last executing test programs:

2m42.910450461s ago: executing program 2 (id=402):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x24981, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
io_setup(0x30, &(0x7f0000000600))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x20001}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9}, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x64, &(0x7f0000000480)=[@in={0x2, 0x4e23, @private=0xa010100}, @in6={0xa, 0x4e20, 0xfffffc00, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xc}, @in6={0xa, 0x4e23, 0x6adcc8a4, @empty, 0xfffffffc}, @in6={0xa, 0x4e21, 0x10, @mcast2, 0x503ccbec}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000500)={0x0, 0x8}, &(0x7f0000000540)=0x8)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
syz_io_uring_setup(0x344f, &(0x7f0000000580)={0x0, 0x26c1, 0x8000, 0x0, 0x35e}, &(0x7f0000000640), &(0x7f0000000680))
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r6, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r7=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f00000001c0)={r7, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r6, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, <r9=>0x0], &(0x7f0000000040), 0x3, r8, 0xcccccccc})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
add_key(&(0x7f00000018c0)='big_key\x00', 0x0, &(0x7f0000001940)='\f', 0x1, 0xfffffffffffffffe)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r6, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r8], &(0x7f0000000200), &(0x7f00000000c0)=[r9], &(0x7f0000000040), 0x0, 0x300})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)

2m41.46235742s ago: executing program 2 (id=407):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000380)="9007b5fba19469aa7383b42d0b40a274c2eb42ca2c454a618efaa136b2845141b7061c4e", 0x24)

2m41.367789675s ago: executing program 2 (id=408):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x800, 0x0, 0x0, 0x0, 0x40, 0x8}, 0x20) (fail_nth: 4)

2m41.064534102s ago: executing program 2 (id=410):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000180)=0x178, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x8001, @remote, 0xcdce}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000c80)=[{{&(0x7f00000001c0)={0xa, 0x64, 0x200, @ipv4={'\x00', '\xff\xff', @empty=0xe0000000}, 0xd}, 0x1c, 0x0}}], 0x1, 0x0)

2m40.987979205s ago: executing program 2 (id=411):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x3f, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
set_mempolicy(0x8004, 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r2, 0x114, 0x5, &(0x7f0000019440)=""/102400, &(0x7f00000000c0)=0x19000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x9, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bind$alg(r5, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NAME_TABLE_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="69db2abd7000fcdbd7251000000076a557c07c61d71a1f6ce424f53dfd833836d53515d6a49c4ab1933a3ad0eb9a4d9e6513899a893a0c9501905fac6c0e7f59c148286d4148deacfcea596a964a87194e6e4082ed"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x4004880)
r8 = accept4(r5, 0x0, 0x0, 0x80000)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
sendmmsg$unix(r8, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x9802}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, 0x0)
r9 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r9, &(0x7f0000000380)={'#! ', './file0/file0', [{0x20, '\x00'}, {0x20, ')^\x94'}], 0xa, "f231cc465c2c1f5f85966b6ff9e742fb0c6c6636a80eb4ed670f24b348d3f3a0aafa561cb964e04c89391a659033d87ccf7c46ce3c38737c437196311dc29b7e19cdb01769b372f630008cfde95539f96bcb52b71e23f8640f30c9e5101a72a44139eb93ed198577237b958db520354749adf3db962520c1a8b1645bac0f71ace21be6170b9badf6ab4c884be64aadd25174db8d9a33fca1e01456d62afb6f31a2d8e975d4d0d5dda17a78546e8f7916f873aee8ae63302f3c33b917bee68e31c32ecbec4e842b73274ddd2290c8121916cb91de2cdb62dd6002df2b2698746177b7f33a9f8cef59785f776c2f01cb7db81a111bd3ae84eeaa5f5efb362a04862d846f92138da4a9a8cdd2766cf3ea6321e6aa372004b98e13fedd951e19ded019d3d5745d371bf4f7806446fb1fae69a69f9405e9d8de8e4f54969f0e00d0ea2e5108397081316967816b42af8a9dd35c058af9e712d06b71dc9c6a658d8690c8d4d269cf6746b1b0849743de8a9fe343bb2e61b3bd1b0554add88ee63d8a041527f55c35dac13628099d215cd0828d0cd6ca892799f89943d3ab364586037df00fffd4d0eec78da6ee3ff4b8144747b0e48a8bf3ebbd6a4c91425f35c92994274f438c483405873ebed47ed4626870ffcdb2a2872032c0a16c25e5a28c497e1deee8854684daaf8822afc715ad6ed5bda7eccb043b95e09363640d6af304ba330bd05f6ba9d5723a3ae194745724d70a70c5c0f54a8f30390a6453d249c2b0bd071fbb0a58ab19e7c0c27237b4494881e49c80abfdf1aed2bb9015bec0ee68aa087cbca72b58ad22a9a2e37c3082f8e035bfb3029a8f36ed4f1692f376298f05284ce72606715502dc4b9552a78993fd2f0a7a778354aec0d438df16d22a4add9ad7e8c6930aa53e6f1369c2bfb959815bf63295a85605a8bf3abbe3f84f9c5abdee333d9a8f2899d0d0958c7e7f6f4843c61ef7c853d6be70d3500e2bb889809c7778a47863e1e6e21ff8806a1073411b2bdab268f6ad38a219818d460f4a8ce5e5be3d3416dd0c29b70b2f4f5f9bf3f87c82b84325bac3def9d9c385de11ada61cc09bda19375a0bb8d39de409fc2ee1f47ec29cd912a6f3519f7a0388e705d65c144421bdb77e172df41be463d97b4ee54b966c350b1cc7ece90bac15c100751e3c0c9b56690e4928c0178a3ea682bc23506b2b19020c81a5d90e80b7af7c50c8d340a6433803c0c68286ddd94b75b05f6cebe0958554df726aaf3178a266d2a368b193784b2e241b33fec53bd1ea72a0c0c0a42159fad40e216a92aae8ab899566b4c712bd871302ea4580cbaca2e5b7d5450d060004353b3522130f48431aac95853d7a035a55b3b2daad0efc44affe2b35c07db88fbf7006350a6e259b377861b4749f1eb7d6c4755110d31b20566f0c5735ce5ab1b760fd9132cc4fabf3cc4c7180d1cca903d3b1ed0acd8ff638310fac594565c99d6bed9dc778314c716e3db3c82317d07b712601e27488b5b878e43477e15f23a3fccf80656380c864d32ccf701bbe2dcb8f02967982d268ec412378a27be9cd735793b31b4571b2531b8efa409e533ded161a313257c21f4211bd1ed0d67d43671398cb498e9752956c6ac496f97d451651a91ff879f98603534f65a3424a07bf3ad9f4ed2de6d9672f47ec195244029cb88b52ec8b8b1d6b3c970144fdff0d9da6f5606e10d1d4eeccdddcb76308dd50cb8dddaba60c784e952419d9eb3bd79234ca8505f8eb961b98c5be3f66bc27a22933c5ef64f08192690d090a7947def191a76da1ad2dd90e89ada7e65e672a814ded7b11a115937111c315c4578f3d7d53e1dca6934d2c6eb0d6880f3b2c48e995ec57ad3bba4d784b20a6a9755bbae9fcff6c102c006e9a76b5194b55ee89dbaf2c1fdf01577944e78c70f52bdf9c26a55287758b307985addcfd91dad6f58546f577bd187353a7d1de2ad35245478e8d901eb91a5c987c5656dfdc875494705c2f7d2e220ae538e002d6faa1164532005c5634ba7a6fa53f5febbc0d51942f7f51643394b0a3fcb89a73051b5fc6a876c60b099c08dbe63e7d3d447c00c0d41f2cd33ab98682345bb8bd713cb7e74fbb7abe554d0dde1cb647b891251a5ff3c6338fc1d6e25e37dc596ae099609136c393c66fd8107a16f81dd41bc8005be0dbd628394d4f1290e4cfbaade7639d65b76f008a59e5303f0796018fc7b2e4f0302e8feba2d8fd2a99e69705c7caebb9efcbf7c6d3d6f1c5d9009445c82c317e5e4e0f3f2c4d56dea7cdebe7a506a6ead8415eeb2fac4a4591580d41c1d5e26fd8925d54048168ab945a3643f7a3736172e3bcefee65e4c1e485a64eea22c0b9b58e739242cf1510618acdc03cabf8913fdd95e1afeb6fb964af73f2b8cfe1d43496d6d9072367b0c9b70266a6dac4ecc2326da9a54603be8bb2da1159584ddcc2a7f863cbbb4aeca35d4d14c2bf68d36cea7661d10b1bee9e204eb7ee82ce39f9db73384fd410316b1ceafadc2cd99accbb20bda7af498d7ec872bc249bfc49c1168051faf57bb7adf961d21bd59e01d63c44390a213edf6dc1861db5c4b469f3951aa797d133c5642170edcb9f4519bbb53387d639f395ef5726fdc2ef6c14ecb5bb5bb654695bd3e30a0e8da71ec226ccefbc6d055ce08b4eb4494fd087f3d754520001c21e5c09a61d64d0fe523651b539f1a231f018811c6a726f3f8c094dca91f8a93cde30e28b2f1ca9a40cbcb8219fa092b0698bc67ad522afc586a8bd5ebc963828305645d4a59fd154f68627bb0c620981a8158dc748dc3c9b600be13aef861cf8eed59db6852c56a1e7da6ce06012c06438a1428339d569572fc403ea19996cb643fcf0741af0cd34b4ce96500f2db3bf7a4f9156d8f84b715c58ec31eeb46d4bac0127f1ce8e1cea447310cd201c5ad6dbba34eb3eded3dba9bd2ea976febf8c569a972b33c2d49d136fe4b2eb68b576edea0c1cb395072a920c4c4a76096a3571d0ee5a38bf5d532630a8b225936c306b6179a8ffd20fe888fa994e053c0c809541af45fc9baded353f62d8deace5310226f20a36e517b5ef8264e1a0dbc9a05b89fe1922323c5bf87cd4449165cf9b01b83076d1f748db236a0ac861ccede88f1158b2617b2855b05ee91c4aec43836ec1af53166674b4c4ce19841011e4722c3c6fc40a3f7fb0fdd2ef9e29deec01bad35a4304704f165a9c69e072a3e2d575992b0f43758062e96fa198cbc984db6fa8ab6467d2c0af08e8656d2917501a6f430794bd7ed20f5d1f8a59da93fb710938b4020327e669c7061a0930ebd8a5c37f1782ff009e3baf16a8a40b480adb7bf4bae6e32245a3d70d4a57eb3b3dc6a85906f71790c2e0c55fc76d071eb9b3c3ef9861165c5b5a9de74728042089e8e7185bdb7a1aa8adea5e36de87105e4a6003023563b15f615629d57d80767e18f6664763f801845cceaa3897687715bc354be12516e421a96fe5318fa048ba38f7d49c3b845e9f679e4937f985ced14ac81a5f0cfcb14bb04988b23c1c4cae62df7768ccb7e765c7ea16835275b342d48aae59d936797f0cb94b9d8096d31acb319c5e895fad155bd313be098005534c603b130132f33b060aa6ce5e2f04f2b431b57d51033827b6362fa471cf3298f82ffd0a4f70fa1a321a3f597ae0f78ce946a7ee392f59c9ce4434e77b1cf04f1046060251576958ce00b200c23d77fe4dd76b69d4d6b056f9716d5d5a859efab71539b0dfef62011e39b190b622756966b5eae166ef32479fcdadb467455ef664a31c0499b94df6526b1807addc479db5e5f72f36f8384f73d03adbc0e635ec6b020383fbf9ff2c16681bf5aea1d2ac868c24a519e4743847da189756230c782599707c9b0d9447276137973c36914f678b77605ba7a99e81f0ac6091e8017db188d2829eb1cf9c55494ef7242e3e539d5e89c77b0b73d477888d8f2ee6656f1c8362132f81a88938c6dddb1fd56eeee35db9ee757d5a49eb64f3c3194a72876075e10993b777ecec8550b4b582b3a5c4359ec1158ff0aa180509de8359ccf846bca1eaf2aa7e70236bad14591efec5c4aa721546c7d7cb413da24acc8bc2526ef683d0d0a796605ee2d6da8672d6b86afb1dce6d5dc1725f3ec40a6b4a1de7739e69ede48ed69c0ea5e8b6e4521d03bae4bb9e049a5889a56813bd12f5e62218a99fdd12583ddb26811b92c6fb23fb94c509fa9a8bbce0f2763088fdcc5b866f762585bc763fcfd52f21409c77acf5603ef44cf7b6b641318598151f4c95dcaf6b8eadc40d070af5aac52ae107661a7417cf357aa0362b6b0082e6609b44fb89e940afde602d1d445db91d3076a19d66f11f9d978e210f2781fdd760eea7b8b6fdbcc5ea27c90a92731630df65f9d467d8deadc17b1d3fd70209a22a68c48830728f78f88f0efd6363a28a7556749729e31b2b4aa0c0da433629b7945f724a2500be74483a02ddd6e80c0179d17e76842473d4d409ce4d978e8748aab90bcfe768066c3e6778f48d9f973eea62d7072d1a8da31c3e57a4e0428d63d2d5a22e49c0e70cf66df226895869d6fa89f434fa841274b4c2ae374d94de761764f6db11ce75e8e9fd8ddb19a306e7aa7335c23b5a578c75efbede9d83e38885fa6d11987d428e0644ad08ac4a8c46f166e94ac1a79ac4a5fc5d7bdb2f86851016f4d21d779bca2f7acd4d9486f630873247cb88ae8f5a93529974f85cf510403defc637d76dbbab2cd548715e19390ef23d0f442e5e186d93c54afa3fd4a718e1e3aa5c395a7d5f9018738925fa2dd168bb62e6ba3a0b836b648685f1f3d171dac6901b8cf64aadf329f8a02112498c034d55a7deef33f1a283ed42caab254bec58deec652d078c4bf6bbd2e7433dca5e5fcf0586291bfc2f1290f9977d1a98b75a1ec4cf04804d9bae7b108e57e782d19a67d8bbd62ed3cd3933642ba23662bcdc632a7d54e31b4a230d19236f65e8ee1d60d62e9ce346ab6fec19ddae7231c85aa961a4473c1b4b8bcc84853ac8dba3fe27f5531c47295ecd5370c0079f3cd88901f46185ac1de3d884fdf7c24c813412889826723556eb5bbfc3c40ef3fde3b9b741ae334cd0d2226ea3199d9187ed3250052c236572616d07cd0a733886a4ceed7ad3dc2226759ebaf5c069b5af7ffc57c22c6fd51d96bb83730b0b5ac81564454c2669186cb089a8e33f0e234812782d813a298ed9ce03507a9ef9733733bc045264a4d95bbaad166158fa8b8b45c1bfb7ca13ee82aa8bcdbedb896da58fe68f4294fe22ab0a2c75f39c22f2710c4e8401dffa4f200d75f2b23a45eb46f41bc068972f1e68d5ab0f1c702c1c07e03360879e5228edea97ba9ca16b1a1ff4bd05c8dd9bdb4bbea0fd8bb01c99d409cf88c3ee47647a73f06c0f11e90c9d7ed247e8dd6012b51b8557abda960229300c838607d5396fcb1a2518db6dd9b1771023570e0e5b32e3c67462caacb96733a5f412993aa93b8fb1bff287a2228cf5fecbcd48bb2aa91f691a515a51659f70ef90951498821f83f179ea7b457acba35119ce5df79e50ebe3500a693b938d10e0ecf3db80fc6b05258105d9504f6037d9b005eff6d4baaf1674af93d7086575420132b07d126d2005a8553500136c6ef01ef91247727f9a1d14f3b8095bd661f1cc497c9f828e0f90b166e66e93cd379c6910f829a8424a061614c583d1ef9349c39f57cb21c0ebc3eddac796780860bf1fc5b5a5de74e3a56aa2dfde36787ec3c28bf2f9970b5d4f999509cab4502e279357"}, 0x1017)
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r10, 0xffffffffffffffff, 0x0)

2m39.212473316s ago: executing program 2 (id=419):
syz_usb_connect(0x5, 0x24, &(0x7f0000001280)=ANY=[@ANYBLOB="12010003001f66088f0510660548010203010902120001049570810904008100ffffff22"], &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000ae0"], 0x38}}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x110, 0x8e, 0xb0, 0x55, 0x8, 0xf11, 0x1000, 0xa1aa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7, 0x2, 0x20, 0x5, [{{0x9, 0x4, 0x8c, 0x5, 0x0, 0x58, 0x9d, 0x60, 0x6}}]}}]}}, 0x0)
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r1, 0x627, 0x4c1, 0x9, 0x0, 0x18)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000a40)={&(0x7f0000000440)=[{0x3, 0x6000, 0x0, &(0x7f00000003c0)}, {0xe, 0x1, 0x0, &(0x7f00000004c0)}], 0x2})
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0xfffffffffffffffd, 0xa00)
ioctl$USBDEVFS_SETCONFIGURATION(r5, 0x80045505, &(0x7f0000000040)=0x6)
fsopen(&(0x7f0000000300)='rpc_pipefs\x00', 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000000180)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b3b373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5d38300d106d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r9, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r8, 0x4008af60, &(0x7f00000002c0)={@hyper})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x800, 0x0, 0x0, 0x0, 0x40, 0x8}, 0x20)
r10 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x40000, 0x80, 0x28}, 0x18)
fchmodat(r10, &(0x7f0000000140)='./file0\x00', 0x8a)

2m24.101057493s ago: executing program 32 (id=419):
syz_usb_connect(0x5, 0x24, &(0x7f0000001280)=ANY=[@ANYBLOB="12010003001f66088f0510660548010203010902120001049570810904008100ffffff22"], &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000ae0"], 0x38}}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x110, 0x8e, 0xb0, 0x55, 0x8, 0xf11, 0x1000, 0xa1aa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7, 0x2, 0x20, 0x5, [{{0x9, 0x4, 0x8c, 0x5, 0x0, 0x58, 0x9d, 0x60, 0x6}}]}}]}}, 0x0)
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r1, 0x627, 0x4c1, 0x9, 0x0, 0x18)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000a40)={&(0x7f0000000440)=[{0x3, 0x6000, 0x0, &(0x7f00000003c0)}, {0xe, 0x1, 0x0, &(0x7f00000004c0)}], 0x2})
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0xfffffffffffffffd, 0xa00)
ioctl$USBDEVFS_SETCONFIGURATION(r5, 0x80045505, &(0x7f0000000040)=0x6)
fsopen(&(0x7f0000000300)='rpc_pipefs\x00', 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000000180)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b3b373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5d38300d106d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r9, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r8, 0x4008af60, &(0x7f00000002c0)={@hyper})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x800, 0x0, 0x0, 0x0, 0x40, 0x8}, 0x20)
r10 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x40000, 0x80, 0x28}, 0x18)
fchmodat(r10, &(0x7f0000000140)='./file0\x00', 0x8a)

2m1.266823074s ago: executing program 4 (id=599):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x31, &(0x7f0000001600), 0x4)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e22d991000000000000a80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x20}, 0x1c)

2m0.600754572s ago: executing program 4 (id=601):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x40}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x58}}, 0x0)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)={0x74, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x60, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xd52}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "6748138112c7d8502ef6280195185679dc3b98f605"}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x40000}, 0x4001)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) (fail_nth: 3)

1m59.763696526s ago: executing program 4 (id=606):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r2], &(0x7f0000000200), &(0x7f00000000c0)=[0x0], &(0x7f0000000040), 0x0, 0x300})

1m59.69149474s ago: executing program 4 (id=608):
r0 = getpid()
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r3 = syz_pidfd_open(r0, 0x0)
setns(r3, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x8100, &(0x7f0000000200)={0x87, 0x1, 0x80000}, 0x20)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c00000004060101000000000000000013000000050001"], 0x1c}}, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x200)
ioctl$SNDRV_TIMER_IOCTL_STOP(r6, 0x54a1)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r7 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800)
sendmmsg(r7, &(0x7f000000db40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000240)="27cbb15041e6bf7eff3a597962e055d3", 0x10}], 0x1}}], 0x1, 0x4008840)
r8 = accept$alg(r4, 0x0, 0x0)
read$alg(r8, &(0x7f0000002300)=""/4128, 0x1020)
sendmmsg$alg(r7, &(0x7f0000007e40)=[{0x0, 0x0, &(0x7f0000003740)=[{&(0x7f00000000c0)}], 0x1, 0x0, 0x0, 0x20000000}], 0x1, 0x20040894)
r9 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0), 0x400400, 0x0)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0xc, &(0x7f0000000100)=0x3, 0x4)

1m58.7603376s ago: executing program 4 (id=614):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0xfff, 0xfffffe0000000001, 0x6, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003300)=ANY=[@ANYBLOB="3c1100003e00010329bd700000dcdf250300000028"], 0x113c}}, 0x8004)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x842, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xdaf}}, './file0\x00'})
r4 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000000)=@t={0x4, 0x8, 0x1, 0x2})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x111, 0x5}}, 0xffffffffffffff5a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0x12)
socket$kcm(0x29, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000740)='./binderfs/binder1\x00', 0x1802, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)

1m58.395162998s ago: executing program 4 (id=617):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, 0x0}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
socket$kcm(0x29, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)

1m57.908988428s ago: executing program 33 (id=617):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, 0x0}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
socket$kcm(0x29, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)

9.286004826s ago: executing program 6 (id=1078):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x3a3200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x470b923, 0x82000, {0x0, 0x0, 0x0, r7, {}, {0x5, 0xb}, {0xd, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x40000003, 0x3, 0x5, 0xffffffff, 0xfffffff5}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

8.684491289s ago: executing program 0 (id=1079):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24040010}, 0x4004)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r6 = socket$kcm(0x2, 0x1, 0x0)
listen(r6, 0x2000000)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000040)={r6, r5})
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x530, 0x18000c, 0x3, 0x59c, 0xffffffffffffffff})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001000)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {}, {0xfff3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = memfd_secret(0x0)
bind$alg(r9, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
r10 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x8020, {0x0, 0x0, 0x0, r11, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004)
r12 = socket(0x400000000010, 0x3, 0x0)
r13 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, r14, {0x5, 0x7}, {}, {0xa, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x22044028}, 0x84)
r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r15, 0x0)
r16 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r16, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in=@local, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x9}, {}, 0x1, 0x0, 0x1}, {{@in=@multicast2, 0x4d2, 0x33}, 0x0, @in=@private=0xa010100, 0x3506, 0x0, 0x2, 0xb7, 0x2}}, 0xe8)

8.432817198s ago: executing program 5 (id=1080):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000640)=ANY=[@ANYBLOB="180000002d00010026bdf0007cdbdf2504000000040010"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="0380c2000003bbbbbbbbbbbb080045ffff3700000000000190780a010101ac1414bb030490781200183f2500000000680000000100007f000001ac14140e00016337febb18"], 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x84)
fcntl$setstatus(r2, 0x4, 0x800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r4, &(0x7f0000000180), 0x4000190, 0x0)
r6 = io_uring_setup(0x6613, &(0x7f0000000280)={0x0, 0x0, 0x10000, 0x0, 0x1fb})
r7 = io_uring_setup(0x63d5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS2(r7, 0x14, &(0x7f0000003480)={0x4, 0x0, 0x4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}, 0x2)
io_uring_register$IORING_UNREGISTER_RING_FDS(r6, 0x15, &(0x7f0000001580)=[{0x4, 0x0, 0x0, &(0x7f0000000180)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}], 0x1)
r8 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
ioctl$NS_GET_OWNER_UID(r8, 0xb704, &(0x7f0000000080))
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0)
writev(0xffffffffffffffff, &(0x7f00000005c0), 0x0)

8.213715249s ago: executing program 6 (id=1082):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00'})
openat$tun(0xffffffffffffff9c, 0x0, 0x22100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = syz_open_dev$vbi(0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f00002b4000/0x1000)=nil], 0x0, 0x0, 0x2)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)="8be784923875240482ec7379b8172e5c1e53055c40fc337edb9ea527ebb1782e4079cdd07a0d037f22fc7eb32972f5944d2deddf9ffc0262e5f0c368373a54021ec9505baa10c2ecee1dc09c9a6d2315ecf72d3f4294516ea15c49ac577d6782bef82a2dcecf65b38b578d7b88e3cfda12222fe6f77c665e754cb1a7c26c89169871970af6e23b5ec68d9d52229f2972b7a9f158da6f8e19e5a415c60105b57a7447c2bcb02d2b1489635cd5ddf6fb81f6500540136422c34d835abe1eba9406825d32439ea56e1ae5b02410e217c58668a1b71cdc0d43a467e0479c70b7eb3eee70ba51321b", 0xe6}, {&(0x7f0000000500)}, {&(0x7f0000000580)="60fd781d29b19a8acab4d4b69965378c60180ece3eb1a0cbeee9cd7eb41577e8b641ec5f8e72c2132dad84798c0c600a47cf3a55b89e6f0b2b3ab407ca6a76216b705d36345801b8147783e68cea26c1021e4d06e8c0abf147d3cd0f59c206b488f1527aa125bc8cdb727f04633cfe7f1f063ff8ba9b00f4319a35", 0x7b}, {&(0x7f0000000700)="1a034996b5eeb3c07ed3e9cc4d78bb1b594298991e16e6e490d96f370a452e6874ed3310bf97a6e482568b85b170bbc85c5fad48af4aad94b14ea5f48fbd87c88b76d72ab15cc0ec0000000017e4008f6f53e9a49a", 0x55}], 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="24f2fa00000000000100cc497d640200e70f99892dfb4490c292d4f7227a7b10388049", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="000000001000000000000000010000000100000030000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="e42e6545d09e5977b8935b3ece4699ebed6a0dbdce9bc2c954a8e9549ca7f10e09a9ce20113b52b6aed7206f842149ed3a15de647f74cbabbf7f69e0c40e16882df73478b33f6dbcd27687c3f2f11ece65299869328bc7d48d48b4bb50a123d6423fad38fee5f72f6f23f195e4ec36ddfef5cd613fcc656cfbdbdfe85777814f53c114d875d1", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1], 0x68, 0x4004015}}], 0x2, 0x20040800)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
read$FUSE(r3, 0x0, 0x0)
capget(0x0, &(0x7f00000001c0)={0x7, 0x1, 0x2e7, 0x8, 0x1, 0x86d7})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x27)
r4 = userfaultfd(0x801)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x105000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f0000000200)={0xffffffffffffffff, 0x2, 0x6, 0x3, 0x200})
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000100)={0xf0f014, 0x6})
r8 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r8, 0x10e, 0x2, &(0x7f0000000240)=0x20, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)

8.047693067s ago: executing program 0 (id=1083):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f00000000c0)={@private2={0xfc, 0x2, '\x00', 0x1}, @remote, @private1, 0x5, 0xff81, 0x1, 0x100, 0xde52, 0x1000005})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x4e22, 0x0, 0xa, 0x20, 0x0, 0x67}, {0x0, 0x0, 0x1ff, 0x0, 0x0, 0x1, 0x0, 0x4}, {0x0, 0x0, 0x54, 0x3}, 0x3}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}, 0x1, 0x0, 0x0, 0xc000054}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@flushpolicy={0x1c, 0x1d, 0x1, 0x0, 0x0, "", [@policy_type={0xa, 0x10, {0x1}}]}, 0x1c}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x439ee000, 0x0, 0x35, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0, <r3=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b00)={0x28, 0x18, 0x1, 0x2, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r3}]}]}, 0x28}}, 0x0)

7.419059963s ago: executing program 1 (id=1084):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x10)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x7, 0x1, 0x0, r2, 0x4})

6.466839047s ago: executing program 0 (id=1085):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
socket(0x11, 0xa, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
write$UHID_INPUT(r1, &(0x7f0000002d80)={0x8, {"e2104ce033181fee7d2aef1e6b9219c3a07b4973d1f968dadae7a98c550526de02f271fb40765fe250f896841f24d5a1320604ebd9c9778a219e85cc4f82a60e34a40f882f44af0532948028c0edf4be23ab23c1c91603f4553559c9ddff1d5374a8ffb5d1e89e87af7d0eeadb88ed1364e735cb878691745f6ca67910d6cbdfd7888bdabc948aae118a2ef96fd2d61784ab2a00a792c2ad02cb58b02c4b7133140cde2c8ab8831510ea7487884519251065735c454359e6cb52cf6ceea1121c15001f8ca52692aff3e4cfff6e1e2d8175a01ea216255c54435185fe63a78a14503693af6bbd379e353778429dbc712297433f02168cd66ab0d7ed1b041fb4cf1d937ee9cf6bbdbca2165d66804ed9d9577f6717cb659a1b3478313bbea89c8ebbf0f68c20c9e6685083a6ce458030b1063c00eb8bcec4fc8e0020af35bbb3ffe1187fb716a5b97e359d1e906c67893d5689ce5a12abea75eb1adaa9485061eaa9e65f473c2a6ec1d1844a7d87ec674084f83a5ae8f6078b2d38aa96a15778021133404e3f62a35fcfc291264311ae15043cfeaac47dea56c1c567d0a3edfc6b193e5ad9de9878041c8e32d138f00012eed76370a3c886be9f89d7660e7c066328d75557771c5a8d96bec6b31d849810e2ceb2d66bd31e82b5e48371822683a84c8a02b79d5266ea3d8b589e74d7feefd5204d48c56c9db8882384f5e45c0220e03aea5240a5f52a1308ade6ca05f8fb46c6fbb91b040c18783b76bd849cfeac58505d41ee22caeff1f8011837ae20febdcddedb34cbe8e4dfc3a00f40934f07f69d45f96199d4764b642418c2bc76ba207b0c9c90538a6b4ebb724b36afb46c4ea3690173329967a0da39463b61130166f2593041a40448a87b10a082adcb6a32f5f37ad147d85883c4bcc9bb76f9aa09161f1a18b7edc5fd558ee0a9ea1fe2b913c52eee74821cea42ed28bd98ac1f173c0024efe18dce3a76580fd1564474bbed8d3558424f363cae73b2effb906b4b5da3dcde0990baf93c37d689e96470986da96f6bf582300de3def244583d0853768ba94a5f0069b5963b85e9e60a12fcb44dd8004882aea3fcaa0d3bfe82128654962f959a8cc17ce3749b87dd210efc6553a1e0adb400fd473be4dbb11e744d76f274664b770d4076f664c0c2c37034507c4a986b6a1d1c57063dcbb1b6e64a35a05b863704854d38802938778c944d9f64dc074d102d81ac21f29910880bebb5ba34660e4dcee0d215f7efd8f0cff25c7f7afa270d55cc4e4a5620b25ed1a632e17e4995446658a474f1846e76dac388cd35c0d13522621ce5fb473327766b886ed8d9d9ea6d37c5ec35781e83550677833c4e5da25f5285f4dffc3896c86df548762b60cd7d6fe644140967fea29e8bace23e8168607c8b637be837fe68ad97186eec554b43f574b382df40c45747ae4f6942c3641df8e8677475eaf8f9ea6024f1a0870721377a63b88a4161aae9dbab0e4cf028227f4296922020ed04dcaf3cbe74ff3069e480b9be0a5f5a6afe4f2e90c6cd35b59999146b3bbeb29891829942b63624f240a14dea9acdd297213487e1007c61188dfa1e4a2e3173d25a495880e013668868f769a68f98bde05b49f7a95731fd3ec6e2ea4da50fd7ae9dd038b345e30cec196d5d8aea6fba546feb2c42181d0b8fcb7dbc37aefa299656cf245e894a3c83ddd5671caafb9f751ad589e10a73408a48700c28978c20e94760a8c5e153a64ada6325768dc7a2c8be606f19be04b851412bb0ff8b031207b8bea6c4992c4666b50a6b0d66071ab87c73c507e26f723686e29d711a8c60dc9347d33e4acf919f9351f839caba5eb4e778957d33f0be43d0aa2d53b41aacac088cb88a18ddaa225eb718207b84908572861ea7b4f62f3d4dc373fd174867aee08af979efc737eb4bd51efe5146d1ae4dde5a9a8b39e4c7efebaf88e81ce059ebb8641d7b8c3ddefb0196a628503f6f38adea392d951463d0a4dc4458ad0c0a574ebd5ef4cf3f3eb5bd46aa0f687f0cfe1a1ad11fb00129441fab293ca156058a1046b2791ca258c84ba7f5ae3b8f7636baac2bac9977bd2fffc8012c33078a2ad50af0f05741215d5e68fb00875c1346c7daa2ecefa9739925b94529eb9949fb9fdfb9ae036b11f5b61d346e01ddd59086f36695ce4ea9829a05b2408d7e8541ea4b9fe0cddda9fc721815909de166531784219cec2ee3248731f4716182cbaa2fefc1dd006d2d2a14bf37bab2bd4b38b46ff70b813e26adc23200577aec3d1d8af40bfd003a24b20145533edc9fae5c30f33b3c54e42fd3b34994e84a3fbc0f71cffb22925b1b4253a439c94ac7c93597c7b10da4aebc209293b6c615541c1e746c5e385dfff9e48963e7a3b2180b5a86df842b2984d8d7ca288269c101118e985cd10744a342ca920a45f70f38783a12f1472edb353053e796d526220ee9bf8e3a8c3f1222e0b599a65799ea1463d3217e6222ee96080347ab0d0ad735f9e47e7a2086f9dcc2e1f6afa4b5e340093427e2f8d6ba93378eb2edcc2f979733a5b5e47cb0d2522c7eeab6b0addf03995bcacc56122158251a089aafa2b18729c7fcdc66754337094649febebc132a412c1949adc59552af59da144a3accba7509de79092352e7f33118cf9908723369b1e291d77b6f36c0074f725fdf9fb832f62f6f3e0bcef37881ccec144e47fe2734a4ef03ece0d62bc66fa6595476f6cf56ed21df8eb7c60d7439b20f3a579bc6a23d1b2055679b4cbc57867a2f0b60f99554ffcf4b6314cfaef5c87ac93b704fefe933e70bec0b922d791af362d76823319f2f6dd36cb93031e98ebf2666914697aac868225476f28491ddfe05a6f56bb2907f7231612c4bc54af2bb768ae43414fe4f9ad0872221e18c1fec450ce9cb197bda5c1579135b8336a79c08be0ecdee51e190162790822b46ebe3e3b5692e6e66bbbdae5442b58383039b37fec4cdf0a19fc9551eb6d02e008f27aa565c25e10cd3f8b031a74765770f824b18a24afbfd450fd871fc698e37cb0f2687f87453fc8272a4581933331f6503fdc0050c4a7b510b2b39b11800b2c15d75d113a8572366cc045a0e004086a6600b11c22e84c6e52d60ccde73cfa63a0a892795b85197491820908c4d4d01aac556cebabd29898f3c232f92e883f789b1c409f77fc0bfe5557a66084de6d1b3e43d29a09dbaf8503c118129dac2c5a055d47b82b0ba030900c5214d5b7be77881b01eb150f29114ab9cb53a0415eecd5c7d789b73cd70d057de74c9edb3ecd216fb7d8423dd0ac309374aa966431a0bcebe16a8cd5c29de20a33808451bd29e84cef7183c4fecc8ddab445d46fc2f910e736cf7a84c6bc225c231e098c7dea4440beb5f914cc304a9b2436836fa52433f1ae34b47ffe079f5e12a9e7a5445e878ee2920533f20539493fc7e343bcece07b484eacd0826e1c64f6242f861fe707d71a01240c2a0d12b62560968db54d0e02dc686cc0dfecf088048c00f8c9f3f437cbc90469be36fc5885750939cbf6189640f01b0ed98c79a0a17a714b56f0cd8f9c3302c24afc2d1365092cfbc8c2a075b33f9f78bdcd8dff3d78f9d1375d4dbac704225eed6245e68606d0ab20262a88c111747a4f1605f0eb185e8fade689697eec78b5d0058db44ea07f666cedf35ed64a1b5c30c779675f17adb50d1d93234505d3f78249100751a2a8cd7f8d0a42bc363cacdcf5ff93fd8902390efeb079857a10ba79c0692ace452c224e7caea50f4b6780d271f1a23c59feb6ca2ee4cfd28b13a98e0708f1d71accac13f29cb2e58578fb9fadd01e9d6b102b73f6905057851db6ea7f037e4063371f9f0251bd3cec5f44c9599815c099d6fdfead71cf8d01082c9520da87a7cb24f4757af66cb7431e4431d55141da18a84b302c25e4a6a1c4c2c3ea4f2d4bc2fa7c676cd82a90c6c874f8a7cc62c4551d25563ed36191d627dbd700938acd24b5f434e7f5e02412893bc37ef44eef5aeba0c5dc7b97646ce41d0342e848fa19a08e084902da08f6e884a4256d2424c37edc81ab21c5e8e025cad134889189ecb3da1f127adadb600184381255721c375a6744f7a81c2dc13555be27bfcaf7adca6115e4b688034ca6f7c77f4e50775d106aef7fec567d4189383d0305764cd2ce3057870ad63a6f50e64760113c725b7c89c60c4f7c34695a77c82d88846461cae31484ddc72fd209e4730ccb268c59efa4f9e343106335f12b7503f4bc5c53f98c22329f1ff441710624247eed218f706952fd09e90ecc7700496b2e8109cd6c652820977e2353724730e05f45417b490a537f33e22bc4c2f2821b6de1c35ad2c2725431bfda0e96f7b8d7989816de1d8fe8392fb1b9388c4762cfd779c3f884b7a6de72cc878f7bbda97cf389b36b54f78ed5c89f1d0bb92380d148d23d41bf479f3220d5057868d3885f33c60a73bdfb276ccd31defdbeeee67df8eb88fcd28a8d6f70692da24b747bc418aad3563d6847af5e35647bf2870d55338cf0e6c38d48d2cec2a088adba0fb67a648dfa87cb5deaaa4fdc0e66d33f577762df2b28ec06c05efbb27106377dc7c1760d669ad9e1c50e6341409c73a4dc37997bb87c3e119888525bcac6d39d76b631165b0ab3ab06f2719b17fb0f0d3d265607fe2b845befafef6e87b816be1989cbec29e8d05bb870eef3410a6cc6345e9fa8888ae81cb52c70ce7b098c5c1a313e7baa58c16ff413ceb0d23b3c28935f30633bc292fadea5d6f4c78cbe1cb401a1927c33c4d3dcc3296e4c424fa7f89a3f4cade7cc5456f05955d580b1db4d440d274a77058672a3b2bb2d544fd42be9f0fac077f2d31d4cf1546829826deacce83674ada8570906e4d611bf4eb7540d12c483e445b15a79572c4cf0a6ac7a7968507fb345386aa8b7a2c6438efe9847f44131c4a6edc8c575bfdd929ef594d993aa39826dd3aedc8ccce7d6c45f3d82b923d7c7b0bea85d01aff84853f2f33caee69c136bae0dff05a3e502f3e6a2fcf303d48b523aa5ed2cd0fbfe327f1e7998a17477e1909b6be448c8ff703436adee2db71cfd65297fa0c10d358d69915aeaf9882d84db6fc59fa6cfa67e9050d68d8275367b040f04181021d85f50a78080cfd395258004b7a4937bd7c6294b451b6efed15be56b4af68cd093832ff73debaa95b84b3b88492c1e28d802cd493f07680a1cf969c8227dc152251d176cc400df0840503bf2df0629d0af9c42356490e0cb2c5476d9c58e7451cf68cbaaedb07e297b631b79e99652d5708177f54ca6ba0fc74287594fae201b99dbee225e52780f3cfc03aafaa4737ecc891cfe7062807cb40fdd54180a2f086c528877d8661f51401f500cddb18d927f45a936702d85ba296c4e7cc0af9e419f02ba51077aed9bafd94cd4f5b93b37df3d99e68158c3da508eb1ef971e555ef07d37f5bcab44c8810ec2738cc0f15d80da69a12ad6a365b64f1d53b2216a6da333f54681ece89d28d181f670af200b30e59c86fd888efb67f1153fe4263c4b9285efa307313547df2d04565a4e37873d69b78e86d664357dd4f0680917a717b5241cfe87aab1b0cb8ced8d86d34ffc8e4da076ad273ca19b4b3ee1d9d3ddb69ecc5043e6f70d248ff0214a0333dac691675165ea2a6e65e5cfca1bc34f6bd3975bcebc0273f121154dc52b1c0adb745b7df7c8234922eff20019409c5f0cad013a63d9d6a6d72e151b18d448fe1bee5723b6858a9ce9f396f169d9640a0e8e391bb0229ec09d490f51c6f7247365e1c09", 0x1000}}, 0x1006)
creat(0x0, 0x43)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB='\x00'])
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
sendmmsg(r4, &(0x7f00000021c0)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000005c0)="1a", 0x1}], 0x1, &(0x7f0000003040)=ANY=[@ANYBLOB="10000000000000010000006800000000"], 0x10}}], 0x1, 0x4004000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x0, 0x300, 0x70bd2e, 0x255fdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x2010}, 0x4001)
writev(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f00000001c0)="84", 0x1}], 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xe, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x5a, 0x9e, 0xa, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x6, 0xf1, 0x0, 0x8000000000002, 0x4, 0x1, 0x6, 0x0, 0x45, 0x1, 0xbdb], 0x1, 0x1c4213})
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000bc0)=[{{&(0x7f0000000180)={0x2, 0x4e27, @empty}, 0x10, 0x0, 0x64}}], 0x1, 0x20004840)

6.463454108s ago: executing program 1 (id=1086):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r2, 0xcccccccc})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r2], &(0x7f0000000200), 0x0, &(0x7f0000000040), 0x0, 0x300})

6.226443678s ago: executing program 6 (id=1087):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00'})
openat$tun(0xffffffffffffff9c, 0x0, 0x22100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = syz_open_dev$vbi(0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f00002b4000/0x1000)=nil], 0x0, 0x0, 0x2)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)="8be784923875240482ec7379b8172e5c1e53055c40fc337edb9ea527ebb1782e4079cdd07a0d037f22fc7eb32972f5944d2deddf9ffc0262e5f0c368373a54021ec9505baa10c2ecee1dc09c9a6d2315ecf72d3f4294516ea15c49ac577d6782bef82a2dcecf65b38b578d7b88e3cfda12222fe6f77c665e754cb1a7c26c89169871970af6e23b5ec68d9d52229f2972b7a9f158da6f8e19e5a415c60105b57a7447c2bcb02d2b1489635cd5ddf6fb81f6500540136422c34d835abe1eba9406825d32439ea56e1ae5b02410e217c58668a1b71cdc0d43a467e0479c70b7eb3eee70ba51321b", 0xe6}, {&(0x7f0000000500)}, {&(0x7f0000000580)="60fd781d29b19a8acab4d4b69965378c60180ece3eb1a0cbeee9cd7eb41577e8b641ec5f8e72c2132dad84798c0c600a47cf3a55b89e6f0b2b3ab407ca6a76216b705d36345801b8147783e68cea26c1021e4d06e8c0abf147d3cd0f59c206b488f1527aa125bc8cdb727f04633cfe7f1f063ff8ba9b00f4319a35", 0x7b}, {&(0x7f0000000700)="1a034996b5eeb3c07ed3e9cc4d78bb1b594298991e16e6e490d96f370a452e6874ed3310bf97a6e482568b85b170bbc85c5fad48af4aad94b14ea5f48fbd87c88b76d72ab15cc0ec0000000017e4008f6f53e9a49a", 0x55}], 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="24f2fa00000000000100cc497d640200e70f99892dfb4490c292d4f7227a7b10388049", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="000000001000000000000000010000000100000030000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="e42e6545d09e5977b8935b3ece4699ebed6a0dbdce9bc2c954a8e9549ca7f10e09a9ce20113b52b6aed7206f842149ed3a15de647f74cbabbf7f69e0c40e16882df73478b33f6dbcd27687c3f2f11ece65299869328bc7d48d48b4bb50a123d6423fad38fee5f72f6f23f195e4ec36ddfef5cd613fcc656cfbdbdfe85777814f53c114d875d1", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1], 0x68, 0x4004015}}], 0x2, 0x20040800)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
read$FUSE(r3, 0x0, 0x0)
capget(0x0, &(0x7f00000001c0)={0x7, 0x1, 0x2e7, 0x8, 0x1, 0x86d7})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x27)
r4 = userfaultfd(0x801)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x105000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f0000000200)={0xffffffffffffffff, 0x2, 0x6, 0x3, 0x200})
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000100)={0xf0f014, 0x6})
r8 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r8, 0x10e, 0x2, &(0x7f0000000240)=0x20, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

6.155474045s ago: executing program 1 (id=1088):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x60, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080)

5.002379241s ago: executing program 1 (id=1090):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x3f, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
set_mempolicy(0x8004, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r1, 0x114, 0x5, &(0x7f0000019440)=""/102400, &(0x7f00000000c0)=0x19000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x9, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bind$alg(r4, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NAME_TABLE_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="69db2abd7000fcdbd7251000000076a557c07c61d71a1f6ce424f53dfd833836d53515d6a49c4ab1933a3ad0eb9a4d9e6513899a893a0c9501905fac6c0e7f59c148286d4148deacfcea596a964a87194e6e4082ed"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x4004880)
r7 = accept4(r4, 0x0, 0x0, 0x80000)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
sendmmsg$unix(r7, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x9802}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

4.893484473s ago: executing program 5 (id=1091):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r3 = io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e6, 0x2, 0x2, 0xf2})
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r3, 0x12, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r3, 0x13, &(0x7f0000000400)=[0xe758, 0x8], 0x2)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, &(0x7f0000000180)={0x1, 0x1, 0x8001, 0x1}, 0x10)
read$FUSE(r2, &(0x7f0000000880)={0x2020}, 0x2020)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x8, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0x5, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x7, 0x1, 0x407, 0x5, 0xfffffff7, 0x8, 0x4006, 0x6, 0x7, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x9, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012b, 0x8004, 0x5, 0x6, 0x129432e2, 0x1, 0xf9, 0xe, 0x10, 0x6c7, 0x9, 0xfffffffc, 0x80000003, 0x203, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xa1, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ff, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x401, 0x101, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfdffffff, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x250, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x404, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x2, 0x5, 0x8, 0x401, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xdfe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x6, 0x40, 0x0, 0x7ff, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x0, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x7, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0xfffffff9, 0xc8, 0x9, 0xfffff000, 0x7, 0x3, 0x7e, 0x100, 0x9602, 0x1ff, 0xaf, 0xfffffff9, 0x6, 0x226, 0x5, 0x7, 0x8, 0x30b1d693, 0xa21, 0x1000f40, 0x5, 0x1, 0x6c1b, 0x0, 0x4, 0xffef, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x40fff]}, 0x45c)
request_key(&(0x7f0000000480)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000100)='\\\\@}\x01\x00\x00@\xf5\xe2\xdbE\xc0P\x02\xe0\xf2\xaa\xe6\x00\x00\x00\x00\x00\x00\x00\xd0\xa1B\x80\xd3\xcc\x06D\a\x00\x00\x00\x00\x00\x00\x04)\'\x03t\xcd\xe8\xd0u\x01\xff\x01\xd1', 0xfffffffffffffffe)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/keys\x00', 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
read$FUSE(r5, &(0x7f0000000940)={0x2020}, 0x2020)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f00000001c0)=0x7fffffff, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000300)={0xc9, 0x0, 0xc})
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffdfffff9, 0x4031, 0xffffffffffffffff, 0xb7b56000)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

4.443890867s ago: executing program 3 (id=1093):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x59032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x4008031, 0xffffffffffffffff, 0x5b76f000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x497, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

4.343459428s ago: executing program 6 (id=1094):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x1c, r2, 0x303, 0x70bd2a, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x9)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
unshare(0xa000680)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000005d40)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000400000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a54909e8441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce993c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1a8f2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f2466a39addc610406744a8715dbdb12de0a8e53079adc05002703e2f47ba499d0d593e3dc071fe30e0d29c69c5631fbf30c8082905d6834e82b75a0722b273fe4da1c6645e8d3913c8cd8ac50a8a0a25f98c4da5bfd14ea0ca884dba1b0eff2fd6e294e127f9d26ecbeca028d14439a41e8fd11cba79605e26b4cc4b7b6c128e3b9efc02682"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r8, 0xf0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0xa)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendmmsg(r7, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000ac0)='<', 0x1}], 0x1}}], 0x1, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r10, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}]}, 0x30}}, 0x10)

4.292358324s ago: executing program 5 (id=1095):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000005f00)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r3, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x28000)

4.124186234s ago: executing program 5 (id=1096):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58) (fail_nth: 4)
socket$packet(0x11, 0x3, 0x300)
close(0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.703942798s ago: executing program 5 (id=1097):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x40000047ffffe, 0x1a2c42)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x2, 0x0, {0x0, 0xffff, 0x8000000000000001}}, 0x28)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001600)={0xffffffffffffffff, 0x4f3, 0x30}, 0xc)
r3 = syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000001680)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {0x1b649bc7}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x7, 0x11, &(0x7f00000013c0)=@raw=[@map_idx={0x18, 0x0, 0x5, 0x0, 0xb}, @map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @map_idx={0x18, 0x1c, 0x5, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0xae}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10}], &(0x7f0000000240)='GPL\x00', 0x80000000, 0x25, &(0x7f0000000280)=""/37, 0x41100, 0x70, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001540)={0x2, 0x0, 0x4, 0x14}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x6, &(0x7f00000016c0)=[0xffffffffffffffff, r1, r2, r3, r4, r5], &(0x7f0000001700)=[{0x5, 0x3, 0x2, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x3, 0xa}, {0x1, 0x1, 0x1, 0x8}, {0x5, 0x5, 0x3, 0x8}, {0x2, 0x2, 0xc, 0x3}], 0x10, 0x7}, 0x94)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x60, 0x10, 0x437, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40c89}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LOCAL={0x14, 0x6, @private1}, @IFLA_GRE_REMOTE={0x14, 0x7, @private0}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
write$binfmt_aout(r7, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000040)={0x0, 0x40000000, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
syz_usb_connect(0x5, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x310, 0x18, 0x6, 0x2d, 0x40, 0x5ac, 0xb231, 0x8500, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xb0, 0x1, 0x60, 0x49, [{{0x9, 0x4, 0xda, 0x7, 0x0, 0xff, 0xfd, 0x1, 0x6}}]}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})
r8 = syz_open_pts(r7, 0x0)
poll(&(0x7f0000000140)=[{r8, 0x212e}], 0x1, 0x9e)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r11=>0x0})
setsockopt$packet_add_memb(r10, 0x107, 0x1, &(0x7f0000000080)={r11, 0x1, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}}, 0x10)
setsockopt$packet_add_memb(r10, 0x107, 0x1, &(0x7f00000002c0)={r11, 0x11, 0x6}, 0x10)
close_range(r9, 0xffffffffffffffff, 0x0)
r12 = dup3(r8, r7, 0x0)
ioctl$TCSETSW2(r12, 0x402c542c, &(0x7f0000000bc0)={0x7, 0xd808, 0x8, 0xfffffff7, 0x2, "4dd5d26bd8b1eb227705ecfba7158d29559dba", 0x5, 0xa6})
ioctl$EVIOCGID(r12, 0x80084502, &(0x7f00000003c0)=""/4096)

3.57934388s ago: executing program 1 (id=1098):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r2, 0xcccccccc})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r2], &(0x7f0000000200), 0x0, &(0x7f0000000040), 0x0, 0x300})

3.077039799s ago: executing program 1 (id=1099):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x9, 0x5, 0x180, 0x4, 0x10, 0xf1, 0x51, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x122182})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x300f})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.89201874s ago: executing program 0 (id=1100):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x60, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080)

2.822539391s ago: executing program 3 (id=1101):
syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x3eac, 0x400, 0x2, 0x105}, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00'}, 0x48)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002ec0), 0x48)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e000000001800", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

2.480219068s ago: executing program 0 (id=1102):
syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x3eac, 0x400, 0x2, 0x105}, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00'}, 0x48)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002ec0), 0x48)
socket$alg(0x26, 0x5, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

2.463840294s ago: executing program 3 (id=1103):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00'})
openat$tun(0xffffffffffffff9c, 0x0, 0x22100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = syz_open_dev$vbi(0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f00002b4000/0x1000)=nil], 0x0, 0x0, 0x2)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)="8be784923875240482ec7379b8172e5c1e53055c40fc337edb9ea527ebb1782e4079cdd07a0d037f22fc7eb32972f5944d2deddf9ffc0262e5f0c368373a54021ec9505baa10c2ecee1dc09c9a6d2315ecf72d3f4294516ea15c49ac577d6782bef82a2dcecf65b38b578d7b88e3cfda12222fe6f77c665e754cb1a7c26c89169871970af6e23b5ec68d9d52229f2972b7a9f158da6f8e19e5a415c60105b57a7447c2bcb02d2b1489635cd5ddf6fb81f6500540136422c34d835abe1eba9406825d32439ea56e1ae5b02410e217c58668a1b71cdc0d43a467e0479c70b7eb3eee70ba51321b", 0xe6}, {&(0x7f0000000500)}, {&(0x7f0000000580)="60fd781d29b19a8acab4d4b69965378c60180ece3eb1a0cbeee9cd7eb41577e8b641ec5f8e72c2132dad84798c0c600a47cf3a55b89e6f0b2b3ab407ca6a76216b705d36345801b8147783e68cea26c1021e4d06e8c0abf147d3cd0f59c206b488f1527aa125bc8cdb727f04633cfe7f1f063ff8ba9b00f4319a35", 0x7b}, {&(0x7f0000000700)="1a034996b5eeb3c07ed3e9cc4d78bb1b594298991e16e6e490d96f370a452e6874ed3310bf97a6e482568b85b170bbc85c5fad48af4aad94b14ea5f48fbd87c88b76d72ab15cc0ec0000000017e4008f6f53e9a49a", 0x55}], 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="24f2fa00000000000100cc497d640200e70f99892dfb4490c292d4f7227a7b10388049", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="000000001000000000000000010000000100000030000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="e42e6545d09e5977b8935b3ece4699ebed6a0dbdce9bc2c954a8e9549ca7f10e09a9ce20113b52b6aed7206f842149ed3a15de647f74cbabbf7f69e0c40e16882df73478b33f6dbcd27687c3f2f11ece65299869328bc7d48d48b4bb50a123d6423fad38fee5f72f6f23f195e4ec36ddfef5cd613fcc656cfbdbdfe85777814f53c114d875d1", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1], 0x68, 0x4004015}}], 0x2, 0x20040800)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
read$FUSE(r3, 0x0, 0x0)
capget(0x0, &(0x7f00000001c0)={0x7, 0x1, 0x2e7, 0x8, 0x1, 0x86d7})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x27)
r4 = userfaultfd(0x801)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x105000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f0000000200)={0xffffffffffffffff, 0x2, 0x6, 0x3, 0x200})
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000100)={0xf0f014, 0x6})
r8 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r8, 0x10e, 0x2, &(0x7f0000000240)=0x20, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)

2.237531525s ago: executing program 0 (id=1104):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00'})
openat$tun(0xffffffffffffff9c, 0x0, 0x22100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = syz_open_dev$vbi(0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f00002b4000/0x1000)=nil], 0x0, 0x0, 0x2)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)="8be784923875240482ec7379b8172e5c1e53055c40fc337edb9ea527ebb1782e4079cdd07a0d037f22fc7eb32972f5944d2deddf9ffc0262e5f0c368373a54021ec9505baa10c2ecee1dc09c9a6d2315ecf72d3f4294516ea15c49ac577d6782bef82a2dcecf65b38b578d7b88e3cfda12222fe6f77c665e754cb1a7c26c89169871970af6e23b5ec68d9d52229f2972b7a9f158da6f8e19e5a415c60105b57a7447c2bcb02d2b1489635cd5ddf6fb81f6500540136422c34d835abe1eba9406825d32439ea56e1ae5b02410e217c58668a1b71cdc0d43a467e0479c70b7eb3eee70ba51321b", 0xe6}, {&(0x7f0000000500)}, {&(0x7f0000000580)="60fd781d29b19a8acab4d4b69965378c60180ece3eb1a0cbeee9cd7eb41577e8b641ec5f8e72c2132dad84798c0c600a47cf3a55b89e6f0b2b3ab407ca6a76216b705d36345801b8147783e68cea26c1021e4d06e8c0abf147d3cd0f59c206b488f1527aa125bc8cdb727f04633cfe7f1f063ff8ba9b00f4319a35", 0x7b}, {&(0x7f0000000700)="1a034996b5eeb3c07ed3e9cc4d78bb1b594298991e16e6e490d96f370a452e6874ed3310bf97a6e482568b85b170bbc85c5fad48af4aad94b14ea5f48fbd87c88b76d72ab15cc0ec0000000017e4008f6f53e9a49a", 0x55}], 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="24f2fa00000000000100cc497d640200e70f99892dfb4490c292d4f7227a7b10388049", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="000000001000000000000000010000000100000030000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="e42e6545d09e5977b8935b3ece4699ebed6a0dbdce9bc2c954a8e9549ca7f10e09a9ce20113b52b6aed7206f842149ed3a15de647f74cbabbf7f69e0c40e16882df73478b33f6dbcd27687c3f2f11ece65299869328bc7d48d48b4bb50a123d6423fad38fee5f72f6f23f195e4ec36ddfef5cd613fcc656cfbdbdfe85777814f53c114d875d1", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1], 0x68, 0x4004015}}], 0x2, 0x20040800)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
read$FUSE(r3, 0x0, 0x0)
capget(0x0, &(0x7f00000001c0)={0x7, 0x1, 0x2e7, 0x8, 0x1, 0x86d7})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x27)
r4 = userfaultfd(0x801)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x105000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f0000000200)={0xffffffffffffffff, 0x2, 0x6, 0x3, 0x200})
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000100)={0xf0f014, 0x6})
r8 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r8, 0x10e, 0x2, &(0x7f0000000240)=0x20, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

1.307237157s ago: executing program 6 (id=1105):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r3 = io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e6, 0x2, 0x2, 0xf2})
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r3, 0x12, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r3, 0x13, &(0x7f0000000400)=[0xe758, 0x8], 0x2)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, &(0x7f0000000180)={0x1, 0x1, 0x8001, 0x1}, 0x10)
read$FUSE(r2, &(0x7f0000000880)={0x2020}, 0x2020)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x8, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0x5, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x7, 0x1, 0x407, 0x5, 0xfffffff7, 0x8, 0x4006, 0x6, 0x7, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x9, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012b, 0x8004, 0x5, 0x6, 0x129432e2, 0x1, 0xf9, 0xe, 0x10, 0x6c7, 0x9, 0xfffffffc, 0x80000003, 0x203, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xa1, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ff, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x401, 0x101, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfdffffff, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x250, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x404, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x2, 0x5, 0x8, 0x401, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xdfe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x6, 0x40, 0x0, 0x7ff, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x0, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x7, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0xfffffff9, 0xc8, 0x9, 0xfffff000, 0x7, 0x3, 0x7e, 0x100, 0x9602, 0x1ff, 0xaf, 0xfffffff9, 0x6, 0x226, 0x5, 0x7, 0x8, 0x30b1d693, 0xa21, 0x1000f40, 0x5, 0x1, 0x6c1b, 0x0, 0x4, 0xffef, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x40fff]}, 0x45c)
request_key(&(0x7f0000000480)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000100)='\\\\@}\x01\x00\x00@\xf5\xe2\xdbE\xc0P\x02\xe0\xf2\xaa\xe6\x00\x00\x00\x00\x00\x00\x00\xd0\xa1B\x80\xd3\xcc\x06D\a\x00\x00\x00\x00\x00\x00\x04)\'\x03t\xcd\xe8\xd0u\x01\xff\x01\xd1', 0xfffffffffffffffe)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/keys\x00', 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
read$FUSE(r5, &(0x7f0000000940)={0x2020}, 0x2020)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f00000001c0)=0x7fffffff, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000300)={0xc9, 0x0, 0xc})
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffdfffff9, 0x4031, 0xffffffffffffffff, 0xb7b56000)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1.204043333s ago: executing program 5 (id=1106):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}, 0x0)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000389000/0x4000)=nil)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f00000002c0)="c633c3b6ccb0aaba4a9598afb6de3218289f118157aa73dc545efbdd923c5e5d52183c380dfbda11e4f3c16c7709736269576c4395fed2a03062be4261deb1bb5493677795481b0deae8587d5cf768bcfc9dfa70efd87a639ae62bec9b74a061e39ac5f6e88ecd4703149871157603bf62ca40aa4e25a4ed25a76179b3d4", 0x7e, 0xfffffffffffffffe)

443.258ms ago: executing program 3 (id=1107):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000001040104000000000000000002000004080004400000000705000100010000000800034000000040e0"], 0x2c}, 0x1, 0x0, 0x0, 0xc810}, 0x4048040)

361.328031ms ago: executing program 6 (id=1108):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x3f, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
set_mempolicy(0x8004, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r1, 0x114, 0x5, &(0x7f0000019440)=""/102400, &(0x7f00000000c0)=0x19000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x9, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bind$alg(r4, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NAME_TABLE_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="69db2abd7000fcdbd7251000000076a557c07c61d71a1f6ce424f53dfd833836d53515d6a49c4ab1933a3ad0eb9a4d9e6513899a893a0c9501905fac6c0e7f59c148286d4148deacfcea596a964a87194e6e4082ed"], 0x14}, 0x1, 0x0, 0x0, 0x801}, 0x4004880)
r7 = accept4(r4, 0x0, 0x0, 0x80000)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
sendmmsg$unix(r7, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x9802}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

88.196923ms ago: executing program 3 (id=1109):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000300), 0xa0141, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0x40103e05, &(0x7f0000000280)={"31ec861d1bdbb2f104dd52ad43b7db21214d0677cda6247cb86c05e119883e3f"})

0s ago: executing program 3 (id=1110):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket(0x1, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000180), &(0x7f00000000c0)=@udp6=r2, 0x1}, 0x20)
bind$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000500)=[{{&(0x7f0000000180)=@generic, 0x80, 0x0, 0x0, &(0x7f0000000900)=""/114, 0x72}, 0x3}, {{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000980)=""/177, 0xb1}, {&(0x7f0000000a40)=""/209, 0xd1}, {&(0x7f0000000cc0)=""/253, 0xfd}, {0x0}, {&(0x7f00000016c0)=""/4096, 0x1000}, {&(0x7f0000000e40)=""/168, 0xa8}], 0x6}, 0xd0000}, {{&(0x7f0000000f80)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000001000)=""/185, 0xb9}, {&(0x7f00000010c0)=""/233, 0xe9}, {&(0x7f00000011c0)=""/191, 0xbf}], 0x3, &(0x7f0000001280)=""/210, 0xd2}, 0x7}, {{&(0x7f0000001380)=@l2tp6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000000240)=[{&(0x7f0000001400)=""/174, 0xae}, {&(0x7f00000014c0)=""/86, 0x56}], 0x2, &(0x7f0000001540)=""/16, 0x10}, 0x170}], 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x0)
r5 = openat$binfmt(0xffffffffffffff9c, r3, 0x2, 0x0)
close(r5)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r6, 0x108000)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x81, &(0x7f0000000240)={0x3, 0x11, 0x5, 0x5360, 0x7}, 0x10, 0x6, 0x81, 0x0, 0x1, 0x101, 0x0})
sched_setscheduler(0x0, 0x0, &(0x7f0000000400)=0x6)
execveat$binfmt(0xffffffffffffff9c, r3, &(0x7f00000004c0)={[&(0x7f0000000000)='\x00', &(0x7f00000003c0)=')!}\x00']}, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x6000, 0x10, 0x0)
mremap(&(0x7f00004a9000/0x1000)=nil, 0x1000, 0x2000, 0x7, &(0x7f0000ffd000/0x2000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
syz_open_procfs$pagemap(0x0, &(0x7f0000001080))

kernel console output (not intermixed with test programs):

.807877][ T8273] RBP: 00007f6337cd7090 R08: 0000000000000000 R09: 0000000000000000
[  227.807883][ T8273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.807889][ T8273] R13: 00007f6336fe6038 R14: 00007f6336fe5fa0 R15: 00007f633710fa28
[  227.807904][ T8273]  </TASK>
[  228.520327][ T8279] FAULT_INJECTION: forcing a failure.
[  228.520327][ T8279] name failslab, interval 1, probability 0, space 0, times 0
[  228.553709][ T8279] CPU: 0 UID: 0 PID: 8279 Comm: syz.0.654 Not tainted syzkaller #0 PREEMPT(full) 
[  228.553734][ T8279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  228.553745][ T8279] Call Trace:
[  228.553751][ T8279]  <TASK>
[  228.553759][ T8279]  dump_stack_lvl+0x189/0x250
[  228.553784][ T8279]  ? __pfx____ratelimit+0x10/0x10
[  228.553802][ T8279]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.553822][ T8279]  ? __pfx__printk+0x10/0x10
[  228.553849][ T8279]  ? __pfx___might_resched+0x10/0x10
[  228.553871][ T8279]  should_fail_ex+0x414/0x560
[  228.553911][ T8279]  ? traverse+0xd9/0x570
[  228.553928][ T8279]  should_failslab+0xa8/0x100
[  228.553952][ T8279]  __kvmalloc_node_noprof+0x161/0x5f0
[  228.553974][ T8279]  ? traverse+0xd9/0x570
[  228.553998][ T8279]  traverse+0xd9/0x570
[  228.554019][ T8279]  ? aa_file_perm+0x13a/0x1550
[  228.554040][ T8279]  ? aa_file_perm+0x13a/0x1550
[  228.554061][ T8279]  seq_read_iter+0xcfe/0xe10
[  228.554078][ T8279]  ? _parse_integer_limit+0x1ae/0x1f0
[  228.554105][ T8279]  ? __asan_memset+0x22/0x50
[  228.554129][ T8279]  seq_read+0x369/0x480
[  228.554151][ T8279]  ? __pfx_seq_read+0x10/0x10
[  228.554189][ T8279]  ? __pfx_seq_read+0x10/0x10
[  228.554205][ T8279]  proc_reg_read+0x1e9/0x2e0
[  228.554226][ T8279]  ? __pfx_proc_reg_read+0x10/0x10
[  228.554248][ T8279]  vfs_read+0x200/0xa30
[  228.554276][ T8279]  ? __pfx_vfs_read+0x10/0x10
[  228.554298][ T8279]  ? __fget_files+0x2a/0x420
[  228.554316][ T8279]  ? __fget_files+0x2a/0x420
[  228.554330][ T8279]  ? __fget_files+0x3a0/0x420
[  228.554344][ T8279]  ? __fget_files+0x2a/0x420
[  228.554369][ T8279]  __x64_sys_pread64+0x193/0x220
[  228.554393][ T8279]  ? __pfx___x64_sys_pread64+0x10/0x10
[  228.554412][ T8279]  ? rcu_is_watching+0x15/0xb0
[  228.554434][ T8279]  ? do_syscall_64+0xbe/0x3b0
[  228.554456][ T8279]  do_syscall_64+0xfa/0x3b0
[  228.554473][ T8279]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.554489][ T8279]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.554506][ T8279]  ? clear_bhb_loop+0x60/0xb0
[  228.554526][ T8279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.554543][ T8279] RIP: 0033:0x7f4ce798eec9
[  228.554559][ T8279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.554574][ T8279] RSP: 002b:00007f4ce8754038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  228.554592][ T8279] RAX: ffffffffffffffda RBX: 00007f4ce7be5fa0 RCX: 00007f4ce798eec9
[  228.554606][ T8279] RDX: 0000000000018fd4 RSI: 0000200000000080 RDI: 0000000000000003
[  228.554617][ T8279] RBP: 00007f4ce8754090 R08: 0000000000000000 R09: 0000000000000000
[  228.554627][ T8279] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000001
[  228.554638][ T8279] R13: 00007f4ce7be6038 R14: 00007f4ce7be5fa0 R15: 00007f4ce7d0fa28
[  228.554665][ T8279]  </TASK>
[  229.039285][ T8281] netlink: 8 bytes leftover after parsing attributes in process `syz.6.655'.
[  229.080343][ T8281] netlink: 12 bytes leftover after parsing attributes in process `syz.6.655'.
[  229.119751][ T8281] netlink: 'syz.6.655': attribute type 20 has an invalid length.
[  229.531974][ T8304] netlink: 40 bytes leftover after parsing attributes in process `syz.3.664'.
[  229.600970][ T8307] netlink: 20 bytes leftover after parsing attributes in process `syz.0.666'.
[  229.691105][ T8307] vlan2: entered promiscuous mode
[  230.254578][ T8320] netlink: 8 bytes leftover after parsing attributes in process `syz.5.665'.
[  230.263711][ T8320] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  230.271383][ T8320] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  231.189683][ T8334] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.672'.
[  231.517641][ T8334] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  232.513673][ T8362] netlink: 36 bytes leftover after parsing attributes in process `syz.5.680'.
[  232.558893][ T5873] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  233.018799][ T5873] usb 7-1: Using ep0 maxpacket: 8
[  233.020112][ T8362] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  233.064618][ T5873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.152205][ T5873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.240342][ T5873] usb 7-1: New USB device found, idVendor=056a, idProduct=0000, bcdDevice= 0.00
[  233.254491][ T5873] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.265140][ T5873] usb 7-1: config 0 descriptor??
[  233.750000][ T5873] usbhid 7-1:0.0: can't add hid device: -71
[  233.762536][ T5873] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  233.819726][ T5873] usb 7-1: USB disconnect, device number 2
[  234.693824][ T8402] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  234.957841][ T8406] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  235.537903][ T8416] fuse: Unknown parameter '0xffffffffffffffff'
[  235.564649][ T5939] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  235.800395][ T5873] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  235.917329][ T5939] usb 4-1: Using ep0 maxpacket: 16
[  235.956056][ T5939] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  235.984342][ T5939] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  236.034292][ T5939] usb 4-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice=f4.95
[  236.045315][ T8420] FAULT_INJECTION: forcing a failure.
[  236.045315][ T8420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.091679][ T5939] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.129148][ T5873] usb 6-1: Using ep0 maxpacket: 8
[  236.135300][ T5939] usb 4-1: Product: syz
[  236.143817][ T8420] CPU: 0 UID: 0 PID: 8420 Comm: syz.1.692 Not tainted syzkaller #0 PREEMPT(full) 
[  236.143842][ T8420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  236.143852][ T8420] Call Trace:
[  236.143860][ T8420]  <TASK>
[  236.143868][ T8420]  dump_stack_lvl+0x189/0x250
[  236.143893][ T8420]  ? __pfx____ratelimit+0x10/0x10
[  236.143912][ T8420]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.143931][ T8420]  ? __pfx__printk+0x10/0x10
[  236.143952][ T8420]  ? __might_fault+0xb0/0x130
[  236.143985][ T8420]  should_fail_ex+0x414/0x560
[  236.144013][ T8420]  _copy_from_iter+0x1de/0x1790
[  236.144040][ T8420]  ? rcu_is_watching+0x15/0xb0
[  236.144059][ T8420]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  236.144082][ T8420]  ? __pfx__copy_from_iter+0x10/0x10
[  236.144103][ T8420]  ? __build_skb_around+0x257/0x3e0
[  236.144126][ T8420]  ? netlink_sendmsg+0x642/0xb30
[  236.144142][ T8420]  ? skb_put+0x11b/0x210
[  236.144164][ T8420]  netlink_sendmsg+0x6b2/0xb30
[  236.144199][ T8420]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.144221][ T8420]  ? aa_sock_msg_perm+0xf1/0x1d0
[  236.144240][ T8420]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  236.144258][ T8420]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.144277][ T8420]  __sock_sendmsg+0x21c/0x270
[  236.144304][ T8420]  ____sys_sendmsg+0x505/0x830
[  236.144329][ T8420]  ? __pfx_____sys_sendmsg+0x10/0x10
[  236.144358][ T8420]  ? import_iovec+0x74/0xa0
[  236.144381][ T8420]  ___sys_sendmsg+0x21f/0x2a0
[  236.144404][ T8420]  ? __pfx____sys_sendmsg+0x10/0x10
[  236.144459][ T8420]  ? __fget_files+0x2a/0x420
[  236.144473][ T8420]  ? __fget_files+0x3a0/0x420
[  236.144499][ T8420]  __x64_sys_sendmsg+0x19b/0x260
[  236.144521][ T8420]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  236.144551][ T8420]  ? __pfx_ksys_write+0x10/0x10
[  236.144570][ T8420]  ? rcu_is_watching+0x15/0xb0
[  236.144591][ T8420]  ? do_syscall_64+0xbe/0x3b0
[  236.144613][ T8420]  do_syscall_64+0xfa/0x3b0
[  236.144630][ T8420]  ? lockdep_hardirqs_on+0x9c/0x150
[  236.144647][ T8420]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.144664][ T8420]  ? clear_bhb_loop+0x60/0xb0
[  236.144684][ T8420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.144707][ T8420] RIP: 0033:0x7ff82f18eec9
[  236.144721][ T8420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.144736][ T8420] RSP: 002b:00007ff830054038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  236.144754][ T8420] RAX: ffffffffffffffda RBX: 00007ff82f3e5fa0 RCX: 00007ff82f18eec9
[  236.144767][ T8420] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000003
[  236.144778][ T8420] RBP: 00007ff830054090 R08: 0000000000000000 R09: 0000000000000000
[  236.144789][ T8420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.144803][ T8420] R13: 00007ff82f3e6038 R14: 00007ff82f3e5fa0 R15: 00007ff82f50fa28
[  236.144832][ T8420]  </TASK>
[  236.148769][ T5939] usb 4-1: Manufacturer: syz
[  236.469568][ T5873] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[  236.488036][ T5873] usb 6-1: config 0 has no interface number 0
[  236.621374][ T5873] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  236.634532][ T5873] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.777877][ T5873] usb 6-1: Product: syz
[  236.782665][ T5873] usb 6-1: Manufacturer: syz
[  236.851610][ T5873] usb 6-1: SerialNumber: syz
[  236.916404][ T5873] usb 6-1: config 0 descriptor??
[  237.135317][ T8435] trusted_key: encrypted_key: master key parameter 'sbiWlC��Ҡ0b�Baޱ�T�gw�H��X}\�h����p��zc��+�t�a�����G�qv�b�@�N%��%�ay��' is invalid
[  237.198055][ T8416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  237.236625][ T8416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  237.291026][ T5939] usb 4-1: SerialNumber: syz
[  237.303131][ T5939] usb 4-1: config 0 descriptor??
[  237.315835][ T8412] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  237.329113][ T8412] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  237.570736][ T5939] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  237.739287][ T5939] asix 4-1:0.0: probe with driver asix failed with error -71
[  237.807040][ T5939] usb 4-1: USB disconnect, device number 18
[  238.657282][ T8447] netlink: 12 bytes leftover after parsing attributes in process `syz.1.702'.
[  238.688851][ T5873] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[  238.905876][ T5873] usb 6-1: No streaming interface found for terminal 6.
[  238.930295][ T5873] usb 6-1: USB disconnect, device number 7
[  238.999778][ T8447] vlan2: entered promiscuous mode
[  239.264045][ T8452] FAULT_INJECTION: forcing a failure.
[  239.264045][ T8452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.351254][ T8452] CPU: 0 UID: 0 PID: 8452 Comm: syz.6.704 Not tainted syzkaller #0 PREEMPT(full) 
[  239.351278][ T8452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  239.351288][ T8452] Call Trace:
[  239.351293][ T8452]  <TASK>
[  239.351299][ T8452]  dump_stack_lvl+0x189/0x250
[  239.351316][ T8452]  ? __pfx____ratelimit+0x10/0x10
[  239.351328][ T8452]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.351339][ T8452]  ? __pfx__printk+0x10/0x10
[  239.351359][ T8452]  should_fail_ex+0x414/0x560
[  239.351378][ T8452]  _copy_to_user+0x31/0xb0
[  239.351393][ T8452]  simple_read_from_buffer+0xe1/0x170
[  239.351411][ T8452]  proc_fail_nth_read+0x1b3/0x220
[  239.351424][ T8452]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.351437][ T8452]  ? rw_verify_area+0x2a6/0x4d0
[  239.351449][ T8452]  ? __lock_acquire+0xab9/0xd20
[  239.351462][ T8452]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.351474][ T8452]  vfs_read+0x200/0xa30
[  239.351486][ T8452]  ? fdget_pos+0x247/0x320
[  239.351496][ T8452]  ? __pfx___mutex_lock+0x10/0x10
[  239.351508][ T8452]  ? __pfx_vfs_read+0x10/0x10
[  239.351522][ T8452]  ? __fget_files+0x2a/0x420
[  239.351532][ T8452]  ? __fget_files+0x3a0/0x420
[  239.351540][ T8452]  ? __fget_files+0x2a/0x420
[  239.351552][ T8452]  ksys_read+0x145/0x250
[  239.351566][ T8452]  ? __pfx_ksys_read+0x10/0x10
[  239.351578][ T8452]  ? fput+0xa0/0xd0
[  239.351589][ T8452]  ? do_syscall_64+0xbe/0x3b0
[  239.351602][ T8452]  do_syscall_64+0xfa/0x3b0
[  239.351614][ T8452]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.351622][ T8452]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  239.351631][ T8452]  ? clear_bhb_loop+0x60/0xb0
[  239.351643][ T8452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.351652][ T8452] RIP: 0033:0x7f6336d8d8dc
[  239.351662][ T8452] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  239.351671][ T8452] RSP: 002b:00007f6337cd7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  239.351682][ T8452] RAX: ffffffffffffffda RBX: 00007f6336fe5fa0 RCX: 00007f6336d8d8dc
[  239.351689][ T8452] RDX: 000000000000000f RSI: 00007f6337cd70a0 RDI: 0000000000000004
[  239.351695][ T8452] RBP: 00007f6337cd7090 R08: 0000000000000000 R09: 0000000000000000
[  239.351701][ T8452] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.351706][ T8452] R13: 00007f6336fe6038 R14: 00007f6336fe5fa0 R15: 00007f633710fa28
[  239.351721][ T8452]  </TASK>
[  239.620590][ T8456] netlink: 8 bytes leftover after parsing attributes in process `syz.1.705'.
[  239.629642][ T8456] netlink: 12 bytes leftover after parsing attributes in process `syz.1.705'.
[  239.638596][ T8456] netlink: 'syz.1.705': attribute type 20 has an invalid length.
[  240.945553][ T5873] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  241.299311][ T5873] usb 6-1: unable to get BOS descriptor or descriptor too short
[  241.311498][ T5873] usb 6-1: config 176 has an invalid interface number: 218 but max is 0
[  241.351780][ T5873] usb 6-1: config 176 has no interface number 0
[  241.374365][ T5873] usb 6-1: config 176 interface 218 has no altsetting 0
[  241.407206][ T5873] usb 6-1: New USB device found, idVendor=05ac, idProduct=b231, bcdDevice=85.00
[  241.417489][ T5873] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.437526][ T5873] usb 6-1: Product: syz
[  241.455393][ T5873] usb 6-1: Manufacturer: syz
[  241.485964][ T5873] usb 6-1: SerialNumber: syz
[  241.513674][ T8488] syzkaller0: entered promiscuous mode
[  241.521680][ T8488] syzkaller0: entered allmulticast mode
[  241.528430][ T8484] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  241.863745][ T8493] batadv_slave_1: entered promiscuous mode
[  241.917471][ T8493] batadv_slave_1: left promiscuous mode
[  241.997362][ T5873] ipheth 6-1:176.218: Unable to find alternate settings interface
[  242.087649][ T5873] usb 6-1: USB disconnect, device number 8
[  242.305262][ T8498] trusted_key: encrypted_key: master key parameter 'sbiWlC��Ҡ0b�Baޱ�T�gw�H��X}\�h����p��zc��+�t�a�����G�qv�b�@�N%��%�ay��' is invalid
[  244.127540][ T8524] binder: 8523:8524 ioctl c0306201 200000000640 returned -22
[  244.181712][ T8526] FAULT_INJECTION: forcing a failure.
[  244.181712][ T8526] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.228837][ T8526] CPU: 1 UID: 0 PID: 8526 Comm: syz.0.725 Not tainted syzkaller #0 PREEMPT(full) 
[  244.228863][ T8526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  244.228883][ T8526] Call Trace:
[  244.228890][ T8526]  <TASK>
[  244.228897][ T8526]  dump_stack_lvl+0x189/0x250
[  244.228921][ T8526]  ? __pfx____ratelimit+0x10/0x10
[  244.228940][ T8526]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.228957][ T8526]  ? __pfx__printk+0x10/0x10
[  244.228977][ T8526]  ? __might_fault+0xb0/0x130
[  244.229005][ T8526]  should_fail_ex+0x414/0x560
[  244.229032][ T8526]  _copy_from_iter+0x1de/0x1790
[  244.229057][ T8526]  ? rcu_is_watching+0x15/0xb0
[  244.229076][ T8526]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  244.229098][ T8526]  ? __pfx__copy_from_iter+0x10/0x10
[  244.229118][ T8526]  ? __build_skb_around+0x257/0x3e0
[  244.229140][ T8526]  ? netlink_sendmsg+0x642/0xb30
[  244.229157][ T8526]  ? skb_put+0x11b/0x210
[  244.229179][ T8526]  netlink_sendmsg+0x6b2/0xb30
[  244.229207][ T8526]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.229228][ T8526]  ? aa_sock_msg_perm+0xf1/0x1d0
[  244.229247][ T8526]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  244.229264][ T8526]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.229283][ T8526]  __sock_sendmsg+0x21c/0x270
[  244.229310][ T8526]  ____sys_sendmsg+0x505/0x830
[  244.229344][ T8526]  ? __pfx_____sys_sendmsg+0x10/0x10
[  244.229374][ T8526]  ? import_iovec+0x74/0xa0
[  244.229402][ T8526]  ___sys_sendmsg+0x21f/0x2a0
[  244.229424][ T8526]  ? __pfx____sys_sendmsg+0x10/0x10
[  244.229487][ T8526]  ? __fget_files+0x2a/0x420
[  244.229502][ T8526]  ? __fget_files+0x3a0/0x420
[  244.229527][ T8526]  __x64_sys_sendmsg+0x19b/0x260
[  244.229549][ T8526]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  244.229577][ T8526]  ? __pfx_ksys_write+0x10/0x10
[  244.229594][ T8526]  ? rcu_is_watching+0x15/0xb0
[  244.229616][ T8526]  ? do_syscall_64+0xbe/0x3b0
[  244.229637][ T8526]  do_syscall_64+0xfa/0x3b0
[  244.229654][ T8526]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.229670][ T8526]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.229687][ T8526]  ? clear_bhb_loop+0x60/0xb0
[  244.229707][ T8526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.229723][ T8526] RIP: 0033:0x7f4ce798eec9
[  244.229739][ T8526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.229753][ T8526] RSP: 002b:00007f4ce8754038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  244.229773][ T8526] RAX: ffffffffffffffda RBX: 00007f4ce7be5fa0 RCX: 00007f4ce798eec9
[  244.229786][ T8526] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  244.229797][ T8526] RBP: 00007f4ce8754090 R08: 0000000000000000 R09: 0000000000000000
[  244.229808][ T8526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.229818][ T8526] R13: 00007f4ce7be6038 R14: 00007f4ce7be5fa0 R15: 00007f4ce7d0fa28
[  244.229847][ T8526]  </TASK>
[  244.520221][    C1] vkms_vblank_simulate: vblank timer overrun
[  244.592266][ T8531] netlink: 12 bytes leftover after parsing attributes in process `syz.1.726'.
[  244.982678][ T8542] TCP: tcp_parse_options: Illegal window scaling value 94 > 14 received
[  245.709278][  T886] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  245.729502][ T5968] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  245.878939][  T886] usb 2-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  245.888653][  T886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.892160][ T5968] usb 6-1: device descriptor read/64, error -71
[  246.153727][ T5968] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  246.277098][  T886] usb 2-1: Product: syz
[  246.282299][  T886] usb 2-1: Manufacturer: syz
[  246.298633][  T886] usb 2-1: SerialNumber: syz
[  246.309743][  T886] usb 2-1: config 0 descriptor??
[  246.349060][ T5968] usb 6-1: device descriptor read/64, error -71
[  246.520723][  T886] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  246.533338][  T886] asix 2-1:0.0: probe with driver asix failed with error -71
[  246.549374][  T886] usb 2-1: USB disconnect, device number 25
[  246.549374][ T5968] usb usb6-port1: attempt power cycle
[  246.833300][ T8575] netlink: 27 bytes leftover after parsing attributes in process `syz.6.740'.
[  246.961231][ T5968] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  246.991747][ T5968] usb 6-1: device descriptor read/8, error -71
[  247.238918][ T5968] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  247.315139][ T5968] usb 6-1: device descriptor read/8, error -71
[  247.388059][ T8599] netlink: 8 bytes leftover after parsing attributes in process `syz.1.748'.
[  247.429306][ T5968] usb usb6-port1: unable to enumerate USB device
[  247.750641][ T8602] FAULT_INJECTION: forcing a failure.
[  247.750641][ T8602] name failslab, interval 1, probability 0, space 0, times 0
[  247.765245][ T8602] CPU: 0 UID: 0 PID: 8602 Comm: syz.1.750 Not tainted syzkaller #0 PREEMPT(full) 
[  247.765270][ T8602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  247.765281][ T8602] Call Trace:
[  247.765289][ T8602]  <TASK>
[  247.765296][ T8602]  dump_stack_lvl+0x189/0x250
[  247.765329][ T8602]  ? __pfx____ratelimit+0x10/0x10
[  247.765348][ T8602]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.765368][ T8602]  ? __pfx__printk+0x10/0x10
[  247.765395][ T8602]  ? __pfx___might_resched+0x10/0x10
[  247.765416][ T8602]  should_fail_ex+0x414/0x560
[  247.765445][ T8602]  should_failslab+0xa8/0x100
[  247.765469][ T8602]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  247.765490][ T8602]  ? __alloc_skb+0x112/0x2d0
[  247.765513][ T8602]  __alloc_skb+0x112/0x2d0
[  247.765535][ T8602]  bcm_can_tx+0x225/0x980
[  247.765561][ T8602]  ? __local_bh_enable_ip+0x12d/0x1c0
[  247.765585][ T8602]  ? __pfx_bcm_can_tx+0x10/0x10
[  247.765615][ T8602]  bcm_tx_setup+0xe8b/0x1bd0
[  247.765654][ T8602]  bcm_sendmsg+0x45c/0x6a0
[  247.765681][ T8602]  ? __pfx_bcm_sendmsg+0x10/0x10
[  247.765708][ T8602]  ? aa_sock_msg_perm+0xf1/0x1d0
[  247.765725][ T8602]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  247.765741][ T8602]  ? __pfx_bcm_sendmsg+0x10/0x10
[  247.765760][ T8602]  __sock_sendmsg+0x21c/0x270
[  247.765783][ T8602]  ____sys_sendmsg+0x505/0x830
[  247.765807][ T8602]  ? __pfx_____sys_sendmsg+0x10/0x10
[  247.765835][ T8602]  ? import_iovec+0x74/0xa0
[  247.765857][ T8602]  ___sys_sendmsg+0x21f/0x2a0
[  247.765879][ T8602]  ? __pfx____sys_sendmsg+0x10/0x10
[  247.765935][ T8602]  ? __fget_files+0x2a/0x420
[  247.765950][ T8602]  ? __fget_files+0x3a0/0x420
[  247.765976][ T8602]  __x64_sys_sendmsg+0x19b/0x260
[  247.765999][ T8602]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  247.766030][ T8602]  ? __pfx_ksys_write+0x10/0x10
[  247.766049][ T8602]  ? rcu_is_watching+0x15/0xb0
[  247.766070][ T8602]  ? do_syscall_64+0xbe/0x3b0
[  247.766092][ T8602]  do_syscall_64+0xfa/0x3b0
[  247.766108][ T8602]  ? lockdep_hardirqs_on+0x9c/0x150
[  247.766126][ T8602]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.766143][ T8602]  ? clear_bhb_loop+0x60/0xb0
[  247.766164][ T8602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.766180][ T8602] RIP: 0033:0x7ff82f18eec9
[  247.766199][ T8602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.766214][ T8602] RSP: 002b:00007ff830054038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.766233][ T8602] RAX: ffffffffffffffda RBX: 00007ff82f3e5fa0 RCX: 00007ff82f18eec9
[  247.766245][ T8602] RDX: 0000000020000000 RSI: 0000200000000240 RDI: 0000000000000003
[  247.766256][ T8602] RBP: 00007ff830054090 R08: 0000000000000000 R09: 0000000000000000
[  247.766265][ T8602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.766276][ T8602] R13: 00007ff82f3e6038 R14: 00007ff82f3e5fa0 R15: 00007ff82f50fa28
[  247.766304][ T8602]  </TASK>
[  248.678746][ T8614] netlink: 96 bytes leftover after parsing attributes in process `syz.5.753'.
[  249.364209][ T8631] sctp: [Deprecated]: syz.3.757 (pid 8631) Use of struct sctp_assoc_value in delayed_ack socket option.
[  249.364209][ T8631] Use struct sctp_sack_info instead
[  249.560962][ T8622] could not allocate digest TFM handle blake2s-128
[  249.831749][ T8639] FAULT_INJECTION: forcing a failure.
[  249.831749][ T8639] name failslab, interval 1, probability 0, space 0, times 0
[  249.915565][ T8639] CPU: 1 UID: 0 PID: 8639 Comm: syz.3.760 Not tainted syzkaller #0 PREEMPT(full) 
[  249.915591][ T8639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  249.915602][ T8639] Call Trace:
[  249.915609][ T8639]  <TASK>
[  249.915617][ T8639]  dump_stack_lvl+0x189/0x250
[  249.915641][ T8639]  ? __pfx____ratelimit+0x10/0x10
[  249.915662][ T8639]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.915680][ T8639]  ? __pfx__printk+0x10/0x10
[  249.915703][ T8639]  ? __pfx___might_resched+0x10/0x10
[  249.915719][ T8639]  ? fs_reclaim_acquire+0x7d/0x100
[  249.915740][ T8639]  should_fail_ex+0x414/0x560
[  249.915769][ T8639]  should_failslab+0xa8/0x100
[  249.915789][ T8639]  __kmalloc_noprof+0xcb/0x4f0
[  249.915810][ T8639]  ? iovec_from_user+0x87/0x250
[  249.915833][ T8639]  iovec_from_user+0x87/0x250
[  249.915857][ T8639]  __import_iovec+0x163/0x7f0
[  249.915889][ T8639]  import_iovec+0x74/0xa0
[  249.915913][ T8639]  ___sys_recvmsg+0x43a/0x510
[  249.915940][ T8639]  ? __pfx____sys_recvmsg+0x10/0x10
[  249.915985][ T8639]  ? __fget_files+0x3a0/0x420
[  249.916012][ T8639]  do_recvmmsg+0x307/0x770
[  249.916042][ T8639]  ? __pfx_do_recvmmsg+0x10/0x10
[  249.916082][ T8639]  ? _copy_from_user+0x94/0xb0
[  249.916118][ T8639]  __x64_sys_recvmmsg+0x1af/0x240
[  249.916142][ T8639]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  249.916169][ T8639]  ? do_syscall_64+0xbe/0x3b0
[  249.916191][ T8639]  do_syscall_64+0xfa/0x3b0
[  249.916207][ T8639]  ? lockdep_hardirqs_on+0x9c/0x150
[  249.916224][ T8639]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.916241][ T8639]  ? clear_bhb_loop+0x60/0xb0
[  249.916261][ T8639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.916278][ T8639] RIP: 0033:0x7fe8c278eec9
[  249.916293][ T8639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.916307][ T8639] RSP: 002b:00007fe8c3552038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  249.916327][ T8639] RAX: ffffffffffffffda RBX: 00007fe8c29e5fa0 RCX: 00007fe8c278eec9
[  249.916339][ T8639] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  249.916351][ T8639] RBP: 00007fe8c3552090 R08: 0000200000003700 R09: 0000000000000000
[  249.916363][ T8639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.916373][ T8639] R13: 00007fe8c29e6038 R14: 00007fe8c29e5fa0 R15: 00007fe8c2b0fa28
[  249.916402][ T8639]  </TASK>
[  251.091011][ T8649] FAULT_INJECTION: forcing a failure.
[  251.091011][ T8649] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.136166][ T8649] CPU: 1 UID: 0 PID: 8649 Comm: syz.1.763 Not tainted syzkaller #0 PREEMPT(full) 
[  251.136183][ T8649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  251.136190][ T8649] Call Trace:
[  251.136194][ T8649]  <TASK>
[  251.136199][ T8649]  dump_stack_lvl+0x189/0x250
[  251.136216][ T8649]  ? __pfx____ratelimit+0x10/0x10
[  251.136227][ T8649]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.136239][ T8649]  ? __pfx__printk+0x10/0x10
[  251.136252][ T8649]  ? __might_fault+0xb0/0x130
[  251.136271][ T8649]  should_fail_ex+0x414/0x560
[  251.136290][ T8649]  _copy_from_iter+0x1de/0x1790
[  251.136306][ T8649]  ? rcu_is_watching+0x15/0xb0
[  251.136317][ T8649]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  251.136331][ T8649]  ? __pfx__copy_from_iter+0x10/0x10
[  251.136343][ T8649]  ? __build_skb_around+0x257/0x3e0
[  251.136356][ T8649]  ? netlink_sendmsg+0x642/0xb30
[  251.136366][ T8649]  ? skb_put+0x11b/0x210
[  251.136378][ T8649]  netlink_sendmsg+0x6b2/0xb30
[  251.136394][ T8649]  ? __pfx_netlink_sendmsg+0x10/0x10
[  251.136406][ T8649]  ? aa_sock_msg_perm+0xf1/0x1d0
[  251.136417][ T8649]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  251.136427][ T8649]  ? __pfx_netlink_sendmsg+0x10/0x10
[  251.136438][ T8649]  __sock_sendmsg+0x21c/0x270
[  251.136454][ T8649]  ____sys_sendmsg+0x505/0x830
[  251.136469][ T8649]  ? __pfx_____sys_sendmsg+0x10/0x10
[  251.136485][ T8649]  ? import_iovec+0x74/0xa0
[  251.136499][ T8649]  ___sys_sendmsg+0x21f/0x2a0
[  251.136512][ T8649]  ? __pfx____sys_sendmsg+0x10/0x10
[  251.136542][ T8649]  ? __fget_files+0x2a/0x420
[  251.136550][ T8649]  ? __fget_files+0x3a0/0x420
[  251.136564][ T8649]  __x64_sys_sendmsg+0x19b/0x260
[  251.136577][ T8649]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  251.136594][ T8649]  ? __pfx_ksys_write+0x10/0x10
[  251.136606][ T8649]  ? rcu_is_watching+0x15/0xb0
[  251.136618][ T8649]  ? do_syscall_64+0xbe/0x3b0
[  251.136630][ T8649]  do_syscall_64+0xfa/0x3b0
[  251.136640][ T8649]  ? lockdep_hardirqs_on+0x9c/0x150
[  251.136650][ T8649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.136659][ T8649]  ? clear_bhb_loop+0x60/0xb0
[  251.136671][ T8649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.136680][ T8649] RIP: 0033:0x7ff82f18eec9
[  251.136689][ T8649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.136704][ T8649] RSP: 002b:00007ff830054038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  251.136715][ T8649] RAX: ffffffffffffffda RBX: 00007ff82f3e5fa0 RCX: 00007ff82f18eec9
[  251.136722][ T8649] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000005
[  251.136728][ T8649] RBP: 00007ff830054090 R08: 0000000000000000 R09: 0000000000000000
[  251.136734][ T8649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.136740][ T8649] R13: 00007ff82f3e6038 R14: 00007ff82f3e5fa0 R15: 00007ff82f50fa28
[  251.136758][ T8649]  </TASK>
[  252.211073][ T8665] netlink: 20 bytes leftover after parsing attributes in process `syz.3.768'.
[  252.798984][ T5939] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  253.120412][ T5939] usb 4-1: config 16 interface 0 altsetting 75 endpoint 0x7 has invalid maxpacket 1032, setting to 1024
[  253.157275][ T8671] netlink: 'syz.1.770': attribute type 21 has an invalid length.
[  253.165442][ T8671] netlink: 132 bytes leftover after parsing attributes in process `syz.1.770'.
[  253.174840][ T5939] usb 4-1: config 16 interface 0 altsetting 75 endpoint 0x6 has invalid wMaxPacketSize 0
[  253.250551][ T5939] usb 4-1: config 16 interface 0 has no altsetting 0
[  253.283930][ T5939] usb 4-1: New USB device found, idVendor=15c2, idProduct=0036, bcdDevice=bb.7a
[  253.328737][ T5939] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.375187][ T8676] FAULT_INJECTION: forcing a failure.
[  253.375187][ T8676] name failslab, interval 1, probability 0, space 0, times 0
[  253.388849][ T8676] CPU: 1 UID: 0 PID: 8676 Comm: syz.1.771 Not tainted syzkaller #0 PREEMPT(full) 
[  253.388874][ T8676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  253.388883][ T8676] Call Trace:
[  253.388890][ T8676]  <TASK>
[  253.388897][ T8676]  dump_stack_lvl+0x189/0x250
[  253.388920][ T8676]  ? __pfx____ratelimit+0x10/0x10
[  253.388938][ T8676]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.388954][ T8676]  ? __pfx__printk+0x10/0x10
[  253.388979][ T8676]  ? __pfx___might_resched+0x10/0x10
[  253.388993][ T8676]  ? fs_reclaim_acquire+0x7d/0x100
[  253.389012][ T8676]  should_fail_ex+0x414/0x560
[  253.389039][ T8676]  should_failslab+0xa8/0x100
[  253.389058][ T8676]  kmem_cache_alloc_noprof+0x73/0x3c0
[  253.389071][ T8676]  ? _sctp_make_chunk+0x14e/0x430
[  253.389083][ T8676]  _sctp_make_chunk+0x14e/0x430
[  253.389096][ T8676]  sctp_make_datafrag_empty+0x122/0x230
[  253.389107][ T8676]  ? __pfx_sctp_make_datafrag_empty+0x10/0x10
[  253.389116][ T8676]  ? __kasan_kmalloc+0x93/0xb0
[  253.389131][ T8676]  ? sctp_auth_send_cid+0x69/0x250
[  253.389143][ T8676]  sctp_datamsg_from_user+0x729/0xef0
[  253.389165][ T8676]  ? __genradix_ptr+0x1e1/0x220
[  253.389180][ T8676]  sctp_sendmsg_to_asoc+0x1003/0x1810
[  253.389196][ T8676]  ? __lock_acquire+0xab9/0xd20
[  253.389218][ T8676]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  253.389230][ T8676]  ? __local_bh_enable_ip+0x12d/0x1c0
[  253.389240][ T8676]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  253.389250][ T8676]  ? sctp_sendmsg_check_sflags+0x18d/0x2e0
[  253.389265][ T8676]  sctp_sendmsg+0x1941/0x2810
[  253.389282][ T8676]  ? __pfx_sctp_sendmsg+0x10/0x10
[  253.389295][ T8676]  ? aa_sk_perm+0x81e/0x950
[  253.389313][ T8676]  ? __pfx_aa_sk_perm+0x10/0x10
[  253.389329][ T8676]  ? sock_rps_record_flow+0x19/0x410
[  253.389345][ T8676]  ? inet_sendmsg+0x2f4/0x370
[  253.389358][ T8676]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  253.389370][ T8676]  __sock_sendmsg+0x19c/0x270
[  253.389394][ T8676]  sock_write_iter+0x258/0x330
[  253.389418][ T8676]  ? __pfx_sock_write_iter+0x10/0x10
[  253.389437][ T8676]  ? bpf_lsm_file_permission+0x9/0x20
[  253.389448][ T8676]  ? security_file_permission+0x75/0x290
[  253.389466][ T8676]  vfs_write+0x5c9/0xb30
[  253.389482][ T8676]  ? __pfx_sock_write_iter+0x10/0x10
[  253.389498][ T8676]  ? __pfx_vfs_write+0x10/0x10
[  253.389516][ T8676]  ? __fget_files+0x2a/0x420
[  253.389530][ T8676]  ksys_write+0x145/0x250
[  253.389544][ T8676]  ? __pfx_ksys_write+0x10/0x10
[  253.389555][ T8676]  ? rcu_is_watching+0x15/0xb0
[  253.389568][ T8676]  ? do_syscall_64+0xbe/0x3b0
[  253.389581][ T8676]  do_syscall_64+0xfa/0x3b0
[  253.389591][ T8676]  ? lockdep_hardirqs_on+0x9c/0x150
[  253.389600][ T8676]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.389610][ T8676]  ? clear_bhb_loop+0x60/0xb0
[  253.389622][ T8676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.389631][ T8676] RIP: 0033:0x7ff82f18eec9
[  253.389640][ T8676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.389649][ T8676] RSP: 002b:00007ff830054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  253.389660][ T8676] RAX: ffffffffffffffda RBX: 00007ff82f3e5fa0 RCX: 00007ff82f18eec9
[  253.389667][ T8676] RDX: 000000000000fd87 RSI: 00002000000000c0 RDI: 0000000000000004
[  253.389673][ T8676] RBP: 00007ff830054090 R08: 0000000000000000 R09: 0000000000000000
[  253.389679][ T8676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.389685][ T8676] R13: 00007ff82f3e6038 R14: 00007ff82f3e5fa0 R15: 00007ff82f50fa28
[  253.389700][ T8676]  </TASK>
[  253.934961][ T8667] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  254.158223][ T5939] usb 4-1: string descriptor 0 read error: -71
[  254.179990][ T5939] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  254.188854][ T5939] imon 4-1:16.0: unable to initialize intf0, err -19
[  254.218845][ T5939] imon:imon_probe: failed to initialize context!
[  254.225319][ T5939] imon 4-1:16.0: unable to register, err -19
[  254.292444][ T5939] usb 4-1: USB disconnect, device number 19
[  254.353244][ T8684] netlink: 'syz.1.774': attribute type 2 has an invalid length.
[  254.590314][ T8691] netlink: 20 bytes leftover after parsing attributes in process `syz.5.777'.
[  254.607424][ T8691] vlan2: entered promiscuous mode
[  254.613128][ T8691] team0: entered promiscuous mode
[  254.618419][ T8691] team_slave_0: entered promiscuous mode
[  254.778442][ T8691] team_slave_1: entered promiscuous mode
[  255.040126][ T5873] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  255.548875][ T5873] usb 2-1: Using ep0 maxpacket: 8
[  255.574398][ T5873] usb 2-1: config 92 has an invalid interface number: 31 but max is 1
[  255.584067][ T5873] usb 2-1: config 92 contains an unexpected descriptor of type 0x1, skipping
[  255.697540][ T5873] usb 2-1: config 92 has an invalid interface number: 122 but max is 1
[  255.735934][ T5873] usb 2-1: config 92 has no interface number 0
[  255.751628][ T5873] usb 2-1: config 92 has no interface number 1
[  255.781865][ T5873] usb 2-1: config 92 interface 31 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[  255.802074][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  255.808508][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  255.958562][ T5873] usb 2-1: config 92 interface 31 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[  256.190788][ T5873] usb 2-1: config 92 interface 31 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[  256.192024][ T8701] could not allocate digest TFM handle blake2s-128
[  256.229121][ T5873] usb 2-1: config 92 interface 31 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[  256.260823][ T5873] usb 2-1: config 92 interface 31 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[  256.339073][ T5873] usb 2-1: config 92 interface 31 altsetting 127 endpoint 0x1 has invalid wMaxPacketSize 0
[  256.369029][ T5873] usb 2-1: config 92 interface 122 altsetting 64 endpoint 0x5 has invalid maxpacket 512, setting to 64
[  256.380285][ T5873] usb 2-1: config 92 interface 31 has no altsetting 0
[  256.398097][ T5873] usb 2-1: config 92 interface 122 has no altsetting 0
[  256.421018][ T5873] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=c2.a4
[  256.433844][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.445324][ T5873] usb 2-1: Product: В
[  256.456178][ T5873] usb 2-1: Manufacturer: 
[  256.472757][ T5873] usb 2-1: SerialNumber: syz
[  256.497971][ T8689] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  256.963722][ T5873] usb_ehset_test 2-1:92.31: probe with driver usb_ehset_test failed with error -32
[  257.088872][ T5873] usb_ehset_test 2-1:92.122: probe with driver usb_ehset_test failed with error -32
[  257.110158][ T8721] netlink: 20 bytes leftover after parsing attributes in process `syz.0.788'.
[  257.120629][ T8722] nftables ruleset with unbound set
[  257.136273][ T5873] usb 2-1: USB disconnect, device number 26
[  257.272696][ T5968] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  257.294530][ T8725] netlink: 'syz.3.787': attribute type 33 has an invalid length.
[  257.313109][ T8725] netlink: 152 bytes leftover after parsing attributes in process `syz.3.787'.
[  257.439092][ T5968] usb 7-1: Using ep0 maxpacket: 8
[  257.455206][ T5968] usb 7-1: config index 0 descriptor too short (expected 1033, got 36)
[  257.464356][ T5968] usb 7-1: config 7 has an invalid descriptor of length 1, skipping remainder of the config
[  257.500639][ T5968] usb 7-1: config 7 has no interfaces?
[  257.519581][ T5968] usb 7-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice= 0.40
[  257.554956][ T5968] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.585635][ T5968] usb 7-1: Product: syz
[  257.598797][ T5968] usb 7-1: Manufacturer: syz
[  257.603439][ T5968] usb 7-1: SerialNumber: syz
[  257.706459][ T8737] syzkaller0: entered promiscuous mode
[  257.748808][ T8737] syzkaller0: entered allmulticast mode
[  257.924738][ T8737] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  258.358261][ T8754] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  258.458494][ T5968] usb 7-1: USB disconnect, device number 3
[  259.300120][ T8767] unsupported nla_type 52263
[  259.637435][ T8775] FAULT_INJECTION: forcing a failure.
[  259.637435][ T8775] name failslab, interval 1, probability 0, space 0, times 0
[  259.670869][ T8775] CPU: 1 UID: 0 PID: 8775 Comm: syz.0.802 Not tainted syzkaller #0 PREEMPT(full) 
[  259.670893][ T8775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  259.670902][ T8775] Call Trace:
[  259.670909][ T8775]  <TASK>
[  259.670916][ T8775]  dump_stack_lvl+0x189/0x250
[  259.670950][ T8775]  ? __pfx____ratelimit+0x10/0x10
[  259.670968][ T8775]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.670986][ T8775]  ? __pfx__printk+0x10/0x10
[  259.671012][ T8775]  ? __pfx___might_resched+0x10/0x10
[  259.671026][ T8775]  ? fs_reclaim_acquire+0x7d/0x100
[  259.671045][ T8775]  should_fail_ex+0x414/0x560
[  259.671073][ T8775]  should_failslab+0xa8/0x100
[  259.671097][ T8775]  __kmalloc_noprof+0xcb/0x4f0
[  259.671117][ T8775]  ? kfree+0x4d/0x440
[  259.671132][ T8775]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  259.671162][ T8775]  tomoyo_realpath_from_path+0xe3/0x5d0
[  259.671180][ T8775]  ? tomoyo_domain+0xd9/0x130
[  259.671202][ T8775]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  259.671223][ T8775]  tomoyo_path_number_perm+0x1e8/0x5a0
[  259.671246][ T8775]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  259.671282][ T8775]  ? __lock_acquire+0xab9/0xd20
[  259.671320][ T8775]  ? __fget_files+0x2a/0x420
[  259.671337][ T8775]  ? __fget_files+0x2a/0x420
[  259.671350][ T8775]  ? __fget_files+0x3a0/0x420
[  259.671364][ T8775]  ? __fget_files+0x2a/0x420
[  259.671383][ T8775]  security_file_ioctl+0xcb/0x2d0
[  259.671406][ T8775]  __se_sys_ioctl+0x47/0x170
[  259.671428][ T8775]  do_syscall_64+0xfa/0x3b0
[  259.671445][ T8775]  ? lockdep_hardirqs_on+0x9c/0x150
[  259.671461][ T8775]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.671476][ T8775]  ? clear_bhb_loop+0x60/0xb0
[  259.671495][ T8775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.671510][ T8775] RIP: 0033:0x7f4ce798eec9
[  259.671525][ T8775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.671539][ T8775] RSP: 002b:00007f4ce5bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.671556][ T8775] RAX: ffffffffffffffda RBX: 00007f4ce7be6090 RCX: 00007f4ce798eec9
[  259.671568][ T8775] RDX: 0000000000000000 RSI: 0000000000004c09 RDI: 0000000000000004
[  259.671578][ T8775] RBP: 00007f4ce5bf6090 R08: 0000000000000000 R09: 0000000000000000
[  259.671589][ T8775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.671600][ T8775] R13: 00007f4ce7be6128 R14: 00007f4ce7be6090 R15: 00007f4ce7d0fa28
[  259.671627][ T8775]  </TASK>
[  259.671971][ T8775] ERROR: Out of memory at tomoyo_realpath_from_path.
[  260.134659][ T8778] netlink: 'syz.3.803': attribute type 33 has an invalid length.
[  260.169726][ T8778] netlink: 152 bytes leftover after parsing attributes in process `syz.3.803'.
[  260.463507][ T8788] netlink: 20 bytes leftover after parsing attributes in process `syz.1.806'.
[  260.488794][ T5968] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  260.515052][ T8788] vlan2: entered promiscuous mode
[  260.530403][ T8788] team0: entered promiscuous mode
[  260.539871][ T8788] team_slave_0: entered promiscuous mode
[  260.566313][ T8788] team_slave_1: entered promiscuous mode
[  260.693150][ T5968] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  260.753138][ T5968] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.774816][ T8792] netlink: 20 bytes leftover after parsing attributes in process `syz.6.809'.
[  260.829787][ T5968] usb 1-1: config 0 descriptor??
[  261.122865][ T8785] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x1
[  261.134368][ T5968] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  261.352495][ T8785] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.386299][ T8785] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.408438][ T5968] [drm:udl_init] *ERROR* Selecting channel failed
[  261.483022][ T5968] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  261.497139][ T5968] [drm] Initialized udl on minor 2
[  261.532879][ T5968] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  261.595791][ T5968] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  261.796973][ T5873] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  261.814506][ T5968] usb 1-1: USB disconnect, device number 22
[  261.829039][ T5873] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  262.121865][ T8816] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  262.131723][ T8816] FAULT_INJECTION: forcing a failure.
[  262.131723][ T8816] name failslab, interval 1, probability 0, space 0, times 0
[  262.144796][ T8816] CPU: 1 UID: 0 PID: 8816 Comm: syz.0.815 Not tainted syzkaller #0 PREEMPT(full) 
[  262.144822][ T8816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  262.144833][ T8816] Call Trace:
[  262.144841][ T8816]  <TASK>
[  262.144849][ T8816]  dump_stack_lvl+0x189/0x250
[  262.144875][ T8816]  ? __pfx____ratelimit+0x10/0x10
[  262.144895][ T8816]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.144915][ T8816]  ? __pfx__printk+0x10/0x10
[  262.144941][ T8816]  ? __rt6_find_exception_rcu+0x127/0x4c0
[  262.144971][ T8816]  should_fail_ex+0x414/0x560
[  262.145001][ T8816]  should_failslab+0xa8/0x100
[  262.145022][ T8816]  ? __pfx_ip6_dst_gc+0x10/0x10
[  262.145039][ T8816]  kmem_cache_alloc_noprof+0x73/0x3c0
[  262.145059][ T8816]  ? dst_alloc+0x105/0x170
[  262.145081][ T8816]  ? __pfx_ip6_dst_gc+0x10/0x10
[  262.145102][ T8816]  dst_alloc+0x105/0x170
[  262.145128][ T8816]  ip6_pol_route+0xa21/0x1180
[  262.145149][ T8816]  ? ip6_pol_route+0x162/0x1180
[  262.145175][ T8816]  ? __pfx_ip6_pol_route+0x10/0x10
[  262.145216][ T8816]  fib6_rule_lookup+0x348/0x6f0
[  262.145240][ T8816]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  262.145262][ T8816]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  262.145287][ T8816]  ? ip6_route_output_flags+0x2e/0x5d0
[  262.145311][ T8816]  ? ip6_route_output_flags+0x2e/0x5d0
[  262.145349][ T8816]  ip6_route_output_flags+0x364/0x5d0
[  262.145370][ T8816]  ? ip6_route_output_flags+0x2e/0x5d0
[  262.145394][ T8816]  ip6_dst_lookup_tail+0x299/0x1510
[  262.145421][ T8816]  ? percpu_ref_get_many+0x19/0x140
[  262.145444][ T8816]  ? percpu_ref_get_many+0x19/0x140
[  262.145472][ T8816]  ? __pfx_ip6_dst_lookup_tail+0x10/0x10
[  262.145500][ T8816]  ? inet6_csk_route_req+0x189/0x710
[  262.145528][ T8816]  ip6_dst_lookup_flow+0x47/0xe0
[  262.145567][ T8816]  inet6_csk_route_req+0x508/0x710
[  262.145584][ T8816]  ? apparmor_inet_conn_request+0xd6/0x320
[  262.145624][ T8816]  ? __pfx_inet6_csk_route_req+0x10/0x10
[  262.145645][ T8816]  ? tcp_v6_route_req+0x37e/0x4c0
[  262.145673][ T8816]  tcp_conn_request+0xbbd/0x3460
[  262.145711][ T8816]  ? finish_task_switch+0x18b/0x950
[  262.145740][ T8816]  ? __pfx_tcp_conn_request+0x10/0x10
[  262.145756][ T8816]  ? __lock_acquire+0xab9/0xd20
[  262.145786][ T8816]  ? reuseport_select_sock+0x9e/0xdc0
[  262.145810][ T8816]  ? __lock_acquire+0xab9/0xd20
[  262.145857][ T8816]  ? tcp_v6_conn_request+0x254/0x370
[  262.145878][ T8816]  ? tcp_rcv_state_process+0x20a/0x4140
[  262.145901][ T8816]  tcp_rcv_state_process+0x196d/0x4140
[  262.145937][ T8816]  ? sk_filter_trim_cap+0x1d0/0x9d0
[  262.145958][ T8816]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[  262.145983][ T8816]  ? sk_filter_trim_cap+0x61c/0x9d0
[  262.146011][ T8816]  ? __pfx_tcp_inbound_hash+0x10/0x10
[  262.146027][ T8816]  ? sk_filter_trim_cap+0x1d0/0x9d0
[  262.146053][ T8816]  tcp_v6_do_rcv+0x89d/0x13f0
[  262.146075][ T8816]  ? tcp_v6_fill_cb+0x260/0x4c0
[  262.146101][ T8816]  tcp_v6_rcv+0x20ea/0x2c30
[  262.146167][ T8816]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  262.146187][ T8816]  ? fib6_rule_lookup+0x3a1/0x6f0
[  262.146219][ T8816]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  262.146237][ T8816]  ip6_protocol_deliver_rcu+0xcb0/0x15c0
[  262.146286][ T8816]  ip6_input_finish+0x191/0x370
[  262.146309][ T8816]  NF_HOOK+0x30c/0x3a0
[  262.146329][ T8816]  ? __pfx_ip6_input_finish+0x10/0x10
[  262.146345][ T8816]  ? NF_HOOK+0x9a/0x3a0
[  262.146361][ T8816]  ? __pfx_NF_HOOK+0x10/0x10
[  262.146381][ T8816]  ? __pfx_ip6_input_finish+0x10/0x10
[  262.146412][ T8816]  ip6_input+0x16a/0x270
[  262.146427][ T8816]  ? ip6_input+0x23/0x270
[  262.146447][ T8816]  NF_HOOK+0x30c/0x3a0
[  262.146462][ T8816]  ? skb_orphan+0x4f/0xd0
[  262.146480][ T8816]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  262.146496][ T8816]  ? NF_HOOK+0x9a/0x3a0
[  262.146512][ T8816]  ? __pfx_NF_HOOK+0x10/0x10
[  262.146532][ T8816]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  262.146562][ T8816]  __netif_receive_skb+0xd3/0x380
[  262.146586][ T8816]  ? netif_receive_skb+0x115/0x790
[  262.146615][ T8816]  netif_receive_skb+0x1cb/0x790
[  262.146638][ T8816]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  262.146657][ T8816]  ? __pfx_netif_receive_skb+0x10/0x10
[  262.146686][ T8816]  ? tun_rx_batched+0x160/0x730
[  262.146709][ T8816]  tun_rx_batched+0x1b9/0x730
[  262.146728][ T8816]  ? __lock_acquire+0xab9/0xd20
[  262.146754][ T8816]  ? __pfx_tun_rx_batched+0x10/0x10
[  262.146778][ T8816]  ? tun_get_user+0x266c/0x3e20
[  262.146813][ T8816]  tun_get_user+0x2aa2/0x3e20
[  262.146842][ T8816]  ? tun_get_user+0x6f6/0x3e20
[  262.146862][ T8816]  ? tun_get_user+0x266c/0x3e20
[  262.146885][ T8816]  ? aa_file_perm+0x44d/0x1550
[  262.146904][ T8816]  ? __pfx_tun_get_user+0x10/0x10
[  262.146936][ T8816]  ? __lock_acquire+0xab9/0xd20
[  262.146965][ T8816]  ? ref_tracker_alloc+0x318/0x460
[  262.146980][ T8816]  ? __lock_acquire+0xab9/0xd20
[  262.147000][ T8816]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  262.147021][ T8816]  ? tun_get+0x1c/0x2f0
[  262.147044][ T8816]  ? tun_get+0x1c/0x2f0
[  262.147061][ T8816]  ? tun_get+0x1c/0x2f0
[  262.147081][ T8816]  tun_chr_write_iter+0x113/0x200
[  262.147101][ T8816]  vfs_write+0x5c9/0xb30
[  262.147125][ T8816]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  262.147142][ T8816]  ? __pfx_vfs_write+0x10/0x10
[  262.147173][ T8816]  ? __fget_files+0x2a/0x420
[  262.147197][ T8816]  ksys_write+0x145/0x250
[  262.147220][ T8816]  ? __pfx_ksys_write+0x10/0x10
[  262.147237][ T8816]  ? rcu_is_watching+0x15/0xb0
[  262.147260][ T8816]  ? do_syscall_64+0xbe/0x3b0
[  262.147282][ T8816]  do_syscall_64+0xfa/0x3b0
[  262.147298][ T8816]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.147315][ T8816]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.147331][ T8816]  ? clear_bhb_loop+0x60/0xb0
[  262.147352][ T8816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.147368][ T8816] RIP: 0033:0x7f4ce798d97f
[  262.147384][ T8816] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  262.147398][ T8816] RSP: 002b:00007f4ce8754000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  262.147415][ T8816] RAX: ffffffffffffffda RBX: 00007f4ce7be5fa0 RCX: 00007f4ce798d97f
[  262.147426][ T8816] RDX: 000000000000004a RSI: 0000200000000180 RDI: 00000000000000c8
[  262.147437][ T8816] RBP: 00007f4ce8754090 R08: 0000000000000000 R09: 0000000000000000
[  262.147447][ T8816] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  262.147457][ T8816] R13: 00007f4ce7be6038 R14: 00007f4ce7be5fa0 R15: 00007f4ce7d0fa28
[  262.147486][ T8816]  </TASK>
[  263.108159][ T8822] netlink: 'syz.3.818': attribute type 33 has an invalid length.
[  263.183762][ T8822] netlink: 152 bytes leftover after parsing attributes in process `syz.3.818'.
[  263.365802][ T5873] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  263.549290][ T5873] usb 1-1: Using ep0 maxpacket: 32
[  263.580091][ T5873] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  263.588518][ T5873] usb 1-1: config 0 has no interface number 0
[  263.602501][ T5873] usb 1-1: config 0 interface 184 has no altsetting 0
[  263.638856][ T5968] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  263.647165][ T5873] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  263.661724][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.670499][ T5873] usb 1-1: Product: syz
[  263.674854][ T5873] usb 1-1: Manufacturer: syz
[  263.682621][ T5873] usb 1-1: SerialNumber: syz
[  263.689708][ T5873] usb 1-1: config 0 descriptor??
[  263.698269][ T5873] smsc75xx v1.0.0
[  263.812821][ T5968] usb 6-1: unable to get BOS descriptor or descriptor too short
[  263.823309][ T5968] usb 6-1: config 176 has an invalid interface number: 218 but max is 0
[  263.832813][ T5968] usb 6-1: config 176 has no interface number 0
[  263.839576][ T5968] usb 6-1: config 176 interface 218 has no altsetting 0
[  263.876233][ T5968] usb 6-1: New USB device found, idVendor=05ac, idProduct=b231, bcdDevice=85.00
[  263.886798][ T5968] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.895993][ T5968] usb 6-1: Product: syz
[  263.901900][ T5968] usb 6-1: Manufacturer: syz
[  263.913544][ T5968] usb 6-1: SerialNumber: syz
[  263.979674][  T886] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  264.132190][ T8836] batadv_slave_1: entered promiscuous mode
[  264.139300][ T8836] batadv_slave_1: left promiscuous mode
[  264.172627][ T5968] ipheth 6-1:176.218: Unable to find alternate settings interface
[  264.272489][  T886] usb 4-1: config 0 has an invalid interface number: 29 but max is 0
[  264.284295][  T886] usb 4-1: config 0 has no interface number 0
[  264.301700][  T886] usb 4-1: config 0 interface 29 has no altsetting 0
[  264.325112][  T886] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  264.338985][ T5968] usb 6-1: USB disconnect, device number 13
[  264.347123][  T886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.424563][  T886] usb 4-1: Product: syz
[  264.439667][  T886] usb 4-1: Manufacturer: syz
[  264.444339][  T886] usb 4-1: SerialNumber: syz
[  264.496982][  T886] usb 4-1: config 0 descriptor??
[  264.517048][ T5873] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  264.529053][ T5873] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  264.588629][ T5873] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[  264.603325][ T5873] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -61
[  264.622226][ T5873] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  264.682692][ T5873] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61
[  264.717584][ T5873] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -61
[  264.767570][  T886] peak_usb 4-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  265.071067][ T5968] usb 1-1: USB disconnect, device number 23
[  265.542029][ T8853] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  265.855997][ T8860] netlink: 96 bytes leftover after parsing attributes in process `syz.1.826'.
[  266.489036][  T886] peak_usb 4-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[  266.516710][  T886] peak_usb 4-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[  266.757629][ T8870] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  266.890313][  T886] peak_usb 4-1:0.29: probe with driver peak_usb failed with error -71
[  266.995370][  T886] usb 4-1: USB disconnect, device number 20
[  267.673915][ T8889] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  268.024276][ T8889] netlink: 67 bytes leftover after parsing attributes in process `syz.1.835'.
[  268.170379][ T8893] FAULT_INJECTION: forcing a failure.
[  268.170379][ T8893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.228865][ T8893] CPU: 1 UID: 0 PID: 8893 Comm: syz.0.837 Not tainted syzkaller #0 PREEMPT(full) 
[  268.228882][ T8893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  268.228888][ T8893] Call Trace:
[  268.228893][ T8893]  <TASK>
[  268.228899][ T8893]  dump_stack_lvl+0x189/0x250
[  268.228916][ T8893]  ? __pfx____ratelimit+0x10/0x10
[  268.228927][ T8893]  ? __pfx_dump_stack_lvl+0x10/0x10
[  268.228939][ T8893]  ? __pfx__printk+0x10/0x10
[  268.228953][ T8893]  ? __might_fault+0xb0/0x130
[  268.228972][ T8893]  should_fail_ex+0x414/0x560
[  268.228996][ T8893]  _copy_from_iter+0x1de/0x1790
[  268.229011][ T8893]  ? rcu_is_watching+0x15/0xb0
[  268.229022][ T8893]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  268.229036][ T8893]  ? __pfx__copy_from_iter+0x10/0x10
[  268.229048][ T8893]  ? __build_skb_around+0x257/0x3e0
[  268.229062][ T8893]  ? netlink_sendmsg+0x642/0xb30
[  268.229072][ T8893]  ? skb_put+0x11b/0x210
[  268.229084][ T8893]  netlink_sendmsg+0x6b2/0xb30
[  268.229099][ T8893]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.229111][ T8893]  ? aa_sock_msg_perm+0xf1/0x1d0
[  268.229122][ T8893]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  268.229133][ T8893]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.229143][ T8893]  __sock_sendmsg+0x21c/0x270
[  268.229160][ T8893]  ____sys_sendmsg+0x505/0x830
[  268.229175][ T8893]  ? __pfx_____sys_sendmsg+0x10/0x10
[  268.229191][ T8893]  ? import_iovec+0x74/0xa0
[  268.229205][ T8893]  ___sys_sendmsg+0x21f/0x2a0
[  268.229219][ T8893]  ? __pfx____sys_sendmsg+0x10/0x10
[  268.229250][ T8893]  ? __fget_files+0x2a/0x420
[  268.229262][ T8893]  ? __fget_files+0x3a0/0x420
[  268.229277][ T8893]  __x64_sys_sendmsg+0x19b/0x260
[  268.229291][ T8893]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  268.229308][ T8893]  ? __pfx_ksys_write+0x10/0x10
[  268.229320][ T8893]  ? rcu_is_watching+0x15/0xb0
[  268.229332][ T8893]  ? do_syscall_64+0xbe/0x3b0
[  268.229345][ T8893]  do_syscall_64+0xfa/0x3b0
[  268.229355][ T8893]  ? lockdep_hardirqs_on+0x9c/0x150
[  268.229364][ T8893]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.229374][ T8893]  ? clear_bhb_loop+0x60/0xb0
[  268.229387][ T8893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.229397][ T8893] RIP: 0033:0x7f4ce798eec9
[  268.229406][ T8893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.229415][ T8893] RSP: 002b:00007f4ce8754038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.229426][ T8893] RAX: ffffffffffffffda RBX: 00007f4ce7be5fa0 RCX: 00007f4ce798eec9
[  268.229433][ T8893] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000003
[  268.229439][ T8893] RBP: 00007f4ce8754090 R08: 0000000000000000 R09: 0000000000000000
[  268.229445][ T8893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.229450][ T8893] R13: 00007f4ce7be6038 R14: 00007f4ce7be5fa0 R15: 00007f4ce7d0fa28
[  268.229465][ T8893]  </TASK>
[  273.787538][ T9005] netlink: 12 bytes leftover after parsing attributes in process `syz.6.855'.
[  274.629392][ T9005] vlan2: entered promiscuous mode
[  274.680188][ T9005] team0: entered promiscuous mode
[  274.691923][ T9005] team_slave_0: entered promiscuous mode
[  274.850693][ T9005] team_slave_1: entered promiscuous mode
[  275.355845][ T9029] netlink: 96 bytes leftover after parsing attributes in process `syz.6.859'.
[  277.084228][ T9055] netlink: 28 bytes leftover after parsing attributes in process `syz.0.868'.
[  277.300574][ T9058] netlink: 12 bytes leftover after parsing attributes in process `syz.0.869'.
[  277.408064][ T9058] vlan3: entered promiscuous mode
[  278.035322][ T9077] netlink: 12 bytes leftover after parsing attributes in process `syz.3.876'.
[  278.367287][ T9079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.876'.
[  278.838882][ T5968] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  279.029020][ T5968] usb 7-1: Using ep0 maxpacket: 16
[  279.088800][ T5968] usb 7-1: config 0 has no interfaces?
[  279.120879][ T9077] bridge1: port 1(veth0_to_bond) entered blocking state
[  279.128288][ T9077] bridge1: port 1(veth0_to_bond) entered disabled state
[  279.174464][ T9077] veth0_to_bond: entered allmulticast mode
[  279.210814][ T9077] veth0_to_bond: entered promiscuous mode
[  279.223049][ T5968] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  279.250985][ T5968] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.354834][ T9092] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  279.420195][ T5968] usb 7-1: Product: syz
[  279.424455][ T5968] usb 7-1: Manufacturer: syz
[  279.451517][ T9091] netlink: 28 bytes leftover after parsing attributes in process `syz.0.879'.
[  279.593277][ T5968] usb 7-1: SerialNumber: syz
[  279.860043][ T5968] usb 7-1: config 0 descriptor??
[  280.072929][ T9096] FAULT_INJECTION: forcing a failure.
[  280.072929][ T9096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.163126][ T9096] CPU: 0 UID: 0 PID: 9096 Comm: syz.3.881 Not tainted syzkaller #0 PREEMPT(full) 
[  280.163152][ T9096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  280.163162][ T9096] Call Trace:
[  280.163170][ T9096]  <TASK>
[  280.163179][ T9096]  dump_stack_lvl+0x189/0x250
[  280.163203][ T9096]  ? __pfx____ratelimit+0x10/0x10
[  280.163222][ T9096]  ? __pfx_dump_stack_lvl+0x10/0x10
[  280.163242][ T9096]  ? __pfx__printk+0x10/0x10
[  280.163264][ T9096]  ? __might_fault+0xb0/0x130
[  280.163296][ T9096]  should_fail_ex+0x414/0x560
[  280.163325][ T9096]  _copy_from_user+0x2d/0xb0
[  280.163346][ T9096]  sw_sync_ioctl+0x105/0xd00
[  280.163378][ T9096]  ? __pfx_sw_sync_ioctl+0x10/0x10
[  280.163407][ T9096]  ? __fget_files+0x2a/0x420
[  280.163422][ T9096]  ? __fget_files+0x3a0/0x420
[  280.163436][ T9096]  ? __fget_files+0x2a/0x420
[  280.163455][ T9096]  ? bpf_lsm_file_ioctl+0x9/0x20
[  280.163475][ T9096]  ? __pfx_sw_sync_ioctl+0x10/0x10
[  280.163497][ T9096]  __se_sys_ioctl+0xfc/0x170
[  280.163520][ T9096]  do_syscall_64+0xfa/0x3b0
[  280.163537][ T9096]  ? lockdep_hardirqs_on+0x9c/0x150
[  280.163554][ T9096]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.163571][ T9096]  ? clear_bhb_loop+0x60/0xb0
[  280.163592][ T9096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.163608][ T9096] RIP: 0033:0x7fe8c278eec9
[  280.163624][ T9096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.163638][ T9096] RSP: 002b:00007fe8c3552038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  280.163657][ T9096] RAX: ffffffffffffffda RBX: 00007fe8c29e5fa0 RCX: 00007fe8c278eec9
[  280.163670][ T9096] RDX: 00002000000000c0 RSI: 0000000040045701 RDI: 0000000000000005
[  280.163681][ T9096] RBP: 00007fe8c3552090 R08: 0000000000000000 R09: 0000000000000000
[  280.163692][ T9096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.163702][ T9096] R13: 00007fe8c29e6038 R14: 00007fe8c29e5fa0 R15: 00007fe8c2b0fa28
[  280.163730][ T9096]  </TASK>
[  280.649242][ T9098] FAULT_INJECTION: forcing a failure.
[  280.649242][ T9098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.729370][ T9098] CPU: 0 UID: 0 PID: 9098 Comm: syz.0.880 Not tainted syzkaller #0 PREEMPT(full) 
[  280.729397][ T9098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  280.729407][ T9098] Call Trace:
[  280.729415][ T9098]  <TASK>
[  280.729423][ T9098]  dump_stack_lvl+0x189/0x250
[  280.729448][ T9098]  ? __pfx____ratelimit+0x10/0x10
[  280.729467][ T9098]  ? __pfx_dump_stack_lvl+0x10/0x10
[  280.729486][ T9098]  ? __pfx__printk+0x10/0x10
[  280.729521][ T9098]  should_fail_ex+0x414/0x560
[  280.729550][ T9098]  _copy_to_user+0x31/0xb0
[  280.729573][ T9098]  simple_read_from_buffer+0xe1/0x170
[  280.729601][ T9098]  proc_fail_nth_read+0x1b3/0x220
[  280.729624][ T9098]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  280.729646][ T9098]  ? rw_verify_area+0x2a6/0x4d0
[  280.729665][ T9098]  ? __lock_acquire+0xab9/0xd20
[  280.729686][ T9098]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  280.729706][ T9098]  vfs_read+0x200/0xa30
[  280.729726][ T9098]  ? fdget_pos+0x247/0x320
[  280.729746][ T9098]  ? __pfx___mutex_lock+0x10/0x10
[  280.729765][ T9098]  ? __pfx_vfs_read+0x10/0x10
[  280.729788][ T9098]  ? __fget_files+0x2a/0x420
[  280.729808][ T9098]  ? __fget_files+0x3a0/0x420
[  280.729822][ T9098]  ? __fget_files+0x2a/0x420
[  280.729847][ T9098]  ksys_read+0x145/0x250
[  280.729869][ T9098]  ? __pfx_ksys_read+0x10/0x10
[  280.729885][ T9098]  ? rcu_is_watching+0x15/0xb0
[  280.729909][ T9098]  ? do_syscall_64+0xbe/0x3b0
[  280.729929][ T9098]  do_syscall_64+0xfa/0x3b0
[  280.729945][ T9098]  ? lockdep_hardirqs_on+0x9c/0x150
[  280.729962][ T9098]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.729978][ T9098]  ? clear_bhb_loop+0x60/0xb0
[  280.730005][ T9098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.730021][ T9098] RIP: 0033:0x7f4ce798d8dc
[  280.730037][ T9098] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  280.730051][ T9098] RSP: 002b:00007f4ce5bf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  280.730070][ T9098] RAX: ffffffffffffffda RBX: 00007f4ce7be6090 RCX: 00007f4ce798d8dc
[  280.730083][ T9098] RDX: 000000000000000f RSI: 00007f4ce5bf60a0 RDI: 0000000000000006
[  280.730095][ T9098] RBP: 00007f4ce5bf6090 R08: 0000000000000000 R09: 0000000000000000
[  280.730106][ T9098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.730116][ T9098] R13: 00007f4ce7be6128 R14: 00007f4ce7be6090 R15: 00007f4ce7d0fa28
[  280.730146][ T9098]  </TASK>
[  281.210973][ T9103] netlink: 12 bytes leftover after parsing attributes in process `syz.3.883'.
[  281.227591][ T9103] vlan2: entered promiscuous mode
[  281.233116][ T9103] team0: entered promiscuous mode
[  281.712914][ T9118] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  281.724331][ T9118] syzkaller0: entered promiscuous mode
[  281.779097][ T9118] syzkaller0: entered allmulticast mode
[  281.807646][ T9119] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  282.337788][ T9129] netlink: 28 bytes leftover after parsing attributes in process `syz.1.890'.
[  282.526157][ T9133] netlink: 12 bytes leftover after parsing attributes in process `syz.5.891'.
[  282.548268][   T24] usb 7-1: USB disconnect, device number 4
[  282.744684][ T9136] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  282.859784][ T9133] vlan3: entered promiscuous mode
[  282.877919][ T9133] bond0: entered promiscuous mode
[  282.923405][ T9133] bond_slave_0: entered promiscuous mode
[  282.988495][ T9133] bond_slave_1: entered promiscuous mode
[  284.437487][ T9155] netlink: 96 bytes leftover after parsing attributes in process `syz.3.897'.
[  285.085249][ T9167] FAULT_INJECTION: forcing a failure.
[  285.085249][ T9167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.129264][ T9167] CPU: 0 UID: 0 PID: 9167 Comm: syz.6.903 Not tainted syzkaller #0 PREEMPT(full) 
[  285.129292][ T9167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  285.129302][ T9167] Call Trace:
[  285.129309][ T9167]  <TASK>
[  285.129316][ T9167]  dump_stack_lvl+0x189/0x250
[  285.129340][ T9167]  ? __pfx____ratelimit+0x10/0x10
[  285.129359][ T9167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.129378][ T9167]  ? __pfx__printk+0x10/0x10
[  285.129406][ T9167]  ? __might_fault+0xb0/0x130
[  285.129439][ T9167]  should_fail_ex+0x414/0x560
[  285.129468][ T9167]  _copy_from_iter+0x1de/0x1790
[  285.129495][ T9167]  ? rcu_is_watching+0x15/0xb0
[  285.129514][ T9167]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  285.129537][ T9167]  ? __pfx__copy_from_iter+0x10/0x10
[  285.129565][ T9167]  ? __build_skb_around+0x257/0x3e0
[  285.129588][ T9167]  ? netlink_sendmsg+0x642/0xb30
[  285.129604][ T9167]  ? skb_put+0x11b/0x210
[  285.129626][ T9167]  netlink_sendmsg+0x6b2/0xb30
[  285.129654][ T9167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.129676][ T9167]  ? aa_sock_msg_perm+0xf1/0x1d0
[  285.129695][ T9167]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  285.129712][ T9167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.129730][ T9167]  __sock_sendmsg+0x21c/0x270
[  285.129757][ T9167]  ____sys_sendmsg+0x505/0x830
[  285.129783][ T9167]  ? __pfx_____sys_sendmsg+0x10/0x10
[  285.129812][ T9167]  ? import_iovec+0x74/0xa0
[  285.129836][ T9167]  ___sys_sendmsg+0x21f/0x2a0
[  285.129859][ T9167]  ? __pfx____sys_sendmsg+0x10/0x10
[  285.129915][ T9167]  ? __fget_files+0x2a/0x420
[  285.129929][ T9167]  ? __fget_files+0x3a0/0x420
[  285.129956][ T9167]  __x64_sys_sendmsg+0x19b/0x260
[  285.129979][ T9167]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  285.130009][ T9167]  ? __pfx_ksys_write+0x10/0x10
[  285.130028][ T9167]  ? rcu_is_watching+0x15/0xb0
[  285.130050][ T9167]  ? do_syscall_64+0xbe/0x3b0
[  285.130073][ T9167]  do_syscall_64+0xfa/0x3b0
[  285.130089][ T9167]  ? lockdep_hardirqs_on+0x9c/0x150
[  285.130106][ T9167]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.130122][ T9167]  ? clear_bhb_loop+0x60/0xb0
[  285.130143][ T9167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.130158][ T9167] RIP: 0033:0x7f6336d8eec9
[  285.130174][ T9167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.130188][ T9167] RSP: 002b:00007f6337cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.130207][ T9167] RAX: ffffffffffffffda RBX: 00007f6336fe5fa0 RCX: 00007f6336d8eec9
[  285.130219][ T9167] RDX: 0000000020004804 RSI: 00002000000000c0 RDI: 0000000000000007
[  285.130230][ T9167] RBP: 00007f6337cd7090 R08: 0000000000000000 R09: 0000000000000000
[  285.130241][ T9167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.130251][ T9167] R13: 00007f6336fe6038 R14: 00007f6336fe5fa0 R15: 00007f633710fa28
[  285.130284][ T9167]  </TASK>
[  285.790860][ T9174] FAULT_INJECTION: forcing a failure.
[  285.790860][ T9174] name failslab, interval 1, probability 0, space 0, times 0
[  285.803571][ T9174] CPU: 1 UID: 0 PID: 9174 Comm: syz.3.906 Not tainted syzkaller #0 PREEMPT(full) 
[  285.803592][ T9174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  285.803601][ T9174] Call Trace:
[  285.803608][ T9174]  <TASK>
[  285.803615][ T9174]  dump_stack_lvl+0x189/0x250
[  285.803638][ T9174]  ? __pfx____ratelimit+0x10/0x10
[  285.803654][ T9174]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.803672][ T9174]  ? __pfx__printk+0x10/0x10
[  285.803694][ T9174]  ? __pfx_fib_rules_lookup+0x10/0x10
[  285.803710][ T9174]  ? l3mdev_update_flow+0x29/0x640
[  285.803730][ T9174]  ? l3mdev_update_flow+0x4d1/0x640
[  285.803751][ T9174]  should_fail_ex+0x414/0x560
[  285.803779][ T9174]  should_failslab+0xa8/0x100
[  285.803804][ T9174]  kmem_cache_alloc_noprof+0x73/0x3c0
[  285.803824][ T9174]  ? dst_alloc+0x105/0x170
[  285.803841][ T9174]  ? __pfx_make_kuid+0x10/0x10
[  285.803866][ T9174]  dst_alloc+0x105/0x170
[  285.803891][ T9174]  ip_route_input_rcu+0x1ed5/0x2ff0
[  285.803925][ T9174]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  285.803971][ T9174]  ? ip_check_mc_rcu+0x4c7/0x680
[  285.803990][ T9174]  ? ip_route_input_noref+0x98/0x250
[  285.804010][ T9174]  ip_route_input_noref+0x167/0x250
[  285.804032][ T9174]  ? __pfx_ip_route_input_noref+0x10/0x10
[  285.804055][ T9174]  ? __pfx_udp_v4_early_demux+0x10/0x10
[  285.804072][ T9174]  ? __lock_acquire+0xab9/0xd20
[  285.804103][ T9174]  ip_rcv_finish_core+0x5af/0x1c00
[  285.804133][ T9174]  ip_rcv_finish+0x14c/0x2f0
[  285.804153][ T9174]  NF_HOOK+0x30c/0x3a0
[  285.804171][ T9174]  ? __pfx_ip_rcv_finish+0x10/0x10
[  285.804187][ T9174]  ? NF_HOOK+0x9a/0x3a0
[  285.804203][ T9174]  ? __pfx_NF_HOOK+0x10/0x10
[  285.804217][ T9174]  ? ip_rcv_core+0x7f7/0xd00
[  285.804244][ T9174]  ? __pfx_ip_rcv_finish+0x10/0x10
[  285.804271][ T9174]  ? __pfx_ip_rcv+0x10/0x10
[  285.804286][ T9174]  __netif_receive_skb+0x143/0x380
[  285.804308][ T9174]  ? netif_receive_skb+0x115/0x790
[  285.804329][ T9174]  netif_receive_skb+0x1cb/0x790
[  285.804351][ T9174]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  285.804370][ T9174]  ? __pfx_netif_receive_skb+0x10/0x10
[  285.804398][ T9174]  ? tun_rx_batched+0x160/0x730
[  285.804420][ T9174]  tun_rx_batched+0x1b9/0x730
[  285.804439][ T9174]  ? __lock_acquire+0xab9/0xd20
[  285.804464][ T9174]  ? __pfx_tun_rx_batched+0x10/0x10
[  285.804482][ T9174]  ? tun_get_user+0x266c/0x3e20
[  285.804512][ T9174]  tun_get_user+0x2aa2/0x3e20
[  285.804538][ T9174]  ? tun_get_user+0x6f6/0x3e20
[  285.804559][ T9174]  ? tun_get_user+0x266c/0x3e20
[  285.804579][ T9174]  ? aa_file_perm+0x44d/0x1550
[  285.804597][ T9174]  ? __pfx_tun_get_user+0x10/0x10
[  285.804625][ T9174]  ? __lock_acquire+0xab9/0xd20
[  285.804652][ T9174]  ? ref_tracker_alloc+0x318/0x460
[  285.804666][ T9174]  ? __lock_acquire+0xab9/0xd20
[  285.804689][ T9174]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  285.804712][ T9174]  ? tun_get+0x1c/0x2f0
[  285.804737][ T9174]  ? tun_get+0x1c/0x2f0
[  285.804754][ T9174]  ? tun_get+0x1c/0x2f0
[  285.804778][ T9174]  tun_chr_write_iter+0x113/0x200
[  285.804801][ T9174]  vfs_write+0x5c9/0xb30
[  285.804828][ T9174]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  285.804848][ T9174]  ? __pfx_vfs_write+0x10/0x10
[  285.804879][ T9174]  ? __fget_files+0x2a/0x420
[  285.804905][ T9174]  ksys_write+0x145/0x250
[  285.804929][ T9174]  ? __pfx_ksys_write+0x10/0x10
[  285.804947][ T9174]  ? rcu_is_watching+0x15/0xb0
[  285.804970][ T9174]  ? do_syscall_64+0xbe/0x3b0
[  285.804993][ T9174]  do_syscall_64+0xfa/0x3b0
[  285.805009][ T9174]  ? lockdep_hardirqs_on+0x9c/0x150
[  285.805026][ T9174]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.805043][ T9174]  ? clear_bhb_loop+0x60/0xb0
[  285.805064][ T9174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.805080][ T9174] RIP: 0033:0x7fe8c278d97f
[  285.805096][ T9174] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  285.805110][ T9174] RSP: 002b:00007fe8c3552000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  285.805129][ T9174] RAX: ffffffffffffffda RBX: 00007fe8c29e5fa0 RCX: 00007fe8c278d97f
[  285.805142][ T9174] RDX: 000000000000002a RSI: 0000200000000080 RDI: 00000000000000c8
[  285.805153][ T9174] RBP: 00007fe8c3552090 R08: 0000000000000000 R09: 0000000000000000
[  285.805164][ T9174] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[  285.805174][ T9174] R13: 00007fe8c29e6038 R14: 00007fe8c29e5fa0 R15: 00007fe8c2b0fa28
[  285.805203][ T9174]  </TASK>
[  286.788113][ T9184] netdevsim netdevsim6: Direct firmware load for x failed with error -2
[  286.796861][ T9184] netdevsim netdevsim6: Falling back to sysfs fallback for: x
[  286.966209][ T9193] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  287.655718][ T9206] netlink: 12 bytes leftover after parsing attributes in process `syz.5.913'.
[  287.816665][ T9202] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  287.885389][ T9200] netlink: 'syz.5.913': attribute type 29 has an invalid length.
[  287.938857][ T9200] netlink: 'syz.5.913': attribute type 29 has an invalid length.
[  288.634521][ T9211] could not allocate digest TFM handle blake2s-128
[  290.154783][ T9231] input: syz0 as /devices/virtual/input/input11
[  291.060268][ T9241] netlink: 4 bytes leftover after parsing attributes in process `syz.1.922'.
[  291.136519][ T9239] netlink: 20 bytes leftover after parsing attributes in process `syz.3.923'.
[  291.341549][ T9247] FAULT_INJECTION: forcing a failure.
[  291.341549][ T9247] name failslab, interval 1, probability 0, space 0, times 0
[  291.396908][ T9247] CPU: 1 UID: 0 PID: 9247 Comm: syz.3.926 Not tainted syzkaller #0 PREEMPT(full) 
[  291.396932][ T9247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  291.396941][ T9247] Call Trace:
[  291.396948][ T9247]  <TASK>
[  291.396955][ T9247]  dump_stack_lvl+0x189/0x250
[  291.396981][ T9247]  ? __pfx____ratelimit+0x10/0x10
[  291.396998][ T9247]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.397017][ T9247]  ? __pfx__printk+0x10/0x10
[  291.397043][ T9247]  ? __pfx___might_resched+0x10/0x10
[  291.397059][ T9247]  ? fs_reclaim_acquire+0x7d/0x100
[  291.397079][ T9247]  should_fail_ex+0x414/0x560
[  291.397108][ T9247]  should_failslab+0xa8/0x100
[  291.397131][ T9247]  __kmalloc_noprof+0xcb/0x4f0
[  291.397150][ T9247]  ? kfree+0x4d/0x440
[  291.397166][ T9247]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  291.397189][ T9247]  tomoyo_realpath_from_path+0xe3/0x5d0
[  291.397209][ T9247]  ? tomoyo_domain+0xd9/0x130
[  291.397233][ T9247]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  291.397255][ T9247]  tomoyo_path_number_perm+0x1e8/0x5a0
[  291.397281][ T9247]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  291.397307][ T9247]  ? sb_end_write+0xe9/0x1c0
[  291.397325][ T9247]  ? vfs_write+0x956/0xb30
[  291.397377][ T9247]  ? ksys_write+0x1e1/0x250
[  291.397404][ T9247]  security_file_ioctl+0xcb/0x2d0
[  291.397429][ T9247]  __se_sys_ioctl+0x47/0x170
[  291.397452][ T9247]  do_syscall_64+0xfa/0x3b0
[  291.397471][ T9247]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.397487][ T9247]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  291.397504][ T9247]  ? clear_bhb_loop+0x60/0xb0
[  291.397524][ T9247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.397541][ T9247] RIP: 0033:0x7fe8c278eec9
[  291.397556][ T9247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.397571][ T9247] RSP: 002b:00007fe8c3552038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  291.397591][ T9247] RAX: ffffffffffffffda RBX: 00007fe8c29e5fa0 RCX: 00007fe8c278eec9
[  291.397603][ T9247] RDX: 0000200000000580 RSI: 00000000c0487c04 RDI: 0000000000000003
[  291.397615][ T9247] RBP: 00007fe8c3552090 R08: 0000000000000000 R09: 0000000000000000
[  291.397626][ T9247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.397636][ T9247] R13: 00007fe8c29e6038 R14: 00007fe8c29e5fa0 R15: 00007fe8c2b0fa28
[  291.397666][ T9247]  </TASK>
[  291.459476][ T9247] ERROR: Out of memory at tomoyo_realpath_from_path.
[  292.355320][ T9253] netlink: 12 bytes leftover after parsing attributes in process `syz.5.927'.
[  292.387692][ T9253] 8021q: VLANs not supported on vcan0
[  293.400005][ T9277] could not allocate digest TFM handle blake2s-128
[  294.335250][ T9301] syz_tun: entered allmulticast mode
[  294.351588][ T9301] syz_tun: left allmulticast mode
[  294.407178][ T9303] FAULT_INJECTION: forcing a failure.
[  294.407178][ T9303] name failslab, interval 1, probability 0, space 0, times 0
[  294.468334][ T9303] CPU: 0 UID: 0 PID: 9303 Comm: syz.6.941 Not tainted syzkaller #0 PREEMPT(full) 
[  294.468359][ T9303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  294.468370][ T9303] Call Trace:
[  294.468377][ T9303]  <TASK>
[  294.468395][ T9303]  dump_stack_lvl+0x189/0x250
[  294.468420][ T9303]  ? __pfx____ratelimit+0x10/0x10
[  294.468439][ T9303]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.468459][ T9303]  ? __pfx__printk+0x10/0x10
[  294.468487][ T9303]  ? __pfx___might_resched+0x10/0x10
[  294.468502][ T9303]  ? fs_reclaim_acquire+0x7d/0x100
[  294.468523][ T9303]  should_fail_ex+0x414/0x560
[  294.468550][ T9303]  ? __pfx_sock_alloc_inode+0x10/0x10
[  294.468577][ T9303]  should_failslab+0xa8/0x100
[  294.468600][ T9303]  ? __pfx_sock_alloc_inode+0x10/0x10
[  294.468619][ T9303]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  294.468639][ T9303]  ? sock_alloc_inode+0x28/0xc0
[  294.468666][ T9303]  ? __pfx_sock_alloc_inode+0x10/0x10
[  294.468684][ T9303]  sock_alloc_inode+0x28/0xc0
[  294.468703][ T9303]  alloc_inode+0x6a/0x1b0
[  294.468724][ T9303]  do_accept+0x111/0x680
[  294.468744][ T9303]  ? __pfx_do_accept+0x10/0x10
[  294.468778][ T9303]  __sys_accept4+0x11c/0x1c0
[  294.468797][ T9303]  ? __pfx___sys_accept4+0x10/0x10
[  294.468816][ T9303]  ? __pfx_ksys_write+0x10/0x10
[  294.468833][ T9303]  __x64_sys_accept4+0x9a/0xb0
[  294.468845][ T9303]  do_syscall_64+0xfa/0x3b0
[  294.468855][ T9303]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.468865][ T9303]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.468874][ T9303]  ? clear_bhb_loop+0x60/0xb0
[  294.468886][ T9303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.468895][ T9303] RIP: 0033:0x7f6336d8eec9
[  294.468904][ T9303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.468913][ T9303] RSP: 002b:00007f6337cb6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  294.468924][ T9303] RAX: ffffffffffffffda RBX: 00007f6336fe6090 RCX: 00007f6336d8eec9
[  294.468931][ T9303] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000003
[  294.468938][ T9303] RBP: 00007f6337cb6090 R08: 0000000000000000 R09: 0000000000000000
[  294.468944][ T9303] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  294.468950][ T9303] R13: 00007f6336fe6128 R14: 00007f6336fe6090 R15: 00007f633710fa28
[  294.468964][ T9303]  </TASK>
[  294.700061][    C0] vkms_vblank_simulate: vblank timer overrun
[  295.879103][ T5968] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  296.060533][ T9331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.949'.
[  296.081195][ T9331] netlink: 12 bytes leftover after parsing attributes in process `syz.3.949'.
[  296.116086][ T9333] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  296.118892][ T9331] netlink: 'syz.3.949': attribute type 20 has an invalid length.
[  296.147513][ T9333] syzkaller0: entered promiscuous mode
[  296.161409][ T9333] syzkaller0: entered allmulticast mode
[  296.199262][ T5968] usb 6-1: Using ep0 maxpacket: 16
[  296.214833][ T5968] usb 6-1: config 0 has an invalid interface number: 104 but max is 0
[  296.225598][ T9333] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  296.228753][ T5968] usb 6-1: config 0 has no interface number 0
[  296.272469][ T5968] usb 6-1: New USB device found, idVendor=04dd, idProduct=9050, bcdDevice=8d.36
[  296.318982][ T5968] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.474003][ T5968] usb 6-1: Product: syz
[  296.483851][ T5968] usb 6-1: Manufacturer: syz
[  296.493089][ T5968] usb 6-1: SerialNumber: syz
[  296.496495][ T9336] netlink: 8 bytes leftover after parsing attributes in process `syz.3.951'.
[  296.551078][ T5968] usb 6-1: config 0 descriptor??
[  296.563836][ T9336] netlink: 12 bytes leftover after parsing attributes in process `syz.3.951'.
[  296.568070][ T5968] usb 6-1: bad CDC descriptors
[  296.633585][ T9340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.952'.
[  296.668820][ T9336] netlink: 'syz.3.951': attribute type 20 has an invalid length.
[  296.833499][ T9343] netlink: 28 bytes leftover after parsing attributes in process `syz.0.953'.
[  296.917853][ T9345] kvm: MONITOR instruction emulated as NOP!
[  297.808437][ T9362] could not allocate digest TFM handle blake2s-128
[  298.005311][ T9372] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  298.555015][ T5873] usb 6-1: USB disconnect, device number 14
[  298.909010][ T9375] netlink: 12 bytes leftover after parsing attributes in process `syz.5.960'.
[  298.938934][ T9375] 8021q: VLANs not supported on vcan0
[  299.071616][ T9377] FAULT_INJECTION: forcing a failure.
[  299.071616][ T9377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.122597][ T9377] CPU: 0 UID: 0 PID: 9377 Comm: syz.5.961 Not tainted syzkaller #0 PREEMPT(full) 
[  299.122614][ T9377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  299.122621][ T9377] Call Trace:
[  299.122625][ T9377]  <TASK>
[  299.122630][ T9377]  dump_stack_lvl+0x189/0x250
[  299.122647][ T9377]  ? __pfx____ratelimit+0x10/0x10
[  299.122658][ T9377]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.122670][ T9377]  ? __pfx__printk+0x10/0x10
[  299.122689][ T9377]  should_fail_ex+0x414/0x560
[  299.122707][ T9377]  _copy_to_user+0x31/0xb0
[  299.122722][ T9377]  simple_read_from_buffer+0xe1/0x170
[  299.122739][ T9377]  proc_fail_nth_read+0x1b3/0x220
[  299.122752][ T9377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  299.122764][ T9377]  ? rw_verify_area+0x2a6/0x4d0
[  299.122777][ T9377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  299.122789][ T9377]  vfs_read+0x200/0xa30
[  299.122805][ T9377]  ? __pfx_vfs_read+0x10/0x10
[  299.122816][ T9377]  ? do_mq_notify+0x91d/0xbb0
[  299.122833][ T9377]  ? __pfx_do_mq_notify+0x10/0x10
[  299.122853][ T9377]  ksys_read+0x145/0x250
[  299.122867][ T9377]  ? __pfx_ksys_read+0x10/0x10
[  299.122885][ T9377]  ? do_syscall_64+0xbe/0x3b0
[  299.122898][ T9377]  do_syscall_64+0xfa/0x3b0
[  299.122908][ T9377]  ? lockdep_hardirqs_on+0x9c/0x150
[  299.122918][ T9377]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.122928][ T9377]  ? clear_bhb_loop+0x60/0xb0
[  299.122940][ T9377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.122949][ T9377] RIP: 0033:0x7f05a9b8d8dc
[  299.122958][ T9377] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  299.122967][ T9377] RSP: 002b:00007f05aaaf4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  299.122978][ T9377] RAX: ffffffffffffffda RBX: 00007f05a9de5fa0 RCX: 00007f05a9b8d8dc
[  299.122985][ T9377] RDX: 000000000000000f RSI: 00007f05aaaf40a0 RDI: 0000000000000004
[  299.122990][ T9377] RBP: 00007f05aaaf4090 R08: 0000000000000000 R09: 0000000000000000
[  299.122996][ T9377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.123001][ T9377] R13: 00007f05a9de6038 R14: 00007f05a9de5fa0 R15: 00007f05a9f0fa28
[  299.123016][ T9377]  </TASK>
[  299.673106][ T9385] netlink: 8 bytes leftover after parsing attributes in process `syz.6.964'.
[  299.813875][ T5939] usb 6-1: new full-speed USB device number 15 using dummy_hcd
[  299.981017][ T5939] usb 6-1: config 0 has an invalid interface number: 207 but max is 0
[  300.005361][ T5939] usb 6-1: config 0 has no interface number 0
[  300.022406][ T5939] usb 6-1: New USB device found, idVendor=12d1, idProduct=ed56, bcdDevice=46.dd
[  300.032733][ T5939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.056113][ T5939] usb 6-1: Product: syz
[  300.066250][ T5939] usb 6-1: Manufacturer: syz
[  300.071054][  T886] usb 1-1: new low-speed USB device number 24 using dummy_hcd
[  300.081840][ T5939] usb 6-1: SerialNumber: syz
[  300.104746][ T5939] usb 6-1: config 0 descriptor??
[  300.141098][ T5939] qmi_wwan 6-1:0.207: bogus CDC Union: master=0, slave=1
[  300.208896][  T886] usb 1-1: device descriptor read/64, error -71
[  300.223506][ T9393] netlink: 28 bytes leftover after parsing attributes in process `syz.3.966'.
[  300.355472][ T5939] qmi_wwan 6-1:0.207: probe with driver qmi_wwan failed with error -22
[  300.458848][  T886] usb 1-1: new low-speed USB device number 25 using dummy_hcd
[  300.557438][ T5968] usb 6-1: USB disconnect, device number 15
[  300.598808][  T886] usb 1-1: device descriptor read/64, error -71
[  300.649000][ T5873] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  300.709022][  T886] usb usb1-port1: attempt power cycle
[  300.820645][ T5873] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  300.831016][ T5873] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  300.841603][ T5873] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  300.850652][ T5873] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  300.861798][ T5873] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  300.874729][ T5873] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  300.884142][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  300.896840][ T5873] usb 2-1: Product: syz
[  300.904063][ T5873] usb 2-1: Manufacturer: syz
[  300.925835][ T5873] cdc_wdm 2-1:1.0: skipping garbage
[  300.953313][ T5873] cdc_wdm 2-1:1.0: skipping garbage
[  300.976842][ T5873] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  300.986221][ T5873] cdc_wdm 2-1:1.0: Unknown control protocol
[  301.049258][  T886] usb 1-1: new low-speed USB device number 26 using dummy_hcd
[  301.124435][  T886] usb 1-1: device descriptor read/8, error -71
[  301.399102][  T886] usb 1-1: new low-speed USB device number 27 using dummy_hcd
[  301.417767][ T9411] trusted_key: encrypted_key: master key parameter 'sbiWlC��Ҡ0b�Baޱ�T�gw�H��X}\�h����p��zc��+�t�a�����G�qv�b�@�N%��%�ay��' is invalid
[  301.450010][  T886] usb 1-1: device descriptor read/8, error -71
[  301.576379][ T9417] trusted_key: encrypted_key: master key parameter 'sbiWlC��Ҡ0b�Baޱ�T�gw�H��X}\�h����p��zc��+�t�a�����G�qv�b�@�N%��%�ay��' is invalid
[  301.634215][  T886] usb usb1-port1: unable to enumerate USB device
[  301.748097][  T886] usb 2-1: USB disconnect, device number 27
[  303.162729][ T9424] FAULT_INJECTION: forcing a failure.
[  303.162729][ T9424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.198875][ T9424] CPU: 1 UID: 0 PID: 9424 Comm: syz.0.974 Not tainted syzkaller #0 PREEMPT(full) 
[  303.198901][ T9424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  303.198910][ T9424] Call Trace:
[  303.198918][ T9424]  <TASK>
[  303.198925][ T9424]  dump_stack_lvl+0x189/0x250
[  303.198948][ T9424]  ? __pfx____ratelimit+0x10/0x10
[  303.198968][ T9424]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.198986][ T9424]  ? __pfx__printk+0x10/0x10
[  303.199020][ T9424]  should_fail_ex+0x414/0x560
[  303.199048][ T9424]  _copy_to_user+0x31/0xb0
[  303.199071][ T9424]  sk_getsockopt+0x1a75/0x2530
[  303.199096][ T9424]  ? __pfx_sk_getsockopt+0x10/0x10
[  303.199115][ T9424]  ? write_ibpb+0x30/0x40
[  303.199142][ T9424]  ? __lock_acquire+0xab9/0xd20
[  303.199174][ T9424]  ? __might_fault+0xb0/0x130
[  303.199217][ T9424]  do_sock_getsockopt+0x237/0x450
[  303.199235][ T9424]  ? write_ibpb+0x30/0x40
[  303.199256][ T9424]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  303.199275][ T9424]  ? write_ibpb+0x30/0x40
[  303.199291][ T9424]  ? __fget_files+0x3a0/0x420
[  303.199307][ T9424]  ? __fget_files+0x2a/0x420
[  303.199330][ T9424]  __x64_sys_getsockopt+0x1a5/0x250
[  303.199347][ T9424]  ? write_ibpb+0x30/0x40
[  303.199364][ T9424]  ? write_ibpb+0x30/0x40
[  303.199384][ T9424]  do_syscall_64+0xfa/0x3b0
[  303.199403][ T9424]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.199435][ T9424]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  303.199451][ T9424]  ? clear_bhb_loop+0x60/0xb0
[  303.199471][ T9424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.199488][ T9424] RIP: 0033:0x7f4ce798eec9
[  303.199510][ T9424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.199524][ T9424] RSP: 002b:00007f4ce8754038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  303.199544][ T9424] RAX: ffffffffffffffda RBX: 00007f4ce7be5fa0 RCX: 00007f4ce798eec9
[  303.199557][ T9424] RDX: 0000000000000024 RSI: 0000000000000001 RDI: 0000000000000003
[  303.199567][ T9424] RBP: 00007f4ce8754090 R08: 0000200000000500 R09: 0000000000000000
[  303.199583][ T9424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.199593][ T9424] R13: 00007f4ce7be6038 R14: 00007f4ce7be5fa0 R15: 00007f4ce7d0fa28
[  303.199622][ T9424]  </TASK>
[  303.563340][ T9428] netlink: 4 bytes leftover after parsing attributes in process `syz.5.976'.
[  303.641339][ T9431] netlink: 28 bytes leftover after parsing attributes in process `syz.0.977'.
[  303.760730][ T9435] program syz.0.979 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  303.961175][ T9441] netlink: 12 bytes leftover after parsing attributes in process `syz.5.980'.
[  304.065413][ T9441] vlan3: entered promiscuous mode
[  304.318976][ T9458] FAULT_INJECTION: forcing a failure.
[  304.318976][ T9458] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.339341][ T9458] CPU: 1 UID: 0 PID: 9458 Comm: syz.5.987 Not tainted syzkaller #0 PREEMPT(full) 
[  304.339368][ T9458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  304.339382][ T9458] Call Trace:
[  304.339390][ T9458]  <TASK>
[  304.339398][ T9458]  dump_stack_lvl+0x189/0x250
[  304.339422][ T9458]  ? __pfx____ratelimit+0x10/0x10
[  304.339440][ T9458]  ? __pfx_dump_stack_lvl+0x10/0x10
[  304.339459][ T9458]  ? __pfx__printk+0x10/0x10
[  304.339481][ T9458]  ? __might_fault+0xb0/0x130
[  304.339513][ T9458]  should_fail_ex+0x414/0x560
[  304.339540][ T9458]  _copy_from_iter+0x1de/0x1790
[  304.339566][ T9458]  ? rcu_is_watching+0x15/0xb0
[  304.339583][ T9458]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  304.339606][ T9458]  ? __pfx__copy_from_iter+0x10/0x10
[  304.339626][ T9458]  ? __build_skb_around+0x257/0x3e0
[  304.339647][ T9458]  ? netlink_sendmsg+0x642/0xb30
[  304.339663][ T9458]  ? skb_put+0x11b/0x210
[  304.339682][ T9458]  netlink_sendmsg+0x6b2/0xb30
[  304.339707][ T9458]  ? __pfx_netlink_sendmsg+0x10/0x10
[  304.339728][ T9458]  ? aa_sock_msg_perm+0xf1/0x1d0
[  304.339746][ T9458]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  304.339764][ T9458]  ? __pfx_netlink_sendmsg+0x10/0x10
[  304.339784][ T9458]  __sock_sendmsg+0x21c/0x270
[  304.339811][ T9458]  ____sys_sendmsg+0x505/0x830
[  304.339837][ T9458]  ? __pfx_____sys_sendmsg+0x10/0x10
[  304.339866][ T9458]  ? import_iovec+0x74/0xa0
[  304.339890][ T9458]  ___sys_sendmsg+0x21f/0x2a0
[  304.339913][ T9458]  ? __pfx____sys_sendmsg+0x10/0x10
[  304.339968][ T9458]  ? __fget_files+0x2a/0x420
[  304.339983][ T9458]  ? __fget_files+0x3a0/0x420
[  304.340009][ T9458]  __x64_sys_sendmsg+0x19b/0x260
[  304.340032][ T9458]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  304.340062][ T9458]  ? __pfx_ksys_write+0x10/0x10
[  304.340081][ T9458]  ? rcu_is_watching+0x15/0xb0
[  304.340103][ T9458]  ? do_syscall_64+0xbe/0x3b0
[  304.340126][ T9458]  do_syscall_64+0xfa/0x3b0
[  304.340143][ T9458]  ? lockdep_hardirqs_on+0x9c/0x150
[  304.340159][ T9458]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.340176][ T9458]  ? clear_bhb_loop+0x60/0xb0
[  304.340197][ T9458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.340214][ T9458] RIP: 0033:0x7f05a9b8eec9
[  304.340234][ T9458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.340249][ T9458] RSP: 002b:00007f05aaaf4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  304.340267][ T9458] RAX: ffffffffffffffda RBX: 00007f05a9de5fa0 RCX: 00007f05a9b8eec9
[  304.340280][ T9458] RDX: 0000000000040000 RSI: 0000200000000e80 RDI: 0000000000000003
[  304.340291][ T9458] RBP: 00007f05aaaf4090 R08: 0000000000000000 R09: 0000000000000000
[  304.340302][ T9458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.340312][ T9458] R13: 00007f05a9de6038 R14: 00007f05a9de5fa0 R15: 00007f05a9f0fa28
[  304.340347][ T9458]  </TASK>
[  305.016709][ T9462] trusted_key: encrypted_key: master key parameter 'sbiWlC��Ҡ0b�Baޱ�T�gw�H��X}\�h����p��zc��+�t�a�����G�qv�b�@�N%��%�ay��' is invalid
[  305.187952][ T9472] netlink: 28 bytes leftover after parsing attributes in process `syz.0.989'.
[  305.246353][ T9475] FAULT_INJECTION: forcing a failure.
[  305.246353][ T9475] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  305.300004][ T9476] netlink: 'syz.3.990': attribute type 12 has an invalid length.
[  305.307983][ T9475] CPU: 0 UID: 0 PID: 9475 Comm: syz.6.992 Not tainted syzkaller #0 PREEMPT(full) 
[  305.308007][ T9475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  305.308019][ T9475] Call Trace:
[  305.308026][ T9475]  <TASK>
[  305.308032][ T9475]  dump_stack_lvl+0x189/0x250
[  305.308056][ T9475]  ? __pfx____ratelimit+0x10/0x10
[  305.308073][ T9475]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.308090][ T9475]  ? __pfx__printk+0x10/0x10
[  305.308111][ T9475]  ? fs_reclaim_acquire+0x7d/0x100
[  305.308136][ T9475]  should_fail_ex+0x414/0x560
[  305.308163][ T9475]  prepare_alloc_pages+0x213/0x610
[  305.308186][ T9475]  __alloc_frozen_pages_noprof+0x123/0x370
[  305.308204][ T9475]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  305.308293][ T9475]  ? policy_nodemask+0x27c/0x720
[  305.308313][ T9475]  ? __lock_acquire+0xab9/0xd20
[  305.308340][ T9475]  alloc_pages_mpol+0x232/0x4a0
[  305.308367][ T9475]  vma_alloc_folio_noprof+0xe4/0x200
[  305.308392][ T9475]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  305.308426][ T9475]  folio_prealloc+0x30/0x180
[  305.308450][ T9475]  __handle_mm_fault+0x2ab9/0x5440
[  305.308483][ T9475]  ? __pfx___handle_mm_fault+0x10/0x10
[  305.308523][ T9475]  ? find_vma+0xe7/0x160
[  305.308542][ T9475]  ? __pfx_find_vma+0x10/0x10
[  305.308563][ T9475]  handle_mm_fault+0x40a/0x8e0
[  305.308591][ T9475]  do_user_addr_fault+0x764/0x1390
[  305.308629][ T9475]  exc_page_fault+0x76/0xf0
[  305.308649][ T9475]  asm_exc_page_fault+0x26/0x30
[  305.308667][ T9475] RIP: 0010:__put_user_4+0xd/0x20
[  305.308682][ T9475] Code: 66 89 01 31 c9 0f 01 ca e9 50 45 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  305.308694][ T9475] RSP: 0018:ffffc900038ffd38 EFLAGS: 00050206
[  305.308709][ T9475] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00002000000001c0
[  305.308720][ T9475] RDX: 0000000000000000 RSI: ffffffff8dba996e RDI: ffffffff8be33f80
[  305.308731][ T9475] RBP: ffffc900038ffea8 R08: 0000000000000000 R09: ffffffff820b8b20
[  305.308741][ T9475] R10: dffffc0000000000 R11: fffffbfff1f474e7 R12: ffff888055880160
[  305.308752][ T9475] R13: 00002000000001c0 R14: ffff888055880160 R15: ffff888024138ca8
[  305.308769][ T9475]  ? __might_fault+0xb0/0x130
[  305.308796][ T9475]  sg_ioctl+0x17f1/0x2230
[  305.308823][ T9475]  ? __pfx_sg_ioctl+0x10/0x10
[  305.308840][ T9475]  ? __fget_files+0x2a/0x420
[  305.308857][ T9475]  ? __fget_files+0x2a/0x420
[  305.308869][ T9475]  ? __fget_files+0x3a0/0x420
[  305.308883][ T9475]  ? __fget_files+0x2a/0x420
[  305.308902][ T9475]  ? bpf_lsm_file_ioctl+0x9/0x20
[  305.308921][ T9475]  ? __pfx_sg_ioctl+0x10/0x10
[  305.308938][ T9475]  __se_sys_ioctl+0xfc/0x170
[  305.308960][ T9475]  do_syscall_64+0xfa/0x3b0
[  305.308977][ T9475]  ? lockdep_hardirqs_on+0x9c/0x150
[  305.308993][ T9475]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.309007][ T9475]  ? clear_bhb_loop+0x60/0xb0
[  305.309028][ T9475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.309044][ T9475] RIP: 0033:0x7f6336d8eec9
[  305.309059][ T9475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.309073][ T9475] RSP: 002b:00007f6337cd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  305.309089][ T9475] RAX: ffffffffffffffda RBX: 00007f6336fe5fa0 RCX: 00007f6336d8eec9
[  305.309100][ T9475] RDX: 00002000000001c0 RSI: 000000000000227d RDI: 0000000000000003
[  305.309111][ T9475] RBP: 00007f6337cd7090 R08: 0000000000000000 R09: 0000000000000000
[  305.309121][ T9475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.309131][ T9475] R13: 00007f6336fe6038 R14: 00007f6336fe5fa0 R15: 00007f633710fa28
[  305.309161][ T9475]  </TASK>
[  305.669988][    C0] vkms_vblank_simulate: vblank timer overrun
[  305.725552][ T9479] program syz.0.991 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  306.307274][ T9503] netlink: 72 bytes leftover after parsing attributes in process `syz.6.998'.
[  306.330964][ T9503] netlink: 4 bytes leftover after parsing attributes in process `syz.6.998'.
[  306.488910][ T5939] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  306.680970][ T5939] usb 6-1: unable to get BOS descriptor or descriptor too short
[  306.702826][ T5939] usb 6-1: config 176 has an invalid interface number: 218 but max is 0
[  306.711839][ T5939] usb 6-1: config 176 has no interface number 0
[  306.718404][ T5939] usb 6-1: config 176 interface 218 has no altsetting 0
[  306.759466][ T5939] usb 6-1: New USB device found, idVendor=05ac, idProduct=b231, bcdDevice=85.00
[  306.776730][ T5939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.796597][ T5939] usb 6-1: Product: syz
[  306.810264][ T5939] usb 6-1: Manufacturer: syz
[  306.824024][ T5939] usb 6-1: SerialNumber: syz
[  307.105903][ T9510] batadv_slave_1: entered promiscuous mode
[  307.117813][ T9510] batadv_slave_1: left promiscuous mode
[  307.138109][ T5939] ipheth 6-1:176.218: Unable to find alternate settings interface
[  307.322721][ T5939] usb 6-1: USB disconnect, device number 16
[  307.938583][ T9518] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1002'.
[  309.713578][ T9534] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1006'.
[  310.368344][    T9] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  310.577841][    T9] usb 2-1: Using ep0 maxpacket: 16
[  310.594812][    T9] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  310.607049][    T9] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  310.657991][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  310.691569][ T9562] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1014'.
[  310.702009][    T9] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  310.712867][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.721293][    T9] usb 2-1: Product: syz
[  310.730769][    T9] usb 2-1: Manufacturer: syz
[  310.740761][    T9] usb 2-1: SerialNumber: syz
[  310.849236][ T5939] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  310.925731][ T9566] FAULT_INJECTION: forcing a failure.
[  310.925731][ T9566] name failslab, interval 1, probability 0, space 0, times 0
[  311.023167][ T9566] CPU: 1 UID: 0 PID: 9566 Comm: syz.6.1017 Not tainted syzkaller #0 PREEMPT(full) 
[  311.023191][ T9566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  311.023202][ T9566] Call Trace:
[  311.023209][ T9566]  <TASK>
[  311.023217][ T9566]  dump_stack_lvl+0x189/0x250
[  311.023242][ T9566]  ? __pfx____ratelimit+0x10/0x10
[  311.023261][ T9566]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.023280][ T9566]  ? __pfx__printk+0x10/0x10
[  311.023307][ T9566]  ? __pfx___might_resched+0x10/0x10
[  311.023323][ T9566]  ? fs_reclaim_acquire+0x7d/0x100
[  311.023344][ T9566]  should_fail_ex+0x414/0x560
[  311.023373][ T9566]  should_failslab+0xa8/0x100
[  311.023398][ T9566]  __kmalloc_noprof+0xcb/0x4f0
[  311.023417][ T9566]  ? kfree+0x4d/0x440
[  311.023434][ T9566]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  311.023458][ T9566]  tomoyo_realpath_from_path+0xe3/0x5d0
[  311.023478][ T9566]  ? tomoyo_domain+0xd9/0x130
[  311.023515][ T9566]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  311.023542][ T9566]  tomoyo_path_number_perm+0x1e8/0x5a0
[  311.023568][ T9566]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  311.023613][ T9566]  ? __lock_acquire+0xab9/0xd20
[  311.023656][ T9566]  ? __fget_files+0x2a/0x420
[  311.023675][ T9566]  ? __fget_files+0x2a/0x420
[  311.023687][ T9566]  ? __fget_files+0x3a0/0x420
[  311.023702][ T9566]  ? __fget_files+0x2a/0x420
[  311.023721][ T9566]  security_file_ioctl+0xcb/0x2d0
[  311.023745][ T9566]  __se_sys_ioctl+0x47/0x170
[  311.023767][ T9566]  do_syscall_64+0xfa/0x3b0
[  311.023785][ T9566]  ? lockdep_hardirqs_on+0x9c/0x150
[  311.023802][ T9566]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.023820][ T9566]  ? clear_bhb_loop+0x60/0xb0
[  311.023840][ T9566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.023857][ T9566] RIP: 0033:0x7f6336d8eec9
[  311.023872][ T9566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.023887][ T9566] RSP: 002b:00007f6337cd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  311.023906][ T9566] RAX: ffffffffffffffda RBX: 00007f6336fe5fa0 RCX: 00007f6336d8eec9
[  311.023920][ T9566] RDX: 0000200000000080 RSI: 00000000c0205648 RDI: 0000000000000004
[  311.023936][ T9566] RBP: 00007f6337cd7090 R08: 0000000000000000 R09: 0000000000000000
[  311.023945][ T9566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.023953][ T9566] R13: 00007f6336fe6038 R14: 00007f6336fe5fa0 R15: 00007f633710fa28
[  311.023979][ T9566]  </TASK>
[  311.023987][ T9566] ERROR: Out of memory at tomoyo_realpath_from_path.
[  311.080909][ T9569] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1018'.
[  311.221135][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.297314][    T9] usb 2-1: 0:2 : does not exist
[  311.313644][    T9] usb 2-1: USB disconnect, device number 28
[  311.323386][ T5939] usb 6-1: Using ep0 maxpacket: 32
[  311.345588][ T5939] usb 6-1: config 0 has an invalid interface number: 140 but max is 0
[  311.371238][ T5939] usb 6-1: config 0 has no interface number 0
[  311.395130][ T5939] usb 6-1: config 0 interface 140 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 16
[  311.419171][ T5939] usb 6-1: config 0 interface 140 has no altsetting 0
[  311.429323][ T5939] usb 6-1: New USB device found, idVendor=1bc7, idProduct=1214, bcdDevice=d6.cf
[  311.434189][ T6777] udevd[6777]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  311.439921][ T5939] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.515395][ T5939] usb 6-1: Product: syz
[  311.523138][ T5939] usb 6-1: Manufacturer: syz
[  311.530810][ T5939] usb 6-1: SerialNumber: syz
[  311.559408][ T5939] usb 6-1: config 0 descriptor??
[  311.569226][ T9560] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[  311.587675][ T5939] option 6-1:0.140: GSM modem (1-port) converter detected
[  311.695119][ T9577] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  311.781158][ T5939] usb 6-1: USB disconnect, device number 17
[  311.795466][ T5939] option 6-1:0.140: device disconnected
[  312.343187][ T9592] netlink: 'syz.5.1026': attribute type 3 has an invalid length.
[  312.351215][ T9592] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1026'.
[  312.633700][ T9594] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1026'.
[  312.744686][ T9596] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1027'.
[  312.793877][    T9] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  312.993509][   T10] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[  313.004546][    T9] usb 1-1: Using ep0 maxpacket: 8
[  313.038909][    T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  313.069076][    T9] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  313.108615][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  313.144928][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.180702][   T10] usb 6-1: config 0 has an invalid descriptor of length 60, skipping remainder of the config
[  313.194099][    T9] usb 1-1: Product: syz
[  313.205241][    T9] usb 1-1: Manufacturer: syz
[  313.226748][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 3
[  313.244921][    T9] usb 1-1: SerialNumber: syz
[  313.271812][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  313.303070][   T10] usb 6-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  313.337228][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.426690][   T10] usb 6-1: config 0 descriptor??
[  313.506358][    T9] cdc_ncm 1-1:1.0: bind() failure
[  313.555662][    T9] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  313.565250][    T9] cdc_ncm 1-1:1.1: bind() failure
[  313.583769][    T9] usb 1-1: USB disconnect, device number 28
[  313.874607][ T9607] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  314.398412][ T5879] Bluetooth: hci5: command 0x0406 tx timeout
[  315.373834][   T10] Bluetooth: Can't get state to change to load ram patch err
[  315.504322][ T9630] FAULT_INJECTION: forcing a failure.
[  315.504322][ T9630] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.528968][   T10] Bluetooth: Loading patch file failed
[  315.544793][   T10] ath3k 6-1:0.0: probe with driver ath3k failed with error -71
[  315.568850][ T9630] CPU: 0 UID: 0 PID: 9630 Comm: syz.5.1036 Not tainted syzkaller #0 PREEMPT(full) 
[  315.568875][ T9630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  315.568886][ T9630] Call Trace:
[  315.568893][ T9630]  <TASK>
[  315.568900][ T9630]  dump_stack_lvl+0x189/0x250
[  315.568925][ T9630]  ? __pfx____ratelimit+0x10/0x10
[  315.568944][ T9630]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.568963][ T9630]  ? __pfx__printk+0x10/0x10
[  315.568986][ T9630]  ? __might_fault+0xb0/0x130
[  315.569018][ T9630]  should_fail_ex+0x414/0x560
[  315.569046][ T9630]  _copy_from_iter+0x1de/0x1790
[  315.569073][ T9630]  ? rcu_is_watching+0x15/0xb0
[  315.569092][ T9630]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  315.569115][ T9630]  ? __pfx__copy_from_iter+0x10/0x10
[  315.569136][ T9630]  ? __build_skb_around+0x257/0x3e0
[  315.569158][ T9630]  ? netlink_sendmsg+0x642/0xb30
[  315.569175][ T9630]  ? skb_put+0x11b/0x210
[  315.569197][ T9630]  netlink_sendmsg+0x6b2/0xb30
[  315.569224][ T9630]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.569245][ T9630]  ? aa_sock_msg_perm+0xf1/0x1d0
[  315.569273][ T9630]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  315.569290][ T9630]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.569309][ T9630]  __sock_sendmsg+0x21c/0x270
[  315.569335][ T9630]  ____sys_sendmsg+0x505/0x830
[  315.569360][ T9630]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.569394][ T9630]  ? import_iovec+0x74/0xa0
[  315.569417][ T9630]  ___sys_sendmsg+0x21f/0x2a0
[  315.569440][ T9630]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.569495][ T9630]  ? __fget_files+0x2a/0x420
[  315.569510][ T9630]  ? __fget_files+0x3a0/0x420
[  315.569530][ T9630]  __x64_sys_sendmsg+0x19b/0x260
[  315.569553][ T9630]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  315.569582][ T9630]  ? __pfx_ksys_write+0x10/0x10
[  315.569602][ T9630]  ? rcu_is_watching+0x15/0xb0
[  315.569624][ T9630]  ? do_syscall_64+0xbe/0x3b0
[  315.569646][ T9630]  do_syscall_64+0xfa/0x3b0
[  315.569662][ T9630]  ? lockdep_hardirqs_on+0x9c/0x150
[  315.569679][ T9630]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.569696][ T9630]  ? clear_bhb_loop+0x60/0xb0
[  315.569716][ T9630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.569733][ T9630] RIP: 0033:0x7f05a9b8eec9
[  315.569747][ T9630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.569762][ T9630] RSP: 002b:00007f05aaaf4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.569780][ T9630] RAX: ffffffffffffffda RBX: 00007f05a9de5fa0 RCX: 00007f05a9b8eec9
[  315.569794][ T9630] RDX: 0000000000000880 RSI: 0000200000000640 RDI: 0000000000000003
[  315.569806][ T9630] RBP: 00007f05aaaf4090 R08: 0000000000000000 R09: 0000000000000000
[  315.569816][ T9630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.569827][ T9630] R13: 00007f05a9de6038 R14: 00007f05a9de5fa0 R15: 00007f05a9f0fa28
[  315.569855][ T9630]  </TASK>
[  315.915035][   T10] usb 6-1: USB disconnect, device number 18
[  316.007065][ T9632] FAULT_INJECTION: forcing a failure.
[  316.007065][ T9632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.020469][ T9632] CPU: 0 UID: 0 PID: 9632 Comm: syz.3.1037 Not tainted syzkaller #0 PREEMPT(full) 
[  316.020500][ T9632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  316.020510][ T9632] Call Trace:
[  316.020517][ T9632]  <TASK>
[  316.020523][ T9632]  dump_stack_lvl+0x189/0x250
[  316.020546][ T9632]  ? __pfx____ratelimit+0x10/0x10
[  316.020564][ T9632]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.020580][ T9632]  ? __pfx__printk+0x10/0x10
[  316.020594][ T9632]  ? __might_fault+0xb0/0x130
[  316.020613][ T9632]  should_fail_ex+0x414/0x560
[  316.020631][ T9632]  _copy_from_iter+0x1de/0x1790
[  316.020647][ T9632]  ? rcu_is_watching+0x15/0xb0
[  316.020658][ T9632]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  316.020672][ T9632]  ? __pfx__copy_from_iter+0x10/0x10
[  316.020684][ T9632]  ? __build_skb_around+0x257/0x3e0
[  316.020697][ T9632]  ? netlink_sendmsg+0x642/0xb30
[  316.020707][ T9632]  ? skb_put+0x11b/0x210
[  316.020720][ T9632]  netlink_sendmsg+0x6b2/0xb30
[  316.020734][ T9632]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.020746][ T9632]  ? aa_sock_msg_perm+0xf1/0x1d0
[  316.020758][ T9632]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  316.020768][ T9632]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.020779][ T9632]  __sock_sendmsg+0x21c/0x270
[  316.020795][ T9632]  ____sys_sendmsg+0x505/0x830
[  316.020811][ T9632]  ? __pfx_____sys_sendmsg+0x10/0x10
[  316.020827][ T9632]  ? import_iovec+0x74/0xa0
[  316.020841][ T9632]  ___sys_sendmsg+0x21f/0x2a0
[  316.020854][ T9632]  ? __pfx____sys_sendmsg+0x10/0x10
[  316.020884][ T9632]  ? __fget_files+0x2a/0x420
[  316.020893][ T9632]  ? __fget_files+0x3a0/0x420
[  316.020906][ T9632]  __x64_sys_sendmsg+0x19b/0x260
[  316.020920][ T9632]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  316.020937][ T9632]  ? __pfx_ksys_write+0x10/0x10
[  316.020949][ T9632]  ? rcu_is_watching+0x15/0xb0
[  316.020960][ T9632]  ? do_syscall_64+0xbe/0x3b0
[  316.020973][ T9632]  do_syscall_64+0xfa/0x3b0
[  316.020983][ T9632]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.020993][ T9632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.021002][ T9632]  ? clear_bhb_loop+0x60/0xb0
[  316.021014][ T9632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.021023][ T9632] RIP: 0033:0x7fe8c278eec9
[  316.021033][ T9632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.021042][ T9632] RSP: 002b:00007fe8c3552038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.021053][ T9632] RAX: ffffffffffffffda RBX: 00007fe8c29e5fa0 RCX: 00007fe8c278eec9
[  316.021060][ T9632] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000c
[  316.021066][ T9632] RBP: 00007fe8c3552090 R08: 0000000000000000 R09: 0000000000000000
[  316.021072][ T9632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.021078][ T9632] R13: 00007fe8c29e6038 R14: 00007fe8c29e5fa0 R15: 00007fe8c2b0fa28
[  316.021092][ T9632]  </TASK>
[  316.021776][ T9631] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  316.508426][ T9639] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1038'.
[  316.526191][ T9639] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1038'.
[  317.207359][ T9654] FAULT_INJECTION: forcing a failure.
[  317.207359][ T9654] name failslab, interval 1, probability 0, space 0, times 0
[  317.224220][ T9654] CPU: 0 UID: 0 PID: 9654 Comm: syz.0.1043 Not tainted syzkaller #0 PREEMPT(full) 
[  317.224245][ T9654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  317.224255][ T9654] Call Trace:
[  317.224261][ T9654]  <TASK>
[  317.224269][ T9654]  dump_stack_lvl+0x189/0x250
[  317.224293][ T9654]  ? __pfx____ratelimit+0x10/0x10
[  317.224312][ T9654]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.224331][ T9654]  ? __pfx__printk+0x10/0x10
[  317.224359][ T9654]  ? __ip_dev_find+0x444/0x4e0
[  317.224377][ T9654]  ? __ip_dev_find+0xa2/0x4e0
[  317.224397][ T9654]  should_fail_ex+0x414/0x560
[  317.224426][ T9654]  should_failslab+0xa8/0x100
[  317.224450][ T9654]  kmem_cache_alloc_noprof+0x73/0x3c0
[  317.224471][ T9654]  ? dst_alloc+0x105/0x170
[  317.224495][ T9654]  dst_alloc+0x105/0x170
[  317.224513][ T9654]  ? ip_check_mc_rcu+0x4c7/0x680
[  317.224535][ T9654]  ip_route_output_key_hash_rcu+0x1560/0x23e0
[  317.224567][ T9654]  ? ip_route_output_key_hash+0xde/0x2e0
[  317.224590][ T9654]  ip_route_output_key_hash+0x1b9/0x2e0
[  317.224610][ T9654]  ? __lock_acquire+0xab9/0xd20
[  317.224633][ T9654]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  317.224671][ T9654]  ip_route_output_flow+0x2a/0x150
[  317.224690][ T9654]  ? security_sk_classify_flow+0x70/0x180
[  317.224714][ T9654]  udp_sendmsg+0x142e/0x2170
[  317.224752][ T9654]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  317.224776][ T9654]  ? __pfx_udp_sendmsg+0x10/0x10
[  317.224829][ T9654]  ? __local_bh_enable_ip+0x12d/0x1c0
[  317.224846][ T9654]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  317.224865][ T9654]  ? do_raw_spin_unlock+0x122/0x240
[  317.224886][ T9654]  ? inet_sendmsg+0x14f/0x370
[  317.224909][ T9654]  ? inet_sendmsg+0x29c/0x370
[  317.224935][ T9654]  __sock_sendmsg+0x19c/0x270
[  317.224960][ T9654]  ____sys_sendmsg+0x505/0x830
[  317.224984][ T9654]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.225011][ T9654]  ? import_iovec+0x74/0xa0
[  317.225035][ T9654]  ___sys_sendmsg+0x21f/0x2a0
[  317.225056][ T9654]  ? __pfx____sys_sendmsg+0x10/0x10
[  317.225120][ T9654]  ? __fget_files+0x2a/0x420
[  317.225134][ T9654]  ? __fget_files+0x3a0/0x420
[  317.225160][ T9654]  __x64_sys_sendmsg+0x19b/0x260
[  317.225183][ T9654]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  317.225213][ T9654]  ? __pfx_ksys_write+0x10/0x10
[  317.225232][ T9654]  ? rcu_is_watching+0x15/0xb0
[  317.225254][ T9654]  ? do_syscall_64+0xbe/0x3b0
[  317.225273][ T9654]  do_syscall_64+0xfa/0x3b0
[  317.225288][ T9654]  ? lockdep_hardirqs_on+0x9c/0x150
[  317.225304][ T9654]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.225319][ T9654]  ? clear_bhb_loop+0x60/0xb0
[  317.225339][ T9654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.225354][ T9654] RIP: 0033:0x7f4ce798eec9
[  317.225369][ T9654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.225384][ T9654] RSP: 002b:00007f4ce8754038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.225402][ T9654] RAX: ffffffffffffffda RBX: 00007f4ce7be5fa0 RCX: 00007f4ce798eec9
[  317.225415][ T9654] RDX: 0000000000004844 RSI: 0000200000000380 RDI: 0000000000000003
[  317.225425][ T9654] RBP: 00007f4ce8754090 R08: 0000000000000000 R09: 0000000000000000
[  317.225436][ T9654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.225444][ T9654] R13: 00007f4ce7be6038 R14: 00007f4ce7be5fa0 R15: 00007f4ce7d0fa28
[  317.225470][ T9654]  </TASK>
[  317.728183][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  317.755511][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  317.875305][ T9662] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1045'.
[  317.888060][ T9662] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1045'.
[  317.897035][ T9662] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1045'.
[  317.906268][ T9662] netlink: 'syz.1.1045': attribute type 20 has an invalid length.
[  319.166701][  T982] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  319.497478][  T982] usb 1-1: device descriptor read/64, error -71
[  319.536667][ T9695] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  319.774321][  T982] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  320.169000][  T982] usb 1-1: device descriptor read/64, error -71
[  320.289553][  T982] usb usb1-port1: attempt power cycle
[  320.658865][  T982] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  320.729632][  T982] usb 1-1: device descriptor read/8, error -71
[  320.974903][  T982] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  320.986546][ T5873] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  321.015017][  T982] usb 1-1: device descriptor read/8, error -71
[  321.033875][ T9713] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1057'.
[  321.139235][  T982] usb usb1-port1: unable to enumerate USB device
[  321.233006][ T5873] usb 7-1: Using ep0 maxpacket: 32
[  321.250465][ T5873] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  321.260114][ T5873] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.273166][ T5873] usb 7-1: Product: syz
[  321.277490][ T5873] usb 7-1: Manufacturer: syz
[  321.282554][ T5873] usb 7-1: SerialNumber: syz
[  321.298541][ T5873] usb 7-1: config 0 descriptor??
[  321.318087][ T5873] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  321.847662][ T5873] gspca_ov534_9: reg_w failed -110
[  322.548729][ T5873] gspca_ov534_9: Unknown sensor 0000
[  322.548829][ T5873] ov534_9 7-1:0.0: probe with driver ov534_9 failed with error -22
[  322.848226][ T9731] syzkaller0: entered promiscuous mode
[  322.862141][ T9731] syzkaller0: entered allmulticast mode
[  322.873030][ T9731] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  324.417729][ T9753] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1071'.
[  324.431190][ T9753] vlan3: entered promiscuous mode
[  324.517793][ T5873] usb 7-1: USB disconnect, device number 5
[  325.654420][ T9778] syzkaller0: entered promiscuous mode
[  325.899707][ T9778] syzkaller0: entered allmulticast mode
[  325.907415][ T9781] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  326.013762][ T9787] netlink: 'syz.3.1081': attribute type 3 has an invalid length.
[  326.024515][ T9787] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1081'.
[  326.310989][ T9787] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1081'.
[  326.598884][   T24] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  326.761026][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  326.847489][   T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3
[  326.886280][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[  327.289246][   T24] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  327.322199][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.378202][   T24] usb 4-1: config 0 descriptor??
[  328.179930][  T982] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  328.573164][  T982] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  328.588193][  T982] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  329.288837][   T24] usb 4-1: string descriptor 0 read error: -71
[  329.305112][  T982] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  329.348042][  T982] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  329.391360][   T24] Bluetooth: Can't get state to change to load ram patch err
[  329.449851][  T982] usb 6-1: string descriptor 0 read error: -71
[  329.456225][  T982] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  329.458197][   T24] Bluetooth: Loading patch file failed
[  329.487555][  T982] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  329.498463][  T982] usb 6-1: can't set config #1, error -71
[  329.506042][  T982] usb 6-1: USB disconnect, device number 19
[  329.633292][   T24] ath3k 4-1:0.0: probe with driver ath3k failed with error -71
[  329.684303][   T24] usb 4-1: USB disconnect, device number 21
[  330.107603][ T9842] netlink: 'syz.6.1094': attribute type 29 has an invalid length.
[  330.259266][ T9846] FAULT_INJECTION: forcing a failure.
[  330.259266][ T9846] name failslab, interval 1, probability 0, space 0, times 0
[  330.304444][ T9846] CPU: 0 UID: 0 PID: 9846 Comm: syz.5.1096 Not tainted syzkaller #0 PREEMPT(full) 
[  330.304462][ T9846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  330.304468][ T9846] Call Trace:
[  330.304473][ T9846]  <TASK>
[  330.304478][ T9846]  dump_stack_lvl+0x189/0x250
[  330.304494][ T9846]  ? __pfx____ratelimit+0x10/0x10
[  330.304505][ T9846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  330.304516][ T9846]  ? __pfx__printk+0x10/0x10
[  330.304533][ T9846]  ? __pfx___might_resched+0x10/0x10
[  330.304544][ T9846]  should_fail_ex+0x414/0x560
[  330.304563][ T9846]  should_failslab+0xa8/0x100
[  330.304578][ T9846]  __kmalloc_node_noprof+0xd1/0x4e0
[  330.304591][ T9846]  ? crypto_create_tfm_node+0x83/0x3f0
[  330.304608][ T9846]  crypto_create_tfm_node+0x83/0x3f0
[  330.304625][ T9846]  crypto_spawn_tfm2+0x5c/0x90
[  330.304637][ T9846]  crypto_gcm_init_tfm+0x4a/0x210
[  330.304650][ T9846]  crypto_create_tfm_node+0x18c/0x3f0
[  330.304666][ T9846]  crypto_spawn_tfm2+0x5c/0x90
[  330.304677][ T9846]  crypto_rfc4106_init_tfm+0x45/0x150
[  330.304691][ T9846]  crypto_create_tfm_node+0x18c/0x3f0
[  330.304707][ T9846]  crypto_alloc_tfm_node+0x172/0x3f0
[  330.304726][ T9846]  alg_bind+0x2fa/0x570
[  330.304745][ T9846]  __sys_bind+0x2c6/0x3e0
[  330.304757][ T9846]  ? __pfx___sys_bind+0x10/0x10
[  330.304773][ T9846]  ? __pfx_ksys_write+0x10/0x10
[  330.304785][ T9846]  ? rcu_is_watching+0x15/0xb0
[  330.304799][ T9846]  __x64_sys_bind+0x7a/0x90
[  330.304809][ T9846]  do_syscall_64+0xfa/0x3b0
[  330.304820][ T9846]  ? lockdep_hardirqs_on+0x9c/0x150
[  330.304829][ T9846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.304839][ T9846]  ? clear_bhb_loop+0x60/0xb0
[  330.304851][ T9846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.304860][ T9846] RIP: 0033:0x7f05a9b8eec9
[  330.304870][ T9846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.304878][ T9846] RSP: 002b:00007f05aaaf4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  330.304890][ T9846] RAX: ffffffffffffffda RBX: 00007f05a9de5fa0 RCX: 00007f05a9b8eec9
[  330.304897][ T9846] RDX: 0000000000000058 RSI: 0000200000000180 RDI: 0000000000000003
[  330.304903][ T9846] RBP: 00007f05aaaf4090 R08: 0000000000000000 R09: 0000000000000000
[  330.304909][ T9846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.304915][ T9846] R13: 00007f05a9de6038 R14: 00007f05a9de5fa0 R15: 00007f05a9f0fa28
[  330.304929][ T9846]  </TASK>
[  331.290186][   T24] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  331.551531][   T24] usb 6-1: unable to get BOS descriptor or descriptor too short
[  331.561799][   T24] usb 6-1: config 176 has an invalid interface number: 218 but max is 0
[  331.688794][   T24] usb 6-1: config 176 has no interface number 0
[  331.715143][   T24] usb 6-1: config 176 interface 218 has no altsetting 0
[  331.752471][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=b231, bcdDevice=85.00
[  331.761822][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.778565][   T24] usb 6-1: Product: syz
[  331.789681][   T24] usb 6-1: Manufacturer: syz
[  331.795982][ T9862] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1101'.
[  331.859251][   T24] usb 6-1: SerialNumber: syz
[  332.850838][ T9850] batadv_slave_1: entered promiscuous mode
[  332.929070][ T9850] batadv_slave_1: left promiscuous mode
[  333.030397][   T24] ipheth 6-1:176.218: Unable to find alternate settings interface
[  333.108945][   T24] usb 6-1: USB disconnect, device number 20
[  333.575969][ T9887] trusted_key: encrypted_key: master key parameter 'sbiWlC��Ҡ0b�Baޱ�T�gw�H��X}\�h����p��zc��+�t�a�����G�qv�b�@�N%��%�ay��' is invalid
[  334.669218][ T9903] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  335.149136][   T31] INFO: task kworker/1:4:5930 blocked for more than 144 seconds.
[  335.238494][   T31]       Not tainted syzkaller #0
[  335.246964][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  335.274189][   T31] task:kworker/1:4     state:D stack:21624 pid:5930  tgid:5930  ppid:2      task_flags:0x4208060 flags:0x00004000
[  335.351214][   T31] Workqueue: usb_hub_wq hub_event
[  335.369883][   T31] Call Trace:
[  335.382107][   T31]  <TASK>
[  335.468735][   T31]  __schedule+0x1798/0x4cc0
[  335.542169][   T31]  ? __pfx___schedule+0x10/0x10
[  335.560653][   T31]  ? schedule+0x91/0x360
[  335.592377][   T31]  schedule+0x165/0x360
[  335.615324][   T31]  schedule_timeout+0x9a/0x270
[  335.650490][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  335.686662][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  335.736762][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  335.751033][   T31]  ? wait_for_completion+0x267/0x5d0
[  335.773551][   T31]  wait_for_completion+0x2bf/0x5d0
[  335.795834][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  335.823723][   T31]  i2c_del_adapter+0x581/0x6e0
[  335.840307][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  335.862619][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  335.884779][   T31]  ? dvb_usbv2_exit+0x85a/0x9e0
[  335.926238][   T31]  dvb_usbv2_probe+0x4ae/0x41a0
[  335.978812][   T31]  ? __pfx_dvb_usbv2_probe+0x10/0x10
[  336.002610][   T31]  ? __pm_runtime_set_status+0x785/0xa50
[  336.029265][   T31]  usb_probe_interface+0x668/0xc30
[  336.056825][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  336.093339][   T31]  really_probe+0x26a/0x9e0
[  336.115880][   T31]  __driver_probe_device+0x18c/0x2f0
[  336.129135][   T31]  driver_probe_device+0x4f/0x430
[  336.134453][   T31]  __device_attach_driver+0x2ce/0x530
[  336.152158][   T31]  bus_for_each_drv+0x251/0x2e0
[  336.168653][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  336.186135][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  336.201896][   T31]  __device_attach+0x2b8/0x400
[  336.214734][   T31]  ? __pfx___device_attach+0x10/0x10
[  336.228069][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  336.237173][   T31]  bus_probe_device+0x185/0x260
[  336.243917][   T31]  device_add+0x7b6/0xb50
[  336.259350][   T31]  usb_set_configuration+0x1a87/0x20e0
[  336.264895][   T31]  usb_generic_driver_probe+0x8d/0x150
[  336.272417][   T31]  usb_probe_device+0x1c4/0x390
[  336.277308][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  336.282753][   T31]  really_probe+0x26a/0x9e0
[  336.287477][   T31]  __driver_probe_device+0x18c/0x2f0
[  336.292938][   T31]  driver_probe_device+0x4f/0x430
[  336.297982][   T31]  __device_attach_driver+0x2ce/0x530
[  336.303427][   T31]  bus_for_each_drv+0x251/0x2e0
[  336.308337][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  336.314509][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  336.320024][   T31]  __device_attach+0x2b8/0x400
[  336.324804][   T31]  ? __pfx___device_attach+0x10/0x10
[  336.330227][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  336.335442][   T31]  bus_probe_device+0x185/0x260
[  336.340432][   T31]  device_add+0x7b6/0xb50
[  336.344780][   T31]  usb_new_device+0xa39/0x16f0
[  336.352560][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  336.357894][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  336.363941][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.369636][   T31]  hub_event+0x2958/0x4a20
[  336.374145][   T31]  ? __pfx_hub_event+0x10/0x10
[  336.379405][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  336.385172][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  336.390993][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  336.396738][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  336.402761][   T31]  process_scheduled_works+0xae1/0x17b0
[  336.408379][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  336.414615][   T31]  worker_thread+0x8a0/0xda0
[  336.419299][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  336.425659][   T31]  ? __kthread_parkme+0x7b/0x200
[  336.430731][   T31]  kthread+0x70e/0x8a0
[  336.434986][   T31]  ? __pfx_worker_thread+0x10/0x10
[  336.440148][   T31]  ? __pfx_kthread+0x10/0x10
[  336.444758][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  336.450199][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.455450][   T31]  ? __pfx_kthread+0x10/0x10
[  336.460327][   T31]  ret_from_fork+0x439/0x7d0
[  336.466129][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  336.472260][   T31]  ? __switch_to_asm+0x39/0x70
[  336.477040][   T31]  ? __switch_to_asm+0x33/0x70
[  336.481892][   T31]  ? __pfx_kthread+0x10/0x10
[  336.486734][   T31]  ret_from_fork_asm+0x1a/0x30
[  336.491686][   T31]  </TASK>
[  336.494739][   T31] INFO: task syz.2.419:7472 blocked for more than 145 seconds.
[  336.502562][   T31]       Not tainted syzkaller #0
[  336.507509][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  336.516320][   T31] task:syz.2.419       state:D stack:25032 pid:7472  tgid:7471  ppid:5885   task_flags:0x400140 flags:0x00004004
[  336.528336][   T31] Call Trace:
[  336.531667][   T31]  <TASK>
[  336.534639][   T31]  __schedule+0x1798/0x4cc0
[  336.539362][   T31]  ? __pfx___schedule+0x10/0x10
[  336.544262][   T31]  ? schedule+0x91/0x360
[  336.548603][   T31]  schedule+0x165/0x360
[  336.552976][   T31]  schedule_preempt_disabled+0x13/0x30
[  336.558442][   T31]  __mutex_lock+0x7e6/0x1350
[  336.563145][   T31]  ? __mutex_lock+0x5bb/0x1350
[  336.568929][   T31]  ? usbdev_open+0x16e/0x760
[  336.573802][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  336.578967][   T31]  ? bus_find_device+0x273/0x2b0
[  336.583918][   T31]  ? __pfx_bus_find_device+0x10/0x10
[  336.589300][   T31]  ? __kasan_kmalloc+0x93/0xb0
[  336.594100][   T31]  ? usbdev_open+0xa7/0x760
[  336.598745][   T31]  usbdev_open+0x16e/0x760
[  336.603222][   T31]  ? __pfx_usbdev_open+0x10/0x10
[  336.608171][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  336.613477][   T31]  chrdev_open+0x4c9/0x5e0
[  336.617915][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  336.622925][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[  336.629423][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  336.634413][   T31]  do_dentry_open+0x950/0x13f0
[  336.639273][   T31]  vfs_open+0x3b/0x340
[  336.643396][   T31]  ? path_openat+0x2ecd/0x3830
[  336.648216][   T31]  path_openat+0x2ee5/0x3830
[  336.652911][   T31]  ? arch_stack_walk+0xfc/0x150
[  336.657777][   T31]  ? stack_depot_save_flags+0x40/0x860
[  336.663337][   T31]  ? __pfx_path_openat+0x10/0x10
[  336.669247][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.675355][   T31]  do_filp_open+0x1fa/0x410
[  336.679924][   T31]  ? __lock_acquire+0xab9/0xd20
[  336.684792][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  336.690003][   T31]  ? _raw_spin_unlock+0x28/0x50
[  336.694885][   T31]  ? alloc_fd+0x64c/0x6c0
[  336.699286][   T31]  do_sys_openat2+0x121/0x1c0
[  336.703977][   T31]  ? __se_sys_futex+0x36f/0x400
[  336.708910][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  336.714124][   T31]  ? rcu_is_watching+0x15/0xb0
[  336.718941][   T31]  __x64_sys_openat+0x138/0x170
[  336.723817][   T31]  do_syscall_64+0xfa/0x3b0
[  336.728328][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.733634][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.739774][   T31]  ? clear_bhb_loop+0x60/0xb0
[  336.744503][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.750554][   T31] RIP: 0033:0x7f64f578d710
[  336.755089][   T31] RSP: 002b:00007f64f6637b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  336.763653][   T31] RAX: ffffffffffffffda RBX: 0000000000000a00 RCX: 00007f64f578d710
[  336.772804][   T31] RDX: 0000000000000a00 RSI: 00007f64f6637c10 RDI: 00000000ffffff9c
[  336.780884][   T31] RBP: 00007f64f6637c10 R08: 0000000000000000 R09: 0000000000000000
[  336.788953][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  336.796930][   T31] R13: 00007f64f59e6038 R14: 00007f64f59e5fa0 R15: 00007f64f5b0fa28
[  336.804976][   T31]  </TASK>
[  336.808042][   T31] 
[  336.808042][   T31] Showing all locks held in the system:
[  336.816140][   T31] 3 locks held by kworker/1:0/24:
[  336.821257][   T31]  #0: ffff8880b8639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[  336.832444][   T31]  #1: ffff8880b8724008 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  336.844359][   T31]  #2: ffff8880b8725918 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x1ae/0xf30
[  336.858377][   T31] 1 lock held by khungtaskd/31:
[  336.863302][   T31]  #0: ffffffff8e13a0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  336.873430][   T31] 2 locks held by kworker/u8:4/64:
[  336.878582][   T31] 2 locks held by getty/5627:
[  336.883374][   T31]  #0: ffff88814d6510a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  336.893250][   T31]  #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  336.903746][   T31] 5 locks held by kworker/1:4/5930:
[  336.909981][   T31]  #0: ffff888020e9a148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  336.921659][   T31]  #1: ffffc9000488fbc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  336.934177][   T31]  #2: ffff8881457ae198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a20
[  336.946795][   T31]  #3: ffff8880202b9198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  336.956550][   T31]  #4: ffff888065bdf160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  336.966101][   T31] 1 lock held by syz.2.419/7472:
[  336.971148][   T31]  #0: ffff8881457ae198 (&dev->mutex){....}-{4:4}, at: usbdev_open+0x16e/0x760
[  336.982364][   T31] 
[  336.984735][   T31] =============================================
[  336.984735][   T31] 
[  336.994219][   T31] NMI backtrace for cpu 1
[  336.994234][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  336.994253][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  336.994264][   T31] Call Trace:
[  336.994271][   T31]  <TASK>
[  336.994278][   T31]  dump_stack_lvl+0x189/0x250
[  336.994305][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.994331][   T31]  ? __pfx__printk+0x10/0x10
[  336.994363][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  336.994387][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  336.994412][   T31]  ? __pfx__printk+0x10/0x10
[  336.994437][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  336.994463][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  336.994487][   T31]  watchdog+0xf93/0xfe0
[  336.994514][   T31]  ? watchdog+0x1de/0xfe0
[  336.994540][   T31]  kthread+0x70e/0x8a0
[  336.994563][   T31]  ? __pfx_watchdog+0x10/0x10
[  336.994582][   T31]  ? __pfx_kthread+0x10/0x10
[  336.994603][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  336.994627][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.994642][   T31]  ? __pfx_kthread+0x10/0x10
[  336.994662][   T31]  ret_from_fork+0x439/0x7d0
[  336.994682][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  336.994705][   T31]  ? __switch_to_asm+0x39/0x70
[  336.994723][   T31]  ? __switch_to_asm+0x33/0x70
[  336.994741][   T31]  ? __pfx_kthread+0x10/0x10
[  336.994763][   T31]  ret_from_fork_asm+0x1a/0x30
[  336.994798][   T31]  </TASK>
[  336.994804][   T31] Sending NMI from CPU 1 to CPUs 0:
[  337.141796][    C0] NMI backtrace for cpu 0
[  337.141819][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[  337.141836][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  337.141846][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  337.141868][    C0] Code: 53 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d b3 d9 0d 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  337.141882][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[  337.141896][    C0] RAX: 8427de6d77099300 RBX: ffffffff819683f8 RCX: 8427de6d77099300
[  337.141909][    C0] RDX: 0000000000000001 RSI: ffffffff8d9ba307 RDI: ffffffff8be33f80
[  337.141919][    C0] RBP: ffffffff8de07eb8 R08: ffff8880b8632f9b R09: 1ffff110170c65f3
[  337.141931][    C0] R10: dffffc0000000000 R11: ffffed10170c65f4 R12: ffffffff8fa3a730
[  337.141944][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a20
[  337.141954][    C0] FS:  0000000000000000(0000) GS:ffff888125c13000(0000) knlGS:0000000000000000
[  337.141967][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  337.141978][    C0] CR2: 0000200000404030 CR3: 0000000024b02000 CR4: 00000000003526f0
[  337.141991][    C0] Call Trace:
[  337.142002][    C0]  <TASK>
[  337.142007][    C0]  default_idle+0x13/0x20
[  337.142024][    C0]  default_idle_call+0x74/0xb0
[  337.142041][    C0]  do_idle+0x1e8/0x510
[  337.142058][    C0]  ? __pfx_do_idle+0x10/0x10
[  337.142080][    C0]  cpu_startup_entry+0x44/0x60
[  337.142095][    C0]  rest_init+0x2de/0x300
[  337.142113][    C0]  start_kernel+0x3a9/0x410
[  337.142130][    C0]  x86_64_start_reservations+0x24/0x30
[  337.142149][    C0]  x86_64_start_kernel+0x143/0x1c0
[  337.142167][    C0]  common_startup_64+0x13e/0x147
[  337.142192][    C0]  </TASK>
[  337.143598][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  337.324081][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  337.333199][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  337.343241][   T31] Call Trace:
[  337.346503][   T31]  <TASK>
[  337.349416][   T31]  dump_stack_lvl+0x99/0x250
[  337.353986][   T31]  ? __asan_memcpy+0x40/0x70
[  337.358552][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.363729][   T31]  ? __pfx__printk+0x10/0x10
[  337.368309][   T31]  vpanic+0x281/0x750
[  337.372283][   T31]  ? __pfx_vpanic+0x10/0x10
[  337.376771][   T31]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  337.382311][   T31]  ? preempt_schedule+0xae/0xc0
[  337.387153][   T31]  ? preempt_schedule_common+0x83/0xd0
[  337.392598][   T31]  panic+0xb9/0xc0
[  337.396307][   T31]  ? __pfx_panic+0x10/0x10
[  337.400793][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  337.406148][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  337.412281][   T31]  watchdog+0xfd2/0xfe0
[  337.416422][   T31]  ? watchdog+0x1de/0xfe0
[  337.420732][   T31]  kthread+0x70e/0x8a0
[  337.424785][   T31]  ? __pfx_watchdog+0x10/0x10
[  337.429446][   T31]  ? __pfx_kthread+0x10/0x10
[  337.434014][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  337.439198][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.444373][   T31]  ? __pfx_kthread+0x10/0x10
[  337.448947][   T31]  ret_from_fork+0x439/0x7d0
[  337.453529][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  337.458647][   T31]  ? __switch_to_asm+0x39/0x70
[  337.463776][   T31]  ? __switch_to_asm+0x33/0x70
[  337.468527][   T31]  ? __pfx_kthread+0x10/0x10
[  337.473119][   T31]  ret_from_fork_asm+0x1a/0x30
[  337.477880][   T31]  </TASK>
[  337.481034][   T31] Kernel Offset: disabled
[  337.485349][   T31] Rebooting in 86400 seconds..