 18
[  642.070765][   T51] Bluetooth: hci2: ACL packet for unknown connection handle 431
[  642.081227][   T30] kauditd_printk_skb: 137 callbacks suppressed
[  642.081241][   T30] audit: type=1326 audit(1750432846.963:4385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13528 comm="syz.1.2235" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f381c58e929 code=0x0
[  642.215650][ T5901] peak_usb 5-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[  642.249324][ T5901] peak_usb 5-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[  642.356167][ T5901] peak_usb 5-1:0.29: probe with driver peak_usb failed with error -71
[  642.388902][ T5901] usb 5-1: USB disconnect, device number 127
[  642.534691][   T24] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  642.754789][   T24] usb 4-1: Using ep0 maxpacket: 32
[  642.817642][T13538] sctp: [Deprecated]: syz.2.2238 (pid 13538) Use of int in maxseg socket option.
[  642.817642][T13538] Use struct sctp_assoc_value instead
[  642.886290][T13539] syz.2.2238 (13539): drop_caches: 2
[  642.930691][   T24] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  642.964291][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  643.002425][   T24] usb 4-1: Product: syz
[  643.040312][   T24] usb 4-1: Manufacturer: syz
[  643.079434][   T24] usb 4-1: SerialNumber: syz
[  643.097629][   T24] usb 4-1: config 0 descriptor??
[  643.114024][   T24] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  643.183999][T13541] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2239'.
[  643.224747][T13541] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2239'.
[  643.288360][T13541] ip6gretap0: entered promiscuous mode
[  643.319031][T13541] syz_tun: entered promiscuous mode
[  643.337051][T13541] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  643.354671][T13541] Cannot create hsr debugfs directory
[  643.739506][T13553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2245'.
[  643.859744][   T24] gspca_ov534_9: reg_w failed -71
[  643.938598][T13557] input: syz1 as /devices/virtual/input/input51
[  644.009376][   T30] audit: type=1326 audit(1750432848.893:4386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.050495][   T30] audit: type=1326 audit(1750432848.893:4387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.075374][   T30] audit: type=1326 audit(1750432848.893:4388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.100975][   T30] audit: type=1326 audit(1750432848.903:4389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.105123][T13547] syz.4.2242 (13547): drop_caches: 2
[  644.124146][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.136969][T13559] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2247'.
[  644.152487][   T30] audit: type=1326 audit(1750432848.903:4390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.175103][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.180131][   T24] gspca_ov534_9: Unknown sensor 0000
[  644.181799][   T24] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[  644.198855][   T30] audit: type=1326 audit(1750432848.923:4391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.250031][   T24] usb 4-1: USB disconnect, device number 11
[  644.262483][T13547] sctp: [Deprecated]: syz.4.2242 (pid 13547) Use of int in maxseg socket option.
[  644.262483][T13547] Use struct sctp_assoc_value instead
[  644.294591][   T30] audit: type=1326 audit(1750432848.923:4392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.368774][   T30] audit: type=1326 audit(1750432848.923:4393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.391227][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.750393][   T30] audit: type=1326 audit(1750432848.983:4394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13558 comm="syz.2.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feea018e929 code=0x7ffc0000
[  644.772838][    C0] vkms_vblank_simulate: vblank timer overrun
[  644.852191][T13572] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2251'.
[  644.993440][T13576] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2251'.
[  645.092740][T13578] FAULT_INJECTION: forcing a failure.
[  645.092740][T13578] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  645.123187][T13578] CPU: 0 UID: 0 PID: 13578 Comm: syz.4.2252 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  645.123215][T13578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  645.123226][T13578] Call Trace:
[  645.123234][T13578]  <TASK>
[  645.123243][T13578]  dump_stack_lvl+0x189/0x250
[  645.123272][T13578]  ? __pfx____ratelimit+0x10/0x10
[  645.123297][T13578]  ? __pfx_dump_stack_lvl+0x10/0x10
[  645.123321][T13578]  ? __pfx__printk+0x10/0x10
[  645.123340][T13578]  ? __might_fault+0xb0/0x130
[  645.123369][T13578]  should_fail_ex+0x414/0x560
[  645.123394][T13578]  _copy_from_user+0x2d/0xb0
[  645.123412][T13578]  do_ip6t_set_ctl+0x69f/0xce0
[  645.123442][T13578]  ? rcu_is_watching+0x15/0xb0
[  645.123465][T13578]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  645.123504][T13578]  ? __pfx___mutex_lock+0x10/0x10
[  645.123521][T13578]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  645.123536][T13578]  ? aa_sk_perm+0x81e/0x950
[  645.123561][T13578]  ? __pfx_aa_sk_perm+0x10/0x10
[  645.123587][T13578]  nf_setsockopt+0x26f/0x290
[  645.123610][T13578]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  645.123631][T13578]  do_sock_setsockopt+0x257/0x3e0
[  645.123655][T13578]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  645.123679][T13578]  ? __fget_files+0x2a/0x420
[  645.123707][T13578]  __x64_sys_setsockopt+0x18b/0x220
[  645.123733][T13578]  do_syscall_64+0xfa/0x3b0
[  645.123748][T13578]  ? lockdep_hardirqs_on+0x9c/0x150
[  645.123771][T13578]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  645.123788][T13578]  ? clear_bhb_loop+0x60/0xb0
[  645.123808][T13578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  645.123824][T13578] RIP: 0033:0x7fc1acd8e929
[  645.123840][T13578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  645.123856][T13578] RSP: 002b:00007fc1adb0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  645.123875][T13578] RAX: ffffffffffffffda RBX: 00007fc1acfb5fa0 RCX: 00007fc1acd8e929
[  645.123888][T13578] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  645.123899][T13578] RBP: 00007fc1adb0f090 R08: 000000000000ffb3 R09: 0000000000000000
[  645.123911][T13578] R10: 0000200000000700 R11: 0000000000000246 R12: 0000000000000001
[  645.123922][T13578] R13: 0000000000000000 R14: 00007fc1acfb5fa0 R15: 00007fc1ad0dfa28
[  645.123949][T13578]  </TASK>
[  645.354041][    C0] vkms_vblank_simulate: vblank timer overrun
[  645.474852][ T5908] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  645.644715][ T5908] usb 4-1: Using ep0 maxpacket: 16
[  645.653297][ T5908] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  645.663046][ T5908] usb 4-1: config 0 has no interface number 0
[  645.672770][ T5908] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  645.686197][ T5908] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  645.703917][ T5908] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  645.717364][ T5908] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  645.730975][ T5908] usb 4-1: Product: syz
[  645.742252][ T5908] usb 4-1: SerialNumber: syz
[  645.762276][ T5908] usb 4-1: config 0 descriptor??
[  645.818990][ T5908] cm109 4-1:0.8: invalid payload size 0, expected 4
[  645.831846][ T5908] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input52
[  646.036136][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  646.246478][   T43] usb 4-1: USB disconnect, device number 12
[  646.281353][T13595] syz.4.2256 (13595): drop_caches: 2
[  646.328700][T13597] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  646.372853][   T43] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  646.594387][T13600] FAULT_INJECTION: forcing a failure.
[  646.594387][T13600] name failslab, interval 1, probability 0, space 0, times 0
[  646.621325][T13589] sctp: [Deprecated]: syz.4.2256 (pid 13589) Use of int in maxseg socket option.
[  646.621325][T13589] Use struct sctp_assoc_value instead
[  646.662918][T13600] CPU: 0 UID: 0 PID: 13600 Comm: syz.1.2260 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  646.662945][T13600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  646.662956][T13600] Call Trace:
[  646.662964][T13600]  <TASK>
[  646.662973][T13600]  dump_stack_lvl+0x189/0x250
[  646.663001][T13600]  ? __pfx____ratelimit+0x10/0x10
[  646.663026][T13600]  ? __pfx_dump_stack_lvl+0x10/0x10
[  646.663050][T13600]  ? __pfx__printk+0x10/0x10
[  646.663076][T13600]  ? __pfx___might_resched+0x10/0x10
[  646.663102][T13600]  should_fail_ex+0x414/0x560
[  646.663129][T13600]  should_failslab+0xa8/0x100
[  646.663149][T13600]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  646.663164][T13600]  ? __alloc_skb+0x112/0x2d0
[  646.663187][T13600]  __alloc_skb+0x112/0x2d0
[  646.663210][T13600]  netlink_sendmsg+0x5c6/0xb30
[  646.663237][T13600]  ? __pfx_netlink_sendmsg+0x10/0x10
[  646.663259][T13600]  ? aa_sock_msg_perm+0x94/0x160
[  646.663282][T13600]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  646.663300][T13600]  ? __pfx_netlink_sendmsg+0x10/0x10
[  646.663319][T13600]  __sock_sendmsg+0x219/0x270
[  646.663346][T13600]  ____sys_sendmsg+0x505/0x830
[  646.663371][T13600]  ? __pfx_____sys_sendmsg+0x10/0x10
[  646.663400][T13600]  ? import_iovec+0x74/0xa0
[  646.663418][T13600]  ___sys_sendmsg+0x21f/0x2a0
[  646.663440][T13600]  ? __pfx____sys_sendmsg+0x10/0x10
[  646.663485][T13600]  ? __fget_files+0x2a/0x420
[  646.663501][T13600]  ? __fget_files+0x3a0/0x420
[  646.663525][T13600]  __x64_sys_sendmsg+0x19b/0x260
[  646.663548][T13600]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  646.663576][T13600]  ? __pfx_ksys_write+0x10/0x10
[  646.663590][T13600]  ? rcu_is_watching+0x15/0xb0
[  646.663618][T13600]  ? do_syscall_64+0xbe/0x3b0
[  646.663638][T13600]  do_syscall_64+0xfa/0x3b0
[  646.663652][T13600]  ? lockdep_hardirqs_on+0x9c/0x150
[  646.663684][T13600]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.663700][T13600]  ? clear_bhb_loop+0x60/0xb0
[  646.663720][T13600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.663735][T13600] RIP: 0033:0x7f381c58e929
[  646.663751][T13600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.663766][T13600] RSP: 002b:00007f381d46e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  646.663784][T13600] RAX: ffffffffffffffda RBX: 00007f381c7b5fa0 RCX: 00007f381c58e929
[  646.663797][T13600] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  646.663808][T13600] RBP: 00007f381d46e090 R08: 0000000000000000 R09: 0000000000000000
[  646.663820][T13600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  646.663831][T13600] R13: 0000000000000000 R14: 00007f381c7b5fa0 R15: 00007f381c8dfa28
[  646.663857][T13600]  </TASK>
[  646.932010][    C0] vkms_vblank_simulate: vblank timer overrun
[  647.968651][ T5908] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  648.126774][ T5908] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  648.148046][ T5908] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  648.158014][T13628] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  648.177421][ T5908] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  648.187338][T13621] syz.3.2265 (13621): drop_caches: 2
[  648.201712][T13621] sctp: [Deprecated]: syz.3.2265 (pid 13621) Use of int in maxseg socket option.
[  648.201712][T13621] Use struct sctp_assoc_value instead
[  648.249588][ T5908] usb 3-1: config 220 has no interface number 2
[  648.268190][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  648.268207][   T30] audit: type=1326 audit(1750432853.153:4410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13627 comm="syz.0.2271" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f962718e929 code=0x0
[  648.274697][ T5947] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  648.296350][ T5908] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  648.304238][   T43] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  648.376959][ T5908] usb 3-1: config 220 interface 0 has no altsetting 0
[  648.442346][ T5908] usb 3-1: config 220 interface 76 has no altsetting 0
[  648.451722][ T5908] usb 3-1: config 220 interface 1 has no altsetting 0
[  648.460217][   T43] usb 5-1: Using ep0 maxpacket: 16
[  648.475720][   T43] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  648.480443][ T5908] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  648.484910][ T5947] usb 2-1: Using ep0 maxpacket: 16
[  648.501388][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.503254][ T5947] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  648.514035][ T5908] usb 3-1: Product: syz
[  648.524250][ T5908] usb 3-1: Manufacturer: syz
[  648.532831][ T5908] usb 3-1: SerialNumber: syz
[  648.533638][   T43] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  648.553319][ T5947] usb 2-1: config 0 has no interface number 0
[  648.573729][ T5947] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  648.586242][   T43] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  648.606711][ T5947] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  648.619337][   T43] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  648.631571][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.698912][   T43] usb 5-1: Product: syz
[  648.719262][ T5947] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  648.734646][   T43] usb 5-1: Manufacturer: syz
[  648.743976][   T43] usb 5-1: SerialNumber: syz
[  648.749503][ T5947] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  648.789203][ T5947] usb 2-1: Product: syz
[  648.803383][ T5947] usb 2-1: SerialNumber: syz
[  648.830995][ T5947] usb 2-1: config 0 descriptor??
[  648.848826][ T5947] cm109 2-1:0.8: invalid payload size 0, expected 4
[  648.866727][ T5947] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input53
[  649.171162][T13634] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2272'.
[  649.196803][   T43] usb 5-1: 0:2 : does not exist
[  649.230868][    C1] cm109_urb_ctl_callback: 36 callbacks suppressed
[  649.230896][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  649.231278][   T10] usb 2-1: USB disconnect, device number 19
[  649.237349][    C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  649.289533][   T10] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  649.459329][ T5908] usb 3-1: selecting invalid altsetting 0
[  649.482446][ T5908] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  649.492091][ T5908] usb 3-1: No valid video chain found.
[  649.513372][ T5908] usb 3-1: selecting invalid altsetting 0
[  649.520091][ T5908] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  649.545801][ T5908] usb 3-1: USB disconnect, device number 30
[  649.628723][   T43] usb 5-1: USB disconnect, device number 2
[  649.691931][ T6029] udevd[6029]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  649.904850][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  649.934774][ T5908] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  650.094680][ T5908] usb 3-1: Using ep0 maxpacket: 16
[  650.101631][ T5908] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  650.109739][ T5908] usb 3-1: config 0 has no interface number 0
[  650.116877][ T5908] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  650.145056][ T5908] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  650.168948][ T5908] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  650.186825][   T24] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  650.198822][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  650.222064][ T5908] usb 3-1: Product: syz
[  650.245118][ T5908] usb 3-1: SerialNumber: syz
[  650.264122][ T5908] usb 3-1: config 0 descriptor??
[  650.287502][ T5908] cm109 3-1:0.8: invalid payload size 0, expected 4
[  650.327370][ T5908] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input54
[  650.383268][   T24] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  650.411719][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.430206][   T24] usb 2-1: Product: syz
[  650.438518][   T24] usb 2-1: Manufacturer: syz
[  650.454418][   T24] usb 2-1: SerialNumber: syz
[  650.475696][   T24] usb 2-1: config 0 descriptor??
[  650.484127][   T24] go7007 2-1:0.0: probe with driver go7007 failed with error -12
[  650.495506][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  650.614781][ T5908] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  650.690631][   T51] Bluetooth: hci2: Invalid handle: 0x21c9 > 0x0eff
[  650.708100][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.708390][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.708607][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.708809][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.709013][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.709217][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.709427][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.709625][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.709826][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  650.729231][    C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  650.729270][   T10] usb 3-1: USB disconnect, device number 31
[  650.741153][   T10] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  650.808908][ T5908] usb 4-1: Using ep0 maxpacket: 32
[  650.829028][ T5908] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  650.829099][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.829119][ T5908] usb 4-1: Product: syz
[  650.829134][ T5908] usb 4-1: Manufacturer: syz
[  650.829173][ T5908] usb 4-1: SerialNumber: syz
[  650.832194][ T5908] usb 4-1: config 0 descriptor??
[  650.841587][ T5908] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  652.126848][   T10] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  652.197404][ T5947] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  652.274765][   T10] usb 3-1: device descriptor read/64, error -71
[  652.354991][ T5947] usb 5-1: Using ep0 maxpacket: 8
[  652.361986][ T5947] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  652.370459][ T5947] usb 5-1: config 179 has no interface number 0
[  652.376949][ T5947] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  652.388554][ T5947] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  652.400401][ T5947] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  652.411756][ T5947] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  652.421873][ T5947] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  652.435566][ T5947] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  652.444713][ T5947] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.462519][T13658] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[  652.472890][ T5947] xpad 5-1:179.65: probe with driver xpad failed with error -5
[  652.524740][   T10] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  652.664845][   T10] usb 3-1: device descriptor read/64, error -71
[  652.681415][T13658] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  652.687990][T13658] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  652.697407][T13658] vhci_hcd vhci_hcd.0: Device attached
[  652.705445][T13661] vhci_hcd: connection closed
[  652.706149][ T5947] usb 5-1: USB disconnect, device number 3
[  652.719511][   T59] vhci_hcd: stop threads
[  652.723815][   T59] vhci_hcd: release socket
[  652.732261][   T59] vhci_hcd: disconnect device
[  652.789473][   T10] usb usb3-port1: attempt power cycle
[  652.876275][ T5901] usb 2-1: USB disconnect, device number 20
[  652.982687][T13664] FAULT_INJECTION: forcing a failure.
[  652.982687][T13664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  652.996498][T13664] CPU: 1 UID: 0 PID: 13664 Comm: syz.1.2283 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  652.996523][T13664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  652.996534][T13664] Call Trace:
[  652.996543][T13664]  <TASK>
[  652.996551][T13664]  dump_stack_lvl+0x189/0x250
[  652.996579][T13664]  ? __pfx____ratelimit+0x10/0x10
[  652.996603][T13664]  ? __pfx_dump_stack_lvl+0x10/0x10
[  652.996627][T13664]  ? __pfx__printk+0x10/0x10
[  652.996646][T13664]  ? __might_fault+0xb0/0x130
[  652.996674][T13664]  should_fail_ex+0x414/0x560
[  652.996700][T13664]  _copy_from_user+0x2d/0xb0
[  652.996719][T13664]  scsi_ioctl+0x489/0x1fb0
[  652.996744][T13664]  ? __pfx_scsi_ioctl+0x10/0x10
[  652.996795][T13664]  ? kasan_quarantine_put+0xdd/0x220
[  652.996818][T13664]  ? __pfx___might_resched+0x10/0x10
[  652.996846][T13664]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  652.996874][T13664]  ? scsi_block_when_processing_errors+0x390/0x470
[  652.996895][T13664]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  652.996923][T13664]  ? __pfx_scsi_block_when_processing_errors+0x10/0x10
[  652.996964][T13664]  sg_ioctl+0x1886/0x2230
[  652.996990][T13664]  ? __pfx_sg_ioctl+0x10/0x10
[  652.997007][T13664]  ? __fget_files+0x2a/0x420
[  652.997029][T13664]  ? __fget_files+0x2a/0x420
[  652.997046][T13664]  ? __fget_files+0x3a0/0x420
[  652.997064][T13664]  ? __fget_files+0x2a/0x420
[  652.997085][T13664]  ? bpf_lsm_file_ioctl+0x9/0x20
[  652.997107][T13664]  ? __pfx_sg_ioctl+0x10/0x10
[  652.997122][T13664]  __se_sys_ioctl+0xfc/0x170
[  652.997147][T13664]  do_syscall_64+0xfa/0x3b0
[  652.997163][T13664]  ? lockdep_hardirqs_on+0x9c/0x150
[  652.997184][T13664]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.997201][T13664]  ? clear_bhb_loop+0x60/0xb0
[  652.997222][T13664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.997238][T13664] RIP: 0033:0x7f381c58e929
[  652.997254][T13664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.997268][T13664] RSP: 002b:00007f381d46e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  652.997287][T13664] RAX: ffffffffffffffda RBX: 00007f381c7b5fa0 RCX: 00007f381c58e929
[  652.997300][T13664] RDX: 0000200000000000 RSI: 0000000000005393 RDI: 0000000000000008
[  652.997312][T13664] RBP: 00007f381d46e090 R08: 0000000000000000 R09: 0000000000000000
[  652.997323][T13664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  652.997334][T13664] R13: 0000000000000000 R14: 00007f381c7b5fa0 R15: 00007f381c8dfa28
[  652.997362][T13664]  </TASK>
[  653.254333][   T10] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  653.280287][   T10] usb 3-1: device descriptor read/8, error -71
[  653.420873][T13672] tipc: Enabling of bearer <eth:s> rejected, failed to enable media
[  653.546312][   T10] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  653.587432][   T10] usb 3-1: device descriptor read/8, error -71
[  653.617087][ T5908] gspca_stk1135: reg_w 0x300 err -71
[  653.633215][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.642704][ T5908] gspca_stk1135: Sensor write failed
[  653.651097][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.661173][ T5908] gspca_stk1135: Sensor write failed
[  653.669500][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.676616][ T5908] gspca_stk1135: Sensor read failed
[  653.681962][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.691150][ T5908] gspca_stk1135: Sensor read failed
[  653.697917][ T5908] gspca_stk1135: Detected sensor type unknown (0x0)
[  653.706364][   T10] usb usb3-port1: unable to enumerate USB device
[  653.714296][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.721963][ T5908] gspca_stk1135: Sensor read failed
[  653.730154][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.738389][ T5908] gspca_stk1135: Sensor read failed
[  653.743725][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.759341][ T5908] gspca_stk1135: Sensor write failed
[  653.765926][ T5908] gspca_stk1135: serial bus timeout: status=0x00
[  653.772384][ T5908] gspca_stk1135: Sensor write failed
[  653.780768][ T5908] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[  653.794645][ T5908] usb 4-1: USB disconnect, device number 13
[  654.405056][T13682] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  654.422469][ T5947] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  654.574706][ T5947] usb 4-1: Using ep0 maxpacket: 16
[  654.581501][ T5947] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  654.581534][ T5947] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.581552][ T5947] usb 4-1: Product: syz
[  654.581566][ T5947] usb 4-1: Manufacturer: syz
[  654.581580][ T5947] usb 4-1: SerialNumber: syz
[  654.640310][ T5947] usb 4-1: config 0 descriptor??
[  655.319862][ T5947] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  655.386211][ T5947] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  655.414424][ T5947] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  655.425978][ T5947] usb 4-1: media controller created
[  655.746466][T13705] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  655.779808][ T5947] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  655.865274][ T5947] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  655.874834][ T5947] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  656.373286][T13716] loop3: detected capacity change from 0 to 1
[  656.390501][T13716] Dev loop3: unable to read RDB block 1
[  656.397901][T13716]  loop3: unable to read partition table
[  656.403696][T13716] loop3: partition table beyond EOD, truncated
[  656.414257][    T9] usb 4-1: USB disconnect, device number 14
[  656.451367][    T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  656.461419][T13716] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  656.766095][T13725] FAULT_INJECTION: forcing a failure.
[  656.766095][T13725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  656.798709][T13725] CPU: 0 UID: 0 PID: 13725 Comm: syz.2.2299 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  656.798736][T13725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  656.798747][T13725] Call Trace:
[  656.798754][T13725]  <TASK>
[  656.798762][T13725]  dump_stack_lvl+0x189/0x250
[  656.798792][T13725]  ? __pfx____ratelimit+0x10/0x10
[  656.798815][T13725]  ? __pfx_dump_stack_lvl+0x10/0x10
[  656.798837][T13725]  ? __pfx__printk+0x10/0x10
[  656.798854][T13725]  ? __might_fault+0xb0/0x130
[  656.798884][T13725]  should_fail_ex+0x414/0x560
[  656.798910][T13725]  _copy_from_user+0x2d/0xb0
[  656.798929][T13725]  kstrtouint_from_user+0xc4/0x170
[  656.798954][T13725]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  656.798993][T13725]  proc_fail_nth_write+0x88/0x240
[  656.799012][T13725]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  656.799036][T13725]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  656.799058][T13725]  vfs_write+0x27b/0xa90
[  656.799089][T13725]  ? __pfx_vfs_write+0x10/0x10
[  656.799113][T13725]  ? __fget_files+0x2a/0x420
[  656.799136][T13725]  ? __fget_files+0x3a0/0x420
[  656.799154][T13725]  ? __fget_files+0x2a/0x420
[  656.799181][T13725]  ksys_write+0x145/0x250
[  656.799199][T13725]  ? __pfx_ksys_write+0x10/0x10
[  656.799220][T13725]  ? do_syscall_64+0xbe/0x3b0
[  656.799239][T13725]  do_syscall_64+0xfa/0x3b0
[  656.799254][T13725]  ? lockdep_hardirqs_on+0x9c/0x150
[  656.799276][T13725]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.799294][T13725]  ? clear_bhb_loop+0x60/0xb0
[  656.799315][T13725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.799330][T13725] RIP: 0033:0x7feea018d3df
[  656.799346][T13725] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  656.799360][T13725] RSP: 002b:00007feea0f36030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  656.799379][T13725] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007feea018d3df
[  656.799391][T13725] RDX: 0000000000000001 RSI: 00007feea0f360a0 RDI: 0000000000000004
[  656.799402][T13725] RBP: 00007feea0f36090 R08: 0000000000000000 R09: 0000000000000000
[  656.799413][T13725] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  656.799423][T13725] R13: 0000000000000001 R14: 00007feea03b6080 R15: 00007feea04dfa28
[  656.799452][T13725]  </TASK>
[  657.031662][    C0] vkms_vblank_simulate: vblank timer overrun
[  657.180590][   T30] audit: type=1326 audit(1750432862.063:4411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13726 comm="syz.1.2300" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x0
[  657.289496][T13735] input: syz1 as /devices/virtual/input/input55
[  657.341773][   T30] audit: type=1326 audit(1750432862.223:4412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.474732][   T30] audit: type=1326 audit(1750432862.223:4413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.543029][   T30] audit: type=1326 audit(1750432862.223:4414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.628315][   T30] audit: type=1326 audit(1750432862.223:4415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.661303][T13744] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2306'.
[  657.672372][T13747] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2307'.
[  657.711142][   T30] audit: type=1326 audit(1750432862.223:4416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.738850][   T30] audit: type=1326 audit(1750432862.223:4417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.761650][   T30] audit: type=1326 audit(1750432862.223:4418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.838027][   T30] audit: type=1326 audit(1750432862.223:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  657.860463][    C0] vkms_vblank_simulate: vblank timer overrun
[  657.944928][   T30] audit: type=1326 audit(1750432862.253:4420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.3.2304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd4b678e929 code=0x7ffc0000
[  658.675515][ T5947] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  658.963457][ T5947] usb 2-1: config 0 has no interfaces?
[  658.970461][T13776] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2313'.
[  659.140890][ T5947] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  659.173996][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.264332][ T5947] usb 2-1: Product: syz
[  659.284609][ T5947] usb 2-1: Manufacturer: syz
[  659.312831][ T5947] usb 2-1: SerialNumber: syz
[  659.330941][T13779] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2314'.
[  659.363759][ T5947] usb 2-1: config 0 descriptor??
[  659.394697][   T43] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  659.619319][   T43] usb 5-1: config 0 has no interfaces?
[  659.654780][   T43] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  659.679116][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.697638][   T43] usb 5-1: Product: syz
[  659.725769][   T43] usb 5-1: Manufacturer: syz
[  659.742469][   T43] usb 5-1: SerialNumber: syz
[  659.775764][ T5948] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  659.800804][   T43] usb 5-1: config 0 descriptor??
[  659.989979][ T5948] usb 3-1: Using ep0 maxpacket: 16
[  659.996968][ T5948] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  660.012668][ T5948] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  660.066028][ T5948] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  660.083434][ T5948] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  660.093193][ T5948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  660.105294][ T5948] usb 3-1: Product: syz
[  660.113772][ T5948] usb 3-1: Manufacturer: syz
[  660.129056][ T5948] usb 3-1: SerialNumber: syz
[  660.534436][T13785] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.541902][T13785] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.639306][ T5948] usb 3-1: 0:2 : does not exist
[  660.662351][T13785] batman_adv: batadv0: Interface deactivated: dummy0
[  661.256795][ T5948] usb 3-1: USB disconnect, device number 36
[  661.304439][ T6029] udevd[6029]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  661.787697][T13793] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2318'.
[  661.929176][T13800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2320'.
[  662.157260][T13796] usb 2-1: USB disconnect, device number 21
[  662.584658][T13796] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  662.744675][T13796] usb 2-1: Using ep0 maxpacket: 8
[  662.885064][T13796] usb 2-1: unable to get BOS descriptor or descriptor too short
[  662.894371][T13796] usb 2-1: unable to read config index 0 descriptor/start: -71
[  662.902137][T13796] usb 2-1: can't read configurations, error -71
[  663.440444][T13806] FAULT_INJECTION: forcing a failure.
[  663.440444][T13806] name failslab, interval 1, probability 0, space 0, times 0
[  663.464705][T13806] CPU: 0 UID: 0 PID: 13806 Comm: syz.1.2322 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  663.464732][T13806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  663.464744][T13806] Call Trace:
[  663.464752][T13806]  <TASK>
[  663.464761][T13806]  dump_stack_lvl+0x189/0x250
[  663.464787][T13806]  ? __pfx____ratelimit+0x10/0x10
[  663.464807][T13806]  ? __pfx_dump_stack_lvl+0x10/0x10
[  663.464829][T13806]  ? __pfx__printk+0x10/0x10
[  663.464849][T13806]  ? __pfx___might_resched+0x10/0x10
[  663.464872][T13806]  should_fail_ex+0x414/0x560
[  663.464893][T13806]  should_failslab+0xa8/0x100
[  663.464909][T13806]  __kmalloc_cache_noprof+0x70/0x3d0
[  663.464923][T13806]  ? nft_netdev_hook_alloc+0x57/0x530
[  663.464946][T13806]  nft_netdev_hook_alloc+0x57/0x530
[  663.464964][T13806]  ? rcu_is_watching+0x15/0xb0
[  663.464990][T13806]  nf_tables_parse_netdev_hooks+0x10b/0x8e0
[  663.465002][T13806]  ? nf_flow_table_init+0x280/0x2a0
[  663.465023][T13806]  nft_flowtable_parse_hook+0x465/0x8d0
[  663.465053][T13806]  ? __pfx_nft_flowtable_parse_hook+0x10/0x10
[  663.465074][T13806]  ? nf_flow_table_init+0x280/0x2a0
[  663.465089][T13806]  nf_tables_newflowtable+0x1220/0x20d0
[  663.465119][T13806]  ? __pfx_nf_tables_newflowtable+0x10/0x10
[  663.465150][T13806]  ? __nla_parse+0x40/0x60
[  663.465171][T13806]  nfnetlink_rcv+0x1132/0x2520
[  663.465213][T13806]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  663.465243][T13806]  ? ref_tracker_free+0x63a/0x7d0
[  663.465282][T13806]  ? __netlink_deliver_tap+0x807/0x850
[  663.465303][T13806]  ? netlink_deliver_tap+0x2e/0x1b0
[  663.465318][T13806]  ? netlink_deliver_tap+0x2e/0x1b0
[  663.465336][T13806]  netlink_unicast+0x758/0x8d0
[  663.465358][T13806]  netlink_sendmsg+0x805/0xb30
[  663.465380][T13806]  ? __pfx_netlink_sendmsg+0x10/0x10
[  663.465397][T13806]  ? aa_sock_msg_perm+0x94/0x160
[  663.465415][T13806]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  663.465431][T13806]  ? __pfx_netlink_sendmsg+0x10/0x10
[  663.465446][T13806]  __sock_sendmsg+0x219/0x270
[  663.465468][T13806]  ____sys_sendmsg+0x505/0x830
[  663.465489][T13806]  ? __pfx_____sys_sendmsg+0x10/0x10
[  663.465511][T13806]  ? import_iovec+0x74/0xa0
[  663.465527][T13806]  ___sys_sendmsg+0x21f/0x2a0
[  663.465545][T13806]  ? __pfx____sys_sendmsg+0x10/0x10
[  663.465587][T13806]  ? __fget_files+0x2a/0x420
[  663.465601][T13806]  ? __fget_files+0x3a0/0x420
[  663.465622][T13806]  __x64_sys_sendmsg+0x19b/0x260
[  663.465640][T13806]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  663.465663][T13806]  ? __pfx_ksys_write+0x10/0x10
[  663.465673][T13806]  ? rcu_is_watching+0x15/0xb0
[  663.465695][T13806]  ? do_syscall_64+0xbe/0x3b0
[  663.465711][T13806]  do_syscall_64+0xfa/0x3b0
[  663.465722][T13806]  ? lockdep_hardirqs_on+0x9c/0x150
[  663.465739][T13806]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.465752][T13806]  ? clear_bhb_loop+0x60/0xb0
[  663.465768][T13806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.465780][T13806] RIP: 0033:0x7f381c58e929
[  663.465794][T13806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  663.465805][T13806] RSP: 002b:00007f381d46e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  663.465820][T13806] RAX: ffffffffffffffda RBX: 00007f381c7b5fa0 RCX: 00007f381c58e929
[  663.465830][T13806] RDX: 0000000000000800 RSI: 0000200000000200 RDI: 0000000000000003
[  663.465839][T13806] RBP: 00007f381d46e090 R08: 0000000000000000 R09: 0000000000000000
[  663.465847][T13806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  663.465856][T13806] R13: 0000000000000000 R14: 00007f381c7b5fa0 R15: 00007f381c8dfa28
[  663.465877][T13806]  </TASK>
[  663.880405][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  663.880422][   T30] audit: type=1326 audit(1750432868.763:4426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  663.909406][   T30] audit: type=1326 audit(1750432868.793:4427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  663.934245][   T30] audit: type=1326 audit(1750432868.803:4428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  663.963393][   T30] audit: type=1326 audit(1750432868.803:4429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  663.991170][   T30] audit: type=1326 audit(1750432868.813:4430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  664.018624][   T30] audit: type=1326 audit(1750432868.813:4431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  664.046455][   T30] audit: type=1326 audit(1750432868.813:4432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  664.079642][   T30] audit: type=1326 audit(1750432868.813:4433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  664.115144][   T30] audit: type=1326 audit(1750432868.813:4434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  664.138111][   T30] audit: type=1326 audit(1750432868.813:4435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.1.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f381c58e929 code=0x7ffc0000
[  665.281204][T13819] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  674.195473][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  674.204425][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  674.213225][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  674.223289][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  674.237078][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  675.187861][ T5847] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  675.197303][ T5847] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  675.208080][ T5847] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  675.218397][ T5847] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  675.228732][ T5847] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  676.305122][   T51] Bluetooth: hci5: command tx timeout
[  677.149062][ T5847] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  677.158441][ T5847] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  677.167909][ T5847] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  677.181051][ T5847] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  677.189245][ T5847] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  677.266231][   T51] Bluetooth: hci6: command tx timeout
[  677.671302][ T5847] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  677.681694][ T5847] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  677.692993][ T5847] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  677.702692][ T5847] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  677.711889][ T5847] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  678.394763][   T51] Bluetooth: hci5: command tx timeout
[  679.265659][   T51] Bluetooth: hci7: command tx timeout
[  679.344863][   T51] Bluetooth: hci6: command tx timeout
[  679.744661][   T51] Bluetooth: hci8: command tx timeout
[  680.464749][   T51] Bluetooth: hci5: command tx timeout
[  680.646027][ T5847] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  680.655779][ T5847] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  680.667069][ T5847] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  680.677523][ T5847] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  680.685670][ T5847] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  681.344892][ T5847] Bluetooth: hci7: command tx timeout
[  681.424853][ T5847] Bluetooth: hci6: command tx timeout
[  681.824713][ T5847] Bluetooth: hci8: command tx timeout
[  682.547579][ T5847] Bluetooth: hci5: command tx timeout
[  682.704856][ T5847] Bluetooth: hci9: command tx timeout
[  683.434784][ T5847] Bluetooth: hci7: command tx timeout
[  683.504783][ T5847] Bluetooth: hci6: command tx timeout
[  683.904660][ T5847] Bluetooth: hci8: command tx timeout
[  684.784787][ T5847] Bluetooth: hci9: command tx timeout
[  685.504824][ T5847] Bluetooth: hci7: command tx timeout
[  685.748218][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  685.754817][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  685.994869][ T5847] Bluetooth: hci8: command tx timeout
[  686.864705][ T5847] Bluetooth: hci9: command tx timeout
[  688.945038][ T5847] Bluetooth: hci9: command tx timeout
[  718.560117][ T5847] Bluetooth: hci2: command 0x0406 tx timeout
[  734.738979][   T51] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  734.750011][   T51] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  734.758766][   T51] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  734.769779][   T51] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  734.780280][   T51] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  735.695460][   T51] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  735.706502][   T51] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  735.719450][   T51] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  735.730696][   T51] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  735.739203][   T51] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  736.864721][   T51] Bluetooth: hci10: command tx timeout
[  737.790410][ T5847] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  737.799617][ T5847] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  737.809350][ T5847] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  737.821675][ T5847] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  737.829194][ T5847] Bluetooth: hci11: command tx timeout
[  737.830594][T13855] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  737.920189][T13855] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  737.930586][T13855] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  737.939608][T13855] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  737.950113][T13855] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  737.959266][T13855] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  738.944660][   T51] Bluetooth: hci10: command tx timeout
[  739.904867][T13855] Bluetooth: hci11: command tx timeout
[  739.904884][   T51] Bluetooth: hci12: command tx timeout
[  739.984726][   T51] Bluetooth: hci13: command tx timeout
[  740.707147][T13855] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  740.716590][T13855] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  740.726671][T13855] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  740.738912][T13855] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  740.747368][T13855] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  741.024628][   T51] Bluetooth: hci10: command tx timeout
[  741.984855][   T51] Bluetooth: hci11: command tx timeout
[  741.984898][T13855] Bluetooth: hci12: command tx timeout
[  742.065780][T13855] Bluetooth: hci13: command tx timeout
[  742.784697][T13855] Bluetooth: hci14: command tx timeout
[  743.114637][T13855] Bluetooth: hci10: command tx timeout
[  744.064873][T13855] Bluetooth: hci11: command tx timeout
[  744.065656][   T51] Bluetooth: hci12: command tx timeout
[  744.144652][   T51] Bluetooth: hci13: command tx timeout
[  744.874702][   T51] Bluetooth: hci14: command tx timeout
[  746.144723][   T51] Bluetooth: hci12: command tx timeout
[  746.224765][   T51] Bluetooth: hci13: command tx timeout
[  746.944692][   T51] Bluetooth: hci14: command tx timeout
[  747.188092][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  747.194824][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  749.024733][   T51] Bluetooth: hci14: command tx timeout
[  794.857549][T13855] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  794.869958][T13855] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  794.878939][T13855] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  794.888052][T13855] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  794.899420][T13855] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  796.251792][   T51] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  796.260803][   T51] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  796.270136][   T51] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  796.280296][   T51] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  796.291214][   T51] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  796.944889][   T51] Bluetooth: hci15: command tx timeout
[  797.875789][T13855] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  797.887913][T13855] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  797.898175][T13855] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  797.906624][T13855] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  797.916538][T13855] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  797.952735][   T51] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  797.965910][   T51] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  797.977014][   T51] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  797.999289][   T51] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  798.007473][   T51] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  798.314727][T13855] Bluetooth: hci16: command tx timeout
[  799.044554][T13881] Bluetooth: hci15: command tx timeout
[  799.994776][T13881] Bluetooth: hci17: command tx timeout
[  800.068835][T13881] Bluetooth: hci18: command tx timeout
[  800.384632][T13881] Bluetooth: hci16: command tx timeout
[  800.464609][T13881] Bluetooth: hci8: command 0x0406 tx timeout
[  800.471200][T13881] Bluetooth: hci5: command 0x0406 tx timeout
[  800.478528][T13881] Bluetooth: hci6: command 0x0406 tx timeout
[  800.480320][ T5847] Bluetooth: hci7: command 0x0406 tx timeout
[  801.110048][   T51] Bluetooth: hci15: command tx timeout
[  801.279209][T13878] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  801.291833][T13878] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  801.301907][T13878] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  801.311402][T13878] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  801.319481][T13878] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  802.074694][   T51] Bluetooth: hci17: command tx timeout
[  802.144992][   T51] Bluetooth: hci18: command tx timeout
[  802.464629][   T51] Bluetooth: hci16: command tx timeout
[  803.194974][   T51] Bluetooth: hci15: command tx timeout
[  803.354692][   T51] Bluetooth: hci19: command tx timeout
[  804.144620][T13878] Bluetooth: hci17: command tx timeout
[  804.154743][   T31] INFO: task kworker/0:0:9 blocked for more than 143 seconds.
[  804.162242][   T31]       Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0
[  804.171807][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  804.180571][   T31] task:kworker/0:0     state:D stack:20440 pid:9     tgid:9     ppid:2      task_flags:0x4208160 flags:0x00004000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  804.192632][   T31] Workqueue: events switchdev_deferred_process_work
[  804.204482][   T31] Call Trace:
[  804.207824][   T31]  <TASK>
[  804.210779][   T31]  __schedule+0x16f5/0x4d00
[  804.224522][   T31]  ? schedule+0x165/0x360
[  804.228937][T13878] Bluetooth: hci18: command tx timeout
[  804.244660][   T31]  ? preempt_schedule+0xae/0xc0
[  804.249587][   T31]  ? __pfx___schedule+0x10/0x10
[  804.289735][   T31]  ? preempt_schedule+0xae/0xc0
[  804.294886][   T31]  ? schedule+0x91/0x360
[  804.299178][   T31]  schedule+0x165/0x360
[  804.303364][   T31]  schedule_preempt_disabled+0x13/0x30
[  804.309263][   T31]  __mutex_lock+0x724/0xe80
[  804.313881][   T31]  ? __mutex_lock+0x51b/0xe80
[  804.318867][   T31]  ? switchdev_deferred_process_work+0xe/0x20
[  804.325021][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  804.330083][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  804.335356][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  804.341107][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  804.346927][   T31]  switchdev_deferred_process_work+0xe/0x20
[  804.352848][   T31]  process_scheduled_works+0xae1/0x17b0
[  804.371048][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  804.378124][   T31]  worker_thread+0x8a0/0xda0
[  804.382784][   T31]  kthread+0x70e/0x8a0
[  804.387048][   T31]  ? __pfx_worker_thread+0x10/0x10
[  804.392183][   T31]  ? __pfx_kthread+0x10/0x10
[  804.396875][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  804.402101][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  804.407410][   T31]  ? __pfx_kthread+0x10/0x10
[  804.412033][   T31]  ret_from_fork+0x3f9/0x770
[  804.416683][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  804.421830][   T31]  ? __switch_to_asm+0x39/0x70
[  804.426703][   T31]  ? __switch_to_asm+0x33/0x70
[  804.431510][   T31]  ? __pfx_kthread+0x10/0x10
[  804.436211][   T31]  ret_from_fork_asm+0x1a/0x30
[  804.441015][   T31]  </TASK>
[  804.444080][   T31] INFO: task kworker/u8:3:49 blocked for more than 143 seconds.
[  804.453651][   T31]       Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0
[  804.461752][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  804.473645][   T31] task:kworker/u8:3    state:D stack:20856 pid:49    tgid:49    ppid:2      task_flags:0x4208060 flags:0x00004000
[  804.486799][   T31] Workqueue: events_unbound linkwatch_event
[  804.492750][   T31] Call Trace:
[  804.496067][   T31]  <TASK>
[  804.499020][   T31]  __schedule+0x16f5/0x4d00
[  804.503551][   T31]  ? schedule+0x165/0x360
[  804.507999][   T31]  ? __pfx___schedule+0x10/0x10
[  804.512896][   T31]  ? schedule+0x91/0x360
[  804.517252][   T31]  schedule+0x165/0x360
[  804.521446][   T31]  schedule_preempt_disabled+0x13/0x30
[  804.527006][   T31]  __mutex_lock+0x724/0xe80
[  804.531547][   T31]  ? __mutex_lock+0x51b/0xe80
[  804.536303][   T31]  ? linkwatch_event+0xe/0x60
[  804.541004][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  804.546153][T13878] Bluetooth: hci16: command tx timeout
[  804.551703][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  804.557004][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  804.562753][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  804.569066][   T31]  linkwatch_event+0xe/0x60
[  804.573614][   T31]  process_scheduled_works+0xae1/0x17b0
[  804.579262][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  804.585324][   T31]  worker_thread+0x8a0/0xda0
[  804.589947][   T31]  kthread+0x70e/0x8a0
[  804.594028][   T31]  ? __pfx_worker_thread+0x10/0x10
[  804.599311][   T31]  ? __pfx_kthread+0x10/0x10
[  804.603979][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  804.609354][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  804.614606][   T31]  ? __pfx_kthread+0x10/0x10
[  804.619228][   T31]  ret_from_fork+0x3f9/0x770
[  804.623858][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  804.629076][   T31]  ? __switch_to_asm+0x39/0x70
[  804.633864][   T31]  ? __switch_to_asm+0x33/0x70
[  804.638739][   T31]  ? __pfx_kthread+0x10/0x10
[  804.643367][   T31]  ret_from_fork_asm+0x1a/0x30
[  804.648214][   T31]  </TASK>
[  804.651393][   T31] INFO: task syz.4.2313:13776 blocked for more than 143 seconds.
[  804.659232][   T31]       Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0
[  804.667186][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  804.676313][   T31] task:syz.4.2313      state:D stack:23880 pid:13776 tgid:13772 ppid:5852   task_flags:0x400140 flags:0x00004006
[  804.688382][   T31] Call Trace:
[  804.691672][   T31]  <TASK>
[  804.694685][   T31]  __schedule+0x16f5/0x4d00
[  804.699235][   T31]  ? schedule+0x165/0x360
[  804.703611][   T31]  ? __pfx___schedule+0x10/0x10
[  804.708779][   T31]  ? schedule+0x91/0x360
[  804.713077][   T31]  schedule+0x165/0x360
[  804.717350][   T31]  schedule_preempt_disabled+0x13/0x30
[  804.722841][   T31]  __mutex_lock+0x724/0xe80
[  804.727469][   T31]  ? __mutex_lock+0x51b/0xe80
[  804.732214][   T31]  ? internal_dev_create+0x26f/0x470
[  804.737607][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  804.742657][   T31]  ? alloc_netdev_mqs+0xc9e/0x11e0
[  804.748090][   T31]  ? __kvmalloc_node_noprof+0x331/0x5f0
[  804.753670][   T31]  ? alloc_netdev_mqs+0xdb2/0x11e0
[  804.758916][   T31]  internal_dev_create+0x26f/0x470
[  804.764062][   T31]  ovs_vport_add+0x110/0x370
[  804.769254][   T31]  ? new_vport+0x12/0x190
[  804.773635][   T31]  new_vport+0x1a/0x190
[  804.778080][   T31]  ovs_dp_cmd_new+0x69f/0xaf0
[  804.782812][   T31]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  804.788082][   T31]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  804.794649][   T31]  genl_family_rcv_msg_doit+0x212/0x300
[  804.800225][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  804.806593][   T31]  ? bpf_lsm_capable+0x9/0x20
[  804.811320][   T31]  ? security_capable+0x7e/0x2e0
[  804.818016][   T31]  genl_rcv_msg+0x60e/0x790
[  804.822578][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  804.827660][   T31]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  804.832900][   T31]  netlink_rcv_skb+0x205/0x470
[  804.837778][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  804.842839][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  804.848212][   T31]  ? down_read+0x1ad/0x2e0
[  804.852644][   T31]  genl_rcv+0x28/0x40
[  804.856704][   T31]  netlink_unicast+0x758/0x8d0
[  804.861500][   T31]  netlink_sendmsg+0x805/0xb30
[  804.867242][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  804.872742][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  804.878331][   T31]  ? security_socket_sendmsg+0xf5/0x2b0
[  804.883980][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  804.889347][   T31]  __sock_sendmsg+0x219/0x270
[  804.894070][   T31]  ____sys_sendmsg+0x505/0x830
[  804.898950][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  804.904276][   T31]  ? import_iovec+0x74/0xa0
[  804.908891][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  804.913591][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  804.918878][   T31]  ? __fget_files+0x2a/0x420
[  804.923501][   T31]  ? __fget_files+0x3a0/0x420
[  804.928272][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  804.933239][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  804.938808][   T31]  ? rcu_is_watching+0x15/0xb0
[  804.943622][   T31]  ? do_syscall_64+0xbe/0x3b0
[  804.948375][   T31]  do_syscall_64+0xfa/0x3b0
[  804.952906][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.959129][   T31]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  804.964807][   T31]  ? clear_bhb_loop+0x60/0xb0
[  804.969503][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.975844][   T31] RIP: 0033:0x7fc1acd8e929
[  804.980291][   T31] RSP: 002b:00007fc1aabd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  804.988776][   T31] RAX: ffffffffffffffda RBX: 00007fc1acfb6160 RCX: 00007fc1acd8e929
[  804.996839][   T31] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a
[  805.004875][   T31] RBP: 00007fc1ace10b39 R08: 0000000000000000 R09: 0000000000000000
[  805.012869][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  805.020899][   T31] R13: 0000000000000000 R14: 00007fc1acfb6160 R15: 00007fc1ad0dfa28
[  805.028976][   T31]  </TASK>
[  805.032047][   T31] 
[  805.032047][   T31] Showing all locks held in the system:
[  805.044236][   T31] 3 locks held by kworker/0:0/9:
[  805.049250][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.060302][   T31]  #1: ffffc900000e7bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.071342][   T31]  #2: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  805.082037][   T31] 3 locks held by kworker/0:1/10:
[  805.087164][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.098302][   T31]  #1: ffffc900000f7bc0 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.112705][   T31]  #2: ffffffff8f846768 (ovs_mutex){+.+.}-{4:4}, at: ovs_dp_masks_rebalance+0x2f/0xe0
[  805.122800][   T31] 1 lock held by khungtaskd/31:
[  805.128024][   T31]  #0: ffffffff8e13eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  805.138121][   T31] 3 locks held by kworker/u8:3/49:
[  805.143253][   T31]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.155333][   T31]  #1: ffffc90000b97bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.166391][   T31]  #2: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  805.175595][   T31] 3 locks held by kworker/u9:0/51:
[  805.180958][   T31]  #0: ffff8880684f0948 ((wq_completion)hci9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.191912][   T31]  #1: ffffc90000bb7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.204636][   T31]  #2: ffff888078518d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  805.214544][   T31] 3 locks held by kworker/u8:4/59:
[  805.219673][   T31]  #0: ffff88814c4f0948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.231321][   T31]  #1: ffffc9000210fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.245244][   T31]  #2: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  805.255103][   T31] 3 locks held by kworker/1:2/887:
[  805.260252][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.271576][   T31]  #1: ffffc90003337bc0 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.285965][   T31]  #2: ffffffff8f846768 (ovs_mutex){+.+.}-{4:4}, at: ovs_dp_masks_rebalance+0x2f/0xe0
[  805.295896][   T31] 1 lock held by klogd/5194:
[  805.300521][   T31] 2 locks held by getty/5597:
[  805.305591][   T31]  #0: ffff88803513a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  805.315699][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  805.325912][   T31] 3 locks held by kworker/1:3/5836:
[  805.331122][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.342161][   T31]  #1: ffffc900040ffbc0 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.360296][   T31]  #2: ffffffff8f846768 (ovs_mutex){+.+.}-{4:4}, at: ovs_dp_masks_rebalance+0x2f/0xe0
[  805.370008][   T31] 3 locks held by kworker/1:5/5845:
[  805.375428][   T31]  #0: ffff88801a481d48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.389437][   T31]  #1: ffffc900041afbc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.400611][   T31]  #2: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf00
[  805.410431][   T31] 3 locks held by kworker/0:3/5888:
[  805.415963][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.427078][T13878] Bluetooth: hci19: command tx timeout
[  805.432636][   T31]  #1: ffffc9000440fbc0 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.446542][   T31]  #2: ffffffff8f846768 (ovs_mutex){+.+.}-{4:4}, at: ovs_dp_masks_rebalance+0x2f/0xe0
[  805.456218][   T31] 3 locks held by kworker/0:4/5901:
[  805.461422][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.472461][   T31]  #1: ffffc900050efbc0 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.486526][   T31]  #2: ffffffff8f846768 (ovs_mutex){+.+.}-{4:4}, at: ovs_dp_masks_rebalance+0x2f/0xe0
[  805.496266][   T31] 3 locks held by kworker/1:7/5948:
[  805.501482][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  805.512523][   T31]  #1: ffffc90005277bc0 ((work_completion)(&(&ovs_net->masks_rebalance)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  805.526391][   T31]  #2: ffffffff8f846768 (ovs_mutex){+.+.}-{4:4}, at: ovs_dp_masks_rebalance+0x2f/0xe0
[  805.536084][   T31] 3 locks held by syz.4.2313/13776:
[  805.541288][   T31]  #0: ffffffff8f5764f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  805.549562][   T31]  #1: ffffffff8f846768 (ovs_mutex){+.+.}-{4:4}, at: ovs_dp_cmd_new+0x66a/0xaf0
[  805.558703][   T31]  #2: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: internal_dev_create+0x26f/0x470
[  805.568367][   T31] 2 locks held by syz.3.2317/13785:
[  805.573594][   T31]  #0: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  805.582709][   T31]  #1: ffff888023a3cd30 (&dev_instance_lock_key#14){+.+.}-{4:4}, at: napi_disable+0x4e/0x80
[  805.593213][T13878] Bluetooth: hci9: command 0x0406 tx timeout
[  805.599441][   T31] 1 lock held by syz.2.2319/13798:
[  805.604634][   T31]  #0: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  805.613743][   T31] 2 locks held by syz.0.2320/13800:
[  805.618998][   T31]  #0: ffffffff8eca4d80 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  805.628854][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  805.638035][   T31] 1 lock held by syz.1.2325/13819:
[  805.643159][   T31]  #0: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: dev_ethtool+0x1d0/0x1990
[  805.652249][   T31] 2 locks held by syz-executor/13824:
[  805.657690][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.667298][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.678081][   T31] 2 locks held by syz-executor/13827:
[  805.683452][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.693280][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.703870][   T31] 2 locks held by syz-executor/13831:
[  805.709384][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.718864][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.729391][   T31] 2 locks held by syz-executor/13834:
[  805.734821][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.744285][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.755044][   T31] 2 locks held by syz-executor/13837:
[  805.760433][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.769909][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.780458][   T31] 2 locks held by syz-executor/13847:
[  805.787003][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.797026][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.807643][   T31] 2 locks held by syz-executor/13850:
[  805.813094][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.822592][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.833714][   T31] 2 locks held by syz-executor/13856:
[  805.839139][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.848634][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.859154][   T31] 2 locks held by syz-executor/13858:
[  805.864581][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.874025][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.884558][   T31] 2 locks held by syz-executor/13861:
[  805.889953][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.899768][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.910758][   T31] 2 locks held by syz-executor/13869:
[  805.916263][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.925765][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.936315][   T31] 2 locks held by syz-executor/13872:
[  805.941695][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.951235][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.961880][   T31] 2 locks held by syz-executor/13876:
[  805.967294][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  805.976786][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  805.987293][   T31] 2 locks held by syz-executor/13880:
[  805.992695][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  806.002481][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  806.013479][   T31] 2 locks held by syz-executor/13885:
[  806.019152][   T31]  #0: ffffffff8f503750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  806.028879][   T31]  #1: ffffffff8f510348 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x1a/0xa0
[  806.041223][   T31] 
[  806.043613][   T31] =============================================
[  806.043613][   T31] 
[  806.057932][   T31] NMI backtrace for cpu 0
[  806.057952][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  806.057972][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  806.057982][   T31] Call Trace:
[  806.057990][   T31]  <TASK>
[  806.057997][   T31]  dump_stack_lvl+0x189/0x250
[  806.058024][   T31]  ? __wake_up_klogd+0xd9/0x110
[  806.058046][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  806.058068][   T31]  ? __pfx__printk+0x10/0x10
[  806.058094][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  806.058116][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  806.058132][   T31]  ? _printk+0xcf/0x120
[  806.058154][   T31]  ? __pfx__printk+0x10/0x10
[  806.058173][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  806.058195][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  806.058217][   T31]  watchdog+0xfee/0x1030
[  806.058239][   T31]  ? watchdog+0x1de/0x1030
[  806.058267][   T31]  kthread+0x70e/0x8a0
[  806.058288][   T31]  ? __pfx_watchdog+0x10/0x10
[  806.058304][   T31]  ? __pfx_kthread+0x10/0x10
[  806.058323][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  806.058337][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  806.058351][   T31]  ? __pfx_kthread+0x10/0x10
[  806.058362][   T31]  ret_from_fork+0x3f9/0x770
[  806.058377][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  806.058393][   T31]  ? __switch_to_asm+0x39/0x70
[  806.058403][   T31]  ? __switch_to_asm+0x33/0x70
[  806.058416][   T31]  ? __pfx_kthread+0x10/0x10
[  806.058434][   T31]  ret_from_fork_asm+0x1a/0x30
[  806.058464][   T31]  </TASK>
[  806.058472][   T31] Sending NMI from CPU 0 to CPUs 1:
[  806.216543][    C1] NMI backtrace for cpu 1
[  806.216566][    C1] CPU: 1 UID: 0 PID: 3558 Comm: kworker/u8:8 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  806.216586][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  806.216596][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  806.216619][    C1] RIP: 0010:filter_irq_stacks+0x5f/0xa0
[  806.216638][    C1] Code: 89 ff e8 04 d8 76 00 49 8b 04 de 48 3d 30 02 00 81 0f 93 c1 48 3d 70 16 00 81 0f 92 c2 84 d1 75 27 48 3d b0 2c 69 8b 0f 92 c1 <48> 3d cb 2c 69 8b 0f 93 c0 08 c8 74 11 48 ff c3 49 83 c7 08 49 39
[  806.216651][    C1] RSP: 0018:ffffc9000c7b7638 EFLAGS: 00000287
[  806.216664][    C1] RAX: ffffffff8223d306 RBX: 0000000000000001 RCX: 0000000000000001
[  806.216675][    C1] RDX: 0000000000000000 RSI: 000000000000000a RDI: ffffc9000c7b76e0
[  806.216688][    C1] RBP: ffffc9000c7b7908 R08: 000000000000000f R09: ffffffff81729af5
[  806.216699][    C1] R10: ffffc9000c7b75f8 R11: ffffffff81acf690 R12: 000000000000000a
[  806.216710][    C1] R13: dffffc0000000000 R14: ffffc9000c7b76e0 R15: ffffc9000c7b76e8
[  806.216722][    C1] FS:  0000000000000000(0000) GS:ffff888125d51000(0000) knlGS:0000000000000000
[  806.216735][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  806.216745][    C1] CR2: 0000560a5851f1e0 CR3: 000000007a70c000 CR4: 00000000003526f0
[  806.216759][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  806.216768][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  806.216778][    C1] Call Trace:
[  806.216784][    C1]  <TASK>
[  806.216794][    C1]  stack_depot_save_flags+0x40/0x900
[  806.216817][    C1]  kasan_save_track+0x4f/0x80
[  806.216837][    C1]  ? kasan_save_track+0x3e/0x80
[  806.216854][    C1]  ? kasan_save_free_info+0x46/0x50
[  806.216870][    C1]  ? __kasan_slab_free+0x62/0x70
[  806.216883][    C1]  ? kmem_cache_free+0x18f/0x400
[  806.216897][    C1]  ? nsim_dev_trap_report_work+0x7cf/0xb80
[  806.216913][    C1]  ? process_scheduled_works+0xae1/0x17b0
[  806.216931][    C1]  ? worker_thread+0x8a0/0xda0
[  806.216943][    C1]  ? kthread+0x70e/0x8a0
[  806.216958][    C1]  ? ret_from_fork+0x3f9/0x770
[  806.216975][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  806.217009][    C1]  ? nsim_dev_trap_report_work+0x7cf/0xb80
[  806.217026][    C1]  kasan_save_free_info+0x46/0x50
[  806.217043][    C1]  __kasan_slab_free+0x62/0x70
[  806.217056][    C1]  kmem_cache_free+0x18f/0x400
[  806.217073][    C1]  nsim_dev_trap_report_work+0x7cf/0xb80
[  806.217097][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  806.217118][    C1]  process_scheduled_works+0xae1/0x17b0
[  806.217148][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  806.217174][    C1]  worker_thread+0x8a0/0xda0
[  806.217189][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  806.217211][    C1]  ? __kthread_parkme+0x7b/0x200
[  806.217230][    C1]  kthread+0x70e/0x8a0
[  806.217246][    C1]  ? __pfx_worker_thread+0x10/0x10
[  806.217265][    C1]  ? __pfx_kthread+0x10/0x10
[  806.217282][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  806.217298][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  806.217318][    C1]  ? __pfx_kthread+0x10/0x10
[  806.217334][    C1]  ret_from_fork+0x3f9/0x770
[  806.217353][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  806.217374][    C1]  ? __switch_to_asm+0x39/0x70
[  806.217388][    C1]  ? __switch_to_asm+0x33/0x70
[  806.217402][    C1]  ? __pfx_kthread+0x10/0x10
[  806.217418][    C1]  ret_from_fork_asm+0x1a/0x30
[  806.217439][    C1]  </TASK>
[  806.217807][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  806.553899][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full) 
[  806.565787][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  806.575835][   T31] Call Trace:
[  806.579110][   T31]  <TASK>
[  806.582033][   T31]  dump_stack_lvl+0x99/0x250
[  806.586626][   T31]  ? __asan_memcpy+0x40/0x70
[  806.591302][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  806.596499][   T31]  ? __pfx__printk+0x10/0x10
[  806.601091][   T31]  panic+0x2db/0x790
[  806.604991][   T31]  ? __pfx_panic+0x10/0x10
[  806.609408][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  806.615217][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  806.620596][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  806.626752][   T31]  watchdog+0x102d/0x1030
[  806.631092][   T31]  ? watchdog+0x1de/0x1030
[  806.635512][   T31]  kthread+0x70e/0x8a0
[  806.639576][   T31]  ? __pfx_watchdog+0x10/0x10
[  806.644248][   T31]  ? __pfx_kthread+0x10/0x10
[  806.648839][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  806.654034][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  806.659232][   T31]  ? __pfx_kthread+0x10/0x10
[  806.663832][   T31]  ret_from_fork+0x3f9/0x770
[  806.668422][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  806.673537][   T31]  ? __switch_to_asm+0x39/0x70
[  806.678295][   T31]  ? __switch_to_asm+0x33/0x70
[  806.683312][   T31]  ? __pfx_kthread+0x10/0x10
[  806.687984][   T31]  ret_from_fork_asm+0x1a/0x30
[  806.692751][   T31]  </TASK>
[  806.696033][   T31] Kernel Offset: disabled
[  806.700449][   T31] Rebooting in 86400 seconds..