last executing test programs:

14.277488269s ago: executing program 3 (id=6686):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$null(0xffffff9c, &(0x7f0000000080), 0x22002, 0x0)
ioctl$HIDIOCGFEATURE(r1, 0xc0404807, &(0x7f0000000140)={0x7, "ec708789a50d1ccb120fd89bf662baba7de45e6c25b3fdd562462f47f73a3a45286c2f2c153c313404df63b57171d0297737ec4cb163bba5258ec2faf4e8414d"})
socket$netlink(0x10, 0x3, 0x8000000004)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0xa176d6ee3894e878, 0x0, 0x1c, 0xb49, 0x9, 0x8, 0xfffffffe, 0x3}, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000f80)={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x2c4fec8d30eedea2}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b0400000000000000000200000024000480200001800b0001006c6f6f6b75700000100002800900010073797a30000000000900010073799030000000000900"], 0x78}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0xa0b03, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r8 = dup(r0)
ioctl$KVM_SET_VAPIC_ADDR(r8, 0x4008ae93, &(0x7f00000000c0)=0xffff)
mprotect(&(0x7f0000f9b000/0x4000)=nil, 0x4000, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

12.058319862s ago: executing program 3 (id=6692):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (fail_nth: 23)
r1 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0xfffffe3e)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1)

11.643457564s ago: executing program 2 (id=6693):
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x14002, 0x0, 0x0, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f000000a3c0)={0x2020}, 0x2020) (async)
read$FUSE(r0, &(0x7f000000a3c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50) (async)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50)
r4 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r4, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x12)
listen(r4, 0x7) (async)
listen(r4, 0x7)
ppoll(&(0x7f0000000040)=[{r4, 0x156}], 0x1, &(0x7f0000000180), 0x0, 0x0) (async)
ppoll(&(0x7f0000000040)=[{r4, 0x156}], 0x1, &(0x7f0000000180), 0x0, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000083c0)="32f46257fcb4d4840732e65be15f2600ff7f7388649aff7b1599a6bcf3d0442f7eca1b5d02b009ffc89b91ce8b5250886992c1edc522ed125a5337f8c4b39d303dd636de06f6bca465482d9e64f32b54925f8a39c3e017ba55ee9d6bf1b92665b5d083d7a644dc833dcb681eba455ab78276efd1d588e9b5daaf6044dc9f26a73fd5dc57e6fb8d9bbae761c7c5e86887d7a77a4d44c5d5b00c37f3105acffa65240cfe42909095b2879f6eb6f9d804ab8fce4813d907ef01a111aded0c20507659aaa8ea80876a369063e3e58fb6bceb6999aa729cba82f1eef30007cd65a956deec2921fbcf403b4dad56da6a74247dfb2028ef3a52a773a35156d483c3d4f14f8ef06711459c41db3cb2b0e48f47141af99e208f5c687c2193cc45cf134c92ad35b58cc17bfe80d145c1ee0adb217a277411e9886230037257897f6d6d976b113ce30cf982f3c7a941a8a2011fb0de93ab052ca71cf3375361ab09f411d3b85336adcb23b412ced08853deef5b2419b10415c5c3140309ea1b5e48206d3d505bed09e06be66f315d9ba1364260d71f05c908ddd7e7d0625c4c428e7e00ef09916a69176254f96e440a4c454d3b2cc8aec13678ea5243ff8161b31d6e18f560879c9c6fc8fd6c8f402b8a37409562a0b5da4d9d2dc7530683c1adad3725690ec51b8fd0f0cc717a40e31c6e553ff1621cc4cc970932b9b6655b460cb5f55970bb9cd7f3ed738e6dc4e008569ff67a77c430db15faa40ec0872471e096a180517d4368d133bfd839cf90bc5c6f60e07f0ed17b189f278d1a0334a7cc779d68bff3b6f539c5da365c8c74a94b5442930b8098ec90043f2fca81cea6d646119be3d3f50301e17ca0fa6a39bd8d691a12d338c7be1166232f2867764446af348aa3e3cd621875cd14cca47ce9ea9b70f5a7e31ddbcf0358f9ca84949365e9df9015f63ca80fd3938c36ab8aeaa782aa5582681ba32cf87a0e4f5de2763dff74a1e1993298ddbdc7d681cae97f6d63c9cf77d6766d71f8b2b2473fa06f67d6673da17592323498bb630eeee48972959fad41b64068d496c57c7eb233f3773e50a4166e1a075c289ee54155d3123fe4b9a0e93f04b0b0fbdd742f7e71ce1476ef6cd4226d1a5c9c65db9e246b0a0196538ce9ea27b6058cb5b0c62dd0988ac218b6bf6b38f277e8e063dbc8590f12409c1a63df1ca52f8c6c4edaaee2482d0f2034e2997100fdd5a1810b07337e8a668e25b5dc7216925e49f8c18d377f8da0b5adc008ed537f8c64a3006e29654f22d0afb118f5b6ea7ba5d087232dfb575732dc06e4c629d451f720a30c2d3694859abe23c0fb684f2cc6cbdf975693dfb95663a9b816e7c7e00b48ded8b0c06698248d53e6aef85cf2c0d0c09c2931a0daa11a2b65df57d85868e40fe2e0d7b2c8ad86436b7e6f091c681ebf5b3173087385a93eac1f57cb289034c189fe7940b26b1853d7a592f1af6b9e67a208f18157d9192785db7478ae676db55a09a90eaad99022af700a4824ef6b5f60d21841270061520579f8a6d1fe2ff0a94a3eedc9b37bd28337d0fba9a196c9370e65c4089a0dd600b60f93a31ad912bbb638e82389a0f8137587faa2e461092f7913142ce7dfa3f945444a523682c8524a94eeed8134bb918406f3a71a7fa73515f5ddec8b90a2670d2e7cc5b1015cfbcc785099ea3e5d9fd0572e1481c2a171b2037da6207d9119c3fd49cbccc0351855e3fcfacb299b7077274eea1033b0551df66f9b22c7712049c66d29068c753c8613cd11cf49fd4841af5b30523368a47546c19259c27c7f138e429da89ec94946d8f6b2c807125a4f4b504537e091a3ff3c78b5544db18670824fb985ed69502276554b2750ef9ef34d6c2b60aeac56ca707f75e77a06b5e2a4a30487fe5a44e945ade1d44218926e4e8f6c4e7ce2249cc17d3d6ecaeaed8a94f89a8fe3ec9d494d4a7ea8834cdbb0670b711749588489cbafd7905ec3652dd2235f7d838574397baa67b9d0c9cab04ad0ff02fcb098ead45607a440a0f484fbeed40bf647014528367907ef6fbf0d3dbbe8138baf3f44f98779cecdd8cf9fce2dcf958cc9d5ef3d6a0bccd65a0330565c93c48e4e6c98e283b1a78b3289c4f7b4b28e11a1d9bb6c18404ad4df66d7334113f98dafa238dd6bffeed62dc47215005251f53f96db0acb5b507c8378e862ba096887361fdd25914c1571c02842162c5b8e16b8416466d59c43a7345f7ecc74108a45899282c251f66552b6cff6cba5d50f70918d2d7d392dfc2be68425ebc00c2247598bb7f1b8338a13ee37ea39761fa00f05e09ddd74e955c2a1907f7c436439f685f58ecba52398d009284f291573decca4612d98758868b30d337076f613cbdce3578d7ba2aac90bd643c3571bce2ff3a5fad7d79e0a8377c3d8c480a4906ad42d56670930d087deef26cea1e0d5c2264666782c1d111ac6e04e569a7011319ebc43e8046951ea6fd09f487ba893168ce0990086d005e6631db690b89fcf323547b7cf9859a3d0ed3ced9553f9f31456897c1b8977563e4c76fd1ba02a8115f266f29958b1ecd9e2964776322e87c99ea08c02da1f5d75b1e2374f90013d8e3f6cd538d401f864b5c87d26ecf57b9cff820fa64fd4203f639bf77e51fcf708781507d3ef0f92f079aaf913678969aaeb919f64ada4813a9c6d3d823a7fae0032b3051c1592c83607481112cf35c851a247a86be316cc74886ffc75bc5476218b236ed2ad0e5d036e68efd8137a7e112520cd9c3b5c77ece19e449253c3694a111742bb54140cd46d644e6cbd1b3474577177a4b188d954d3b9a08eda12f71f1aabd0312704ae6fdd2b0e207afaed95b713f6be936b2222b43a80e9187aab90c624cb6e578e74458657a1b17f8caac5793704022989609340ac4a2a513c0d7fc496cd76a3024523161b16cb486fbf0edec8552f03637dc334e6c79ed2c5f216180b396f868cc7e8a73aa62f03428f4e3018274251144ccc431ba0b168ffef084ca2bbed114fc2f76c270d0d7fa34dec480ef0119f4b600f73f2925cce71f1f1e10b6ec5f6f9b9f3fac4b054af950dc4b874176cf1b2d6706b67c7de87e0c00edb34c96abdda7b1f2a5765c81a9264e7b21851ec0bda0b88e9f38ddb981f9cc56bb1d8bf556ee78ada18897e097364794ff2b41f303e6ace76fde4caaf21542afa4c004349d420aa5dfc09caa44df1c4c47cd968a6af6c627c119c84178dc5ca790ea071603d352ef8f8fdd705e6aa9f35c0fba20c6111eb095e1c225610f77ff3cf9e960fd6993f82677beb0a27ff34c62a0ef993b51d0b046572b03b5aa05eca22b05999544eec93d42e424766db7ff6b10bc03f8b722a065dca5fced274c595e8e8c09bf5e5390930b1f4aa5b144691c8be4464678e0e6d6a42ad3701b840523aa848c28c2443a5bb68c48a553a8f916e0d48e4536f6ad532144055ec244d318eaceb6ee9168b38e88db3d4027cc090ebda193ede19debb22d6b6c4129bdcfdbaec40fb9dca8432e206f56402ca87560a158663d6a883f8189bc3fdb773962c550fcab1f87472178710b4007773f671a2b8e4591649a8195a71c61f1b6f7ce8334e867704b2dbca6ce9affe969febeb46abdbced72a17cc3d8a519b6f31bcb6787c50b719367f5058cada3d8a844ef16a734f1ee82a6df823f555fe02461adf965b35fd4224fb371285ecaa29f05772c0e043c5bb77022614bd47bdf2f6a1a4c11f634eb4d1f982a80e4aeb7998eefc21c7edd2fc8825e5535b0230b8dad8dc5e3e6147a98aa42983358b1df70f9708a86aabac4050592a6d593b8a7d6b539acbdd94d4ac3c16a57c611883e53a546658d0fe00bab65aa6d89af6b2c30bc9624bd8ec6901d58606c82f555a12fee3ebedcb8c8b5cad3e76c53fd46655f3ac93c5d00b801dc9a348a86c4b580b7c2b0b44c1017c8768e0d9de659894c0854e2b3b0c75bed53673007f228c5883032294391f5a61828c9cce584782ce9a5b0a9cc306014ab562043056bb93c400e981ae6b97ac8e22e7ac7d34227afb91b47e9bf2aebd243e92886902ed99a2efc70b96b9ff02e569a4a10cd3969d7970f4696612324081fae96ffb24ecc32d68912c629f642cc560a0da579fca655ae2f98bbe9ab7d7c46c3b0b8d603f652930eca103ea58d21664b58f0a9c3471e6bd56dab9b9020300fa2ce42d59b0a1a165fd6204a68b1d1f47d6427470db2feaf8aad03d4e186cf3e5f3bf8b58cc4551c60a9d9120903d53f70f43f0497667571353511e93358e18b09f53fadf8aca2aa1e5851aa00eb55fef889fd55ce8c2377d58adbab8302feb9212a1c86792399b1180163906554b53d8b4f196d635e69ef36000dc817a1bf82b07bf7fd54eab849922b215b24a69d8f3385a1dcc19b84b379716d6be3549a50394ff348ee823f26e88262054d707d36de7ace2dac80cb5116baf3ee43f770698446f0ef6839533195cdfaf12ee0018ab12b6ac857587335f2448a4def01c45fbdff033227908efde30eaf631ead6c0eed9342e82b63d68704acb375f2055143b60eda18f88df9bd615c89a9afdc7bf77fd53f8eba06d939706a1242409d9d1f14059eb83bac6a983e6a6f2043ceb687b0bd912e65bfdfd2c9fe6fcd082d7e6de9c39c626d4935f66ab5cfa893ee1cf6909cac0531b144795f48050f835e3619b062d1b37746ca772d2be068ab630e9a1ecb97a635d45fda7dae36212f2be4c295fbabac62c90f99dd74beda80d0577a56a7d85bea9b5017745b678e5bdca87a1968002891772c4c763a25a97bfb2d00de36dde9a267ce478bdb3622dc996dd0ae1e72b04672190b83300e85d3ea1f9933413c7557852308f23f8a3b51339b57ab0420c68193a881ce0d3b33b8b7e3e2da85c24559c759aa45cccdda4ef0f15527743361c1c582d2f7be084376106bfb9dd6dc1372d014f8f3f7cdbccdb7fc2a9e7f878e5aeced525c368408950cf3972cb98f9b6e814a8a20ea441aadc0057a387983a524b852de9cda2d154a2993c9c6da6d5fb98bb51b5406516fc8d3fdcfc4d362371f4bc7945f8f926db15542a38de7a9df6675f6452430f0d1ef6a915dd61771247a8ae0c08446c03f24f45b65c6c4f03302d83a44ceff5de233626b617f8645d0f88d456e7fc6056869a1dba0f406cddeb4c4fef1d751d5a8ac6aa44e3afacd470d4c28d658ef7b9b7781d6e91fb77bd61eb0515f0b80f82627836cd0052b3e81601fceb534239aaee1fec2cedd5cd0e262164711f32b791e9843082d22cdcea0c798ee422cb7d20b4acc27cfcff5a1eff29d16a99debac5c4ae689e0428eb6344cd611aac6fef8ec9ccf32ad560947eee6de12dfa6e674731a596ca1962ffba72bed7f3d98d05d62b809cef30d8b51bf08fb3f578b50501f1aab7d49d8a0e365dda3391667ddbff13c44cb7da4f4522c3de885480e61c1e30b5e7456b91cafe57bd10e24bf9351349095f2521b6745e6d44a5dbabee413c85ca362452953375d8c38cea4fa8e97f1d04068fc0e1b9b87824d0694b674c588c6afbb8c03c5ca45257f4c2c2db7ba810bbb04c319d290f31b5d2696848f10aab76c547cd4cb53de9f2e5a2ed3ba5b78f68f0dc377ed77292cb03743109bb1f68b8a68dc26ed7572598e52bd4c18c4e509b553e66400a7611895d06a1d52daaea4a89cd5ee42a5f8521b9899e9ac7180366a8fbd317f041dc97fdf13ea413a5a202816eda176dfc9728f5fd0ecd21a3d3b0e3c37275875457e7587b4fa56aa9c53a96ef66730ed23849bde371583a3d63f86970b20a4b46635f2ac3d1e259a8da9387f59ed3c72bd092b4ae17e927a56fffee5911038a80e66c66b3f1f03adfef496003acbaf0c6aaf2728fa94ec096de1e06d392f86a2e0d9315422bb4bfe60c5de102dcf7052aad349e1561458d286de19433973bd9530bb1bc4605d1e89a9ebad18dada9b070b7e0c2daaed44ce359f12c21b31d50e66b6d963191e21ac8eeb61f08d49cdbe7fa6622ea71916041b98572b5ce2f4cc3a3758802a0f21c1715fbe039ed12157b4bd317c295998fe52308b91bc8d5a28c4a8a36a941ae1c2a913a33a84d87000643d8825033774f01c48e2f6f43a726931dfb991430c55f0b280332b6ef4f6094cde6cc7b46cdc51f5688b793eec0910efb09b356c12c1dffebcb966e999d6e9013c57ad632c0712375cebd5c563351b598b2c0af1c7f31584a05ca08bb10befd3fbd5f3f40f6c766608c3891db62d5e1565ee8eb44af50b24096f3a35da12fc80941257bc006b4d2ab5814bb512219c90936891ffc7e63bedd552700c5623931101c9407403ae532a3fee0f24422071db55dbb6dc8f010d2ad90167fb6e79328aaf857e5da7b6238cdf446dfe98d54540ccbd06d51beeaecacb53e33f22bd39e1b98374ade1c9a2dd2c54811d7172246311d3d7f0a86a33a5be94f87687e138c7e302d23e5e765ab9381166b2725f992d2464db459ee96b7b96b1cf1de1bff4b2c03276ed5bc14b0a67d4298f7fac5721d2aec6d517478b06adf5515771920162fb49351f08944216594c66a868adf4a2711b6b97b46651426f73c9874c330e8de8db0ce7c3e2304082ec83d7d436515e59739aee5aba08ca1f67b9f05e9350d2a13415a437fecb4aaaa07a5aea8e893283304f65e19af8f65324eb38e194dea5bbde4a0082323d2beccae380350e21f9d77cf86f87a1ad57b04018dac35e9b21028ec65bc8886eff1b463a8782115a1bcbf3a829a99616e95aef723d6efb80289aae132b2dfe658cd40e9d66ecb7edf50d8df3d1cc7b639e7a353f5bb8788d927f3f7ec535769fc2c880a03a4b8657ef91561bf0600af5462b289eb07030df4f8f431be46b930503d2c21eb212adfa2c1b506c761f1d429ab86b730ab0c75114634ed8207e0599cb823fb1eeb19a56ba1665ed5ff0cb3d55c993c14f186902223aa61e931ca472aa3556680409a574de477a1e094db494b073be4b88cded733fbb113807cabcbf6155989696096f73017dd6a0286617ed87f4019a0431c39fb58a20a37b6d03c245d238fa5e6e0cfe59d1b6c0120397c6ed888d46a49c14d21ddfcb6107cbfe17a61b495dcf082163f10f91331140d3bc785e457c049a7ea1ee2e13bfa894f6c0cc7aa6a4845efb8c13812c9ddb0169ec4adf441af38a8fc8ffbe4df1f7701f95937c8969718c3a53e37e260c0dc6329178d4207c1ea37e10f7650fa3c3a69387c49a89173795c5719bfc962827c30a5dc067b601316f5c9fa3af800e4e3fb1ea6eff3988e47cd52a62e83b4f808aa1ab58507aa639dfea5249bcf8a44bc65b846567304643aea196368705ebad8c8810196bf47459b3fe684510be6779da88bf0c949d3dbb35250f45ee81e64f5f45b35d66b6e008280ad27e4aa2f5b8bca82e46c46ab9f2a2266600c0e5b857d1ce4621b9abc036817c9ad734de9e93f433d859ca0c552adafd632b917ab9cbc1d4c8271dc549ac6258f4053515457b000c1e5728c8a0669313a1252e7d79a1438ded23f155df96293d9137e1db3d200d4e85c905c2d44ff1ac89a06cb6ad89992d6745e395643cc0175b66623481d4963521acbf0ea7fe300d99dceb1d395d59bd7ce2b40cb6762315ee0c4a0fb15626289721df052cfdf94d419d21a351cab9a34064a43e95416cfa7799a2570074f72a7463d900a4f1b027d9e39fc8e90446cba1bf9e05e0b6747de1257992ea5730918be2db7aa686f7ae2a73957d3476972d23776807a7fe8296396294b6a25444e911359d18a5a1a28eb4f8d43802e683f9fde7da95b9c26bb44890a6ef88d4fc44787b7821bfc9ec064ad25142e7dc5898e45c08159523184e3d2e3cc982747871361dcfa45b431be55a61dbe53dab82ed841268b2dce22a22d92b55c1f8e6a505d3cf6cebb44d93179762eeb1ed30b7d42c0e565c677064c3ca596bddbe7977b0d3829f41546c5e24085b07a545c2a842bd8ff23b03427ce1ebb7f09ac5de542a89e78968911571af297f28e7dac2b002636665e9f8a77dc23cffeb239ad1da4f36ccfe1db0117bb0dde5cfae54d6a788a34894552fd87fc11f3ef3439c8f97de904c48a54d868be619edbba1caad619e61f3a8ecbc05d38751da0393bb7438818c22b0f0fc14c3ad0911add4372d05f03161a04342758bf4d871e17873d942185f651810d95873f1eadf96928d155d1c6dd47fec7b73b8444b6b90b8ccc265079588f945d0da4817941ba02318d1ca3bce9cd4afbc835dfe53a514d19dfa53b124587d12b58f089023aa111e19daa4fb379d7b2d2245ba2deecc418d55d174902df61abb87326dd7ff6bd41599704e3fe7e147d8fdc6c542394d704d2055deb699e658a2a1a6661e071a357a3c096c414e7b4d68feba5312d71b4a6617e80135cb79393a39ea53f762a9a688ad340f41952a52524a7038d717401a5182eb0bd93562474c436f5609ae0a5c3ca0e64d14b15448ff2b609c79f263ed6cf7e0d5f8b040f8c5dab5531524837d655e751778e630514632591f3b46ab78ae493e577a641a725534f2ad65e8683aca8cba94e3c7ed7b08d74dd65517646280f9cdb6e90f495f26737321d2c7e0d8d53f53ef888efd8091345360818a38d242875dcadb616bb57a515f1212f737dd17b821e451a8feee26d511334120da99a9e3161f1d76afbf3ae71e4c0500301f3969ae6a68ec261bbfde9f80aaf63c35669a11e1845da785a32c09ac2fb41522adf8a34362c8f2a92584cbc94f496cdc2e50e11f3000ab66f1b691d1ea75c5dd27a6cfbc3d4411c590ba9ebe1e50de77650224e4d2c4246bb6ce98a441322ef560142b2dc959279d5a9eb04131c1ae95120af500d6fc3abcea149d1fc5e91b5bc82fa7e3496f262ae16d587790150fb7084738b45e45e44e1167be09fd111659cd74f0b6fab2f86fa1ada4c3cc94ebbbd75a249925200092b88f5323f042c3162d3e5b5c18dca8260b2c570a73accb84944967d57bbb3ffe7ca5f8006993281d197f8d4e0c4d11aef7ffed53ea84d8a050e10a3a43c6c11fb78f49032e10c77d16bf30228cf1f69c3aaeaf529770a0f8ebfbceb60fe1d56bfc8a26a714b6965f4e38544db021225732367a080fc4c8e6c0a84c6467bb46155eb48d5bfcf96a7af5f905ec46cd8bc8993760cfc0b6c75323091b6fda336ecd5cd31866bd8a24e410d55064ccb40c0d597d83daed8ea26c15b5e2e1c7afb1ca4ef0f4de585bf718d11b67365f424993bba467bff6d1338163b030edbeb2986064dbc14fea39cb98543c467a5978983688919095213d3b77dcb880d9ec5d0a44b300f3be71c6e1285cbd97394a79790fce292bdd265430300e1e04441c59c56e00b08f7c2f072a20e30960e0cbbc1c8630c5c53357051bd66647c707b216bf76d3fa9d434c42cfa33d1b85ee023131c9e70555ae1a92834866e4661921c6411d0fadc0821a884976283feb57350d7266a05ffaa8315d98e8e6ac032fbf1bd69ca881489cff37a1e0aee29cae0d66a97cfa6fe7de8cd783045e0c182352f67cb6bfa78375cff0c5f0bcd173844c004f2eabec53b36ce9bf8b7e32c6d4b26439bf296329a39ef2b15054b8f945aaca48d75f0aca4427b5282579c22aa746fab94b4a4d765225bcbe6b28336c6e31c088391b0399efa0b8b1209a8911193e8dd45ef51145d1c740229b8bf7e64a2313fa64d373523570206c032341ce7e35753663246b38e1b631bff85fa6014db34284b6db59381f812ebe22681bcdbf26affa2dedfedfb2447d5ee95b570eb1caaa86512488ce59d827fe96fd51a4bb1e12d3ea594a3955f0eda8b076c2408ee5d9ec4c4956a8443ee60cedcf9015671274fbef1ca850543b596aa25873ea1f6cd0bade9c85e52311d7e7f2d1a92ce064ce8660fc337315ff5444a9c39e3e95154982b7655f0a1ae670f9a1fc8b877376217c4ba8c2937879f348fdc3c2707705e4bb7be5a37b397857d97208a12d6100e0df978bdc66b73d82301e2e7fae7164d2c35272bb1d4708ed0fd164439346a1909dd50c337a4769c5acc205faededcd4a8b3ddc88fc236079bc48517ed9bdf9e4ee3965d851aa8177394d1e9a782db08f18f2079c1b2fc2f9c313b89093b0005bb2e982ac9912595cb7125ebe961737cee682bf8e8400ff8fe53b91dc20eb0ed4ef496228374010c9504b54949aef348722921375175faa211db6ce8b066cd8bb37ed0cc8c2d74b5916eff72070e1132efb2cb4d1dbb769573fc0fa1f7bac262c479ed929c92165e17b250e57872f2196986d6651e19db882acbb8e39a7506b5666925525d124933fe721e1d7e2cc70e8881c9b936ac4c602dc2f99d6f23f92dc81540d2e406a712a487864954f2ad7aa6dca0773baf38ec0968e2a46a2f167e18982f9f63ff6d73119511af4cccfa0420709b490f62c8b1611ca10f15ab4847832cc3d44301c796fb9acb30f4931cf1879ca634f8dee30ec7154eb57150ec5809884cdfd2c8c39db0a8d519b7fc7d4a51c1deba3f5605b51221b71338826540ef939c2bcb46db7608ccc839d2302d0646afa46fd4c56dd915a297d5cdfd8c9af6d62133634e853f5f97b8efbb4ef97911d4ce91b94942034c8308b17f8c13646bc7d6c179783a15964787876b302a541f580e1b7afa7d27b5133237ddeb89d2a47a2aff90d6a100aa01da6b2074ef5317cd7a4b4fbf7a62e20b5349383e66f005dbb1de9e2415242692d1a218185b3e96e0b5a0d8a99aa47d36a5a1c58ebb84afa98eed20411275e3170da483a5b3e00b33c680c54d860da7a1724ed7533d5850d82ef681c3fa4e2ff93c2b21ecbc57557da5819aae759fb9fd7db22adbaa691ebcc3d2e5cc4e72dfc52c92efa6ba0662e7d91016773e60f77dc834c895d951f2059ea64a018d0c50d6a7ce00d362038ed32af9b0e5eff3ea9c9eb1e1540c35f7d5d01d3087c19c7547dd20df08fe9155256f4bfdf5731b0bd0bda3d81dc276677a00c77afa583a019f3c26748d3d00b35f5ef945ee7946aa9bfdd0d1192373c64879456ceff5203890801ae843b91486234af68cbd4b569218004c722e852242c998c7690b350fd5de1af440f201c8b57ec8437a303b743bd8e3b71b8b0a74a71cb61bbff18422ce49ee883c3b9471ea19cfe14b328b457355362b22af6dc1698cfc80b6719ae73b6a9b0fbdfb4d6b20661800da876b0cf2b77f8680149a36fd311e1cbc49e761a921e0221c5af22982b6ec6335f3a0cc60bb8f5a0f6e9a29115683ef0f83ea50f6082c1401c29afac28e4fae0812b3ee28f2e6bd7a491ae62f52a76dfa777bea8eb5cc9245fd4694d19e09c8fc149689b2c4fd4f70cb600819a2044114c19323c3e0ea749f5667133845343f1d7faf6a5cb8b275a8dace2d944f8a293f2164821372d4cf01fe1f6a226bb84e0bdac80bc2cf664d1874deafeba857ae4412fcaaed4a08bc9b6ca797f6115b5210ab0e8192de909a8154576c908c4042bbb445d1bcc2604ee845e029cdb63730163d1839360080cb74c50d39eb14195fb8ec3335474dc000", 0x2000, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x150, 0x0, 0xffffffffffffffff, [{{0x6, 0x3, 0x4, 0xfffffffffffffff8, 0x4, 0xffffffff, {0x2, 0x7, 0x0, 0x8e44, 0x1, 0x8000000000000000, 0x800, 0xe, 0x1, 0xa000, 0xa3f, r2, r3, 0x1, 0xd}}, {0x5, 0x7, 0x1, 0x5b98, '\\'}}, {{0x2, 0x2, 0x7, 0x96a, 0x80000001, 0x0, {0x5, 0x5, 0x1, 0x80, 0x9, 0x26ef, 0x1000, 0xc, 0x18000000, 0xd000, 0x9, r2, 0x0, 0x9, 0x80}}, {0x1, 0xac4, 0x2, 0x2, '..'}}]}, 0x0, 0x0, 0x0})
getdents64(r5, 0x0, 0xc0)

11.307116846s ago: executing program 3 (id=6694):
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f00000001c0)=@x86={0xff, 0xc1, 0x4, 0x0, 0xffffffff, 0x7, 0x8, 0x6, 0xcf, 0xf5, 0x1, 0xf, 0x0, 0xc000000, 0x8434, 0x9, 0xfe, 0x4, 0xe0, '\x00', 0x5, 0xe})
r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x8, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc04c560f, &(0x7f0000000040)=@fd={0x7, 0x2, 0x4, 0x800, 0xb, {0x0, 0xea60}, {0x1, 0x1, 0xe, 0x4, 0xf9, 0x8, "e012dd35"}, 0x8, 0x4, {}, 0x1, 0xfdfd})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000040)={'\x00', 0xd, 0x4, 0x1, 0x18f, 0x10, <r6=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0xfffffffe, r6, 0x2, 0x0)
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a01020301090224"], 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000380), &(0x7f0000000380), 0x2, r8}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r8, &(0x7f00000001c0), &(0x7f00000002c0)=""/211}, 0x20)
r9 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r9, 0x29, 0x36, &(0x7f0000000000)=@fragment={0x73, 0x0, 0x5, 0x1, 0x0, 0x1, 0x64}, 0x8)
setsockopt$inet6_mtu(r9, 0x29, 0x17, &(0x7f0000000100)=0x3, 0x4)
connect$inet6(r9, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
sendmmsg(r9, &(0x7f00000092c0), 0x4ff, 0x0)

11.222659294s ago: executing program 2 (id=6695):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x6, 0x7, 0x9, 0x0, 0x1, "100056f200"})
ioctl$TIOCMSET(0xffffffffffffffff, 0x5418, 0x0)
openat$ttyS3(0xffffff9c, &(0x7f0000000140), 0x460900, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, &(0x7f0000000240))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x4b564d04, 0x0, 0xffffffff}]})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x63a01)
r7 = openat$zero(0xffffff9c, 0x0, 0x2401, 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(r7, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x20000010)
ioctl$EVIOCGMASK(r6, 0x80104592, 0x0)
socket$netlink(0x10, 0x3, 0x4)
writev(r6, &(0x7f0000000340)=[{&(0x7f00000002c0)="480000001400190d09004beafc0d8c560a8447608004000000000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00", 0x3d}, {0x0}], 0x2)
socket$pppl2tp(0x18, 0x1, 0x1)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_CLEAR_HALT(r8, 0x80045515, 0x0)

10.377868119s ago: executing program 0 (id=6702):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r4, &(0x7f0000024c80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000024d40)=ANY=[@ANYBLOB="4400000010000d042abd7000077bf70000000000", @ANYRES32=r5, @ANYBLOB="01000000000000002400128009000100626f6e640000000014000280050001000600000008000b00", @ANYRES32=r3], 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x1, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f00000001c0))
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e00)=ANY=[@ANYBLOB="44000000100001042abd70000000000000000000", @ANYRES32=r3, @ANYBLOB="0028000000000000140012800c0001006d6163766c616e00", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$rds(0x15, 0x5, 0x0)

9.984979947s ago: executing program 2 (id=6703):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009e2539b81e52624140000000900030073797a32006058c232d340f3cf0001"], 0x7c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800000040000701feffffff00000000017c0000040042801c00018006000600800a000008001500", @ANYRES32=0x0, @ANYBLOB='\b\x00\t\x00', @ANYRES32, @ANYBLOB="03000010"], 0x38}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000000000040ac0541020000000000010902240001000040b109040000010300010009060101000122050009058103ff030c0000"], 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000010018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000000600000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000000)='kfree\x00', r3}, 0x18)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(0xffffffffffffffff, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_usb_connect$cdc_ecm(0x3, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r5, &(0x7f0000000080)={0x14, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r5, 0x82, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000340)={0x2c, &(0x7f0000000000)={0x20, 0xa, 0x5, {0x5, 0xf, "c0ac0b"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
unshare(0x22020400)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000001c0)={'vxcan1\x00'})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='wchan\x00')
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(r9, &(0x7f0000002280)=[{&(0x7f0000002780)=""/133, 0x85}], 0x1, 0x10001, 0x7)
r10 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r10, 0xc0045005, &(0x7f0000000080)=0x80)
close(0x3)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000800)={0x1, 0x0, [{0x294}]})
getsockopt$sock_timeval(r4, 0x1, 0x42, &(0x7f0000000300), &(0x7f0000000340)=0x8)

8.585359514s ago: executing program 0 (id=6707):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a45320, &(0x7f00000000c0)={{0x80}, 'port0\x00', 0x3eb, 0x21e2f, 0x3, 0x0, 0x0, 0xc, 0x400, 0x0, 0x9})
openat$sequencer2(0xffffff9c, &(0x7f0000000280), 0x4011, 0x0)
readv(r1, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/89, 0x59}, {0x0}], 0x2)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'bridge0\x00', &(0x7f0000002280)=@ethtool_sset_info={0x37, 0x101, 0x2}})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000280)={'bridge0\x00', 0x0})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)={@cgroup, 0xffffffffffffffff, 0x13, 0x10}, 0x20)

7.664668463s ago: executing program 3 (id=6709):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x20, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {0xfd}, {}, @connect}], 0xa8)
write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xc4)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xc4)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @tick=0x8}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}], 0x54)
write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4)
write$sndseq(r1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
write$sndseq(r1, &(0x7f0000000740)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}], 0x8c)
write$sndseq(r1, &(0x7f0000000b00)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"b5f8fbe8c20c855083221c33"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xc4)
write$sndseq(r1, &(0x7f00000004c0)=[{0x81, 0x80, 0x2, 0x4, @time={0x8, 0x5}, {0x3, 0x31}, {0xff, 0x7f}, @queue={0x80, {0x8, 0x4}}}, {0x8, 0x2, 0x8f, 0x6, @time={0x3, 0x1cddab93}, {0x0, 0x6e}, {0xf2, 0x30}, @addr={0x9, 0x1}}, {0x8, 0x7, 0x0, 0xe3, @time={0x200, 0x9}, {0x8}, {0x6, 0x1}, @raw8={"7aa27555b79e43403e7fa600"}}, {0x0, 0x7, 0x3, 0x6, @time={0x0, 0x7}, {0x8, 0xfd}, {0x93, 0x80}, @queue={0x14, {0x10, 0x80}}}, {0x6, 0x8, 0x3, 0x40, @tick=0xf6, {0x2, 0x8}, {0x3}, @ext={0x0, 0x0}}, {0xba, 0x6, 0x54, 0x7, @time={0xe5b, 0x10001}, {0x80, 0x8}, {0x2, 0x7f}, @control={0x5, 0x40, 0x5}}, {0x3, 0xc, 0x4, 0x6, @time={0x6, 0x1}, {0x10, 0x4}, {0x8, 0xa}, @raw8={"80408bcf99ee1216e4e59519"}}, {0xd2, 0x5, 0xd9, 0x0, @time={0x8, 0x4}, {0x54, 0x6}, {0x8, 0x8}, @result={0x5, 0x6}}, {0xcf, 0x1, 0xff, 0x5, @tick=0x9, {0x4, 0xb3}, {0x80, 0xd}, @control={0x66, 0x800, 0x3}}], 0xfc)
write$sndseq(r1, &(0x7f0000000400)=[{0x8, 0x53, 0x7, 0x65, @time={0x4, 0x8}, {0x7, 0x1}, {0x6, 0x5}, @raw8={"424a46f27d2a45434e135bda"}}, {0x7, 0x2, 0x64, 0x8, @tick=0x5, {0xc5, 0xf9}, {0x9, 0x16}, @addr={0x7, 0x40}}, {0x88, 0xfd, 0x7a, 0xd, @tick=0x1158, {0x9, 0x6}, {0x4, 0x4}, @connect={{}, {0xf, 0x6}}}], 0x54)
write$sndseq(r1, &(0x7f0000000800)=[{0x0, 0x0, 0x0, 0x0, @time={0xb, 0x3}, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw8={"ce274516c7da5b6da0b16993"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"b134b141793d8609365bda4d"}}, {}], 0xfc)
write$sndseq(r1, &(0x7f0000000d00)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"49cbee45cad57a0372831665"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}], 0x8c)
write$sndseq(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time={0x0, 0xfffffffc}, {}, {}, @control}], 0x38)

7.515722918s ago: executing program 3 (id=6710):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
pipe(&(0x7f0000002480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x7, 0x9)
read(r2, &(0x7f0000032440)=""/102364, 0x18fdc)
write$P9_RAUTH(r3, &(0x7f0000000a00)={0x14, 0x67, 0x2, {0x4}}, 0x14)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
rt_sigprocmask(0x2, &(0x7f0000000080)={[0xffffffffffffffff]}, 0x0, 0x8)
gettid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mlockall(0x6)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xd8]}, 0x8, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040), 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000008000000000000000080000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000063a970a600000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x8, &(0x7f0000000600)=<r4=>0x0)
io_submit(r4, 0x0, &(0x7f0000000100))

7.499409961s ago: executing program 4 (id=6711):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000001340)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x300}}], 0x1, 0x24048084)

7.259156544s ago: executing program 4 (id=6712):
syz_usb_connect(0x0, 0x2d, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x3c, &(0x7f0000000280)=ANY=[@ANYBLOB="3c03abe97a2db7cd8803e255620d2d1d3f1813d2f3d1e820ac095386171995caa2"]}]})
io_setup(0x7, &(0x7f00000000c0))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
readv(0xffffffffffffffff, &(0x7f00000001c0), 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
syz_io_uring_setup(0x496, &(0x7f0000000100)={0x0, 0x80b4, 0x400, 0x2, 0x8000dd}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x9, 0x6000, @fd=r3, 0x100, 0x0, 0x0, 0x1c})
write$binfmt_script(r3, &(0x7f0000000000)={'#! ', '', [], 0xa, "96330bf7d36f8682a2898323a1dbb1fb520af02e4976a1be8e1d4826aa3a454a7cf438d8b0c94f26c57347b1d87a94467974c9e81585cdb05fa91ba0abc694b9ff394f5adc466c4dac0b3162ac3db3fd12ea5152c760b2dc6a038f03eadba89b0559e9248c06ad35c16ef7837ae7570b44e4304d1e6db583f08edb57955b63db0196b4b7a211aa4454a4d06cc8"}, 0x91)

6.618529958s ago: executing program 2 (id=6713):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e0000006700000008000000ad00000008680100", @ANYRES32=0x1, @ANYBLOB="8100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000003000000040000000500"/24, @ANYRES32, @ANYBLOB="09307d6a0e148981ad707c8109465f716c65be6e8570487e585dcd7d60c83a6c4c8361062446f4f5bc5c58562c43b38c4d557951dab95269ab90b920e96b236776d7b59f5e1c0e93280a0264ffe4767bcd"], 0x50)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f0000001740)=0x6, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = gettid()
timer_create(0x0, &(0x7f0000000d40)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000d00)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010800304fcfffeff3d40000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000240012800b00010067656e65766500001400028005000c00000000000800010003000000"], 0x44}, 0x1, 0x0, 0x0, 0x4004}, 0x4804)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r5 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r7 = inotify_init1(0x0)
inotify_add_watch(r7, &(0x7f00000000c0)='./file0\x00', 0x60004ce)
ftruncate(r6, 0x2000009)
sendfile(r5, r6, 0x0, 0x20000000000006)
timer_settime(r3, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000100))
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r10 = dup3(r9, r8, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000e00)=[@acquire], 0x0, 0x0, 0x0})

6.430762831s ago: executing program 4 (id=6714):
syz_open_procfs(0x0, &(0x7f0000000440)='projid_map\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001600)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000002c41000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff010011d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcebc7586186fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35eff00006b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b58fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f58fa48f61071f548d411353965615c24c1860fd0dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5472d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9778289c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26a741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba17a647a171c2fc73a8c7541c7ffaafba62195fce77382ae962f30d4a377d760040975a44aa73a4e687d06f96f0987b980f6f883534dfc71ace539eeeb08cff54e0e05d5e0563660a3664c67d0eb9cd"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x8e, 0x88, 0x5, 0x20, 0x8086, 0x9500, 0xb6d8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0x15, 0xcc, 0x1c}}]}}]}}, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000200)=0x82, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r0], 0x24}}, 0x0)

5.370763329s ago: executing program 0 (id=6715):
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) (async)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, "9c304bad897e0216795983be31b98b78a3cddf"})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x80001b4, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x40, 0x100000, 0x3, 0x200000b45, 0x9, 0x8, 0x40000, 0x3}, 0x0)
ptrace$ARCH_GET_CPUID(0x1e, 0x0, 0x0, 0x1011)
r3 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c) (async)
r4 = dup(r3) (async)
r5 = open(&(0x7f0000000080)='./file0\x00', 0x1298c2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xc0, 0x19, 0x400, 0x70bd2d, 0x0, {{@in6=@mcast2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x8, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x1, 0x0, 0x1, 0x1}, [@lastused={0xc, 0xf, 0x3e}]}, 0xc0}, 0x1, 0x0, 0x0, 0x54001}, 0x0) (async)
ftruncate(r5, 0x200004) (async)
sendfile(r4, r5, 0x0, 0x80001d00c0d1) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03080000000000000000070000000900010073797a3000000000"], 0xc8}}, 0x0) (async)
r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
ioctl$EVIOCSREP(r8, 0x40084503, &(0x7f00000002c0)=[0x431d, 0x1000000]) (async)
fanotify_init(0x200, 0x0)
io_setup(0x2, &(0x7f0000000000)=<r9=>0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0x1) (async)
syz_clone3(&(0x7f0000000080)={0x21800000, &(0x7f0000000040)=<r10=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_submit(r9, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r10, 0x0}])
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000440)={0x1, @pix_mp={0x62, 0x1, 0x3031334d, 0x3, 0xa, [{0x3, 0x6}, {0x2, 0x2}, {0x3, 0x411}, {0x10001, 0x8}, {0x6, 0x8}, {0x4, 0xd}, {0x8, 0xfffffff8}, {0x5, 0x1}], 0xc, 0x2, 0x1, 0x0, 0x2}})
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)

4.83739055s ago: executing program 2 (id=6716):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
socket(0x2a, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1e}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x1579, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4408}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a48500000004000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000000)={0xd, @pix_mp={0x9, 0x40000055, 0x64737664, 0x6, 0x8, [{0x9, 0x4000}, {0x9, 0x7fffffff}, {0x7f4d6e18, 0x2}, {0x0, 0x1}, {0x8000, 0x200}, {0x4000008}, {0x865e, 0x1f}, {0x7311, 0x7fff}], 0xc3, 0x4, 0x8, 0xe87b598fe6909e43, 0x5}})

4.835225793s ago: executing program 4 (id=6717):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)=<r2=>0x0)
setpriority(0x2, r2, 0x8)
statx(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x7ff, &(0x7f0000000340))
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4900, 0x8, &(0x7f0000000440))
sendmmsg$unix(r1, &(0x7f0000000640), 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xb)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00'})
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x3)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x2, 0x8, 0x4002, 0x3}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_flowlabel\x00')
pread64(r5, &(0x7f0000001600)=""/4103, 0x1007, 0x97)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SETINTERFACE(r6, 0x80085504, &(0x7f0000000000)={0x2, 0x80000001})
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="d00000003d0001002abd7000040000000100000004004480100001800c00108006000a003a00000039e4d7f306eebc183c20ff9296ec37dc48782373028c31c8c3f204b7a50f43e83d8031af3bf1bad035717fb29ff7ed6e8b2bd8a289794a2a181807e1d37ed7ce5c19f569bb454c4d0d620a286e9c69d8b3e1c0348e81a735ae6c6a6217a22e200b36757ce3ff400debf582388d837b96b61a7eefba6100f6b2b4d92496decf484f04b4337879540192016613c951f8aa1999aab57955a43c081dbdbd00"/208], 0xd0}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)

4.749325946s ago: executing program 1 (id=6718):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r4, &(0x7f0000024c80)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000024d40)=ANY=[@ANYBLOB="4400000010000d042abd7000077bf70000000000", @ANYRES32=r5, @ANYBLOB="01000000000000002400128009000100626f6e640000000014000280050001000600000008000b00", @ANYRES32=r3], 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x1, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f00000001c0))
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e00)=ANY=[@ANYBLOB="44000000100001042abd70000000000000000000", @ANYRES32=r3, @ANYBLOB="0028000000000000140012800c0001006d6163766c616e00", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$rds(0x15, 0x5, 0x0)

3.25780346s ago: executing program 4 (id=6719):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r1 = openat$dsp1(0xffffff9c, &(0x7f0000000080), 0x182, 0x0)
ioctl$SNDCTL_DSP_RESET(r1, 0x5000, 0x0)
syz_io_uring_setup(0xefe, &(0x7f0000000140)={0x0, 0xcc19, 0x10806}, &(0x7f0000000000), &(0x7f0000000380))
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ffb000/0x3000)=nil, 0x3000})
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000140)=[{0x35}, {0x5}, {0x6}]})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x0, 0x0, 0x6}]})
sendto(0xffffffffffffffff, 0x0, 0x0, 0x4000, 0x0, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000140), 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
r5 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r5, 0xb, &(0x7f0000000080)={0x36, 0x208, 0xfffffff3})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="60000000100001046aee00000300001819000000", @ANYRES32=0x0, @ANYBLOB="fab0817dbcedf71a2c001280110001006272696467655f736c617665000000001400058005000800000000000500090000000000140003006272696467655f736c6176655f300000"], 0x60}, 0x1, 0x0, 0x0, 0x20044010}, 0x4040)
r7 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x3000006, 0x4000010, r1, 0xffffe000)
r8 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x3c, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_CQM={0x20, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6f}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x200054}, @NL80211_ATTR_CQM_RSSI_THOLD={0x4}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xe2}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000740)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000280)={0xc8, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x4, 0x6}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1d}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1ff}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x20}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x4000000}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xb30}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3a7}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xe9e}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfffffffd}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x6}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x80}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}], @NL80211_ATTR_DURATION={0x8, 0x57, 0xc9f}]}, 0xc8}, 0x1, 0x0, 0x0, 0x44081}, 0x4000)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x9, 0x3, 0x2e4, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x21c, 0xffffffff, 0xffffffff, 0x21c, 0xffffffff, 0x3, &(0x7f00000000c0), {[{{@ipv6={@mcast1, @mcast1, [0x7f0000ff, 0xffffffff, 0xffffffff, 0xff000000], [0xff, 0xffffff00, 0x0, 0xff000000], 'veth1_virt_wifi\x00', 'team0\x00', {}, {0xff}, 0x87, 0x6, 0x2, 0x14}, 0x0, 0xc8, 0x110, 0x0, {}, [@common=@ipv6header={{0x24}, {0x9, 0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x22}, 'batadv0\x00', {0x4}}}}, {{@uncond, 0x0, 0xec, 0x10c, 0x0, {}, [@common=@dst={{0x48}, {0x3, 0x7, 0x0, [0x9, 0xfcc, 0x3, 0x8, 0x2d3d, 0xffff, 0xf7d2, 0x4, 0x3, 0x4, 0x2f, 0x8c9, 0xa37, 0x9, 0x2, 0x9e41], 0x2}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x340)
close_range(r2, 0xffffffffffffffff, 0x0)

3.195914956s ago: executing program 3 (id=6720):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0xfffff, r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000000)={0x80, 0x5, 0x10009})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000)
copy_file_range(0xffffffffffffffff, 0x0, r3, 0x0, 0x5, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x32cc0000)
getsockopt$sock_int(r2, 0x1, 0x29, 0x0, &(0x7f00000001c0))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={&(0x7f0000000040), 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x68, 0x2, 0x6, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x1}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x8}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x7}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x9}, @IPSET_ATTR_NETMASK={0x5}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x44880}, 0x24040800)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)={0xc0, 0x1, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [@CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x8}, @CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x101}, @CTA_NAT_DST={0xc, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @multicast2}]}, @CTA_TUPLE_ORIG={0x34, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x11}}, {0x8, 0x2, @rand_addr=0x64010101}}}]}, @CTA_NAT_DST={0x20, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @broadcast}, @CTA_NAT_V6_MINIP={0x14, 0x4, @mcast2}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x2}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x2400}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0xfffd}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xd66}]}, @CTA_PROTOINFO={0x18, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x14, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0x7}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0x83}]}}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40001}, 0x400d4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000f01600800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000ac0201802800028008000340000000000900020073797a3100000000080003400000000008000180000000003800028008000340000000000800018000000000080003400000000008000340000000000900020073797a300000000008000340000000002c00028008000340000000000900020073797a31000000000900020073797a32000000000800034000000000d0000100b408b1e286b5c8f7a7321d1f80c982b3c96b4dac7dead86aceee30544dfdb289f2cae899fc3fe86ee3f122505d76d6b5878270ecb40c37908d60b9ed31d97a3e0ee856f3cf3c2fdfee967991f8d1ef7fdce37b30f8842735e543ac808675a64f66eb37009373328ddf992e92b3a5765bd5f765d73c578babbb08efd7b59dab641a88f3099e34bb7fbc04cb298bb0df6eb0dc4ca79864758aff38b7192698c89435c5699f4a9222ad4a2c68c9356b741f04ef667f7a169b8976632c7cb98f18ba558bc302c7b73401c42a76160c0002800800034000000000440002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a320000000008000180000000000900020073797a3200000000fc"], 0x17d4}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b00000000000000000000000800000000000000", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="020000000100000001000500"/28], 0x50)
sendmmsg$unix(r5, &(0x7f0000000a00)=[{{&(0x7f0000000580)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000600)="7506affcd00298d16844b33cfa9a9936073be52a91e32242f806ff3e047c699529715d9642075558f370d04c4cdac4349413997ce8003f69cabd27296f1f2e64f75c0dd34fb7f6f88fabeeae87d1bd35dfa82e82ae6b77a7bde15b319ef609113338059668a56361fa331c7892ee946efc8ffe6349628d27c401e84a4776e4301c7b672f706513b23dda7e38141527ef970835ffc8d2e9bb5e82759502a052e3", 0xa0}, {&(0x7f00000006c0)="b7aade2e4df1d7c2cb28e337ac08784eb37c3505bb5495ff19bb2d20ba75e83971cc68e05ff754f5e58043362fdc14fc86b0e0ba8002329a211900a6475b8ba972986f083d47415bc3b61a3d816fa0f4813d6b3cdcf6b07cc3f6d2b120043df24c461e0ee9b42549af3c330c365c4f6a6863e49147c1ead4f680bb5704919ca2ec58bb5164ab", 0x86}, {&(0x7f0000000780)="08e599dbe7bfda9253ee07ff6a", 0xd}, {&(0x7f00000007c0)="eb1ffcc88ff19dbd21a093f94d650e50", 0x10}], 0x4, &(0x7f0000000900)=[@rights={{0x30, 0x1, 0x1, [r4, r0, r0, r2, r2, r6, r4, r2, r7]}}], 0x30, 0x890}}, {{&(0x7f0000000940)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000009c0), 0x0, 0x0, 0x0, 0x20000001}}], 0x2, 0x8084)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="4801000042000100fffffffffddbdf250200000004003880100001800c00c8000200000000000000200104801c01"], 0x148}, 0x1, 0x0, 0x0, 0x8800}, 0x4040)
syz_usb_connect(0x0, 0x5d, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000551b8920b822276080c20102030109024b0001000000000904000000020a000005"], 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWSETELEM={0x44, 0x1e, 0xa, 0x205, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xfffffffffffffe93, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc8}}, 0x0)

3.043880344s ago: executing program 1 (id=6721):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x20, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {0xfd}, {}, @connect}], 0xa8)
write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xc4)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xc4)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @tick=0x8}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}], 0x54)
write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4)
write$sndseq(r1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
write$sndseq(r1, &(0x7f0000000740)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}], 0x8c)
write$sndseq(r1, &(0x7f0000000b00)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"b5f8fbe8c20c855083221c33"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xc4)
write$sndseq(r1, &(0x7f00000004c0)=[{0x81, 0x80, 0x2, 0x4, @time={0x8, 0x5}, {0x3, 0x31}, {0xff, 0x7f}, @queue={0x80, {0x8, 0x4}}}, {0x8, 0x2, 0x8f, 0x6, @time={0x3, 0x1cddab93}, {0x0, 0x6e}, {0xf2, 0x30}, @addr={0x9, 0x1}}, {0x8, 0x7, 0x0, 0xe3, @time={0x200, 0x9}, {0x8}, {0x6, 0x1}, @raw8={"7aa27555b79e43403e7fa600"}}, {0x0, 0x7, 0x3, 0x6, @time={0x0, 0x7}, {0x8, 0xfd}, {0x93, 0x80}, @queue={0x14, {0x10, 0x80}}}, {0x6, 0x8, 0x3, 0x40, @tick=0xf6, {0x2, 0x8}, {0x3}, @ext={0x0, 0x0}}, {0xba, 0x6, 0x54, 0x7, @time={0xe5b, 0x10001}, {0x80, 0x8}, {0x2, 0x7f}, @control={0x5, 0x40, 0x5}}, {0x3, 0xc, 0x4, 0x6, @time={0x6, 0x1}, {0x10, 0x4}, {0x8, 0xa}, @raw8={"80408bcf99ee1216e4e59519"}}, {0xd2, 0x5, 0xd9, 0x0, @time={0x8, 0x4}, {0x54, 0x6}, {0x8, 0x8}, @result={0x5, 0x6}}, {0xcf, 0x1, 0xff, 0x5, @tick=0x9, {0x4, 0xb3}, {0x80, 0xd}, @control={0x66, 0x800, 0x3}}], 0xfc)
write$sndseq(r1, &(0x7f0000000400)=[{0x8, 0x53, 0x7, 0x65, @time={0x4, 0x8}, {0x7, 0x1}, {0x6, 0x5}, @raw8={"424a46f27d2a45434e135bda"}}, {0x7, 0x2, 0x64, 0x8, @tick=0x5, {0xc5, 0xf9}, {0x9, 0x16}, @addr={0x7, 0x40}}, {0x88, 0xfd, 0x7a, 0xd, @tick=0x1158, {0x9, 0x6}, {0x4, 0x4}, @connect={{}, {0xf, 0x6}}}], 0x54)
write$sndseq(r1, &(0x7f0000000800)=[{0x0, 0x0, 0x0, 0x0, @time={0xb, 0x3}, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw8={"ce274516c7da5b6da0b16993"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"b134b141793d8609365bda4d"}}, {}], 0xfc)
write$sndseq(r1, &(0x7f0000000d00)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"49cbee45cad57a0372831665"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}], 0x8c)
write$sndseq(r1, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time={0x0, 0xfffffffc}, {}, {}, @control}], 0x38)

2.755010835s ago: executing program 0 (id=6722):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x2102, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f0000051000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000080)=0x2, 0x95, 0x102)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000300)={0xb, @sdr={0x34565559, 0x2}})
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000001280), 0x0)
poll(&(0x7f0000000100), 0x0, 0x8)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto(r5, &(0x7f0000000100)="51bf7336f6cdf0ca6c13c866d6bc7b55f2d501845841bb2c078a988b7eb38f11a326083cf884920013fbae4a3a5d9c8ea7ea86669fb6212da0b5c82136d9519daeb17c9f96ad78cccef50ab4eabcafbc1a18735359cd7329816984d180735476f901401079349dfbe2e614f51a07c00544d90a594972ba60e1b497f88dcdc1e45dd28c0678d803638e7bd70a8638136e52c5e932c4111d3c917fb22583198b00707e3a2e001260cbc206759c245451686164eff7", 0xb4, 0x20000000, &(0x7f0000000280)=@l2tp={0x2, 0x0, @broadcast, 0x2}, 0x80)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x1a000}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000180)={0x80000000, 0x0, 0x0, 0xb71}, 0x10)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@mpls_getroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfd, 0x2}}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0xc080)
close_range(r0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
epoll_create(0x7f)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

2.72202415s ago: executing program 1 (id=6723):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$sndctrl(&(0x7f00000012c0), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc2c45512, &(0x7f0000000a00)={{0x5, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]})
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

2.547055672s ago: executing program 1 (id=6724):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000001a80)={'#! ', './file1/../file0', [{0x20, '\xeb)\'-!'}, {}, {0x20, '-*.\x1f'}, {0x20, '!\\\\\'#'}, {}, {0x20, '%^\\\x93\xca\xe9[\x04\fu\xd3\x10.\xee\\Q$e\xa9=B\x19I\xd2Le\x14P\x86\xd3\xe5b\x93y\xdf\xfb\x17B7\a\x9c\xb5?\x0f\xc8\x9b\x9aol)\x87Z\xcc\xa5\xc2\xffb\xb8\x00\xbb\n\xcb\xb1\xdaa\x18\xacG\t\x8e\x00*\xf8R\xa9\x8e\xaaUw\xc0!\x1fa\xf5\xecf\x14B\xd4\xd4\r\x143Y=\xa6!\x94P\xdb\x81vr\x8c\xfd/6\x16\xd8&\x96\xb0o\xae'}, {0x20, '/dev/loop#\x00'}], 0xa, "521299a432289bea0aa53f5db534de379d0418026c1f265a707f7b5008ab99f2c9a997ad079ea398ccfc"}, 0xd0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendmsg$NL80211_CMD_SET_MPATH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
r2 = openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r2, 0xc0045103, &(0x7f0000000040))
unshare(0x400)
r4 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x3)
r6 = openat(r5, &(0x7f0000000080)='.\x00', 0x0, 0x44)
fchown(r6, 0x0, 0x0)
syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000}, &(0x7f0000ffe000), &(0x7f0000ffe000))
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f00000029c0)={0xa, {"a2e3ad214fc752f91b2809094bf70e0dd038e7ff7fc6e5539b3266078b089b3b083867090890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b34390d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
write$binfmt_script(r1, &(0x7f0000001c40)={'#! ', './file1/../file0', [{0x20, '\xce/d&6\xfa\x17o\x8e\xb1\xb3\xf7\xec\x1dev\x1e?kvm'}, {0x20, 'f\xce\x01\x00\xc7\xbb\xb5\xb7\x01\xfb\x03\x92\xa7,x\x9f\xfc4(\xa4\x7f@\xdc\x0f\xbe\x0fs\xea6\xe4\xbf\\\x12\x19pnm;\xcfM\x00\x00\x00\x00\x7f|7\xf7\x10\x93\x85\x18S\xa0x\xc0\xcf>\xad\xf6c\x0f\x0f\x03\f\x15\x1c\xb3ei\\'}], 0xa, "0002784148b29e7bcaf3e29c2593b929f38d08de9a57967d49c269445df5a02a484a4fff1f05bbd60b043247a4e72e4f0bedb7c930aa4ab1e46695c1fb6ce947a12539fd90c30a1de6c9c3f7d33fc18866cb172e469352b6ba03830dbcf172d1f7cf467bf6bea0cf4c0aa3cc8e"}, 0xdf)
write$UHID_INPUT(r1, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf063a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b124e4ebe0d9883ef100f1934e42794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746733d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c1169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a63941564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9fe9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc5492b4e1083a2e3d77215a34abef947b5b9a950e780662de18873e55899c92db3ad3d437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb0466c237376ca2944ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c7c636b3a2b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e4", 0x1000}}, 0x1006)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x2f}, @NFTA_SET_DATA_TYPE={0x8}]}, @NFT_MSG_NEWSETELEM={0x44, 0xc, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x8, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x17, 0x1c, "fee8a2ab78fc5e36d1392583e42000001ea89de2b7fb0000e60080b8785d960001000000000000000000000000000000000000000090ac712500", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "9001001c551265406c7f306003d8a0f4bd0000000300"}})
shmget$private(0x0, 0x3000, 0x80, &(0x7f0000bda000/0x3000)=nil)

1.922635438s ago: executing program 1 (id=6725):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x1, @dev}, 0x10)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f00000000c0)={'nat\x00', 0x0, 0x0, 0x0, [0x1, 0xfffffff9, 0x9, 0x6, 0x8, 0x65b], 0x2, &(0x7f0000000040)=[{}, {}, {}, {}, {}], 0x0, [{}, {}]}, 0x70)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_mreqsrc(r0, 0x0, 0x25, 0x0, 0x0)

1.583044861s ago: executing program 4 (id=6726):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
personality(0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "a24b9f", 0x18, 0x2b, 0x0, @remote, @local, {[], {0x4e22, 0x0, 0x18, 0x0, @wg=@data}}}}}}, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0x224}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000005c0)={0x2020, 0x0, <r6=>0x0, <r7=>0x0, 0x0, <r8=>0x0}, 0x2020)
sched_setattr(r8, &(0x7f0000000140)={0x38, 0x6, 0x3c, 0xe, 0x2, 0x2, 0x3fc0000000000, 0x40, 0x9, 0x8}, 0x0)
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000005400e5012abd7000ffffffff07000000", @ANYBLOB="20000100", @ANYRES32=0x0, @ANYBLOB="01030300ffffffff00000000000000000000000000004a510000"], 0x38}}, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x122)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000003c0)=ANY=[@ANYRESDEC=r6, @ANYBLOB="dbec2e2b66db6b94e52bb38a0da9823425f245dd8cb676e54d87f36ad41f3de3c2ceb03f26f7042872bf55d41b9a03c94dd2537231d7971f49daea4d074f5429ecc5be382177b0ec2a9094fe5857cc884607c0792614183057b8b2888eba78785860a106cbc42e3fbca86c5ff9ced5c0fe71cea2215248e516ecfb39d4a5966eb74a215d68fdb2e3fd9736a3957eccd5252d797a254daccc4c9691ee07ddc1b8ce47da21868945ca25751d84ae7559b7e2631d9a1c16091131218fa88ac51fd2c8eb210c9238ac2a0f21d0417bfe8dcdf2666584178f6784a8", @ANYRESDEC=r9, @ANYRES8, @ANYRESDEC=r2, @ANYRESOCT=r7], &(0x7f00000002c0)=""/203, 0xcb)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r10 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$apparmor_current(r10, &(0x7f0000000180)=ANY=[@ANYBLOB='permprofile && \r', @ANYRES64], 0xff)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001e0001000000000000000000020000000100000700000000080001000000000008000f"], 0x2c}, 0x1, 0x0, 0x0, 0x4008012}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r11, @ANYRES32], 0x38}, 0x1, 0x0, 0x0, 0x40440d5}, 0x48000)

697.161132ms ago: executing program 0 (id=6727):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x5761, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000000340)={0x385d, 0x1, "41c0537f19690cd7945060f524cdb875af5413d65b5f6f342a71406b0f796cc1191e1ecd916f54350f5cbfd5896a119fd1d5137dcdbb6a497f35099c1dd374e82b44205929de6f5a3d34c6a4de4d7fc1ed8475df44d91b190113bb920c0bf5c89c13e219ab37ae309b0100dc743f0f72109379dedc37a8bfa1b3c9c71bf823d8a5b7cca690b1d8e57080dfc1add8e83dbe05186101ff8ff3be2931f2b34c53942890c18707702679f77ed8a45f24646f47cfd378c215093d708a8c53f656993df90974147953df95bf23c9cb2caa4a5e30f10a0fffc410151f15fbcffb19002c635a7539de507c89478209e870201702c9e56ef23457a96269196f5cdd404b76"})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = fsopen(&(0x7f0000000140)='f2fs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140024001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574"], 0xd8}}, 0x80)
r2 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000380)={'syztnl2\x00', <r3=>0x0, 0x2100, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x60, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000240)={'syztnl1\x00', r3, 0x20, 0x40, 0x1001000, 0x7d, {{0xa, 0x4, 0x2, 0x6, 0x28, 0x68, 0x0, 0xf9, 0x2f, 0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0xfe, 0x0}, {[@rr={0x7, 0x13, 0xee, [@rand_addr=0x64010102, @remote, @broadcast, @private=0xa010101]}]}}}}})
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
gettid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0001}]})
alarm(0x4)
r4 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r4, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001540)={0x50, 0x12, 0x501, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x4, 0x2}]}, 0x50}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2241, 0x1b86, 0x1, &(0x7f00000001c0)={[0x80]}, 0x8)

533.468392ms ago: executing program 1 (id=6728):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2)
syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$tipc(0x1e, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
socketpair$unix(0x1, 0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}})
write$sndseq(r2, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x95ffffff]}}], 0xffc8)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r4, 0x84, 0x82, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0x1, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb6b, 0xc1, 0x4, 0x6, 0xffffffff, 0x5, 0xfffffff8, 0x1000, 0x9, 0x5, 0x6, 0x80000001, 0xfffffffa, 0x0, 0xfffffffe, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0x0, 0xe, 0x2, 0x100, 0x6, 0x1c00, 0x1000b, 0x40, 0xbed4, 0x8, 0x8000100, 0x6, 0x0, 0x11000, 0x88, 0x5, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0x9, 0x81, 0x2, 0xffffffff, 0x4007, 0x48a, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x9, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x3, 0x1, 0x3, 0x7, 0x7ffffff7, 0x2, 0xffffffff, 0x6, 0x6, 0x9, 0x10e7, 0xfdffffff, 0x40000002, 0xfffffffe, 0x84, 0x100, 0x5, 0xffff, 0x81, 0xb, 0x5, 0x20006, 0x9, 0x2, 0xb, 0x2, 0xd9a, 0xd, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x0, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x0, 0xc5c, 0xfffffffc]}})
syz_io_uring_setup(0x102f90, &(0x7f0000000480)={0x0, 0x541e, 0x4, 0x3, 0x32a}, 0x0, 0x0)
exit(0x5c)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0000000680002002dbd7000fedbdf2502000000190000003c000c80080002000900000006000100e200000008000300c1cf000006000100050000000800020000800000060001000002000008000300c98900000600030000000000040004004c000c80080003000e0000000800030000000000060001009a06000008000200ff0f00000800030000000000080002000900000008000300030000000800020022130000080002000000000014000880100008800c0002b07eef9e4132fa5920fd2b71baab800800010000000000"], 0xc0}}, 0x0)

339.018621ms ago: executing program 0 (id=6729):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)=<r2=>0x0)
setpriority(0x2, r2, 0x8)
statx(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x7ff, &(0x7f0000000340))
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4900, 0x8, &(0x7f0000000440))
sendmmsg$unix(r1, &(0x7f0000000640), 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xb)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00'})
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x3)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x2, 0x8, 0x4002, 0x3}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_flowlabel\x00')
pread64(r5, &(0x7f0000001600)=""/4103, 0x1007, 0x97)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SETINTERFACE(r6, 0x80085504, &(0x7f0000000000)={0x2, 0x80000001})
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="d00000003d0001002abd7000040000000100000004004480100001800c00108006000a003a00000039e4d7f306eebc183c20ff9296ec37dc48782373028c31c8c3f204b7a50f43e83d8031af3bf1bad035717fb29ff7ed6e8b2bd8a289794a2a181807e1d37ed7ce5c19f569bb454c4d0d620a286e9c69d8b3e1c0348e81a735ae6c6a6217a22e200b36757ce3ff400debf582388d837b96b61a7eefba6100f6b2b4d92496decf484f04b4337879540192016613c951f8aa1999aab57955a43c081dbdbd00"/208], 0xd0}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)

0s ago: executing program 2 (id=6730):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000001400010029bd7000fbdbdf252c040d00010019bfc961fa1d07c07e00000000003e9d61d444f0069db9c0640dd5118ca22071705087f76dce83cdd8f44d5e99bf934ec33cc0c381a0c05b2f6052e5dee6869937cc2d2f228471ff17d5f682c8a4d97554a30309e96362dfac"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x40014)
r1 = fsopen(&(0x7f0000000140)='f2fs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v2\xeaul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0xffff, 0x8}, {0x2}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x4, 0x9, 0x2}}]}}]}, 0x44}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008"], 0x4c}}, 0x40000)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0xfc)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @local, 0x0, 0x4, 0x5d, 0xfffffffffffffff2, 0x0, 0xffffff70})
r5 = syz_open_dev$amidi(&(0x7f0000000040), 0x2, 0x40)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r2, 0x111, 0x4, 0x0, 0x4)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r5, 0xc0385720, &(0x7f0000000100)={0x1})

kernel console output (not intermixed with test programs):

my_hcd
[ 1891.528470][T13516] usb 2-1: device descriptor read/8, error -71
[ 1891.640853][T13516] usb usb2-port1: unable to enumerate USB device
[ 1892.452384][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1892.515813][T25756] team0 (unregistering): Port device team_slave_1 removed
[ 1892.621968][T25756] team0 (unregistering): Port device team_slave_0 removed
[ 1892.689112][T20700] Bluetooth: hci4: command tx timeout
[ 1892.908507][ T5850] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 1893.071590][ T5850] usb 2-1: Using ep0 maxpacket: 32
[ 1893.100163][ T5850] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1893.110680][ T5850] usb 2-1: config 0 has no interface number 0
[ 1893.126528][ T5850] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1893.152745][ T5850] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1893.179283][ T5850] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1893.187399][ T5850] usb 2-1: Product: syz
[ 1893.192457][ T5850] usb 2-1: Manufacturer: syz
[ 1893.198526][ T5850] usb 2-1: SerialNumber: syz
[ 1893.215418][ T5850] usb 2-1: config 0 descriptor??
[ 1893.225739][ T5850] smsc75xx v1.0.0
[ 1893.275439][T29991] chnl_net:caif_netlink_parms(): no params data found
[ 1893.504945][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1893.755423][T29991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1893.780698][T29991] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1893.789931][T30081] usb usb8: usbfs: process 30081 (syz.4.6458) did not claim interface 2 before use
[ 1893.800283][T27337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1893.810749][T29991] bridge_slave_0: entered allmulticast mode
[ 1893.834850][T29991] bridge_slave_0: entered promiscuous mode
[ 1893.865652][T29991] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1893.874989][T29991] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1893.885945][T29991] bridge_slave_1: entered allmulticast mode
[ 1893.888493][ T5942] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[ 1893.905507][T29991] bridge_slave_1: entered promiscuous mode
[ 1893.981965][T29991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1893.996282][T29991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1894.045096][ T5850] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1894.058240][ T5942] usb 4-1: Using ep0 maxpacket: 32
[ 1894.066062][ T5942] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1894.072150][ T5850] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1894.092534][ T5942] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1894.112932][ T5942] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1894.133197][ T5942] usb 4-1: Product: syz
[ 1894.144620][ T5942] usb 4-1: Manufacturer: syz
[ 1894.154930][T29991] team0: Port device team_slave_0 added
[ 1894.158582][ T5942] usb 4-1: SerialNumber: syz
[ 1894.173587][T29991] team0: Port device team_slave_1 added
[ 1894.182227][ T5942] usb 4-1: config 0 descriptor??
[ 1894.191770][T30072] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1894.303845][T29991] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1894.312220][T29991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1894.340769][ T5850] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[ 1894.352742][ T5850] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[ 1894.363980][T29991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1894.375960][ T5850] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1894.387132][ T5850] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[ 1894.399964][T29991] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1894.410895][T29991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1894.441010][ T5850] usb 2-1: USB disconnect, device number 70
[ 1894.450862][T29991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1894.511537][ T5942] usb 4-1: USB disconnect, device number 126
[ 1894.572928][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1894.635898][T29991] hsr_slave_0: entered promiscuous mode
[ 1894.646421][T29991] hsr_slave_1: entered promiscuous mode
[ 1894.759255][T20700] Bluetooth: hci4: command tx timeout
[ 1894.838562][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1894.919504][ T5942] usb 5-1: new high-speed USB device number 111 using dummy_hcd
[ 1895.135783][ T5942] usb 5-1: Using ep0 maxpacket: 32
[ 1895.143511][ T5942] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1895.154925][ T5942] usb 5-1: config 241 has an invalid interface number: 213 but max is 0
[ 1895.174843][ T5942] usb 5-1: config 241 has an invalid descriptor of length 0, skipping remainder of the config
[ 1895.203699][ T5942] usb 5-1: config 241 has no interface number 0
[ 1895.218791][ T5942] usb 5-1: config 241 interface 213 altsetting 163 endpoint 0xA has an invalid bInterval 0, changing to 7
[ 1895.342890][ T5942] usb 5-1: config 241 interface 213 has no altsetting 0
[ 1895.360161][ T5942] usb 5-1: New USB device found, idVendor=0408, idProduct=3090, bcdDevice=15.61
[ 1895.369658][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1895.378215][ T5942] usb 5-1: Product: syz
[ 1895.382571][ T5942] usb 5-1: Manufacturer: syz
[ 1895.387359][ T5942] usb 5-1: SerialNumber: syz
[ 1895.606590][T29991] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1895.642757][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1895.658580][T29991] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1895.680539][ T5850] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 1895.681947][T29991] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1895.748427][T29991] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1895.888672][ T5850] usb 2-1: Using ep0 maxpacket: 8
[ 1895.919041][ T5850] usb 2-1: config 0 has no interfaces?
[ 1895.929794][ T5850] usb 2-1: config 0 has no interfaces?
[ 1895.949363][ T5850] usb 2-1: config 0 has no interfaces?
[ 1895.959146][ T5850] usb 2-1: config 0 has no interfaces?
[ 1895.964683][ T5850] usb 2-1: New USB device found, idVendor=046d, idProduct=08b3, bcdDevice=6d.2a
[ 1895.982283][ T5850] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1896.025856][ T5850] usb 2-1: config 0 descriptor??
[ 1896.234476][ T5942] uvcvideo 5-1:241.213: Found UVC 0.00 device syz (0408:3090)
[ 1896.256935][ T5942] uvcvideo 5-1:241.213: No valid video chain found.
[ 1896.264976][T29991] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1896.335550][ T5942] usb 5-1: USB disconnect, device number 111
[ 1896.427022][T29991] 8021q: adding VLAN 0 to HW filter on device team0
[ 1896.487370][ T3473] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1896.494649][ T3473] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1896.545062][ T3473] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1896.552452][ T3473] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1896.635086][T29991] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1896.645781][T29991] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1896.685312][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1896.695448][T30131] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6465'.
[ 1896.924798][T30134] bond1: option mode: unable to set because the bond device has slaves
[ 1896.939289][T30134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6463'.
[ 1896.948956][T30134] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6463'.
[ 1896.959669][ T5850] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1897.087067][T30134] bond1: (slave bond0): Releasing active interface
[ 1897.127052][T30137] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1897.795745][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1897.928995][T29991] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1898.200320][T29991] veth0_vlan: entered promiscuous mode
[ 1898.264435][T29991] veth1_vlan: entered promiscuous mode
[ 1898.433796][T29991] veth0_macvtap: entered promiscuous mode
[ 1898.485478][ T5942] usb 2-1: USB disconnect, device number 71
[ 1898.486724][T29991] veth1_macvtap: entered promiscuous mode
[ 1898.596013][T29991] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1898.646041][T29991] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1898.719067][T25513] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1898.758955][T25513] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1898.786223][T25513] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1898.816843][T25513] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1898.855109][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1898.884799][T30158] usb usb8: usbfs: process 30158 (syz.4.6469) did not claim interface 2 before use
[ 1899.105681][ T1327] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1899.121602][ T1327] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1899.182146][ T3473] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1899.195288][ T3473] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1899.304743][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1899.304762][   T30] audit: type=1326 audit(1768847062.681:10479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30162 comm="syz.3.6470" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707d539 code=0x0
[ 1899.863780][T30190] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6471'.
[ 1899.889393][ T5942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1899.950883][T30190] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6471'.
[ 1900.040740][T27337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1900.131462][T30187] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1900.153419][ T5850] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 1900.390703][ T5850] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1900.408683][ T5850] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1900.452104][T30201] kvm: user requested TSC rate below hardware speed
[ 1900.464204][ T5850] usb 2-1: config 0 descriptor??
[ 1900.610300][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1900.630516][ T6190] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1900.951943][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1901.326084][T30221] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6478'.
[ 1901.351665][   T30] audit: type=1326 audit(1768847064.701:10480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1901.488185][   T30] audit: type=1326 audit(1768847064.701:10481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1901.528888][T30214] netlink: 'syz.3.6475': attribute type 1 has an invalid length.
[ 1901.689893][T30214] netlink: 280 bytes leftover after parsing attributes in process `syz.3.6475'.
[ 1901.743483][   T30] audit: type=1326 audit(1768847064.701:10482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1901.881594][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1901.962056][ T6190] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1901.968033][   T30] audit: type=1326 audit(1768847064.701:10483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1901.999861][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1902.170852][   T30] audit: type=1326 audit(1768847064.701:10484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1902.292764][   T30] audit: type=1326 audit(1768847064.701:10485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1902.412231][   T30] audit: type=1326 audit(1768847064.701:10486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1902.617950][   T30] audit: type=1326 audit(1768847064.701:10487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1902.754830][   T30] audit: type=1326 audit(1768847064.701:10488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30217 comm="syz.0.6478" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fa7539 code=0x7ffc0000
[ 1903.129252][T18821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1903.139417][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1904.218490][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1904.439424][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1904.575947][T27337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1904.615205][T30257] FAULT_INJECTION: forcing a failure.
[ 1904.615205][T30257] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1904.695102][T30257] CPU: 1 UID: 0 PID: 30257 Comm: syz.3.6483 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1904.695136][T30257] Tainted: [L]=SOFTLOCKUP
[ 1904.695144][T30257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1904.695157][T30257] Call Trace:
[ 1904.695166][T30257]  <TASK>
[ 1904.695175][T30257]  dump_stack_lvl+0xe8/0x150
[ 1904.695206][T30257]  should_fail_ex+0x414/0x560
[ 1904.695244][T30257]  _copy_from_user+0x2d/0xb0
[ 1904.695272][T30257]  move_addr_to_kernel+0x7e/0x160
[ 1904.695305][T30257]  get_compat_msghdr+0x3bd/0x4a0
[ 1904.695338][T30257]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1904.695368][T30257]  ? kstrtouint+0x6e/0xe0
[ 1904.695394][T30257]  ___sys_sendmsg+0x193/0x2a0
[ 1904.695423][T30257]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1904.695448][T30257]  ? get_pid_task+0x20/0x1f0
[ 1904.695470][T30257]  ? get_pid_task+0x20/0x1f0
[ 1904.695489][T30257]  ? get_pid_task+0x20/0x1f0
[ 1904.695541][T30257]  ? __fget_files+0x2a/0x420
[ 1904.695576][T30257]  ? __fget_files+0x3a0/0x420
[ 1904.695611][T30257]  __sys_sendmsg+0x164/0x220
[ 1904.695639][T30257]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1904.695674][T30257]  ? __pfx_ksys_write+0x10/0x10
[ 1904.695705][T30257]  __do_fast_syscall_32+0x1dc/0x570
[ 1904.695730][T30257]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1904.695751][T30257]  ? do_fast_syscall_32+0x34/0x80
[ 1904.695775][T30257]  ? irqentry_exit+0x10f/0x670
[ 1904.695800][T30257]  do_fast_syscall_32+0x34/0x80
[ 1904.695826][T30257]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1904.695851][T30257] RIP: 0023:0xf707d539
[ 1904.695869][T30257] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1904.695888][T30257] RSP: 002b:00000000f546d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1904.695908][T30257] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 1904.695922][T30257] RDX: 0000000000004080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1904.695934][T30257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1904.695947][T30257] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1904.695959][T30257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1904.695986][T30257]  </TASK>
[ 1904.991743][   T30] kauditd_printk_skb: 36 callbacks suppressed
[ 1904.991760][   T30] audit: type=1326 audit(1768847068.371:10525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30258 comm="syz.4.6484" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1905.141371][   T30] audit: type=1326 audit(1768847068.411:10526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30258 comm="syz.4.6484" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1905.199688][   T30] audit: type=1326 audit(1768847068.581:10527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30258 comm="syz.4.6484" exe="/root/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1905.263659][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1905.469576][T30269] io-wq is not configured for unbound workers
[ 1905.520145][ T5850] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1905.555398][ T5850] [drm:udl_init] *ERROR* Selecting channel failed
[ 1905.615515][ T5850] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[ 1905.672289][ T5850] [drm] Initialized udl on minor 2
[ 1905.695309][ T5850] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1905.708928][ T6073] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 1905.739602][ T5850] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1905.757388][T18821] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1905.776945][T18821] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1905.784816][ T5850] usb 2-1: USB disconnect, device number 72
[ 1905.879209][ T6073] usb 4-1: Using ep0 maxpacket: 8
[ 1905.886911][ T6073] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1905.911731][ T6073] usb 4-1: config 179 has no interface number 0
[ 1905.945496][ T6073] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[ 1905.968608][ T6073] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[ 1905.981228][ T6073] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[ 1906.008403][ T6073] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[ 1906.028791][ T6073] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1906.044785][ T6073] usb 4-1: config 179 interface 65 has no altsetting 0
[ 1906.063190][ T6073] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1906.075486][ T6073] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1906.086436][   T30] audit: type=1326 audit(1768847069.461:10528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30258 comm="syz.4.6484" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1906.142492][ T6073] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input114
[ 1906.162897][   T30] audit: type=1326 audit(1768847069.461:10529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30258 comm="syz.4.6484" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1906.289286][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1906.324693][T30283] bond1: option mode: unable to set because the bond device is up
[ 1906.369502][T28359] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1906.396777][T30288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1906.406309][T30288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1906.429333][   T30] audit: type=1326 audit(1768847069.811:10530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30258 comm="syz.4.6484" exe="/root/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1906.595089][ T5185] input input114: unable to receive magic message: -110
[ 1906.643141][ T5185] input input114: unable to receive magic message: -32
[ 1907.020432][ T5185] input input114: unable to receive magic message: -32
[ 1907.056157][ T5185] input input114: unable to receive magic message: -32
[ 1907.140056][ T5185] input input114: unable to receive magic message: -32
[ 1907.229654][ T5185] input input114: unable to receive magic message: -32
[ 1907.325697][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1907.523854][T30302] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6492'.
[ 1907.538738][T30302] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6492'.
[ 1907.639391][T18821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1907.647636][T18821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1908.364955][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1908.612494][T18821] usb 4-1: USB disconnect, device number 127
[ 1908.619056][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1909.408934][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1910.238212][T30310] netlink: 200 bytes leftover after parsing attributes in process `syz.4.6494'.
[ 1910.251070][T30310] netlink: 200 bytes leftover after parsing attributes in process `syz.4.6494'.
[ 1910.273979][T30310] netlink: 'syz.4.6494': attribute type 10 has an invalid length.
[ 1910.333271][T30310] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1910.340939][T30310] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1910.355877][T30310] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1910.363144][T30310] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1910.370710][T30310] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1910.377939][T30310] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1910.391430][T30310] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1910.624663][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1910.754854][T18821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1910.785998][T30318] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1911.088094][   T44] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[ 1911.274950][T30332] usb usb8: usbfs: process 30332 (syz.1.6502) did not claim interface 2 before use
[ 1911.288314][   T44] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1911.542927][   T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1911.564366][   T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1911.580296][T30333] bond2: option mode: unable to set because the bond device has slaves
[ 1911.605851][ T3438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1911.657338][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1911.751121][   T44] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1911.792268][   T44] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1911.814994][   T44] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1911.835367][   T44] usb 3-1: Manufacturer: syz
[ 1911.852965][   T44] usb 3-1: config 0 descriptor??
[ 1911.998124][T18815] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[ 1912.358567][T18815] usb 5-1: Using ep0 maxpacket: 32
[ 1912.381800][T18815] usb 5-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[ 1912.491727][T18815] usb 5-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[ 1912.507904][T18815] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1912.539322][T18815] usb 5-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[ 1912.630514][T18815] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[ 1912.681904][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1912.698297][T18815] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1912.717093][T30339] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6504'.
[ 1912.752694][T18815] usb 5-1: Product: syz
[ 1912.756959][T18815] usb 5-1: Manufacturer: syz
[ 1912.768026][   T44] rc_core: IR keymap rc-hauppauge not found
[ 1912.773970][   T44] Registered IR keymap rc-empty
[ 1912.797971][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1912.805301][T18815] usb 5-1: SerialNumber: syz
[ 1912.857927][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1912.869856][    C1] imon 5-1:155.0: imon usb_rx_callback_intf0: status(-71)
[ 1912.880801][T18815] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:155.0/input/input116
[ 1912.921052][   T44] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1912.959852][   T44] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input115
[ 1913.012344][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.050107][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.076375][T30335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1913.109675][T30335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1913.119004][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.148512][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.189460][T18815] imon 5-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[ 1913.198070][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.205583][T18815]  (id 0x00)
[ 1913.217957][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.238124][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.309723][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.328641][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.349111][T18815] rc_core: IR keymap rc-imon-pad not found
[ 1913.355017][T18815] Registered IR keymap rc-empty
[ 1913.368176][   T44] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1913.383078][T30350] macvlan0: Caught tx_queue_len zero misconfig
[ 1913.392315][T18815] imon 5-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[ 1913.406840][T22141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1913.454731][T18815] imon 5-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[ 1913.488961][T18815] rc rc1: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:155.0/rc/rc1
[ 1913.504064][   T44] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1913.514677][T18815] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:155.0/rc/rc1/input117
[ 1913.530029][   T44] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1913.562962][T18815] imon 5-1:155.0: iMON device (15c2:ffdc, intf0) on usb<5:112> initialized
[ 1913.593317][   T44] usb 3-1: USB disconnect, device number 12
[ 1913.675485][T18815] usb 5-1: USB disconnect, device number 112
[ 1913.792977][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1913.804261][ T5850] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1914.000970][T30357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6508'.
[ 1914.797862][   T44] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1914.879105][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1915.135564][T30366] usb usb7: usbfs: process 30366 (syz.4.6511) did not claim interface 0 before use
[ 1915.420560][   T44] usb 3-1: Using ep0 maxpacket: 8
[ 1916.016630][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1916.027597][   T44] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[ 1916.046673][   T44] usb 3-1: config 0 has no interface number 0
[ 1916.093311][   T44] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1916.131429][   T44] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1916.169373][   T44] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1916.198696][   T44] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1916.237933][   T44] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1916.260946][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1916.288876][   T44] usb 3-1: config 0 descriptor??
[ 1916.311329][   T44] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1916.598805][T30372] syzkaller0: create flow: hash 2359445706 index 1
[ 1916.685193][   T36] syzkaller0: tun_net_xmit 76
[ 1916.695832][   T36] syzkaller0: tun_net_xmit 48
[ 1916.713926][ T5850] syzkaller0: tun_net_xmit 76
[ 1916.820184][T30384] usb usb8: usbfs: process 30384 (syz.1.6515) did not claim interface 2 before use
[ 1916.839302][T27337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1916.921099][   T44] usb 3-1: USB disconnect, device number 13
[ 1916.930945][   T44] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[ 1917.059823][T30392] bond1: option mode: unable to set because the bond device has slaves
[ 1917.084103][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1917.170798][T30395] bond0: Device is already in use.
[ 1917.182633][T30395] tipc: Started in network mode
[ 1917.187594][T30395] tipc: Node identity ac14142f, cluster identity 4711
[ 1917.196020][T30395] tipc: New replicast peer: 0.0.0.0
[ 1917.202094][T30395] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1917.217263][T30395] fuse: Bad value for 'fd'
[ 1917.240789][ T1327] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1917.278660][T18821] syzkaller0: tun_net_xmit 76
[ 1917.298755][T18821] syzkaller0: tun_net_xmit 76
[ 1917.378956][ T5850] usb 5-1: new full-speed USB device number 113 using dummy_hcd
[ 1917.397674][T30397] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1917.561736][ T5850] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1917.623927][ T5850] usb 5-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.00
[ 1917.706994][ T5850] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1917.728538][T30399] kvm: user requested TSC rate below hardware speed
[ 1917.775197][ T5850] usb 5-1: config 0 descriptor??
[ 1917.842796][ T5850] usbhid 5-1:0.0: can't add hid device: -22
[ 1917.875812][ T5850] usbhid 5-1:0.0: probe with driver usbhid failed with error -22
[ 1918.123183][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1918.449182][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1918.486750][T17346] tipc: Node number set to 2886997039
[ 1918.520663][T28478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1918.632445][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1918.665957][T17346] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 1918.771862][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1918.854762][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1918.865309][T17346] usb 2-1: Using ep0 maxpacket: 8
[ 1918.872656][T17346] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1918.885283][T17346] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1918.906743][T17346] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1918.926916][T17346] usb 2-1: config 0 descriptor??
[ 1918.954121][T17346] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1919.176595][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1919.332397][   T36] bridge_slave_1: left allmulticast mode
[ 1919.341152][   T36] bridge_slave_1: left promiscuous mode
[ 1919.347191][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1919.366695][   T36] bridge_slave_0: left allmulticast mode
[ 1919.375428][   T36] bridge_slave_0: left promiscuous mode
[ 1919.383377][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1919.442369][T15894] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1919.456383][T15894] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1919.466745][T15894] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1919.484945][T15894] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1919.493630][T15894] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1919.801988][T25756] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1919.814368][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1919.827372][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1919.964337][    C0] syzkaller0: delete flow: hash 2359445706 index 1
[ 1920.058219][T17346] gspca_vc032x: reg_w err -110
[ 1920.064065][T17346] vc032x 2-1:0.0: probe with driver vc032x failed with error -110
[ 1920.173607][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1920.185118][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1920.196035][   T36] bond0 (unregistering): Released all slaves
[ 1920.213683][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1920.354066][   T36] bond1 (unregistering): Released all slaves
[ 1920.373015][T27337] usb 2-1: USB disconnect, device number 73
[ 1920.518011][    C0] syzkaller0: tun_net_xmit 48
[ 1920.640543][T30418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6528'.
[ 1920.736735][T13516] usb 5-1: USB disconnect, device number 113
[ 1920.780578][T30421] fuse: Unknown parameter 'user'
[ 1920.822961][T30421] macsec1: entered promiscuous mode
[ 1920.851027][T30421] macvlan0: entered promiscuous mode
[ 1920.880148][T30421] macvlan0: left promiscuous mode
[ 1921.076585][T30436] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6532'.
[ 1921.108997][T30440] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6530'.
[ 1921.254073][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1921.376163][T30444] kvm: user requested TSC rate below hardware speed
[ 1921.560773][T20700] Bluetooth: hci4: command tx timeout
[ 1922.284726][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1922.849083][T27337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1922.972921][T30463] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1923.011205][T28478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1923.333624][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1923.639114][T15894] Bluetooth: hci4: command tx timeout
[ 1923.658185][   T68] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1924.198955][T27337] syzkaller0: tun_net_xmit 76
[ 1924.218624][   T36] hsr_slave_0: left promiscuous mode
[ 1924.242045][   T36] hsr_slave_1: left promiscuous mode
[ 1924.249842][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1924.257268][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1924.329604][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1924.339410][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1924.367284][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1924.393208][T30471] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1924.411830][T30472] input: syz1 as /devices/virtual/input/input118
[ 1924.421804][   T36] veth1_macvtap: left promiscuous mode
[ 1924.427649][   T36] veth0_macvtap: left promiscuous mode
[ 1924.434196][T30471] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1924.444161][   T36] veth1_vlan: left promiscuous mode
[ 1924.450000][   T36] veth0_vlan: left promiscuous mode
[ 1924.507654][T30474] FAULT_INJECTION: forcing a failure.
[ 1924.507654][T30474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1924.577026][T30474] CPU: 1 UID: 0 PID: 30474 Comm: syz.3.6539 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1924.577058][T30474] Tainted: [L]=SOFTLOCKUP
[ 1924.577064][T30474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1924.577075][T30474] Call Trace:
[ 1924.577081][T30474]  <TASK>
[ 1924.577088][T30474]  dump_stack_lvl+0xe8/0x150
[ 1924.577113][T30474]  should_fail_ex+0x414/0x560
[ 1924.577142][T30474]  _copy_from_user+0x2d/0xb0
[ 1924.577165][T30474]  sctp_setsockopt+0x1c4/0x12c0
[ 1924.577182][T30474]  ? sock_common_setsockopt+0x36/0xc0
[ 1924.577199][T30474]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1924.577216][T30474]  do_sock_setsockopt+0x17c/0x1b0
[ 1924.577239][T30474]  __ia32_sys_setsockopt+0x13f/0x1b0
[ 1924.577262][T30474]  __do_fast_syscall_32+0x1dc/0x570
[ 1924.577282][T30474]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1924.577299][T30474]  ? do_fast_syscall_32+0x34/0x80
[ 1924.577317][T30474]  ? irqentry_exit+0x10f/0x670
[ 1924.577337][T30474]  do_fast_syscall_32+0x34/0x80
[ 1924.577357][T30474]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1924.577376][T30474] RIP: 0023:0xf707d539
[ 1924.577390][T30474] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1924.577403][T30474] RSP: 002b:00000000f544c55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1924.577420][T30474] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[ 1924.577430][T30474] RDX: 0000000000000077 RSI: 0000000080000500 RDI: 0000000000000008
[ 1924.577441][T30474] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1924.577450][T30474] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1924.577459][T30474] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1924.577481][T30474]  </TASK>
[ 1924.760527][T27337] syzkaller0: tun_net_xmit 76
[ 1925.403317][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1925.559744][T11213] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1925.731475][T15894] Bluetooth: hci4: command tx timeout
[ 1925.815561][T30492] kvm: user requested TSC rate below hardware speed
[ 1926.093351][   T36] team0 (unregistering): Port device team_slave_1 removed
[ 1926.122513][T30499] netlink: 27 bytes leftover after parsing attributes in process `syz.0.6548'.
[ 1926.239776][   T36] team0 (unregistering): Port device team_slave_0 removed
[ 1926.854271][T13516] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1926.963256][T17346] usb 5-1: new high-speed USB device number 114 using dummy_hcd
[ 1927.007908][T13516] usb 4-1: device descriptor read/64, error -71
[ 1927.129312][T17346] usb 5-1: Using ep0 maxpacket: 16
[ 1927.136698][T17346] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1927.163218][T17346] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1927.170159][T17346] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 1927.196017][T17346] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1927.228435][T17346] usb 5-1: config 0 descriptor??
[ 1927.262534][T13516] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1927.408627][T13516] usb 4-1: device descriptor read/64, error -71
[ 1927.486107][T20559] net_ratelimit: 1 callbacks suppressed
[ 1927.486126][T20559] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1927.520231][T13516] usb usb4-port1: attempt power cycle
[ 1927.666089][T30410] chnl_net:caif_netlink_parms(): no params data found
[ 1927.684582][T17346] nzxt-smart2 0003:1E71:2009.005A: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.4-1/input0
[ 1927.833039][T15894] Bluetooth: hci4: command tx timeout
[ 1927.898701][T13516] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1927.922144][T13516] usb 4-1: device descriptor read/8, error -71
[ 1928.072633][T27337] usb 5-1: USB disconnect, device number 114
[ 1928.118136][    C0] syzkaller0: tun_net_xmit 48
[ 1928.168050][T13516] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1928.198837][T13516] usb 4-1: device descriptor read/8, error -71
[ 1928.218762][T30410] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1928.228760][T30410] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1928.237611][T30410] bridge_slave_0: entered allmulticast mode
[ 1928.254986][T30410] bridge_slave_0: entered promiscuous mode
[ 1928.267326][T30410] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1928.276013][T30410] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1928.302576][T30410] bridge_slave_1: entered allmulticast mode
[ 1928.318260][T13516] usb usb4-port1: unable to enumerate USB device
[ 1928.363415][T30410] bridge_slave_1: entered promiscuous mode
[ 1928.510208][T30410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1928.532378][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1928.553002][T30410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1928.604186][T27337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1928.748809][T30410] team0: Port device team_slave_0 added
[ 1928.762786][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1928.790608][T30410] team0: Port device team_slave_1 added
[ 1928.798360][T30540] openvswitch: netlink: VXLAN extension message has 228 unknown bytes.
[ 1928.882486][T30410] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1928.894870][T30410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1928.922291][T30410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1928.937198][T30410] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1928.960962][T30410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1929.027851][T30410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1929.056834][T30545] kvm: user requested TSC rate below hardware speed
[ 1929.117610][T30410] hsr_slave_0: entered promiscuous mode
[ 1929.129302][T30410] hsr_slave_1: entered promiscuous mode
[ 1929.221584][T30547] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1929.411716][T22142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1929.478318][T17346] usb 5-1: new full-speed USB device number 115 using dummy_hcd
[ 1929.563844][T20559] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1929.650853][T17346] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1929.674341][T17346] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1929.702809][T17346] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1929.728027][T17346] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1929.774992][T17346] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1929.794786][T17346] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1929.817988][T17346] usb 5-1: Manufacturer: syz
[ 1929.832598][T17346] usb 5-1: config 0 descriptor??
[ 1930.229809][T17346] rc_core: IR keymap rc-hauppauge not found
[ 1930.238651][T30410] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1930.248189][T17346] Registered IR keymap rc-empty
[ 1930.253230][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.293476][T30410] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1930.301722][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.343068][T17346] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1930.359659][T30410] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1930.404602][T30410] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1930.418807][T17346] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input119
[ 1930.443083][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.499789][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.549284][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.588126][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.616153][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1930.628943][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1930.639144][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.690366][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.728611][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.787960][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.831958][T30410] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1930.843067][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1930.917655][T17346] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1931.020832][T17346] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1931.056401][T30410] 8021q: adding VLAN 0 to HW filter on device team0
[ 1931.067935][T17346] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1931.097395][T30589] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6563'.
[ 1931.471768][T17346] usb 5-1: USB disconnect, device number 115
[ 1931.495874][T22139] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1931.503096][T22139] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1931.584343][ T3863] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1931.591595][ T3863] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1931.643206][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1931.831399][T30410] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1931.981765][T30410] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1932.004530][T30602] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6566'.
[ 1932.014154][T30602] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6566'.
[ 1932.122194][T30602] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1932.150606][T30602] bond1: (slave bond0): making interface the new active one
[ 1932.161870][T30602] bond1: (slave bond0): Enslaving as an active interface with an up link
[ 1932.189640][T30601] macvtap1: entered promiscuous mode
[ 1932.195230][T30601] macvtap1: entered allmulticast mode
[ 1932.209169][T30601] vlan0: entered allmulticast mode
[ 1932.226546][T30601] veth0_vlan: entered allmulticast mode
[ 1932.241784][T30601] vlan0: entered promiscuous mode
[ 1932.257087][T30601] team0: Device macvtap1 failed to register rx_handler
[ 1932.290723][T30601] vlan0: left allmulticast mode
[ 1932.303615][T30601] veth0_vlan: left allmulticast mode
[ 1932.323420][T30601] vlan0: left promiscuous mode
[ 1932.718627][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1932.794296][T30410] veth0_vlan: entered promiscuous mode
[ 1932.880941][T30410] veth1_vlan: entered promiscuous mode
[ 1933.030617][T30410] veth0_macvtap: entered promiscuous mode
[ 1933.065173][T30410] veth1_macvtap: entered promiscuous mode
[ 1933.168769][T30615] kvm: user requested TSC rate below hardware speed
[ 1933.191401][T30410] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1933.257139][T30410] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1933.293402][   T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1933.392819][   T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1933.440690][   T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1933.510978][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1933.664025][T18821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1933.733647][T30622] FAULT_INJECTION: forcing a failure.
[ 1933.733647][T30622] name failslab, interval 1, probability 0, space 0, times 0
[ 1933.784725][T22139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1933.793991][T30622] CPU: 1 UID: 0 PID: 30622 Comm: syz.0.6571 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1933.794027][T30622] Tainted: [L]=SOFTLOCKUP
[ 1933.794036][T30622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1933.794049][T30622] Call Trace:
[ 1933.794058][T30622]  <TASK>
[ 1933.794068][T30622]  dump_stack_lvl+0xe8/0x150
[ 1933.794111][T30622]  should_fail_ex+0x414/0x560
[ 1933.794152][T30622]  should_failslab+0xa8/0x100
[ 1933.794182][T30622]  kmem_cache_alloc_noprof+0x88/0x710
[ 1933.794218][T30622]  ? vm_area_alloc+0x24/0x140
[ 1933.794244][T30622]  vm_area_alloc+0x24/0x140
[ 1933.794267][T30622]  do_brk_flags+0x352/0xbd0
[ 1933.794307][T30622]  ? __pfx_do_brk_flags+0x10/0x10
[ 1933.794332][T30622]  ? mas_next_slot+0xc66/0xcf0
[ 1933.794382][T30622]  __se_sys_brk+0x9ab/0xb80
[ 1933.794427][T30622]  ? __pfx___se_sys_brk+0x10/0x10
[ 1933.794458][T30622]  ? fput+0xa0/0xd0
[ 1933.794508][T30622]  __do_fast_syscall_32+0x1dc/0x570
[ 1933.794535][T30622]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1933.794569][T30622]  ? do_fast_syscall_32+0x34/0x80
[ 1933.794593][T30622]  ? irqentry_exit+0x10f/0x670
[ 1933.794641][T30622]  do_fast_syscall_32+0x34/0x80
[ 1933.794668][T30622]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1933.794695][T30622] RIP: 0023:0xf7fa7539
[ 1933.794714][T30622] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1933.794732][T30622] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 000000000000002d
[ 1933.794755][T30622] RAX: ffffffffffffffda RBX: 000000005ede6001 RCX: 0000000000000000
[ 1933.794770][T30622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1933.794783][T30622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1933.794796][T30622] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1933.794808][T30622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1933.794840][T30622]  </TASK>
[ 1933.829477][T22139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1933.886611][T18815] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1934.119484][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1934.127365][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1934.525277][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1934.586997][T30629] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1934.644218][T30644] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1934.653137][T30610] erspan0: entered promiscuous mode
[ 1934.745360][T30648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6575'.
[ 1934.756814][T30648] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6575'.
[ 1934.818664][ T5850] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1934.965621][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1935.008604][T29144] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[ 1935.028571][ T5850] usb 3-1: Using ep0 maxpacket: 32
[ 1935.036353][ T5850] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 1935.047353][ T5850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1935.076401][ T5850] usb 3-1: config 0 descriptor??
[ 1935.119215][ T6073] usb 5-1: new high-speed USB device number 116 using dummy_hcd
[ 1935.169615][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1935.215473][T29144] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1935.227582][T29144] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1935.257701][ T5850] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 1935.268746][ T6073] usb 5-1: device descriptor read/64, error -71
[ 1935.286867][T29144] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1935.329985][T29144] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1935.382316][T29144] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1935.406824][T29144] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1935.431049][T29144] usb 4-1: Manufacturer: syz
[ 1935.527136][ T6073] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 1935.624026][T29144] usb 4-1: config 0 descriptor??
[ 1935.678550][ T6073] usb 5-1: device descriptor read/64, error -71
[ 1935.790615][ T6073] usb usb5-port1: attempt power cycle
[ 1935.939046][T29144] rc_core: IR keymap rc-hauppauge not found
[ 1935.945476][T29144] Registered IR keymap rc-empty
[ 1935.967130][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.019594][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.053884][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1936.063895][T29144] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[ 1936.131947][T29144] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input120
[ 1936.153830][ T6073] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[ 1936.176327][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.189371][ T6073] usb 5-1: device descriptor read/8, error -71
[ 1936.198894][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.236207][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.258882][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.308570][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.368624][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.390121][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.441084][T11209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1936.449556][ T6073] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[ 1936.457501][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.481298][T30672] FAULT_INJECTION: forcing a failure.
[ 1936.481298][T30672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1936.497161][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.497501][ T6073] usb 5-1: device descriptor read/8, error -71
[ 1936.525609][T30672] CPU: 0 UID: 0 PID: 30672 Comm: syz.0.6580 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1936.525644][T30672] Tainted: [L]=SOFTLOCKUP
[ 1936.525652][T30672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1936.525664][T30672] Call Trace:
[ 1936.525671][T30672]  <TASK>
[ 1936.525680][T30672]  dump_stack_lvl+0xe8/0x150
[ 1936.525710][T30672]  should_fail_ex+0x414/0x560
[ 1936.525746][T30672]  _copy_from_user+0x2d/0xb0
[ 1936.525779][T30672]  cmsghdr_from_user_compat_to_kern+0x394/0x800
[ 1936.525808][T30672]  ? __might_fault+0xb0/0x130
[ 1936.525845][T30672]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[ 1936.525883][T30672]  ____sys_sendmsg+0x20f/0x820
[ 1936.525913][T30672]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1936.525942][T30672]  ? kstrtouint+0x6e/0xe0
[ 1936.525965][T30672]  ___sys_sendmsg+0x21f/0x2a0
[ 1936.525992][T30672]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1936.526015][T30672]  ? get_pid_task+0x20/0x1f0
[ 1936.526039][T30672]  ? get_pid_task+0x20/0x1f0
[ 1936.526061][T30672]  ? get_pid_task+0x20/0x1f0
[ 1936.526110][T30672]  ? __fget_files+0x2a/0x420
[ 1936.526134][T30672]  ? __fget_files+0x3a0/0x420
[ 1936.526167][T30672]  __sys_sendmsg+0x164/0x220
[ 1936.526193][T30672]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1936.526225][T30672]  ? __pfx_ksys_write+0x10/0x10
[ 1936.526254][T30672]  __do_fast_syscall_32+0x1dc/0x570
[ 1936.526278][T30672]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1936.526297][T30672]  ? do_fast_syscall_32+0x34/0x80
[ 1936.526320][T30672]  ? irqentry_exit+0x10f/0x670
[ 1936.526344][T30672]  do_fast_syscall_32+0x34/0x80
[ 1936.526368][T30672]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1936.526391][T30672] RIP: 0023:0xf7fa7539
[ 1936.526407][T30672] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1936.526424][T30672] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1936.526444][T30672] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 1936.526458][T30672] RDX: 0000000000004080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1936.526470][T30672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1936.526481][T30672] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1936.526492][T30672] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1936.526519][T30672]  </TASK>
[ 1936.586929][   T44] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 1936.594653][T29144] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1936.630161][T30640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1936.630621][T30640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1936.812327][ T6073] usb usb5-port1: unable to enumerate USB device
[ 1936.853469][ T5850] gspca_sunplus: reg_w_riv err -71
[ 1936.859557][ T5850] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[ 1936.881772][T29144] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1936.896741][ T5850] usb 3-1: USB disconnect, device number 14
[ 1936.910285][   T44] usb 2-1: Using ep0 maxpacket: 8
[ 1936.914839][T29144] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1936.937461][   T44] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1936.960195][   T44] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1936.980286][T29144] usb 4-1: USB disconnect, device number 6
[ 1936.981886][   T44] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1937.018461][   T44] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1937.053305][   T44] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1937.062891][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1937.083824][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1937.100208][T30677] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1937.106953][T30677] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1937.146796][T30677] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1937.162252][T30677] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1937.184713][T30677] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1937.192554][T30677] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1937.222955][T30677] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1937.238218][T30677] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1937.379507][   T44] usb 2-1: GET_CAPABILITIES returned 0
[ 1937.393661][   T44] usbtmc 2-1:16.0: can't read capabilities
[ 1937.568510][ T5850] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[ 1937.730110][ T5850] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1937.742492][ T5850] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1937.754374][ T5850] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 1937.765100][ T5850] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1937.781551][ T5850] usb 4-1: config 0 descriptor??
[ 1937.787592][T30682] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1937.817890][   T44] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1938.007126][   T44] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1938.021045][   T44] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1938.031831][   T44] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1938.062656][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1938.071197][   T44] usb 3-1: SerialNumber: syz
[ 1938.122950][T30682] vivid-002: disconnect
[ 1938.136211][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1938.282182][T30681] vivid-002: reconnect
[ 1938.300217][ T5850] usbhid 4-1:0.0: can't add hid device: -71
[ 1938.306271][ T5850] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1938.335349][ T5850] usb 4-1: USB disconnect, device number 7
[ 1938.868478][T29144] usb 5-1: new high-speed USB device number 120 using dummy_hcd
[ 1939.050423][T29144] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1939.060742][T29144] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1939.073824][T29144] usb 5-1: config 0 descriptor??
[ 1939.089430][T29144] cp210x 5-1:0.0: cp210x converter detected
[ 1939.174186][T30717] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6589'.
[ 1939.188287][T30717] netlink: 72 bytes leftover after parsing attributes in process `syz.3.6589'.
[ 1939.219358][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1939.290814][T27337] usb 2-1: USB disconnect, device number 74
[ 1939.480463][T18870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1939.578409][T29144] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1939.623398][T29144] usb 5-1: cp210x converter now attached to ttyUSB0
[ 1939.791788][T30721] FAULT_INJECTION: forcing a failure.
[ 1939.791788][T30721] name failslab, interval 1, probability 0, space 0, times 0
[ 1939.821329][T29144] usb 5-1: USB disconnect, device number 120
[ 1939.834092][T29144] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1939.846962][T29144] cp210x 5-1:0.0: device disconnected
[ 1939.853325][T30721] CPU: 0 UID: 0 PID: 30721 Comm: syz.1.6591 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1939.853372][T30721] Tainted: [L]=SOFTLOCKUP
[ 1939.853381][T30721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1939.853393][T30721] Call Trace:
[ 1939.853402][T30721]  <TASK>
[ 1939.853411][T30721]  dump_stack_lvl+0xe8/0x150
[ 1939.853441][T30721]  should_fail_ex+0x414/0x560
[ 1939.853488][T30721]  should_failslab+0xa8/0x100
[ 1939.853516][T30721]  kmem_cache_alloc_noprof+0x88/0x710
[ 1939.853556][T30721]  ? __netlink_lookup+0xbd/0x8a0
[ 1939.853583][T30721]  ? skb_clone+0x212/0x3a0
[ 1939.853612][T30721]  skb_clone+0x212/0x3a0
[ 1939.853640][T30721]  __netlink_deliver_tap+0x404/0x850
[ 1939.853677][T30721]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1939.853705][T30721]  netlink_deliver_tap+0x19c/0x1b0
[ 1939.853732][T30721]  netlink_unicast+0x7fa/0x9e0
[ 1939.853761][T30721]  ? __pfx_netlink_unicast+0x10/0x10
[ 1939.853784][T30721]  ? __alloc_skb+0x198/0x3a0
[ 1939.853805][T30721]  ? netlink_sendmsg+0x642/0xb30
[ 1939.853830][T30721]  ? skb_put+0x11b/0x210
[ 1939.853854][T30721]  netlink_sendmsg+0x805/0xb30
[ 1939.853888][T30721]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1939.853917][T30721]  ? __import_iovec+0x5d4/0x7f0
[ 1939.853940][T30721]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1939.853967][T30721]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1939.853985][T30721]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1939.854013][T30721]  __sock_sendmsg+0x21c/0x270
[ 1939.854045][T30721]  ____sys_sendmsg+0x505/0x820
[ 1939.854075][T30721]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1939.854105][T30721]  ? kstrtouint+0x6e/0xe0
[ 1939.854130][T30721]  ___sys_sendmsg+0x21f/0x2a0
[ 1939.854156][T30721]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1939.854180][T30721]  ? get_pid_task+0x20/0x1f0
[ 1939.854204][T30721]  ? get_pid_task+0x20/0x1f0
[ 1939.854226][T30721]  ? get_pid_task+0x20/0x1f0
[ 1939.854274][T30721]  ? __fget_files+0x2a/0x420
[ 1939.854298][T30721]  ? __fget_files+0x3a0/0x420
[ 1939.854335][T30721]  __sys_sendmsg+0x164/0x220
[ 1939.854362][T30721]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1939.854392][T30721]  ? __pfx_ksys_write+0x10/0x10
[ 1939.854422][T30721]  __do_fast_syscall_32+0x1dc/0x570
[ 1939.854446][T30721]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1939.854473][T30721]  ? do_fast_syscall_32+0x34/0x80
[ 1939.854495][T30721]  ? irqentry_exit+0x10f/0x670
[ 1939.854519][T30721]  do_fast_syscall_32+0x34/0x80
[ 1939.854540][T30721]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1939.854563][T30721] RIP: 0023:0xf7f43539
[ 1939.854579][T30721] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1939.854595][T30721] RSP: 002b:00000000f543655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1939.854615][T30721] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[ 1939.854629][T30721] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1939.854640][T30721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1939.854652][T30721] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1939.854664][T30721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1939.854691][T30721]  </TASK>
[ 1940.276060][T30723] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1940.286174][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1940.296437][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1940.307637][T22142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1940.557230][   T44] usb 3-1: 0:2 : does not exist
[ 1940.562730][   T24] usb 2-1: new full-speed USB device number 75 using dummy_hcd
[ 1940.609946][   T44] usb 3-1: USB disconnect, device number 15
[ 1940.690541][T30725] IPVS: set_ctl: invalid protocol: 36 100.1.1.0:20003
[ 1940.704406][ T6003] udevd[6003]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1940.708152][T30725] FAULT_INJECTION: forcing a failure.
[ 1940.708152][T30725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1940.780773][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1940.798700][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1940.798889][T30725] CPU: 0 UID: 0 PID: 30725 Comm: syz.2.6593 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1940.798981][T30725] Tainted: [L]=SOFTLOCKUP
[ 1940.799004][T30725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1940.799034][T30725] Call Trace:
[ 1940.799060][T30725]  <TASK>
[ 1940.799081][T30725]  dump_stack_lvl+0xe8/0x150
[ 1940.799157][T30725]  should_fail_ex+0x414/0x560
[ 1940.799259][T30725]  _copy_from_user+0x2d/0xb0
[ 1940.799343][T30725]  smc_setsockopt+0x3b8/0xab0
[ 1940.799406][T30725]  ? __pfx_smc_setsockopt+0x10/0x10
[ 1940.799454][T30725]  ? aa_sock_opt_perm+0xff/0x1a0
[ 1940.799532][T30725]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1940.799581][T30725]  ? __pfx_smc_setsockopt+0x10/0x10
[ 1940.799626][T30725]  do_sock_setsockopt+0x17c/0x1b0
[ 1940.799697][T30725]  __ia32_sys_setsockopt+0x13f/0x1b0
[ 1940.799785][T30725]  __do_fast_syscall_32+0x1dc/0x570
[ 1940.799856][T30725]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1940.799907][T30725]  ? do_fast_syscall_32+0x34/0x80
[ 1940.799970][T30725]  ? irqentry_exit+0x10f/0x670
[ 1940.800037][T30725]  do_fast_syscall_32+0x34/0x80
[ 1940.800106][T30725]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1940.800166][T30725] RIP: 0023:0xf70dd539
[ 1940.800215][T30725] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1940.800275][T30725] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1940.800352][T30725] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[ 1940.800399][T30725] RDX: 0000000000000482 RSI: 0000000080000140 RDI: 000000000000002c
[ 1940.800429][T30725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1940.800458][T30725] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1940.800495][T30725] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1940.800565][T30725]  </TASK>
[ 1941.048331][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1941.058187][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1941.073048][   T24] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1941.098484][   T24] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1941.115523][   T24] usb 2-1: Manufacturer: syz
[ 1941.187429][   T24] usb 2-1: config 0 descriptor??
[ 1941.324162][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1941.479308][T22142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1941.517902][   T24] rc_core: IR keymap rc-hauppauge not found
[ 1941.524121][   T24] Registered IR keymap rc-empty
[ 1941.533023][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.561857][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.589758][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1941.607664][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input121
[ 1941.624478][T30748] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1941.635850][T30748] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1941.645684][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.658061][T13516] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1941.688148][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.708003][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.727905][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.747924][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.768049][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.788166][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.820330][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.828868][T13516] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1941.839801][T13516] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1941.850805][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.858274][T13516] usb 3-1: config 4 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 1941.872358][T13516] usb 3-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x56, changing to 0x6
[ 1941.884370][T13516] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1941.894457][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1941.903193][T13516] usb 3-1: config 4 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[ 1941.916223][T13516] usb 3-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[ 1941.934414][   T24] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1941.949711][T13516] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1941.958380][   T24] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1941.966825][T13516] usb 3-1: Product: syz
[ 1941.974918][T13516] usb 3-1: Manufacturer: syz
[ 1941.982210][   T24] usb 2-1: USB disconnect, device number 75
[ 1941.988578][T13516] usb 3-1: SerialNumber: syz
[ 1942.047051][T13516] usb 3-1: ucan: probing device on interface #0
[ 1942.069728][T13516] usb 3-1: ucan: invalid endpoint configuration
[ 1942.081840][T30757] xt_bpf: check failed: parse error
[ 1942.095293][T13516] usb 3-1: ucan: probe failed; try to update the device firmware
[ 1942.208401][    C0] syzkaller0: tun_net_xmit 48
[ 1942.339791][T30761] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6599'.
[ 1943.053635][T30782] wireguard0: entered promiscuous mode
[ 1943.059423][T30782] wireguard0: entered allmulticast mode
[ 1943.072114][T30782] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1943.082672][T30782] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1943.092369][T30782] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1943.100191][T30782] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1943.400311][T13516] net_ratelimit: 3 callbacks suppressed
[ 1943.400326][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1944.198514][T29144] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1944.358978][T29144] usb 4-1: Using ep0 maxpacket: 8
[ 1944.370121][T29144] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1944.379182][T29144] usb 4-1: config 179 has no interface number 0
[ 1944.385561][T29144] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1944.399058][T29144] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1944.412892][T29144] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1944.424906][T29144] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1944.437416][T29144] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1944.451985][T29144] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1944.462195][T29144] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1944.472418][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1944.485636][T30791] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1944.521500][ T5850] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1944.528321][T13516] usb 3-1: USB disconnect, device number 16
[ 1944.637907][T30794] FAULT_INJECTION: forcing a failure.
[ 1944.637907][T30794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1944.651396][T30794] CPU: 1 UID: 0 PID: 30794 Comm: syz.2.6615 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1944.651430][T30794] Tainted: [L]=SOFTLOCKUP
[ 1944.651438][T30794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1944.651450][T30794] Call Trace:
[ 1944.651458][T30794]  <TASK>
[ 1944.651467][T30794]  dump_stack_lvl+0xe8/0x150
[ 1944.651500][T30794]  should_fail_ex+0x414/0x560
[ 1944.651528][T30794]  _copy_from_user+0x2d/0xb0
[ 1944.651568][T30794]  cmsghdr_from_user_compat_to_kern+0x50b/0x800
[ 1944.651599][T30794]  ? __might_fault+0xb0/0x130
[ 1944.651638][T30794]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[ 1944.651676][T30794]  ____sys_sendmsg+0x20f/0x820
[ 1944.651707][T30794]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1944.651735][T30794]  ___sys_sendmsg+0x21f/0x2a0
[ 1944.651777][T30794]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1944.651801][T30794]  ? kstrtoull+0x12f/0x1d0
[ 1944.651824][T30794]  ? kstrtouint+0x6e/0xe0
[ 1944.651864][T30794]  ? __fget_files+0x2a/0x420
[ 1944.651892][T30794]  ? __fget_files+0x3a0/0x420
[ 1944.651917][T30794]  __sys_sendmmsg+0x28e/0x430
[ 1944.651953][T30794]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1944.651978][T30794]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1944.652026][T30794]  ? ksys_write+0x22a/0x250
[ 1944.652047][T30794]  ? __pfx_ksys_write+0x10/0x10
[ 1944.652071][T30794]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1944.652103][T30794]  __do_fast_syscall_32+0x1dc/0x570
[ 1944.652120][T30794]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1944.652149][T30794]  ? do_fast_syscall_32+0x34/0x80
[ 1944.652173][T30794]  ? irqentry_exit+0x10f/0x670
[ 1944.652199][T30794]  do_fast_syscall_32+0x34/0x80
[ 1944.652224][T30794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1944.652248][T30794] RIP: 0023:0xf70dd539
[ 1944.652265][T30794] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1944.652297][T30794] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1944.652312][T30794] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001500
[ 1944.652327][T30794] RDX: 0000000000000001 RSI: 0000000004000000 RDI: 0000000000000000
[ 1944.652351][T30794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1944.652362][T30794] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1944.652374][T30794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1944.652403][T30794]  </TASK>
[ 1945.036876][T30798] FAULT_INJECTION: forcing a failure.
[ 1945.036876][T30798] name failslab, interval 1, probability 0, space 0, times 0
[ 1945.050609][T30798] CPU: 0 UID: 0 PID: 30798 Comm: syz.2.6616 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1945.050634][T30798] Tainted: [L]=SOFTLOCKUP
[ 1945.050640][T30798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1945.050650][T30798] Call Trace:
[ 1945.050656][T30798]  <TASK>
[ 1945.050663][T30798]  dump_stack_lvl+0xe8/0x150
[ 1945.050687][T30798]  should_fail_ex+0x414/0x560
[ 1945.050720][T30798]  should_failslab+0xa8/0x100
[ 1945.050740][T30798]  __kmalloc_node_noprof+0xe7/0x820
[ 1945.050756][T30798]  ? crypto_create_tfm_node+0x83/0x3f0
[ 1945.050779][T30798]  crypto_create_tfm_node+0x83/0x3f0
[ 1945.050801][T30798]  crypto_alloc_tfm_node+0x172/0x3f0
[ 1945.050826][T30798]  kdf_alloc+0x21/0x100
[ 1945.050850][T30798]  __keyctl_dh_compute+0x455/0xca0
[ 1945.050874][T30798]  ? get_pid_task+0x20/0x1f0
[ 1945.050894][T30798]  ? get_pid_task+0x20/0x1f0
[ 1945.050914][T30798]  ? __pfx___keyctl_dh_compute+0x10/0x10
[ 1945.050946][T30798]  ? __might_fault+0xb0/0x130
[ 1945.050979][T30798]  ? compat_keyctl_dh_compute+0x157/0x1d0
[ 1945.051011][T30798]  compat_keyctl_dh_compute+0x16e/0x1d0
[ 1945.051035][T30798]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[ 1945.051063][T30798]  ? ksys_write+0x22a/0x250
[ 1945.051079][T30798]  ? __pfx_ksys_write+0x10/0x10
[ 1945.051099][T30798]  ? __ia32_compat_sys_keyctl+0x3f6/0x630
[ 1945.051134][T30798]  __do_fast_syscall_32+0x1dc/0x570
[ 1945.051152][T30798]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1945.051166][T30798]  ? do_fast_syscall_32+0x34/0x80
[ 1945.051183][T30798]  ? irqentry_exit+0x10f/0x670
[ 1945.051202][T30798]  do_fast_syscall_32+0x34/0x80
[ 1945.051219][T30798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1945.051237][T30798] RIP: 0023:0xf70dd539
[ 1945.051249][T30798] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1945.051262][T30798] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000120
[ 1945.051277][T30798] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000080000100
[ 1945.051287][T30798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000080000180
[ 1945.051296][T30798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1945.051305][T30798] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1945.051314][T30798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1945.051333][T30798]  </TASK>
[ 1945.051385][T30798] could not allocate digest TFM handle sha256
[ 1945.233558][T13516] usb 4-1: USB disconnect, device number 8
[ 1945.251820][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1945.322465][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1945.480832][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1945.867299][ T5850] hid-generic 0000:0000:0000.005B: unknown main item tag 0x0
[ 1945.889433][ T5850] hid-generic 0000:0000:0000.005B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1946.042691][T25287] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1946.053567][T25756] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1946.202926][T30814] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6621'.
[ 1946.530761][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1946.565276][T30822] lo: entered promiscuous mode
[ 1946.586853][T30822] lo: entered allmulticast mode
[ 1946.611589][T30822] tunl0: entered promiscuous mode
[ 1946.631052][T30822] tunl0: entered allmulticast mode
[ 1946.649131][T30822] gre0: entered promiscuous mode
[ 1946.668392][T30822] gre0: entered allmulticast mode
[ 1946.679566][ T3438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1946.699288][T30822] gretap0: entered promiscuous mode
[ 1946.714865][T30822] gretap0: entered allmulticast mode
[ 1946.722034][T30822] erspan0: entered promiscuous mode
[ 1946.729284][T30822] erspan0: entered allmulticast mode
[ 1946.736389][T30822] ip_vti0: entered promiscuous mode
[ 1946.741990][T30822] ip_vti0: entered allmulticast mode
[ 1946.762907][T30822] ip6_vti0: entered promiscuous mode
[ 1946.771650][T30822] ip6_vti0: entered allmulticast mode
[ 1946.788824][T30822] sit0: entered promiscuous mode
[ 1946.793797][T30822] sit0: entered allmulticast mode
[ 1946.809435][T30822] ip6tnl0: entered promiscuous mode
[ 1946.827431][T30822] ip6tnl0: entered allmulticast mode
[ 1946.842176][T30822] ip6gre0: entered promiscuous mode
[ 1946.848344][T30822] ip6gre0: entered allmulticast mode
[ 1946.869489][T30822] syz_tun: entered promiscuous mode
[ 1946.885021][T30822] syz_tun: entered allmulticast mode
[ 1946.899141][T30822] ip6gretap0: entered promiscuous mode
[ 1946.914908][T30822] ip6gretap0: entered allmulticast mode
[ 1946.933462][T30822] bridge0: entered promiscuous mode
[ 1946.947853][T30822] bridge0: entered allmulticast mode
[ 1947.494631][T30842] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6627'.
[ 1947.532996][T30842] openvswitch: netlink: Unknown nsh attribute 0
[ 1947.558782][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1948.647810][T13516] net_ratelimit: 1 callbacks suppressed
[ 1948.647832][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1949.020732][T13516] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1949.189798][T13516] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1949.264818][T13516] usb 4-1: New USB device found, idVendor=16c0, idProduct=05e1, bcdDevice= 0.00
[ 1949.274481][T13516] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1949.319592][T13516] usb 4-1: config 0 descriptor??
[ 1949.556591][T13516] usbhid 4-1:0.0: can't add hid device: -71
[ 1949.569748][T13516] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1949.721102][T13516] usb 4-1: USB disconnect, device number 9
[ 1949.801369][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1950.336281][T30876] fuse: Bad value for 'group_id'
[ 1950.391693][T30876] fuse: Bad value for 'group_id'
[ 1950.428736][T30878] FAULT_INJECTION: forcing a failure.
[ 1950.428736][T30878] name failslab, interval 1, probability 0, space 0, times 0
[ 1950.448100][T30878] CPU: 1 UID: 0 PID: 30878 Comm: syz.1.6639 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1950.448137][T30878] Tainted: [L]=SOFTLOCKUP
[ 1950.448147][T30878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1950.448160][T30878] Call Trace:
[ 1950.448169][T30878]  <TASK>
[ 1950.448179][T30878]  dump_stack_lvl+0xe8/0x150
[ 1950.448214][T30878]  should_fail_ex+0x414/0x560
[ 1950.448257][T30878]  should_failslab+0xa8/0x100
[ 1950.448286][T30878]  __kmalloc_noprof+0xdf/0x800
[ 1950.448308][T30878]  ? tomoyo_encode+0x28b/0x550
[ 1950.448345][T30878]  tomoyo_encode+0x28b/0x550
[ 1950.448382][T30878]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1950.448417][T30878]  ? tomoyo_domain+0xd8/0x130
[ 1950.448456][T30878]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1950.448482][T30878]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1950.448512][T30878]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1950.448538][T30878]  ? __lock_acquire+0x6b6/0x2cf0
[ 1950.448565][T30878]  ? get_pid_task+0x20/0x1f0
[ 1950.448604][T30878]  ? get_pid_task+0x20/0x1f0
[ 1950.448651][T30878]  ? __fget_files+0x2a/0x420
[ 1950.448684][T30878]  ? __fget_files+0x3a0/0x420
[ 1950.448722][T30878]  ? __fget_files+0x2a/0x420
[ 1950.448753][T30878]  security_file_ioctl_compat+0xcb/0x2d0
[ 1950.448780][T30878]  __ia32_compat_sys_ioctl+0x128/0x840
[ 1950.448804][T30878]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1950.448833][T30878]  ? __fget_files+0x3a0/0x420
[ 1950.448867][T30878]  ? fput+0xa0/0xd0
[ 1950.448894][T30878]  ? ksys_write+0x22a/0x250
[ 1950.448917][T30878]  ? __pfx_ksys_write+0x10/0x10
[ 1950.448948][T30878]  __do_fast_syscall_32+0x1dc/0x570
[ 1950.448975][T30878]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1950.448996][T30878]  ? do_fast_syscall_32+0x34/0x80
[ 1950.449021][T30878]  ? irqentry_exit+0x10f/0x670
[ 1950.449047][T30878]  do_fast_syscall_32+0x34/0x80
[ 1950.449073][T30878]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1950.449099][T30878] RIP: 0023:0xf7f43539
[ 1950.449117][T30878] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1950.449136][T30878] RSP: 002b:00000000f543655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1950.449159][T30878] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80
[ 1950.449174][T30878] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1950.449186][T30878] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1950.449198][T30878] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1950.449211][T30878] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1950.449242][T30878]  </TASK>
[ 1950.449264][T30878] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1950.808634][ T5850] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1950.838852][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1950.915617][T30883] netlink: 'syz.0.6640': attribute type 1 has an invalid length.
[ 1950.968497][ T5850] usb 4-1: Using ep0 maxpacket: 16
[ 1950.975744][ T5850] usb 4-1: config index 0 descriptor too short (expected 67, got 36)
[ 1950.985402][ T5850] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1951.008715][ T5850] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1951.021177][T30883] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1951.028569][ T5850] usb 4-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[ 1951.039515][ T5850] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1951.059620][ T5850] usb 4-1: config 0 descriptor??
[ 1951.125263][T30885] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1951.151591][T30885] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1951.204409][T30885] bond3: (slave vxcan3): Error -95 calling set_mac_address
[ 1951.331018][T30890] mac80211_hwsim hwsim35 wlan0: entered promiscuous mode
[ 1951.352482][T30890] bond3: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[ 1951.493785][ T5850] apple 0003:05AC:0247.005C: unexpected long global item
[ 1951.509915][ T5850] apple 0003:05AC:0247.005C: parse failed
[ 1951.516921][ T5850] apple 0003:05AC:0247.005C: probe with driver apple failed with error -22
[ 1951.553524][   T30] audit: type=1326 audit(1768847114.911:10531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.627651][   T30] audit: type=1326 audit(1768847114.911:10532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.718347][T30904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6646'.
[ 1951.732498][T30904] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6646'.
[ 1951.773819][   T30] audit: type=1326 audit(1768847114.911:10533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.800002][T22139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1951.808246][T22139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1951.878680][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1951.890282][   T30] audit: type=1326 audit(1768847114.911:10534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.896909][ T5850] usb 4-1: USB disconnect, device number 10
[ 1951.913158][   T30] audit: type=1326 audit(1768847114.911:10535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.913208][   T30] audit: type=1326 audit(1768847114.921:10536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.913251][   T30] audit: type=1326 audit(1768847114.921:10537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.913293][   T30] audit: type=1326 audit(1768847114.921:10538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.913331][   T30] audit: type=1326 audit(1768847114.921:10539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1951.913421][   T30] audit: type=1326 audit(1768847114.921:10540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30895 comm="syz.4.6644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1952.631698][T28359] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1952.921550][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1953.099301][T30923] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6650'.
[ 1953.113108][T30923] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6650'.
[ 1953.962941][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1954.070900][T30939] netlink: 'syz.3.6657': attribute type 1 has an invalid length.
[ 1954.094549][T30939] netlink: 'syz.3.6657': attribute type 6 has an invalid length.
[ 1954.121270][T30939] netlink: 'syz.3.6657': attribute type 3 has an invalid length.
[ 1954.998647][T13516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1955.262722][T30969] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6662'.
[ 1955.410588][T30971] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6663'.
[ 1956.040122][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1956.371524][T30976] usb usb8: usbfs: process 30976 (syz.4.6664) did not claim interface 2 before use
[ 1956.461728][T30978] FAULT_INJECTION: forcing a failure.
[ 1956.461728][T30978] name failslab, interval 1, probability 0, space 0, times 0
[ 1956.474705][T30978] CPU: 1 UID: 0 PID: 30978 Comm: syz.3.6665 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1956.474740][T30978] Tainted: [L]=SOFTLOCKUP
[ 1956.474749][T30978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1956.474763][T30978] Call Trace:
[ 1956.474772][T30978]  <TASK>
[ 1956.474782][T30978]  dump_stack_lvl+0xe8/0x150
[ 1956.474817][T30978]  should_fail_ex+0x414/0x560
[ 1956.474857][T30978]  should_failslab+0xa8/0x100
[ 1956.474885][T30978]  kmem_cache_alloc_node_noprof+0x8c/0x720
[ 1956.474918][T30978]  ? __alloc_skb+0x198/0x3a0
[ 1956.474942][T30978]  ? __alloc_skb+0x1dc/0x3a0
[ 1956.474963][T30978]  ? __local_bh_enable_ip+0xd0/0x130
[ 1956.474988][T30978]  ? __alloc_skb+0x198/0x3a0
[ 1956.475014][T30978]  __alloc_skb+0x1dc/0x3a0
[ 1956.475042][T30978]  netlink_sendmsg+0x5c6/0xb30
[ 1956.475083][T30978]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1956.475117][T30978]  ? __import_iovec+0x5d4/0x7f0
[ 1956.475157][T30978]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1956.475193][T30978]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1956.475214][T30978]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1956.475267][T30978]  __sock_sendmsg+0x21c/0x270
[ 1956.475315][T30978]  ____sys_sendmsg+0x505/0x820
[ 1956.475350][T30978]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1956.475384][T30978]  ? kstrtouint+0x6e/0xe0
[ 1956.475411][T30978]  ___sys_sendmsg+0x21f/0x2a0
[ 1956.475440][T30978]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1956.475468][T30978]  ? get_pid_task+0x20/0x1f0
[ 1956.475495][T30978]  ? get_pid_task+0x20/0x1f0
[ 1956.475519][T30978]  ? get_pid_task+0x20/0x1f0
[ 1956.475574][T30978]  ? __fget_files+0x2a/0x420
[ 1956.475602][T30978]  ? __fget_files+0x3a0/0x420
[ 1956.475640][T30978]  __sys_sendmsg+0x164/0x220
[ 1956.475671][T30978]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1956.475713][T30978]  ? __pfx_ksys_write+0x10/0x10
[ 1956.475747][T30978]  __do_fast_syscall_32+0x1dc/0x570
[ 1956.475775][T30978]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1956.475797][T30978]  ? do_fast_syscall_32+0x34/0x80
[ 1956.475824][T30978]  ? irqentry_exit+0x10f/0x670
[ 1956.475853][T30978]  do_fast_syscall_32+0x34/0x80
[ 1956.475881][T30978]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1956.475909][T30978] RIP: 0023:0xf707d539
[ 1956.475929][T30978] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1956.475949][T30978] RSP: 002b:00000000f546d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1956.475972][T30978] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[ 1956.475989][T30978] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1956.476003][T30978] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1956.476017][T30978] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1956.476031][T30978] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1956.476062][T30978]  </TASK>
[ 1957.080065][   T44] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1957.184440][ T5850] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1957.358994][T30993] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1957.363261][ T5850] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1957.406276][ T5850] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1957.422549][ T5850] usb 4-1: config 4 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 1957.461572][ T5850] usb 4-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0x56, changing to 0x6
[ 1957.474089][ T5850] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1957.488875][ T5850] usb 4-1: config 4 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[ 1957.531747][ T5850] usb 4-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[ 1957.544089][ T5850] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1957.556150][ T5850] usb 4-1: Product: syz
[ 1957.566008][T11213] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1957.592936][T22141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1957.605551][ T5850] usb 4-1: Manufacturer: syz
[ 1957.611748][ T5850] usb 4-1: SerialNumber: syz
[ 1957.640187][ T5850] usb 4-1: ucan: probing device on interface #0
[ 1957.646521][ T5850] usb 4-1: ucan: invalid endpoint configuration
[ 1957.678332][T27337] usb 5-1: new high-speed USB device number 121 using dummy_hcd
[ 1957.720222][T30998] syzkaller0: entered promiscuous mode
[ 1957.735990][ T5850] usb 4-1: ucan: probe failed; try to update the device firmware
[ 1957.738054][T30998] syzkaller0: entered allmulticast mode
[ 1957.853101][T27337] usb 5-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[ 1957.863430][T27337] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1957.918357][T27337] usb 5-1: Product: syz
[ 1957.925861][T30985] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6668'.
[ 1957.930359][T27337] usb 5-1: Manufacturer: syz
[ 1957.955899][T27337] usb 5-1: SerialNumber: syz
[ 1958.015185][T27337] usb 5-1: config 0 descriptor??
[ 1958.035050][T27337] gspca_main: sonixb-2.14.0 probing 0c45:6005
[ 1958.057625][ T5850] usb 4-1: USB disconnect, device number 11
[ 1958.120321][T17346] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1958.200578][T25756] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1958.389009][T17346] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1958.569669][T17346] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1958.579395][T17346] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1958.591408][T17346] usb 3-1: config 0 descriptor??
[ 1958.669116][T31014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1958.679110][T31014] netlink: 84 bytes leftover after parsing attributes in process `syz.3.6678'.
[ 1958.778163][   T44] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[ 1958.995230][   T44] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1959.011924][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1959.032927][   T44] usb 2-1: config 0 descriptor??
[ 1959.159472][T28478] net_ratelimit: 1 callbacks suppressed
[ 1959.159499][T28478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1960.316876][T13516] usb 5-1: USB disconnect, device number 121
[ 1961.032272][T31029] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6680'.
[ 1961.289677][T31033] usb usb8: usbfs: process 31033 (syz.3.6681) did not claim interface 2 before use
[ 1961.319721][   T30] kauditd_printk_skb: 53 callbacks suppressed
[ 1961.319739][   T30] audit: type=1326 audit(1768847124.691:10594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31025 comm="syz.4.6680" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7fc00000
[ 1961.349464][   T30] audit: type=1326 audit(1768847124.691:10595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31025 comm="syz.4.6680" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa5539 code=0x7fc00000
[ 1961.399635][   T30] audit: type=1326 audit(1768847124.691:10596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31025 comm="syz.4.6680" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7fc00000
[ 1961.426168][   T30] audit: type=1326 audit(1768847124.701:10597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31025 comm="syz.4.6680" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7fc00000
[ 1961.575331][T17346] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1961.596404][T17346] [drm:udl_init] *ERROR* Selecting channel failed
[ 1961.659811][T17346] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[ 1961.689894][T17346] [drm] Initialized udl on minor 2
[ 1961.715576][T17346] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1961.745082][T17346] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1961.764527][T13516] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1961.778713][T13516] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1961.797132][T17346] usb 3-1: USB disconnect, device number 17
[ 1961.823047][T31035] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6682'.
[ 1962.106560][T31039] FAULT_INJECTION: forcing a failure.
[ 1962.106560][T31039] name failslab, interval 1, probability 0, space 0, times 0
[ 1962.108832][   T44] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1962.144705][T31039] CPU: 0 UID: 0 PID: 31039 Comm: syz.4.6684 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1962.144738][T31039] Tainted: [L]=SOFTLOCKUP
[ 1962.144746][T31039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1962.144759][T31039] Call Trace:
[ 1962.144768][T31039]  <TASK>
[ 1962.144778][T31039]  dump_stack_lvl+0xe8/0x150
[ 1962.144811][T31039]  should_fail_ex+0x414/0x560
[ 1962.144848][T31039]  should_failslab+0xa8/0x100
[ 1962.144875][T31039]  __kmalloc_cache_noprof+0x84/0x700
[ 1962.144895][T31039]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1962.144932][T31039]  ? fuse_lookup_name+0x1b5/0x860
[ 1962.144966][T31039]  fuse_lookup_name+0x1b5/0x860
[ 1962.145005][T31039]  ? __pfx_fuse_lookup_name+0x10/0x10
[ 1962.145034][T31039]  ? fuse_lock_inode+0xd3/0x120
[ 1962.145075][T31039]  ? d_alloc_parallel+0x366/0x1610
[ 1962.145113][T31039]  fuse_lookup+0x1f0/0x480
[ 1962.145130][T31039]  ? look_up_lock_class+0x57/0x110
[ 1962.145157][T31039]  ? __pfx_fuse_lookup+0x10/0x10
[ 1962.145187][T31039]  ? __raw_spin_lock_init+0x45/0x100
[ 1962.145214][T31039]  ? __init_waitqueue_head+0xa9/0x150
[ 1962.145246][T31039]  __lookup_slow+0x297/0x3d0
[ 1962.145275][T31039]  ? __pfx___lookup_slow+0x10/0x10
[ 1962.145313][T31039]  ? down_read+0x274/0x2e0
[ 1962.145340][T31039]  lookup_slow+0x53/0x70
[ 1962.145366][T31039]  path_lookupat+0x3f5/0x8c0
[ 1962.145405][T31039]  filename_lookup+0x212/0x570
[ 1962.145435][T31039]  ? __pfx_filename_lookup+0x10/0x10
[ 1962.145479][T31039]  ? trace_kmem_cache_alloc+0x1f/0xb0
[ 1962.145507][T31039]  ? kmem_cache_alloc_noprof+0x3ce/0x710
[ 1962.145544][T31039]  ? getname_kernel+0x146/0x2f0
[ 1962.145590][T31039]  ? getname_kernel+0x20e/0x2f0
[ 1962.145616][T31039]  kern_path+0x35/0x50
[ 1962.145642][T31039]  unix_find_other+0x183/0xad0
[ 1962.145670][T31039]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1962.145700][T31039]  ? __pfx_unix_find_other+0x10/0x10
[ 1962.145722][T31039]  ? skb_copy_datagram_from_iter+0x64b/0x720
[ 1962.145754][T31039]  ? tomoyo_check_unix_address+0x5d2/0x7b0
[ 1962.145790][T31039]  unix_dgram_sendmsg+0x755/0x1840
[ 1962.145815][T31039]  ? __pfx_tomoyo_check_unix_address+0x10/0x10
[ 1962.145866][T31039]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[ 1962.145900][T31039]  ? tomoyo_socket_sendmsg_permission+0x1da/0x300
[ 1962.145936][T31039]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1962.145954][T31039]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[ 1962.145977][T31039]  __sock_sendmsg+0x21c/0x270
[ 1962.146009][T31039]  ____sys_sendmsg+0x52d/0x820
[ 1962.146039][T31039]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1962.146067][T31039]  ? rcu_is_watching+0x15/0xb0
[ 1962.146090][T31039]  ? ___sys_sendmsg+0x22f/0x2a0
[ 1962.146120][T31039]  ___sys_sendmsg+0x21f/0x2a0
[ 1962.146147][T31039]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1962.146171][T31039]  ? kstrtoull+0x12f/0x1d0
[ 1962.146198][T31039]  ? kstrtouint+0x6e/0xe0
[ 1962.146275][T31039]  __sys_sendmmsg+0x28e/0x430
[ 1962.146310][T31039]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1962.146342][T31039]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1962.146397][T31039]  ? ksys_write+0x22a/0x250
[ 1962.146422][T31039]  ? __pfx_ksys_write+0x10/0x10
[ 1962.146450][T31039]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1962.146486][T31039]  __do_fast_syscall_32+0x1dc/0x570
[ 1962.146513][T31039]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1962.146544][T31039]  ? do_fast_syscall_32+0x34/0x80
[ 1962.146570][T31039]  ? irqentry_exit+0x10f/0x670
[ 1962.146599][T31039]  do_fast_syscall_32+0x34/0x80
[ 1962.146626][T31039]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1962.146654][T31039] RIP: 0023:0xf7fa5539
[ 1962.146673][T31039] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1962.146694][T31039] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1962.146717][T31039] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800001c0
[ 1962.146732][T31039] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 1962.146745][T31039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1962.146758][T31039] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1962.146772][T31039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1962.146805][T31039]  </TASK>
[ 1962.581533][   T44] [drm:udl_init] *ERROR* Selecting channel failed
[ 1962.711383][   T44] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 3
[ 1962.719813][T31046] FAULT_INJECTION: forcing a failure.
[ 1962.719813][T31046] name failslab, interval 1, probability 0, space 0, times 0
[ 1962.733394][T31046] CPU: 0 UID: 0 PID: 31046 Comm: syz.0.6687 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1962.733428][T31046] Tainted: [L]=SOFTLOCKUP
[ 1962.733436][T31046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1962.733450][T31046] Call Trace:
[ 1962.733459][T31046]  <TASK>
[ 1962.733468][T31046]  dump_stack_lvl+0xe8/0x150
[ 1962.733501][T31046]  should_fail_ex+0x414/0x560
[ 1962.733548][T31046]  should_failslab+0xa8/0x100
[ 1962.733594][T31046]  __kmalloc_cache_noprof+0x84/0x700
[ 1962.733624][T31046]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[ 1962.733659][T31046]  ? sctp_add_bind_addr+0x8c/0x370
[ 1962.733697][T31046]  sctp_add_bind_addr+0x8c/0x370
[ 1962.733743][T31046]  sctp_copy_local_addr_list+0x30b/0x4e0
[ 1962.733782][T31046]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[ 1962.733816][T31046]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1962.733852][T31046]  ? sctp_v6_is_any+0x64/0x80
[ 1962.733874][T31046]  ? sctp_copy_one_addr+0x93/0x360
[ 1962.733911][T31046]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1962.733945][T31046]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1962.733979][T31046]  sctp_connect_new_asoc+0x2e0/0x690
[ 1962.734008][T31046]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1962.734041][T31046]  ? __local_bh_enable_ip+0xd0/0x130
[ 1962.734063][T31046]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1962.734085][T31046]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1962.734114][T31046]  sctp_sendmsg+0x155c/0x2840
[ 1962.734150][T31046]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1962.734173][T31046]  ? aa_sk_perm+0x15f/0x920
[ 1962.734207][T31046]  ? aa_sk_perm+0x7ee/0x920
[ 1962.734239][T31046]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1962.734270][T31046]  ? sock_rps_record_flow+0x19/0x410
[ 1962.734304][T31046]  ? inet_sendmsg+0x2f4/0x370
[ 1962.734339][T31046]  __sock_sendmsg+0x19c/0x270
[ 1962.734378][T31046]  __sys_sendto+0x3bd/0x520
[ 1962.734405][T31046]  ? __pfx___sys_sendto+0x10/0x10
[ 1962.734429][T31046]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1962.734470][T31046]  ? __fget_files+0x3a0/0x420
[ 1962.734510][T31046]  ? ksys_write+0x22a/0x250
[ 1962.734534][T31046]  ? __pfx_ksys_write+0x10/0x10
[ 1962.734562][T31046]  __ia32_sys_sendto+0xdd/0x100
[ 1962.734592][T31046]  __do_fast_syscall_32+0x1dc/0x570
[ 1962.734619][T31046]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1962.734642][T31046]  ? do_fast_syscall_32+0x34/0x80
[ 1962.734668][T31046]  ? irqentry_exit+0x10f/0x670
[ 1962.734698][T31046]  do_fast_syscall_32+0x34/0x80
[ 1962.734742][T31046]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1962.734779][T31046] RIP: 0023:0xf7fa7539
[ 1962.734796][T31046] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1962.734813][T31046] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1962.734834][T31046] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1962.734846][T31046] RDX: 0000000000000001 RSI: 000000000400c0d4 RDI: 0000000080000140
[ 1962.734858][T31046] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[ 1962.734869][T31046] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1962.734881][T31046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1962.734909][T31046]  </TASK>
[ 1962.743118][   T44] [drm] Initialized udl on minor 3
[ 1963.191914][   T44] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1963.202064][   T44] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1963.212155][T18815] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1963.227124][   T44] usb 2-1: USB disconnect, device number 76
[ 1963.253351][T18815] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1963.344830][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1963.361387][T11213] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1963.978351][ T7462] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1963.978893][ T5850] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[ 1964.187608][ T5850] usb 5-1: device descriptor read/64, error -71
[ 1964.439149][ T5850] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[ 1964.517442][T31068] FAULT_INJECTION: forcing a failure.
[ 1964.517442][T31068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1964.580225][ T5850] usb 5-1: device descriptor read/64, error -71
[ 1964.603052][T11211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1964.658899][T31068] CPU: 1 UID: 0 PID: 31068 Comm: syz.3.6692 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1964.658932][T31068] Tainted: [L]=SOFTLOCKUP
[ 1964.658939][T31068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1964.658953][T31068] Call Trace:
[ 1964.658962][T31068]  <TASK>
[ 1964.658971][T31068]  dump_stack_lvl+0xe8/0x150
[ 1964.659002][T31068]  should_fail_ex+0x414/0x560
[ 1964.659038][T31068]  _copy_from_user+0x2d/0xb0
[ 1964.659065][T31068]  compat_restore_altstack+0xdc/0x220
[ 1964.659093][T31068]  ? __pfx_compat_restore_altstack+0x10/0x10
[ 1964.659136][T31068]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1964.659160][T31068]  __ia32_compat_sys_rt_sigreturn+0x1c3/0x260
[ 1964.659186][T31068]  ? __pfx___ia32_compat_sys_rt_sigreturn+0x10/0x10
[ 1964.659212][T31068]  ? asm_int80_emulation+0x1a/0x20
[ 1964.659234][T31068]  ? asm_int80_emulation+0x1a/0x20
[ 1964.659254][T31068]  do_int80_emulation+0x11b/0x420
[ 1964.659280][T31068]  ? clear_bhb_loop+0x60/0xb0
[ 1964.659307][T31068]  ? clear_bhb_loop+0x60/0xb0
[ 1964.659332][T31068]  asm_int80_emulation+0x1a/0x20
[ 1964.659355][T31068] RIP: 0023:0xf707d537
[ 1964.659368][T31068] Code: 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1964.659381][T31068] RSP: 002b:00000000f546d55c EFLAGS: 00000206
[ 1964.659394][T31068] RAX: 0000000000000151 RBX: 0000000000000003 RCX: 00000000800000c0
[ 1964.659404][T31068] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[ 1964.659413][T31068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1964.659422][T31068] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1964.659431][T31068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1964.659450][T31068]  </TASK>
[ 1964.690894][ T5850] usb usb5-port1: attempt power cycle
[ 1965.346090][ T5850] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[ 1965.414977][ T5850] usb 5-1: device descriptor read/8, error -71
[ 1965.545512][T31052] syz.0.6688 (31052): drop_caches: 2
[ 1965.598626][T29144] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1965.668568][ T5850] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[ 1965.702189][ T5850] usb 5-1: device descriptor read/8, error -71
[ 1965.758476][T29144] usb 4-1: Using ep0 maxpacket: 32
[ 1965.818388][ T5850] usb usb5-port1: unable to enumerate USB device
[ 1966.327136][T31102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6702'.
[ 1966.340768][T31102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6702'.
[ 1966.566606][T31105] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6703'.
[ 1966.619807][T31105] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6703'.
[ 1966.633715][T31105] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1966.754607][T31107] loop8: detected capacity change from 0 to 8
[ 1966.806729][ T6003] Dev loop8: unable to read RDB block 8
[ 1966.813315][ T6003]  loop8: unable to read partition table
[ 1966.821438][ T6003] loop8: partition table beyond EOD, truncated
[ 1966.834812][T31107] Dev loop8: unable to read RDB block 8
[ 1966.863433][T31107]  loop8: unable to read partition table
[ 1966.887294][T31107] loop8: partition table beyond EOD, truncated
[ 1966.901024][T27337] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[ 1966.911804][T31107] loop_reread_partitions: partition scan of loop8 (þ被xü^6Ñ9%ƒä ) failed (rc=-5)
[ 1967.092730][T27337] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1967.106549][T27337] usb 3-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice= 0.00
[ 1967.125187][T27337] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1967.166087][T27337] usb 3-1: config 0 descriptor??
[ 1967.178781][T31105] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1967.434665][   T30] audit: type=1326 audit(1768847130.771:10598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1967.468075][   T30] audit: type=1326 audit(1768847130.771:10599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1967.734022][   T30] audit: type=1326 audit(1768847130.771:10600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1967.805139][   T30] audit: type=1326 audit(1768847130.771:10601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1967.846216][   T30] audit: type=1326 audit(1768847130.771:10602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1967.947038][   T30] audit: type=1326 audit(1768847130.771:10603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1968.036252][   T30] audit: type=1326 audit(1768847130.771:10604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1968.143834][   T30] audit: type=1326 audit(1768847130.771:10605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1968.190553][T29144] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1968.209428][T29144] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1968.246352][   T30] audit: type=1326 audit(1768847130.771:10606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1968.252651][T29144] usb 4-1: can't read configurations, error -71
[ 1968.333120][   T30] audit: type=1326 audit(1768847130.771:10607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31111 comm="syz.4.6706" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1969.080703][ T3473] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1969.089190][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1969.711390][T18815] usb 3-1: USB disconnect, device number 18
[ 1969.718103][    C0] syzkaller0: tun_net_xmit 48
[ 1969.724760][T29170] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1969.950492][T31143] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.6713'.
[ 1970.298627][T29144] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[ 1970.359273][T29170] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1970.448468][T29144] usb 5-1: Using ep0 maxpacket: 32
[ 1970.456754][T29144] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1970.472687][T29144] usb 5-1: config 0 has no interface number 0
[ 1970.489892][T29144] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1970.515250][T29144] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1970.548588][T29144] usb 5-1: Product: syz
[ 1970.554019][T29144] usb 5-1: Manufacturer: syz
[ 1970.576478][T29144] usb 5-1: SerialNumber: syz
[ 1970.603190][T29144] usb 5-1: config 0 descriptor??
[ 1970.634371][T29144] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1970.664508][T29144] usb 5-1: selecting invalid altsetting 1
[ 1970.690947][T29144] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1970.736408][T29144] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1970.772667][T29144] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1970.803402][T29144] usb 5-1: media controller created
[ 1970.864815][T29144] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1970.991243][T29144] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[ 1971.011979][T29144] zl10353_read_register: readreg error (reg=127, ret==-71)
[ 1971.033798][T29144] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 1971.222975][T29144] usb 5-1: USB disconnect, device number 126
[ 1971.955791][T31160] usb usb8: usbfs: process 31160 (syz.4.6717) did not claim interface 2 before use
[ 1972.024482][T31163] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6718'.
[ 1972.160316][T31163] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6718'.
[ 1973.117138][T31163] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1973.130161][T31163] bond1: (slave bond0): making interface the new active one
[ 1973.140525][T31163] bond1: (slave bond0): Enslaving as an active interface with an up link
[ 1973.344974][   T30] kauditd_printk_skb: 41 callbacks suppressed
[ 1973.344993][   T30] audit: type=1326 audit(1768847136.711:10649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31165 comm="syz.4.6719" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x0
[ 1973.684452][T31178] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[ 1973.691055][T31178] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1973.756859][T31178] vhci_hcd vhci_hcd.0: Device attached
[ 1973.763173][T31184] netlink: 'syz.2.6716': attribute type 1 has an invalid length.
[ 1973.874631][T31184] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1974.021373][T29144] usb 37-1: new low-speed USB device number 6 using vhci_hcd
[ 1974.181147][T31171] x_tables: duplicate underflow at hook 3
[ 1974.222509][T11209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1974.266715][T31179] vhci_hcd: connection reset by peer
[ 1974.272952][T25513] vhci_hcd vhci_hcd.2: stop threads
[ 1974.285790][T25513] vhci_hcd vhci_hcd.2: release socket
[ 1974.292347][T25513] vhci_hcd vhci_hcd.2: disconnect device
[ 1974.849254][T28808] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1975.075139][T31202] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6726'.
[ 1975.117265][   T30] audit: type=1326 audit(1768847138.451:10650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1975.480993][ T1999] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1975.493670][T31195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1975.555562][   T30] audit: type=1326 audit(1768847138.451:10651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1975.728734][   T30] audit: type=1326 audit(1768847138.451:10652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1975.844898][   T30] audit: type=1326 audit(1768847138.451:10653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1975.907454][   T30] audit: type=1326 audit(1768847138.451:10654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1975.951669][   T30] audit: type=1326 audit(1768847138.451:10655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1975.975079][   T30] audit: type=1326 audit(1768847138.451:10656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1976.014562][T31169] netlink: 'syz.3.6720': attribute type 1 has an invalid length.
[ 1976.053510][T31169] netlink: 'syz.3.6720': attribute type 2 has an invalid length.
[ 1976.087949][T31169] netlink: 'syz.3.6720': attribute type 1 has an invalid length.
[ 1976.161616][   T30] audit: type=1326 audit(1768847138.451:10657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1976.282404][T31215] usb usb8: usbfs: process 31215 (syz.0.6729) did not claim interface 2 before use
[ 1976.371668][   T30] audit: type=1326 audit(1768847138.451:10658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31198 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fa5539 code=0x7ffc0000
[ 1976.398709][T17346] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1976.491964][T31217] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized
[ 1976.612766][T17346] usb 4-1: Using ep0 maxpacket: 32
[ 1976.642818][T17346] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1976.655525][T31217] ------------[ cut here ]------------
[ 1976.662873][T31217] WARNING: drivers/net/netdevsim/fib.c:831 at nsim_fib_event_nb+0xed8/0x1080, CPU#0: syz.2.6730/31217
[ 1976.675506][T31217] Modules linked in:
[ 1976.681358][T31217] CPU: 0 UID: 0 PID: 31217 Comm: syz.2.6730 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1976.693124][T31217] Tainted: [L]=SOFTLOCKUP
[ 1976.698672][T31217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1976.709755][T31217] RIP: 0010:nsim_fib_event_nb+0xed8/0x1080
[ 1976.715623][T31217] Code: fa be 02 00 00 00 eb 0a e8 95 6f d7 fa be 01 00 00 00 4c 89 f7 e8 88 92 a4 fd 4c 8b 64 24 08 e9 91 f4 ff ff e8 79 6f d7 fa 90 <0f> 0b 90 e9 70 fb ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 35
[ 1976.736613][T31217] RSP: 0018:ffffc90004ce6fe8 EFLAGS: 00010283
[ 1976.743529][T31217] RAX: ffffffff86e99e07 RBX: 0000000000000001 RCX: 0000000000080000
[ 1976.752395][T31217] RDX: ffffc90010f3a000 RSI: 00000000000005ca RDI: 00000000000005cb
[ 1976.761516][T31217] RBP: dffffc0000000000 R08: ffff88803047a42f R09: 1ffff1100608f485
[ 1976.771592][T31217] R10: dffffc0000000000 R11: ffffed100608f486 R12: ffff88803f361000
[ 1976.781586][T31217] R13: ffffc90004ce7160 R14: 0000000000000000 R15: ffffc90004ce7178
[ 1976.790319][T31217] FS:  0000000000000000(0000) GS:ffff888125e1b000(0063) knlGS:00000000f54cdb40
[ 1976.800020][T31217] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1976.806639][T31217] CR2: 000000008017e018 CR3: 0000000084436000 CR4: 00000000003526f0
[ 1976.815512][T31217] Call Trace:
[ 1976.819485][T31217]  <TASK>
[ 1976.822452][T31217]  notifier_call_chain+0x19d/0x3a0
[ 1976.827642][T31217]  ? atomic_notifier_call_chain+0x26/0x180
[ 1976.834010][T31217]  atomic_notifier_call_chain+0xda/0x180
[ 1976.839737][T31217]  call_fib_notifiers+0x31/0x60
[ 1976.844634][T31217]  call_fib6_multipath_entry_notifiers+0xe6/0x150
[ 1976.851221][T31217]  ? inet6_rtm_newroute+0xe8b/0x18c0
[ 1976.856565][T31217]  ? __pfx_call_fib6_multipath_entry_notifiers+0x10/0x10
[ 1976.864400][T31217]  ? inet6_rtm_newroute+0xe8b/0x18c0
[ 1976.872356][T31217]  inet6_rtm_newroute+0x12f5/0x18c0
[ 1976.877637][T31217]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1976.885223][T31217]  ? __dev_queue_xmit+0x280/0x3100
[ 1976.891102][T31217]  ? preempt_schedule_thunk+0x16/0x30
[ 1976.896554][T31217]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1976.902839][T31217]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1976.908513][T31217]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1976.913667][T31217]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1976.919814][T31217]  ? ref_tracker_free+0x63a/0x7d0
[ 1976.924882][T31217]  ? __asan_memcpy+0x40/0x70
[ 1976.930209][T31217]  netlink_rcv_skb+0x208/0x470
[ 1976.935028][T31217]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1976.941168][T31217]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1976.946522][T31217]  netlink_unicast+0x82f/0x9e0
[ 1976.951969][T31217]  ? __pfx_netlink_unicast+0x10/0x10
[ 1976.957329][T31217]  ? __alloc_skb+0x198/0x3a0
[ 1976.962619][T31217]  ? netlink_sendmsg+0x642/0xb30
[ 1976.967606][T31217]  ? skb_put+0x11b/0x210
[ 1976.973837][T31217]  netlink_sendmsg+0x805/0xb30
[ 1976.980416][T31217]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1976.985758][T31217]  ? __import_iovec+0x5d4/0x7f0
[ 1976.991242][T31217]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1976.996222][T31217]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1977.002349][T31217]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1977.007695][T31217]  __sock_sendmsg+0x21c/0x270
[ 1977.013131][T31217]  ____sys_sendmsg+0x505/0x820
[ 1977.018650][T31217]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1977.023989][T31217]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1977.029964][T31217]  ___sys_sendmsg+0x21f/0x2a0
[ 1977.034671][T31217]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1977.040498][T31217]  ? futex_wait+0x285/0x360
[ 1977.045080][T31217]  ? __fget_files+0x2a/0x420
[ 1977.050323][T31217]  ? __fget_files+0x3a0/0x420
[ 1977.055044][T31217]  __sys_sendmsg+0x164/0x220
[ 1977.060392][T31217]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1977.065550][T31217]  ? rcu_is_watching+0x15/0xb0
[ 1977.072345][T31217]  __do_fast_syscall_32+0x1dc/0x570
[ 1977.077598][T31217]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1977.084892][T31217]  ? do_fast_syscall_32+0x34/0x80
[ 1977.090925][T31217]  ? irqentry_exit+0x10f/0x670
[ 1977.095744][T31217]  do_fast_syscall_32+0x34/0x80
[ 1977.101431][T31217]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1977.108492][T31217] RIP: 0023:0xf70dd539
[ 1977.112596][T31217] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1977.132876][T31217] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1977.141965][T31217] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[ 1977.150514][T31217] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1977.158595][T31217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1977.166600][T31217] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1977.176184][T31217] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1977.186055][T31217]  </TASK>
[ 1977.189766][T31217] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1977.197076][T31217] CPU: 0 UID: 0 PID: 31217 Comm: syz.2.6730 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1977.208055][T31217] Tainted: [L]=SOFTLOCKUP
[ 1977.212413][T31217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1977.222483][T31217] Call Trace:
[ 1977.225807][T31217]  <TASK>
[ 1977.228758][T31217]  vpanic+0x1e0/0x670
[ 1977.232792][T31217]  panic+0xb9/0xc0
[ 1977.236550][T31217]  ? __pfx_panic+0x10/0x10
[ 1977.241021][T31217]  __warn+0x317/0x4b0
[ 1977.245027][T31217]  ? nsim_fib_event_nb+0xed8/0x1080
[ 1977.250304][T31217]  ? nsim_fib_event_nb+0xed8/0x1080
[ 1977.255540][T31217]  __report_bug+0x288/0x500
[ 1977.260073][T31217]  ? inet6_rtm_newroute+0x12f5/0x18c0
[ 1977.265476][T31217]  ? rtnetlink_rcv_msg+0x7cf/0xb70
[ 1977.270612][T31217]  ? netlink_rcv_skb+0x208/0x470
[ 1977.275582][T31217]  ? nsim_fib_event_nb+0xed8/0x1080
[ 1977.280823][T31217]  ? __pfx___report_bug+0x10/0x10
[ 1977.285891][T31217]  ? nsim_fib_event_nb+0xed8/0x1080
[ 1977.291141][T31217]  report_bug+0x16a/0x220
[ 1977.295506][T31217]  ? nsim_fib_event_nb+0xed8/0x1080
[ 1977.300774][T31217]  ? nsim_fib_event_nb+0xeda/0x1080
[ 1977.306023][T31217]  handle_bug+0x98/0x200
[ 1977.310315][T31217]  exc_invalid_op+0x1a/0x50
[ 1977.314847][T31217]  asm_exc_invalid_op+0x1a/0x20
[ 1977.319727][T31217] RIP: 0010:nsim_fib_event_nb+0xed8/0x1080
[ 1977.325596][T31217] Code: fa be 02 00 00 00 eb 0a e8 95 6f d7 fa be 01 00 00 00 4c 89 f7 e8 88 92 a4 fd 4c 8b 64 24 08 e9 91 f4 ff ff e8 79 6f d7 fa 90 <0f> 0b 90 e9 70 fb ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 35
[ 1977.345226][T31217] RSP: 0018:ffffc90004ce6fe8 EFLAGS: 00010283
[ 1977.351336][T31217] RAX: ffffffff86e99e07 RBX: 0000000000000001 RCX: 0000000000080000
[ 1977.359341][T31217] RDX: ffffc90010f3a000 RSI: 00000000000005ca RDI: 00000000000005cb
[ 1977.367354][T31217] RBP: dffffc0000000000 R08: ffff88803047a42f R09: 1ffff1100608f485
[ 1977.375349][T31217] R10: dffffc0000000000 R11: ffffed100608f486 R12: ffff88803f361000
[ 1977.383358][T31217] R13: ffffc90004ce7160 R14: 0000000000000000 R15: ffffc90004ce7178
[ 1977.391390][T31217]  ? nsim_fib_event_nb+0xed7/0x1080
[ 1977.396651][T31217]  ? nsim_fib_event_nb+0xed7/0x1080
[ 1977.401896][T31217]  notifier_call_chain+0x19d/0x3a0
[ 1977.407061][T31217]  ? atomic_notifier_call_chain+0x26/0x180
[ 1977.412910][T31217]  atomic_notifier_call_chain+0xda/0x180
[ 1977.418578][T31217]  call_fib_notifiers+0x31/0x60
[ 1977.423471][T31217]  call_fib6_multipath_entry_notifiers+0xe6/0x150
[ 1977.429907][T31217]  ? inet6_rtm_newroute+0xe8b/0x18c0
[ 1977.435228][T31217]  ? __pfx_call_fib6_multipath_entry_notifiers+0x10/0x10
[ 1977.442297][T31217]  ? inet6_rtm_newroute+0xe8b/0x18c0
[ 1977.447619][T31217]  inet6_rtm_newroute+0x12f5/0x18c0
[ 1977.452861][T31217]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1977.458477][T31217]  ? __dev_queue_xmit+0x280/0x3100
[ 1977.463626][T31217]  ? preempt_schedule_thunk+0x16/0x30
[ 1977.469058][T31217]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1977.474708][T31217]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1977.479686][T31217]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1977.484830][T31217]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1977.490329][T31217]  ? ref_tracker_free+0x63a/0x7d0
[ 1977.495392][T31217]  ? __asan_memcpy+0x40/0x70
[ 1977.500019][T31217]  netlink_rcv_skb+0x208/0x470
[ 1977.504816][T31217]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1977.510314][T31217]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1977.515646][T31217]  netlink_unicast+0x82f/0x9e0
[ 1977.520453][T31217]  ? __pfx_netlink_unicast+0x10/0x10
[ 1977.525774][T31217]  ? __alloc_skb+0x198/0x3a0
[ 1977.530393][T31217]  ? netlink_sendmsg+0x642/0xb30
[ 1977.535389][T31217]  ? skb_put+0x11b/0x210
[ 1977.539687][T31217]  netlink_sendmsg+0x805/0xb30
[ 1977.544493][T31217]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1977.549848][T31217]  ? __import_iovec+0x5d4/0x7f0
[ 1977.554734][T31217]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1977.559712][T31217]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1977.565025][T31217]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1977.570340][T31217]  __sock_sendmsg+0x21c/0x270
[ 1977.575064][T31217]  ____sys_sendmsg+0x505/0x820
[ 1977.579856][T31217]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1977.585195][T31217]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1977.590529][T31217]  ___sys_sendmsg+0x21f/0x2a0
[ 1977.595251][T31217]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1977.600497][T31217]  ? futex_wait+0x285/0x360
[ 1977.605052][T31217]  ? __fget_files+0x2a/0x420
[ 1977.609661][T31217]  ? __fget_files+0x3a0/0x420
[ 1977.614378][T31217]  __sys_sendmsg+0x164/0x220
[ 1977.618990][T31217]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1977.624154][T31217]  ? rcu_is_watching+0x15/0xb0
[ 1977.628947][T31217]  __do_fast_syscall_32+0x1dc/0x570
[ 1977.634224][T31217]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1977.639451][T31217]  ? do_fast_syscall_32+0x34/0x80
[ 1977.644513][T31217]  ? irqentry_exit+0x10f/0x670
[ 1977.649310][T31217]  do_fast_syscall_32+0x34/0x80
[ 1977.654193][T31217]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1977.660630][T31217] RIP: 0023:0xf70dd539
[ 1977.664725][T31217] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1977.684378][T31217] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1977.692821][T31217] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[ 1977.700808][T31217] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1977.708804][T31217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1977.716798][T31217] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1977.724812][T31217] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1977.732822][T31217]  </TASK>
[ 1977.736470][T31217] Kernel Offset: disabled
[ 1977.740806][T31217] Rebooting in 86400 seconds..