last executing test programs:

11.035286458s ago: executing program 1 (id=1574):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB, @ANYRES32, @ANYBLOB="0c009900de61895c6b00000004005f0004005f0006003600000000000a00340002020203"], 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x4)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x480, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_route={{0xa}, {0x450, 0x2, [@TCA_ROUTE4_POLICE={0x44c, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x100, 0xa, 0xa83f, 0xd, 0xc, 0x104, 0x6, 0x9, 0x6, 0x100, 0x3ff, 0xa, 0x1, 0x2, 0xe, 0xfffffff9, 0x3, 0x2, 0x2, 0x1, 0x2, 0x1, 0x8, 0x101, 0xfffffff7, 0x3, 0x7cb, 0x8020000, 0x7ff, 0x2, 0x7, 0x6, 0x3, 0xff, 0x7fff, 0x5, 0x0, 0xd, 0x6, 0x9, 0x6, 0x7, 0xbb1, 0xb, 0xffffffff, 0x6, 0xded4, 0x5, 0xff, 0xc2f9, 0x6, 0x6, 0x2, 0x8000, 0x40, 0x1, 0x1, 0xffffffff, 0xfffffffa, 0x2, 0x0, 0x3, 0x5, 0x7, 0x5, 0x8, 0x7, 0x80010000, 0xc, 0x220, 0x7fffffff, 0x5, 0x8, 0x2, 0x3ff, 0xd, 0x6, 0x5, 0x8001, 0x3, 0x400, 0x6, 0x4, 0x59e, 0x3, 0x4, 0x7, 0x9, 0x88000, 0x80000000, 0x101, 0x3, 0xe, 0x7bc, 0x8, 0x3, 0x2, 0x3, 0x6, 0x10000, 0x7, 0x5, 0x8001, 0x5, 0x3, 0x7fffffff, 0x4, 0xa6f8, 0x9, 0x7fff, 0x0, 0xfffffffa, 0xccf, 0x6, 0x779, 0xad, 0x2, 0x78d1b59d, 0x255e, 0x9, 0x4, 0x9, 0x6, 0x400, 0x7f, 0x8, 0x7, 0x200, 0x22ba, 0x9, 0x80000001, 0xff, 0x8, 0x1, 0x5, 0x6, 0x1, 0x415, 0x4, 0x401, 0x1c000000, 0x1, 0xba6f, 0xf, 0x5, 0xb1f5, 0xcc8f, 0x4, 0x8, 0x100, 0x7, 0x3, 0xfff, 0x7, 0x1, 0x8, 0xffffffff, 0x5, 0x7, 0xa, 0x8, 0x0, 0x8, 0x6, 0xfffffff7, 0x2, 0x3, 0x1, 0x0, 0x5, 0x7ff, 0x800, 0xfffffff7, 0x4, 0x1, 0xffff7fff, 0x3, 0x2, 0x3, 0xffffff39, 0x8, 0x0, 0x0, 0x1, 0x7, 0xed97, 0x1, 0x101, 0x9, 0x1, 0x4, 0x2, 0x5, 0xfff, 0x6, 0x9, 0x3, 0x6e0, 0x0, 0x10000, 0x470f, 0x2, 0x9, 0x979, 0x0, 0xffffff39, 0x2, 0x4, 0x7, 0x5, 0x7fffffff, 0x9, 0x8, 0x0, 0x80000001, 0x4, 0x80, 0x1, 0x5, 0x2, 0x1c, 0x800, 0x5, 0x81, 0x8, 0x0, 0x4, 0xc, 0x7, 0x7fffffff, 0x1, 0x2, 0x1000, 0x7, 0x8, 0x43, 0x8b5569d, 0x1d, 0x0, 0x9, 0xd, 0x4, 0x3, 0x5, 0x80000001, 0x7, 0x1, 0x8, 0x80000001, 0x9, 0xcf0, 0x9, 0x8, 0x2, 0x7, 0x6]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xcf5}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x20000006, 0x6, 0x0, 0x3b0, {0x7, 0x0, 0x2, 0xe, 0x9, 0x80}, {0x9, 0x2, 0x8, 0x43, 0x3}, 0x9, 0xbc, 0xffffffff}}]}]}}]}, 0x480}}, 0x0)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x8, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, 0x0)
close(r7)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x40041)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r6], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xb53}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r8, 0x0, 0x0}, 0x10)

10.743903235s ago: executing program 3 (id=1575):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x20040084) (fail_nth: 10)

9.751292572s ago: executing program 3 (id=1577):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r2, 0x1, 0x53, &(0x7f0000000340)={0x8, 0x7, 0x0, 'syz1\x00'}, &(0x7f0000000380)=0x2c)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0x0, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r2, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@loopback, @in=@multicast2, 0x0, 0xfff7, 0x1, 0x0, 0xa, 0x80, 0x0, 0x8, 0x0, 0xffffffffffffffff}, {0x0, 0x20000, 0x400200000, 0x2000000000000800, 0x200000000, 0x7fffffffffffffff, 0x7, 0xffffffff}, {0x0, 0x0, 0x1}, 0x0, 0x6e6bb6, 0x0, 0x0, 0x0, 0x2}, {{@in=@local, 0xffffffff, 0x62}, 0x0, @in6=@mcast2, 0x3507, 0x5, 0x3, 0x1, 0xfffffffe, 0x4000000, 0xfffffff7}}, 0xe4)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8d})
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000bc0)={"c718ae3ddd25e4c2826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535ef976e79da1b52de6403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fce30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac353b21fe733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f7b7ca71135dc32804a80380a6e20e0ae03be775e472cd31d6a31e615937c38e746a5cf6c9d8194242990dd497a2c52af50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2aa0b90cdc409541aa85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df0ba31cb793675276162de2fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e746d860238b3b113ab1eef51e1507f8832d5d69528083d44548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06082ad7a3ab0dfbe208630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a293635dfc6d25ecc770ba72792fd3c6851d951b770d0f9edafb1cb4241350d85b04ed737a9bfd7e8301c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472787621147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022522ec76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600"})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r10, {0x0, 0x3}, {}, {0xfff3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x5c, 0x2, [@TCA_MATCHALL_ACT={0x58, 0x2, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xd, 0xd0ea, 0x10000000, 0x3, 0x4}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x10001}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x50}, 0x0)

8.529284155s ago: executing program 4 (id=1580):
r0 = mmap$KVM_VCPU(&(0x7f0000000000/0x14000)=nil, 0x930, 0x3000003, 0x28031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, 0xffffffffffffffff, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r1) (async)
r2 = dup(r1)
mmap(&(0x7f0000248000/0x1000)=nil, 0x1000, 0xb, 0x13, r2, 0x2000)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)

8.303725565s ago: executing program 3 (id=1581):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100feffffff000000001400000018000180140002006e657464657673696d3000000000000005001900010000000800100004090000080011"], 0x44}}, 0x44000)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$IOCTL_GET_NUM_DEVICES(r3, 0x40046104, &(0x7f0000000000))
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r6 = socket$inet(0x2, 0x2, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r7 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000009c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=@newtaction={0x7c, 0x1e, 0x109, 0x100, 0x25dfdbff, {}, [{0x68, 0x1, [@m_vlan={0x34, 0xc, 0x0, 0x0, {{0x9}, {0x4}, {0x6, 0x6, "6b05"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ctinfo={0x30, 0x14, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x7c}, 0x1, 0x2b1e, 0x0, 0x10}, 0x24040010)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000004000000000000000008000000", @ANYRES32, @ANYBLOB="dbf365592c02db5b930e161dcc1d3b4795b87ad403212ee08997ccebf36c7dd9717747168fd4db407146a8b7817cb26e532352e1695b27400a158cc1596621184dab535ede1dbcb054a51aeb6632cce01d81bae04fb0c66d4f3b8a49218c6367c675b92ae5489ebf13be787daeee28c1ebd2a2029b4b3eb473bbc743aa09aa68b6197d162bb54f4564c20b6cbfd42f2208c9d4c840664793198dbc45"], 0x18}], 0x1, 0x0, 0x0, 0x20000000}, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
r10 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
r11 = add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa957254", 0x49, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000400)={r10, r11, r10}, &(0x7f0000000440)=""/183, 0xb7, &(0x7f00000003c0)={&(0x7f0000000340)={'sha224-generic\x00'}, &(0x7f0000000380)})
read$FUSE(r9, &(0x7f0000004280)={0x2020}, 0x2034)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r4, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r12 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r12, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan0\x00'})

8.251574634s ago: executing program 0 (id=1582):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000640)=ANY=[@ANYBLOB="ff02040100000000000000000000d36eb15aa6bafea407396c94e77f568b7658bc00652be29980969e2beec9dd462cce7d9d4513884e5c3121e45f8bf422a51ec95d811fa24b96099d1f2d763dc6196f79b97d133494fbef9610b5d76f883c67ed515b035adbb28988b4c3580cc53bc1a48c583378c94246ee00000000000000000000fef7436c34ccf9657df07b8af5d62ce07b5ae5d0fe218e99724e13de41da25ae2248b89efd4fc0f07fe17104c81dedb433cc6b42b351c44cfb9037f97517111f0c08821504da0df28a8c9a42047bdc2b4094c3dc9bb9b0284de3688d94e244b2a4ab8eca3af7ba438cf508e308e994d0f4d6c9e17663f3b5b5d73a1016f5dd5085af0eb0a977e99ab02e0179f92bede8b1a69b8da49017b9fe76bcc3533dd03cabefa6b85adf425d2a54a1cc646e56d798246768712c4c5656"], 0x18)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xa1a)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r4, 0xc008551b, &(0x7f0000000000)=ANY=[@ANYBLOB="050076cb08ecffff7effffff0101c000"])
pipe(&(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="310329bd7000ffffffff0900000008000300", @ANYRES32=r7, @ANYBLOB="080006000209"], 0x24}}, 0x4000)
fcntl$setstatus(r0, 0x4, 0x42800)
fanotify_init(0x200, 0x0)
keyctl$read(0xb, 0x0, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
unshare(0x68040200)
syz_usb_connect$uac1(0x6, 0x71, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r8=>0x0, <r9=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xe, 0x3, 0x5, 0x0, 0xd79, 0x9, 0x6, 0x7}, &(0x7f0000000100)={0xd7c, 0xf, 0x7fff, 0x2, 0x4, 0x1, 0x1000, 0x1ff}, &(0x7f0000000140)={0x2, 0x3, 0x9, 0x2770, 0x2d2d, 0x4, 0xffff, 0x67b6}, &(0x7f00000002c0)={r8, r9+10000000}, &(0x7f0000000340)={&(0x7f0000000300)={[0x10, 0x7]}, 0x8})

8.195699117s ago: executing program 4 (id=1583):
syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, 0x0, 0x0)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r2, 0x0], 0x2})
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0}}, 0x0)
syz_usb_connect(0x0, 0x259, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000e9db5c10e10609070402010203010902470201100040000904"], 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x40, 0x0, 0x7, 0x101, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x5}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x280}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, &(0x7f00008feff0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020d0000100000002f3144e8edffffff03000600ff18000002004909000100000000000000001e0e080012000200010000d200000000000030006c540203009f7eae02000000adb20200000000f52c000000cdff00000001020014bb000001000000002300001300030005000020000002"], 0x80}}, 0x0)
r3 = socket$pptp(0x18, 0x1, 0x2)
ioctl$BTRFS_IOC_FS_INFO(r3, 0x8400941f, &(0x7f0000000380))
r4 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r4, &(0x7f00000000c0), 0x2c8, 0x0)

7.332992656s ago: executing program 1 (id=1584):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x161141)
write$rfkill(0xffffffffffffffff, 0x0, 0x0)
r1 = dup(r0)
io_setup(0x81, 0x0)
io_submit(0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
write$eventfd(r1, 0x0, 0x0)

7.080645411s ago: executing program 3 (id=1585):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000640)=ANY=[@ANYBLOB="ff02040100000000000000000000d36eb15aa6bafea407396c94e77f568b7658bc00652be29980969e2beec9dd462cce7d9d4513884e5c3121e45f8bf422a51ec95d811fa24b96099d1f2d763dc6196f79b97d133494fbef9610b5d76f883c67ed515b035adbb28988b4c3580cc53bc1a48c583378c94246ee00000000000000000000fef7436c34ccf9657df07b8af5d62ce07b5ae5d0fe218e99724e13de41da25ae2248b89efd4fc0f07fe17104c81dedb433cc6b42b351c44cfb9037f97517111f0c08821504da0df28a8c9a42047bdc2b4094c3dc9bb9b0284de3688d94e244b2a4ab8eca3af7ba438cf508e308e994d0f4d6c9e17663f3b5b5d73a1016f5dd5085af0eb0a977e99ab02e0179f92bede8b1a69b8da49017b9fe76bcc3533dd03cabefa6b85adf425d2a54a1cc646e56d798246768712c4c5656"], 0x18)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xa1a)
sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r4, 0xc008551b, &(0x7f0000000000)=ANY=[@ANYBLOB="050076cb08ecffff7effffff0101c000"])
pipe(&(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="310329bd7000ffffffff0900000008000300", @ANYRES32=r7, @ANYBLOB="080006000209"], 0x24}}, 0x4000)
syz_emit_ethernet(0x6a, &(0x7f00000003c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60828bf700343a00fc020000000000000000000000000000ff020000000000000000000000000001020090780000000060fd906300002b00fc010000000000000000000000000000200100000000000000000000000000001e520b4cc4c20ee92ed16adc80e541302573ef2b209b0ff78afda767b5c907acf98cb563a98bf00e01ec1125a0d4c75bd6ec6470cc273f40867585bfd8f612de97eedcb72a2cf37ec429f6c6e0e835df5fc69948fbda7fae51a7e502603b1b6d3a04d04e0018bb26ddcd84ac1a2dfeaa1d9a0f15669358e5f12280502e616d4295b9e2a1eded57377f33e4a5be64b10e03ea3c1131bbbfacb76d29f92b0b6e97a11f6f43c4d5f8a05a21cb25b1c2b988e4c6cb6b0594f66ae89373914602"], 0x0)
fcntl$setstatus(r0, 0x4, 0x42800)
fanotify_init(0x200, 0x0)
r8 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0), 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r8, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
unshare(0x68040200)
syz_usb_connect$uac1(0x6, 0x71, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r9=>0x0, <r10=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xe, 0x3, 0x5, 0x0, 0xd79, 0x9, 0x6, 0x7}, &(0x7f0000000100)={0xd7c, 0xf, 0x7fff, 0x2, 0x4, 0x1, 0x1000, 0x1ff}, &(0x7f0000000140)={0x2, 0x3, 0x9, 0x2770, 0x2d2d, 0x4, 0xffff, 0x67b6}, &(0x7f00000002c0)={r9, r10+10000000}, &(0x7f0000000340)={&(0x7f0000000300)={[0x10, 0x7]}, 0x8})

6.761181561s ago: executing program 2 (id=1587):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1b8, 0x19, 0x1, 0x0, 0x0, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0xa, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x20, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x104, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@empty}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3}, {{@in6=@mcast2, 0x0, 0xff}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}]}, 0x1b8}}, 0x0) (fail_nth: 1)

5.994245612s ago: executing program 2 (id=1588):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x80})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, 0x0)
syz_clone3(&(0x7f0000000340)={0x8000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x5, 0x10000)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000200))
r6 = openat$6lowpan_enable(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_enable(r6, &(0x7f0000000080)='0', 0x1)
socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="290000001600190f00f43fff0800da060200000000e80003dd08000401000000000000000005", 0x26}], 0x1)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000100)={0xa, @pix_mp={0x1ff, 0x8, 0x34324d59, 0x2, 0x2, [{0x9, 0x4}, {0x7, 0x2}, {0x91a, 0x9}, {0x8, 0x1}, {0x7, 0x3}, {0x6}, {0x7fffffff, 0x74e5}, {0x8, 0x7}], 0x98, 0x1, 0x0, 0x0, 0x3}})
inotify_init()

5.679536929s ago: executing program 4 (id=1589):
socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
r0 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
mount$fuse(0x0, 0x0, 0x0, 0xa02002, &(0x7f00000004c0)=ANY=[@ANYBLOB="66643dc6953bd340e3272b71d8f75d2e259bf1b1641dbb07e599bb12e499abcbe83cb20c3beb0dfa38c10e940b6828039ec26a486cc445322e0a22037201a9aafdefaad479199cd361137641824dfeb422ab103c6a236f4c9ae516aaf718425b7cbf0a21a98a672989ebb66211460e26e8d8f0a8338d62ea54b8dbc1492deefab8989d8802bb1b8c5d61349a79922cad342e87ed63595e043a81fa36feb0f49bca508854", @ANYRESDEC, @ANYBLOB="40ef35a971d35097635122028eb919802534a9e95b3ca94bf84415370e72798ba993e10be6a82eee4caa011b2c213a3a032f32435692c0ba1dc1f06b1de6bc83e6d684a1f35cf6c3d5", @ANYRESOCT])
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bdaa5500"}})

5.540607821s ago: executing program 1 (id=1590):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
socket$key(0xf, 0x3, 0x2)
sched_setscheduler(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r4, 0x107, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ptrace(0x10, 0x1)
r5 = inotify_init1(0x0)
inotify_add_watch(r5, &(0x7f0000000200)='.\x00', 0x400)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmmsg$unix(r7, &(0x7f0000001180)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}], 0x1, 0x1)
r8 = fsopen(&(0x7f0000000040)='binder\x00', 0x0)
r9 = syz_open_dev$loop(&(0x7f000000d940), 0x4, 0x40)
ioctl$LOOP_GET_STATUS(r9, 0x4c03, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x14, 0x3c, 0x701, 0x0, 0x25dfdbfd, {0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x48010}, 0x4000000)

4.981657004s ago: executing program 4 (id=1591):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x11}]}}}]}]}], {0x14}}, 0xb8}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x20040084)

4.108284245s ago: executing program 0 (id=1592):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r2, 0x1, 0x53, &(0x7f0000000340)={0x8, 0x7, 0x0, 'syz1\x00'}, &(0x7f0000000380)=0x2c)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0x0, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r2, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@loopback, @in=@multicast2, 0x0, 0xfff7, 0x1, 0x0, 0xa, 0x80, 0x0, 0x8, 0x0, 0xffffffffffffffff}, {0x0, 0x20000, 0x400200000, 0x2000000000000800, 0x200000000, 0x7fffffffffffffff, 0x7, 0xffffffff}, {0x0, 0x0, 0x1}, 0x0, 0x6e6bb6, 0x0, 0x0, 0x0, 0x2}, {{@in=@local, 0xffffffff, 0x62}, 0x0, @in6=@mcast2, 0x3507, 0x5, 0x3, 0x1, 0xfffffffe, 0x4000000, 0xfffffff7}}, 0xe4)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8d})
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000bc0)={"c718ae3ddd25e4c2826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535ef976e79da1b52de6403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fce30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac353b21fe733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f7b7ca71135dc32804a80380a6e20e0ae03be775e472cd31d6a31e615937c38e746a5cf6c9d8194242990dd497a2c52af50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2aa0b90cdc409541aa85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df0ba31cb793675276162de2fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e746d860238b3b113ab1eef51e1507f8832d5d69528083d44548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06082ad7a3ab0dfbe208630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a293635dfc6d25ecc770ba72792fd3c6851d951b770d0f9edafb1cb4241350d85b04ed737a9bfd7e8301c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472787621147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022522ec76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600"})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r10, {0x0, 0x3}, {}, {0xfff3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x5c, 0x2, [@TCA_MATCHALL_ACT={0x58, 0x2, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xd, 0xd0ea, 0x10000000, 0x3, 0x4}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x10001}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x50}, 0x0)

3.986249823s ago: executing program 3 (id=1593):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r2, 0x29, 0x37, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x8)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)
openat$audio(0xffffff9c, 0x0, 0x80, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0xee24, 0xffffffffffffffff, 0x0, 0x3}, 0x0)
r3 = fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='iocharset', &(0x7f0000000200)='io#harset', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000001100)='iocharset', 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000380)={0x8, 0x2, 0x3})
signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x5d50, 0x0, 0x0, 0x3c1})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000858004000c000000b70000832000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETSTEERINGEBPF(r6, 0x800454e0, &(0x7f0000002180)=r8)
close_range(r5, 0xffffffffffffffff, 0x0)

3.738283585s ago: executing program 4 (id=1594):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0x1401, 0x2, 0x70bd2a, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x4000) (async)
syz_usb_connect$cdc_ncm(0x1, 0x76, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a44000010203010902640002010000000904000001020d000008640600010d4bb505240000000d240f0100000000000000000006241a00000005240100000905810300000000000904010000020d00000904010102020d0000090582"], 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="120100009c147010861246205bb4018203010902240001000000000904000002ff0401"], 0x0) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB="48000000100010058d0085a31cd3e8fcfefa01dbb05e3cae00", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000400000100c280000500030004000000"], 0x48}}, 0x0)

3.465225607s ago: executing program 2 (id=1595):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100feffffff000000001400000018000180140002006e657464657673696d3000000000000005001900010000000800100004090000080011"], 0x44}}, 0x44000)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$IOCTL_GET_NUM_DEVICES(r3, 0x40046104, &(0x7f0000000000))
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r6 = socket$inet(0x2, 0x2, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r7 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000009c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=@newtaction={0x7c, 0x1e, 0x109, 0x100, 0x25dfdbff, {}, [{0x68, 0x1, [@m_vlan={0x34, 0xc, 0x0, 0x0, {{0x9}, {0x4}, {0x6, 0x6, "6b05"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ctinfo={0x30, 0x14, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x7c}, 0x1, 0x2b1e, 0x0, 0x10}, 0x24040010)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000004000000000000000008000000", @ANYRES32, @ANYBLOB="dbf365592c02db5b930e161dcc1d3b4795b87ad403212ee08997ccebf36c7dd9717747168fd4db407146a8b7817cb26e532352e1695b27400a158cc1596621184dab535ede1dbcb054a51aeb6632cce01d81bae04fb0c66d4f3b8a49218c6367c675b92ae5489ebf13be787daeee28c1ebd2a2029b4b3eb473bbc743aa09aa68b6197d162bb54f4564c20b6cbfd42f2208c9d4c840664793198dbc45"], 0x18}], 0x1, 0x0, 0x0, 0x20000000}, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
r10 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
r11 = add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa957254", 0x49, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000400)={r10, r11, r10}, &(0x7f0000000440)=""/183, 0xb7, &(0x7f00000003c0)={&(0x7f0000000340)={'sha224-generic\x00'}, &(0x7f0000000380)})
read$FUSE(r9, &(0x7f0000004280)={0x2020}, 0x2034)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r4, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r12 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r12, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan0\x00'})

3.431695993s ago: executing program 1 (id=1596):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000003c0)="5ca2", 0x2}], 0x1}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = epoll_create1(0x80000)
fsetxattr$system_posix_acl(r1, &(0x7f00000003c0)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
sendto$inet(r0, &(0x7f0000000140)='^', 0x1, 0x1, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r0, 0xda90)
accept4(r0, &(0x7f0000000340)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x0, 0x80000)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setownex(r2, 0xf, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000080)={0x5, 0x0, [{0xb, 0x6d, 0xf}, {0x7, 0x1, 0x0, 0x5fb, 0x9}, {0x80000001, 0x200, 0x4, 0x8, 0x2}, {0x6, 0x1c00, 0x1, 0x400, 0x9}, {0x1, 0x8, 0x6, 0x1ff, 0x1}]})
syz_open_dev$hiddev(&(0x7f0000000000), 0x0, 0x8e00)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x1, 0x2, &(0x7f0000000180)=@raw=[@jmp={0x5, 0x0, 0x8, 0x3, 0x8, 0x50, 0xffffffffffffffff}, @exit], &(0x7f0000000200)='GPL\x00'}, 0x94)

3.224877006s ago: executing program 1 (id=1597):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
keyctl$session_to_parent(0x12)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
rseq(0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x28)
ioctl$KVM_SET_IRQCHIP(r3, 0x4020aeb2, &(0x7f0000000080)={0x0, 0x12c, @ioapic={0xe6ef0000, 0x3, 0x2, 0x0, 0x0, [{0x5, 0x3, 0xd, '\x00', 0x9}, {0x3, 0x25, 0xd1, '\x00', 0x3}, {0x0, 0x5, 0x2, '\x00', 0xd}, {0x0, 0x4, 0x19, '\x00', 0x2}, {0x1, 0xd, 0x2, '\x00', 0x7}, {0x1, 0x27, 0x3, '\x00', 0x7}, {0xc, 0x9, 0x5, '\x00', 0x4}, {0x5, 0x1, 0x6, '\x00', 0x7}, {0x9, 0x9, 0x1, '\x00', 0x5}, {0x0, 0x4, 0xd, '\x00', 0x5}, {0xff, 0xb6, 0x3, '\x00', 0x80}, {0x7, 0x2, 0x81, '\x00', 0x3}, {0x8, 0xff, 0x4, '\x00', 0x2}, {0x9, 0xf6, 0x60, '\x00', 0xbe}, {0x7, 0x3, 0x3, '\x00', 0x10}, {0x9, 0x6, 0x4, '\x00', 0x2}, {0x8, 0x4, 0xf0, '\x00', 0x4}, {0x8, 0x8}, {0x8, 0x8, 0x5, '\x00', 0x1}, {0x3, 0x0, 0x6, '\x00', 0x4}, {0x7, 0x3, 0xb, '\x00', 0x7}, {0x2, 0x1, 0xf1, '\x00', 0xcf}, {0x6, 0x7, 0x5, '\x00', 0x7}, {0x2, 0x0, 0x9, '\x00', 0x7}]}})
syz_open_dev$vcsn(&(0x7f00000002c0), 0x80000, 0x200002)
r4 = openat$binderfs(0xffffff9c, &(0x7f0000000080)='./binderfs/binder1\x00', 0x806, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r4, 0xc018620c, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x700})
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
epoll_create1(0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa2301, 0x0)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000740)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10)
write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
r7 = openat$audio1(0xffffff9c, &(0x7f0000000000), 0x1110c2, 0x0)
preadv2(r7, &(0x7f0000000380)=[{&(0x7f00000003c0)=""/254, 0xfe}, {&(0x7f00000001c0)=""/225, 0xe1}, {&(0x7f00000002c0)=""/161, 0xa1}], 0x3, 0x6, 0xc0, 0x4)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r8, 0x4b47, &(0x7f0000000000)={0x0, 0x38, 0x9})
fcntl$dupfd(r7, 0x406, r7)
socket$nl_xfrm(0x10, 0x3, 0x6)

2.88731643s ago: executing program 0 (id=1598):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000004800"], 0xec}, 0x1, 0x0, 0x0, 0x44080}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900000000000000000000000000000000dabeffff00", [0x0, 0xffffffff9673e35d]}})

2.635824742s ago: executing program 0 (id=1599):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1b8, 0x19, 0x1, 0x0, 0x0, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0xa, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x20, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x104, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@empty}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3}, {{@in6=@mcast2, 0x0, 0xff}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}]}, 0x1b8}}, 0x0) (fail_nth: 2)

1.987652485s ago: executing program 0 (id=1600):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b29090942f70e0dd038e7ff7fc6e5539b324c078b089b34383b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b33310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r3}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {}, 0x1})
syz_io_uring_setup(0x744a, &(0x7f0000000100)={0x0, 0x2945, 0x20, 0x5, 0x259, 0x0, r1}, &(0x7f0000000200), &(0x7f0000000240))
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7fe, 0xf83, 0x8}, 0x1c)
syz_emit_ethernet(0x16, &(0x7f0000000280)=ANY=[@ANYBLOB="bbbbbbbbbbbbaa22aa0fedb1c7db0c7e53d57c17a69c9a4b37eda81111e76a357b83a7c2a9336378dbe88fdd7fe6602f8cf6448c60606bd3849dda0b8ecef9186c2ecb6e89516bde85b3375273560096aa40a3dda937a41cce3ce531"], 0x0)
io_uring_enter(r3, 0x2dec, 0x22f2, 0xb, 0x0, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x16b601, 0x0)
write$sequencer(r7, &(0x7f00000019c0)=ANY=[@ANYRES8=r3, @ANYRES64=r5, @ANYRESHEX=r2, @ANYRES64=0x0, @ANYRESHEX=r7, @ANYRES32=r5, @ANYBLOB="a9886a2e9a0988fd69bb770c3e7ca3c766381dbe835d4399fc329d6443d1311be2bdd0ad456c9bcc41cdd5c513a668da8776ed30e3ad266cf31a3cc9e2986e0e69413989dd288e8fddea535b3efb5b19df12f099419af35aa8271e6fd3bf29cf31a00283fba204972f7da3f3a520c9b3a56818b3be", @ANYBLOB="fa9300001d6199c7de2944cf22a6c69ab7008c14b4f0be153f89366f707183b780bb1530f5a05f0f63dc79214d8e96c571ba288da0430df9f2731838f4b2cc7b77e26dcf1d0529dba9908838e2c1d7b44c16c5ff25a011e8ccd512846cd0fcb8df78e09aee7718b40405a79082b351d0be7330a08537bd925a2e139105000000000000004fd8ba10b6d525a8abf4d54960dc9cfa9f41d7d9bf728556f893dce4b0e641e84eb3f517c5b526d0e5a79e31a221251763fa987852ec3adb73dfbcd52b7d5eeca166620e1fb357ce682a17a68f5c7c", @ANYRES8=r7], 0xfe7f)
fsetxattr$trusted_overlay_opaque(r1, &(0x7f0000000080), &(0x7f00000000c0), 0x2, 0x2)
ioctl$SNDCTL_SEQ_SYNC(r7, 0x5101)

1.802846148s ago: executing program 2 (id=1601):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$AUDIT_SET(0xffffffffffffffff, 0x0, 0x20004000)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x101, 0x2b01)
ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f0000000040)={0x9, {0x0, 0x6, 0xf4e, 0x1}})
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000240)={@my=0x1, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000001c80)={'dummy0\x00', &(0x7f00000000c0)=@ethtool_rxfh={0x0, 0xfffffff4, 0x80, 0x1, 0x2, "7c3bc4", 0xbbd8, [0x5, 0x6, 0x9, 0xb, 0x7, 0x0, 0x9, 0xe]}})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x20005e, 0x0, 0x9, 0x4})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3)
ioctl$KVM_SET_TSC_KHZ_vm(r6, 0xaea2, 0x101)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000300)={'wlan1\x00'})
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(aegis256-generic,sha3-512)\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_WOL_SET(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES32=r6, @ANYRES8=r8], 0x14}, 0x1, 0x0, 0x0, 0x8004}, 0x20040015)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x24008010)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r9 = userfaultfd(0x801)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r9, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r9, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00001b1000/0x4000)=nil, 0x400000, 0x2, 0x2})

1.121726669s ago: executing program 3 (id=1602):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000640)=ANY=[@ANYBLOB="ff02040100000000000000000000d36eb15aa6bafea407396c94e77f568b7658bc00652be29980969e2beec9dd462cce7d9d4513884e5c3121e45f8bf422a51ec95d811fa24b96099d1f2d763dc6196f79b97d133494fbef9610b5d76f883c67ed515b035adbb28988b4c3580cc53bc1a48c583378c94246ee00000000000000000000fef7436c34ccf9657df07b8af5d62ce07b5ae5d0fe218e99724e13de41da25ae2248b89efd4fc0f07fe17104c81dedb433cc6b42b351c44cfb9037f97517111f0c08821504da0df28a8c9a42047bdc2b4094c3dc9bb9b0284de3688d94e244b2a4ab8eca3af7ba438cf508e308e994d0f4d6c9e17663f3b5b5d73a1016f5dd5085af0eb0a977e99ab02e0179f92bede8b1a69b8da49017b9fe76bcc3533dd03cabefa6b85adf425d2a54a1cc646e56d798246768712c4c5656"], 0x18)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xa1a)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r4, 0xc008551b, &(0x7f0000000000)=ANY=[@ANYBLOB="050076cb08ecffff7effffff0101c000"])
pipe(&(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="310329bd7000ffffffff0900000008000300", @ANYRES32=r7, @ANYBLOB="080006000209"], 0x24}}, 0x4000)
fcntl$setstatus(r0, 0x4, 0x42800)
r8 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0), 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r8, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
unshare(0x68040200)
syz_usb_connect$uac1(0x6, 0x71, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r9=>0x0, <r10=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xe, 0x3, 0x5, 0x0, 0xd79, 0x9, 0x6, 0x7}, &(0x7f0000000100)={0xd7c, 0xf, 0x7fff, 0x2, 0x4, 0x1, 0x1000, 0x1ff}, &(0x7f0000000140)={0x2, 0x3, 0x9, 0x2770, 0x2d2d, 0x4, 0xffff, 0x67b6}, &(0x7f00000002c0)={r9, r10+10000000}, &(0x7f0000000340)={&(0x7f0000000300)={[0x10, 0x7]}, 0x8})

915.379ms ago: executing program 0 (id=1603):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000640)=ANY=[@ANYBLOB="ff02040100000000000000000000d36eb15aa6bafea407396c94e77f568b7658bc00652be29980969e2beec9dd462cce7d9d4513884e5c3121e45f8bf422a51ec95d811fa24b96099d1f2d763dc6196f79b97d133494fbef9610b5d76f883c67ed515b035adbb28988b4c3580cc53bc1a48c583378c94246ee00000000000000000000fef7436c34ccf9657df07b8af5d62ce07b5ae5d0fe218e99724e13de41da25ae2248b89efd4fc0f07fe17104c81dedb433cc6b42b351c44cfb9037f97517111f0c08821504da0df28a8c9a42047bdc2b4094c3dc9bb9b0284de3688d94e244b2a4ab8eca3af7ba438cf508e308e994d0f4d6c9e17663f3b5b5d73a1016f5dd5085af0eb0a977e99ab02e0179f92bede8b1a69b8da49017b9fe76bcc3533dd03cabefa6b85adf425d2a54a1cc646e56d798246768712c4c5656"], 0x18)
connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xa1a)
sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r4, 0xc008551b, &(0x7f0000000000)=ANY=[@ANYBLOB="050076cb08ecffff7effffff0101c000"])
pipe(&(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="310329bd7000ffffffff0900000008000300", @ANYRES32=r7, @ANYBLOB="080006000209"], 0x24}}, 0x4000)
syz_emit_ethernet(0x6a, &(0x7f00000003c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60828bf700343a00fc020000000000000000000000000000ff020000000000000000000000000001020090780000000060fd906300002b00fc010000000000000000000000000000200100000000000000000000000000001e520b4cc4c20ee92ed16adc80e541302573ef2b209b0ff78afda767b5c907acf98cb563a98bf00e01ec1125a0d4c75bd6ec6470cc273f40867585bfd8f612de97eedcb72a2cf37ec429f6c6e0e835df5fc69948fbda7fae51a7e502603b1b6d3a04d04e0018bb26ddcd84ac1a2dfeaa1d9a0f15669358e5f12280502e616d4295b9e2a1eded57377f33e4a5be64b10e03ea3c1131bbbfacb76d29f92b0b6e97a11f6f43c4d5f8a05a21cb25b1c2b988e4c6cb6b0594f66ae89373914602"], 0x0)
fcntl$setstatus(r0, 0x4, 0x42800)
fanotify_init(0x200, 0x0)
r8 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0), 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r8, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
unshare(0x68040200)
syz_usb_connect$uac1(0x6, 0x71, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r9=>0x0, <r10=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0xe, 0x3, 0x5, 0x0, 0xd79, 0x9, 0x6, 0x7}, &(0x7f0000000100)={0xd7c, 0xf, 0x7fff, 0x2, 0x4, 0x1, 0x1000, 0x1ff}, &(0x7f0000000140)={0x2, 0x3, 0x9, 0x2770, 0x2d2d, 0x4, 0xffff, 0x67b6}, &(0x7f00000002c0)={r9, r10+10000000}, &(0x7f0000000340)={&(0x7f0000000300)={[0x10, 0x7]}, 0x8})

647.365737ms ago: executing program 4 (id=1604):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB, @ANYRES32, @ANYBLOB="0c009900de61895c6b00000004005f0004005f0006003600000000000a00340002020203"], 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x4)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x480, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_route={{0xa}, {0x450, 0x2, [@TCA_ROUTE4_POLICE={0x44c, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x100, 0xa, 0xa83f, 0xd, 0xc, 0x104, 0x6, 0x9, 0x6, 0x100, 0x3ff, 0xa, 0x1, 0x2, 0xe, 0xfffffff9, 0x3, 0x2, 0x2, 0x1, 0x2, 0x1, 0x8, 0x101, 0xfffffff7, 0x3, 0x7cb, 0x8020000, 0x7ff, 0x2, 0x7, 0x6, 0x3, 0xff, 0x7fff, 0x5, 0x0, 0xd, 0x6, 0x9, 0x6, 0x7, 0xbb1, 0xb, 0xffffffff, 0x6, 0xded4, 0x5, 0xff, 0xc2f9, 0x6, 0x6, 0x2, 0x8000, 0x40, 0x1, 0x1, 0xffffffff, 0xfffffffa, 0x2, 0x0, 0x3, 0x5, 0x7, 0x5, 0x8, 0x7, 0x80010000, 0xc, 0x220, 0x7fffffff, 0x5, 0x8, 0x2, 0x3ff, 0xd, 0x6, 0x5, 0x8001, 0x3, 0x400, 0x6, 0x4, 0x59e, 0x3, 0x4, 0x7, 0x9, 0x88000, 0x80000000, 0x101, 0x3, 0xe, 0x7bc, 0x8, 0x3, 0x2, 0x3, 0x6, 0x10000, 0x7, 0x5, 0x8001, 0x5, 0x3, 0x7fffffff, 0x4, 0xa6f8, 0x9, 0x7fff, 0x0, 0xfffffffa, 0xccf, 0x6, 0x779, 0xad, 0x2, 0x78d1b59d, 0x255e, 0x9, 0x4, 0x9, 0x6, 0x400, 0x7f, 0x8, 0x7, 0x200, 0x22ba, 0x9, 0x80000001, 0xff, 0x8, 0x1, 0x5, 0x6, 0x1, 0x415, 0x4, 0x401, 0x1c000000, 0x1, 0xba6f, 0xf, 0x5, 0xb1f5, 0xcc8f, 0x4, 0x8, 0x100, 0x7, 0x3, 0xfff, 0x7, 0x1, 0x8, 0xffffffff, 0x5, 0x7, 0xa, 0x8, 0x0, 0x8, 0x6, 0xfffffff7, 0x2, 0x3, 0x1, 0x0, 0x5, 0x7ff, 0x800, 0xfffffff7, 0x4, 0x1, 0xffff7fff, 0x3, 0x2, 0x3, 0xffffff39, 0x8, 0x0, 0x0, 0x1, 0x7, 0xed97, 0x1, 0x101, 0x9, 0x1, 0x4, 0x2, 0x5, 0xfff, 0x6, 0x9, 0x3, 0x6e0, 0x0, 0x10000, 0x470f, 0x2, 0x9, 0x979, 0x0, 0xffffff39, 0x2, 0x4, 0x7, 0x5, 0x7fffffff, 0x9, 0x8, 0x0, 0x80000001, 0x4, 0x80, 0x1, 0x5, 0x2, 0x1c, 0x800, 0x5, 0x81, 0x8, 0x0, 0x4, 0xc, 0x7, 0x7fffffff, 0x1, 0x2, 0x1000, 0x7, 0x8, 0x43, 0x8b5569d, 0x1d, 0x0, 0x9, 0xd, 0x4, 0x3, 0x5, 0x80000001, 0x7, 0x1, 0x8, 0x80000001, 0x9, 0xcf0, 0x9, 0x8, 0x2, 0x7, 0x6]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xcf5}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x20000006, 0x6, 0x0, 0x3b0, {0x7, 0x0, 0x2, 0xe, 0x9, 0x80}, {0x9, 0x2, 0x8, 0x43, 0x3}, 0x9, 0xbc, 0xffffffff}}]}]}}]}, 0x480}}, 0x0)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x50, &(0x7f0000000100), 0x48)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x8, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, 0x0)
close(r7)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x40041)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r6], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xb53}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r8, 0x0, 0x0}, 0x10)

255.09541ms ago: executing program 2 (id=1605):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00')
preadv(r0, &(0x7f0000000100), 0x0, 0x3ab3, 0x0)

75.510898ms ago: executing program 1 (id=1606):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRES8=0x0], 0xc8}}, 0x40095) (async)
close(r0)
syz_open_dev$video(0x0, 0x7ff000, 0x40000) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0) (async, rerun: 32)
set_thread_area(&(0x7f0000000040)={0x2, 0x20001000, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1})
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) (async)
sched_setattr(0x0, 0x0, 0x0) (async)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) (async, rerun: 32)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000240)={0x16, 0x4, 0xea}) (rerun: 32)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000436000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68) (async)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0) (async)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(0xffffffffffffffff, 0xc0844123, &(0x7f0000000000)) (async)
openat$zero(0xffffffffffffff9c, &(0x7f00000012c0), 0x0, 0x0) (async)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000000280)={0xf, {"a2e3ad21ed0d09f90750090987f70906d038e7ff7fc6e5539b0d3d0e8b089b33346d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb3655668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

0s ago: executing program 2 (id=1607):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
writev(r0, &(0x7f0000000180)=[{&(0x7f00000002c0)="92b8208a8ed244ea2da0e54f10de723751e368ad99747bd177808afb825fc23565fa63e934421d29beabdf2660a50f57b865cd7e939dd4a315f62c52cce4e72798af8dc8a510677c828a37ed6d8bb314f6f69537dfcd88cac7412b3c37acff4e42caf5cb5c9e13102eea376d970a4049adb3f4b203ed17bcd4e8941c23", 0x7d}, {&(0x7f0000000540)="b21bb759742afc716a04c724df2d88422b9b283b3b129c9efb6b1c44df7a5e9bc9c7d55da4b918cb92a0eb8a87f4642095b3fc36435de5d7a3c645d7ef10666682074a72914b8a7ceb4e14c15b56e8f76e15e720392af02f97e539abcfa8189365ca86239ce3da4a6b55cf585792f524a04fdc38b60db39dd9de7f9dc81b73f8b76c52952344e0811c1bd22c09", 0x8d}, {&(0x7f00000006c0)="8248ff77b0c878a8faf5af5311d977254b077bbba1b87a6858a819122fd5fb1e6f71d5ab7d80440bafd14facea9165f340fa3f1ca808396227482634b023c356ac812d19913dc90a70e010c29d07193ad179ffd74eca34d2b74540e46306a6e67909a69225211f895214d2b3ece6a81f8fa3960621ce0a40bf54fcabc8fa3786b10daa32b3dac84056d74d9fcd518b91e9e2e3a3508e80cbb00803fe453b91bb8bbc45ef9eb95d1dab9367e211b64e0728a0660c6590d6bba58a5fed44dfc387db5587aa7ada2889b49906154ae2653487c807", 0xd3}], 0x3)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010711e0e170000000000010902240093b32efc9b2f4baa20a10f3e6a1e090400000103000000092100000001220500"], 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xc, "b1bb1f39"}]}}, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000d"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000040)=r5, 0x4)
sendmsg$inet(r7, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x4800)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x10408, 0x8}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x0, 0x1, {0x0, 0x2a}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r9, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
connect$inet6(r9, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r9, 0x29, 0x1, &(0x7f0000000000), 0x4)
r10 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r10, &(0x7f0000000080)={0xa, 0x4e20, 0x9, @mcast1, 0x4}, 0x1c)
r11 = syz_open_procfs(0x0, &(0x7f0000000380)='net/udplite6\x00')
read$FUSE(r11, &(0x7f0000004600)={0x2020}, 0x2020)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRES16=r12], 0x7c}}, 0x8850)

kernel console output (not intermixed with test programs):

g=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18539 code=0x7ffc0000
[  361.072518][   T30] audit: type=1326 audit(1756793955.071:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10081 comm="syz.0.1097" exe="/root/syz-executor" sig=0 arch=40000003 syscall=438 compat=1 ip=0xf7f18539 code=0x7ffc0000
[  361.101541][   T30] audit: type=1326 audit(1756793955.071:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10081 comm="syz.0.1097" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18539 code=0x7ffc0000
[  361.126996][   T30] audit: type=1326 audit(1756793955.071:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10081 comm="syz.0.1097" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18539 code=0x7ffc0000
[  363.383173][T10114] netlink: 'syz.4.1104': attribute type 4 has an invalid length.
[  363.620702][T10098] futex_wake_op: syz.1.1100 tries to shift op by 32; fix this program
[  364.234334][T10132] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1107'.
[  364.369382][T10133] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1106'.
[  365.125997][ T5970] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  365.499500][ T5970] usb 2-1: Using ep0 maxpacket: 16
[  365.532698][ T5970] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  365.551750][ T5970] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  365.563546][ T5970] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  365.583726][ T5970] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  365.621997][ T5970] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.877234][ T5970] usb 2-1: config 0 descriptor??
[  365.896881][ T5952] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  366.131289][ T5952] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  366.140176][ T5952] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  366.258881][ T5952] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  366.349616][ T5952] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  366.385324][ T5952] usb 4-1: Manufacturer: syz
[  366.579795][ T5970] usbhid 2-1:0.0: can't add hid device: -71
[  366.588290][ T5970] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  366.640199][ T5970] usb 2-1: USB disconnect, device number 43
[  366.655329][ T5952] usb 4-1: config 0 descriptor??
[  366.945822][ T5952] rc_core: IR keymap rc-hauppauge not found
[  366.951743][ T5952] Registered IR keymap rc-empty
[  366.960220][ T5952] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  367.018674][ T5952] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input18
[  367.053438][ T5970] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[  367.250732][ T5970] usb 2-1: config 0 has no interfaces?
[  367.256429][ T5970] usb 2-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  367.374160][ T5970] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.402952][ T5970] usb 2-1: config 0 descriptor??
[  367.733780][ T1211] usb 4-1: USB disconnect, device number 49
[  368.351228][ T5970] usb 2-1: USB disconnect, device number 44
[  369.092093][T10212] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1125'.
[  369.169149][T10213] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1126'.
[  369.208611][ T5952] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  369.427193][ T5952] usb 2-1: Using ep0 maxpacket: 16
[  369.484676][ T5952] usb 2-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  369.496754][ T5952] usb 2-1: config 5 has 0 interfaces, different from the descriptor's value: 1
[  369.565660][ T5952] usb 2-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  369.586057][ T5952] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.632198][ T5952] usb 2-1: Product: syz
[  369.654234][ T5952] usb 2-1: Manufacturer: syz
[  369.682168][ T5952] usb 2-1: SerialNumber: syz
[  370.087790][T10218] netlink: 51 bytes leftover after parsing attributes in process `syz.2.1127'.
[  370.354522][ T5952] usb 2-1: USB disconnect, device number 45
[  370.482313][T10218] netlink: 'syz.2.1127': attribute type 10 has an invalid length.
[  370.601377][T10218] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1127'.
[  372.005844][ T5952] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  372.127285][T10241] netlink: 'syz.3.1134': attribute type 1 has an invalid length.
[  372.188248][T10241] 8021q: adding VLAN 0 to HW filter on device bond0
[  372.195889][ T5952] usb 5-1: Using ep0 maxpacket: 16
[  372.241712][ T5952] usb 5-1: New USB device found, idVendor=04dd, idProduct=8002, bcdDevice=fc.b6
[  372.250971][ T5952] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.260555][ T5952] usb 5-1: Product: syz
[  372.264765][ T5952] usb 5-1: Manufacturer: syz
[  372.269528][ T5952] usb 5-1: SerialNumber: syz
[  372.280170][ T5952] usb 5-1: config 0 descriptor??
[  372.288641][ T5952] safe_serial 5-1:0.0: safe_serial converter detected
[  372.323149][ T5952] usb 5-1: safe_serial converter now attached to ttyUSB0
[  372.821618][    T9] usb 5-1: USB disconnect, device number 47
[  372.834032][    T9] safe_serial ttyUSB0: safe_serial converter now disconnected from ttyUSB0
[  372.847654][    T9] safe_serial 5-1:0.0: device disconnected
[  373.122025][T10261] netlink: 'syz.3.1138': attribute type 4 has an invalid length.
[  373.168148][T10249] futex_wake_op: syz.2.1130 tries to shift op by 32; fix this program
[  373.226135][T10261] netlink: 'syz.3.1138': attribute type 4 has an invalid length.
[  373.267888][T10261] netlink: 'syz.3.1138': attribute type 7 has an invalid length.
[  373.342707][T10261] netlink: 'syz.3.1138': attribute type 8 has an invalid length.
[  373.675900][   T10] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  373.812460][T10261] could not allocate digest TFM handle sha224-generic
[  373.851449][   T10] usb 1-1: Using ep0 maxpacket: 8
[  373.921141][   T10] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  373.930440][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.944676][   T10] usb 1-1: Product: syz
[  373.955876][   T10] usb 1-1: Manufacturer: syz
[  373.969350][   T10] usb 1-1: SerialNumber: syz
[  373.989783][   T10] usb 1-1: config 0 descriptor??
[  374.018677][   T10] gspca_main: se401-2.14.0 probing 047d:5003
[  375.119000][T10295] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1144'.
[  375.731603][   T10] input: se401 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input19
[  377.119016][ T5937] usb 1-1: USB disconnect, device number 53
[  377.634166][T10325] netlink: 'syz.0.1152': attribute type 4 has an invalid length.
[  377.737274][T10325] netlink: 'syz.0.1152': attribute type 4 has an invalid length.
[  377.751681][T10325] netlink: 'syz.0.1152': attribute type 7 has an invalid length.
[  377.768712][T10325] netlink: 'syz.0.1152': attribute type 8 has an invalid length.
[  377.816000][ T5952] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  378.117877][ T5952] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  378.133134][ T5952] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  378.214857][T10331] loop6: detected capacity change from 0 to 7
[  378.225854][ T5952] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  378.231270][T10325] could not allocate digest TFM handle sha224-generic
[  378.248118][T10331] Dev loop6: unable to read RDB block 7
[  378.253696][T10331]  loop6: AHDI p1 p2 p3 p4
[  378.279528][ T5952] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  378.312145][T10331] loop6: partition table partially beyond EOD, truncated
[  378.322214][T10331] loop6: p1 start 926365495 is beyond EOD, truncated
[  378.329808][T10331] loop6: p2 size 47 extends beyond EOD, truncated
[  378.373990][ T5952] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  378.386944][T10331] loop6: p3 start 1886353253 is beyond EOD, truncated
[  378.447592][ T5952] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  378.453635][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  378.521696][ T5952] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  378.671243][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  378.677752][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  378.689436][ T5952] usb 2-1: Product: syz
[  378.693639][ T5952] usb 2-1: Manufacturer: syz
[  378.712985][ T5952] cdc_wdm 2-1:1.0: skipping garbage
[  378.718572][ T5952] cdc_wdm 2-1:1.0: skipping garbage
[  378.745091][ T5952] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  378.752391][ T5952] cdc_wdm 2-1:1.0: Unknown control protocol
[  380.079137][T10355] loop6: detected capacity change from 0 to 1
[  380.108033][T10355] Dev loop6: unable to read RDB block 1
[  380.365911][T10355]  loop6: unable to read partition table
[  380.372404][T10355] loop6: partition table beyond EOD, truncated
[  380.379598][T10355] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  380.684529][    T9] usb 2-1: USB disconnect, device number 46
[  381.186640][T10377] loop6: detected capacity change from 0 to 7
[  381.202223][T10377] Dev loop6: unable to read RDB block 7
[  381.209772][T10377]  loop6: AHDI p1 p2 p3 p4
[  381.214272][T10377] loop6: partition table partially beyond EOD, truncated
[  381.223393][T10377] loop6: p1 start 926365495 is beyond EOD, truncated
[  381.235616][T10377] loop6: p2 size 47 extends beyond EOD, truncated
[  381.269037][T10377] loop6: p3 start 1886353253 is beyond EOD, truncated
[  381.398343][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  381.440551][T10381] netlink: 'syz.2.1166': attribute type 4 has an invalid length.
[  381.520764][T10382] netlink: 'syz.2.1166': attribute type 4 has an invalid length.
[  381.554454][T10381] netlink: 'syz.2.1166': attribute type 7 has an invalid length.
[  381.569356][T10381] netlink: 'syz.2.1166': attribute type 8 has an invalid length.
[  381.794107][T10387] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1167'.
[  382.388844][T10381] could not allocate digest TFM handle sha224-generic
[  383.567272][T10404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1171'.
[  385.596682][T10427] futex_wake_op: syz.2.1170 tries to shift op by 32; fix this program
[  385.945111][T10433] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  386.064352][T10434] netlink: 'syz.0.1179': attribute type 6 has an invalid length.
[  386.080437][T10434] QAT: failed to copy from user cfg_data.
[  387.442166][T10466] dummy0: entered promiscuous mode
[  387.453219][T10466] macsec1: entered promiscuous mode
[  387.474265][T10466] dummy0: left promiscuous mode
[  388.349890][T10483] loop6: detected capacity change from 0 to 7
[  388.378791][ T6538] Dev loop6: unable to read RDB block 7
[  388.394601][ T6538]  loop6: AHDI p1 p2 p3 p4
[  388.411636][ T6538] loop6: partition table partially beyond EOD, truncated
[  388.456731][ T6538] loop6: p1 start 926365495 is beyond EOD, truncated
[  388.485648][ T6538] loop6: p2 size 47 extends beyond EOD, truncated
[  388.516841][T10484] futex_wake_op: syz.3.1183 tries to shift op by 32; fix this program
[  388.534387][ T6538] loop6: p3 start 1886353253 is beyond EOD, truncated
[  388.541417][ T1211] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  388.640679][T10483] Dev loop6: unable to read RDB block 7
[  388.697197][ T1211] usb 2-1: Using ep0 maxpacket: 8
[  388.741826][ T1211] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  388.755657][T10488] netlink: 4084 bytes leftover after parsing attributes in process `syz.0.1191'.
[  388.764977][ T1211] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.794753][ T1211] usb 2-1: Product: syz
[  388.805621][ T1211] usb 2-1: Manufacturer: syz
[  388.820971][T10483]  loop6: AHDI p1 p2 p3 p4
[  388.824694][ T1211] usb 2-1: SerialNumber: syz
[  388.848583][T10491] binder: 10487:10491 ioctl 4008662c 0 returned -22
[  388.866225][ T1211] usb 2-1: config 0 descriptor??
[  388.877911][ T1211] gspca_main: se401-2.14.0 probing 047d:5003
[  389.015937][T10483] loop6: partition table partially beyond EOD, truncated
[  389.029566][T10483] loop6: p1 start 926365495 is beyond EOD, truncated
[  389.046337][T10483] loop6: p2 size 47 extends beyond EOD, truncated
[  389.063467][T10483] loop6: p3 start 1886353253 is beyond EOD, truncated
[  389.655085][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  389.881331][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  390.431409][ T1211] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input20
[  390.806006][    T9] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  390.981011][ T1211] usb 2-1: USB disconnect, device number 47
[  391.004878][    T9] usb 5-1: New USB device found, idVendor=041e, idProduct=400c, bcdDevice=af.98
[  391.024414][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.084258][    T9] usb 5-1: config 0 descriptor??
[  391.113005][    T9] pwc: Creative Labs Webcam 5 detected.
[  391.121995][T10498] delete_channel: no stack
[  392.048395][T10529] dummy0: entered promiscuous mode
[  392.065049][T10529] macsec1: entered promiscuous mode
[  392.085197][T10529] dummy0: left promiscuous mode
[  392.306027][ T5970] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  392.539543][T10541] loop6: detected capacity change from 0 to 7
[  392.545943][ T5970] usb 4-1: Using ep0 maxpacket: 32
[  392.569990][ T5970] usb 4-1: config 0 has an invalid interface number: 89 but max is 0
[  392.579090][ T5970] usb 4-1: config 0 has no interface number 0
[  392.589011][T10541] Dev loop6: unable to read RDB block 7
[  392.605288][ T5970] usb 4-1: New USB device found, idVendor=12d1, idProduct=7ef3, bcdDevice=54.68
[  392.617252][ T5970] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.625392][ T5970] usb 4-1: Product: syz
[  392.653921][T10541]  loop6: AHDI p1 p2 p3 p4
[  392.674181][T10541] loop6: partition table partially beyond EOD, truncated
[  392.684391][ T5970] usb 4-1: Manufacturer: syz
[  392.753715][ T5970] usb 4-1: SerialNumber: syz
[  392.776651][T10541] loop6: p1 start 926365495 is beyond EOD, truncated
[  392.783530][T10541] loop6: p2 size 47 extends beyond EOD, truncated
[  392.792200][T10541] loop6: p3 start 1886353253 is beyond EOD, truncated
[  392.884990][ T5970] usb 4-1: config 0 descriptor??
[  392.908767][ T5970] hub 4-1:0.89: bad descriptor, ignoring hub
[  392.912131][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  392.934965][ T5970] hub 4-1:0.89: probe with driver hub failed with error -5
[  392.955936][ T5970] option 4-1:0.89: GSM modem (1-port) converter detected
[  392.984989][ T5970] usb 4-1: GSM modem (1-port) converter now attached to ttyUSB0
[  393.272790][    T9] pwc: Failed to set LED on/off time (-71)
[  393.371404][    T9] pwc: send_video_command error -71
[  393.392536][    T9] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  393.442975][    T9] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[  393.501776][    T9] usb 5-1: USB disconnect, device number 48
[  393.617013][ T5937] usb 1-1: new full-speed USB device number 54 using dummy_hcd
[  393.784499][ T5937] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  393.795671][ T5937] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  393.874291][ T5937] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  393.928338][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  393.970272][ T5937] usb 1-1: SerialNumber: syz
[  394.014517][ T5937] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  394.067686][ T5937] usb-storage 1-1:1.0: USB Mass Storage device detected
[  394.145608][ T5937] usb-storage 1-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  394.160305][ T5937] scsi host1: usb-storage 1-1:1.0
[  394.676692][T10564] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1211'.
[  394.971886][ T5952] usb 4-1: USB disconnect, device number 50
[  395.006646][T10567] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1211'.
[  395.276499][ T5952] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[  395.286501][ T5952] option 4-1:0.89: device disconnected
[  396.570738][T10590] loop6: detected capacity change from 0 to 7
[  396.582678][T10590] Dev loop6: unable to read RDB block 7
[  396.650480][T10590]  loop6: AHDI p1 p2 p3 p4
[  396.655100][T10590] loop6: partition table partially beyond EOD, truncated
[  396.664314][T10590] loop6: p1 start 926365495 is beyond EOD, truncated
[  396.675550][T10590] loop6: p2 size 47 extends beyond EOD, truncated
[  396.684431][T10590] loop6: p3 start 1886353253 is beyond EOD, truncated
[  396.934697][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  397.425117][ T1211] usb 1-1: USB disconnect, device number 54
[  398.986822][ T5952] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  399.175894][ T5952] usb 5-1: device descriptor read/64, error -71
[  399.647332][ T5952] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  399.851063][ T5952] usb 5-1: device descriptor read/64, error -71
[  399.976210][ T5952] usb usb5-port1: attempt power cycle
[  400.335886][ T5952] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  400.368639][ T5952] usb 5-1: device descriptor read/8, error -71
[  400.579990][T10632] ALSA: mixer_oss: invalid index 40000
[  400.641639][ T5952] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  400.670198][T10637] loop6: detected capacity change from 0 to 7
[  400.683026][ T6538] Dev loop6: unable to read RDB block 7
[  400.691356][ T6538]  loop6: AHDI p1 p2 p3 p4
[  400.696035][ T6538] loop6: partition table partially beyond EOD, truncated
[  400.700838][ T5952] usb 5-1: device descriptor read/8, error -71
[  400.704567][ T6538] loop6: p1 start 926365495 is beyond EOD, truncated
[  400.717340][ T6538] loop6: p2 size 47 extends beyond EOD, truncated
[  400.727219][ T6538] loop6: p3 start 1886353253 is beyond EOD, truncated
[  400.745442][T10637] Dev loop6: unable to read RDB block 7
[  400.751572][T10637]  loop6: AHDI p1 p2 p3 p4
[  400.765891][T10637] loop6: partition table partially beyond EOD, truncated
[  400.781163][T10637] loop6: p1 start 926365495 is beyond EOD, truncated
[  400.802881][T10637] loop6: p2 size 47 extends beyond EOD, truncated
[  400.819542][T10637] loop6: p3 start 1886353253 is beyond EOD, truncated
[  400.840191][ T5952] usb usb5-port1: unable to enumerate USB device
[  401.011243][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  401.095397][T10641] netlink: 'syz.2.1232': attribute type 4 has an invalid length.
[  401.149118][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  401.166615][T10644] netlink: 'syz.2.1232': attribute type 4 has an invalid length.
[  401.231165][T10641] netlink: 'syz.2.1232': attribute type 7 has an invalid length.
[  401.258712][T10641] netlink: 'syz.2.1232': attribute type 8 has an invalid length.
[  401.594468][T10644] could not allocate digest TFM handle sha224-generic
[  401.721001][    T9] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  401.897755][    T9] usb 1-1: config 0 has no interfaces?
[  401.911171][    T9] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  401.923730][T10666] ALSA: mixer_oss: invalid OSS volume '¥¬T¶½
ø¿'
[  401.941399][T10666] netlink: 'syz.4.1239': attribute type 11 has an invalid length.
[  401.942104][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.976533][    T9] usb 1-1: Product: syz
[  401.980733][    T9] usb 1-1: Manufacturer: syz
[  401.985338][    T9] usb 1-1: SerialNumber: syz
[  402.091053][    T9] usb 1-1: config 0 descriptor??
[  402.580833][T10688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1242'.
[  402.888955][ T5952] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  403.119692][ T5952] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  403.169276][ T5952] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  403.191923][ T5952] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  403.201202][ T5952] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.255167][    T9] usb 1-1: USB disconnect, device number 55
[  403.350815][T10688] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  403.467678][ T5952] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  403.474663][T10692] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  403.482884][T10692] syzkaller0: entered promiscuous mode
[  403.491777][T10692] syzkaller0: entered allmulticast mode
[  403.509002][T10692] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  403.635598][T10694] tipc: Resetting bearer <eth:syzkaller0>
[  403.762906][T10692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1243'.
[  403.782339][    C0] vcan0: j1939_session_tx_dat: 0xffff888056efd000: queue data error: -100
[  403.792458][    C0] vcan0 (unregistering): j1939_xtp_rx_dpo: no connection found
[  403.800243][    C0] vcan0 (unregistering): j1939_xtp_rx_dpo: no connection found
[  403.807987][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.815837][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.823782][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.831691][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.839644][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.847492][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.855412][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.863323][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.871253][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.879096][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.887034][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.894842][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.902793][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.910714][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.918658][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.926573][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.934498][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.942323][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.950248][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.958067][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.965972][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.973879][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.981858][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  403.989687][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  403.997582][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.005471][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.013676][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.021505][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.029437][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.037291][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.045323][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.053155][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.061069][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.068920][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.076830][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.084678][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.092673][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.100527][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.108523][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.116365][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.124540][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.132371][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.140273][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.148112][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.156012][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.163814][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.171716][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.179545][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.187462][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.195250][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.203155][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.210973][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.218889][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.226700][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.234579][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.242412][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.250311][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.258149][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.266064][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.273863][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.281797][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.289624][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.297649][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.305460][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.313367][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.321178][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.329079][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.337071][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.344946][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.352767][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.360686][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.368527][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.376498][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.384292][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.392183][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.400010][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.407907][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.415760][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.423653][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.431488][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.439407][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.447348][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.455228][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.463042][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.470960][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.478787][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.486709][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.494585][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.502482][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.510310][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.518310][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.526159][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.534054][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.541873][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.549791][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.557609][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.565673][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.573754][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.581752][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.589701][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.597609][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.605443][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.613356][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.621197][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.629108][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.636926][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.644796][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.652726][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.660746][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.668599][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.676549][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.684455][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.692498][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.700330][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.708254][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.716110][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.725122][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.732955][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.740964][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.748820][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.756815][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.764609][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.772534][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.780540][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.788553][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.796448][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.806269][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.814098][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.822245][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.830173][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.838043][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.845857][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.853707][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.861577][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.869471][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.877283][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.885125][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  404.892938][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  404.904299][    T9] tipc: Node number set to 231813910
[  405.166152][T10691] tipc: Resetting bearer <eth:syzkaller0>
[  405.216898][T10691] tipc: Disabling bearer <eth:syzkaller0>
[  405.527332][ T5952] usb 2-1: USB disconnect, device number 48
[  405.976420][T10710] netlink: 'syz.1.1250': attribute type 4 has an invalid length.
[  406.045103][T10719] netlink: 'syz.1.1250': attribute type 4 has an invalid length.
[  406.101549][T10710] netlink: 'syz.1.1250': attribute type 7 has an invalid length.
[  406.125115][T10710] netlink: 'syz.1.1250': attribute type 8 has an invalid length.
[  406.183696][T10717] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1251'.
[  406.260028][T10717] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1251'.
[  406.579637][T10719] could not allocate digest TFM handle sha224-generic
[  407.296233][   T10] usb 1-1: new low-speed USB device number 56 using dummy_hcd
[  407.778290][   T10] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  407.796200][   T10] usb 1-1: config 0 has no interface number 0
[  407.802462][   T10] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  407.822913][   T10] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  407.878905][   T10] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  407.888765][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.976487][   T10] usb 1-1: config 0 descriptor??
[  408.002911][T10737] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  408.024467][   T10] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  408.209675][T10748] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1258'.
[  408.556728][T10753] loop6: detected capacity change from 0 to 7
[  408.645042][T10753] Dev loop6: unable to read RDB block 7
[  408.651252][T10753]  loop6: AHDI p1 p2 p3 p4
[  408.681246][T10753] loop6: partition table partially beyond EOD, truncated
[  408.691903][T10753] loop6: p1 start 926365495 is beyond EOD, truncated
[  408.701859][T10753] loop6: p2 size 47 extends beyond EOD, truncated
[  408.781323][T10753] loop6: p3 start 1886353253 is beyond EOD, truncated
[  408.812840][ T5952] usb 1-1: USB disconnect, device number 56
[  408.813007][    C0] iowarrior 1-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  409.127406][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  409.546836][T10769] netlink: 'syz.1.1267': attribute type 4 has an invalid length.
[  409.577715][T10769] netlink: 'syz.1.1267': attribute type 4 has an invalid length.
[  409.616726][T10769] netlink: 'syz.1.1267': attribute type 7 has an invalid length.
[  409.634637][T10769] netlink: 'syz.1.1267': attribute type 8 has an invalid length.
[  410.040041][T10775] could not allocate digest TFM handle sha224-generic
[  410.596110][T10786] netlink: 'syz.3.1270': attribute type 20 has an invalid length.
[  410.613902][T10786] block nbd0: Attempted send on invalid socket
[  410.621527][T10786] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  411.913243][T10788] futex_wake_op: syz.0.1269 tries to shift op by 32; fix this program
[  413.422507][T10807] futex_wake_op: syz.2.1271 tries to shift op by 32; fix this program
[  414.836645][   T24] usb 2-1: new low-speed USB device number 49 using dummy_hcd
[  415.037755][   T24] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  415.049383][   T24] usb 2-1: config 0 has no interface number 0
[  415.061745][   T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  415.088145][   T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  415.126898][   T24] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  415.158404][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.182768][   T24] usb 2-1: config 0 descriptor??
[  415.195539][T10840] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1283'.
[  415.243254][T10835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1282'.
[  415.254752][T10835] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1282'.
[  415.287993][T10822] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  415.304884][   T24] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  416.918603][   T24] usb 2-1: USB disconnect, device number 49
[  419.450297][T10883] syzkaller0: entered promiscuous mode
[  419.455931][T10883] syzkaller0: entered allmulticast mode
[  420.249984][T10886] futex_wake_op: syz.1.1288 tries to shift op by 32; fix this program
[  420.716016][T10900] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1297'.
[  421.394746][T10915] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1300'.
[  421.435584][T10916] futex_wake_op: syz.0.1292 tries to shift op by 32; fix this program
[  421.760548][T10920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.883801][T10920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  422.181752][   T10] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  422.250743][T10920] netlink: 'syz.1.1301': attribute type 5 has an invalid length.
[  422.345914][T10920] netlink: 'syz.1.1301': attribute type 3 has an invalid length.
[  422.363120][T10920] netlink: 152988 bytes leftover after parsing attributes in process `syz.1.1301'.
[  422.625860][   T10] usb 2-1: Using ep0 maxpacket: 16
[  422.655434][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  422.690983][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  422.955384][   T24] IPVS: starting estimator thread 0...
[  423.020131][   T10] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  423.029320][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.045951][   T10] usb 2-1: config 0 descriptor??
[  423.072114][T10930] IPVS: using max 52 ests per chain, 124800 per kthread
[  423.592219][   T10] usbhid 2-1:0.0: can't add hid device: -71
[  423.885144][   T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  424.137772][   T10] usb 2-1: USB disconnect, device number 50
[  424.905635][T10958] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1309'.
[  425.195994][   T10] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  425.372796][   T10] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  425.519306][ T5923] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  425.534819][   T10] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  425.595475][   T10] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  425.741003][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.872411][ T5923] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.885591][ T5923] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.895892][ T5923] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  425.912436][ T5923] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  425.931654][ T5923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.954870][ T5923] usb 4-1: config 0 descriptor??
[  425.997744][T10958] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  426.033224][   T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  426.231704][T10976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  426.326152][T10976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  426.461584][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  426.696527][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.120260][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.152262][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.200639][T10974] futex_wake_op: syz.1.1311 tries to shift op by 32; fix this program
[  427.236122][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.395111][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.567183][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.606007][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.676194][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.697240][ T5923] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  427.785316][ T5923] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  427.868800][ T5923] usb 4-1: USB disconnect, device number 51
[  429.267090][ T5970] usb 5-1: USB disconnect, device number 53
[  429.398214][T11007] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1318'.
[  429.599579][T11014] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1319'.
[  430.041821][T11032] netlink: 'syz.1.1324': attribute type 21 has an invalid length.
[  430.145225][T11032] netlink: 'syz.1.1324': attribute type 1 has an invalid length.
[  430.164361][T11032] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1324'.
[  430.227257][ T5952] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  430.376182][ T5952] usb 5-1: device descriptor read/64, error -71
[  430.409772][T11041] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1326'.
[  430.527913][T11041] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1326'.
[  430.883484][ T5952] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  431.101620][ T5952] usb 5-1: device descriptor read/64, error -71
[  431.626559][ T5952] usb usb5-port1: attempt power cycle
[  432.085200][ T5952] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  432.233318][ T5952] usb 5-1: device descriptor read/8, error -71
[  432.562341][ T5952] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  432.783013][ T5952] usb 5-1: device descriptor read/8, error -71
[  432.906515][ T5952] usb usb5-port1: unable to enumerate USB device
[  433.012625][T11060] pimreg: entered allmulticast mode
[  433.106050][T11062] loop6: detected capacity change from 0 to 7
[  433.148697][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  433.160352][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  433.172289][T11062] Dev loop6: unable to read RDB block 7
[  433.193517][T11062]  loop6: AHDI p1 p2 p3 p4
[  433.200327][T11062] loop6: partition table partially beyond EOD, truncated
[  433.210586][T11062] loop6: p1 start 926365495 is beyond EOD, truncated
[  433.219932][T11062] loop6: p2 size 47 extends beyond EOD, truncated
[  433.232181][T11070] pimreg: left allmulticast mode
[  433.260080][T11062] loop6: p3 start 1886353253 is beyond EOD, truncated
[  433.468105][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  433.854103][T11086] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1338'.
[  433.936169][ T5923] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  434.011835][T11092] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  434.157579][ T5923] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  434.175933][ T5923] usb 4-1: config 0 has no interfaces?
[  434.212486][ T5923] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  434.255797][ T5923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.299549][ T5923] usb 4-1: config 0 descriptor??
[  434.903865][T11093] futex_wake_op: syz.4.1332 tries to shift op by 32; fix this program
[  435.267579][T11116] binder: 11115:11116 ioctl c0306201 80000080 returned -14
[  435.276808][T11116] binder: BINDER_SET_CONTEXT_MGR already set
[  435.282979][T11116] binder: 11115:11116 ioctl 4018620d 80000040 returned -16
[  435.456980][T11116] binder: 11115:11116 ioctl c0306201 80000600 returned -14
[  435.753699][T11082] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1334'.
[  437.068986][ T5937] usb 4-1: USB disconnect, device number 52
[  437.906009][   T24] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  438.025827][ T5937] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  438.098425][   T24] usb 2-1: Using ep0 maxpacket: 8
[  438.131135][   T24] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  438.178564][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.226767][ T5937] usb 4-1: Using ep0 maxpacket: 16
[  438.242804][   T24] usb 2-1: config 0 descriptor??
[  438.307222][ T5937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.385944][ T5937] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  438.398280][ T5937] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.445238][ T5937] usb 4-1: config 0 descriptor??
[  438.489802][   T24] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  438.748619][T11153] futex_wake_op: syz.2.1352 tries to shift op by 32; fix this program
[  439.111376][ T5937] usbhid 4-1:0.0: can't add hid device: -71
[  439.137633][ T5937] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  439.210410][ T5937] usb 4-1: USB disconnect, device number 53
[  439.262422][T11157] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1353'.
[  440.029726][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  440.036242][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  440.239025][   T24] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  440.256002][   T24] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  440.313021][   T24] asix 2-1:0.0: probe with driver asix failed with error -71
[  440.384780][   T24] usb 2-1: USB disconnect, device number 51
[  440.432986][T11167] netlink: 'syz.2.1357': attribute type 4 has an invalid length.
[  440.485707][T11168] netlink: 'syz.2.1357': attribute type 4 has an invalid length.
[  440.543326][T11167] netlink: 'syz.2.1357': attribute type 7 has an invalid length.
[  440.582501][T11167] netlink: 'syz.2.1357': attribute type 8 has an invalid length.
[  440.615518][T11170] loop6: detected capacity change from 0 to 7
[  440.641456][T11170] Dev loop6: unable to read RDB block 7
[  440.670805][T11170]  loop6: AHDI p1 p2 p3 p4
[  440.698044][T11170] loop6: partition table partially beyond EOD, truncated
[  440.737425][T11170] loop6: p1 start 926365495 is beyond EOD, truncated
[  440.744827][T11170] loop6: p2 size 47 extends beyond EOD, truncated
[  440.754158][T11170] loop6: p3 start 1886353253 is beyond EOD, truncated
[  440.895644][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  440.915181][T11168] could not allocate digest TFM handle sha224-generic
[  442.472043][T11201] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1365'.
[  442.676940][T11200] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  443.709867][T11212] C: renamed from team_slave_0 (while UP)
[  443.748546][T11212] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1369'.
[  443.942145][T11216] loop6: detected capacity change from 0 to 7
[  443.984510][T11222] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1368'.
[  444.020004][T11216] Dev loop6: unable to read RDB block 7
[  444.026249][T11216]  loop6: AHDI p1 p2 p3 p4
[  444.042275][T11216] loop6: partition table partially beyond EOD, truncated
[  444.075002][T11216] loop6: p1 start 926365495 is beyond EOD, truncated
[  444.108005][T11216] loop6: p2 size 47 extends beyond EOD, truncated
[  444.191661][T11216] loop6: p3 start 1886353253 is beyond EOD, truncated
[  444.534512][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  445.068070][T11235] futex_wake_op: syz.2.1367 tries to shift op by 32; fix this program
[  445.185921][ T5923] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  445.209175][T11233] input: syz1 as /devices/virtual/input/input21
[  445.335911][ T5923] usb 2-1: Using ep0 maxpacket: 32
[  445.358994][ T5923] usb 2-1: config 0 has an invalid interface number: 170 but max is 0
[  445.375908][ T5923] usb 2-1: config 0 has no interface number 0
[  445.395923][ T5923] usb 2-1: config 0 interface 170 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  445.421715][ T5923] usb 2-1: config 0 interface 170 has no altsetting 0
[  445.456416][ T5923] usb 2-1: New USB device found, idVendor=305a, idProduct=1405, bcdDevice=f0.b4
[  445.475926][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.475929][ T5937] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  445.475954][ T5923] usb 2-1: Product: syz
[  445.545460][ T5923] usb 2-1: Manufacturer: syz
[  445.568867][ T5923] usb 2-1: SerialNumber: syz
[  445.575224][T11243] netlink: 'syz.3.1377': attribute type 4 has an invalid length.
[  445.599061][ T5923] usb 2-1: config 0 descriptor??
[  445.617908][T11243] netlink: 'syz.3.1377': attribute type 7 has an invalid length.
[  445.626040][T11243] netlink: 'syz.3.1377': attribute type 8 has an invalid length.
[  445.635884][ T5937] usb 5-1: Using ep0 maxpacket: 16
[  445.913074][ T5923] option 2-1:0.170: GSM modem (1-port) converter detected
[  446.077013][ T5937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  446.181444][ T5923] usb 2-1: USB disconnect, device number 52
[  446.189160][ T5923] option 2-1:0.170: device disconnected
[  446.222156][ T5937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.266443][ T5937] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  446.298687][ T5937] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  446.322887][ T5937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.363879][ T5937] usb 5-1: config 0 descriptor??
[  446.401766][T11248] could not allocate digest TFM handle sha224-generic
[  446.643400][T11259] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1380'.
[  446.836311][ T5937] hid_parser_main: 1 callbacks suppressed
[  446.836333][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x2
[  446.859249][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  446.874390][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  446.909121][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  446.952494][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  446.962833][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  446.973134][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  446.983391][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  447.047709][ T5937] microsoft 0003:045E:07DA.0017: unknown main item tag 0x0
[  447.679149][ T5937] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0017/input/input22
[  447.980089][ T5937] microsoft 0003:045E:07DA.0017: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  448.447662][T11273] loop6: detected capacity change from 0 to 7
[  448.471186][T11273] Dev loop6: unable to read RDB block 7
[  448.630240][    T9] usb 5-1: USB disconnect, device number 58
[  448.630625][T11273]  loop6: AHDI p1 p2 p3 p4
[  448.684089][T11273] loop6: partition table partially beyond EOD, truncated
[  448.779178][T11271] fido_id[11271]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  448.794770][T11273] loop6: p1 start 926365495 is beyond EOD, truncated
[  448.806778][T11273] loop6: p2 size 47 extends beyond EOD, truncated
[  448.897516][T11273] loop6: p3 start 1886353253 is beyond EOD, truncated
[  449.163232][ T5937] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  449.189251][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  449.629579][ T5937] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  449.656953][ T5937] usb 1-1: config 0 has no interfaces?
[  449.680551][ T5937] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  449.723250][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.775926][ T5937] usb 1-1: config 0 descriptor??
[  450.346122][T11280] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1386'.
[  450.708135][ T5937] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  450.898965][T11302] netlink: 'syz.3.1391': attribute type 4 has an invalid length.
[  450.908765][ T5937] usb 3-1: Using ep0 maxpacket: 32
[  450.920017][ T5937] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  450.978757][ T5937] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  450.997513][T11302] netlink: 'syz.3.1391': attribute type 7 has an invalid length.
[  451.051289][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.088381][T11302] netlink: 'syz.3.1391': attribute type 8 has an invalid length.
[  451.209783][ T5937] usb 3-1: Product: syz
[  451.214003][ T5937] usb 3-1: Manufacturer: syz
[  451.272159][ T5937] usb 3-1: SerialNumber: syz
[  451.326997][ T5937] usb 3-1: config 0 descriptor??
[  451.642153][T11304] futex_wake_op: syz.1.1389 tries to shift op by 32; fix this program
[  451.745542][T11302] could not allocate digest TFM handle sha224-generic
[  452.783369][T11319] input: syz0 as /devices/virtual/input/input23
[  452.894247][T11320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  452.903837][T11320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  452.974859][ T5937] usb 1-1: USB disconnect, device number 57
[  453.751266][T11335] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1396'.
[  454.452125][ T5937] usb 3-1: USB disconnect, device number 46
[  454.741736][T11341] loop6: detected capacity change from 0 to 7
[  454.756956][T11341] Dev loop6: unable to read RDB block 7
[  454.765847][T11341]  loop6: AHDI p1 p2 p3 p4
[  454.771115][T11341] loop6: partition table partially beyond EOD, truncated
[  454.802253][T11341] loop6: p1 start 926365495 is beyond EOD, truncated
[  454.823905][T11341] loop6: p2 size 47 extends beyond EOD, truncated
[  454.939458][T11341] loop6: p3 start 1886353253 is beyond EOD, truncated
[  455.127189][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  455.324228][T11347] netlink: 328 bytes leftover after parsing attributes in process `syz.4.1401'.
[  455.367026][T11347] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1401'.
[  455.377589][T11347] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1401'.
[  455.627155][ T5937] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  455.795874][ T5937] usb 3-1: device descriptor read/64, error -71
[  456.022643][T11361] netlink: 'syz.0.1404': attribute type 4 has an invalid length.
[  456.023683][T11361] netlink: 'syz.0.1404': attribute type 7 has an invalid length.
[  456.023706][T11361] netlink: 'syz.0.1404': attribute type 8 has an invalid length.
[  456.073685][ T5937] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  456.216013][ T5937] usb 3-1: device descriptor read/64, error -71
[  456.225992][ T5923] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  456.321207][T11362] could not allocate digest TFM handle sha224-generic
[  456.336278][ T5937] usb usb3-port1: attempt power cycle
[  456.397535][ T5923] usb 5-1: Using ep0 maxpacket: 32
[  456.550149][ T5923] usb 5-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b
[  456.562278][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.584162][ T5923] usb 5-1: Product: syz
[  456.601143][ T5923] usb 5-1: Manufacturer: syz
[  456.614591][ T5923] usb 5-1: SerialNumber: syz
[  456.675944][ T5937] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  456.709559][ T5937] usb 3-1: device descriptor read/8, error -71
[  456.891924][ T5923] usb 5-1: palm_os_4_probe - error -71 getting connection info
[  456.900069][ T5923] visor 5-1:1.0: Handspring Visor / Palm OS converter detected
[  456.929992][ T5923] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  456.941746][ T5923] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  456.956744][ T5923] usb 5-1: USB disconnect, device number 59
[  456.973416][ T5937] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  456.978984][ T5923] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  457.016418][ T5937] usb 3-1: device descriptor read/8, error -71
[  457.093681][ T5923] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  457.127030][ T5923] visor 5-1:1.0: device disconnected
[  457.159272][ T5937] usb usb3-port1: unable to enumerate USB device
[  457.243193][T11386] loop6: detected capacity change from 0 to 7
[  457.254619][ T6538] Dev loop6: unable to read RDB block 7
[  457.261360][ T6538]  loop6: AHDI p1 p2 p3 p4
[  457.266756][ T6538] loop6: partition table partially beyond EOD, truncated
[  457.274269][ T6538] loop6: p1 start 926365495 is beyond EOD, truncated
[  457.282030][ T6538] loop6: p2 size 47 extends beyond EOD, truncated
[  457.300146][ T6538] loop6: p3 start 1886353253 is beyond EOD, truncated
[  457.315272][T11386] Dev loop6: unable to read RDB block 7
[  457.325367][T11386]  loop6: AHDI p1 p2 p3 p4
[  457.331235][T11386] loop6: partition table partially beyond EOD, truncated
[  457.342033][T11386] loop6: p1 start 926365495 is beyond EOD, truncated
[  457.352860][T11386] loop6: p2 size 47 extends beyond EOD, truncated
[  457.414752][T11386] loop6: p3 start 1886353253 is beyond EOD, truncated
[  457.855870][T11392] futex_wake_op: syz.1.1406 tries to shift op by 32; fix this program
[  458.071323][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  458.614498][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  458.793565][T11407] netlink: 'syz.3.1416': attribute type 4 has an invalid length.
[  458.803033][T11407] netlink: 'syz.3.1416': attribute type 7 has an invalid length.
[  458.810901][T11407] netlink: 'syz.3.1416': attribute type 8 has an invalid length.
[  458.908756][T11410] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1417'.
[  459.204930][T11412] could not allocate digest TFM handle sha224-generic
[  460.414950][T11428] bridge2: entered allmulticast mode
[  460.811762][T11440] loop6: detected capacity change from 0 to 7
[  461.061260][T11440] Dev loop6: unable to read RDB block 7
[  461.068287][T11440]  loop6: AHDI p1 p2 p3 p4
[  461.081479][T11440] loop6: partition table partially beyond EOD, truncated
[  461.117536][T11440] loop6: p1 start 926365495 is beyond EOD, truncated
[  461.140476][T11444] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  461.162440][T11440] loop6: p2 size 47 extends beyond EOD, truncated
[  461.201422][T11440] loop6: p3 start 1886353253 is beyond EOD, truncated
[  461.379803][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  461.525862][ T5937] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  461.626604][T11444] batman_adv: batadv0: Removing interface: batadv_slave_1
[  462.215581][ T5937] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  462.233535][ T5937] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  462.247745][ T5937] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  462.261468][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.289858][T11443] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  462.303486][ T5937] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  462.922068][T11458] sctp: [Deprecated]: syz.2.1428 (pid 11458) Use of int in maxseg socket option.
[  462.922068][T11458] Use struct sctp_assoc_value instead
[  463.811649][T11443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  463.928849][T11443] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  465.624801][ T5970] usb 1-1: USB disconnect, device number 58
[  465.653114][T11434] delete_channel: no stack
[  465.766742][T11494] openvswitch: netlink: Flow actions attr not present in new flow.
[  466.524904][T11507] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1437'.
[  467.435880][ T5923] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  467.645387][ T5923] usb 5-1: config 9 has an invalid interface number: 32 but max is 0
[  467.710782][ T5923] usb 5-1: config 9 has no interface number 0
[  467.799821][ T5923] usb 5-1: config 9 interface 32 altsetting 9 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  467.823355][ T5923] usb 5-1: config 9 interface 32 altsetting 9 bulk endpoint 0x2 has invalid maxpacket 1024
[  467.868224][ T5923] usb 5-1: config 9 interface 32 has no altsetting 0
[  467.975956][   T43] usb 3-1: new low-speed USB device number 51 using dummy_hcd
[  468.127697][ T5923] usb 5-1: New USB device found, idVendor=0421, idProduct=01d0, bcdDevice=44.b3
[  468.145514][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  468.167474][ T5923] usb 5-1: Product: syz
[  468.173386][ T5923] usb 5-1: Manufacturer: syz
[  468.184449][ T5923] usb 5-1: SerialNumber: syz
[  468.185982][   T43] usb 3-1: device descriptor read/64, error -71
[  468.208743][T11513] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  468.435952][   T43] usb 3-1: new low-speed USB device number 52 using dummy_hcd
[  468.522030][T11513] input: syz1 as /devices/virtual/input/input24
[  468.588715][   T43] usb 3-1: device descriptor read/64, error -71
[  468.635303][ T5923] usb 5-1: USB disconnect, device number 60
[  468.696424][   T43] usb usb3-port1: attempt power cycle
[  469.035822][   T43] usb 3-1: new low-speed USB device number 53 using dummy_hcd
[  469.178170][ T5923] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  469.186087][   T43] usb 3-1: device descriptor read/8, error -71
[  469.406150][ T5923] usb 5-1: device descriptor read/64, error -71
[  469.545811][   T43] usb 3-1: new low-speed USB device number 54 using dummy_hcd
[  469.586434][   T43] usb 3-1: device descriptor read/8, error -71
[  469.665651][T11535] loop6: detected capacity change from 0 to 7
[  469.674201][ T5923] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  469.706284][   T43] usb usb3-port1: unable to enumerate USB device
[  469.714718][T11535] Dev loop6: unable to read RDB block 7
[  469.723418][T11535]  loop6: AHDI p1 p2 p3 p4
[  469.729299][T11535] loop6: partition table partially beyond EOD, truncated
[  469.750855][T11535] loop6: p1 start 926365495 is beyond EOD, truncated
[  469.776013][T11535] loop6: p2 size 47 extends beyond EOD, truncated
[  469.824013][T11535] loop6: p3 start 1886353253 is beyond EOD, truncated
[  469.831341][ T5923] usb 5-1: device descriptor read/64, error -71
[  469.987120][ T5923] usb usb5-port1: attempt power cycle
[  470.021619][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  470.052386][T11544] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1450'.
[  470.158112][T11544] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  470.350424][ T5923] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  470.378828][ T5923] usb 5-1: device descriptor read/8, error -71
[  471.199019][T11555] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1453'.
[  471.252200][T11556] netlink: 'syz.2.1453': attribute type 3 has an invalid length.
[  471.314277][T11555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1453'.
[  471.323755][ T5923] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  471.360009][ T5923] usb 5-1: device descriptor read/8, error -71
[  471.487811][ T5923] usb usb5-port1: unable to enumerate USB device
[  471.589003][T11562] netlink: 'syz.0.1456': attribute type 4 has an invalid length.
[  471.607514][T11564] FAULT_INJECTION: forcing a failure.
[  471.607514][T11564] name failslab, interval 1, probability 0, space 0, times 0
[  471.608654][T11562] netlink: 'syz.0.1456': attribute type 7 has an invalid length.
[  471.658212][   T10] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  471.663575][T11562] netlink: 'syz.0.1456': attribute type 8 has an invalid length.
[  471.686603][T11564] CPU: 1 UID: 0 PID: 11564 Comm: syz.2.1457 Not tainted syzkaller #0 PREEMPT(full) 
[  471.686619][T11564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  471.686628][T11564] Call Trace:
[  471.686633][T11564]  <TASK>
[  471.686638][T11564]  dump_stack_lvl+0x189/0x250
[  471.686656][T11564]  ? __pfx____ratelimit+0x10/0x10
[  471.686671][T11564]  ? __pfx_dump_stack_lvl+0x10/0x10
[  471.686682][T11564]  ? __pfx__printk+0x10/0x10
[  471.686705][T11564]  ? __pfx___might_resched+0x10/0x10
[  471.686717][T11564]  should_fail_ex+0x414/0x560
[  471.686733][T11564]  should_failslab+0xa8/0x100
[  471.686748][T11564]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  471.686763][T11564]  ? __alloc_skb+0x112/0x2d0
[  471.686774][T11564]  __alloc_skb+0x112/0x2d0
[  471.686785][T11564]  netlink_sendmsg+0x5c6/0xb30
[  471.686799][T11564]  ? __pfx_netlink_sendmsg+0x10/0x10
[  471.686809][T11564]  ? __import_iovec+0x5d4/0x7f0
[  471.686820][T11564]  ? aa_sock_msg_perm+0xf1/0x1d0
[  471.686830][T11564]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  471.686840][T11564]  ? __pfx_netlink_sendmsg+0x10/0x10
[  471.686850][T11564]  __sock_sendmsg+0x219/0x270
[  471.686864][T11564]  ____sys_sendmsg+0x505/0x830
[  471.686878][T11564]  ? __pfx_____sys_sendmsg+0x10/0x10
[  471.686895][T11564]  ___sys_sendmsg+0x21f/0x2a0
[  471.686907][T11564]  ? __pfx____sys_sendmsg+0x10/0x10
[  471.686934][T11564]  ? __fget_files+0x2a/0x420
[  471.686942][T11564]  ? __fget_files+0x3a0/0x420
[  471.686960][T11564]  __sys_sendmsg+0x164/0x220
[  471.686977][T11564]  ? __pfx___sys_sendmsg+0x10/0x10
[  471.687009][T11564]  ? lockdep_hardirqs_on+0x9c/0x150
[  471.687033][T11564]  __do_fast_syscall_32+0xb6/0x2b0
[  471.687049][T11564]  ? lockdep_hardirqs_on+0x9c/0x150
[  471.687072][T11564]  do_fast_syscall_32+0x34/0x80
[  471.687087][T11564]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  471.687111][T11564] RIP: 0023:0xf7fb2539
[  471.687125][T11564] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  471.687139][T11564] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  471.687155][T11564] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800012c0
[  471.687162][T11564] RDX: 0000000020040084 RSI: 0000000000000000 RDI: 0000000000000000
[  471.687168][T11564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  471.687173][T11564] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  471.687179][T11564] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  471.687192][T11564]  </TASK>
[  471.897961][   T10] usb 2-1: config 9 has an invalid interface number: 32 but max is 0
[  471.902950][    C1] vkms_vblank_simulate: vblank timer overrun
[  471.914953][   T10] usb 2-1: config 9 has no interface number 0
[  472.033948][T11566] could not allocate digest TFM handle sha224-generic
[  472.318538][   T10] usb 2-1: config 9 interface 32 altsetting 9 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  472.360742][   T10] usb 2-1: config 9 interface 32 altsetting 9 bulk endpoint 0x2 has invalid maxpacket 1024
[  472.403606][   T10] usb 2-1: config 9 interface 32 has no altsetting 0
[  472.417363][   T10] usb 2-1: New USB device found, idVendor=0421, idProduct=01d0, bcdDevice=44.b3
[  472.429901][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  472.438577][   T10] usb 2-1: Product: syz
[  472.447343][   T10] usb 2-1: Manufacturer: syz
[  472.469504][   T10] usb 2-1: SerialNumber: syz
[  472.601883][T11558] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  472.841463][T11580] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1462'.
[  472.845091][T11558] input: syz1 as /devices/virtual/input/input25
[  472.918091][T11583] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  473.252755][   T10] usb 2-1: USB disconnect, device number 53
[  473.788216][T11602] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1470'.
[  474.023314][T11586] delete_channel: no stack
[  474.067336][T11609] netlink: 'syz.4.1471': attribute type 4 has an invalid length.
[  474.087372][T11609] netlink: 'syz.4.1471': attribute type 7 has an invalid length.
[  474.095169][T11609] netlink: 'syz.4.1471': attribute type 8 has an invalid length.
[  474.141806][T11614] loop6: detected capacity change from 0 to 7
[  474.151858][T11614] Dev loop6: unable to read RDB block 7
[  474.157545][T11614]  loop6: AHDI p1 p2 p3 p4
[  474.195906][ T5923] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  474.199408][T11614] loop6: partition table partially beyond EOD, 
[  474.226390][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.246184][T11614] truncated
[  474.270777][T11614] loop6: p1 start 926365495 is beyond EOD, truncated
[  474.315959][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.325929][T11614] loop6: p2 size 47 extends beyond EOD, truncated
[  474.353601][T11614] loop6: p3 start 1886353253 is beyond EOD, truncated
[  474.488947][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  474.549556][T11622] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1475'.
[  474.646402][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.659873][T11612] could not allocate digest TFM handle sha224-generic
[  474.704478][T11622] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  474.721729][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.026002][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.075601][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.196004][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.515832][   T10] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  475.832350][   T10] usb 5-1: Using ep0 maxpacket: 8
[  475.841576][   T10] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  475.857303][   T10] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  475.869000][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.870906][   T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  475.888597][   T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  475.903640][   T10] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  475.925008][   T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  475.938869][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.454673][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  476.507031][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  476.552435][   T10] usbtmc 5-1:16.0: bulk endpoints not found
[  476.934470][T11659] loop6: detected capacity change from 0 to 7
[  476.960093][T11659] Dev loop6: unable to read RDB block 7
[  476.969751][T11659]  loop6: AHDI p1 p2 p3 p4
[  476.983681][T11659] loop6: partition table partially beyond EOD, truncated
[  476.994062][T11659] loop6: p1 start 926365495 is beyond EOD, truncated
[  477.004882][T11659] loop6: p2 size 47 extends beyond EOD, truncated
[  477.087184][T11659] loop6: p3 start 1886353253 is beyond EOD, truncated
[  477.185701][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  477.217926][   T10] usb 5-1: USB disconnect, device number 65
[  477.818958][T11671] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  477.829178][T11671] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  477.835449][T11671] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  477.843314][T11671] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  477.866716][T11671] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  478.086555][T11677] netlink: 'syz.0.1490': attribute type 4 has an invalid length.
[  478.096180][T11677] netlink: 'syz.0.1490': attribute type 7 has an invalid length.
[  478.105318][T11677] netlink: 'syz.0.1490': attribute type 8 has an invalid length.
[  478.263526][T11682] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1491'.
[  478.409831][T11682] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  478.454751][T11679] could not allocate digest TFM handle sha224-generic
[  479.785998][ T5184] Bluetooth: hci0: command 0x0c1a tx timeout
[  479.814005][ T8321] net_ratelimit: 8 callbacks suppressed
[  479.814021][ T8321] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.829803][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.840264][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.865977][ T5184] Bluetooth: hci3: command 0x0c1a tx timeout
[  479.872843][ T5869] Bluetooth: hci2: command 0x0c1a tx timeout
[  479.879764][ T5869] Bluetooth: hci1: command 0x0c1a tx timeout
[  479.946317][ T5871] Bluetooth: hci4: command 0x0c1a tx timeout
[  480.610238][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.650514][T11711] loop6: detected capacity change from 0 to 7
[  480.666120][T11711] Dev loop6: unable to read RDB block 7
[  480.679350][T11711]  loop6: AHDI p1 p2 p3 p4
[  480.683804][T11711] loop6: partition table partially beyond EOD, truncated
[  480.711248][T11711] loop6: p1 start 926365495 is beyond EOD, truncated
[  480.738141][T11711] loop6: p2 size 47 extends beyond EOD, truncated
[  480.767147][T11711] loop6: p3 start 1886353253 is beyond EOD, truncated
[  480.910710][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  481.250399][T11720] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1503'.
[  481.622998][   T43] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  481.639313][T11732] FAULT_INJECTION: forcing a failure.
[  481.639313][T11732] name failslab, interval 1, probability 0, space 0, times 0
[  481.653250][T11732] CPU: 0 UID: 0 PID: 11732 Comm: syz.2.1506 Not tainted syzkaller #0 PREEMPT(full) 
[  481.653274][T11732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  481.653285][T11732] Call Trace:
[  481.653291][T11732]  <TASK>
[  481.653299][T11732]  dump_stack_lvl+0x189/0x250
[  481.653333][T11732]  ? __pfx____ratelimit+0x10/0x10
[  481.653356][T11732]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.653374][T11732]  ? __pfx__printk+0x10/0x10
[  481.653397][T11732]  ? __lock_acquire+0xab9/0xd20
[  481.653428][T11732]  should_fail_ex+0x414/0x560
[  481.653454][T11732]  should_failslab+0xa8/0x100
[  481.653478][T11732]  kmem_cache_alloc_noprof+0x73/0x3c0
[  481.653498][T11732]  ? skb_clone+0x212/0x3a0
[  481.653521][T11732]  skb_clone+0x212/0x3a0
[  481.653543][T11732]  __netlink_deliver_tap+0x404/0x850
[  481.653579][T11732]  ? netlink_deliver_tap+0x2e/0x1b0
[  481.653603][T11732]  netlink_deliver_tap+0x19c/0x1b0
[  481.653627][T11732]  netlink_unicast+0x7fa/0x9e0
[  481.653657][T11732]  ? __pfx_netlink_unicast+0x10/0x10
[  481.653680][T11732]  ? netlink_sendmsg+0x642/0xb30
[  481.653694][T11732]  ? skb_put+0x11b/0x210
[  481.653715][T11732]  netlink_sendmsg+0x805/0xb30
[  481.653741][T11732]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.653760][T11732]  ? __import_iovec+0x5d4/0x7f0
[  481.653777][T11732]  ? aa_sock_msg_perm+0xf1/0x1d0
[  481.653795][T11732]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  481.653813][T11732]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.653830][T11732]  __sock_sendmsg+0x219/0x270
[  481.653855][T11732]  ____sys_sendmsg+0x505/0x830
[  481.653879][T11732]  ? __pfx_____sys_sendmsg+0x10/0x10
[  481.653914][T11732]  ___sys_sendmsg+0x21f/0x2a0
[  481.653935][T11732]  ? __pfx____sys_sendmsg+0x10/0x10
[  481.654008][T11732]  ? __fget_files+0x2a/0x420
[  481.654024][T11732]  ? __fget_files+0x3a0/0x420
[  481.654049][T11732]  __sys_sendmsg+0x164/0x220
[  481.654069][T11732]  ? __pfx___sys_sendmsg+0x10/0x10
[  481.654103][T11732]  ? lockdep_hardirqs_on+0x9c/0x150
[  481.654128][T11732]  __do_fast_syscall_32+0xb6/0x2b0
[  481.654146][T11732]  ? lockdep_hardirqs_on+0x9c/0x150
[  481.654172][T11732]  do_fast_syscall_32+0x34/0x80
[  481.654189][T11732]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  481.654208][T11732] RIP: 0023:0xf7fb2539
[  481.654222][T11732] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  481.654237][T11732] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  481.654256][T11732] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800012c0
[  481.654268][T11732] RDX: 0000000020040084 RSI: 0000000000000000 RDI: 0000000000000000
[  481.654278][T11732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  481.654288][T11732] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  481.654299][T11732] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.654332][T11732]  </TASK>
[  481.655498][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.974792][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  482.002851][T11720] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  482.136067][   T43] usb 1-1: Using ep0 maxpacket: 32
[  482.150218][   T43] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  482.335917][   T43] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  482.363685][   T43] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  482.373012][   T43] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  482.375938][   T10] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  482.381526][   T43] usb 1-1: Product: syz
[  482.393344][   T43] usb 1-1: Manufacturer: syz
[  482.560034][   T43] hub 1-1:4.0: USB hub found
[  482.676064][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  482.728141][   T10] usb 3-1: Using ep0 maxpacket: 16
[  482.735277][   T10] usb 3-1: config 0 has an invalid interface number: 119 but max is 0
[  482.745215][   T10] usb 3-1: config 0 has no interface number 0
[  482.751644][   T43] hub 1-1:4.0: 2 ports detected
[  482.754629][   T10] usb 3-1: too many endpoints for config 0 interface 119 altsetting 111: 102, using maximum allowed: 30
[  483.053280][   T10] usb 3-1: config 0 interface 119 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 102
[  483.074695][T11747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.112459][   T10] usb 3-1: config 0 interface 119 has no altsetting 0
[  483.182473][T11747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  483.254836][   T10] usb 3-1: config 0 has an invalid interface number: 119 but max is 0
[  483.263337][   T10] usb 3-1: config 0 has no interface number 0
[  483.271490][   T10] usb 3-1: too many endpoints for config 0 interface 119 altsetting 111: 102, using maximum allowed: 30
[  483.283132][   T10] usb 3-1: config 0 interface 119 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 102
[  483.297205][   T10] usb 3-1: config 0 interface 119 has no altsetting 0
[  483.310578][   T10] usb 3-1: config 0 has an invalid interface number: 119 but max is 0
[  483.329397][   T10] usb 3-1: config 0 has no interface number 0
[  483.337880][   T10] usb 3-1: too many endpoints for config 0 interface 119 altsetting 111: 102, using maximum allowed: 30
[  483.352169][   T10] usb 3-1: config 0 interface 119 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 102
[  483.393796][   T10] usb 3-1: config 0 interface 119 has no altsetting 0
[  483.411567][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=08b5, bcdDevice=d7.01
[  483.427104][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.444361][   T10] usb 3-1: Product: syz
[  483.451601][   T10] usb 3-1: Manufacturer: syz
[  483.460654][   T10] usb 3-1: SerialNumber: syz
[  483.494854][   T10] usb 3-1: config 0 descriptor??
[  483.706254][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  483.721540][T11736] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1507'.
[  483.768768][T11736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.792693][   T43] hub 1-1:4.0: hub_hub_status failed (err = -32)
[  483.810936][T11736] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  483.837521][   T43] hub 1-1:4.0: config failed, can't get hub status (err -32)
[  483.857265][T11736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.891705][T11736] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  484.012046][   T10] usb 3-1: USB disconnect, device number 55
[  484.342323][T11764] loop6: detected capacity change from 0 to 7
[  484.369201][T11765] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1510'.
[  484.422857][T11764] Dev loop6: unable to read RDB block 7
[  484.436422][T11764]  loop6: AHDI p1 p2 p3 p4
[  484.450781][T11764] loop6: partition table partially beyond EOD, truncated
[  484.613617][T11764] loop6: p1 start 926365495 is beyond EOD, truncated
[  484.621397][T11764] loop6: p2 size 47 extends beyond EOD, truncated
[  484.627160][T11769] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.647220][T11769] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.679040][T11764] loop6: p3 start 1886353253 is beyond EOD, truncated
[  484.962135][ T5937] net_ratelimit: 40 callbacks suppressed
[  484.962148][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.001020][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.066354][ T8322] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.075334][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.086540][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.097911][T11769] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.158854][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  485.296433][ T5972] usb 1-1: USB disconnect, device number 59
[  485.348523][    C1] vkms_vblank_simulate: vblank timer overrun
[  485.503331][T11769] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.624992][T11769] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.647570][T11769] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.656138][T11769] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.985438][   T43] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  486.122100][T11781] FAULT_INJECTION: forcing a failure.
[  486.122100][T11781] name failslab, interval 1, probability 0, space 0, times 0
[  486.134964][T11781] CPU: 1 UID: 0 PID: 11781 Comm: syz.2.1517 Not tainted syzkaller #0 PREEMPT(full) 
[  486.134980][T11781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  486.134986][T11781] Call Trace:
[  486.134991][T11781]  <TASK>
[  486.134995][T11781]  dump_stack_lvl+0x189/0x250
[  486.135012][T11781]  ? __pfx____ratelimit+0x10/0x10
[  486.135032][T11781]  ? __pfx_dump_stack_lvl+0x10/0x10
[  486.135043][T11781]  ? __pfx__printk+0x10/0x10
[  486.135060][T11781]  ? __pfx___might_resched+0x10/0x10
[  486.135069][T11781]  ? fs_reclaim_acquire+0x7d/0x100
[  486.135087][T11781]  should_fail_ex+0x414/0x560
[  486.135103][T11781]  should_failslab+0xa8/0x100
[  486.135118][T11781]  __kmalloc_node_noprof+0xd1/0x4e0
[  486.135132][T11781]  ? qdisc_alloc+0x97/0xaa0
[  486.135149][T11781]  qdisc_alloc+0x97/0xaa0
[  486.135167][T11781]  qdisc_create+0x12c/0xea0
[  486.135182][T11781]  ? qdisc_lookup+0x36d/0x6d0
[  486.135193][T11781]  tc_modify_qdisc+0x1538/0x20e0
[  486.135213][T11781]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  486.135241][T11781]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  486.135257][T11781]  rtnetlink_rcv_msg+0x779/0xb70
[  486.135274][T11781]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  486.135288][T11781]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  486.135306][T11781]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  486.135325][T11781]  netlink_rcv_skb+0x205/0x470
[  486.135338][T11781]  ? rcu_is_watching+0x15/0xb0
[  486.135348][T11781]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  486.135363][T11781]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  486.135383][T11781]  ? netlink_deliver_tap+0x2e/0x1b0
[  486.135402][T11781]  netlink_unicast+0x82c/0x9e0
[  486.135419][T11781]  ? __pfx_netlink_unicast+0x10/0x10
[  486.135434][T11781]  ? netlink_sendmsg+0x642/0xb30
[  486.135441][T11781]  ? skb_put+0x11b/0x210
[  486.135453][T11781]  netlink_sendmsg+0x805/0xb30
[  486.135466][T11781]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.135476][T11781]  ? __import_iovec+0x5d4/0x7f0
[  486.135487][T11781]  ? aa_sock_msg_perm+0xf1/0x1d0
[  486.135497][T11781]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  486.135507][T11781]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.135516][T11781]  __sock_sendmsg+0x219/0x270
[  486.135531][T11781]  ____sys_sendmsg+0x505/0x830
[  486.135544][T11781]  ? __pfx_____sys_sendmsg+0x10/0x10
[  486.135563][T11781]  ___sys_sendmsg+0x21f/0x2a0
[  486.135574][T11781]  ? __pfx____sys_sendmsg+0x10/0x10
[  486.135604][T11781]  ? __fget_files+0x2a/0x420
[  486.135612][T11781]  ? __fget_files+0x3a0/0x420
[  486.135625][T11781]  __sys_sendmsg+0x164/0x220
[  486.135636][T11781]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.135655][T11781]  ? lockdep_hardirqs_on+0x9c/0x150
[  486.135671][T11781]  __do_fast_syscall_32+0xb6/0x2b0
[  486.135680][T11781]  ? lockdep_hardirqs_on+0x9c/0x150
[  486.135696][T11781]  do_fast_syscall_32+0x34/0x80
[  486.135711][T11781]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.135741][T11781] RIP: 0023:0xf7fb2539
[  486.135754][T11781] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  486.135766][T11781] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  486.135783][T11781] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800012c0
[  486.135793][T11781] RDX: 0000000020040084 RSI: 0000000000000000 RDI: 0000000000000000
[  486.135802][T11781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  486.135812][T11781] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  486.135821][T11781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.135844][T11781]  </TASK>
[  486.481543][    C1] vkms_vblank_simulate: vblank timer overrun
[  486.585051][   T43] usb 4-1: Using ep0 maxpacket: 32
[  486.705295][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  486.716369][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  486.726164][   T43] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  486.735238][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.757057][   T43] usb 4-1: config 0 descriptor??
[  486.834905][T11787] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1518'.
[  487.040680][T11787] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  488.191478][   T43] hid-u2fzero 0003:10C4:8ACF.0018: unexpected long global item
[  488.203793][   T43] hid-u2fzero 0003:10C4:8ACF.0018: probe with driver hid-u2fzero failed with error -22
[  488.231341][   T43] usb 4-1: USB disconnect, device number 55
[  490.026704][T11830] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[  490.123188][T11832] netlink: 'syz.4.1528': attribute type 4 has an invalid length.
[  490.136017][T11832] netlink: 'syz.4.1528': attribute type 7 has an invalid length.
[  490.146200][    C1] net_ratelimit: 982 callbacks suppressed
[  490.146222][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.182013][T11832] netlink: 'syz.4.1528': attribute type 8 has an invalid length.
[  490.289501][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.586391][ T8322] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.596960][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.607518][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.146139][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.175934][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.205985][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.314486][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.456032][T11837] could not allocate digest TFM handle sha224-generic
[  491.761189][T11851] FAULT_INJECTION: forcing a failure.
[  491.761189][T11851] name failslab, interval 1, probability 0, space 0, times 0
[  491.776056][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.787064][ T5952] usb 1-1: new full-speed USB device number 60 using dummy_hcd
[  491.846430][T11853] netlink: 'syz.3.1533': attribute type 11 has an invalid length.
[  491.854319][T11851] CPU: 1 UID: 0 PID: 11851 Comm: syz.1.1531 Not tainted syzkaller #0 PREEMPT(full) 
[  491.854339][T11851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  491.854346][T11851] Call Trace:
[  491.854352][T11851]  <TASK>
[  491.854357][T11851]  dump_stack_lvl+0x189/0x250
[  491.854378][T11851]  ? __pfx____ratelimit+0x10/0x10
[  491.854398][T11851]  ? __pfx_dump_stack_lvl+0x10/0x10
[  491.854421][T11851]  ? __pfx__printk+0x10/0x10
[  491.854444][T11851]  ? __pfx___might_resched+0x10/0x10
[  491.854463][T11851]  ? fs_reclaim_acquire+0x7d/0x100
[  491.854488][T11851]  should_fail_ex+0x414/0x560
[  491.854508][T11851]  should_failslab+0xa8/0x100
[  491.854524][T11851]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  491.854537][T11851]  ? __alloc_skb+0x112/0x2d0
[  491.854549][T11851]  __alloc_skb+0x112/0x2d0
[  491.854563][T11851]  netlink_ack+0x146/0xa50
[  491.854578][T11851]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  491.854594][T11851]  ? ref_tracker_free+0x63a/0x7d0
[  491.854607][T11851]  ? __asan_memcpy+0x40/0x70
[  491.854618][T11851]  ? __pfx_ref_tracker_free+0x10/0x10
[  491.854630][T11851]  ? __skb_clone+0x63/0x7a0
[  491.854645][T11851]  netlink_rcv_skb+0x28c/0x470
[  491.854660][T11851]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  491.854675][T11851]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  491.854695][T11851]  ? netlink_deliver_tap+0x2e/0x1b0
[  491.854713][T11851]  netlink_unicast+0x82c/0x9e0
[  491.854731][T11851]  ? __pfx_netlink_unicast+0x10/0x10
[  491.854745][T11851]  ? netlink_sendmsg+0x642/0xb30
[  491.854757][T11851]  ? skb_put+0x11b/0x210
[  491.854768][T11851]  netlink_sendmsg+0x805/0xb30
[  491.854781][T11851]  ? __pfx_netlink_sendmsg+0x10/0x10
[  491.854791][T11851]  ? __import_iovec+0x5d4/0x7f0
[  491.854801][T11851]  ? aa_sock_msg_perm+0xf1/0x1d0
[  491.854811][T11851]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  491.854822][T11851]  ? __pfx_netlink_sendmsg+0x10/0x10
[  491.854831][T11851]  __sock_sendmsg+0x219/0x270
[  491.854845][T11851]  ____sys_sendmsg+0x505/0x830
[  491.854859][T11851]  ? __pfx_____sys_sendmsg+0x10/0x10
[  491.854879][T11851]  ___sys_sendmsg+0x21f/0x2a0
[  491.854890][T11851]  ? __pfx____sys_sendmsg+0x10/0x10
[  491.854918][T11851]  ? __fget_files+0x2a/0x420
[  491.854927][T11851]  ? __fget_files+0x3a0/0x420
[  491.854940][T11851]  __sys_sendmsg+0x164/0x220
[  491.854951][T11851]  ? __pfx___sys_sendmsg+0x10/0x10
[  491.854969][T11851]  ? lockdep_hardirqs_on+0x9c/0x150
[  491.854985][T11851]  __do_fast_syscall_32+0xb6/0x2b0
[  491.854995][T11851]  ? lockdep_hardirqs_on+0x9c/0x150
[  491.855010][T11851]  do_fast_syscall_32+0x34/0x80
[  491.855019][T11851]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  491.855032][T11851] RIP: 0023:0xf7f83539
[  491.855041][T11851] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  491.855049][T11851] RSP: 002b:00000000f549655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  491.855061][T11851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800012c0
[  491.855067][T11851] RDX: 0000000020040084 RSI: 0000000000000000 RDI: 0000000000000000
[  491.855073][T11851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  491.855078][T11851] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  491.855083][T11851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  491.855097][T11851]  </TASK>
[  492.454883][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  492.464497][T11861] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1534'.
[  492.465953][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  492.466011][ T5952] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  492.481008][T11863] loop6: detected capacity change from 0 to 7
[  492.487956][ T5952] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.520789][ T5952] usb 1-1: config 0 descriptor??
[  492.565423][T11863] Dev loop6: unable to read RDB block 7
[  492.572759][T11863]  loop6: AHDI p1 p2 p3 p4
[  492.585644][T11863] loop6: partition table partially beyond EOD, truncated
[  492.600723][T11861] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  492.621182][T11863] loop6: p1 start 926365495 is beyond EOD, truncated
[  492.633115][T11863] loop6: p2 size 47 extends beyond EOD, truncated
[  492.673189][T11863] loop6: p3 start 1886353253 is beyond EOD, truncated
[  493.201753][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  493.955886][ T5952] usbhid 1-1:0.0: can't add hid device: -71
[  494.001747][ T5952] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  494.298470][ T5952] usb 1-1: USB disconnect, device number 60
[  494.822211][   T10] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  494.987924][   T10] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 769
[  495.011774][   T10] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  495.022122][   T10] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  495.034547][   T10] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.99
[  495.044705][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.069259][T11903] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  495.092570][   T10] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  495.108190][   T10] usb 4-1: invalid MIDI in EP 0
[  495.166086][ T5972] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  495.298224][   T10] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  495.411502][ T5972] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  495.441239][ T5972] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  495.454680][ T5972] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  495.465039][ T5972] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.481904][ T5972] usb 1-1: config 0 descriptor??
[  495.546489][   T43] net_ratelimit: 10 callbacks suppressed
[  495.546510][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.876508][   T43] IPVS: starting estimator thread 0...
[  495.882495][T11920] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1549'.
[  495.909193][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1546'.
[  495.966115][T11921] IPVS: using max 32 ests per chain, 76800 per kthread
[  496.090146][ T5972] usbhid 1-1:0.0: can't add hid device: -71
[  496.097726][ T5972] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  496.112343][ T5972] usb 1-1: USB disconnect, device number 61
[  496.136369][   T43] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  496.291454][   T43] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  496.301164][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.311049][   T43] usb 5-1: Product: syz
[  496.315354][   T43] usb 5-1: Manufacturer: syz
[  496.320841][   T43] usb 5-1: SerialNumber: syz
[  496.337034][   T43] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  496.358817][ T5952] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  496.597660][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  496.690391][T11924] binder: BINDER_SET_CONTEXT_MGR already set
[  496.707845][T11924] binder: 11922:11924 ioctl 4018620d 800000c0 returned -16
[  496.723505][T11924] binder: BINDER_SET_CONTEXT_MGR already set
[  496.733404][T11923] binder_alloc: binder_alloc_mmap_handler: 11922 80ffd000-81000000 already mapped failed -16
[  496.751657][T11924] binder: 11922:11924 ioctl 4018620d 80000040 returned -16
[  496.760637][T11924] binder_alloc: 11922: binder_alloc_buf, no vma
[  496.800588][T11926] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1551'.
[  496.831073][T11919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  496.845367][T11919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  496.873063][ T5972] usb 5-1: USB disconnect, device number 66
[  496.900723][T11926] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  497.025894][   T24] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  497.185807][   T24] usb 3-1: Using ep0 maxpacket: 32
[  497.198889][   T24] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[  497.212998][   T24] usb 3-1: config 0 has no interface number 0
[  497.221873][   T24] usb 3-1: config 0 interface 132 has no altsetting 0
[  497.229383][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  497.251816][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=9901, bcdDevice=39.75
[  497.262693][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.271830][   T24] usb 3-1: Product: syz
[  497.281979][   T24] usb 3-1: Manufacturer: syz
[  497.288818][   T24] usb 3-1: SerialNumber: syz
[  497.325395][   T24] usb 3-1: config 0 descriptor??
[  497.399495][ T5952] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  497.424033][ T5952] ath9k_htc: Failed to initialize the device
[  497.498315][ T5972] usb 5-1: ath9k_htc: USB layer deinitialized
[  497.544951][   T24] cdc_subset 3-1:0.132: probe with driver cdc_subset failed with error -71
[  497.602804][   T43] usb 4-1: USB disconnect, device number 56
[  497.631506][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  497.661185][   T24] usb 3-1: USB disconnect, device number 56
[  498.667458][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  498.922360][T11961] FAULT_INJECTION: forcing a failure.
[  498.922360][T11961] name failslab, interval 1, probability 0, space 0, times 0
[  498.959649][T11961] CPU: 1 UID: 0 PID: 11961 Comm: syz.0.1561 Not tainted syzkaller #0 PREEMPT(full) 
[  498.959672][T11961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  498.959680][T11961] Call Trace:
[  498.959687][T11961]  <TASK>
[  498.959694][T11961]  dump_stack_lvl+0x189/0x250
[  498.959719][T11961]  ? __pfx____ratelimit+0x10/0x10
[  498.959742][T11961]  ? __pfx_dump_stack_lvl+0x10/0x10
[  498.959761][T11961]  ? __pfx__printk+0x10/0x10
[  498.959783][T11961]  ? netlink_unicast+0x82c/0x9e0
[  498.959804][T11961]  ? ___sys_sendmsg+0x21f/0x2a0
[  498.959821][T11961]  ? __do_fast_syscall_32+0xb6/0x2b0
[  498.959849][T11961]  should_fail_ex+0x414/0x560
[  498.959875][T11961]  should_failslab+0xa8/0x100
[  498.959900][T11961]  kmem_cache_alloc_noprof+0x73/0x3c0
[  498.959921][T11961]  ? skb_clone+0x212/0x3a0
[  498.959944][T11961]  skb_clone+0x212/0x3a0
[  498.959966][T11961]  __netlink_deliver_tap+0x404/0x850
[  498.960003][T11961]  ? netlink_deliver_tap+0x2e/0x1b0
[  498.960027][T11961]  netlink_deliver_tap+0x19c/0x1b0
[  498.960051][T11961]  netlink_sendskb+0x68/0x140
[  498.960075][T11961]  netlink_unicast+0x397/0x9e0
[  498.960094][T11961]  ? __asan_memcpy+0x40/0x70
[  498.960128][T11961]  ? __pfx_netlink_unicast+0x10/0x10
[  498.960160][T11961]  netlink_rcv_skb+0x28c/0x470
[  498.960184][T11961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  498.960209][T11961]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  498.960244][T11961]  ? netlink_deliver_tap+0x2e/0x1b0
[  498.960272][T11961]  netlink_unicast+0x82c/0x9e0
[  498.960314][T11961]  ? __pfx_netlink_unicast+0x10/0x10
[  498.960337][T11961]  ? netlink_sendmsg+0x642/0xb30
[  498.960351][T11961]  ? skb_put+0x11b/0x210
[  498.960372][T11961]  netlink_sendmsg+0x805/0xb30
[  498.960398][T11961]  ? __pfx_netlink_sendmsg+0x10/0x10
[  498.960417][T11961]  ? __import_iovec+0x5d4/0x7f0
[  498.960435][T11961]  ? aa_sock_msg_perm+0xf1/0x1d0
[  498.960453][T11961]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  498.960471][T11961]  ? __pfx_netlink_sendmsg+0x10/0x10
[  498.960488][T11961]  __sock_sendmsg+0x219/0x270
[  498.960513][T11961]  ____sys_sendmsg+0x505/0x830
[  498.960539][T11961]  ? __pfx_____sys_sendmsg+0x10/0x10
[  498.960574][T11961]  ___sys_sendmsg+0x21f/0x2a0
[  498.960595][T11961]  ? __pfx____sys_sendmsg+0x10/0x10
[  498.960650][T11961]  ? __fget_files+0x2a/0x420
[  498.960665][T11961]  ? __fget_files+0x3a0/0x420
[  498.960690][T11961]  __sys_sendmsg+0x164/0x220
[  498.960711][T11961]  ? __pfx___sys_sendmsg+0x10/0x10
[  498.960746][T11961]  ? lockdep_hardirqs_on+0x9c/0x150
[  498.960772][T11961]  __do_fast_syscall_32+0xb6/0x2b0
[  498.960790][T11961]  ? lockdep_hardirqs_on+0x9c/0x150
[  498.960815][T11961]  do_fast_syscall_32+0x34/0x80
[  498.960831][T11961]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  498.960849][T11961] RIP: 0023:0xf7f18539
[  498.960864][T11961] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  498.960877][T11961] RSP: 002b:00000000f542655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  498.960895][T11961] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800012c0
[  498.960906][T11961] RDX: 0000000020040084 RSI: 0000000000000000 RDI: 0000000000000000
[  498.960916][T11961] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  498.960925][T11961] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  498.960935][T11961] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  498.960960][T11961]  </TASK>
[  499.451839][T11966] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1562'.
[  499.717894][T11970] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1563'.
[  499.726939][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  499.740285][T11972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1563'.
[  499.811362][T11966] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  500.186373][ T5972] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  500.197540][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.268035][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.470488][T11986] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.495531][T11986] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.515973][ T5952] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  500.561654][T11985] net_ratelimit: 1 callbacks suppressed
[  500.561668][T11985] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.582108][T11985] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.710869][ T5952] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  500.723949][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  500.746119][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.876107][T11989] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1568'.
[  500.894592][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  500.911715][T11989] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1568'.
[  500.925603][ T5952] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  500.987487][ T5952] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  501.008812][ T5952] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.047279][ T5952] usb 1-1: config 0 descriptor??
[  501.106115][   T43] usb 5-1: new low-speed USB device number 67 using dummy_hcd
[  501.226444][   T24] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  501.268228][   T43] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  501.277010][   T43] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  501.285273][   T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  501.301924][   T43] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  501.325352][   T43] usb 5-1: string descriptor 0 read error: -22
[  501.335357][   T43] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  501.354142][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  501.379955][   T43] usb 5-1: config 0 descriptor??
[  501.389833][   T43] hub 5-1:0.0: bad descriptor, ignoring hub
[  501.400699][   T24] usb 2-1: Using ep0 maxpacket: 8
[  501.405945][   T43] hub 5-1:0.0: probe with driver hub failed with error -5
[  501.422996][   T24] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  501.457322][   T24] usb 2-1: config 16 has an invalid descriptor of length 186, skipping remainder of the config
[  501.490351][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  501.496851][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  501.497496][   T24] usb 2-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  501.513121][   T24] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  501.534696][ T5952] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  501.602696][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.613780][T11989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  501.625699][T11989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  501.786101][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  501.786770][ T5970] usb 5-1: USB disconnect, device number 67
[  501.979257][   T24] usb 2-1: string descriptor 0 read error: -71
[  502.002105][   T24] usb 2-1: USB disconnect, device number 54
[  502.362744][   T24] usb 1-1: USB disconnect, device number 62
[  502.836006][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  503.278305][T12022] FAULT_INJECTION: forcing a failure.
[  503.278305][T12022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  503.360337][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  503.425365][T12022] CPU: 1 UID: 0 PID: 12022 Comm: syz.3.1575 Not tainted syzkaller #0 PREEMPT(full) 
[  503.425391][T12022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  503.425400][T12022] Call Trace:
[  503.425405][T12022]  <TASK>
[  503.425410][T12022]  dump_stack_lvl+0x189/0x250
[  503.425428][T12022]  ? __pfx____ratelimit+0x10/0x10
[  503.425443][T12022]  ? __pfx_dump_stack_lvl+0x10/0x10
[  503.425455][T12022]  ? __pfx__printk+0x10/0x10
[  503.425476][T12022]  should_fail_ex+0x414/0x560
[  503.425491][T12022]  _copy_to_user+0x31/0xb0
[  503.425504][T12022]  simple_read_from_buffer+0xe1/0x170
[  503.425522][T12022]  proc_fail_nth_read+0x1b3/0x220
[  503.425537][T12022]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  503.425550][T12022]  ? rw_verify_area+0x2a6/0x4d0
[  503.425561][T12022]  ? __lock_acquire+0xab9/0xd20
[  503.425574][T12022]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  503.425585][T12022]  vfs_read+0x1fd/0xa30
[  503.425598][T12022]  ? fdget_pos+0x247/0x320
[  503.425608][T12022]  ? __pfx___mutex_lock+0x10/0x10
[  503.425618][T12022]  ? __pfx_vfs_read+0x10/0x10
[  503.425630][T12022]  ? __fget_files+0x2a/0x420
[  503.425641][T12022]  ? __fget_files+0x3a0/0x420
[  503.425648][T12022]  ? __fget_files+0x2a/0x420
[  503.425661][T12022]  ksys_read+0x145/0x250
[  503.425674][T12022]  ? __pfx_ksys_read+0x10/0x10
[  503.425689][T12022]  ? lockdep_hardirqs_on+0x9c/0x150
[  503.425705][T12022]  __do_fast_syscall_32+0xb6/0x2b0
[  503.425714][T12022]  ? lockdep_hardirqs_on+0x9c/0x150
[  503.425740][T12022]  do_fast_syscall_32+0x34/0x80
[  503.425754][T12022]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  503.425772][T12022] RIP: 0023:0xf7fe4539
[  503.425796][T12022] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  503.425810][T12022] RSP: 002b:00000000f54f6590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  503.425827][T12022] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54f6620
[  503.425838][T12022] RDX: 000000000000000f RSI: 00000000f7474ff4 RDI: 0000000000000000
[  503.425848][T12022] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  503.425856][T12022] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  503.425864][T12022] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  503.425886][T12022]  </TASK>
[  503.865976][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  504.092022][T12033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1577'.
[  504.652418][T12033] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  504.917921][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  504.933822][T12043] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1579'.
[  505.062913][T12043] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  505.542388][T12051] netlink: 'syz.3.1581': attribute type 4 has an invalid length.
[  505.568713][T12051] netlink: 'syz.3.1581': attribute type 7 has an invalid length.
[  505.665783][T12051] netlink: 'syz.3.1581': attribute type 8 has an invalid length.
[  505.804982][ T5972] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  505.991026][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  506.105184][ T5972] usb 5-1: Using ep0 maxpacket: 16
[  506.237695][T12051] could not allocate digest TFM handle sha224-generic
[  506.341809][ T5972] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  506.375307][ T5972] usb 5-1: New USB device found, idVendor=06e1, idProduct=0709, bcdDevice= 2.04
[  506.429482][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  506.438509][ T5972] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.459425][ T5972] usb 5-1: Product: syz
[  506.479829][ T5972] usb 5-1: Manufacturer: syz
[  506.491701][ T5972] usb 5-1: SerialNumber: syz
[  506.529186][ T5972] go7007 5-1:16.0: probe with driver go7007 failed with error -12
[  506.891279][   T24] usb 5-1: USB disconnect, device number 68
[  507.083063][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  507.437243][T12077] FAULT_INJECTION: forcing a failure.
[  507.437243][T12077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  507.485920][T12077] CPU: 0 UID: 0 PID: 12077 Comm: syz.2.1587 Not tainted syzkaller #0 PREEMPT(full) 
[  507.485947][T12077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  507.485957][T12077] Call Trace:
[  507.485965][T12077]  <TASK>
[  507.485974][T12077]  dump_stack_lvl+0x189/0x250
[  507.485996][T12077]  ? __pfx____ratelimit+0x10/0x10
[  507.486013][T12077]  ? __pfx_dump_stack_lvl+0x10/0x10
[  507.486024][T12077]  ? __pfx__printk+0x10/0x10
[  507.486039][T12077]  ? __might_fault+0xb0/0x130
[  507.486059][T12077]  should_fail_ex+0x414/0x560
[  507.486075][T12077]  _copy_from_user+0x2d/0xb0
[  507.486088][T12077]  get_compat_msghdr+0xad/0x4a0
[  507.486102][T12077]  ? __pfx_get_compat_msghdr+0x10/0x10
[  507.486118][T12077]  ___sys_sendmsg+0x193/0x2a0
[  507.486132][T12077]  ? __pfx____sys_sendmsg+0x10/0x10
[  507.486160][T12077]  ? __fget_files+0x2a/0x420
[  507.486168][T12077]  ? __fget_files+0x3a0/0x420
[  507.486182][T12077]  __sys_sendmsg+0x164/0x220
[  507.486193][T12077]  ? __pfx___sys_sendmsg+0x10/0x10
[  507.486212][T12077]  ? lockdep_hardirqs_on+0x9c/0x150
[  507.486230][T12077]  __do_fast_syscall_32+0xb6/0x2b0
[  507.486240][T12077]  ? lockdep_hardirqs_on+0x9c/0x150
[  507.486256][T12077]  do_fast_syscall_32+0x34/0x80
[  507.486265][T12077]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  507.486277][T12077] RIP: 0023:0xf7fb2539
[  507.486287][T12077] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  507.486296][T12077] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  507.486308][T12077] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  507.486315][T12077] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  507.486321][T12077] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  507.486327][T12077] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  507.486333][T12077] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  507.486347][T12077]  </TASK>
[  508.148504][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  508.167464][T12082] loop6: detected capacity change from 0 to 7
[  508.176168][T12082] Dev loop6: unable to read RDB block 7
[  508.214396][T12082]  loop6: AHDI p1 p2 p3 p4
[  508.222186][T12082] loop6: partition table partially beyond EOD, truncated
[  508.370016][T12082] loop6: p1 start 926365495 is beyond EOD, truncated
[  508.475989][T12082] loop6: p2 size 47 extends beyond EOD, truncated
[  508.518823][T12082] loop6: p3 start 1886353253 is beyond EOD, truncated
[  508.643791][T12089] ptrace attach of "./syz-executor exec"[5877] was attempted by "./syz-executor exec"[12089]
[  508.842141][ T6538] udevd[6538]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  509.305988][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.553786][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.786248][ T5970] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  509.797787][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.806241][ T5972] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  509.818277][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.894209][T12099] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1592'.
[  510.213521][T12094] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  510.346611][T11936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  510.375849][ T5972] usb 5-1: new low-speed USB device number 69 using dummy_hcd
[  510.412787][T12113] netlink: 'syz.2.1595': attribute type 4 has an invalid length.
[  510.471142][T12108] netlink: 'syz.2.1595': attribute type 7 has an invalid length.
[  510.493197][T12108] netlink: 'syz.2.1595': attribute type 8 has an invalid length.
[  510.510845][ T5972] usb 5-1: device descriptor read/64, error -71
[  510.671785][T12120] binder: 12114:12120 ioctl c018620c 800000c0 returned -22
[  510.796625][ T5972] usb 5-1: new low-speed USB device number 70 using dummy_hcd
[  510.931281][ T5972] usb 5-1: device descriptor read/64, error -71
[  511.048679][ T5972] usb usb5-port1: attempt power cycle
[  511.112583][T12127] FAULT_INJECTION: forcing a failure.
[  511.112583][T12127] name failslab, interval 1, probability 0, space 0, times 0
[  511.154771][T12127] CPU: 0 UID: 0 PID: 12127 Comm: syz.0.1599 Not tainted syzkaller #0 PREEMPT(full) 
[  511.154798][T12127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.154810][T12127] Call Trace:
[  511.154818][T12127]  <TASK>
[  511.154827][T12127]  dump_stack_lvl+0x189/0x250
[  511.154851][T12127]  ? __pfx____ratelimit+0x10/0x10
[  511.154883][T12127]  ? __pfx_dump_stack_lvl+0x10/0x10
[  511.154903][T12127]  ? __pfx__printk+0x10/0x10
[  511.154931][T12127]  ? __pfx___might_resched+0x10/0x10
[  511.154957][T12127]  should_fail_ex+0x414/0x560
[  511.154984][T12127]  should_failslab+0xa8/0x100
[  511.155009][T12127]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  511.155032][T12127]  ? __alloc_skb+0x112/0x2d0
[  511.155054][T12127]  __alloc_skb+0x112/0x2d0
[  511.155076][T12127]  netlink_sendmsg+0x5c6/0xb30
[  511.155101][T12127]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.155121][T12127]  ? __import_iovec+0x5d4/0x7f0
[  511.155138][T12127]  ? aa_sock_msg_perm+0xf1/0x1d0
[  511.155157][T12127]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  511.155176][T12127]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.155192][T12127]  __sock_sendmsg+0x219/0x270
[  511.155217][T12127]  ____sys_sendmsg+0x505/0x830
[  511.155242][T12127]  ? __pfx_____sys_sendmsg+0x10/0x10
[  511.155277][T12127]  ___sys_sendmsg+0x21f/0x2a0
[  511.155299][T12127]  ? __pfx____sys_sendmsg+0x10/0x10
[  511.155350][T12127]  ? __fget_files+0x2a/0x420
[  511.155364][T12127]  ? __fget_files+0x3a0/0x420
[  511.155387][T12127]  __sys_sendmsg+0x164/0x220
[  511.155405][T12127]  ? __pfx___sys_sendmsg+0x10/0x10
[  511.155438][T12127]  ? lockdep_hardirqs_on+0x9c/0x150
[  511.155464][T12127]  __do_fast_syscall_32+0xb6/0x2b0
[  511.155481][T12127]  ? lockdep_hardirqs_on+0x9c/0x150
[  511.155506][T12127]  do_fast_syscall_32+0x34/0x80
[  511.155524][T12127]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  511.155544][T12127] RIP: 0023:0xf7f18539
[  511.155560][T12127] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  511.155574][T12127] RSP: 002b:00000000f542655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  511.155591][T12127] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  511.155602][T12127] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  511.155612][T12127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  511.155622][T12127] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  511.155631][T12127] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  511.155655][T12127]  </TASK>
[  511.519668][T11936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  511.528333][T12111] could not allocate digest TFM handle sha224-generic
[  511.585856][ T5972] usb 5-1: new low-speed USB device number 71 using dummy_hcd
[  511.649563][ T5972] usb 5-1: device descriptor read/8, error -71
[  511.706129][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  511.895958][ T5972] usb 5-1: new low-speed USB device number 72 using dummy_hcd
[  511.920630][ T5972] usb 5-1: device descriptor read/8, error -71
[  512.028154][ T5972] usb usb5-port1: unable to enumerate USB device
[  512.597146][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  512.646492][ T5970] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.626465][ T5952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  514.236005][ T5952] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  514.238548][ T5970] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  514.456301][ T5952] usb 2-1: Using ep0 maxpacket: 16
[  514.456394][ T5970] usb 3-1: Using ep0 maxpacket: 16
[  514.483251][ T5952] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  514.492249][ T5952] usb 2-1: config 0 has no interface number 0
[  514.498871][ T5952] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  514.502470][ T5970] usb 3-1: config 179 has too many interfaces: 147, using maximum allowed: 32
[  514.510284][ T5952] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 49152, setting to 1024
[  514.546849][ T5952] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  514.556902][ T5952] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  514.565146][ T5952] usb 2-1: Product: syz
[  514.570146][ T5952] usb 2-1: SerialNumber: syz
[  514.583491][ T5970] usb 3-1: config 179 has an invalid descriptor of length 47, skipping remainder of the config
[  514.601857][ T5970] usb 3-1: config 179 has 0 interfaces, different from the descriptor's value: 147
[  514.607401][ T5952] usb 2-1: config 0 descriptor??
[  514.624068][ T5952] cm109 2-1:0.8: invalid payload size 1024, expected 4
[  514.684272][ T5970] usb 3-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[  514.685619][T11936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  514.759751][ T5970] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.771574][ T5952] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input27
[  514.823851][    C1] cm109 2-1:0.8: cm109_urb_irq_callback: urb status -71
[  514.824515][    C1] ------------[ cut here ]------------
[  514.824566][    C1] URB ffff88814d7cea00 submitted while active
[  514.825343][    C1] WARNING: CPU: 1 PID: 23 at drivers/usb/core/urb.c:379 usb_submit_urb+0xfc1/0x1830
[  514.854001][    C1] Modules linked in:
[  514.854062][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  514.854086][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  514.854101][    C1] RIP: 0010:usb_submit_urb+0xfc1/0x1830
[  514.882754][    C1] Code: 44 89 f2 e8 91 b8 00 fa e9 13 fc ff ff e8 27 d2 93 fa c6 05 7e a9 61 08 01 90 48 c7 c7 c0 fe 34 8c 48 89 de e8 30 6e 57 fa 90 <0f> 0b 90 90 e9 b7 f0 ff ff e8 01 d2 93 fa eb 11 e8 fa d1 93 fa bd
[  514.882781][    C1] RSP: 0018:ffffc900001d7588 EFLAGS: 00010046
[  514.882801][    C1] RAX: c4a3ca42cb462600 RBX: ffff88814d7cea00 RCX: 0000000000040000
[  514.882817][    C1] RDX: ffffc90002372000 RSI: 0000000000000528 RDI: 0000000000000529
[  514.882830][    C1] RBP: 000000000000000f R08: ffff8880b8724253 R09: 1ffff110170e484a
[  514.882847][    C1] R10: dffffc0000000000 R11: ffffed10170e484b R12: dffffc0000000000
[  514.940498][    C1] R13: ffff88807b41f030 R14: ffff88814d7cea08 R15: 0000000000000820
[  514.948466][    C1] FS:  0000000000000000(0000) GS:ffff888125d18000(0000) knlGS:0000000000000000
[  514.957393][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  514.964230][    C1] CR2: 00000000800e4018 CR3: 000000003247a000 CR4: 00000000003526f0
[  514.972288][    C1] Call Trace:
[  514.975570][    C1]  <TASK>
[  514.978483][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  514.984360][    C1]  ? kcov_remote_start+0x97/0x7f0
[  514.989378][    C1]  cm109_urb_irq_callback+0x709/0xca0
[  514.994740][    C1]  __usb_hcd_giveback_urb+0x373/0x540
[  515.000099][    C1]  dummy_timer+0x862/0x4550
[  515.004589][    C1]  ? __lock_acquire+0xab9/0xd20
[  515.009435][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  515.014803][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  515.021056][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  515.025993][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  515.030921][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  515.035852][    C1]  __hrtimer_run_queues+0x529/0xc60
[  515.041058][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  515.046755][    C1]  ? read_tsc+0x9/0x20
[  515.050820][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  515.056623][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  515.061733][    C1]  handle_softirqs+0x283/0x870
[  515.066494][    C1]  ? run_ksoftirqd+0x9b/0x100
[  515.071165][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  515.076467][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  515.081482][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  515.086497][    C1]  run_ksoftirqd+0x9b/0x100
[  515.091010][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  515.096142][    C1]  smpboot_thread_fn+0x53f/0xa60
[  515.101069][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  515.106080][    C1]  kthread+0x70e/0x8a0
[  515.110133][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  515.115569][    C1]  ? __pfx_kthread+0x10/0x10
[  515.120140][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.125330][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.130520][    C1]  ? __pfx_kthread+0x10/0x10
[  515.135116][    C1]  ret_from_fork+0x3fc/0x770
[  515.139708][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  515.144826][    C1]  ? __switch_to_asm+0x39/0x70
[  515.149600][    C1]  ? __switch_to_asm+0x33/0x70
[  515.154348][    C1]  ? __pfx_kthread+0x10/0x10
[  515.159028][    C1]  ret_from_fork_asm+0x1a/0x30
[  515.163897][    C1]  </TASK>
[  515.166903][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  515.174177][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  515.183358][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  515.193519][    C1] Call Trace:
[  515.196793][    C1]  <TASK>
[  515.199721][    C1]  dump_stack_lvl+0x99/0x250
[  515.204382][    C1]  ? __asan_memcpy+0x40/0x70
[  515.209042][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.214249][    C1]  ? __pfx__printk+0x10/0x10
[  515.218846][    C1]  vpanic+0x281/0x750
[  515.222822][    C1]  ? __pfx__printk+0x10/0x10
[  515.227397][    C1]  ? __pfx_vpanic+0x10/0x10
[  515.231892][    C1]  ? is_bpf_text_address+0x26/0x2b0
[  515.237091][    C1]  panic+0xb9/0xc0
[  515.240792][    C1]  ? __pfx_panic+0x10/0x10
[  515.245205][    C1]  __warn+0x31b/0x4b0
[  515.249193][    C1]  ? usb_submit_urb+0xfc1/0x1830
[  515.254130][    C1]  ? usb_submit_urb+0xfc1/0x1830
[  515.259060][    C1]  report_bug+0x2be/0x4f0
[  515.263389][    C1]  ? usb_submit_urb+0xfc1/0x1830
[  515.268323][    C1]  ? usb_submit_urb+0xfc1/0x1830
[  515.273250][    C1]  ? usb_submit_urb+0xfc3/0x1830
[  515.278194][    C1]  handle_bug+0x84/0x160
[  515.282503][    C1]  exc_invalid_op+0x1a/0x50
[  515.287023][    C1]  asm_exc_invalid_op+0x1a/0x20
[  515.291877][    C1] RIP: 0010:usb_submit_urb+0xfc1/0x1830
[  515.297427][    C1] Code: 44 89 f2 e8 91 b8 00 fa e9 13 fc ff ff e8 27 d2 93 fa c6 05 7e a9 61 08 01 90 48 c7 c7 c0 fe 34 8c 48 89 de e8 30 6e 57 fa 90 <0f> 0b 90 90 e9 b7 f0 ff ff e8 01 d2 93 fa eb 11 e8 fa d1 93 fa bd
[  515.317380][    C1] RSP: 0018:ffffc900001d7588 EFLAGS: 00010046
[  515.323445][    C1] RAX: c4a3ca42cb462600 RBX: ffff88814d7cea00 RCX: 0000000000040000
[  515.331407][    C1] RDX: ffffc90002372000 RSI: 0000000000000528 RDI: 0000000000000529
[  515.339377][    C1] RBP: 000000000000000f R08: ffff8880b8724253 R09: 1ffff110170e484a
[  515.347334][    C1] R10: dffffc0000000000 R11: ffffed10170e484b R12: dffffc0000000000
[  515.355299][    C1] R13: ffff88807b41f030 R14: ffff88814d7cea08 R15: 0000000000000820
[  515.363287][    C1]  ? usb_submit_urb+0xfc0/0x1830
[  515.368215][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  515.374099][    C1]  ? kcov_remote_start+0x97/0x7f0
[  515.379107][    C1]  cm109_urb_irq_callback+0x709/0xca0
[  515.384474][    C1]  __usb_hcd_giveback_urb+0x373/0x540
[  515.389923][    C1]  dummy_timer+0x862/0x4550
[  515.394417][    C1]  ? __lock_acquire+0xab9/0xd20
[  515.399267][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  515.404636][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  515.410895][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  515.415857][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  515.420818][    C1]  ? __pfx_dummy_timer+0x10/0x10
[  515.425745][    C1]  __hrtimer_run_queues+0x529/0xc60
[  515.430962][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  515.436660][    C1]  ? read_tsc+0x9/0x20
[  515.440713][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  515.446508][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  515.451618][    C1]  handle_softirqs+0x283/0x870
[  515.456393][    C1]  ? run_ksoftirqd+0x9b/0x100
[  515.461083][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  515.466441][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  515.471586][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  515.477085][    C1]  run_ksoftirqd+0x9b/0x100
[  515.481597][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  515.486737][    C1]  smpboot_thread_fn+0x53f/0xa60
[  515.491664][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  515.496696][    C1]  kthread+0x70e/0x8a0
[  515.500766][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  515.506226][    C1]  ? __pfx_kthread+0x10/0x10
[  515.510829][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  515.516012][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.521361][    C1]  ? __pfx_kthread+0x10/0x10
[  515.525936][    C1]  ret_from_fork+0x3fc/0x770
[  515.530508][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  515.535602][    C1]  ? __switch_to_asm+0x39/0x70
[  515.540345][    C1]  ? __switch_to_asm+0x33/0x70
[  515.545085][    C1]  ? __pfx_kthread+0x10/0x10
[  515.549655][    C1]  ret_from_fork_asm+0x1a/0x30
[  515.554426][    C1]  </TASK>
[  516.639373][    C1] Shutting down cpus with NMI
[  516.644337][    C1] Kernel Offset: disabled
[  516.648695][    C1] Rebooting in 86400 seconds..