last executing test programs:

16.152304665s ago: executing program 1 (id=734):
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000340), 0x4002, 0x0)
ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xffffd000)
futex_waitv(&(0x7f0000005100)=[{0x2, &(0x7f0000000400)=0x8, 0x2}, {0x4, &(0x7f0000000cc0)=0x8}, {0x0, &(0x7f0000000d00)=0x7, 0x2}, {0x6, &(0x7f0000000d40)=0x52e, 0xed3c16b5cf3d9181}, {0x100000000, &(0x7f0000000d80)=0xfffffffffffffff7, 0x2}, {0xd, &(0x7f0000000dc0), 0x2}, {0x6, &(0x7f0000000e00)=0x9, 0x82}, {0x7ff, &(0x7f0000000e40), 0x80}, {0x6, &(0x7f0000004040)=0x8000}, {0x3, &(0x7f0000004080)=0x6, 0x82}, {0x16d, &(0x7f00000040c0)=0x3ff, 0x82}, {0x3, &(0x7f0000004100)=0x9, 0x2}, {0x3, &(0x7f0000004140)=0x7, 0x2}, {0x1c, &(0x7f0000004180)=0x5, 0x2}, {0x7, &(0x7f00000041c0)}, {0x2, &(0x7f0000004200)=0x8000000, 0x82}, {0x2, &(0x7f0000004240)=0x9, 0x8851e4d829759edb}, {0xc, &(0x7f0000004280)=0x5, 0x2}, {0x3, &(0x7f00000042c0)=0x1, 0x7ed29ea5b09763a1}, {0x9, &(0x7f0000004300)=0x400, 0x2}, {0x5, &(0x7f0000004340), 0x2}, {0x5, &(0x7f0000004380)=0x1, 0x2}, {0x100000000, &(0x7f00000043c0)=0x1, 0x2}, {0x7ff, &(0x7f0000004400)=0x739, 0x2}, {0x8, &(0x7f0000004440)=0x7, 0x2}, {0xf, &(0x7f0000004480)=0xfffffffffffffff7, 0x2}, {0x2, &(0x7f00000044c0)=0x982}, {0x8, &(0x7f0000004500)=0x9, 0x2}, {0xe, &(0x7f0000004540)=0x40, 0x82}, {0x6, &(0x7f0000004580)=0x8, 0x2}, {0x159, &(0x7f00000045c0)=0x6, 0x2}, {0x10001, &(0x7f0000004600)=0x7fff, 0x80}, {0xffff, &(0x7f0000004640)=0xffff, 0x82}, {0x0, &(0x7f0000004680)=0x3, 0x82}, {0x5, &(0x7f00000046c0)=0x4, 0xc1}, {0x401, &(0x7f0000004700)=0x7, 0x82}, {0x8, &(0x7f0000004740)=0x69a, 0xad0c4bf784c3247b}, {0x1, &(0x7f0000004780)=0x40, 0x82}, {0x8000, &(0x7f00000047c0)=0x5, 0x82}, {0x1, &(0x7f0000004800)=0x1, 0x2}, {0x9, &(0x7f0000004840)=0xfffffffffffffffc, 0x2}, {0xfffffffffffffc01, &(0x7f0000004880)=0x4}, {0x0, &(0x7f00000048c0)=0x8b, 0x82}, {0x45, &(0x7f0000004900)=0x6}, {0x17a4, &(0x7f0000004940)=0x80000000, 0x2}, {0xf9d, &(0x7f0000004980)=0x7, 0x82}, {0x3, &(0x7f00000049c0)=0xa224, 0x2}, {0x7, &(0x7f0000004a00)=0xfffffffffffffffc, 0x2}, {0x7, &(0x7f0000004a40), 0x2}, {0x0, &(0x7f0000004a80)=0x2, 0x2}, {0x3, &(0x7f0000004ac0)=0x9, 0x82}, {0x9, &(0x7f0000004b00)=0xfffffffe00000000, 0x82}, {0x3ff, &(0x7f0000004b40)=0xfffffffffffffffb, 0x80}, {0x800, &(0x7f0000004b80)=0x5, 0x82}, {0xb1, &(0x7f0000004bc0)=0xd205, 0x2}, {0x7, &(0x7f0000004c00)=0x5, 0x2}, {0x101, &(0x7f0000004c40)=0x8, 0x82}, {0x1, &(0x7f0000004c80)=0x4, 0x82}, {0x2, &(0x7f0000004cc0), 0x82}, {0x1, &(0x7f0000004d00)=0x9, 0x82}, {0x2, &(0x7f0000004d40)=0x6f, 0x2}, {0x8864, &(0x7f0000004d80)=0x75, 0x83}, {0x1, &(0x7f0000004dc0)=0x8, 0x2}, {0xab, &(0x7f0000004e00)=0x78ec8c6c, 0x82}, {0x9, &(0x7f0000004e40)=0xffffffffffffffff, 0x82}, {0x4de6, &(0x7f0000004e80)=0x4, 0x2}, {0x7, &(0x7f0000004ec0)=0x8, 0x2}, {0x8000, &(0x7f0000004f00)=0x4, 0x2}, {0x81d9, &(0x7f0000004f40)=0x8, 0x2}, {0x0, &(0x7f0000004f80)=0x4, 0x82}, {0x4, &(0x7f0000004fc0)=0xfbf, 0x2}, {0x7, &(0x7f0000005000)}, {0xffffffffffffffff, &(0x7f0000005040)=0xf, 0x82}, {0x100000000, &(0x7f0000005080)=0x401, 0x2}, {0x2, &(0x7f00000050c0)=0x7, 0x2}], 0x4b, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x10001}}, './file0\x00'})
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@map=<r4=>0xffffffffffffffff, 0x15, 0x1, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0], <r5=>0x0}, 0x40)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000180)={0xd47, 0xa, 0x4})
ioctl$VIDIOC_REQBUFS(r6, 0xc0585609, &(0x7f0000000280)={0x0, 0xa})
r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000300)={0x81, <r8=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000005840)=ANY=[@ANYRES32=r7, @ANYRES32=r2, @ANYBLOB="df42f37e97cea365c038c6bf4237900edafe19482e18bc9d66e6310e49f5dbdba696e183ba213030886e7c5037a2cc3043c0ea5a927fa871", @ANYRES32=r3, @ANYBLOB, @ANYRES32=r8, @ANYRES64=r5], 0x20)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r10 = fcntl$getown(r0, 0x9)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000880)={'\x00', 0x5, 0xc0e, 0x10000, 0x1, 0x800, <r11=>0xffffffffffffffff})
syz_clone3(&(0x7f0000000b40)={0xa000, &(0x7f0000000900), &(0x7f0000000940)=<r12=>0x0, &(0x7f0000000980), {0x19}, &(0x7f00000009c0)=""/36, 0x24, &(0x7f0000000a00)=""/254, &(0x7f0000000b00)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x6}, 0x58)
sendmsg$netlink(r2, &(0x7f0000000c80)={&(0x7f00000003c0)=@proc={0x10, 0x0, 0x25dfdbff, 0x1000000}, 0xc, &(0x7f0000000480)=[{&(0x7f0000000e80)={0x1150, 0x38, 0x400, 0x70bd2d, 0x25dfdbfe, "", [@typed={0x8, 0x54, 0x0, 0x0, @fd}, @generic="f68c644aee82b48c438b3910f093c9b669f35731c6a54caa2eb15c105aa018959d10d6", @typed={0xc, 0xa3, 0x0, 0x0, @u64=0x3}, @generic="4db37c09a883d8d2e74fe90a67356f1d85d8d83df7f3497c2d47005d93d8bfe584fbd1b7313de9ae39fd4b461115955a4892ff949a44c80bdd1cb54d1754724af0624bfda0e06a4df2a09f0fcc9b216a86d3e49344710e454fe782223fb99ac92f6a1a135bc073613f59ead29dcaacc64fc427e8c3e6a92ad23197a8f9afee37c585bcc9e4fecda781e955c50d5c0fa5dfafb19c397540f57c30ac7af226882b5e1d2b1d8f2db8a2a388e05eb12f1275e3ee69399567e6c5b492eb47a481e949623b276d8c92cb11d7df9097935330b5861505896e2b823062e0faf8efe49a4bd42f885532deafc3093b87fe7926f572f66e35865c87a623f93c6cada117f84fd3d9e0b582fcc33ca28ab278b430bcf0c6a8053734e7b7b5890f86dc68b6dea191ebfd2f0e5094696f592d0bf1d6848ad19843a65e291211fca0772f89d341de0178e850d742423a1e8030a9591867133b38c8e70ef6353f2cd560eaa645a3dc973258446b7a46e3937eb866374982323e154efa181582248920002bb858ef1673a9fb2e6f3b7cf2eee7bf6b015bb3ccbd482aa666890d0e8c2afe93254a3c05be4810336ca5fbe68b58e154dac72ee8ffab184171ce8a688f773ca7d72dde801f62c3b1678a35c7d438744df27287a431650293f918a4b7545dfe07ebf5ca0939e36216c25f6cdd45d44234e62468a4530ab97eeeb562a952e1cec55d248478cc99f221cbe424eb93553d0ff039c82e70d140ec0a4db4eb8c4b299bf373010dc365af77e5505ddbab1573d0caeb6a6be51c240d1fa21a4ad262b05fd296222eb882f45400fe42a7af0d778f5ea577cf8cb818568c05448c3bc8d371b114a3b5c6b842706ae6c81c8e15e0c71f166228b470705037b5f6742a93db4b3ef62e072e0fcc7f3802c3bc21d56611414eb338a8723e957237465a0fa335d7c073a6a32e0945cb87d1d6ffaf2b39ca2f46b5c3d8a2db55a47aea4ace0e7b210e74905d5319bf7301e530cac27a49da7283f42e45464b869710b507f96be16efde1aa4c2aed2fe791c6c026a1aa220b64fa9baab8ea809b8c0254e90df24f345b6e50c7c17f2749aca6570531333f7ff5709a676636d28889b1a9d87d7f9de290d9832b69983fcc7ed55f8bcb1de3bcef24288822c9ee1ea26780bfbca50e62b564363f9b6d7257eccf65238659602a85c708199dee0950dca6223be41bba19a756f44aa86d6e9a524f42e716ee4187a16d05695dccf07657229b522b14f2487dfeb8f313b29f7fa0cc1e65cd579fcd22c380009f71b52ba94a13c05d9904f0e5832db4b091c315d8b47264db3f4c8eef2787e2dcf6f153c1bd1003d40f16e00fd2224cf531e647cfeb5d7ec98674b26a90a7ce72a114d7888409b9eac2a60232629968d74074bac11403a3efb9d7e3cab0ad6895559495709ed44d519f3e4856a0ff59f2c91eec4088e8df41ef4729fb89564f73dac09917360fe77c6edb17add3f1b9ca2ae73a13be797e11f2cc8f55187eb4916c2b38e5238db3e8ca25ceb2ba2d616b85e0b07d0f45c693fedaf4861e098a4954ec600c4e78b805541ebe4e0940d5b28f0fd4350192b691212bab536f84651ce85979e8063bce32408a35fba37ac9ce0d43d6c6b5fe47689fe5bc34e7699d1038bfbf21bb17f0c77eb6716345f1398293c6b52aebf2c3cdd42962955c53ba6dc9e7501b1d40ae2daeb1fda392dd4d9a1e665b3a8ad99e19b5d635f671fbd7bd66811efcc65f8811a4d1b3a99998d5de3f204dd94c412b8e51d4e851e59a42da16d6e6f2086f1246249097567054dc72db201c66479e83798b696d8e0b63d8fcce1fc3672bd3b7eebc11569e8ce7a969324dc27f4700d161c6494d9aa10136ff15b07f4ac8c673eaf361c971ff65a8a1c053bdfea54a2f5e0bd689c94d64e64ceb216cb2d1f853b8e3333563d7e5cb09719e98076454aaeb44d4142ee871a60b85189886deda10352e04bb84d69beefd5bb5d84e489207ec16fc7959232c9d92bc2ce63e4774baec76029a216b26040a8290ab8e87de9d4a28a83b386b5e8e288ce3a25c4c27d6df88eed0b88aa7fb27dc643aa05d04579c6e36536ba9fc3b198b95be7ed6dc05b30bfe5433ae650e895ce622eb1a2c2ddfb071f4762a9a3746946bc997ed0d9ec59341b96b7e9a4bd39e2caf9b656d4a5292b37fbfde5231d3632ee1d9774b73928f6b7940b158590ae316efafc5a99c3d626f7be6455b5a4b7e0ad6468901eb9407c97baf3409d97674cf72944e6bb62cc1d62b7a1e68fafd3656c35bd3f29bce9c532c29c9a757b06bd862f49bb13a42000c2fbfb92659a5ca0bb5ce164bd119c65b82e71fa13bd1f3bf2c57005dec0301be59d4038a2c5a29939afbdcfc7bd111e5ae3386859723726da9f6830d08b9c76b89b82af57059f6e39cfa073fe3f269e6f7447841101e386118a4ef02b8f80a3341403df0c3e480554c40db2c379727a331f6e672ca495d615c737c1d44a598c8323c9c4b7546491b07dd020bf4ab9622d53968631dca0d4a95b58ab0da73eff6d716be380714baef47ccdb139af8039057129d2bec503abf696cb216642869c461ea3b8915bf8c0212b60f4dbb410f1618157f1a3a996bcbe32387b5903c69ef1a614a76e4ef4d5bc27b0361b2dbbc592d9bcffbdad51d52bd0bfa576c263809e2388ca1a326cf2f3f8dc7539ff75356aabba6638f8bf38c8bfdcfe8ac976214f623e956a15081720af41d7447df64cb2f5939ac2cedade69240450b5a86a79baffc986dd28344de207befd6c6ebedfcce609ef5ffe2f78eea014eb12b28c77d14dfb61f4c9537d1e8f77eff37e7fcc5b818db2bed1f9958a495d3e3194e94a0fc552283048775439fa3e8370abba732e99d63a156f8d7f5aa8fbca0551c53d25a4197f78ca9aeb0a7e1dc618f6361bfae61bdba60e379f48fa5d133b0092f56fc000ed84577e6f83e3f49b8ca7026bdf8104f491272a5aeed2de23c2c6bb3048c42afb661ce053563d130267b237e225b99fb9649831bfcf627e84db4458e3c190bed01ce3e04ff2b34566de9fb91b14a9390e5ac863cbfde053764910266cf3df01701ae0d95cad214feba7db461dec42a2dc2cc1520f4075860d3a009b68f464ec134aa634371426633e1daf6dad3c478a3f01d3e5ca7d3bc2d2919c6f71cbb8886f79bc9eead5d014c1fcaf18449643481f1f040546328e8556a0339a5569abba3088517b3345480914eb42a3342d483dbbaa777f41e3923b1f0f1d12730eb1493d4fa4cdb73f0b1cfa093be034a17d382a716c40ac75496e494599997a300ec51809ee139c6356bd209cbd7ac604de272d921a2d9426cbb5c8e5d623858fa955cc5905c8ead8cef38d7e7c38e883df5a6cc806e189aebed820b9a6a1955381ad203aa047263c9d23a8346b7d5e64eb637d95108fe6d6cde4bbb9653c0f39c851da6a538884f75ee52f2a5a1187ee5bc0a519b1ad979ed5aca8ff7e6a47b3f0ea012b21a71e26f0aba13ae5c63e32b15499c0ac7b5017c3dbd9f071200bd0c511a4716ed6d9c349b0fcd206d1da2d862ec16828f5579aa2ce9f9b72d067a6d4e8a224272b35e58465c9d4a6804d5afd467d0f533fe45759a8cebd55bc6e33e6df0ad3eeb55149a28f977dbdecdf690890a92b6f1dbc6753e63fac85a3b182acdf2cf3d4d95f2bfd3961b7b565f4fbbdc173fa0383add5b094eeb575f78a8b57066776197e678e555f26649059522f65d36b2bd6751383c48908ef43b95e8c9d5ec32762f1ec07cc74f126efc2ac8b6f6d432e723f902099a05eb8c750ed2e65d8f7d5138013cadb597152cbc11b904ebcf2f184ae7767c582a7f5e58a5a5c195726c1fa0503c4a1e8145b27509ff143ba4ea96ce16670a58576e583d997def181717da0fc7e135d3aaa79b99c44b519c36c6cd53ac4ca16cffa0cf863c5a93f0639b231759288ea9e766ae180bcaa59b1057386366bab7b91afda600f74a237009113339a440aca97b66e2b02f8a5be25d0dec9a9229d0c752123ed3fb897e1780a55ba59e38c7c15e2eec4da4a04cabbee30f91b1bedb143d995421adf90b5fe59d56536d8e5dec5702168ba24d2c902b0dee55b51f9b9745e43770368036893130ff99db41ea0be8234cf786acbb4b7c02f780f67356605ca8ac059f2ab40877721420ea2e6ddba3d1c338d55cb55936b11f2b7a6ef70a43f57865150b4e60b05f8ca7f87365b52f1242ece1e29a6762f3db383a3b2acd291bafcccb411ae73f4fee0931df3945db9d262e23e83426f2681fd87d34bf818f41fa5b8d60d06e43dcff56a2223af35ea441e80522169e41feb6fc9147835838df4c52944bd845aec271aa46d5c471ccc85a0ae423606c0c13d9e83a217d69488379e36d3cdb752973fa5936c7c4e094727f5b76d4ec6b2d0234b11f4965b0bb165bf2c811eed7ce0155c3f00a0438b1880159f65cce732fdbd05599e229ead72d5edc6ee0ba1c3e69f9436a5048950e21c30566c70a411be822da5f50804d06b17d880fb079ae1aba508d73b546ed7bd8ff0b555b06cc4717ab4efd4538bbc7fb303ce18bcd1bd0974805a360c3ea708dfa0e870b6885126ec7dedf35bcf644234dd7d5aab7879ad822faf8b60379df9817d9958138ee192773e70b3b793f30671335000a45c3a344a120152ae95796bbfd0c14914c9f9e5c26e6cc1f7a6572bdfde68dc6b7890a619e0639dc65049deb555552a9877d2f44908811502d1ce02506f387d33b7784e723a1ca70f42810e31c3e2ebed8123cf7c7a7a6d734c48064f9bcb609c55006511a8edaadf34d17692f67bc6dadff2f0764bc7da7c31e355888f9a41accd78462147496458ba450bade8e67c9c3182a2a048c6d3b189aa84df5bf8fe5de8ae6778dc1132612df7bf2fe22285c5c37912a4b014b4eca8486d0f9ac0560baeb6a9e6a18dd5b318fbedd86d3890e1bf829beedfe253ff709cea8fe308fbe959ab51208a320c940a519901bd38491f634899159186d4f165f228b9eb7034a8aaf612d485d1679171d11f3a0e892b6637c75c36f1b8e0c342d4c0f20131763f1fdff2a031f5a32d5aa78b5a9dec9282e1a7ce59ad94263a98f1f4db820976c90c7cd1e4ec2674b9509ba07542adbbbfa2de0a3c0a0d589f184690a3fa99efe2c1cee3b4d69c9e1cb9268c24cffdecda7064fbc4eabd55d062c2c63bcc3b295b25bc1a0b1aa91421990e78f626c1c0587d9eb5e4b4f9513aed428ca9d4bca433fec8c25843a54321bad0c28a96c947b510c8c1b28ac0a79d7cdf5d7e4c63317342b39e7ed3b0b50877b0c882af009d3d3eac63af304fb064508bd1dbaf5b4442a5a622302584e6dd5062a92ae65f899ffb182d8ec67f3a017475697192a84fd3f10eed91fccceb33c92372197f3120a17d1c60d7c46a24e35de18413082745fd13314bdc9137b52f7a5bb461da81f80e8046bc608e254162819cdc58d7e8981afc8f29fdf939045dc882837264ea1cf5baaee41055afee18bc571cd3d5434207f9d7281c4d6cbbfe1883f6717543beb9ecb7815211a8944463e5066a9dac59656b268eec387883b61a41881b90e6d3a13e2a05228c3fabf5efab6ee83ea3f587c0bc10e0015c08a3cbeb84508cb0aa3557ce353cc2a1288f69c1106e45f7659cc575ea7a9025afec6ee37243ea133e11663339da36ae3cf6ebcd39582ce0ad6ab584cdbaf894987ab96c29bab21be775c548466b06f9467087d5320513d4bd623e6280f99008e0680923955b94187e035d13b3adb", @typed={0xc, 0x102, 0x0, 0x0, @u64=0x8}, @generic="bc9f15b9909057fbf101bbee53725bc64dba77ac66b41a9e16736928ac95bb42a9e999110f7fb6395a4cb84ce3a6a4fe14c6ee2a982b7ebcd8369e1bd315ff9cb912b6cf0b989df461e19d53e2ffed2d98607a2fb72ce89df57b347b4c5eeebef3f9447203f4b0d39702c705eb31cb81f1d0a1517bfd01e000ee15900f90c918010a185ea63a855daf82afd69fb20ea6c9f8eea7ca37bf44b731bc960bdd1b5f5e5e05c32c1d5f1b14ad537f60612af352f3e8f136e63cd804e54735adfc5f564c36019fd492b096b7972a459df85cd36060e77664fe63e87909a105a1b01415a5fc8ce5b99ce3b00151bca47965d3756a1e1b", @typed={0x8, 0x144, 0x0, 0x0, @pid}]}, 0x1150}, {&(0x7f0000000500)=ANY=[@ANYBLOB="88010000160008002cbd7000fddbdf2598f5dfcf94acfa3c2a1cc339bf49b536a2106171454698e3e098ed32fe97d19292bd3eba1f937547feb884f133d8a694acf92219cda7185a3905751561113f3ee0e2bbab45c1d960caa4888ebee34f5dc5b852c32788eb94bd1da2a33ee3c9ebd3ed3de11e2e9d0d2a057b1e84fd4e095dc1331c5116ad3eecd7b82453765718fa0670ab94b38229ab64698bdd57788670791cf9d21d506ff178536d63d7a929faafb058c5c60257b56600722f8c0e2690cb291c521f01c43d876f4f78ffd92758fa5f865fd9aa420800ea0000004001a6005d80314d519f5b22afa9dd01fb1be28e1126c0e47b317138904378011aaa19fecedc3e71d6c4265cc99ac67dc59edd7dbfa87984ff114c4c867c1012a789e31ad4d2ba4361e640bc98b834d384ba72f4112a1782d47d5a678a8ac417bb3d9c42fd7f3f6820696a593d3cabf4cdb29d532e8a399c9598051b77a75f1a3dca38e342969ad0663eedc8fe6680d7fd14a23d9ba3252aa6362c2a15b02a3710a1d94649748c6b0000"], 0x188}, {&(0x7f0000000440)={0x34, 0x15, 0x4, 0x70bd2a, 0x25dfdbfe, "", [@generic="dd2e776902719f07cb773ffbe5264d08757bab987e546df957aa3930818e58c7b179"]}, 0x34}, {&(0x7f00000006c0)=ANY=[@ANYBLOB="2c0100002a00040628bd7000fcdbdf250a00c000ac2d285d7d00000025bdacac69c4dd3f0b6e4dd2f7f1a2ec551872996ee50ef439930cbef8c4f0b9b4f2e714c34080320f9eb3717a4ebcf257d702014f213520b2fd4069aaf1331c7b887aadd97e4b4e735cde4e3bbe8708d06084631cc3db84cccefe0f805abca53af69089e93c5328175e7eddc0d70ed24404b7ba33804ee9a1cc90311d0923a2152b22d771d7aaa46f9f66d1414e741ff260363f322a9d9181ac6c1c60c1f7623cefae8125fa154d25eaa26b8d73cab4f640878a4b6e57467d1a28d02db39873e1d983b9230206c155c2b2dc10640df3e82188f490cffa71cda040fadc6265adb5063be56b6d26fed2b74ab3c3cfeacfccdf3ece751d924dd1254970daa989efc838846f835bf2a3dc093229656cac9b"], 0x12c}], 0x4, &(0x7f0000000bc0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r6, r0, r9, 0xffffffffffffffff, r4, r6, r4]}}, @cred={{0x1c, 0x1, 0x2, {r10, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [r3, r2]}}, @cred={{0x1c, 0x1, 0x2, {r11, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r12, 0xee00}}}], 0xb0, 0x4c000}, 0x40)
r13 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r9, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff0200000000000000000000000000013a"], 0xffe)

13.038728899s ago: executing program 4 (id=744):
sendmsg$NFT_MSG_GETCHAIN(0xffffffffffffffff, 0x0, 0x20000800)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xa, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff0000000071109b00000000009500000000000000"], &(0x7f0000000480)='GPL\x00'}, 0x80)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x0, 0x0, 0x0, 0x20}}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

12.619122207s ago: executing program 1 (id=745):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r0, 0x29, 0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000280)={@dev={0xfe, 0x80, '\x00', 0x32}, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, 0x0, 0x0)
sendmsg$inet6(r4, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="120000000000000029000000", @ANYRES16=r4], 0x18}, 0x40c0)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/201, 0xc9}, {0x0}], 0x2, 0x7, 0x1ff)

11.457429587s ago: executing program 1 (id=747):
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="120100000f01674057a21320dbd0010203010902120001000000000904"], 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000200)="50dba1454e9b08dc8a5cfdb1c19e8364189a05a904fbf902e1744af3e31744c06e3152efaf9a7af0bb11aba12c67353e1379a784abb62b93b8c377f274b9f83e37432806454903b9e4a1980b8859ede6639fd6bdaf3df695ac261a94ccd7af917bb85bef42a21f5830e14f4ff684d55af5b059", 0x73}, {&(0x7f0000000280)="ee4a4fcfb1680893edfa89c408e398280e835371949ff14c4601c65f781c6ec136bb534676feeb9f378afa3db0db14f9790e22bd6f256edd529266b7b25808f323e25d467da95171b078fba057b5fdb1c0afb8963d8bf63e6e567bde4cb0b79476c299792b7ee246318abf0a0d4fe61e82606abed77ca04c1e782eb54666967cc78a4989c2b2ff4a6219aaf284aa8f03bc24776587fdb05eb41c6d166ea7f691f60d507ae241fba17b5ba6", 0xab}, {&(0x7f0000000880)="2d65b225f2ae627d012f17a1327d91ac467e7339acd47877c88f11d36dac3f491e2c50d1dd905861f64c8abc871ab89c153f5e1dce628cc58cbfdb4925d38fa7255b490624679a81c136b50c6de1e312386c7777c58fe96175ced9bd171cea7f8343a652f4421ad8315ddaad35c0701fd3c479ffd89661660817ce03c219ce313668d9535960c8dba245b58e0905bd5c32a889b26b3f8bc250b31604995d82ebbb98fad2ede9dcc9f9fb4395481209bd07180ccda0717d61ace3a1c59450478b956ec2831d69120d2970ab6df2ed74942b3340262b960fbacf49bf39d0be23ae808d0833c99f35bdb48e822f07ddbfec76948a3fc71e6ee9e98f14b8baf3b8cc63eedd23a3a877d1fedac1b2e9724b37810c553d075f746ca330c789943d25954babb079e0cb8badc7047c3674fe94d2e9b4a37495d32b30646a9c665ecd6854a4f2cabb1a80242a48f0d8764fced78aa0273dbd50184bb1c582a5e65e5d907e8c2927892367bb5096b4e153659cc8a0aa17fb6acae6b6d4d16f951ed63b06b9228ca91a98e41fba54ee7b6dda80c80b27cc15ff6dee2d9f8b33c06deaf848607c8bd86b01bb350f98aaa8c75eae8e2eda06e7c98455f26fb7f385089d2cab31cb8b6b7d623f63caa8adaa013db1bf09c251c108f91c54b245b36ae81ece016e0e3a56fd955005ed0d61b076ec29c617d162ea4eb172f1a66e2d892286bddb71ac264d207c5215ad573f0af3046baa4d422688564f228bbd038999ccc0385969bae17714158400c08b1c5e7dd0fbd4a15dd5f4393b92cbd610e1af6fbb1f8e988e0e2b08fc938389e581d7b3d406c4fa4ab242449d5c7bc6a6a4975361323905f0524d2f6bb2964ce1dd24d764ef09d7fcff63d45d9bde84dfa8884effa4e5e7ccfbe8d8fa2248ad205b2c1d388fd81bf981a9777d24a9ab7a2f38a0406927ee6671d23967076feed640402d4fcd0a81ccf3039efaeb1cabdd7168c0e4482d11718059db0c9e2d23cc92a1bbc90e4b7ef6448a4414c3a66be277b16c1b0be3f5729ca41b68c1f7f7f7fa4173eedc2a341697ecc23d211355a0236649d46e1582afcb35d7388d3ceaa1b2c3d2358f7ae289b9f4ed92fab4c191f9049e434cf740bb05a9a5bf6130b42daef68cb935cd849dfb07a2ab243ecf094a562f3cf4a9542f6509bdd9705080649210b64c7b0b052c184df2276b7d6c18f93992a68dd327e927d5e6ed152d7aa0685780c5ac69bb114690548fdf1f397ca966b81589855582ad7943a0e949a6885cdffd4d9476cf9c6f6f7eab2653ac17bdc18beaa1e47d0dc43dc3f7a24ff29c52a6876f18f4c816a42f2251b3b934717b269e8bdf4b97aaf47c2605b53cb25fbfc4ce5cade8d8296ceb23c2c272fe9362b078f7cfc76d0a9f5f2228347efa5a5de48bede3170ac1879b120a9560822bb7682c6c363ca6bfef03ed7d7231ab0049ebc4f7629cef889695b92d2bfcf3de27bb60fee0c1466ef537562df6c45c6e3bfb42500256b9917d0da3c1141375679897155abba3dbbef3f89df3b0124c31b9c14259020b7bb719b4ba2fca17bfaeeeb5977427ecb82c7a39ca453c18d5ac22ed3efd51da154e717d240878d231033a3518b91f16249c885ba5d88f9faa56db2736b3ea2be22b76e6b5d66bbf598738cb9a1cdc2d05ddc7786c112eb0392def709591ae9b2f305009db207368f59733a608b9a81de51b63d39ad5e7ff9a1195538b8e94b648970dc8dac2e4391b5be80ec4724194b4d41145e6460a70925ac07fe907d0eac1efb416dd47d1dff82a92fe25f414d27e7c93c10219798437c26be5b7f976b70999c28dfdd8991d0f1d6909cf0c25740e70e272a1575b4fc9867fe2846e495eb78bf9394c1ad361a6d320a8164e33f8c95536997664b90b0b70a90c85f184efba73aab635bf0706b36f970296b06e85bb47ecf1ed476cb5b87271c0ea26ee0a76712067cbc4f9fda9ceb1c1308bf491961af8173d86382d00dffac6ee4d86a3b41fa42b06ca175ea9f5ac0b632a5d3f5a483433bf2627eb23ec98ee171527e15a1d2bba9fd78e9bc9326781172364d684570636f6f04eed085eeeb36cb523632e2babb8637af4217c43784e681513e938f5105169c30b8ac2783ae55b59e9113024438ff00c99b787501b4b698aec4df8852c780e7f96c37b4bd01a6d3de9dde822abb613b6d3aef5b2e9097097450e62fd16e993b3144c7dcee237657cf5fd9e7b5b053464ca5ae22b36f7d95336b76957ea1c628098cebb04b8ab95fa653eb950f148a30cc53b36c2d9d578bc2d2aafa9769833a8f0b307fc5b5bfaf94d5d0d52dca61f18445f93e02dd1bfcbe835796ca97694c189566ce5c9f31133e1ae2213289bd85199ae9598770f21aaf16262a718421eb7dc638f62b7ef646536d8f674fcef638a3de69912a12f633f02df0dd457f500dcf06348ec1fa67e68fd7a24f5d52a3e6fc27ff04393076d8bcb4800b7875191f21a9f78586aaf015240f615afdcc627d4836511fa43d5013886eeeef89db0a11fbcd2e576c0b1dc18251b7d498e079882e78b5baff1d8d3155bcef84bf6468bfbb56ec08b057597054e8da570c6f0ab77ec30a865dca7aaa711aad1afc0414b3fd55cb4a2aa1fffa93ef7a71d6ec863335f91f84e02dea0aacce3ba4d12f4621c90fdfea1a891cfee7337c471377371cdc6ffd070062b681f6d5ccdf0c57efe7a670de513c3b140082aa0c072a6f591682330298c8ddf41452baa0459ac9e00925ca41f3ea4fc00a599acd50d5e4e0125be8fd327654d9fd2ebf21fe366ea36cf3ff6580bd28b56514a79512e3c23baf9d99a32f9ad503172f993951d0c12b1779cc25fea0a8254f42f7f68a5e28e1ca951c3952464cdda5e919b3e49e29bec4ec0a751aae95aeb2919e00c19b33c8730bb85054df7d7d441eea972837f84f7e66ff0ea49635d8df77989faa40359c1801d32b138d96e8aaaef8783b6c12fb4b701aea8e24b380093b941ce153fb04ee5f65cacd0ed13a9ebf7377cd4957d48f9f7dbddc9686f1b8987b406660326aa35ca86afe8aa192914fdd635da5bca27861a43cdb3a86ca85d1d0bd729f5fae3c8d549381c0a9c0577c093f7ab8f08752a36df35e13823d9a783e5fbf5a14faac6cd9267f8141cb82ed049554ba591f6f1d8c58c2f835f46ed30f945fc8985027b2fd2d686dd92573e86c3e5faa4d0e5444f467ffbedbf8413211ca7beb8e5634a25315bd6f92b2c4656912781e80146f90ce1264c13c8331037880f3b3846262a355ab9f2d94c9aed0927b5640fb3187893037125f3763fd2bc139f47aebef4ba655f337d50d0e95940794181f6954cdb1f958b1ce8dbc0cba104365f7de904381c13a9ebb74d708682a73a6bc5e0d00bb8dcd36d82ca2ccf0775800bdb2eff2f85528acfa13c8577577f00fcad8f2160a38a11b55e411e78a2a346fccb064213b6c2a9a95a5213b907efbb986b4139b8258aece23c0a46436e68b16573f23cd4bb2f2d37bfd9cda68b3e330ee9036c3bc3cc33108ae40b2c6594ba8dbf175ebdf0a936925aec7eb44afee90a7a8800698815e599381d9b81de47368bef3639087579d30ddb2f04b0be2575535cb977bfef457000d2fad0c6f22b9f85cfe9260488e0098b9ab39b1e03566b75256f1565208e658c7e2f9ee4665b55f187c9adf212c6fd1f7625e939655230ac595f35907dc44a3dffa5c418d9a81f240f123e9e9fb4baefeac23a5266e04d19fb6938c4df6dbe9246a3", 0xa6b}], 0x3}, 0x20040800)

11.254204633s ago: executing program 4 (id=748):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x5, 0x2}) (async)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c011d00100001000000000000000000000000000000000000000000000000000000fffffffffffffffd00000000000000000000210000000000000067ec82ae", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000010000000032000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200020038000000000000004c001200726663343130362867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000"], 0x13c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
r3 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x80, 0x4, 0x306}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @xdp}, 0x94) (async)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80) (async)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000240))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0) (async)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x1, 0xffffffffffffffff, 0x0})
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f00000002c0)=[r6], 0x1) (async)
io_uring_enter(r3, 0x3516, 0xc2de, 0x8, 0x0, 0x0) (async, rerun: 64)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (rerun: 64)
ioctl$VHOST_NET_SET_BACKEND(r7, 0x4008af30, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x1) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r6, &(0x7f00000014c0)="9f8c7dbb5705cd3134e86fd0af9f6f46fabef135f1c4261ae2a5334686fa45f14b24dec24219bba4f45369e3e8a1185bc37a8a213ae0c77d1de1dcc9fc16c9785425ff8adc05803606e3bb257a14a381fe2e586d2257d845d2cea781695ddc04d2c7961c889ff2f53dff0f1bc5ad65014371557c6cdd72a77b97730c18f22cc14da49e645149749169c3f312824bcb6d2446ab0945482e88c2daaddf43a23c13d0f4eff1af881f7dd015c5a54686822224b81c70b611bf7aea", &(0x7f0000001580)=""/187}, 0x20) (async)
ioctl$VIDIOC_G_PRIORITY(r2, 0x80045643, 0x2) (async)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000200)) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000040000000000f40f3df5946176c4fff39500000000000000066902"], &(0x7f0000000300)='GPL\x00', 0x7, 0xff6, &(0x7f00000004c0)=""/4086}, 0x94)

11.02057491s ago: executing program 4 (id=751):
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(0x4)
r2 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x6c90, 0x40000)
ioctl$SCSI_IOCTL_DOORUNLOCK(r2, 0x5381)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

11.019907253s ago: executing program 3 (id=752):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_QUERY(r2, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r4 = dup(r0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e20, 0x0, @remote}}, 0x40000}, &(0x7f00000001c0)=0x9c)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r2, 0x400c6615, &(0x7f0000000180)={0x0, @aes256, 0x0, @desc1})
pipe2$9p(&(0x7f0000000080)={<r6=>0xffffffffffffffff}, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x4, 0x10}, 0xc)
splice(r6, 0x0, r0, 0x0, 0x20000000000002, 0x2)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010100000000000000000100ffff14000780080012400000000508000b400000cd200500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b000000005541401e51085f8a177834034999d212546975ab09c8e655465474f6d67b89ded9e503cf73ce8a9b351eeed0c959448515a579b23f1cf94f89740b784d254a8c51bbf325e510281b"], 0x60}, 0x1, 0x0, 0x0, 0x4044081}, 0x0)
write$input_event(r7, &(0x7f0000000000)={{0x0, 0x2710}, 0x14, 0xc34d, 0x8}, 0x18)

10.099101047s ago: executing program 3 (id=755):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x62)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040), 0x4) (fail_nth: 1)

10.069616651s ago: executing program 3 (id=756):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)

9.167248166s ago: executing program 1 (id=757):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES32=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000640)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r6 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r6, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
read(r6, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(r6, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000840)=[{{&(0x7f00000001c0)=@can, 0x80, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/42, 0x2a}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000700)=""/220, 0xdc}, {&(0x7f0000000480)=""/223, 0xdf}], 0x4, &(0x7f0000002300)=""/4096, 0x1000}, 0x7}, {{&(0x7f0000000580)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000600)=""/52, 0x34}, {&(0x7f00000008c0)=""/164, 0xa4}, {&(0x7f0000000300)=""/4, 0x4}], 0x3, &(0x7f00000009c0)=""/188, 0xbc}, 0x3}], 0x2, 0x12102, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r8, 0x2284, &(0x7f0000000080))
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
close(0x3)

7.779337227s ago: executing program 1 (id=761):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
syz_usb_connect(0x0, 0x81, 0x0, 0x0)

7.718458045s ago: executing program 0 (id=763):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040))

7.02249559s ago: executing program 0 (id=765):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x9b99}, 0x9, [0x6, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x8, 0x9, 0xd, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x2, 0x0, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7ff7, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x3, 0x1, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x9, 0x4, 0xa, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x2, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00040, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x762, 0x1cb, 0x1, 0x4000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0xfffff50f, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xb, 0x5, 0x491, 0x8d3, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x7, 0x5, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0xff, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd80, 0x60a2, 0x17fc, 0x9f26, 0x0, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x4, 0x10000, 0x1, 0x8, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0x56, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0xe, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x6, 0x80000001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x2000003, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x13ffd, 0x1, 0x1b18]}, 0x45c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03000000000000000000020000000900020073797a31"], 0x34}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r3, &(0x7f0000000140), 0x0}, 0x20)

6.878289545s ago: executing program 4 (id=766):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000e40)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7, 0x0, 0x3, 0x4, 0x2, 0x3, 0x3, 0x309, 0x38, 0xce, 0xe, 0xb, 0x20, 0x1, 0x5, 0x5}, [{0x3, 0x8, 0xf3, 0x7f, 0x204, 0x200004, 0xce1, 0x400}], "", ['\x00', '\x00']}, 0x258)
mmap(&(0x7f0000ae4000/0x2000)=nil, 0x2000, 0x1000002, 0x14, 0xffffffffffffffff, 0x9a38d000)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x11, 0x98}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)

5.559025483s ago: executing program 4 (id=768):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x837, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)={0x28, 0x14, 0x119, 0x0, 0x0, {0x10}}, 0x28}, 0x1, 0x2c}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@local, 0x0, 0x0, 0x4e22, 0x0, 0xa, 0x0, 0x20, 0x11}, {0x0, 0x0, 0x8, 0x6, 0x1, 0x0, 0x10, 0x9}, {0x80000001}, 0x6, 0x200000, 0x1}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4d2, 0x33}, 0x0, @in=@broadcast, 0x3506, 0x0, 0x2, 0xb7, 0x2, 0xfffffff9, 0x9}}, 0xe8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000001680)={@cgroup=r5, r4, 0x2f}, 0x20)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001500)={@cgroup=r4, r6, 0x2f, 0x2018, 0x4}, 0x20)
write$ppp(r6, &(0x7f0000000040)="d0a9d65ec98afe204b9e8343d1e7fdcbbeddd9d08eed39a79864132b53522a7312f47ae95ef5f3efef8276a9678d6b4852ba7c3711b26423b53c7f45", 0x3c)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)

4.959101386s ago: executing program 0 (id=770):
creat(&(0x7f00000002c0)='./file0\x00', 0xa9)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x20, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000900000000000000020000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000800000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000e23c00008500000086000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r5}, 0x10)
creat(&(0x7f0000000200)='./file0\x00', 0x0)

4.751538318s ago: executing program 3 (id=771):
openat$iommufd(0xffffffffffffff9c, 0x0, 0x64c842, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2)
ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000002680)={0xf0f06e, 0x5})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r3 = io_uring_setup(0x1692, &(0x7f0000000300)={0x0, 0x0, 0x40})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000000)=[r4], 0x1)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000000)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x5, 0x8, 0x0, 0xb}, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$nl_netfilter(r6, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x5c, 0x4, 0x3, 0x401, 0x70bd2b, 0x25dfdbfd, {0x3, 0x0, 0x10}, [@generic="4d6b6b2982214855910cb722e554b3ead4d663993bfe8cec7d8679dca91d438ce8669c9bd0a3ef0a7c1f76e7e82221f27a4316af0376b2125a3ad95ec58d1717e8e6b7579e150c"]}, 0x5c}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r8, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="358742"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x4040800)
sendto$inet6(r6, &(0x7f0000000000)="dd23f9e9597f43c9a9239656d50ae5286968e25cd6ac013e75066c8f000004a1", 0xfffffffffffffe9b, 0x0, 0x0, 0x0)

3.77894087s ago: executing program 2 (id=772):
sendmsg$NFT_MSG_GETCHAIN(0xffffffffffffffff, 0x0, 0x20000800)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xa, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff0000000071109b00000000009500000000000000"], &(0x7f0000000480)='GPL\x00'}, 0x80)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x0, 0x0, 0x0, 0x20}}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.764200517s ago: executing program 0 (id=773):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, &(0x7f00000003c0)=""/163}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f00000001c0)=[{&(0x7f0000000500)="580000001400192340834b80043f679a10ff3d425f85b4141691c148c61bcdf1e4220000000001008048244a48fb6cfbe939ca28f23457e792945f64009400050028925aaa000000c600480000000000feff2c707f8f00ff", 0x58}], 0x1)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r5 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0xfac7})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004c9e58104505808001000102030109021200f3000000000904"], 0x0)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)
open(&(0x7f0000000040)='./file0\x00', 0x280080, 0x8)

3.640146476s ago: executing program 2 (id=774):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x23}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@loopback, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
syz_io_uring_setup(0x49e, &(0x7f0000000400)={0x0, 0xe7a8, 0x400, 0x3, 0x40024e}, &(0x7f0000000340), &(0x7f0000000040))
eventfd2(0xff, 0x80001)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x2c, r9, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r10}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9ee}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0101fffffffffbdbdf252b00000008000300", @ANYRES32=r11, @ANYBLOB="04004400050034007900000004002a00"], 0x2c}}, 0x4004880)

2.483986186s ago: executing program 2 (id=775):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040))

2.24199593s ago: executing program 3 (id=776):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
write(r1, &(0x7f0000000240)="94", 0x1)
tee(r0, r4, 0x8f5, 0x100000000000000)
write$cgroup_type(r4, &(0x7f0000000180), 0x9)
write(r2, 0x0, 0x0)

2.061617457s ago: executing program 2 (id=777):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
write(r1, &(0x7f0000000240)="94", 0x1)
tee(r0, r4, 0x8f5, 0x100000000000000) (fail_nth: 1)
write$cgroup_type(r4, &(0x7f0000000180), 0x9)
write(r2, 0x0, 0x0)

1.753615759s ago: executing program 3 (id=778):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040de28021100000000000109022400010000d00009040004010300000009210100f90122050009058103", @ANYRES32=0x0, @ANYRES32=0x0], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="200b4000000028b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.274935698s ago: executing program 2 (id=779):
ioctl$VIDIOC_G_AUDIO(0xffffffffffffffff, 0x80345621, &(0x7f0000000000))
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/comedi2\x00', 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000040)={0x5, 0x6, 0x1, 0x8, 0x3, [0x6, 0x7, 0x7, 0x5]})
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, 0x0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x8}, 0x10)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x80fe)
socket$inet6(0xa, 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = userfaultfd(0x801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3000001, 0x5d032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80801)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x14)
syz_open_procfs(0x0, &(0x7f0000000280)='net/sockstat6\x00')

1.029817689s ago: executing program 1 (id=780):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8848}, 0x80)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x4, 0xc}, {0x0, 0xfff1}, {0xfff2, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x80)

1.019836364s ago: executing program 4 (id=781):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)

958.972741ms ago: executing program 0 (id=782):
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, 0x0)

9.146269ms ago: executing program 0 (id=783):
creat(&(0x7f00000002c0)='./file0\x00', 0xa9)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x20, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000900000000000000020000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000800000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000e23c00008500000086000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r5}, 0x10)
creat(&(0x7f0000000200)='./file0\x00', 0x0)

0s ago: executing program 2 (id=784):
sendmsg$NFT_MSG_GETCHAIN(0xffffffffffffffff, 0x0, 0x20000800)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xa, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff0000000071109b00000000009500000000000000"], &(0x7f0000000480)='GPL\x00'}, 0x80)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x0, 0x0, 0x0, 0x20}}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

kernel console output (not intermixed with test programs):

devsim1: renamed from eth1
[   98.343799][ T5818] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   98.381147][ T5818] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   98.495666][ T5807] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.539459][ T5824] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   98.595680][ T5824] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   98.626429][ T5824] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   98.670571][ T5824] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   98.729412][ T5807] 8021q: adding VLAN 0 to HW filter on device team0
[   98.770724][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.771270][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.800524][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.824881][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.825332][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.906990][ T5808] 8021q: adding VLAN 0 to HW filter on device team0
[   98.943623][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.943757][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.969913][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.975983][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.976123][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.063909][ T5806] 8021q: adding VLAN 0 to HW filter on device team0
[   99.092372][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.118616][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.118801][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.190974][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.191116][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.257828][ T5818] 8021q: adding VLAN 0 to HW filter on device team0
[   99.263594][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.315720][ T3545] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.320611][ T3545] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.378942][ T3545] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.379102][ T3545] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.415106][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   99.479601][ T4521] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.479762][ T4521] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.515262][ T3562] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.518043][ T3562] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.622663][ T5807] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.774584][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.930298][ T5807] veth0_vlan: entered promiscuous mode
[   99.984868][ T5807] veth1_vlan: entered promiscuous mode
[  100.032463][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.056576][ T5808] veth0_vlan: entered promiscuous mode
[  100.108648][ T5808] veth1_vlan: entered promiscuous mode
[  100.181023][ T5807] veth0_macvtap: entered promiscuous mode
[  100.208512][ T5807] veth1_macvtap: entered promiscuous mode
[  100.225573][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.273145][ T5806] veth0_vlan: entered promiscuous mode
[  100.297820][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.301945][ T5808] veth0_macvtap: entered promiscuous mode
[  100.314084][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.350966][ T5806] veth1_vlan: entered promiscuous mode
[  100.355295][ T5808] veth1_macvtap: entered promiscuous mode
[  100.375120][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.430859][   T68] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.450721][   T68] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.462949][   T68] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.475112][   T68] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.494970][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.590279][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.672789][ T5818] veth0_vlan: entered promiscuous mode
[  100.737979][   T68] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.743079][   T68] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.777945][   T68] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.784004][ T5806] veth0_macvtap: entered promiscuous mode
[  100.800977][   T68] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.802906][ T5818] veth1_vlan: entered promiscuous mode
[  100.851469][ T5806] veth1_macvtap: entered promiscuous mode
[  100.950080][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.950105][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.073376][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.124790][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.145122][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.145142][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.174855][ T5818] veth0_macvtap: entered promiscuous mode
[  101.175936][ T3545] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.204198][ T3545] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.225131][ T5824] veth0_vlan: entered promiscuous mode
[  101.226336][ T3545] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.250018][ T3545] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.252336][ T5818] veth1_macvtap: entered promiscuous mode
[  101.271228][ T3545] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.271250][ T3545] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.398165][ T5824] veth1_vlan: entered promiscuous mode
[  101.579683][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.581149][ T4521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.581166][ T4521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.653541][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.766753][ T4521] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.788862][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.788880][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.792582][ T4521] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.838164][ T4521] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.839931][ T4521] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.864782][ T5824] veth0_macvtap: entered promiscuous mode
[  101.934018][ T5824] veth1_macvtap: entered promiscuous mode
[  101.984638][ T3562] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.984658][ T3562] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.036155][ T5930] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  102.052743][ T5901] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  102.150832][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.201561][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.220805][ T5901] usb 4-1: Using ep0 maxpacket: 32
[  102.243453][ T5901] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  102.243479][ T5901] usb 4-1: config 0 has no interface number 0
[  102.251854][ T5901] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  102.251881][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.251899][ T5901] usb 4-1: Product: syz
[  102.251910][ T5901] usb 4-1: Manufacturer: syz
[  102.251922][ T5901] usb 4-1: SerialNumber: syz
[  102.274597][ T5901] usb 4-1: config 0 descriptor??
[  102.324977][ T4521] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.332311][ T4521] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.359076][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.359096][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.360489][ T4521] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.367524][ T5901] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  102.445866][ T4521] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.716276][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  102.886381][ T5908] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  102.929752][    C0] usb-serial (null): qt2_process_read_urb - unsupported command 11
[  102.940701][ T4521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.940719][ T4521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.046382][ T5908] usb 2-1: Using ep0 maxpacket: 16
[  103.052555][ T5908] usb 2-1: config 1 has an invalid interface number: 234 but max is 0
[  103.052581][ T5908] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  103.052598][ T5908] usb 2-1: config 1 has no interface number 0
[  103.075886][ T5908] usb 2-1: config 1 interface 234 altsetting 11 bulk endpoint 0xA has invalid maxpacket 16
[  103.075919][ T5908] usb 2-1: config 1 interface 234 has no altsetting 0
[  103.104979][ T5908] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=e7.9e
[  103.105006][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.105088][ T5908] usb 2-1: Product: syz
[  103.105100][ T5908] usb 2-1: Manufacturer: syz
[  103.105111][ T5908] usb 2-1: SerialNumber: syz
[  103.180524][ T5935] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  103.182338][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  103.358409][ T5901] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  103.517907][ T5901] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  103.751721][ T5908] usbtest 2-1:1.234: couldn't get endpoints, -22
[  103.751797][ T5908] usbtest 2-1:1.234: probe with driver usbtest failed with error -22
[  103.782924][ T5901] usb 4-1: USB disconnect, device number 2
[  103.879309][ T5908] usb 2-1: USB disconnect, device number 2
[  104.064623][ T5901] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  104.099627][ T5901] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  104.101763][ T5901] quatech2 4-1:0.51: device disconnected
[  104.276517][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  104.604931][ T5950] binder_alloc: 5949: binder_alloc_buf, no vma
[  104.621961][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.621984][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.951892][ T4521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.951911][ T4521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.116379][   T31] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  105.189787][  T994] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  105.273399][   T31] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[  105.273423][   T31] usb 4-1: config 0 has no interface number 0
[  105.273451][   T31] usb 4-1: New USB device found, idVendor=0733, idProduct=0401, bcdDevice=ad.7d
[  105.273462][   T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.312069][   T31] usb 4-1: config 0 descriptor??
[  105.333908][   T31] gspca_main: spca501-2.14.0 probing 0733:0401
[  105.357916][  T994] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  105.357995][  T994] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.358014][  T994] usb 3-1: Product: syz
[  105.358026][  T994] usb 3-1: Manufacturer: syz
[  105.358037][  T994] usb 3-1: SerialNumber: syz
[  105.418176][  T994] usb 3-1: config 0 descriptor??
[  105.454426][  T994] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 002
[  105.587270][ T5955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  105.593192][ T5955] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  105.650665][   T31] gspca_spca501: reg write: error -71
[  105.650681][   T31] spca501 4-1:0.255: Reg write failed for 0x00,0xaa,0x00
[  105.650818][   T31] spca501 4-1:0.255: probe with driver spca501 failed with error -22
[  105.711674][   T31] usb 4-1: USB disconnect, device number 3
[  106.408506][  T994] i2c i2c-1: failure reading functionality
[  106.472010][  T994] i2c i2c-1: connected i2c-tiny-usb device
[  106.516461][  T994] usb 3-1: USB disconnect, device number 2
[  107.738673][ T5892] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  107.855436][ T5980] syz_tun: entered allmulticast mode
[  107.893706][ T5892] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  107.893732][ T5892] usb 2-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  107.893780][ T5892] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  107.947378][ T5892] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  107.947405][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.947421][ T5892] usb 2-1: Product: syz
[  107.947434][ T5892] usb 2-1: Manufacturer: syz
[  107.947445][ T5892] usb 2-1: SerialNumber: syz
[  107.953091][ T5892] usb 2-1: config 0 descriptor??
[  108.000240][ T5892] usb-storage 2-1:0.0: USB Mass Storage device detected
[  108.077207][ T5892] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  108.324590][ T5989] tipc: Started in network mode
[  108.324641][ T5989] tipc: Node identity 00000000000000000000007ade000001, cluster identity 4711
[  108.324697][ T5989] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  108.476562][ T5892] usb 2-1: USB disconnect, device number 3
[  109.154108][ T5993] syz.4.19 uses obsolete (PF_INET,SOCK_PACKET)
[  109.163883][ T5993] netlink: 'syz.4.19': attribute type 1 has an invalid length.
[  109.566244][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  109.686239][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  109.746243][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  109.961630][ T5974] syz.1.14 (5974) used greatest stack depth: 18392 bytes left
[  110.074564][ T5999] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  110.074592][ T5999] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  110.266554][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  110.279565][ T6007] uprobe: syz.4.23:6007 failed to unregister, leaking uprobe
[  110.300707][ T5999] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  110.302926][ T5999] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  110.423509][    T9] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  110.423634][    T9] usb 1-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  110.423684][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  110.594877][    T9] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  110.594937][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.594948][    T9] usb 1-1: Product: syz
[  110.594955][    T9] usb 1-1: Manufacturer: syz
[  110.594961][    T9] usb 1-1: SerialNumber: syz
[  110.600940][    T9] usb 1-1: config 0 descriptor??
[  110.607479][    T9] usb-storage 1-1:0.0: USB Mass Storage device detected
[  110.615999][    T9] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  110.679041][ T5999] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  110.679065][ T5999] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  110.706469][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.838304][    T9] usb 1-1: USB disconnect, device number 2
[  110.993471][ T5999] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  110.993500][ T5999] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  111.080104][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  111.081319][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  111.082464][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  111.083599][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  111.230318][ T6021] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  111.337658][ T5999] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  111.337675][ T5999] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  112.091825][ T6029] netlink: 24 bytes leftover after parsing attributes in process `syz.4.28'.
[  113.675684][ T6037] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.971481][ T6054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.34'.
[  114.142920][ T6037] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.427018][ T6062] FAULT_INJECTION: forcing a failure.
[  114.427018][ T6062] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  114.427069][ T6062] CPU: 1 UID: 0 PID: 6062 Comm: syz.2.35 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  114.427087][ T6062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  114.427103][ T6062] Call Trace:
[  114.427113][ T6062]  <TASK>
[  114.427121][ T6062]  dump_stack_lvl+0x189/0x250
[  114.427155][ T6062]  ? __pfx____ratelimit+0x10/0x10
[  114.427176][ T6062]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.427199][ T6062]  ? __pfx__printk+0x10/0x10
[  114.427220][ T6062]  ? __might_fault+0xb0/0x130
[  114.427255][ T6062]  should_fail_ex+0x46c/0x600
[  114.427282][ T6062]  _copy_from_user+0x2d/0xb0
[  114.427302][ T6062]  do_tcp_setsockopt+0x47d/0x1f20
[  114.427323][ T6062]  ? __pfx_vfs_write+0x10/0x10
[  114.427344][ T6062]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  114.427361][ T6062]  ? do_sys_openat2+0x154/0x1c0
[  114.427382][ T6062]  ? do_sys_openat2+0x154/0x1c0
[  114.427406][ T6062]  ? sock_common_setsockopt+0x36/0xc0
[  114.427427][ T6062]  ? tcp_setsockopt+0x3d/0xe0
[  114.427442][ T6062]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  114.427467][ T6062]  do_sock_setsockopt+0x17c/0x1b0
[  114.427491][ T6062]  __x64_sys_setsockopt+0x145/0x1b0
[  114.427513][ T6062]  do_syscall_64+0xfa/0xfa0
[  114.427532][ T6062]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.427552][ T6062]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.427581][ T6062]  ? clear_bhb_loop+0x60/0xb0
[  114.427601][ T6062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.427617][ T6062] RIP: 0033:0x7fdd33c4efc9
[  114.427637][ T6062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.427651][ T6062] RSP: 002b:00007fdd31eb6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  114.427671][ T6062] RAX: ffffffffffffffda RBX: 00007fdd33ea5fa0 RCX: 00007fdd33c4efc9
[  114.427684][ T6062] RDX: 0000000000000006 RSI: 0000000000000006 RDI: 0000000000000003
[  114.427693][ T6062] RBP: 00007fdd31eb6090 R08: 0000000000000004 R09: 0000000000000000
[  114.427703][ T6062] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  114.427714][ T6062] R13: 00007fdd33ea6038 R14: 00007fdd33ea5fa0 R15: 00007fffaccab178
[  114.427745][ T6062]  </TASK>
[  114.972138][ T6037] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.380520][ T6037] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.570132][ T6074] FAULT_INJECTION: forcing a failure.
[  115.570132][ T6074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.570164][ T6074] CPU: 1 UID: 0 PID: 6074 Comm: syz.2.38 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  115.570183][ T6074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  115.570192][ T6074] Call Trace:
[  115.570199][ T6074]  <TASK>
[  115.570207][ T6074]  dump_stack_lvl+0x189/0x250
[  115.570235][ T6074]  ? __pfx____ratelimit+0x10/0x10
[  115.570255][ T6074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.570277][ T6074]  ? __pfx__printk+0x10/0x10
[  115.570312][ T6074]  should_fail_ex+0x46c/0x600
[  115.570339][ T6074]  _copy_to_user+0x31/0xb0
[  115.570359][ T6074]  simple_read_from_buffer+0xe1/0x170
[  115.570385][ T6074]  proc_fail_nth_read+0x1b6/0x220
[  115.570406][ T6074]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  115.570426][ T6074]  ? rw_verify_area+0x2ac/0x4e0
[  115.570445][ T6074]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  115.570464][ T6074]  vfs_read+0x206/0xa30
[  115.570502][ T6074]  ? __pfx_vfs_read+0x10/0x10
[  115.570519][ T6074]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  115.570546][ T6074]  ? mutex_lock_nested+0x154/0x1d0
[  115.570562][ T6074]  ? fdget_pos+0x253/0x320
[  115.570699][ T6074]  ksys_read+0x14b/0x260
[  115.570719][ T6074]  ? __fget_files+0x2a/0x420
[  115.570738][ T6074]  ? __pfx_ksys_read+0x10/0x10
[  115.570763][ T6074]  ? do_syscall_64+0xbe/0xfa0
[  115.570787][ T6074]  do_syscall_64+0xfa/0xfa0
[  115.570805][ T6074]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.570824][ T6074]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.570840][ T6074]  ? clear_bhb_loop+0x60/0xb0
[  115.570860][ T6074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.570876][ T6074] RIP: 0033:0x7fdd33c4d9dc
[  115.570892][ T6074] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  115.570906][ T6074] RSP: 002b:00007fdd31e95030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  115.570924][ T6074] RAX: ffffffffffffffda RBX: 00007fdd33ea6090 RCX: 00007fdd33c4d9dc
[  115.570937][ T6074] RDX: 000000000000000f RSI: 00007fdd31e950a0 RDI: 0000000000000009
[  115.570948][ T6074] RBP: 00007fdd31e95090 R08: 0000000000000000 R09: 0000000000000000
[  115.570957][ T6074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.570968][ T6074] R13: 00007fdd33ea6128 R14: 00007fdd33ea6090 R15: 00007fffaccab178
[  115.570997][ T6074]  </TASK>
[  116.099685][   T43] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.201825][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.263433][ T4521] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.450425][   T43] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.677701][ T6093] trusted_key: syz.4.42 sent an empty control message without MSG_MORE.
[  116.719243][ T6098] 9pnet_fd: Insufficient options for proto=fd
[  119.176946][ T6116] syz.1.50 (6116) used greatest stack depth: 16088 bytes left
[  119.406121][ T6114] delete_channel: no stack
[  119.641792][ T6127] netlink: 'syz.1.51': attribute type 1 has an invalid length.
[  119.641813][ T6127] netlink: 4 bytes leftover after parsing attributes in process `syz.1.51'.
[  122.834775][ T6161] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  122.997255][ T6158] vlan2: entered promiscuous mode
[  122.997272][ T6158] bond0: entered promiscuous mode
[  122.997280][ T6158] bond_slave_0: entered promiscuous mode
[  122.997440][ T6158] bond_slave_1: entered promiscuous mode
[  125.287485][ T6184] input: syz1 as /devices/virtual/input/input5
[  126.079302][ T6189] netlink: 8 bytes leftover after parsing attributes in process `syz.1.68'.
[  127.448527][ T6209] FAULT_INJECTION: forcing a failure.
[  127.448527][ T6209] name failslab, interval 1, probability 0, space 0, times 0
[  127.448568][ T6209] CPU: 0 UID: 0 PID: 6209 Comm: syz.3.74 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  127.448588][ T6209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  127.448598][ T6209] Call Trace:
[  127.448605][ T6209]  <TASK>
[  127.448613][ T6209]  dump_stack_lvl+0x189/0x250
[  127.448641][ T6209]  ? __pfx____ratelimit+0x10/0x10
[  127.448662][ T6209]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.448685][ T6209]  ? __pfx__printk+0x10/0x10
[  127.448712][ T6209]  ? __ip_dev_find+0x444/0x4e0
[  127.448734][ T6209]  should_fail_ex+0x46c/0x600
[  127.448761][ T6209]  ? dst_alloc+0x105/0x170
[  127.448779][ T6209]  should_failslab+0xa8/0x100
[  127.448803][ T6209]  ? dst_alloc+0x105/0x170
[  127.448820][ T6209]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  127.448850][ T6209]  dst_alloc+0x105/0x170
[  127.448874][ T6209]  ip_route_output_key_hash_rcu+0x1560/0x23e0
[  127.448904][ T6209]  ? ip_route_output_key_hash+0xc1/0x280
[  127.448926][ T6209]  ip_route_output_key_hash+0x174/0x280
[  127.448944][ T6209]  ? __local_bh_enable+0x27b/0x410
[  127.448961][ T6209]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  127.448984][ T6209]  ? __pfx___local_bh_enable+0x10/0x10
[  127.449012][ T6209]  ip_route_output_flow+0x2a/0x150
[  127.449029][ T6209]  ? security_sk_classify_flow+0x70/0x180
[  127.449057][ T6209]  __ip4_datagram_connect+0x9a5/0x1270
[  127.449101][ T6209]  udp_connect+0x33/0x1f0
[  127.449122][ T6209]  __sys_connect+0x323/0x450
[  127.449148][ T6209]  ? __pfx___sys_connect+0x10/0x10
[  127.449178][ T6209]  ? __pfx_ksys_write+0x10/0x10
[  127.449206][ T6209]  __x64_sys_connect+0x7a/0x90
[  127.449224][ T6209]  do_syscall_64+0xfa/0xfa0
[  127.449244][ T6209]  ? lockdep_hardirqs_on+0x9c/0x150
[  127.449263][ T6209]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.449280][ T6209]  ? clear_bhb_loop+0x60/0xb0
[  127.449301][ T6209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.449316][ T6209] RIP: 0033:0x7f75e4c0efc9
[  127.449330][ T6209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.449343][ T6209] RSP: 002b:00007f75e2e6e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  127.449369][ T6209] RAX: ffffffffffffffda RBX: 00007f75e4e65fa0 RCX: 00007f75e4c0efc9
[  127.449381][ T6209] RDX: 0000000000000010 RSI: 0000200000000280 RDI: 0000000000000003
[  127.449392][ T6209] RBP: 00007f75e2e6e090 R08: 0000000000000000 R09: 0000000000000000
[  127.449402][ T6209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.449412][ T6209] R13: 00007f75e4e66038 R14: 00007f75e4e65fa0 R15: 00007ffe45a85d18
[  127.449443][ T6209]  </TASK>
[  127.928234][ T6217] netlink: 'syz.0.64': attribute type 10 has an invalid length.
[  127.928254][ T6217] netlink: 40 bytes leftover after parsing attributes in process `syz.0.64'.
[  127.928564][ T6217] batadv0: entered promiscuous mode
[  127.928585][ T6217] batadv0: entered allmulticast mode
[  127.929498][ T6217] bridge0: port 3(batadv0) entered blocking state
[  127.929636][ T6217] bridge0: port 3(batadv0) entered disabled state
[  127.984567][ T6217] bridge0: port 3(batadv0) entered blocking state
[  127.984733][ T6217] bridge0: port 3(batadv0) entered forwarding state
[  128.056607][ T6220] loop6: detected capacity change from 0 to 7
[  128.307000][   T68] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  128.307018][   T68] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  128.766570][ T6220] Dev loop6: unable to read RDB block 7
[  128.766625][ T6220]  loop6: unable to read partition table
[  128.766860][ T6220] loop6: partition table beyond EOD, truncated
[  128.766891][ T6220] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  131.033162][ T6245] tmpfs: Unknown parameter '00000000000000000003'
[  131.437895][   T31] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  131.528535][ T6256] input: syz1 as /devices/virtual/input/input6
[  131.563753][   T37] audit: type=1326 audit(1761484731.298:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6255 comm="syz.1.88" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3300cdefc9 code=0x0
[  131.606694][   T31] usb 5-1: Using ep0 maxpacket: 32
[  131.624145][   T31] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  131.624168][   T31] usb 5-1: config 0 has no interface number 0
[  131.645066][   T31] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  131.645093][   T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.645116][   T31] usb 5-1: Product: syz
[  131.645128][   T31] usb 5-1: Manufacturer: syz
[  131.645140][   T31] usb 5-1: SerialNumber: syz
[  131.738341][   T31] usb 5-1: config 0 descriptor??
[  131.873612][   T31] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  132.443916][    C1] usb-serial ttyUSB0: qt2_process_read_urb - unsupported command 11
[  132.905743][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  132.924260][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  132.924363][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  132.985888][   T31] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  133.029821][   T31] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  133.055785][   T31] usb 5-1: USB disconnect, device number 2
[  133.236501][   T31] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  133.267952][   T31] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  133.272947][   T31] quatech2 5-1:0.51: device disconnected
[  134.800948][ T6285] QAT: Device 6 not found
[  135.053968][ T6289] netlink: 32 bytes leftover after parsing attributes in process `syz.2.99'.
[  135.101217][ T6289] netlink: 8 bytes leftover after parsing attributes in process `syz.2.99'.
[  137.200802][ T6324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.111'.
[  137.236770][ T6324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.111'.
[  137.245837][ T6324] netlink: 48 bytes leftover after parsing attributes in process `syz.4.111'.
[  137.374429][ T6318] comedi comedi2: comedi_config --init_data is deprecated
[  138.146317][ T5908] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  138.194033][ T6341] overlayfs: failed to resolve './file1/file0': -2
[  138.229511][ T6341] netlink: 44 bytes leftover after parsing attributes in process `syz.1.116'.
[  138.296451][ T5908] usb 1-1: Using ep0 maxpacket: 32
[  138.300989][ T5908] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.301019][ T5908] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.301056][ T5908] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  138.301076][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.314053][ T5908] usb 1-1: config 0 descriptor??
[  138.391187][ T6341] tipc: Can't bind to reserved service type 2
[  138.612156][ T5916] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  139.378106][ T5892] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  139.567779][ T5908] savu 0003:1E7D:2D5A.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  139.864187][ T5916] usb 5-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.10
[  139.864205][ T5916] usb 5-1: New USB device strings: Mfr=68, Product=171, SerialNumber=3
[  139.864219][ T5916] usb 5-1: Product: syz
[  139.864226][ T5916] usb 5-1: Manufacturer: syz
[  139.864238][ T5916] usb 5-1: SerialNumber: syz
[  139.872566][ T5916] usb 5-1: config 0 descriptor??
[  139.877781][ T5892] usb 2-1: Using ep0 maxpacket: 16
[  139.881345][ T5892] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  139.881372][ T5892] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  139.950942][ T5892] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  139.950973][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.950990][ T5892] usb 2-1: Product: syz
[  139.951001][ T5892] usb 2-1: Manufacturer: syz
[  139.951014][ T5892] usb 2-1: SerialNumber: syz
[  139.993168][   T10] usb 1-1: USB disconnect, device number 3
[  139.998099][ T5916] go7007 5-1:0.0: probe with driver go7007 failed with error -12
[  140.029692][ T5892] usb 2-1: config 0 descriptor??
[  140.061611][ T5892] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  140.061643][ T5892] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  140.401418][ T5871] usb 5-1: USB disconnect, device number 3
[  140.876045][ T5892] em28xx 2-1:0.0: unknown em28xx chip ID (180)
[  141.078419][ T5892] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  141.080243][ T5892] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[  141.080261][ T5892] em28xx 2-1:0.0: No AC97 audio processor
[  141.107650][ T5892] usb 2-1: USB disconnect, device number 4
[  141.109890][ T5892] em28xx 2-1:0.0: Disconnecting em28xx
[  141.128719][ T5892] em28xx 2-1:0.0: Freeing device
[  145.203188][ T6393] netlink: 4 bytes leftover after parsing attributes in process `syz.4.133'.
[  145.554745][ T6399] sctp: [Deprecated]: syz.1.130 (pid 6399) Use of int in max_burst socket option.
[  145.554745][ T6399] Use struct sctp_assoc_value instead
[  146.432816][ T5916] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  146.478785][ T6405] overlayfs: failed to resolve './file1': -2
[  146.558822][ T6407] FAULT_INJECTION: forcing a failure.
[  146.558822][ T6407] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.558853][ T6407] CPU: 0 UID: 0 PID: 6407 Comm: syz.0.137 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  146.558872][ T6407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  146.558882][ T6407] Call Trace:
[  146.558888][ T6407]  <TASK>
[  146.558896][ T6407]  dump_stack_lvl+0x189/0x250
[  146.558924][ T6407]  ? __pfx____ratelimit+0x10/0x10
[  146.558944][ T6407]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.558967][ T6407]  ? __pfx__printk+0x10/0x10
[  146.559002][ T6407]  should_fail_ex+0x46c/0x600
[  146.559030][ T6407]  strncpy_from_user+0x36/0x290
[  146.559056][ T6407]  __se_sys_request_key+0xa2/0x340
[  146.559081][ T6407]  ? ksys_write+0x230/0x260
[  146.559100][ T6407]  ? __pfx___se_sys_request_key+0x10/0x10
[  146.559131][ T6407]  ? do_syscall_64+0xbe/0xfa0
[  146.559156][ T6407]  do_syscall_64+0xfa/0xfa0
[  146.559175][ T6407]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.559194][ T6407]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.559211][ T6407]  ? clear_bhb_loop+0x60/0xb0
[  146.559232][ T6407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.559248][ T6407] RIP: 0033:0x7ff3027eefc9
[  146.559264][ T6407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.559278][ T6407] RSP: 002b:00007ff300a35038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  146.559296][ T6407] RAX: ffffffffffffffda RBX: 00007ff302a46090 RCX: 00007ff3027eefc9
[  146.559308][ T6407] RDX: 00002000000027c0 RSI: 0000200000002780 RDI: 0000200000002740
[  146.559320][ T6407] RBP: 00007ff300a35090 R08: 0000000000000000 R09: 0000000000000000
[  146.559331][ T6407] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  146.559342][ T6407] R13: 00007ff302a46128 R14: 00007ff302a46090 R15: 00007ffc37a2b748
[  146.559373][ T6407]  </TASK>
[  146.606329][ T5916] usb 5-1: device descriptor read/64, error -71
[  146.876880][ T6410] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  146.983071][ T5916] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  147.126303][ T5916] usb 5-1: device descriptor read/64, error -71
[  147.240232][ T5916] usb usb5-port1: attempt power cycle
[  148.506676][ T5916] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  148.542935][    C0] raw-gadget.0 gadget.4: ignoring, device is not running
[  148.553458][ T5916] usb 5-1: device descriptor read/8, error -32
[  150.160671][ T6453] netlink: 12 bytes leftover after parsing attributes in process `syz.2.155'.
[  150.160692][ T6453] tipc: Cannot configure node identity twice
[  151.486343][ T5893] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  151.582017][ T5916] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  151.734926][ T5893] usb 4-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.10
[  151.734953][ T5893] usb 4-1: New USB device strings: Mfr=68, Product=171, SerialNumber=3
[  151.734972][ T5893] usb 4-1: Product: syz
[  151.734984][ T5893] usb 4-1: Manufacturer: syz
[  151.734995][ T5893] usb 4-1: SerialNumber: syz
[  151.771868][ T5893] usb 4-1: config 0 descriptor??
[  151.778578][ T5916] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  151.778603][ T5916] usb 5-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  151.778648][ T5916] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  151.783335][ T5916] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  151.783361][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.783378][ T5916] usb 5-1: Product: syz
[  151.783390][ T5916] usb 5-1: Manufacturer: syz
[  151.783400][ T5916] usb 5-1: SerialNumber: syz
[  151.872995][ T5916] usb 5-1: config 0 descriptor??
[  151.874571][ T5893] go7007 4-1:0.0: probe with driver go7007 failed with error -12
[  151.904441][ T5916] usb-storage 5-1:0.0: USB Mass Storage device detected
[  151.937717][ T5916] usb-storage 5-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  151.963480][ T6477] uprobe: syz.1.162:6477 failed to unregister, leaking uprobe
[  152.095054][ T5916] usb 5-1: USB disconnect, device number 8
[  152.107546][ T6484] mmap: syz.2.164 (6484) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  152.408637][ T6490] fuse: Bad value for 'user_id'
[  152.408654][ T6490] fuse: Bad value for 'user_id'
[  152.522985][ T6492] warning: `syz.1.167' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  153.011209][ T5916] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  153.217038][ T5916] usb 2-1: Using ep0 maxpacket: 8
[  153.872550][ T5916] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  153.872577][ T5916] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  153.872598][ T5916] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  153.872619][ T5916] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  153.872657][ T5916] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  153.872678][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.014107][   T44] usb 4-1: USB disconnect, device number 4
[  154.160107][ T5916] usb 2-1: GET_CAPABILITIES returned 0
[  154.160159][ T5916] usbtmc 2-1:16.0: can't read capabilities
[  154.323327][ T6511] netlink: 'syz.3.175': attribute type 1 has an invalid length.
[  154.323346][ T6511] netlink: 228 bytes leftover after parsing attributes in process `syz.3.175'.
[  154.323955][ T6511] netlink: 168 bytes leftover after parsing attributes in process `syz.3.175'.
[  154.324489][ T6511] netlink: 60 bytes leftover after parsing attributes in process `syz.3.175'.
[  154.384043][   T44] usb 2-1: USB disconnect, device number 5
[  157.621296][ T6553] binder: 6551:6553 ioctl c0306201 200000000080 returned -14
[  157.836313][ T5916] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  158.028898][ T5916] usb 1-1: config 166 has an invalid interface number: 59 but max is 0
[  158.028923][ T5916] usb 1-1: config 166 has no interface number 0
[  158.029296][ T5916] usb 1-1: config 166 interface 59 altsetting 248 bulk endpoint 0xE has invalid maxpacket 64
[  158.029319][ T5916] usb 1-1: config 166 interface 59 has no altsetting 0
[  158.032499][ T5916] usb 1-1: New USB device found, idVendor=08ca, idProduct=2028, bcdDevice=34.d2
[  158.032524][ T5916] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.032541][ T5916] usb 1-1: Product: 爫뵗ㆃ㼯ޟ�ﻓꚲ᜽��讪ℨ奓蠀䘭炨꽊ᓦና韟뇽繴鵖짮駥ꭞ苺ਖ਼棻㊮嫻�웩脙�१���觲地㯘໠໇ѿ胈䌠㠱⣎�⟓䂊닻몹倹�ꜞ錗葼戨带縜雕䌉䞢
[  158.032562][ T5916] usb 1-1: Manufacturer: 殸隩淚嘾父︰㧿磈眦⨵䜓兌䉉ꘃⓀ뵴庾䈖啪㡿ꎄ�涑䕨ꗑ후朩鋘�쥶喼춋猊縒�暦�ᢃ�游ᵿ䤑��녡鄒倓鈲拠房邪⬺놦颂铘镤ꖆ儙໻犆뿵涓᤾矧ẓ㲓ꦦ트䴹��㾌㧉迴瑈
[  158.032584][ T5916] usb 1-1: SerialNumber: �
[  158.084655][ T6552] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  158.216298][   T44] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  158.322611][ T5916] gspca_main: sunplus-2.14.0 probing 08ca:2028
[  158.323156][ T5916] gspca_sunplus: reg_r err -71
[  158.345265][ T5916] sunplus 1-1:166.59: probe with driver sunplus failed with error -71
[  158.371657][ T5916] usb 1-1: USB disconnect, device number 4
[  158.381186][   T44] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  158.381213][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.405240][   T44] usb 3-1: config 0 descriptor??
[  158.435215][   T44] cp210x 3-1:0.0: cp210x converter detected
[  158.833283][   T44] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  158.894496][   T44] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71
[  158.894551][   T44] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  158.906195][   T44] usb 3-1: cp210x converter now attached to ttyUSB0
[  158.934098][   T44] usb 3-1: USB disconnect, device number 3
[  158.963667][   T44] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  158.964168][   T44] cp210x 3-1:0.0: device disconnected
[  160.706327][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  160.858869][   T10] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  160.858894][   T10] usb 2-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  160.858942][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  160.863832][   T10] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  160.863953][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.863972][   T10] usb 2-1: Product: syz
[  160.863984][   T10] usb 2-1: Manufacturer: syz
[  160.863997][   T10] usb 2-1: SerialNumber: syz
[  160.867453][   T10] usb 2-1: config 0 descriptor??
[  160.948247][   T10] usb-storage 2-1:0.0: USB Mass Storage device detected
[  160.953329][   T10] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  161.204518][ T5893] usb 2-1: USB disconnect, device number 6
[  162.675924][ T6639] binder: Bad value for 'stats'
[  162.708297][ T6639] netlink: 44 bytes leftover after parsing attributes in process `syz.2.203'.
[  163.607103][ T6661] tipc: Started in network mode
[  163.607122][ T6661] tipc: Node identity 22dd67513d7d, cluster identity 4711
[  163.609059][ T6661] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  163.615958][ T6661] syzkaller0: entered promiscuous mode
[  163.615982][ T6661] syzkaller0: entered allmulticast mode
[  163.668703][ T6661] tipc: Resetting bearer <eth:syzkaller0>
[  163.746479][ T6660] tipc: Resetting bearer <eth:syzkaller0>
[  163.997666][ T6660] tipc: Disabling bearer <eth:syzkaller0>
[  164.620528][   T44] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  164.642681][    C0] vkms_vblank_simulate: vblank timer overrun
[  165.400575][    C0] vkms_vblank_simulate: vblank timer overrun
[  165.503983][    C0] vkms_vblank_simulate: vblank timer overrun
[  165.513344][   T44] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  165.513370][   T44] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  165.513432][   T44] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  165.582635][   T44] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  165.582655][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.582665][   T44] usb 2-1: Product: syz
[  165.582672][   T44] usb 2-1: Manufacturer: syz
[  165.582679][   T44] usb 2-1: SerialNumber: syz
[  165.688134][    C0] vkms_vblank_simulate: vblank timer overrun
[  165.723262][   T44] usb 2-1: config 0 descriptor??
[  165.864001][   T44] usb-storage 2-1:0.0: USB Mass Storage device detected
[  165.875047][   T44] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  166.182923][    C0] vkms_vblank_simulate: vblank timer overrun
[  166.238175][   T44] usb 2-1: USB disconnect, device number 7
[  166.386405][    C0] vkms_vblank_simulate: vblank timer overrun
[  166.417861][    C0] vkms_vblank_simulate: vblank timer overrun
[  166.466672][ T6692] netlink: 24 bytes leftover after parsing attributes in process `syz.3.216'.
[  166.506814][   T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  166.850392][    C0] vkms_vblank_simulate: vblank timer overrun
[  167.105677][    C0] vkms_vblank_simulate: vblank timer overrun
[  167.262379][   T10] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.10
[  167.262396][   T10] usb 1-1: New USB device strings: Mfr=68, Product=171, SerialNumber=3
[  167.262406][   T10] usb 1-1: Product: syz
[  167.262413][   T10] usb 1-1: Manufacturer: syz
[  167.262419][   T10] usb 1-1: SerialNumber: syz
[  167.300537][   T10] usb 1-1: config 0 descriptor??
[  167.304870][   T10] go7007 1-1:0.0: probe with driver go7007 failed with error -12
[  167.529908][ T5871] usb 1-1: USB disconnect, device number 5
[  167.796298][  T994] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  167.926301][  T994] usb 2-1: device descriptor read/64, error -71
[  168.072777][ T6711] QAT: Device 6 not found
[  168.166936][  T994] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  168.306311][  T994] usb 2-1: device descriptor read/64, error -71
[  168.416800][  T994] usb usb2-port1: attempt power cycle
[  168.526348][ T5871] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  168.572643][    C0] vkms_vblank_simulate: vblank timer overrun
[  168.676583][ T5871] usb 1-1: Using ep0 maxpacket: 8
[  168.840369][  T994] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  169.050319][  T994] usb 2-1: device descriptor read/8, error -71
[  169.288082][ T5871] usb 1-1: unable to get BOS descriptor or descriptor too short
[  169.397150][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.428107][ T5871] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  169.428138][ T5871] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  169.428163][ T5871] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  169.428183][ T5871] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[  169.428204][ T5871] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  169.428223][ T5871] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  169.446403][  T994] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  169.459500][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.488221][  T994] usb 2-1: device descriptor read/8, error -71
[  169.519004][ T5871] usb 1-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  169.519031][ T5871] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.519048][ T5871] usb 1-1: Product: syz
[  169.519060][ T5871] usb 1-1: Manufacturer: syz
[  169.519072][ T5871] usb 1-1: SerialNumber: syz
[  169.541541][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.579152][ T5871] usb 1-1: config 0 descriptor??
[  169.582053][ T6719] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  169.609303][  T994] usb usb2-port1: unable to enumerate USB device
[  169.667734][ T5871] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  169.713913][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.809476][ T6726] overlayfs: failed to resolve './file1/file0': -2
[  169.863583][ T6727] netlink: 44 bytes leftover after parsing attributes in process `syz.3.229'.
[  170.256791][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  170.406367][    T9] usb 4-1: Using ep0 maxpacket: 16
[  170.410614][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  170.410644][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  170.414001][    T9] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  170.414028][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.414045][    T9] usb 4-1: Product: syz
[  170.414057][    T9] usb 4-1: Manufacturer: syz
[  170.414069][    T9] usb 4-1: SerialNumber: syz
[  170.419726][    T9] usb 4-1: config 0 descriptor??
[  170.473057][ T5893] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  170.500350][    C0] vkms_vblank_simulate: vblank timer overrun
[  170.538800][    T9] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  170.538832][    T9] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  170.605251][ T6737] netlink: 'syz.2.232': attribute type 10 has an invalid length.
[  170.605272][ T6737] netlink: 40 bytes leftover after parsing attributes in process `syz.2.232'.
[  170.958880][ T5893] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  170.958906][ T5893] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  170.958957][ T5893] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  170.962089][ T5893] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  170.962114][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.962138][ T5893] usb 5-1: Product: syz
[  170.962151][ T5893] usb 5-1: Manufacturer: syz
[  170.962164][ T5893] usb 5-1: SerialNumber: syz
[  170.965115][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.010485][ T5893] usb 5-1: config 0 descriptor??
[  171.019064][ T5893] usb-storage 5-1:0.0: USB Mass Storage device detected
[  171.030464][ T5893] usb-storage 5-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  171.148445][ T6742] netlink: 12 bytes leftover after parsing attributes in process `syz.1.233'.
[  171.196433][ T6737] batadv0: entered promiscuous mode
[  171.196450][ T6737] batadv0: entered allmulticast mode
[  171.196985][ T6737] bridge0: port 3(batadv0) entered blocking state
[  171.197055][ T6737] bridge0: port 3(batadv0) entered disabled state
[  171.199797][ T6737] bridge0: port 3(batadv0) entered blocking state
[  171.199928][ T6737] bridge0: port 3(batadv0) entered forwarding state
[  171.222199][ T5885] usb 5-1: USB disconnect, device number 9
[  171.305593][ T6742] FAULT_INJECTION: forcing a failure.
[  171.305593][ T6742] name failslab, interval 1, probability 0, space 0, times 0
[  171.305624][ T6742] CPU: 1 UID: 0 PID: 6742 Comm: syz.1.233 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  171.305645][ T6742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  171.305655][ T6742] Call Trace:
[  171.305662][ T6742]  <TASK>
[  171.305670][ T6742]  dump_stack_lvl+0x189/0x250
[  171.305698][ T6742]  ? __pfx____ratelimit+0x10/0x10
[  171.305719][ T6742]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.305742][ T6742]  ? __pfx__printk+0x10/0x10
[  171.305768][ T6742]  ? __pfx___might_resched+0x10/0x10
[  171.305787][ T6742]  ? fs_reclaim_acquire+0x7d/0x100
[  171.305816][ T6742]  should_fail_ex+0x46c/0x600
[  171.305842][ T6742]  ? __alloc_skb+0x112/0x2d0
[  171.305858][ T6742]  should_failslab+0xa8/0x100
[  171.305882][ T6742]  ? __alloc_skb+0x112/0x2d0
[  171.305897][ T6742]  kmem_cache_alloc_node_noprof+0x78/0x6e0
[  171.305920][ T6742]  ? netlink_autobind+0xdb/0x300
[  171.305943][ T6742]  __alloc_skb+0x112/0x2d0
[  171.305964][ T6742]  netlink_sendmsg+0x5c6/0xb30
[  171.305980][ T6742]  ? is_bpf_text_address+0x26/0x2b0
[  171.306013][ T6742]  ? __pfx_netlink_sendmsg+0x10/0x10
[  171.306039][ T6742]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  171.306061][ T6742]  ? __pfx_netlink_sendmsg+0x10/0x10
[  171.306079][ T6742]  __sock_sendmsg+0x21c/0x270
[  171.306105][ T6742]  ____sys_sendmsg+0x508/0x820
[  171.306129][ T6742]  ? __pfx_____sys_sendmsg+0x10/0x10
[  171.306160][ T6742]  ? import_iovec+0x74/0xa0
[  171.306178][ T6742]  ___sys_sendmsg+0x21f/0x2a0
[  171.306199][ T6742]  ? __pfx____sys_sendmsg+0x10/0x10
[  171.306255][ T6742]  ? __fget_files+0x2a/0x420
[  171.306276][ T6742]  ? __fget_files+0x3a6/0x420
[  171.306308][ T6742]  __x64_sys_sendmsg+0x1a1/0x260
[  171.306330][ T6742]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  171.306366][ T6742]  ? __pfx_ksys_write+0x10/0x10
[  171.306390][ T6742]  ? do_syscall_64+0xbe/0xfa0
[  171.306415][ T6742]  do_syscall_64+0xfa/0xfa0
[  171.306433][ T6742]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.306453][ T6742]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.306470][ T6742]  ? clear_bhb_loop+0x60/0xb0
[  171.306490][ T6742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.306506][ T6742] RIP: 0033:0x7f3300cdefc9
[  171.306522][ T6742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.306535][ T6742] RSP: 002b:00007f32fef46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.306554][ T6742] RAX: ffffffffffffffda RBX: 00007f3300f35fa0 RCX: 00007f3300cdefc9
[  171.306567][ T6742] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000007
[  171.306578][ T6742] RBP: 00007f32fef46090 R08: 0000000000000000 R09: 0000000000000000
[  171.306589][ T6742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.306600][ T6742] R13: 00007f3300f36038 R14: 00007f3300f35fa0 R15: 00007ffca4d89b88
[  171.306631][ T6742]  </TASK>
[  171.333089][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.333277][   T43] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  171.333292][   T43] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  171.558169][ T5885] usb 1-1: USB disconnect, device number 6
[  171.633281][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.645478][    T9] em28xx 4-1:0.0: unknown em28xx chip ID (180)
[  172.311962][    C0] vkms_vblank_simulate: vblank timer overrun
[  172.325653][    T9] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[  172.326632][    T9] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[  172.326649][    T9] em28xx 4-1:0.0: No AC97 audio processor
[  172.341879][    T9] usb 4-1: USB disconnect, device number 5
[  172.344198][    T9] em28xx 4-1:0.0: Disconnecting em28xx
[  172.345850][    T9] em28xx 4-1:0.0: Freeing device
[  172.382639][ T6743] veth3: entered promiscuous mode
[  172.382663][ T6743] veth3: entered allmulticast mode
[  172.383992][ T6743] bridge1: port 1(veth3) entered blocking state
[  172.384138][ T6743] bridge1: port 1(veth3) entered disabled state
[  172.393562][ T6743] bridge1: port 1(veth3) entered blocking state
[  172.393716][ T6743] bridge1: port 1(veth3) entered forwarding state
[  172.530658][    C0] vkms_vblank_simulate: vblank timer overrun
[  172.627330][   T12] bridge1: port 1(veth3) entered disabled state
[  172.630771][ T6752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.236'.
[  172.948159][    C0] vkms_vblank_simulate: vblank timer overrun
[  172.965544][ T6766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.241'.
[  173.991877][ T6766] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  174.141386][ T6777] 9pnet_fd: Insufficient options for proto=fd
[  175.288311][ T6797] FAULT_INJECTION: forcing a failure.
[  175.288311][ T6797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.288342][ T6797] CPU: 1 UID: 0 PID: 6797 Comm: syz.1.251 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  175.288361][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  175.288371][ T6797] Call Trace:
[  175.288378][ T6797]  <TASK>
[  175.288386][ T6797]  dump_stack_lvl+0x189/0x250
[  175.288414][ T6797]  ? __pfx____ratelimit+0x10/0x10
[  175.288435][ T6797]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.288458][ T6797]  ? __pfx__printk+0x10/0x10
[  175.288478][ T6797]  ? __might_fault+0xb0/0x130
[  175.288512][ T6797]  should_fail_ex+0x46c/0x600
[  175.288539][ T6797]  _copy_from_iter+0x1de/0x1790
[  175.288579][ T6797]  ? __pfx__copy_from_iter+0x10/0x10
[  175.288608][ T6797]  ? rcu_is_watching+0x15/0xb0
[  175.288624][ T6797]  ? kfree+0x51/0x950
[  175.288639][ T6797]  ? file_tty_write+0x32e/0xa30
[  175.288662][ T6797]  file_tty_write+0x4ca/0xa30
[  175.288699][ T6797]  vfs_write+0x5d5/0xb40
[  175.288724][ T6797]  ? __pfx_tty_write+0x10/0x10
[  175.288742][ T6797]  ? __pfx_vfs_write+0x10/0x10
[  175.288772][ T6797]  ? __fget_files+0x2a/0x420
[  175.288803][ T6797]  ksys_write+0x14b/0x260
[  175.288827][ T6797]  ? __pfx_ksys_write+0x10/0x10
[  175.288854][ T6797]  ? do_syscall_64+0xbe/0xfa0
[  175.288878][ T6797]  do_syscall_64+0xfa/0xfa0
[  175.288896][ T6797]  ? lockdep_hardirqs_on+0x9c/0x150
[  175.288915][ T6797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.288932][ T6797]  ? clear_bhb_loop+0x60/0xb0
[  175.288952][ T6797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.288968][ T6797] RIP: 0033:0x7f3300cdefc9
[  175.288983][ T6797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.288997][ T6797] RSP: 002b:00007f32fef25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  175.289017][ T6797] RAX: ffffffffffffffda RBX: 00007f3300f36090 RCX: 00007f3300cdefc9
[  175.289030][ T6797] RDX: 0000000000001006 RSI: 0000200000001c40 RDI: 0000000000000005
[  175.289041][ T6797] RBP: 00007f32fef25090 R08: 0000000000000000 R09: 0000000000000000
[  175.289051][ T6797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.289060][ T6797] R13: 00007f3300f36128 R14: 00007f3300f36090 R15: 00007ffca4d89b88
[  175.289092][ T6797]  </TASK>
[  175.656382][   T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  175.842412][   T10] usb 4-1: config 166 has an invalid interface number: 59 but max is 0
[  175.842439][   T10] usb 4-1: config 166 has no interface number 0
[  175.842494][   T10] usb 4-1: config 166 interface 59 altsetting 248 bulk endpoint 0xE has invalid maxpacket 64
[  175.842518][   T10] usb 4-1: config 166 interface 59 has no altsetting 0
[  175.854617][   T10] usb 4-1: New USB device found, idVendor=08ca, idProduct=2028, bcdDevice=34.d2
[  175.854644][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.854661][   T10] usb 4-1: Product: 爫뵗ㆃ㼯ޟ�ﻓꚲ᜽��讪ℨ奓蠀䘭炨꽊ᓦና韟뇽繴鵖짮駥ꭞ苺ਖ਼棻㊮嫻�웩脙�१���觲地㯘໠໇ѿ胈䌠㠱⣎�⟓䂊닻몹倹�ꜞ錗葼戨带縜雕䌉䞢
[  175.854681][   T10] usb 4-1: Manufacturer: 殸隩淚嘾父︰㧿磈眦⨵䜓兌䉉ꘃⓀ뵴庾䈖啪㡿ꎄ�涑䕨ꗑ후朩鋘�쥶喼춋猊縒�暦�ᢃ�游ᵿ䤑��녡鄒倓鈲拠房邪⬺놦颂铘镤ꖆ儙໻犆뿵涓᤾矧ẓ㲓ꦦ트䴹��㾌㧉迴瑈
[  175.854710][   T10] usb 4-1: SerialNumber: �
[  175.869538][ T6803] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  176.153681][   T10] gspca_main: sunplus-2.14.0 probing 08ca:2028
[  176.154208][   T10] gspca_sunplus: reg_r err -71
[  176.154296][   T10] sunplus 4-1:166.59: probe with driver sunplus failed with error -71
[  176.172682][   T10] usb 4-1: USB disconnect, device number 6
[  177.687490][ T5878] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  178.630450][ T5878] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  178.630477][ T5878] usb 1-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  178.630520][ T5878] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  178.645453][ T5878] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  178.645480][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.645497][ T5878] usb 1-1: Product: syz
[  178.645509][ T5878] usb 1-1: Manufacturer: syz
[  178.645585][ T5878] usb 1-1: SerialNumber: syz
[  178.715805][ T5878] usb 1-1: config 0 descriptor??
[  178.732735][ T5878] usb-storage 1-1:0.0: USB Mass Storage device detected
[  178.869155][ T5878] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  179.021003][ T5878] usb 1-1: USB disconnect, device number 7
[  180.123973][   T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  180.361952][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  180.362008][   T10] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  180.362029][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.384246][   T10] usb 4-1: config 0 descriptor??
[  180.413173][   T10] pwc: Askey VC010 type 2 USB webcam detected.
[  181.762671][   T10] pwc: recv_control_msg error -32 req 02 val 2b00
[  181.806925][ T6836] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96
[  181.815144][   T10] pwc: recv_control_msg error -32 req 02 val 2700
[  181.817508][   T10] pwc: recv_control_msg error -32 req 02 val 2c00
[  181.818186][   T10] pwc: recv_control_msg error -32 req 04 val 1000
[  181.821560][   T10] pwc: recv_control_msg error -32 req 04 val 1300
[  181.822718][   T10] pwc: recv_control_msg error -32 req 04 val 1400
[  184.019412][   T10] pwc: recv_control_msg error -71 req 02 val 2000
[  184.019900][   T10] pwc: recv_control_msg error -71 req 02 val 2100
[  184.020367][   T10] pwc: recv_control_msg error -71 req 04 val 1500
[  184.020831][   T10] pwc: recv_control_msg error -71 req 02 val 2500
[  184.021669][   T10] pwc: recv_control_msg error -71 req 02 val 2400
[  184.022249][   T10] pwc: recv_control_msg error -71 req 02 val 2600
[  184.022710][   T10] pwc: recv_control_msg error -71 req 02 val 2900
[  184.023201][   T10] pwc: recv_control_msg error -71 req 02 val 2800
[  184.023922][   T10] pwc: recv_control_msg error -71 req 04 val 1100
[  184.024394][   T10] pwc: recv_control_msg error -71 req 04 val 1200
[  184.033929][   T10] pwc: Registered as video103.
[  184.040635][   T10] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input7
[  184.107795][   T10] usb 4-1: USB disconnect, device number 7
[  184.286440][ T6858] FAULT_INJECTION: forcing a failure.
[  184.286440][ T6858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.286471][ T6858] CPU: 1 UID: 0 PID: 6858 Comm: syz.4.270 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  184.286491][ T6858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  184.286501][ T6858] Call Trace:
[  184.286508][ T6858]  <TASK>
[  184.286516][ T6858]  dump_stack_lvl+0x189/0x250
[  184.286544][ T6858]  ? __pfx____ratelimit+0x10/0x10
[  184.286564][ T6858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.286587][ T6858]  ? __pfx__printk+0x10/0x10
[  184.286607][ T6858]  ? __might_fault+0xb0/0x130
[  184.286640][ T6858]  should_fail_ex+0x46c/0x600
[  184.286668][ T6858]  _copy_from_user+0x2d/0xb0
[  184.286687][ T6858]  do_seccomp+0x1a3/0xce0
[  184.286711][ T6858]  ? __pfx_do_seccomp+0x10/0x10
[  184.286730][ T6858]  ? ksys_write+0x230/0x260
[  184.286752][ T6858]  ? __pfx_ksys_write+0x10/0x10
[  184.286769][ T6858]  ? arch_syscall_is_vdso_sigreturn+0x120/0x1a0
[  184.286793][ T6858]  ? syscall_user_dispatch+0x4f/0x90
[  184.286827][ T6858]  do_syscall_64+0xfa/0xfa0
[  184.286847][ T6858]  ? lockdep_hardirqs_on+0x9c/0x150
[  184.286867][ T6858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.286884][ T6858]  ? clear_bhb_loop+0x60/0xb0
[  184.286904][ T6858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.286921][ T6858] RIP: 0033:0x7fcfc7b6efc9
[  184.286936][ T6858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.286950][ T6858] RSP: 002b:00007fcfc5dd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  184.286968][ T6858] RAX: ffffffffffffffda RBX: 00007fcfc7dc5fa0 RCX: 00007fcfc7b6efc9
[  184.286981][ T6858] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000001
[  184.286991][ T6858] RBP: 00007fcfc5dd6090 R08: 0000000000000000 R09: 0000000000000000
[  184.287002][ T6858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.287012][ T6858] R13: 00007fcfc7dc6038 R14: 00007fcfc7dc5fa0 R15: 00007ffdd397ca08
[  184.287043][ T6858]  </TASK>
[  188.308213][ T5908] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  188.360672][ T6912] comedi comedi0: comedi_config --init_data is deprecated
[  188.551655][ T5908] usb 3-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.10
[  188.551683][ T5908] usb 3-1: New USB device strings: Mfr=68, Product=171, SerialNumber=3
[  188.551701][ T5908] usb 3-1: Product: syz
[  188.551713][ T5908] usb 3-1: Manufacturer: syz
[  188.551725][ T5908] usb 3-1: SerialNumber: syz
[  188.561230][ T5908] usb 3-1: config 0 descriptor??
[  188.592816][ T5908] go7007 3-1:0.0: probe with driver go7007 failed with error -12
[  188.679208][ T6918] ptrace attach of "./syz-executor exec"[5808] was attempted by "./syz-executor exec"[6918]
[  188.736336][ T5871] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  188.990102][ T5871] usb 4-1: config 255 has too many interfaces: 249, using maximum allowed: 32
[  188.990127][ T5871] usb 4-1: config 255 has an invalid descriptor of length 132, skipping remainder of the config
[  188.990156][ T5871] usb 4-1: config 255 has 0 interfaces, different from the descriptor's value: 249
[  189.033396][ T5871] usb 4-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.f4
[  189.033414][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.033423][ T5871] usb 4-1: Product: syz
[  189.033430][ T5871] usb 4-1: Manufacturer: syz
[  189.033437][ T5871] usb 4-1: SerialNumber: syz
[  189.441360][ T5916] usb 4-1: USB disconnect, device number 8
[  190.532123][ T5878] usb 3-1: USB disconnect, device number 4
[  190.835312][ T6945] netlink: 'syz.2.293': attribute type 1 has an invalid length.
[  193.326605][ T5916] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  193.530699][ T5916] usb 2-1: too many configurations: 151, using maximum allowed: 8
[  193.562607][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.562673][ T5916] usb 2-1: config 0 has no interfaces?
[  193.604927][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.604982][ T5916] usb 2-1: config 0 has no interfaces?
[  193.630524][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.630591][ T5916] usb 2-1: config 0 has no interfaces?
[  193.673919][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.673977][ T5916] usb 2-1: config 0 has no interfaces?
[  193.775899][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.775964][ T5916] usb 2-1: config 0 has no interfaces?
[  193.817118][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.817182][ T5916] usb 2-1: config 0 has no interfaces?
[  193.846686][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.846743][ T5916] usb 2-1: config 0 has no interfaces?
[  193.883468][ T5916] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.883522][ T5916] usb 2-1: config 0 has no interfaces?
[  193.988754][ T5916] usb 2-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[  193.988819][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[  193.988926][ T5916] usb 2-1: Product: syz
[  193.988939][ T5916] usb 2-1: Manufacturer: syz
[  193.988992][ T5916] usb 2-1: SerialNumber: syz
[  194.354790][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  194.355719][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  194.421029][ T5916] usb 2-1: config 0 descriptor??
[  197.426964][ T5878] usb 2-1: USB disconnect, device number 12
[  197.981649][ T6997] loop9: detected capacity change from 0 to 7
[  198.104704][ T6997] Dev loop9: unable to read RDB block 7
[  198.104757][ T6997]  loop9: unable to read partition table
[  198.105194][ T6997] loop9: partition table beyond EOD, truncated
[  198.105213][ T6997] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  201.461735][ T5878] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  201.773106][ T7048] syz_tun: entered allmulticast mode
[  201.774778][ T7048] netlink: 4 bytes leftover after parsing attributes in process `syz.1.327'.
[  201.868677][ T5878] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  201.868730][ T5878] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  201.868760][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.878166][ T5878] usb 5-1: config 0 descriptor??
[  201.894783][ T5878] pwc: Askey VC010 type 2 USB webcam detected.
[  202.055407][ T7053] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  202.819135][ T5878] pwc: recv_control_msg error -32 req 02 val 2b00
[  202.820645][ T5878] pwc: recv_control_msg error -32 req 02 val 2700
[  202.824466][ T5878] pwc: recv_control_msg error -32 req 02 val 2c00
[  202.825172][ T5878] pwc: recv_control_msg error -32 req 04 val 1000
[  202.826713][ T5878] pwc: recv_control_msg error -32 req 04 val 1300
[  202.858349][ T5878] pwc: recv_control_msg error -32 req 04 val 1400
[  202.889926][ T5878] pwc: recv_control_msg error -32 req 02 val 2000
[  202.897597][ T5878] pwc: recv_control_msg error -32 req 02 val 2100
[  203.312070][ T5878] pwc: recv_control_msg error -71 req 02 val 2400
[  203.313838][ T5878] pwc: recv_control_msg error -71 req 02 val 2600
[  203.314179][ T5878] pwc: recv_control_msg error -71 req 02 val 2900
[  203.314858][ T5878] pwc: recv_control_msg error -71 req 02 val 2800
[  203.315640][ T5878] pwc: recv_control_msg error -71 req 04 val 1100
[  203.317675][ T5878] pwc: recv_control_msg error -71 req 04 val 1200
[  203.319958][ T5878] pwc: Registered as video103.
[  203.368744][ T5878] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input8
[  203.465295][ T5878] usb 5-1: USB disconnect, device number 10
[  205.473224][    C1] vkms_vblank_simulate: vblank timer overrun
[  206.171219][    C1] vkms_vblank_simulate: vblank timer overrun
[  206.307875][    C1] vkms_vblank_simulate: vblank timer overrun
[  207.495220][    C1] vkms_vblank_simulate: vblank timer overrun
[  207.581059][ T5878] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  207.656162][    C1] vkms_vblank_simulate: vblank timer overrun
[  207.957690][ T5878] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  207.957821][ T5878] usb 5-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  207.958200][ T5878] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  208.186686][    C1] vkms_vblank_simulate: vblank timer overrun
[  208.204608][ T5878] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  208.204634][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.204652][ T5878] usb 5-1: Product: syz
[  208.204665][ T5878] usb 5-1: Manufacturer: syz
[  208.204677][ T5878] usb 5-1: SerialNumber: syz
[  208.242890][ T5878] usb 5-1: config 0 descriptor??
[  208.258498][ T5878] usb-storage 5-1:0.0: USB Mass Storage device detected
[  208.388294][ T5878] usb-storage 5-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  208.415078][ T7110] netlink: 16 bytes leftover after parsing attributes in process `syz.0.347'.
[  208.663184][ T5878] usb 5-1: USB disconnect, device number 11
[  208.731456][    C1] vkms_vblank_simulate: vblank timer overrun
[  208.772802][ T7115] netlink: 44 bytes leftover after parsing attributes in process `syz.2.348'.
[  209.489840][ T7122] netlink: 'syz.3.349': attribute type 10 has an invalid length.
[  209.489859][ T7122] netlink: 40 bytes leftover after parsing attributes in process `syz.3.349'.
[  209.489898][ T7122] batadv0: entered promiscuous mode
[  209.489916][ T7122] batadv0: entered allmulticast mode
[  209.490732][ T7122] bridge0: port 3(batadv0) entered blocking state
[  209.490837][ T7122] bridge0: port 3(batadv0) entered disabled state
[  209.494117][ T7122] bridge0: port 3(batadv0) entered blocking state
[  209.494241][ T7122] bridge0: port 3(batadv0) entered forwarding state
[  209.502170][   T68] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  209.502187][   T68] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  210.436329][ T5916] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  210.732236][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732271][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732293][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732315][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732337][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732359][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732382][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732404][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732426][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.732449][  T991] hid-generic 00A0:0006:0003.0002: unknown main item tag 0x0
[  210.733328][ T7145] netlink: 16 bytes leftover after parsing attributes in process `syz.0.355'.
[  210.791975][  T991] hid-generic 00A0:0006:0003.0002: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  210.936453][ T5916] usb 3-1: Using ep0 maxpacket: 16
[  210.939075][ T5916] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  210.939104][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  210.941379][ T5916] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  210.941393][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.941402][ T5916] usb 3-1: Product: syz
[  210.941409][ T5916] usb 3-1: Manufacturer: syz
[  210.941416][ T5916] usb 3-1: SerialNumber: syz
[  210.944725][ T5916] usb 3-1: config 0 descriptor??
[  210.949881][ T5916] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  210.949910][ T5916] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  211.018206][   T10] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  211.171758][   T10] usb 5-1: config 0 has no interfaces?
[  211.171780][   T10] usb 5-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  211.171791][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.179229][   T10] usb 5-1: config 0 descriptor??
[  211.357995][ T7151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'.
[  211.358496][ T7151] netlink: 12 bytes leftover after parsing attributes in process `syz.0.357'.
[  211.477573][ T7151] netlink: 48 bytes leftover after parsing attributes in process `syz.0.357'.
[  211.674784][ T5916] em28xx 3-1:0.0: unknown em28xx chip ID (180)
[  211.881157][ T5916] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  211.881602][ T5916] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[  211.881617][ T5916] em28xx 3-1:0.0: No AC97 audio processor
[  211.887810][ T5916] usb 3-1: USB disconnect, device number 5
[  211.890342][ T5916] em28xx 3-1:0.0: Disconnecting em28xx
[  211.894343][ T5916] em28xx 3-1:0.0: Freeing device
[  213.232526][ T7169] netlink: 128 bytes leftover after parsing attributes in process `syz.3.363'.
[  213.232541][ T7169] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  213.526803][ T7171] netlink: 'syz.0.362': attribute type 4 has an invalid length.
[  213.713911][ T7176] Zero length message leads to an empty skb
[  213.866337][   T10] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  213.923429][ T7179] QAT: Device 6 not found
[  214.029731][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.029750][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.029770][   T10] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00
[  214.029781][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.032831][   T10] usb 4-1: config 0 descriptor??
[  214.518018][   T10] konepure 0003:1E7D:2DBE.0003: hidraw1: USB HID v0.00 Device [HID 1e7d:2dbe] on usb-dummy_hcd.3-1/input0
[  214.629990][ T7183] netlink: 16 bytes leftover after parsing attributes in process `syz.1.367'.
[  214.977278][   T31] usb 5-1: USB disconnect, device number 12
[  216.310000][   T31] usb 4-1: USB disconnect, device number 9
[  216.841645][ T7198] netlink: 'syz.3.371': attribute type 10 has an invalid length.
[  216.841691][ T7198] netlink: 40 bytes leftover after parsing attributes in process `syz.3.371'.
[  218.813481][ T7227] capability: warning: `syz.1.383' uses deprecated v2 capabilities in a way that may be insecure
[  220.006914][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.388'.
[  220.937814][ T5908] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  221.101835][ T5908] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  221.101853][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.101863][ T5908] usb 3-1: Product: syz
[  221.101883][ T5908] usb 3-1: Manufacturer: syz
[  221.101890][ T5908] usb 3-1: SerialNumber: syz
[  221.147351][ T5908] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  221.370491][ T5916] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  222.577219][ T5916] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  222.586999][ T5916] ath9k_htc: Failed to initialize the device
[  222.783460][ T5916] usb 3-1: ath9k_htc: USB layer deinitialized
[  222.901637][ T7270] fuse: Bad value for 'user_id'
[  222.901656][ T7270] fuse: Bad value for 'user_id'
[  222.918783][ T7270] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  223.376287][ T7270] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  223.382645][ T7276] syzkaller0: entered promiscuous mode
[  223.382670][ T7276] syzkaller0: entered allmulticast mode
[  223.505310][ T7269] tipc: Resetting bearer <eth:syzkaller0>
[  223.962881][ T5908] usb 3-1: USB disconnect, device number 6
[  224.097627][ T7269] tipc: Disabling bearer <eth:syzkaller0>
[  224.420143][ T7282] syz_tun: entered allmulticast mode
[  224.424876][ T7285] netlink: 4 bytes leftover after parsing attributes in process `syz.3.400'.
[  224.586330][ T5908] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  225.981543][ T7306] netlink: 24 bytes leftover after parsing attributes in process `syz.1.407'.
[  225.983062][ T7306] netlink: 'syz.1.407': attribute type 1 has an invalid length.
[  226.064875][ T5908] usb 5-1: unable to get BOS descriptor or descriptor too short
[  226.065934][ T5908] usb 5-1: unable to read config index 0 descriptor/start: -71
[  226.065967][ T5908] usb 5-1: can't read configurations, error -71
[  226.160046][ T7310] netlink: 40 bytes leftover after parsing attributes in process `syz.3.409'.
[  227.485476][ T7323] Illegal XDP return value 1965836944 on prog  (id 62) dev N/A, expect packet loss!
[  228.039295][ T7335] FAULT_INJECTION: forcing a failure.
[  228.039295][ T7335] name failslab, interval 1, probability 0, space 0, times 0
[  228.039327][ T7335] CPU: 0 UID: 0 PID: 7335 Comm: syz.3.412 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  228.039346][ T7335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  228.039357][ T7335] Call Trace:
[  228.039364][ T7335]  <TASK>
[  228.039372][ T7335]  dump_stack_lvl+0x189/0x250
[  228.039402][ T7335]  ? __pfx____ratelimit+0x10/0x10
[  228.039424][ T7335]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.039447][ T7335]  ? __pfx__printk+0x10/0x10
[  228.039473][ T7335]  ? __pfx___might_resched+0x10/0x10
[  228.039490][ T7335]  ? fs_reclaim_acquire+0x7d/0x100
[  228.039517][ T7335]  should_fail_ex+0x46c/0x600
[  228.039544][ T7335]  should_failslab+0xa8/0x100
[  228.039569][ T7335]  __kmalloc_noprof+0xcc/0x7d0
[  228.039590][ T7335]  ? tomoyo_encode+0x28b/0x550
[  228.039615][ T7335]  tomoyo_encode+0x28b/0x550
[  228.039640][ T7335]  tomoyo_realpath_from_path+0x58d/0x5d0
[  228.039674][ T7335]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  228.039707][ T7335]  tomoyo_path_number_perm+0x1e8/0x5a0
[  228.039734][ T7335]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  228.039762][ T7335]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  228.039784][ T7335]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.039835][ T7335]  ? __fget_files+0x2a/0x420
[  228.039862][ T7335]  ? __fget_files+0x3a6/0x420
[  228.039882][ T7335]  ? __fget_files+0x2a/0x420
[  228.039907][ T7335]  security_file_ioctl+0xcb/0x2d0
[  228.039927][ T7335]  __se_sys_ioctl+0x47/0x170
[  228.039948][ T7335]  do_syscall_64+0xfa/0xfa0
[  228.039968][ T7335]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.039988][ T7335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.040005][ T7335]  ? clear_bhb_loop+0x60/0xb0
[  228.040026][ T7335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.040042][ T7335] RIP: 0033:0x7f75e4c0efc9
[  228.040058][ T7335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.040072][ T7335] RSP: 002b:00007f75e2e6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  228.040092][ T7335] RAX: ffffffffffffffda RBX: 00007f75e4e65fa0 RCX: 00007f75e4c0efc9
[  228.040104][ T7335] RDX: 0000200000000180 RSI: 00000000c0844123 RDI: 0000000000000005
[  228.040116][ T7335] RBP: 00007f75e2e6e090 R08: 0000000000000000 R09: 0000000000000000
[  228.040127][ T7335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.040137][ T7335] R13: 00007f75e4e66038 R14: 00007f75e4e65fa0 R15: 00007ffe45a85d18
[  228.040169][ T7335]  </TASK>
[  228.040286][ T7335] ERROR: Out of memory at tomoyo_realpath_from_path.
[  232.622312][ T7389] fuse: Unknown parameter 'gUo:pÜ¡dfðTÊ{''
[  234.536910][ T5892] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  234.688541][ T5892] usb 4-1: config 166 has an invalid interface number: 59 but max is 0
[  234.688565][ T5892] usb 4-1: config 166 has no interface number 0
[  234.688596][ T5892] usb 4-1: config 166 interface 59 has no altsetting 0
[  234.716875][ T5892] usb 4-1: New USB device found, idVendor=08ca, idProduct=2028, bcdDevice=34.d2
[  234.716904][ T5892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.716921][ T5892] usb 4-1: Product: syz
[  234.716932][ T5892] usb 4-1: Manufacturer: syz
[  234.716944][ T5892] usb 4-1: SerialNumber: syz
[  234.997899][ T5892] gspca_main: sunplus-2.14.0 probing 08ca:2028
[  235.001669][ T7415] bond1 (unregistering): Released all slaves
[  235.003967][ T5892] gspca_sunplus: reg_r err -71
[  235.004062][ T5892] sunplus 4-1:166.59: probe with driver sunplus failed with error -71
[  235.043577][ T5892] usb 4-1: USB disconnect, device number 10
[  235.243070][ T7416] bond1 (unregistering): Released all slaves
[  236.996763][ T7450] capability: warning: `syz.4.453' uses 32-bit capabilities (legacy support in use)
[  236.997688][ T7450] netlink: 9136 bytes leftover after parsing attributes in process `syz.4.453'.
[  238.908643][ T5908] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  239.201422][ T5908] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  239.201500][ T5908] usb 1-1: config 0 has an invalid descriptor of length 46, skipping remainder of the config
[  239.201533][ T5908] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  239.203940][ T5908] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  239.203955][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.203965][ T5908] usb 1-1: Product: syz
[  239.203971][ T5908] usb 1-1: Manufacturer: syz
[  239.203978][ T5908] usb 1-1: SerialNumber: syz
[  239.237458][ T5908] usb 1-1: config 0 descriptor??
[  239.280205][ T5908] usb-storage 1-1:0.0: USB Mass Storage device detected
[  239.282738][ T5908] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  239.455694][ T5908] usb 1-1: USB disconnect, device number 8
[  240.874921][ T7486] netlink: 44 bytes leftover after parsing attributes in process `syz.1.463'.
[  242.576278][ T5908] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  242.744809][ T5908] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  242.744836][ T5908] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  242.744856][ T5908] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  242.750440][ T5908] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  242.750468][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.750484][ T5908] usb 3-1: Product: syz
[  242.750497][ T5908] usb 3-1: Manufacturer: syz
[  242.750509][ T5908] usb 3-1: SerialNumber: syz
[  243.064105][ T5908] hub 3-1:1.0: bad descriptor, ignoring hub
[  243.064141][ T5908] hub 3-1:1.0: probe with driver hub failed with error -5
[  243.232716][    C1] vkms_vblank_simulate: vblank timer overrun
[  243.931160][ T5908] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  243.971018][    C1] vkms_vblank_simulate: vblank timer overrun
[  244.104831][    C1] vkms_vblank_simulate: vblank timer overrun
[  244.698906][    C1] vkms_vblank_simulate: vblank timer overrun
[  244.946655][ T5871] usb 3-1: USB disconnect, device number 7
[  244.965266][ T5871] usblp0: removed
[  246.081035][ T7549] netlink: 'syz.2.480': attribute type 8 has an invalid length.
[  246.100855][ T7546] uprobe: syz.1.479:7546 failed to unregister, leaking uprobe
[  246.246294][ T5871] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  246.406403][ T5871] usb 4-1: Using ep0 maxpacket: 32
[  246.439286][ T5871] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  246.439312][ T5871] usb 4-1: config 0 has no interface number 0
[  246.442142][ T5871] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  246.442199][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.442217][ T5871] usb 4-1: Product: syz
[  246.442238][ T5871] usb 4-1: Manufacturer: syz
[  246.442250][ T5871] usb 4-1: SerialNumber: syz
[  246.446359][ T5871] usb 4-1: config 0 descriptor??
[  246.460488][ T5871] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  246.673530][ T5871] usb 4-1: qt2_attach - failed to power on unit: -71
[  246.673813][ T5871] quatech2 4-1:0.51: probe with driver quatech2 failed with error -71
[  246.679750][ T5871] usb 4-1: USB disconnect, device number 11
[  246.791592][ T7562] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  246.793317][ T7562] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  246.974052][ T7562] vhci_hcd vhci_hcd.0: Device attached
[  247.125824][    C1] vkms_vblank_simulate: vblank timer overrun
[  247.279644][    C1] vkms_vblank_simulate: vblank timer overrun
[  247.835772][    C1] vkms_vblank_simulate: vblank timer overrun
[  247.866267][    T9] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  247.875577][ T5908] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  247.957518][ T7557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  247.961321][ T7557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.054038][ T5908] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 48
[  248.054063][ T5908] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  248.054112][ T5908] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  248.056562][ T5908] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  248.056586][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.056604][ T5908] usb 2-1: Product: syz
[  248.056616][ T5908] usb 2-1: Manufacturer: syz
[  248.056626][ T5908] usb 2-1: SerialNumber: syz
[  248.186290][ T7563] vhci_hcd: connection reset by peer
[  248.201638][ T5908] usb 2-1: config 0 descriptor??
[  248.206687][ T3545] vhci_hcd: stop threads
[  248.208076][ T3545] vhci_hcd: release socket
[  248.208383][ T3545] vhci_hcd: disconnect device
[  248.210627][ T5908] usb-storage 2-1:0.0: USB Mass Storage device detected
[  248.219237][ T5908] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  248.410177][ T5892] usb 2-1: USB disconnect, device number 13
[  249.227379][ T7568] netlink: 'syz.0.485': attribute type 5 has an invalid length.
[  249.432495][ T7589] FAULT_INJECTION: forcing a failure.
[  249.432495][ T7589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.432516][ T7589] CPU: 1 UID: 0 PID: 7589 Comm: syz.1.491 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  249.432527][ T7589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  249.432533][ T7589] Call Trace:
[  249.432537][ T7589]  <TASK>
[  249.432542][ T7589]  dump_stack_lvl+0x189/0x250
[  249.432561][ T7589]  ? __pfx____ratelimit+0x10/0x10
[  249.432573][ T7589]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.432599][ T7589]  ? __pfx__printk+0x10/0x10
[  249.432617][ T7589]  ? __might_fault+0xb0/0x130
[  249.432649][ T7589]  should_fail_ex+0x46c/0x600
[  249.432675][ T7589]  _copy_from_user+0x2d/0xb0
[  249.432692][ T7589]  ___sys_sendmsg+0x158/0x2a0
[  249.432714][ T7589]  ? __pfx____sys_sendmsg+0x10/0x10
[  249.432767][ T7589]  ? __fget_files+0x2a/0x420
[  249.432788][ T7589]  ? __fget_files+0x3a6/0x420
[  249.432817][ T7589]  __x64_sys_sendmsg+0x1a1/0x260
[  249.432837][ T7589]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  249.432865][ T7589]  ? __pfx_ksys_write+0x10/0x10
[  249.432890][ T7589]  ? do_syscall_64+0xbe/0xfa0
[  249.432915][ T7589]  do_syscall_64+0xfa/0xfa0
[  249.432934][ T7589]  ? lockdep_hardirqs_on+0x9c/0x150
[  249.432954][ T7589]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.432972][ T7589]  ? clear_bhb_loop+0x60/0xb0
[  249.432993][ T7589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.433009][ T7589] RIP: 0033:0x7f3300cdefc9
[  249.433024][ T7589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.433038][ T7589] RSP: 002b:00007f32fef46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  249.433057][ T7589] RAX: ffffffffffffffda RBX: 00007f3300f35fa0 RCX: 00007f3300cdefc9
[  249.433070][ T7589] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  249.433081][ T7589] RBP: 00007f32fef46090 R08: 0000000000000000 R09: 0000000000000000
[  249.433091][ T7589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.433102][ T7589] R13: 00007f3300f36038 R14: 00007f3300f35fa0 R15: 00007ffca4d89b88
[  249.433130][ T7589]  </TASK>
[  249.877123][ T7593] uprobe: syz.1.493:7593 failed to unregister, leaking uprobe
[  249.900585][ T7598] syz_tun: entered allmulticast mode
[  249.903433][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.494'.
[  250.041745][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.249628][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.895075][    C1] vkms_vblank_simulate: vblank timer overrun
[  253.386370][    T9] vhci_hcd: vhci_device speed not set
[  254.953980][ T7632] netlink: 8 bytes leftover after parsing attributes in process `syz.3.503'.
[  254.954268][ T7632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.503'.
[  254.975679][ T7632] netlink: 48 bytes leftover after parsing attributes in process `syz.3.503'.
[  256.190115][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  256.190190][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  258.661200][ T7679] netlink: 88 bytes leftover after parsing attributes in process `syz.0.519'.
[  258.665489][ T7679] netlink: 48 bytes leftover after parsing attributes in process `syz.0.519'.
[  258.696982][ T7679] netlink: 88 bytes leftover after parsing attributes in process `syz.0.519'.
[  258.697028][ T7679] netlink: 48 bytes leftover after parsing attributes in process `syz.0.519'.
[  259.114694][ T7690] netlink: 'syz.3.522': attribute type 10 has an invalid length.
[  259.114762][ T7690] netlink: 40 bytes leftover after parsing attributes in process `syz.3.522'.
[  260.347800][ T5893] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  260.374971][ T7700] netlink: 48 bytes leftover after parsing attributes in process `syz.3.526'.
[  260.549335][ T5893] usb 3-1: Using ep0 maxpacket: 16
[  260.552970][ T5893] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  260.553002][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  260.553013][ T5893] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  260.553024][ T5893] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  260.555399][ T5893] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  260.555423][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.555440][ T5893] usb 3-1: Product: syz
[  260.555449][ T5893] usb 3-1: Manufacturer: syz
[  260.555456][ T5893] usb 3-1: SerialNumber: syz
[  260.637319][ T5893] usb 3-1: config 0 descriptor??
[  260.639451][ T5893] mcba_usb 3-1:0.0: Can't find endpoints
[  263.109147][ T5878] usb 3-1: USB disconnect, device number 8
[  265.351883][ T7744] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.769264][ T7760] Bluetooth: MGMT ver 1.23
[  269.563711][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.690543][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.912823][ T7791] input: syz1 as /devices/virtual/input/input9
[  270.596509][    C0] vkms_vblank_simulate: vblank timer overrun
[  270.816669][    C0] vkms_vblank_simulate: vblank timer overrun
[  270.922845][    C0] vkms_vblank_simulate: vblank timer overrun
[  270.952429][    C0] vkms_vblank_simulate: vblank timer overrun
[  271.715107][    C0] vkms_vblank_simulate: vblank timer overrun
[  273.483768][    C1] vkms_vblank_simulate: vblank timer overrun
[  273.842903][    C1] vkms_vblank_simulate: vblank timer overrun
[  273.866367][ T5901] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  274.016248][ T5901] usb 3-1: Using ep0 maxpacket: 32
[  274.018618][ T5901] usb 3-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  274.018650][ T5901] usb 3-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  274.018663][ T5901] usb 3-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  274.018675][ T5901] usb 3-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  274.021210][ T5901] usb 3-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  274.021226][ T5901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.021235][ T5901] usb 3-1: Product: syz
[  274.021242][ T5901] usb 3-1: Manufacturer: syz
[  274.021249][ T5901] usb 3-1: SerialNumber: syz
[  274.119118][    C0] imon 3-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  274.143775][ T5901] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/input/input10
[  274.246422][ T5901] imon 3-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  274.246442][ T5901]  (id 0x00)
[  274.336392][ T5901] rc_core: IR keymap rc-imon-pad not found
[  274.336412][ T5901] Registered IR keymap rc-empty
[  274.336630][ T5901] imon 3-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  274.336646][ T5901] imon 3-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  274.478884][ T5901] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/rc/rc0
[  274.503707][ T5901] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:155.0/rc/rc0/input11
[  274.535853][ T5901] imon 3-1:155.0: iMON device (15c2:ffdc, intf0) on usb<3:9> initialized
[  274.663275][ T5901] usb 3-1: USB disconnect, device number 9
[  274.766314][ T5893] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  274.931533][ T5893] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  274.931558][ T5893] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.931575][ T5893] usb 1-1: Product: syz
[  274.931585][ T5893] usb 1-1: Manufacturer: syz
[  274.931595][ T5893] usb 1-1: SerialNumber: syz
[  275.033676][ T5893] usb 1-1: config 0 descriptor??
[  275.263572][ T5893] usb 1-1: ignoring: probably an ADSL modem
[  275.678697][ T5893] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19!
[  275.743811][ T5893] usb 1-1: USB disconnect, device number 9
[  276.447385][    C1] vkms_vblank_simulate: vblank timer overrun
[  276.459432][ T7856] overlayfs: failed to resolve './file1/file0': -2
[  276.488190][ T7856] netlink: 44 bytes leftover after parsing attributes in process `syz.1.574'.
[  276.816361][   T31] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  277.075086][    C1] vkms_vblank_simulate: vblank timer overrun
[  277.079371][   T31] usb 2-1: Using ep0 maxpacket: 16
[  277.138603][   T31] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  277.138680][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  277.246636][   T31] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  277.246712][   T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.246754][   T31] usb 2-1: Product: syz
[  277.246791][   T31] usb 2-1: Manufacturer: syz
[  277.246904][   T31] usb 2-1: SerialNumber: syz
[  277.867566][    C1] vkms_vblank_simulate: vblank timer overrun
[  277.915465][   T31] usb 2-1: config 0 descriptor??
[  277.932085][   T31] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  277.932116][   T31] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  278.574365][    C1] vkms_vblank_simulate: vblank timer overrun
[  279.660443][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.063735][   T31] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  280.079049][   T31] em28xx 2-1:0.0: Config register raw data: 0xb4
[  280.079070][   T31] em28xx 2-1:0.0: I2S Audio (3 sample rate(s))
[  280.079083][   T31] em28xx 2-1:0.0: No AC97 audio processor
[  280.462408][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.676576][   T31] usb 2-1: USB disconnect, device number 14
[  281.380321][    C1] vkms_vblank_simulate: vblank timer overrun
[  281.575671][    C1] vkms_vblank_simulate: vblank timer overrun
[  281.977283][    C1] vkms_vblank_simulate: vblank timer overrun
[  282.818274][    T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  283.543987][    T9] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  283.544016][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.544034][    T9] usb 4-1: Product: syz
[  283.544046][    T9] usb 4-1: Manufacturer: syz
[  283.544109][    T9] usb 4-1: SerialNumber: syz
[  283.561612][    T9] usb 4-1: config 0 descriptor??
[  283.741329][ T7907] Bluetooth: MGMT ver 1.23
[  283.741380][ T7907] Bluetooth: hci0: invalid length 0, exp 2 for type 17
[  283.775788][    T9] usb 4-1: ignoring: probably an ADSL modem
[  284.374690][    C0] vkms_vblank_simulate: vblank timer overrun
[  284.393804][    T9] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[  284.408982][    T9] usb 4-1: USB disconnect, device number 12
[  284.528203][ T5908] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  284.714512][    C0] vkms_vblank_simulate: vblank timer overrun
[  284.723662][ T5908] usb 3-1: Using ep0 maxpacket: 32
[  284.781229][    C0] vkms_vblank_simulate: vblank timer overrun
[  284.781340][ T5908] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  284.781362][ T5908] usb 3-1: config 0 has no interface number 0
[  284.808296][ T5908] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  284.808322][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.808340][ T5908] usb 3-1: Product: syz
[  284.808352][ T5908] usb 3-1: Manufacturer: syz
[  284.808364][ T5908] usb 3-1: SerialNumber: syz
[  284.815088][ T5908] usb 3-1: config 0 descriptor??
[  284.856717][ T5908] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  285.029443][ T5908] usb 3-1: qt2_attach - failed to power on unit: -71
[  285.029704][ T5908] quatech2 3-1:0.51: probe with driver quatech2 failed with error -71
[  285.049109][ T5908] usb 3-1: USB disconnect, device number 10
[  285.738106][    C0] vkms_vblank_simulate: vblank timer overrun
[  285.784640][ T7940] QAT: failed to copy from user cfg_data.
[  286.139924][    C0] vkms_vblank_simulate: vblank timer overrun
[  286.293705][    C0] vkms_vblank_simulate: vblank timer overrun
[  286.830392][    C0] vkms_vblank_simulate: vblank timer overrun
[  287.965909][ T7963] netlink: 'syz.2.603': attribute type 10 has an invalid length.
[  287.965931][ T7963] netlink: 40 bytes leftover after parsing attributes in process `syz.2.603'.
[  288.218080][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.546388][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.759804][    C0] vkms_vblank_simulate: vblank timer overrun
[  293.171955][ T8015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.622'.
[  293.293884][ T8020] netlink: 'syz.0.619': attribute type 10 has an invalid length.
[  293.293928][ T8020] netlink: 40 bytes leftover after parsing attributes in process `syz.0.619'.
[  293.745704][ T8021] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.769537][ T8021] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  294.006261][    T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  294.163921][    T9] usb 4-1: Using ep0 maxpacket: 8
[  294.171483][    T9] usb 4-1: config 0 has an invalid interface number: 86 but max is 0
[  294.171508][    T9] usb 4-1: config 0 has no interface number 0
[  294.190665][    T9] usb 4-1: New USB device found, idVendor=5032, idProduct=0bb9, bcdDevice=ff.80
[  294.190691][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.190710][    T9] usb 4-1: Product: syz
[  294.190722][    T9] usb 4-1: Manufacturer: syz
[  294.190735][    T9] usb 4-1: SerialNumber: syz
[  294.236960][    T9] usb 4-1: config 0 descriptor??
[  294.259912][    T9] dvb-usb: found a 'Grandtec USB1.1 DVB-T' in warm state.
[  294.260306][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  294.284050][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  294.297376][    T9] dvbdev: DVB: registering new adapter (Grandtec USB1.1 DVB-T)
[  294.297466][    T9] usb 4-1: media controller created
[  294.345576][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  294.391755][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  294.391878][    T9] dvb-usb: no frontend was attached by 'Grandtec USB1.1 DVB-T'
[  294.395847][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input12
[  294.400271][ T8030] overlayfs: missing 'workdir'
[  294.427804][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  294.428955][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  294.432129][ T8035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.627'.
[  294.461241][    T9] dvb-usb: Grandtec USB1.1 DVB-T successfully initialized and connected.
[  294.465193][    T9] usb 4-1: USB disconnect, device number 13
[  294.531824][ T8035] [†’Ì: entered promiscuous mode
[  294.619706][    T9] dvb-usb: Grandtec USB1.1 DVB-T successfully deinitialized and disconnected.
[  298.187333][    C0] vkms_vblank_simulate: vblank timer overrun
[  298.355150][    C0] vkms_vblank_simulate: vblank timer overrun
[  298.670886][    C0] vkms_vblank_simulate: vblank timer overrun
[  299.192822][    C0] vkms_vblank_simulate: vblank timer overrun
[  299.369469][    C0] vkms_vblank_simulate: vblank timer overrun
[  299.825615][    C0] vkms_vblank_simulate: vblank timer overrun
[  299.864442][    C0] vkms_vblank_simulate: vblank timer overrun
[  300.004635][    T9] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  300.448016][    C0] vkms_vblank_simulate: vblank timer overrun
[  300.690377][    T9] usb 4-1: Using ep0 maxpacket: 16
[  300.711151][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.711181][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.711201][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  300.711240][    T9] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  300.711260][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.790094][    T9] usb 4-1: config 0 descriptor??
[  301.112089][ T8091] uprobe: syz.1.642:8091 failed to unregister, leaking uprobe
[  301.242425][    T9] microsoft 0003:045E:07DA.0004: unbalanced collection at end of report description
[  301.243391][    T9] microsoft 0003:045E:07DA.0004: parse failed
[  301.243491][    T9] microsoft 0003:045E:07DA.0004: probe with driver microsoft failed with error -22
[  301.453273][ T8096] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  301.488288][ T8096] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  301.498030][   T37] audit: type=1326 audit(1761484901.198:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.498083][   T37] audit: type=1326 audit(1761484901.198:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.498117][   T37] audit: type=1326 audit(1761484901.198:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcfc7b6f003 code=0x7ffc0000
[  301.498153][   T37] audit: type=1326 audit(1761484901.198:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcfc7b6f003 code=0x7ffc0000
[  301.498185][   T37] audit: type=1326 audit(1761484901.198:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.498219][   T37] audit: type=1326 audit(1761484901.208:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.498253][   T37] audit: type=1326 audit(1761484901.208:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.498289][   T37] audit: type=1326 audit(1761484901.208:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.498323][   T37] audit: type=1326 audit(1761484901.208:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.498356][   T37] audit: type=1326 audit(1761484901.208:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8093 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc7b6efc9 code=0x7ffc0000
[  301.521207][   T31] usb 4-1: USB disconnect, device number 14
[  302.907372][    C0] vkms_vblank_simulate: vblank timer overrun
[  303.757605][ T8115] netlink: 44 bytes leftover after parsing attributes in process `syz.2.650'.
[  303.758752][ T8115] binder: Unknown parameter 'stRts'
[  304.830005][    C0] vkms_vblank_simulate: vblank timer overrun
[  305.531752][    C0] vkms_vblank_simulate: vblank timer overrun
[  306.045840][    C0] vkms_vblank_simulate: vblank timer overrun
[  306.207310][    C0] vkms_vblank_simulate: vblank timer overrun
[  306.806165][    C0] vkms_vblank_simulate: vblank timer overrun
[  308.710569][    C0] vkms_vblank_simulate: vblank timer overrun
[  309.366334][    C0] vkms_vblank_simulate: vblank timer overrun
[  309.696002][ T8182] 9pnet_fd: Insufficient options for proto=fd
[  311.616044][ T8216] netlink: 88 bytes leftover after parsing attributes in process `syz.1.681'.
[  311.616069][ T8216] netlink: 48 bytes leftover after parsing attributes in process `syz.1.681'.
[  311.667295][ T8215] netlink: 88 bytes leftover after parsing attributes in process `syz.1.681'.
[  311.667333][ T8215] netlink: 48 bytes leftover after parsing attributes in process `syz.1.681'.
[  313.964299][ T8233] netlink: 'syz.3.686': attribute type 10 has an invalid length.
[  313.964353][ T8233] netlink: 40 bytes leftover after parsing attributes in process `syz.3.686'.
[  315.386367][ T5871] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  315.562077][ T5871] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  315.562104][ T5871] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.562122][ T5871] usb 5-1: Product: syz
[  315.562134][ T5871] usb 5-1: Manufacturer: syz
[  315.562146][ T5871] usb 5-1: SerialNumber: syz
[  315.600158][ T5871] usb 5-1: config 0 descriptor??
[  317.203833][ T5871] usb 5-1: Firmware version (0.0) predates our first public release.
[  317.203856][ T5871] usb 5-1: Please update to version 0.2 or newer
[  317.247019][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  317.247097][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  317.449583][ T5871] usb 5-1: USB disconnect, device number 15
[  318.426439][ T5916] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  318.596413][ T5916] usb 5-1: Using ep0 maxpacket: 8
[  318.599172][ T5916] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  318.599232][ T5916] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  318.599253][ T5916] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  318.599276][ T5916] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  318.599298][ T5916] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  318.599338][ T5916] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  318.599359][ T5916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.824247][ T5916] usb 5-1: usb_control_msg returned -32
[  318.824292][ T5916] usbtmc 5-1:16.0: can't read capabilities
[  323.050287][ T5916] usb 5-1: USB disconnect, device number 16
[  324.926298][ T5916] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  325.033306][ T8367] netlink: 88 bytes leftover after parsing attributes in process `syz.4.728'.
[  325.033344][ T8367] netlink: 48 bytes leftover after parsing attributes in process `syz.4.728'.
[  325.076253][ T5916] usb 2-1: Using ep0 maxpacket: 32
[  325.080410][ T5916] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  325.080425][ T5916] usb 2-1: config 0 has no interface number 0
[  325.082852][ T5916] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  325.082868][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.082878][ T5916] usb 2-1: Product: syz
[  325.082885][ T5916] usb 2-1: Manufacturer: syz
[  325.082892][ T5916] usb 2-1: SerialNumber: syz
[  325.085977][ T5916] usb 2-1: config 0 descriptor??
[  325.090464][ T5916] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  325.106252][ T5878] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  325.256246][ T5878] usb 3-1: Using ep0 maxpacket: 16
[  325.261953][ T5878] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  325.262003][ T5878] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  325.295358][ T5878] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  325.295394][ T5878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.295411][ T5878] usb 3-1: Product: syz
[  325.295424][ T5878] usb 3-1: Manufacturer: syz
[  325.295437][ T5878] usb 3-1: SerialNumber: syz
[  325.350049][ T5916] usb 2-1: qt2_attach - failed to power on unit: -71
[  325.350339][ T5916] quatech2 2-1:0.51: probe with driver quatech2 failed with error -71
[  325.404693][ T5916] usb 2-1: USB disconnect, device number 15
[  328.572007][ T8403] netlink: 16 bytes leftover after parsing attributes in process `syz.3.741'.
[  329.632794][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  329.828804][    T9] usb 1-1: Using ep0 maxpacket: 32
[  329.831402][    T9] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  329.831426][    T9] usb 1-1: config 0 has no interface number 0
[  329.836013][    T9] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  329.836037][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.836056][    T9] usb 1-1: Product: syz
[  329.836069][    T9] usb 1-1: Manufacturer: syz
[  329.836081][    T9] usb 1-1: SerialNumber: syz
[  329.913294][    T9] usb 1-1: config 0 descriptor??
[  329.994192][    T9] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  331.170795][    T9] usb 1-1: qt2_attach - failed to power on unit: -71
[  331.171069][    T9] quatech2 1-1:0.51: probe with driver quatech2 failed with error -71
[  331.216777][ T5878] usb 3-1: 0:2 : does not exist
[  331.232259][    T9] usb 1-1: USB disconnect, device number 10
[  331.253608][ T5878] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  331.586253][ T5878] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  331.614761][    T9] usb 3-1: USB disconnect, device number 11
[  331.798414][ T5878] usb 2-1: New USB device found, idVendor=a257, idProduct=2013, bcdDevice=d0.db
[  331.798441][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.798458][ T5878] usb 2-1: Product: syz
[  331.798468][ T5878] usb 2-1: Manufacturer: syz
[  331.798480][ T5878] usb 2-1: SerialNumber: syz
[  331.851347][ T5878] usb 2-1: config 0 descriptor??
[  332.328717][ T5916] usb 2-1: USB disconnect, device number 16
[  332.500087][ T8443] FAULT_INJECTION: forcing a failure.
[  332.500087][ T8443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.500109][ T8443] CPU: 0 UID: 0 PID: 8443 Comm: syz.3.755 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  332.500120][ T8443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  332.500133][ T8443] Call Trace:
[  332.500138][ T8443]  <TASK>
[  332.500142][ T8443]  dump_stack_lvl+0x189/0x250
[  332.500161][ T8443]  ? __pfx____ratelimit+0x10/0x10
[  332.500173][ T8443]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.500186][ T8443]  ? __pfx__printk+0x10/0x10
[  332.500198][ T8443]  ? __might_fault+0xb0/0x130
[  332.500217][ T8443]  should_fail_ex+0x46c/0x600
[  332.500233][ T8443]  _copy_from_user+0x2d/0xb0
[  332.500244][ T8443]  do_tcp_setsockopt+0x47d/0x1f20
[  332.500258][ T8443]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  332.500274][ T8443]  ? __fget_files+0x2a/0x420
[  332.500288][ T8443]  ? sock_common_setsockopt+0x36/0xc0
[  332.500301][ T8443]  ? tcp_setsockopt+0x3d/0xe0
[  332.500310][ T8443]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  332.500324][ T8443]  do_sock_setsockopt+0x17c/0x1b0
[  332.500337][ T8443]  __x64_sys_setsockopt+0x145/0x1b0
[  332.500350][ T8443]  do_syscall_64+0xfa/0xfa0
[  332.500361][ T8443]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.500373][ T8443]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.500382][ T8443]  ? clear_bhb_loop+0x60/0xb0
[  332.500394][ T8443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.500403][ T8443] RIP: 0033:0x7f75e4c0efc9
[  332.500412][ T8443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.500420][ T8443] RSP: 002b:00007f75e2e6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  332.500432][ T8443] RAX: ffffffffffffffda RBX: 00007f75e4e65fa0 RCX: 00007f75e4c0efc9
[  332.500439][ T8443] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000003
[  332.500445][ T8443] RBP: 00007f75e2e6e090 R08: 0000000000000004 R09: 0000000000000000
[  332.500451][ T8443] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  332.500457][ T8443] R13: 00007f75e4e66038 R14: 00007f75e4e65fa0 R15: 00007ffe45a85d18
[  332.500474][ T8443]  </TASK>
[  333.984113][ T8455] misc userio: Invalid payload size
[  335.971850][    C1] vkms_vblank_simulate: vblank timer overrun
[  336.206405][    C1] vkms_vblank_simulate: vblank timer overrun
[  336.377868][    C1] vkms_vblank_simulate: vblank timer overrun
[  336.927333][    C1] vkms_vblank_simulate: vblank timer overrun
[  338.102689][ T8501] uprobe: syz.0.770:8501 failed to unregister, leaking uprobe
[  339.177962][    C1] vkms_vblank_simulate: vblank timer overrun
[  339.343039][    C1] vkms_vblank_simulate: vblank timer overrun
[  339.427526][    C1] vkms_vblank_simulate: vblank timer overrun
[  339.894217][    C1] vkms_vblank_simulate: vblank timer overrun
[  340.396367][ T5916] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  340.556212][ T5916] usb 1-1: Using ep0 maxpacket: 16
[  340.558855][ T5916] usb 1-1: config 0 has too many interfaces: 243, using maximum allowed: 32
[  340.558879][ T5916] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 243
[  340.562143][ T5916] usb 1-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[  340.562167][ T5916] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.562185][ T5916] usb 1-1: Product: syz
[  340.562197][ T5916] usb 1-1: Manufacturer: syz
[  340.562209][ T5916] usb 1-1: SerialNumber: syz
[  340.629903][ T5916] usb 1-1: config 0 descriptor??
[  340.844991][ T8544] FAULT_INJECTION: forcing a failure.
[  340.844991][ T8544] name fail_futex, interval 1, probability 0, space 0, times 1
[  340.845025][ T8544] CPU: 1 UID: 0 PID: 8544 Comm: syz.2.777 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  340.845043][ T8544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  340.845052][ T8544] Call Trace:
[  340.845059][ T8544]  <TASK>
[  340.845066][ T8544]  dump_stack_lvl+0x189/0x250
[  340.845094][ T8544]  ? __pfx____ratelimit+0x10/0x10
[  340.845113][ T8544]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.845135][ T8544]  ? __pfx__printk+0x10/0x10
[  340.845160][ T8544]  ? __lock_acquire+0xab9/0xd20
[  340.845184][ T8544]  should_fail_ex+0x46c/0x600
[  340.845209][ T8544]  get_futex_key+0x1a8/0x1660
[  340.845237][ T8544]  ? __pfx_get_futex_key+0x10/0x10
[  340.845250][ T8544]  ? perf_lock_task_context+0x744/0x890
[  340.845271][ T8544]  ? lockdep_hardirqs_on+0x9c/0x150
[  340.845299][ T8544]  futex_wake+0xf8/0x560
[  340.845320][ T8544]  ? __lock_acquire+0xab9/0xd20
[  340.845344][ T8544]  ? __pfx_futex_wake+0x10/0x10
[  340.845366][ T8544]  ? __lock_acquire+0xab9/0xd20
[  340.845396][ T8544]  do_futex+0x395/0x420
[  340.845420][ T8544]  ? __pfx_do_futex+0x10/0x10
[  340.845442][ T8544]  ? __might_fault+0xb0/0x130
[  340.845467][ T8544]  mm_release+0x188/0x390
[  340.845488][ T8544]  ? __pfx_mm_release+0x10/0x10
[  340.845509][ T8544]  ? exit_mm_release+0x1a/0x30
[  340.845536][ T8544]  exit_mm+0xa8/0x2c0
[  340.845557][ T8544]  ? rt_spin_unlock+0x161/0x200
[  340.845572][ T8544]  ? __pfx_exit_mm+0x10/0x10
[  340.845596][ T8544]  ? rcu_is_watching+0x15/0xb0
[  340.845617][ T8544]  do_exit+0x648/0x2300
[  340.845646][ T8544]  ? do_raw_spin_unlock+0x122/0x240
[  340.845668][ T8544]  ? __pfx_do_exit+0x10/0x10
[  340.845687][ T8544]  ? rt_mutex_slowunlock+0x614/0x8a0
[  340.845701][ T8544]  ? rt_spin_lock+0x1c1/0x3e0
[  340.845730][ T8544]  do_group_exit+0x21c/0x2d0
[  340.845746][ T8544]  ? rt_spin_unlock+0x161/0x200
[  340.845766][ T8544]  get_signal+0x125d/0x1310
[  340.845818][ T8544]  arch_do_signal_or_restart+0xa0/0x790
[  340.845836][ T8544]  ? do_tee+0xbf4/0xe20
[  340.845857][ T8544]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  340.845894][ T8544]  ? exit_to_user_mode_loop+0x40/0x130
[  340.845918][ T8544]  exit_to_user_mode_loop+0x72/0x130
[  340.845939][ T8544]  do_syscall_64+0x2bd/0xfa0
[  340.845958][ T8544]  ? lockdep_hardirqs_on+0x9c/0x150
[  340.845976][ T8544]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.845994][ T8544]  ? clear_bhb_loop+0x60/0xb0
[  340.846015][ T8544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.846030][ T8544] RIP: 0033:0x7fdd33c4efc9
[  340.846046][ T8544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.846060][ T8544] RSP: 002b:00007fdd31e95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000114
[  340.846079][ T8544] RAX: 0000000000000001 RBX: 00007fdd33ea6090 RCX: 00007fdd33c4efc9
[  340.846091][ T8544] RDX: 00000000000008f5 RSI: 0000000000000008 RDI: 0000000000000003
[  340.846100][ T8544] RBP: 00007fdd31e95090 R08: 0000000000000000 R09: 0000000000000000
[  340.846110][ T8544] R10: 0100000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.846121][ T8544] R13: 00007fdd33ea6128 R14: 00007fdd33ea6090 R15: 00007fffaccab178
[  340.846151][ T8544]  </TASK>
[  340.860037][ T5901] usb 1-1: USB disconnect, device number 11
[  341.206723][ T5808] syz_tun (unregistering): left allmulticast mode
[  341.566374][ T5916] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  341.733109][ T5916] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  341.733142][ T5916] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  341.733162][ T5916] usb 4-1: config 0 interface 0 has no altsetting 0
[  341.733193][ T5916] usb 4-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  341.733214][ T5916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.749579][ T5916] usb 4-1: config 0 descriptor??
[  342.275071][ T5916] hid_parser_main: 11 callbacks suppressed
[  342.275096][ T5916] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[  342.275124][ T5916] hid-steam 0003:28DE:1102.0005: unknown main item tag 0x0
[  342.418171][ T5916] hid-steam 0003:28DE:1102.0005: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  342.476754][ T5916] hid-steam 0003:28DE:1102.0005: Steam Controller 'XXXXXXXXXX' connected
[  342.525508][ T5916] input: Steam Controller as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1102.0005/input/input13
[  342.622802][ T5916] hid-steam 0003:28DE:1102.0006: unknown main item tag 0x0
[  342.622836][ T5916] hid-steam 0003:28DE:1102.0006: unknown main item tag 0x0
[  342.717695][ T5916] hid-steam 0003:28DE:1102.0006: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  342.749279][ T5916] ==================================================================
[  342.749295][ T5916] BUG: KASAN: vmalloc-out-of-bounds in __list_add_valid_or_report+0x4e/0x130
[  342.749323][ T5916] Read of size 8 at addr ffffc900115b7008 by task kworker/0:6/5916
[  342.749338][ T5916] 
[  342.749349][ T5916] CPU: 0 UID: 0 PID: 5916 Comm: kworker/0:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  342.749367][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  342.749379][ T5916] Workqueue: usb_hub_wq hub_event
[  342.749399][ T5916] Call Trace:
[  342.749405][ T5916]  <TASK>
[  342.749414][ T5916]  dump_stack_lvl+0x189/0x250
[  342.749439][ T5916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.749461][ T5916]  ? __pfx__printk+0x10/0x10
[  342.749481][ T5916]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  342.749504][ T5916]  ? __virt_addr_valid+0xdc/0x5c0
[  342.749526][ T5916]  ? __virt_addr_valid+0xdc/0x5c0
[  342.749549][ T5916]  print_report+0xca/0x240
[  342.749570][ T5916]  ? __list_add_valid_or_report+0x4e/0x130
[  342.749589][ T5916]  kasan_report+0x118/0x150
[  342.749612][ T5916]  ? __list_add_valid_or_report+0x4e/0x130
[  342.749635][ T5916]  __list_add_valid_or_report+0x4e/0x130
[  342.749656][ T5916]  kcov_remote_stop+0x52d/0x660
[  342.749681][ T5916]  hub_event+0x45d2/0x4a20
[  342.749729][ T5916]  ? __pfx_hub_event+0x10/0x10
[  342.749746][ T5916]  ? process_scheduled_works+0x9ef/0x17b0
[  342.749769][ T5916]  ? _raw_spin_unlock_irq+0x23/0x50
[  342.749789][ T5916]  ? process_scheduled_works+0x9ef/0x17b0
[  342.749807][ T5916]  ? process_scheduled_works+0x9ef/0x17b0
[  342.749828][ T5916]  process_scheduled_works+0xae1/0x17b0
[  342.749860][ T5916]  ? __pfx_process_scheduled_works+0x10/0x10
[  342.749887][ T5916]  worker_thread+0x8a0/0xda0
[  342.749908][ T5916]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  342.749932][ T5916]  ? __kthread_parkme+0x7b/0x200
[  342.749956][ T5916]  kthread+0x711/0x8a0
[  342.749979][ T5916]  ? __pfx_worker_thread+0x10/0x10
[  342.749997][ T5916]  ? __pfx_kthread+0x10/0x10
[  342.750018][ T5916]  ? rt_spin_unlock+0x150/0x200
[  342.750036][ T5916]  ? rt_spin_unlock+0x161/0x200
[  342.750052][ T5916]  ? __pfx_kthread+0x10/0x10
[  342.750074][ T5916]  ret_from_fork+0x4bc/0x870
[  342.750094][ T5916]  ? __pfx_ret_from_fork+0x10/0x10
[  342.750116][ T5916]  ? __switch_to_asm+0x39/0x70
[  342.750132][ T5916]  ? __switch_to_asm+0x33/0x70
[  342.750147][ T5916]  ? __pfx_kthread+0x10/0x10
[  342.750169][ T5916]  ret_from_fork_asm+0x1a/0x30
[  342.750194][ T5916]  </TASK>
[  342.750200][ T5916] 
[  342.750205][ T5916] The buggy address belongs to a vmalloc virtual mapping
[  342.750222][ T5916] Memory state around the buggy address:
[  342.750232][ T5916]  ffffc900115b6f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  342.750243][ T5916]  ffffc900115b6f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  342.750254][ T5916] >ffffc900115b7000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  342.750266][ T5916]                       ^
[  342.750275][ T5916]  ffffc900115b7080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  342.750287][ T5916]  ffffc900115b7100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  342.750295][ T5916] ==================================================================
[  342.750314][ T5916] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  342.750326][ T5916] CPU: 0 UID: 0 PID: 5916 Comm: kworker/0:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  342.750346][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  342.750356][ T5916] Workqueue: usb_hub_wq hub_event
[  342.750372][ T5916] Call Trace:
[  342.750378][ T5916]  <TASK>
[  342.750385][ T5916]  dump_stack_lvl+0x99/0x250
[  342.750408][ T5916]  ? __asan_memcpy+0x40/0x70
[  342.750426][ T5916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.750448][ T5916]  ? __pfx__printk+0x10/0x10
[  342.750472][ T5916]  vpanic+0x237/0x6d0
[  342.750488][ T5916]  ? __pfx_vpanic+0x10/0x10
[  342.750507][ T5916]  panic+0xb9/0xc0
[  342.750521][ T5916]  ? __pfx_panic+0x10/0x10
[  342.750537][ T5916]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  342.750558][ T5916]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.750584][ T5916]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  342.750607][ T5916]  ? __list_add_valid_or_report+0x4e/0x130
[  342.750626][ T5916]  check_panic_on_warn+0x89/0xb0
[  342.750642][ T5916]  ? __list_add_valid_or_report+0x4e/0x130
[  342.750662][ T5916]  end_report+0x78/0x160
[  342.750682][ T5916]  kasan_report+0x129/0x150
[  342.750711][ T5916]  ? __list_add_valid_or_report+0x4e/0x130
[  342.750734][ T5916]  __list_add_valid_or_report+0x4e/0x130
[  342.750755][ T5916]  kcov_remote_stop+0x52d/0x660
[  342.750779][ T5916]  hub_event+0x45d2/0x4a20
[  342.750819][ T5916]  ? __pfx_hub_event+0x10/0x10
[  342.750836][ T5916]  ? process_scheduled_works+0x9ef/0x17b0
[  342.750859][ T5916]  ? _raw_spin_unlock_irq+0x23/0x50
[  342.750878][ T5916]  ? process_scheduled_works+0x9ef/0x17b0
[  342.750897][ T5916]  ? process_scheduled_works+0x9ef/0x17b0
[  342.750918][ T5916]  process_scheduled_works+0xae1/0x17b0
[  342.750948][ T5916]  ? __pfx_process_scheduled_works+0x10/0x10
[  342.750976][ T5916]  worker_thread+0x8a0/0xda0
[  342.750996][ T5916]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  342.751021][ T5916]  ? __kthread_parkme+0x7b/0x200
[  342.751044][ T5916]  kthread+0x711/0x8a0
[  342.751067][ T5916]  ? __pfx_worker_thread+0x10/0x10
[  342.751085][ T5916]  ? __pfx_kthread+0x10/0x10
[  342.751106][ T5916]  ? rt_spin_unlock+0x150/0x200
[  342.751124][ T5916]  ? rt_spin_unlock+0x161/0x200
[  342.751140][ T5916]  ? __pfx_kthread+0x10/0x10
[  342.751162][ T5916]  ret_from_fork+0x4bc/0x870
[  342.751182][ T5916]  ? __pfx_ret_from_fork+0x10/0x10
[  342.751204][ T5916]  ? __switch_to_asm+0x39/0x70
[  342.751220][ T5916]  ? __switch_to_asm+0x33/0x70
[  342.751236][ T5916]  ? __pfx_kthread+0x10/0x10
[  342.751258][ T5916]  ret_from_fork_asm+0x1a/0x30
[  342.751282][ T5916]  </TASK>
[  342.751608][ T5916] Kernel Offset: disabled