last executing test programs:

26.463754833s ago: executing program 0 (id=436):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, 0x0, &(0x7f0000004480))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f00000005c0)={0x4, 0x3, 0x1, {0xad67, 0x3, 0x9, 0x3ff}})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x40000000, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x53}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004801}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff}, '.\x00'})
sendfile64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000002c0)=0x7, 0xffffffff)
preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f0000000080)=""/93, 0x5d}, {&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f0000000140)=""/26, 0x1a}, {&(0x7f0000000180)=""/241, 0xf1}, {&(0x7f0000000280)=""/34, 0x22}, {&(0x7f00000002c0)}], 0x7, 0x56, 0xb28)
setpriority(0x1, 0x0, 0x88cf)

26.373051329s ago: executing program 4 (id=438):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a"], 0x4c}}, 0x0)

26.269852083s ago: executing program 4 (id=439):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0xffffffff, 0x65f, 0xffffffff, 0x3})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = fsopen(0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r5, &(0x7f0000000540)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000001080)=""/18, 0x12, 0x2, 0x5, 0x9, 0x4, 0xc08}}, 0x11c)
write$UHID_DESTROY(r5, &(0x7f0000000180), 0xfffffffffffffd46)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x1, 0x0)
r6 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg(r6, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{0x0}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
openat$vcsu(0xffffffffffffff9c, 0x0, 0x8840, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000000)={'wlan1\x00', &(0x7f0000000f40)=@ethtool_stats})
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c00000002060500000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3100000000100007800c000180080001000000000005000500020000000500010006"], 0x5c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=@newlink={0x9c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x4}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}, @IFLA_XFRM_LINK={0x8, 0x1, 0x2}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x3}]}}}, @IFLA_MTU={0x8, 0x4, 0x7}, @IFLA_PROTO_DOWN={0x5, 0x27, 0x1}, @IFLA_VF_PORTS={0x28, 0x18, 0x0, 0x1, [{0x4}, {0x20, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "8cb2db72efd33e52a28429b51f3663f2"}, @IFLA_PORT_VF={0x8, 0x1, 0x4}]}]}, @IFLA_LINK_NETNSID={0x8, 0x25, 0x2}]}, 0x9c}}, 0x0)

24.442730157s ago: executing program 0 (id=445):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, 0x0}}], 0x0, 0x0, 0x0})
ppoll(&(0x7f0000000a80)=[{r1, 0xd222}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r4, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36ebff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04ced00185af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b34037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc277700000000348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a29dbbf4086fa819a25e27725ac10298a51c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e01a06000000000000d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6f4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f986fb2f4b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8a46ae169a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6557387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dca5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r4, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22.810930784s ago: executing program 4 (id=448):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222", 0x5}], 0x1}}], 0x1, 0x20008000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
recvfrom$inet(r0, &(0x7f0000000200)=""/225, 0xe1, 0x40, 0x0, 0x0)

20.422940384s ago: executing program 3 (id=449):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x20, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

19.81573693s ago: executing program 0 (id=451):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0x9, 0x8}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

19.467524776s ago: executing program 3 (id=452):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r5)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r8, {}, {0x2, 0xb}, {0xd, 0xfff1}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

19.282397349s ago: executing program 1 (id=453):
syz_usb_connect$cdc_ncm(0x4, 0xd7, &(0x7f0000000800)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902c50002010650000904000001020d00000b24060001b71646f6d227052400a9b30d240f01020000000300ff000606241a0c001407240a050905580c241b04000200a90c0900030424020b042402000424020244241380ae0d62dced1e43f3661806f2f73f4b9c36d86a093869c2cd3c8b264833bfd45a10547b2636aed1be294c5ca5efb29cda0905810308000e0c000904010000020d00000904010102020d0000090582022000060b0309050302080009030763dc6348afe8b970b587700f881c011ab1f24423748b9b052bbd884088497d54188b5bd8a7468e3b996809942135a800"/262], 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x12, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3)
membarrier(0x2, 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x2adc0, 0x1c1}, 0x18)
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/tty/ldiscs\x00', 0x0, 0x0)
preadv2(r2, &(0x7f00000004c0)=[{&(0x7f00000000c0)=""/139, 0x8b}], 0x1, 0x867, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
r4 = syz_open_dev$vim2m(&(0x7f00000000c0), 0xb101, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000000)={0x980915, 0x8})
connect$inet6(r3, &(0x7f0000000440)={0xa, 0x0, 0x7fffffff, @loopback, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304}, "000000000500", "000000072d85a4609e9104a000", "08df2232", "bc7e7f5df6aec397"}, 0x28)
setsockopt$inet6_tcp_int(r3, 0x11a, 0x4, &(0x7f0000000040), 0x44)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
unshare(0x2c020400)
r7 = msgget$private(0x0, 0x101)
msgsnd(r7, &(0x7f0000000580)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
msgsnd(0x0, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0x2000, 0x0)
msgrcv(r7, 0x0, 0x0, 0x1, 0x5800)
unshare(0x24060400)
move_mount(r5, 0x0, r6, 0x0, 0x256)
write$binfmt_register(r1, &(0x7f0000000200)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x3, 0x3a, 'q_\x86=\xfd\x0fWV\xcc\x10z\xb6\x10_\x80\x10\xab\xde2', 0x3a, '^', 0x3a, './file0', 0x3a, [0x46]}, 0x3c)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)
syz_usb_connect(0x0, 0x5a9, &(0x7f0000000f80)=ANY=[@ANYBLOB="12010002034bcbff3d1b050101c20102030109029705031007c0070904ad06007e5b1d050a24010c000c0001020a2405043956b1fd0c5e3344a4b7fe623306774583760e0a2404020d323a2a50050c24020203020406060008060924060204010400c2090477400047a4074006240600002805240000000d240f0106000000fffb040007b524130d2f99bf90618221b4cceceb656c55b0b2cdda52e43cf9ed356feef2d07d31e5104f49d1fda60f85c3aeaf12d5e39b7a134418d8faa23f7ea7142c50aebf0ca2ad7dc4a1bdd3fe707363dd038cc8dc41878d2e7cf21292249ec25aeff17b161ba009f26e6f4a5262387eeb366c683c76d2c6b79332c9044d3974679f150d447beadfba4d36b9c458576b373d209399a42a9405130ba9f2216e6144b1678fa0b2259da7ea7992d217909f7acd0f5d2319ebe906241a080003d92413ff5679e3e9231275288a59172fbcbffb3ccec2589817db987e498456cbb2ba9aaad8f18c8c30f9a606b1dba787461b1706cea460b9f5d0298e5c803df30b5a41017b8409c58eef545f3091fce5f85aef1fe61c2b0822457762d89ddb1f56857d72170174c64621c096c4e795aae485c7f2e464350604a41197add0b32fd6c543dec90488ea1a5a383636adf2a2418183bcc1951ad2beaf69ae07009fce0c9a81e347fe218a1cc131ae39db37c7b0bf3c20b88c9d5fc7004b1099d796906729e50b495323d1bf94c90e2222113ce51d8337a0c0608ed35c241305f305309af7702a376a0c55d280488719dcad1e2fe9bf3b988d059cc77ecf765c4ade44b774bde55f922a2ed43888c74eb89a8f7a88b30e3a29cb5a55182ce3ee241e585ab78185490dc9d2c3edfbc27cd85bba510ebd469806241a80002309041f090c9cb1ff090b2406000064ca0600b50105240081000d240f01040000009f00ffff0808240702010001000c241b0200010405a36df55709058902000409fc7007250102080900072501837d060009050b01ff03ff020107250182000600d800376fab71bc3c7fceda0c77d688616ce060843c4cf73f2cabe36f5e9bc6ac9155a8e42cd1c985764e914e2a664a6acee4773f2e8b0e187d3e38860bd65c47d837ad3eb616ceabc22bde93665bff4dcc8c3a06d0903d88de92b6476f4bfa7afef7d2009fb9969e980c49f717b90e2f32c5b155d0ba64f2ad07cfb315348cd32f24b5fad455e1dc0b931e23b321714adec27430c4d56315e165cc15675350689474ddeb73f2349bc4519b53ec0816e3e22d8aaba3473ba2823791301442f655ff48ec3909e1ccfc0b21334775fc5d41168f487886aedafc090502002000010104090508042000400181090504030004fe0306072501800406000905030020007f010407250100010300af0f8702e1cf2ab75ac89e9ecf93fccbb20bd108e56b38d7d64d0574aca5d55dea77863f195667483331d0f13dd38344294c5901044fa2317361cc8c3e8c5392a52cafb011cf4a6b8198536a6b853a00d498358b7a66d9dd12754da6e39e147d990e4a16472ddea0bd69f8c483ba697d0ace0995c8623cb84b14d99386bd59f406e55c4356efc913a5a1942cd4f5416063810e9c9abd3cbcfc00ad3711aea8b80874fc9df430eb0418f01b6af94b741ca145e80bc846c769adabcd0132090501132000ff02c709050204200098086309050c0000040108030725018109040009050a10400006050509050f023000040306e5012f571bc6c2106c561c640e35080abf683494fe465f38edaa44d2e0e3dac1bc51f0f3aaf7332e25452dfb6ef06457325456e89d51093e10bcc3c7efc25d4aabdcaf1e86c937fbd55e1744743c2b3f4aeaaeb71688c29824c0bea3a080d21e1c92edbd1c52d4090e47ed90d769fbe57bb3d3e77ae81b6b0b5509146413538d48566edad27a1e42cf7723d01eb5db0a5a0b1f9a66d599b73faec176ef4c38ef440da60280583c368d5687b0108276c14ed57ee155e6f186fb9d483a87187029c9248d9edc434f891ae66e68ec54933849ec3c", @ANYRESHEX=r0], &(0x7f0000000100)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x250, 0x4, 0xb3, 0x0, 0x40}, 0x1a, &(0x7f0000000940)=ANY=[@ANYBLOB="050f1a00020b10010c0c0009030600000a10e60a00000105010020f2922f11adf2ac800f45ff8ee60581daf29ecc3e8aff9dd2f7ff5b3dda8c7de14c12eee1abd18ab5404b7625eb102b1ab39da22a9a4ed3b7c8455aeee8"]})

18.627714454s ago: executing program 3 (id=454):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r2, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="08005700ba0200008402"], 0x2a8}, 0x1, 0x0, 0x0, 0xc0}, 0x20000080)

18.123063693s ago: executing program 3 (id=455):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, 0x0, &(0x7f0000004480))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f00000005c0)={0x4, 0x3, 0x1, {0xad67, 0x3, 0x9, 0x3ff}})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x40000000, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x53}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004801}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff}, '.\x00'})
sendfile64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000002c0)=0x7, 0xffffffff)
preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f0000000080)=""/93, 0x5d}, {&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f0000000140)=""/26, 0x1a}, {&(0x7f0000000180)=""/241, 0xf1}, {&(0x7f0000000280)=""/34, 0x22}, {&(0x7f00000002c0)}], 0x7, 0x56, 0xb28)
setpriority(0x1, 0x0, 0x88cf)

17.778764748s ago: executing program 2 (id=456):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0xb00, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = inotify_init1(0x800)
r3 = inotify_add_watch(r2, &(0x7f0000000080)='.\x00', 0x2000775)
inotify_rm_watch(r2, r3)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000040)={0x0, 0x3, r0, 0x2})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280)=0xffffffffffffffff, 0x4)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x3}, 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x200, 0x0, 0xffffffffffffffff, 0x10000, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000540)=@generic={&(0x7f0000000500)='./file0\x00', 0x0, 0x8}, 0x14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x5, &(0x7f00000000c0)=@raw=[@cb_func={0x18, 0x15, 0x4, 0x0, 0xfffffffffffffffb}, @jmp={0x5, 0x1, 0x0, 0x5, 0x4, 0xffffffffffffffc0}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}], &(0x7f0000000140)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f00000002c0)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000300)={0x3, 0x5, 0x1, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000580)=[r5, 0xffffffffffffffff, r6, r7, 0x1, r8, 0xffffffffffffffff], &(0x7f00000005c0)=[{0x0, 0x5, 0xe, 0xc}, {0x5, 0x3, 0x0, 0xa}, {0x2, 0x4, 0xc, 0xa}, {0x1, 0x4, 0xa, 0x3}, {0x4, 0x3, 0x5, 0x3}, {0x0, 0x4, 0xa}, {0x0, 0x5, 0x4, 0x5}], 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd71, 0xffffffffffffffff}, 0x78)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$EVIOCGPROP(r9, 0x40047438, &(0x7f0000000180)=""/246)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
ioctl$PPPIOCSMRU1(r9, 0x40047452, &(0x7f0000000080)=0xffffffff)

17.44986303s ago: executing program 2 (id=457):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x88, r1, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4c, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x1, 0x1, 0x7, 0x0, {0xa600000000000000, 0x2, 0x0, 0x3fe, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0x3}}, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x88}}, 0x20000014)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff})
r3 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x800)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
request_key(&(0x7f00000002c0)='asymmetric\x00', 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r6, @ANYBLOB="040013000a0006000802110000010000060010008005000006001200000000000500c2"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

17.153727933s ago: executing program 2 (id=458):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r2 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x33a}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0xa)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000880)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@eol]}}}}}}}, 0x0)

17.062736105s ago: executing program 4 (id=459):
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(r2, 0x0, 0x0, 0x0, 0x3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000150000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x4})
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x85c68e8ab9c77084, 0x0)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0xffffffffffffffae, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r6, @ANYRESOCT=r4], 0xa0}}, 0x841)
setsockopt$MRT6_INIT(r5, 0x29, 0xc8, &(0x7f0000000140), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x40, 0x0, 0x9}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0xfffd, 0x20000000, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @local}, 0x4, {[0x0, 0x6, 0x0, 0x0, 0x0, 0x800, 0x0, 0x1]}}, 0x5c)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a300000000008000a40ffffffff580000000c0a010100000000840000000a0000060900020073797a30000000000900010073797a31000000012c0003802800008004000180200007800e000100636f6e6e6c696d69740000000c000280080001"], 0xbc}, 0x1, 0x0, 0x0, 0x871}, 0x40)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)

16.928122684s ago: executing program 3 (id=460):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 64)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) (async, rerun: 32)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) (async)
r2 = socket(0x10, 0x80002, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
set_mempolicy_home_node(&(0x7f0000e8a000/0x4000)=nil, 0x4000, 0x2, 0x0) (rerun: 64)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000002d000100000000000000000004000080050011802f"], 0x1c}], 0x1}, 0x310) (async)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 64)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (rerun: 64)
writev(r4, &(0x7f0000000000)=[{0x0}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e", 0xb61}], 0x2)
bind$netlink(r2, &(0x7f0000000840)={0x10, 0x0, 0x25dfdbfe, 0x8}, 0xc) (async, rerun: 32)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'veth0_to_team\x00', 0x7133}) (rerun: 32)
r5 = socket$unix(0x1, 0x1, 0x0) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40001, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
ioctl$TUNSETOFFLOAD(r6, 0x400454d0, 0x1) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r8, &(0x7f00000024c0)={'syz1\x00', {}, 0x3, [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x3, 0xe, 0x721a2d63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffff, 0x0, 0x6], [0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x8, 0x7f, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb72, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x289, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0xa46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x3, 0x0, 0x655, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000008, 0xc7, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x749, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x10000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400]}, 0x45c) (async)
ioctl$UI_DEV_SETUP(r8, 0x5501, 0x0) (async, rerun: 64)
readv(r8, &(0x7f0000001900)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1) (rerun: 64)

11.546021359s ago: executing program 0 (id=461):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r2, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="08005700ba0200008402330080200900ffffffffffff080211"], 0x2a8}, 0x1, 0x0, 0x0, 0xc0}, 0x20000080)

11.491464312s ago: executing program 2 (id=462):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, 0x0}}], 0x0, 0x0, 0x0})
ppoll(&(0x7f0000000a80)=[{r1, 0xd222}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r4, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36ebff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04ced00185af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b34037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc277700000000348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a29dbbf4086fa819a25e27725ac10298a51c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e01a06000000000000d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6f4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f986fb2f4b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8a46ae169a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6557387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dca5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r4, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

10.738978478s ago: executing program 0 (id=463):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x20, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

9.786959856s ago: executing program 1 (id=464):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000044000000", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a"], 0x4c}}, 0x0)

9.772112416s ago: executing program 2 (id=465):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r5)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r8, {}, {0x2, 0xb}, {0xd, 0xfff1}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

9.591522716s ago: executing program 0 (id=466):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x22, 0x2, 0x24)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
sync()
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b"], 0x0)
syz_open_dev$midi(0x0, 0x500, 0xc900)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f00000002c0)={{0x11, 0x8}, 'port0\x00', 0x80, 0x80010, 0x9, 0x1, 0x7, 0x5, 0x4, 0x0, 0x2, 0x10})
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x1c)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
ioctl$sock_SIOCINQ(r2, 0x541b, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

8.643794666s ago: executing program 1 (id=467):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r2, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="08005700ba0200008402"], 0x2a8}, 0x1, 0x0, 0x0, 0xc0}, 0x20000080)

4.518351014s ago: executing program 1 (id=468):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001640)={0x2c, 0x3c, 0x1, 0x7fffc, 0x4, {0x1}, [@typed={0x4}, @nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x10}]}, @typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x2c}, 0x1, 0x0, 0x7000000, 0x400c801}, 0x4008094)

4.00279409s ago: executing program 3 (id=469):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222", 0x5}], 0x1}}], 0x1, 0x20008000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
recvfrom$inet(r0, &(0x7f0000000200)=""/225, 0xe1, 0x40, 0x0, 0x0)

3.736812333s ago: executing program 4 (id=470):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x88, r1, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4c, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x1, 0x1, 0x7, 0x0, {0xa600000000000000, 0x2, 0x0, 0x3fe, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0x3}}, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x88}}, 0x20000014)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff})
r3 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x800)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
request_key(&(0x7f00000002c0)='asymmetric\x00', 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000280)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r6, @ANYBLOB="040013000a0006000802110000010000060010008005000006001200000000000500c2"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

3.69206489s ago: executing program 1 (id=471):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000043c0)={0x0, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x9, 0x8, 0x4, 0xfffff43e, 0x97}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f00000005c0)={0x4, 0x3, 0x1, {0xad67, 0x3, 0x9, 0x3ff}})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x40000000, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x53}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004801}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff}, '.\x00'})
sendfile64(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000002c0)=0x7, 0xffffffff)
preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f0000000080)=""/93, 0x5d}, {&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f0000000140)=""/26, 0x1a}, {&(0x7f0000000180)=""/241, 0xf1}, {&(0x7f0000000280)=""/34, 0x22}, {&(0x7f00000002c0)}], 0x7, 0x56, 0xb28)
setpriority(0x1, 0x0, 0x88cf)

1.898787708s ago: executing program 2 (id=472):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0x9, 0x8}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.764870679s ago: executing program 4 (id=473):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r2 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x33a}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0xa)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000880)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@eol]}}}}}}}, 0x0)

0s ago: executing program 1 (id=474):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r1, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYBLOB="08005700ba0200008402330080200900ffffffffffff080211"], 0x2a8}, 0x1, 0x0, 0x0, 0xc0}, 0x20000080)

kernel console output (not intermixed with test programs):

3: command tx timeout
[   93.003134][ T5878] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.055903][ T5184] Bluetooth: hci2: command tx timeout
[   93.136370][ T5184] Bluetooth: hci0: command tx timeout
[   93.136774][ T5867] Bluetooth: hci1: command tx timeout
[   93.153380][ T5880] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   93.172312][ T5880] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   93.183477][ T5880] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   93.206773][ T5880] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   93.216480][ T5867] Bluetooth: hci4: command tx timeout
[   93.266959][ T5876] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.319524][ T5876] 8021q: adding VLAN 0 to HW filter on device team0
[   93.345580][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.352946][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.363361][ T5877] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   93.404384][ T5877] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   93.435692][ T5877] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   93.449300][ T1107] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.456498][ T1107] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.484192][ T5877] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   93.525342][ T5878] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.563853][ T5879] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   93.574894][ T5879] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   93.603701][ T5879] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   93.622001][ T5879] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   93.680847][ T5878] 8021q: adding VLAN 0 to HW filter on device team0
[   93.713230][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.720447][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.772851][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.780056][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.838297][ T5876] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.909749][ T5880] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.971425][ T5880] 8021q: adding VLAN 0 to HW filter on device team0
[   94.026381][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.033660][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.060594][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.067783][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.109306][ T5877] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.138720][ T5878] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.160379][ T5879] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.201794][ T5877] 8021q: adding VLAN 0 to HW filter on device team0
[   94.228953][ T5880] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   94.240662][ T5880] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   94.262288][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.269465][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.285437][ T5879] 8021q: adding VLAN 0 to HW filter on device team0
[   94.311485][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.318685][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.330268][ T5876] veth0_vlan: entered promiscuous mode
[   94.365174][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.372359][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.391286][ T5876] veth1_vlan: entered promiscuous mode
[   94.407679][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.414971][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.493688][ T5878] veth0_vlan: entered promiscuous mode
[   94.520478][ T5880] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.552010][ T5878] veth1_vlan: entered promiscuous mode
[   94.589502][ T5876] veth0_macvtap: entered promiscuous mode
[   94.628523][ T5876] veth1_macvtap: entered promiscuous mode
[   94.696921][ T5880] veth0_vlan: entered promiscuous mode
[   94.719280][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.741868][ T5877] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.749721][ T5878] veth0_macvtap: entered promiscuous mode
[   94.761643][ T5880] veth1_vlan: entered promiscuous mode
[   94.777636][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.794279][ T5878] veth1_macvtap: entered promiscuous mode
[   94.829929][   T64] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.839349][   T64] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.862776][   T64] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.872502][   T64] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.896816][ T5879] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.923529][ T5878] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.960935][ T5878] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.994827][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.041342][ T1107] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.056639][ T5867] Bluetooth: hci3: command tx timeout
[   95.058135][ T1107] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.080822][ T5880] veth0_macvtap: entered promiscuous mode
[   95.100557][ T1107] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.138678][ T5867] Bluetooth: hci2: command tx timeout
[   95.157111][ T5880] veth1_macvtap: entered promiscuous mode
[   95.168469][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.179581][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.194155][ T5877] veth0_vlan: entered promiscuous mode
[   95.216312][ T5867] Bluetooth: hci1: command tx timeout
[   95.216481][ T5184] Bluetooth: hci0: command tx timeout
[   95.267446][ T5879] veth0_vlan: entered promiscuous mode
[   95.279381][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.279655][ T5877] veth1_vlan: entered promiscuous mode
[   95.293170][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.302243][ T5184] Bluetooth: hci4: command tx timeout
[   95.349314][ T5879] veth1_vlan: entered promiscuous mode
[   95.394682][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.410868][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.427857][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.444486][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.462188][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.477642][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.520466][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.543164][ T5877] veth0_macvtap: entered promiscuous mode
[   95.563002][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.572750][ T5876] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.580268][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.610060][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.637108][ T5877] veth1_macvtap: entered promiscuous mode
[   95.764150][ T5877] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.816539][ T5879] veth0_macvtap: entered promiscuous mode
[   95.835236][ T5877] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.868779][ T5879] veth1_macvtap: entered promiscuous mode
[   95.888665][   T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.930999][   T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.948003][   T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.965908][ T4565] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.973782][ T4565] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.030386][ T5960] sctp: [Deprecated]: syz.0.6 (pid 5960) Use of struct sctp_assoc_value in delayed_ack socket option.
[   96.030386][ T5960] Use struct sctp_sack_info instead
[   96.106771][   T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.144369][ T5962] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   96.191512][ T4565] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.209572][ T4565] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.235554][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.261911][ T5879] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.299445][   T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.323976][   T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.351377][   T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.411773][   T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.513656][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.537832][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.777182][ T5951] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   96.788066][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.822404][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.959518][ T1337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.975431][ T1337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.997585][ T5951] usb 2-1: too many configurations: 9, using maximum allowed: 8
[   97.032445][ T5973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10'.
[   97.075939][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.112468][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.136764][ T5184] Bluetooth: hci3: command tx timeout
[   97.176613][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.193421][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.206079][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.219145][ T5184] Bluetooth: hci2: command tx timeout
[   97.243223][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.273694][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.315935][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.327175][ T5184] Bluetooth: hci0: command tx timeout
[   97.332997][ T5184] Bluetooth: hci1: command tx timeout
[   97.340468][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.372808][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.384536][ T5184] Bluetooth: hci4: command tx timeout
[   97.526740][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.534601][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.546096][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.560723][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.576877][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.590816][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.602253][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.834977][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   97.898415][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   97.926487][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   97.985784][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.995866][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   98.028853][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   98.075785][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   98.105646][   T30] audit: type=1326 audit(1757361248.950:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[   98.125884][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   98.189619][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   98.194854][   T30] audit: type=1326 audit(1757361248.960:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[   98.222650][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   98.231108][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   98.243041][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   98.254120][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   98.269321][ T5951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   98.288733][ T5951] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   98.389536][ T5951] usb 2-1: config 0 interface 0 has no altsetting 0
[   98.496960][   T30] audit: type=1326 audit(1757361249.190:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f63539 code=0x7ffc0000
[   98.518889][   T30] audit: type=1326 audit(1757361249.510:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[   98.541784][   T30] audit: type=1326 audit(1757361249.510:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5974 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[   98.636690][ T5951] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   98.644099][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.656722][ T5951] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   98.665127][ T5951] usb 2-1: Product: syz
[   98.695920][ T5951] usb 2-1: Manufacturer: syz
[   98.700590][ T5951] usb 2-1: SerialNumber: syz
[   98.761317][ T5951] usb 2-1: config 0 descriptor??
[   98.797948][ T5951] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[   98.818815][   T30] audit: type=1326 audit(1757361250.030:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[   98.859711][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[   98.890232][   T30] audit: type=1326 audit(1757361250.090:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[   98.937887][ T5991] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3'.
[   98.955822][ T5991] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'.
[   98.964533][ T5991] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'.
[   99.038347][ T5991] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'.
[   99.071445][   T44] usb 2-1: USB disconnect, device number 2
[   99.081661][   T30] audit: type=1326 audit(1757361250.090:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[   99.089634][ T5991] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3'.
[   99.124502][   T44] yurex 2-1:0.0: USB YUREX #0 now disconnected
[   99.259438][   T30] audit: type=1326 audit(1757361250.090:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[   99.434158][   T30] audit: type=1326 audit(1757361250.090:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[   99.647315][ T6005] sctp: [Deprecated]: syz.3.15 (pid 6005) Use of struct sctp_assoc_value in delayed_ack socket option.
[   99.647315][ T6005] Use struct sctp_sack_info instead
[   99.792244][ T6010] FAULT_INJECTION: forcing a failure.
[   99.792244][ T6010] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   99.821707][ T6010] CPU: 1 UID: 0 PID: 6010 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[   99.821736][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.821756][ T6010] Call Trace:
[   99.821764][ T6010]  <TASK>
[   99.821774][ T6010]  dump_stack_lvl+0x189/0x250
[   99.821808][ T6010]  ? __pfx____ratelimit+0x10/0x10
[   99.821829][ T6010]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.821853][ T6010]  ? __pfx__printk+0x10/0x10
[   99.821884][ T6010]  ? fs_reclaim_acquire+0x7d/0x100
[   99.821924][ T6010]  should_fail_ex+0x414/0x560
[   99.821961][ T6010]  prepare_alloc_pages+0x213/0x610
[   99.821990][ T6010]  __alloc_frozen_pages_noprof+0x123/0x370
[   99.822016][ T6010]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   99.822048][ T6010]  ? policy_nodemask+0x27c/0x720
[   99.822083][ T6010]  alloc_pages_mpol+0x232/0x4a0
[   99.822118][ T6010]  vma_alloc_folio_noprof+0xe4/0x200
[   99.822151][ T6010]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[   99.822194][ T6010]  folio_prealloc+0x30/0x180
[   99.822226][ T6010]  do_wp_page+0x1231/0x5800
[   99.822276][ T6010]  ? __pfx_do_wp_page+0x10/0x10
[   99.822300][ T6010]  ? do_raw_spin_lock+0x121/0x290
[   99.822328][ T6010]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   99.822372][ T6010]  __handle_mm_fault+0x1033/0x5440
[   99.822419][ T6010]  ? __pfx___handle_mm_fault+0x10/0x10
[   99.822469][ T6010]  ? find_vma+0xe7/0x160
[   99.822495][ T6010]  ? __pfx_find_vma+0x10/0x10
[   99.822524][ T6010]  handle_mm_fault+0x40a/0x8e0
[   99.822563][ T6010]  do_user_addr_fault+0x764/0x1390
[   99.822613][ T6010]  exc_page_fault+0x76/0xf0
[   99.822637][ T6010]  asm_exc_page_fault+0x26/0x30
[   99.822657][ T6010] RIP: 0010:rep_movs_alternative+0x4a/0x90
[   99.822685][ T6010] Code: 0a 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[   99.822702][ T6010] RSP: 0018:ffffc9000aa8f458 EFLAGS: 00050206
[   99.822726][ T6010] RAX: ffffffff84c5cf01 RBX: ffff88807be18000 RCX: 0000000000006080
[   99.822741][ T6010] RDX: 0000000000000000 RSI: ffff88807be19f80 RDI: 0000000080002000
[   99.822755][ T6010] RBP: ffffc9000aa8f5d0 R08: ffff88807be1ffff R09: 1ffff1100f7c3fff
[   99.822769][ T6010] R10: dffffc0000000000 R11: ffffed100f7c4000 R12: 1ffff92001551fb7
[   99.822789][ T6010] R13: 0000000080000080 R14: ffffc9000aa8fdc8 R15: 0000000000008000
[   99.822812][ T6010]  ? _copy_to_iter+0x1e1/0x1790
[   99.822844][ T6010]  _copy_to_iter+0x24f/0x1790
[   99.822889][ T6010]  ? __pfx__copy_to_iter+0x10/0x10
[   99.822915][ T6010]  ? __lock_acquire+0xab9/0xd20
[   99.822957][ T6010]  __skb_datagram_iter+0x41a/0x990
[   99.822988][ T6010]  ? __pfx_simple_copy_to_iter+0x10/0x10
[   99.823026][ T6010]  skb_copy_datagram_iter+0xc5/0x230
[   99.823059][ T6010]  tcp_recvmsg_locked+0xec6/0x3660
[   99.823130][ T6010]  ? __pfx_tcp_recvmsg_locked+0x10/0x10
[   99.823163][ T6010]  ? __lock_acquire+0xab9/0xd20
[   99.823207][ T6010]  ? __local_bh_enable_ip+0x12d/0x1c0
[   99.823228][ T6010]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.823249][ T6010]  ? __local_bh_enable_ip+0x12d/0x1c0
[   99.823284][ T6010]  tcp_recvmsg+0x216/0x810
[   99.823310][ T6010]  ? __pfx_tcp_recvmsg+0x10/0x10
[   99.823336][ T6010]  ? aa_sk_perm+0x81e/0x950
[   99.823373][ T6010]  ? sock_rps_record_flow+0x19/0x410
[   99.823406][ T6010]  inet_recvmsg+0x147/0x250
[   99.823438][ T6010]  ? __pfx_inet_recvmsg+0x10/0x10
[   99.823471][ T6010]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[   99.823492][ T6010]  ? security_socket_recvmsg+0x7e/0x2e0
[   99.823520][ T6010]  sock_recvmsg+0x1a8/0x270
[   99.823556][ T6010]  __sys_recvfrom+0x1f6/0x340
[   99.823582][ T6010]  ? __pfx___sys_recvfrom+0x10/0x10
[   99.823602][ T6010]  ? __mutex_unlock_slowpath+0x1a1/0x740
[   99.823639][ T6010]  ? __fget_files+0x3a0/0x420
[   99.823671][ T6010]  ? ksys_write+0x22a/0x250
[   99.823708][ T6010]  __ia32_compat_sys_recvfrom+0xe4/0x100
[   99.823739][ T6010]  __do_fast_syscall_32+0xb6/0x2b0
[   99.823762][ T6010]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.823787][ T6010]  do_fast_syscall_32+0x34/0x80
[   99.823809][ T6010]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   99.823833][ T6010] RIP: 0023:0xf70be539
[   99.823857][ T6010] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[   99.823873][ T6010] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000173
[   99.823892][ T6010] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[   99.823906][ T6010] RDX: 00000000fffffd0b RSI: 0000000000000700 RDI: 0000000000000000
[   99.823918][ T6010] RBP: 00000000fffffd25 R08: 0000000000000000 R09: 0000000000000000
[   99.823930][ T6010] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   99.823941][ T6010] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   99.823971][ T6010]  </TASK>
[  100.662458][ T6012] netlink: 140 bytes leftover after parsing attributes in process `syz.3.18'.
[  100.753442][ T6018] netlink: 12 bytes leftover after parsing attributes in process `syz.2.20'.
[  100.764813][ T6018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20'.
[  100.976695][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  101.446474][ T6028] FAULT_INJECTION: forcing a failure.
[  101.446474][ T6028] name failslab, interval 1, probability 0, space 0, times 0
[  101.503177][ T6028] CPU: 0 UID: 0 PID: 6028 Comm: syz.0.22 Not tainted syzkaller #0 PREEMPT(full) 
[  101.503207][ T6028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.503219][ T6028] Call Trace:
[  101.503228][ T6028]  <TASK>
[  101.503238][ T6028]  dump_stack_lvl+0x189/0x250
[  101.503268][ T6028]  ? __pfx____ratelimit+0x10/0x10
[  101.503289][ T6028]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.503324][ T6028]  ? __pfx__printk+0x10/0x10
[  101.503358][ T6028]  ? __pfx___might_resched+0x10/0x10
[  101.503383][ T6028]  should_fail_ex+0x414/0x560
[  101.503418][ T6028]  should_failslab+0xa8/0x100
[  101.503451][ T6028]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  101.503480][ T6028]  ? __alloc_skb+0x112/0x2d0
[  101.503506][ T6028]  __alloc_skb+0x112/0x2d0
[  101.503532][ T6028]  netlink_sendmsg+0x5c6/0xb30
[  101.503565][ T6028]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.503589][ T6028]  ? __import_iovec+0x5d4/0x7f0
[  101.503614][ T6028]  ? aa_sock_msg_perm+0xf1/0x1d0
[  101.503636][ T6028]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  101.503658][ T6028]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.503680][ T6028]  __sock_sendmsg+0x21c/0x270
[  101.503714][ T6028]  ____sys_sendmsg+0x505/0x830
[  101.503746][ T6028]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.503789][ T6028]  ___sys_sendmsg+0x21f/0x2a0
[  101.503816][ T6028]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.503880][ T6028]  ? __fget_files+0x2a/0x420
[  101.503897][ T6028]  ? __fget_files+0x3a0/0x420
[  101.503926][ T6028]  __sys_sendmsg+0x164/0x220
[  101.503953][ T6028]  ? __pfx___sys_sendmsg+0x10/0x10
[  101.503996][ T6028]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.504019][ T6028]  __do_fast_syscall_32+0xb6/0x2b0
[  101.504042][ T6028]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.504066][ T6028]  do_fast_syscall_32+0x34/0x80
[  101.504089][ T6028]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  101.504113][ T6028] RIP: 0023:0xf70be539
[  101.504130][ T6028] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  101.504146][ T6028] RSP: 002b:00000000f54ae55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  101.504167][ T6028] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  101.504180][ T6028] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  101.504192][ T6028] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  101.504204][ T6028] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  101.504215][ T6028] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  101.504244][ T6028]  </TASK>
[  102.152137][ T6043] process 'syz.4.28' launched '/dev/fd/6' with NULL argv: empty string added
[  102.353029][ T6043] @: renamed from vlan0 (while UP)
[  102.711677][ T6051] vlan2: entered allmulticast mode
[  102.721518][ T6051] hsr0: entered allmulticast mode
[  102.766905][ T6051] hsr_slave_0: entered allmulticast mode
[  102.772608][ T6051] hsr_slave_1: entered allmulticast mode
[  102.982648][ T6056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.012704][ T6058] netlink: 'syz.1.34': attribute type 11 has an invalid length.
[  103.054154][ T6056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.199278][  T981] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  103.376474][  T981] usb 3-1: Using ep0 maxpacket: 16
[  103.389800][ T6064] netlink: 'syz.3.36': attribute type 11 has an invalid length.
[  103.421966][  T981] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.430721][ T6066] FAULT_INJECTION: forcing a failure.
[  103.430721][ T6066] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  103.447721][ T6066] CPU: 0 UID: 0 PID: 6066 Comm: syz.1.37 Not tainted syzkaller #0 PREEMPT(full) 
[  103.447751][ T6066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  103.447764][ T6066] Call Trace:
[  103.447772][ T6066]  <TASK>
[  103.447781][ T6066]  dump_stack_lvl+0x189/0x250
[  103.447811][ T6066]  ? __pfx____ratelimit+0x10/0x10
[  103.447831][ T6066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.447855][ T6066]  ? __pfx__printk+0x10/0x10
[  103.447883][ T6066]  ? __might_fault+0xb0/0x130
[  103.447924][ T6066]  should_fail_ex+0x414/0x560
[  103.447959][ T6066]  _copy_from_user+0x2d/0xb0
[  103.447986][ T6066]  get_compat_msghdr+0xad/0x4a0
[  103.448016][ T6066]  ? __pfx_get_compat_msghdr+0x10/0x10
[  103.448053][ T6066]  ___sys_sendmsg+0x193/0x2a0
[  103.448082][ T6066]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.448153][ T6066]  ? __fget_files+0x2a/0x420
[  103.448169][ T6066]  ? __fget_files+0x3a0/0x420
[  103.448198][ T6066]  __sys_sendmsg+0x164/0x220
[  103.448225][ T6066]  ? __pfx___sys_sendmsg+0x10/0x10
[  103.448267][ T6066]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.448290][ T6066]  __do_fast_syscall_32+0xb6/0x2b0
[  103.448313][ T6066]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.448336][ T6066]  do_fast_syscall_32+0x34/0x80
[  103.448359][ T6066]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  103.448383][ T6066] RIP: 0023:0xf7f93539
[  103.448400][ T6066] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  103.448417][ T6066] RSP: 002b:00000000f54a655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  103.448437][ T6066] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  103.448451][ T6066] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  103.448462][ T6066] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  103.448473][ T6066] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  103.448485][ T6066] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  103.448514][ T6066]  </TASK>
[  103.677400][  T981] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  103.746876][ T5958] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  103.794220][  T981] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  103.849934][  T981] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  103.889250][ T6071] syz.1.38 uses obsolete (PF_INET,SOCK_PACKET)
[  103.895231][  T981] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  103.911157][  T981] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  103.925825][  T981] usb 3-1: Manufacturer: syz
[  103.950060][  T981] usb 3-1: config 0 descriptor??
[  103.976802][ T5958] usb 1-1: Using ep0 maxpacket: 8
[  104.008529][ T5958] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  104.018125][ T5958] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  104.047406][ T5958] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  104.061262][ T5958] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  104.077254][ T5958] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.089807][ T5958] usb 1-1: Product: Ж
[  104.120265][ T5958] usb 1-1: Manufacturer: ඩ褑㋦᯾也ﮬ�丰묩蕙醵嶶⚠ꆊ崭�覃�Ĉ칲務�䄆ᴻ�䒳䇣侰槉㜳��⮮蘷塩뿱硚➧㺘㰦匮骡⡈⪈�悹낊�綜꾰ำ娓㯖㛆㣨�賜딦楊擥㌨᎔⭆ᓤ
[  104.141604][ T6075] Zero length message leads to an empty skb
[  104.149266][ T5958] usb 1-1: SerialNumber: syz
[  104.187498][  T981] usb 3-1: USB disconnect, device number 2
[  104.350354][ T6082] netlink: 72 bytes leftover after parsing attributes in process `syz.1.41'.
[  104.365384][ T6082] netlink: 72 bytes leftover after parsing attributes in process `syz.1.41'.
[  104.389642][ T6084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.43'.
[  104.401855][ T5958] usb 1-1: 0:2 : does not exist
[  104.413148][ T6084] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  104.452324][ T5958] usb 1-1: USB disconnect, device number 2
[  104.520384][ T5868] udevd[5868]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  104.937129][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  105.056485][ T5958] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  105.097955][    T9] usb 4-1: Using ep0 maxpacket: 8
[  105.113483][    T9] usb 4-1: config 162 has an invalid interface number: 97 but max is 0
[  105.125960][    T9] usb 4-1: config 162 has an invalid descriptor of length 0, skipping remainder of the config
[  105.147689][    T9] usb 4-1: config 162 has no interface number 0
[  105.154243][    T9] usb 4-1: too many endpoints for config 162 interface 97 altsetting 3: 255, using maximum allowed: 30
[  105.167429][    T9] usb 4-1: config 162 interface 97 altsetting 3 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  105.179784][    T9] usb 4-1: config 162 interface 97 altsetting 3 endpoint 0x85 has invalid wMaxPacketSize 0
[  105.210645][    T9] usb 4-1: config 162 interface 97 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  105.233423][ T5951] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  105.235362][ T5958] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 35, changing to 9
[  105.261579][    T9] usb 4-1: config 162 interface 97 has no altsetting 0
[  105.276958][ T5958] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  105.296362][ T6103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.51'.
[  105.313266][    T9] usb 4-1: New USB device found, idVendor=0c2e, idProduct=0700, bcdDevice=e1.3b
[  105.316125][ T5958] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023
[  105.351434][ T6103] netlink: 4 bytes leftover after parsing attributes in process `syz.1.51'.
[  105.364459][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.364484][ T5958] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  105.395229][    T9] usb 4-1: Product: syz
[  105.399823][ T5958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.399851][ T5958] usb 3-1: Product: syz
[  105.399867][ T5958] usb 3-1: Manufacturer: Ж
[  105.399883][ T5958] usb 3-1: SerialNumber: syz
[  105.441911][    T9] usb 4-1: Manufacturer: syz
[  105.448956][    T9] usb 4-1: SerialNumber: syz
[  105.466236][ T5951] usb 1-1: unable to get BOS descriptor or descriptor too short
[  105.485192][ T5951] usb 1-1: not running at top speed; connect to a high speed hub
[  105.521573][ T5951] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  105.532284][ T5951] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  105.562848][ T5951] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  105.599404][ T5951] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  105.620879][ T5951] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.638292][ T5951] usb 1-1: Product: syz
[  105.642555][ T5951] usb 1-1: Manufacturer: syz
[  105.682927][ T5951] usb 1-1: SerialNumber: syz
[  105.704915][    T9] metro_usb 4-1:162.97: interrupt-out endpoint missing
[  105.771610][    T9] usb 4-1: USB disconnect, device number 2
[  105.974866][ T5951] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  105.981491][ T6114] netlink: 4 bytes leftover after parsing attributes in process `syz.1.55'.
[  106.056374][ T5951] usb 1-1: USB disconnect, device number 3
[  106.140333][ T5868] udevd[5868]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  106.376665][ T5958] cdc_ncm 3-1:1.0: bind() failure
[  106.454923][ T5958] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  106.495198][ T5958] cdc_ncm 3-1:1.1: bind() failure
[  106.558472][ T5958] usb 3-1: USB disconnect, device number 3
[  106.607385][ T6122] netlink: 48 bytes leftover after parsing attributes in process `syz.3.59'.
[  106.967258][ T6130] usb usb8: usbfs: process 6130 (syz.2.60) did not claim interface 0 before use
[  107.286889][ T6140] netlink: 'syz.3.63': attribute type 12 has an invalid length.
[  108.146091][ T5951] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  108.385905][ T5951] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  108.394716][ T5951] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  108.467526][ T5951] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 512, setting to 0
[  108.532401][ T5951] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 64, setting to 0
[  108.589406][ T5951] usb 2-1: string descriptor 0 read error: -22
[  108.632273][ T5951] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  108.695874][ T5951] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.760178][ T5951] usb 2-1: low speed audio streaming not supported
[  109.058505][ T6170] netlink: 'syz.4.71': attribute type 4 has an invalid length.
[  109.269350][ T6177] tipc: Started in network mode
[  109.277269][ T6178] netlink: 48 bytes leftover after parsing attributes in process `syz.3.77'.
[  109.300247][ T6177] tipc: Node identity 0614596cd6b, cluster identity 4711
[  109.310437][ T6170] netlink: 'syz.4.71': attribute type 4 has an invalid length.
[  109.357015][ T6177] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.387083][ T6177] tipc: Resetting bearer <eth:syzkaller0>
[  109.418951][ T6174] tipc: Disabling bearer <eth:syzkaller0>
[  109.855519][ T6189] FAULT_INJECTION: forcing a failure.
[  109.855519][ T6189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.876797][ T6189] CPU: 1 UID: 0 PID: 6189 Comm: syz.2.82 Not tainted syzkaller #0 PREEMPT(full) 
[  109.876825][ T6189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  109.876837][ T6189] Call Trace:
[  109.876846][ T6189]  <TASK>
[  109.876854][ T6189]  dump_stack_lvl+0x189/0x250
[  109.876884][ T6189]  ? __pfx____ratelimit+0x10/0x10
[  109.876904][ T6189]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.876927][ T6189]  ? __pfx__printk+0x10/0x10
[  109.876955][ T6189]  ? __might_fault+0xb0/0x130
[  109.876994][ T6189]  should_fail_ex+0x414/0x560
[  109.877029][ T6189]  _copy_from_user+0x2d/0xb0
[  109.877056][ T6189]  cmsghdr_from_user_compat_to_kern+0x394/0x800
[  109.877095][ T6189]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  109.877129][ T6189]  ____sys_sendmsg+0x20f/0x830
[  109.877162][ T6189]  ? __pfx_____sys_sendmsg+0x10/0x10
[  109.877202][ T6189]  ___sys_sendmsg+0x21f/0x2a0
[  109.877229][ T6189]  ? __pfx____sys_sendmsg+0x10/0x10
[  109.877291][ T6189]  ? __fget_files+0x2a/0x420
[  109.877308][ T6189]  ? __fget_files+0x3a0/0x420
[  109.877347][ T6189]  __sys_sendmmsg+0x28e/0x430
[  109.877379][ T6189]  ? __pfx___sys_sendmmsg+0x10/0x10
[  109.877413][ T6189]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  109.877455][ T6189]  ? ksys_write+0x22a/0x250
[  109.877493][ T6189]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  109.877521][ T6189]  __do_fast_syscall_32+0xb6/0x2b0
[  109.877545][ T6189]  ? lockdep_hardirqs_on+0x9c/0x150
[  109.877569][ T6189]  do_fast_syscall_32+0x34/0x80
[  109.877592][ T6189]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  109.877616][ T6189] RIP: 0023:0xf7fc5539
[  109.877633][ T6189] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  109.877650][ T6189] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  109.877671][ T6189] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080003340
[  109.877685][ T6189] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  109.877696][ T6189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  109.877707][ T6189] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  109.877719][ T6189] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  109.877748][ T6189]  </TASK>
[  110.111137][    C1] vkms_vblank_simulate: vblank timer overrun
[  110.129949][   T44] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  110.297659][   T44] usb 1-1: New USB device found, idVendor=04a5, idProduct=3035, bcdDevice= d.df
[  110.307022][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.319975][   T44] usb 1-1: config 0 descriptor??
[  110.328841][   T44] gspca_main: benq-2.14.0 probing 04a5:3035
[  110.538810][    T9] usb 1-1: USB disconnect, device number 4
[  110.592555][ T6198] netlink: 'syz.2.84': attribute type 4 has an invalid length.
[  110.732612][ T6201] netlink: 'syz.2.84': attribute type 4 has an invalid length.
[  111.106580][ T6212] FAULT_INJECTION: forcing a failure.
[  111.106580][ T6212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.160990][ T6212] CPU: 1 UID: 0 PID: 6212 Comm: syz.4.89 Not tainted syzkaller #0 PREEMPT(full) 
[  111.161017][ T6212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  111.161029][ T6212] Call Trace:
[  111.161037][ T6212]  <TASK>
[  111.161046][ T6212]  dump_stack_lvl+0x189/0x250
[  111.161076][ T6212]  ? __pfx____ratelimit+0x10/0x10
[  111.161096][ T6212]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.161120][ T6212]  ? __pfx__printk+0x10/0x10
[  111.161149][ T6212]  ? __might_fault+0xb0/0x130
[  111.161188][ T6212]  should_fail_ex+0x414/0x560
[  111.161221][ T6212]  _copy_from_user+0x2d/0xb0
[  111.161247][ T6212]  get_compat_msghdr+0xad/0x4a0
[  111.161276][ T6212]  ? __pfx_get_compat_msghdr+0x10/0x10
[  111.161312][ T6212]  ___sys_sendmsg+0x193/0x2a0
[  111.161340][ T6212]  ? __pfx____sys_sendmsg+0x10/0x10
[  111.161403][ T6212]  ? __fget_files+0x2a/0x420
[  111.161420][ T6212]  ? __fget_files+0x3a0/0x420
[  111.161461][ T6212]  __sys_sendmsg+0x164/0x220
[  111.161493][ T6212]  ? __pfx___sys_sendmsg+0x10/0x10
[  111.161535][ T6212]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.161566][ T6212]  __do_fast_syscall_32+0xb6/0x2b0
[  111.161589][ T6212]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.161613][ T6212]  do_fast_syscall_32+0x34/0x80
[  111.161635][ T6212]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.161659][ T6212] RIP: 0023:0xf70de539
[  111.161676][ T6212] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  111.161693][ T6212] RSP: 002b:00000000f54ce55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  111.161719][ T6212] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  111.161737][ T6212] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  111.161748][ T6212] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.161765][ T6212] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  111.161781][ T6212] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.161810][ T6212]  </TASK>
[  111.367042][    C1] vkms_vblank_simulate: vblank timer overrun
[  111.578298][ T6214] netlink: 48 bytes leftover after parsing attributes in process `syz.3.90'.
[  111.661718][    T9] usb 2-1: USB disconnect, device number 3
[  111.834830][ T6218] tipc: Started in network mode
[  111.875612][ T6218] tipc: Node identity ce19fdc8aac1, cluster identity 4711
[  111.899396][ T6218] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  111.957372][ T6218] tipc: Resetting bearer <eth:syzkaller0>
[  111.983922][ T6217] tipc: Disabling bearer <eth:syzkaller0>
[  112.123970][ T6230] netlink: 16 bytes leftover after parsing attributes in process `syz.3.97'.
[  112.242197][ T6232] pimreg: entered allmulticast mode
[  112.254540][ T6232] pimreg: left allmulticast mode
[  112.277981][ T6236] FAULT_INJECTION: forcing a failure.
[  112.277981][ T6236] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.306255][ T6236] CPU: 1 UID: 0 PID: 6236 Comm: syz.1.99 Not tainted syzkaller #0 PREEMPT(full) 
[  112.306283][ T6236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  112.306295][ T6236] Call Trace:
[  112.306303][ T6236]  <TASK>
[  112.306311][ T6236]  dump_stack_lvl+0x189/0x250
[  112.306339][ T6236]  ? __pfx____ratelimit+0x10/0x10
[  112.306357][ T6236]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.306381][ T6236]  ? __pfx__printk+0x10/0x10
[  112.306409][ T6236]  ? __might_fault+0xb0/0x130
[  112.306447][ T6236]  should_fail_ex+0x414/0x560
[  112.306482][ T6236]  _copy_from_iter+0x1de/0x1790
[  112.306506][ T6236]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  112.306534][ T6236]  ? policy_nodemask+0x27c/0x720
[  112.306561][ T6236]  ? __pfx__copy_from_iter+0x10/0x10
[  112.306588][ T6236]  ? set_page_refcounted+0xa0/0x1e0
[  112.306616][ T6236]  ? page_copy_sane+0x4e/0x280
[  112.306640][ T6236]  copy_page_from_iter+0xdd/0x170
[  112.306667][ T6236]  tun_get_user+0x1d7b/0x3e20
[  112.306699][ T6236]  ? tun_get_user+0x6f6/0x3e20
[  112.306731][ T6236]  ? aa_file_perm+0x44d/0x1550
[  112.306752][ T6236]  ? __pfx_tun_get_user+0x10/0x10
[  112.306774][ T6236]  ? _parse_integer_limit+0x1ae/0x1f0
[  112.306802][ T6236]  ? __lock_acquire+0xab9/0xd20
[  112.306838][ T6236]  ? ref_tracker_alloc+0x318/0x460
[  112.306854][ T6236]  ? __lock_acquire+0xab9/0xd20
[  112.306885][ T6236]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  112.306909][ T6236]  ? tun_get+0x1c/0x2f0
[  112.306937][ T6236]  ? tun_get+0x1c/0x2f0
[  112.306958][ T6236]  ? tun_get+0x1c/0x2f0
[  112.306984][ T6236]  tun_chr_write_iter+0x113/0x200
[  112.307008][ T6236]  vfs_write+0x5c6/0xb30
[  112.307041][ T6236]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  112.307064][ T6236]  ? __pfx_vfs_write+0x10/0x10
[  112.307102][ T6236]  ? __fget_files+0x2a/0x420
[  112.307130][ T6236]  ksys_write+0x145/0x250
[  112.307159][ T6236]  ? __pfx_ksys_write+0x10/0x10
[  112.307188][ T6236]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.307222][ T6236]  __do_fast_syscall_32+0xb6/0x2b0
[  112.307245][ T6236]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.307268][ T6236]  do_fast_syscall_32+0x34/0x80
[  112.307289][ T6236]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  112.307312][ T6236] RIP: 0023:0xf7f93539
[  112.307330][ T6236] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  112.307346][ T6236] RSP: 002b:00000000f54a6520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  112.307367][ T6236] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000080
[  112.307380][ T6236] RDX: 000000000000004a RSI: 00000000f7424ff4 RDI: 0000000000000000
[  112.307393][ T6236] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  112.307404][ T6236] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  112.307415][ T6236] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  112.307443][ T6236]  </TASK>
[  112.857053][ T6252] netlink: 48 bytes leftover after parsing attributes in process `syz.0.106'.
[  112.915825][   T44] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  112.965399][ T6257] FAULT_INJECTION: forcing a failure.
[  112.965399][ T6257] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.980806][ T6257] CPU: 1 UID: 0 PID: 6257 Comm: syz.0.109 Not tainted syzkaller #0 PREEMPT(full) 
[  112.980835][ T6257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  112.980847][ T6257] Call Trace:
[  112.980856][ T6257]  <TASK>
[  112.980865][ T6257]  dump_stack_lvl+0x189/0x250
[  112.980894][ T6257]  ? __pfx____ratelimit+0x10/0x10
[  112.980915][ T6257]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.980937][ T6257]  ? __pfx__printk+0x10/0x10
[  112.980976][ T6257]  should_fail_ex+0x414/0x560
[  112.981010][ T6257]  _copy_to_user+0x31/0xb0
[  112.981038][ T6257]  simple_read_from_buffer+0xe1/0x170
[  112.981071][ T6257]  proc_fail_nth_read+0x1b3/0x220
[  112.981097][ T6257]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  112.981123][ T6257]  ? rw_verify_area+0x2a6/0x4d0
[  112.981147][ T6257]  ? __lock_acquire+0xab9/0xd20
[  112.981187][ T6257]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  112.981212][ T6257]  vfs_read+0x200/0xa30
[  112.981237][ T6257]  ? fdget_pos+0x247/0x320
[  112.981259][ T6257]  ? __pfx___mutex_lock+0x10/0x10
[  112.981282][ T6257]  ? __pfx_vfs_read+0x10/0x10
[  112.981310][ T6257]  ? __fget_files+0x2a/0x420
[  112.981332][ T6257]  ? __fget_files+0x3a0/0x420
[  112.981348][ T6257]  ? __fget_files+0x2a/0x420
[  112.981375][ T6257]  ksys_read+0x145/0x250
[  112.981402][ T6257]  ? __pfx_ksys_read+0x10/0x10
[  112.981431][ T6257]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.981453][ T6257]  __do_fast_syscall_32+0xb6/0x2b0
[  112.981474][ T6257]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.981496][ T6257]  do_fast_syscall_32+0x34/0x80
[  112.981517][ T6257]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  112.981540][ T6257] RIP: 0023:0xf70be539
[  112.981557][ T6257] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  112.981574][ T6257] RSP: 002b:00000000f54ae590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  112.981594][ T6257] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54ae620
[  112.981607][ T6257] RDX: 000000000000000f RSI: 00000000f7434ff4 RDI: 0000000000000000
[  112.981618][ T6257] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  112.981629][ T6257] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  112.981638][ T6257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  112.981667][ T6257]  </TASK>
[  113.000628][ T6258] vxcan0: tx drop: invalid da for name 0x000000000000f000
[  113.249187][   T44] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  113.268571][   T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.278261][   T44] usb 5-1: Product: syz
[  113.282570][   T44] usb 5-1: Manufacturer: syz
[  113.300382][   T44] usb 5-1: SerialNumber: syz
[  113.305276][ T6262] tipc: Started in network mode
[  113.332035][   T44] usb 5-1: config 0 descriptor??
[  113.336283][ T6262] tipc: Node identity be26252a1844, cluster identity 4711
[  113.353258][ T6262] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  113.393561][ T6262] tipc: Resetting bearer <eth:syzkaller0>
[  113.439916][  T981] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  113.525110][ T6260] tipc: Disabling bearer <eth:syzkaller0>
[  113.736657][  T981] usb 2-1: Using ep0 maxpacket: 32
[  113.751230][  T981] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  113.974897][  T981] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.347545][  T981] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  114.533483][  T981] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  114.562537][  T981] usb 2-1: Product: syz
[  114.581278][  T981] usb 2-1: Manufacturer: syz
[  114.730046][  T981] hub 2-1:4.0: USB hub found
[  114.899729][ T6285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.119'.
[  114.914176][  T981] hub 2-1:4.0: 2 ports detected
[  115.224279][ T6289] netlink: 48 bytes leftover after parsing attributes in process `syz.2.121'.
[  115.394072][ T6295] FAULT_INJECTION: forcing a failure.
[  115.394072][ T6295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.408333][ T6295] CPU: 0 UID: 0 PID: 6295 Comm: syz.3.124 Not tainted syzkaller #0 PREEMPT(full) 
[  115.408360][ T6295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  115.408372][ T6295] Call Trace:
[  115.408380][ T6295]  <TASK>
[  115.408389][ T6295]  dump_stack_lvl+0x189/0x250
[  115.408420][ T6295]  ? __pfx____ratelimit+0x10/0x10
[  115.408439][ T6295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.408462][ T6295]  ? __pfx__printk+0x10/0x10
[  115.408487][ T6295]  ? __might_fault+0xb0/0x130
[  115.408515][ T6295]  should_fail_ex+0x414/0x560
[  115.408551][ T6295]  _copy_from_user+0x2d/0xb0
[  115.408578][ T6295]  get_compat_msghdr+0xad/0x4a0
[  115.408607][ T6295]  ? __pfx_get_compat_msghdr+0x10/0x10
[  115.408640][ T6295]  ___sys_sendmsg+0x193/0x2a0
[  115.408660][ T6295]  ? __pfx____sys_sendmsg+0x10/0x10
[  115.408715][ T6295]  ? __fget_files+0x2a/0x420
[  115.408733][ T6295]  ? __fget_files+0x3a0/0x420
[  115.408760][ T6295]  __sys_sendmsg+0x164/0x220
[  115.408787][ T6295]  ? __pfx___sys_sendmsg+0x10/0x10
[  115.408816][ T6295]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.408833][ T6295]  __do_fast_syscall_32+0xb6/0x2b0
[  115.408857][ T6295]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.408881][ T6295]  do_fast_syscall_32+0x34/0x80
[  115.408902][ T6295]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  115.408925][ T6295] RIP: 0023:0xf7f63539
[  115.408942][ T6295] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  115.408954][ T6295] RSP: 002b:00000000f547655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  115.408971][ T6295] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  115.408980][ T6295] RDX: 0000000004044800 RSI: 0000000000000000 RDI: 0000000000000000
[  115.408989][ T6295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  115.409001][ T6295] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  115.409018][ T6295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  115.409046][ T6295]  </TASK>
[  115.952806][ T6299] syzkaller0: entered promiscuous mode
[  115.958465][ T6299] syzkaller0: entered allmulticast mode
[  115.965967][   T44] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  116.080536][ T6273] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  116.117678][ T5951] usb 5-1: USB disconnect, device number 2
[  116.179877][   T44] usb 3-1: device descriptor read/64, error -71
[  116.318064][  T981] hub 2-1:4.0: activate --> -90
[  116.476237][   T44] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  116.514555][ T6305] netlink: 72 bytes leftover after parsing attributes in process `syz.3.128'.
[  116.525044][ T6305] netlink: 48 bytes leftover after parsing attributes in process `syz.3.128'.
[  116.544791][ T6305] netlink: 40 bytes leftover after parsing attributes in process `syz.3.128'.
[  116.636567][   T44] usb 3-1: device descriptor read/64, error -71
[  116.689693][ T6311] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  116.802902][   T44] usb usb3-port1: attempt power cycle
[  117.089724][ T6319] netlink: 48 bytes leftover after parsing attributes in process `syz.3.133'.
[  117.210832][ T6321] FAULT_INJECTION: forcing a failure.
[  117.210832][ T6321] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.241721][   T44] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  117.249706][ T6321] CPU: 0 UID: 0 PID: 6321 Comm: syz.0.134 Not tainted syzkaller #0 PREEMPT(full) 
[  117.249734][ T6321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.249746][ T6321] Call Trace:
[  117.249755][ T6321]  <TASK>
[  117.249764][ T6321]  dump_stack_lvl+0x189/0x250
[  117.249805][ T6321]  ? __pfx____ratelimit+0x10/0x10
[  117.249826][ T6321]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.249849][ T6321]  ? __pfx__printk+0x10/0x10
[  117.249891][ T6321]  should_fail_ex+0x414/0x560
[  117.249927][ T6321]  _copy_to_user+0x31/0xb0
[  117.249957][ T6321]  simple_read_from_buffer+0xe1/0x170
[  117.249992][ T6321]  proc_fail_nth_read+0x1b3/0x220
[  117.250019][ T6321]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.250046][ T6321]  ? rw_verify_area+0x2a6/0x4d0
[  117.250071][ T6321]  ? __lock_acquire+0xab9/0xd20
[  117.250099][ T6321]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.250124][ T6321]  vfs_read+0x200/0xa30
[  117.250149][ T6321]  ? fdget_pos+0x247/0x320
[  117.250171][ T6321]  ? __pfx___mutex_lock+0x10/0x10
[  117.250194][ T6321]  ? __pfx_vfs_read+0x10/0x10
[  117.250222][ T6321]  ? __fget_files+0x2a/0x420
[  117.250245][ T6321]  ? __fget_files+0x3a0/0x420
[  117.250262][ T6321]  ? __fget_files+0x2a/0x420
[  117.250289][ T6321]  ksys_read+0x145/0x250
[  117.250319][ T6321]  ? __pfx_ksys_read+0x10/0x10
[  117.250349][ T6321]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.250373][ T6321]  __do_fast_syscall_32+0xb6/0x2b0
[  117.250397][ T6321]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.250421][ T6321]  do_fast_syscall_32+0x34/0x80
[  117.250444][ T6321]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.250468][ T6321] RIP: 0023:0xf70be539
[  117.250486][ T6321] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  117.250502][ T6321] RSP: 002b:00000000f54ae590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  117.250523][ T6321] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54ae620
[  117.250536][ T6321] RDX: 000000000000000f RSI: 00000000f7434ff4 RDI: 0000000000000000
[  117.250548][ T6321] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  117.250559][ T6321] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  117.250570][ T6321] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.250599][ T6321]  </TASK>
[  117.541481][  T981] hub 2-1:4.0: hub_ext_port_status failed (err = -32)
[  118.185846][   T44] usb 3-1: device descriptor read/8, error -71
[  118.365801][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  118.365821][   T30] audit: type=1326 audit(1757361269.560:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  118.502088][   T30] audit: type=1326 audit(1757361269.560:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  118.526048][  T981] usb 2-1: USB disconnect, device number 4
[  118.536506][   T44] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  118.716243][   T30] audit: type=1326 audit(1757361269.560:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  118.747272][ T6337] syzkaller0: entered promiscuous mode
[  118.780779][   T44] usb 3-1: device not accepting address 7, error -71
[  118.789331][ T6337] syzkaller0: entered allmulticast mode
[  118.801938][   T44] usb usb3-port1: unable to enumerate USB device
[  118.836011][   T30] audit: type=1326 audit(1757361269.560:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  118.929440][   T30] audit: type=1326 audit(1757361269.560:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  118.970139][   T30] audit: type=1326 audit(1757361269.560:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  119.003269][   T30] audit: type=1326 audit(1757361269.560:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  119.079695][   T30] audit: type=1326 audit(1757361269.560:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  119.101721][ T5951] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  119.109627][   T30] audit: type=1326 audit(1757361269.560:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  119.137086][   T30] audit: type=1326 audit(1757361269.570:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.3.136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63539 code=0x7ffc0000
[  119.257021][ T5951] usb 1-1: Using ep0 maxpacket: 16
[  119.294068][ T5951] usb 1-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66
[  119.337196][ T5951] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.364888][ T5951] usb 1-1: config 0 descriptor??
[  119.403333][ T6354] netlink: 48 bytes leftover after parsing attributes in process `syz.3.146'.
[  119.425661][ T5951] usb 1-1: invalid MIDI EP
[  119.444877][ T5951] usb 1-1: snd-bcd2000: error during probing
[  119.464766][ T5951] snd-bcd2000 1-1:0.0: probe with driver snd-bcd2000 failed with error -22
[  119.567651][   T44] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  119.570257][ T6360] netlink: 'syz.2.149': attribute type 4 has an invalid length.
[  119.601053][ T5951] usb 1-1: USB disconnect, device number 5
[  119.746373][   T44] usb 2-1: Using ep0 maxpacket: 16
[  119.761960][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.783459][   T44] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  119.864402][   T44] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  119.897743][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.937027][   T44] usb 2-1: config 0 descriptor??
[  120.040936][ T6373] netlink: 'syz.4.153': attribute type 4 has an invalid length.
[  120.339909][ T6379] syzkaller0: entered promiscuous mode
[  120.370684][ T6379] syzkaller0: entered allmulticast mode
[  120.619203][ T6384] FAULT_INJECTION: forcing a failure.
[  120.619203][ T6384] name failslab, interval 1, probability 0, space 0, times 0
[  120.661171][ T6384] CPU: 1 UID: 0 PID: 6384 Comm: syz.3.156 Not tainted syzkaller #0 PREEMPT(full) 
[  120.661201][ T6384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.661213][ T6384] Call Trace:
[  120.661221][ T6384]  <TASK>
[  120.661233][ T6384]  dump_stack_lvl+0x189/0x250
[  120.661264][ T6384]  ? __pfx____ratelimit+0x10/0x10
[  120.661284][ T6384]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.661308][ T6384]  ? __pfx__printk+0x10/0x10
[  120.661343][ T6384]  ? __pfx___might_resched+0x10/0x10
[  120.661367][ T6384]  should_fail_ex+0x414/0x560
[  120.661403][ T6384]  should_failslab+0xa8/0x100
[  120.661434][ T6384]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  120.661461][ T6384]  ? __alloc_skb+0x112/0x2d0
[  120.661497][ T6384]  __alloc_skb+0x112/0x2d0
[  120.661523][ T6384]  netlink_sendmsg+0x5c6/0xb30
[  120.661555][ T6384]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.661580][ T6384]  ? __import_iovec+0x5d4/0x7f0
[  120.661602][ T6384]  ? aa_sock_msg_perm+0xf1/0x1d0
[  120.661624][ T6384]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  120.661646][ T6384]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.661668][ T6384]  __sock_sendmsg+0x21c/0x270
[  120.661701][ T6384]  ____sys_sendmsg+0x505/0x830
[  120.661729][ T6384]  ? __pfx_____sys_sendmsg+0x10/0x10
[  120.661771][ T6384]  ___sys_sendmsg+0x21f/0x2a0
[  120.661797][ T6384]  ? __pfx____sys_sendmsg+0x10/0x10
[  120.661857][ T6384]  ? __fget_files+0x2a/0x420
[  120.661873][ T6384]  ? __fget_files+0x3a0/0x420
[  120.661902][ T6384]  __sys_sendmsg+0x164/0x220
[  120.661929][ T6384]  ? __pfx___sys_sendmsg+0x10/0x10
[  120.661971][ T6384]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.661995][ T6384]  __do_fast_syscall_32+0xb6/0x2b0
[  120.662019][ T6384]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.662042][ T6384]  do_fast_syscall_32+0x34/0x80
[  120.662064][ T6384]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  120.662088][ T6384] RIP: 0023:0xf7f63539
[  120.662106][ T6384] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  120.662122][ T6384] RSP: 002b:00000000f547655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  120.662143][ T6384] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  120.662157][ T6384] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  120.662169][ T6384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  120.662180][ T6384] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  120.662191][ T6384] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  120.662219][ T6384]  </TASK>
[  121.343401][   T44] usbhid 2-1:0.0: can't add hid device: -71
[  121.351287][ T6394] netlink: 28 bytes leftover after parsing attributes in process `syz.0.159'.
[  121.362591][   T44] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  121.396131][   T44] usb 2-1: USB disconnect, device number 5
[  121.576259][ T5958] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  121.737923][ T5958] usb 4-1: config 0 has no interfaces?
[  121.747144][ T5958] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  121.766153][ T5958] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.817943][ T5958] usb 4-1: Product: syz
[  121.822468][ T5958] usb 4-1: Manufacturer: syz
[  121.831303][ T5958] usb 4-1: SerialNumber: syz
[  121.920305][ T5958] usb 4-1: config 0 descriptor??
[  122.089179][   T44] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  122.315962][   T44] usb 5-1: Using ep0 maxpacket: 16
[  122.363851][   T44] usb 5-1: unable to get BOS descriptor or descriptor too short
[  122.416504][ T5958] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  122.426352][   T44] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.449863][   T44] usb 5-1: config 0 has no interfaces?
[  122.465187][   T44] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  122.503038][   T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.543509][   T44] usb 5-1: Product: syz
[  122.591538][   T44] usb 5-1: Manufacturer: syz
[  122.623100][   T44] usb 5-1: SerialNumber: syz
[  122.639233][ T5958] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  122.692573][   T44] usb 5-1: config 0 descriptor??
[  122.712602][ T6418] binder: 6417:6418 unknown command 0
[  122.725000][ T6418] binder: 6417:6418 ioctl c0306201 80000080 returned -22
[  122.737667][ T5958] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.775915][ T6420] syzkaller0: entered promiscuous mode
[  122.783280][ T6420] syzkaller0: entered allmulticast mode
[  122.796737][ T5958] usb 1-1: Product: syz
[  122.848556][ T5958] usb 1-1: Manufacturer: syz
[  122.870638][ T5958] usb 1-1: SerialNumber: syz
[  122.929579][ T6422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.171'.
[  123.036973][ T5929] IPVS: starting estimator thread 0...
[  123.128958][ T6423] IPVS: using max 27 ests per chain, 64800 per kthread
[  123.165100][ T6426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.172'.
[  123.211206][ T6427] capability: warning: `syz.1.173' uses 32-bit capabilities (legacy support in use)
[  123.257759][ T6426] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  123.279368][ T6426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.172'.
[  124.105840][   T44] usb 2-1: new low-speed USB device number 6 using dummy_hcd
[  124.119171][ T6408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.159884][ T6408] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.298067][  T981] usb 4-1: USB disconnect, device number 3
[  124.316786][ T6443] FAULT_INJECTION: forcing a failure.
[  124.316786][ T6443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.316880][   T44] usb 2-1: unable to get BOS descriptor or descriptor too short
[  124.339218][ T6443] CPU: 0 UID: 0 PID: 6443 Comm: syz.2.178 Not tainted syzkaller #0 PREEMPT(full) 
[  124.339257][ T6443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  124.339270][ T6443] Call Trace:
[  124.339278][ T6443]  <TASK>
[  124.339287][ T6443]  dump_stack_lvl+0x189/0x250
[  124.339316][ T6443]  ? __pfx____ratelimit+0x10/0x10
[  124.339335][ T6443]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.339357][ T6443]  ? __pfx__printk+0x10/0x10
[  124.339383][ T6443]  ? __might_fault+0xb0/0x130
[  124.339422][ T6443]  should_fail_ex+0x414/0x560
[  124.339458][ T6443]  _copy_from_iter+0x1de/0x1790
[  124.339490][ T6443]  ? rcu_is_watching+0x15/0xb0
[  124.339511][ T6443]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  124.339541][ T6443]  ? __pfx__copy_from_iter+0x10/0x10
[  124.339567][ T6443]  ? __build_skb_around+0x257/0x3e0
[  124.339593][ T6443]  ? netlink_sendmsg+0x642/0xb30
[  124.339613][ T6443]  ? skb_put+0x11b/0x210
[  124.339639][ T6443]  netlink_sendmsg+0x6b2/0xb30
[  124.339671][ T6443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  124.339696][ T6443]  ? __import_iovec+0x5d4/0x7f0
[  124.339719][ T6443]  ? aa_sock_msg_perm+0xf1/0x1d0
[  124.339741][ T6443]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  124.339763][ T6443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  124.339785][ T6443]  __sock_sendmsg+0x21c/0x270
[  124.339819][ T6443]  ____sys_sendmsg+0x505/0x830
[  124.339851][ T6443]  ? __pfx_____sys_sendmsg+0x10/0x10
[  124.339893][ T6443]  ___sys_sendmsg+0x21f/0x2a0
[  124.339921][ T6443]  ? __pfx____sys_sendmsg+0x10/0x10
[  124.339983][ T6443]  ? __fget_files+0x2a/0x420
[  124.340000][ T6443]  ? __fget_files+0x3a0/0x420
[  124.340029][ T6443]  __sys_sendmsg+0x164/0x220
[  124.340056][ T6443]  ? __pfx___sys_sendmsg+0x10/0x10
[  124.340099][ T6443]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.340122][ T6443]  __do_fast_syscall_32+0xb6/0x2b0
[  124.340154][ T6443]  do_fast_syscall_32+0x34/0x80
[  124.340176][ T6443]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  124.340201][ T6443] RIP: 0023:0xf7fc5539
[  124.340219][ T6443] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  124.340235][ T6443] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  124.340263][ T6443] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  124.340277][ T6443] RDX: 0000000004044800 RSI: 0000000000000000 RDI: 0000000000000000
[  124.340289][ T6443] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  124.340301][ T6443] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  124.340312][ T6443] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  124.340342][ T6443]  </TASK>
[  124.619386][   T44] usb 2-1: config 9 has an invalid interface number: 198 but max is 0
[  124.627711][   T44] usb 2-1: config 9 has no interface number 0
[  124.634972][   T44] usb 2-1: config 9 interface 198 has no altsetting 0
[  124.647077][   T44] usb 2-1: New USB device found, idVendor=15f4, idProduct=0015, bcdDevice=6f.2b
[  124.659997][ T5958] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  124.720716][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.759082][   T44] usb 2-1: Product: 宋�⥫쬉蜋땂�艎岌䱙ᷞဖ晫㶵팧ᗶ�쉄ﬨ홄排쩈縼᳀
[  124.796800][   T44] usb 2-1: Manufacturer: 堎�샾ꃳƮ㡒世
[  124.803021][   T44] usb 2-1: SerialNumber: â°‰
[  124.916286][ T5950] usb 5-1: USB disconnect, device number 3
[  124.953412][ T5958] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001000. ret = -EPROTO
[  125.008839][ T5958] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  125.021746][ T6452] netlink: 28 bytes leftover after parsing attributes in process `syz.4.182'.
[  125.044495][ T5958] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  125.075333][ T5958] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  125.132779][ T6455] FAULT_INJECTION: forcing a failure.
[  125.132779][ T6455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.169896][ T5958] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  125.279960][ T6455] CPU: 1 UID: 0 PID: 6455 Comm: syz.2.183 Not tainted syzkaller #0 PREEMPT(full) 
[  125.279985][ T6455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.279994][ T6455] Call Trace:
[  125.280000][ T6455]  <TASK>
[  125.280007][ T6455]  dump_stack_lvl+0x189/0x250
[  125.280030][ T6455]  ? __pfx____ratelimit+0x10/0x10
[  125.280045][ T6455]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.280062][ T6455]  ? __pfx__printk+0x10/0x10
[  125.280082][ T6455]  ? __might_fault+0xb0/0x130
[  125.280111][ T6455]  should_fail_ex+0x414/0x560
[  125.280136][ T6455]  _copy_from_iter+0x1de/0x1790
[  125.280164][ T6455]  ? rcu_is_watching+0x15/0xb0
[  125.280180][ T6455]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  125.280201][ T6455]  ? __pfx__copy_from_iter+0x10/0x10
[  125.280218][ T6455]  ? __build_skb_around+0x257/0x3e0
[  125.280237][ T6455]  ? netlink_sendmsg+0x642/0xb30
[  125.280251][ T6455]  ? skb_put+0x11b/0x210
[  125.280270][ T6455]  netlink_sendmsg+0x6b2/0xb30
[  125.280292][ T6455]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.280309][ T6455]  ? __import_iovec+0x5d4/0x7f0
[  125.280326][ T6455]  ? aa_sock_msg_perm+0xf1/0x1d0
[  125.280341][ T6455]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  125.280357][ T6455]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.280373][ T6455]  __sock_sendmsg+0x21c/0x270
[  125.280397][ T6455]  ____sys_sendmsg+0x505/0x830
[  125.280419][ T6455]  ? __pfx_____sys_sendmsg+0x10/0x10
[  125.280448][ T6455]  ___sys_sendmsg+0x21f/0x2a0
[  125.280468][ T6455]  ? __pfx____sys_sendmsg+0x10/0x10
[  125.280511][ T6455]  ? __fget_files+0x2a/0x420
[  125.280523][ T6455]  ? __fget_files+0x3a0/0x420
[  125.280543][ T6455]  __sys_sendmsg+0x164/0x220
[  125.280562][ T6455]  ? __pfx___sys_sendmsg+0x10/0x10
[  125.280592][ T6455]  ? lockdep_hardirqs_on+0x9c/0x150
[  125.280608][ T6455]  __do_fast_syscall_32+0xb6/0x2b0
[  125.280625][ T6455]  ? lockdep_hardirqs_on+0x9c/0x150
[  125.280642][ T6455]  do_fast_syscall_32+0x34/0x80
[  125.280657][ T6455]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  125.280675][ T6455] RIP: 0023:0xf7fc5539
[  125.280687][ T6455] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  125.280699][ T6455] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  125.280714][ T6455] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  125.280724][ T6455] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  125.280732][ T6455] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  125.280740][ T6455] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  125.280748][ T6455] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  125.280768][ T6455]  </TASK>
[  125.552226][    C1] vkms_vblank_simulate: vblank timer overrun
[  125.601217][ T6438] netlink: 8 bytes leftover after parsing attributes in process `syz.1.176'.
[  125.621095][ T6457] syzkaller0: entered promiscuous mode
[  125.628256][ T6457] syzkaller0: entered allmulticast mode
[  125.714199][ T5958] usb 1-1: USB disconnect, device number 6
[  125.871276][   T44] dvb-usb: found a 'Hanftek UMT-010 DVB-T USB2.0' in warm state.
[  125.879482][   T44] dvb-usb: bulk message failed: -22 (3/0)
[  125.911579][   T44] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  125.938747][   T44] dvbdev: DVB: registering new adapter (Hanftek UMT-010 DVB-T USB2.0)
[  125.976976][   T44] usb 2-1: media controller created
[  126.054868][   T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  126.454610][   T44] DVB: Unable to find symbol mt352_attach()
[  126.460816][   T44] dvb-usb: no frontend was attached by 'Hanftek UMT-010 DVB-T USB2.0'
[  126.519765][   T44] dvb-usb: bulk message failed: -22 (3/0)
[  126.577076][   T44] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 successfully initialized and connected.
[  126.632554][   T44] usb 2-1: USB disconnect, device number 6
[  126.769086][   T44] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 successfully deinitialized and disconnected.
[  126.924154][ T6489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.194'.
[  127.018218][ T6495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.194'.
[  127.128128][ T6498] FAULT_INJECTION: forcing a failure.
[  127.128128][ T6498] name failslab, interval 1, probability 0, space 0, times 0
[  127.141118][ T6498] CPU: 1 UID: 0 PID: 6498 Comm: syz.3.198 Not tainted syzkaller #0 PREEMPT(full) 
[  127.141145][ T6498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  127.141157][ T6498] Call Trace:
[  127.141165][ T6498]  <TASK>
[  127.141174][ T6498]  dump_stack_lvl+0x189/0x250
[  127.141204][ T6498]  ? __pfx____ratelimit+0x10/0x10
[  127.141224][ T6498]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.141248][ T6498]  ? __pfx__printk+0x10/0x10
[  127.141284][ T6498]  ? __lock_acquire+0xab9/0xd20
[  127.141318][ T6498]  should_fail_ex+0x414/0x560
[  127.141352][ T6498]  should_failslab+0xa8/0x100
[  127.141383][ T6498]  kmem_cache_alloc_noprof+0x73/0x3c0
[  127.141409][ T6498]  ? dst_alloc+0x105/0x170
[  127.141438][ T6498]  dst_alloc+0x105/0x170
[  127.141467][ T6498]  ip_route_input_rcu+0x1ed5/0x2ff0
[  127.141507][ T6498]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  127.141530][ T6498]  ? inet_ehashfn+0x8d/0x210
[  127.141578][ T6498]  ? ip_route_input_noref+0x98/0x250
[  127.141606][ T6498]  ip_route_input_noref+0x167/0x250
[  127.141635][ T6498]  ? __pfx_ip_route_input_noref+0x10/0x10
[  127.141667][ T6498]  ? tcp_v4_early_demux+0x4e1/0x9d0
[  127.141686][ T6498]  ? tcp_v4_early_demux+0x5ec/0x9d0
[  127.141717][ T6498]  ip_rcv_finish_core+0x5af/0x1c00
[  127.141752][ T6498]  ip_rcv_finish+0x14c/0x2f0
[  127.141774][ T6498]  NF_HOOK+0x309/0x3a0
[  127.141796][ T6498]  ? __pfx_ip_rcv_finish+0x10/0x10
[  127.141814][ T6498]  ? NF_HOOK+0x9a/0x3a0
[  127.141832][ T6498]  ? __pfx_NF_HOOK+0x10/0x10
[  127.141848][ T6498]  ? ip_rcv_core+0x7f7/0xd00
[  127.141870][ T6498]  ? __pfx_ip_rcv_finish+0x10/0x10
[  127.141901][ T6498]  ? __pfx_ip_rcv+0x10/0x10
[  127.141919][ T6498]  __netif_receive_skb+0x143/0x380
[  127.141958][ T6498]  ? netif_receive_skb+0x115/0x790
[  127.141987][ T6498]  netif_receive_skb+0x1cb/0x790
[  127.142027][ T6498]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  127.142048][ T6498]  ? __pfx_netif_receive_skb+0x10/0x10
[  127.142085][ T6498]  ? tun_rx_batched+0x160/0x730
[  127.142110][ T6498]  tun_rx_batched+0x1b9/0x730
[  127.142132][ T6498]  ? __lock_acquire+0xab9/0xd20
[  127.142167][ T6498]  ? __pfx_tun_rx_batched+0x10/0x10
[  127.142194][ T6498]  ? tun_get_user+0x266c/0x3e20
[  127.142233][ T6498]  tun_get_user+0x2aa2/0x3e20
[  127.142265][ T6498]  ? tun_get_user+0x6f6/0x3e20
[  127.142289][ T6498]  ? tun_get_user+0x266c/0x3e20
[  127.142317][ T6498]  ? aa_file_perm+0x44d/0x1550
[  127.142338][ T6498]  ? __pfx_tun_get_user+0x10/0x10
[  127.142373][ T6498]  ? __lock_acquire+0xab9/0xd20
[  127.142409][ T6498]  ? ref_tracker_alloc+0x318/0x460
[  127.142426][ T6498]  ? __lock_acquire+0xab9/0xd20
[  127.142457][ T6498]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  127.142480][ T6498]  ? tun_get+0x1c/0x2f0
[  127.142509][ T6498]  ? tun_get+0x1c/0x2f0
[  127.142531][ T6498]  ? tun_get+0x1c/0x2f0
[  127.142559][ T6498]  tun_chr_write_iter+0x113/0x200
[  127.142585][ T6498]  vfs_write+0x5c6/0xb30
[  127.142619][ T6498]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  127.142642][ T6498]  ? __pfx_vfs_write+0x10/0x10
[  127.142682][ T6498]  ? __fget_files+0x2a/0x420
[  127.142710][ T6498]  ksys_write+0x145/0x250
[  127.142740][ T6498]  ? __pfx_ksys_write+0x10/0x10
[  127.142771][ T6498]  ? lockdep_hardirqs_on+0x9c/0x150
[  127.142796][ T6498]  __do_fast_syscall_32+0xb6/0x2b0
[  127.142819][ T6498]  ? lockdep_hardirqs_on+0x9c/0x150
[  127.142843][ T6498]  do_fast_syscall_32+0x34/0x80
[  127.142865][ T6498]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.142890][ T6498] RIP: 0023:0xf7f63539
[  127.142909][ T6498] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  127.142925][ T6498] RSP: 002b:00000000f5476520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  127.142946][ T6498] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000640
[  127.142960][ T6498] RDX: 0000000000000076 RSI: 00000000f73f4ff4 RDI: 0000000000000000
[  127.142972][ T6498] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  127.142983][ T6498] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  127.142995][ T6498] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.143034][ T6498]  </TASK>
[  127.546401][    C1] vkms_vblank_simulate: vblank timer overrun
[  127.574846][ T6499] netlink: 28 bytes leftover after parsing attributes in process `syz.1.196'.
[  127.652410][ T6507] netlink: 48 bytes leftover after parsing attributes in process `syz.2.200'.
[  127.674832][ T6507] vlan2: entered allmulticast mode
[  127.680109][ T6507] hsr0: entered allmulticast mode
[  127.685314][ T6507] hsr_slave_0: entered allmulticast mode
[  127.691629][ T6507] hsr_slave_1: entered allmulticast mode
[  127.804180][ T6510] syzkaller0: entered promiscuous mode
[  127.813687][ T6510] syzkaller0: entered allmulticast mode
[  128.155665][ T6530] FAULT_INJECTION: forcing a failure.
[  128.155665][ T6530] name failslab, interval 1, probability 0, space 0, times 0
[  128.179254][ T6530] CPU: 0 UID: 0 PID: 6530 Comm: syz.3.207 Not tainted syzkaller #0 PREEMPT(full) 
[  128.179284][ T6530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  128.179297][ T6530] Call Trace:
[  128.179305][ T6530]  <TASK>
[  128.179314][ T6530]  dump_stack_lvl+0x189/0x250
[  128.179345][ T6530]  ? __pfx____ratelimit+0x10/0x10
[  128.179367][ T6530]  ? __pfx_dump_stack_lvl+0x10/0x10
[  128.179392][ T6530]  ? __pfx__printk+0x10/0x10
[  128.179428][ T6530]  ? __pfx___might_resched+0x10/0x10
[  128.179454][ T6530]  should_fail_ex+0x414/0x560
[  128.179490][ T6530]  should_failslab+0xa8/0x100
[  128.179523][ T6530]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  128.179553][ T6530]  ? __alloc_skb+0x112/0x2d0
[  128.179581][ T6530]  __alloc_skb+0x112/0x2d0
[  128.179608][ T6530]  netlink_sendmsg+0x5c6/0xb30
[  128.179642][ T6530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.179668][ T6530]  ? __import_iovec+0x5d4/0x7f0
[  128.179693][ T6530]  ? aa_sock_msg_perm+0xf1/0x1d0
[  128.179716][ T6530]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  128.179739][ T6530]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.179763][ T6530]  __sock_sendmsg+0x21c/0x270
[  128.179798][ T6530]  ____sys_sendmsg+0x505/0x830
[  128.179831][ T6530]  ? __pfx_____sys_sendmsg+0x10/0x10
[  128.179876][ T6530]  ___sys_sendmsg+0x21f/0x2a0
[  128.179905][ T6530]  ? __pfx____sys_sendmsg+0x10/0x10
[  128.179980][ T6530]  ? __fget_files+0x2a/0x420
[  128.179998][ T6530]  ? __fget_files+0x3a0/0x420
[  128.180029][ T6530]  __sys_sendmsg+0x164/0x220
[  128.180058][ T6530]  ? __pfx___sys_sendmsg+0x10/0x10
[  128.180102][ T6530]  ? lockdep_hardirqs_on+0x9c/0x150
[  128.180127][ T6530]  __do_fast_syscall_32+0xb6/0x2b0
[  128.180152][ T6530]  ? lockdep_hardirqs_on+0x9c/0x150
[  128.180177][ T6530]  do_fast_syscall_32+0x34/0x80
[  128.180200][ T6530]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  128.180226][ T6530] RIP: 0023:0xf7f63539
[  128.180243][ T6530] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  128.180261][ T6530] RSP: 002b:00000000f547655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  128.180282][ T6530] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  128.180299][ T6530] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  128.180310][ T6530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  128.180320][ T6530] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  128.180330][ T6530] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  128.180356][ T6530]  </TASK>
[  128.453061][ T6532] netlink: 'syz.2.208': attribute type 11 has an invalid length.
[  129.236858][ T5958] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  129.480557][ T5958] usb 3-1: config 0 has no interfaces?
[  129.498480][ T5958] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  129.530388][ T5958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.554750][ T5958] usb 3-1: Product: syz
[  129.570096][ T5958] usb 3-1: Manufacturer: syz
[  129.676721][ T6556] netlink: 28 bytes leftover after parsing attributes in process `syz.0.214'.
[  129.695695][ T5958] usb 3-1: SerialNumber: syz
[  129.727681][ T5958] usb 3-1: config 0 descriptor??
[  129.974838][ T6544] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.986771][ T6544] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.616647][ T6571] tipc: Enabled bearer <udp:syz2>, priority 10
[  131.479689][ T6579] FAULT_INJECTION: forcing a failure.
[  131.479689][ T6579] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.499684][ T6579] CPU: 0 UID: 0 PID: 6579 Comm: syz.1.222 Not tainted syzkaller #0 PREEMPT(full) 
[  131.499713][ T6579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  131.499725][ T6579] Call Trace:
[  131.499733][ T6579]  <TASK>
[  131.499741][ T6579]  dump_stack_lvl+0x189/0x250
[  131.499770][ T6579]  ? __pfx____ratelimit+0x10/0x10
[  131.499790][ T6579]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.499814][ T6579]  ? __pfx__printk+0x10/0x10
[  131.499842][ T6579]  ? __might_fault+0xb0/0x130
[  131.499882][ T6579]  should_fail_ex+0x414/0x560
[  131.499917][ T6579]  _copy_from_user+0x2d/0xb0
[  131.499945][ T6579]  get_compat_msghdr+0xad/0x4a0
[  131.499976][ T6579]  ? __pfx_get_compat_msghdr+0x10/0x10
[  131.500013][ T6579]  ___sys_sendmsg+0x193/0x2a0
[  131.500042][ T6579]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.500106][ T6579]  ? __fget_files+0x2a/0x420
[  131.500123][ T6579]  ? __fget_files+0x3a0/0x420
[  131.500152][ T6579]  __sys_sendmsg+0x164/0x220
[  131.500180][ T6579]  ? __pfx___sys_sendmsg+0x10/0x10
[  131.500221][ T6579]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.500245][ T6579]  __do_fast_syscall_32+0xb6/0x2b0
[  131.500268][ T6579]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.500292][ T6579]  do_fast_syscall_32+0x34/0x80
[  131.500314][ T6579]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  131.500338][ T6579] RIP: 0023:0xf7f93539
[  131.500355][ T6579] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  131.500372][ T6579] RSP: 002b:00000000f54a655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  131.500393][ T6579] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  131.500407][ T6579] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  131.500418][ T6579] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  131.500429][ T6579] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  131.500441][ T6579] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  131.500470][ T6579]  </TASK>
[  131.856735][ T5951] tipc: Node number set to 2791449898
[  131.888905][   T44] usb 3-1: USB disconnect, device number 8
[  132.161788][ T6585] netlink: 12 bytes leftover after parsing attributes in process `syz.2.224'.
[  132.211232][ T6586] syzkaller0: entered promiscuous mode
[  132.224528][ T6586] syzkaller0: entered allmulticast mode
[  132.237426][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz.2.224'.
[  132.402748][ T6577] AppArmor: change_hat: Invalid input 'ˆ'
[  132.693134][ T6596] netlink: 28 bytes leftover after parsing attributes in process `syz.4.227'.
[  132.914412][ T6600] FAULT_INJECTION: forcing a failure.
[  132.914412][ T6600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.935995][  T981] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  132.966251][ T6600] CPU: 0 UID: 0 PID: 6600 Comm: syz.1.229 Not tainted syzkaller #0 PREEMPT(full) 
[  132.966280][ T6600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.966291][ T6600] Call Trace:
[  132.966298][ T6600]  <TASK>
[  132.966305][ T6600]  dump_stack_lvl+0x189/0x250
[  132.966330][ T6600]  ? __pfx____ratelimit+0x10/0x10
[  132.966346][ T6600]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.966365][ T6600]  ? __pfx__printk+0x10/0x10
[  132.966388][ T6600]  ? __might_fault+0xb0/0x130
[  132.966423][ T6600]  should_fail_ex+0x414/0x560
[  132.966451][ T6600]  _copy_from_iter+0x1de/0x1790
[  132.966486][ T6600]  ? rcu_is_watching+0x15/0xb0
[  132.966504][ T6600]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  132.966527][ T6600]  ? __pfx__copy_from_iter+0x10/0x10
[  132.966547][ T6600]  ? __build_skb_around+0x257/0x3e0
[  132.966567][ T6600]  ? netlink_sendmsg+0x642/0xb30
[  132.966582][ T6600]  ? skb_put+0x11b/0x210
[  132.966602][ T6600]  netlink_sendmsg+0x6b2/0xb30
[  132.966626][ T6600]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.966645][ T6600]  ? __import_iovec+0x5d4/0x7f0
[  132.966663][ T6600]  ? aa_sock_msg_perm+0xf1/0x1d0
[  132.966680][ T6600]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  132.966698][ T6600]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.966715][ T6600]  __sock_sendmsg+0x21c/0x270
[  132.966743][ T6600]  ____sys_sendmsg+0x505/0x830
[  132.966767][ T6600]  ? __pfx_____sys_sendmsg+0x10/0x10
[  132.966799][ T6600]  ___sys_sendmsg+0x21f/0x2a0
[  132.966821][ T6600]  ? __pfx____sys_sendmsg+0x10/0x10
[  132.966869][ T6600]  ? __fget_files+0x2a/0x420
[  132.966882][ T6600]  ? __fget_files+0x3a0/0x420
[  132.966904][ T6600]  __sys_sendmsg+0x164/0x220
[  132.966925][ T6600]  ? __pfx___sys_sendmsg+0x10/0x10
[  132.966957][ T6600]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.966975][ T6600]  __do_fast_syscall_32+0xb6/0x2b0
[  132.966994][ T6600]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.967012][ T6600]  do_fast_syscall_32+0x34/0x80
[  132.967029][ T6600]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  132.967049][ T6600] RIP: 0023:0xf7f93539
[  132.967063][ T6600] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  132.967076][ T6600] RSP: 002b:00000000f54a655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  132.967092][ T6600] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  132.967103][ T6600] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  132.967112][ T6600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  132.967121][ T6600] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  132.967129][ T6600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  132.967151][ T6600]  </TASK>
[  133.260175][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  133.275448][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.300337][ T6602] netlink: 4 bytes leftover after parsing attributes in process `syz.4.230'.
[  133.437628][  T981] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  133.461395][  T981] usb 3-1: config 0 has no interface number 0
[  133.498730][  T981] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  133.587176][  T981] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.632553][  T981] usb 3-1: config 0 descriptor??
[  133.667272][ T6611] capability: warning: `syz.3.235' uses deprecated v2 capabilities in a way that may be insecure
[  133.679136][  T981] usb 3-1: selecting invalid altsetting 1
[  133.700168][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.234'.
[  133.710181][  T981] dvb_ttusb_budget: ttusb_init_controller: error
[  133.723713][  T981] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  133.746697][ T5950] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  133.830048][  T981] DVB: Unable to find symbol cx22700_attach()
[  133.902510][ T5950] usb 2-1: Using ep0 maxpacket: 32
[  133.925086][  T981] DVB: Unable to find symbol tda10046_attach()
[  133.938789][ T5950] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  133.959528][  T981] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  133.976297][ T5950] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  133.987491][ T5929] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  134.000596][  T981] usb 3-1: USB disconnect, device number 9
[  134.009831][ T5950] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  134.040212][ T5950] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.083400][ T5950] usb 2-1: config 0 descriptor??
[  134.149809][ T6623] syzkaller0: entered promiscuous mode
[  134.159170][ T5929] usb 4-1: New USB device found, idVendor=041e, idProduct=400c, bcdDevice=af.98
[  134.168929][ T6623] syzkaller0: entered allmulticast mode
[  134.174668][ T5929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.226481][ T5929] usb 4-1: config 0 descriptor??
[  134.280893][ T5929] pwc: Creative Labs Webcam 5 detected.
[  134.442063][ T6630] usb usb8: usbfs: process 6630 (syz.1.231) did not claim interface 0 before use
[  134.702237][ T6638] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  135.136945][ T6648] FAULT_INJECTION: forcing a failure.
[  135.136945][ T6648] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.171443][ T6648] CPU: 0 UID: 0 PID: 6648 Comm: syz.2.248 Not tainted syzkaller #0 PREEMPT(full) 
[  135.171481][ T6648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.171493][ T6648] Call Trace:
[  135.171501][ T6648]  <TASK>
[  135.171510][ T6648]  dump_stack_lvl+0x189/0x250
[  135.171540][ T6648]  ? __pfx____ratelimit+0x10/0x10
[  135.171561][ T6648]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.171585][ T6648]  ? __pfx__printk+0x10/0x10
[  135.171613][ T6648]  ? __might_fault+0xb0/0x130
[  135.171653][ T6648]  should_fail_ex+0x414/0x560
[  135.171689][ T6648]  _copy_from_iter+0x1de/0x1790
[  135.171720][ T6648]  ? rcu_is_watching+0x15/0xb0
[  135.171742][ T6648]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  135.171771][ T6648]  ? __pfx__copy_from_iter+0x10/0x10
[  135.171796][ T6648]  ? __build_skb_around+0x257/0x3e0
[  135.171822][ T6648]  ? netlink_sendmsg+0x642/0xb30
[  135.171842][ T6648]  ? skb_put+0x11b/0x210
[  135.171868][ T6648]  netlink_sendmsg+0x6b2/0xb30
[  135.171900][ T6648]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.171924][ T6648]  ? __import_iovec+0x5d4/0x7f0
[  135.171947][ T6648]  ? aa_sock_msg_perm+0xf1/0x1d0
[  135.171969][ T6648]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  135.171991][ T6648]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.172014][ T6648]  __sock_sendmsg+0x21c/0x270
[  135.172047][ T6648]  ____sys_sendmsg+0x505/0x830
[  135.172078][ T6648]  ? __pfx_____sys_sendmsg+0x10/0x10
[  135.172120][ T6648]  ___sys_sendmsg+0x21f/0x2a0
[  135.172148][ T6648]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.172212][ T6648]  ? __fget_files+0x2a/0x420
[  135.172229][ T6648]  ? __fget_files+0x3a0/0x420
[  135.172257][ T6648]  __sys_sendmsg+0x164/0x220
[  135.172285][ T6648]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.172327][ T6648]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.172350][ T6648]  __do_fast_syscall_32+0xb6/0x2b0
[  135.172381][ T6648]  do_fast_syscall_32+0x34/0x80
[  135.172412][ T6648]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.172436][ T6648] RIP: 0023:0xf7fc5539
[  135.172453][ T6648] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  135.172470][ T6648] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  135.172490][ T6648] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  135.172504][ T6648] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  135.172515][ T6648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.172526][ T6648] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  135.172542][ T6648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.172571][ T6648]  </TASK>
[  135.436311][    C0] vkms_vblank_simulate: vblank timer overrun
[  135.781925][ T6656] syzkaller0: entered promiscuous mode
[  135.842467][ T6656] syzkaller0: entered allmulticast mode
[  135.872188][ T6660] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  136.140481][ T6668] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  136.147247][ T6668] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  136.188823][ T6668] vhci_hcd vhci_hcd.0: Device attached
[  136.214263][ T6669] vhci_hcd: connection closed
[  136.219739][   T64] vhci_hcd: stop threads
[  136.231677][   T64] vhci_hcd: release socket
[  136.239584][   T64] vhci_hcd: disconnect device
[  136.453632][ T6673] netlink: 652 bytes leftover after parsing attributes in process `syz.4.258'.
[  136.545608][  T981] usb 2-1: USB disconnect, device number 7
[  136.967663][ T6683] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  136.974247][ T6683] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  137.009919][ T6683] vhci_hcd vhci_hcd.0: Device attached
[  137.052624][ T6686] netlink: 24 bytes leftover after parsing attributes in process `syz.0.261'.
[  137.100186][ T6684] vhci_hcd: connection closed
[  137.102643][ T4565] vhci_hcd: stop threads
[  137.125628][ T4565] vhci_hcd: release socket
[  137.126512][   T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  137.139648][ T4565] vhci_hcd: disconnect device
[  137.199415][    T9] vhci_hcd: vhci_device speed not set
[  137.379119][ T6694] netlink: 652 bytes leftover after parsing attributes in process `syz.4.264'.
[  137.440560][   T10] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  137.450965][   T10] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  137.479460][   T10] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  137.502496][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.534933][ T5929] pwc: Failed to set LED on/off time (-71)
[  137.562246][ T5929] pwc: send_video_command error -71
[  137.567951][ T5929] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  137.577877][ T5929] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[  137.624360][ T5929] usb 4-1: USB disconnect, device number 4
[  137.893854][ T6679] delete_channel: no stack
[  137.908759][   T92] usb 2-1: USB disconnect, device number 8
[  138.049949][ T6706] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  138.441634][ T6714] netlink: 652 bytes leftover after parsing attributes in process `syz.0.271'.
[  138.443043][ T6712] syzkaller0: entered promiscuous mode
[  138.456745][ T6712] syzkaller0: entered allmulticast mode
[  139.760428][ T6725] netlink: 652 bytes leftover after parsing attributes in process `syz.4.276'.
[  139.937743][ T6727] FAULT_INJECTION: forcing a failure.
[  139.937743][ T6727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.039089][ T6727] CPU: 0 UID: 0 PID: 6727 Comm: syz.2.277 Not tainted syzkaller #0 PREEMPT(full) 
[  140.039117][ T6727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  140.039128][ T6727] Call Trace:
[  140.039135][ T6727]  <TASK>
[  140.039143][ T6727]  dump_stack_lvl+0x189/0x250
[  140.039173][ T6727]  ? __pfx____ratelimit+0x10/0x10
[  140.039202][ T6727]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.039226][ T6727]  ? __pfx__printk+0x10/0x10
[  140.039253][ T6727]  ? __might_fault+0xb0/0x130
[  140.039294][ T6727]  should_fail_ex+0x414/0x560
[  140.039329][ T6727]  _copy_from_user+0x2d/0xb0
[  140.039357][ T6727]  cmsghdr_from_user_compat_to_kern+0x50b/0x800
[  140.039396][ T6727]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  140.039430][ T6727]  ____sys_sendmsg+0x20f/0x830
[  140.039461][ T6727]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.039502][ T6727]  ___sys_sendmsg+0x21f/0x2a0
[  140.039529][ T6727]  ? __pfx____sys_sendmsg+0x10/0x10
[  140.039589][ T6727]  ? __fget_files+0x2a/0x420
[  140.039604][ T6727]  ? __fget_files+0x3a0/0x420
[  140.039631][ T6727]  __sys_sendmmsg+0x28e/0x430
[  140.039660][ T6727]  ? __pfx___sys_sendmmsg+0x10/0x10
[  140.039695][ T6727]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  140.039735][ T6727]  ? ksys_write+0x22a/0x250
[  140.039772][ T6727]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  140.039798][ T6727]  __do_fast_syscall_32+0xb6/0x2b0
[  140.039820][ T6727]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.039843][ T6727]  do_fast_syscall_32+0x34/0x80
[  140.039864][ T6727]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.039888][ T6727] RIP: 0023:0xf7fc5539
[  140.039905][ T6727] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  140.039921][ T6727] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  140.039942][ T6727] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080003340
[  140.039955][ T6727] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  140.039966][ T6727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.039976][ T6727] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  140.039987][ T6727] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.040016][ T6727]  </TASK>
[  140.043937][ T6729] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  140.630416][ T6743] netlink: 'syz.4.280': attribute type 4 has an invalid length.
[  140.639493][ T6745] binder: 6744:6745 ioctl 4018620d 0 returned -22
[  140.679487][ T6747] netlink: 652 bytes leftover after parsing attributes in process `syz.3.284'.
[  140.823809][ T6754] binder: 6744:6754 ioctl c0306201 80000180 returned -14
[  140.894974][ T6756] netlink: 'syz.4.280': attribute type 4 has an invalid length.
[  141.470878][ T6750] syzkaller0: entered promiscuous mode
[  141.502895][ T6750] syzkaller0: entered allmulticast mode
[  142.112059][ T6769] program syz.1.290 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  142.397068][   T92] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  142.508655][ T6776] netlink: 652 bytes leftover after parsing attributes in process `syz.3.291'.
[  142.575384][ T6778] syzkaller0: entered promiscuous mode
[  142.605834][ T6778] syzkaller0: entered allmulticast mode
[  142.623577][   T92] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  142.662135][ T6781] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  142.679907][   T92] usb 1-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  142.725827][   T92] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  142.765480][   T92] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.002459][ T6787] netlink: 652 bytes leftover after parsing attributes in process `syz.3.296'.
[  143.268110][ T6791] binder: 6790:6791 ioctl 4018620d 0 returned -22
[  143.326420][ T6793] netlink: 48 bytes leftover after parsing attributes in process `syz.3.299'.
[  143.435415][ T6794] binder: 6790:6794 ioctl c0306201 80000180 returned -14
[  143.713707][ T6802] syzkaller0: entered promiscuous mode
[  143.734553][ T6802] syzkaller0: entered allmulticast mode
[  143.960660][ T6804] netlink: 652 bytes leftover after parsing attributes in process `syz.4.304'.
[  144.270656][ T6814] FAULT_INJECTION: forcing a failure.
[  144.270656][ T6814] name failslab, interval 1, probability 0, space 0, times 0
[  144.318853][ T6814] CPU: 1 UID: 0 PID: 6814 Comm: syz.3.308 Not tainted syzkaller #0 PREEMPT(full) 
[  144.318881][ T6814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.318894][ T6814] Call Trace:
[  144.318902][ T6814]  <TASK>
[  144.318910][ T6814]  dump_stack_lvl+0x189/0x250
[  144.318941][ T6814]  ? __pfx____ratelimit+0x10/0x10
[  144.318962][ T6814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.318986][ T6814]  ? __pfx__printk+0x10/0x10
[  144.319020][ T6814]  ? __pfx___might_resched+0x10/0x10
[  144.319045][ T6814]  should_fail_ex+0x414/0x560
[  144.319080][ T6814]  should_failslab+0xa8/0x100
[  144.319112][ T6814]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  144.319140][ T6814]  ? __alloc_skb+0x112/0x2d0
[  144.319167][ T6814]  __alloc_skb+0x112/0x2d0
[  144.319193][ T6814]  netlink_sendmsg+0x5c6/0xb30
[  144.319226][ T6814]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.319251][ T6814]  ? __import_iovec+0x5d4/0x7f0
[  144.319276][ T6814]  ? aa_sock_msg_perm+0xf1/0x1d0
[  144.319297][ T6814]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  144.319319][ T6814]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.319341][ T6814]  __sock_sendmsg+0x21c/0x270
[  144.319375][ T6814]  ____sys_sendmsg+0x505/0x830
[  144.319406][ T6814]  ? __pfx_____sys_sendmsg+0x10/0x10
[  144.319449][ T6814]  ___sys_sendmsg+0x21f/0x2a0
[  144.319477][ T6814]  ? __pfx____sys_sendmsg+0x10/0x10
[  144.319540][ T6814]  ? __fget_files+0x2a/0x420
[  144.319558][ T6814]  ? __fget_files+0x3a0/0x420
[  144.319587][ T6814]  __sys_sendmsg+0x164/0x220
[  144.319615][ T6814]  ? __pfx___sys_sendmsg+0x10/0x10
[  144.319664][ T6814]  ? lockdep_hardirqs_on+0x9c/0x150
[  144.319689][ T6814]  __do_fast_syscall_32+0xb6/0x2b0
[  144.319712][ T6814]  ? lockdep_hardirqs_on+0x9c/0x150
[  144.319736][ T6814]  do_fast_syscall_32+0x34/0x80
[  144.319758][ T6814]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.319783][ T6814] RIP: 0023:0xf7f63539
[  144.319800][ T6814] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  144.319817][ T6814] RSP: 002b:00000000f547655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  144.319843][ T6814] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  144.319856][ T6814] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  144.319868][ T6814] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.319879][ T6814] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  144.319890][ T6814] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.319919][ T6814]  </TASK>
[  144.733668][ T6819] netlink: 652 bytes leftover after parsing attributes in process `syz.3.310'.
[  144.810576][ T6820] syzkaller0: entered promiscuous mode
[  144.842777][ T6820] syzkaller0: entered allmulticast mode
[  144.874725][ T6820] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  144.929977][ T6827] netlink: 48 bytes leftover after parsing attributes in process `syz.4.313'.
[  145.292363][ T6838] syzkaller0: entered promiscuous mode
[  145.304695][ T6838] syzkaller0: entered allmulticast mode
[  145.304791][ T6840] binder: 6839:6840 ioctl 4018620d 0 returned -22
[  145.511812][ T6844] netlink: 652 bytes leftover after parsing attributes in process `syz.4.318'.
[  145.743405][   T92] usb 1-1: USB disconnect, device number 7
[  145.751666][ T6765] delete_channel: no stack
[  145.955283][ T6854] netlink: 'syz.1.320': attribute type 4 has an invalid length.
[  146.007311][ T6855] netlink: 'syz.1.320': attribute type 4 has an invalid length.
[  146.096947][ T6857] netlink: 652 bytes leftover after parsing attributes in process `syz.2.323'.
[  146.435523][ T6865] netlink: 48 bytes leftover after parsing attributes in process `syz.2.326'.
[  146.535021][ T6867] syzkaller0: entered promiscuous mode
[  146.569014][ T6867] syzkaller0: entered allmulticast mode
[  146.661717][ T6870] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  146.904545][ T6873] netlink: 412 bytes leftover after parsing attributes in process `syz.2.329'.
[  147.062553][ T6873] 8021q: VLANs not supported on ipvlan0
[  147.186650][ T6877] syzkaller0: entered promiscuous mode
[  147.192199][ T6877] syzkaller0: entered allmulticast mode
[  147.414879][ T6889] binder: BINDER_SET_CONTEXT_MGR already set
[  147.422145][ T6889] binder: 6888:6889 ioctl 4018620d 80004a80 returned -16
[  147.536610][ T6893] binder: 6888:6893 ioctl c0306201 80000180 returned -14
[  147.769421][   T44] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  147.928276][   T44] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  147.963637][   T44] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  148.006723][   T44] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  148.043636][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.091698][ T6906] syzkaller0: entered promiscuous mode
[  148.107665][ T6906] syzkaller0: entered allmulticast mode
[  148.127682][ T6906] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  148.153557][ T6906] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  148.225292][ T6909] tipc: Resetting bearer <eth:syzkaller0>
[  148.332046][ T6905] tipc: Resetting bearer <eth:syzkaller0>
[  148.415076][ T6905] tipc: Disabling bearer <eth:syzkaller0>
[  148.865193][ T6922] __nla_validate_parse: 2 callbacks suppressed
[  148.865208][ T6922] netlink: 512 bytes leftover after parsing attributes in process `syz.1.347'.
[  149.344036][ T6931] syzkaller0: entered promiscuous mode
[  149.353673][ T6931] syzkaller0: entered allmulticast mode
[  149.974157][ T6942] binder: BINDER_SET_CONTEXT_MGR already set
[  149.994348][ T6942] binder: 6940:6942 ioctl 4018620d 80004a80 returned -16
[  150.024360][ T6945] syzkaller0: entered promiscuous mode
[  150.072726][ T6945] syzkaller0: entered allmulticast mode
[  150.085210][ T6945] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  150.099984][ T6945] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  150.143571][ T6945] tipc: Resetting bearer <eth:syzkaller0>
[  150.174560][ T6943] tipc: Resetting bearer <eth:syzkaller0>
[  150.215528][ T6943] tipc: Disabling bearer <eth:syzkaller0>
[  150.220601][ T6951] vxcan0: tx drop: invalid da for name 0x0000000000040000
[  150.700352][ T6960] netlink: 512 bytes leftover after parsing attributes in process `syz.0.361'.
[  150.740181][ T6942] binder: 6940:6942 ioctl c0306201 80000180 returned -14
[  150.769757][   T92] usb 5-1: USB disconnect, device number 4
[  150.787511][ T6887] delete_channel: no stack
[  151.729562][ T6982] syzkaller0: entered promiscuous mode
[  151.755557][ T6982] syzkaller0: entered allmulticast mode
[  151.783543][ T6982] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.847348][ T6982] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  151.869510][ T6982] tipc: Resetting bearer <eth:syzkaller0>
[  151.943402][ T6991] binder: BINDER_SET_CONTEXT_MGR already set
[  151.956509][ T6981] tipc: Resetting bearer <eth:syzkaller0>
[  151.962500][ T6991] binder: 6988:6991 ioctl 4018620d 80004a80 returned -16
[  152.031142][ T6981] tipc: Disabling bearer <eth:syzkaller0>
[  152.040694][ T6995] binder: 6988:6995 ioctl c0306201 80000180 returned -14
[  152.485905][   T92] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  152.553436][ T7006] syzkaller0: entered promiscuous mode
[  152.575675][ T7006] syzkaller0: entered allmulticast mode
[  152.642173][   T92] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  152.666896][   T92] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  152.693574][   T92] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  152.761739][   T92] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.145941][   T92] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  153.333371][   T92] usb 2-1: Using ep0 maxpacket: 8
[  153.360102][   T92] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  153.369577][   T92] usb 2-1: config 179 has no interface number 0
[  153.383216][   T92] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  153.551575][   T92] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  153.593777][   T92] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  153.657817][   T92] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  153.681787][   T92] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  153.713947][   T92] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  153.736189][   T92] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.753312][ T7010] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  153.847967][ T7026] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  154.081170][    T9] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input5
[  154.269274][ T7010] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.355513][ T7010] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.637244][ T7010] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.661540][ T7010] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.703094][ T7035] binder: 7034:7035 ioctl c0306201 0 returned -14
[  154.716343][ T7010] xt_HMARK: proto mask must be zero with L3 mode
[  154.808972][ T7039] netlink: 4 bytes leftover after parsing attributes in process `syz.1.381'.
[  154.822504][ T7038] binder: 7034:7038 ioctl c0306201 80000180 returned -14
[  154.885005][ T7040] syzkaller0: entered promiscuous mode
[  154.892066][ T7040] syzkaller0: entered allmulticast mode
[  154.906849][ T7010] tipc: Started in network mode
[  154.914743][ T7010] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[  154.929947][ T7010] tipc: Enabled bearer <udp:syz1>, priority 10
[  154.981391][ T5950] usb 2-1: USB disconnect, device number 10
[  154.981540][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  154.996170][    C0] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  155.079141][ T6997] delete_channel: no stack
[  155.114987][    T9] usb 3-1: USB disconnect, device number 10
[  155.255498][ T7046] FAULT_INJECTION: forcing a failure.
[  155.255498][ T7046] name failslab, interval 1, probability 0, space 0, times 0
[  155.274886][ T7046] CPU: 1 UID: 0 PID: 7046 Comm: syz.0.395 Not tainted syzkaller #0 PREEMPT(full) 
[  155.274917][ T7046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  155.274930][ T7046] Call Trace:
[  155.274939][ T7046]  <TASK>
[  155.274948][ T7046]  dump_stack_lvl+0x189/0x250
[  155.274978][ T7046]  ? __pfx____ratelimit+0x10/0x10
[  155.274998][ T7046]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.275023][ T7046]  ? __pfx__printk+0x10/0x10
[  155.275057][ T7046]  ? __pfx___might_resched+0x10/0x10
[  155.275081][ T7046]  should_fail_ex+0x414/0x560
[  155.275118][ T7046]  should_failslab+0xa8/0x100
[  155.275149][ T7046]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  155.275179][ T7046]  ? __alloc_skb+0x112/0x2d0
[  155.275205][ T7046]  __alloc_skb+0x112/0x2d0
[  155.275232][ T7046]  netlink_sendmsg+0x5c6/0xb30
[  155.275265][ T7046]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.275290][ T7046]  ? __import_iovec+0x5d4/0x7f0
[  155.275314][ T7046]  ? aa_sock_msg_perm+0xf1/0x1d0
[  155.275336][ T7046]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  155.275359][ T7046]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.275382][ T7046]  __sock_sendmsg+0x21c/0x270
[  155.275416][ T7046]  ____sys_sendmsg+0x505/0x830
[  155.275447][ T7046]  ? __pfx_____sys_sendmsg+0x10/0x10
[  155.275491][ T7046]  ___sys_sendmsg+0x21f/0x2a0
[  155.275519][ T7046]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.275583][ T7046]  ? __fget_files+0x2a/0x420
[  155.275601][ T7046]  ? __fget_files+0x3a0/0x420
[  155.275630][ T7046]  __sys_sendmsg+0x164/0x220
[  155.275658][ T7046]  ? __pfx___sys_sendmsg+0x10/0x10
[  155.275703][ T7046]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.275727][ T7046]  __do_fast_syscall_32+0xb6/0x2b0
[  155.275750][ T7046]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.275773][ T7046]  do_fast_syscall_32+0x34/0x80
[  155.275810][ T7046]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.275833][ T7046] RIP: 0023:0xf70be539
[  155.275851][ T7046] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  155.275868][ T7046] RSP: 002b:00000000f54ae55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  155.275890][ T7046] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  155.275903][ T7046] RDX: 0000000004044800 RSI: 0000000000000000 RDI: 0000000000000000
[  155.275915][ T7046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.275927][ T7046] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  155.275939][ T7046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.275968][ T7046]  </TASK>
[  155.764990][ T7058] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  155.956860][   T92] tipc: Node number set to 4269801494
[  156.074715][ T7070] syzkaller0: entered promiscuous mode
[  156.203355][ T7070] syzkaller0: entered allmulticast mode
[  156.361803][ T7079] binder: 7078:7079 ioctl c0306201 0 returned -14
[  156.437573][ T7080] binder: 7078:7080 ioctl c0306201 80000180 returned -14
[  156.485906][   T92] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  156.692606][   T92] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  156.801950][ T7086] macvtap1: entered allmulticast mode
[  156.821128][ T7086] veth0_macvtap: entered allmulticast mode
[  156.872711][   T92] usb 1-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  156.911859][   T92] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  156.938366][   T92] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.003094][ T7092] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  157.045503][ T7094] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  157.503959][ T7103] FAULT_INJECTION: forcing a failure.
[  157.503959][ T7103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.534631][ T7103] CPU: 1 UID: 0 PID: 7103 Comm: syz.4.418 Not tainted syzkaller #0 PREEMPT(full) 
[  157.534660][ T7103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  157.534672][ T7103] Call Trace:
[  157.534680][ T7103]  <TASK>
[  157.534689][ T7103]  dump_stack_lvl+0x189/0x250
[  157.534719][ T7103]  ? __pfx____ratelimit+0x10/0x10
[  157.534740][ T7103]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.534762][ T7103]  ? __pfx__printk+0x10/0x10
[  157.534789][ T7103]  ? __might_fault+0xb0/0x130
[  157.534826][ T7103]  should_fail_ex+0x414/0x560
[  157.534867][ T7103]  _copy_from_user+0x2d/0xb0
[  157.534895][ T7103]  get_compat_msghdr+0xad/0x4a0
[  157.534924][ T7103]  ? __pfx_get_compat_msghdr+0x10/0x10
[  157.534959][ T7103]  ___sys_sendmsg+0x193/0x2a0
[  157.534987][ T7103]  ? __pfx____sys_sendmsg+0x10/0x10
[  157.535049][ T7103]  ? __fget_files+0x2a/0x420
[  157.535066][ T7103]  ? __fget_files+0x3a0/0x420
[  157.535094][ T7103]  __sys_sendmsg+0x164/0x220
[  157.535122][ T7103]  ? __pfx___sys_sendmsg+0x10/0x10
[  157.535163][ T7103]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.535187][ T7103]  __do_fast_syscall_32+0xb6/0x2b0
[  157.535210][ T7103]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.535235][ T7103]  do_fast_syscall_32+0x34/0x80
[  157.535257][ T7103]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.535282][ T7103] RIP: 0023:0xf70de539
[  157.535299][ T7103] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  157.535316][ T7103] RSP: 002b:00000000f54ce55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  157.535337][ T7103] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  157.535350][ T7103] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  157.535361][ T7103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.535373][ T7103] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  157.535385][ T7103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.535414][ T7103]  </TASK>
[  157.905994][ T7106] syzkaller0: entered promiscuous mode
[  157.919843][ T7106] syzkaller0: entered allmulticast mode
[  158.341081][ T7122] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  158.758443][ T7127] binder: 7126:7127 ioctl c0306201 0 returned -14
[  158.864876][ T7131] binder: 7126:7131 ioctl c0306201 80000180 returned -14
[  159.465273][ T5929] usb 1-1: USB disconnect, device number 8
[  159.496467][ T7071] delete_channel: no stack
[  159.624229][ T7139] FAULT_INJECTION: forcing a failure.
[  159.624229][ T7139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.703221][ T7139] CPU: 0 UID: 0 PID: 7139 Comm: syz.0.432 Not tainted syzkaller #0 PREEMPT(full) 
[  159.703243][ T7139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  159.703253][ T7139] Call Trace:
[  159.703259][ T7139]  <TASK>
[  159.703266][ T7139]  dump_stack_lvl+0x189/0x250
[  159.703288][ T7139]  ? __pfx____ratelimit+0x10/0x10
[  159.703304][ T7139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.703321][ T7139]  ? __pfx__printk+0x10/0x10
[  159.703342][ T7139]  ? __might_fault+0xb0/0x130
[  159.703370][ T7139]  should_fail_ex+0x414/0x560
[  159.703396][ T7139]  _copy_from_user+0x2d/0xb0
[  159.703421][ T7139]  get_compat_msghdr+0xad/0x4a0
[  159.703443][ T7139]  ? __pfx_get_compat_msghdr+0x10/0x10
[  159.703469][ T7139]  ___sys_sendmsg+0x193/0x2a0
[  159.703490][ T7139]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.703533][ T7139]  ? __fget_files+0x2a/0x420
[  159.703546][ T7139]  ? __fget_files+0x3a0/0x420
[  159.703565][ T7139]  __sys_sendmsg+0x164/0x220
[  159.703584][ T7139]  ? __pfx___sys_sendmsg+0x10/0x10
[  159.703614][ T7139]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.703630][ T7139]  __do_fast_syscall_32+0xb6/0x2b0
[  159.703648][ T7139]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.703664][ T7139]  do_fast_syscall_32+0x34/0x80
[  159.703680][ T7139]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  159.703698][ T7139] RIP: 0023:0xf70be539
[  159.703710][ T7139] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  159.703721][ T7139] RSP: 002b:00000000f54ae55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  159.703736][ T7139] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  159.703746][ T7139] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  159.703754][ T7139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  159.703762][ T7139] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  159.703770][ T7139] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  159.703790][ T7139]  </TASK>
[  160.041452][ T7144] syzkaller0: entered promiscuous mode
[  160.136928][ T7144] syzkaller0: entered allmulticast mode
[  160.307031][ T7151] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  160.528406][ T7160] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  160.944521][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  160.979547][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  161.000048][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  161.085850][  T981] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  161.152966][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  161.198642][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  161.208420][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  161.261812][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  161.270644][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  162.017091][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  162.169201][   T44] hid-generic 0002:0005:0009.0001: unknown main item tag 0x0
[  162.361014][   T44] hid-generic 0002:0005:0009.0001: hidraw0: <UNKNOWN> HID v0.04 Device [syz1] on syz1
[  162.452634][  T981] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  162.537156][  T981] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  162.667242][ T7177] binder: BINDER_SET_CONTEXT_MGR already set
[  162.686132][  T981] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  162.806355][ T7177] binder: 7175:7177 ioctl 4018620d 80004a80 returned -16
[  162.883186][  T981] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.591597][ T7181] binder: 7175:7181 ioctl c0306201 80000180 returned -14
[  166.284337][ T7176] fido_id[7176]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  167.493869][ T7191] syzkaller0: entered promiscuous mode
[  167.523382][ T7191] syzkaller0: entered allmulticast mode
[  167.586507][ T7194] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  168.716578][  T981] usb 3-1: USB disconnect, device number 11
[  168.741979][ T7167] delete_channel: no stack
[  176.047208][ T7228] binder: 7226:7228 ioctl c0306201 80000180 returned -14
[  177.566191][ T7233] netlink: 56 bytes leftover after parsing attributes in process `syz.1.464'.
[  177.684333][ T7234] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  177.966186][ T7238] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  178.088138][ T7234] tipc: Resetting bearer <eth:syzkaller0>
[  181.097012][  T981] tipc: Node number set to 3500431724
[  181.841074][ T7232] tipc: Disabling bearer <eth:syzkaller0>
[  189.605728][    C0] sched: DL replenish lagged too much
[  194.769364][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.788800][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  301.415681][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  301.422801][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5876/1:b..l P7258/1:b..l P7260/1:b..l P7249/1:b..l
[  301.434530][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=20157, q=948915 ncpus=2)
[  301.442543][    C0] task:syz.3.469       state:R  running task     stack:24200 pid:7249  tgid:7245  ppid:5877   task_flags:0x40044c flags:0x20004006
[  301.456945][    C0] Call Trace:
[  301.460257][    C0]  <TASK>
[  301.463217][    C0]  __schedule+0x1798/0x4cc0
[  301.467788][    C0]  ? __pfx___schedule+0x10/0x10
[  301.472675][    C0]  ? is_bpf_text_address+0x292/0x2b0
[  301.478020][    C0]  ? unwind_get_return_address+0x4d/0x90
[  301.483691][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  301.489009][    C0]  preempt_schedule_irq+0xb5/0x150
[  301.494158][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  301.499922][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  301.505768][    C0]  irqentry_exit+0x6f/0x90
[  301.510212][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  301.516222][    C0] RIP: 0010:unwind_next_frame+0xb67/0x2390
[  301.522058][    C0] Code: 00 00 41 83 3e 00 0f 95 c0 49 39 df 0f 96 c1 20 c1 49 39 dc 0f 97 c0 20 c8 3c 01 75 18 48 8d 43 08 4c 39 f8 0f 97 c1 4c 39 e0 <0f> 96 c0 84 c1 0f 85 c2 00 00 00 49 8d 7e 28 48 89 f8 48 c1 e8 03
[  301.541771][    C0] RSP: 0018:ffffc9001b006d78 EFLAGS: 00000287
[  301.547881][    C0] RAX: ffffc9001b007928 RBX: ffffc9001b007920 RCX: 1ffff92003600d01
[  301.555886][    C0] RDX: ffffffff9042ce1e RSI: 0000000000000002 RDI: ffffffff8be33920
[  301.563892][    C0] RBP: 1ffff92003600dca R08: 0000000000000001 R09: ffffffff8172c195
[  301.571890][    C0] R10: ffffc9001b006e98 R11: ffffffff81ac3ae0 R12: ffffc9001b008000
[  301.579897][    C0] R13: 1ffff92003600dcb R14: ffffc9001b006e48 R15: ffffc9001b000000
[  301.587911][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  301.594102][    C0]  ? unwind_next_frame+0xa5/0x2390
[  301.599292][    C0]  ? unwind_next_frame+0xd4/0x2390
[  301.604460][    C0]  ? unwind_next_frame+0xa5/0x2390
[  301.609626][    C0]  ? evict+0x504/0x9c0
[  301.613742][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  301.619937][    C0]  arch_stack_walk+0x11c/0x150
[  301.624746][    C0]  ? evict+0x504/0x9c0
[  301.628987][    C0]  stack_trace_save+0x9c/0xe0
[  301.633736][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  301.639160][    C0]  save_stack+0xf5/0x1f0
[  301.643463][    C0]  ? __pfx_save_stack+0x10/0x10
[  301.648348][    C0]  ? free_unref_folios+0xdbd/0x1520
[  301.653588][    C0]  ? folios_put_refs+0x559/0x640
[  301.658559][    C0]  ? shmem_undo_range+0x49e/0x14b0
[  301.663711][    C0]  ? shmem_evict_inode+0x272/0xa70
[  301.668861][    C0]  ? evict+0x504/0x9c0
[  301.672990][    C0]  ? page_ext_put+0x97/0xc0
[  301.677544][    C0]  __reset_page_owner+0x71/0x1f0
[  301.682536][    C0]  free_unref_folios+0xdbd/0x1520
[  301.687623][    C0]  ? folios_put_refs+0x299/0x640
[  301.692608][    C0]  folios_put_refs+0x559/0x640
[  301.697440][    C0]  ? __pfx_folios_put_refs+0x10/0x10
[  301.702762][    C0]  ? folio_batch_remove_exceptionals+0x18c/0x1f0
[  301.709129][    C0]  shmem_undo_range+0x49e/0x14b0
[  301.714125][    C0]  ? __pfx_shmem_undo_range+0x10/0x10
[  301.719559][    C0]  ? kernel_text_address+0xa5/0xe0
[  301.724713][    C0]  ? __kernel_text_address+0xd/0x40
[  301.729975][    C0]  ? stack_depot_save_flags+0x40/0x860
[  301.735483][    C0]  ? percpu_counter_add_batch+0xea/0x1e0
[  301.741160][    C0]  shmem_evict_inode+0x272/0xa70
[  301.746137][    C0]  ? inode_wait_for_writeback+0xf9/0x290
[  301.751805][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  301.757293][    C0]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  301.763408][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  301.768649][    C0]  ? __pfx_shmem_evict_inode+0x10/0x10
[  301.774135][    C0]  evict+0x504/0x9c0
[  301.778074][    C0]  ? __pfx_evict+0x10/0x10
[  301.782531][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  301.787764][    C0]  ? _raw_spin_unlock+0x28/0x50
[  301.792651][    C0]  ? iput+0x6d8/0x9d0
[  301.796679][    C0]  __dentry_kill+0x209/0x660
[  301.801295][    C0]  ? dput+0x37/0x2b0
[  301.805219][    C0]  dput+0x19f/0x2b0
[  301.809057][    C0]  __fput+0x68e/0xa70
[  301.813087][    C0]  task_work_run+0x1d1/0x260
[  301.817718][    C0]  ? __pfx_task_work_run+0x10/0x10
[  301.822882][    C0]  do_exit+0x6b5/0x2300
[  301.827091][    C0]  ? do_raw_spin_lock+0x121/0x290
[  301.832168][    C0]  ? __pfx_do_exit+0x10/0x10
[  301.836823][    C0]  do_group_exit+0x21c/0x2d0
[  301.841462][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  301.846700][    C0]  get_signal+0x1286/0x1340
[  301.851264][    C0]  arch_do_signal_or_restart+0x9a/0x750
[  301.856860][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  301.863083][    C0]  ? exit_to_user_mode_loop+0x40/0x110
[  301.868596][    C0]  exit_to_user_mode_loop+0x75/0x110
[  301.873921][    C0]  __do_fast_syscall_32+0x1f4/0x2b0
[  301.879158][    C0]  do_fast_syscall_32+0x34/0x80
[  301.884019][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  301.890367][    C0] RIP: 0023:0xf7f63539
[  301.894472][    C0] RSP: 002b:00000000f545555c EFLAGS: 00000206 ORIG_RAX: 00000000000000c0
[  301.902921][    C0] RAX: 0000000080000000 RBX: 0000000080000000 RCX: 0000000000b36000
[  301.910929][    C0] RDX: 0000000006ebbeed RSI: 0000000000008031 RDI: 00000000ffffffff
[  301.918926][    C0] RBP: 00000000f6d0d000 R08: 0000000000000000 R09: 0000000000000000
[  301.926908][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  301.934908][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  301.942928][    C0]  </TASK>
[  301.945975][    C0] task:syz.2.472       state:R  running task     stack:27304 pid:7260  tgid:7259  ppid:5879   task_flags:0x400040 flags:0x20004006
[  301.959510][    C0] Call Trace:
[  301.962819][    C0]  <TASK>
[  301.965788][    C0]  __schedule+0x1798/0x4cc0
[  301.970345][    C0]  ? load_gs_index+0x169/0x190
[  301.975173][    C0]  ? __pfx___schedule+0x10/0x10
[  301.980077][    C0]  ? finish_task_switch+0x18b/0x950
[  301.985318][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  301.990640][    C0]  preempt_schedule_irq+0xb5/0x150
[  301.995783][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  302.001547][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  302.007394][    C0]  irqentry_exit+0x6f/0x90
[  302.011839][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  302.017852][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  302.023171][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 7b 51 03 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  302.042811][    C0] RSP: 0018:ffffc9001af77218 EFLAGS: 00000206
[  302.048915][    C0] RAX: b6156e763a0c4a00 RBX: 0000000000000000 RCX: b6156e763a0c4a00
[  302.056922][    C0] RDX: 0000000000000000 RSI: ffffffff8dba895d RDI: ffffffff8be33980
[  302.064924][    C0] RBP: ffffffff8172c195 R08: 0000000000000000 R09: ffffffff8172c195
[  302.072928][    C0] R10: ffffc9001af773d8 R11: ffffffff81ac3ae0 R12: 0000000000000002
[  302.080934][    C0] R13: ffffffff8e139f20 R14: 0000000000000000 R15: 0000000000000246
[  302.088946][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.094100][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  302.100287][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.105449][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.110590][    C0]  ? __slab_free+0x2d5/0x3c0
[  302.115226][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.120375][    C0]  unwind_next_frame+0xc2/0x2390
[  302.125345][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.130486][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.135630][    C0]  ? put_cpu_partial+0x17c/0x250
[  302.140596][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  302.146784][    C0]  arch_stack_walk+0x11c/0x150
[  302.151591][    C0]  ? __slab_free+0x2d5/0x3c0
[  302.156229][    C0]  stack_trace_save+0x9c/0xe0
[  302.161050][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  302.166482][    C0]  save_stack+0xf5/0x1f0
[  302.170770][    C0]  ? __pfx_save_stack+0x10/0x10
[  302.175659][    C0]  ? __free_frozen_pages+0xbc4/0xd30
[  302.180974][    C0]  ? __put_partials+0x156/0x1a0
[  302.185834][    C0]  ? put_cpu_partial+0x17c/0x250
[  302.190797][    C0]  ? __slab_free+0x2d5/0x3c0
[  302.195441][    C0]  __reset_page_owner+0x71/0x1f0
[  302.200420][    C0]  __free_frozen_pages+0xbc4/0xd30
[  302.205580][    C0]  __put_partials+0x156/0x1a0
[  302.210294][    C0]  put_cpu_partial+0x17c/0x250
[  302.215131][    C0]  ? put_cpu_partial+0x6d/0x250
[  302.220005][    C0]  __slab_free+0x2d5/0x3c0
[  302.224444][    C0]  ? __phys_addr+0xd3/0x180
[  302.228984][    C0]  qlist_free_all+0x97/0x140
[  302.233613][    C0]  kasan_quarantine_reduce+0x148/0x160
[  302.239117][    C0]  __kasan_slab_alloc+0x22/0x80
[  302.244050][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  302.249557][    C0]  ? security_file_alloc+0x34/0x330
[  302.254880][    C0]  security_file_alloc+0x34/0x330
[  302.259950][    C0]  init_file+0x93/0x2f0
[  302.264145][    C0]  alloc_empty_file+0x6e/0x1d0
[  302.268940][    C0]  path_openat+0x107/0x3830
[  302.273479][    C0]  ? arch_stack_walk+0xfc/0x150
[  302.278380][    C0]  ? stack_trace_save+0x9c/0xe0
[  302.283300][    C0]  ? stack_depot_save_flags+0x40/0x860
[  302.288801][    C0]  ? __lock_acquire+0xab9/0xd20
[  302.293695][    C0]  ? kasan_save_track+0x4f/0x80
[  302.298575][    C0]  ? kasan_save_track+0x3e/0x80
[  302.303469][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[  302.308525][    C0]  ? getname_flags+0xb8/0x540
[  302.313230][    C0]  ? __pfx_path_openat+0x10/0x10
[  302.318195][    C0]  ? do_fast_syscall_32+0x34/0x80
[  302.323383][    C0]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  302.329927][    C0]  do_filp_open+0x1fa/0x410
[  302.334460][    C0]  ? __lock_acquire+0xab9/0xd20
[  302.339350][    C0]  ? __pfx_do_filp_open+0x10/0x10
[  302.344432][    C0]  ? _raw_spin_unlock+0x28/0x50
[  302.349324][    C0]  ? alloc_fd+0x64c/0x6c0
[  302.353727][    C0]  do_sys_openat2+0x121/0x1c0
[  302.358433][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  302.363670][    C0]  ? __pfx_do_sys_openat2+0x10/0x10
[  302.368923][    C0]  __ia32_compat_sys_openat+0x131/0x160
[  302.374508][    C0]  __do_fast_syscall_32+0xb6/0x2b0
[  302.379664][    C0]  do_fast_syscall_32+0x34/0x80
[  302.384551][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  302.390916][    C0] RIP: 0023:0xf7fc5539
[  302.395013][    C0] RSP: 002b:00000000f54d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000127
[  302.403460][    C0] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000100
[  302.411462][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  302.419474][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  302.427473][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  302.435474][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  302.443498][    C0]  </TASK>
[  302.446547][    C0] task:syz.4.473       state:R  running task     stack:24840 pid:7258  tgid:7253  ppid:5880   task_flags:0x40054c flags:0x20004002
[  302.460088][    C0] Call Trace:
[  302.463397][    C0]  <TASK>
[  302.466358][    C0]  __schedule+0x1798/0x4cc0
[  302.470913][    C0]  ? free_pages_and_swap_cache+0x4be/0x520
[  302.476762][    C0]  ? __pfx_free_pages_and_swap_cache+0x10/0x10
[  302.482967][    C0]  ? __pfx___schedule+0x10/0x10
[  302.487885][    C0]  ? do_raw_spin_lock+0x121/0x290
[  302.492959][    C0]  ? preempt_schedule+0xae/0xc0
[  302.497876][    C0]  preempt_schedule_common+0x83/0xd0
[  302.503207][    C0]  preempt_schedule+0xae/0xc0
[  302.507937][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  302.513388][    C0]  preempt_schedule_thunk+0x16/0x30
[  302.518640][    C0]  _raw_spin_unlock+0x3f/0x50
[  302.523356][    C0]  unmap_page_range+0x3a79/0x4370
[  302.528469][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  302.533908][    C0]  ? mas_find+0xb0e/0xd30
[  302.538265][    C0]  ? unmap_vmas+0x144/0x580
[  302.542797][    C0]  unmap_vmas+0x399/0x580
[  302.547174][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  302.552077][    C0]  exit_mmap+0x248/0xb50
[  302.556355][    C0]  ? uprobe_clear_state+0x20f/0x290
[  302.561591][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  302.566394][    C0]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  302.572074][    C0]  ? __pfx_exit_aio+0x10/0x10
[  302.576842][    C0]  ? uprobe_clear_state+0x274/0x290
[  302.582052][    C0]  __mmput+0x118/0x430
[  302.586135][    C0]  exit_mm+0x1da/0x2c0
[  302.590240][    C0]  ? __pfx_exit_mm+0x10/0x10
[  302.594865][    C0]  ? rcu_is_watching+0x15/0xb0
[  302.599673][    C0]  do_exit+0x648/0x2300
[  302.603866][    C0]  ? do_raw_spin_lock+0x121/0x290
[  302.608923][    C0]  ? __pfx_do_exit+0x10/0x10
[  302.613572][    C0]  do_group_exit+0x21c/0x2d0
[  302.618196][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  302.623408][    C0]  get_signal+0x1286/0x1340
[  302.627966][    C0]  arch_do_signal_or_restart+0x9a/0x750
[  302.633564][    C0]  ? __fget_files+0x2a/0x420
[  302.638184][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  302.644402][    C0]  ? exit_to_user_mode_loop+0x40/0x110
[  302.649909][    C0]  exit_to_user_mode_loop+0x75/0x110
[  302.655234][    C0]  __do_fast_syscall_32+0x1f4/0x2b0
[  302.660492][    C0]  do_fast_syscall_32+0x34/0x80
[  302.665376][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  302.671738][    C0] RIP: 0023:0xf70de539
[  302.675831][    C0] RSP: 002b:00000000f530b520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  302.684273][    C0] RAX: 000000000000003a RBX: 00000000000000c8 RCX: 0000000080000880
[  302.692288][    C0] RDX: 000000000000003a RSI: 00000000f7454ff4 RDI: 0000000000000000
[  302.700308][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  302.708312][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  302.716312][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  302.724318][    C0]  </TASK>
[  302.727353][    C0] task:syz-executor    state:R  running task     stack:19896 pid:5876  tgid:5876  ppid:5856   task_flags:0x400140 flags:0x20004002
[  302.741053][    C0] Call Trace:
[  302.744360][    C0]  <TASK>
[  302.747321][    C0]  __schedule+0x1798/0x4cc0
[  302.751893][    C0]  ? __pfx___schedule+0x10/0x10
[  302.756791][    C0]  ? __lock_acquire+0xab9/0xd20
[  302.761689][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  302.767010][    C0]  preempt_schedule_irq+0xb5/0x150
[  302.772154][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  302.777915][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  302.783755][    C0]  irqentry_exit+0x6f/0x90
[  302.788205][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  302.794217][    C0] RIP: 0010:lock_release+0x44/0x3e0
[  302.799464][    C0] Code: 8b 05 a0 41 03 11 48 89 44 24 28 0f 1f 44 00 00 65 8b 05 a3 41 03 11 83 f8 08 0f 83 9a 02 00 00 89 c0 48 0f a3 05 8c 30 06 0e <73> 16 e8 45 f1 08 00 84 c0 75 0d f6 05 b8 15 f0 0d 01 0f 84 ad 02
[  302.819103][    C0] RSP: 0018:ffffc9000426f390 EFLAGS: 00000293
[  302.825230][    C0] RAX: 0000000000000000 RBX: ffffc9000426f501 RCX: 69e310429e054e00
[  302.833226][    C0] RDX: ffffffff9040b501 RSI: ffffffff8172c195 RDI: ffffffff8e139f20
[  302.841240][    C0] RBP: dffffc0000000000 R08: ffffc9000426f527 R09: 0000000000000000
[  302.849257][    C0] R10: ffffc9000426f518 R11: fffff5200084dea5 R12: ffffc9000426f988
[  302.857265][    C0] R13: ffffffff8172c195 R14: ffffffff8e139f20 R15: ffffffff8172c195
[  302.865274][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.870423][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.875570][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.880719][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.885868][    C0]  unwind_next_frame+0x19a9/0x2390
[  302.891019][    C0]  ? unwind_next_frame+0xa5/0x2390
[  302.896190][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[  302.901868][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  302.908064][    C0]  arch_stack_walk+0x11c/0x150
[  302.912868][    C0]  ? __kasan_kmalloc+0x22/0xb0
[  302.917670][    C0]  stack_trace_save+0x9c/0xe0
[  302.922380][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  302.927804][    C0]  save_stack+0xf5/0x1f0
[  302.932091][    C0]  ? __pfx_save_stack+0x10/0x10
[  302.936987][    C0]  ? __free_frozen_pages+0xbc4/0xd30
[  302.942324][    C0]  ? __put_partials+0x156/0x1a0
[  302.947214][    C0]  ? put_cpu_partial+0x17c/0x250
[  302.952182][    C0]  ? __slab_free+0x2d5/0x3c0
[  302.956799][    C0]  ? qlist_free_all+0x97/0x140
[  302.961616][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[  302.967315][    C0]  __reset_page_owner+0x71/0x1f0
[  302.972302][    C0]  __free_frozen_pages+0xbc4/0xd30
[  302.977469][    C0]  __put_partials+0x156/0x1a0
[  302.982160][    C0]  put_cpu_partial+0x17c/0x250
[  302.986943][    C0]  ? put_cpu_partial+0x6d/0x250
[  302.991826][    C0]  __slab_free+0x2d5/0x3c0
[  302.996282][    C0]  ? __phys_addr+0xd3/0x180
[  303.000830][    C0]  qlist_free_all+0x97/0x140
[  303.005462][    C0]  kasan_quarantine_reduce+0x148/0x160
[  303.010980][    C0]  __kasan_kmalloc+0x22/0xb0
[  303.015609][    C0]  __kmalloc_noprof+0x27a/0x4f0
[  303.020482][    C0]  ? security_task_alloc+0x4d/0x360
[  303.025707][    C0]  security_task_alloc+0x4d/0x360
[  303.030765][    C0]  copy_process+0x1530/0x3c00
[  303.035494][    C0]  ? copy_process+0x97f/0x3c00
[  303.040307][    C0]  ? __pfx_copy_process+0x10/0x10
[  303.045377][    C0]  kernel_clone+0x21e/0x840
[  303.049913][    C0]  ? css_rstat_updated+0x23a/0x4f0
[  303.055059][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  303.060168][    C0]  __ia32_compat_sys_ia32_clone+0x189/0x1e0
[  303.066102][    C0]  ? count_memcg_event_mm+0x21/0x260
[  303.071421][    C0]  ? __pfx___ia32_compat_sys_ia32_clone+0x10/0x10
[  303.077890][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.083102][    C0]  __do_fast_syscall_32+0xb6/0x2b0
[  303.088240][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.093483][    C0]  do_fast_syscall_32+0x34/0x80
[  303.098374][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.104737][    C0] RIP: 0023:0xf7f93539
[  303.108832][    C0] RSP: 002b:00000000f757fcbc EFLAGS: 00000206 ORIG_RAX: 0000000000000078
[  303.117286][    C0] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[  303.125283][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000574e94a8
[  303.133271][    C0] RBP: 00000000f7424ff4 R08: 0000000000000000 R09: 0000000000000000
[  303.141287][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  303.149299][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  303.157337][    C0]  </TASK>
[  303.160392][    C0] rcu: rcu_preempt kthread starved for 10575 jiffies! g20157 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  303.171624][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  303.181627][    C0] rcu: RCU grace-period kthread stack dump:
[  303.187523][    C0] task:rcu_preempt     state:R  running task     stack:27224 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  303.201057][    C0] Call Trace:
[  303.204368][    C0]  <TASK>
[  303.207334][    C0]  __schedule+0x1798/0x4cc0
[  303.211903][    C0]  ? __lock_acquire+0xab9/0xd20
[  303.216790][    C0]  ? __pfx___schedule+0x10/0x10
[  303.221707][    C0]  ? schedule+0x91/0x360
[  303.226059][    C0]  schedule+0x165/0x360
[  303.230256][    C0]  schedule_timeout+0x12b/0x270
[  303.235135][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  303.240536][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  303.246465][    C0]  ? __pfx_process_timeout+0x10/0x10
[  303.251785][    C0]  ? prepare_to_swait_event+0x341/0x380
[  303.257369][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  303.262275][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  303.268578][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  303.273915][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  303.279185][    C0]  rcu_gp_kthread+0x99/0x390
[  303.283823][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  303.289064][    C0]  ? __kthread_parkme+0x7b/0x200
[  303.294026][    C0]  ? __kthread_parkme+0x1a1/0x200
[  303.299087][    C0]  kthread+0x70e/0x8a0
[  303.303189][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  303.308425][    C0]  ? __pfx_kthread+0x10/0x10
[  303.313046][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  303.318280][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.323494][    C0]  ? __pfx_kthread+0x10/0x10
[  303.328100][    C0]  ret_from_fork+0x3fc/0x770
[  303.332719][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  303.337866][    C0]  ? __switch_to_asm+0x39/0x70
[  303.342674][    C0]  ? __switch_to_asm+0x33/0x70
[  303.347485][    C0]  ? __pfx_kthread+0x10/0x10
[  303.352105][    C0]  ret_from_fork_asm+0x1a/0x30
[  303.356928][    C0]  </TASK>
[  303.359973][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  303.366371][    C0] Sending NMI from CPU 0 to CPUs 1:
[  303.371619][    C1] NMI backtrace for cpu 1
[  303.371639][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  303.371667][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  303.371682][    C1] RIP: 0010:unwind_next_frame+0x67/0x2390
[  303.371711][    C1] Code: 5f b0 00 48 89 5c 24 18 49 8b 5e 48 4d 8d 6e 38 4c 89 e8 48 c1 e8 03 48 89 44 24 58 80 3c 28 00 74 08 4c 89 ef e8 19 5f b0 00 <4d> 8b 7e 38 4d 89 f4 49 c1 ec 03 41 0f b6 04 2c 84 c0 0f 85 de 1b
[  303.371726][    C1] RSP: 0018:ffffc90000a07798 EFLAGS: 00000246
[  303.371742][    C1] RAX: 1ffff92000140f14 RBX: ffffffff89a9a032 RCX: 3fd93d6688917800
[  303.371755][    C1] RDX: dffffc0000000000 RSI: ffffffff89a9a032 RDI: ffffc90000a07868
[  303.371768][    C1] RBP: dffffc0000000000 R08: ffffc90000a07930 R09: 000000000000000e
[  303.371780][    C1] R10: ffffc90000a078b8 R11: ffffffff81ac3ae0 R12: ffff88801d2c5a00
[  303.371793][    C1] R13: ffffc90000a078a0 R14: ffffc90000a07868 R15: ffffc90000a07868
[  303.371806][    C1] FS:  0000000000000000(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000
[  303.371820][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  303.371832][    C1] CR2: 00000000f7f855c0 CR3: 000000000df36000 CR4: 00000000003526f0
[  303.371847][    C1] Call Trace:
[  303.371854][    C1]  <IRQ>
[  303.371865][    C1]  ? unwind_next_frame+0xa5/0x2390
[  303.371885][    C1]  ? nft_do_chain_inet+0x25d/0x340
[  303.371908][    C1]  ? nf_hook_slow+0xc2/0x220
[  303.371927][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  303.371954][    C1]  arch_stack_walk+0x11c/0x150
[  303.371978][    C1]  ? nf_hook_slow+0xc2/0x220
[  303.371998][    C1]  stack_trace_save+0x9c/0xe0
[  303.372018][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  303.372040][    C1]  ? unwind_next_frame+0xa5/0x2390
[  303.372060][    C1]  kasan_save_track+0x3e/0x80
[  303.372080][    C1]  ? kasan_save_track+0x3e/0x80
[  303.372099][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  303.372120][    C1]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  303.372142][    C1]  ? dst_alloc+0x105/0x170
[  303.372175][    C1]  ? ip_route_output_key_hash_rcu+0x1560/0x23e0
[  303.372199][    C1]  ? ip_route_output_key_hash+0x1b9/0x2e0
[  303.372220][    C1]  ? ip_route_output_flow+0x2a/0x150
[  303.372239][    C1]  ? ip_route_me_harder+0x6d2/0x1030
[  303.372261][    C1]  ? synproxy_send_tcp+0x359/0x6c0
[  303.372279][    C1]  ? synproxy_send_client_synack+0x8bb/0xe20
[  303.372296][    C1]  ? nft_synproxy_eval_v4+0x36e/0x560
[  303.372317][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[  303.372337][    C1]  ? nft_do_chain+0x409/0x1920
[  303.372356][    C1]  ? nft_do_chain_inet+0x25d/0x340
[  303.372375][    C1]  ? nf_hook_slow+0xc2/0x220
[  303.372414][    C1]  __kasan_slab_alloc+0x6c/0x80
[  303.372436][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  303.372457][    C1]  ? dst_alloc+0x105/0x170
[  303.372480][    C1]  dst_alloc+0x105/0x170
[  303.372503][    C1]  ip_route_output_key_hash_rcu+0x1560/0x23e0
[  303.372530][    C1]  ? ip_route_output_key_hash+0xde/0x2e0
[  303.372553][    C1]  ip_route_output_key_hash+0x1b9/0x2e0
[  303.372574][    C1]  ? __lock_acquire+0xab9/0xd20
[  303.372599][    C1]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  303.372625][    C1]  ? ip_route_me_harder+0x4ad/0x1030
[  303.372652][    C1]  ip_route_output_flow+0x2a/0x150
[  303.372689][    C1]  ? ip_route_me_harder+0x6c0/0x1030
[  303.372713][    C1]  ip_route_me_harder+0x6d2/0x1030
[  303.372743][    C1]  ? __pfx_ip_route_me_harder+0x10/0x10
[  303.372783][    C1]  synproxy_send_tcp+0x359/0x6c0
[  303.372806][    C1]  synproxy_send_client_synack+0x8bb/0xe20
[  303.372833][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  303.372852][    C1]  ? nft_log_init+0x2a8/0x9a0
[  303.372868][    C1]  ? synproxy_pernet+0x45/0x270
[  303.372893][    C1]  nft_synproxy_eval_v4+0x36e/0x560
[  303.372919][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  303.372950][    C1]  ? nf_ip_checksum+0x13c/0x510
[  303.372974][    C1]  nft_synproxy_do_eval+0x345/0x570
[  303.373000][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  303.373032][    C1]  nft_do_chain+0x409/0x1920
[  303.373062][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  303.373096][    C1]  ? unwind_next_frame+0xa5/0x2390
[  303.373115][    C1]  ? unwind_next_frame+0xa5/0x2390
[  303.373138][    C1]  nft_do_chain_inet+0x25d/0x340
[  303.373159][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  303.373180][    C1]  ? __lock_acquire+0xab9/0xd20
[  303.373208][    C1]  ? NF_HOOK+0x9a/0x3a0
[  303.373225][    C1]  ? NF_HOOK+0x9a/0x3a0
[  303.373241][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  303.373264][    C1]  nf_hook_slow+0xc2/0x220
[  303.373284][    C1]  NF_HOOK+0x206/0x3a0
[  303.373301][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  303.373318][    C1]  ? NF_HOOK+0x9a/0x3a0
[  303.373333][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  303.373348][    C1]  ? ip_rcv_finish_core+0xda3/0x1c00
[  303.373367][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  303.373385][    C1]  ? skb_dst+0x4f/0xd0
[  303.373401][    C1]  ? ip_local_deliver+0x12a/0x1b0
[  303.373420][    C1]  NF_HOOK+0x309/0x3a0
[  303.373436][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  303.373453][    C1]  ? NF_HOOK+0x9a/0x3a0
[  303.373468][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  303.373483][    C1]  ? ip_rcv_core+0x7f7/0xd00
[  303.373499][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  303.373521][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  303.373536][    C1]  __netif_receive_skb+0x143/0x380
[  303.373564][    C1]  ? process_backlog+0x2d5/0x14f0
[  303.373582][    C1]  process_backlog+0x60e/0x14f0
[  303.373607][    C1]  ? __pfx_process_backlog+0x10/0x10
[  303.373625][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  303.373651][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  303.373679][    C1]  __napi_poll+0xc4/0x360
[  303.373703][    C1]  ? net_rx_action+0x46d/0xe30
[  303.373721][    C1]  net_rx_action+0x707/0xe30
[  303.373736][    C1]  ? debug_object_activate+0x2e2/0x420
[  303.373772][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  303.373797][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.373823][    C1]  handle_softirqs+0x283/0x870
[  303.373843][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  303.373862][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  303.373881][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  303.373904][    C1]  __irq_exit_rcu+0xca/0x1f0
[  303.373920][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  303.373949][    C1]  irq_exit_rcu+0x9/0x30
[  303.373964][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  303.373990][    C1]  </IRQ>
[  303.373996][    C1]  <TASK>
[  303.374003][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  303.374021][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  303.374037][    C1] Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 17 0e 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  303.374052][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c2
[  303.374066][    C1] RAX: 3fd93d6688917800 RBX: ffffffff819683f8 RCX: 3fd93d6688917800
[  303.374079][    C1] RDX: 0000000000000001 RSI: ffffffff8d9b930b RDI: ffffffff8be33980
[  303.374091][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f9b R09: 1ffff110170e65f3
[  303.374104][    C1] R10: dffffc0000000000 R11: ffffed10170e65f4 R12: ffffffff8fa39f30
[  303.374116][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003a58b40
[  303.374130][    C1]  ? do_idle+0x1e8/0x510
[  303.374150][    C1]  default_idle+0x13/0x20
[  303.374169][    C1]  default_idle_call+0x74/0xb0
[  303.374189][    C1]  do_idle+0x1e8/0x510
[  303.374207][    C1]  ? __pfx_do_idle+0x10/0x10
[  303.374232][    C1]  cpu_startup_entry+0x44/0x60
[  303.374248][    C1]  start_secondary+0x101/0x110
[  303.374285][    C1]  common_startup_64+0x13e/0x147
[  303.374316][    C1]  </TASK>