last executing test programs:

21m24.146327309s ago: executing program 4 (id=4266):
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x4002, 0x0, 0x5, 0xffffffff}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='syscall\x00')
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
preadv(r2, 0x0, 0x0, 0x5, 0x0)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000914b2d7a5f518cdd000008000300", @ANYRES32=r5], 0x38}}, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000040)=0x6294, 0x4)
read$FUSE(r3, &(0x7f0000002280)={0x2020}, 0x2020)
socket(0x32, 0x5, 0x5)

21m23.933436215s ago: executing program 4 (id=4267):
r0 = syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01)
writev(r0, &(0x7f0000000080), 0x0)

21m23.748509739s ago: executing program 4 (id=4269):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f00000042c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/163, 0xa3, 0x1200}, 0x5}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

21m22.681218424s ago: executing program 4 (id=4275):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_buf(r2, 0x29, 0x46, 0x0, &(0x7f0000000d80))
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x4, 0x10058, 0x0, 0x0, 0xa84}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r4 = dup2(r3, r0)
r5 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
recvmsg$unix(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x15}, 0x0)
setsockopt$sock_attach_bpf(r5, 0x107, 0x12, &(0x7f00000008c0)=r8, 0x4)
r9 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r9, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r9, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000240)="27050200340f14000600002fb96dbcf706060000170008005f45f491bdd54ec5ff1144ee162fd4b8bf7256da82f600102c21880b00000000010040570000000600004000000000805db18f", 0x4b}, {&(0x7f0000002280)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f472bbdc8e3a2275f2587f0da0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292e24a9952f18ec3d8b37bb3391096c1d4442a754899299321c03cbcfb98a26994b2a072c2b9d9c70d619545e5f61b050e40166d2ff57dcc008f24fd5339e7bc21e25863f80d2487c30b6bf781608a31d68e9319ab1712d8f5bdde849c040417c864cbfd3923dcb9fc6bdc2ea53334184b03efcb631dc68f0a7b6e13eea4b80d4237120e32932ca4e2b50bad0a35496d36a191d91f03b477b9587bc0ba489932e34f819fa1524ebad53a3d94b46c6aeff4f42fa067729fbb2862c09d337a75e0c8429d4bfe0dee2e1e23e8c22787178600ecca135623731e4701f35bd4e7c936a8ee274120e7662328a5aba1161b05889b045696721c79bff0547efe051f3c5de77fdd3c77afd41a1a7747a982b7efb0d6bac7d3ad1f9b7c3a5a1448b35696f03bca1c875e346edc55b7a271c3e5f3c0df72c8e4d7cccfa2e9b598f0ae06efbc1a5d5bd91aed6b32deccf7755cef50fab72633c802533b9d94f17f9be978f2514c47671575ee528fbdddc6194328e605e4d10e293756d20eb8a545f2bfe48df5d1d98a270458392a0a57647dcb8ee005e78877a072d12d0429b9b9957a695c3289b4a59469691115e6ba204181708b9d1ae47418ed594b8128f20c100f5485a84e60d73ab818da73fab78caf42afd1f89cdb29dfdd6676c55ea00d35321bc4878170c62b056b4e03ae556ac804026cabcbc8e79e7a18f2f56442cd650aa2bc88f62ebb65bfafd3e5b4c62ac2e720ff0fdf03c46889df55ff91058319c953f90cd6e7f7b15d56a58ff6128357510c4c618aa25434881d58c39092969ba1f7c444465f16d1f2561991e357bda928f2a50422f774f318fb41169a0d0324a8efd19b940a17c28cda06b750cd02155dbdbd1dc695e190a997ae8f4bb8766983d8db8678a78ae8f044b868549e9c60f7ce25a36300ce07f304e75d285e914b3aec703969df969b2736dd99fcab1944c751f8ef4c34cbb86d5f27ef9982be245949d5579b540750d1eac428b0cd2541295b577573b27e9ecac3934987e85b44bc85e6e307cf6f5683bf1c817369d556a368bc5560a1737aa2bec3cac4689e04fbe851ed4b6c1a355950522f8918af3855fe97ec285da15a20e8119483e7419fa2b0639d5add10b396a8033ec2b98d9a9fca3fc4202d0a6bcfa55798eacafa4c8efafb73a2ab89bb58b0c20364a6ad9c233dfb1bdbb87b8f91e3ab9790e876f906107183419aa7480e327388c01dc5f2d5bcb8a7565cddc4e1275741116416b66bf3adf9e7e31c3fc518740446ed2a394e7699baf9408c62b4c0e7a11dec8f4a67e78a3f00bedae9f55f36c52a1fd4ee3a8be7285f9ca898ee63d3718a7c4603bcb9a24537b34a41a6c0eee4cc609b014d3f4fb928aa7e3fa7a4f97dcef5c0e526b650284ffeda82f603ed9ea1eb6627d29d8bcd6c7e6fe128b1c4463b2cfe50c0ff9a46090635dde4b4d4a984e5a91f7486856cd2bf85088fa4d27b219628be8cdba7004d00985a73fb5b0b4b0f96844e73a8ff7884bdee1a0d6e62decfeebfb56351c135e6580fd61ea806ee5592fe4ffba5c73b8a4a04d44aa52645320cb73fe0c5f14a971d3b3f64c85f5ebaab5e1a061f5186050230286331048e43368e45cfc88e8f4d0d3b1b86b64d5394bc68c2b754389b3c18a45c1edb0496dd88cb3113bbdf1a0f127eb8cd52caf8da95b83d0decad3775b2f2e43776d0d32d447cdd0b267b32775e3473f51a233f8c91a4c07ad669da1844f3d9554f399d43ca1eda29c5c761b3936f845f0c4d1c090000004b5ab3291e06cd86de6116fc3236a11343d6f4ad02199717054ac15b0d0000000000007bd4bea33c0ca36e2c4209026849de21c1da1057f353cc824947d75119e4501b98cb9e621d0644e3f4a75353093557afcee7da41ad368fe1cbb426922772b9b262a861fbce9ae86d6e8c5a8de6a1e8f03456c0a354277a2f3ff46a62b6d6cdee4febf23e2350f94b47a05a4d0e7da37a2e97b899d92ca1f3bd1cded5588593e8bb99b9dce0731fa1174de14b63be2bf7e424f870551f213fab437aac092c2e9798959fa3616465e2b36fd49cc9af902d47debec02558c036ed991f1a3895b37cd70f3c405cca362c885542fd976e73be4cf7580a0c4d5a9527c77c189573e3be07ed15472f6b012939abb5be9f3e8a5b720307fb2dbca48b35d121702cfb6b3690559b08fbeb77d53d37582d7f44fe269ac51665632bf070cfc7445741b70306cb3f19b7fbecd19a78092dfd086a0da019734d95660ba4e5ce5bcf25f09403c32e3ec902f3717cca0eca25e791c2b8c2b8988645afa2446d5218abce136c0dbbafb95e4f4727a29cc567b3f73d5dbc1aeee746653a7f5c445add24a9c1b67d1bfeec85d2a6478e80c3acdb9439aa46c8cf14a98ffa89790ef7a94b3146088566812e28ccbafb466772b7fbb98dcf1e792eb6d0de0829c3c49c5ecdeea3e80017324a0fe724565c4e7a242764e9012442cae44b57c7121889c044be05b5eca70efb649bb528e751f072af93ae2c5053fdce196cce158136f904cf64f2cb8becc2d024f5ec32a38d78b87a4dfe7c53769dadef890efd160eb662cedb18a756aed83edfb9efbbb3648eb399e61f80077e64b95eae9d17083aed05cfc2e148621e36be1f41d373c721a11804fce269c688b0c647d6e1083e336d1f7f90a7a080a83397773cc351531070af5c1a1418f28dce95c01052a314a9ebe39cb9cddb8e7855e58c4a636b7f6250ecad312ede18664c03d92e330935295a35ea3e0306f25ca971300f782ae2f6e79a513732d22ef9b9bc41d17df3352a855cdd19b18f5abd6e6420f4f42f01750a64f6acdb6b46622fafebe3e913c64a1a6a59f980e97deae0dc83c12ccae6b430d7a28f21c3e0e38b32f3d5f1d44927fc34ed5c9ddb5be8eb936dbdcd327b63ea69d86c2da15cb834a18ee51a44f2da7b11d79486942fd04eade92fe5d93342970ca4cc73861b15facf97e9c53c15488c5630b17b9364c58652cfa6de0918327498ba8d6120d3be9139c51a6e9017525772397529ddd4fd1905614fd1cc7f1370a577ad10ec9ea742f9aedc9fee42c3df38f4b35ccb1cf8590eaf770b3f74af21f5119ac238e82e92c83321b06f106530abbbd321c3e1dc948accdc21a586ff37253ad1d0c5bfb51541f876be1b6e4f490046204b9edfe9a9721b9019a495d1efed10d4570f4c75ac56aa862f738b46cfe8899f6d92e862611b35be8931a2460dc646ed332b3046baf48613bbb543f4abda22d3d62a484665ba5bbf8fec1bb199b430a6e96cfad417a1644cc5f7f640004836c60f15a174eb7eb1750a71a141549f393c7d88b8729a33f841f7f8f2bd03dccaaa825f2e29105f6b4c11ac8e06bb3be9dfdecce66294a0be9dbc5f40123644fcac59ed0c968eb62fb14d111e900ad1c038f17d5471ab088f704de7db35753f818f55669a76e621b29d975253d177791e1434644a81b2b8bc4c8e147961b4f1b7f3e225571fecb10906957791b27d35a89e3ce84c91a2dc60aee460d8f41eb7b5e171516ef34d8c7dbbc8122cdeffa51b5a393d2cae7f69826d342d4d81b58ca7ddb0e688a15b39a00ef1aed5db337d1ab87e86f835663a4968c8bf5afd7cf80549f42588d9b8ea04ff3d9eac2b8ffd1155a504230103a68bd8b3c416a10d76cee236442a68393896587bc66c01a5f7f411325578d023d7619a89d0bcbbacae99b925fb72994e1ef4240cddad2294a56bec6d6243b95b04345c215bd48a3aa89786ba39b4d2f5015d8bd038c32a7b0eb02a4eb5a640371d9b4af540eb99a1e26547cc214da21e9538754a802972411a0bf416707b95457d0b77daac9bdf27a82b9aa7992ad1d3815f9a56a746eefa6f7e1913b6e3e859b2cc7797adcae825b7aad17c11e66597042c327a6473489a9664c5ce0ff8b1ecfb691daa0bd50c17f4597826553686bc2ee08eaca8dd6f77c626691699141a698e5b517e02130587ee503c7b5f638cbf32166b0d4ebe9222b6c9d50fb3db9d1ab060c31aabeef52cd51e5cf485eecc741e37a47c4996068f1d4b25f182b9d7bee4bec5cb070d3cea2f9762a41bb8d9ec5896ebcb2b17ca82f29bcce456412d8ed531afda50d259fcb7794216b6a9a873b6c3c4493c0c6d3e6a4f81f3b40dcc745a4e2383c678c472b1d5bf3ff02992bfe893a5bc96824039da1ee3cf8593e7d616d62f6e3c3e2c4e0cc58d5445998cf5b1c91c2468b2571b118709668efbbe72911f1bfa96b97c32f71cd7071f4c729e88631a89b53dd4bae6ef9c4ed082916e267479195599e9871b26b92c6885ded29f990070fddc4d8535088ddc70d6e83f797b6fa2260a92602eb90800000001cb7394f0c90fb5913b2f8d8d24c8f1056920e1facbe643dd49d8983b277da7282a986c28d5468aed9a4730579a20346d35f78b6bd2cacb4b9237fbfb0b7a2314105ff3b074a0e340b904e715e99c501e1435c15eaa262893c2883c90f26d2ff91792d46e4d867b62570e0c1e4739b8ac4fff8f778960de1ae40d4c85c51e1c47040bb2caeaf0c71dbb67c30715b8c14d6921831d7678522eeed29444df421ee206ca3be20d1b5fd2d2baf832f097fef590290eea77f8f3ed00b39841421b61f1c0d01def54bec0348be2216a8dad60838f3ad3595a744edeb6202dbcbd9c73a126a79cbefa43c7db0493103c2aa8fecb5cde1773ad0cdd03f5b0cfb0270642a96a9e14d116e9140501df48cdbf725611b398eb2b9e93f8da49e601099e0b2e880a95525b5f3f2edd74ae9d664a1f2e932493b61634ab53a1e2f3bf56add0a7f09c16853814b03a4212b9a0119420948da26bb171b288a66a2f0a4063754c2910512aa1cead69b94b498b5d4c44ce0a4aaa7855ee1a3b7ca738756a00a435062ccb86a40cc01f666d372f323e087ef5db2bc2d17ed1f72db14c52ca6723ce92ada6ff0c4f498d42d4218a9f799a216facb7377a1532e0755b894bfc0ee99a4072ac54ee5727846631574f348bf650e7d54b0ef3a1b5cc8233e660a2615bb7401f6c23e08ff0ddb488b95504fc42508449b8fdd70afb387016e8c9206482c334f37d26fa3bdb6063f8147db9363e22c4b43b89ba0f68d06646fc1eb74fec0be4f59a17b274e0db67b2c0398250da219c9caf7e0f6cb1f828b6f89a67c8cfd0fe0132bd94261410f8d8d7eb819bc783b8e66a1786285e1e429b71ccc22f7f4c216001375c7a816719e29abc98652b6752923132256cb5f0470223e2c69a9f30d7", 0xeff}], 0x2}, 0x9cdc2384056b48b8)
r10 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x8081)
ioctl$LOOP_CONFIGURE(r10, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r11, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x4)
r12 = socket$kcm(0x11, 0x2, 0x300)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(r12, 0x1, 0x32, &(0x7f0000000000)=r13, 0x4)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)

21m22.285510104s ago: executing program 4 (id=4279):
r0 = syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01)
writev(r0, &(0x7f0000000080), 0x0)

21m21.54660241s ago: executing program 4 (id=4281):
r0 = socket$inet(0x2, 0x4000000805, 0x0)
listen(r0, 0x7)
sendmmsg$inet_sctp(r0, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000840000000000000000000000000000000000000044a40ae95013efff695fa5ec4d4baee15abddb71afe9d23038ca0000fb1a39738552871fed61e0144984c34342ef7b538d442714cd3fd67b08e568056ca5842d95974a1591df5c465e36a749f803d18dd527dcb658b38b5ddea7ce30f5bf1c177b8d77abcf700310d67f8ba57aadb3074d6685f594e5d5658432460144ad9ac066364175c73b0c1e328f2020100036d62a7c69b41be906fff5a81fa3d38dcbfdea21e26a61d567472c3c9e928e7cc7280f577a54eeb629f2c810cf6a2063a16dd5d896fd1a216e5b11171335eb231a7f3d338037195f8940e9b3ec9f"], 0x1c, 0x4008040}], 0x1, 0x44010)

21m20.759201095s ago: executing program 32 (id=4281):
r0 = socket$inet(0x2, 0x4000000805, 0x0)
listen(r0, 0x7)
sendmmsg$inet_sctp(r0, &(0x7f0000000240)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000840000000000000000000000000000000000000044a40ae95013efff695fa5ec4d4baee15abddb71afe9d23038ca0000fb1a39738552871fed61e0144984c34342ef7b538d442714cd3fd67b08e568056ca5842d95974a1591df5c465e36a749f803d18dd527dcb658b38b5ddea7ce30f5bf1c177b8d77abcf700310d67f8ba57aadb3074d6685f594e5d5658432460144ad9ac066364175c73b0c1e328f2020100036d62a7c69b41be906fff5a81fa3d38dcbfdea21e26a61d567472c3c9e928e7cc7280f577a54eeb629f2c810cf6a2063a16dd5d896fd1a216e5b11171335eb231a7f3d338037195f8940e9b3ec9f"], 0x1c, 0x4008040}], 0x1, 0x44010)

10.228946431s ago: executing program 2 (id=9205):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
utime(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_OCB(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x38, r2, 0x1, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x3, 0x2d}}}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x38}}, 0x448d0)

9.877362486s ago: executing program 2 (id=9206):
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
add_key(&(0x7f0000000000)='dns_resolver\x00', 0x0, &(0x7f0000000440)='\x00\x00', 0x2, 0xfffffffffffffffe) (async)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r3 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x8003, 0x25f}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) (async)
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r3, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}}) (async)
io_uring_enter(r3, 0x6e2, 0x600, 0x1, 0x0, 0x0) (async)
r6 = socket$inet6_sctp(0xa, 0x0, 0x84)
openat$uhid(0xffffff9c, &(0x7f0000000340), 0x2, 0x0) (async)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000140)={<r7=>0x0, @in={{0x2, 0x4e20, @empty}}, 0x3, 0x6, 0x6, 0x6, 0x40, 0x3, 0xb}, &(0x7f0000000040)=0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f00000000c0)={0xff13, 0x6, 0x3, 0x0, r7}, 0x10)

8.740953494s ago: executing program 1 (id=9211):
r0 = syz_open_dev$vim2m(&(0x7f0000000380), 0xbb9, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0xb, 0x1, 0x1, "d19d4f623ca87d5f35a2a6ba9b4aee174bdbf7e18a2cd0cc691748f162aa3179", 0x3234564e})

8.599632796s ago: executing program 1 (id=9212):
r0 = openat$dsp1(0xffffff9c, &(0x7f0000000400), 0x400, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000540))
openat2(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)={0x0, 0x40, 0xd}, 0x50)
r1 = openat$dsp1(0xffffff9c, &(0x7f0000000400), 0x2140, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000540))
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000480)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a4, &(0x7f0000000500)={{@any, 0xffffffff}, @host, 0x0, 0x0, 0x4000000f8, 0x0, 0x0, 0x4000000, 0x7})
r3 = fsopen(&(0x7f0000000040)='cramfs\x00', 0x0)
syz_usbip_server_init(0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
sendto$inet(r4, &(0x7f00000000c0)="9d6c6db3a7d12aa13a41e54c5e5609c5ded42bca958e6560e14c17fa5a0168e2bfd23b4d48c2e30871a94154d76e9eb7f1876b11a38506eecb4109ff525e0741c9", 0x41, 0x10000040, 0x0, 0x0)
accept4(r4, 0x0, 0x0, 0x0)

8.333018539s ago: executing program 2 (id=9213):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x18)
recvmmsg(r0, &(0x7f0000005600)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001680)=""/4096, 0x1000}, {0x0}, {&(0x7f00000000c0)=""/134, 0x86}], 0x20000000000000d4}, 0x3}], 0x1, 0x2, 0x0)
syz_clone3(&(0x7f0000000400)={0x400, &(0x7f00000001c0), &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000240), {0x32}, &(0x7f0000000280)=""/14, 0xe, &(0x7f00000002c0)=""/228, &(0x7f00000003c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x5}, 0x58)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000480)=r1)
syz_emit_ethernet(0x86, &(0x7f0000000000)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x17, 0x78, 0x3, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x4, "dadf3f33eca795096ce04b85fb9795e19facc630b128c0641e2ef7255583ea34", "1f5a24a92ab34f6fd109cd1ce17bdf1d", {"47fe387fdb519e704be01891191958f1", "e2b5b9fa5c2f561c278dcd17aa2df6d9"}}}}}}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x10, 0x1409, 0x1, 0x70bd2d, 0x25dfdbfb}, 0x10}, 0x1, 0x0, 0x0, 0x4000000}, 0x2000c080)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000004c0)=@security={'security\x00', 0xe, 0x4, 0x2ac, 0xffffffff, 0x0, 0xb4, 0x0, 0xffffffff, 0xffffffff, 0x268, 0x268, 0x268, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr=0x64010102, @empty, 0xffffff00, 0xffffffff, 'wlan0\x00', 'pimreg1\x00', {0x13dc988d2fac9939}, {0xff}, 0x13, 0x2, 0x51}, 0x0, 0x90, 0xb4, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0xf}, 0xffffff00, 0x0, 'bond_slave_0\x00', 'caif0\x00', {}, {0xff}, 0x2f, 0x1, 0x19}, 0x0, 0x70, 0xcc}, @common=@CLUSTERIP={0x5c, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 0x800, 0x1, [0xc, 0x31, 0x28, 0x24, 0x2, 0x2f, 0x3a, 0x5, 0x3c, 0x23, 0x3e, 0x15, 0x22, 0x32, 0x1a, 0xf], 0x2, 0xd8, 0x9}}}, {{@ip={@local, @private=0xa010100, 0xffffffff, 0xffffffff, 'ipvlan0\x00', 'vlan0\x00', {}, {}, 0x84, 0x2, 0x20}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xe, 0x8}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x308)
sendmmsg$inet6(r4, &(0x7f0000004cc0)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x1ff, @private0, 0x401}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000003c0)="f5", 0x1}], 0x1}}, {{&(0x7f0000000480)={0xa, 0x4e24, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8e}, 0x1c, &(0x7f0000000d80)=[{&(0x7f0000000c40)="ea", 0x1}], 0x1}}], 0x2, 0x40)
shutdown(r4, 0x1)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000140), 0x8)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x50}}, 0x0)

7.619249573s ago: executing program 1 (id=9215):
r0 = socket$inet6(0xa, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000740)={&(0x7f0000000280)=@l2tp={0x2, 0x0, @private}, 0x80, &(0x7f0000000600)=[{&(0x7f00000008c0)=""/16, 0x10}, {&(0x7f0000000300)=""/231, 0xe7}, {&(0x7f0000000400)=""/126, 0x7e}, {&(0x7f0000000480)=""/236, 0xec}, {&(0x7f0000000580)=""/83, 0x53}], 0x5, &(0x7f0000000640)=""/215, 0xd7}, 0x100)
writev(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x3, 0x8, @remote, 0x7}, 0x1c)
set_mempolicy(0x4000, 0x0, 0x3)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)="d4af", 0x2}, {&(0x7f0000000040)="548d41ec04a27e60ceab55fa9a382af2f2c89d19be3e083c72674218ebde3631f3721b41cded397f63de", 0x2a}, {&(0x7f0000000140)="672bc977b2b6f5792c982b3d188b4b6a15d19fff48d6a812e216317e8d478939dcad0dbbebc3ead55f081c5b4117feaac1e706a3387f6388fa72ecb12861cd971c2f04dc5ded0ea13d2e759c03911f3cee24ff18381aff0384f6f696826e9c163f478a0756220fa45160f42fbd0431c63df9d9af0f3e8eb2c8c818ad942b99f346a0f1c280b895e72c0abc1833c57b79edefae1d93a12c0d169ac30298c9b1df8e6c882f22ca5a9c91df96c603fb123a9d4c3a6fe3a79b734ba8b6ebf97aaa0de06cc0e9b326312256f5c08c41b89ae97c24d74157a62356eb4934c1548b82eb735844991c1a1cdd91f4238fc5e1a17f2aeaacc68bb11d9515ddcc", 0xfb}], 0x3, 0x0, 0x0, 0x2c}, 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000780)='%-5lx  \x00'}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'wg0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@bloom_filter={0x1e, 0x1, 0x71, 0x8, 0x1080, r1, 0x28000000, '\x00', r2, 0xffffffffffffffff, 0x4, 0x2, 0x3, 0x2, @void, @value, @void, @value}, 0x50)

7.509469914s ago: executing program 2 (id=9216):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = io_uring_setup(0x7553, &(0x7f0000000200)={0x0, 0x0, 0x200})
r2 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/159, 0x9f}, {0x0}, {&(0x7f0000000280)=""/4086, 0xff6}], 0x0}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0, 0xfffffffffffffcf1}, {0x0, 0xfffffffffffffca0}], 0x0, 0x3}, 0x20)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x44, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040), 0x4)

7.221584687s ago: executing program 2 (id=9218):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x10002, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000000240)=0x9c)
write$binfmt_script(r0, &(0x7f0000000200)={'#! ', '', [], 0xa, "ded31a6abf0ee52b7e0c55c4084e19588831911cb3c98d005c67de185903f9eea9a1b573073407cf28f2176356175db4baf39bd9eadd8e06058600e440730c0aa8ff477d0f3cc91f5c36f14afc29920b2faad962ef5b79e8314288"}, 0x5f)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000049ffe840e5130100534e0000000109021b0001000000000904"], 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
getsockopt(r2, 0x5, 0x2, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000001900010000000000000000001c140000fe0000010000000008001300001a01", @ANYRES64=r4], 0x24}}, 0x4000000)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@mcast1, 0x0, 0xe, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}}, 0xb4}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usbip_server_init(0x4)
r7 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_fuse_handle_req(r7, 0x0, 0x0, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0xbb8)

6.825854067s ago: executing program 3 (id=9221):
syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$can_j1939(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)="04e43cb9f9c577e12a648ef79b0d4c14b768e6a496f80d3164dd638949b56a452986be367fbbc6f67b25d0706490aea3", 0x30}, 0x1, 0x0, 0x0, 0x20040800}, 0x20000084)
recvmmsg$unix(r1, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/66, 0x42}], 0x1}}], 0x1, 0x10101, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r2, &(0x7f0000000480)=[{&(0x7f0000000080)="ecfa69e27e48ea8e96b4f3abb9dc3d9ac49dcf47079d0598373c7640a36a9af6db689726623b3943c8a6b524551cf5edae7e1607334d48790d522604a41c591b4c05f8b2eb822d5b87613510fae9804b3f", 0x51}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
pread64(r3, &(0x7f0000000000)=""/73, 0x49, 0x7)
r4 = socket$l2tp(0x2, 0x2, 0x73)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x3)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(0xffffffffffffffff)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r7, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r8 = socket$kcm(0x2d, 0x2, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYRESOCT=r4, @ANYRESOCT=r4, @ANYRESDEC=r1, @ANYRESHEX=r3], 0xe8}, 0x1, 0x0, 0x0, 0x24000090}, 0x40004)
ioctl$sock_kcm_SIOCKCMATTACH(r8, 0x89e0, 0x0)
r10 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000140)={0x9, 0x1, 0x0, "5a309a426be809a48aa9bc68b9de658caf5999a76c019fefcf54e97d739d47b9", 0x50424752})

6.765329075s ago: executing program 5 (id=9222):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x44)
r2 = syz_open_dev$hidraw(&(0x7f0000001c40), 0x1, 0x4b842)
write$hidraw(r2, &(0x7f0000000bc0), 0xffffffae)
ioctl$HIDIOCGRDESC(r2, 0x4030582a, &(0x7f0000000000)={0xe, "6f5481000000e800000000000003"})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="fea042011c2cbd7000000000002f9c92f1b93c9e8b92fe51600d2af639fb33b3d3bfcd0b8be39d72831259c7923cf7a1d6b556e73f6012b1cb0cc198a9fb4bd073e40d91ef15cacffca62ac08ec27fd824418e2d87e093bf8da708e5c52b4d363bcbfcee935d8f54b6f469bb7b4674458cb5879ed3d33c55c1100da01e71c0ffcceca74c6bc90c333fe5744c15b10087334e3c593b2cb312502675da0cdddc10d3a97346c1e909546ab0f91c26d1fc30a459921d66cc271b56fe40a6f437662706bc51de59bc3f246cb4f9de2ec162e04a5ec4bae492022889c2f74098cd7b0b88d6eb9655b868c9292e2aa724bf73b06bc5b7d73b5c1df0e059a799c8ebac28bc3f45d2d5133686730ad878a37dc5839f5575fd3a6246f2818594826d497f5c520a479e67b41c11f1fd3d", @ANYRES32=r3, @ANYBLOB="28005080110001004abee339084eeef16f162471f4000000050002000000000030ff030005ac0f000a0006000802110000010000"], 0x50}, 0x1, 0x0, 0x0, 0x44151}, 0x0)

5.825375858s ago: executing program 5 (id=9223):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000200)='source', &(0x7f0000000000)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x11\xc9\xc5\xc4\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\\\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xb1\xc3j$v\xefw\x96\\\xff\x01\x00\x00\x00\x00\x00\x00\x00\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x48, r0, 0x801, 0x0, 0x3, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DATA_WEP40={0x9}]}]}, 0x48}}, 0x0)

5.766587753s ago: executing program 0 (id=9224):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc0f8565c, &(0x7f0000000180)={0xe, 0x1, 0x3, {0x1, @raw_data="1f0e4efbdfd56a0bb35a6f24ed601331ad98aaba359516cb73512768b294045d114165a15ed0030a98eabdf657bf137ff76b885d96006972e77f152e60327472002fe0b03f09a092676b6da2b4817e8343ea60f46b2293468f5a0c85b0f751b3d4fbb451d70f06ae78934cb43cbaca9b46adf7bc852cdce6eb264061b2fd329979b2829eb916b1cd432099f7379cb21f005f21414494f050d9aa8afbd1a27c5ffe4cc99d0fb6e922d668e6a830fd8fe405f291d34f031fcefe08e039b01428c537c01a9b4655ae5e"}, 0x6})
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000000000010000040"]) (async)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00'}) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x24000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async, rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (rerun: 64)
r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) (async)
r9 = dup(r8)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c) (async, rerun: 32)
r10 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x4)
r11 = syz_io_uring_setup(0x4e3, &(0x7f0000000480)={0x0, 0x9b8c, 0x10100, 0x0, 0x0, 0x0, r9}, &(0x7f0000000180)=<r12=>0x0, &(0x7f00000001c0)=<r13=>0x0)
syz_io_uring_submit(r12, r13, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, {0x1481}, 0x1}) (async)
io_uring_enter(r11, 0x708, 0x41e3, 0x0, 0x0, 0x0) (async)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) (async)
r14 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r14, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) (async)
syz_usb_connect(0x2, 0x46, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000ebeaa220d0070141c087010203010902"], 0x0) (async)
r15 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCGFEATURE(r15, 0xc0404807, &(0x7f0000000300)={0x62, "a4395026f7fca8f411d271a8ac0352f02647be56f7af5c020d00a854bde7a3a2e42c1c5fcac45b88f2eb03642b134fd8e5b9bfd57889164508e1794a753cea7f"}) (async)
ioctl$HIDIOCGFEATURE(r15, 0xc0404807, &(0x7f0000000040)={0x4, "11988c7ba5bb888131cac156c94e0a000000000000df5be03664724d1dd748c3fa198dcd95bf761a3a4c868b46327ff700000000000000005026b76100"})

5.591145291s ago: executing program 5 (id=9225):
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
preadv(r0, &(0x7f0000000400)=[{0x0, 0x20}, {&(0x7f0000000300)=""/97, 0x61}], 0x2, 0x0, 0x9)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000})

5.32536054s ago: executing program 5 (id=9226):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x40)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x808, r2, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
r3 = socket(0x200000000000011, 0x2, 0x0)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, r2, 0x1, 0x0, 0x6, @random="933c547ecfa7"}, 0x14)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x68, 0xd2}}}}}, 0x0)

5.24645296s ago: executing program 0 (id=9227):
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@my=0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r1=>0x0, 0x3}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={r1, @in6={{0xa, 0x4e21, 0x6, @remote, 0x4}}, 0x400, 0x6, 0x6, 0x4, 0x0, 0x7, 0x22}, 0x9c)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x7, 0x0, 0x0, 0x10, "0062da680000200000000000000100"})
r3 = syz_open_pts(r2, 0x20800)
r4 = dup3(r3, r2, 0x0)
read$FUSE(r4, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

5.195349578s ago: executing program 5 (id=9228):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
io_setup(0x1, &(0x7f0000000b80)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0xfffc, r2, 0x0}])
r4 = getpgid(0x0)
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf}, 0x20)
getdents(r2, &(0x7f0000000100)=""/158, 0x9e)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000040)={0x90, r0, 0x801, 0x0, 0x3, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_KEY={0x74, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac04}, @NL80211_KEY_DATA_WEP40={0x9}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}, @NL80211_KEY_DEFAULT_TYPES={0x8, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_DEFAULT_TYPES={0x1c, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_SEQ={0x12, 0x4, "2123f3892aa38e21c2407a06e5a8"}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}]}]}, 0x90}}, 0x0)

4.921174418s ago: executing program 5 (id=9229):
socket$inet6(0xa, 0x1, 0xffffffff)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3, &(0x7f00000001c0)=0xc, 0x4)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f00000001c0)={0x12, 0x10, 0xfa00, {&(0x7f0000000080), r2, r1}}, 0x18)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FIONREAD(r4, 0x541b, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$uac1(0x3, 0xa4, &(0x7f0000000040)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d240500000500"], 0x0)
sendmsg$nl_generic(r5, 0x0, 0x4000080)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000080)={0x5, 0x802})
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/fib_trie\x00')
read$FUSE(r6, 0x0, 0x0)

4.757100358s ago: executing program 0 (id=9230):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000440)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_ADDFB2(0xffffffffffffffff, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xb0, 0x3ff, 0x34325241, 0x0, [r1], [0x2b8, 0x200000], [0x0, 0x9, 0x0, 0x3], [0x5]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x8, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000680)=[@text16={0x10, &(0x7f0000000280)="66b9800000c00f326635010000000f3064660f38828e4258660f086766c744240012e93bf96766c7442402010000006766c744240600000000670f011c2466b9800000c00f326635002000000f300f01df66b80500000066b900200000a90a000f01c40f019f09000f01c2", 0x6b}], 0x1, 0x7d, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000300)={[0x7, 0x800, 0x100, 0x0, 0x5700000000000000, 0x401, 0x6, 0xfffffffffffffff7, 0x0, 0x13f, 0x100000001, 0xba25, 0xfff, 0x3, 0xfffffffffffffe00, 0x4], 0xeeef0000, 0x1c0080})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{}], 0x1}, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x6, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/ip_tables_names\x00')
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000006800090300000000000000040004000800010001000000000000000000000000b801b90bc1da02cc7c3479e4efa4ddd1ce3f2b638a7a7254dc7a7a41fa47a6b2adee6eac8c51987fabfec1b2eb290f1c45413fc9195ad338189627723d67442eca460c3c7bec24dd7caf8489ca675c2388f63a33550133e6d2d2b7fbf0d3300fd645e4be99eab3b722f849943d4f7801457ab7fb4e7abe1cc135b66a1172b09ae9b8008e175bc42b5c17348e17014c8c8a6807ec84a1b9dfdc70401b80a6140ce38e6d5b51568b407933681cfebd8a4fe42d5bd3cacc0ec25dcc49846a2d84c26515cefa13809d901fbb252f230bc4d3c905962df23fe20033"], 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRES64=r2])
read$FUSE(0xffffffffffffffff, &(0x7f0000006300)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)

4.313052065s ago: executing program 1 (id=9231):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fspick(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sync()
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)

4.001269823s ago: executing program 2 (id=9232):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000800)=@newlink={0x34, 0x10, 0x4, 0x2, 0x4, {0x0, 0x0, 0x0, 0x0, 0x40400, 0x4f21}, [@IFLA_IFNAME={0x14, 0x3, 'sit0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000))
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r3, &(0x7f00000005c0)="f5", 0x1, 0x80c0, &(0x7f0000000240)={0xa, 0x4e20, 0xffbffffc, @rand_addr=' \x01\x00'}, 0x1c)

3.690833835s ago: executing program 0 (id=9233):
r0 = socket(0x21, 0x2, 0x10000000000002)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1000000010010000014800"], 0x10, 0xe000}, 0x5}], 0x1, 0x0) (fail_nth: 1)

3.653335264s ago: executing program 3 (id=9234):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r0, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x8000, 0x2})
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000000000003})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_GET_XSAVE2(r3, 0x9000aecf, &(0x7f00003b8000/0x4000)=nil)
r4 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="d3050000510000007910a8000000000015000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xbb, &(0x7f000000cf3d)=""/187, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, r4, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$full(0xffffff9c, &(0x7f0000000080), 0x800, 0x0)
r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x582b7cad97fe5754, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000140)={'syz_tun\x00', 0x100})
r8 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})
ioctl$VIDIOC_QUERYMENU(r8, 0xc008561c, &(0x7f0000000000)={0x980900, 0x9, @value=0x32b})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10000}, 0x400c828)

2.813977971s ago: executing program 0 (id=9235):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWCHAIN={0x44, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x18, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'ip6gre0\x00'}]}]}], {0x14}}, 0x6c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) (fail_nth: 11)

2.201302912s ago: executing program 3 (id=9236):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x4000002, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)
r1 = socket(0x15, 0x5, 0x0)
socket(0x40000000015, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x271e, 0x0, &(0x7f0000000040))
listen(r0, 0x5)
accept4(r0, 0x0, 0x0, 0x80800)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, 0x2890}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @remote}]}}}]}, 0x3c}, 0x1, 0x2, 0x0, 0xcc844}, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c)

2.132922785s ago: executing program 0 (id=9237):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) (async)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELTABLE={0x1c, 0x2, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x2f0, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x288, 0x3, 0x0, 0x1, [{0x100, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_EXPRESSIONS={0xf0, 0xb, 0x0, 0x1, [{0x64, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_XFRM_SPNUM={0x8}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_XFRM_SPNUM={0x8}]}}}, {0x44, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_ID={0x8, 0x5, 0x1, 0x0, 0x3}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJREF_IMM_TYPE={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0xc, 0x1, 0x0, 0x1, @fib={{0x8}, @void}}, {0x1c, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8}]}}}, {0x1c, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0xf}]}}}]}]}, {0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @numgen={{0xb}, @void}}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0x144, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0xd0, 0xb, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @fib={{0x8}, @void}}, {0xc0, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0xb0, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_SREG_KEY={0x8, 0x4, 0x1, 0x0, 0x10}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_TIMEOUT={0xc, 0x6, 0x1, 0x0, 0xfffffffffffff3b3}, @NFTA_DYNSET_SREG_DATA={0x8, 0x5, 0x1, 0x0, 0x17}, @NFTA_DYNSET_SET_ID={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_DYNSET_EXPR={0x60, 0x7, 0x0, 0x1, {{0xb}, @val={0x50, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0x17}, @NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0xc}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz1\x00'}, @NFTA_LOOKUP_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz2\x00'}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz1\x00'}]}}}, @NFTA_DYNSET_SET_ID={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_DYNSET_FLAGS={0x8, 0x9, 0x1, 0x0, 0x2}]}}}]}, @NFTA_SET_ELEM_EXPR={0x24, 0x7, 0x0, 0x1, @numgen={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_NG_TYPE={0x8}, @NFTA_NG_DREG={0x8}]}}}, @NFTA_SET_ELEM_EXPR={0x4c, 0x7, 0x0, 0x1, @meta={{0x9}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_META_SREG={0x8}, @NFTA_META_KEY={0x8}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x3}]}}}]}, {0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}]}, @NFT_MSG_DELOBJ={0x30, 0x14, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x7}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x6}]}, @NFT_MSG_DELRULE={0xd4, 0x8, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT={0x34, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x88}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x21}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x883e}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x88}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @osf={{0x8}, @void}}, {0x24, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x1}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWRULE={0x180, 0x6, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_RULE_USERDATA={0xfb, 0x7, 0x1, 0x0, "82b3e8e044cf973f1f06195cfe74eba308bbb90edc12e5c3e811deceb604a390b593a1d5e96592bc5a226bf504e1e352f535b766a6cbdbde2d717ba8d07b1146539cd88124cd3bee142f6254bf8e612259971cbc41e2613202eefc5240335ce3a843d21677222d1821190e8f758c92ebaa1326e2752eed757c38a864f08a141b242807a9fe2df2cf204d74aeaab0a69159c753a9e65121f8104b45e10d0c8532c0b0afa9258c8bf641d4fc570923ef8653b4815a9ec4f9fdce6e953ef881cd98e75ca7d1522cd69ce3fe980f2a1f4635839650458be67d34a2b1a3335b19dab560acfdd4baf27672ad0b118c4173eb775abff815c12a47"}, @NFTA_RULE_POSITION_ID={0x8}, @NFTA_RULE_COMPAT={0x24, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0xfc}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x27}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x73}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_USERDATA={0x1e, 0x7, 0x1, 0x0, "65878ef0e528fcbb2cc3215ca8ec1be51eb1f97135a11a7c166a"}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x100, 0x8, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_RULE_COMPAT={0x54, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x1b}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x2e}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x84}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x6005}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x33}, @NFTA_RULE_COMPAT_FLAGS={0x8}]}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}]}, @NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0x24, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x14, 0x1, 0x0, 0x1, @byteorder={{0xe}, @void}}]}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELSET={0x3c, 0xb, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x6}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x9}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x26}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x714}, 0x1, 0x0, 0x0, 0x80}, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYRES64=r0], 0x3c}}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYRES64=r0], 0x3c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000000000100010008000a4000000073797a32000000000900010073797a3000000000080005400000002cd40009800800014000000006c80002800c00018008000140000000032400018008000140000000070800014000000008080001400000000908000140000000080c000180080001400000000a240001800800014000000006080f0140000000ff0800014000000002080001400000000140000000000800014000000007ebfd014000000000080001400000000908000140000000001c000180080001400000002808000140000000cb0800014000000003140001800800014000000005080001400000000108000340000000a4140000001000010000000000000000000000000a00"/315], 0x140}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000000000400028008000a0077c1a21fdbbd7f1c0ba203b7a9e3791d9e0ffd2e12e4a3fe62fbac", @ANYRES32=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000000000400028008000a0077c1a21fdbbd7f1c0ba203b7a9e3791d9e0ffd2e12e4a3fe62fbac", @ANYRES32=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r3], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) (async)
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r8, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES32=r6], 0x7c}}, 0x0)
sendmmsg(r5, &(0x7f0000000000), 0x400000000000235, 0x0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r5, 0x84, 0x20, &(0x7f00000003c0)=0x2138, 0x4) (async)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r5, 0x84, 0x20, &(0x7f00000003c0)=0x2138, 0x4)
r9 = socket(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r9, &(0x7f0000000000), 0x4000000000001f2, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000007c0)={0x10, &(0x7f0000000700)={0x0, 0x30, 0x49, "c667eab45cac5160b77bfdd2c967145efe55a28787c3bb3828f86d08612604e7c9e1d7b5afdc249df79aba97c4f114210a0aec5aa2a1bde518db54b21abd342d2e8e8bf83c8fcf30b9"}, 0x0, 0x0})

1.274213561s ago: executing program 1 (id=9238):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x40)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x808, r2, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
r3 = socket(0x200000000000011, 0x2, 0x0)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, r2, 0x1, 0x0, 0x6, @random="933c547ecfa7"}, 0x14)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r4, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x68, 0xd2}}}}}, 0x0)

502.517446ms ago: executing program 3 (id=9240):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14, 0x10, 0x1, 0x2000000}, [@NFT_MSG_NEWCHAIN={0x44, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x18, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'ip6gre0\x00'}]}]}], {0x14}}, 0x6c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

501.015022ms ago: executing program 1 (id=9241):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'pim6reg1\x00', 0x2})
r1 = getpid()
r2 = gettid()
rt_tgsigqueueinfo(r1, r2, 0xb, &(0x7f0000000640)={0x10, 0x0, 0x4})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x18)
r3 = socket$inet6(0xa, 0x1, 0xffffffff)
setsockopt$inet6_int(r3, 0x29, 0x18, 0x0, 0x500)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLEAR_HALT(r7, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r10 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$uac1(0x3, 0xa4, &(0x7f0000000680)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff09", @ANYRES8=r9, @ANYRES16=r9, @ANYRES16=r10], 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="210000002d00090027bd70000000000000000000"], 0x14}}, 0x4000080)
r11 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r11, 0x4020565a, &(0x7f0000000080)={0x5, 0x802})
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000240)=@urb_type_control={0x2, {0x5}, 0xfffffffc, 0x3, &(0x7f0000000140)={0x20, 0xa, 0x81, 0x4, 0x3}, 0x8, 0x8, 0x7, 0x0, 0x9, 0x6, &(0x7f0000000540)="bbc3b8947f7220a7630db70b73566f972df9e96385644465e36351cc271d74b4a22982f6b87ff02b134240068a48c91039e06761d41ccc18e9eed2819ec9285900699b18b89b5250af469246a9140c9f8658e5486d7c52f81826ccd2cc96602c1c43fad98631627d7665483663a0046a62f39032157169b2c5c9ee7a3102da0d8b9dd09da661e4e4be1f63933d8006e404711b92977342dce88789a1330f44fdbef2da58d0ccfd4a927354c25fc6640b4177ba43f53941a5b90ef4834c27ce8606f18fffbdcea7fadd4747b4a27f5846265351b43480ec6be568665f929846273fe3c25c972db3bb32b0"})

325.359275ms ago: executing program 3 (id=9242):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
chdir(0x0) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
inotify_init() (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r0], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYRESDEC=r0, @ANYRES32=r4, @ANYRESDEC=r3, @ANYRES64=r3, @ANYRES64=r4, @ANYRES8=r2, @ANYRESHEX=r4]) (async)
fchdir(r0) (async)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x149282, 0x10)
write$cgroup_int(r5, &(0x7f0000000040)=0x902, 0x12)
close_range(r2, r4, 0x0)

0s ago: executing program 3 (id=9243):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x24020400)
r1 = getpid()
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f00000004c0)={0x80, 0x0, 0x0, 0x0, {0xd}, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r1], 0x1}, 0x58)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x8c}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000003c000b0000000000fcffffff04000000040000800c000100091c", @ANYRES16, @ANYRES64=r2], 0x24}}, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r2)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
map_shadow_stack(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
syz_emit_ethernet(0x19, &(0x7f000001f700)={@broadcast, @remote, @val, {@mpls_uc={0x88a8, {[], @llc={@llc={0x0, 0x0, "0e"}}}}}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mprotect(&(0x7f00008ec000/0x3000)=nil, 0x3000, 0x100000b)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, 0x0}, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

fx_ksys_write+0x10/0x10
[ 2353.194552][ T5779]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2353.194581][ T5779]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2353.194610][ T5779]  __do_fast_syscall_32+0xb6/0x2b0
[ 2353.194628][ T5779]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2353.194657][ T5779]  do_fast_syscall_32+0x34/0x80
[ 2353.194675][ T5779]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2353.194696][ T5779] RIP: 0023:0xf70ee539
[ 2353.194713][ T5779] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2353.194729][ T5779] RSP: 002b:00000000f50de520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 2353.194750][ T5779] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000000
[ 2353.194763][ T5779] RDX: 00000000000001f1 RSI: 00000000f7452ff4 RDI: 0000000000000000
[ 2353.194775][ T5779] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2353.194785][ T5779] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2353.194796][ T5779] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2353.194859][ T5779]  </TASK>
[ 2353.829343][ T5777] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.8985'.
[ 2353.850287][ T5777] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[ 2353.870519][ T5777] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 2353.909698][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2353.929477][ T4478] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2353.961951][ T5930] usb 2-1: USB disconnect, device number 19
[ 2353.995139][ T4478] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2354.016441][ T5769] delete_channel: no stack
[ 2354.062345][ T4478] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 2354.127656][ T4478] bond0 (unregistering): Released all slaves
[ 2354.143248][ T4478] bond1 (unregistering): Released all slaves
[ 2354.268693][ T5784] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8988'.
[ 2354.633716][ T4478] tipc: Left network mode
[ 2354.945277][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2355.049900][ T5800] FAULT_INJECTION: forcing a failure.
[ 2355.049900][ T5800] name failslab, interval 1, probability 0, space 0, times 0
[ 2355.103589][ T5800] CPU: 1 UID: 0 PID: 5800 Comm: syz.1.8992 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2355.103619][ T5800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2355.103631][ T5800] Call Trace:
[ 2355.103639][ T5800]  <TASK>
[ 2355.103649][ T5800]  dump_stack_lvl+0x189/0x250
[ 2355.103691][ T5800]  ? __pfx____ratelimit+0x10/0x10
[ 2355.103722][ T5800]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2355.103751][ T5800]  ? __pfx__printk+0x10/0x10
[ 2355.103781][ T5800]  ? __pfx___might_resched+0x10/0x10
[ 2355.103819][ T5800]  should_fail_ex+0x414/0x560
[ 2355.103851][ T5800]  should_failslab+0xa8/0x100
[ 2355.103884][ T5800]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 2355.103902][ T5800]  ? zswap_store+0xbfa/0x1d10
[ 2355.103930][ T5800]  zswap_store+0xbfa/0x1d10
[ 2355.103956][ T5800]  ? __lock_acquire+0xab9/0xd20
[ 2355.103982][ T5800]  ? zswap_store+0x721/0x1d10
[ 2355.104009][ T5800]  ? __pfx_zswap_store+0x10/0x10
[ 2355.104036][ T5800]  ? do_raw_spin_unlock+0x122/0x240
[ 2355.104061][ T5800]  ? folio_free_swap+0x289/0x430
[ 2355.104089][ T5800]  swap_writeout+0x6d9/0xce0
[ 2355.104117][ T5800]  ? __pfx_swap_writeout+0x10/0x10
[ 2355.104136][ T5800]  shrink_folio_list+0x31ba/0x4e90
[ 2355.104202][ T5800]  ? __pfx_shrink_folio_list+0x10/0x10
[ 2355.104336][ T5800]  ? __pfx_css_rstat_updated+0x10/0x10
[ 2355.104376][ T5800]  reclaim_folio_list+0xeb/0x500
[ 2355.104424][ T5800]  ? __pfx_reclaim_folio_list+0x10/0x10
[ 2355.104446][ T5800]  ? lru_gen_update_size+0x818/0xd20
[ 2355.104471][ T5800]  ? __mod_zone_page_state+0xd7/0x140
[ 2355.104503][ T5800]  ? lru_gen_del_folio+0x359/0x540
[ 2355.104526][ T5800]  reclaim_pages+0x49a/0x5b0
[ 2355.104561][ T5800]  ? __pfx_reclaim_pages+0x10/0x10
[ 2355.104590][ T5800]  ? madvise_cold_or_pageout_pte_range+0x1995/0x1d40
[ 2355.104618][ T5800]  madvise_cold_or_pageout_pte_range+0x19be/0x1d40
[ 2355.104663][ T5800]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 2355.104692][ T5800]  ? __lock_acquire+0xab9/0xd20
[ 2355.104725][ T5800]  walk_pgd_range+0x1093/0x1e70
[ 2355.104800][ T5800]  ? __pfx_walk_pgd_range+0x10/0x10
[ 2355.104840][ T5800]  __walk_page_range+0x14c/0x710
[ 2355.104887][ T5800]  ? find_vma+0xe7/0x160
[ 2355.104903][ T5800]  ? __pfx_find_vma+0x10/0x10
[ 2355.104934][ T5800]  walk_page_range_mm+0x42d/0x620
[ 2355.104974][ T5800]  ? __pfx_walk_page_range_mm+0x10/0x10
[ 2355.105007][ T5800]  ? mlock_drain_local+0x79/0x490
[ 2355.105036][ T5800]  ? walk_page_range+0x6b/0x90
[ 2355.105066][ T5800]  madvise_do_behavior+0x1c01/0x2e70
[ 2355.105106][ T5800]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 2355.105135][ T5800]  ? __might_fault+0xb0/0x130
[ 2355.105157][ T5800]  ? _parse_integer_limit+0x1ae/0x1f0
[ 2355.105208][ T5800]  ? get_pid_task+0x20/0x1f0
[ 2355.105243][ T5800]  ? __lock_acquire+0xab9/0xd20
[ 2355.105282][ T5800]  ? madvise_lock+0xda/0x200
[ 2355.105327][ T5800]  do_madvise+0x174/0x220
[ 2355.105348][ T5800]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2355.105374][ T5800]  ? __pfx_do_madvise+0x10/0x10
[ 2355.105423][ T5800]  __ia32_sys_madvise+0xa7/0xc0
[ 2355.105448][ T5800]  __do_fast_syscall_32+0xb6/0x2b0
[ 2355.105470][ T5800]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2355.105504][ T5800]  do_fast_syscall_32+0x34/0x80
[ 2355.105524][ T5800]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2355.105547][ T5800] RIP: 0023:0xf7fd3539
[ 2355.105565][ T5800] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2355.105583][ T5800] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 00000000000000db
[ 2355.105606][ T5800] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600003
[ 2355.105621][ T5800] RDX: 0000000000000015 RSI: 0000000000000000 RDI: 0000000000000000
[ 2355.105634][ T5800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2355.105646][ T5800] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2355.105659][ T5800] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2355.105690][ T5800]  </TASK>
[ 2355.901778][ T5534] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2355.919962][ T5801] syzkaller0: tun_chr_ioctl cmd 2147767521
[ 2355.926371][ T5534] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2355.942661][ T5534] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2355.975526][ T5813] binder: 5812:5813 unknown command 1986356271
[ 2355.981888][ T5813] binder: 5812:5813 ioctl c0306201 80000640 returned -22
[ 2355.984059][ T5534] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2355.989068][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2356.169388][ T4478] hsr_slave_0: left promiscuous mode
[ 2356.200583][ T4478] hsr_slave_1: left promiscuous mode
[ 2356.226304][ T4478] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2356.233884][ T4478] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2356.275649][ T4478] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2356.303730][ T4478] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2356.357005][ T5830] FAULT_INJECTION: forcing a failure.
[ 2356.357005][ T5830] name failslab, interval 1, probability 0, space 0, times 0
[ 2356.389785][ T4478] veth1_macvtap: left promiscuous mode
[ 2356.395539][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz.3.8996 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2356.395564][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2356.395574][ T5830] Call Trace:
[ 2356.395580][ T5830]  <TASK>
[ 2356.395587][ T5830]  dump_stack_lvl+0x189/0x250
[ 2356.395619][ T5830]  ? __pfx____ratelimit+0x10/0x10
[ 2356.395647][ T5830]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2356.395671][ T5830]  ? __pfx__printk+0x10/0x10
[ 2356.395694][ T5830]  ? __pfx___might_resched+0x10/0x10
[ 2356.395722][ T5830]  should_fail_ex+0x414/0x560
[ 2356.395748][ T5830]  should_failslab+0xa8/0x100
[ 2356.395767][ T5830]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 2356.395783][ T5830]  ? __alloc_skb+0x112/0x2d0
[ 2356.395805][ T5830]  __alloc_skb+0x112/0x2d0
[ 2356.395827][ T5830]  netlink_sendmsg+0x5c6/0xb30
[ 2356.395863][ T5830]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2356.395885][ T5830]  ? __import_iovec+0x5d4/0x7f0
[ 2356.395899][ T5830]  ? aa_sock_msg_perm+0x94/0x160
[ 2356.395921][ T5830]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2356.395942][ T5830]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2356.395962][ T5830]  __sock_sendmsg+0x219/0x270
[ 2356.395981][ T5830]  ____sys_sendmsg+0x505/0x830
[ 2356.396006][ T5830]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2356.396041][ T5830]  ___sys_sendmsg+0x21f/0x2a0
[ 2356.396063][ T5830]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2356.396115][ T5830]  ? __fget_files+0x2a/0x420
[ 2356.396132][ T5830]  ? __fget_files+0x3a0/0x420
[ 2356.396159][ T5830]  __sys_sendmsg+0x164/0x220
[ 2356.396181][ T5830]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2356.396214][ T5830]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2356.396240][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2356.396266][ T5830]  __do_fast_syscall_32+0xb6/0x2b0
[ 2356.396282][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2356.396308][ T5830]  do_fast_syscall_32+0x34/0x80
[ 2356.396324][ T5830]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2356.396343][ T5830] RIP: 0023:0xf705e539
[ 2356.396358][ T5830] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2356.396372][ T5830] RSP: 002b:00000000f502d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2356.396390][ T5830] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080001200
[ 2356.396401][ T5830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2356.396410][ T5830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2356.396419][ T5830] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2356.396429][ T5830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2356.396453][ T5830]  </TASK>
[ 2356.664406][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2356.673650][ T4478] veth0_macvtap: left promiscuous mode
[ 2356.679371][ T4478] veth1_vlan: left promiscuous mode
[ 2356.684670][ T4478] veth0_vlan: left promiscuous mode
[ 2357.035321][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2357.536505][ T4478] team0 (unregistering): Port device team_slave_1 removed
[ 2357.663405][ T4478] team0 (unregistering): Port device team_slave_0 removed
[ 2357.855330][T17150] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[ 2358.021569][T17150] usb 6-1: Using ep0 maxpacket: 8
[ 2358.044053][T17150] usb 6-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[ 2358.071951][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2358.079039][T17150] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2358.087440][T17150] usb 6-1: Product: syz
[ 2358.091622][T17150] usb 6-1: Manufacturer: syz
[ 2358.096749][T17150] usb 6-1: SerialNumber: syz
[ 2358.114258][T17150] usb 6-1: config 0 descriptor??
[ 2358.124811][T17150] gspca_main: sonixj-2.14.0 probing 0c45:613e
[ 2358.398127][ T5833] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 2358.425503][ T5833] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[ 2358.454279][ T5833] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 2358.478287][ T5837] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 2358.819303][ T5534] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2358.915980][ T5534] 8021q: adding VLAN 0 to HW filter on device team0
[ 2359.010102][ T5849] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2359.028380][ T5849] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2359.062487][ T7373] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2359.069749][ T7373] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2359.105445][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2359.151647][T17150] gspca_sonixj: reg_w1 err -71
[ 2359.195575][T17150] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[ 2359.221893][T17150] usb 6-1: USB disconnect, device number 49
[ 2359.294740][ T4478] IPVS: stop unused estimator thread 0...
[ 2359.349905][ T5857] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9003'.
[ 2359.402983][ T7373] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2359.410279][ T7373] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2359.580809][ T5534] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2359.873745][ T5534] veth0_vlan: entered promiscuous mode
[ 2360.120062][ T5534] veth1_vlan: entered promiscuous mode
[ 2360.145422][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2360.218700][    T9] usb 6-1: new low-speed USB device number 50 using dummy_hcd
[ 2360.668590][ T5534] veth0_macvtap: entered promiscuous mode
[ 2360.686661][ T5534] veth1_macvtap: entered promiscuous mode
[ 2360.694225][    T9] usb 6-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 2360.795838][    T9] usb 6-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 2360.871085][    T9] usb 6-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 2360.897266][ T5534] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2360.916100][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2361.185377][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2361.208696][ T5534] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2361.261419][ T5534] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2361.469599][ T5534] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2361.588242][ T5534] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2361.604023][ T5534] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2361.702757][    T9] usb 6-1: string descriptor 0 read error: -71
[ 2361.750854][    T9] hub 6-1:32.0: USB hub found
[ 2361.794188][    T9] hub 6-1:32.0: config failed, can't read hub descriptor (err -22)
[ 2362.007174][ T5888] loop8: detected capacity change from 0 to 8
[ 2362.020414][    T9] usb 6-1: USB disconnect, device number 50
[ 2362.062487][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2362.099027][ T5888] Dev loop8: unable to read RDB block 8
[ 2362.104684][ T5888]  loop8: unable to read partition table
[ 2362.181645][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2362.225275][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2362.232907][ T5888] loop8: partition table beyond EOD, truncated
[ 2362.243355][ T5888] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[ 2362.344653][ T4478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2362.398325][ T4478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2362.435894][ T5895] netlink: 'syz.1.9007': attribute type 7 has an invalid length.
[ 2362.613174][ T5901] FAULT_INJECTION: forcing a failure.
[ 2362.613174][ T5901] name failslab, interval 1, probability 0, space 0, times 0
[ 2362.683542][ T5901] CPU: 1 UID: 0 PID: 5901 Comm: syz.3.9009 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2362.683573][ T5901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2362.683585][ T5901] Call Trace:
[ 2362.683594][ T5901]  <TASK>
[ 2362.683604][ T5901]  dump_stack_lvl+0x189/0x250
[ 2362.683641][ T5901]  ? __pfx____ratelimit+0x10/0x10
[ 2362.683671][ T5901]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2362.683700][ T5901]  ? __pfx__printk+0x10/0x10
[ 2362.683740][ T5901]  ? __pfx___might_resched+0x10/0x10
[ 2362.683768][ T5901]  ? fs_reclaim_acquire+0x7d/0x100
[ 2362.683797][ T5901]  should_fail_ex+0x414/0x560
[ 2362.683829][ T5901]  ? alloc_netdev_mqs+0xa8b/0x11e0
[ 2362.683856][ T5901]  should_failslab+0xa8/0x100
[ 2362.683880][ T5901]  __kvmalloc_node_noprof+0x161/0x5f0
[ 2362.683902][ T5901]  ? alloc_netdev_mqs+0xa8b/0x11e0
[ 2362.683936][ T5901]  alloc_netdev_mqs+0xa8b/0x11e0
[ 2362.683974][ T5901]  rtnl_create_link+0x31f/0xd10
[ 2362.684011][ T5901]  rtnl_newlink_create+0x25c/0xb00
[ 2362.684043][ T5901]  ? nla_memcpy+0x5b/0xc0
[ 2362.684072][ T5901]  ? __pfx_aa_get_newest_label+0x10/0x10
[ 2362.684103][ T5901]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 2362.684127][ T5901]  ? rtnl_newlink+0x8db/0x1c70
[ 2362.684152][ T5901]  ? __pfx___mutex_lock+0x10/0x10
[ 2362.684185][ T5901]  ? ns_capable+0x8a/0xf0
[ 2362.684220][ T5901]  rtnl_newlink+0x16d6/0x1c70
[ 2362.684242][ T5901]  ? netlink_sendmsg+0x805/0xb30
[ 2362.684280][ T5901]  ? __pfx_rtnl_newlink+0x10/0x10
[ 2362.684327][ T5901]  ? kasan_quarantine_put+0xdd/0x220
[ 2362.684357][ T5901]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2362.684394][ T5901]  ? nlmon_xmit+0xb0/0x100
[ 2362.684421][ T5901]  ? kmem_cache_free+0x18f/0x400
[ 2362.684449][ T5901]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 2362.684478][ T5901]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2362.684507][ T5901]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 2362.684536][ T5901]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2362.684568][ T5901]  ? __dev_queue_xmit+0x27e/0x3a70
[ 2362.684611][ T5901]  ? __lock_acquire+0xab9/0xd20
[ 2362.684668][ T5901]  ? __pfx_rtnl_newlink+0x10/0x10
[ 2362.684690][ T5901]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 2362.684716][ T5901]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 2362.684746][ T5901]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2362.684765][ T5901]  ? ref_tracker_free+0x63a/0x7d0
[ 2362.684790][ T5901]  ? __copy_skb_header+0xa7/0x550
[ 2362.684820][ T5901]  ? __pfx_ref_tracker_free+0x10/0x10
[ 2362.684860][ T5901]  netlink_rcv_skb+0x208/0x470
[ 2362.684886][ T5901]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2362.684909][ T5901]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2362.684948][ T5901]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2362.684972][ T5901]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2362.685002][ T5901]  netlink_unicast+0x75b/0x8d0
[ 2362.685038][ T5901]  netlink_sendmsg+0x805/0xb30
[ 2362.685074][ T5901]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2362.685101][ T5901]  ? __import_iovec+0x5d4/0x7f0
[ 2362.685120][ T5901]  ? aa_sock_msg_perm+0x94/0x160
[ 2362.685147][ T5901]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2362.685177][ T5901]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2362.685203][ T5901]  __sock_sendmsg+0x219/0x270
[ 2362.685226][ T5901]  ____sys_sendmsg+0x505/0x830
[ 2362.685258][ T5901]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2362.685304][ T5901]  ___sys_sendmsg+0x21f/0x2a0
[ 2362.685334][ T5901]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2362.685401][ T5901]  ? __fget_files+0x2a/0x420
[ 2362.685422][ T5901]  ? __fget_files+0x3a0/0x420
[ 2362.685454][ T5901]  __sys_sendmsg+0x164/0x220
[ 2362.685482][ T5901]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2362.685527][ T5901]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2362.685560][ T5901]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2362.685591][ T5901]  __do_fast_syscall_32+0xb6/0x2b0
[ 2362.685613][ T5901]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2362.685648][ T5901]  do_fast_syscall_32+0x34/0x80
[ 2362.685669][ T5901]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2362.685694][ T5901] RIP: 0023:0xf705e539
[ 2362.685713][ T5901] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2362.685744][ T5901] RSP: 002b:00000000f504e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2362.685768][ T5901] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[ 2362.685782][ T5901] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2362.685794][ T5901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2362.685806][ T5901] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2362.685818][ T5901] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2362.685851][ T5901]  </TASK>
[ 2363.247106][ T5911] kvm: kvm [5896]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2363.265398][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2363.275078][ T5911] kvm: kvm [5896]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2363.505063][ T5911] kvm: kvm [5896]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 2363.572666][ T5911] kvm_intel: kvm [5896]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x1d9) = 0x3
[ 2363.645397][    T9] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 2363.788229][ T5911] fuse: Bad value for 'fd'
[ 2363.819470][    T9] usb 3-1: Using ep0 maxpacket: 32
[ 2363.829136][    T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 2363.844894][    T9] usb 3-1: config 0 has no interface number 0
[ 2363.895275][    T9] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 2363.924863][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2363.933372][ T5920] usb 4-1: new low-speed USB device number 124 using dummy_hcd
[ 2363.959214][    T9] usb 3-1: Product: syz
[ 2363.963450][    T9] usb 3-1: Manufacturer: syz
[ 2363.981969][    T9] usb 3-1: SerialNumber: syz
[ 2364.113818][    T9] usb 3-1: config 0 descriptor??
[ 2364.131920][ T5920] usb 4-1: config 7 interface 0 has no altsetting 0
[ 2364.143122][ T5920] usb 4-1: string descriptor 0 read error: -22
[ 2364.162622][ T5920] usb 4-1: New USB device found, idVendor=0ace, idProduct=13a1, bcdDevice= 4.44
[ 2364.224708][    T9] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 2364.271509][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2364.290104][    T9] usb 3-1: selecting invalid altsetting 1
[ 2364.306030][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2364.354019][    T9] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 2364.399639][ T5920] usb 4-1: dvb_usb_v2: found a 'ZyDAS ZD1301 reference design' in warm state
[ 2364.414139][ T5916] FAULT_INJECTION: forcing a failure.
[ 2364.414139][ T5916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2364.444494][ T5916] CPU: 1 UID: 0 PID: 5916 Comm: syz.2.9012 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2364.444524][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2364.444536][ T5916] Call Trace:
[ 2364.444544][ T5916]  <TASK>
[ 2364.444553][ T5916]  dump_stack_lvl+0x189/0x250
[ 2364.444587][ T5916]  ? __pfx____ratelimit+0x10/0x10
[ 2364.444618][ T5916]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2364.444646][ T5916]  ? __pfx__printk+0x10/0x10
[ 2364.444682][ T5916]  should_fail_ex+0x414/0x560
[ 2364.444728][ T5916]  _copy_to_user+0x31/0xb0
[ 2364.444752][ T5916]  simple_read_from_buffer+0xe1/0x170
[ 2364.444779][ T5916]  proc_fail_nth_read+0x1df/0x250
[ 2364.444808][ T5916]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2364.444837][ T5916]  ? rw_verify_area+0x258/0x650
[ 2364.444866][ T5916]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2364.444893][ T5916]  vfs_read+0x1fd/0x980
[ 2364.444929][ T5916]  ? __pfx___mutex_lock+0x10/0x10
[ 2364.444948][ T5916]  ? __pfx_vfs_read+0x10/0x10
[ 2364.444978][ T5916]  ? __fget_files+0x2a/0x420
[ 2364.445004][ T5916]  ? __fget_files+0x3a0/0x420
[ 2364.445024][ T5916]  ? __fget_files+0x2a/0x420
[ 2364.445054][ T5916]  ksys_read+0x145/0x250
[ 2364.445075][ T5916]  ? __pfx_ksys_read+0x10/0x10
[ 2364.445113][ T5916]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2364.445145][ T5916]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2364.445177][ T5916]  __do_fast_syscall_32+0xb6/0x2b0
[ 2364.445197][ T5916]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2364.445231][ T5916]  do_fast_syscall_32+0x34/0x80
[ 2364.445250][ T5916]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2364.445274][ T5916] RIP: 0023:0xf707e539
[ 2364.445291][ T5916] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2364.445310][ T5916] RSP: 002b:00000000f506e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2364.445333][ T5916] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f506e620
[ 2364.445347][ T5916] RDX: 000000000000000f RSI: 00000000f73e2ff4 RDI: 0000000000000000
[ 2364.445359][ T5916] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2364.445371][ T5916] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2364.445384][ T5916] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2364.445415][ T5916]  </TASK>
[ 2364.677696][ T5926] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9013'.
[ 2364.716546][ T5920] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 2364.801589][    T9] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 2364.838466][ T5920] dvbdev: DVB: registering new adapter (ZyDAS ZD1301 reference design)
[ 2365.009591][ T5949] netlink: 'syz.2.9015': attribute type 7 has an invalid length.
[ 2365.010090][ T5920] usb 4-1: media controller created
[ 2365.030919][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 2365.103301][    T9] usb 3-1: media controller created
[ 2365.135399][ T5930] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[ 2365.170131][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2365.226072][    T9] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[ 2365.239564][ T5920] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2365.248570][    T9] zl10353_read_register: readreg error (reg=127, ret==-71)
[ 2365.266178][    T9] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 2365.296260][ T5930] usb 6-1: Using ep0 maxpacket: 32
[ 2365.310398][ T5930] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[ 2365.341574][ T5930] usb 6-1: config 0 has no interface number 0
[ 2365.347903][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2365.593540][ T5961] fuse: Bad value for 'fd'
[ 2365.684712][    T9] usb 3-1: USB disconnect, device number 124
[ 2365.771070][ T5930] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[ 2365.933421][ T5920] usb 4-1: USB disconnect, device number 124
[ 2366.063921][ T5930] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2366.082568][ T5930] usb 6-1: Product: syz
[ 2366.091457][ T5930] usb 6-1: Manufacturer: syz
[ 2366.102051][ T5930] usb 6-1: SerialNumber: syz
[ 2366.123052][ T5930] usb 6-1: config 0 descriptor??
[ 2366.385295][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2366.422155][ T5930] radio-si470x 6-1:0.35: this is not a si470x device.
[ 2366.620010][ T5976] netlink: 'syz.1.9020': attribute type 7 has an invalid length.
[ 2366.673383][ T5946] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9014'.
[ 2366.714244][ T5946] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9014'.
[ 2366.806117][ T5946] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9014'.
[ 2366.829769][ T5946] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9014'.
[ 2366.922941][ T5946] bond0: entered promiscuous mode
[ 2366.977495][ T5930] radio-raremono 6-1:0.35: this is not Thanko's Raremono.
[ 2366.987045][ T5946] bond_slave_0: entered promiscuous mode
[ 2367.021741][ T5946] bond_slave_1: entered promiscuous mode
[ 2367.085800][ T5946] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[ 2367.118400][ T5946] Cannot create hsr debugfs directory
[ 2367.144484][ T5946] hsr1: Slave A (netdevsim0) is not up; please bring it up to get a fully working HSR network
[ 2367.425686][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2367.581113][T17150] usb 6-1: USB disconnect, device number 51
[ 2367.596055][ T5920] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[ 2367.961213][ T5920] usb 4-1: config 0 has no interfaces?
[ 2368.153403][ T5920] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2368.162691][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2368.171078][ T5920] usb 4-1: Product: syz
[ 2368.175607][ T5920] usb 4-1: Manufacturer: syz
[ 2368.180204][ T5920] usb 4-1: SerialNumber: syz
[ 2368.242883][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9024'.
[ 2368.261148][ T5920] usb 4-1: config 0 descriptor??
[ 2368.465318][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2368.958036][ T6028] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9028'.
[ 2368.993887][ T6028] netlink: 48 bytes leftover after parsing attributes in process `syz.1.9028'.
[ 2369.055249][ T6028] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9028'.
[ 2369.094947][ T6031] netlink: 'syz.5.9029': attribute type 4 has an invalid length.
[ 2369.110983][ T6031] netlink: 'syz.5.9029': attribute type 4 has an invalid length.
[ 2369.196147][ T6033] input: syz1 as /devices/virtual/input/input123
[ 2369.253735][ T6028] 8021q: VLANs not supported on ip_vti0
[ 2369.290168][ T6033] input: failed to attach handler leds to device input123, error: -6
[ 2369.449570][ T6039] loop8: detected capacity change from 0 to 8
[ 2369.505263][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2369.539603][ T6459] Dev loop8: unable to read RDB block 8
[ 2369.545597][ T6459]  loop8: unable to read partition table
[ 2369.551788][ T6459] loop8: partition table beyond EOD, truncated
[ 2369.792850][ T6039] Dev loop8: unable to read RDB block 8
[ 2369.815421][ T6039]  loop8: unable to read partition table
[ 2369.860852][ T6039] loop8: partition table beyond EOD, truncated
[ 2369.888841][ T6039] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[ 2370.521923][ T6055] kvm: kvm [6047]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2370.545284][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2370.561359][ T6055] kvm: kvm [6047]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2370.610928][ T6055] kvm: kvm [6047]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 2370.769801][ T6063] fuse: Bad value for 'fd'
[ 2370.785346][ T6060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2370.796814][ T6060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2370.869545][    C1] sd 0:0:1:0: [sda] tag#2946 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 2370.880171][    C1] sd 0:0:1:0: [sda] tag#2946 CDB: Read(6) 08 00 9f d1 fe de
[ 2370.975500][ T5930] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 2371.305923][T17150] usb 4-1: USB disconnect, device number 125
[ 2371.345014][ T6060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2371.413599][ T6060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2371.490734][   T30] kauditd_printk_skb: 43 callbacks suppressed
[ 2371.490756][   T30] audit: type=1326 audit(1749875246.186:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2371.509909][ T5930] usb 3-1: Using ep0 maxpacket: 16
[ 2371.519047][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2371.531322][ T6065] netlink: 172 bytes leftover after parsing attributes in process `syz.5.9036'.
[ 2371.585303][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2371.642745][ T5930] usb 3-1: device descriptor read/all, error -71
[ 2371.741143][   T30] audit: type=1326 audit(1749875246.186:2516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2371.855615][   T30] audit: type=1326 audit(1749875246.186:2517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=123 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2371.958706][   T30] audit: type=1326 audit(1749875246.186:2518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2372.075366][   T30] audit: type=1326 audit(1749875246.186:2519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2372.571673][   T30] audit: type=1326 audit(1749875246.186:2520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2372.571731][   T30] audit: type=1326 audit(1749875246.186:2521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2372.571774][   T30] audit: type=1326 audit(1749875246.186:2522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2372.571823][   T30] audit: type=1326 audit(1749875246.236:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2372.571876][   T30] audit: type=1326 audit(1749875246.526:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.5.9036" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6539 code=0x7ffc0000
[ 2372.625278][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2373.201745][ T5836] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2373.304585][ T5836] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2373.327178][ T5836] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2373.339967][ T5836] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2373.354270][ T5836] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2373.665279][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2373.951151][ T6095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9041'.
[ 2373.991333][ T6095] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[ 2374.022293][ T5811] syz_tun (unregistering): left promiscuous mode
[ 2374.027011][ T6095] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 2374.233964][ T6099] FAULT_INJECTION: forcing a failure.
[ 2374.233964][ T6099] name failslab, interval 1, probability 0, space 0, times 0
[ 2374.265734][ T6099] CPU: 1 UID: 0 PID: 6099 Comm: syz.5.9042 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2374.265765][ T6099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2374.265778][ T6099] Call Trace:
[ 2374.265787][ T6099]  <TASK>
[ 2374.265797][ T6099]  dump_stack_lvl+0x189/0x250
[ 2374.265832][ T6099]  ? __pfx____ratelimit+0x10/0x10
[ 2374.265869][ T6099]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2374.265901][ T6099]  ? __pfx__printk+0x10/0x10
[ 2374.265931][ T6099]  ? __pfx___might_resched+0x10/0x10
[ 2374.265961][ T6099]  ? fs_reclaim_acquire+0x7d/0x100
[ 2374.265993][ T6099]  should_fail_ex+0x414/0x560
[ 2374.266025][ T6099]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 2374.266043][ T6099]  should_failslab+0xa8/0x100
[ 2374.266067][ T6099]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 2374.266084][ T6099]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[ 2374.266116][ T6099]  ? sock_alloc_inode+0x28/0xc0
[ 2374.266140][ T6099]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 2374.266157][ T6099]  sock_alloc_inode+0x28/0xc0
[ 2374.266174][ T6099]  alloc_inode+0x6a/0x1b0
[ 2374.266199][ T6099]  __sock_create+0x12d/0x9f0
[ 2374.266233][ T6099]  udp_sock_create4+0xbe/0x4b0
[ 2374.266259][ T6099]  ? __pfx_udp_sock_create4+0x10/0x10
[ 2374.266290][ T6099]  ? wg_socket_init+0x162/0xa60
[ 2374.266315][ T6099]  wg_socket_init+0x4e5/0xa60
[ 2374.266334][ T6099]  ? wg_socket_init+0x162/0xa60
[ 2374.266354][ T6099]  ? __pfx_wg_socket_init+0x10/0x10
[ 2374.266371][ T6099]  ? call_rcu+0x6dd/0x990
[ 2374.266392][ T6099]  ? __pfx_wg_receive+0x10/0x10
[ 2374.266419][ T6099]  ? rcuref_put+0x1b7/0x210
[ 2374.266458][ T6099]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2374.266494][ T6099]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2374.266526][ T6099]  ? wg_set_device+0x736/0x1fe0
[ 2374.266559][ T6099]  wg_set_device+0x7f8/0x1fe0
[ 2374.266607][ T6099]  ? __pfx___nla_validate_parse+0x10/0x10
[ 2374.266638][ T6099]  ? __pfx_wg_set_device+0x10/0x10
[ 2374.266695][ T6099]  ? __nla_parse+0x40/0x60
[ 2374.266730][ T6099]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 2374.266772][ T6099]  genl_family_rcv_msg_doit+0x212/0x300
[ 2374.266813][ T6099]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 2374.266859][ T6099]  ? bpf_lsm_capable+0x9/0x20
[ 2374.266876][ T6099]  ? security_capable+0x7e/0x2e0
[ 2374.266909][ T6099]  genl_rcv_msg+0x60e/0x790
[ 2374.266948][ T6099]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2374.266976][ T6099]  ? ref_tracker_free+0x63a/0x7d0
[ 2374.267003][ T6099]  ? __pfx_wg_set_device+0x10/0x10
[ 2374.267028][ T6099]  ? __pfx_ref_tracker_free+0x10/0x10
[ 2374.267070][ T6099]  netlink_rcv_skb+0x208/0x470
[ 2374.267097][ T6099]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2374.267130][ T6099]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2374.267177][ T6099]  ? down_read+0x1ad/0x2e0
[ 2374.267203][ T6099]  genl_rcv+0x28/0x40
[ 2374.267232][ T6099]  netlink_unicast+0x75b/0x8d0
[ 2374.267269][ T6099]  netlink_sendmsg+0x805/0xb30
[ 2374.267307][ T6099]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2374.267336][ T6099]  ? __import_iovec+0x5d4/0x7f0
[ 2374.267356][ T6099]  ? aa_sock_msg_perm+0x94/0x160
[ 2374.267385][ T6099]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2374.267410][ T6099]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2374.267437][ T6099]  __sock_sendmsg+0x219/0x270
[ 2374.267463][ T6099]  ____sys_sendmsg+0x505/0x830
[ 2374.267496][ T6099]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2374.267545][ T6099]  ___sys_sendmsg+0x21f/0x2a0
[ 2374.267583][ T6099]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2374.267656][ T6099]  ? __fget_files+0x2a/0x420
[ 2374.267678][ T6099]  ? __fget_files+0x3a0/0x420
[ 2374.267712][ T6099]  __sys_sendmsg+0x164/0x220
[ 2374.267742][ T6099]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2374.267788][ T6099]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2374.267821][ T6099]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2374.267854][ T6099]  __do_fast_syscall_32+0xb6/0x2b0
[ 2374.267876][ T6099]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2374.267911][ T6099]  do_fast_syscall_32+0x34/0x80
[ 2374.267933][ T6099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2374.267958][ T6099] RIP: 0023:0xf7fd6539
[ 2374.267976][ T6099] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2374.267995][ T6099] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2374.268019][ T6099] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 2374.268034][ T6099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2374.268046][ T6099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2374.268058][ T6099] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2374.268071][ T6099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2374.268105][ T6099]  </TASK>
[ 2374.268345][ T6099] socket: no more sockets
[ 2374.709235][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2374.749285][ T6099] wireguard: wg1: Could not create IPv4 socket
[ 2375.000411][ T6104] netlink: 'syz.5.9044': attribute type 7 has an invalid length.
[ 2375.292544][ T6117] netlink: 'syz.0.9048': attribute type 10 has an invalid length.
[ 2375.314860][ T6118] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9047'.
[ 2375.352817][ T6117] team0: Port device syz_tun added
[ 2375.426470][ T5836] Bluetooth: hci5: command tx timeout
[ 2375.542531][ T6125] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9050'.
[ 2375.688125][ T6093] chnl_net:caif_netlink_parms(): no params data found
[ 2375.749252][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2376.100436][ T6093] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2376.109456][ T6093] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2376.118103][ T6093] bridge_slave_0: entered allmulticast mode
[ 2376.127354][ T6093] bridge_slave_0: entered promiscuous mode
[ 2376.134042][ T6143] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9053'.
[ 2376.147777][ T6093] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2376.155575][ T6093] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2376.163848][ T6093] bridge_slave_1: entered allmulticast mode
[ 2376.171807][ T6093] bridge_slave_1: entered promiscuous mode
[ 2376.247760][ T6093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2376.267773][ T6093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2376.549372][ T6146] netlink: 'syz.2.9054': attribute type 10 has an invalid length.
[ 2376.553935][ T6093] team0: Port device team_slave_0 added
[ 2376.579796][ T6093] team0: Port device team_slave_1 added
[ 2376.724533][ T6146] team0: Port device syz_tun added
[ 2376.785671][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2376.948883][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2376.958529][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2376.984478][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2377.007740][ T6093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2377.064574][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2377.072630][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2377.114354][ T6093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2377.151061][ T6156] netlink: 'syz.2.9057': attribute type 7 has an invalid length.
[ 2377.332753][ T6093] hsr_slave_0: entered promiscuous mode
[ 2377.341265][ T6093] hsr_slave_1: entered promiscuous mode
[ 2377.348918][ T6093] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2377.358411][ T6093] Cannot create hsr debugfs directory
[ 2377.509519][ T5836] Bluetooth: hci5: command tx timeout
[ 2377.735058][ T6174] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9061'.
[ 2377.756739][ T6174] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9061'.
[ 2377.825267][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2377.931678][ T6093] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2378.061167][ T6093] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2378.218528][ T6093] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2378.312140][ T6093] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2378.865297][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2379.004112][ T6093] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2379.180371][ T6093] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2379.205733][ T6093] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2379.224282][ T6093] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2379.511094][ T6202] FAULT_INJECTION: forcing a failure.
[ 2379.511094][ T6202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2379.566006][ T5251] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[ 2379.574133][ T6202] CPU: 1 UID: 0 PID: 6202 Comm: syz.2.9068 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2379.574163][ T6202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2379.574181][ T6202] Call Trace:
[ 2379.574190][ T6202]  <TASK>
[ 2379.574199][ T6202]  dump_stack_lvl+0x189/0x250
[ 2379.574236][ T6202]  ? __pfx____ratelimit+0x10/0x10
[ 2379.574267][ T6202]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2379.574298][ T6202]  ? __pfx__printk+0x10/0x10
[ 2379.574322][ T6202]  ? __might_fault+0xb0/0x130
[ 2379.574356][ T6202]  should_fail_ex+0x414/0x560
[ 2379.574390][ T6202]  _copy_from_user+0x2d/0xb0
[ 2379.574413][ T6202]  csum_and_copy_from_iter_full+0x1e1/0x1eb0
[ 2379.574464][ T6202]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[ 2379.574509][ T6202]  ? __alloc_skb+0x142/0x2d0
[ 2379.574540][ T6202]  ? trace_kmalloc+0x1f/0xd0
[ 2379.574562][ T6202]  ip_generic_getfrag+0x12f/0x2b0
[ 2379.574595][ T6202]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 2379.574637][ T6202]  __ip6_append_data+0x3843/0x3de0
[ 2379.574682][ T6202]  ? __lock_acquire+0xab9/0xd20
[ 2379.574714][ T6202]  ? __pfx_raw6_getfrag+0x10/0x10
[ 2379.574769][ T6202]  ? ip6_mtu+0x7d/0x3f0
[ 2379.574799][ T6202]  ? __pfx___ip6_append_data+0x10/0x10
[ 2379.574824][ T6202]  ? __pfx_ip6_mtu+0x10/0x10
[ 2379.574860][ T6202]  ip6_append_data+0x1c4/0x380
[ 2379.574890][ T6202]  ? __pfx_raw6_getfrag+0x10/0x10
[ 2379.574922][ T6202]  rawv6_sendmsg+0x124b/0x17f0
[ 2379.574970][ T6202]  ? __pfx_rawv6_sendmsg+0x10/0x10
[ 2379.575031][ T6202]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2379.575059][ T6202]  ? sock_rps_record_flow+0x19/0x410
[ 2379.575083][ T6202]  ? inet_sendmsg+0x2f4/0x370
[ 2379.575102][ T6202]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2379.575131][ T6202]  __sock_sendmsg+0x19c/0x270
[ 2379.575155][ T6202]  __sys_sendto+0x3bd/0x520
[ 2379.575181][ T6202]  ? __pfx___sys_sendto+0x10/0x10
[ 2379.575201][ T6202]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 2379.575238][ T6202]  ? __fget_files+0x3a0/0x420
[ 2379.575274][ T6202]  ? ksys_write+0x22a/0x250
[ 2379.575306][ T6202]  __ia32_sys_sendto+0xdd/0x100
[ 2379.575334][ T6202]  __do_fast_syscall_32+0xb6/0x2b0
[ 2379.575355][ T6202]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2379.575390][ T6202]  do_fast_syscall_32+0x34/0x80
[ 2379.575412][ T6202]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2379.575435][ T6202] RIP: 0023:0xf707e539
[ 2379.575455][ T6202] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2379.575472][ T6202] RSP: 002b:00000000f506e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 2379.575493][ T6202] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[ 2379.575506][ T6202] RDX: 00000000000005dc RSI: 0000000000000000 RDI: 0000000000000000
[ 2379.575514][ T6202] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2379.575522][ T6202] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2379.575529][ T6202] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2379.575547][ T6202]  </TASK>
[ 2379.905315][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2379.921925][ T6093] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2379.943330][ T6093] 8021q: adding VLAN 0 to HW filter on device team0
[ 2379.953510][ T5836] Bluetooth: hci5: command tx timeout
[ 2379.966275][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2379.973392][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2380.000670][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2380.007903][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2380.096353][ T5251] usb 6-1: Using ep0 maxpacket: 16
[ 2380.105299][ T5251] usb 6-1: config 4 has an invalid interface number: 51 but max is 0
[ 2380.114726][ T5251] usb 6-1: config 4 has no interface number 0
[ 2380.121008][ T5251] usb 6-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[ 2380.130981][ T5251] usb 6-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 2380.141137][ T5251] usb 6-1: config 4 interface 51 has no altsetting 0
[ 2380.152322][ T5251] usb 6-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[ 2380.161477][ T5251] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2380.169865][ T5251] usb 6-1: Product: syz
[ 2380.174018][ T5251] usb 6-1: Manufacturer: syz
[ 2380.179553][ T5251] usb 6-1: SerialNumber: syz
[ 2380.188834][ T6192] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2380.204877][ T6192] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2380.208301][ T6093] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2380.285099][ T6093] veth0_vlan: entered promiscuous mode
[ 2380.311903][ T6093] veth1_vlan: entered promiscuous mode
[ 2380.383115][ T6206] kvm: kvm [6203]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2380.400469][ T6206] kvm: kvm [6203]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2380.413560][ T6206] kvm: kvm [6203]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 2380.432646][ T6206] kvm_intel: kvm [6203]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x1d9) = 0x3
[ 2380.464706][ T6192] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2380.480390][ T6192] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2380.521120][ T6093] veth0_macvtap: entered promiscuous mode
[ 2380.543701][ T5251] cdc_eem 6-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.5-1, CDC EEM Device, a6:c7:1c:98:84:4d
[ 2380.569194][ T6093] veth1_macvtap: entered promiscuous mode
[ 2380.680878][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2380.718381][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2380.745991][ T5251] usb 6-1: USB disconnect, device number 52
[ 2380.762221][ T5251] cdc_eem 6-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.5-1, CDC EEM Device
[ 2380.843971][ T6206] fuse: Bad value for 'fd'
[ 2380.859252][ T6093] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2380.897779][ T6093] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2380.911400][ T6093] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2380.938415][ T6093] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2380.947363][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2381.465515][ T6216] FAULT_INJECTION: forcing a failure.
[ 2381.465515][ T6216] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2381.569812][ T6221] kvm: kvm [6214]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2381.581215][ T6216] CPU: 1 UID: 0 PID: 6216 Comm: syz.1.9071 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2381.581246][ T6216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2381.581258][ T6216] Call Trace:
[ 2381.581267][ T6216]  <TASK>
[ 2381.581277][ T6216]  dump_stack_lvl+0x189/0x250
[ 2381.581313][ T6216]  ? __pfx____ratelimit+0x10/0x10
[ 2381.581344][ T6216]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2381.581375][ T6216]  ? __pfx__printk+0x10/0x10
[ 2381.581401][ T6216]  ? fs_reclaim_acquire+0x7d/0x100
[ 2381.581435][ T6216]  should_fail_ex+0x414/0x560
[ 2381.581467][ T6216]  prepare_alloc_pages+0x213/0x610
[ 2381.581500][ T6216]  __alloc_frozen_pages_noprof+0x123/0x370
[ 2381.581530][ T6216]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2381.581576][ T6216]  alloc_pages_mpol+0x232/0x4a0
[ 2381.581604][ T6216]  alloc_pages_noprof+0xa9/0x190
[ 2381.581628][ T6216]  get_free_pages_noprof+0xf/0x80
[ 2381.581655][ T6216]  fuse_do_ioctl+0x240/0x1f00
[ 2381.581692][ T6216]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2381.581719][ T6216]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2381.581755][ T6216]  ? __pfx_fuse_do_ioctl+0x10/0x10
[ 2381.581785][ T6216]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2381.581830][ T6216]  ? __lock_acquire+0xab9/0xd20
[ 2381.581889][ T6216]  ? __fget_files+0x3a0/0x420
[ 2381.581911][ T6216]  ? fuse_allow_current_process+0x1eb/0x3c0
[ 2381.581939][ T6216]  ? fuse_file_compat_ioctl+0xe6/0x140
[ 2381.581974][ T6216]  __ia32_compat_sys_ioctl+0x543/0x840
[ 2381.582008][ T6216]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 2381.582040][ T6216]  ? __fget_files+0x3a0/0x420
[ 2381.582070][ T6216]  ? fput+0xa0/0xd0
[ 2381.582095][ T6216]  ? ksys_write+0x22a/0x250
[ 2381.582123][ T6216]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2381.582156][ T6216]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2381.582188][ T6216]  __do_fast_syscall_32+0xb6/0x2b0
[ 2381.582209][ T6216]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2381.582244][ T6216]  do_fast_syscall_32+0x34/0x80
[ 2381.582264][ T6216]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2381.582289][ T6216] RIP: 0023:0xf7fd3539
[ 2381.582307][ T6216] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2381.582324][ T6216] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2381.582347][ T6216] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000c0046686
[ 2381.582361][ T6216] RDX: 0000000080000d40 RSI: 0000000000000000 RDI: 0000000000000000
[ 2381.582372][ T6216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2381.582385][ T6216] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2381.582397][ T6216] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2381.582429][ T6216]  </TASK>
[ 2381.589384][ T6221] kvm: kvm [6214]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2381.872881][ T6221] kvm: kvm [6214]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 2381.930291][ T6221] kvm_intel: kvm [6214]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x1d9) = 0x3
[ 2381.985339][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2382.005312][ T5836] Bluetooth: hci5: command tx timeout
[ 2382.045111][T28858] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2382.167396][T28858] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2382.340707][ T5841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2382.376877][ T6234] kvm: kvm [6228]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2382.393141][ T6234] kvm: kvm [6228]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2382.409380][ T5841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2382.506007][ T6234] kvm: kvm [6228]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 2382.599841][ T6234] kvm_intel: kvm [6228]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x1d9) = 0x3
[ 2382.735918][ T6227] fuse: Bad value for 'fd'
[ 2383.025287][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2383.164826][ T6234] fuse: Bad value for 'fd'
[ 2383.815767][    T9] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[ 2384.031628][    T9] usb 4-1: Using ep0 maxpacket: 32
[ 2384.047168][    T9] usb 4-1: config 0 has an invalid interface number: 109 but max is 0
[ 2384.065451][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2384.072888][    T9] usb 4-1: config 0 has no interface number 0
[ 2384.102609][    T9] usb 4-1: config 0 has an invalid interface number: 109 but max is 0
[ 2384.133738][    T9] usb 4-1: config 0 has no interface number 0
[ 2384.152416][    T9] usb 4-1: config 0 has an invalid interface number: 109 but max is 0
[ 2384.172315][    T9] usb 4-1: config 0 has no interface number 0
[ 2384.193840][    T9] usb 4-1: config 0 has an invalid interface number: 109 but max is 0
[ 2384.225560][ T5251] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[ 2384.239961][    T9] usb 4-1: config 0 has no interface number 0
[ 2384.278650][    T9] usb 4-1: config 0 has an invalid interface number: 109 but max is 0
[ 2384.295298][    T9] usb 4-1: config 0 has no interface number 0
[ 2384.337012][    T9] usb 4-1: config 0 has an invalid interface number: 109 but max is 0
[ 2384.393307][    T9] usb 4-1: config 0 has no interface number 0
[ 2384.407666][    T9] usb 4-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=72.1d
[ 2384.427268][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2384.448793][ T5251] usb 3-1: Using ep0 maxpacket: 16
[ 2384.456892][ T5251] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2384.459447][    T9] usb 4-1: Product: syz
[ 2384.489578][ T5251] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[ 2384.503267][    T9] usb 4-1: Manufacturer: syz
[ 2384.524674][    T9] usb 4-1: SerialNumber: syz
[ 2384.542022][ T5251] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2384.563160][ T5251] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2384.569378][    T9] usb 4-1: config 0 descriptor??
[ 2384.582516][ T5251] usb 3-1: SerialNumber: syz
[ 2384.652702][ T5251] cdc_acm 3-1:1.0: invalid descriptor buffer length
[ 2384.826996][    T9] mdc800 4-1:0.109: probe fails -> wrong Number of Configuration
[ 2384.858966][    T9] usb 4-1: USB disconnect, device number 126
[ 2384.881143][ T6272] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2385.089986][ T6281] usb usb1: usbfs: process 6281 (syz.5.9080) did not claim interface 0 before use
[ 2385.105278][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2385.116250][ T6281] usb usb1: selecting invalid altsetting 15
[ 2385.446315][ T5251] usb 3-1: USB disconnect, device number 127
[ 2385.766171][ T6301] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2385.795849][ T6301] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2386.078769][ T6290] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9081'.
[ 2386.141310][ T5920] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 2386.145303][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2386.395721][ T5920] usb 4-1: Using ep0 maxpacket: 8
[ 2386.410758][ T5920] usb 4-1: config index 0 descriptor too short (expected 283, got 27)
[ 2386.435221][ T5920] usb 4-1: config 46 has too many interfaces: 104, using maximum allowed: 32
[ 2386.454387][ T5920] usb 4-1: config 46 contains an unexpected descriptor of type 0x1, skipping
[ 2386.470510][ T5920] usb 4-1: config 46 contains an unexpected descriptor of type 0x1, skipping
[ 2386.512956][ T5920] usb 4-1: config 46 has an invalid descriptor of length 100, skipping remainder of the config
[ 2386.545161][ T5920] usb 4-1: config 46 has 0 interfaces, different from the descriptor's value: 104
[ 2386.595591][ T5920] usb 4-1: New USB device found, idVendor=10b8, idProduct=1e80, bcdDevice=13.2f
[ 2386.618063][ T6317] netlink: 'syz.5.9086': attribute type 7 has an invalid length.
[ 2386.625774][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2386.677936][ T5920] usb 4-1: Product: syz
[ 2386.686537][ T5920] usb 4-1: Manufacturer: syz
[ 2386.695653][ T5920] usb 4-1: SerialNumber: syz
[ 2387.008942][ T5920] usb 4-1: USB disconnect, device number 127
[ 2387.146006][ T6322] kvm: kvm [6319]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2387.171821][ T6322] kvm: kvm [6319]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2387.180563][ T6322] kvm: kvm [6319]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 2387.185307][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2387.275004][ T6322] kvm_intel: kvm [6319]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x1d9) = 0x3
[ 2387.637843][ T6322] fuse: Bad value for 'fd'
[ 2388.225293][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2388.334049][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9093'.
[ 2388.581278][ T6342] syz_tun: entered allmulticast mode
[ 2388.596084][ T6342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9093'.
[ 2388.606497][ T6342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9093'.
[ 2388.801122][ T6348] fuse: Unknown parameter 'no'
[ 2388.965814][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 2389.137977][    T9] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 2389.149996][    T9] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 3
[ 2389.159290][ T5920] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 2389.167194][    T9] usb 4-1: config 220 interface 0 has no altsetting 0
[ 2389.179323][    T9] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 2389.190690][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2389.201087][    T9] usb 4-1: Product: syz
[ 2389.205513][    T9] usb 4-1: Manufacturer: syz
[ 2389.210212][    T9] usb 4-1: SerialNumber: syz
[ 2389.265267][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2389.318150][ T5920] usb 3-1: Using ep0 maxpacket: 8
[ 2389.331985][ T5920] usb 3-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[ 2389.344535][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2389.353368][ T5920] usb 3-1: Product: syz
[ 2389.361598][ T5920] usb 3-1: Manufacturer: syz
[ 2389.390386][ T5920] usb 3-1: SerialNumber: syz
[ 2389.422588][ T5920] usb 3-1: config 0 descriptor??
[ 2389.486705][    T9] usb 4-1: Found UVC 0.00 device syz (8086:0b07)
[ 2389.500954][    T9] usb 4-1: No valid video chain found.
[ 2389.529348][ T6341] syz_tun: left allmulticast mode
[ 2389.543274][    T9] usb 4-1: USB disconnect, device number 2
[ 2389.887430][ T5920] gspca_main: sunplus-2.14.0 probing 04a5:3003
[ 2390.116086][ T6365] usb usb1: usbfs: process 6365 (syz.5.9099) did not claim interface 0 before use
[ 2390.125870][ T6365] usb usb1: selecting invalid altsetting 15
[ 2390.207816][ T6366] FAULT_INJECTION: forcing a failure.
[ 2390.207816][ T6366] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2390.263034][ T6366] CPU: 1 UID: 0 PID: 6366 Comm: syz.5.9099 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2390.263067][ T6366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2390.263079][ T6366] Call Trace:
[ 2390.263088][ T6366]  <TASK>
[ 2390.263097][ T6366]  dump_stack_lvl+0x189/0x250
[ 2390.263134][ T6366]  ? __pfx____ratelimit+0x10/0x10
[ 2390.263166][ T6366]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2390.263196][ T6366]  ? __pfx__printk+0x10/0x10
[ 2390.263232][ T6366]  should_fail_ex+0x414/0x560
[ 2390.263264][ T6366]  _copy_to_user+0x31/0xb0
[ 2390.263289][ T6366]  simple_read_from_buffer+0xe1/0x170
[ 2390.263317][ T6366]  proc_fail_nth_read+0x1df/0x250
[ 2390.263343][ T6366]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2390.263371][ T6366]  ? rw_verify_area+0x258/0x650
[ 2390.263410][ T6366]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2390.263436][ T6366]  vfs_read+0x1fd/0x980
[ 2390.263472][ T6366]  ? __pfx___mutex_lock+0x10/0x10
[ 2390.263493][ T6366]  ? __pfx_vfs_read+0x10/0x10
[ 2390.263525][ T6366]  ? __fget_files+0x2a/0x420
[ 2390.263554][ T6366]  ? __fget_files+0x3a0/0x420
[ 2390.263574][ T6366]  ? __fget_files+0x2a/0x420
[ 2390.263607][ T6366]  ksys_read+0x145/0x250
[ 2390.263627][ T6366]  ? __pfx_ksys_read+0x10/0x10
[ 2390.263660][ T6366]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2390.263693][ T6366]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2390.263724][ T6366]  __do_fast_syscall_32+0xb6/0x2b0
[ 2390.263745][ T6366]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2390.263778][ T6366]  do_fast_syscall_32+0x34/0x80
[ 2390.263799][ T6366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2390.263823][ T6366] RIP: 0023:0xf7fd6539
[ 2390.263841][ T6366] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2390.263857][ T6366] RSP: 002b:00000000f50d5590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2390.263879][ T6366] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f50d5620
[ 2390.263892][ T6366] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000
[ 2390.263903][ T6366] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2390.263910][ T6366] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2390.263921][ T6366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2390.263952][ T6366]  </TASK>
[ 2390.493770][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2390.833207][    C1] sd 0:0:1:0: [sda] tag#2994 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 2390.843811][    C1] sd 0:0:1:0: [sda] tag#2994 CDB: Read(6) 08 00 9f d1 fe de
[ 2390.887910][ T6370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9102'.
[ 2390.899238][ T6370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9102'.
[ 2390.920513][ T6377] FAULT_INJECTION: forcing a failure.
[ 2390.920513][ T6377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2390.941967][ T6377] CPU: 1 UID: 0 PID: 6377 Comm: syz.1.9104 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2390.941996][ T6377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2390.942007][ T6377] Call Trace:
[ 2390.942015][ T6377]  <TASK>
[ 2390.942023][ T6377]  dump_stack_lvl+0x189/0x250
[ 2390.942057][ T6377]  ? __pfx____ratelimit+0x10/0x10
[ 2390.942086][ T6377]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2390.942115][ T6377]  ? __pfx__printk+0x10/0x10
[ 2390.942151][ T6377]  should_fail_ex+0x414/0x560
[ 2390.942188][ T6377]  strncpy_from_user+0x36/0x290
[ 2390.942217][ T6377]  getname_flags+0xf3/0x540
[ 2390.942244][ T6377]  path_setxattrat+0x2ac/0x3a0
[ 2390.942281][ T6377]  ? __pfx_path_setxattrat+0x10/0x10
[ 2390.942306][ T6377]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 2390.942355][ T6377]  ? ksys_write+0x22a/0x250
[ 2390.942382][ T6377]  __ia32_sys_setxattr+0xbc/0xe0
[ 2390.942410][ T6377]  __do_fast_syscall_32+0xb6/0x2b0
[ 2390.942429][ T6377]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2390.942463][ T6377]  do_fast_syscall_32+0x34/0x80
[ 2390.942482][ T6377]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2390.942506][ T6377] RIP: 0023:0xf7fd3539
[ 2390.942522][ T6377] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2390.942539][ T6377] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 00000000000000e2
[ 2390.942560][ T6377] RAX: ffffffffffffffda RBX: 0000000080000080 RCX: 0000000080000280
[ 2390.942574][ T6377] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2390.942586][ T6377] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2390.942598][ T6377] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2390.942609][ T6377] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2390.942639][ T6377]  </TASK>
[ 2391.146607][ T6357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2391.226358][ T6357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2391.308725][ T6356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2391.366687][ T6356] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2391.427371][ T5920] gspca_sunplus: reg_r err -71
[ 2391.432463][ T5920] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[ 2391.505683][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2391.513144][ T5920] usb 3-1: USB disconnect, device number 2
[ 2391.670258][ T6384] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9105'.
[ 2391.920449][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2391.935342][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.000666][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.075938][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 2392.075959][   T30] audit: type=1326 audit(1749875266.766:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee558 code=0x7ffc0000
[ 2392.087854][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.205338][   T30] audit: type=1326 audit(1749875266.766:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2392.240213][   T30] audit: type=1326 audit(1749875266.766:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee558 code=0x7ffc0000
[ 2392.262030][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.265124][   T30] audit: type=1326 audit(1749875266.766:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2392.345554][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.385882][   T30] audit: type=1326 audit(1749875266.766:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2392.405244][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.438763][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.508630][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.522003][   T30] audit: type=1326 audit(1749875266.766:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2392.544365][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.545388][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2392.665421][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.740256][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.782043][ T6397] kvm: kvm [6394]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2392.791886][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.795450][   T30] audit: type=1326 audit(1749875266.766:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2392.845331][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.887831][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.890900][ T6397] kvm: kvm [6394]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2392.926255][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2392.947405][   T30] audit: type=1326 audit(1749875266.766:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2392.955448][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.021954][ T6397] kvm: kvm [6394]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x187) = 0x3
[ 2393.066571][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.082967][   T30] audit: type=1326 audit(1749875266.766:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee558 code=0x7ffc0000
[ 2393.092353][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.114457][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2393.150061][ T6397] kvm_intel: kvm [6394]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x1d9) = 0x3
[ 2393.283228][   T30] audit: type=1326 audit(1749875266.766:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.9106" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2393.335551][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.390762][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.418133][ T6384] team0 (unregistering): Failed to send options change via netlink (err -105)
[ 2393.448049][ T6384] team0 (unregistering): Failed to send port change of device team_slave_0 via netlink (err -105)
[ 2393.504281][ T6400] fuse: Bad value for 'fd'
[ 2393.536752][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.585406][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2393.590280][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.604375][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.629911][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.646366][ T6384] team0 (unregistering): Port device team_slave_0 removed
[ 2393.981739][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2393.999523][ T6384] team0 (unregistering): Failed to send options change via netlink (err -105)
[ 2394.011486][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.037880][ T6384] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[ 2394.053258][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.095980][ T6384] team0 (unregistering): Port device team_slave_1 removed
[ 2394.103301][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.195386][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.234340][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.260238][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.285366][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.305327][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.334673][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.381678][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.422100][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.463240][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.525269][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.565554][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.609442][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.625400][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2394.655254][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.685280][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.711797][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.776823][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.805274][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.844398][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.884928][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2394.912224][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.096124][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.151298][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.163697][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.181690][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.209271][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.224380][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.249448][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.395347][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.454491][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.468350][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.495270][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.502765][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.562609][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.595399][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.602893][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2395.665347][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2395.727964][ T6415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9111'.
[ 2395.808898][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.061771][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.091706][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.147183][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.165701][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.185850][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.193306][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.217057][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.231729][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.243224][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.253579][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.263639][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.271501][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.400835][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.428127][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.451770][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.474785][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.521628][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.534493][ T5920] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0
[ 2396.572666][ T5920] hid-generic 0000:0000:0000.0041: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2396.638795][ T6431] fuse: Bad value for 'fd'
[ 2396.705434][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2396.745356][ T5927] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 2396.797749][ T6439] fido_id[6439]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 2396.831988][    C1] sd 0:0:1:0: [sda] tag#2982 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 2396.842517][    C1] sd 0:0:1:0: [sda] tag#2982 CDB: Read(6) 08 00 9f d1 fe de
[ 2396.908324][ T5927] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2396.939001][ T5927] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 2396.960321][ T5927] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[ 2396.976237][ T5927] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2396.980154][ T6448] netlink: 'syz.0.9120': attribute type 7 has an invalid length.
[ 2396.991926][ T5927] usb 2-1: config 0 descriptor??
[ 2397.186061][ T5930] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[ 2397.311868][   T30] kauditd_printk_skb: 220 callbacks suppressed
[ 2397.311918][   T30] audit: type=1326 audit(1749875272.006:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.1.9116" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd3539 code=0x0
[ 2397.345660][ T5930] usb 6-1: Using ep0 maxpacket: 8
[ 2397.356476][ T5930] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 2397.377190][ T5930] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2397.399933][ T5930] usb 6-1: Product: syz
[ 2397.404151][ T5930] usb 6-1: Manufacturer: syz
[ 2397.418532][ T5930] usb 6-1: SerialNumber: syz
[ 2397.469761][ T5930] usb 6-1: config 0 descriptor??
[ 2397.501577][ T5930] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 2397.574789][ T5930] usb 6-1: setting power ON
[ 2397.649261][ T5930] dvb-usb: bulk message failed: -22 (2/0)
[ 2397.678968][ T5930] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2397.745802][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2397.774542][ T5930] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 2397.796153][ T5930] usb 6-1: media controller created
[ 2397.854725][ T5930] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2398.079283][ T5930] usb 6-1: selecting invalid altsetting 6
[ 2398.085780][ T5930] usb 6-1: digital interface selection failed (-22)
[ 2398.092511][ T5930] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 2398.092531][ T5927] ath6kl: Failed to submit usb control message: -110
[ 2398.117990][ T5927] ath6kl: unable to send the bmi data to the device: -110
[ 2398.128154][ T5927] ath6kl: Unable to send get target info: -110
[ 2398.144412][ T5927] ath6kl: Failed to init ath6kl core: -110
[ 2398.169970][ T5927] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -110
[ 2398.226519][ T5930] usb 6-1: setting power OFF
[ 2398.263672][ T5930] dvb-usb: bulk message failed: -22 (2/0)
[ 2398.299126][ T5930] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 2398.379893][ T5930] (NULL device *): no alternate interface
[ 2398.540742][ T6471] FAULT_INJECTION: forcing a failure.
[ 2398.540742][ T6471] name failslab, interval 1, probability 0, space 0, times 0
[ 2398.575406][ T6471] CPU: 0 UID: 0 PID: 6471 Comm: syz.3.9126 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2398.575442][ T6471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2398.575455][ T6471] Call Trace:
[ 2398.575464][ T6471]  <TASK>
[ 2398.575473][ T6471]  dump_stack_lvl+0x189/0x250
[ 2398.575510][ T6471]  ? __pfx____ratelimit+0x10/0x10
[ 2398.575540][ T6471]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2398.575571][ T6471]  ? __pfx__printk+0x10/0x10
[ 2398.575608][ T6471]  should_fail_ex+0x414/0x560
[ 2398.575641][ T6471]  should_failslab+0xa8/0x100
[ 2398.575659][ T6471]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 2398.575679][ T6471]  ? skb_clone+0x212/0x3a0
[ 2398.575700][ T6471]  skb_clone+0x212/0x3a0
[ 2398.575719][ T6471]  __netlink_deliver_tap+0x404/0x850
[ 2398.575743][ T6471]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2398.575759][ T6471]  netlink_deliver_tap+0x19c/0x1b0
[ 2398.575775][ T6471]  netlink_sendskb+0x68/0x140
[ 2398.575789][ T6471]  netlink_rcv_skb+0x28c/0x470
[ 2398.575805][ T6471]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2398.575820][ T6471]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2398.575843][ T6471]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2398.575857][ T6471]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2398.575876][ T6471]  netlink_unicast+0x75b/0x8d0
[ 2398.575896][ T6471]  netlink_sendmsg+0x805/0xb30
[ 2398.575917][ T6471]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2398.575934][ T6471]  ? __import_iovec+0x5d4/0x7f0
[ 2398.575946][ T6471]  ? aa_sock_msg_perm+0x94/0x160
[ 2398.575963][ T6471]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2398.575979][ T6471]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2398.575995][ T6471]  __sock_sendmsg+0x219/0x270
[ 2398.576009][ T6471]  ____sys_sendmsg+0x505/0x830
[ 2398.576029][ T6471]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2398.576056][ T6471]  ___sys_sendmsg+0x21f/0x2a0
[ 2398.576074][ T6471]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2398.576114][ T6471]  ? __fget_files+0x2a/0x420
[ 2398.576127][ T6471]  ? __fget_files+0x3a0/0x420
[ 2398.576147][ T6471]  __sys_sendmsg+0x164/0x220
[ 2398.576165][ T6471]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2398.576191][ T6471]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2398.576211][ T6471]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2398.576232][ T6471]  __do_fast_syscall_32+0xb6/0x2b0
[ 2398.576245][ T6471]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2398.576266][ T6471]  do_fast_syscall_32+0x34/0x80
[ 2398.576278][ T6471]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2398.576293][ T6471] RIP: 0023:0xf7f45539
[ 2398.576305][ T6471] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2398.576315][ T6471] RSP: 002b:00000000f506655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2398.576330][ T6471] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[ 2398.576346][ T6471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2398.576353][ T6471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2398.576360][ T6471] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2398.576368][ T6471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2398.576386][ T6471]  </TASK>
[ 2398.785382][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2398.787642][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2398.902169][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2398.920727][ T5930] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 2398.933576][ T5930] usb 6-1: USB disconnect, device number 53
[ 2399.008188][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2399.107660][ T6478] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9127'.
[ 2399.172799][ T6484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2399.194390][ T6484] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2399.385483][ T5927] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 2399.465411][ T5930] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[ 2399.515887][ T5927] usb 4-1: device descriptor read/64, error -71
[ 2399.565388][ T4446] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[ 2399.704622][ T5930] usb 3-1: config index 0 descriptor too short (expected 6427, got 27)
[ 2399.713070][ T5930] usb 3-1: config 0 has an invalid interface association descriptor of length 5, skipping
[ 2399.715590][ T4446] usb 6-1: device descriptor read/64, error -71
[ 2399.730849][ T5930] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2399.743058][ T5930] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2399.752677][ T5930] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 2399.762982][ T5930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2399.783259][ T5930] usb 3-1: config 0 descriptor??
[ 2399.796538][ T5927] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 2399.825330][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2399.936039][ T5927] usb 4-1: device descriptor read/64, error -71
[ 2400.015316][ T4446] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[ 2400.057968][ T5927] usb usb4-port1: attempt power cycle
[ 2400.155405][ T4446] usb 6-1: device descriptor read/64, error -71
[ 2400.286673][ T4446] usb usb6-port1: attempt power cycle
[ 2400.339520][ T6493] netlink: 'syz.0.9131': attribute type 7 has an invalid length.
[ 2400.442527][ T5927] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 2400.482028][ T5927] usb 4-1: device descriptor read/8, error -71
[ 2400.659445][ T4446] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[ 2400.697070][ T4446] usb 6-1: device descriptor read/8, error -71
[ 2400.739133][ T5927] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 2400.785806][ T5927] usb 4-1: device descriptor read/8, error -71
[ 2400.865449][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2400.897772][ T5927] usb usb4-port1: unable to enumerate USB device
[ 2400.946332][ T4446] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[ 2400.999547][ T4446] usb 6-1: device descriptor read/8, error -71
[ 2401.133112][ T4446] usb usb6-port1: unable to enumerate USB device
[ 2401.906306][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2402.084904][ T5930] usb 3-1: USB disconnect, device number 3
[ 2402.493971][ T4446] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[ 2402.655511][ T4446] usb 6-1: Using ep0 maxpacket: 16
[ 2402.669010][ T4446] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[ 2402.712361][ T4446] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2402.766302][ T4446] usb 6-1: config 0 descriptor??
[ 2402.829434][ T4446] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[ 2402.945298][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2403.009880][ T4446] usb 6-1: Detected FT232B
[ 2403.225347][ T4446] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 2403.264423][ T4446] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 2403.317764][ T4446] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2403.370865][ T4446] usb 6-1: USB disconnect, device number 58
[ 2403.436107][ T4446] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2403.463582][ T4446] ftdi_sio 6-1:0.0: device disconnected
[ 2403.614353][ T3082] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 2403.775642][ T3082] usb 4-1: Using ep0 maxpacket: 32
[ 2403.807761][ T3082] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 2403.818353][ T3082] usb 4-1: config 244 has an invalid interface number: 68 but max is 0
[ 2403.835750][ T3082] usb 4-1: config 244 has no interface number 0
[ 2403.846968][ T3082] usb 4-1: config 244 interface 68 altsetting 3 bulk endpoint 0x3 has invalid maxpacket 8
[ 2403.878989][ T3082] usb 4-1: config 244 interface 68 altsetting 3 endpoint 0x4 has invalid maxpacket 255, setting to 64
[ 2403.894778][ T3082] usb 4-1: config 244 interface 68 altsetting 3 endpoint 0xA has invalid wMaxPacketSize 0
[ 2403.912521][ T3082] usb 4-1: config 244 interface 68 has no altsetting 0
[ 2403.923278][ T3082] usb 4-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=24.0f
[ 2403.947832][ T5930] usb 2-1: USB disconnect, device number 20
[ 2403.969446][ T3082] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2403.983337][ T3082] usb 4-1: Product: syz
[ 2403.987951][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2404.019940][ T3082] usb 4-1: Manufacturer: syz
[ 2404.024609][ T3082] usb 4-1: SerialNumber: syz
[ 2404.117257][ T6510] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 2404.466131][ T3082] comedi comedi0: Endpoint has wrong direction
[ 2404.473322][ T3082] dt9812 4-1:244.68: driver 'dt9812' failed to auto-configure device.
[ 2404.551042][ T5930] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 2404.586002][ T3082] usb 4-1: USB disconnect, device number 7
[ 2404.729917][ T5930] usb 2-1: Using ep0 maxpacket: 32
[ 2404.756695][ T5930] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[ 2404.782073][ T5930] usb 2-1: config 0 has no interface number 0
[ 2404.808533][ T5930] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 2404.817923][ T5251] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[ 2404.835011][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2404.853402][ T5930] usb 2-1: Product: syz
[ 2404.877753][ T5930] usb 2-1: Manufacturer: syz
[ 2404.886638][ T5930] usb 2-1: SerialNumber: syz
[ 2404.905655][ T5930] usb 2-1: config 0 descriptor??
[ 2405.025312][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2405.202307][ T5930] smsc95xx v2.0.0
[ 2405.206519][ T5930] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 2405.236761][ T5930] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -22
[ 2405.266736][ T5251] usb 6-1: Using ep0 maxpacket: 16
[ 2405.278181][ T5251] usb 6-1: config 0 has no interfaces?
[ 2405.288952][ T5251] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 2405.299009][ T5251] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2405.335602][ T5251] usb 6-1: Product: syz
[ 2405.365548][ T5251] usb 6-1: Manufacturer: syz
[ 2405.371811][ T5251] usb 6-1: SerialNumber: syz
[ 2405.434446][ T5251] usb 6-1: config 0 descriptor??
[ 2405.480326][ T5251] usb 2-1: USB disconnect, device number 21
[ 2405.699790][ T6528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2405.709351][ T6528] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2406.023111][ T6544] FAULT_INJECTION: forcing a failure.
[ 2406.023111][ T6544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2406.065270][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2406.192564][ T6544] CPU: 0 UID: 0 PID: 6544 Comm: syz.2.9143 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2406.192595][ T6544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2406.192607][ T6544] Call Trace:
[ 2406.192616][ T6544]  <TASK>
[ 2406.192624][ T6544]  dump_stack_lvl+0x189/0x250
[ 2406.192659][ T6544]  ? __pfx____ratelimit+0x10/0x10
[ 2406.192689][ T6544]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2406.192720][ T6544]  ? __pfx__printk+0x10/0x10
[ 2406.192742][ T6544]  ? __might_fault+0xb0/0x130
[ 2406.192775][ T6544]  should_fail_ex+0x414/0x560
[ 2406.192805][ T6544]  _copy_from_user+0x2d/0xb0
[ 2406.192828][ T6544]  get_compat_msghdr+0xad/0x4a0
[ 2406.192860][ T6544]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2406.192899][ T6544]  ___sys_sendmsg+0x193/0x2a0
[ 2406.192926][ T6544]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2406.192989][ T6544]  ? __fget_files+0x2a/0x420
[ 2406.193011][ T6544]  ? __fget_files+0x3a0/0x420
[ 2406.193043][ T6544]  __sys_sendmsg+0x164/0x220
[ 2406.193072][ T6544]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2406.193111][ T6544]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2406.193142][ T6544]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2406.193174][ T6544]  __do_fast_syscall_32+0xb6/0x2b0
[ 2406.193195][ T6544]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2406.193229][ T6544]  do_fast_syscall_32+0x34/0x80
[ 2406.193248][ T6544]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2406.193281][ T6544] RIP: 0023:0xf707e539
[ 2406.193300][ T6544] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2406.193315][ T6544] RSP: 002b:00000000f506e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2406.193338][ T6544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[ 2406.193353][ T6544] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[ 2406.193371][ T6544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2406.193382][ T6544] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2406.193395][ T6544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2406.193425][ T6544]  </TASK>
[ 2406.404544][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2406.483611][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 2406.492244][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 2406.510592][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2407.004142][   T30] audit: type=1326 audit(1749875281.696:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097415][   T30] audit: type=1326 audit(1749875281.696:2758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=447 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097476][   T30] audit: type=1326 audit(1749875281.696:2759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097524][   T30] audit: type=1326 audit(1749875281.696:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097572][   T30] audit: type=1326 audit(1749875281.696:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097618][   T30] audit: type=1326 audit(1749875281.696:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097667][   T30] audit: type=1326 audit(1749875281.696:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097717][   T30] audit: type=1326 audit(1749875281.726:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097768][   T30] audit: type=1326 audit(1749875281.746:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.097813][   T30] audit: type=1326 audit(1749875281.786:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6551 comm="syz.0.9147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ee539 code=0x7ffc0000
[ 2407.105419][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2407.193691][T17150] usb 6-1: USB disconnect, device number 59
[ 2407.227248][ T6560] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9142'.
[ 2407.709284][ T6565] netlink: 'syz.5.9149': attribute type 7 has an invalid length.
[ 2407.781123][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2407.994541][ T6571] FAULT_INJECTION: forcing a failure.
[ 2407.994541][ T6571] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2407.994579][ T6571] CPU: 0 UID: 0 PID: 6571 Comm: syz.1.9150 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2407.994603][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2407.994615][ T6571] Call Trace:
[ 2407.994624][ T6571]  <TASK>
[ 2407.994634][ T6571]  dump_stack_lvl+0x189/0x250
[ 2407.994670][ T6571]  ? __pfx____ratelimit+0x10/0x10
[ 2407.994701][ T6571]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2407.994732][ T6571]  ? __pfx__printk+0x10/0x10
[ 2407.994755][ T6571]  ? __might_fault+0xb0/0x130
[ 2407.994788][ T6571]  should_fail_ex+0x414/0x560
[ 2407.994819][ T6571]  _copy_from_iter+0x1db/0x16f0
[ 2407.994855][ T6571]  ? rcu_is_watching+0x15/0xb0
[ 2407.994889][ T6571]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 2407.994912][ T6571]  ? __pfx__copy_from_iter+0x10/0x10
[ 2407.994945][ T6571]  ? __build_skb_around+0x257/0x3e0
[ 2407.994973][ T6571]  ? netlink_sendmsg+0x642/0xb30
[ 2407.994996][ T6571]  ? skb_put+0x11b/0x210
[ 2407.995030][ T6571]  netlink_sendmsg+0x6b2/0xb30
[ 2407.995065][ T6571]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2407.995093][ T6571]  ? __import_iovec+0x5d4/0x7f0
[ 2407.995112][ T6571]  ? aa_sock_msg_perm+0x94/0x160
[ 2407.995141][ T6571]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2407.995165][ T6571]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2407.995190][ T6571]  __sock_sendmsg+0x219/0x270
[ 2407.995222][ T6571]  ____sys_sendmsg+0x505/0x830
[ 2407.995254][ T6571]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2407.995298][ T6571]  ___sys_sendmsg+0x21f/0x2a0
[ 2407.995327][ T6571]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2407.995393][ T6571]  ? __fget_files+0x2a/0x420
[ 2407.995414][ T6571]  ? __fget_files+0x3a0/0x420
[ 2407.995447][ T6571]  __sys_sendmsg+0x164/0x220
[ 2407.995475][ T6571]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2407.995518][ T6571]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2407.995552][ T6571]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2407.995584][ T6571]  __do_fast_syscall_32+0xb6/0x2b0
[ 2407.995606][ T6571]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2407.995641][ T6571]  do_fast_syscall_32+0x34/0x80
[ 2407.995661][ T6571]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2407.995686][ T6571] RIP: 0023:0xf7fd3539
[ 2407.995703][ T6571] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2407.995719][ T6571] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2407.995742][ T6571] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[ 2407.995757][ T6571] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2407.995769][ T6571] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2407.995782][ T6571] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2407.995794][ T6571] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2407.995824][ T6571]  </TASK>
[ 2408.166051][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2408.627225][ T5927] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[ 2408.797429][ T5927] usb 6-1: Using ep0 maxpacket: 32
[ 2408.806153][ T5927] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 2408.807399][ T5927] usb 6-1: config 244 has an invalid interface number: 68 but max is 0
[ 2408.807425][ T5927] usb 6-1: config 244 has no interface number 0
[ 2408.807475][ T5927] usb 6-1: config 244 interface 68 altsetting 3 bulk endpoint 0x3 has invalid maxpacket 8
[ 2408.807503][ T5927] usb 6-1: config 244 interface 68 altsetting 3 endpoint 0x4 has invalid maxpacket 255, setting to 64
[ 2408.807532][ T5927] usb 6-1: config 244 interface 68 altsetting 3 endpoint 0xA has invalid wMaxPacketSize 0
[ 2408.807557][ T5927] usb 6-1: config 244 interface 68 has no altsetting 0
[ 2408.809615][ T5927] usb 6-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=24.0f
[ 2408.809634][ T5927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2408.809647][ T5927] usb 6-1: Product: syz
[ 2408.809656][ T5927] usb 6-1: Manufacturer: syz
[ 2408.809666][ T5927] usb 6-1: SerialNumber: syz
[ 2408.813149][ T6576] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2409.185832][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2410.225255][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2410.276852][ T6557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9146'.
[ 2410.377497][ T6557] trusted_key: encrypted_key: insufficient parameters specified
[ 2411.265294][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2411.333996][ T5927] comedi comedi0: Endpoint has wrong direction
[ 2411.384517][ T5927] dt9812 6-1:244.68: driver 'dt9812' failed to auto-configure device.
[ 2411.471241][ T5927] usb 6-1: USB disconnect, device number 60
[ 2411.762325][ T6614] netlink: 'syz.0.9163': attribute type 7 has an invalid length.
[ 2411.791665][ T6612] syz.5.9161 (6612): drop_caches: 2
[ 2411.960560][ T6621] ipvlan0: entered allmulticast mode
[ 2411.995845][ T6621] veth0_vlan: entered allmulticast mode
[ 2412.137512][ T6628] ip6t_REJECT: TCP_RESET illegal for non-tcp
[ 2412.165350][ T5927] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 2412.305324][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2412.315580][ T5927] usb 3-1: Using ep0 maxpacket: 16
[ 2412.335503][ T5927] usb 3-1: too many configurations: 60, using maximum allowed: 8
[ 2412.383256][ T5927] usb 3-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9
[ 2412.395324][ T5927] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=204
[ 2412.403680][ T5927] usb 3-1: Product: syz
[ 2412.408691][ T5927] usb 3-1: Manufacturer: syz
[ 2412.413420][ T5927] usb 3-1: SerialNumber: syz
[ 2412.422880][ T5927] usb 3-1: config 0 descriptor??
[ 2412.432507][ T5927] pwc: Philips SPC 880NC USB webcam detected.
[ 2412.687240][ T5927] pwc: Warning: more than 1 configuration available.
[ 2412.716528][ T5927] pwc: Failed to set LED on/off time (-71)
[ 2412.730370][ T5927] pwc: send_video_command error -71
[ 2412.737852][ T5927] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 2412.748264][ T5927] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[ 2412.769151][ T5927] usb 3-1: USB disconnect, device number 4
[ 2413.345400][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2413.402666][ T6650] FAULT_INJECTION: forcing a failure.
[ 2413.402666][ T6650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2413.475342][ T6650] CPU: 1 UID: 0 PID: 6650 Comm: syz.0.9172 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2413.475364][ T6650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2413.475372][ T6650] Call Trace:
[ 2413.475377][ T6650]  <TASK>
[ 2413.475383][ T6650]  dump_stack_lvl+0x189/0x250
[ 2413.475408][ T6650]  ? __pfx____ratelimit+0x10/0x10
[ 2413.475428][ T6650]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2413.475447][ T6650]  ? __pfx__printk+0x10/0x10
[ 2413.475468][ T6650]  should_fail_ex+0x414/0x560
[ 2413.475488][ T6650]  _copy_to_user+0x31/0xb0
[ 2413.475502][ T6650]  simple_read_from_buffer+0xe1/0x170
[ 2413.475519][ T6650]  proc_fail_nth_read+0x1df/0x250
[ 2413.475536][ T6650]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2413.475553][ T6650]  ? rw_verify_area+0x258/0x650
[ 2413.475571][ T6650]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2413.475586][ T6650]  vfs_read+0x1fd/0x980
[ 2413.475609][ T6650]  ? __pfx___mutex_lock+0x10/0x10
[ 2413.475621][ T6650]  ? __pfx_vfs_read+0x10/0x10
[ 2413.475646][ T6650]  ? __fget_files+0x2a/0x420
[ 2413.475662][ T6650]  ? __fget_files+0x3a0/0x420
[ 2413.475675][ T6650]  ? __fget_files+0x2a/0x420
[ 2413.475694][ T6650]  ksys_read+0x145/0x250
[ 2413.475706][ T6650]  ? __pfx_ksys_read+0x10/0x10
[ 2413.475727][ T6650]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2413.475747][ T6650]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2413.475768][ T6650]  __do_fast_syscall_32+0xb6/0x2b0
[ 2413.475780][ T6650]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2413.475802][ T6650]  do_fast_syscall_32+0x34/0x80
[ 2413.475814][ T6650]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2413.475829][ T6650] RIP: 0023:0xf70ee539
[ 2413.475841][ T6650] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2413.475852][ T6650] RSP: 002b:00000000f50bd590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2413.475867][ T6650] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50bd620
[ 2413.475876][ T6650] RDX: 000000000000000f RSI: 00000000f7452ff4 RDI: 0000000000000000
[ 2413.475883][ T6650] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2413.475891][ T6650] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2413.475898][ T6650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2413.475916][ T6650]  </TASK>
[ 2414.142412][ T6661] netlink: 'syz.5.9176': attribute type 7 has an invalid length.
[ 2414.385250][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2414.846091][ T6676] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 2414.868101][ T6675] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2415.425567][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2415.702452][ T6694] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9183'.
[ 2416.465254][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2416.975467][T17150] usb 2-1: new low-speed USB device number 22 using dummy_hcd
[ 2417.063521][ T6705] netlink: 'syz.0.9188': attribute type 7 has an invalid length.
[ 2417.231538][T17150] usb 2-1: config index 0 descriptor too short (expected 6427, got 27)
[ 2417.305531][T17150] usb 2-1: config 0 has an invalid interface association descriptor of length 5, skipping
[ 2417.362103][T17150] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2417.407127][T17150] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2417.472498][T17150] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 2417.505281][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2417.527075][T17150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2417.617562][T17150] usb 2-1: config 0 descriptor??
[ 2418.199800][ T6728] FAULT_INJECTION: forcing a failure.
[ 2418.199800][ T6728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2418.219968][ T6728] CPU: 0 UID: 0 PID: 6728 Comm: syz.5.9196 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2418.219989][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2418.219997][ T6728] Call Trace:
[ 2418.220002][ T6728]  <TASK>
[ 2418.220010][ T6728]  dump_stack_lvl+0x189/0x250
[ 2418.220037][ T6728]  ? __pfx____ratelimit+0x10/0x10
[ 2418.220058][ T6728]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2418.220077][ T6728]  ? __pfx__printk+0x10/0x10
[ 2418.220098][ T6728]  should_fail_ex+0x414/0x560
[ 2418.220118][ T6728]  _copy_to_user+0x31/0xb0
[ 2418.220133][ T6728]  simple_read_from_buffer+0xe1/0x170
[ 2418.220149][ T6728]  proc_fail_nth_read+0x1df/0x250
[ 2418.220167][ T6728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2418.220184][ T6728]  ? rw_verify_area+0x258/0x650
[ 2418.220202][ T6728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2418.220218][ T6728]  vfs_read+0x1fd/0x980
[ 2418.220241][ T6728]  ? __pfx___mutex_lock+0x10/0x10
[ 2418.220253][ T6728]  ? __pfx_vfs_read+0x10/0x10
[ 2418.220281][ T6728]  ? __fget_files+0x2a/0x420
[ 2418.220298][ T6728]  ? __fget_files+0x3a0/0x420
[ 2418.220311][ T6728]  ? __fget_files+0x2a/0x420
[ 2418.220330][ T6728]  ksys_read+0x145/0x250
[ 2418.220343][ T6728]  ? __pfx_ksys_read+0x10/0x10
[ 2418.220363][ T6728]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2418.220383][ T6728]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2418.220404][ T6728]  __do_fast_syscall_32+0xb6/0x2b0
[ 2418.220416][ T6728]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2418.220438][ T6728]  do_fast_syscall_32+0x34/0x80
[ 2418.220450][ T6728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2418.220465][ T6728] RIP: 0023:0xf7fd6539
[ 2418.220477][ T6728] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2418.220487][ T6728] RSP: 002b:00000000f50f6590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2418.220502][ T6728] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50f6620
[ 2418.220511][ T6728] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000
[ 2418.220519][ T6728] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2418.220526][ T6728] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2418.220533][ T6728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2418.220551][ T6728]  </TASK>
[ 2418.453028][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2418.545239][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2419.006912][ T6733] netlink: 'syz.3.9197': attribute type 1 has an invalid length.
[ 2419.486979][ T6735] FAULT_INJECTION: forcing a failure.
[ 2419.486979][ T6735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2419.502819][ T6735] CPU: 1 UID: 0 PID: 6735 Comm: syz.3.9198 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2419.502840][ T6735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2419.502847][ T6735] Call Trace:
[ 2419.502853][ T6735]  <TASK>
[ 2419.502858][ T6735]  dump_stack_lvl+0x189/0x250
[ 2419.502884][ T6735]  ? __pfx____ratelimit+0x10/0x10
[ 2419.502904][ T6735]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2419.502924][ T6735]  ? __pfx__printk+0x10/0x10
[ 2419.502944][ T6735]  should_fail_ex+0x414/0x560
[ 2419.502964][ T6735]  _copy_to_user+0x31/0xb0
[ 2419.502980][ T6735]  simple_read_from_buffer+0xe1/0x170
[ 2419.502999][ T6735]  proc_fail_nth_read+0x1df/0x250
[ 2419.503016][ T6735]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2419.503033][ T6735]  ? rw_verify_area+0x258/0x650
[ 2419.503051][ T6735]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2419.503067][ T6735]  vfs_read+0x1fd/0x980
[ 2419.503089][ T6735]  ? __pfx___mutex_lock+0x10/0x10
[ 2419.503102][ T6735]  ? __pfx_vfs_read+0x10/0x10
[ 2419.503122][ T6735]  ? __fget_files+0x2a/0x420
[ 2419.503139][ T6735]  ? __fget_files+0x3a0/0x420
[ 2419.503151][ T6735]  ? __fget_files+0x2a/0x420
[ 2419.503171][ T6735]  ksys_read+0x145/0x250
[ 2419.503183][ T6735]  ? __pfx_ksys_read+0x10/0x10
[ 2419.503204][ T6735]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2419.503224][ T6735]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2419.503252][ T6735]  __do_fast_syscall_32+0xb6/0x2b0
[ 2419.503265][ T6735]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2419.503286][ T6735]  do_fast_syscall_32+0x34/0x80
[ 2419.503298][ T6735]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2419.503313][ T6735] RIP: 0023:0xf7f45539
[ 2419.503324][ T6735] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2419.503335][ T6735] RSP: 002b:00000000f5066590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2419.503350][ T6735] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5066620
[ 2419.503359][ T6735] RDX: 000000000000000f RSI: 00000000f73d2ff4 RDI: 0000000000000000
[ 2419.503367][ T6735] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2419.503374][ T6735] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2419.503381][ T6735] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2419.503398][ T6735]  </TASK>
[ 2419.733611][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2419.950051][ T5251] usb 2-1: USB disconnect, device number 22
[ 2420.275509][ T6742] netlink: 'syz.3.9202': attribute type 7 has an invalid length.
[ 2420.785338][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2421.426513][ T6753] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9201'.
[ 2421.826118][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2422.627502][ T6783] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 2422.690592][ T4446] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[ 2422.865346][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2422.922121][ T4446] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2422.935205][ T4446] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2422.965015][ T4446] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2423.007775][ T4446] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2423.048672][ T4446] usb 6-1: SerialNumber: syz
[ 2423.450029][ T4446] usb 6-1: 0:2 : does not exist
[ 2423.535581][ T4446] usb 6-1: USB disconnect, device number 61
[ 2423.665146][ T6459] udevd[6459]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2423.905419][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2424.406014][ T5251] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 2424.568584][ T5251] usb 3-1: config 0 has an invalid interface number: 66 but max is 0
[ 2424.579345][ T5251] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2424.594840][ T5251] usb 3-1: config 0 has no interface number 0
[ 2424.605008][ T5251] usb 3-1: config 0 interface 66 has no altsetting 0
[ 2424.615662][ T5251] usb 3-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 2424.634861][ T5251] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2424.645632][    T9] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[ 2424.656858][ T5251] usb 3-1: config 0 descriptor??
[ 2424.674636][ T5251] usb 3-1: selecting invalid altsetting 0
[ 2424.808939][    T9] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 2424.827856][    T9] usb 4-1: config 0 has no interface number 0
[ 2424.842168][    T9] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2424.873787][    T9] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 2424.901583][    T9] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 2424.927212][    T9] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2424.945303][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2424.962970][    T9] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 2424.995491][    T9] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 2425.015502][    T9] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 2425.015601][ T6817] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[ 2425.024762][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2425.031259][ T6817] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 2425.060358][    T9] usb 4-1: config 0 descriptor??
[ 2425.087315][ T6811] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 2425.097064][ T6811] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 2425.120820][    T9] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 2425.133004][ T6817] vhci_hcd vhci_hcd.0: Device attached
[ 2425.316162][ T5930] vhci_hcd: vhci_device speed not set
[ 2425.365508][ T6811] ldusb 4-1:0.55: Write buffer overflow, 1 bytes dropped
[ 2425.395362][ T5930] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[ 2425.985346][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2426.369843][ T6173] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2426.509047][ T6173] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2426.603186][ T6841] kvm: kvm [6840]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0x3
[ 2426.652956][ T6841] kvm: kvm [6840]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x186) = 0x3
[ 2426.732602][ T6173] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2426.746026][ T6841] fuse: Bad value for 'fd'
[ 2426.861247][ T6173] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2427.025371][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2427.035387][ T6819] vhci_hcd: connection reset by peer
[ 2427.044090][ T5251] usb 3-1: USB disconnect, device number 5
[ 2427.123547][T16431] vhci_hcd: stop threads
[ 2427.151997][T16431] vhci_hcd: release socket
[ 2427.207978][T16431] vhci_hcd: disconnect device
[ 2427.441768][ T5251] usb 4-1: USB disconnect, device number 8
[ 2427.478020][ T5251] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[ 2427.708547][ T6860] FAULT_INJECTION: forcing a failure.
[ 2427.708547][ T6860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2427.742097][ T6860] CPU: 1 UID: 0 PID: 6860 Comm: syz.0.9233 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2427.742118][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2427.742126][ T6860] Call Trace:
[ 2427.742132][ T6860]  <TASK>
[ 2427.742137][ T6860]  dump_stack_lvl+0x189/0x250
[ 2427.742162][ T6860]  ? __pfx____ratelimit+0x10/0x10
[ 2427.742182][ T6860]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2427.742201][ T6860]  ? __pfx__printk+0x10/0x10
[ 2427.742215][ T6860]  ? __might_fault+0xb0/0x130
[ 2427.742233][ T6860]  should_fail_ex+0x414/0x560
[ 2427.742253][ T6860]  _copy_from_user+0x2d/0xb0
[ 2427.742266][ T6860]  get_compat_msghdr+0xad/0x4a0
[ 2427.742287][ T6860]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2427.742311][ T6860]  ___sys_sendmsg+0x193/0x2a0
[ 2427.742329][ T6860]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2427.742366][ T6860]  ? __fget_files+0x2a/0x420
[ 2427.742379][ T6860]  ? __fget_files+0x3a0/0x420
[ 2427.742398][ T6860]  __sys_sendmmsg+0x28e/0x430
[ 2427.742422][ T6860]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2427.742444][ T6860]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2427.742468][ T6860]  ? ksys_write+0x22a/0x250
[ 2427.742486][ T6860]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 2427.742505][ T6860]  __do_fast_syscall_32+0xb6/0x2b0
[ 2427.742518][ T6860]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2427.742539][ T6860]  do_fast_syscall_32+0x34/0x80
[ 2427.742552][ T6860]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2427.742566][ T6860] RIP: 0023:0xf70ee539
[ 2427.742579][ T6860] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2427.742590][ T6860] RSP: 002b:00000000f50de55c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 2427.742605][ T6860] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[ 2427.742614][ T6860] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 2427.742622][ T6860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2427.742629][ T6860] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2427.742636][ T6860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2427.742654][ T6860]  </TASK>
[ 2428.065296][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2428.501667][ T6867] FAULT_INJECTION: forcing a failure.
[ 2428.501667][ T6867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2428.589400][ T6867] CPU: 1 UID: 0 PID: 6867 Comm: syz.0.9235 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2428.589432][ T6867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2428.589444][ T6867] Call Trace:
[ 2428.589453][ T6867]  <TASK>
[ 2428.589463][ T6867]  dump_stack_lvl+0x189/0x250
[ 2428.589499][ T6867]  ? __pfx____ratelimit+0x10/0x10
[ 2428.589530][ T6867]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2428.589562][ T6867]  ? __pfx__printk+0x10/0x10
[ 2428.589599][ T6867]  should_fail_ex+0x414/0x560
[ 2428.589633][ T6867]  _copy_to_user+0x31/0xb0
[ 2428.589660][ T6867]  simple_read_from_buffer+0xe1/0x170
[ 2428.589687][ T6867]  proc_fail_nth_read+0x1df/0x250
[ 2428.589716][ T6867]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2428.589744][ T6867]  ? rw_verify_area+0x258/0x650
[ 2428.589776][ T6867]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2428.589803][ T6867]  vfs_read+0x1fd/0x980
[ 2428.589839][ T6867]  ? __pfx___mutex_lock+0x10/0x10
[ 2428.589860][ T6867]  ? __pfx_vfs_read+0x10/0x10
[ 2428.589902][ T6867]  ? __fget_files+0x2a/0x420
[ 2428.589928][ T6867]  ? __fget_files+0x3a0/0x420
[ 2428.589951][ T6867]  ? __fget_files+0x2a/0x420
[ 2428.589984][ T6867]  ksys_read+0x145/0x250
[ 2428.590005][ T6867]  ? __pfx_ksys_read+0x10/0x10
[ 2428.590039][ T6867]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2428.590073][ T6867]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2428.590105][ T6867]  __do_fast_syscall_32+0xb6/0x2b0
[ 2428.590127][ T6867]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2428.590161][ T6867]  do_fast_syscall_32+0x34/0x80
[ 2428.590181][ T6867]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2428.590205][ T6867] RIP: 0023:0xf70ee539
[ 2428.590223][ T6867] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2428.590241][ T6867] RSP: 002b:00000000f50de590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2428.590263][ T6867] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50de620
[ 2428.590278][ T6867] RDX: 000000000000000f RSI: 00000000f7452ff4 RDI: 0000000000000000
[ 2428.590291][ T6867] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 2428.590304][ T6867] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2428.590317][ T6867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2428.590348][ T6867]  </TASK>
[ 2429.115817][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2429.164694][ T6876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2429.183914][ T6876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2430.043967][ T6173] bond0 (unregistering): left promiscuous mode
[ 2430.052163][ T6173] bond_slave_0: left promiscuous mode
[ 2430.063553][ T6173] bond_slave_1: left promiscuous mode
[ 2430.098179][ T6173] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2430.116843][ T6173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2430.133203][ T6173] bond0 (unregistering): Released all slaves
[ 2430.155269][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2430.268781][T29573] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2430.301764][T29573] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2430.323308][T29573] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2430.341352][T29573] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2430.350871][T29573] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2430.443097][ T6173] bond1 (unregistering): Released all slaves
[ 2430.557248][ T5930] vhci_hcd: vhci_device speed not set
[ 2431.185441][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 2431.235745][    T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 2431.335970][ T6173] ------------[ cut here ]------------
[ 2431.341503][ T6173] Have pending ack frames!
[ 2431.401928][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2431.413796][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2431.431018][    T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2431.441964][ T6173] WARNING: CPU: 0 PID: 6173 at net/mac80211/main.c:1715 ieee80211_free_ack_frame+0x4d/0x60
[ 2431.452154][ T6173] Modules linked in:
[ 2431.456595][ T6173] CPU: 0 UID: 0 PID: 6173 Comm: kworker/u8:9 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2431.468797][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2431.478893][ T6173] Workqueue: netns cleanup_net
[ 2431.483914][ T6173] RIP: 0010:ieee80211_free_ack_frame+0x4d/0x60
[ 2431.490345][ T6173] Code: 00 00 e8 36 7d 71 fe 31 c0 5b e9 fe 82 94 00 cc e8 98 c8 eb f6 c6 05 3c 7f b6 04 01 90 48 c7 c7 60 12 ae 8c e8 44 73 af f6 90 <0f> 0b 90 90 eb c8 cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90
[ 2431.510432][ T6173] RSP: 0018:ffffc9001af7f610 EFLAGS: 00010246
[ 2431.516580][ T6173] RAX: ada8ec1ec3100900 RBX: ffff888023e5db40 RCX: ffff88802783bc00
[ 2431.524552][ T6173] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 2431.532745][ T6173] RBP: ffffc9001af7f718 R08: 0000000000000003 R09: 0000000000000004
[ 2431.540819][ T6173] R10: dffffc0000000000 R11: fffffbfff1bfa9ec R12: ffffc9001af7f680
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2431.548832][ T6173] R13: ffff888054dc8b30 R14: ffff88803d80afa8 R15: 0000000000000001
[ 2431.556848][ T6173] FS:  0000000000000000(0000) GS:ffff888125c52000(0000) knlGS:0000000000000000
[ 2431.565809][ T6173] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2431.572403][ T6173] CR2: 0000000056d6c414 CR3: 0000000030ed6000 CR4: 00000000003526f0
[ 2431.580443][ T6173] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2431.588990][ T6173] DR3: 00000000000032e7 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2431.597514][ T6173] Call Trace:
[ 2431.600835][ T6173]  <TASK>
[ 2431.603801][ T6173]  idr_for_each+0x1b5/0x290
[ 2431.608785][ T6173]  ? __pfx_ieee80211_free_ack_frame+0x10/0x10
[ 2431.614936][ T6173]  ? __pfx_idr_for_each+0x10/0x10
[ 2431.620090][ T6173]  ? kobject_put+0x270/0x480
[ 2431.624727][ T6173]  ? kfree+0x18e/0x440
[ 2431.628908][ T6173]  ieee80211_free_hw+0xc6/0x480
[ 2431.633813][ T6173]  mac80211_hwsim_del_radio+0x2de/0x460
[ 2431.639749][ T6173]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[ 2431.645975][ T6173]  hwsim_exit_net+0x584/0x640
[ 2431.650709][ T6173]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 2431.657321][ T6173]  ? __ip_vs_dev_cleanup_batch+0x238/0x260
[ 2431.663226][ T6173]  ops_undo_list+0x49a/0x990
[ 2431.667908][ T6173]  ? __pfx_ops_undo_list+0x10/0x10
[ 2431.673067][ T6173]  cleanup_net+0x4c5/0x800
[ 2431.677676][ T6173]  ? __pfx_cleanup_net+0x10/0x10
[ 2431.682658][ T6173]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2431.688370][ T6173]  ? process_scheduled_works+0x9ef/0x17b0
[ 2431.694527][ T6173]  ? process_scheduled_works+0x9ef/0x17b0
[ 2431.700370][ T6173]  process_scheduled_works+0xae1/0x17b0
[ 2431.706401][ T6173]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2431.712622][ T6173]  worker_thread+0x8a0/0xda0
[ 2431.717351][ T6173]  kthread+0x70e/0x8a0
[ 2431.721560][ T6173]  ? __pfx_worker_thread+0x10/0x10
[ 2431.726767][ T6173]  ? __pfx_kthread+0x10/0x10
[ 2431.731426][ T6173]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2431.736774][ T6173]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2431.742023][ T6173]  ? __pfx_kthread+0x10/0x10
[ 2431.746828][ T6173]  ret_from_fork+0x3fc/0x770
[ 2431.751486][ T6173]  ? __pfx_ret_from_fork+0x10/0x10
[ 2431.756692][ T6173]  ? __switch_to_asm+0x39/0x70
[ 2431.761517][ T6173]  ? __switch_to_asm+0x33/0x70
[ 2431.766362][ T6173]  ? __pfx_kthread+0x10/0x10
[ 2431.770998][ T6173]  ret_from_fork_asm+0x1a/0x30
[ 2431.775867][ T6173]  </TASK>
[ 2431.778953][ T6173] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2431.786267][ T6173] CPU: 0 UID: 0 PID: 6173 Comm: kworker/u8:9 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(full) 
[ 2431.798456][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2431.808535][ T6173] Workqueue: netns cleanup_net
[ 2431.813341][ T6173] Call Trace:
[ 2431.816619][ T6173]  <TASK>
[ 2431.819551][ T6173]  dump_stack_lvl+0x99/0x250
[ 2431.824165][ T6173]  ? __asan_memcpy+0x40/0x70
[ 2431.828771][ T6173]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2431.833981][ T6173]  ? __pfx__printk+0x10/0x10
[ 2431.838584][ T6173]  panic+0x2db/0x790
[ 2431.842490][ T6173]  ? __pfx_panic+0x10/0x10
[ 2431.846919][ T6173]  ? ret_from_fork_asm+0x1a/0x30
[ 2431.851861][ T6173]  __warn+0x31b/0x4b0
[ 2431.855883][ T6173]  ? ieee80211_free_ack_frame+0x4d/0x60
[ 2431.861447][ T6173]  ? ieee80211_free_ack_frame+0x4d/0x60
[ 2431.867000][ T6173]  report_bug+0x2be/0x4f0
[ 2431.871356][ T6173]  ? ieee80211_free_ack_frame+0x4d/0x60
[ 2431.876923][ T6173]  ? ieee80211_free_ack_frame+0x4d/0x60
[ 2431.882483][ T6173]  ? ieee80211_free_ack_frame+0x4f/0x60
[ 2431.888063][ T6173]  handle_bug+0x84/0x160
[ 2431.892321][ T6173]  exc_invalid_op+0x1a/0x50
[ 2431.896832][ T6173]  asm_exc_invalid_op+0x1a/0x20
[ 2431.901687][ T6173] RIP: 0010:ieee80211_free_ack_frame+0x4d/0x60
[ 2431.907851][ T6173] Code: 00 00 e8 36 7d 71 fe 31 c0 5b e9 fe 82 94 00 cc e8 98 c8 eb f6 c6 05 3c 7f b6 04 01 90 48 c7 c7 60 12 ae 8c e8 44 73 af f6 90 <0f> 0b 90 90 eb c8 cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90
[ 2431.927489][ T6173] RSP: 0018:ffffc9001af7f610 EFLAGS: 00010246
[ 2431.933575][ T6173] RAX: ada8ec1ec3100900 RBX: ffff888023e5db40 RCX: ffff88802783bc00
[ 2431.941549][ T6173] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 2431.949517][ T6173] RBP: ffffc9001af7f718 R08: 0000000000000003 R09: 0000000000000004
[ 2431.957499][ T6173] R10: dffffc0000000000 R11: fffffbfff1bfa9ec R12: ffffc9001af7f680
[ 2431.965478][ T6173] R13: ffff888054dc8b30 R14: ffff88803d80afa8 R15: 0000000000000001
[ 2431.973465][ T6173]  idr_for_each+0x1b5/0x290
[ 2431.977985][ T6173]  ? __pfx_ieee80211_free_ack_frame+0x10/0x10
[ 2431.984065][ T6173]  ? __pfx_idr_for_each+0x10/0x10
[ 2431.989109][ T6173]  ? kobject_put+0x270/0x480
[ 2431.993700][ T6173]  ? kfree+0x18e/0x440
[ 2431.997782][ T6173]  ieee80211_free_hw+0xc6/0x480
[ 2432.002638][ T6173]  mac80211_hwsim_del_radio+0x2de/0x460
[ 2432.008184][ T6173]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[ 2432.014257][ T6173]  hwsim_exit_net+0x584/0x640
[ 2432.018939][ T6173]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 2432.024144][ T6173]  ? __ip_vs_dev_cleanup_batch+0x238/0x260
[ 2432.029959][ T6173]  ops_undo_list+0x49a/0x990
[ 2432.034558][ T6173]  ? __pfx_ops_undo_list+0x10/0x10
[ 2432.039676][ T6173]  cleanup_net+0x4c5/0x800
[ 2432.044096][ T6173]  ? __pfx_cleanup_net+0x10/0x10
[ 2432.049056][ T6173]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2432.054284][ T6173]  ? process_scheduled_works+0x9ef/0x17b0
[ 2432.060009][ T6173]  ? process_scheduled_works+0x9ef/0x17b0
[ 2432.065749][ T6173]  process_scheduled_works+0xae1/0x17b0
[ 2432.071342][ T6173]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2432.077340][ T6173]  worker_thread+0x8a0/0xda0
[ 2432.081953][ T6173]  kthread+0x70e/0x8a0
[ 2432.086029][ T6173]  ? __pfx_worker_thread+0x10/0x10
[ 2432.091150][ T6173]  ? __pfx_kthread+0x10/0x10
[ 2432.095743][ T6173]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2432.100948][ T6173]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2432.106150][ T6173]  ? __pfx_kthread+0x10/0x10
[ 2432.110739][ T6173]  ret_from_fork+0x3fc/0x770
[ 2432.115347][ T6173]  ? __pfx_ret_from_fork+0x10/0x10
[ 2432.120485][ T6173]  ? __switch_to_asm+0x39/0x70
[ 2432.125252][ T6173]  ? __switch_to_asm+0x33/0x70
[ 2432.130011][ T6173]  ? __pfx_kthread+0x10/0x10
[ 2432.134598][ T6173]  ret_from_fork_asm+0x1a/0x30
[ 2432.139370][ T6173]  </TASK>
[ 2432.142686][ T6173] Kernel Offset: disabled
[ 2432.147021][ T6173] Rebooting in 86400 seconds..