last executing test programs:

5.898999023s ago: executing program 4 (id=346):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$sndctrl(&(0x7f0000001e00), 0x2, 0x40000)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000002340)=""/4096)
mkdir(0x0, 0x19a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x8, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
r3 = fsopen(&(0x7f00000000c0)='sysfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x1)
pipe2$watch_queue(0x0, 0x80)
r4 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)

5.650707141s ago: executing program 1 (id=348):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x4}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}], {0x14}}, 0x9c}}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x62181)
write$sndseq(r3, &(0x7f00000000c0)=[{0xff, 0x1, 0x2, 0xb9, @time={0x8, 0x6}, {0x6, 0x6}, {0x1, 0x6}, @result={0xff, 0x1}}], 0x1c)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})
openat$tun(0xffffffffffffff9c, 0x0, 0x582b7cad97fe5754, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, 0x0)
ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0)
ioctl$VIDIOC_QUERYMENU(r4, 0xc008561c, &(0x7f0000000000)={0x980901, 0x7, @name="765ccc21b69f16e997f75efd884dbebd48ceddfaccc90b0175810bb43654f2aa"})
syz_usb_connect$uac1(0x2, 0xc2, &(0x7f0000000200)=ANY=[@ANYBLOB="12010003090000406b1d01014000010203010902b00003010e10040904000000010100000a24010100050201020c24070510b5c6a1cfd29608090401000001020000090401010101020000072401090600000c240201fe02090404d875b1082402011004060c0905010910005209060725010008ff01090402000001020000090402010101020000072401010801000d24020104020501ceb739b26b0724012b8a05000724010900071008240201000208a209058209fc725215e49bb2a440ea9a52a8c93373"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0})
setsockopt$inet_udp_int(r1, 0x11, 0xb, &(0x7f0000000200)=0x6, 0x4)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8695, 0x20001}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_NUM_PEER_NOTIF={0x5, 0x10, 0x7f}, @IFLA_BOND_RESEND_IGMP={0x8, 0xf, 0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000c010}, 0x0)
sendmmsg$sock(r5, &(0x7f0000003740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)=[@timestamping={{0x10, 0x1, 0x25, 0x358}}], 0x10}}], 0x1, 0x24000000)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
getdents64(r8, &(0x7f0000000100)=""/134, 0x86)
getdents(r8, 0x0, 0x0)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x24}}, 0x80)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000b00068000000889078ac1414bbac1414aafffe4e24004d9078010000000400e4ff487a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d0358d4a5eecdee9ebe414aa958d4bbef5e4007898221aa606d083cd592de8fdadd3823fed0b000000000000004ca5d10fd1b6b06f47ea42ef7c9d6a98e3943f6892078bb952854743fe4dee8f8eddd2e7c0ce70a4ac7da806df5b16af17fe87acbae2ab0b233d01422d01cd53c3abe94331d0b7918724000000"], 0x0)
openat$audio1(0xffffff9c, &(0x7f0000000100), 0x183800, 0x0)

5.438578938s ago: executing program 3 (id=349):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x0, 0x14}, 0x80, &(0x7f00000018c0)=[{&(0x7f00000005c0)="270502001c0014000600002fb96dbcf7bae1050007008100050088a8", 0x1c}, {&(0x7f0000000700)="e554bb04af32f00bd876", 0xa}], 0x2}, 0x20000800)

5.306512199s ago: executing program 3 (id=351):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
get_mempolicy(&(0x7f0000000080), &(0x7f0000000540), 0x9, &(0x7f0000ffb000/0x4000)=nil, 0x4)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
r2 = syz_create_resource$binfmt(&(0x7f0000000600)='./file0\x00')
execveat$binfmt(r1, r2, 0x0, 0x0, 0x1000)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="050000000000080000000001fcffff00", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000001"], 0x48}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="050000000300"/16, @ANYRES64=0x0, @ANYRES64=r3, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
timer_create(0x3, &(0x7f0000000740)={0x0, 0x2d, 0x4}, &(0x7f0000000780))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff})
r7 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="1201fb00fb030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r7)
close_range(r6, 0xffffffffffffffff, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00')
syz_usb_connect$printer(0x4, 0x36, &(0x7f0000000580)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x6, 0x20, 0xf9, [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x7, 0x1, 0x2, 0xf5, "", {{{0x9, 0x5, 0x1, 0x2, 0x400, 0xe, 0xa, 0x1a}}, [{{0x9, 0x5, 0x82, 0x2, 0x8, 0x2, 0x8, 0x7}}]}}}]}}]}}, &(0x7f00000006c0)={0xa, &(0x7f00000005c0)={0xa, 0x6, 0x200, 0x6, 0xf7, 0x7, 0x10, 0xc}, 0x68, &(0x7f0000000600)=ANY=[@ANYBLOB="050f68000503100b2c1002af98627162c86d81c174a8f69f4c22d15efb559f31b13bbfc91bade7eda7d37dbf1a0cff8f145ed49f0c100a0040c60100000f0c0014100400008da9eb06f68a3b2aadc09d1015282e141004076f3ea9c3652c39bdffd0fe0c93cb6b90"], 0x1, [{0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x42f}}]})
preadv(r8, &(0x7f0000000040)=[{0x0}], 0x1, 0x4, 0xda2)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r5, 0x8915, &(0x7f0000000a40)={'ip6gretap0\x00'})
sendmsg$NFT_MSG_GETOBJ(r8, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)={0x14c, 0x13, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_USERDATA={0xe5, 0x8, "abdfc1d858c7dc7ad9be03cce99824479dbb0a2f4cd4c6d022b130a0e3a01afb47ce33abb602e3f5db5959bfa6a5b396a7e8956390734ae42342380983756345c0a46e08ad7f482e04fb3ee816c2c6ed3567fcd3f2335c2520e860059ae895b9b3c2aaff20229a67c400f47da39062158821933423b05650cb437cf888aac9c718ccf3089d64abaf6d0504016399c7f6ce87626af666db9f749beaec19d659cb5d71818b07becf1d7d4038c430ba7e0d11d6d54f12941da535f310221f0639695639fbabe73a33ce4a412678a02bceb0d8047c01eae6758339404730f3fc265b2a"}]}, 0x14c}, 0x1, 0x0, 0x0, 0x8044}, 0x20002044)
fcntl$getown(0xffffffffffffffff, 0x9)

4.888896923s ago: executing program 4 (id=353):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000a00)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r2 = syz_io_uring_setup(0x10d2, &(0x7f0000000340)={0x0, 0x6bf6, 0x100, 0x5, 0x12}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000040)=[0xffffffffffffffff, r2, r1, r0, r1, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2], 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x2000)

3.926247902s ago: executing program 1 (id=357):
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x20, 0x10, 0x403, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x93254, 0x8}}, 0x20}, 0x1, 0x0, 0x0, 0x600}, 0x0)
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27, 0x700}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x8029, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x580, 0x0, 0x28, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0xfffe, 0x700}, @generic={0x0, 0x2, "d58838000391"}]}}}}}}, 0xfd6c)

3.804644016s ago: executing program 0 (id=358):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd}) (async)
fcntl$lock(r2, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) (async)
fcntl$lock(r2, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup(r3)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) (async)
sendmsg$inet6(r3, &(0x7f0000000200)={&(0x7f0000000240)={0xa, 0x4e24, 0xf, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000001c0)='\b', 0xffffffffffffff0e}], 0x1}, 0x24048017) (async)
r5 = dup(r3)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22102, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) (async)
getsockopt$inet6_mreq(r5, 0x29, 0x1b, 0x0, &(0x7f0000000300))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f0000000640)={'ip6tnl0\x00', 0x0, 0x4, 0x0, 0x2, 0x8, 0x78, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, 0x40, 0x20, 0x8, 0x6}}) (async)
statx(r5, &(0x7f00000006c0)='./file0\x00', 0x1000, 0x20, &(0x7f0000000700)) (async)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="1932d0add3afef3e", @ANYRES8=r4, @ANYRESOCT=r7, @ANYBLOB="c3bf9c42c1b72de4b56d18124830ca418722669c04877d1ed515dee9a4d4c8209da764d3d0b5b24cd0c5bbfc83a550e70986b3b9cda52a634b55118482bba223582aadb4573b3887c01c13db92ef3518d13fd572f8085d4f4ca95dcc56212d72aba58e5ce98c7505f3f179c2bf0a8d8b877a9ba6089a77817c06bfa95c46efb5f8a5905ec594b472884cd3f80c04865c04f0f66ad8034c70a7ae"], 0x40}}, 0x20000000) (async)
write$apparmor_current(r4, &(0x7f0000000100)=@profile={'changeprofile ', '{)}/!+/\\+\'\x00'}, 0x19) (async)
r9 = eventfd(0xff7ffff7)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000500)={r9, 0x3, 0x2, r9}) (async)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000000)={r9, 0x7, 0x2, r9})
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c)

3.735808325s ago: executing program 0 (id=359):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x6797, 0x80, 0x2, 0x2a9}, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000600), 0x80)
syz_open_procfs(0x0, &(0x7f0000000040)='io\x00')
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000020ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r1], 0x24}}, 0x0)

3.710013691s ago: executing program 1 (id=360):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./file0\x00', 0x1000a0, 0x0, 0xfe, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000063c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0xff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r3, 0x0, 0x2e, &(0x7f0000000340)={0x23, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x0, @empty}}}, 0x104)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_buf(r3, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000180)=0xe1)
write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0x0, r2, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f000000a300)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="b0"], 0x0, 0x0, 0x0})
getdents64(r4, 0x0, 0xc0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_open_dev$sndpcmp(&(0x7f00000002c0), 0x0, 0x0)
ustat(0x0, 0x0)
write$tun(r5, &(0x7f0000000240)={@val={0x6f01, 0x800}, @void, @mpls={[], @ipv4=@tcp={{0xe, 0x4, 0x0, 0x0, 0x68, 0xfffe, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local, {[@timestamp={0x44, 0xfffffffffffffd01, 0x5b, 0x0, 0x8, [0x3, 0xa45a, 0x7fff, 0x3, 0xfffffffb, 0x2, 0x7, 0x5]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xc, 0x0, 0x0, 0x0, 0x18, {[@generic={0x4, 0x8, "17c0070da53a"}, @window={0x3, 0x0, 0x1}, @generic={0x0, 0x8, "d58838068b91"}]}}}}}}, 0x76)

3.617995646s ago: executing program 0 (id=361):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r2, 0x401c5504, &(0x7f00000002c0)={0x3f}) (async)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x3) (async)
write$uinput_user_dev(r2, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10000]}, 0x45c) (async)
ioctl$UI_DEV_CREATE(r2, 0x5501) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000280)={0xa, 0x2, 0x0, @loopback}, 0x1c)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3) (async)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRES16=r8, @ANYRES64=0x0, @ANYRES32=r9, @ANYBLOB="0400"/12], 0x28}}, 0x0) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r6, @ANYBLOB="05005b"], 0x24}, 0x1, 0x0, 0x0, 0x20008002}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r1) (async)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r13, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r15=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r13, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)={0x2c, r14, 0x211, 0x0, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r15}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xb}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x3}]}, 0x2c}, 0x1, 0x100000000000000, 0x0, 0x4000059}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, r14, 0xb00, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
sendmsg$DEVLINK_CMD_SB_GET(r13, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, r12, 0x1, 0x70bd27, 0x25dffbfc}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0)

3.55596117s ago: executing program 3 (id=362):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x20, 0x70bd2b, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x20, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x80000000}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x1, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x7, 0x3}}}}]}]}, 0x70}}, 0x20040000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}}, 0x0)

3.429904433s ago: executing program 2 (id=363):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r1=>0x0})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280), 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)=<r2=>0x0)
migrate_pages(r2, 0x2, &(0x7f0000000140)=0x100000000, &(0x7f00000001c0)=0x9)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x64, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0xc15}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x1c, 0x10}}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}]}, 0x64}, 0x1, 0x0, 0x0, 0x28001}, 0x8000)

3.402254935s ago: executing program 0 (id=364):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
syz_emit_vhci(0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000600)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x2eb4, 0x7ff)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x50, 0x1048, &(0x7f0000000700)="0a1398f8668babb9862aa1c9ea0380d18dafd06547dd62179ba79df1971b787788d854fbec0fe18f84085926de2d9ab0b6f1512c6dbc8a704453c6de009e89414d8518e3dcdd32ecd952f78f6c58a9fd"})

3.400711496s ago: executing program 3 (id=365):
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4000003)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
ioprio_set$uid(0x3, 0x0, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x14)
close(r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r2 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\xd8\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R(\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(r1, r1, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x6, 0x0, 0xffffffff, 0x4, "28f5c918d2da0000e58cd7af40fd150b70aad51c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d54100", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r1)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-384\x00'}, 0x58)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0x11, 0xffffffffffffffff, 0x20)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0xffffffd3, &(0x7f00000001c0)=[@in6={0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, '\x00', 0x35}, 0x6}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8)
socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000c00)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000240)={0x0, 0x10, "bb0cc2e66fbf06c61039b0aa1fa9b32d"}, &(0x7f0000000300)=0x18)
setsockopt$inet6_icmp_ICMP_FILTER(r3, 0x1, 0x1, &(0x7f0000000080)={0x15}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000003bfa30000000000000703000020feffff620af0fff8ffffff71a4f0ff0000000015040200000000001d400200000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffdb03000040000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa5b4e377184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7592566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6cb5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149"], &(0x7f0000000d40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2000004}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

3.343285532s ago: executing program 4 (id=366):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0xc64, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x1}, {0x0, 0x1}, {0x0, 0xb}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc30, 0x2, [@TCA_MATCHALL_ACT={0xc2c, 0x2, [@m_sample={0x11c, 0x5, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x5}]}, {0xe5, 0x6, "38f25df555191be2c666d9a5f9fbf1c6674d930a6b49548795f779c04738d31476e7b46904303e774f670daac95204b3aa00967b9ec65d764b2e48bd715da197540ac2dbea2e115f4efd22ebb0c4531bf7fcd31b61547bd15f710737fab7ba50f6730bcf7c68fd6f6734dc220ebc37df3b8e187fddc4516e5f783c302bbc133134d2a06ab408a97de6505724f9be2eb62a565a1535810f54b758c56ab347d36db167b672425230830efb7606f51b3a894056ee7b74af7ad106d611b3d7c4a326bbd604993d9eba87f5d9d7c682cf9643bb5648bc70f946ebac22580878bb773b06"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x7}}}}, @m_ctinfo={0x8c, 0x1b, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x72a0, 0x4, 0xffffffffeffffff1, 0x2, 0x9}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x7}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8001}]}, {0x35, 0x6, "89a75f1f9832982c0a59ad5c7b043805d7ff0d0a67a9df5adf2ac6dab7c5cfad8bbf15a9388f68544ed8dea9946ee57f3f"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_gact={0x110, 0x1d, 0x0, 0x0, {{0x9}, {0x88, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0xc7f, 0x5}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0xa96}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x160e, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0x400, 0x9, 0x5, 0x3, 0x3bc}}, @TCA_GACT_PARMS={0x18, 0x2, {0x4, 0x5, 0x4, 0xe, 0x2800000}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x92a, 0x10000000}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0xfd0, 0x7}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x8, 0x4, 0xfff, 0x4}}]}, {0x5d, 0x6, "015c581fa268e87cd777a21a4aca6176b1acd3c4573cb5b8a04e655698f2a2beb41a6dd4120f7117c00a0e5775ad33bb1e629bea904fa46de53a7a59512190f5b8772a6c1599cf0fd101865d09219c94c1fb32f139037d6237"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_bpf={0x144, 0xa, 0x0, 0x0, {{0x8}, {0x78, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x34, 0x4, [{0x40, 0x7}, {0x6, 0x9, 0xf8, 0x800}, {0xbcd, 0x5, 0xe, 0x26}, {0x0, 0x3, 0x3, 0x2}, {0x2, 0x80, 0x6, 0x1}, {0x19a0, 0xf, 0xa5, 0xb}]}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x9, 0x3, 0x2, 0x0, 0x8}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file1\x00'}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file1\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x9}]}, {0xa5, 0x6, "1e638ad506923775d90f8bcd4c44f0045fe04bbf0447b151d86b4fcf408268db8ae4c3c80a4fb7af1b2bb5e0176ca651842030412dd105fde756269f3fe28a876f082e530b005a5ec88a1940d9a66d53e1eddaaf7fd6e3ed3a0157a30ec3af5b40380bf19b2c53885be368005ab29f0af3bb9b8ea0fb305edcec3dbab5770293228a2f990afb25b464ebd9cdd39d6254d397cbf0724224d27b0a20f2c95c2ba72d"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_nat={0x778, 0xe, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x7f, 0x401, 0x3, 0x7, 0x101}, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xe4, 0x7, 0x20000000, 0x0, 0x2}, @dev={0xac, 0x14, 0x14, 0x31}, @private=0xa010101, 0xff000000}}]}, {0x6fd, 0x6, "4e957b2e40365432dec10c9fab1e63487548082ddce56498c7fa08b74b6c47bdb4dfa946e9affb49a7c3646e18b2078c5d54277a1ba1e01ae29255e2a64f4fbbbda4a815c144963b2c0378c5c55b31bfc9c37c8075efe363dcf25fce5cb44fe1ae484a3d28a7ae911d6c97988be9c1588c1e94eccd9d6e81682b392c3a6407d3eeffcd688e443515b0d3f9426339ef89e6fe5bfb510702cde932acdc082611c61bbc40bc1959f3d634a3ebabf018f0f9b3e28b7ab07331746ae5ce8ca923d9928eaa13af3ed77b54fecda714e332f7dae240baf6dcbb6de658ef4bcbdefcb9b9a5904e9ef2af39aa6683964e092db84aabef115d897553babb4af9e56ca195f738e7de6f510e3ee095caf748411449afc6eb293d2972278d365c2344e37f9b6951d3874cbccc04b2b713300cd5cbaa0c33d3325d601607d2bd64dafb0ae1e5acf27681d081ae50c8bc98a1d99b658a90ccdf2e61df6b77fce6998ff1e8a99af7596c488036a9f39e414d831021398e972e23c1135c437c088148c38eb52969ef0319b3282f4ad8ca7d2161bfa0638db69580a2faf861bfce9f256e4260334ba48dc584f4dc8965fd3cbc20808757d3fb8496a198dee33743394387177686a154fc80a997aee0329f6098790818ba6b4b4141002ec8df3cb8fa9fecad93baf5aa5744cf3b0136ebae42cdaadb6b396c77fb788cec7dd3f7c58144a338ce29e4474fc1781b54cabad3baf16ea6c8f7486faee7c95dca03a4230bd2368724d12c28f30b1b11e6b88f612061ebbaa7033289f93baac8b05423163146124f6eaaca666272fa0cc58a82ae5ebe960138b0f93b95aa5065a24caa4bb033d82ec4420ad925480e6e98349e55bdf2383b0f4bf10f40619a24669b42ba994a05ce7d69f64376d869abc3588c24cce5b7db40bdb5c7432b93cec90f65bb5dd303080fef1f4a5b3e95643e8f9cebd217eb339e91f214680946f9e3c0ec42ef9b8b7d35d6388244cfd4c93f8d7454afd0db120038de2d72916c77351c629bcb99c5b36d1f8e594b0eaa8f72fef4ed8cf4e24fe68343dba8b23f20420404d4e1eea9b3027c0087333c35a64670a92b686df09351bf22982ada3b298e853f25b9897e17c9a18ad619c19607344658a2f0b3e719ba1cab0f69ae02f8cd539ee8506b2cc9b660bcd81a48da9c77eafe899ac7941b7d26f5765673d0848118443ef958a403a2cda831227419a273e02d4016a87b1a420ef2d1c44f8538e1bfc1d5b1e0361bbaaab543e3c7ae56f16b4efaceca57db9a27762a17a835cac1cb2a4a88a6e0c2bd266aa83dc5fb157d19d72153feac9f6e9980ec2a8aa075d0b58b82846109d3dc38894c81b18a7ca3d65e2e8f72abacb6c46e67a505e3310dbc95f59d725f913b6a27e24726b99cc10ee7dfbd2d586617fbd624d9ee08a2f031cd9413fa3643823128d1a12da61ca9a8014091026f310ad677851ed4d413897db4e26fef846719f2131f19d472e909c1259fbe329196d234edcb181af05fe671ff5241dd607ad3afc6035338e9032fb902e1b5fb47980323d7b850a735576f6faf80ce3d006345626e4437cf8e254f3cecff2f67fe6cfbeb3d5618ebd1e4a5180339134c2fa0eb6f37e5dce0616bf07121e2369d9bde1fec34af7f8d8f5faa14817f40e01ac585648ed99d12b5fa54447989081fa81872b66100528d2a9d62276488542c2d70e17873a53438f938a96f0b4875bd9d181fce48c9ae1cd5f117e691f87994412916ad07e43f0eb1a7899ae062db554da04ff1316b0ddbf483ab27c944b3c0356756374632626f5247318d1d9fabfe2dd5d4744690dbe7278adc96eaf0dc1c7fa5074358bb54f39e13a1fed263b34b02849ff82086b0854ba8066c5df13883e6feb6618e38d9c2a9635ddb5e8b47242c46fe178b6fb593592c07338ee3d05fae491403aa0bf4864d7bc8199b17edbfd0512367fa991f73f81dab8e62a588ae7fc80e85c15718aff3052afdbaf4ecfa65e9bc977ea093ded92fbf8f59714d6367523edcc44ef8592a0749a99e1b47d5fc97eb7bdbe54c6e963613998273e1ac234be61ae784746c2f9e7d90687a30d046707fd34a38f5b970daf86b44bd29acd957c3d5112b905c72c65c65e05fc2d06fdb518cd71e8d74d87272b3e46808bc170ac6b9996f3009f1729c83481c435f60a401d62370bc02e423fdbc10a101b5d20a0d5ec0c8416664ca603bc4796387c8356976aafdc13724accf37f46fd612dd3defc7db68ac6a220db6ed4b1a1e90eafef98c856826e1649a942a6f71857e67af7826e82c9c5cb002d408731fe54091b91f8c89c9e0c89ad7f97cfc0a077126ea433687136d915c02dfd12e20d7194451fdfb50d971080ed9772950fcd14c753899839ad2d97de208e8c1710f6c95fb6a75169415f52db19a76f8296c58473941fa5abf13b4db93e673ff98b2dae0191f36247100704550d5b681c97bc65f7132dfb6b926195625604b194d7b5bc48af843f88490b920bb1cdbdee52140"}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_mirred={0xb4, 0x16, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x80000001, 0xfffffff7, 0x3, 0xe}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x0, 0x1, 0x5, 0x3}, 0x3}}]}, {0x46, 0x6, "605524e3626aca9778df374bbcad3d51d25178b24ec88e3a92acc301747daa26bb3deb8b829e8a55fdb30b1765bad6b2ed28273083ed0a35559ef9dfc77b5bd2e05b"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}}]}, 0xc64}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}, 0xffffffa6}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

3.176564473s ago: executing program 2 (id=367):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000daed6d20b1f49dc4000008000300", @ANYRES32=r2, @ANYBLOB="2a003300d00000000802110003010802110000005050505050"], 0x48}}, 0x0)

2.994870003s ago: executing program 4 (id=368):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000640)=ANY=[@ANYBLOB="ff02040100000000000000000000d36eb15aa6bafea407396c94e77f568b7658bc00652be29980969e2beec9dd462cce7d9d4513884e5c3121e45f8bf422a51ec95d811fa24b96099d1f2d763dc6196f79b97d133494fbef9610b5d76f883c67ed515b035adbb28988b4c3580cc53bc1a48c583378c94246ee00000000000000000000fef7436c34ccf9657df07b8af5d62ce07b5ae5d0fe218e99724e13de41da25ae2248b89efd4fc0f07fe17104c81dedb433cc6b42b351c44cfb9037f97517111f0c08821504da0df28a8c9a42047bdc2b4094c3dc9bb9b0284de3688d94e244b2a4ab8eca3af7ba438cf508e308e994d0f4d6c9e17663f3b5b5d73a1016f5dd5085af0eb0a977e99ab02e0179f92bede8b1a69b8da49017b9fe76bcc3533dd03cabefa6b85adf425d2a54a1cc646e56d798246768712c4c5656"], 0x18) (async)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000640)=ANY=[@ANYBLOB="ff02040100000000000000000000d36eb15aa6bafea407396c94e77f568b7658bc00652be29980969e2beec9dd462cce7d9d4513884e5c3121e45f8bf422a51ec95d811fa24b96099d1f2d763dc6196f79b97d133494fbef9610b5d76f883c67ed515b035adbb28988b4c3580cc53bc1a48c583378c94246ee00000000000000000000fef7436c34ccf9657df07b8af5d62ce07b5ae5d0fe218e99724e13de41da25ae2248b89efd4fc0f07fe17104c81dedb433cc6b42b351c44cfb9037f97517111f0c08821504da0df28a8c9a42047bdc2b4094c3dc9bb9b0284de3688d94e244b2a4ab8eca3af7ba438cf508e308e994d0f4d6c9e17663f3b5b5d73a1016f5dd5085af0eb0a977e99ab02e0179f92bede8b1a69b8da49017b9fe76bcc3533dd03cabefa6b85adf425d2a54a1cc646e56d798246768712c4c5656"], 0x18)
connect$inet(r4, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) (async)
connect$inet(r4, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10)
r5 = inotify_init1(0x80000)
inotify_add_watch(r5, &(0x7f00000001c0)='./cgroup\x00', 0x500082c)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0xa1a)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c) (async)
sendto$inet6(r1, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) (async)
r6 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r6, 0xc008551b, &(0x7f0000000000)=ANY=[@ANYBLOB="050076cb08ecffff7effffff0101c000"])
pipe(&(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="310329bd7000ffffffff0900000008000300", @ANYRES32=r8, @ANYBLOB="080006000209"], 0x24}}, 0x4000)
fanotify_init(0x200, 0x0)
keyctl$read(0xb, 0x0, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2) (async)
keyctl$read(0xb, 0x0, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
unshare(0x68040200) (async)
unshare(0x68040200)
clock_gettime(0x0, &(0x7f0000000240)={<r9=>0x0, <r10=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xe, 0x3, 0x5, 0x0, 0xd79, 0x9, 0x6, 0x7}, &(0x7f0000000100)={0xd7c, 0xf, 0x7fff, 0x2, 0x4, 0x1, 0x1000, 0x1ff}, 0x0, &(0x7f00000002c0)={r9, r10+10000000}, &(0x7f0000000340)={&(0x7f0000000300)={[0x10, 0x7]}, 0x8})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)

2.896290385s ago: executing program 2 (id=369):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@sack_info={r2, 0x8009, 0x8001}, &(0x7f0000000240)=0xc)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = syz_clone(0x28008400, 0x0, 0xfffffffffffffe55, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="680000001000030400"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e003000028008000100100000001c0005800a000400aaaaaaaaaabb00000a000400aaaaaaaaaa0000000800030003"], 0x68}}, 0x64000004)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x2)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}}, 0x1c)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

2.604743282s ago: executing program 1 (id=370):
syz_pidfd_open(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe2(&(0x7f00000000c0), 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x78, 0xd, 0x66, 0x0, 0x3}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r2, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x62181)
write$sndseq(r4, &(0x7f0000000080)=[{0x1e, 0x0, 0x8, 0xfd, @time={0x7ffffffe, 0x4}, {}, {}, @result={0x1f00}}], 0x1c)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGLCKTRMIOS(r7, 0x4b41, 0x0)
write$UHID_INPUT(r6, &(0x7f00000003c0)={0x8, {"ac4b292b84bd72a8d758c2b2ff1c72004134668d5e310b7d0088b3d7afc4ce236d4ac7c0365d389808a78b05023561f45af31a93113ba5f725e7e28370eee47ad75feff31d8835c190aa0f8e1a70095d64a50cc8cda17f827ba53540a6bb426526e912ab7f941dd459ab9bfcd6432eaf3598e278858b1e87554a958e31c2625045b8843a2853ea7f22be915fb9fb47c83624b3fa2be5c12acbe5eb4b2a67ecd5af46c393e88329deb4af45ebbe41f0e197245ca0b4b69c0168803c9fd27ac61b79bacb0da740f3aade73ecf04f363c4dfc691d939c573bb1222b0eb8e165d6d6edfbc770ce067bbef32856c6f514b0a38ce4cf86b89b5a4dca3dd0f48a4253cd3547f9a898f29836a51c60949ee877b24ecdb330ad61b5833a24e4e31d990dbf3a5195784d6dcd13cdad3869526b3531c5987dac7444d60e4b5334859825d5de308ade959d81e72f5593ce8adf26513d3a2c6037ac9c77c45ccae6d1de257b4dee8283fe2f47e8744ba7fd648697d55bd8582d9aba94a5caee75bad49b35f9465085d8f44b75a77515b6309bd284c305fd3a78c6526105c5d49e12d4d56938d259cebd663b6bf8e8b052be7e90c7c5a184c41068b14ec261b736e59b5a75a4f1db359971e653dc9ecdedb8ae9928fc6ca04d99995539be8ccc144dd3e0fdf46fa00638cff0e3f0ff92ae49cfe9a88c815971c52fff59935ed679fb7500b71bca52d5885c9d22fc5148b89c59bdc366786928c13430069666e03e42731c93c47508ff053d1193b15dfa6133dc3a3db587bc5ca05c697f498cb17496b5e8f6629164996f1b67f3aeb7aa282f5716d0d5bf8b9d0e674ebec3e6beccdd4e457254fd886457e4f51e454f1c1e7ce5ee5125bc825410e1303ac4e9fcff7eac2955bb43a6a01863f7f32cae717a7abc0afd2953396a19e930f06dcc5cf73aa089b6ff9b65ec2e954e87229670e42c2d44dfc79d7866968b08baee738ee6936539d22dec8a966f90fcce231c0c5232bbde8925da8abdae1efd04da31e9627bea70fb7941242588c2ed40b8e14a5d7406cf28c62b94530064b4b10dbce57ef97436d57e3cc81d05adb22838470e1c64bab7f198b3efaf753d12392465d285586fd484dfe0323536687523b175dacd2e91a959e1c0df2593a2954c44d489081915421114a38284cc6e62e43e3cb5073a8bc9989aef76332028b7c24178f47b1cba9a6a9e0a068445a75ae6f568031f617c37bc24a3ca3c950546aba27f7400029a7ffc11600e17cd5e4efd4e91963468d1185e8780db244c8da8ce027801a6ff13e2dfdb5add1800b66a1720c35f2a8219c7dbf439c7c524da32c64c7e6056b60b53c02cb620fb64c6d2f12f391a8b4a19fc0f2e0644b8302a24a2991291c726cef1d8cf765f63b1f994a479f0e81afd4e6e3300767c9debda23f2058d7f5d31497008fb1ff951ba3bcfac9abe0ea3fc8a3cfc770200d885b6fc758aef7df4b8bf305ce373e888205b90eed8f1528b33f198d0f0802eccce8ca133af7d8a27a00f8e9ec981c618f48486864cd782d3d803bdce926e1447b3ccc8f64314b6b07d3b42e563ecc4fe8fbe4ab414893191d5da7d00e30733c7b975aef14dd5a745927d10fb322ca2d079a698f8089ce1a7dd3cd83484cebdae7437dd988a00062ce950c77bf0eb1a4b40b4815685ada031fd16e4b89f66f7ec804e752efede8f3d79c78c1bd97d9e1eaa19f87715689ddc3ba55d787cae0b30dd950197da2b389838746fb853d5a65d1b281d51500b8c0c8430cc1b2b09e1794ce2ea0171d6e822ba87056dcf6663aa33396245897572ac8a762838a5738690dcc3f6bd2028a4a108355d69e801996f68828420919741b0af974856366d3196a71e606b20c153ce75a3ec121215a5b68ebccc5a15fadbfe2e703754c95dd5c77ca935944231557c480ed83b0b5a8b19f566f5003d51301a6b342cda98529b3a3ba2f76f19e70e8900a95e5de1153d6a302f985f6627a3d5d63cd7f1bc125236730ff3ddcc92a5fbbd1f4decd70752891dd71b1cd53f0841b8b3e9616b661f3b73f776c2ce7928bdeb978182c2a6eb3c94da356a9601fdf0b9b084b0bfa4b93323f0c49bf789699f77baa26ed98ac6d88e2c924f28715fa16a50d2f6382ef9f3eac4f71fc952b18c1f6710a8750921e130b7f90ac5d0006a3c8163f9a7962c87856600aec4e9cb28b7de3655eec56feb56afb525f63ab4efbb05458b702cb9c9998c241d33235e687fa16f17cc95d1e3903bc2da5b08dc511de3d7ed898eb29090b2afd2e894580c479e783374c2ae90034b55d05251d45106840b503e0b3211d0f2db7ff0bb45e9da9b900f4e80dabc95cc90d0606c72417a99794edd0fe10bf6d26248ddf04f43e565daa073832b47baf9953fb44e657dfe7beedf5bec4f0556e5cd5e308bf0857cfa984d4e2f65aff9beab8b4b000bfd9769986489f66ea5b242cb83403e47906ecaacb7dd627533d9bce8cd37d83147dc4fee263c96393a0f6cc41d502e9e49f232cbc3e2537a3aa76c1a7ccc6a83aea3041faf0f6df6a12fa6e6f7e9540e7a31c89d3c7645b5d6a17ede151761c607ce1456b303f9f64c80574690502ed3ec632bbd9860168ad5f2b7de7528c02fe2984bbc9b20ae0f1ec57a3d33b0432a96d92251a653ec39e6caf3f738485a41e38370d71da6fa538b54fa0976f9f7f3dd8763eef351d77b9b9354136d16326cf58022f1c67d801781daf637b092b43be7e467ab8b6382c570c8c32c7843b8ee7eb31db9a4fd484ba7f0f08dd87109caad8cd7b6f93ae606446b4be60baf61a65bbaa8d5309fea6aa151f12dc5725a890ba6f6c67a7ac6609ed44ba231aae3131ecc45bb69c92f98e843cc99b45fddd3ee672a3cc62d8e2056112b88995c586f56fcdb93362a018eee321e2ee9f6f5276f462486e255faaa8a7b65117cf9e744c82ab5795ce13078d8c76519d59f81013dc17083303dcad1847812a76f01b0d03d3c3621f6c75a0a749ae9d7a7c7da4d4f49a9f432a5418f40d5be850204b1ae66183c1bf83c7f74be4ccba2bc211383f9c1b9c6c5e216e5a93b091fffb0aee6aee2ccef5e200ba11428b8724690749aeb96ef39be5c4e63a7bd9dd093b96e0658cbbc54341a161356227795140d9bc5361c2c502e67acd84ef346c1e029465bd1329727f5056df7d63747cbd7c6f54a80f74bb824b07aa7006de2c18e31e49b04a52045a3895cd2567137937f22fa27f983a7e52eecf47652e2d80c4e03c55ad269550a97b37c94763cdf89b9244cddeb509429e2668fb088acdda97aea01f3bfd8df8910d8c39f5ccd46e851bb4077b392d66d56be56645295af3251aed0c8dd8cb097bfc77705e1f13c2ff79da0f9c26f08f903494295b1e1b566a4124b88f0536858039f9be3bfe7bcb66e57122bdf2fb679923ef156153d2ae1ba1de71a510d186dc9bed86265018299702e849a4ad99f655075aae194cc062d9b07c0573337538a5a6d6c6d2921fbd181d6e305df7a1d62a82154fcde4a1aafdd6f4e7e49a7f349f628ba372d49fcbcbbd71c23e234218b79cd80088b2b4ab4e20932eacaa2e91236a4c7fc82f6a49354436dcc806b50aca9264fcd9b199eafd6381178db163d4ce377389c67436fb07d58cd73e6a9204f447eb9c100c223ea391bcba8989426c5c8cdd0300279daa31bd5730d9ab69e5904d7386273a76f779335ce5e44f84d3f3686573ea71f2e64922e82bf2f08c877c54ee7cd160c79d68c500df6f69d033f2304d830c7cf109f5c993abacf15d94baefe49265e24f838af559cdb5695a8135ac2b6ca1d7b5600803b1f24dcc29148aa94905dda78a9f19b21fec2d780fb962dab7f1f7c7ea4aef475540fa0dc2b852f9cfdad43e8a6fed633854a1e1b96169f28961349a9ecd6d0f1f2473f036db92c0c0e64733668fc6d69becb06af2480ac856e9431439d914557a31e80badca76f85086fba1fc7374cc249c5983cc085c7bf3aa5ef12afb3bc72fe479507666bb38f50878fad0450dac4b39ea57ed01654b17590f9478dfab02e664ba0e34d4a764374d09de43b69d5007077b2bafb42e260aa8fd4aa3bef9a8d5dc8e2ecde7c2c2bfdaa21802b7d67588854288512602a41e25e09f59633fbd92df9478bc6e6a6b3b560dca5798a895e8dfa93ae9fea23729da6f3a40d4af3efcd4f6d2d02ffd2b0270960cdaea8af5004fdb18c5a510f2199724f17a8a18f3b1bc132df7affdf6f40310131e448c040fe446309352e24cb7fbc94ff9e1555e85f6479d4952854917eab50738aa6f4b70c445557703778056f7465f5d0d92bf10308a5a61574f5576702613770399805aed655d3443715dbf23190b6f0480e30c82840b59f69a71bbc19f00ac18d220af047ef89515d946dc77dd08c6abf28f6e796d3c70a4ae3d4ba01bb44fc6f03e31831ee89f583ef3d40f6c742778fac42ccf1e30367a469322d45a9725a1228ab0639de1f38c1f365c765ed9131a9d535cb6ffe49d556dee403e2202de0d04ec682c58e6d508fb377e3b7d9b748955ffc6b27b03207a3c15cd5114e631ca080c24e1147bb6d398629efcf288e3240d6311034057a031f9ff7efb07fc8ee34f19c32115f361f9e03b89f080111d141e2fbfbcd5a3d54e32c6ef1dde18c384d6bf2c4b5fa21e7efeb0b5c9c27a7740be213dce807e6a01acb09634aec0fe66bfb2ab4da89a13c42207577e38105e665afed154fb3805974d31289351937b4c67b937ae644d6cb3f913d2e05c3dce1917e1551304a5c437d69a2d13ab33989d729e6c2ed45f847b6cf5169ec4459d541c7a70199ebca316408f7adfb168e7ac452f507652ea3892e64a4d81d575825168426f39c41448beb5044ec5712f2e10b6d88d471eecf5f29085474fd2aae2791ffb41222a9dbb8c6d32847819c15201e95d0741ee1ab75ea046beca9bc8952b62ddd8a30fe2637996483d3104f540c9a985f8638ba17da2e618255f9a615fce90e1f96799d261cc551b9187cad7a9c5a9f6ff58e7cf9277856ca14e582efd62c3d384131e2fc21b9a01314bc69d54f235ce6118d756137b03c657bb26194b175a716ebe6ba03a01cb161a77815654da6a5ad327859e8af7d3f53cf1d34b84c0aafdbf8f3badaff20d010e97f794d83d5498b59a787ba94bb82d91637308313b4c92def68945b6d3d0e3654cb24b4926e46757e576d30024640fa293db106d789f41a1e481ace0c314920bdc82819e64720746ee22592a11f5917c1bde47db20902551fa838f81942fec3552f41261e2b7418e500ab9e5ea704141f0fc414a5cc6062c257214950de1c32b1951b169c7a613417695036e72bff2ce9c1a180fde1cf64cf85828f6eb9126465762686e64ab090e524e7edb6d03c3571f233f60ffc570b96a5c0839ce8d42bdc62499f8f56ee8c4a89ec4f35a7e38fe23c4b9b1625546c1a16087980d7a72c15fb7b50c9a212d9284a1cdaa1a4d45169a98ae6a730a2a07b8cb5adccdceb3131b1aa6c06b8fc7390f215a2c9ea2b2cac1026ed5965e92673608d28d55fc4e623034716ef0edf7d077809d09d8db38519d5d00a1a415b5bc431d8c6a4d558c930437565cd531c6e01631ee60d9e6e782580a409ab645c72a4b93f68100bc22a5275f66d54dbefc44365a07fafe99368b09a891767e5d376b1d0cbdc02679fb10f359d3ed8f7c268c7f0fbab77b483f44f08ee412c20a155d058addb21376fec84fbb3838c6b6aa4d5bd54e1b9770d87628f244e17e5ffc2b28eff9fb489f984b7", 0x1000}}, 0x1006)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0xf5, 0x1}, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001400)=ANY=[@ANYBLOB="2800000068e6fe21a0024bc192a2c57b06b8a8d36f7c59e09a21022ea9ad4c2ef64db2455af69b66e70804021cf09fce803abb6b5475d1668517a7b3c4b1fff390fa00d685ebe00b8aa7a751eda7cf051b71f507ad221193837a276a5a9e0600a412b51366e8cbbaaa2cfb378ae8b33ee7d30ce1d3a52e9e2d0ac10e29f1b7091d19e3481ff8c3bd0289c29c0d6a97ce900220", @ANYRES16=r8, @ANYBLOB="01002cbd7000fbdbdf251200000008000300", @ANYRES32=r9, @ANYBLOB="0a000600ffffffffffff0000"], 0x28}, 0x1, 0x0, 0x0, 0x85}, 0x20000822)

2.155962311s ago: executing program 0 (id=371):
syz_open_dev$sg(0x0, 0x0, 0x400)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xb143, 0x1000, 0x2, 0x196})
r2 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r2, 0x4)
recvmmsg(r2, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
close_range(r1, r2, 0x0)
socket(0x2b, 0x80801, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000200)={<r6=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x7a, &(0x7f0000000340)={r6, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt(r4, 0x84, 0x80, &(0x7f00000002c0)="1a00000002000000", 0x8)
sendmsg$nl_route(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000480)=ANY=[@ANYBLOB="28000000120001"], 0x28}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$kcm(0x10, 0x2, 0x0)

2.013284628s ago: executing program 2 (id=372):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x3c, 0x18, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x64}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000)

1.361234006s ago: executing program 0 (id=373):
openat$tun(0xffffffffffffff9c, 0x0, 0x20001, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(0x0, 0x1, 0x2)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001080)=ANY=[@ANYRES32], &(0x7f00000010c0)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000001100)=""/195, 0x0, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x3, 0x5, 0x0, 0x40}, 0x10}, 0x94)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
getsockopt$bt_hci(r2, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
r4 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x66040, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x8, 0x2)
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f00000000c0)={0x5, 0x1, 0x1, "f7b817716daef7e53fa4f998da1907309f97630a33ea3b6bd13c74c37001fd36", 0x35315241})
write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[], 0x78)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000090000000a20000000000a05140000000000000000010000000900010073797a300000000058000000160a09000900000000000000010000000900010073797a30000000000900020073797a32000000002c00038018000380140001006d6163736563300000000000000000000800024000000000080001400000000014000000110001"], 0xa0}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a01020000000000000000000000001400"], 0x3c}, 0x1, 0x1200}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2003, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r8, 0xaea2, 0xffffffffffffffff)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x5)
ioctl$KVM_SET_TSC_KHZ_cpu(r9, 0xaea2, 0x0)

1.284766813s ago: executing program 4 (id=374):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x120)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1, 0x0, 0x322d}}], 0x2e288501978821b, 0x80)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r5 = dup3(r2, r1, 0x0)
recvmmsg$unix(r5, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000005140)=""/4111, 0x100f}], 0x1}}], 0x1, 0x58ca2280, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r6, 0xffffffffffffffff, 0x0)
getdents64(r0, 0x0, 0x0)

792.219803ms ago: executing program 2 (id=375):
r0 = socket$inet6(0xa, 0x3, 0x6)
recvmmsg(r0, &(0x7f0000000100)=[{{&(0x7f0000000000)=@nl, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/55, 0x37}], 0x1, &(0x7f0000000240)=""/137, 0x89}, 0x8000}], 0x1, 0x40010062, &(0x7f0000000140))
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000200)=""/1, 0x1)
setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f00000001c0)=@srh={0x3c, 0x2, 0x4, 0x1, 0x5, 0x30, 0x200, [@dev={0xfe, 0x80, '\x00', 0x3b}]}, 0x18)
getsockopt$inet6_tcp_int(r0, 0x6, 0x17, &(0x7f0000000300), &(0x7f0000000340)=0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000180)={0xa, 0x0, 0x1, @mcast2={0xff, 0x5}, 0xfffffffc}, 0x1c)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000380)=""/4096, 0x1000)

632.135238ms ago: executing program 1 (id=376):
socket$nl_xfrm(0x10, 0x3, 0x6)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x2}, &(0x7f0000001fee)='R\x10rust\xe3c*s\xa8rVid8\xc4e', 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="28020000", @ANYRES16=r2, @ANYBLOB="000828bd7000fcdbdf251c00000008000300", @ANYRES32=r3, @ANYBLOB="0c0099000100000045000000"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x24000010)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r5 = openat$sndseq(0xffffff9c, &(0x7f0000000340), 0x400001)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r5, 0xc0305302, &(0x7f0000000380)={0x8, 0x52b, 0x7e, 0xf2, 0x5, 0x7ff})
sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="b70b2cbd7000fcdbdf250f0000000e0002"], 0x24}, 0x1, 0x0, 0x0, 0x8}, 0x2000c88c)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)
close(r6)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="03000000", @ANYRES16=r4, @ANYBLOB="00012dbd7000ffdbdf254b0000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0xc0}, 0x20000004)
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x7)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000540)={0x2, 0x0, @ioapic={0x80a0000, 0x1ff, 0x7, 0x8, 0x0, [{0x3, 0x8, 0x3, '\x00', 0x47}, {0x2, 0x2, 0x3, '\x00', 0x5}, {0x63, 0x7f, 0xaf, '\x00', 0x92}, {0x4, 0xc, 0x0, '\x00', 0xcc}, {0x6, 0x2b, 0xff, '\x00', 0x3}, {0xb, 0x9, 0x8, '\x00', 0x40}, {0x4, 0x3, 0x1, '\x00', 0x2}, {0x40, 0x6, 0x7, '\x00', 0x10}, {0x5, 0x3, 0x1, '\x00', 0x40}, {0x5, 0x9, 0x0, '\x00', 0x7f}, {0xc0, 0x8, 0x81, '\x00', 0x7}, {0xcf, 0x0, 0x1, '\x00', 0x7}, {0x9, 0x8, 0x0, '\x00', 0x5}, {0x6, 0x3, 0x8, '\x00', 0x2}, {0x8, 0x4, 0x7, '\x00', 0x7}, {0x0, 0x9, 0x2, '\x00', 0xce}, {0x8, 0xb2, 0x40, '\x00', 0x78}, {0x2, 0x7, 0x0, '\x00', 0x3}, {0x8, 0x85, 0x0, '\x00', 0x5}, {0xf9, 0x2, 0x78, '\x00', 0x5}, {0x7, 0xb, 0x0, '\x00', 0x7}, {0x4, 0x53, 0x1, '\x00', 0x6}, {0x9, 0x81, 0x3, '\x00', 0xf8}, {0x2, 0x41, 0x88}]}})

482.289192ms ago: executing program 1 (id=377):
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x188, 0x0, 0x0, 0x0, 0x20, 0x461, 0x4e72, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x2, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0xc, 0xfe}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000540)={0x0, 0x6, 0x5, {0x5, 0x11, "46ff44"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xf, &(0x7f0000000d80)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x94)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1900, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000100)={0x400, 0xa, 0x0, 0x0, 0x0, 0x180, 0x0, 0x0, {0x0, 0x9}, {0x0, 0x80000001}, {}, {0x0, 0xffdffffe}, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000000)='illinois', 0x8)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r4, &(0x7f0000004080)="611c", 0x2, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
write$P9_RMKNOD(r4, &(0x7f0000000280)={0x14, 0x13, 0x2, {0x4, 0x2}}, 0xfffffe5c)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000200)="0fa20367553f46836b4876477500c71a66ba4100edb9800000c00f320f4285a15a00000f30420f017805450f0866b8af008ed86446d8e4b8010000000f01d9", 0x3f}], 0x1, 0x20, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000000)=ANY=[])
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0)
fsmount(r6, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r7, &(0x7f00000002c0)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @local}, 0x1c, 0x0}}, {{&(0x7f0000000000)={0xa, 0x4e23, 0x16f, @ipv4={'\x00', '\xff\xff', @remote}, 0x536f}, 0x1c, 0x0, 0x0, &(0x7f0000000140)=[@hopopts={{0x18, 0x29, 0x32, {0x4}}}], 0x18}}], 0x2, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b4010000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000ffffffff000000000000000000000000e000000200"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff000000000000000000000000ffffffff00000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000004100000000000000000000000000000000ff0f000000000000000000000c001500000000005d0000008400050000000000000000000000ffff00000000000000003300000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffff000000003200000000000000fe800000000000000000000000000000ea9ac58f2ccf6f4b"], 0x1b4}}, 0x0)

356.408414ms ago: executing program 4 (id=378):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
ioctl$EVIOCGPROP(r4, 0x80404509, 0x0)
sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x5c, r3, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_FD={0x8, 0x17, @udp=r4}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x39b}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x4044089)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x5)
r7 = openat$ttyprintk(0xffffff9c, &(0x7f0000000380), 0x400, 0x0)
ioctl$LOOP_SET_FD(r4, 0x4c00, r7)
ioctl$UI_ABS_SETUP(r6, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r6, &(0x7f0000000800)={'syz1\x00', {0x0, 0x10, 0x2}, 0x0, [0x0, 0x0, 0x0, 0x40000, 0x1, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x20, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x296, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x6, 0x5f1, 0x6], [0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x0, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x7, 0xfffffffc, 0x0, 0x0, 0x7, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x400, 0x0, 0x200, 0x0, 0x2, 0x0, 0x3, 0x5, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0xfffffffd, 0x0, 0x8, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffff], [0x4, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, 0x1000, 0x80, 0x0, 0x200, 0x0, 0xffffffff, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0xffffffff, 0x0, 0x0, 0x9fa, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0x0, 0x6, 0x0, 0x0, 0xbda6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x8], [0x40000000, 0x0, 0x74e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x40, 0x0, 0x0, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x6, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcaa, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r6, 0x5501)
unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x0)
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008280)="cab1f92d585917232bcfa47f91900c936355a83b5a41f6f43bd8b0d1a1e13674b6a8596a8376e6851e0b96decd071d92ce4887ddad2b82183858d82c7d11948024607d92ec0f1c23a4e755f29fa557d1353a3ced680f530e822eed64b4d1aaf20d1320f3583cadb9dfde95993487f96bc290dc10cfccc5ec8ea864590fc1678b79b0a36c9668b27ae142d22c305496881af0d0546076ec21e31bdab2465010e779e7140036d2b12f59b971792cfed8d07f0b8ae13ee944268f573ec11c1b14d53880a64fd2fdbe981f4d9af8863191efc03a39d5a3f19badf65dd49443297b38bf0c009eafad5879cb78e63b00e961de7d7180941f0d1e87a2635294bcb4619e9d84be1816784325d23fcb9c66388b586c8e719f3edfa2aa37cc3f6511add854c10fe546d1c11f11eeaff24cecc0d47ec8fd336ec08470f06227e4a9410074a3d715eb6a697b04bdfeda0b6753d880d012ef8fada7f4ed649ca214609e31cace9a33937813012e4c1b787d8f71ce9b495a69e5c8810ff9954b7b96743dcdd7e52ebbf526f339d3c8ad2550326d3a396de5ac90787b352feabe013c4044ca813344c97f836851d6daf2de3a8b07a61d1052bd302a641706af7629a042dc2f0374671b287f1325763e1818beba9f7cab9e25d6f8749f7dea4c5ef684723d33938aca32e19b1c6a6237d899fb397e9023764b3f4d6399885533a802e4d3ca76f2e0234ed6d7257f8cebddc900af88cc21ee2816513045e92f71fc8523894d684678f17b5fdb4adeda98fc019c0ba05efeffeff3bbda1d6d84a98002a74237cb8d13cb30d8a9a7e47e4da8273a47df4e6ea53036b5b154b9597e6eb00fcad29ed04a820b1ce807bf1818344122a6f0aac52d24426feeba0af56925cb4a1e70a84251f2b4d4693e689518a0e159647b5b60a62db699a25275520c208652ce4401bb5dcd633e7c889758d3d213f4dbe69c9bb76e80b6e892bb5f5809e042ee5cb1982a2373b1886711d1e68d0bc3d4c9d69ac605432bf84cd81104e77c71cd7c0708244fc9428edd52f8cc8f3023b4c6d3bbad7a9b874111098c4652b34c428a8f789c5e5f3f84354ab7afec1a7b11d2a34771ebad2f15c169a61b431c8a1cca9ca1596fce65242d03814ebf977da9bbde5707b22b5002cce68bd0f6d196df341c96bd0cf0916b8775e75021663ea82c99a90b844cc5f8b6c56b21b1fbbbf6fb40ed0c29ee4ecc2998df2cbe3a4d75025ef73dd9f3aa5bc7aa694fe573a73453c9ff873d0a8840afd91be319181836de45260b4e252394edae58f840858a9b64f0ff37bb1820031e563250e62ceea5a7c4d2cd4d5d10e57176fcf576e774920db06b36ea02f9cae9c1087bd1866fb4bcf7fbf393093b339860a61c61248000a2a1bbc982fa691e311f67c32a38afdf08b574eed0df42bdc30c3db7cdcb71687f48070077f91fef93e8e47e248d3e53e8a79fcb5a8f8aa39b3bfa2dd88d5c5840d517ae8c132d423a37a8be3301d62a99753bc72f674205a11850e045430abbdc4e68223a93c76d6d2f1d646af10a15705793e2fc5a532af3dda88f52063a091f1f79cd5a5b23ea7742b149eab1aa43c21c2f15227a1f94b5580adbb1e1c49ade49d6e8b838cff43aa2426651817f479252c8ef7af9e4a5ad33839be6c15b50016c59f13c26cfca796cfc01207acc69e9d3952f6e71c975bc77d5a001f6f6c044770f54d86a4518a4898e3136988d643dd2de907859f0b4d4de2a2d461ba5e05cff49eda86772799b2e7947fdbb89fc5b0347e87f1b9dbb94842cc1457d07f3e0c41342510f5ccb551cdf0fcac1a758041bff75812de1b2abf341ed5f667c9b0581d2c33e0b17f1b46c2287399c62252edb9c1cf2b80b7a1b4c3c903aa4cf5332a2998b9072f61f589ae5df1168f8d18e98fce2bec1d5d876f9757017b73495a4e8f4f2423cde8875aa8c95a9ce180cac6690657b8a70e5541d5ef46575cd74e063759fe4889f4d9737a6c9732f8b7f7836508814093b9bdac5733938e761b3642910d4df0b646c1b9583a502246988e9ab78de3d011e8590e48eadfcdb70c8aad6dfbe1dbd3ef20d9ba393db4e6cf91e3bb4e84883c60dc20ed974a5decde12d3c5a1c9a00999f8eefc244465f518425820b9713cbfc6027f427b9cd8756edec5b3a0301a01ebb12c6d412ee3422aeb8b291619f62f4ce41511156f73e54b5097051ea777af7cb73b36e1274ce1a3892007466cc793eb0515b8984acb99c04c7eaa51e175bd73d99bc0c67c8ea84d808a7906a6ad330ba2c9651b2ab82d0781a969873dcddb068c15b7899fd560a1c3d44b34e81cce079c46fd86522052659e2c3151c79a8ccab1dfcdb91f53ca067ea1b2aa507278e4166e817eb0d7dea67cde1598a1bdb76a8caf82add2b43fdd10bf80b0d2f32365849c425d6ac3d2d88a76378d23961eb96c8422e785ea61f33e4daec02393d51f44b177755749fe84b43f5246d20177800af05752af524265f34f62bd5167fa647d2118aa905a1af53f07e7447bee29675cc23f547339af140c0818aa974ca16da33e767d508e4f56726c7076acce57a9957d08348ef84a39188e800ca44682fccaa9ee1b42e1aaf7738dced1dce3ef2dadfcca2863f36b5f8080ed22539b5176bc2c57e52e4cfde659c1ce9e179c79f85d60ca51c7453dad593190b19a1be8f5c5b0249d70079f10f9d0f07f25a98bd95e6e6f71101842b55347ee008d58522e8f7598c1636c58fd20984a6bb17fd47e7db4bc72854054e7900cac4174cf0b4eda2406842955fd8a2ba00ea4d490dbbab02d659cea4c449d9ee37c8f35daa4740b3273693ee2c1b00965a79d18ad98ae92bf2e1ea84ff1e6181937d38765cb353c6223ead1257d88a8844cb0be17aecc2dd56b78dcd6e2999fe695db248dd68275a5ad0f223a4629b17a040a766b2bd2376d77a422375de14a366d0cee2049acbde07bdbb6ce228147f9ed4f9437301e8ca9e1ace0684700e9623a1534212d4c557712a3196d86c86077e97172d7e89436e95e1d7e7629d5bc908e346e504839498890210ca15bea51bb2840f1275d36b99490ff0706aa3ca9e89f33fd99df863acc3bca504c15501ba9d987999ee118f47b7737d2dfe73ab257d680f983da1f5fd5975491ad966989f7b15e76e4e6b1a2987801adb3b7cd4cb1d2c9d0454429c2955643c8fb82ccf8e93051cc10081f8181af0d143deee686f67ec42db1e9914ed047e4bf0006af01028e3839451fa3e17d33586022c63cafaf6d0fc773c96143473316988d32f9943d7477604a27ae4b8a7093bee2cefe10cc02109c748d0676692a2411e5c3b4c4c1b9ac7f9b71a1a7126dacf4615e8c9c3d38f536e8b32e37f406b3dc44db80a00d6e423deec869edb32a411986be1517b6ea45e1f984a6fbd08edb25a305122fe5a90cc46af48ebc36433a1f27f43d85492ea60fd2f43125e7328da93f7aad97f97910112fed7ae7b1785822356a525df1f3ab4637b68d92ecd8d7f234973c686fb11821bb1de5f8459b57892f1dae08aae1924ee60a904d7be6e6611ec3d00002152ab7e0c29c7bf124dbec9a6eff25e619d89c27d187e3ffff63c996c33f4b7e967b607f36a8ac8dba6beb43395c9c9b2e3e36de29b07f9c2d60cdfd1d02813d4e508c56b99405b752758a01cc25bb5436ea1efd52c536fa1d2fb1cd9b1ee006d42b58600be2c1aba59c480cb6e9224d7a4df920598950634033087d3e356f35cd2f8b021d30f4ba79bc60eb6715c6c9bed84648552395cffa97c8cdb8f562f8f127f0e6f86dc61fab11ff782560d88cf2872d0e07a27f38120a0831a93c377298c2ed4fe180eb078422e5f030540fd21ebd414e6c42f1fa5491b5b8fdcada476376732edbfd66e10a475e2c0a43ccf6a41f7879f4577e987695d8d5097f6920fbe2b9ac2cb424de7afded1b5b7db89f3612c487770d58a7bb7517f1fa7a98ff6db3778d40c5f36b27d233a0c18587220f900f4a8e867e33e24c1981acb3445de995132d8fcc58f79ddb1475ba69c464071e95c0707c396c0b1b710cceb51efba5f30a271cd456d5f7216d90b412156ecb01dd41f15ac31980649c5eabc7fbb085a38318d43b0683cba055deb9dde4dc4584935473508837c1023993d50b434b311f126df6a0be0653b97a97bbc9b165098dac8dfd6ed6f033ccf7b32cfa3292296222aebfaec4dcd5066b66be45696067dfab907e2984f1bb6067c170e0617e245c9c09a85a061c4b7e2873ce0571b48d557007d5c7ddf5cc2ffa533e2a3975f3687a6d08a09dc1d285cfed129ec887d70bb5aded429b676c242d57c8f36721bf5732b1f25eced0ffedba7254486c9caab3fb3e0ad3b2dc332a06dadd39e5483a314b1d3086cc198b6b6b272fb56e35e0388b1dcddd484fde0ef9d855ca7bd98ebf0f686cec7d5e37f7b5dffbe4ab28c4422adbaef0c45649b0b830dfff90bbea3b7103ea9dd87d856ba7c5bb485319eecc71acc943c733f489ad72e13b1b232cd1eb4ce87917daad4b0405c9905f7a35501c75332d9acb36057715a6abd0958061fda860c00000000bc9aeac4f47acd022927c381012150fed83a99c2d7b268ff2e1c8d162d3feae2c5bdee747aa10566a94f13d4e1a00a4043bd179310e72ec8e4c68659be77907bba82fc416a72c0d2076821f77e8afdbeac769195a01515ab45ba73ec85a2f8a52146dbbc8d585def095aef4e4491362b596a84d2e9fd0131de2c72b71c4bd239146011eaa209957b2bb3f74bf2f42a17440749688d66a18a9d4a7d1e2bbb34dbb2a45460e69a1ec43467665c59438d35fe9b04a94e408ec4bcf7ba1a25bfc287d6189b65711904be9860f8a68d1bab99eed54890f963caef1fa0179224b650f090f67dca59f1241c2a25bc921d522f61e57d2bad88c057d3f7729499a0391fca3a62b27cc0a9b976da3eef333d88ad128ea757697ffdd50633b66b73ea3ddb565bc3d8780f9c0bb2347551969aaa500e7c030da2a92eb3f78d88b91eb547dba2e9be7ab2aa617f0890c39c73c8c2b35ff7ec529f6b8d08e3fcf2630e454bdb6474185ae72ba69310654c9c0b3ba158fe223954e1d46f9d27b0a4e090b0084918b2964bdcee31d258325b89ef96790ed1df4842b482023f1d22fb3e01280f1c8616153035f10bd65de57c1fa7d5a17e77b12e348bd3019092ef548c5249694168dd24df8a7318eccd779da4f547e9f162f484eb3ab9f5bd196f6b68656725d2624b61d09f73586753a1fb7eeb1721973f8e15522487f1dd1412b0f4846801d1abbfe53b755f15047981b162a1de04d52b4d4762ac877e4d718619e8cdba16df688fe95bdc9a1ee99c21004ba7e72985752d89d6892a4169296703fde314457f014ed89c129a4c83b5bee0bb93cb69a83313442837bc03679ee317cf8d1b908b70fae1b1461a398f310ac073642f954ab39e0eda329a94a5c12cf262ca4a25831dbc10aecf83d9d54776c379c230bb488cd6c9295bc31cfab61eb9b5486726f5c854db8aad2642d4468643f3bc8b25cdc9fda7aad04b06b61b185868a44acd46a0bd8debc1e431f19aeddfa3d0e480949bd361f6c988744acafae954c140192306c3066e8e434f70e8cd67b65a59923d166a95ca5e0515e2059e1f1aa9a74bfd49e4e37638bfa6b6117b790c4ec7f536d046c38f8ab6eedac1713bcb8860a18cac43e9add3c68c3ce5d17fbf76e966afcd3ed7795540650e093d39926f5e3719156baa54307b4f5e934f24951b3644a7657e798525d3f1207b28527a5bcdeb33e296c6c0e9e1757941ddd24a0d15c9a21918514a3143ef3fc2e775345ea10aeba6767686e9cfa646da377e88fd759a33ff20c9b258fd37d063d02fe22f090c5e324b507cd3bc42248a7abb2c7d0b1b85ecb5a67bf53a2f25d139ea523808678942e1588fd677df161b67b563a446a2cc69d9126fbf308258a13fcd6f53d92d9947311e3de4fa5acd7c2684d9eb3b4feb024e05bbf090836d92e30b68df6a7619542c9acbbb69dc73c781bdc7ef4b25c2af77186f493a5038a56508cc56b7085e13f4264e02a2a3bb515e15301371520481302f2367c883a5ac503ae4269cbbc8fb2f0f77ecaea7b8af04bc24aa90f677a72bbecfdb225864714344a8fd1c07ef664abaefe53bd76ba12c8bf45860a316812af87348682ee7005ac6a00523f4313102742ee5502d8c61c3321d1b872780192f4d00b12b38d0aedd34619c42f49b81d7bddc4ca481ed8f448bc3ad98b13f7176748838d623e007a24948480e978b80ce67ec952eca613091ad4f81cd521b2851bb8b2a6b1da0420eca80aecac9c0887988e1f29906c9ce65b990a00f22ba6f115a7a0001f511ec35dbcd401130173fded8b2e23365caf3d6d7c8f404383f16fcd76b17c220f88c1fe96211bd92c5803c63d9537a2ceb258508d9b1d74ca43174eaefd677ed6db63bb3d7712c9558c7879fbe67b7396c721407953db9dad13291f96d7d0290ad56cf1f65ccf58d3f5b8ba1f78f81d86ae0ea50926ff352d73629da44a6d31598dcdcf81355faed4f5a6ad8cc39d4a414b97f193c896bd3c270097cc96e4a5e36ca9a56a27c52a03decc4837d7b008acc1fd2724f97e0e9591afb5de3af3ec5fc16e1bee79098cc94d638375d69ae5065bedaed575e11b1b0a4d1189830856e8d48a6c50bf18cb9f8919fd8a55ad0b2f7d8c096c7f549fec8e1522be0de2a69699afe47e899ac6d5405c08e2e374326808ba76259d85b971dcce55aceed11583603dd280fd15c8e7b206e8bade3f6d83c6041838ea8b489fb9f92ab220ad5d3cd2af3f45cb2df7094d550b2cfea314469943a159e12c01897a7cc42904eeb24cc507e7ce7ffb4d22efdcd5cb5d75975582e14960fb0f2b83cb774faea32dfba7ed0e8b6a749785166cb5c77dde7498f67f7f20d0b85a7fe6e7f8a8e3f95bd795165f36440d84434cef17f81697816030e3a86bf003272ca4868ab935fa0d465fb10637a706c9fd04fa4d4eb421e87aa6628a1d6174833af4dbfceab7fc5989550c0847bf27a5243e3b318fffde95d11cf507bc4e092180dd228df9f89d193a160d50c223309eae580a09f2e78855f17f8ad25c1f5814becdfca7948c7045b242e22d5efab676fe717eb34d2f0fcb77289c8b12caadd2377b7ccdcfab61900971b4a2ac132587174117428739ebb109fa133e483956bd499dfa530cbb3d1df42309f6f0755b043d85776807f25c3b4b518a2274671eb38f3e82ad4397377f85201771877a7cc43b838791a4d4d655ecadf03d8c1687e961c83dbb64c4d54d4b745a3abca7e381a00c6f51f48f6f7ce29ec656d89a1fab216675febedfe6b08c35add5aeb8cf6c0b226d309a222e1783e45e560f6ea64bf7706787f199116341f874321b52b1135830ab8979ae5546aad4ecfdac0045d4d15b4ed2fe26e484793db6aa61d40333355fa96ac5d1b8a5b5fc033475cba14f344007bfd82deb64b5c2eda6c0d528e4de0c21802d6b27554c0e2090f2c4ebd19208ce904cc02756b44bb2f8ebc1d37961c0957a4815487cbf76fdbe1f2b77b563a5663a00952c92579399f7acc1d41d9289ea0345f02f6f760ced802c8e0b14760a43dd04e6c371ceab9f5cb3617cd7ab31457b6821c6a4f34b243fba61f5c553e58ca253d5723382cf5d3f8357347ee2af2d48d86367f993e4b80b849dd3f50b2a89338af97e11b9a796ae2548856cce01334bca0c558e160f16e74699c7eaefd699acdf4d5019bf70f2d9c083f62b5254262f05c01dba59b1779502d3ad310a3039447d730a2cebb1242331a9849921c07336e985a844c55ce6129a650b3fd7cbda52a0cfdf0ef566f24adb8c959e442e9d5663fa16561b185cfb18355863d9b9f91c3829c4b0ba580668402a7a100fcd4a4e901b660863a9537f46e4f36446945e8f62e53e8282ccd7cfe14fca161d7daf592188eb2e11e275f616f4e692db8f318e8fb635d1a2582a3c8ad3050995f4cd810c04b23aaa6b26a2276133b443280f0526c9b1c016a7fdc052eff91d167b2813ec4f868c2da5fd9568da148e0ced0229f415716c1caddba880efa2017a82829125e734b96333da0b15340c149b50be86e3017bdaae3d80ae51c35df37e67684e81b5933cc7bfbe7ef0486d57e3901f9ae3eb1d592eb3fc244ce6555d3d69922dd3dcefecbba207fcbd5144a5ff97bf2216c046348a633284db59c10662350c7484ced762f353cd01a971c88d0eabb68eef856d585e8f5a684dc948b094754362ba8d606f85a755a27895ff5b6b4ea0387574afdf362a43b5535a2838b3f00f24612b9ae47e95f15d8b828efe56152d77871cfda0e0ff9936db3fe9c49f0d0f5ef9b71b81efd2e92d0166a4970254950a51235b66866d5402740adaa584e892572a6f46714704660cfbcaa56cc27cb538a908d1ee2fc7adaa674ce7a717f6e0481a2374f768fa3df8368bf4281bce6f9777f958f36502908d7c921ba745d0cc16b8a9a67f15c26d4b005788b1e90b19cc13f3e925fc14ef31d624c7500710d8f80e5bd4b14dd6bf70c210db6077c69d2d1751fe999442502d3542be12b732e3793e6c5e5c33a15a792ea344b0ed0be1ebb1d4e896e3e62d8d85afad2ae134dabc4f0d3fc719c6245d3bfafa42f0cdc9c0d5c4ba5c20b9da975bfd2f211bee8589ce1dc9652c2c3cee2a5e8a00049e42afe4403a905b60e0dcda1120d32ce36b91719d6308c93dfaa16c23a3b37e88194778be77d5e9e64b39477b76b4644ca32525b73bcf1fd9dc9af7776f2149e368053c58e1c93e1ec4575cb5e0b2da61d5e6b19436f3c095cdb4af4ddfc3364975700e5ff5275f9336b8cb3b959a1cd94f6b9c3a33f35e9ba4b7fea0466edf54e5e2e06a79bd170392c02b09749f3d111ef60baa8016dbf9ba581beab2c43d094add0d7fb7e16f198f3050641255f30a57c3045c1b51dd6e5d65613167596365b9c67aaa36fc89c44fbc4c8c96c328554a63a15511b04692651dd5e30780caf0dfce976c665e7b05fa6143914837bc82fb9d9dc5a1660e28a697e8a0a32eb8db109c5a045243d86ea11847fb64ec450112d77ecba32de418629a4ea2ae3f7ed3625b26def5c19813a6386ab4e43838c1fad3d4e92dfd7d3f98b3cf46d6e20304851899c59661e9639f3ff52fa023114907d930d74d605f3f7c5fd9ebb446d807e96cf3bf3517e369dc98f489026ec035a86f3719e1e50a48c0381f7fd2a7eea1d3a09ef7a0ba50b2ae28c2c955db4761ac005226ebc0c18d108e8ac066371be249b80eed88afee799411a50381cacb2d5164f0827720eb9d11b5cc548c2e145291dfbc5d4f70646dfbca077ce8ad3a3f8c627021295cbef70f5013c53e8fce32116e678a7b1dc535d43b429d330e9193f8de1a6c1da4353a86bc722ef1cffe59a012ff9c5f45b85e55ebdaa6b36a519c544ef8a86095e522d7dfbb9cac41e826fcc4bc676297141195f839ebcd8f64599fb15856960f97bd90d2336507d5060282d0988f354eb757c6f4b0ee77e2c0889e5336633ac28e2651c98e7f2fa4c163f8fc196b6798c1400c46710abed12a33a95afa56c7fe55de0b48cc984c80f6d98d212daeefdbcb457217b3962436e481d70967cab6b0943d5da59021ea9fbebf66e86943e029ef95d46d347b834098e1c8fb4c35d15945bc2e336f74c6c80430ad5fc4f5b9c6b41245ecf151eea90763ce3e09e050ae1c0925fa7a5ddbb7f210226cdcf9ee406041b73a5988646b90ed382d08e7a147078f9de025f5617017ec70f65dd25d7ccdb47ad7209474f4ca461ca46f0afe3cb405c3b72d320016d01b62def93fa4fa5a34df145c526fc497329a9e29ce17a929893f7beb417c88804418271dbeb51115821db4737b9cc467f190209649f543675defbf95640d20cdd124e85788b703213f4e99b4f36b74b5d44b67b7bc995ba133da4ae92f3a3db49c9ec039e0285001fc16760da0d07552e1ad621a4bac6d0b6409316e8a78273b79aa70df0e3ca024336d42c530550be8c68897bfa6a44f595bf5be48f8b25b48825ebcba815db4b3124522bc71e3970dbcafd479a6dab40f745a655cc3f9dd5aeb046d25baaaa160ba21f8b3c0292329ae107483c8caafcd70d041facfbf705dda95370a91879fc0ab9132e3b7b02cad69417178c4f34909df7a373bacb289476c25c901be7b52aabfdfcb3415ef3a565c7de2f0128c63e16984e2e98ad23e06b890f22894ebeceefdb472192e501e2c791232933b52ea4b9c4e9fe3654b8b1e08048fbcf58fada1cd49ca6658ce6ecd12102d90c81eac26090efa36514553abb298f7cf1a43bd6d473c1436b6be9e87445de726cfffb00c72de49db0585d677d5b245e15f9a53b4c258ba2fd67d38afd9ccd0d409c0bad675fcfbc1f4e5166fd1b29203274f758f55a266b8f7c9ec8ef1dd4913727fa392ce6b11baf902ea708adddd836982a609718c1dfb810aee6f21e47c27dc6b4eeebe5fc21aae6fe7d2908679c873e2aa45a1ee14cd7e10586216d5e17cdbfacd4bfedf00b7ba7fc46d4ac90667329ba76b4fcc6b991a55c9ed159a2fb9525c975bc0aa4a291fdde14a78b95adcde52fcb5a893ee7b4df6631b3ed5a9d9d9ebe36c7cedea777a9e67faad7f7004f0a820aeb6636f24685a15d12abc639aab2233b36584670c667f9e7a3fe1195d35b268d1052d5b4c9625dc963640c2c5e6c37d36acc31755b34f3ee2af7b7ba5dbe105322a3741c567c9edd817f6488fe69301b19481fe2e2cf74b19d4b224598b0ce1fa151fa1ef3d69aaeaab397a5eac72e0b969a09b85e3258e891db207393bc281afa93468b29b7e55cc2decf8292fc68e1a02b2faa873a846680992b37a548c8f724c0125027faa58be5b2836206cc34c063b50270d7fc968dab0d38072ca90bdef91119b72ab417d811d2f32bd41e6ab2bc5b5293f92f7a0a4f172bfea5403cd418db95e1a4232f78f6afd3d13978e206d85fa9ebe2abe444db065d03b6169bc9f0dbfc19237a74bd13c1ef844f839b20018fdaf1be6f1a171f6f3ce2205fdcce38330b88ceba0c5eae812e12be99993d265f806e61ec42c9527287967a1c3b27afb1edc35a5d17bb7f4d20ea708c62c9170ba2ab710f2d7f5dca7b33e0f9434cf0b6ee846fc8bc45d39f252ec682732fb090f46032491155d83a30894a259e037e57de7523481bcc2d704d8d728fbdf048df30f7e4861f62b8e63de47b3838b5062ccd2c125bc581024ea76bd4b1f53057f37d329f7861a2a70fd3b6d6fe252a1b892192ed75c585ab809f702e27e237c4aa2dc947585c2086eeaa29c3ff7e02cb7d3a0aa3a8156d2897daa9c45a2e28ba14fd40c8a3a058805e4b5b10641c3c25b9ab80cce83206b13a1e2bc362eb5ab7e0e677c01fc0486aa32862ad0afa4f1cc8496b961a0eec71c26ad107ead599d8ddd59d85adceb3ea442efcf8ed64f4c66547344dc81ef5b6ac102434395203f58d59656d41dcc192774d70f4f2964e304efde831126d402a240325e603347aa43626b5eb69b000", 0x2000, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x90, 0x0, 0x0, {0x1, 0x1, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0xfffffffffffffffe, 0x40a004fc, 0x0, 0x6, 0xfffffffc, 0x8b, 0x0, 0x2000, 0x6, 0x0, 0xee01}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bfffff, 0x11, r0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2180}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_MTU={0x8, 0x4, 0x40e}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TRUST={0xc, 0x9, {0x80000080, 0x7}}]}]}]}, 0x50}}, 0x0)

316.774015ms ago: executing program 2 (id=379):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x24, r6, 0x5, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x24}}, 0x40010)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x40, r1, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_PBSS={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x40}}, 0x20000014)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r8=>0xffffffffffffffff})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r9, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r11, @ANYBLOB="040013000a00060008021100000100000600100080050000060012"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r14=>0x0})
r15 = socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r15)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r15, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r17=>0x0})
sendmsg$BATADV_CMD_GET_MESH(r15, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, r16, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r17}]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r13, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r14}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)

241.169583ms ago: executing program 3 (id=380):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

0s ago: executing program 3 (id=381):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
syz_emit_vhci(0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000600)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x2eb4, 0x7ff)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x50, 0x1048, &(0x7f0000000700)="0a1398f8668babb9862aa1c9ea0380d18dafd06547dd62179ba79df1971b787788d854fbec0fe18f84085926de2d9ab0b6f1512c6dbc8a704453c6de009e89414d8518e3dcdd32ecd952f78f6c58a9fd"})

kernel console output (not intermixed with test programs):

sim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.056103][ T5838] veth0_macvtap: entered promiscuous mode
[   78.063688][   T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.072773][   T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.098197][ T5838] veth1_macvtap: entered promiscuous mode
[   78.107864][ T5844] veth0_macvtap: entered promiscuous mode
[   78.115026][ T5840] veth0_vlan: entered promiscuous mode
[   78.149698][ T5844] veth1_macvtap: entered promiscuous mode
[   78.198370][ T5840] veth1_vlan: entered promiscuous mode
[   78.244597][ T5839] veth0_macvtap: entered promiscuous mode
[   78.246052][  T365] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.258111][ T5839] veth1_macvtap: entered promiscuous mode
[   78.267836][  T365] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.283289][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.326362][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.339499][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.368179][ T5049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.376744][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.385687][ T5049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.386270][   T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.402769][   T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.417983][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.438020][ T2923] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.447313][ T2923] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.466349][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.505564][ T2923] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.537409][ T2923] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.549460][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   78.553327][ T2923] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.601932][  T365] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.650234][ T5840] veth0_macvtap: entered promiscuous mode
[   78.670352][ T5840] veth1_macvtap: entered promiscuous mode
[   78.690695][  T365] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.704090][  T365] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.720865][ T5915] FAULT_INJECTION: forcing a failure.
[   78.720865][ T5915] name failslab, interval 1, probability 0, space 0, times 1
[   78.736893][ T5915] CPU: 1 UID: 0 PID: 5915 Comm: syz.2.3 Not tainted syzkaller #0 PREEMPT(full) 
[   78.736918][ T5915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.736935][ T5915] Call Trace:
[   78.736942][ T5915]  <TASK>
[   78.736949][ T5915]  dump_stack_lvl+0x189/0x250
[   78.736983][ T5915]  ? __pfx____ratelimit+0x10/0x10
[   78.737003][ T5915]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.737022][ T5915]  ? __pfx__printk+0x10/0x10
[   78.737045][ T5915]  ? __pfx___might_resched+0x10/0x10
[   78.737062][ T5915]  ? fs_reclaim_acquire+0x7d/0x100
[   78.737090][ T5915]  should_fail_ex+0x414/0x560
[   78.737117][ T5915]  should_failslab+0xa8/0x100
[   78.737135][ T5915]  kmem_cache_alloc_node_noprof+0x77/0x710
[   78.737157][ T5915]  ? __alloc_skb+0x112/0x2d0
[   78.737172][ T5915]  ? netlink_autobind+0xdb/0x300
[   78.737194][ T5915]  __alloc_skb+0x112/0x2d0
[   78.737209][ T5915]  netlink_sendmsg+0x5c6/0xb30
[   78.737233][ T5915]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.737252][ T5915]  ? __import_iovec+0x5d4/0x7f0
[   78.737270][ T5915]  ? aa_sock_msg_perm+0xf1/0x1d0
[   78.737295][ T5915]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   78.737311][ T5915]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.737325][ T5915]  __sock_sendmsg+0x21c/0x270
[   78.737346][ T5915]  ____sys_sendmsg+0x505/0x830
[   78.737369][ T5915]  ? __pfx_____sys_sendmsg+0x10/0x10
[   78.737401][ T5915]  ___sys_sendmsg+0x21f/0x2a0
[   78.737421][ T5915]  ? __pfx____sys_sendmsg+0x10/0x10
[   78.737464][ T5915]  ? __fget_files+0x2a/0x420
[   78.737475][ T5915]  ? __fget_files+0x3a0/0x420
[   78.737494][ T5915]  __sys_sendmsg+0x164/0x220
[   78.737511][ T5915]  ? __pfx___sys_sendmsg+0x10/0x10
[   78.737533][ T5915]  ? __pfx_ksys_write+0x10/0x10
[   78.737555][ T5915]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[   78.737576][ T5915]  ? lockdep_hardirqs_on+0x9c/0x150
[   78.737597][ T5915]  __do_fast_syscall_32+0xb6/0x2b0
[   78.737619][ T5915]  ? lockdep_hardirqs_on+0x9c/0x150
[   78.737640][ T5915]  do_fast_syscall_32+0x34/0x80
[   78.737659][ T5915]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.737677][ T5915] RIP: 0023:0xf708d539
[   78.737704][ T5915] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   78.737716][ T5915] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[   78.737733][ T5915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000580
[   78.737745][ T5915] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[   78.737755][ T5915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   78.737764][ T5915] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   78.737773][ T5915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.737799][ T5915]  </TASK>
[   79.044866][ T5829] Bluetooth: hci0: command tx timeout
[   79.072349][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.085947][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.097780][  T365] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.106709][  T365] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.119842][  T365] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.128086][ T5829] Bluetooth: hci2: command tx timeout
[   79.133547][ T5829] Bluetooth: hci1: command tx timeout
[   79.140054][  T365] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.142521][ T5917] FAULT_INJECTION: forcing a failure.
[   79.142521][ T5917] name failslab, interval 1, probability 0, space 0, times 0
[   79.163835][ T5917] CPU: 0 UID: 0 PID: 5917 Comm: syz.2.6 Not tainted syzkaller #0 PREEMPT(full) 
[   79.163858][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.163867][ T5917] Call Trace:
[   79.163874][ T5917]  <TASK>
[   79.163881][ T5917]  dump_stack_lvl+0x189/0x250
[   79.163908][ T5917]  ? __pfx____ratelimit+0x10/0x10
[   79.163929][ T5917]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.163949][ T5917]  ? __pfx__printk+0x10/0x10
[   79.163971][ T5917]  ? __pfx___might_resched+0x10/0x10
[   79.163988][ T5917]  ? fs_reclaim_acquire+0x7d/0x100
[   79.164016][ T5917]  should_fail_ex+0x414/0x560
[   79.164052][ T5917]  should_failslab+0xa8/0x100
[   79.164071][ T5917]  kmem_cache_alloc_node_noprof+0x77/0x710
[   79.164093][ T5917]  ? __alloc_skb+0x112/0x2d0
[   79.164107][ T5917]  ? netlink_autobind+0xdb/0x300
[   79.164128][ T5917]  __alloc_skb+0x112/0x2d0
[   79.164146][ T5917]  netlink_sendmsg+0x5c6/0xb30
[   79.164171][ T5917]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.164190][ T5917]  ? __import_iovec+0x5d4/0x7f0
[   79.164208][ T5917]  ? aa_sock_msg_perm+0xf1/0x1d0
[   79.164234][ T5917]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   79.164250][ T5917]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.164267][ T5917]  __sock_sendmsg+0x21c/0x270
[   79.164292][ T5917]  ____sys_sendmsg+0x505/0x830
[   79.164321][ T5917]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.164351][ T5917]  ___sys_sendmsg+0x21f/0x2a0
[   79.164370][ T5917]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.164418][ T5917]  ? __fget_files+0x2a/0x420
[   79.164433][ T5917]  ? __fget_files+0x3a0/0x420
[   79.164458][ T5917]  __sys_sendmsg+0x164/0x220
[   79.164478][ T5917]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.164504][ T5917]  ? __pfx_ksys_write+0x10/0x10
[   79.164528][ T5917]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[   79.164560][ T5917]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.164585][ T5917]  __do_fast_syscall_32+0xb6/0x2b0
[   79.164611][ T5917]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.164633][ T5917]  do_fast_syscall_32+0x34/0x80
[   79.164653][ T5917]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.164672][ T5917] RIP: 0023:0xf708d539
[   79.164686][ T5917] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   79.164698][ T5917] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[   79.164717][ T5917] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[   79.164729][ T5917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   79.164738][ T5917] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.164746][ T5917] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   79.164755][ T5917] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.164781][ T5917]  </TASK>
[   79.226080][ T5829] Bluetooth: hci4: command tx timeout
[   79.230033][ T5832] Bluetooth: hci3: command tx timeout
[   79.475653][   T71] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.521658][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.531674][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.537922][   T71] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.559275][   T71] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.580112][ T5923] FAULT_INJECTION: forcing a failure.
[   79.580112][ T5923] name failslab, interval 1, probability 0, space 0, times 0
[   79.594414][ T5923] CPU: 1 UID: 0 PID: 5923 Comm: syz.2.7 Not tainted syzkaller #0 PREEMPT(full) 
[   79.594436][ T5923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.594446][ T5923] Call Trace:
[   79.594453][ T5923]  <TASK>
[   79.594460][ T5923]  dump_stack_lvl+0x189/0x250
[   79.594487][ T5923]  ? __pfx____ratelimit+0x10/0x10
[   79.594508][ T5923]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.594530][ T5923]  ? __pfx__printk+0x10/0x10
[   79.594552][ T5923]  ? __pfx___might_resched+0x10/0x10
[   79.594569][ T5923]  ? fs_reclaim_acquire+0x7d/0x100
[   79.594601][ T5923]  should_fail_ex+0x414/0x560
[   79.594628][ T5923]  should_failslab+0xa8/0x100
[   79.594646][ T5923]  kmem_cache_alloc_node_noprof+0x77/0x710
[   79.594667][ T5923]  ? __alloc_skb+0x112/0x2d0
[   79.594687][ T5923]  __alloc_skb+0x112/0x2d0
[   79.594704][ T5923]  tcp_stream_alloc_skb+0x3d/0x340
[   79.594729][ T5923]  tcp_sendmsg_locked+0x1c7f/0x5540
[   79.594796][ T5923]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[   79.594825][ T5923]  ? __local_bh_enable_ip+0x12d/0x1c0
[   79.594845][ T5923]  ? __local_bh_enable_ip+0x12d/0x1c0
[   79.594873][ T5923]  tcp_sendmsg+0x2f/0x50
[   79.594894][ T5923]  __sock_sendmsg+0xe5/0x270
[   79.594918][ T5923]  ____sys_sendmsg+0x505/0x830
[   79.594942][ T5923]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.594992][ T5923]  ___sys_sendmsg+0x21f/0x2a0
[   79.595011][ T5923]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.595061][ T5923]  ? __fget_files+0x2a/0x420
[   79.595077][ T5923]  ? __fget_files+0x3a0/0x420
[   79.595103][ T5923]  __sys_sendmsg+0x164/0x220
[   79.595123][ T5923]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.595148][ T5923]  ? __pfx_ksys_write+0x10/0x10
[   79.595169][ T5923]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[   79.595192][ T5923]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.595213][ T5923]  __do_fast_syscall_32+0xb6/0x2b0
[   79.595236][ T5923]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.595261][ T5923]  do_fast_syscall_32+0x34/0x80
[   79.595283][ T5923]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.595302][ T5923] RIP: 0023:0xf708d539
[   79.595316][ T5923] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   79.595329][ T5923] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[   79.595346][ T5923] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001580
[   79.595358][ T5923] RDX: 0000000004000001 RSI: 0000000000000000 RDI: 0000000000000000
[   79.595366][ T5923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.595375][ T5923] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   79.595385][ T5923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.595413][ T5923]  </TASK>
[   79.891042][   T71] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.932282][ T2923] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.940275][ T2923] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.017682][  T365] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.025606][  T365] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.215406][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.223255][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.267006][ T5832] Bluetooth: Frame is too long (len 12, expected len 4)
[   80.283010][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.295541][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.334233][ T5930] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5'.
[   80.413299][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.424647][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.513308][ T5926] xt_hashlimit: size too large, truncated to 1048576
[   80.576013][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   80.599455][ T5926] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   80.600001][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.667015][ T5937] sctp: [Deprecated]: syz.1.2 (pid 5937) Use of struct sctp_assoc_value in delayed_ack socket option.
[   80.667015][ T5937] Use struct sctp_sack_info instead
[   80.725242][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.952080][   T43] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   81.120460][   T43] usb 2-1: device descriptor read/64, error -71
[   81.126949][ T5832] Bluetooth: hci0: command tx timeout
[   81.171478][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   81.205164][ T5832] Bluetooth: hci1: command tx timeout
[   81.212003][ T5832] Bluetooth: hci2: command tx timeout
[   81.285845][ T5832] Bluetooth: hci4: command tx timeout
[   81.395142][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   81.403463][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   81.412617][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   81.424736][   T43] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[   81.474958][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   81.487167][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   81.538395][ T5832] Bluetooth: hci3: command tx timeout
[   81.624744][   T43] usb 2-1: device descriptor read/64, error -71
[   81.754561][   T43] usb usb2-port1: attempt power cycle
[   81.754752][ T5908] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   81.804879][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   81.813971][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   81.910556][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[   81.925769][ T5908] usb 4-1: Using ep0 maxpacket: 32
[   81.936249][ T5908] usb 4-1: config 0 has an invalid interface number: 66 but max is 0
[   81.948119][ T5908] usb 4-1: config 0 has no interface number 0
[   82.028587][ T5958] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   82.119141][ T5908] usb 4-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[   82.147552][ T5960] netlink: 36 bytes leftover after parsing attributes in process `syz.0.12'.
[   82.194715][   T43] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[   82.200271][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.231191][   T43] usb 2-1: device descriptor read/8, error -71
[   82.233490][ T5960] Zero length message leads to an empty skb
[   82.288307][ T5908] usb 4-1: Product: syz
[   82.322930][ T5908] usb 4-1: Manufacturer: syz
[   82.338982][ T5908] usb 4-1: SerialNumber: syz
[   82.380413][ T5908] usb 4-1: config 0 descriptor??
[   82.402678][ T5908] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state.
[   82.477483][ T5908] dvb-usb: bulk message failed: -22 (2/0)
[   82.493514][ T5958] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   82.504530][ T5958] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   82.504772][   T43] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[   82.528220][ T5908] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   82.587078][   T43] usb 2-1: device descriptor read/8, error -71
[   82.587756][ T5908] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold)
[   82.621021][ T5950] dvb-usb: bulk message failed: -22 (3/0)
[   82.640265][ T5950] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4'.
[   82.696988][ T5908] usb 4-1: media controller created
[   82.717627][   T43] usb usb2-port1: unable to enumerate USB device
[   82.784201][ T5908] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   82.811291][ T5908] cxusb: set interface failed
[   82.820124][ T5908] dvb-usb: bulk message failed: -22 (1/0)
[   82.931920][ T5958] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   82.975067][ T5958] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   82.985617][ T5958] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   83.008545][ T5958] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   83.035793][ T5958] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   83.041921][ T5958] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   83.068147][ T5908] DVB: Unable to find symbol lgdt330x_attach()
[   83.074481][ T5908] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold'
[   83.161415][ T5958] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   83.200260][ T5908] rc_core: IR keymap rc-dvico-portable not found
[   83.217451][ T5908] Registered IR keymap rc-empty
[   83.225844][ T5908] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0
[   83.241236][ T5908] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0/input5
[   83.254136][ T5908] dvb-usb: schedule remote query interval to 100 msecs.
[   83.262782][ T5908] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected.
[   83.313461][ T5908] usb 4-1: USB disconnect, device number 2
[   83.349327][ T5958] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   83.355949][ T5958] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   83.406603][ T5958] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   83.533029][ T5958] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[   83.541280][ T5958] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   83.643783][ T5958] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   83.763846][ T5908] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected.
[   84.406678][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[   84.641031][ T5911] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   84.794747][ T5911] usb 4-1: Using ep0 maxpacket: 16
[   84.812462][ T5911] usb 4-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[   84.824966][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.853417][ T5911] usb 4-1: Product: syz
[   84.859528][ T5911] usb 4-1: Manufacturer: syz
[   84.864245][ T5911] usb 4-1: SerialNumber: syz
[   84.923996][ T5908] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   84.946334][ T5911] usb 4-1: config 0 descriptor??
[   84.957019][ T5911] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[   85.045330][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[   85.097154][ T5908] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[   85.123135][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.131352][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[   85.222736][ T5908] usb 5-1: config 0 descriptor??
[   85.260558][ T5908] gspca_main: cpia1-2.14.0 probing 0813:0001
[   85.446686][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[   85.513470][ T5911] gp8psk: usb in 137 operation failed.
[   85.519307][ T5911] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   85.536009][ T5911] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[   85.614816][ T5829] Bluetooth: hci4: command 0x0405 tx timeout
[   85.686459][ T5911] usb 4-1: media controller created
[   85.755541][ T5911] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   85.911449][ T5911] gp8psk_fe: Frontend revision 1 attached
[   85.939981][ T5911] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[   85.976516][ T5911] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[   86.327823][ T5908] gspca_cpia1: usb_control_msg 05, error -110
[   86.370105][ T5908] gspca_cpia1: usb_control_msg 01, error -32
[   86.400388][ T5908] gspca_cpia1: usb_control_msg 01, error -32
[   86.442068][ T5908] gspca_cpia1: usb_control_msg 01, error -32
[   86.446681][ T5911] gp8psk: usb in 138 operation failed.
[   86.453619][ T5911] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[   86.468375][ T5911] gp8psk: found Genpix USB device pID = 201 (hex)
[   86.477880][ T5908] gspca_cpia1: usb_control_msg 01, error -32
[   86.484200][ T5911] usb 4-1: USB disconnect, device number 3
[   86.491486][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[   86.563842][ T5908] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[   86.601398][ T5911] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[   86.809971][  T856] cfg80211: failed to load regulatory.db
[   87.125207][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[   87.170286][ T6027] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   87.210456][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[   87.245941][ T6027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[   87.524946][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[   87.764916][ T5829] Bluetooth: hci4: command 0x0405 tx timeout
[   87.974710][ T5911] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   88.372250][ T5911] usb 2-1: device descriptor read/64, error -71
[   88.698016][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[   88.743211][ T6040] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   88.758321][ T6040] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   88.768715][ T6040] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   88.784554][ T6040] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   88.798972][ T6040] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[   88.819792][ T6044] netlink: 4 bytes leftover after parsing attributes in process `syz.0.33'.
[   88.832155][ T6044] netlink: 4 bytes leftover after parsing attributes in process `syz.0.33'.
[   88.842881][ T5911] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   88.898277][   T24] usb 5-1: USB disconnect, device number 2
[   88.995471][ T5911] usb 2-1: device descriptor read/64, error -71
[   89.105206][ T5911] usb usb2-port1: attempt power cycle
[   89.384881][ T5908] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   89.464827][ T5911] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   89.492459][ T5911] usb 2-1: device descriptor read/8, error -71
[   89.547513][ T5908] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   89.557967][ T5908] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   89.575412][ T5908] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[   89.589446][ T5908] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[   89.615609][ T5908] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[   89.643952][ T5908] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   89.662306][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   89.670786][ T5908] usb 3-1: Product: syz
[   89.675492][ T5908] usb 3-1: Manufacturer: syz
[   89.697816][ T5908] cdc_wdm 3-1:1.0: skipping garbage
[   89.703216][ T5908] cdc_wdm 3-1:1.0: skipping garbage
[   89.718387][ T5908] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[   89.735276][ T5911] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   89.772191][ T5908] cdc_wdm 3-1:1.0: Unknown control protocol
[   89.774719][ T5909] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   89.797446][ T5911] usb 2-1: device descriptor read/8, error -71
[   89.878168][   T30] audit: type=1326 audit(1762696318.435:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6057 comm="syz.0.38" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705d539 code=0x0
[   89.909078][ T5908] usb 3-1: USB disconnect, device number 2
[   89.925481][ T5911] usb usb2-port1: unable to enumerate USB device
[   89.974713][ T5909] usb 5-1: Using ep0 maxpacket: 16
[   89.985513][ T5909] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   89.994742][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.003962][ T5909] usb 5-1: Product: syz
[   90.008967][ T5909] usb 5-1: Manufacturer: syz
[   90.014434][ T5909] usb 5-1: SerialNumber: syz
[   90.030328][ T5909] r8152-cfgselector 5-1: Unknown version 0x0000
[   90.036820][ T5909] r8152-cfgselector 5-1: config 0 descriptor??
[   90.120471][ T6061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.38'.
[   90.963675][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[   90.970387][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[   90.976484][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[   90.982737][ T5829] Bluetooth: hci4: command 0x0405 tx timeout
[   90.989153][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[   91.034175][  T856] r8152-cfgselector 5-1: USB disconnect, device number 3
[   91.806729][ T5919] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   91.890844][ T6079] FAULT_INJECTION: forcing a failure.
[   91.890844][ T6079] name failslab, interval 1, probability 0, space 0, times 0
[   91.914904][ T6079] CPU: 1 UID: 0 PID: 6079 Comm: syz.2.45 Not tainted syzkaller #0 PREEMPT(full) 
[   91.914927][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   91.914936][ T6079] Call Trace:
[   91.914943][ T6079]  <TASK>
[   91.914950][ T6079]  dump_stack_lvl+0x189/0x250
[   91.914978][ T6079]  ? __pfx____ratelimit+0x10/0x10
[   91.915001][ T6079]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.915030][ T6079]  ? __pfx__printk+0x10/0x10
[   91.915052][ T6079]  ? __pfx___might_resched+0x10/0x10
[   91.915068][ T6079]  ? fs_reclaim_acquire+0x7d/0x100
[   91.915097][ T6079]  should_fail_ex+0x414/0x560
[   91.915127][ T6079]  should_failslab+0xa8/0x100
[   91.915145][ T6079]  __kmalloc_noprof+0xcb/0x7f0
[   91.915167][ T6079]  ? tomoyo_encode+0x28b/0x550
[   91.915196][ T6079]  tomoyo_encode+0x28b/0x550
[   91.915225][ T6079]  tomoyo_realpath_from_path+0x58d/0x5d0
[   91.915260][ T6079]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   91.915280][ T6079]  tomoyo_path_number_perm+0x1e8/0x5a0
[   91.915304][ T6079]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   91.915343][ T6079]  ? __lock_acquire+0xab9/0xd20
[   91.915379][ T6079]  ? __fget_files+0x2a/0x420
[   91.915400][ T6079]  ? __fget_files+0x3a0/0x420
[   91.915415][ T6079]  ? __fget_files+0x2a/0x420
[   91.915434][ T6079]  security_file_ioctl_compat+0xcb/0x2d0
[   91.915457][ T6079]  __ia32_compat_sys_ioctl+0x128/0x840
[   91.915482][ T6079]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[   91.915504][ T6079]  ? __fget_files+0x3a0/0x420
[   91.915525][ T6079]  ? fput+0xa0/0xd0
[   91.915541][ T6079]  ? ksys_write+0x22a/0x250
[   91.915560][ T6079]  ? exc_page_fault+0x82/0x100
[   91.915582][ T6079]  ? __pfx_ksys_write+0x10/0x10
[   91.915607][ T6079]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[   91.915631][ T6079]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.915654][ T6079]  __do_fast_syscall_32+0xb6/0x2b0
[   91.915682][ T6079]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.915707][ T6079]  do_fast_syscall_32+0x34/0x80
[   91.915731][ T6079]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   91.915751][ T6079] RIP: 0023:0xf708d539
[   91.915766][ T6079] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   91.915780][ T6079] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[   91.915799][ T6079] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000054a2
[   91.915811][ T6079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   91.915820][ T6079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   91.915830][ T6079] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   91.915839][ T6079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   91.915867][ T6079]  </TASK>
[   91.916062][ T6079] ERROR: Out of memory at tomoyo_realpath_from_path.
[   92.204733][  T856] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   92.216476][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.227582][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.240209][ T5919] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   92.255388][ T5919] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   92.264451][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.276266][ T5919] usb 2-1: config 0 descriptor??
[   92.285608][ T5875] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[   92.367800][  T856] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   92.381045][  T856] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   92.391890][  T856] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   92.404167][  T856] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   92.412732][  T856] usb 5-1: SerialNumber: syz
[   92.413987][ T6087] netlink: 828 bytes leftover after parsing attributes in process `syz.2.47'.
[   92.464771][ T5875] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.503732][ T5875] usb 4-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[   92.513087][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[   92.521672][ T5875] usb 4-1: Product: syz
[   92.526481][ T5875] usb 4-1: Manufacturer: syz
[   92.531121][ T5875] usb 4-1: SerialNumber: syz
[   92.539206][ T5875] usb 4-1: config 0 descriptor??
[   92.550151][ T5875] gspca_main: conex-2.14.0 probing 0572:0041
[   92.625315][ T6091] process 'syz.2.48' launched '/dev/fd/10' with NULL argv: empty string added
[   92.669805][  T856] usb 5-1: 0:2 : does not exist
[   92.688505][  T856] usb 5-1: unit 255 not found!
[   92.712738][ T5919] plantronics 0003:047F:FFFF.0001: unbalanced collection at end of report description
[   92.726859][ T5919] plantronics 0003:047F:FFFF.0001: parse failed
[   92.733216][ T5919] plantronics 0003:047F:FFFF.0001: probe with driver plantronics failed with error -22
[   92.932818][ T5919] usb 2-1: USB disconnect, device number 10
[   93.010329][ T5875] usb 4-1: USB disconnect, device number 4
[   93.027583][  T856] usb 5-1: USB disconnect, device number 4
[   93.045059][   T52] Bluetooth: hci4: command 0x0405 tx timeout
[   93.160670][ T5981] udevd[5981]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   93.695039][ T5911] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[   93.816801][ T6105] syz.2.52 uses obsolete (PF_INET,SOCK_PACKET)
[   93.843149][ T6105] netlink: 4 bytes leftover after parsing attributes in process `syz.2.52'.
[   93.858445][ T5911] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[   93.858475][ T5911] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.858493][ T5911] usb 5-1: Product: syz
[   93.858507][ T5911] usb 5-1: Manufacturer: syz
[   93.858521][ T5911] usb 5-1: SerialNumber: syz
[   93.861508][ T5911] usb 5-1: config 0 descriptor??
[   93.920428][ T6106] capability: warning: `syz.1.53' uses deprecated v2 capabilities in a way that may be insecure
[   94.274245][ T6114] syzkaller1: entered promiscuous mode
[   94.279957][ T6114] syzkaller1: entered allmulticast mode
[   94.447775][ T6121] netlink: 'syz.0.55': attribute type 10 has an invalid length.
[   94.513911][ T6122] netlink: 'syz.0.55': attribute type 10 has an invalid length.
[   94.548270][ T6123] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.559604][ T6123] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.569655][ T5911] airspy 5-1:0.0: usb_control_msg() failed -71 request 0a
[   94.597692][ T5911] airspy 5-1:0.0: Could not detect board
[   94.603756][ T5911] airspy 5-1:0.0: probe with driver airspy failed with error -71
[   94.768629][ T6121] team0: Port device dummy0 added
[   94.776262][ T6122] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   94.801353][ T5911] usb 5-1: USB disconnect, device number 5
[   94.833374][ T6124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.56'.
[   94.854552][ T6124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.56'.
[   94.864501][ T6122] team0: Failed to send options change via netlink (err -105)
[   94.872517][ T6122] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   94.882622][ T6122] team0: Port device dummy0 removed
[   94.967495][ T6122] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   95.163893][ T6130] netlink: 828 bytes leftover after parsing attributes in process `syz.1.58'.
[   97.725429][ T6154] FAULT_INJECTION: forcing a failure.
[   97.725429][ T6154] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   97.759559][ T6154] CPU: 1 UID: 0 PID: 6154 Comm: syz.4.67 Not tainted syzkaller #0 PREEMPT(full) 
[   97.759591][ T6154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   97.759600][ T6154] Call Trace:
[   97.759607][ T6154]  <TASK>
[   97.759615][ T6154]  dump_stack_lvl+0x189/0x250
[   97.759642][ T6154]  ? __pfx____ratelimit+0x10/0x10
[   97.759664][ T6154]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.759684][ T6154]  ? __pfx__printk+0x10/0x10
[   97.759700][ T6154]  ? __might_fault+0xb0/0x130
[   97.759732][ T6154]  should_fail_ex+0x414/0x560
[   97.759759][ T6154]  _copy_from_user+0x2d/0xb0
[   97.759779][ T6154]  get_compat_msghdr+0xad/0x4a0
[   97.759801][ T6154]  ? __pfx_get_compat_msghdr+0x10/0x10
[   97.759821][ T6154]  ? ___sys_recvmsg+0x1c4/0x510
[   97.759838][ T6154]  ? kfree+0x4d/0x6d0
[   97.759861][ T6154]  ___sys_recvmsg+0x17f/0x510
[   97.759885][ T6154]  ? __pfx____sys_recvmsg+0x10/0x10
[   97.759927][ T6154]  ? __fget_files+0x3a0/0x420
[   97.759953][ T6154]  do_recvmmsg+0x36a/0x770
[   97.759978][ T6154]  ? __pfx_do_recvmmsg+0x10/0x10
[   97.759996][ T6154]  ? ksys_write+0x1cb/0x250
[   97.760035][ T6154]  ? __fget_files+0x3a0/0x420
[   97.760056][ T6154]  __sys_recvmmsg+0x19d/0x280
[   97.760077][ T6154]  ? __pfx___sys_recvmmsg+0x10/0x10
[   97.760093][ T6154]  ? __pfx_ksys_write+0x10/0x10
[   97.760119][ T6154]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0
[   97.760141][ T6154]  __do_fast_syscall_32+0xb6/0x2b0
[   97.760165][ T6154]  ? lockdep_hardirqs_on+0x9c/0x150
[   97.760190][ T6154]  do_fast_syscall_32+0x34/0x80
[   97.760212][ T6154]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.760232][ T6154] RIP: 0023:0xf708d539
[   97.760247][ T6154] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   97.760260][ T6154] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[   97.760278][ T6154] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[   97.760289][ T6154] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[   97.760299][ T6154] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.760309][ T6154] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   97.760317][ T6154] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.760343][ T6154]  </TASK>
[   98.091130][ T5909] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   98.237175][ T6168] netlink: 'syz.1.72': attribute type 72 has an invalid length.
[   98.254726][ T5909] usb 4-1: Using ep0 maxpacket: 8
[   98.261564][ T5909] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[   98.265115][ T6168] netlink: 'syz.1.72': attribute type 8 has an invalid length.
[   98.271284][ T5909] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   98.288889][ T5909] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   98.304505][ T5909] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   98.426931][ T5909] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   98.476679][ T6172] FAULT_INJECTION: forcing a failure.
[   98.476679][ T6172] name failslab, interval 1, probability 0, space 0, times 0
[   98.499178][ T5909] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   98.508627][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: syz.4.73 Not tainted syzkaller #0 PREEMPT(full) 
[   98.508648][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   98.508658][ T6172] Call Trace:
[   98.508665][ T6172]  <TASK>
[   98.508673][ T6172]  dump_stack_lvl+0x189/0x250
[   98.508699][ T6172]  ? __pfx____ratelimit+0x10/0x10
[   98.508721][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.508743][ T6172]  ? __pfx__printk+0x10/0x10
[   98.508766][ T6172]  ? __pfx___might_resched+0x10/0x10
[   98.508783][ T6172]  ? fs_reclaim_acquire+0x7d/0x100
[   98.508812][ T6172]  should_fail_ex+0x414/0x560
[   98.508842][ T6172]  should_failslab+0xa8/0x100
[   98.508861][ T6172]  __kvmalloc_node_noprof+0x158/0x910
[   98.508887][ T6172]  ? seq_read_iter+0x202/0xe20
[   98.508922][ T6172]  seq_read_iter+0x202/0xe20
[   98.508942][ T6172]  ? _parse_integer_limit+0x1ae/0x1f0
[   98.508961][ T6172]  ? look_up_lock_class+0x74/0x170
[   98.508986][ T6172]  ? __asan_memset+0x22/0x50
[   98.509014][ T6172]  seq_read+0x369/0x480
[   98.509044][ T6172]  ? __pfx_seq_read+0x10/0x10
[   98.509063][ T6172]  ? __pfx___mutex_trylock_common+0x10/0x10
[   98.509100][ T6172]  ? __pfx_seq_read+0x10/0x10
[   98.509118][ T6172]  proc_reg_read+0x1e9/0x2e0
[   98.509140][ T6172]  ? __pfx_proc_reg_read+0x10/0x10
[   98.509181][ T6172]  vfs_read+0x200/0xa30
[   98.509210][ T6172]  ? fdget_pos+0x247/0x320
[   98.509230][ T6172]  ? __pfx___mutex_lock+0x10/0x10
[   98.509253][ T6172]  ? __pfx_vfs_read+0x10/0x10
[   98.509277][ T6172]  ? __fget_files+0x2a/0x420
[   98.509297][ T6172]  ? __fget_files+0x3a0/0x420
[   98.509312][ T6172]  ? __fget_files+0x2a/0x420
[   98.509337][ T6172]  ksys_read+0x145/0x250
[   98.509362][ T6172]  ? __pfx_ksys_read+0x10/0x10
[   98.509386][ T6172]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[   98.509409][ T6172]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.509434][ T6172]  __do_fast_syscall_32+0xb6/0x2b0
[   98.509458][ T6172]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.509484][ T6172]  do_fast_syscall_32+0x34/0x80
[   98.509507][ T6172]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   98.509527][ T6172] RIP: 0023:0xf708d539
[   98.509542][ T6172] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   98.509555][ T6172] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[   98.509573][ T6172] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000640
[   98.509585][ T6172] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[   98.509595][ T6172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   98.509604][ T6172] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   98.509614][ T6172] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   98.509642][ T6172]  </TASK>
[   98.869622][ T6176] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.75'.
[   98.904841][   T30] audit: type=1326 audit(1762696327.445:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.010734][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.029030][   T30] audit: type=1326 audit(1762696327.445:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.134300][   T30] audit: type=1326 audit(1762696327.445:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.236388][   T30] audit: type=1326 audit(1762696327.445:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.486578][ T5909] usb 4-1: usb_control_msg returned -32
[   99.492209][ T5909] usbtmc 4-1:16.0: can't read capabilities
[   99.568265][   T30] audit: type=1326 audit(1762696327.445:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.607331][   T30] audit: type=1326 audit(1762696327.445:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.652033][   T30] audit: type=1326 audit(1762696327.445:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.682557][   T30] audit: type=1326 audit(1762696327.445:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.718522][   T30] audit: type=1326 audit(1762696327.445:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[   99.743914][   T30] audit: type=1326 audit(1762696327.445:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz.2.74" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d539 code=0x50000
[  100.117522][ T6192] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  100.762394][ T6198] usbtmc 4-1:16.0: CHECK_CLEAR_STATUS returned 3
[  100.885133][ T6203] netlink: 8 bytes leftover after parsing attributes in process `syz.3.66'.
[  100.895653][ T6203] netlink: 56 bytes leftover after parsing attributes in process `syz.3.66'.
[  100.906360][ T6203] netlink: 56 bytes leftover after parsing attributes in process `syz.3.66'.
[  100.952453][ T6203] netlink: 20 bytes leftover after parsing attributes in process `syz.3.66'.
[  101.024958][ T6205] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  101.883984][ T6207] fuse: Bad value for 'fd'
[  102.035132][ T6209] netlink: 132 bytes leftover after parsing attributes in process `syz.0.83'.
[  102.049643][  T856] usb 4-1: USB disconnect, device number 5
[  102.194711][ T5909] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  102.348563][ T5909] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=3f.cb
[  102.363631][ T5909] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.394738][ T5909] usb 3-1: Product: syz
[  102.420589][ T5909] usb 3-1: Manufacturer: syz
[  102.435476][ T5909] usb 3-1: SerialNumber: syz
[  102.461403][ T5909] usb 3-1: config 0 descriptor??
[  102.870268][ T5875] usb 3-1: USB disconnect, device number 3
[  103.761496][ T6242] mmap: syz.1.91 (6242) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  104.750747][ T5911] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  105.044819][ T5911] usb 1-1: Using ep0 maxpacket: 16
[  105.239509][ T5911] usb 1-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  105.300540][ T5911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.318849][ T5911] usb 1-1: Product: syz
[  105.329292][ T5911] usb 1-1: Manufacturer: syz
[  105.349281][ T5911] usb 1-1: SerialNumber: syz
[  105.366561][ T5911] usb 1-1: config 0 descriptor??
[  105.383736][ T5911] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  105.887989][ T5911] gp8psk: usb in 137 operation failed.
[  105.896696][ T5911] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  105.924038][ T5911] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[  105.986165][ T5911] usb 1-1: media controller created
[  106.069590][ T5911] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  106.153589][ T5911] gp8psk_fe: Frontend revision 1 attached
[  106.170310][ T5911] usb 1-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  106.206587][ T5911] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  106.317327][ T6279] netlink: 'syz.1.101': attribute type 10 has an invalid length.
[  106.328061][ T6279] team0: Port device dummy0 added
[  106.338349][ T6279] netlink: 'syz.1.101': attribute type 10 has an invalid length.
[  106.339721][ T6279] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  106.463057][ T5909] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  106.525027][ T6279] team0: Failed to send options change via netlink (err -105)
[  106.525265][ T6279] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  106.525768][ T6279] team0: Port device dummy0 removed
[  106.534007][ T6279] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  106.686159][ T5911] gp8psk: usb in 138 operation failed.
[  106.856341][ T5911] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[  106.875476][ T5911] gp8psk: found Genpix USB device pID = 201 (hex)
[  106.886582][ T5909] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  106.896279][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.921652][ T5909] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  106.931591][ T5909] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  106.954081][ T5911] usb 1-1: USB disconnect, device number 2
[  106.960260][ T5909] usb 3-1: Manufacturer: syz
[  107.205138][ T5909] usb 3-1: config 0 descriptor??
[  107.289303][ T5909] rc_core: IR keymap rc-hauppauge not found
[  107.296868][ T5909] Registered IR keymap rc-empty
[  107.349168][ T5909] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  107.465731][ T5909] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input6
[  107.546585][ T6290] fuse: Bad value for 'fd'
[  107.555714][ T5911] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[  107.602161][ T6291] netlink: 'syz.2.100': attribute type 1 has an invalid length.
[  107.678273][ T6291] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  107.685913][ T6291] IPv6: NLM_F_CREATE should be set when creating new route
[  107.693164][ T6291] IPv6: NLM_F_CREATE should be set when creating new route
[  107.824992][  T856] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  107.975094][ T5911] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  107.991973][  T856] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=3f.cb
[  108.012125][  T856] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.033094][  T856] usb 2-1: Product: syz
[  108.154755][  T856] usb 2-1: Manufacturer: syz
[  108.159440][  T856] usb 2-1: SerialNumber: syz
[  108.198240][  T856] usb 2-1: config 0 descriptor??
[  108.344797][ T5911] usb 1-1: Using ep0 maxpacket: 8
[  108.356921][ T5911] usb 1-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  108.378392][ T5911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.412287][ T5911] usb 1-1: Product: syz
[  108.425387][ T5882] usb 2-1: USB disconnect, device number 11
[  108.436024][ T5911] usb 1-1: Manufacturer: syz
[  108.463259][ T5911] usb 1-1: SerialNumber: syz
[  108.500987][ T5911] usb 1-1: config 0 descriptor??
[  108.537185][ T5911] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  109.069100][ T6310] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  109.097035][ T5882] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  109.277094][ T5882] usb 4-1: New USB device found, idVendor=046d, idProduct=08b4, bcdDevice= e.32
[  109.415293][ T6285] warning: `syz.0.102' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  109.434647][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.466548][ T5882] usb 4-1: Product: syz
[  109.470734][ T5882] usb 4-1: Manufacturer: syz
[  109.476417][ T5875] usb 3-1: USB disconnect, device number 4
[  109.536574][ T5882] usb 4-1: SerialNumber: syz
[  109.559647][ T5882] usb 4-1: config 0 descriptor??
[  109.604846][ T5882] pwc: Logitech QuickCam Zoom (new model) USB webcam detected.
[  109.646899][ T5911] gspca_sonixj: reg_w1 err -110
[  109.664805][ T5911] sonixj 1-1:0.0: probe with driver sonixj failed with error -110
[  109.792211][ T5882] pwc: Failed to set LED on/off time (-71)
[  109.808984][ T5882] pwc: send_video_command error -71
[  109.814782][ T6325] netlink: 20 bytes leftover after parsing attributes in process `syz.2.113'.
[  109.835422][ T5882] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  109.877593][ T5882] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[  109.919899][ T5882] usb 4-1: USB disconnect, device number 6
[  110.002961][   T24] usb 1-1: USB disconnect, device number 3
[  110.139784][ T6332] fuse: Bad value for 'fd'
[  110.415614][  T856] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  110.589768][  T856] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=3f.cb
[  110.600166][  T856] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.612450][  T856] usb 2-1: Product: syz
[  110.618161][  T856] usb 2-1: Manufacturer: syz
[  110.622963][  T856] usb 2-1: SerialNumber: syz
[  110.635315][  T856] usb 2-1: config 0 descriptor??
[  110.677393][ T6350] fuse: Bad value for 'fd'
[  110.858233][  T856] usb 2-1: USB disconnect, device number 12
[  110.946036][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  111.118175][   T24] usb 1-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=3f.cb
[  111.128442][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.136673][   T24] usb 1-1: Product: syz
[  111.140844][   T24] usb 1-1: Manufacturer: syz
[  111.145521][   T24] usb 1-1: SerialNumber: syz
[  111.153107][   T24] usb 1-1: config 0 descriptor??
[  111.388931][   T24] usb 1-1: USB disconnect, device number 4
[  111.478627][  T856] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  111.656888][  T856] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.955347][  T856] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  111.973701][ T6375] fuse: root generation should be zero
[  112.118685][  T856] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  112.150159][  T856] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  112.215073][  T856] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.262906][  T856] usb 3-1: config 0 descriptor??
[  112.688177][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.715595][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.748016][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.776572][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.806953][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.843841][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.871363][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.942237][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.970961][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.998764][  T856] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  113.097788][  T856] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  113.193663][ T6385] FAULT_INJECTION: forcing a failure.
[  113.193663][ T6385] name failslab, interval 1, probability 0, space 0, times 0
[  113.227508][ T6385] CPU: 1 UID: 0 PID: 6385 Comm: syz.3.129 Not tainted syzkaller #0 PREEMPT(full) 
[  113.227531][ T6385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  113.227542][ T6385] Call Trace:
[  113.227549][ T6385]  <TASK>
[  113.227557][ T6385]  dump_stack_lvl+0x189/0x250
[  113.227584][ T6385]  ? __pfx____ratelimit+0x10/0x10
[  113.227612][ T6385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.227633][ T6385]  ? __pfx__printk+0x10/0x10
[  113.227657][ T6385]  ? __pfx___might_resched+0x10/0x10
[  113.227680][ T6385]  should_fail_ex+0x414/0x560
[  113.227710][ T6385]  should_failslab+0xa8/0x100
[  113.227729][ T6385]  __kmalloc_noprof+0xcb/0x7f0
[  113.227751][ T6385]  ? kfree+0x4d/0x6d0
[  113.227768][ T6385]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  113.227799][ T6385]  tomoyo_realpath_from_path+0xe3/0x5d0
[  113.227825][ T6385]  ? tomoyo_domain+0xd9/0x130
[  113.227847][ T6385]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  113.227868][ T6385]  tomoyo_path_number_perm+0x1e8/0x5a0
[  113.227891][ T6385]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  113.227930][ T6385]  ? __lock_acquire+0xab9/0xd20
[  113.227968][ T6385]  ? __fget_files+0x2a/0x420
[  113.227990][ T6385]  ? __fget_files+0x3a0/0x420
[  113.228004][ T6385]  ? __fget_files+0x2a/0x420
[  113.228025][ T6385]  security_file_ioctl_compat+0xcb/0x2d0
[  113.228048][ T6385]  __ia32_compat_sys_ioctl+0x128/0x840
[  113.228073][ T6385]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  113.228095][ T6385]  ? __fget_files+0x3a0/0x420
[  113.228118][ T6385]  ? fput+0xa0/0xd0
[  113.228137][ T6385]  ? ksys_write+0x22a/0x250
[  113.228157][ T6385]  ? exc_page_fault+0x82/0x100
[  113.228180][ T6385]  ? __pfx_ksys_write+0x10/0x10
[  113.228205][ T6385]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  113.228233][ T6385]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.228259][ T6385]  __do_fast_syscall_32+0xb6/0x2b0
[  113.228283][ T6385]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.228309][ T6385]  do_fast_syscall_32+0x34/0x80
[  113.228333][ T6385]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.228351][ T6385] RIP: 0023:0xf7f62539
[  113.228366][ T6385] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  113.228380][ T6385] RSP: 002b:00000000f545655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  113.228398][ T6385] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005452
[  113.228410][ T6385] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  113.228421][ T6385] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.228431][ T6385] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  113.228440][ T6385] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.228465][ T6385]  </TASK>
[  113.229637][ T6385] ERROR: Out of memory at tomoyo_realpath_from_path.
[  113.650246][ T6392] netlink: 68 bytes leftover after parsing attributes in process `syz.1.130'.
[  113.739039][ T6397] netlink: 892 bytes leftover after parsing attributes in process `syz.3.131'.
[  114.278801][ T5909] usb 3-1: USB disconnect, device number 5
[  114.553723][ T6414] kvm: pic: non byte read
[  114.558459][ T6414] kvm: pic: non byte read
[  114.562917][ T6414] kvm: pic: non byte read
[  114.568238][ T6414] kvm: pic: non byte read
[  114.578430][ T6414] kvm: pic: non byte read
[  114.582893][ T6414] kvm: pic: non byte read
[  114.587571][ T6414] kvm: pic: non byte read
[  114.592129][ T6414] kvm: pic: non byte read
[  114.596755][ T6414] kvm: pic: non byte read
[  114.602288][ T6414] kvm: pic: non byte read
[  114.628855][ T6415] binder: 6406:6415 ioctl 542e 80000200 returned -22
[  115.380694][ T6413] syz.2.135 (6413): drop_caches: 2
[  115.747964][ T6431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.138'.
[  115.782956][ T6428] netlink: 'syz.2.138': attribute type 10 has an invalid length.
[  115.866889][ T6431] netlink: 'syz.2.138': attribute type 10 has an invalid length.
[  115.886452][ T6428] team0: Port device dummy0 added
[  115.942364][ T6431] team0: Port device dummy0 removed
[  115.981504][ T6431] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  119.183610][ T6481] fuse: Bad value for 'fd'
[  119.454712][ T5875] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  119.468786][  T856] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  119.668638][  T856] usb 3-1: Using ep0 maxpacket: 16
[  119.688936][ T5875] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=3f.cb
[  119.706228][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.715281][ T5875] usb 2-1: Product: syz
[  119.719979][  T856] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.730956][ T5875] usb 2-1: Manufacturer: syz
[  119.752485][ T5875] usb 2-1: SerialNumber: syz
[  119.757336][  T856] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.776265][ T5875] usb 2-1: config 0 descriptor??
[  119.787099][  T856] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  119.802807][  T856] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  119.822809][  T856] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.859239][  T856] usb 3-1: config 0 descriptor??
[  120.034022][ T5911] usb 2-1: USB disconnect, device number 13
[  120.285886][ T6483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  120.301529][ T6483] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.323022][  T856] hid_parser_main: 5 callbacks suppressed
[  120.323042][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.362162][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.372311][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.380336][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.389043][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.405607][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.424053][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.431537][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.439041][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.446463][  T856] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  120.548460][  T856] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0003/input/input9
[  121.216823][  T856] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  121.359651][  T856] usb 3-1: USB disconnect, device number 6
[  121.954745][  T856] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  122.124826][  T856] usb 3-1: Using ep0 maxpacket: 8
[  122.174427][  T856] usb 3-1: config index 0 descriptor too short (expected 30, got 18)
[  122.300596][  T856] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  122.313116][  T856] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.334635][  T856] usb 3-1: Product: syz
[  122.420889][  T856] usb 3-1: Manufacturer: syz
[  122.441215][  T856] usb 3-1: SerialNumber: syz
[  122.481080][  T856] usb 3-1: config 0 descriptor??
[  122.509091][  T856] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  122.534849][  T856] usb 3-1: setting power ON
[  122.539401][  T856] dvb-usb: bulk message failed: -22 (2/0)
[  122.572969][  T856] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  122.615053][  T856] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  122.623549][  T856] usb 3-1: media controller created
[  122.653242][  T856] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  122.716843][ T6517] netlink: 16 bytes leftover after parsing attributes in process `syz.2.159'.
[  122.738547][ T6517] dvb-usb: bulk message failed: -22 (3/0)
[  122.744386][ T6517] cxusb: i2c wr: len=79 is too big!
[  122.744386][ T6517] 
[  122.759402][ T6536] pim6reg: entered allmulticast mode
[  122.779934][ T6536] netlink: 'syz.0.164': attribute type 10 has an invalid length.
[  122.826412][  T856] usb 3-1: selecting invalid altsetting 6
[  122.905136][  T856] usb 3-1: digital interface selection failed (-22)
[  122.926851][  T856] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  122.973904][ T6536] team0: Port device netdevsim0 added
[  123.218961][  T856] usb 3-1: setting power OFF
[  123.226004][  T856] dvb-usb: bulk message failed: -22 (2/0)
[  123.318487][  T856] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  123.341267][  T856] (NULL device *): no alternate interface
[  125.429444][  T856] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  125.503831][ T6575] binder: 6562:6575 unknown command 0
[  125.567426][  T856] usb 3-1: USB disconnect, device number 7
[  125.574726][ T6575] binder: 6562:6575 ioctl c0306201 80000080 returned -22
[  125.961866][ T6594] netlink: 24 bytes leftover after parsing attributes in process `syz.3.176'.
[  126.829484][ T6619] binder: BINDER_SET_CONTEXT_MGR already set
[  126.868267][ T6619] binder: 6618:6619 ioctl 4018620d 800002c0 returned -16
[  128.440744][ T6621] syz.2.181 (6621): drop_caches: 2
[  128.490553][ T6638] binder: 6637:6638 unknown command 0
[  128.523260][ T6638] binder: 6637:6638 ioctl c0306201 80000080 returned -22
[  128.647061][ T6638] binder: BINDER_SET_CONTEXT_MGR already set
[  128.653226][ T6638] binder: 6637:6638 ioctl 4018620d 80000040 returned -16
[  128.690949][ T6638] binder: 6637:6638 ioctl c0306201 80000300 returned -11
[  128.925702][ T6660] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.193'.
[  130.509423][ T6687] bridge_slave_0: left allmulticast mode
[  130.524908][ T6687] bridge_slave_0: left promiscuous mode
[  130.542916][ T6687] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.567485][ T6690] binder: 6689:6690 unknown command 0
[  130.592957][ T6690] binder: 6689:6690 ioctl c0306201 80000080 returned -22
[  130.647689][ T6687] bridge_slave_1: left allmulticast mode
[  130.670948][ T6687] bridge_slave_1: left promiscuous mode
[  130.693185][ T6687] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.703147][ T6695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'.
[  130.783600][ T6699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'.
[  130.822047][ T6687] bond0: (slave bond_slave_0): Releasing backup interface
[  130.867345][ T6687] bond0: (slave bond_slave_1): Releasing backup interface
[  130.904515][ T6695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'.
[  130.930902][ T6687] team0: Port device team_slave_0 removed
[  130.950791][ T6687] team0: Port device team_slave_1 removed
[  130.959781][ T6687] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.968558][ T6687] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.990815][ T6687] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.998455][ T6687] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.006098][ T6699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'.
[  131.019370][ T6701] binder: 6689:6701 ioctl c0306201 80000680 returned -14
[  131.031749][ T6687] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  131.122309][ T6711] netlink: 24 bytes leftover after parsing attributes in process `syz.0.206'.
[  131.252534][ T6695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'.
[  131.290153][ T6699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'.
[  131.577844][ T6702] binder: 6700:6702 unknown command 0
[  131.583274][ T6702] binder: 6700:6702 ioctl c0306201 80000080 returned -22
[  131.618761][ T6702] binder: 6700:6702 ioctl c0306201 0 returned -14
[  131.626889][ T6702] binder: 6700:6702 ioctl c0306201 80000300 returned -11
[  131.676195][ T6728] FAULT_INJECTION: forcing a failure.
[  131.676195][ T6728] name failslab, interval 1, probability 0, space 0, times 0
[  131.676231][ T6728] CPU: 0 UID: 0 PID: 6728 Comm: syz.4.211 Not tainted syzkaller #0 PREEMPT(full) 
[  131.676249][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  131.676260][ T6728] Call Trace:
[  131.676267][ T6728]  <TASK>
[  131.676274][ T6728]  dump_stack_lvl+0x189/0x250
[  131.676301][ T6728]  ? __pfx____ratelimit+0x10/0x10
[  131.676323][ T6728]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.676344][ T6728]  ? __pfx__printk+0x10/0x10
[  131.676367][ T6728]  ? __lock_acquire+0xab9/0xd20
[  131.676396][ T6728]  should_fail_ex+0x414/0x560
[  131.676426][ T6728]  should_failslab+0xa8/0x100
[  131.676446][ T6728]  kmem_cache_alloc_noprof+0x74/0x6e0
[  131.676469][ T6728]  ? skb_clone+0x212/0x3a0
[  131.676492][ T6728]  skb_clone+0x212/0x3a0
[  131.676514][ T6728]  __netlink_deliver_tap+0x404/0x850
[  131.676543][ T6728]  ? netlink_deliver_tap+0x2e/0x1b0
[  131.676561][ T6728]  netlink_deliver_tap+0x19c/0x1b0
[  131.676579][ T6728]  netlink_unicast+0x7fa/0x9e0
[  131.676610][ T6728]  ? __pfx_netlink_unicast+0x10/0x10
[  131.676633][ T6728]  ? netlink_sendmsg+0x642/0xb30
[  131.676647][ T6728]  ? skb_put+0x11b/0x210
[  131.676667][ T6728]  netlink_sendmsg+0x805/0xb30
[  131.676690][ T6728]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.676707][ T6728]  ? __import_iovec+0x5d4/0x7f0
[  131.676724][ T6728]  ? aa_sock_msg_perm+0xf1/0x1d0
[  131.676748][ T6728]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  131.676763][ T6728]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.676779][ T6728]  __sock_sendmsg+0x21c/0x270
[  131.676804][ T6728]  ____sys_sendmsg+0x505/0x830
[  131.676827][ T6728]  ? __pfx_____sys_sendmsg+0x10/0x10
[  131.676861][ T6728]  ___sys_sendmsg+0x21f/0x2a0
[  131.676885][ T6728]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.676939][ T6728]  ? __fget_files+0x2a/0x420
[  131.676954][ T6728]  ? __fget_files+0x3a0/0x420
[  131.676980][ T6728]  __sys_sendmsg+0x164/0x220
[  131.677000][ T6728]  ? __pfx___sys_sendmsg+0x10/0x10
[  131.677026][ T6728]  ? __pfx_ksys_write+0x10/0x10
[  131.677052][ T6728]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  131.677077][ T6728]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.677102][ T6728]  __do_fast_syscall_32+0xb6/0x2b0
[  131.677126][ T6728]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.677151][ T6728]  do_fast_syscall_32+0x34/0x80
[  131.677174][ T6728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.677194][ T6728] RIP: 0023:0xf708d539
[  131.677208][ T6728] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  131.677221][ T6728] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  131.677238][ T6728] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  131.677249][ T6728] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  131.677258][ T6728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.677267][ T6728] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  131.677277][ T6728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.677300][ T6728]  </TASK>
[  131.984711][ T5908] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  132.187200][ T5908] usb 1-1: Using ep0 maxpacket: 32
[  132.242593][ T5908] usb 1-1: config 1 has an invalid interface number: 233 but max is 0
[  132.324219][    C0] vkms_vblank_simulate: vblank timer overrun
[  132.421416][ T5908] usb 1-1: config 1 has no interface number 0
[  132.434794][ T5908] usb 1-1: config 1 interface 233 altsetting 250 bulk endpoint 0x9 has invalid maxpacket 8
[  132.445117][ T5908] usb 1-1: config 1 interface 233 has no altsetting 0
[  132.465131][ T5908] usb 1-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=34.ac
[  132.504945][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.535090][ T5908] usb 1-1: Product: syz
[  132.542494][ T5908] usb 1-1: Manufacturer: syz
[  132.659321][ T5908] usb 1-1: SerialNumber: syz
[  132.687859][ T6730] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  132.927864][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.934219][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  134.344700][ T5875] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  134.505599][ T5875] usb 2-1: too many configurations: 102, using maximum allowed: 8
[  134.519268][ T5875] usb 2-1: unable to read config index 0 descriptor/start: -61
[  134.527516][ T5875] usb 2-1: can't read configurations, error -61
[  134.699975][ T5875] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  134.727598][ T5908] imon_raw 1-1:1.233: IR endpoint missing
[  134.777480][ T5908] usb 1-1: USB disconnect, device number 5
[  134.785977][ T6771] binder: 6768:6771 unknown command 0
[  134.803663][ T6771] binder: 6768:6771 ioctl c0306201 80000080 returned -22
[  134.894291][ T6769] binder: 6768:6769 ioctl c0306201 0 returned -14
[  134.907555][ T5875] usb 2-1: too many configurations: 102, using maximum allowed: 8
[  134.915957][ T6769] binder: 6768:6769 ioctl c0306201 80000300 returned -11
[  134.927271][ T5875] usb 2-1: unable to read config index 0 descriptor/start: -61
[  134.946152][ T5875] usb 2-1: can't read configurations, error -61
[  134.963882][ T5875] usb usb2-port1: attempt power cycle
[  135.251818][ T6785] xt_l2tp: missing protocol rule (udp|l2tpip)
[  135.331043][ T5875] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  135.395187][ T5875] usb 2-1: too many configurations: 102, using maximum allowed: 8
[  135.434335][ T6788] can: request_module (can-proto-5) failed.
[  135.441134][ T5875] usb 2-1: unable to read config index 0 descriptor/start: -61
[  135.454676][ T5875] usb 2-1: can't read configurations, error -61
[  135.632610][ T5875] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  135.702990][ T5908] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  135.720399][ T5875] usb 2-1: too many configurations: 102, using maximum allowed: 8
[  135.736243][ T5875] usb 2-1: unable to read config index 0 descriptor/start: -61
[  135.746011][ T5875] usb 2-1: can't read configurations, error -61
[  135.754127][ T5875] usb usb2-port1: unable to enumerate USB device
[  135.932252][ T5908] usb 3-1: Using ep0 maxpacket: 16
[  135.975249][ T5908] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.993069][ T5908] usb 3-1: config 0 has no interfaces?
[  136.024656][ T5908] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  136.066309][ T6799] fuse: Unknown parameter '0x000000000000000b0x000000000000000b000000000000000000000000000000000000000000000000000000000000'
[  136.200457][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.332381][ T5908] usb 3-1: config 0 descriptor??
[  136.644205][ T6792] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.653045][ T6792] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.665635][ T6792] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.674243][ T6792] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.688734][  T856] usb 3-1: USB disconnect, device number 8
[  137.142196][ T6806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.232'.
[  137.984562][ T6828] FAULT_INJECTION: forcing a failure.
[  137.984562][ T6828] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.130927][ T6828] CPU: 0 UID: 0 PID: 6828 Comm: syz.3.240 Not tainted syzkaller #0 PREEMPT(full) 
[  138.130943][ T6828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  138.130948][ T6828] Call Trace:
[  138.130953][ T6828]  <TASK>
[  138.130958][ T6828]  dump_stack_lvl+0x189/0x250
[  138.130976][ T6828]  ? __pfx____ratelimit+0x10/0x10
[  138.130988][ T6828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.131000][ T6828]  ? __pfx__printk+0x10/0x10
[  138.131016][ T6828]  should_fail_ex+0x414/0x560
[  138.131034][ T6828]  _copy_to_user+0x31/0xb0
[  138.131047][ T6828]  snd_pcm_oss_read2+0x316/0x430
[  138.131064][ T6828]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[  138.131082][ T6828]  snd_pcm_oss_read+0x630/0x8d0
[  138.131099][ T6828]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  138.131111][ T6828]  vfs_read+0x200/0xa30
[  138.131129][ T6828]  ? __pfx_vfs_read+0x10/0x10
[  138.131142][ T6828]  ? __fget_files+0x2a/0x420
[  138.131153][ T6828]  ? __fget_files+0x2a/0x420
[  138.131161][ T6828]  ? __fget_files+0x3a0/0x420
[  138.131168][ T6828]  ? __fget_files+0x2a/0x420
[  138.131181][ T6828]  ksys_read+0x145/0x250
[  138.131193][ T6828]  ? exc_page_fault+0x82/0x100
[  138.131206][ T6828]  ? __pfx_ksys_read+0x10/0x10
[  138.131219][ T6828]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  138.131233][ T6828]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.131247][ T6828]  __do_fast_syscall_32+0xb6/0x2b0
[  138.131261][ T6828]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.131275][ T6828]  do_fast_syscall_32+0x34/0x80
[  138.131291][ T6828]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  138.131302][ T6828] RIP: 0023:0xf7f62539
[  138.131311][ T6828] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  138.131318][ T6828] RSP: 002b:00000000f545655c EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  138.131329][ T6828] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  138.131336][ T6828] RDX: 00000000000015d8 RSI: 0000000000000000 RDI: 0000000000000000
[  138.131341][ T6828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.131346][ T6828] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  138.131351][ T6828] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  138.131366][ T6828]  </TASK>
[  138.357687][    C0] vkms_vblank_simulate: vblank timer overrun
[  138.457838][ T6823] binder: 6820:6823 unknown command 0
[  138.463252][ T6823] binder: 6820:6823 ioctl c0306201 80000080 returned -22
[  138.508308][ T6823] binder: 6820:6823 ioctl c0306201 0 returned -14
[  138.515297][ T6823] binder: 6820:6823 ioctl c0306201 80000300 returned -11
[  138.524973][ T5875] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  138.794062][ T6834] netlink: 12 bytes leftover after parsing attributes in process `syz.2.242'.
[  138.817840][ T5875] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.864729][ T5875] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.875206][ T5875] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  138.896546][ T6840] FAULT_INJECTION: forcing a failure.
[  138.896546][ T6840] name failslab, interval 1, probability 0, space 0, times 0
[  138.899636][ T5875] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  138.931998][ T5875] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.977824][ T5875] usb 1-1: config 0 descriptor??
[  139.062042][ T6842] FAULT_INJECTION: forcing a failure.
[  139.062042][ T6842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.108406][ T6842] CPU: 1 UID: 0 PID: 6842 Comm: syz.1.245 Not tainted syzkaller #0 PREEMPT(full) 
[  139.108431][ T6842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  139.108440][ T6842] Call Trace:
[  139.108448][ T6842]  <TASK>
[  139.108455][ T6842]  dump_stack_lvl+0x189/0x250
[  139.108482][ T6842]  ? __pfx____ratelimit+0x10/0x10
[  139.108505][ T6842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.108526][ T6842]  ? __pfx__printk+0x10/0x10
[  139.108541][ T6842]  ? __might_fault+0xb0/0x130
[  139.108573][ T6842]  should_fail_ex+0x414/0x560
[  139.108602][ T6842]  _copy_from_user+0x2d/0xb0
[  139.108623][ T6842]  get_compat_msghdr+0xad/0x4a0
[  139.108646][ T6842]  ? __pfx_get_compat_msghdr+0x10/0x10
[  139.108676][ T6842]  ___sys_sendmsg+0x193/0x2a0
[  139.108697][ T6842]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.108747][ T6842]  ? __fget_files+0x2a/0x420
[  139.108762][ T6842]  ? __fget_files+0x3a0/0x420
[  139.108788][ T6842]  __sys_sendmsg+0x164/0x220
[  139.108808][ T6842]  ? __pfx___sys_sendmsg+0x10/0x10
[  139.108839][ T6842]  ? __pfx_ksys_write+0x10/0x10
[  139.108865][ T6842]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  139.108894][ T6842]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.108918][ T6842]  __do_fast_syscall_32+0xb6/0x2b0
[  139.108942][ T6842]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.108967][ T6842]  do_fast_syscall_32+0x34/0x80
[  139.108989][ T6842]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  139.109009][ T6842] RIP: 0023:0xf70dd539
[  139.109024][ T6842] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  139.109037][ T6842] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  139.109054][ T6842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000600
[  139.109066][ T6842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  139.109075][ T6842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  139.109084][ T6842] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  139.109094][ T6842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  139.109121][ T6842]  </TASK>
[  139.413545][ T6840] CPU: 1 UID: 0 PID: 6840 Comm: syz.4.244 Not tainted syzkaller #0 PREEMPT(full) 
[  139.413571][ T6840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  139.413581][ T6840] Call Trace:
[  139.413588][ T6840]  <TASK>
[  139.413593][ T6840]  dump_stack_lvl+0x189/0x250
[  139.413610][ T6840]  ? __pfx____ratelimit+0x10/0x10
[  139.413623][ T6840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.413635][ T6840]  ? __pfx__printk+0x10/0x10
[  139.413650][ T6840]  ? __pfx___might_resched+0x10/0x10
[  139.413673][ T6840]  should_fail_ex+0x414/0x560
[  139.413703][ T6840]  should_failslab+0xa8/0x100
[  139.413723][ T6840]  __kmalloc_noprof+0xcb/0x7f0
[  139.413742][ T6840]  ? kfree+0x4d/0x6d0
[  139.413751][ T6840]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  139.413769][ T6840]  tomoyo_realpath_from_path+0xe3/0x5d0
[  139.413783][ T6840]  ? tomoyo_domain+0xd9/0x130
[  139.413795][ T6840]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  139.413813][ T6840]  tomoyo_path_number_perm+0x1e8/0x5a0
[  139.413837][ T6840]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  139.413876][ T6840]  ? __lock_acquire+0xab9/0xd20
[  139.413901][ T6840]  ? __fget_files+0x2a/0x420
[  139.413913][ T6840]  ? __fget_files+0x3a0/0x420
[  139.413920][ T6840]  ? __fget_files+0x2a/0x420
[  139.413931][ T6840]  security_file_ioctl_compat+0xcb/0x2d0
[  139.413944][ T6840]  __ia32_compat_sys_ioctl+0x128/0x840
[  139.413966][ T6840]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  139.413989][ T6840]  ? __fget_files+0x3a0/0x420
[  139.414011][ T6840]  ? fput+0xa0/0xd0
[  139.414030][ T6840]  ? ksys_write+0x22a/0x250
[  139.414045][ T6840]  ? exc_page_fault+0x82/0x100
[  139.414059][ T6840]  ? __pfx_ksys_write+0x10/0x10
[  139.414073][ T6840]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  139.414086][ T6840]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.414102][ T6840]  __do_fast_syscall_32+0xb6/0x2b0
[  139.414126][ T6840]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.414153][ T6840]  do_fast_syscall_32+0x34/0x80
[  139.414176][ T6840]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  139.414192][ T6840] RIP: 0023:0xf708d539
[  139.414203][ T6840] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  139.414216][ T6840] RSP: 002b:00000000f545c55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  139.414228][ T6840] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0405668
[  139.414234][ T6840] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  139.414239][ T6840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  139.414245][ T6840] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  139.414253][ T6840] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  139.414280][ T6840]  </TASK>
[  139.414288][ T6840] ERROR: Out of memory at tomoyo_realpath_from_path.
[  139.700120][ T5875] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  140.442073][ T6856] FAULT_INJECTION: forcing a failure.
[  140.442073][ T6856] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.491139][ T6856] CPU: 0 UID: 0 PID: 6856 Comm: syz.2.248 Not tainted syzkaller #0 PREEMPT(full) 
[  140.491162][ T6856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  140.491168][ T6856] Call Trace:
[  140.491173][ T6856]  <TASK>
[  140.491177][ T6856]  dump_stack_lvl+0x189/0x250
[  140.491195][ T6856]  ? __pfx____ratelimit+0x10/0x10
[  140.491208][ T6856]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.491220][ T6856]  ? __pfx__printk+0x10/0x10
[  140.491230][ T6856]  ? __might_fault+0xb0/0x130
[  140.491249][ T6856]  should_fail_ex+0x414/0x560
[  140.491267][ T6856]  _copy_from_user+0x2d/0xb0
[  140.491279][ T6856]  __ia32_compat_sys_socketcall+0x14f/0x9c0
[  140.491291][ T6856]  ? __fget_files+0x3a0/0x420
[  140.491305][ T6856]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  140.491315][ T6856]  ? fput+0xa0/0xd0
[  140.491326][ T6856]  ? ksys_write+0x22a/0x250
[  140.491338][ T6856]  ? exc_page_fault+0x82/0x100
[  140.491351][ T6856]  ? __pfx_ksys_write+0x10/0x10
[  140.491364][ T6856]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  140.491378][ T6856]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.491391][ T6856]  __do_fast_syscall_32+0xb6/0x2b0
[  140.491405][ T6856]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.491419][ T6856]  do_fast_syscall_32+0x34/0x80
[  140.491431][ T6856]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.491444][ T6856] RIP: 0023:0xf708d539
[  140.491453][ T6856] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  140.491461][ T6856] RSP: 002b:00000000f545b4f0 EFLAGS: 00000206 ORIG_RAX: 0000000000000066
[  140.491472][ T6856] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f545b500
[  140.491478][ T6856] RDX: 00000000f7426ff4 RSI: 0000000000000000 RDI: 00000000f7426ff4
[  140.491484][ T6856] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.491489][ T6856] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  140.491494][ T6856] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.491508][ T6856]  </TASK>
[  140.696100][    C0] vkms_vblank_simulate: vblank timer overrun
[  140.764132][ T6836] syz.4.244: vmalloc error: size 283115520, failed to allocated page array size 552960, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  140.782275][ T6836] CPU: 0 UID: 0 PID: 6836 Comm: syz.4.244 Not tainted syzkaller #0 PREEMPT(full) 
[  140.782293][ T6836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  140.782300][ T6836] Call Trace:
[  140.782305][ T6836]  <TASK>
[  140.782310][ T6836]  dump_stack_lvl+0x189/0x250
[  140.782329][ T6836]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.782341][ T6836]  ? __pfx__printk+0x10/0x10
[  140.782351][ T6836]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  140.782364][ T6836]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  140.782377][ T6836]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  140.782390][ T6836]  warn_alloc+0x214/0x310
[  140.782408][ T6836]  ? __pfx_warn_alloc+0x10/0x10
[  140.782426][ T6836]  ? __get_vm_area_node+0x28f/0x300
[  140.782439][ T6836]  ? vb2_vmalloc_alloc+0xef/0x340
[  140.782452][ T6836]  __vmalloc_node_range_noprof+0x690/0x12d0
[  140.782480][ T6836]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  140.782494][ T6836]  ? __kasan_kmalloc+0x93/0xb0
[  140.782511][ T6836]  vmalloc_user_noprof+0xad/0xf0
[  140.782524][ T6836]  ? vb2_vmalloc_alloc+0xef/0x340
[  140.782535][ T6836]  vb2_vmalloc_alloc+0xef/0x340
[  140.782545][ T6836]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  140.782556][ T6836]  __vb2_queue_alloc+0x9c2/0x15a0
[  140.782579][ T6836]  vb2_core_reqbufs+0xc31/0x1420
[  140.782597][ T6836]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  140.782610][ T6836]  ? __kmalloc_cache_noprof+0x3d5/0x6f0
[  140.782623][ T6836]  ? __vb2_init_fileio+0x1e8/0xff0
[  140.782637][ T6836]  __vb2_init_fileio+0x318/0xff0
[  140.782656][ T6836]  vb2_core_poll+0x4f5/0x840
[  140.782669][ T6836]  vb2_fop_poll+0x193/0x310
[  140.782679][ T6836]  ? __fget_files+0x2a/0x420
[  140.782689][ T6836]  ? __pfx_vb2_fop_poll+0x10/0x10
[  140.782699][ T6836]  v4l2_poll+0x147/0x2c0
[  140.782715][ T6836]  ? __pfx_v4l2_poll+0x10/0x10
[  140.782725][ T6836]  do_sys_poll+0x8c9/0x1070
[  140.782741][ T6836]  ? do_sys_poll+0x361/0x1070
[  140.782758][ T6836]  ? __pfx_do_sys_poll+0x10/0x10
[  140.782774][ T6836]  ? futex_unqueue+0x22/0x240
[  140.782790][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782804][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782818][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782832][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782846][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782860][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782875][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782888][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782903][ T6836]  ? __pfx_pollwake+0x10/0x10
[  140.782921][ T6836]  ? futex_wait+0x285/0x360
[  140.782932][ T6836]  ? __pfx_futex_wait+0x10/0x10
[  140.782960][ T6836]  ? set_compat_user_sigmask+0xc1/0x1b0
[  140.782971][ T6836]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  140.782987][ T6836]  __ia32_compat_sys_ppoll_time32+0x299/0x300
[  140.783001][ T6836]  ? fdget_pos+0x291/0x320
[  140.783012][ T6836]  ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10
[  140.783026][ T6836]  ? rcu_is_watching+0x15/0xb0
[  140.783039][ T6836]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  140.783053][ T6836]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.783067][ T6836]  __do_fast_syscall_32+0xb6/0x2b0
[  140.783085][ T6836]  do_fast_syscall_32+0x34/0x80
[  140.783098][ T6836]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.783110][ T6836] RIP: 0023:0xf708d539
[  140.783119][ T6836] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  140.783127][ T6836] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000135
[  140.783137][ T6836] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 00000000000000dc
[  140.783144][ T6836] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  140.783149][ T6836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.783154][ T6836] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  140.783159][ T6836] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.783174][ T6836]  </TASK>
[  140.783200][ T6836] Mem-Info:
[  141.284786][ T6836] active_anon:6787 inactive_anon:0 isolated_anon:0
[  141.284786][ T6836]  active_file:14663 inactive_file:39888 isolated_file:0
[  141.284786][ T6836]  unevictable:768 dirty:313 writeback:0
[  141.284786][ T6836]  slab_reclaimable:9208 slab_unreclaimable:94452
[  141.284786][ T6836]  mapped:35627 shmem:2116 pagetables:1206
[  141.284786][ T6836]  sec_pagetables:0 bounce:0
[  141.284786][ T6836]  kernel_misc_reclaimable:0
[  141.284786][ T6836]  free:1305232 free_pcp:24932 free_cma:0
[  141.325099][  T856] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  141.341158][ T6836] Node 0 active_anon:27148kB inactive_anon:0kB active_file:58652kB inactive_file:159348kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:142508kB dirty:1252kB writeback:0kB shmem:6928kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12168kB pagetables:4688kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  141.443330][ T6836] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  141.505525][ T6836] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  141.535635][  T856] usb 1-1: device descriptor read/64, error -32
[  141.571005][ T6836] lowmem_reserve[]: 0 2505 2505 2505 2505
[  141.580452][ T6836] Node 0 DMA32 free:1318592kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26548kB inactive_anon:0kB active_file:58652kB inactive_file:159348kB unevictable:1536kB writepending:1252kB zspages:0kB present:3129332kB managed:2565160kB mlocked:0kB bounce:0kB free_pcp:82900kB local_pcp:28240kB free_cma:0kB
[  141.617552][ T6836] lowmem_reserve[]: 0 0 0 0 0
[  141.622475][ T6836] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  141.674724][ T6836] lowmem_reserve[]: 0 0 0 0 0
[  141.679648][ T6836] Node 1 Normal free:3886752kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:18720kB local_pcp:9120kB free_cma:0kB
[  141.716628][ T6836] lowmem_reserve[]: 0 0 0 0 0
[  141.721485][ T6836] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  141.737368][ T6836] Node 0 DMA32: 1476*4kB (UME) 716*8kB (UME) 470*16kB (UME) 141*32kB (UME) 114*64kB (UME) 51*128kB (UME) 30*256kB (UME) 15*512kB (U) 8*1024kB (UME) 4*2048kB (UM) 305*4096kB (M) = 1318512kB
[  141.782434][  T856] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  141.796589][ T6836] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  141.821936][ T6836] Node 1 Normal: 186*4kB (UM) 37*8kB (UME) 39*16kB (UME) 77*32kB (UME) 28*64kB (UME) 5*128kB (UME) 5*256kB (UME) 4*512kB (UM) 2*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3886752kB
[  141.860326][ T6836] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  141.879926][ T6836] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  141.899037][ T6836] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  141.939842][  T856] usb 1-1: device descriptor read/64, error -32
[  141.955912][ T6836] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  141.970929][ T6836] 56929 total pagecache pages
[  141.979371][ T6836] 0 pages in swap cache
[  141.984824][ T6836] Free swap  = 124996kB
[  141.989806][ T6836] Total swap = 124996kB
[  141.994120][ T6836] 2097051 pages RAM
[  141.998087][ T6836] 0 pages HighMem/MovableOnly
[  142.003018][ T6836] 424119 pages reserved
[  142.007309][ T6836] 0 pages cma reserved
[  142.084808][ T6872] binder: 6870:6872 unknown command 0
[  142.090379][ T6872] binder: 6870:6872 ioctl c0306201 80000080 returned -22
[  142.200225][  T856] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  142.224941][  T856] usb 1-1: device descriptor read/8, error -32
[  142.304299][ T6871] binder: 6870:6871 ioctl c0306201 80000300 returned -11
[  142.511330][  T856] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  142.555798][  T856] usb 1-1: device descriptor read/8, error -32
[  142.697110][  T856] raw-gadget.0 gadget.0: failed to queue suspend event
[  142.712912][ T5875] usb 1-1: USB disconnect, device number 6
[  142.727820][ T5875] raw-gadget.0 gadget.0: failed to queue reset event
[  142.785049][ T6891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.260'.
[  142.809993][ T6891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.260'.
[  142.921425][ T6890] FAULT_INJECTION: forcing a failure.
[  142.921425][ T6890] name failslab, interval 1, probability 0, space 0, times 0
[  142.989430][ T5875] raw-gadget.0 gadget.0: failed to queue resume event
[  143.069319][ T6890] CPU: 0 UID: 0 PID: 6890 Comm: syz.4.258 Not tainted syzkaller #0 PREEMPT(full) 
[  143.069343][ T6890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  143.069353][ T6890] Call Trace:
[  143.069360][ T6890]  <TASK>
[  143.069369][ T6890]  dump_stack_lvl+0x189/0x250
[  143.069395][ T6890]  ? __pfx____ratelimit+0x10/0x10
[  143.069419][ T6890]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.069440][ T6890]  ? __pfx__printk+0x10/0x10
[  143.069458][ T6890]  ? __pfx___might_resched+0x10/0x10
[  143.069472][ T6890]  should_fail_ex+0x414/0x560
[  143.069490][ T6890]  should_failslab+0xa8/0x100
[  143.069507][ T6890]  __kmalloc_noprof+0xcb/0x7f0
[  143.069520][ T6890]  ? kfree+0x4d/0x6d0
[  143.069529][ T6890]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  143.069547][ T6890]  tomoyo_realpath_from_path+0xe3/0x5d0
[  143.069561][ T6890]  ? tomoyo_domain+0xd9/0x130
[  143.069573][ T6890]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  143.069585][ T6890]  tomoyo_path_number_perm+0x1e8/0x5a0
[  143.069602][ T6890]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  143.069623][ T6890]  ? __lock_acquire+0xab9/0xd20
[  143.069643][ T6890]  ? __fget_files+0x2a/0x420
[  143.069654][ T6890]  ? __fget_files+0x3a0/0x420
[  143.069662][ T6890]  ? __fget_files+0x2a/0x420
[  143.069673][ T6890]  security_file_ioctl_compat+0xcb/0x2d0
[  143.069696][ T6890]  __ia32_compat_sys_ioctl+0x128/0x840
[  143.069711][ T6890]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  143.069723][ T6890]  ? __fget_files+0x3a0/0x420
[  143.069735][ T6890]  ? fput+0xa0/0xd0
[  143.069745][ T6890]  ? ksys_write+0x22a/0x250
[  143.069757][ T6890]  ? exc_page_fault+0x82/0x100
[  143.069770][ T6890]  ? __pfx_ksys_write+0x10/0x10
[  143.069784][ T6890]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  143.069797][ T6890]  ? lockdep_hardirqs_on+0x9c/0x150
[  143.069811][ T6890]  __do_fast_syscall_32+0xb6/0x2b0
[  143.069825][ T6890]  ? lockdep_hardirqs_on+0x9c/0x150
[  143.069839][ T6890]  do_fast_syscall_32+0x34/0x80
[  143.069852][ T6890]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  143.069863][ T6890] RIP: 0023:0xf708d539
[  143.069873][ T6890] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  143.069881][ T6890] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  143.069892][ T6890] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  143.069898][ T6890] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  143.069903][ T6890] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  143.069908][ T6890] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  143.069913][ T6890] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  143.069928][ T6890]  </TASK>
[  143.069941][ T6890] ERROR: Out of memory at tomoyo_realpath_from_path.
[  143.620419][ T5875] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  143.808422][    C0] raw-gadget.0 gadget.0: ignoring, device is not running
[  143.819603][ T6858] raw-gadget.0 gadget.0: failed to queue suspend event
[  143.830158][ T6858] raw-gadget.0 gadget.0: failed to queue disconnect event
[  144.044709][    T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  144.332289][    T9] usb 3-1: Using ep0 maxpacket: 8
[  144.486699][    T9] usb 3-1: config 0 has an invalid interface number: 205 but max is 1
[  144.542945][    T9] usb 3-1: config 0 has no interface number 1
[  144.549166][    T9] usb 3-1: config 0 interface 205 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  144.607082][    T9] usb 3-1: New USB device found, idVendor=413c, idProduct=8180, bcdDevice=25.25
[  144.620077][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.630551][    T9] usb 3-1: Product: syz
[  144.634850][    T9] usb 3-1: Manufacturer: syz
[  144.639829][    T9] usb 3-1: SerialNumber: syz
[  144.657922][    T9] usb 3-1: config 0 descriptor??
[  144.682837][    T9] option 3-1:0.205: GSM modem (1-port) converter detected
[  144.796258][ T6917] netlink: 12 bytes leftover after parsing attributes in process `syz.4.266'.
[  145.738104][ T6936] FAULT_INJECTION: forcing a failure.
[  145.738104][ T6936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.774886][ T6936] CPU: 1 UID: 0 PID: 6936 Comm: syz.0.270 Not tainted syzkaller #0 PREEMPT(full) 
[  145.774911][ T6936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  145.774920][ T6936] Call Trace:
[  145.774928][ T6936]  <TASK>
[  145.774935][ T6936]  dump_stack_lvl+0x189/0x250
[  145.774962][ T6936]  ? __pfx____ratelimit+0x10/0x10
[  145.774984][ T6936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.775005][ T6936]  ? __pfx__printk+0x10/0x10
[  145.775023][ T6936]  ? __might_fault+0xb0/0x130
[  145.775056][ T6936]  should_fail_ex+0x414/0x560
[  145.775085][ T6936]  _copy_from_user+0x2d/0xb0
[  145.775107][ T6936]  get_compat_msghdr+0xad/0x4a0
[  145.775131][ T6936]  ? __pfx_get_compat_msghdr+0x10/0x10
[  145.775161][ T6936]  ___sys_sendmsg+0x193/0x2a0
[  145.775182][ T6936]  ? __pfx____sys_sendmsg+0x10/0x10
[  145.775234][ T6936]  ? __fget_files+0x2a/0x420
[  145.775250][ T6936]  ? __fget_files+0x3a0/0x420
[  145.775276][ T6936]  __sys_sendmsg+0x164/0x220
[  145.775296][ T6936]  ? __pfx___sys_sendmsg+0x10/0x10
[  145.775322][ T6936]  ? __pfx_ksys_write+0x10/0x10
[  145.775348][ T6936]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  145.775372][ T6936]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.775396][ T6936]  __do_fast_syscall_32+0xb6/0x2b0
[  145.775420][ T6936]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.775445][ T6936]  do_fast_syscall_32+0x34/0x80
[  145.775468][ T6936]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  145.775488][ T6936] RIP: 0023:0xf705d539
[  145.775504][ T6936] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  145.775517][ T6936] RSP: 002b:00000000f544d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  145.775536][ T6936] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  145.775548][ T6936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  145.775558][ T6936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  145.775567][ T6936] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  145.775577][ T6936] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  145.775604][ T6936]  </TASK>
[  146.365997][ T5909] usb 3-1: USB disconnect, device number 9
[  146.373071][ T5909] option 3-1:0.205: device disconnected
[  147.254672][    T9] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  147.426056][    T9] usb 2-1: not running at top speed; connect to a high speed hub
[  147.463019][    T9] usb 2-1: config 1 interface 0 has no altsetting 0
[  147.511421][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.40
[  147.540504][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.564640][    T9] usb 2-1: Product: syz
[  147.568848][    T9] usb 2-1: Manufacturer: syz
[  147.627907][    T9] usb 2-1: SerialNumber: syz
[  147.814963][ T5875] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  147.862239][ T6953] netlink: 12 bytes leftover after parsing attributes in process `syz.1.276'.
[  147.877282][ T6953] loop8: detected capacity change from 0 to 16384
[  147.982163][ T6962] FAULT_INJECTION: forcing a failure.
[  147.982163][ T6962] name failslab, interval 1, probability 0, space 0, times 0
[  147.994924][ T5875] usb 4-1: Using ep0 maxpacket: 32
[  148.015342][    T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input12
[  148.054713][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.087914][ T5182] bcm5974 2-1:1.0: could not read from device
[  148.102743][ T6962] CPU: 0 UID: 0 PID: 6962 Comm: syz.4.280 Not tainted syzkaller #0 PREEMPT(full) 
[  148.102758][ T6962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  148.102764][ T6962] Call Trace:
[  148.102769][ T6962]  <TASK>
[  148.102776][ T6962]  dump_stack_lvl+0x189/0x250
[  148.102803][ T6962]  ? __pfx____ratelimit+0x10/0x10
[  148.102824][ T6962]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.102846][ T6962]  ? __pfx__printk+0x10/0x10
[  148.102862][ T6962]  ? __pfx___might_resched+0x10/0x10
[  148.102872][ T6962]  ? fs_reclaim_acquire+0x7d/0x100
[  148.102889][ T6962]  should_fail_ex+0x414/0x560
[  148.102907][ T6962]  should_failslab+0xa8/0x100
[  148.102918][ T6962]  kmem_cache_alloc_node_noprof+0x77/0x710
[  148.102931][ T6962]  ? __alloc_skb+0x112/0x2d0
[  148.102940][ T6962]  ? netlink_autobind+0xdb/0x300
[  148.102952][ T6962]  __alloc_skb+0x112/0x2d0
[  148.102963][ T6962]  netlink_sendmsg+0x5c6/0xb30
[  148.102976][ T6962]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.102987][ T6962]  ? __import_iovec+0x5d4/0x7f0
[  148.102997][ T6962]  ? aa_sock_msg_perm+0xf1/0x1d0
[  148.103012][ T6962]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  148.103021][ T6962]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.103030][ T6962]  __sock_sendmsg+0x21c/0x270
[  148.103061][ T6962]  ____sys_sendmsg+0x505/0x830
[  148.103074][ T6962]  ? __pfx_____sys_sendmsg+0x10/0x10
[  148.103092][ T6962]  ___sys_sendmsg+0x21f/0x2a0
[  148.103103][ T6962]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.103130][ T6962]  ? __fget_files+0x2a/0x420
[  148.103140][ T6962]  ? __fget_files+0x3a0/0x420
[  148.103154][ T6962]  __sys_sendmsg+0x164/0x220
[  148.103165][ T6962]  ? __pfx___sys_sendmsg+0x10/0x10
[  148.103179][ T6962]  ? __pfx_ksys_write+0x10/0x10
[  148.103193][ T6962]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  148.103207][ T6962]  ? lockdep_hardirqs_on+0x9c/0x150
[  148.103221][ T6962]  __do_fast_syscall_32+0xb6/0x2b0
[  148.103234][ T6962]  ? lockdep_hardirqs_on+0x9c/0x150
[  148.103248][ T6962]  do_fast_syscall_32+0x34/0x80
[  148.103260][ T6962]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.103272][ T6962] RIP: 0023:0xf708d539
[  148.103282][ T6962] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  148.103289][ T6962] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  148.103300][ T6962] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000100
[  148.103307][ T6962] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  148.103312][ T6962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.103317][ T6962] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  148.103322][ T6962] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.103336][ T6962]  </TASK>
[  148.560386][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.571545][ T5875] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  148.580617][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.597072][ T5875] usb 4-1: config 0 descriptor??
[  148.606214][ T5182] bcm5974 2-1:1.0: could not read from device
[  148.614446][    T9] usb 2-1: USB disconnect, device number 18
[  149.028351][ T5875] hid_parser_main: 5 callbacks suppressed
[  149.028365][ T5875] ft260 0003:0403:6030.0005: unknown main item tag 0x7
[  149.082665][ T6969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.283'.
[  149.242469][ T5875] ft260 0003:0403:6030.0005: chip code: 6424 8183
[  149.284267][ T6974] netlink: 8 bytes leftover after parsing attributes in process `syz.4.282'.
[  149.299228][ T6974] input: syz0 as /devices/virtual/input/input13
[  149.444175][ T5875] ft260 0003:0403:6030.0005: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.3-1/input0
[  149.846463][ T6958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.908192][ T6958] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.946043][ T5875] ft260 0003:0403:6030.0005: failed to retrieve status: -71
[  149.964996][ T5875] ft260 0003:0403:6030.0005: failed to reset I2C controller: -71
[  150.036745][ T5875] usb 4-1: USB disconnect, device number 7
[  150.241979][ T6964] syz.2.281 (6964): drop_caches: 2
[  150.840026][ T6991] fuse: Bad value for 'fd'
[  151.437939][ T7002] can: request_module (can-proto-3) failed.
[  151.844147][ T7014] FAULT_INJECTION: forcing a failure.
[  151.844147][ T7014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.859847][ T7014] CPU: 1 UID: 0 PID: 7014 Comm: syz.3.295 Not tainted syzkaller #0 PREEMPT(full) 
[  151.859871][ T7014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  151.859880][ T7014] Call Trace:
[  151.859887][ T7014]  <TASK>
[  151.859895][ T7014]  dump_stack_lvl+0x189/0x250
[  151.859921][ T7014]  ? __pfx____ratelimit+0x10/0x10
[  151.859944][ T7014]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.859965][ T7014]  ? __pfx__printk+0x10/0x10
[  151.859982][ T7014]  ? __might_fault+0xb0/0x130
[  151.860015][ T7014]  should_fail_ex+0x414/0x560
[  151.860043][ T7014]  _copy_from_user+0x2d/0xb0
[  151.860065][ T7014]  __ia32_compat_sys_socketcall+0x14f/0x9c0
[  151.860087][ T7014]  ? __fget_files+0x3a0/0x420
[  151.860107][ T7014]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  151.860126][ T7014]  ? fput+0xa0/0xd0
[  151.860144][ T7014]  ? ksys_write+0x22a/0x250
[  151.860163][ T7014]  ? exc_page_fault+0x82/0x100
[  151.860184][ T7014]  ? __pfx_ksys_write+0x10/0x10
[  151.860206][ T7014]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  151.860229][ T7014]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.860251][ T7014]  __do_fast_syscall_32+0xb6/0x2b0
[  151.860274][ T7014]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.860297][ T7014]  do_fast_syscall_32+0x34/0x80
[  151.860319][ T7014]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  151.860339][ T7014] RIP: 0023:0xf7f62539
[  151.860353][ T7014] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  151.860365][ T7014] RSP: 002b:00000000f5455430 EFLAGS: 00000206 ORIG_RAX: 0000000000000066
[  151.860382][ T7014] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f5455444
[  151.860394][ T7014] RDX: 0000000000000000 RSI: 00000000f5455560 RDI: 00000000f73f6ff4
[  151.860404][ T7014] RBP: 00000000f5455560 R08: 0000000000000000 R09: 0000000000000000
[  151.860416][ T7014] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  151.860427][ T7014] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  151.860454][ T7014]  </TASK>
[  152.066192][    C1] vkms_vblank_simulate: vblank timer overrun
[  152.124792][ T5875] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  152.187060][ T7016] IPv6: syztnl0: Disabled Multicast RS
[  152.285116][ T5875] usb 1-1: Using ep0 maxpacket: 8
[  152.344872][ T5875] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  152.398316][ T5875] usb 1-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6
[  152.418918][ T5875] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.462958][ T5875] usb 1-1: config 0 descriptor??
[  152.722953][ T5875] usb 1-1: USB disconnect, device number 8
[  153.291240][ T7030] FAULT_INJECTION: forcing a failure.
[  153.291240][ T7030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.304762][ T7030] CPU: 1 UID: 0 PID: 7030 Comm: syz.1.299 Not tainted syzkaller #0 PREEMPT(full) 
[  153.304786][ T7030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  153.304796][ T7030] Call Trace:
[  153.304804][ T7030]  <TASK>
[  153.304811][ T7030]  dump_stack_lvl+0x189/0x250
[  153.304839][ T7030]  ? __pfx____ratelimit+0x10/0x10
[  153.304862][ T7030]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.304883][ T7030]  ? __pfx__printk+0x10/0x10
[  153.304900][ T7030]  ? __might_fault+0xb0/0x130
[  153.304937][ T7030]  should_fail_ex+0x414/0x560
[  153.304966][ T7030]  copy_fpstate_to_sigframe+0xa18/0xce0
[  153.304994][ T7030]  ? copy_fpstate_to_sigframe+0x181/0xce0
[  153.305023][ T7030]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  153.305068][ T7030]  ? fpu__alloc_mathframe+0xad/0x130
[  153.305094][ T7030]  get_sigframe+0x58d/0x7d0
[  153.305123][ T7030]  ? __pfx_get_sigframe+0x10/0x10
[  153.305158][ T7030]  ia32_setup_frame+0x10b/0x940
[  153.305182][ T7030]  ? get_signal+0x1150/0x1340
[  153.305206][ T7030]  ? __pfx_ia32_setup_frame+0x10/0x10
[  153.305228][ T7030]  ? arch_do_signal_or_restart+0x385/0x790
[  153.305255][ T7030]  arch_do_signal_or_restart+0x417/0x790
[  153.305282][ T7030]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  153.305322][ T7030]  ? exit_to_user_mode_loop+0x40/0x130
[  153.305343][ T7030]  exit_to_user_mode_loop+0x72/0x130
[  153.305361][ T7030]  __do_fast_syscall_32+0x1f4/0x2b0
[  153.305391][ T7030]  do_fast_syscall_32+0x34/0x80
[  153.305414][ T7030]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.305434][ T7030] RIP: 0023:0xf70dd539
[  153.305449][ T7030] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  153.305463][ T7030] RSP: 002b:00000000f54ac55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[  153.305481][ T7030] RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 0000000000000000
[  153.305493][ T7030] RDX: 0000000000000000 RSI: 0000000004008080 RDI: 0000000000000000
[  153.305510][ T7030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.305520][ T7030] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  153.305530][ T7030] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.305557][ T7030]  </TASK>
[  153.535276][    C1] vkms_vblank_simulate: vblank timer overrun
[  153.780156][ T7042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.301'.
[  153.827761][ T7042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.301'.
[  154.101217][ T7051] netlink: 4 bytes leftover after parsing attributes in process `syz.4.305'.
[  154.114508][ T7051] netlink: 4 bytes leftover after parsing attributes in process `syz.4.305'.
[  155.259047][ T7066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.309'.
[  156.263926][ T7095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.319'.
[  156.433467][ T7102] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  156.711365][ T7110] netlink: 4 bytes leftover after parsing attributes in process `syz.0.321'.
[  156.729756][ T7110] netlink: 4 bytes leftover after parsing attributes in process `syz.0.321'.
[  156.762912][ T7107] netlink: 8 bytes leftover after parsing attributes in process `syz.3.322'.
[  156.980352][ T7113] FAULT_INJECTION: forcing a failure.
[  156.980352][ T7113] name failslab, interval 1, probability 0, space 0, times 0
[  157.005239][ T7113] CPU: 1 UID: 0 PID: 7113 Comm: syz.2.324 Not tainted syzkaller #0 PREEMPT(full) 
[  157.005263][ T7113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  157.005273][ T7113] Call Trace:
[  157.005280][ T7113]  <TASK>
[  157.005288][ T7113]  dump_stack_lvl+0x189/0x250
[  157.005315][ T7113]  ? __pfx____ratelimit+0x10/0x10
[  157.005337][ T7113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.005363][ T7113]  ? __pfx__printk+0x10/0x10
[  157.005386][ T7113]  ? __lock_acquire+0xab9/0xd20
[  157.005411][ T7113]  should_fail_ex+0x414/0x560
[  157.005440][ T7113]  should_failslab+0xa8/0x100
[  157.005459][ T7113]  kmem_cache_alloc_noprof+0x74/0x6e0
[  157.005481][ T7113]  ? skb_clone+0x212/0x3a0
[  157.005505][ T7113]  skb_clone+0x212/0x3a0
[  157.005528][ T7113]  __netlink_deliver_tap+0x404/0x850
[  157.005558][ T7113]  ? netlink_deliver_tap+0x2e/0x1b0
[  157.005577][ T7113]  netlink_deliver_tap+0x19c/0x1b0
[  157.005595][ T7113]  netlink_unicast+0x7fa/0x9e0
[  157.005627][ T7113]  ? __pfx_netlink_unicast+0x10/0x10
[  157.005653][ T7113]  ? netlink_sendmsg+0x642/0xb30
[  157.005667][ T7113]  ? skb_put+0x11b/0x210
[  157.005688][ T7113]  netlink_sendmsg+0x805/0xb30
[  157.005714][ T7113]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.005734][ T7113]  ? __import_iovec+0x5d4/0x7f0
[  157.005751][ T7113]  ? aa_sock_msg_perm+0xf1/0x1d0
[  157.005774][ T7113]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  157.005791][ T7113]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.005807][ T7113]  __sock_sendmsg+0x21c/0x270
[  157.005829][ T7113]  ____sys_sendmsg+0x505/0x830
[  157.005854][ T7113]  ? __pfx_____sys_sendmsg+0x10/0x10
[  157.005889][ T7113]  ___sys_sendmsg+0x21f/0x2a0
[  157.005910][ T7113]  ? __pfx____sys_sendmsg+0x10/0x10
[  157.005965][ T7113]  ? __fget_files+0x2a/0x420
[  157.005981][ T7113]  ? __fget_files+0x3a0/0x420
[  157.006014][ T7113]  __sys_sendmsg+0x164/0x220
[  157.006035][ T7113]  ? __pfx___sys_sendmsg+0x10/0x10
[  157.006062][ T7113]  ? __pfx_ksys_write+0x10/0x10
[  157.006089][ T7113]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  157.006115][ T7113]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.006141][ T7113]  __do_fast_syscall_32+0xb6/0x2b0
[  157.006165][ T7113]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.006191][ T7113]  do_fast_syscall_32+0x34/0x80
[  157.006215][ T7113]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.006236][ T7113] RIP: 0023:0xf708d539
[  157.006251][ T7113] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  157.006267][ T7113] RSP: 002b:00000000f547d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  157.006286][ T7113] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  157.006299][ T7113] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  157.006309][ T7113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.006319][ T7113] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  157.006329][ T7113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.006356][ T7113]  </TASK>
[  157.310484][    C1] vkms_vblank_simulate: vblank timer overrun
[  157.797894][ T7124] input: syz0 as /devices/virtual/input/input14
[  157.804419][ T7124] input: failed to attach handler leds to device input14, error: -6
[  159.126775][ T7149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.334'.
[  159.345253][   T30] kauditd_printk_skb: 85 callbacks suppressed
[  159.345270][   T30] audit: type=1326 audit(1762696387.905:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7152 comm="syz.0.336" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705d539 code=0x0
[  159.785966][ T5909] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  159.937107][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'.
[  159.966594][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.004746][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.019299][ T7172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'.
[  160.072114][ T5909] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  160.089795][ T5909] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  160.112005][ T5909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.132886][ T5909] usb 1-1: config 0 descriptor??
[  160.573218][ T5909] plantronics 0003:047F:FFFF.0006: reserved main item tag 0xd
[  160.625022][ T5909] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  160.886249][ T7157] fuse: Bad value for 'fd'
[  161.025023][ T7193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.347'.
[  161.157638][ T7195] batman_adv: batadv0: adding TT local entry ba:e1:05:00:07:00 to non-existent VLAN 1280
[  161.225241][   T24] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  161.387548][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  161.401991][   T24] usb 2-1: not running at top speed; connect to a high speed hub
[  161.419921][   T24] usb 2-1: config 1 has an invalid descriptor of length 155, skipping remainder of the config
[  161.442585][   T24] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  161.455034][   T24] usb 2-1: config 1 has no interface number 1
[  161.463565][   T24] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  161.484145][   T24] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 82, changing to 4
[  161.496753][   T24] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 29436, setting to 1023
[  161.519533][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  161.529805][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.544546][   T24] usb 2-1: Product: syz
[  161.547397][    T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  161.564699][   T24] usb 2-1: Manufacturer: syz
[  161.571644][   T24] usb 2-1: SerialNumber: syz
[  161.702720][ T7202] binder: 7200:7202 unknown command 0
[  161.712705][ T7202] binder: 7200:7202 ioctl c0306201 80000080 returned -22
[  161.720079][    T9] usb 4-1: Using ep0 maxpacket: 32
[  161.727886][    T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  161.750844][    T9] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  161.774638][    T9] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  161.794364][    T9] usb 4-1: Product: syz
[  161.804498][    T9] usb 4-1: Manufacturer: syz
[  161.814669][    T9] usb 4-1: SerialNumber: syz
[  161.833922][    T9] usb 4-1: config 0 descriptor??
[  161.843857][ T7198] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  161.885425][ T7192] 8021q: adding VLAN 0 to HW filter on device bond1
[  161.941477][ T7201] binder: 7200:7201 ioctl c0306201 80000300 returned -11
[  161.954696][ T5882] usb 1-1: reset high-speed USB device number 9 using dummy_hcd
[  161.990741][   T24] hub 2-1:1.0: Invalid hub with more than one config or interface
[  162.021574][   T24] hub 2-1:1.0: probe with driver hub failed with error -22
[  162.075207][   T24] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  162.125475][ T5875] usb 4-1: USB disconnect, device number 8
[  162.192171][ T7209] netlink: 20 bytes leftover after parsing attributes in process `syz.2.354'.
[  162.224927][   T24] usb 2-1: USB disconnect, device number 19
[  162.533375][ T7216] trusted_key: encrypted_key: insufficient parameters specified
[  162.953641][ T7231] input: syz1 as /devices/virtual/input/input16
[  163.159026][    T9] usb 1-1: USB disconnect, device number 9
[  163.258515][ T7242] loop7: detected capacity change from 0 to 16384
[  163.455381][ T7249] loop7: detected capacity change from 16384 to 16383
[  163.578511][ T7246] binder: 7243:7246 unknown command 0
[  163.604910][ T7246] binder: 7243:7246 ioctl c0306201 80000080 returned -22
[  163.716461][ T7251] binder_alloc: 7243: binder_alloc_buf, no vma
[  163.865106][ T7251] binder: 7243:7251 ioctl c0306201 80000300 returned -11
[  163.879003][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  164.090638][ T7261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.369'.
[  164.112184][    T9] usb 4-1: Using ep0 maxpacket: 8
[  164.143385][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  164.164319][ T7261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.369'.
[  164.182223][    T9] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  164.192474][    T9] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  164.224274][    T9] usb 4-1: Product: syz
[  164.230510][    T9] usb 4-1: Manufacturer: syz
[  164.243534][    T9] usb 4-1: SerialNumber: syz
[  164.742641][    T9] usb 4-1: palm_os_3_probe - error -110 getting connection information
[  164.761843][    T9] visor 4-1:1.0: probe with driver visor failed with error -110
[  164.947039][ T7273] netlink: 8 bytes leftover after parsing attributes in process `syz.0.371'.
[  165.278090][ T5911] usb 4-1: USB disconnect, device number 9
[  165.854900][ T5882] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  166.024719][ T5882] usb 1-1: Using ep0 maxpacket: 32
[  166.052759][ T5882] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.064005][ T5882] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.121050][ T5882] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  166.204642][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.275841][ T5882] usb 1-1: config 0 descriptor??
[  166.288674][ T7289] input: syz1 as /devices/virtual/input/input17
[  166.404135][ T5882] hub 1-1:0.0: USB hub found
[  166.507409][ T7289] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  166.564680][ T5875] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  166.667866][ T7289] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  166.779130][ T5875] usb 2-1: Using ep0 maxpacket: 32
[  166.802654][ T5875] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  166.822269][ T5875] usb 2-1: config 0 interface 0 has no altsetting 0
[  166.842431][ T5875] usb 2-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  166.877643][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.905080][ T7303] netlink: 8 bytes leftover after parsing attributes in process `syz.2.379'.
[  166.959747][ T7303] ------------[ cut here ]------------
[  166.966009][ T7303] WARNING: CPU: 1 PID: 7303 at net/mac80211/rate.c:53 rate_control_rate_init+0x64a/0x6e0
[  166.975957][ T7303] Modules linked in:
[  166.980129][ T7303] CPU: 1 UID: 0 PID: 7303 Comm: syz.2.379 Not tainted syzkaller #0 PREEMPT(full) 
[  166.989864][ T7303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  166.996167][ T5875] usb 2-1: config 0 descriptor??
[  167.000140][ T7303] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[  167.012607][ T7303] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 08 15 8c 00 cc e8 32 e4 02 f7 90 0f 0b 90 eb e1 e8 27 e4 02 f7 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[  167.032387][ T7303] RSP: 0018:ffffc9000ea46f40 EFLAGS: 00010283
[  167.038565][ T7303] RAX: ffffffff8abd2fa9 RBX: ffff888049dd0000 RCX: 0000000000080000
[  167.046664][ T7303] RDX: ffffc9000f8f4000 RSI: 0000000000003728 RDI: 0000000000003729
[  167.054732][ T7303] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8abd2ac3
[  167.062753][ T7303] R10: dffffc0000000000 R11: ffffed10093ba031 R12: 1ffff110093ba00a
[  167.070915][ T7303] R13: ffff88805d388e80 R14: 0000000000000001 R15: ffffffff8abd2ac3
[  167.078982][ T7303] FS:  0000000000000000(0000) GS:ffff88812623b000(0063) knlGS:00000000f543bb40
[  167.088067][ T7303] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  167.094785][ T7303] CR2: 0000000080176018 CR3: 000000007d4f8000 CR4: 00000000003526f0
[  167.102874][ T7303] Call Trace:
[  167.107234][ T7303]  <TASK>
[  167.110203][ T7303]  rate_control_rate_init_all_links+0x109/0x1a0
[  167.117371][ T7303]  sta_apply_auth_flags+0x1c2/0x400
[  167.122611][ T7303]  sta_apply_parameters+0xe27/0x1570
[  167.122947][ T7297] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.128079][ T7303]  ieee80211_add_station+0x424/0x6a0
[  167.128123][ T7303]  rdev_add_station+0x108/0x290
[  167.128154][ T7303]  nl80211_new_station+0x1755/0x1b70
[  167.128194][ T7303]  ? __pfx_nl80211_new_station+0x10/0x10
[  167.128217][ T7303]  ? netdev_run_todo+0xe1d/0xea0
[  167.128266][ T7303]  ? nl80211_pre_doit+0x4f1/0x930
[  167.128295][ T7303]  genl_family_rcv_msg_doit+0x215/0x300
[  167.128326][ T7303]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  167.128361][ T7303]  ? bpf_lsm_capable+0x9/0x20
[  167.128384][ T7303]  ? security_capable+0x7e/0x2e0
[  167.128416][ T7303]  genl_rcv_msg+0x60e/0x790
[  167.128443][ T7303]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.128461][ T7303]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  167.128477][ T7303]  ? __pfx_nl80211_new_station+0x10/0x10
[  167.128499][ T7303]  ? __pfx_nl80211_post_doit+0x10/0x10
[  167.128519][ T7303]  ? __asan_memcpy+0x40/0x70
[  167.128550][ T7303]  ? __pfx_ref_tracker_free+0x10/0x10
[  167.228916][ T7303]  netlink_rcv_skb+0x208/0x470
[  167.233715][ T7303]  ? __lock_acquire+0xab9/0xd20
[  167.238659][ T7303]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.243712][ T7303]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  167.249191][ T7303]  ? down_read+0x1ad/0x2e0
[  167.253648][ T7303]  genl_rcv+0x28/0x40
[  167.257719][ T7303]  netlink_unicast+0x82f/0x9e0
[  167.262538][ T7303]  ? __pfx_netlink_unicast+0x10/0x10
[  167.267951][ T7303]  ? netlink_sendmsg+0x642/0xb30
[  167.272906][ T7303]  ? skb_put+0x11b/0x210
[  167.277222][ T7303]  netlink_sendmsg+0x805/0xb30
[  167.282025][ T7303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.288465][ T7303]  ? __import_iovec+0x5d4/0x7f0
[  167.293445][ T7303]  ? aa_sock_msg_perm+0xf1/0x1d0
[  167.298522][ T7303]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  167.303830][ T7303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.310068][ T7303]  __sock_sendmsg+0x21c/0x270
[  167.315410][ T7303]  ____sys_sendmsg+0x505/0x830
[  167.320220][ T7303]  ? __pfx_____sys_sendmsg+0x10/0x10
[  167.325628][ T7303]  ? preempt_schedule_thunk+0x16/0x30
[  167.331122][ T7303]  ___sys_sendmsg+0x21f/0x2a0
[  167.335909][ T7303]  ? __pfx____sys_sendmsg+0x10/0x10
[  167.341133][ T7303]  ? futex_private_hash_put+0x13b/0x170
[  167.346916][ T7303]  ? __fget_files+0x2a/0x420
[  167.351527][ T7303]  ? __fget_files+0x3a0/0x420
[  167.356313][ T7303]  __sys_sendmsg+0x164/0x220
[  167.360926][ T7303]  ? __pfx___sys_sendmsg+0x10/0x10
[  167.366189][ T7303]  ? rcu_is_watching+0x15/0xb0
[  167.371067][ T7303]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  167.377839][ T7303]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.383061][ T7303]  __do_fast_syscall_32+0xb6/0x2b0
[  167.388282][ T7303]  do_fast_syscall_32+0x34/0x80
[  167.393157][ T7303]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.399577][ T7303] RIP: 0023:0xf708d539
[  167.403736][ T7303] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  167.424406][ T7303] RSP: 002b:00000000f543b55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  167.433508][ T7303] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080001080
[  167.441603][ T7303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  167.449673][ T7303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.457772][ T7303] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  167.465844][ T7303] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.473855][ T7303]  </TASK>
[  167.476946][ T7303] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  167.484257][ T7303] CPU: 1 UID: 0 PID: 7303 Comm: syz.2.379 Not tainted syzkaller #0 PREEMPT(full) 
[  167.493562][ T7303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  167.503625][ T7303] Call Trace:
[  167.506904][ T7303]  <TASK>
[  167.509840][ T7303]  dump_stack_lvl+0x99/0x250
[  167.514439][ T7303]  ? __asan_memcpy+0x40/0x70
[  167.519042][ T7303]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.524274][ T7303]  ? __pfx__printk+0x10/0x10
[  167.528889][ T7303]  vpanic+0x237/0x6d0
[  167.532880][ T7303]  ? __pfx_vpanic+0x10/0x10
[  167.537420][ T7303]  panic+0xb9/0xc0
[  167.541236][ T7303]  ? __pfx_panic+0x10/0x10
[  167.545658][ T7303]  __warn+0x31b/0x4b0
[  167.549651][ T7303]  ? rate_control_rate_init+0x64a/0x6e0
[  167.555221][ T7303]  ? rate_control_rate_init+0x64a/0x6e0
[  167.560857][ T7303]  report_bug+0x2be/0x4f0
[  167.565184][ T7303]  ? rate_control_rate_init+0x64a/0x6e0
[  167.570734][ T7303]  ? rate_control_rate_init+0x64a/0x6e0
[  167.576277][ T7303]  ? rate_control_rate_init+0x64c/0x6e0
[  167.581823][ T7303]  handle_bug+0x84/0x160
[  167.586059][ T7303]  exc_invalid_op+0x1a/0x50
[  167.590554][ T7303]  asm_exc_invalid_op+0x1a/0x20
[  167.595396][ T7303] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[  167.601643][ T7303] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 08 15 8c 00 cc e8 32 e4 02 f7 90 0f 0b 90 eb e1 e8 27 e4 02 f7 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[  167.621252][ T7303] RSP: 0018:ffffc9000ea46f40 EFLAGS: 00010283
[  167.627320][ T7303] RAX: ffffffff8abd2fa9 RBX: ffff888049dd0000 RCX: 0000000000080000
[  167.635292][ T7303] RDX: ffffc9000f8f4000 RSI: 0000000000003728 RDI: 0000000000003729
[  167.643257][ T7303] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8abd2ac3
[  167.651215][ T7303] R10: dffffc0000000000 R11: ffffed10093ba031 R12: 1ffff110093ba00a
[  167.659183][ T7303] R13: ffff88805d388e80 R14: 0000000000000001 R15: ffffffff8abd2ac3
[  167.667147][ T7303]  ? rate_control_rate_init+0x163/0x6e0
[  167.672713][ T7303]  ? rate_control_rate_init+0x163/0x6e0
[  167.678339][ T7303]  ? rate_control_rate_init+0x649/0x6e0
[  167.683890][ T7303]  rate_control_rate_init_all_links+0x109/0x1a0
[  167.690123][ T7303]  sta_apply_auth_flags+0x1c2/0x400
[  167.695331][ T7303]  sta_apply_parameters+0xe27/0x1570
[  167.700647][ T7303]  ieee80211_add_station+0x424/0x6a0
[  167.705938][ T7303]  rdev_add_station+0x108/0x290
[  167.710791][ T7303]  nl80211_new_station+0x1755/0x1b70
[  167.716080][ T7303]  ? __pfx_nl80211_new_station+0x10/0x10
[  167.721702][ T7303]  ? netdev_run_todo+0xe1d/0xea0
[  167.726661][ T7303]  ? nl80211_pre_doit+0x4f1/0x930
[  167.731683][ T7303]  genl_family_rcv_msg_doit+0x215/0x300
[  167.737230][ T7303]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  167.743306][ T7303]  ? bpf_lsm_capable+0x9/0x20
[  167.747977][ T7303]  ? security_capable+0x7e/0x2e0
[  167.752913][ T7303]  genl_rcv_msg+0x60e/0x790
[  167.757415][ T7303]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.762517][ T7303]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  167.767877][ T7303]  ? __pfx_nl80211_new_station+0x10/0x10
[  167.773500][ T7303]  ? __pfx_nl80211_post_doit+0x10/0x10
[  167.778950][ T7303]  ? __asan_memcpy+0x40/0x70
[  167.783537][ T7303]  ? __pfx_ref_tracker_free+0x10/0x10
[  167.789111][ T7303]  netlink_rcv_skb+0x208/0x470
[  167.793889][ T7303]  ? __lock_acquire+0xab9/0xd20
[  167.798729][ T7303]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.803746][ T7303]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  167.809138][ T7303]  ? down_read+0x1ad/0x2e0
[  167.813545][ T7303]  genl_rcv+0x28/0x40
[  167.817531][ T7303]  netlink_unicast+0x82f/0x9e0
[  167.822298][ T7303]  ? __pfx_netlink_unicast+0x10/0x10
[  167.827584][ T7303]  ? netlink_sendmsg+0x642/0xb30
[  167.832512][ T7303]  ? skb_put+0x11b/0x210
[  167.836748][ T7303]  netlink_sendmsg+0x805/0xb30
[  167.841506][ T7303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.846788][ T7303]  ? __import_iovec+0x5d4/0x7f0
[  167.851719][ T7303]  ? aa_sock_msg_perm+0xf1/0x1d0
[  167.856657][ T7303]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  167.861936][ T7303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.867214][ T7303]  __sock_sendmsg+0x21c/0x270
[  167.871986][ T7303]  ____sys_sendmsg+0x505/0x830
[  167.876774][ T7303]  ? __pfx_____sys_sendmsg+0x10/0x10
[  167.882065][ T7303]  ? preempt_schedule_thunk+0x16/0x30
[  167.887437][ T7303]  ___sys_sendmsg+0x21f/0x2a0
[  167.892108][ T7303]  ? __pfx____sys_sendmsg+0x10/0x10
[  167.897301][ T7303]  ? futex_private_hash_put+0x13b/0x170
[  167.902864][ T7303]  ? __fget_files+0x2a/0x420
[  167.907441][ T7303]  ? __fget_files+0x3a0/0x420
[  167.912120][ T7303]  __sys_sendmsg+0x164/0x220
[  167.916714][ T7303]  ? __pfx___sys_sendmsg+0x10/0x10
[  167.921824][ T7303]  ? rcu_is_watching+0x15/0xb0
[  167.926592][ T7303]  ? syscall_enter_from_user_mode_prepare+0x8f/0x110
[  167.933274][ T7303]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.938472][ T7303]  __do_fast_syscall_32+0xb6/0x2b0
[  167.943583][ T7303]  do_fast_syscall_32+0x34/0x80
[  167.948425][ T7303]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.954741][ T7303] RIP: 0023:0xf708d539
[  167.958795][ T7303] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  167.978387][ T7303] RSP: 002b:00000000f543b55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  167.986795][ T7303] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080001080
[  167.994753][ T7303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  168.002914][ T7303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  168.010893][ T7303] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  168.018880][ T7303] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.026861][ T7303]  </TASK>
[  168.030021][ T7303] Kernel Offset: disabled
[  168.034421][ T7303] Rebooting in 86400 seconds..